PEAR Bug #4884 http://pear.php.net/bugs/4884 [Closed] Fix for version 3 DB_ldap en-us pear-webmaster@lists.php.net pear-webmaster@lists.php.net hourly 1 2000-01-01T12:00+00:00 hamnis@... [2005-07-22 10:33:09] http://pear.php.net/bugs/4884 DB_ldap Bug Reported by hamnis@... 2005-07-22T14:33:09-00:00 PHP: 5.0.4 OS: Debian GNU/Linux sarge Package Version: Description: ------------ --- /usr/local/share/php/DB/ldap.php 2005-07-22 16:19:40.840020904 +0200 +++ ldap.php 2005-07-22 16:18:41.989967472 +0200 @@ -404,6 +404,7 @@ $port = $dsninfo['port']; $this->base = $dsninfo['database']; $this->d_base = $this->base; + $version = $dsninfo['protocol']; if (empty($host)) { return $this->raiseError("no host specified $host"); @@ -417,6 +418,9 @@ if (!$conn) { return $this->raiseError(DB_ERROR_CONNECT_FAILED); } + if (isset($version)) { + ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, $version); + } else ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 2); if ($user && $pw) { $bind = @ldap_bind($conn, $user, $pw); } else { Test script: --------------- before patch connecting to a openldap 2.2.27 server generates the following error: $db = DB::connect($param); if (PEAR::isError($db)) echo $db->getMessage(); gives: DB_ERROR -> insufficient permissions after patch: The same code gives a DB_OK object. Expected result: ---------------- DB_OK object Actual result: -------------- DB_ERROR object.]]> DB_ldap Bug Reported by hamnis@... 2005-07-22T14:33:09-00:00 PHP: 5.0.4 OS: Debian GNU/Linux sarge Package Version: Description: ------------ --- /usr/local/share/php/DB/ldap.php 2005-07-22 16:19:40.840020904 +0200 +++ ldap.php 2005-07-22 16:18:41.989967472 +0200 @@ -404,6 +404,7 @@ $port = $dsninfo['port']; $this->base = $dsninfo['database']; $this->d_base = $this->base; + $version = $dsninfo['protocol']; if (empty($host)) { return $this->raiseError("no host specified $host"); @@ -417,6 +418,9 @@ if (!$conn) { return $this->raiseError(DB_ERROR_CONNECT_FAILED); } + if (isset($version)) { + ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, $version); + } else ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 2); if ($user && $pw) { $bind = @ldap_bind($conn, $user, $pw); } else { Test script: --------------- before patch connecting to a openldap 2.2.27 server generates the following error: $db = DB::connect($param); if (PEAR::isError($db)) echo $db->getMessage(); gives: DB_ERROR -> insufficient permissions after patch: The same code gives a DB_OK object. Expected result: ---------------- DB_OK object Actual result: -------------- DB_ERROR object.]]> 2005-07-22T14:33:09-00:00 dufuz [2008-03-24 21:43] http://pear.php.net/bugs/4884#1206394981 This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. Now people can pass the LDAP version via protocal in the dsn array if no protocal is specified then DB_ldap will try to use v3 first and fallback on v2 if setting v3 fails.]]> This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. Now people can pass the LDAP version via protocal in the dsn array if no protocal is specified then DB_ldap will try to use v3 first and fallback on v2 if setting v3 fails.]]> 2008-03-24T21:43:01-00:00 richter@... [2005-11-14 13:45] http://pear.php.net/bugs/4884#1131975957 I second that. DB_LDAP cannot connect() to a LDAP-Server (I tested on two OpenLDAP 2.2.23 servers) that does not have the "allow bind_v2" option set. Maybe protocol v3 should become the standard, as "man slapd.conf" says protocol v2 is "Historic (RFC 3494)". In addition to the method to set the protocol version implemented in the patch, I suggest to make connect() accept an options-array like the parent method DB:connect() does. It should be documented that the protocol version can be set by adding an appropriate query string to the DSN URL. (It took me a long time to figure that out...) Thanks for fixing this soon!]]> I second that. DB_LDAP cannot connect() to a LDAP-Server (I tested on two OpenLDAP 2.2.23 servers) that does not have the "allow bind_v2" option set. Maybe protocol v3 should become the standard, as "man slapd.conf" says protocol v2 is "Historic (RFC 3494)". In addition to the method to set the protocol version implemented in the patch, I suggest to make connect() accept an options-array like the parent method DB:connect() does. It should be documented that the protocol version can be set by adding an appropriate query string to the DSN URL. (It took me a long time to figure that out...) Thanks for fixing this soon!]]> 2005-11-14T13:45:57-00:00