Bug 595462 - hmac is not calculated properly.
hmac is not calculated properly.
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: php-pear-Net-DNS (Show other bugs)
12
All Linux
low Severity medium
: ---
: ---
Assigned To: Steven Moix
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-05-24 13:13 EDT by Vadym Chepkov
Modified: 2010-08-25 21:00 EDT (History)
2 users (show)

See Also:
Fixed In Version: php-pear-Net-DNS-1.0.5-1.fc13
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-08-24 21:17:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vadym Chepkov 2010-05-24 13:13:56 EDT
After upgrading to fedora 12 the TSIG code stopped working.

I took a look and find out this code

$this->mac = mhash(MHASH_MD5, $sigdata, $key);

was replaced with 

$this->mac = $this->hmac($sigdata, $key, 'md5');

and hmac function was added. I assume due to lack of mhash support in PHP 5.3.

I didn't look enough in the function, what it does wrong, but there is no need for it at all.
Instead code should be changed to

$this->mac = hash_hmac('md5', $sigdata, $key, true);

And all works fine with standard PHP5.3 functions
Comment 1 Remi Collet 2010-05-24 13:42:12 EDT
Is this bug reported upstream ? 
Bug ref ?

+
Comment 2 Vadym Chepkov 2010-05-24 13:51:14 EDT
The page says:

This package is not maintained, if you would like to take over please go to this page.

:(
Comment 3 Vadym Chepkov 2010-05-24 14:05:14 EDT
Submitted upstream
17431
Comment 4 Steven Moix 2010-05-24 14:21:18 EDT
By the way, what is "TSIG code"? :)
Comment 5 Vadym Chepkov 2010-05-24 14:31:42 EDT
Sorry for the lingo :)

http://en.wikipedia.org/wiki/TSIG

/usr/share/pear/Net/DNS/RR/TSIG.php
Comment 6 Steven Moix 2010-05-31 05:03:05 EDT
As upstream seems active on http://pear.php.net/bugs/bug.php?id=17431, I'm waiting on a response. If in about 1 month we don't get any, we can apply a patch for Fedora specifically as we don't need PHP4 support.
Comment 7 Steven Moix 2010-07-12 08:24:53 EDT
Ok, we are one month later. Vadym, could tell me if meanwhile the SVN version you are probably using is stable and could be pushed instead of the very old 1.0.1?
Comment 8 Vadym Chepkov 2010-07-13 04:38:37 EDT
Yes, trunk version works as expected, it fixed several other issues as well.
Comment 9 Steven Moix 2010-08-13 12:58:02 EDT
A new upstream version fixing the problems is available, I'll repackage it during the week. Thanks for pushing upstream Vadym.
Comment 10 Fedora Update System 2010-08-14 12:54:59 EDT
php-pear-Net-DNS-1.0.5-1.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/php-pear-Net-DNS-1.0.5-1.fc13
Comment 11 Fedora Update System 2010-08-14 12:55:50 EDT
php-pear-Net-DNS-1.0.5-1.fc14 has been submitted as an update for Fedora 14.
http://admin.fedoraproject.org/updates/php-pear-Net-DNS-1.0.5-1.fc14
Comment 12 Fedora Update System 2010-08-16 12:03:48 EDT
php-pear-Net-DNS-1.0.5-1.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update php-pear-Net-DNS'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/php-pear-Net-DNS-1.0.5-1.fc14
Comment 13 Fedora Update System 2010-08-24 21:17:38 EDT
php-pear-Net-DNS-1.0.5-1.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 14 Fedora Update System 2010-08-25 21:00:46 EDT
php-pear-Net-DNS-1.0.5-1.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.