Recent Topics

1 Jan 18, 2008 15:36    

Hello,

I found a little bug in openid plugin.
If /dev/random is not available on your system, you can configure pseudo random source instead.
- _openid.plugin.php use the keyword pseudo
- php-openid/Auth/OpenID/CryptUtil.php use the keyword null

If you used null when installing the plugin you got the error

"The source for randomness (null) is not available. Please configure it."

If you use pseudo, you are able to install the plugin but not use it. You got the error

Define Auth_OpenID_RAND_SOURCE as null to continue with an insecure random number generator

So I made 2 modifications in _openid.plugin.php

ligne 78

                           'note' => $this->T_( sprintf('A source "file" for randomness. Set this to "%s", if you do not have /dev/urandom or some     thing similar available.', 'null')), 

line 318

//              if( $random_src == 'pseudo' )
                 if( $random_src == 'null' )

2 Jan 22, 2008 04:44

Thanks slamp! When I tried to apply this to v0.5.0 of the plugin I had to find the same info in different places, but it ultimately proved to be valuable info. I see now that there is a 0.5.1 but I haven't tried it yet.


Form is loading...