From 265a85ec1fbb2d7ed1279aebfce8fe370868c7c5 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Sat, 24 Aug 2013 23:05:31 -0400
Subject: [PATCH] RF: do not catch for now "invalid nonce \S*  received - hash
 is not \S*" -- imho needs more analysis

---
 config/filter.d/apache-auth.conf | 2 +-
 testcases/files/logs/apache-auth | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/config/filter.d/apache-auth.conf b/config/filter.d/apache-auth.conf
index fa828b72..b4061778 100644
--- a/config/filter.d/apache-auth.conf
+++ b/config/filter.d/apache-auth.conf
@@ -42,7 +42,7 @@ failregex = ^%(_apache_error_client)s (AH01797: )?client denied by server config
             ^%(_apache_error_client)s (AH0179[24]: )?(Digest: )?user .*: password mismatch: \S*\s*$
             ^%(_apache_error_client)s (AH0179[01]: |Digest: )user `.*' in realm `.+' (not found|denied by provider): \S*\s*$
             ^%(_apache_error_client)s (AH01631: )?user .*: authorization failure for "\S*":\s*$
-            ^%(_apache_error_client)s (AH0177[56]: )?(Digest: )?invalid nonce .* received - (length|hash) is not \S+\s*$
+            ^%(_apache_error_client)s (AH01775: )?(Digest: )?invalid nonce .* received - length is not \S+\s*$
             ^%(_apache_error_client)s (AH01788: )?(Digest: )?realm mismatch - got `.*' but expected `.+'\s*$
             ^%(_apache_error_client)s (AH01789: )?(Digest: )?unknown algorithm `.*' received: \S*\s*$
             ^%(_apache_error_client)s (AH01793: )?invalid qop `.*' received: \S*\s*$
diff --git a/testcases/files/logs/apache-auth b/testcases/files/logs/apache-auth
index b2aa75ff..d6c40ac5 100644
--- a/testcases/files/logs/apache-auth
+++ b/testcases/files/logs/apache-auth
@@ -83,11 +83,12 @@
 
 
 # ./testcases/files/config/apache-auth/digest.py
-# failJSON: { "time": "2013-07-28T21:16:37", "match": true , "host": "127.0.0.1" }
+# yoh: ATM it should not match because matching failregex is still under "investigation"
+# failJSON: { "time": "2013-07-28T21:16:37", "match": false , "host": "127.0.0.1" }
 [Sun Jul 28 21:16:37 2013] [error] [client 127.0.0.1] Digest: invalid nonce l19lgpDiBAZZZf1ec3d9613f3b3ef43660e3628d78455fd8b937 received - hash is not 6fda8bbcbcf85ff1ebfe7d1c43faba583bc53a02
 
 # ./testcases/files/config/apache-auth/digest.py
-# failJSON: { "time": "2013-07-28T21:18:11", "match": true , "host": "127.0.0.1" }
+# failJSON: { "time": "2013-07-28T21:18:11", "match": false , "host": "127.0.0.1" }
 [Sun Jul 28 21:18:11.769228 2013] [auth_digest:error] [pid 24752:tid 139895505884928] [client 127.0.0.1:56964] AH01776: invalid nonce b9YAiJDiBAZZZ1b1abe02d20063ea3b16b544ea1b0d981c1bafe received - hash is not d42d824dee7aaf50c3ba0a7c6290bd453e3dd35b
 
 # ./testcases/files/config/apache-auth/digest.py