(I reported this ages ago at http://wordpress.org/support/topic/242917, 
but I updated WP-OpenID recently and (unsurprisingly) the problem 
resurfaced and I had to go through an find the fix again. Strictly 
speaking, this is an issue with the underlying OpenID library -- or 
possibly the particular version of BCMath my server has -- not the 
WordPress plugin, but other people might be having the same problem, so 
here's what to do.)


What steps will reproduce the problem?
0. Have BCMath, not GMP.
1. Visit /wp-login.php.
2. Log in with another OpenID provider. 
3. Redirects to provider site, asks for confirmation. 
4. Returns to site, error message: 
OpenIDloginfailed:Serverdeniedcheck_authentication. 

The same occurs when attempting to post comments with an OpenID or 
associate OpenIDs with user accounts.


What is the expected output? What do you see instead?
I expect to be able to authenticate with an OpenID provider, however the 
process fails with the error 
OpenIDloginfailed:Serverdeniedcheck_authentication.


What version of the product are you using? On what operating system?
[INFO] PHP version: 5.2.9
[INFO] PHP memory limit: 32M
[INFO] Include Path:
/home/xxxx/blog/wp/wp-admin
/usr/lib/php
/usr/local/lib/php
[INFO] WordPress version: 2.9
[INFO] PHP OpenID Library Version: 2.1.2
[INFO] MySQL version: 5.0.81
[INFO] WordPress' table prefix: xxxx_
[OK] Curl Support: Version 7.19.5. SSL: OpenSSL/0.9.7a. zlib: 1.2.3. 
Supports: tftp, ftp, telnet, dict, ldap, http, file, https, ftps.
[OK] Big Integer support: BCMath is installed (though GMP is preferred).
[INFO] Plugin Revision: 519
[INFO] Plugin Database Revision: 24426
[INFO] XRDS-Simple: XRDS-Simple plugin is installed.
[OK] Overall Plugin Status


Please provide any additional information below.
This seems to be a problem with the BCMath library used for 
session_type:DH-SHA1. The workaround is forcing the script to run in "dumb 
mode" by changing lines 106-108 in Auth/OpenID.php to:

  //if (Auth_OpenID_getMathLib() === null) {
    Auth_OpenID_setNoMathSupport();
  //}

I still have no idea how or why this causes/fixes the issue.

It's worth noting that even after the "fix" is applied, OpenIDs that have 
failed association previously will likely still fail. Going and deleting 
the trust at the external site seems to force things to start working 
again.