PHP-OpenID-0.0.8.2 released
Dan Libby
danda at videntity.org
Tue Sep 13 16:09:12 PDT 2005
Hi Christian,
It looks like I even ported bugs from the python implementation. :)
Below is a patch that fixes the issue for both the PHP and Python
libraries. It also adds your example as a test case.
Please report PHP-OpenID bugs to php-openid at videntity dot org. If
you want to CC the list, I've no objection.
regards,
Dan Libby
========================
Patch for PHP OpenID 0.0.8.2:
========================
*** trustroot.php 6 Sep 2005 15:15:30 -0000 1.1
--- trustroot.php 14 Sep 2005 02:14:21 -0000
***************
*** 94,100 ****
$host = array();
$cnt = count( $host_parts );
if( strlen($host_parts[$cnt-1]) == 2) {
! if( $cnt > 1 && strlen($host_parts[$cnt-2]) <= 3) {
$host = array_slice( $host_parts, 0, $cnt-2);
}
}
--- 94,100 ----
$host = array();
$cnt = count( $host_parts );
if( strlen($host_parts[$cnt-1]) == 2) {
! if( $cnt > 1 && strlen($host_parts[$cnt-1]) <= 3) {
$host = array_slice( $host_parts, 0, $cnt-2);
}
}
***************
*** 317,322 ****
--- 317,323 ----
assertSane('http://*.com.au/', false);
assertSane('http://*.co.uk/', false);
assertSane('http://localhost:8082/?action=openid', true);
+ assertSane('http://greg.abstrakt.ch', true);
// XXX: what exactly is a sane trust root?
// assertSane('http) {//*.k12.va.us/', false)
========================
Patch for Python OpenID 0.0.8:
========================
*** trustroot.py 28 Aug 2005 03:04:56 -0000 1.1
--- trustroot.py 14 Sep 2005 02:08:22 -0000
***************
*** 64,70 ****
# extract sane "top-level-domain"
host = []
if len(host_parts[-1]) == 2:
! if len(host_parts[-2]) <= 3:
host = host_parts[:-2]
elif len(host_parts[-1]) == 3:
host = host_parts[:-1]
--- 64,70 ----
# extract sane "top-level-domain"
host = []
if len(host_parts[-1]) == 2:
! if len(host_parts[-1]) <= 3:
host = host_parts[:-2]
elif len(host_parts[-1]) == 3:
host = host_parts[:-1]
***************
*** 218,223 ****
--- 218,224 ----
assertSane('http://*.com.au/', False)
assertSane('http://*.co.uk/', False)
assertSane('http://localhost:8082/?action=openid', True)
+ assertSane('http://greg.abstrakt.ch', True);
# XXX: what exactly is a sane trust root?
#assertSane('http://*.k12.va.us/', False)
Christian Stocker wrote:
>Hi
>
>Another Bug:
>
>trustroot.php, method isSane(), line 97:
> if( $cnt > 1) && strlen($host_parts[$cnt-2]) <= 3) {
>
>Doesn't parse for example
>
>greg.abstrakt.ch
>
>correctly (and a lot of other internationally common domains).
>
>I assume the check is for things like example.co.uk etc.
>
>I don't know, how to make that more correct (not sure, what it actually
>should reject and what not), but removing "&&
>strlen($host_parts[$cnt-2]) <= 3" helped for the time beeing
>
>And, shall I report bugs here on this list in the future or just
>directly to dan?
>
>chregu
>
>
More information about the yadis
mailing list