1 files changed, 7 insertions, 6 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 1061512d..0f428d86 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -2660,7 +2660,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection,
 *               returned;
 *               zero for no limit
 * @param mqop the QOP to use
- * @param malgo3 digest algorithms allowed to use, fail if algorithm specified
+ * @param malgo3 digest algorithms allowed to use, fail if algorithm used
 *               by the client is not allowed by this parameter
 * @return #MHD_DAUTH_OK if authenticated,
 *         the error code otherwise
@@ -2718,7 +2718,7 @@ MHD_digest_auth_check3 (struct MHD_Connection *connection,
 *               returned;
 *               zero for no limit
 * @param mqop the QOP to use
- * @param malgo3 digest algorithms allowed to use, fail if algorithm specified
+ * @param malgo3 digest algorithms allowed to use, fail if algorithm used
 *               by the client is not allowed by this parameter;
 *               both MD5-based and SHA-256-based algorithms cannot be used at
 *               the same time for this function as @a userdigest_size must
@@ -2934,8 +2934,8 @@ MHD_digest_auth_check_digest (struct MHD_Connection *connection,
 *               same authorisation could be used, URIs can be in form
 *               "path-absolute" (the path for the same host with initial slash)
 *               or in form "absolute-URI" (the full path with protocol), in
- *               any case client may assume that any URI which starts with
+ *               any case client may assume that URI is in the same "protection
- *               any of specified URI is in the same "protection space";
+ *               space" if it starts with any of values specified here;
 *               could be NULL (clients typically assume that the same
 *               credentials could be used for any URI on the same host)
 * @param response the reply to send; should contain the "access denied"
@@ -2947,8 +2947,9 @@ MHD_digest_auth_check_digest (struct MHD_Connection *connection,
 *                     to retry immediately with the new nonce and the same
 *                     credentials, without asking user for the new password
 * @param mqop the QOP to use
- * @param malgo3 digest algorithm to use, if several algorithms are specified
+ * @param malgo3 digest algorithm to use, MHD selects; if several algorithms
- *               then MD5 is used (if allowed)
+ *               are allowed then MD5 is preferred (currently, may be changed
+ *               in next versions)
 * @param userhash_support if set to non-zero value (#MHD_YES) then support of
 *                         userhash is indicated, the client may provide
 *                         hash("username:realm") instead of username in