SUMMARY Accessing a feed on a lighttpd server protected with HTTP Digest authentication with algorithm=SHA-256 fails with a server error: mod_auth.c.1334) digest: (a2ca643c55f46828b66002b5bed0e4e0): invalid format akregator just silently fails to download the feed and shows the name in red. STEPS TO REPRODUCE 1. Configure a feed served by a lighttpd server protected with SHA-256 Digest authentication 2. Try to "Fetch feed" OBSERVED RESULT No feed and a red feed name EXPECTED RESULT Feed contents available for browsing SOFTWARE/OS VERSIONS Linux/KDE Plasma: KDE Frameworks Version: 5.111.0 Qt Version: 5.15.10 ADDITIONAL INFORMATION The protected RSS feed link can be accessed fine (including authentication) with Firefox, Chrome, curl and xh, so it's unlikely to be a server problem. Running this from Flatpak will first hit #477889 before it gets to the point where this bug is encountered.
One thing I just noted: the other clients respond with 64 hexadecimal characters (i.e. 256 bits) in the "response" field of the Authorization: header, but akregator responds with 32 hex bytes (i.e. 128 bits). It doesn't look like Akregator is responding properly to an algorithm=SHA-256 authorization.
Hi, Do you have a test server ? Regards.
Unfortunately, my server isn't public. I could probably come up with a dockerfile to run a local server if you'd like.
I traced the Akregator code and found that it seems to use the QtNetwork classes to perform HTTP requests. I created a standalone Qt application to perform a similar request and discovered that it truncates the response field to 128 bits as well. So, it seems to be a problem in Qt itself (I tried both 5.15.2 and 5.15.7).
For the record, the Qt issue seems to be https://bugreports.qt.io/browse/QTBUG-98280