On 24/5/04 6:05 pm, Graham Barr <[EMAIL PROTECTED]> wrote: > On 23 May 2004, at 17:51, Peter Marschall wrote: >> let me come back to the mail from Paul Connolly. >> I tested DIGEST-MD5 from Authen-SASL 2.05 against OpenLDAP >> (using cyrus-sasl2 as server-side SASL implementation) and can >> confirm Paul's findings. >> >> I also checked against RFC2831 as well as the newer draft in >> cyrus-sasl2 >> package. Both say: >> - the server sends a quoted list of comma separated qop-values >> e.g. qop="auth,auth-int,auth-conf" >> - the client sends back one of the elements received from the server >> e.g. qop=auth >> So Paul's fixes match the RFCs. >> (If I understand the RFCs and the code correctly he is even right in >> saying >> that the client sending qop values auth-int and auth-conf is not >> supported in >> the code) >> >> I have converted his fixes into unified diff format and added a patch >> for the >> test which I append to this mail >> >> Would you mind applying this patch to Authen-SASL and release a new >> version ? > > Sure, this is great. Thanks. > > If anyone, who has more understanding of DIGEST-MD5 than I, has any > time and feels like expanding the testcase to cover more scenarios then > I would be very grateful.
>From looking at the patch I think this is a different one to the one I saw. Since my colleague's one of the DIGEST-MD5 draft editors, I'll see if I can co-opt him into writing some tests :-) Cheers, Chris
