Bug #16940 :: Net_LDAP2::startTLS should ignore errors before ldap_start

Package home | Report new bug | New search | Development Roadmap

Status: Open | Feedback | All | Closed Since Version 2.2.0

Bug #16940	Net_LDAP2::startTLS should ignore errors before ldap_start_tls() being called
Submitted:	2009-12-23 01:53 UTC
From:	fajo	Assigned:	beni
Status:	Closed	Package:	Net_LDAP2 (version 2.0.7)
PHP Version:	5.1.6	OS:	CentOS 5.4
Roadmaps:	2.1.0
Subscription	Your email:

Comments Add Comment Add patch

[2009-12-23 01:53 UTC] fajo (Falk John)

Description:
------------
The method Net_LDAP2::startTLS() tries to fetch/query the rootDse for extensions supported. This causes the method to fail if the LDAP server (OpenLDAP 2 in our case) does not allow queries over an unencrypted channel.

The method should ignore errors caused by calls to rootDse() and getValue(). Since the caller explicitely asked to use TLS it should be sufficient to return an error if the actual call to ldap_start_tls() fails. There is no need to check if this feature is supported by the server.

Comments

[2009-12-23 18:58 UTC] beni (Benedikt Hallinger)

-Assigned To:
+Assigned To: beni

[2009-12-23 19:15 UTC] beni (Benedikt Hallinger)

Fixed in current SVN (revision 292538), please test and verify proper function.
Thanks, merry christmas! :D

[2010-01-11 11:36 UTC] beni (Benedikt Hallinger)

-Roadmap Versions:
+Roadmap Versions: 2.1.0
Hi, does this fix work for you?
If not, please reopen this bug report.

Thanks again for your help!

[2010-01-11 11:36 UTC] beni (Benedikt Hallinger)

-Status: Assigned
+Status: Closed
This bug has been fixed in SVN.

If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET).

If this was a problem with the pear.php.net website, the change should be live shortly.

Otherwise, the fix will appear in the package's next release.

Thank you for the report and for helping us make PEAR better.