Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.2.1

Bug #4884 Fix for version 3 DB_ldap
Submitted: 2005-07-22 14:33 UTC
From: hamnis at start dot no Assigned: dufuz
Status: Closed Package: DB_ldap
PHP Version: 5.0.4 OS: Debian GNU/Linux sarge
Roadmaps: (Not assigned)    

 [2005-07-22 14:33 UTC] hamnis at start dot no
Description: ------------ --- /usr/local/share/php/DB/ldap.php 2005-07-22 16:19:40.840020904 +0200 +++ ldap.php 2005-07-22 16:18:41.989967472 +0200 @@ -404,6 +404,7 @@ $port = $dsninfo['port']; $this->base = $dsninfo['database']; $this->d_base = $this->base; + $version = $dsninfo['protocol']; if (empty($host)) { return $this->raiseError("no host specified $host"); @@ -417,6 +418,9 @@ if (!$conn) { return $this->raiseError(DB_ERROR_CONNECT_FAILED); } + if (isset($version)) { + ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, $version); + } else ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 2); if ($user && $pw) { $bind = @ldap_bind($conn, $user, $pw); } else { Test script: --------------- before patch connecting to a openldap 2.2.27 server generates the following error: $db = DB::connect($param); if (PEAR::isError($db)) echo $db->getMessage(); gives: DB_ERROR -> insufficient permissions after patch: The same code gives a DB_OK object. Expected result: ---------------- DB_OK object Actual result: -------------- DB_ERROR object.


 [2005-11-14 13:45 UTC] richter at jakota dot de
I second that. DB_LDAP cannot connect() to a LDAP-Server (I tested on two OpenLDAP 2.2.23 servers) that does not have the "allow bind_v2" option set. Maybe protocol v3 should become the standard, as "man slapd.conf" says protocol v2 is "Historic (RFC 3494)". In addition to the method to set the protocol version implemented in the patch, I suggest to make connect() accept an options-array like the parent method DB:connect() does. It should be documented that the protocol version can be set by adding an appropriate query string to the DSN URL. (It took me a long time to figure that out...) Thanks for fixing this soon!
 [2008-03-24 20:43 UTC] dufuz (Helgi Þormar Þorbjörnsson)
This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on by the end of next Sunday (CET). If this was a problem with the website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. Now people can pass the LDAP version via protocal in the dsn array if no protocal is specified then DB_ldap will try to use v3 first and fallback on v2 if setting v3 fails.