Red Hat Bugzilla – Bug 595462
hmac is not calculated properly.
Last modified: 2010-08-25 21:00:50 EDT
After upgrading to fedora 12 the TSIG code stopped working.
I took a look and find out this code
$this->mac = mhash(MHASH_MD5, $sigdata, $key);
was replaced with
$this->mac = $this->hmac($sigdata, $key, 'md5');
and hmac function was added. I assume due to lack of mhash support in PHP 5.3.
I didn't look enough in the function, what it does wrong, but there is no need for it at all.
Instead code should be changed to
$this->mac = hash_hmac('md5', $sigdata, $key, true);
And all works fine with standard PHP5.3 functions
Is this bug reported upstream ?
Bug ref ?
The page says:
This package is not maintained, if you would like to take over please go to this page.
By the way, what is "TSIG code"? :)
Sorry for the lingo :)
As upstream seems active on http://pear.php.net/bugs/bug.php?id=17431, I'm waiting on a response. If in about 1 month we don't get any, we can apply a patch for Fedora specifically as we don't need PHP4 support.
Ok, we are one month later. Vadym, could tell me if meanwhile the SVN version you are probably using is stable and could be pushed instead of the very old 1.0.1?
Yes, trunk version works as expected, it fixed several other issues as well.
A new upstream version fixing the problems is available, I'll repackage it during the week. Thanks for pushing upstream Vadym.
php-pear-Net-DNS-1.0.5-1.fc13 has been submitted as an update for Fedora 13.
php-pear-Net-DNS-1.0.5-1.fc14 has been submitted as an update for Fedora 14.
php-pear-Net-DNS-1.0.5-1.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update php-pear-Net-DNS'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/php-pear-Net-DNS-1.0.5-1.fc14
php-pear-Net-DNS-1.0.5-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
php-pear-Net-DNS-1.0.5-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.