Active
Project:
OpenID
Version:
5.x-1.1
Component:
OpenID Client
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
13 Mar 2008 at 17:00 UTC
Updated:
29 Mar 2008 at 23:55 UTC
This OpenID module doesn't follow the OpenID spec when using DH association. It should pass up the modulus and the gen used in creating the public key.
http://openid.net/specs/openid-authentication-2_0.html#anchor19
The code just needs to be modified to pass up these parameters when using DH.
$request['openid.dh_modulus'] = OPENID_DH_DEFAULT_MOD;
$request['openid.dh_gen '] = OPENID_DH_DEFAULT_GEN;
In function openid_association_request()
Comments
Comment #1
soconnor commentedWhoops should have tested the fix before posting this bug. :-P The values need to be base64_encode'd
$request['openid.dh_modulus'] = base64_encode(OPENID_DH_DEFAULT_MOD);
$request['openid.dh_gen '] = base64_encode(OPENID_DH_DEFAULT_GEN);
Comment #2
Leeteq commentedSubscribing.