1 /*
2 +----------------------------------------------------------------------+
3 | PHP Version 7 |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1997-2018 The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Amitay Isaacs <amitay@w-o-i.com> |
16 | Eric Warnke <ericw@albany.edu> |
17 | Rasmus Lerdorf <rasmus@php.net> |
18 | Gerrit Thomson <334647@swin.edu.au> |
19 | Jani Taskinen <sniper@iki.fi> |
20 | Stig Venaas <venaas@uninett.no> |
21 | Doug Goldstein <cardoe@cardoe.com> |
22 | PHP 4.0 updates: Zeev Suraski <zeev@zend.com> |
23 +----------------------------------------------------------------------+
24 */
25
26 /* $Id: 3839f871a91c293a52322c63329c68db23a0290a $ */
27 #define IS_EXT_MODULE
28
29 #ifdef HAVE_CONFIG_H
30 #include "config.h"
31 #endif
32
33 #include "php.h"
34 #include "php_ini.h"
35
36 #include <stddef.h>
37
38 #include "ext/standard/dl.h"
39 #include "php_ldap.h"
40
41 #ifdef PHP_WIN32
42 #include <string.h>
43 #include "config.w32.h"
44 #if HAVE_NSLDAP
45 #include <winsock2.h>
46 #endif
47 #define strdup _strdup
48 #undef WINDOWS
49 #undef strcasecmp
50 #undef strncasecmp
51 #define WINSOCK 1
52 #define __STDC__ 1
53 #endif
54
55 #include "ext/standard/php_string.h"
56 #include "ext/standard/info.h"
57
58 #ifdef HAVE_LDAP_SASL_H
59 #include <sasl.h>
60 #elif defined(HAVE_LDAP_SASL_SASL_H)
61 #include <sasl/sasl.h>
62 #endif
63
64 #define PHP_LDAP_ESCAPE_FILTER 0x01
65 #define PHP_LDAP_ESCAPE_DN 0x02
66
67 #if defined(LDAP_CONTROL_PAGEDRESULTS) && !defined(HAVE_LDAP_CONTROL_FIND)
ldap_control_find(const char * oid,LDAPControl ** ctrls,LDAPControl *** nextctrlp)68 LDAPControl *ldap_control_find( const char *oid, LDAPControl **ctrls, LDAPControl ***nextctrlp)
69 {
70 assert(nextctrlp == NULL);
71 return ldap_find_control(oid, ctrls);
72 }
73 #endif
74
75 #if !defined(LDAP_API_FEATURE_X_OPENLDAP)
ldap_memvfree(void ** v)76 void ldap_memvfree(void **v)
77 {
78 ldap_value_free((char **)v);
79 }
80 #endif
81
82 typedef struct {
83 LDAP *link;
84 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
85 zval rebindproc;
86 #endif
87 } ldap_linkdata;
88
89 typedef struct {
90 LDAPMessage *data;
91 BerElement *ber;
92 zval res;
93 } ldap_resultentry;
94
95 ZEND_DECLARE_MODULE_GLOBALS(ldap)
96 static PHP_GINIT_FUNCTION(ldap);
97
98 static int le_link, le_result, le_result_entry;
99
100 #ifdef COMPILE_DL_LDAP
ZEND_GET_MODULE(ldap)101 ZEND_GET_MODULE(ldap)
102 #endif
103
104 static void _close_ldap_link(zend_resource *rsrc) /* {{{ */
105 {
106 ldap_linkdata *ld = (ldap_linkdata *)rsrc->ptr;
107
108 ldap_unbind_ext(ld->link, NULL, NULL);
109 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
110 zval_ptr_dtor(&ld->rebindproc);
111 #endif
112
113 efree(ld);
114 LDAPG(num_links)--;
115 }
116 /* }}} */
117
_free_ldap_result(zend_resource * rsrc)118 static void _free_ldap_result(zend_resource *rsrc) /* {{{ */
119 {
120 LDAPMessage *result = (LDAPMessage *)rsrc->ptr;
121 ldap_msgfree(result);
122 }
123 /* }}} */
124
_free_ldap_result_entry(zend_resource * rsrc)125 static void _free_ldap_result_entry(zend_resource *rsrc) /* {{{ */
126 {
127 ldap_resultentry *entry = (ldap_resultentry *)rsrc->ptr;
128
129 if (entry->ber != NULL) {
130 ber_free(entry->ber, 0);
131 entry->ber = NULL;
132 }
133 zval_ptr_dtor(&entry->res);
134 efree(entry);
135 }
136 /* }}} */
137
138 /* {{{ PHP_INI_BEGIN
139 */
140 PHP_INI_BEGIN()
141 STD_PHP_INI_ENTRY_EX("ldap.max_links", "-1", PHP_INI_SYSTEM, OnUpdateLong, max_links, zend_ldap_globals, ldap_globals, display_link_numbers)
PHP_INI_END()142 PHP_INI_END()
143 /* }}} */
144
145 /* {{{ PHP_GINIT_FUNCTION
146 */
147 static PHP_GINIT_FUNCTION(ldap)
148 {
149 ldap_globals->num_links = 0;
150 }
151 /* }}} */
152
153 /* {{{ PHP_MINIT_FUNCTION
154 */
PHP_MINIT_FUNCTION(ldap)155 PHP_MINIT_FUNCTION(ldap)
156 {
157 REGISTER_INI_ENTRIES();
158
159 /* Constants to be used with deref-parameter in php_ldap_do_search() */
160 REGISTER_LONG_CONSTANT("LDAP_DEREF_NEVER", LDAP_DEREF_NEVER, CONST_PERSISTENT | CONST_CS);
161 REGISTER_LONG_CONSTANT("LDAP_DEREF_SEARCHING", LDAP_DEREF_SEARCHING, CONST_PERSISTENT | CONST_CS);
162 REGISTER_LONG_CONSTANT("LDAP_DEREF_FINDING", LDAP_DEREF_FINDING, CONST_PERSISTENT | CONST_CS);
163 REGISTER_LONG_CONSTANT("LDAP_DEREF_ALWAYS", LDAP_DEREF_ALWAYS, CONST_PERSISTENT | CONST_CS);
164
165 /* Constants to be used with ldap_modify_batch() */
166 REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_ADD", LDAP_MODIFY_BATCH_ADD, CONST_PERSISTENT | CONST_CS);
167 REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE", LDAP_MODIFY_BATCH_REMOVE, CONST_PERSISTENT | CONST_CS);
168 REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE_ALL", LDAP_MODIFY_BATCH_REMOVE_ALL, CONST_PERSISTENT | CONST_CS);
169 REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REPLACE", LDAP_MODIFY_BATCH_REPLACE, CONST_PERSISTENT | CONST_CS);
170 REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_ATTRIB", LDAP_MODIFY_BATCH_ATTRIB, CONST_PERSISTENT | CONST_CS);
171 REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_MODTYPE", LDAP_MODIFY_BATCH_MODTYPE, CONST_PERSISTENT | CONST_CS);
172 REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_VALUES", LDAP_MODIFY_BATCH_VALUES, CONST_PERSISTENT | CONST_CS);
173
174 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
175 /* LDAP options */
176 REGISTER_LONG_CONSTANT("LDAP_OPT_DEREF", LDAP_OPT_DEREF, CONST_PERSISTENT | CONST_CS);
177 REGISTER_LONG_CONSTANT("LDAP_OPT_SIZELIMIT", LDAP_OPT_SIZELIMIT, CONST_PERSISTENT | CONST_CS);
178 REGISTER_LONG_CONSTANT("LDAP_OPT_TIMELIMIT", LDAP_OPT_TIMELIMIT, CONST_PERSISTENT | CONST_CS);
179 #ifdef LDAP_OPT_NETWORK_TIMEOUT
180 REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_OPT_NETWORK_TIMEOUT, CONST_PERSISTENT | CONST_CS);
181 #elif defined (LDAP_X_OPT_CONNECT_TIMEOUT)
182 REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_X_OPT_CONNECT_TIMEOUT, CONST_PERSISTENT | CONST_CS);
183 #endif
184 #ifdef LDAP_OPT_TIMEOUT
185 REGISTER_LONG_CONSTANT("LDAP_OPT_TIMEOUT", LDAP_OPT_TIMEOUT, CONST_PERSISTENT | CONST_CS);
186 #endif
187 REGISTER_LONG_CONSTANT("LDAP_OPT_PROTOCOL_VERSION", LDAP_OPT_PROTOCOL_VERSION, CONST_PERSISTENT | CONST_CS);
188 REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_NUMBER", LDAP_OPT_ERROR_NUMBER, CONST_PERSISTENT | CONST_CS);
189 REGISTER_LONG_CONSTANT("LDAP_OPT_REFERRALS", LDAP_OPT_REFERRALS, CONST_PERSISTENT | CONST_CS);
190 #ifdef LDAP_OPT_RESTART
191 REGISTER_LONG_CONSTANT("LDAP_OPT_RESTART", LDAP_OPT_RESTART, CONST_PERSISTENT | CONST_CS);
192 #endif
193 #ifdef LDAP_OPT_HOST_NAME
194 REGISTER_LONG_CONSTANT("LDAP_OPT_HOST_NAME", LDAP_OPT_HOST_NAME, CONST_PERSISTENT | CONST_CS);
195 #endif
196 REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_STRING", LDAP_OPT_ERROR_STRING, CONST_PERSISTENT | CONST_CS);
197 #ifdef LDAP_OPT_MATCHED_DN
198 REGISTER_LONG_CONSTANT("LDAP_OPT_MATCHED_DN", LDAP_OPT_MATCHED_DN, CONST_PERSISTENT | CONST_CS);
199 #endif
200 REGISTER_LONG_CONSTANT("LDAP_OPT_SERVER_CONTROLS", LDAP_OPT_SERVER_CONTROLS, CONST_PERSISTENT | CONST_CS);
201 REGISTER_LONG_CONSTANT("LDAP_OPT_CLIENT_CONTROLS", LDAP_OPT_CLIENT_CONTROLS, CONST_PERSISTENT | CONST_CS);
202 #endif
203 #ifdef LDAP_OPT_DEBUG_LEVEL
204 REGISTER_LONG_CONSTANT("LDAP_OPT_DEBUG_LEVEL", LDAP_OPT_DEBUG_LEVEL, CONST_PERSISTENT | CONST_CS);
205 #endif
206
207 #ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
208 REGISTER_LONG_CONSTANT("LDAP_OPT_DIAGNOSTIC_MESSAGE", LDAP_OPT_DIAGNOSTIC_MESSAGE, CONST_PERSISTENT | CONST_CS);
209 #endif
210
211 #ifdef HAVE_LDAP_SASL
212 REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_MECH", LDAP_OPT_X_SASL_MECH, CONST_PERSISTENT | CONST_CS);
213 REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_REALM", LDAP_OPT_X_SASL_REALM, CONST_PERSISTENT | CONST_CS);
214 REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHCID", LDAP_OPT_X_SASL_AUTHCID, CONST_PERSISTENT | CONST_CS);
215 REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHZID", LDAP_OPT_X_SASL_AUTHZID, CONST_PERSISTENT | CONST_CS);
216 #endif
217 #ifdef LDAP_OPT_X_SASL_NOCANON
218 REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_NOCANON", LDAP_OPT_X_SASL_NOCANON, CONST_PERSISTENT | CONST_CS);
219 #endif
220 #ifdef LDAP_OPT_X_SASL_USERNAME
221 REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_USERNAME", LDAP_OPT_X_SASL_USERNAME, CONST_PERSISTENT | CONST_CS);
