diff options
Diffstat (limited to 'ext/ldap/ldap.c')
-rw-r--r-- | ext/ldap/ldap.c | 114 |
1 files changed, 97 insertions, 17 deletions
diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c index ab1186572e..0ead76c894 100644 --- a/ext/ldap/ldap.c +++ b/ext/ldap/ldap.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 7 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2015 The PHP Group | + | Copyright (c) 1997-2016 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -71,9 +71,24 @@ #define PHP_LDAP_ESCAPE_FILTER 0x01 #define PHP_LDAP_ESCAPE_DN 0x02 +#if defined(LDAP_CONTROL_PAGEDRESULTS) && !defined(HAVE_LDAP_CONTROL_FIND) +LDAPControl *ldap_control_find( const char *oid, LDAPControl **ctrls, LDAPControl ***nextctrlp) +{ + assert(nextctrlp == NULL); + return ldap_find_control(oid, ctrls); +} +#endif + +#if !defined(LDAP_API_FEATURE_X_OPENLDAP) +void ldap_memvfree(void **v) +{ + ldap_value_free((char **)v); +} +#endif + typedef struct { LDAP *link; -#if defined(HAVE_3ARG_SETREBINDPROC) +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC) zval rebindproc; #endif } ldap_linkdata; @@ -97,10 +112,8 @@ static void _close_ldap_link(zend_resource *rsrc) /* {{{ */ { ldap_linkdata *ld = (ldap_linkdata *)rsrc->ptr; - /* ldap_unbind_s() is deprecated; - * the distinction between ldap_unbind() and ldap_unbind_s() is moot */ ldap_unbind_ext(ld->link, NULL, NULL); -#ifdef HAVE_3ARG_SETREBINDPROC +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC) zval_ptr_dtor(&ld->rebindproc); #endif @@ -175,6 +188,9 @@ PHP_MINIT_FUNCTION(ldap) #elif defined (LDAP_X_OPT_CONNECT_TIMEOUT) REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_X_OPT_CONNECT_TIMEOUT, CONST_PERSISTENT | CONST_CS); #endif +#ifdef LDAP_OPT_TIMEOUT + REGISTER_LONG_CONSTANT("LDAP_OPT_TIMEOUT", LDAP_OPT_TIMEOUT, CONST_PERSISTENT | CONST_CS); +#endif REGISTER_LONG_CONSTANT("LDAP_OPT_PROTOCOL_VERSION", LDAP_OPT_PROTOCOL_VERSION, CONST_PERSISTENT | CONST_CS); REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_NUMBER", LDAP_OPT_ERROR_NUMBER, CONST_PERSISTENT | CONST_CS); REGISTER_LONG_CONSTANT("LDAP_OPT_REFERRALS", LDAP_OPT_REFERRALS, CONST_PERSISTENT | CONST_CS); @@ -212,6 +228,16 @@ PHP_MINIT_FUNCTION(ldap) REGISTER_LONG_CONSTANT("GSLC_SSL_TWOWAY_AUTH", GSLC_SSL_TWOWAY_AUTH, CONST_PERSISTENT | CONST_CS); #endif +#if (LDAP_API_VERSION > 2000) + REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_REQUIRE_CERT", LDAP_OPT_X_TLS_REQUIRE_CERT, CONST_PERSISTENT | CONST_CS); + + REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_NEVER", LDAP_OPT_X_TLS_NEVER, CONST_PERSISTENT | CONST_CS); + REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_HARD", LDAP_OPT_X_TLS_HARD, CONST_PERSISTENT | CONST_CS); + REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_DEMAND", LDAP_OPT_X_TLS_DEMAND, CONST_PERSISTENT | CONST_CS); + REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_ALLOW", LDAP_OPT_X_TLS_ALLOW, CONST_PERSISTENT | CONST_CS); + REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_TRY", LDAP_OPT_X_TLS_TRY, CONST_PERSISTENT | CONST_CS); +#endif + REGISTER_LONG_CONSTANT("LDAP_ESCAPE_FILTER", PHP_LDAP_ESCAPE_FILTER, CONST_PERSISTENT | CONST_CS); REGISTER_LONG_CONSTANT("LDAP_ESCAPE_DN", PHP_LDAP_ESCAPE_DN, CONST_PERSISTENT | CONST_CS); @@ -338,11 +364,8 @@ PHP_FUNCTION(ldap_connect) ld = ecalloc(1, sizeof(ldap_linkdata)); - /* OpenLDAP provides a specific call to detect valid LDAP URIs; - * ldap_init()/ldap_open() is deprecated, use ldap_initialize() instead. - */ { - int rc; + int rc = LDAP_SUCCESS; char *url = host; if (!ldap_is_ldap_url(url)) { int urllen = hostlen + sizeof( "ldap://:65535" ); @@ -356,7 +379,21 @@ PHP_FUNCTION(ldap_connect) snprintf( url, urllen, "ldap://%s:%ld", host ? host : "", port ); } +#ifdef LDAP_API_FEATURE_X_OPENLDAP + /* ldap_init() is deprecated, use ldap_initialize() instead. + */ rc = ldap_initialize(&ldap, url); +#else /* ! LDAP_API_FEATURE_X_OPENLDAP */ + /* ldap_init does not support URLs. + * We must try the original host and port information. + */ + ldap = ldap_init(host, port); + if (ldap == NULL) { + efree(ld); + php_error_docref(NULL, E_WARNING, "Could not create session handle"); + RETURN_FALSE; + } +#endif /* ! LDAP_API_FEATURE_X_OPENLDAP */ if (url != host) { efree(url); } @@ -456,14 +493,19 @@ PHP_FUNCTION(ldap_bind) } { +#ifdef LDAP_API_FEATURE_X_OPENLDAP + /* ldap_simple_bind_s() is deprecated, use ldap_sasl_bind_s() instead. + */ struct berval cred; - /* ldap_bind_s() is deprecated; use