--- /root/lighttpd-1.4.20/src/mod_secure_download.c	2008-08-01 12:13:34.000000000 -0400
+++ src/mod_secure_download.c	2009-02-17 09:24:44.000000000 -0500
@@ -38,6 +38,7 @@
 	buffer *uri_prefix;
 
 	unsigned short timeout;
+	unsigned short md5_params;
 } plugin_config;
 
 typedef struct {
@@ -100,6 +101,7 @@
 		{ "secdownload.document-root",     NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },       /* 1 */
 		{ "secdownload.uri-prefix",        NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },       /* 2 */
 		{ "secdownload.timeout",           NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },        /* 3 */
+		{ "secdownload.md5-params",        NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION },      /* 4 */
 		{ NULL,                            NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
@@ -115,11 +117,13 @@
 		s->doc_root      = buffer_init();
 		s->uri_prefix    = buffer_init();
 		s->timeout       = 60;
+		s->md5_params    = 0;
 
 		cv[0].destination = s->secret;
 		cv[1].destination = s->doc_root;
 		cv[2].destination = s->uri_prefix;
 		cv[3].destination = &(s->timeout);
+		cv[4].destination = &(s->md5_params);
 
 		p->config_storage[i] = s;
 
@@ -166,6 +170,7 @@
 	PATCH(doc_root);
 	PATCH(uri_prefix);
 	PATCH(timeout);
+	PATCH(md5_params);
 
 	/* skip the first, the global context */
 	for (i = 1; i < srv->config_context->used; i++) {
@@ -187,6 +192,8 @@
 				PATCH(uri_prefix);
 			} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.timeout"))) {
 				PATCH(timeout);
+			} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.md5-params"))) {
+				PATCH(md5_params);
 			}
 		}
 	}
@@ -200,7 +207,7 @@
 	plugin_data *p = p_d;
 	MD5_CTX Md5Ctx;
 	HASH HA1;
-	const char *rel_uri, *ts_str, *md5_str;
+	const char *rel_uri, *ts_str, *md5_str, *uri_params = NULL;
 	time_t ts = 0;
 	size_t i;
 
@@ -243,6 +250,10 @@
 	for (i = 0; i < 8; i++) {
 		ts = (ts << 4) + hex2int(*(ts_str + i));
 	}
+	
+	if (con->uri.query->ptr != NULL ) {
+		uri_params = con->uri.query->ptr;
+	}
 
 	/* timed-out */
 	if ( (srv->cur_ts > ts && srv->cur_ts - ts > p->conf.timeout) ||
@@ -263,6 +274,11 @@
 	buffer_copy_string_buffer(p->md5, p->conf.secret);
 	buffer_append_string(p->md5, rel_uri);
 	buffer_append_string_len(p->md5, ts_str, 8);
+	
+	/* Add GET parameters string to signature */
+	if ((p->conf.md5_params == 1) && (uri_params != NULL)) {
+		buffer_append_string(p->md5, uri_params);
+	} 
 
 	MD5_Init(&Md5Ctx);
 	MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);