Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.0.6

Bug #2154 "realm" isn't contained in challange, DigestMD5 doesn't work on Windows
Submitted: 2004-08-18 00:20 UTC Modified: 2006-05-21 02:12 UTC
From: kmizuno9999 at yahoo dot co dot jp Assigned: amistry
Status: Closed Package: Auth_SASL
PHP Version: 4.3.7 OS: Windows XP
Roadmaps: (Not assigned)    
Subscription  


 [2004-08-18 00:20 UTC] kmizuno9999 at yahoo dot co dot jp
Description: ------------ When the server's response "realm" isn't contained in challange, Auth_SASL_DigestMD5() doesn't work on Windows platforms. It should not use posix_uname(). This function is not available on Windows platforms. DigestMD5.php line 129 // Realm if (empty($tokens['realm'])) { $uname = posix_uname(); <--- this function is problem. ^^^^^^^^^^^^^ $tokens['realm'] = $uname['nodename']; } e.g. Communigate PRO's challange doesn't contain 'realm'.

Comments

 [2004-09-15 20:31 UTC] miyabe at port4 dot info
Why don't we omit the realm directive when the challenge did not contain realm? See RFC 2831 2.1.2 Here's patch which is mixed with a change for Bug#2143: --- DigestMD5.php.orig 2003-09-12 03:53:56.000000000 +0900 +++ DigestMD5.php 2004-09-16 09:57:50.000000000 +0900 @@ -32,7 +32,7 @@ // | Author: Richard Heyes <richard@php.net> | // +-----------------------------------------------------------------------+ // -// $Id: DigestMD5.php,v 1.7 2003/09/11 18:53:56 mbretter Exp $ +// $Id: DigestMD5.php,v 1.6 2003/02/21 16:07:17 mj Exp $ /** * Implmentation of DIGEST-MD5 SASL mechanism @@ -74,7 +74,11 @@ $digest_uri = sprintf('%s/%s', $service, $hostname); $response_value = $this->_getResponseValue($authcid, $pass, $challe nge['realm'], $challenge['nonce'], $cnonce, $digest_uri, $authzid); - return sprintf('username="%s",realm="%s"' . $authzid_string . ',no nce="%s",cnonce="%s",nc="00000001",qop=auth,digest-uri="%s",response=%s,%d', $au thcid, $challenge['realm'], $challenge['nonce'], $cnonce, $digest_uri, $response _value, $challenge['maxbuf']); + if ($challenge['realm']) { + return sprintf('username="%s",realm="%s"' . $authzid_string . ',nonce="%s",cnonce="%s",nc=00000001,qop=auth,digest-uri="%s",response=%s,maxbuf =%d', $authcid, $challenge['realm'], $challenge['nonce'], $cnonce, $digest_uri, $response_value, $challenge['maxbuf']); + } else { + return sprintf('username="%s"' . $authzid_string . ',nonce="%s ",cnonce="%s",nc=00000001,qop=auth,digest-uri="%s",response=%s,maxbuf=%d', $auth cid, $challenge['nonce'], $cnonce, $digest_uri, $response_value, $challenge['max buf']); + } } else { return PEAR::raiseError('Invalid digest challenge'); } @@ -125,8 +129,7 @@ */ // Realm if (empty($tokens['realm'])) { - $uname = posix_uname(); - $tokens['realm'] = $uname['nodename']; + $tokens['realm'] = ''; } // Maxbuf
 [2006-03-22 00:20 UTC] amistry at php dot net (Anish Mistry)
damian is inactive. I've committed the patch to the CVS. Please verify that it is correct. Thank you.
 [2006-05-21 02:12 UTC] amistry at php dot net (Anish Mistry)
Thank you for your bug report. This issue has been fixed in the latest released version of the package, which you can download at http://pear.php.net/get/Auth_SASL