222 #endif
223
224 #ifdef ORALDAP
225 REGISTER_LONG_CONSTANT("GSLC_SSL_NO_AUTH", GSLC_SSL_NO_AUTH, CONST_PERSISTENT | CONST_CS);
226 REGISTER_LONG_CONSTANT("GSLC_SSL_ONEWAY_AUTH", GSLC_SSL_ONEWAY_AUTH, CONST_PERSISTENT | CONST_CS);
227 REGISTER_LONG_CONSTANT("GSLC_SSL_TWOWAY_AUTH", GSLC_SSL_TWOWAY_AUTH, CONST_PERSISTENT | CONST_CS);
228 #endif
229
230 #if (LDAP_API_VERSION > 2000)
231 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_REQUIRE_CERT", LDAP_OPT_X_TLS_REQUIRE_CERT, CONST_PERSISTENT | CONST_CS);
232
233 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_NEVER", LDAP_OPT_X_TLS_NEVER, CONST_PERSISTENT | CONST_CS);
234 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_HARD", LDAP_OPT_X_TLS_HARD, CONST_PERSISTENT | CONST_CS);
235 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_DEMAND", LDAP_OPT_X_TLS_DEMAND, CONST_PERSISTENT | CONST_CS);
236 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_ALLOW", LDAP_OPT_X_TLS_ALLOW, CONST_PERSISTENT | CONST_CS);
237 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_TRY", LDAP_OPT_X_TLS_TRY, CONST_PERSISTENT | CONST_CS);
238
239 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CACERTDIR", LDAP_OPT_X_TLS_CACERTDIR, CONST_PERSISTENT | CONST_CS);
240 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CACERTFILE", LDAP_OPT_X_TLS_CACERTFILE, CONST_PERSISTENT | CONST_CS);
241 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CERTFILE", LDAP_OPT_X_TLS_CERTFILE, CONST_PERSISTENT | CONST_CS);
242 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CIPHER_SUITE", LDAP_OPT_X_TLS_CIPHER_SUITE, CONST_PERSISTENT | CONST_CS);
243 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_KEYFILE", LDAP_OPT_X_TLS_KEYFILE, CONST_PERSISTENT | CONST_CS);
244 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_RANDOM_FILE", LDAP_OPT_X_TLS_RANDOM_FILE, CONST_PERSISTENT | CONST_CS);
245 #endif
246
247 #ifdef LDAP_OPT_X_TLS_CRLCHECK
248 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CRLCHECK", LDAP_OPT_X_TLS_CRLCHECK, CONST_PERSISTENT | CONST_CS);
249
250 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CRL_NONE", LDAP_OPT_X_TLS_CRL_NONE, CONST_PERSISTENT | CONST_CS);
251 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CRL_PEER", LDAP_OPT_X_TLS_CRL_PEER, CONST_PERSISTENT | CONST_CS);
252 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CRL_ALL", LDAP_OPT_X_TLS_CRL_ALL, CONST_PERSISTENT | CONST_CS);
253 #endif
254
255 #ifdef LDAP_OPT_X_TLS_DHFILE
256 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_DHFILE", LDAP_OPT_X_TLS_DHFILE, CONST_PERSISTENT | CONST_CS);
257 #endif
258
259 #ifdef LDAP_OPT_X_TLS_CRLFILE
260 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_CRLFILE", LDAP_OPT_X_TLS_CRLFILE, CONST_PERSISTENT | CONST_CS);
261 #endif
262
263 #ifdef LDAP_OPT_X_TLS_PROTOCOL_MIN
264 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_PROTOCOL_MIN", LDAP_OPT_X_TLS_PROTOCOL_MIN, CONST_PERSISTENT | CONST_CS);
265
266 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_PROTOCOL_SSL2", LDAP_OPT_X_TLS_PROTOCOL_SSL2, CONST_PERSISTENT | CONST_CS);
267 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_PROTOCOL_SSL3", LDAP_OPT_X_TLS_PROTOCOL_SSL3, CONST_PERSISTENT | CONST_CS);
268 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_PROTOCOL_TLS1_0", LDAP_OPT_X_TLS_PROTOCOL_TLS1_0, CONST_PERSISTENT | CONST_CS);
269 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_PROTOCOL_TLS1_1", LDAP_OPT_X_TLS_PROTOCOL_TLS1_1, CONST_PERSISTENT | CONST_CS);
270 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_PROTOCOL_TLS1_2", LDAP_OPT_X_TLS_PROTOCOL_TLS1_2, CONST_PERSISTENT | CONST_CS);
271 #endif
272
273 #ifdef LDAP_OPT_X_TLS_PACKAGE
274 REGISTER_LONG_CONSTANT("LDAP_OPT_X_TLS_PACKAGE", LDAP_OPT_X_TLS_PACKAGE, CONST_PERSISTENT | CONST_CS);
275 #endif
276
277 #ifdef LDAP_OPT_X_KEEPALIVE_IDLE
278 REGISTER_LONG_CONSTANT("LDAP_OPT_X_KEEPALIVE_IDLE", LDAP_OPT_X_KEEPALIVE_IDLE, CONST_PERSISTENT | CONST_CS);
279 REGISTER_LONG_CONSTANT("LDAP_OPT_X_KEEPALIVE_PROBES", LDAP_OPT_X_KEEPALIVE_PROBES, CONST_PERSISTENT | CONST_CS);
280 REGISTER_LONG_CONSTANT("LDAP_OPT_X_KEEPALIVE_INTERVAL", LDAP_OPT_X_KEEPALIVE_INTERVAL, CONST_PERSISTENT | CONST_CS);
281 #endif
282
283 REGISTER_LONG_CONSTANT("LDAP_ESCAPE_FILTER", PHP_LDAP_ESCAPE_FILTER, CONST_PERSISTENT | CONST_CS);
284 REGISTER_LONG_CONSTANT("LDAP_ESCAPE_DN", PHP_LDAP_ESCAPE_DN, CONST_PERSISTENT | CONST_CS);
285
286 #ifdef HAVE_LDAP_EXTENDED_OPERATION_S
287 REGISTER_STRING_CONSTANT("LDAP_EXOP_START_TLS", LDAP_EXOP_START_TLS, CONST_PERSISTENT | CONST_CS);
288 REGISTER_STRING_CONSTANT("LDAP_EXOP_MODIFY_PASSWD", LDAP_EXOP_MODIFY_PASSWD, CONST_PERSISTENT | CONST_CS);
289 REGISTER_STRING_CONSTANT("LDAP_EXOP_REFRESH", LDAP_EXOP_REFRESH, CONST_PERSISTENT | CONST_CS);
290 REGISTER_STRING_CONSTANT("LDAP_EXOP_WHO_AM_I", LDAP_EXOP_WHO_AM_I, CONST_PERSISTENT | CONST_CS);
291 REGISTER_STRING_CONSTANT("LDAP_EXOP_TURN", LDAP_EXOP_TURN, CONST_PERSISTENT | CONST_CS);
292 #endif
293
294 /* LDAP Controls */
295 /* standard track controls */
296 #ifdef LDAP_CONTROL_MANAGEDSAIT
297 /* RFC 3296 */
298 REGISTER_STRING_CONSTANT("LDAP_CONTROL_MANAGEDSAIT", LDAP_CONTROL_MANAGEDSAIT, CONST_PERSISTENT | CONST_CS);
299 #endif
300 #ifdef LDAP_CONTROL_PROXY_AUTHZ
301 /* RFC 4370 */
302 REGISTER_STRING_CONSTANT("LDAP_CONTROL_PROXY_AUTHZ", LDAP_CONTROL_PROXY_AUTHZ, CONST_PERSISTENT | CONST_CS);
303 #endif
304 #ifdef LDAP_CONTROL_SUBENTRIES
305 /* RFC 3672 */
306 REGISTER_STRING_CONSTANT("LDAP_CONTROL_SUBENTRIES", LDAP_CONTROL_SUBENTRIES, CONST_PERSISTENT | CONST_CS);
307 #endif
308 #ifdef LDAP_CONTROL_VALUESRETURNFILTER
309 /* RFC 3876 */
310 REGISTER_STRING_CONSTANT("LDAP_CONTROL_VALUESRETURNFILTER", LDAP_CONTROL_VALUESRETURNFILTER, CONST_PERSISTENT | CONST_CS);
311 #endif
312 #ifdef LDAP_CONTROL_ASSERT
313 /* RFC 4528 */
314 REGISTER_STRING_CONSTANT("LDAP_CONTROL_ASSERT", LDAP_CONTROL_ASSERT, CONST_PERSISTENT | CONST_CS);
315 /* RFC 4527 */
316 REGISTER_STRING_CONSTANT("LDAP_CONTROL_PRE_READ", LDAP_CONTROL_PRE_READ, CONST_PERSISTENT | CONST_CS);
317 REGISTER_STRING_CONSTANT("LDAP_CONTROL_POST_READ", LDAP_CONTROL_POST_READ, CONST_PERSISTENT | CONST_CS);
318 #endif
319 #ifdef LDAP_CONTROL_SORTREQUEST
320 /* RFC 2891 */
321 REGISTER_STRING_CONSTANT("LDAP_CONTROL_SORTREQUEST", LDAP_CONTROL_SORTREQUEST, CONST_PERSISTENT | CONST_CS);
322 REGISTER_STRING_CONSTANT("LDAP_CONTROL_SORTRESPONSE", LDAP_CONTROL_SORTRESPONSE, CONST_PERSISTENT | CONST_CS);
323 #endif
324 /* non-standard track controls */
325 #ifdef LDAP_CONTROL_PAGEDRESULTS
326 /* RFC 2696 */
327 REGISTER_STRING_CONSTANT("LDAP_CONTROL_PAGEDRESULTS", LDAP_CONTROL_PAGEDRESULTS, CONST_PERSISTENT | CONST_CS);
328 #endif
329 #ifdef LDAP_CONTROL_AUTHZID_REQUEST
330 /* RFC 3829 */
331 REGISTER_STRING_CONSTANT("LDAP_CONTROL_AUTHZID_REQUEST", LDAP_CONTROL_AUTHZID_REQUEST, CONST_PERSISTENT | CONST_CS);
332 REGISTER_STRING_CONSTANT("LDAP_CONTROL_AUTHZID_RESPONSE", LDAP_CONTROL_AUTHZID_RESPONSE, CONST_PERSISTENT | CONST_CS);
333 #endif
334 #ifdef LDAP_CONTROL_SYNC
335 /* LDAP Content Synchronization Operation -- RFC 4533 */
336 REGISTER_STRING_CONSTANT("LDAP_CONTROL_SYNC", LDAP_CONTROL_SYNC, CONST_PERSISTENT | CONST_CS);
337 REGISTER_STRING_CONSTANT("LDAP_CONTROL_SYNC_STATE", LDAP_CONTROL_SYNC_STATE, CONST_PERSISTENT | CONST_CS);
338 REGISTER_STRING_CONSTANT("LDAP_CONTROL_SYNC_DONE", LDAP_CONTROL_SYNC_DONE, CONST_PERSISTENT | CONST_CS);
339 #endif
340 #ifdef LDAP_CONTROL_DONTUSECOPY
341 /* LDAP Don't Use Copy Control (RFC 6171) */
342 REGISTER_STRING_CONSTANT("LDAP_CONTROL_DONTUSECOPY", LDAP_CONTROL_DONTUSECOPY, CONST_PERSISTENT | CONST_CS);
343 #endif
344 #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
345 /* Password policy Controls */
346 REGISTER_STRING_CONSTANT("LDAP_CONTROL_PASSWORDPOLICYREQUEST", LDAP_CONTROL_PASSWORDPOLICYREQUEST, CONST_PERSISTENT | CONST_CS);
347 REGISTER_STRING_CONSTANT("LDAP_CONTROL_PASSWORDPOLICYRESPONSE", LDAP_CONTROL_PASSWORDPOLICYRESPONSE, CONST_PERSISTENT | CONST_CS);
348 #endif
349 #ifdef LDAP_CONTROL_X_INCREMENTAL_VALUES
350 /* MS Active Directory controls */
351 REGISTER_STRING_CONSTANT("LDAP_CONTROL_X_INCREMENTAL_VALUES", LDAP_CONTROL_X_INCREMENTAL_VALUES, CONST_PERSISTENT | CONST_CS);
352 REGISTER_STRING_CONSTANT("LDAP_CONTROL_X_DOMAIN_SCOPE", LDAP_CONTROL_X_DOMAIN_SCOPE, CONST_PERSISTENT | CONST_CS);
