summaryrefslogtreecommitdiff
path: root/ext/ldap/ldap.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/ldap/ldap.c')
-rw-r--r--ext/ldap/ldap.c114
1 files changed, 97 insertions, 17 deletions
diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
index ab1186572e..0ead76c894 100644
--- a/ext/ldap/ldap.c
+++ b/ext/ldap/ldap.c
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 7 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2015 The PHP Group |
+ | Copyright (c) 1997-2016 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -71,9 +71,24 @@
#define PHP_LDAP_ESCAPE_FILTER 0x01
#define PHP_LDAP_ESCAPE_DN 0x02
+#if defined(LDAP_CONTROL_PAGEDRESULTS) && !defined(HAVE_LDAP_CONTROL_FIND)
+LDAPControl *ldap_control_find( const char *oid, LDAPControl **ctrls, LDAPControl ***nextctrlp)
+{
+ assert(nextctrlp == NULL);
+ return ldap_find_control(oid, ctrls);
+}
+#endif
+
+#if !defined(LDAP_API_FEATURE_X_OPENLDAP)
+void ldap_memvfree(void **v)
+{
+ ldap_value_free((char **)v);
+}
+#endif
+
typedef struct {
LDAP *link;
-#if defined(HAVE_3ARG_SETREBINDPROC)
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
zval rebindproc;
#endif
} ldap_linkdata;
@@ -97,10 +112,8 @@ static void _close_ldap_link(zend_resource *rsrc) /* {{{ */
{
ldap_linkdata *ld = (ldap_linkdata *)rsrc->ptr;
- /* ldap_unbind_s() is deprecated;
- * the distinction between ldap_unbind() and ldap_unbind_s() is moot */
ldap_unbind_ext(ld->link, NULL, NULL);
-#ifdef HAVE_3ARG_SETREBINDPROC
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
zval_ptr_dtor(&ld->rebindproc);
#endif
@@ -175,6 +188,9 @@ PHP_MINIT_FUNCTION(ldap)
#elif defined (LDAP_X_OPT_CONNECT_TIMEOUT)
REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_X_OPT_CONNECT_TIMEOUT, CONST_PERSISTENT | CONST_CS);
#endif
+#ifdef LDAP_OPT_TIMEOUT
+ REGISTER_LONG_CONSTANT("LDAP_OPT_TIMEOUT", LDAP_OPT_TIMEOUT, CONST_PERSISTENT | CONST_CS);
+#endif
REGISTER_LONG_CONSTANT("LDAP_OPT_PROTOCOL_VERSION", LDAP_OPT_PROTOCOL_VERSION, CONST_PERSISTENT | CONST_CS);
REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_NUMBER", LDAP_OPT_ERROR_NUMBER, CONST_PERSISTENT | CONST_CS);
REGISTER_LONG_CONSTANT("LDAP_OPT_REFERRALS", LDAP_OPT_REFERRALS, CONST_PERSISTENT | CONST_CS);
@@ -212,6 +228,16 @@ PHP_MINIT_FUNCTION(ldap)
REGISTER_LONG_CONSTANT("GSLC_SSL_TWOWAY_AUTH", GSLC_SSL_TWOWAY_AUTH, CONST_PERSISTENT | CONST_CS);
#endif
+#if (LDAP_API_VERSION > 2000)
+ REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_REQUIRE_CERT", LDAP_OPT_X_TLS_REQUIRE_CERT, CONST_PERSISTENT | CONST_CS);
+
+ REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_NEVER", LDAP_OPT_X_TLS_NEVER, CONST_PERSISTENT | CONST_CS);
+ REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_HARD", LDAP_OPT_X_TLS_HARD, CONST_PERSISTENT | CONST_CS);
+ REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_DEMAND", LDAP_OPT_X_TLS_DEMAND, CONST_PERSISTENT | CONST_CS);
+ REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_ALLOW", LDAP_OPT_X_TLS_ALLOW, CONST_PERSISTENT | CONST_CS);
+ REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_TRY", LDAP_OPT_X_TLS_TRY, CONST_PERSISTENT | CONST_CS);
+#endif
+
REGISTER_LONG_CONSTANT("LDAP_ESCAPE_FILTER", PHP_LDAP_ESCAPE_FILTER, CONST_PERSISTENT | CONST_CS);
REGISTER_LONG_CONSTANT("LDAP_ESCAPE_DN", PHP_LDAP_ESCAPE_DN, CONST_PERSISTENT | CONST_CS);
@@ -338,11 +364,8 @@ PHP_FUNCTION(ldap_connect)
ld = ecalloc(1, sizeof(ldap_linkdata));
- /* OpenLDAP provides a specific call to detect valid LDAP URIs;
- * ldap_init()/ldap_open() is deprecated, use ldap_initialize() instead.
