Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.2.1

Bug #4884 Fix for version 3 DB_ldap
Submitted: 2005-07-22 14:33 UTC
From: hamnis at start dot no Assigned: dufuz
Status: Closed Package: DB_ldap
PHP Version: 5.0.4 OS: Debian GNU/Linux sarge
Roadmaps: (Not assigned)    
Subscription  


 [2005-07-22 14:33 UTC] hamnis at start dot no
Description: ------------ --- /usr/local/share/php/DB/ldap.php 2005-07-22 16:19:40.840020904 +0200 +++ ldap.php 2005-07-22 16:18:41.989967472 +0200 @@ -404,6 +404,7 @@ $port = $dsninfo['port']; $this->base = $dsninfo['database']; $this->d_base = $this->base; + $version = $dsninfo['protocol']; if (empty($host)) { return $this->raiseError("no host specified $host"); @@ -417,6 +418,9 @@ if (!$conn) { return $this->raiseError(DB_ERROR_CONNECT_FAILED); } + if (isset($version)) { + ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, $version); + } else ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 2); if ($user && $pw) { $bind = @ldap_bind($conn, $user, $pw); } else { Test script: --------------- before patch connecting to a openldap 2.2.27 server generates the following error: $db = DB::connect($param); if (PEAR::isError($db)) echo $db->getMessage(); gives: DB_ERROR -> insufficient permissions after patch: The same code gives a DB_OK object. Expected result: ---------------- DB_OK object Actual result: -------------- DB_ERROR object.

Comments

 [2005-11-14 13:45 UTC] richter at jakota dot de
I second that. DB_LDAP cannot connect() to a LDAP-Server (I tested on two OpenLDAP 2.2.23 servers) that does not have the "allow bind_v2" option set. Maybe protocol v3 should become the standard, as "man slapd.conf" says protocol v2 is "Historic (RFC 3494)". In addition to the method to set the protocol version implemented in the patch, I suggest to make connect() accept an options-array like the parent method DB:connect() does. It should be documented that the protocol version can be set by adding an appropriate query string to the DSN URL. (It took me a long time to figure that out...) Thanks for fixing this soon!
 [2008-03-24 20:43 UTC] User who submitted this comment has not confirmed identity
If you submitted this note, check your email.If you do not have a message, click here to re-send
MANUAL CONFIRMATION IS NOT POSSIBLE.  Write a message to pear-dev@lists.php.net
to request the confirmation link.  All bugs/comments/patches associated with this

email address will be deleted within 48 hours if the account request is not confirmed!