353 REGISTER_STRING_CONSTANT("LDAP_CONTROL_X_PERMISSIVE_MODIFY", LDAP_CONTROL_X_PERMISSIVE_MODIFY, CONST_PERSISTENT | CONST_CS);
354 REGISTER_STRING_CONSTANT("LDAP_CONTROL_X_SEARCH_OPTIONS", LDAP_CONTROL_X_SEARCH_OPTIONS, CONST_PERSISTENT | CONST_CS);
355 REGISTER_STRING_CONSTANT("LDAP_CONTROL_X_TREE_DELETE", LDAP_CONTROL_X_TREE_DELETE, CONST_PERSISTENT | CONST_CS);
356 REGISTER_STRING_CONSTANT("LDAP_CONTROL_X_EXTENDED_DN", LDAP_CONTROL_X_EXTENDED_DN, CONST_PERSISTENT | CONST_CS);
357 #endif
358 #ifdef LDAP_CONTROL_X_INCREMENTAL_VALUES
359 /* LDAP VLV */
360 REGISTER_STRING_CONSTANT("LDAP_CONTROL_VLVREQUEST", LDAP_CONTROL_VLVREQUEST, CONST_PERSISTENT | CONST_CS);
361 REGISTER_STRING_CONSTANT("LDAP_CONTROL_VLVRESPONSE", LDAP_CONTROL_VLVRESPONSE, CONST_PERSISTENT | CONST_CS);
362 #endif
363
364 le_link = zend_register_list_destructors_ex(_close_ldap_link, NULL, "ldap link", module_number);
365 le_result = zend_register_list_destructors_ex(_free_ldap_result, NULL, "ldap result", module_number);
366 le_result_entry = zend_register_list_destructors_ex(_free_ldap_result_entry, NULL, "ldap result entry", module_number);
367
368 ldap_module_entry.type = type;
369
370 return SUCCESS;
371 }
372 /* }}} */
373
374 /* {{{ PHP_MSHUTDOWN_FUNCTION
375 */
PHP_MSHUTDOWN_FUNCTION(ldap)376 PHP_MSHUTDOWN_FUNCTION(ldap)
377 {
378 UNREGISTER_INI_ENTRIES();
379 return SUCCESS;
380 }
381 /* }}} */
382
383 /* {{{ PHP_MINFO_FUNCTION
384 */
PHP_MINFO_FUNCTION(ldap)385 PHP_MINFO_FUNCTION(ldap)
386 {
387 char tmp[32];
388 #if HAVE_NSLDAP
389 LDAPVersion ver;
390 double SDKVersion;
391 #endif
392
393 php_info_print_table_start();
394 php_info_print_table_row(2, "LDAP Support", "enabled");
395 php_info_print_table_row(2, "RCS Version", "$Id: 3839f871a91c293a52322c63329c68db23a0290a $");
396
397 if (LDAPG(max_links) == -1) {
398 snprintf(tmp, 31, ZEND_LONG_FMT "/unlimited", LDAPG(num_links));
399 } else {
400 snprintf(tmp, 31, ZEND_LONG_FMT "/" ZEND_LONG_FMT, LDAPG(num_links), LDAPG(max_links));
401 }
402 php_info_print_table_row(2, "Total Links", tmp);
403
404 #ifdef LDAP_API_VERSION
405 snprintf(tmp, 31, "%d", LDAP_API_VERSION);
406 php_info_print_table_row(2, "API Version", tmp);
407 #endif
408
409 #ifdef LDAP_VENDOR_NAME
410 php_info_print_table_row(2, "Vendor Name", LDAP_VENDOR_NAME);
411 #endif
412
413 #ifdef LDAP_VENDOR_VERSION
414 snprintf(tmp, 31, "%d", LDAP_VENDOR_VERSION);
415 php_info_print_table_row(2, "Vendor Version", tmp);
416 #endif
417
418 #if HAVE_NSLDAP
419 SDKVersion = ldap_version(&ver);
420 snprintf(tmp, 31, "%F", SDKVersion/100.0);
421 php_info_print_table_row(2, "SDK Version", tmp);
422
423 snprintf(tmp, 31, "%F", ver.protocol_version/100.0);
424 php_info_print_table_row(2, "Highest LDAP Protocol Supported", tmp);
425
426 snprintf(tmp, 31, "%F", ver.SSL_version/100.0);
427 php_info_print_table_row(2, "SSL Level Supported", tmp);
428
429 if (ver.security_level != LDAP_SECURITY_NONE) {
430 snprintf(tmp, 31, "%d", ver.security_level);
431 } else {
432 strcpy(tmp, "SSL not enabled");
433 }
434 php_info_print_table_row(2, "Level of Encryption", tmp);
435 #endif
436
437 #ifdef HAVE_LDAP_SASL
438 php_info_print_table_row(2, "SASL Support", "Enabled");
439 #endif
440
441 php_info_print_table_end();
442 DISPLAY_INI_ENTRIES();
443 }
444 /* }}} */
445
446 /* {{{ proto resource ldap_connect([string host [, int port [, string wallet [, string wallet_passwd [, int authmode]]]]])
447 Connect to an LDAP server */
PHP_FUNCTION(ldap_connect)448 PHP_FUNCTION(ldap_connect)
449 {
450 char *host = NULL;
451 size_t hostlen = 0;
452 zend_long port = LDAP_PORT;
453 #ifdef HAVE_ORALDAP
454 char *wallet = NULL, *walletpasswd = NULL;
455 size_t walletlen = 0, walletpasswdlen = 0;
456 zend_long authmode = GSLC_SSL_NO_AUTH;
457 int ssl=0;
458 #endif
459 ldap_linkdata *ld;
460 LDAP *ldap = NULL;
461
462 #ifdef HAVE_ORALDAP
463 if (ZEND_NUM_ARGS() == 3 || ZEND_NUM_ARGS() == 4) {
464 WRONG_PARAM_COUNT;
465 }
466
467 if (zend_parse_parameters(ZEND_NUM_ARGS(), "|slssl", &host, &hostlen, &port, &wallet, &walletlen, &walletpasswd, &walletpasswdlen, &authmode) != SUCCESS) {
468 RETURN_FALSE;
469 }
470
471 if (ZEND_NUM_ARGS() == 5) {
472 ssl = 1;
473 }
474 #else
475 if (zend_parse_parameters(ZEND_NUM_ARGS(), "|sl", &host, &hostlen, &port) != SUCCESS) {
476 RETURN_FALSE;
477 }
478 #endif
479
480 if (LDAPG(max_links) != -1 && LDAPG(num_links) >= LDAPG(max_links)) {
481 php_error_docref(NULL, E_WARNING, "Too many open links (" ZEND_LONG_FMT ")", LDAPG(num_links));
482 RETURN_FALSE;
483 }
484
485 ld = ecalloc(1, sizeof(ldap_linkdata));
486
487 {
488 int rc = LDAP_SUCCESS;
489 char *url = host;
490 if (url && !ldap_is_ldap_url(url)) {
491 int urllen = hostlen + sizeof( "ldap://:65535" );
492
493 if (port <= 0 || port > 65535) {
494 efree(ld);
495 php_error_docref(NULL, E_WARNING, "invalid port number: " ZEND_LONG_FMT, port);
496 RETURN_FALSE;
497 }
498
499 url = emalloc(urllen);
500 snprintf( url, urllen, "ldap://%s:" ZEND_LONG_FMT, host, port );
501 }
502
503 #ifdef LDAP_API_FEATURE_X_OPENLDAP
504 /* ldap_init() is deprecated, use ldap_initialize() instead.
505 */
506 rc = ldap_initialize(&ldap, url);
507 #else /* ! LDAP_API_FEATURE_X_OPENLDAP */
508 /* ldap_init does not support URLs.
509 * We must try the original host and port information.
510 */
511 ldap = ldap_init(host, port);
512 if (ldap == NULL) {
513 efree(ld);
514 php_error_docref(NULL, E_WARNING, "Could not create session handle");
515 RETURN_FALSE;
516 }
517 #endif /* ! LDAP_API_FEATURE_X_OPENLDAP */
518 if (url != host) {
519 efree(url);
520 }
521 if (rc != LDAP_SUCCESS) {
522 efree(ld);
523 php_error_docref(NULL, E_WARNING, "Could not create session handle: %s", ldap_err2string(rc));
524 RETURN_FALSE;
525 }
526 }
527
528 if (ldap == NULL) {
529 efree(ld);
530 RETURN_FALSE;
531 } else {
532 #ifdef HAVE_ORALDAP
533 if (ssl) {
534 if (ldap_init_SSL(&ldap->ld_sb, wallet, walletpasswd, authmode)) {
535 efree(ld);
536 php_error_docref(NULL, E_WARNING, "SSL init failed");
537 RETURN_FALSE;
538 }
539 }
540 #endif
541 LDAPG(num_links)++;
542 ld->link = ldap;
543 RETURN_RES(zend_register_resource(ld, le_link));
544 }
545
546 }
547 /* }}} */
548
549 /* {{{ _get_lderrno
550 */
_get_lderrno(LDAP * ldap)551 static int _get_lderrno(LDAP *ldap)
552 {
553 #if !HAVE_NSLDAP
554 #if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
555 int lderr;
556
557 /* New versions of OpenLDAP do it this way */
558 ldap_get_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
559 return lderr;
560 #else
561 return ldap->ld_errno;
562 #endif
563 #else
564 return ldap_get_lderrno(ldap, NULL, NULL);
565 #endif
566 }
567 /* }}} */
568
569 /* {{{ _set_lderrno
570 */
_set_lderrno(LDAP * ldap,int lderr)571 static void _set_lderrno(LDAP *ldap, int lderr)
572 {
573 #if !HAVE_NSLDAP
574 #if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
575 /* New versions of OpenLDAP do it this way */
576 ldap_set_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
577 #else
578 ldap->ld_errno = lderr;
579 #endif
580 #else
581 ldap_set_lderrno(ldap, lderr, NULL, NULL);
582 #endif
583 }
584 /* }}} */
585
586 /* {{{ proto bool ldap_bind(resource link [, string dn [, string password]])
587 Bind to LDAP directory */
PHP_FUNCTION(ldap_bind)588 PHP_FUNCTION(ldap_bind)
589 {
590 zval *link;
591 char *ldap_bind_dn = NULL, *ldap_bind_pw = NULL;
592 size_t ldap_bind_dnlen, ldap_bind_pwlen;
593 ldap_linkdata *ld;
594 int rc;
595
596 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r|ss", &link, &ldap_bind_dn, &ldap_bind_dnlen, &ldap_bind_pw, &ldap_bind_pwlen) != SUCCESS) {
597 RETURN_FALSE;
598 }
599
600 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
601 RETURN_FALSE;
602 }
603
604 if (ldap_bind_dn != NULL && memchr(ldap_bind_dn, '\0', ldap_bind_dnlen) != NULL) {
605 _set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
606 php_error_docref(NULL, E_WARNING, "DN contains a null byte");
607 RETURN_FALSE;
608 }
609
610 if (ldap_bind_pw != NULL && memchr(ldap_bind_pw, '\0', ldap_bind_pwlen) != NULL) {
611 _set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
612 php_error_docref(NULL, E_WARNING, "Password contains a null byte");
613 RETURN_FALSE;
614 }
615
616 {
617 #ifdef LDAP_API_FEATURE_X_OPENLDAP
618 /* ldap_simple_bind_s() is deprecated, use ldap_sasl_bind_s() instead.
