Index: auth.c =================================================================== --- auth.c (revision 590) +++ auth.c (working copy) @@ -214,7 +214,7 @@ int createAuthHeaderMD5(char * user, char * password, int password_len, char * method, char * uri, char * msgbody, char * auth, char * algo, char * result) { - + int res_len = 0; unsigned char ha1[MD5_HASH_SIZE], ha2[MD5_HASH_SIZE]; unsigned char resp[MD5_HASH_SIZE], body[MD5_HASH_SIZE]; unsigned char ha1_hex[HASH_HEX_SIZE+1], ha2_hex[HASH_HEX_SIZE+1]; @@ -252,9 +252,9 @@ MD5_Final(ha1, &Md5Ctx); hashToHex(&ha1[0], &ha1_hex[0]); - sprintf(result, "Digest username=\"%s\",realm=\"%s\"",user,tmp); + res_len += sprintf(result + res_len, "Digest username=\"%s\",realm=\"%s\"",user,tmp); if (cnonce[0] != '\0') { - sprintf(result, "%s,cnonce=\"%s\",nc=%s,qop=%s",result,cnonce,nc,authtype); + res_len += sprintf(result + res_len , ",cnonce=\"%s\",nc=%s,qop=%s",cnonce,nc,authtype); } // Construct the URI @@ -284,7 +284,7 @@ MD5_Final(ha2, &Md5Ctx); hashToHex(&ha2[0], &ha2_hex[0]); - sprintf(result, "%s,uri=\"%s\"",result,tmp); + res_len += sprintf(result + res_len, ",uri=\"%s\"",tmp); // Extract the Nonce if (!getAuthParameter("nonce", auth, tmp, sizeof(tmp))) { @@ -309,10 +309,10 @@ MD5_Final(resp, &Md5Ctx); hashToHex(&resp[0], &resp_hex[0]); - sprintf(result, "%s,nonce=\"%s\",response=\"%s\",algorithm=%s",result,tmp,resp_hex,algo); + res_len += sprintf(result + res_len, ",nonce=\"%s\",response=\"%s\",algorithm=%s",tmp,resp_hex,algo); if (has_opaque) { - sprintf(result, "%s,opaque=\"%s\"",result,opaque); + res_len += sprintf(result + res_len, ",opaque=\"%s\"",opaque); } return 1; @@ -677,7 +677,9 @@ } auts_hex[AUTS64LEN-1]=0; - sprintf(result, "%s,auts=\"%s\"",result,auts_hex); + int res_len = strlen(result); + + sprintf(result + res_len, ",auts=\"%s\"",auts_hex); } free(nonce); return 1;