- */
{
- int rc;
+ int rc = LDAP_SUCCESS;
char *url = host;
if (!ldap_is_ldap_url(url)) {
int urllen = hostlen + sizeof( "ldap://:65535" );
@@ -356,7 +379,21 @@ PHP_FUNCTION(ldap_connect)
snprintf( url, urllen, "ldap://%s:%ld", host ? host : "", port );
}
+#ifdef LDAP_API_FEATURE_X_OPENLDAP
+ /* ldap_init() is deprecated, use ldap_initialize() instead.
+ */
rc = ldap_initialize(&ldap, url);
+#else /* ! LDAP_API_FEATURE_X_OPENLDAP */
+ /* ldap_init does not support URLs.
+ * We must try the original host and port information.
+ */
+ ldap = ldap_init(host, port);
+ if (ldap == NULL) {
+ efree(ld);
+ php_error_docref(NULL, E_WARNING, "Could not create session handle");
+ RETURN_FALSE;
+ }
+#endif /* ! LDAP_API_FEATURE_X_OPENLDAP */
if (url != host) {
efree(url);
}
@@ -456,14 +493,19 @@ PHP_FUNCTION(ldap_bind)
}
{
+#ifdef LDAP_API_FEATURE_X_OPENLDAP
+ /* ldap_simple_bind_s() is deprecated, use ldap_sasl_bind_s() instead.
+ */
struct berval cred;
- /* ldap_bind_s() is deprecated; use ldap_sasl_bind_s() instead */
cred.bv_val = ldap_bind_pw;
cred.bv_len = ldap_bind_pw ? ldap_bind_pwlen : 0;
rc = ldap_sasl_bind_s(ld->link, ldap_bind_dn, LDAP_SASL_SIMPLE, &cred,
NULL, NULL, /* no controls right now */
NULL); /* we don't care about the server's credentials */
+#else /* ! LDAP_API_FEATURE_X_OPENLDAP */
+ rc = ldap_simple_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw);
+#endif /* ! LDAP_API_FEATURE_X_OPENLDAP */
}
if ( rc != LDAP_SUCCESS) {
php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
@@ -639,7 +681,7 @@ static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, in
/* timelimit */
if (timelimit > -1) {
#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
- ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_timelimit);
+ ldap_get_option(ldap, LDAP_OPT_TIMELIMIT, old_timelimit);
ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit);
#else
*old_timelimit = ldap->ld_timelimit;
@@ -650,7 +692,7 @@ static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, in
/* deref */
if (deref > -1) {
#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
- ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_deref);
+ ldap_get_option(ldap, LDAP_OPT_DEREF, old_deref);
ldap_set_option(ldap, LDAP_OPT_DEREF, &deref);
#else
*old_deref = ldap->ld_deref;
@@ -699,7 +741,6 @@ static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
goto cleanup;
}
- SEPARATE_ZVAL(attr);
convert_to_string_ex(attr);
ldap_attrs[i] = Z_STRVAL_P(attr);
}
@@ -1340,7 +1381,6 @@ PHP_FUNCTION(ldap_explode_dn)
add_index_string(return_value, i, ldap_value[i]);
}
- /* ldap_value_free() is deprecated */
ldap_memvfree((void **)ldap_value);
}
/* }}} */
