Although the 'algorithm' component of the Authorization header is 
considered optional by RFC 2617, there are sites that do not 
function without providing algorithm notification.  Specifically, this 
problem is encounted with LiveJournal RSS feeds (where HTTP 
digest authentication can be used to view non-public livejournal 
entries).

This patch makes the algorithm flag always sent in the 
Authorization header.  The following test script demonstrates the 
problem for a LiveJournal RSS feed (username and password must 
be entered):

    import urllib2

    class PasswordMgr(object):
        def find_user_password(self, realm, authuri):
            return "someuser", "somepass"
        def add_password(self):
            pass

    rssURI = "http://livejournal.com/users/someuser/data/rss?
auth=digest"

    handler = urllib2.HTTPDigestAuthHandler(PasswordMgr())
    opener = urllib2.build_opener(handler)
    opener.open(rssURI)

With the attached patch, this works successfully.  Without it, it fails 
with an HTTP 401 error.

Logged In: YES 
user_id=1131071

Err, sorry, it appears I didn't attach the patch.  Here it is.

Logged In: YES 
user_id=23486

Patch is simple (one line removed from current urllib2!).  I don't know 
much about http digest authentication, so I can't say anything about 
whether or not this correct; but I have verified that it fixes the 
LiveJournal behavior noted in the patch description (on Linux, under 
current CVS tree).  Moreover the MD5 
algorithm is the default, so this patch merely changes the behavior to be 
more verbose than it is currently -- it shouldn't break any existing actual 
functionality.

Recommend application of patch.

Logged In: YES 
user_id=31392

Fixed in rev 1.78 of urllib2