Front page | perl.ldap |
Postings from April 2008
On Mar 24, 2008, at 1:02 AM, Phil Pennock wrote: > > Folks, > > The Perl native DIGEST-MD5 implementation for Authen::SASL doesn't > actually implement the second stage verification. Instead, an attempt > to actually verify the server's second stage data results in: > Server did not provide required field(s): algorithm nonce > > That's a bogus complaint, since the server is only supposed to return > rspauth. > > This means that anyone using Authen::SASL::Perl for DIGEST-MD5 > authentication is getting an error if they actually implement the > server > verification step. That this hasn't been an issue before now is ... > rather worrying. > > The attached patch fixes DIGEST-MD5 authentication. This patch no longer applies clean against the repository due to ongoing work. The SVN repository can be found at http://svn.goingon.net/repos/ Authen-SASL/trunk Please also create a testcase which fails and shows the problem on the version you have so we can verify that new code has fixed it. Graham.Thread Previous | Thread Next