ID: 33588 Updated by: [EMAIL PROTECTED] Reported By: cajus at naasa dot net Status: Closed Bug Type: LDAP related Operating System: Debian GNU/Linux PHP Version: 5.0.4 Assigned To: sniper New Comment:
Note: I did not use your patch as it wouldn't have allowed retaining the current behaviour. You can now pass base_dn NULL to make it use ldap.conf. Previous Comments: ------------------------------------------------------------------------ [2005-07-09 02:47:08] [EMAIL PROTECTED] This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ [2005-07-06 13:55:09] cajus at naasa dot net Description: ------------ I've found that searching the RootDSE does not work with PHP, because the base is set to NULL when no base is specified. This fact causes the LDAP library to look into the systems ldap.conf to take the base from there - which is probably not what we want. The following patch fixes the problem: --- php5-5.0.4/ext/ldap/ldap.c 2005-01-19 01:27:42.000000000 +0100 +++ php5-5.0.4/ext/ldap/ldap.c.fixed 2005-07-01 17:15:55.000000000 +0200 @@ -575,6 +575,7 @@ { zval **link, **base_dn, **filter, **attrs, **attr, **attrsonly, **sizelimit, **timelimit, **deref; char *ldap_base_dn = NULL; + char *dummy_base_dn = ""; char *ldap_filter = NULL; char **ldap_attrs = NULL; ldap_linkdata *ld; @@ -674,7 +675,7 @@ } else { nbases = 0; /* this means string, not array */ convert_to_string_ex(base_dn); - ldap_base_dn = Z_STRLEN_PP(base_dn) < 1 ? NULL : Z_STRVAL_PP(base_dn); + ldap_base_dn = Z_STRLEN_PP(base_dn) < 1 ? dummy_base_dn : Z_STRVAL_PP(base_dn); } if (Z_TYPE_PP(filter) == IS_ARRAY) { @@ -713,7 +714,7 @@ zend_hash_get_current_data(Z_ARRVAL_PP(base_dn), (void **)&entry); zend_hash_move_forward(Z_ARRVAL_PP(base_dn)); convert_to_string_ex(entry); - ldap_base_dn = Z_STRLEN_PP(entry) < 1 ? NULL : Z_STRVAL_PP(entry); + ldap_base_dn = Z_STRLEN_PP(entry) < 1 ? dummy_base_dn : Z_STRVAL_PP(entry); } if (nfilters != 0) { /* filter an array? */ zend_hash_get_current_data(Z_ARRVAL_PP(filter), (void **)&entry); @@ -756,7 +757,7 @@ /* fix to make null base_dn's work */ if (strlen(ldap_base_dn) < 1) { - ldap_base_dn = NULL; + ldap_base_dn = dummy_base_dn; } ld = (ldap_linkdata *) zend_fetch_resource(link TSRMLS_CC, -1, "ldap link", NULL, 1, le_link); Reproduce code: --------------- <?php # ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts function get_naming_contexts($server, $admin, $password) { /* Build LDAP connection */ $ds= ldap_connect ($server); if (!$ds) { die ("Can't bind to LDAP. No check possible!"); } ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); $r= ldap_bind ($ds, $admin, $password); /* Get base to look for naming contexts */ $sr = @ldap_read ($ds, "", "objectClass=*", array("namingContexts")); $attr= @ldap_get_entries($ds,$sr); print_r($attr); } get_naming_contexts("what.server.ever.org", "cn=admindn,dc=whatever,dc=org", "secret"); ?> Expected result: ---------------- Array ( [count] => 1 [0] => Array ( [namingcontexts] => Array ( [count] => 2 [0] => dc=whatever,dc=org [1] => dc=whatever,dc=shell ) [0] => namingcontexts [count] => 1 [dn] => ) ) Actual result: -------------- Array ( [count] => 1 [0] => Array ( [count] => 0 [dn] => dc=whatever,dc=org ) ) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=33588&edit=1
