ID: 31712 Updated by: [EMAIL PROTECTED] Reported By: php at warnertechnology dot com -Status: Assigned +Status: Feedback Bug Type: LDAP related Operating System: Solaris PHP Version: 5.0.3 Assigned To: venaas New Comment:
Please provide short example script with which to try this out. Previous Comments: ------------------------------------------------------------------------ [2005-01-27 00:48:07] php at warnertechnology dot com Unified diff file can be downloaded from http://warnertechnology.com/ldap-diff.txt ------------------------------------------------------------------------ [2005-01-27 00:10:37] php at warnertechnology dot com Description: ------------ The current ext/ldap/ldap.c code does not appear to support Secure LDAP connections when using the Mozilla LDAP C SDK, and it also does not appear to support LDAP URLs. I'm contributing code (or at least a diff since this form doesn't want too many lines) that enable both these features. I couldn't find a way to contribute code other than via a bug report, so I apologize if this isn't the right method. NOTE: I've "ifdef"-ed the code with HAVE_MOZILLALDAP. I have not attempted to rewrite configure to account for this. Caveat emptor. Reproduce code: --------------- 22,23d21 < | 26 Jan 2005 Added support for Mozilla LDAP C SDK with SSL: | < | Matt Warner <[EMAIL PROTECTED]> | 29c27 < #define HAVE_MOZILLALDAP 1 --- > 34,38d31 < #if defined(HAVE_MOZILLALDAP) < #include <ldap.h> < #include <ldap_ssl.h> < #endif < 370,372d362 < #ifdef HAVE_MOZILLALDAP < int ssl=0; < #endif 394,417d383 < #elif HAVE_MOZILLALDAP < // For the moment, we're going to require a single parameter (i.e. "ldap://servername"). < // We're going to let it pass the parsing here because we generate a more readable error below < // when we call ldap_url_parse. < if (ZEND_NUM_ARGS() == 2) { < if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|sl", &host, &hostlen, &port) == FAILURE) { < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failure to parse parameters on line 396 of ldap.c"); < RETURN_FALSE; < } < } < else { < if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &host, &hostlen, &port) == FAILURE) { < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failure to parse parameters on line 402 of ldap.c"); < RETURN_FALSE; < } < } < < if (strncasecmp(host,"ldaps",5)==0) { < ssl = 1; < #ifdef DEBUG < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Setting SSL=1 for Mozilla SDK."); < #endif < } < 420d385 < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failure to parse parameters on line 399 of ldap.c"); 445,503d409 < #elif HAVE_MOZILLALDAP < // Note the following section of code was based on Code Example 10-2 on http://www.mozilla.org/directory/csdk-docs/url.htm < LDAPURLDesc *ludpp; < int res, i; < if ( ( res = ldap_url_parse( host, &ludpp ) ) != 0 ) { < switch( res ){ < case LDAP_URL_ERR_NOTLDAP: < php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL does not begin with \"ldap://\"\n" ); < break; < case LDAP_URL_ERR_NODN: < php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL missing trailing slash after host or port\n" ); < break; < case LDAP_URL_ERR_BADSCOPE: < php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL contains an invalid scope\n" ); < break; < case LDAP_URL_ERR_MEM: < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Not enough memory\n" ); < break; < default: < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown error\n" ); < } < RETURN_FALSE; < } < if (ludpp->lud_port==NULL) { < port=636; < } < else { < #ifdef DEBUG < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Using port number %d",port ); < #endif < port=ludpp->lud_port; < } < if (ssl) { < #ifdef DEBUG < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Calling LDAP SSL routines for Mozilla C SDK"); < #endif < if (ldapssl_client_init("/var/ldap/cert7.db",NULL)<0) { < php_error_docref(NULL TSRMLS_CC, E_WARNING, "ERROR calling ldapssl_client_init"); < efree(ld); < RETURN_FALSE; < } < #ifdef DEBUG < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Calling ldapssl_init for host: %s port: %d",ludpp->lud_host,port); < #endif < < if ((ldap=ldapssl_init(ludpp->lud_host,port, 1))==-1) { < php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL init failed"); < efree(ld); < RETURN_FALSE; < } < #ifdef DEBUG < else < php_error_docref(NULL TSRMLS_CC, E_WARNING, "Completed SSL init routines for Mozilla SDK"); < #endif < } < else { < ldap = ldap_init(ludpp->lud_host,ludpp->lud_port); < } < ldap_free_urldesc(ludpp); 509d414 < php_error_docref(NULL TSRMLS_CC, E_WARNING, "ldap was NULL. Returning false at line 482."); 564d468 < Expected result: ---------------- URLs and SSL support are now available. Actual result: -------------- URLs and SSL support are now available. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=31712&edit=1