619 */
620 struct berval cred;
621
622 cred.bv_val = ldap_bind_pw;
623 cred.bv_len = ldap_bind_pw ? ldap_bind_pwlen : 0;
624 rc = ldap_sasl_bind_s(ld->link, ldap_bind_dn, LDAP_SASL_SIMPLE, &cred,
625 NULL, NULL, /* no controls right now */
626 NULL); /* we don't care about the server's credentials */
627 #else /* ! LDAP_API_FEATURE_X_OPENLDAP */
628 rc = ldap_simple_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw);
629 #endif /* ! LDAP_API_FEATURE_X_OPENLDAP */
630 }
631 if ( rc != LDAP_SUCCESS) {
632 php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
633 RETURN_FALSE;
634 } else {
635 RETURN_TRUE;
636 }
637 }
638 /* }}} */
639
640 #ifdef HAVE_LDAP_SASL
641 typedef struct {
642 char *mech;
643 char *realm;
644 char *authcid;
645 char *passwd;
646 char *authzid;
647 } php_ldap_bictx;
648
649 /* {{{ _php_sasl_setdefs
650 */
_php_sasl_setdefs(LDAP * ld,char * sasl_mech,char * sasl_realm,char * sasl_authc_id,char * passwd,char * sasl_authz_id)651 static php_ldap_bictx *_php_sasl_setdefs(LDAP *ld, char *sasl_mech, char *sasl_realm, char *sasl_authc_id, char *passwd, char *sasl_authz_id)
652 {
653 php_ldap_bictx *ctx;
654
655 ctx = ber_memalloc(sizeof(php_ldap_bictx));
656 ctx->mech = (sasl_mech) ? ber_strdup(sasl_mech) : NULL;
657 ctx->realm = (sasl_realm) ? ber_strdup(sasl_realm) : NULL;
658 ctx->authcid = (sasl_authc_id) ? ber_strdup(sasl_authc_id) : NULL;
659 ctx->passwd = (passwd) ? ber_strdup(passwd) : NULL;
660 ctx->authzid = (sasl_authz_id) ? ber_strdup(sasl_authz_id) : NULL;
661
662 if (ctx->mech == NULL) {
663 ldap_get_option(ld, LDAP_OPT_X_SASL_MECH, &ctx->mech);
664 }
665 if (ctx->realm == NULL) {
666 ldap_get_option(ld, LDAP_OPT_X_SASL_REALM, &ctx->realm);
667 }
668 if (ctx->authcid == NULL) {
669 ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHCID, &ctx->authcid);
670 }
671 if (ctx->authzid == NULL) {
672 ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHZID, &ctx->authzid);
673 }
674
675 return ctx;
676 }
677 /* }}} */
678
679 /* {{{ _php_sasl_freedefs
680 */
_php_sasl_freedefs(php_ldap_bictx * ctx)681 static void _php_sasl_freedefs(php_ldap_bictx *ctx)
682 {
683 if (ctx->mech) ber_memfree(ctx->mech);
684 if (ctx->realm) ber_memfree(ctx->realm);
685 if (ctx->authcid) ber_memfree(ctx->authcid);
686 if (ctx->passwd) ber_memfree(ctx->passwd);
687 if (ctx->authzid) ber_memfree(ctx->authzid);
688 ber_memfree(ctx);
689 }
690 /* }}} */
691
692 /* {{{ _php_sasl_interact
693 Internal interact function for SASL */
_php_sasl_interact(LDAP * ld,unsigned flags,void * defaults,void * in)694 static int _php_sasl_interact(LDAP *ld, unsigned flags, void *defaults, void *in)
695 {
696 sasl_interact_t *interact = in;
697 const char *p;
698 php_ldap_bictx *ctx = defaults;
699
700 for (;interact->id != SASL_CB_LIST_END;interact++) {
701 p = NULL;
702 switch(interact->id) {
703 case SASL_CB_GETREALM:
704 p = ctx->realm;
705 break;
706 case SASL_CB_AUTHNAME:
707 p = ctx->authcid;
708 break;
709 case SASL_CB_USER:
710 p = ctx->authzid;
711 break;
712 case SASL_CB_PASS:
713 p = ctx->passwd;
714 break;
715 }
716 if (p) {
717 interact->result = p;
718 interact->len = strlen(interact->result);
719 }
720 }
721 return LDAP_SUCCESS;
722 }
723 /* }}} */
724
725 /* {{{ proto bool ldap_sasl_bind(resource link [, string binddn [, string password [, string sasl_mech [, string sasl_realm [, string sasl_authc_id [, string sasl_authz_id [, string props]]]]]]])
726 Bind to LDAP directory using SASL */
PHP_FUNCTION(ldap_sasl_bind)727 PHP_FUNCTION(ldap_sasl_bind)
728 {
729 zval *link;
730 ldap_linkdata *ld;
731 char *binddn = NULL;
732 char *passwd = NULL;
733 char *sasl_mech = NULL;
734 char *sasl_realm = NULL;
735 char *sasl_authz_id = NULL;
736 char *sasl_authc_id = NULL;
737 char *props = NULL;
738 size_t rc, dn_len, passwd_len, mech_len, realm_len, authc_id_len, authz_id_len, props_len;
739 php_ldap_bictx *ctx;
740
741 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r|sssssss", &link, &binddn, &dn_len, &passwd, &passwd_len, &sasl_mech, &mech_len, &sasl_realm, &realm_len, &sasl_authc_id, &authc_id_len, &sasl_authz_id, &authz_id_len, &props, &props_len) != SUCCESS) {
742 RETURN_FALSE;
743 }
744
745 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
746 RETURN_FALSE;
747 }
748
749 ctx = _php_sasl_setdefs(ld->link, sasl_mech, sasl_realm, sasl_authc_id, passwd, sasl_authz_id);
750
751 if (props) {
752 ldap_set_option(ld->link, LDAP_OPT_X_SASL_SECPROPS, props);
753 }
754
755 rc = ldap_sasl_interactive_bind_s(ld->link, binddn, ctx->mech, NULL, NULL, LDAP_SASL_QUIET, _php_sasl_interact, ctx);
756 if (rc != LDAP_SUCCESS) {
757 php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
758 RETVAL_FALSE;
759 } else {
760 RETVAL_TRUE;
761 }
762 _php_sasl_freedefs(ctx);
763 }
764 /* }}} */
765 #endif /* HAVE_LDAP_SASL */
766
767 /* {{{ proto bool ldap_unbind(resource link)
768 Unbind from LDAP directory */
PHP_FUNCTION(ldap_unbind)769 PHP_FUNCTION(ldap_unbind)
770 {
771 zval *link;
772 ldap_linkdata *ld;
773
774 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
775 RETURN_FALSE;
776 }
777
778 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
779 RETURN_FALSE;
780 }
781
782 zend_list_close(Z_RES_P(link));
783 RETURN_TRUE;
784 }
785 /* }}} */
786
787 /* {{{ php_set_opts
788 */
php_set_opts(LDAP * ldap,int sizelimit,int timelimit,int deref,int * old_sizelimit,int * old_timelimit,int * old_deref)789 static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, int *old_sizelimit, int *old_timelimit, int *old_deref)
790 {
791 /* sizelimit */
792 if (sizelimit > -1) {
793 #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
794 ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_sizelimit);
795 ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, &sizelimit);
796 #else
797 *old_sizelimit = ldap->ld_sizelimit;
798 ldap->ld_sizelimit = sizelimit;
799 #endif
800 }
801
802 /* timelimit */
803 if (timelimit > -1) {
804 #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
805 ldap_get_option(ldap, LDAP_OPT_TIMELIMIT, old_timelimit);
806 ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit);
807 #else
808 *old_timelimit = ldap->ld_timelimit;
809 ldap->ld_timelimit = timelimit;
810 #endif
811 }
812
813 /* deref */
814 if (deref > -1) {
815 #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
816 ldap_get_option(ldap, LDAP_OPT_DEREF, old_deref);
817 ldap_set_option(ldap, LDAP_OPT_DEREF, &deref);
818 #else
819 *old_deref = ldap->ld_deref;
820 ldap->ld_deref = deref;
821 #endif
822 }
823 }
824 /* }}} */
825
826 /* {{{ php_ldap_do_search
827 */
php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS,int scope)828 static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
829 {
830 zval *link, *base_dn, *filter, *attrs = NULL, *attr;
831 zend_long attrsonly, sizelimit, timelimit, deref;
832 char *ldap_base_dn = NULL, *ldap_filter = NULL, **ldap_attrs = NULL;
833 ldap_linkdata *ld = NULL;
834 LDAPMessage *ldap_res;
835 int ldap_attrsonly = 0, ldap_sizelimit = -1, ldap_timelimit = -1, ldap_deref = -1;
836 int old_ldap_sizelimit = -1, old_ldap_timelimit = -1, old_ldap_deref = -1;
837 int num_attribs = 0, ret = 1, i, errno, argcount = ZEND_NUM_ARGS();
838
839 if (zend_parse_parameters(argcount, "zzz|allll", &link, &base_dn, &filter, &attrs, &attrsonly,
840 &sizelimit, &timelimit, &deref) == FAILURE) {
841 return;
842 }
843
844 /* Reverse -> fall through */
845 switch (argcount) {
846 case 8:
847 ldap_deref = deref;
848 case 7:
849 ldap_timelimit = timelimit;
850 case 6:
851 ldap_sizelimit = sizelimit;
852 case 5:
853 ldap_attrsonly = attrsonly;
854 case 4:
855 num_attribs = zend_hash_num_elements(Z_ARRVAL_P(attrs));
856 ldap_attrs = safe_emalloc((num_attribs+1), sizeof(char *), 0);
857
858 for (i = 0; i<num_attribs; i++) {
859 if ((attr = zend_hash_index_find(Z_ARRVAL_P(attrs), i)) == NULL) {
860 php_error_docref(NULL, E_WARNING, "Array initialization wrong");
861 ret = 0;
862 goto cleanup;
863 }
864
865 convert_to_string_ex(attr);
866 ldap_attrs[i] = Z_STRVAL_P(attr);
867 }
868 ldap_attrs[num_attribs] = NULL;
869 default:
870 break;
871 }
872
873 /* parallel search? */
874 if (Z_TYPE_P(link) == IS_ARRAY) {
875 int i, nlinks, nbases, nfilters, *rcs;
876 ldap_linkdata **lds;
877 zval *entry, resource;
878
879 nlinks = zend_hash_num_elements(Z_ARRVAL_P(link));
880 if (nlinks == 0) {
881 php_error_docref(NULL, E_WARNING, "No links in link array");
882 ret = 0;
883 goto cleanup;
884 }
885
886 if (Z_TYPE_P(base_dn) == IS_ARRAY) {
887 nbases = zend_hash_num_elements(Z_ARRVAL_P(base_dn));
888 if (nbases != nlinks) {
889 php_error_docref(NULL, E_WARNING, "Base must either be a string, or an array with the same number of elements as the links array");
890 ret = 0;
891 goto cleanup;
892 }
893 zend_hash_internal_pointer_reset(Z_ARRVAL_P(base_dn));
894 } else {
895 nbases = 0; /* this means string, not array */
896 /* If anything else than string is passed, ldap_base_dn = NULL */
897 if (Z_TYPE_P(base_dn) == IS_STRING) {
898 ldap_base_dn = Z_STRVAL_P(base_dn);
899 } else {
900 ldap_base_dn = NULL;
901 }
902 }
903
904 if (Z_TYPE_P(filter) == IS_ARRAY) {
905 nfilters = zend_hash_num_elements(Z_ARRVAL_P(filter));
906 if (nfilters != nlinks) {
907 php_error_docref(NULL, E_WARNING, "Filter must either be a string, or an array with the same number of elements as the links array");
908 ret = 0;
909 goto cleanup;
910 }
911 zend_hash_internal_pointer_reset(Z_ARRVAL_P(filter));
912 } else {
913 nfilters = 0; /* this means string, not array */
914 convert_to_string_ex(filter);
915 ldap_filter = Z_STRVAL_P(filter);
916 }
917
918 lds = safe_emalloc(nlinks, sizeof(ldap_linkdata), 0);
919 rcs = safe_emalloc(nlinks, sizeof(*rcs), 0);
920
921 zend_hash_internal_pointer_reset(Z_ARRVAL_P(link));
922 for (i=0; i<nlinks; i++) {
923 entry = zend_hash_get_current_data(Z_ARRVAL_P(link));
924
925 ld = (ldap_linkdata *) zend_fetch_resource_ex(entry, "ldap link", le_link);
926 if (ld == NULL) {
927 ret = 0;
928 goto cleanup_parallel;
929 }
930 if (nbases != 0) { /* base_dn an array? */
931 entry = zend_hash_get_current_data(Z_ARRVAL_P(base_dn));
932 zend_hash_move_forward(Z_ARRVAL_P(base_dn));
933
934 /* If anything else than string is passed, ldap_base_dn = NULL */
935 if (Z_TYPE_P(entry) == IS_STRING) {
936 ldap_base_dn = Z_STRVAL_P(entry);
937 } else {
938 ldap_base_dn = NULL;
939 }
940 }
941 if (nfilters != 0) { /* filter an array? */
942 entry = zend_hash_get_current_data(Z_ARRVAL_P(filter));
943 zend_hash_move_forward(Z_ARRVAL_P(filter));
944 convert_to_string_ex(entry);
945 ldap_filter = Z_STRVAL_P(entry);
946 }
947
948 php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
949
950 /* Run the actual search */
951 ldap_search_ext(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly, NULL, NULL, NULL, ldap_sizelimit, &rcs[i]);
952 lds[i] = ld;
953 zend_hash_move_forward(Z_ARRVAL_P(link));
954 }
955
956 array_init(return_value);
957
958 /* Collect results from the searches */
959 for (i=0; i<nlinks; i++) {
960 if (rcs[i] != -1) {
961 rcs[i] = ldap_result(lds[i]->link, LDAP_RES_ANY, 1 /* LDAP_MSG_ALL */, NULL, &ldap_res);