@@ -1431,6 +1471,7 @@ static void php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS, int oper)
value = zend_hash_get_current_data(Z_ARRVAL_P(entry));
+ ZVAL_DEREF(value);
if (Z_TYPE_P(value) != IS_ARRAY) {
num_values = 1;
} else {
@@ -2056,6 +2097,9 @@ PHP_FUNCTION(ldap_get_option)
#ifdef LDAP_OPT_RESTART
case LDAP_OPT_RESTART:
#endif
+#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
+ case LDAP_OPT_X_TLS_REQUIRE_CERT:
+#endif
{
int val;
@@ -2095,6 +2139,25 @@ PHP_FUNCTION(ldap_get_option)
ZVAL_LONG(retval, (timeout / 1000));
} break;
#endif
+#ifdef LDAP_OPT_TIMEOUT
+ case LDAP_OPT_TIMEOUT:
+ {
+ struct timeval *timeout = NULL;
+
+ if (ldap_get_option(ld->link, LDAP_OPT_TIMEOUT, (void *) &timeout)) {
+ if (timeout) {
+ ldap_memfree(timeout);
+ }
+ RETURN_FALSE;
+ }
+ if (!timeout) {
+ RETURN_FALSE;
+ }
+ zval_dtor(retval);
+ ZVAL_LONG(retval, timeout->tv_sec);
+ ldap_memfree(timeout);
+ } break;
+#endif
/* options with string value */
case LDAP_OPT_ERROR_STRING:
#ifdef LDAP_OPT_HOST_NAME
@@ -2167,6 +2230,9 @@ PHP_FUNCTION(ldap_set_option)
#ifdef LDAP_OPT_DEBUG_LEVEL
case LDAP_OPT_DEBUG_LEVEL:
#endif
+#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
+ case LDAP_OPT_X_TLS_REQUIRE_CERT:
+#endif
{
int val;
@@ -2200,6 +2266,19 @@ PHP_FUNCTION(ldap_set_option)
}
} break;
#endif
+#ifdef LDAP_OPT_TIMEOUT
+ case LDAP_OPT_TIMEOUT:
+ {
+ struct timeval timeout;
+
+ convert_to_long_ex(newval);
+ timeout.tv_sec = Z_LVAL_P(newval);
+ timeout.tv_usec = 0;
+ if (ldap_set_option(ldap, LDAP_OPT_TIMEOUT, (void *) &timeout)) {
+ RETURN_FALSE;
+ }
+ } break;
+#endif
/* options with string value */
case LDAP_OPT_ERROR_STRING:
#ifdef LDAP_OPT_HOST_NAME
@@ -2555,7 +2634,7 @@ PHP_FUNCTION(ldap_start_tls)
#endif
#endif /* (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP */
-#if defined(HAVE_3ARG_SETREBINDPROC)
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
/* {{{ _ldap_rebind_proc()
*/
int _ldap_rebind_proc(LDAP *ldap, const char *url, ber_tag_t req, ber_int_t msgid, void *params)
@@ -2664,6 +2743,7 @@ static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value,
ZSTR_VAL(ret)[p] = '\0';
ZSTR_LEN(ret) = p;
+ return ret;
}
static void php_ldap_escape_map_set_chars(zend_bool *map, const char *chars, const int charslen, char escape)
@@ -3209,7 +3289,7 @@ ZEND_END_ARG_INFO()
#endif
#endif
-#if defined(HAVE_3ARG_SETREBINDPROC)
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_rebind_proc, 0, 0, 2)
ZEND_ARG_INFO(0, link)
ZEND_ARG_INFO(0, callback)
@@ -3297,7 +3377,7 @@ const zend_function_entry ldap_functions[] = {
#endif
#endif
-#if defined(HAVE_3ARG_SETREBINDPROC)
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
PHP_FE(ldap_set_rebind_proc, arginfo_ldap_set_rebind_proc)
#endif
View Lorry Controller Status