Edit report at https://bugs.php.net/bug.php?id=63126&edit=1
ID: 63126
Comment by: r...@php.net
Reported by: r...@php.net
Summary: DISABLE_AUTHENTICATOR ignores array
Status: Open
Type: Bug
Package: IMAP related
Operating System: GNU/Linux (Fedora 18)
PHP Version: 5.4.7
Block user comment: N
Private report: N
New Comment:
I can find a exchange server an test the fix.
Test script:
$inbox =
imap_open($server,$userlogin,$password,OP_HALFOPEN,1,array('DISABLE_AUTHENTICATOR'
=> array('GSSAPI','NTLM')));
var_dump(imap_errors());
Without the patch:
array(2) {
[0]=>
string(148) "Kerberos error: Credentials cache file
'/run/user/1000/krb5cc_ea1f24ead9d3199b715d4d57505d4335/t (try running kinit)
for exchange2007.xxxx"
[1]=>
string(55) "SECURITY PROBLEM: insecure server advertised AUTH=PLAIN"
}
With the patch:
array(1) {
[0]=>
string(55) "SECURITY PROBLEM: insecure server advertised AUTH=PLAIN"
}
Previous Comments:
------------------------------------------------------------------------
[2012-09-21 06:42:50] r...@php.net
This also affects php 5.3
------------------------------------------------------------------------
[2012-09-21 06:33:46] r...@php.net
Description:
------------
According to source code, DISABLE_AUTHENTICATOR could be a string or an array.
Works as expected:
imap_open($srv,$user,$pass,OP_HALF_OPEN,1,
array('DISABLE_AUTHENTICATOR'=>'GSSAPI');
Doesn't works:
imap_open($srv,$user,$pass,OP_HALF_OPEN,1,
array('DISABLE_AUTHENTICATOR'=>array('GSSAPI','NTLM'));
The trivial attached patch should fix this (but cannot test it)
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=63126&edit=1