962 }
963 if (rcs[i] != -1) {
964 ZVAL_RES(&resource, zend_register_resource(ldap_res, le_result));
965 add_next_index_zval(return_value, &resource);
966 } else {
967 add_next_index_bool(return_value, 0);
968 }
969 }
970
971 cleanup_parallel:
972 efree(lds);
973 efree(rcs);
974 } else {
975 convert_to_string_ex(filter);
976 ldap_filter = Z_STRVAL_P(filter);
977
978 /* If anything else than string is passed, ldap_base_dn = NULL */
979 if (Z_TYPE_P(base_dn) == IS_STRING) {
980 ldap_base_dn = Z_STRVAL_P(base_dn);
981 }
982
983 ld = (ldap_linkdata *) zend_fetch_resource_ex(link, "ldap link", le_link);
984 if (ld == NULL) {
985 ret = 0;
986 goto cleanup;
987 }
988
989 php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
990
991 /* Run the actual search */
992 errno = ldap_search_ext_s(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly, NULL, NULL, NULL, ldap_sizelimit, &ldap_res);
993
994 if (errno != LDAP_SUCCESS
995 && errno != LDAP_SIZELIMIT_EXCEEDED
996 #ifdef LDAP_ADMINLIMIT_EXCEEDED
997 && errno != LDAP_ADMINLIMIT_EXCEEDED
998 #endif
999 #ifdef LDAP_REFERRAL
1000 && errno != LDAP_REFERRAL
1001 #endif
1002 ) {
1003 php_error_docref(NULL, E_WARNING, "Search: %s", ldap_err2string(errno));
1004 ret = 0;
1005 } else {
1006 if (errno == LDAP_SIZELIMIT_EXCEEDED) {
1007 php_error_docref(NULL, E_WARNING, "Partial search results returned: Sizelimit exceeded");
1008 }
1009 #ifdef LDAP_ADMINLIMIT_EXCEEDED
1010 else if (errno == LDAP_ADMINLIMIT_EXCEEDED) {
1011 php_error_docref(NULL, E_WARNING, "Partial search results returned: Adminlimit exceeded");
1012 }
1013 #endif
1014
1015 RETVAL_RES(zend_register_resource(ldap_res, le_result));
1016 }
1017 }
1018
1019 cleanup:
1020 if (ld) {
1021 /* Restoring previous options */
1022 php_set_opts(ld->link, old_ldap_sizelimit, old_ldap_timelimit, old_ldap_deref, &ldap_sizelimit, &ldap_timelimit, &ldap_deref);
1023 }
1024 if (ldap_attrs != NULL) {
1025 efree(ldap_attrs);
1026 }
1027 if (!ret) {
1028 RETVAL_BOOL(ret);
1029 }
1030 }
1031 /* }}} */
1032
1033 /* {{{ proto resource ldap_read(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
1034 Read an entry */
PHP_FUNCTION(ldap_read)1035 PHP_FUNCTION(ldap_read)
1036 {
1037 php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_BASE);
1038 }
1039 /* }}} */
1040
1041 /* {{{ proto resource ldap_list(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
1042 Single-level search */
PHP_FUNCTION(ldap_list)1043 PHP_FUNCTION(ldap_list)
1044 {
1045 php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_ONELEVEL);
1046 }
1047 /* }}} */
1048
1049 /* {{{ proto resource ldap_search(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
1050 Search LDAP tree under base_dn */
PHP_FUNCTION(ldap_search)1051 PHP_FUNCTION(ldap_search)
1052 {
1053 php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_SUBTREE);
1054 }
1055 /* }}} */
1056
1057 /* {{{ proto bool ldap_free_result(resource result)
1058 Free result memory */
PHP_FUNCTION(ldap_free_result)1059 PHP_FUNCTION(ldap_free_result)
1060 {
1061 zval *result;
1062 LDAPMessage *ldap_result;
1063
1064 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &result) != SUCCESS) {
1065 return;
1066 }
1067
1068 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
1069 RETURN_FALSE;
1070 }
1071
1072 zend_list_close(Z_RES_P(result)); /* Delete list entry */
1073 RETVAL_TRUE;
1074 }
1075 /* }}} */
1076
1077 /* {{{ proto int ldap_count_entries(resource link, resource result)
1078 Count the number of entries in a search result */
PHP_FUNCTION(ldap_count_entries)1079 PHP_FUNCTION(ldap_count_entries)
1080 {
1081 zval *link, *result;
1082 ldap_linkdata *ld;
1083 LDAPMessage *ldap_result;
1084
1085 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
1086 return;
1087 }
1088
1089 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1090 RETURN_FALSE;
1091 }
1092
1093 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
1094 RETURN_FALSE;
1095 }
1096
1097 RETURN_LONG(ldap_count_entries(ld->link, ldap_result));
1098 }
1099 /* }}} */
1100
1101 /* {{{ proto resource ldap_first_entry(resource link, resource result)
1102 Return first result id */
PHP_FUNCTION(ldap_first_entry)1103 PHP_FUNCTION(ldap_first_entry)
1104 {
1105 zval *link, *result;
1106 ldap_linkdata *ld;
1107 ldap_resultentry *resultentry;
1108 LDAPMessage *ldap_result, *entry;
1109
1110 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
1111 return;
1112 }
1113
1114 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1115 RETURN_FALSE;
1116 }
1117
1118 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
1119 RETURN_FALSE;
1120 }
1121
1122 if ((entry = ldap_first_entry(ld->link, ldap_result)) == NULL) {
1123 RETVAL_FALSE;
1124 } else {
1125 resultentry = emalloc(sizeof(ldap_resultentry));
1126 RETVAL_RES(zend_register_resource(resultentry, le_result_entry));
1127 ZVAL_COPY(&resultentry->res, result);
1128 resultentry->data = entry;
1129 resultentry->ber = NULL;
1130 }
1131 }
1132 /* }}} */
1133
1134 /* {{{ proto resource ldap_next_entry(resource link, resource result_entry)
1135 Get next result entry */
PHP_FUNCTION(ldap_next_entry)1136 PHP_FUNCTION(ldap_next_entry)
1137 {
1138 zval *link, *result_entry;
1139 ldap_linkdata *ld;
1140 ldap_resultentry *resultentry, *resultentry_next;
1141 LDAPMessage *entry_next;
1142
1143 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1144 return;
1145 }
1146
1147 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1148 RETURN_FALSE;
1149 }
1150 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1151 RETURN_FALSE;
1152 }
1153
1154 if ((entry_next = ldap_next_entry(ld->link, resultentry->data)) == NULL) {
1155 RETVAL_FALSE;
1156 } else {
1157 resultentry_next = emalloc(sizeof(ldap_resultentry));
1158 RETVAL_RES(zend_register_resource(resultentry_next, le_result_entry));
1159 ZVAL_COPY(&resultentry_next->res, &resultentry->res);
1160 resultentry_next->data = entry_next;
1161 resultentry_next->ber = NULL;
1162 }
1163 }
1164 /* }}} */
1165
1166 /* {{{ proto array ldap_get_entries(resource link, resource result)
1167 Get all result entries */
PHP_FUNCTION(ldap_get_entries)1168 PHP_FUNCTION(ldap_get_entries)
1169 {
1170 zval *link, *result;
1171 LDAPMessage *ldap_result, *ldap_result_entry;
1172 zval tmp1, tmp2;
1173 ldap_linkdata *ld;
1174 LDAP *ldap;
1175 int num_entries, num_attrib, num_values, i;
1176 BerElement *ber;
1177 char *attribute;
1178 size_t attr_len;
1179 struct berval **ldap_value;
1180 char *dn;
1181
1182 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
1183 return;
1184 }
1185
1186 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1187 RETURN_FALSE;
1188 }
1189 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
1190 RETURN_FALSE;
1191 }
1192
1193 ldap = ld->link;
1194 num_entries = ldap_count_entries(ldap, ldap_result);
1195
1196 array_init(return_value);
1197 add_assoc_long(return_value, "count", num_entries);
1198
1199 if (num_entries == 0) {
1200 return;
1201 }
1202
1203 ldap_result_entry = ldap_first_entry(ldap, ldap_result);
1204 if (ldap_result_entry == NULL) {
1205 zval_dtor(return_value);
1206 RETURN_FALSE;
1207 }
1208
1209 num_entries = 0;
1210 while (ldap_result_entry != NULL) {
1211 array_init(&tmp1);
1212
1213 num_attrib = 0;
1214 attribute = ldap_first_attribute(ldap, ldap_result_entry, &ber);
1215
1216 while (attribute != NULL) {
1217 ldap_value = ldap_get_values_len(ldap, ldap_result_entry, attribute);
1218 num_values = ldap_count_values_len(ldap_value);
1219
1220 array_init(&tmp2);
1221 add_assoc_long(&tmp2, "count", num_values);
1222 for (i = 0; i < num_values; i++) {
1223 add_index_stringl(&tmp2, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len);
1224 }
1225 ldap_value_free_len(ldap_value);
1226
1227 attr_len = strlen(attribute);
1228 zend_hash_str_update(Z_ARRVAL(tmp1), php_strtolower(attribute, attr_len), attr_len, &tmp2);
1229 add_index_string(&tmp1, num_attrib, attribute);
1230
1231 num_attrib++;
1232 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1233 ldap_memfree(attribute);
1234 #endif
1235 attribute = ldap_next_attribute(ldap, ldap_result_entry, ber);
1236 }
1237 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1238 if (ber != NULL) {
1239 ber_free(ber, 0);
1240 }
1241 #endif
1242
1243 add_assoc_long(&tmp1, "count", num_attrib);
1244 dn = ldap_get_dn(ldap, ldap_result_entry);
1245 if (dn) {
1246 add_assoc_string(&tmp1, "dn", dn);
1247 } else {
1248 add_assoc_null(&tmp1, "dn");
1249 }
1250 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1251 ldap_memfree(dn);
1252 #else
1253 free(dn);
1254 #endif
1255
1256 zend_hash_index_update(Z_ARRVAL_P(return_value), num_entries, &tmp1);
1257
1258 num_entries++;
1259 ldap_result_entry = ldap_next_entry(ldap, ldap_result_entry);
1260 }
1261
1262 add_assoc_long(return_value, "count", num_entries);
1263
1264 }
1265 /* }}} */
1266
1267 /* {{{ proto string ldap_first_attribute(resource link, resource result_entry)
1268 Return first attribute */
PHP_FUNCTION(ldap_first_attribute)1269 PHP_FUNCTION(ldap_first_attribute)
1270 {
1271 zval *link, *result_entry;
1272 ldap_linkdata *ld;
1273 ldap_resultentry *resultentry;
1274 char *attribute;
1275 zend_long dummy_ber;
1276
1277 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1278 return;
1279 }
1280
1281 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1282 RETURN_FALSE;
1283 }
1284
1285 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1286 RETURN_FALSE;
1287 }
1288
1289 if ((attribute = ldap_first_attribute(ld->link, resultentry->data, &resultentry->ber)) == NULL) {
1290 RETURN_FALSE;
1291 } else {
1292 RETVAL_STRING(attribute);
1293 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1294 ldap_memfree(attribute);
1295 #endif
1296 }
1297 }
1298 /* }}} */
1299
1300 /* {{{ proto string ldap_next_attribute(resource link, resource result_entry)
1301 Get the next attribute in result */
PHP_FUNCTION(ldap_next_attribute)1302 PHP_FUNCTION(ldap_next_attribute)
1303 {
1304 zval *link, *result_entry;
1305 ldap_linkdata *ld;
1306 ldap_resultentry *resultentry;
1307 char *attribute;
1308 zend_long dummy_ber;
1309
1310 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1311 return;
1312 }
1313
1314 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1315 RETURN_FALSE;
1316 }
1317
1318 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1319 RETURN_FALSE;
1320 }
1321
1322 if (resultentry->ber == NULL) {
1323 php_error_docref(NULL, E_WARNING, "called before calling ldap_first_attribute() or no attributes found in result entry");
1324 RETURN_FALSE;
1325 }
1326
1327 if ((attribute = ldap_next_attribute(ld->link, resultentry->data, resultentry->ber)) == NULL) {
1328 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1329 if (resultentry->ber != NULL) {
1330 ber_free(resultentry->ber, 0);
1331 resultentry->ber = NULL;
1332 }
1333 #endif
1334 RETURN_FALSE;
1335 } else {
1336 RETVAL_STRING(attribute);
1337 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1338 ldap_memfree(attribute);
1339 #endif
1340 }
1341 }
1342 /* }}} */
1343
1344 /* {{{ proto array ldap_get_attributes(resource link, resource result_entry)
