Bug #2154 :: "realm" isn't contained in challange, DigestMD5 doesn't work on Windows

Package home | Report new bug | New search | Development Roadmap

Status: Open | Feedback | All | Closed Since Version 1.2.0

Bug #2154	"realm" isn't contained in challange, DigestMD5 doesn't work on Windows
Submitted:	2004-08-18 05:20 UTC
From:	kmizuno9999 at yahoo dot co dot jp	Assigned:	amistry
Status:	Closed	Package:	Auth_SASL
PHP Version:	4.3.7	OS:	Windows XP
Roadmaps:	(Not assigned)
Subscription	Your email:

Comments Add Comment Add patch

[2004-08-18 05:20 UTC] kmizuno9999 at yahoo dot co dot jp

Description:
------------
When the server's response "realm" isn't contained in challange, Auth_SASL_DigestMD5() doesn't work on Windows platforms.

It should not use posix_uname().
This function is not available on Windows platforms.

DigestMD5.php line 129
// Realm
if (empty($tokens['realm'])) {
    $uname = posix_uname(); <--- this function is problem.
             ^^^^^^^^^^^^^
    $tokens['realm'] = $uname['nodename'];
}

e.g. Communigate PRO's challange doesn't contain 'realm'.

Comments

[2004-09-16 01:31 UTC] miyabe at port4 dot info

Why don't we omit the realm directive when the challenge did not contain realm?
See RFC 2831 2.1.2

Here's patch which is mixed with a change for Bug#2143:

--- DigestMD5.php.orig  2003-09-12 03:53:56.000000000 +0900
+++ DigestMD5.php       2004-09-16 09:57:50.000000000 +0900
@@ -32,7 +32,7 @@
 // | Author: Richard Heyes <richard@php.net>                               |
 // +-----------------------------------------------------------------------+
 //
-// $Id: DigestMD5.php,v 1.7 2003/09/11 18:53:56 mbretter Exp $
+// $Id: DigestMD5.php,v 1.6 2003/02/21 16:07:17 mj Exp $

 /**
 * Implmentation of DIGEST-MD5 SASL mechanism
@@ -74,7 +74,11 @@
             $digest_uri     = sprintf('%s/%s', $service, $hostname);
             $response_value = $this->_getResponseValue($authcid, $pass, $challe
nge['realm'], $challenge['nonce'], $cnonce, $digest_uri, $authzid);

-            return sprintf('username="%s",realm="%s"' . $authzid_string  . ',no
nce="%s",cnonce="%s",nc="00000001",qop=auth,digest-uri="%s",response=%s,%d', $au
thcid, $challenge['realm'], $challenge['nonce'], $cnonce, $digest_uri, $response
_value, $challenge['maxbuf']);
+            if ($challenge['realm']) {
+                return sprintf('username="%s",realm="%s"' . $authzid_string  .
',nonce="%s",cnonce="%s",nc=00000001,qop=auth,digest-uri="%s",response=%s,maxbuf
=%d', $authcid, $challenge['realm'], $challenge['nonce'], $cnonce, $digest_uri,
$response_value, $challenge['maxbuf']);
+            } else {
+                return sprintf('username="%s"' . $authzid_string  . ',nonce="%s
",cnonce="%s",nc=00000001,qop=auth,digest-uri="%s",response=%s,maxbuf=%d', $auth
cid, $challenge['nonce'], $cnonce, $digest_uri, $response_value, $challenge['max
buf']);
+            }
         } else {
             return PEAR::raiseError('Invalid digest challenge');
         }
@@ -125,8 +129,7 @@
         */
         // Realm
         if (empty($tokens['realm'])) {
-            $uname = posix_uname();
-            $tokens['realm'] = $uname['nodename'];
+            $tokens['realm'] = '';
         }

         // Maxbuf

[2006-03-22 05:20 UTC] amistry at php dot net (Anish Mistry)

damian is inactive.  I've committed the patch to the CVS.  Please verify that it is correct.  Thank you.

[2006-05-21 07:12 UTC] amistry at php dot net (Anish Mistry)

Thank you for your bug report. This issue has been fixed
in the latest released version of the package, which you can download at
http://pear.php.net/get/Auth_SASL