ID: 39291
Updated by: [EMAIL PROTECTED]
Reported By: lee dot essen at nowonline dot co dot uk
-Status: No Feedback
+Status: Assigned
Bug Type: LDAP related
Operating System: Solaris 10
PHP Version: 5.1.6
-Assigned To:
+Assigned To: cardoe
New Comment:
Assigned to the maintainer.
Previous Comments:
------------------------------------------------------------------------
[2007-03-24 23:25:23] diafour at gmail dot com
==BEGIN php-5.1.6_ldap_sasl_bind-authcid.diff==
--- original/php-5.1.6/ext/ldap/ldap.c 2006-01-01 15:50:08.000000000
+0300
+++ work/php-5.1.6/ext/ldap/ldap.c 2007-03-25 00:50:23.000000000 +0300
@@ -499,14 +499,14 @@
/* {{{ _php_sasl_setdefs
*/
-static php_ldap_bictx *_php_sasl_setdefs(LDAP *ld, char *sasl_mech,
char *sasl_realm, char *binddn, char *pass, char *sasl_authz_id)
+static php_ldap_bictx *_php_sasl_setdefs(LDAP *ld, char *sasl_mech,
char *sasl_realm, char *sasl_authc_id, char *pass, char *sasl_authz_id)
{
php_ldap_bictx *ctx;
ctx = ber_memalloc(sizeof(php_ldap_bictx));
ctx->mech = (sasl_mech) ? ber_strdup(sasl_mech) : NULL;
ctx->realm = (sasl_realm) ? ber_strdup(sasl_realm) : NULL;
- ctx->authcid = (binddn) ? ber_strdup(binddn) : NULL;
+ ctx->authcid = (sasl_authc_id) ? ber_strdup(sasl_authc_id) : NULL;
ctx->passwd = (pass) ? ber_strdup(pass) : NULL;
ctx->authzid = (sasl_authz_id) ? ber_strdup(sasl_authz_id) : NULL;
@@ -583,18 +583,19 @@
char *pass = NULL;
char *sasl_mech = NULL;
char *sasl_realm = NULL;
+ char *sasl_authc_id = NULL;
char *sasl_authz_id = NULL;
char *props = NULL;
- int rc, dn_len, pass_len, mech_len, realm_len, authz_id_len,
props_len;
+ int rc, dn_len, pass_len, mech_len, realm_len, authc_id_len,
authz_id_len, props_len;
php_ldap_bictx *ctx;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|ssssss",
&link, &binddn, &dn_len, &pass, &pass_len, &sasl_mech, &mech_len,
&sasl_realm, &realm_len, &sasl_authz_id, &authz_id_len, &props,
&props_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|sssssss",
&link, &binddn, &dn_len, &pass, &pass_len, &sasl_mech, &mech_len,
&sasl_realm, &realm_len, &sasl_authc_id, &authc_id_len, &sasl_authz_id,
&authz_id_len, &props, &props_len) == FAILURE) {
RETURN_FALSE;
}
ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link",
le_link);
- ctx = _php_sasl_setdefs(ld->link, sasl_mech, sasl_realm, binddn,
pass, sasl_authz_id);
+ ctx = _php_sasl_setdefs(ld->link, sasl_mech, sasl_realm,
sasl_authc_id, pass, sasl_authz_id);
if (props) {
ldap_set_option(ld->link, LDAP_OPT_X_SASL_SECPROPS, props);
==BEGIN php-5.1.6_ldap_sasl_bind-authcid.diff==
I looked in sources of ldapsearch and did like that guys.
Here is ldap_sasl_bind definition from
http://www.php.net/manual/ru/function.ldap-sasl-bind.php:
bool ldap_sasl_bind ( resource link [, string binddn [, string password
[, string sasl_mech [, string sasl_realm [, string sasl_authz_id [,
string props]]]]]] )
I've added authc_id argument to ldap_sasl_bind function into position
of authz_id argument:
bool ldap_sasl_bind ( resource link [, string binddn [, string password
[, string sasl_mech [, string sasl_realm [, string sasl_authc_id [,
string sasl_authz_id [, string props]]]]]]] )
phplpadadmin works fine after that!
I use login_dn as "uid=username,ou=People,dc=example,dc=com".
Phpldapadmin sets authz_id as "username". ldap_sasl_bind use that
authz_id as authc_id.
P.S. there similar bugs 35611 and 32055
------------------------------------------------------------------------
[2007-01-08 01:00:01] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2007-01-06 13:18:45] willem at hig dot be
Hello,
I am using the following setup:
openldap 2.3.24-r1
php 5.1.6-p14-gentoo
phpldapadmin 1.0.1
The setup with sasl for openldap and connecting with
ldapsearch -Y ... -R ... -U <sasl-id> works fine. But
connection with phpldapadmin (using php ldap_sasl_bind)
does not work. Gives the same problems as "lee dot
lessen" below.
Now I have to put all my users password in the ldap
directory and in sasl (used for cyrus imap) because I have
to use simple binds from phpldapadmin.
Is it possible to give this some priority as now
phpldapadmin sasl support is 100% broken?
I would love to help you guys in testing. Please let me
know.
Regards,
Willem
------------------------------------------------------------------------
[2006-12-31 21:02:34] [EMAIL PROTECTED]
Please provide a patch and we'll review it.
------------------------------------------------------------------------
[2006-12-13 16:41:31] tregi at inwind dot it
Hy,
I am not an LDAP, PHP or SASL expert too, but i'm experiencing the same
problem in using ldap_sasl_bind function. Using ldapsearch i can bind my
LDAP server (Active Directory) only with -U option (authcid). My server
has, i suppose, empty authorization and strong authentication. I try to
use DIGEST-MD5 and it works with ldapsearch, but does not with php.
So, i would appreciate your help; maybe your patch can solve my
problem.
Thanks.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/39291
--
Edit this bug report at http://bugs.php.net/?id=39291&edit=1
