PHP :: Bug #33588 :: No RootDSE query possible
| Bug #33588 | No RootDSE query possible | ||||
|---|---|---|---|---|---|
| Submitted: | 2005-07-06 13:55 UTC | Modified: | 2005-07-09 02:49 UTC | ||
| From: | cajus at naasa dot net | Assigned: | sniper (profile) | ||
| Status: | Closed | Package: | LDAP related | ||
| PHP Version: | 5.0.4 | OS: | Debian GNU/Linux | ||
| Private report: | No | CVE-ID: | None | ||
[2005-07-06 13:55 UTC] cajus at naasa dot net
Description:
------------
I've found that searching the RootDSE does not work with
PHP, because the base is set to NULL when no base is
specified. This fact causes the LDAP library to look into
the systems ldap.conf to take the base from there - which
is probably not what we want.
The following patch fixes the problem:
--- php5-5.0.4/ext/ldap/ldap.c 2005-01-19
01:27:42.000000000 +0100
+++ php5-5.0.4/ext/ldap/ldap.c.fixed 2005-07-01
17:15:55.000000000 +0200
@@ -575,6 +575,7 @@
{
zval **link, **base_dn, **filter, **attrs, **attr,
**attrsonly, **sizelimit, **timelimit, **deref;
char *ldap_base_dn = NULL;
+ char *dummy_base_dn = "";
char *ldap_filter = NULL;
char **ldap_attrs = NULL;
ldap_linkdata *ld;
@@ -674,7 +675,7 @@
} else {
nbases = 0; /* this means string,
not array */
convert_to_string_ex(base_dn);
- ldap_base_dn =
Z_STRLEN_PP(base_dn) < 1 ? NULL : Z_STRVAL_PP(base_dn);
+ ldap_base_dn =
Z_STRLEN_PP(base_dn) < 1 ? dummy_base_dn :
Z_STRVAL_PP(base_dn);
}
if (Z_TYPE_PP(filter) == IS_ARRAY) {
@@ -713,7 +714,7 @@
zend_hash_get_current_data(Z_ARRVAL_PP(base_dn), (void
**)&entry);
zend_hash_move_forward(Z_ARRVAL_PP(base_dn));
convert_to_string_ex(entry);
- ldap_base_dn =
Z_STRLEN_PP(entry) < 1 ? NULL : Z_STRVAL_PP(entry);
+ ldap_base_dn =
Z_STRLEN_PP(entry) < 1 ? dummy_base_dn :
Z_STRVAL_PP(entry);
}
if (nfilters != 0) { /* filter an
array? */
zend_hash_get_current_data(Z_ARRVAL_PP(filter), (void
**)&entry);
@@ -756,7 +757,7 @@
/* fix to make null base_dn's work */
if (strlen(ldap_base_dn) < 1) {
- ldap_base_dn = NULL;
+ ldap_base_dn = dummy_base_dn;
}
ld = (ldap_linkdata *) zend_fetch_resource(link
TSRMLS_CC, -1, "ldap link", NULL, 1, le_link);
Reproduce code:
---------------
<?php
# ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
function get_naming_contexts($server, $admin, $password)
{
/* Build LDAP connection */
$ds= ldap_connect ($server);
if (!$ds) {
die ("Can't bind to LDAP. No check possible!");
}
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
$r= ldap_bind ($ds, $admin, $password);
/* Get base to look for naming contexts */
$sr = @ldap_read ($ds, "", "objectClass=*", array("namingContexts"));
$attr= @ldap_get_entries($ds,$sr);
print_r($attr);
}
get_naming_contexts("what.server.ever.org", "cn=admindn,dc=whatever,dc=org", "secret");
?>
Expected result:
----------------
Array
(
[count] => 1
[0] => Array
(
[namingcontexts] => Array
(
[count] => 2
[0] => dc=whatever,dc=org
[1] => dc=whatever,dc=shell
)
[0] => namingcontexts
[count] => 1
[dn] =>
)
)
Actual result:
--------------
Array
(
[count] => 1
[0] => Array
(
[count] => 0
[dn] => dc=whatever,dc=org
)
)
Patches
Pull Requests
History
AllCommentsChangesGit/SVN commits
[2005-07-09 02:47 UTC] sniper@php.net
[2005-07-09 02:49 UTC] sniper@php.net