1345 Get attributes from a search result entry */
PHP_FUNCTION(ldap_get_attributes)1346 PHP_FUNCTION(ldap_get_attributes)
1347 {
1348 zval *link, *result_entry;
1349 zval tmp;
1350 ldap_linkdata *ld;
1351 ldap_resultentry *resultentry;
1352 char *attribute;
1353 struct berval **ldap_value;
1354 int i, num_values, num_attrib;
1355 BerElement *ber;
1356
1357 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1358 return;
1359 }
1360
1361 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1362 RETURN_FALSE;
1363 }
1364
1365 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1366 RETURN_FALSE;
1367 }
1368
1369 array_init(return_value);
1370 num_attrib = 0;
1371
1372 attribute = ldap_first_attribute(ld->link, resultentry->data, &ber);
1373 while (attribute != NULL) {
1374 ldap_value = ldap_get_values_len(ld->link, resultentry->data, attribute);
1375 num_values = ldap_count_values_len(ldap_value);
1376
1377 array_init(&tmp);
1378 add_assoc_long(&tmp, "count", num_values);
1379 for (i = 0; i < num_values; i++) {
1380 add_index_stringl(&tmp, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len);
1381 }
1382 ldap_value_free_len(ldap_value);
1383
1384 zend_hash_str_update(Z_ARRVAL_P(return_value), attribute, strlen(attribute), &tmp);
1385 add_index_string(return_value, num_attrib, attribute);
1386
1387 num_attrib++;
1388 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1389 ldap_memfree(attribute);
1390 #endif
1391 attribute = ldap_next_attribute(ld->link, resultentry->data, ber);
1392 }
1393 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1394 if (ber != NULL) {
1395 ber_free(ber, 0);
1396 }
1397 #endif
1398
1399 add_assoc_long(return_value, "count", num_attrib);
1400 }
1401 /* }}} */
1402
1403 /* {{{ proto array ldap_get_values_len(resource link, resource result_entry, string attribute)
1404 Get all values with lengths from a result entry */
PHP_FUNCTION(ldap_get_values_len)1405 PHP_FUNCTION(ldap_get_values_len)
1406 {
1407 zval *link, *result_entry;
1408 ldap_linkdata *ld;
1409 ldap_resultentry *resultentry;
1410 char *attr;
1411 struct berval **ldap_value_len;
1412 int i, num_values;
1413 size_t attr_len;
1414
1415 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrs", &link, &result_entry, &attr, &attr_len) != SUCCESS) {
1416 return;
1417 }
1418
1419 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1420 RETURN_FALSE;
1421 }
1422
1423 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1424 RETURN_FALSE;
1425 }
1426
1427 if ((ldap_value_len = ldap_get_values_len(ld->link, resultentry->data, attr)) == NULL) {
1428 php_error_docref(NULL, E_WARNING, "Cannot get the value(s) of attribute %s", ldap_err2string(_get_lderrno(ld->link)));
1429 RETURN_FALSE;
1430 }
1431
1432 num_values = ldap_count_values_len(ldap_value_len);
1433 array_init(return_value);
1434
1435 for (i=0; i<num_values; i++) {
1436 add_next_index_stringl(return_value, ldap_value_len[i]->bv_val, ldap_value_len[i]->bv_len);
1437 }
1438
1439 add_assoc_long(return_value, "count", num_values);
1440 ldap_value_free_len(ldap_value_len);
1441
1442 }
1443 /* }}} */
1444
1445 /* {{{ proto string ldap_get_dn(resource link, resource result_entry)
1446 Get the DN of a result entry */
PHP_FUNCTION(ldap_get_dn)1447 PHP_FUNCTION(ldap_get_dn)
1448 {
1449 zval *link, *result_entry;
1450 ldap_linkdata *ld;
1451 ldap_resultentry *resultentry;
1452 char *text;
1453
1454 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1455 return;
1456 }
1457
1458 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1459 RETURN_FALSE;
1460 }
1461
1462 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1463 RETURN_FALSE;
1464 }
1465
1466 text = ldap_get_dn(ld->link, resultentry->data);
1467 if (text != NULL) {
1468 RETVAL_STRING(text);
1469 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1470 ldap_memfree(text);
1471 #else
1472 free(text);
1473 #endif
1474 } else {
1475 RETURN_FALSE;
1476 }
1477 }
1478 /* }}} */
1479
1480 /* {{{ proto array ldap_explode_dn(string dn, int with_attrib)
1481 Splits DN into its component parts */
PHP_FUNCTION(ldap_explode_dn)1482 PHP_FUNCTION(ldap_explode_dn)
1483 {
1484 zend_long with_attrib;
1485 char *dn, **ldap_value;
1486 int i, count;
1487 size_t dn_len;
1488
1489 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sl", &dn, &dn_len, &with_attrib) != SUCCESS) {
1490 return;
1491 }
1492
1493 if (!(ldap_value = ldap_explode_dn(dn, with_attrib))) {
1494 /* Invalid parameters were passed to ldap_explode_dn */
1495 RETURN_FALSE;
1496 }
1497
1498 i=0;
1499 while (ldap_value[i] != NULL) i++;
1500 count = i;
1501
1502 array_init(return_value);
1503
1504 add_assoc_long(return_value, "count", count);
1505 for (i = 0; i<count; i++) {
1506 add_index_string(return_value, i, ldap_value[i]);
1507 }
1508
1509 ldap_memvfree((void **)ldap_value);
1510 }
1511 /* }}} */
1512
1513 /* {{{ proto string ldap_dn2ufn(string dn)
1514 Convert DN to User Friendly Naming format */
PHP_FUNCTION(ldap_dn2ufn)1515 PHP_FUNCTION(ldap_dn2ufn)
1516 {
1517 char *dn, *ufn;
1518 size_t dn_len;
1519
1520 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &dn, &dn_len) != SUCCESS) {
1521 return;
1522 }
1523
1524 ufn = ldap_dn2ufn(dn);
1525
1526 if (ufn != NULL) {
1527 RETVAL_STRING(ufn);
1528 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1529 ldap_memfree(ufn);
1530 #endif
1531 } else {
1532 RETURN_FALSE;
1533 }
1534 }
1535 /* }}} */
1536
1537
1538 /* added to fix use of ldap_modify_add for doing an ldap_add, gerrit thomson. */
1539 #define PHP_LD_FULL_ADD 0xff
1540 /* {{{ php_ldap_do_modify
1541 */
php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS,int oper)1542 static void php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS, int oper)
1543 {
1544 zval *link, *entry, *value, *ivalue;
1545 ldap_linkdata *ld;
1546 char *dn;
1547 LDAPMod **ldap_mods;
1548 int i, j, num_attribs, num_values;
1549 size_t dn_len;
1550 int *num_berval;
1551 zend_string *attribute;
1552 zend_ulong index;
1553 int is_full_add=0; /* flag for full add operation so ldap_mod_add can be put back into oper, gerrit THomson */
1554
1555 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsa/", &link, &dn, &dn_len, &entry) != SUCCESS) {
1556 return;
1557 }
1558
1559 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1560 RETURN_FALSE;
1561 }
1562
1563 num_attribs = zend_hash_num_elements(Z_ARRVAL_P(entry));
1564 ldap_mods = safe_emalloc((num_attribs+1), sizeof(LDAPMod *), 0);
1565 num_berval = safe_emalloc(num_attribs, sizeof(int), 0);
1566 zend_hash_internal_pointer_reset(Z_ARRVAL_P(entry));
1567
1568 /* added by gerrit thomson to fix ldap_add using ldap_mod_add */
1569 if (oper == PHP_LD_FULL_ADD) {
1570 oper = LDAP_MOD_ADD;
1571 is_full_add = 1;
1572 }
1573 /* end additional , gerrit thomson */
1574
1575 for (i = 0; i < num_attribs; i++) {
1576 ldap_mods[i] = emalloc(sizeof(LDAPMod));
1577 ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
1578 ldap_mods[i]->mod_type = NULL;
1579
1580 if (zend_hash_get_current_key(Z_ARRVAL_P(entry), &attribute, &index) == HASH_KEY_IS_STRING) {
1581 ldap_mods[i]->mod_type = estrndup(ZSTR_VAL(attribute), ZSTR_LEN(attribute));
1582 } else {
1583 php_error_docref(NULL, E_WARNING, "Unknown attribute in the data");
1584 /* Free allocated memory */
1585 while (i >= 0) {
1586 if (ldap_mods[i]->mod_type) {
1587 efree(ldap_mods[i]->mod_type);
1588 }
1589 efree(ldap_mods[i]);
1590 i--;
1591 }
1592 efree(num_berval);
1593 efree(ldap_mods);
1594 RETURN_FALSE;
1595 }
1596
1597 value = zend_hash_get_current_data(Z_ARRVAL_P(entry));
1598
1599 ZVAL_DEREF(value);
1600 if (Z_TYPE_P(value) != IS_ARRAY) {
1601 num_values = 1;
1602 } else {
1603 SEPARATE_ARRAY(value);
1604 num_values = zend_hash_num_elements(Z_ARRVAL_P(value));
1605 }
1606
1607 num_berval[i] = num_values;
1608 ldap_mods[i]->mod_bvalues = safe_emalloc((num_values + 1), sizeof(struct berval *), 0);
1609
1610 /* allow for arrays with one element, no allowance for arrays with none but probably not required, gerrit thomson. */
1611 if ((num_values == 1) && (Z_TYPE_P(value) != IS_ARRAY)) {
1612 convert_to_string_ex(value);
1613 ldap_mods[i]->mod_bvalues[0] = (struct berval *) emalloc (sizeof(struct berval));
1614 ldap_mods[i]->mod_bvalues[0]->bv_len = Z_STRLEN_P(value);
1615 ldap_mods[i]->mod_bvalues[0]->bv_val = Z_STRVAL_P(value);
1616 } else {
1617 for (j = 0; j < num_values; j++) {
1618 if ((ivalue = zend_hash_index_find(Z_ARRVAL_P(value), j)) == NULL) {
1619 php_error_docref(NULL, E_WARNING, "Value array must have consecutive indices 0, 1, ...");
1620 num_berval[i] = j;
1621 num_attribs = i + 1;
1622 RETVAL_FALSE;
1623 goto errexit;
1624 }
1625 convert_to_string_ex(ivalue);
1626 ldap_mods[i]->mod_bvalues[j] = (struct berval *) emalloc (sizeof(struct berval));
1627 ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_P(ivalue);
1628 ldap_mods[i]->mod_bvalues[j]->bv_val = Z_STRVAL_P(ivalue);
1629 }
1630 }
1631 ldap_mods[i]->mod_bvalues[num_values] = NULL;
1632 zend_hash_move_forward(Z_ARRVAL_P(entry));
1633 }
1634 ldap_mods[num_attribs] = NULL;
1635
1636 /* check flag to see if do_mod was called to perform full add , gerrit thomson */
1637 if (is_full_add == 1) {
1638 if ((i = ldap_add_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1639 php_error_docref(NULL, E_WARNING, "Add: %s", ldap_err2string(i));
1640 RETVAL_FALSE;
1641 } else RETVAL_TRUE;
1642 } else {
1643 if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1644 php_error_docref(NULL, E_WARNING, "Modify: %s", ldap_err2string(i));
1645 RETVAL_FALSE;
1646 } else RETVAL_TRUE;
1647 }
1648
1649 errexit:
1650 for (i = 0; i < num_attribs; i++) {
1651 efree(ldap_mods[i]->mod_type);
1652 for (j = 0; j < num_berval[i]; j++) {
1653 efree(ldap_mods[i]->mod_bvalues[j]);
1654 }
1655 efree(ldap_mods[i]->mod_bvalues);
1656 efree(ldap_mods[i]);
1657 }
1658 efree(num_berval);
1659 efree(ldap_mods);
1660
1661 return;
1662 }
1663 /* }}} */
1664
1665 /* {{{ proto bool ldap_add(resource link, string dn, array entry)
1666 Add entries to LDAP directory */
PHP_FUNCTION(ldap_add)1667 PHP_FUNCTION(ldap_add)
1668 {
1669 /* use a newly define parameter into the do_modify so ldap_mod_add can be used the way it is supposed to be used , Gerrit THomson */
1670 php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, PHP_LD_FULL_ADD);
1671 }
1672 /* }}} */
1673
1674 /* three functions for attribute base modifications, gerrit Thomson */
1675
1676 /* {{{ proto bool ldap_mod_replace(resource link, string dn, array entry)
1677 Replace attribute values with new ones */
PHP_FUNCTION(ldap_mod_replace)1678 PHP_FUNCTION(ldap_mod_replace)
1679 {
1680 php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_REPLACE);
1681 }
1682 /* }}} */
1683
1684 /* {{{ proto bool ldap_mod_add(resource link, string dn, array entry)
1685 Add attribute values to current */
PHP_FUNCTION(ldap_mod_add)1686 PHP_FUNCTION(ldap_mod_add)
1687 {
1688 php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_ADD);
1689 }
1690 /* }}} */
1691
1692 /* {{{ proto bool ldap_mod_del(resource link, string dn, array entry)
1693 Delete attribute values */
