digest: Do not quote algorithm in HTTP authorisation

RFC 7616 section 3.4 (The Authorization Header Field) states that "For historical reasons, a sender MUST NOT generate the quoted string syntax for the following parameters: algorithm, qop, and nc". This removes the quoting for the algorithm parameter. Reviewed-by: Steve Holme Closes #4890
author: Pierre-Yves Bigourdan <pierre-yves.bigourdan@bbc.co.uk> 2020-02-06 15:43:06 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2020-02-07 22:46:21 +0100
commit: feba3f0549af546677ee2d924344234fd91b8f50 (patch)
tree: 0b9026d8a38a8b13980c9ccd8612b7322c1b0ee4 /lib/vauth
parent: 5ce7102ceae250e2d31b54aad2f33b3bc35f243a (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 8cd4d83ed..4d3839d90 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -899,7 +899,7 @@ static CURLcode _Curl_auth_create_digest_http_message(
 
   if(digest->algorithm) {
     /* Append the algorithm */
-    tmp = aprintf("%s, algorithm=\"%s\"", response, digest->algorithm);
+    tmp = aprintf("%s, algorithm=%s", response, digest->algorithm);
     free(response);
     if(!tmp)
       return CURLE_OUT_OF_MEMORY;
author	Pierre-Yves Bigourdan <pierre-yves.bigourdan@bbc.co.uk>	2020-02-06 15:43:06 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2020-02-07 22:46:21 +0100
commit	feba3f0549af546677ee2d924344234fd91b8f50 (patch)
tree	0b9026d8a38a8b13980c9ccd8612b7322c1b0ee4 /lib/vauth
parent	5ce7102ceae250e2d31b54aad2f33b3bc35f243a (diff)