[Tickets #11449] CRAM-MD5 broken for imap
bugs at horde.org
bugs at horde.org
Tue Sep 25 18:16:42 UTC 2012
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/11449
------------------------------------------------------------------------------
Ticket | 11449
Created By | patrickdk at patrickdk.com
Summary | CRAM-MD5 broken for imap
Queue | Horde Framework Packages
Version | Git master
Type | Bug
State | Unconfirmed
Priority | 3. High
Milestone |
Patch | 1
Owners |
------------------------------------------------------------------------------
patrickdk at patrickdk.com (2012-09-25 18:16) wrote:
This corrects the param order for hmac and corrects the output type of hmac.
Tested CRAM-MD5 logins now work, and also manually verified calculated
results.
From 2944c3dd0ffd2686d862d90a16f58124ec7c98d1 Mon Sep 17 00:00:00 2001
From: Patrick Domack <patrickdk at patrickdk.com>
Date: Tue, 25 Sep 2012 14:16:17 -0400
Subject: [PATCH] Fix CRAM-MD5 auth
---
.../Imap_Client/lib/Horde/Imap/Client/Socket.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/framework/Imap_Client/lib/Horde/Imap/Client/Socket.php
b/framework/Imap_Client/lib/Horde/Imap/Client/Socket.php
index d88ed7d..3febe49 100644
--- a/framework/Imap_Client/lib/Horde/Imap/Client/Socket.php
+++ b/framework/Imap_Client/lib/Horde/Imap/Client/Socket.php
@@ -570,7 +570,7 @@ class Horde_Imap_Client_Socket extends
Horde_Imap_Client_Base
$cmd = new Horde_Imap_Client_Data_Format_List(
- base64_encode($this->_params['username'] . ' ' .
hash_hmac(strtolower(substr($method, 5)), $this->getParam('password'),
base64_decode($ob['line']), true))
+ base64_encode($this->_params['username'] . ' ' .
hash_hmac(strtolower(substr($method, 5)), base64_decode($ob['line']),
$this->getParam('password'), false))
);
$this->_sendLine($cmd, array(
'debug' => '[' . $method . ' Response]'
--
1.7.9.5
More information about the bugs
mailing list