ldap_sasl_bind_s() instead */ cred.bv_val = ldap_bind_pw; cred.bv_len = ldap_bind_pw ? ldap_bind_pwlen : 0; rc = ldap_sasl_bind_s(ld->link, ldap_bind_dn, LDAP_SASL_SIMPLE, &cred, NULL, NULL, /* no controls right now */ NULL); /* we don't care about the server's credentials */ +#else /* ! LDAP_API_FEATURE_X_OPENLDAP */ + rc = ldap_simple_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw); +#endif /* ! LDAP_API_FEATURE_X_OPENLDAP */ } if ( rc != LDAP_SUCCESS) { php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc)); @@ -639,7 +681,7 @@ static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, in /* timelimit */ if (timelimit > -1) { #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP - ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_timelimit); + ldap_get_option(ldap, LDAP_OPT_TIMELIMIT, old_timelimit); ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit); #else *old_timelimit = ldap->ld_timelimit; @@ -650,7 +692,7 @@ static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, in /* deref */ if (deref > -1) { #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP - ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_deref); + ldap_get_option(ldap, LDAP_OPT_DEREF, old_deref); ldap_set_option(ldap, LDAP_OPT_DEREF, &deref); #else *old_deref = ldap->ld_deref; @@ -699,7 +741,6 @@ static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope) goto cleanup; } - SEPARATE_ZVAL(attr); convert_to_string_ex(attr); ldap_attrs[i] = Z_STRVAL_P(attr); } @@ -1340,7 +1381,6 @@ PHP_FUNCTION(ldap_explode_dn) add_index_string(return_value, i, ldap_value[i]); } - /* ldap_value_free() is deprecated */ ldap_memvfree((void **)ldap_value); } /* }}} */ @@ -1431,6 +1471,7 @@ static void php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS, int oper) value = zend_hash_get_current_data(Z_ARRVAL_P(entry)); + ZVAL_DEREF(value); if (Z_TYPE_P(value) != IS_ARRAY) { num_values = 1; } else { @@ -2056,6 +2097,9 @@ PHP_FUNCTION(ldap_get_option) #ifdef LDAP_OPT_RESTART case LDAP_OPT_RESTART: #endif +#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT + case LDAP_OPT_X_TLS_REQUIRE_CERT: +#endif { int val; @@ -2095,6 +2139,25 @@ PHP_FUNCTION(ldap_get_option) ZVAL_LONG(retval, (timeout / 1000)); } break; #endif +#ifdef LDAP_OPT_TIMEOUT + case LDAP_OPT_TIMEOUT: + { + struct timeval *timeout = NULL; + + if (ldap_get_option(ld->link, LDAP_OPT_TIMEOUT, (void *) &timeout)) { + if (timeout) { + ldap_memfree(timeout); + } + RETURN_FALSE; + } + if (!timeout) { + RETURN_FALSE; + } + zval_dtor(retval); + ZVAL_LONG(retval, timeout->tv_sec); + ldap_memfree(timeout); + } break; +#endif /* options with string value */ case LDAP_OPT_ERROR_STRING: #ifdef LDAP_OPT_HOST_NAME @@ -2167,6 +2230,9 @@ PHP_FUNCTION(ldap_set_option) #ifdef LDAP_OPT_DEBUG_LEVEL case LDAP_OPT_DEBUG_LEVEL: #endif +#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT + case LDAP_OPT_X_TLS_REQUIRE_CERT: +#endif { int val; @@ -2200,6 +2266,19 @@ PHP_FUNCTION(ldap_set_option) } } break; #endif +#ifdef LDAP_OPT_TIMEOUT + case LDAP_OPT_TIMEOUT: + { + struct timeval timeout; + + convert_to_long_ex(newval); + timeout.tv_sec = Z_LVAL_P(newval); + timeout.tv_usec = 0; + if (ldap_set_option(ldap, LDAP_OPT_TIMEOUT, (void *) &timeout)) { + RETURN_FALSE; + } + } break; +#endif /* options with string value */ case LDAP_OPT_ERROR_STRING: #ifdef LDAP_OPT_HOST_NAME @@ -2555,7 +2634,7 @@ PHP_FUNCTION(ldap_start_tls) #endif #endif /* (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP */ -#if defined(HAVE_3ARG_SETREBINDPROC) +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC) /* {{{ _ldap_rebind_proc() */ int _ldap_rebind_proc(LDAP *ldap, const char *url, ber_tag_t req, ber_int_t msgid, void *params) @@ -2664,6 +2743,7 @@ static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, ZSTR_VAL(ret)[p] = '\0'; ZSTR_LEN(ret) = p; + return ret; } static void php_ldap_escape_map_set_chars(zend_bool *map, const char *chars, const int charslen, char escape) @@ -3209,7 +3289,7 @@ ZEND_END_ARG_INFO() #endif #endif -#if defined(HAVE_3ARG_SETREBINDPROC) +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC) ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_rebind_proc, 0, 0, 2) ZEND_ARG_INFO(0, link) ZEND_ARG_INFO(0, callback) @@ -3297,7 +3377,7 @@ const zend_function_entry ldap_functions[] = { #endif #endif -#if defined(HAVE_3ARG_SETREBINDPROC) +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC) PHP_FE(ldap_set_rebind_proc, arginfo_ldap_set_rebind_proc) #endif |