Description: ------------ Current function for computing HMAC-MD5: * should return binary string instead of HEX (it's the cause of error); * should be named hmac_md5 and have just 2 arguments (not 4): according to RFC2845, MD5 with 64-byte block size is supported only; * should use md5()'s second argument for getting binary string instead of converting HEX into binary string with pack(). The first thing (returning binary string instead of HEX) is critical and causes errors, and other stuff is just small enhancements. Patch tested against ISC BIND (9.4.2 & 9.4.3) attached. Test script: --------------- $resolver = new Net_DNS_Resolver(array('nameservers' => array('192.168.0.1'))); $packet = new Net_DNS_Packet(); $packet->header = new Net_DNS_Header(); $packet->header->id = $resolver->nextid(); $packet->header->qr = 0; $packet->header->opcode = "UPDATE"; $packet->question[0] = new Net_DNS_Question('example.com', 'SOA', 'IN'); $packet->answer = array(); $packet->authority[0] = Net_DNS_RR::factory('example.com. 0 ANY A'); $packet->authority[1] = Net_DNS_RR::factory('example.com. 1800 IN A 192.168.0.2'); $tsig = Net_DNS_RR::factory('example-key TSIG 6i7jUkH1LXDnMKc7ElBKXQ=='); $packet->additional = array($tsig); $packet->header->qdcount = count($packet->question); $packet->header->ancount = count($packet->answer); $packet->header->nscount = count($packet->authority); $packet->header->arcount = count($packet->additional); $response = $resolver->send_tcp($packet, $packet->data()); echo $response->header->rcode . "\n"; Expected result: ---------------- NOERROR Actual result: -------------- FORMERR

The following patch has been added/updated: Patch Name: tsig-hmac-md5.patch Revision: 1249828128 URL: http://pear.php.net/bugs/patch-display.php?bug=16501&patch=tsig-hmac-md5.patch&revision=1249828128&display=1

Thanks for this patch. In addition, I also needed to do the following change to TSIG.php: 59c59 < if (defined($offset)) { --- > if ($offset) { 64c64 < $d = unpack("@$offset/nth/Ntl/nfudge/nmac_size", $data); --- > $d = unpack("\@$offset/nth/Ntl/nfudge/nmac_size", $data); My PHP version is 5.2.6.

I added test coverage for this, but it passes currently (windows). It is very slow, but doesn't break as described. I'll check http://test.pear.php.net/unit-test-results/ in a bit, but...

Or at least it worked once, then fails thereafter. Additionally, the patch currently has a BC break (method renaming), so I'll have to apply it slightly differently.

Well; that's applied in SVN. No difference on my windows machine - can you try the latest SVN and see if that works for you.

It works fine (revision 296354)!

This bug has been fixed in SVN. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better.