PHP_FUNCTION(ldap_mod_del)1694 PHP_FUNCTION(ldap_mod_del)
1695 {
1696 php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_DELETE);
1697 }
1698 /* }}} */
1699
1700 /* {{{ proto bool ldap_delete(resource link, string dn)
1701 Delete an entry from a directory */
PHP_FUNCTION(ldap_delete)1702 PHP_FUNCTION(ldap_delete)
1703 {
1704 zval *link;
1705 ldap_linkdata *ld;
1706 char *dn;
1707 int rc;
1708 size_t dn_len;
1709
1710 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rs", &link, &dn, &dn_len) != SUCCESS) {
1711 return;
1712 }
1713
1714 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1715 RETURN_FALSE;
1716 }
1717
1718 if ((rc = ldap_delete_ext_s(ld->link, dn, NULL, NULL)) != LDAP_SUCCESS) {
1719 php_error_docref(NULL, E_WARNING, "Delete: %s", ldap_err2string(rc));
1720 RETURN_FALSE;
1721 }
1722
1723 RETURN_TRUE;
1724 }
1725 /* }}} */
1726
1727 /* {{{ _ldap_str_equal_to_const
1728 */
_ldap_str_equal_to_const(const char * str,uint32_t str_len,const char * cstr)1729 static int _ldap_str_equal_to_const(const char *str, uint32_t str_len, const char *cstr)
1730 {
1731 uint32_t i;
1732
1733 if (strlen(cstr) != str_len)
1734 return 0;
1735
1736 for (i = 0; i < str_len; ++i) {
1737 if (str[i] != cstr[i]) {
1738 return 0;
1739 }
1740 }
1741
1742 return 1;
1743 }
1744 /* }}} */
1745
1746 /* {{{ _ldap_strlen_max
1747 */
_ldap_strlen_max(const char * str,uint32_t max_len)1748 static int _ldap_strlen_max(const char *str, uint32_t max_len)
1749 {
1750 uint32_t i;
1751
1752 for (i = 0; i < max_len; ++i) {
1753 if (str[i] == '\0') {
1754 return i;
1755 }
1756 }
1757
1758 return max_len;
1759 }
1760 /* }}} */
1761
1762 /* {{{ _ldap_hash_fetch
1763 */
_ldap_hash_fetch(zval * hashTbl,const char * key,zval ** out)1764 static void _ldap_hash_fetch(zval *hashTbl, const char *key, zval **out)
1765 {
1766 *out = zend_hash_str_find(Z_ARRVAL_P(hashTbl), key, strlen(key));
1767 }
1768 /* }}} */
1769
1770 /* {{{ proto bool ldap_modify_batch(resource link, string dn, array modifs)
1771 Perform multiple modifications as part of one operation */
PHP_FUNCTION(ldap_modify_batch)1772 PHP_FUNCTION(ldap_modify_batch)
1773 {
1774 ldap_linkdata *ld;
1775 zval *link, *mods, *mod, *modinfo, *modval;
1776 zval *attrib, *modtype, *vals;
1777 zval *fetched;
1778 char *dn;
1779 size_t dn_len;
1780 int i, j, k;
1781 int num_mods, num_modprops, num_modvals;
1782 LDAPMod **ldap_mods;
1783 uint32_t oper;
1784
1785 /*
1786 $mods = array(
1787 array(
1788 "attrib" => "unicodePwd",
1789 "modtype" => LDAP_MODIFY_BATCH_REMOVE,
1790 "values" => array($oldpw)
1791 ),
1792 array(
1793 "attrib" => "unicodePwd",
1794 "modtype" => LDAP_MODIFY_BATCH_ADD,
1795 "values" => array($newpw)
1796 ),
1797 array(
1798 "attrib" => "userPrincipalName",
1799 "modtype" => LDAP_MODIFY_BATCH_REPLACE,
1800 "values" => array("janitor@corp.contoso.com")
1801 ),
1802 array(
1803 "attrib" => "userCert",
1804 "modtype" => LDAP_MODIFY_BATCH_REMOVE_ALL
1805 )
1806 );
1807 */
1808
1809 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsa/", &link, &dn, &dn_len, &mods) != SUCCESS) {
1810 return;
1811 }
1812
1813 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1814 RETURN_FALSE;
1815 }
1816
1817 /* perform validation */
1818 {
1819 zend_string *modkey;
1820 zend_long modtype;
1821
1822 /* to store the wrongly-typed keys */
1823 zend_ulong tmpUlong;
1824
1825 /* make sure the DN contains no NUL bytes */
1826 if ((size_t)_ldap_strlen_max(dn, dn_len) != dn_len) {
1827 php_error_docref(NULL, E_WARNING, "DN must not contain NUL bytes");
1828 RETURN_FALSE;
1829 }
1830
1831 /* make sure the top level is a normal array */
1832 zend_hash_internal_pointer_reset(Z_ARRVAL_P(mods));
1833 if (zend_hash_get_current_key_type(Z_ARRVAL_P(mods)) != HASH_KEY_IS_LONG) {
1834 php_error_docref(NULL, E_WARNING, "Modifications array must not be string-indexed");
1835 RETURN_FALSE;
1836 }
1837
1838 num_mods = zend_hash_num_elements(Z_ARRVAL_P(mods));
1839
1840 for (i = 0; i < num_mods; i++) {
1841 /* is the numbering consecutive? */
1842 if ((fetched = zend_hash_index_find(Z_ARRVAL_P(mods), i)) == NULL) {
1843 php_error_docref(NULL, E_WARNING, "Modifications array must have consecutive indices 0, 1, ...");
1844 RETURN_FALSE;
1845 }
1846 mod = fetched;
1847
1848 /* is it an array? */
1849 if (Z_TYPE_P(mod) != IS_ARRAY) {
1850 php_error_docref(NULL, E_WARNING, "Each entry of modifications array must be an array itself");
1851 RETURN_FALSE;
1852 }
1853
1854 SEPARATE_ARRAY(mod);
1855 /* for the modification hashtable... */
1856 zend_hash_internal_pointer_reset(Z_ARRVAL_P(mod));
1857 num_modprops = zend_hash_num_elements(Z_ARRVAL_P(mod));
1858
1859 for (j = 0; j < num_modprops; j++) {
1860 /* are the keys strings? */
1861 if (zend_hash_get_current_key(Z_ARRVAL_P(mod), &modkey, &tmpUlong) != HASH_KEY_IS_STRING) {
1862 php_error_docref(NULL, E_WARNING, "Each entry of modifications array must be string-indexed");
1863 RETURN_FALSE;
1864 }
1865
1866 /* is this a valid entry? */
1867 if (
1868 !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_ATTRIB) &&
1869 !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_MODTYPE) &&
1870 !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_VALUES)
1871 ) {
1872 php_error_docref(NULL, E_WARNING, "The only allowed keys in entries of the modifications array are '" LDAP_MODIFY_BATCH_ATTRIB "', '" LDAP_MODIFY_BATCH_MODTYPE "' and '" LDAP_MODIFY_BATCH_VALUES "'");
1873 RETURN_FALSE;
1874 }
1875
1876 fetched = zend_hash_get_current_data(Z_ARRVAL_P(mod));
1877 modinfo = fetched;
1878
1879 /* does the value type match the key? */
1880 if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_ATTRIB)) {
1881 if (Z_TYPE_P(modinfo) != IS_STRING) {
1882 php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must be a string");
1883 RETURN_FALSE;
1884 }
1885
1886 if (Z_STRLEN_P(modinfo) != (size_t)_ldap_strlen_max(Z_STRVAL_P(modinfo), Z_STRLEN_P(modinfo))) {
1887 php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must not contain NUL bytes");
1888 RETURN_FALSE;
1889 }
1890 }
1891 else if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_MODTYPE)) {
1892 if (Z_TYPE_P(modinfo) != IS_LONG) {
1893 php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_MODTYPE "' value must be a long");
1894 RETURN_FALSE;
1895 }
1896
1897 /* is the value in range? */
1898 modtype = Z_LVAL_P(modinfo);
1899 if (
1900 modtype != LDAP_MODIFY_BATCH_ADD &&
1901 modtype != LDAP_MODIFY_BATCH_REMOVE &&
1902 modtype != LDAP_MODIFY_BATCH_REPLACE &&
1903 modtype != LDAP_MODIFY_BATCH_REMOVE_ALL
1904 ) {
1905 php_error_docref(NULL, E_WARNING, "The '" LDAP_MODIFY_BATCH_MODTYPE "' value must match one of the LDAP_MODIFY_BATCH_* constants");
1906 RETURN_FALSE;
1907 }
1908
1909 /* if it's REMOVE_ALL, there must not be a values array; otherwise, there must */
1910 if (modtype == LDAP_MODIFY_BATCH_REMOVE_ALL) {
1911 if (zend_hash_str_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES))) {
1912 php_error_docref(NULL, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must not be provided");
1913 RETURN_FALSE;
1914 }
1915 }
1916 else {
1917 if (!zend_hash_str_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES))) {
1918 php_error_docref(NULL, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is not LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must be provided");
1919 RETURN_FALSE;
1920 }
1921 }
1922 }
1923 else if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_VALUES)) {
1924 if (Z_TYPE_P(modinfo) != IS_ARRAY) {
1925 php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' value must be an array");
1926 RETURN_FALSE;
1927 }
1928
1929 SEPARATE_ARRAY(modinfo);
1930 /* is the array not empty? */
1931 zend_hash_internal_pointer_reset(Z_ARRVAL_P(modinfo));
1932 num_modvals = zend_hash_num_elements(Z_ARRVAL_P(modinfo));
1933 if (num_modvals == 0) {
1934 php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have at least one element");
1935 RETURN_FALSE;
1936 }
1937
1938 /* are its keys integers? */
1939 if (zend_hash_get_current_key_type(Z_ARRVAL_P(modinfo)) != HASH_KEY_IS_LONG) {
1940 php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must not be string-indexed");
1941 RETURN_FALSE;
1942 }
1943
1944 /* are the keys consecutive? */
1945 for (k = 0; k < num_modvals; k++) {
1946 if ((fetched = zend_hash_index_find(Z_ARRVAL_P(modinfo), k)) == NULL) {
1947 php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have consecutive indices 0, 1, ...");
1948 RETURN_FALSE;
1949 }
1950 modval = fetched;
1951
1952 /* is the data element a string? */
1953 if (Z_TYPE_P(modval) != IS_STRING) {
1954 php_error_docref(NULL, E_WARNING, "Each element of a '" LDAP_MODIFY_BATCH_VALUES "' array must be a string");
1955 RETURN_FALSE;
1956 }
1957 }
1958 }
1959
1960 zend_hash_move_forward(Z_ARRVAL_P(mod));
1961 }
1962 }
1963 }
1964 /* validation was successful */
1965
1966 /* allocate array of modifications */
1967 ldap_mods = safe_emalloc((num_mods+1), sizeof(LDAPMod *), 0);
1968
1969 /* for each modification */
1970 for (i = 0; i < num_mods; i++) {
1971 /* allocate the modification struct */
1972 ldap_mods[i] = safe_emalloc(1, sizeof(LDAPMod), 0);
1973
1974 /* fetch the relevant data */
1975 fetched = zend_hash_index_find(Z_ARRVAL_P(mods), i);
1976 mod = fetched;
1977
1978 _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_ATTRIB, &attrib);
1979 _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_MODTYPE, &modtype);
1980 _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_VALUES, &vals);
1981
1982 /* map the modification type */
1983 switch (Z_LVAL_P(modtype)) {
1984 case LDAP_MODIFY_BATCH_ADD:
1985 oper = LDAP_MOD_ADD;
1986 break;
1987 case LDAP_MODIFY_BATCH_REMOVE:
1988 case LDAP_MODIFY_BATCH_REMOVE_ALL:
1989 oper = LDAP_MOD_DELETE;
1990 break;
1991 case LDAP_MODIFY_BATCH_REPLACE:
1992 oper = LDAP_MOD_REPLACE;
1993 break;
1994 default:
1995 zend_throw_error(NULL, "Unknown and uncaught modification type.");
1996 RETVAL_FALSE;
1997 efree(ldap_mods[i]);
1998 num_mods = i;
1999 goto cleanup;
2000 }
2001
2002 /* fill in the basic info */
2003 ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
2004 ldap_mods[i]->mod_type = estrndup(Z_STRVAL_P(attrib), Z_STRLEN_P(attrib));
2005
2006 if (Z_LVAL_P(modtype) == LDAP_MODIFY_BATCH_REMOVE_ALL) {
2007 /* no values */
2008 ldap_mods[i]->mod_bvalues = NULL;
2009 }
2010 else {
2011 /* allocate space for the values as part of this modification */
2012 num_modvals = zend_hash_num_elements(Z_ARRVAL_P(vals));
2013 ldap_mods[i]->mod_bvalues = safe_emalloc((num_modvals+1), sizeof(struct berval *), 0);
2014
2015 /* for each value */
2016 for (j = 0; j < num_modvals; j++) {
2017 /* fetch it */
2018 fetched = zend_hash_index_find(Z_ARRVAL_P(vals), j);
2019 modval = fetched;
2020
2021 /* allocate the data struct */
2022 ldap_mods[i]->mod_bvalues[j] = safe_emalloc(1, sizeof(struct berval), 0);
2023
2024 /* fill it */
2025 ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_P(modval);
2026 ldap_mods[i]->mod_bvalues[j]->bv_val = estrndup(Z_STRVAL_P(modval), Z_STRLEN_P(modval));
2027 }
2028
2029 /* NULL-terminate values */
2030 ldap_mods[i]->mod_bvalues[num_modvals] = NULL;
2031 }
2032 }
2033
2034 /* NULL-terminate modifications */
2035 ldap_mods[num_mods] = NULL;
2036
2037 /* perform (finally) */
2038 if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
2039 php_error_docref(NULL, E_WARNING, "Batch Modify: %s", ldap_err2string(i));
2040 RETVAL_FALSE;
2041 } else RETVAL_TRUE;
2042
2043 /* clean up */
2044 cleanup: {
2045 for (i = 0; i < num_mods; i++) {
2046 /* attribute */
2047 efree(ldap_mods[i]->mod_type);
2048
2049 if (ldap_mods[i]->mod_bvalues != NULL) {
2050 /* each BER value */
2051 for (j = 0; ldap_mods[i]->mod_bvalues[j] != NULL; j++) {
2052 /* free the data bytes */
2053 efree(ldap_mods[i]->mod_bvalues[j]->bv_val);
2054
2055 /* free the bvalue struct */
2056 efree(ldap_mods[i]->mod_bvalues[j]);
2057 }
2058
2059 /* the BER value array */
2060 efree(ldap_mods[i]->mod_bvalues);
2061 }
2062
2063 /* the modification */
2064 efree(ldap_mods[i]);
2065 }
2066
2067 /* the modifications array */
2068 efree(ldap_mods);
2069 }
2070 }
2071 /* }}} */
2072
2073 /* {{{ proto int ldap_errno(resource link)
2074 Get the current ldap error number */
PHP_FUNCTION(ldap_errno)2075 PHP_FUNCTION(ldap_errno)
2076 {
2077 zval *link;
2078 ldap_linkdata *ld;
2079
2080 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
2081 return;
2082 }
2083
2084 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2085 RETURN_FALSE;
2086 }
2087
2088 RETURN_LONG(_get_lderrno(ld->link));
2089 }
2090 /* }}} */
2091
2092 /* {{{ proto string ldap_err2str(int errno)
2093 Convert error number to error string */
PHP_FUNCTION(ldap_err2str)2094 PHP_FUNCTION(ldap_err2str)
2095 {
2096 zend_long perrno;
2097
2098 if (zend_parse_parameters(ZEND_NUM_ARGS(), "l", &perrno) != SUCCESS) {
2099 return;
2100 }
2101
2102 RETURN_STRING(ldap_err2string(perrno));
2103 }
2104 /* }}} */
2105
2106 /* {{{ proto string ldap_error(resource link)
2107 Get the current ldap error string */
PHP_FUNCTION(ldap_error)2108 PHP_FUNCTION(ldap_error)
2109 {
2110 zval *link;
2111 ldap_linkdata *ld;
2112 int ld_errno;
2113
2114 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
2115 return;
2116 }
2117
2118 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2119 RETURN_FALSE;
2120 }
2121
2122 ld_errno = _get_lderrno(ld->link);
2123
2124 RETURN_STRING(ldap_err2string(ld_errno));
2125 }
2126 /* }}} */
2127
2128 /* {{{ proto bool ldap_compare(resource link, string dn, string attr, string value)
2129 Determine if an entry has a specific value for one of its attributes */
PHP_FUNCTION(ldap_compare)2130 PHP_FUNCTION(ldap_compare)
2131 {
2132 zval *link;
2133 char *dn, *attr, *value;
2134 size_t dn_len, attr_len, value_len;
2135 ldap_linkdata *ld;
2136 int errno;
2137 struct berval lvalue;
2138
2139 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsss", &link, &dn, &dn_len, &attr, &attr_len, &value, &value_len) != SUCCESS) {
2140 return;
2141 }
2142
2143 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2144 RETURN_FALSE;
2145 }
2146
2147 lvalue.bv_val = value;
2148 lvalue.bv_len = value_len;
2149
2150 errno = ldap_compare_ext_s(ld->link, dn, attr, &lvalue, NULL, NULL);
2151
2152 switch (errno) {
2153 case LDAP_COMPARE_TRUE:
2154 RETURN_TRUE;
2155 break;
2156
2157 case LDAP_COMPARE_FALSE:
2158 RETURN_FALSE;
2159 break;
2160 }
2161
2162 php_error_docref(NULL, E_WARNING, "Compare: %s", ldap_err2string(errno));
2163 RETURN_LONG(-1);
2164 }
2165 /* }}} */
2166
2167 /* {{{ proto bool ldap_sort(resource link, resource result, string sortfilter)
2168 Sort LDAP result entries */
PHP_FUNCTION(ldap_sort)2169 PHP_FUNCTION(ldap_sort)
2170 {
2171 zval *link, *result;
2172 ldap_linkdata *ld;
2173 char *sortfilter;
2174 size_t sflen;
2175 zend_resource *le;
2176
2177 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrs", &link, &result, &sortfilter, &sflen) != SUCCESS) {
2178 RETURN_FALSE;
2179 }
2180
2181 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2182 RETURN_FALSE;
2183 }
2184
2185 le = Z_RES_P(result);
2186 if (le->type != le_result) {
2187 php_error_docref(NULL, E_WARNING, "Supplied resource is not a valid ldap result resource");
2188 RETURN_FALSE;
2189 }
2190
2191 if (ldap_sort_entries(ld->link, (LDAPMessage **) &le->ptr, sflen ? sortfilter : NULL, strcmp) != LDAP_SUCCESS) {
2192 php_error_docref(NULL, E_WARNING, "%s", ldap_err2string(errno));
2193 RETURN_FALSE;
2194 }
2195
2196 RETURN_TRUE;
2197 }
2198 /* }}} */
2199
2200 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2201 /* {{{ proto bool ldap_get_option(resource link, int option, mixed retval)
2202 Get the current value of various session-wide parameters */
PHP_FUNCTION(ldap_get_option)2203 PHP_FUNCTION(ldap_get_option)
2204 {
2205 zval *link, *retval;
2206 ldap_linkdata *ld;
2207 zend_long option;
2208
2209 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rlz/", &link, &option, &retval) != SUCCESS) {
2210 return;
2211 }
2212
2213 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2214 RETURN_FALSE;
2215 }
2216
2217 switch (option) {
2218 /* options with int value */
2219 case LDAP_OPT_DEREF:
2220 case LDAP_OPT_SIZELIMIT:
2221 case LDAP_OPT_TIMELIMIT:
2222 case LDAP_OPT_PROTOCOL_VERSION:
2223 case LDAP_OPT_ERROR_NUMBER:
2224 case LDAP_OPT_REFERRALS:
2225 #ifdef LDAP_OPT_RESTART
2226 case LDAP_OPT_RESTART:
2227 #endif
2228 #ifdef LDAP_OPT_X_SASL_NOCANON
2229 case LDAP_OPT_X_SASL_NOCANON:
2230 #endif
2231 #ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
2232 case LDAP_OPT_X_TLS_REQUIRE_CERT:
2233 #endif
2234 #ifdef LDAP_OPT_X_TLS_CRLCHECK
2235 case LDAP_OPT_X_TLS_CRLCHECK:
2236 #endif
2237 #ifdef LDAP_OPT_X_TLS_PROTOCOL_MIN
2238 case LDAP_OPT_X_TLS_PROTOCOL_MIN:
2239 #endif
2240 #ifdef LDAP_OPT_X_KEEPALIVE_IDLE
2241 case LDAP_OPT_X_KEEPALIVE_IDLE:
2242 case LDAP_OPT_X_KEEPALIVE_PROBES:
2243 case LDAP_OPT_X_KEEPALIVE_INTERVAL:
2244 #endif
2245 {
2246 int val;
2247
2248 if (ldap_get_option(ld->link, option, &val)) {
2249 RETURN_FALSE;
2250 }
2251 zval_ptr_dtor(retval);
2252 ZVAL_LONG(retval, val);
2253 } break;
2254 #ifdef LDAP_OPT_NETWORK_TIMEOUT
2255 case LDAP_OPT_NETWORK_TIMEOUT:
2256 {
2257 struct timeval *timeout = NULL;
2258
2259 if (ldap_get_option(ld->link, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
2260 if (timeout) {
2261 ldap_memfree(timeout);
2262 }
2263 RETURN_FALSE;
2264 }
2265 if (!timeout) {
2266 RETURN_FALSE;
2267 }
2268 zval_ptr_dtor(retval);
2269 ZVAL_LONG(retval, timeout->tv_sec);
2270 ldap_memfree(timeout);
2271 } break;
2272 #elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
2273 case LDAP_X_OPT_CONNECT_TIMEOUT:
2274 {
2275 int timeout;
2276
2277 if (ldap_get_option(ld->link, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
2278 RETURN_FALSE;
2279 }
2280 zval_ptr_dtor(retval);
2281 ZVAL_LONG(retval, (timeout / 1000));
2282 } break;
2283 #endif
2284 #ifdef LDAP_OPT_TIMEOUT
2285 case LDAP_OPT_TIMEOUT:
2286 {
2287 struct timeval *timeout = NULL;
2288
2289 if (ldap_get_option(ld->link, LDAP_OPT_TIMEOUT, (void *) &timeout)) {
2290 if (timeout) {
2291 ldap_memfree(timeout);
2292 }
2293 RETURN_FALSE;
2294 }
2295 if (!timeout) {
2296 RETURN_FALSE;
2297 }
2298 zval_dtor(retval);
2299 ZVAL_LONG(retval, timeout->tv_sec);
2300 ldap_memfree(timeout);
2301 } break;
2302 #endif
2303 /* options with string value */
2304 case LDAP_OPT_ERROR_STRING:
2305 #ifdef LDAP_OPT_HOST_NAME
2306 case LDAP_OPT_HOST_NAME:
2307 #endif
2308 #ifdef HAVE_LDAP_SASL
2309 case LDAP_OPT_X_SASL_MECH:
2310 case LDAP_OPT_X_SASL_REALM:
2311 case LDAP_OPT_X_SASL_AUTHCID:
2312 case LDAP_OPT_X_SASL_AUTHZID:
2313 #endif
2314 #ifdef LDAP_OPT_X_SASL_USERNAME
2315 case LDAP_OPT_X_SASL_USERNAME:
2316 #endif
2317 #if (LDAP_API_VERSION > 2000)
2318 case LDAP_OPT_X_TLS_CACERTDIR:
2319 case LDAP_OPT_X_TLS_CACERTFILE:
2320 case LDAP_OPT_X_TLS_CERTFILE:
2321 case LDAP_OPT_X_TLS_CIPHER_SUITE:
2322 case LDAP_OPT_X_TLS_KEYFILE:
2323 case LDAP_OPT_X_TLS_RANDOM_FILE:
2324 #endif
2325 #ifdef LDAP_OPT_X_TLS_PACKAGE
2326 case LDAP_OPT_X_TLS_PACKAGE:
2327 #endif
2328 #ifdef LDAP_OPT_X_TLS_CRLFILE
2329 case LDAP_OPT_X_TLS_CRLFILE:
2330 #endif
2331 #ifdef LDAP_OPT_X_TLS_DHFILE
2332 case LDAP_OPT_X_TLS_DHFILE:
2333 #endif
2334 #ifdef LDAP_OPT_MATCHED_DN
2335 case LDAP_OPT_MATCHED_DN:
2336 #endif
2337 {
2338 char *val = NULL;
2339
2340 if (ldap_get_option(ld->link, option, &val) || val == NULL || *val == '\0') {
2341 if (val) {
2342 ldap_memfree(val);
2343 }
2344 RETURN_FALSE;
2345 }
2346 zval_ptr_dtor(retval);
2347 ZVAL_STRING(retval, val);
2348 ldap_memfree(val);
2349 } break;
2350 case LDAP_OPT_SERVER_CONTROLS:
2351 case LDAP_OPT_CLIENT_CONTROLS:
2352 {
2353 zval tmp1;
2354 int num_entries;
2355 LDAPControl **ctrls = NULL, **ctrlp;
2356
2357 if (ldap_get_option(ld->link, option, &ctrls) || ctrls == NULL) {
2358 if (ctrls) {
2359 ldap_memfree(ctrls);
2360 }
2361 RETURN_FALSE;
2362 }
2363
2364 zval_ptr_dtor(retval);
2365 array_init(retval);
2366 num_entries = 0;
2367 ctrlp = ctrls;
2368 while (*ctrlp != NULL)
2369 {
2370 array_init(&tmp1);
2371 add_assoc_string(&tmp1, "oid", (*ctrlp)->ldctl_oid);
2372 add_assoc_bool(&tmp1, "iscritical", ((*ctrlp)->ldctl_iscritical != 0));
2373 if ((*ctrlp)->ldctl_value.bv_len) {
2374 add_assoc_stringl(&tmp1, "value", (*ctrlp)->ldctl_value.bv_val, (*ctrlp)->ldctl_value.bv_len);
2375 }
2376 zend_hash_index_update(Z_ARRVAL_P(retval), num_entries, &tmp1);
2377 num_entries++;
2378 ctrlp++;
2379 }
2380 ldap_controls_free(ctrls);
2381 } break;
2382 /* options not implemented
2383 case LDAP_OPT_API_INFO:
2384 case LDAP_OPT_API_FEATURE_INFO:
2385 */
2386 default:
2387 RETURN_FALSE;
2388 }
2389 RETURN_TRUE;
2390 }
2391 /* }}} */
2392
2393 /* {{{ proto bool ldap_set_option(resource link, int option, mixed newval)
2394 Set the value of various session-wide parameters */
PHP_FUNCTION(ldap_set_option)2395 PHP_FUNCTION(ldap_set_option)
2396 {
2397 zval *link, *newval;
2398 ldap_linkdata *ld;
2399 LDAP *ldap;
2400 zend_long option;
2401
2402 if (zend_parse_parameters(ZEND_NUM_ARGS(), "zlz", &link, &option, &newval) != SUCCESS) {
2403 return;
2404 }
2405
2406 if (Z_TYPE_P(link) == IS_NULL) {
2407 ldap = NULL;
2408 } else {
2409 if ((ld = (ldap_linkdata *)zend_fetch_resource_ex(link, "ldap link", le_link)) == NULL) {
2410 RETURN_FALSE;
2411 }
2412 ldap = ld->link;
2413 }
2414
2415 switch (option) {
2416 /* options with int value */
2417 case LDAP_OPT_DEREF:
2418 case LDAP_OPT_SIZELIMIT:
2419 case LDAP_OPT_TIMELIMIT:
2420 case LDAP_OPT_PROTOCOL_VERSION:
2421 case LDAP_OPT_ERROR_NUMBER:
2422 #ifdef LDAP_OPT_DEBUG_LEVEL
2423 case LDAP_OPT_DEBUG_LEVEL:
2424 #endif
2425 #ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
2426 case LDAP_OPT_X_TLS_REQUIRE_CERT:
2427 #endif
2428 #ifdef LDAP_OPT_X_TLS_CRLCHECK
2429 case LDAP_OPT_X_TLS_CRLCHECK:
2430 #endif
2431 #ifdef LDAP_OPT_X_TLS_PROTOCOL_MIN
2432 case LDAP_OPT_X_TLS_PROTOCOL_MIN:
2433 #endif
2434 #ifdef LDAP_OPT_X_KEEPALIVE_IDLE
2435 case LDAP_OPT_X_KEEPALIVE_IDLE:
2436 case LDAP_OPT_X_KEEPALIVE_PROBES:
2437 case LDAP_OPT_X_KEEPALIVE_INTERVAL:
2438 #endif
2439 {
2440 int val;
2441
2442 convert_to_long_ex(newval);
2443 val = Z_LVAL_P(newval);
2444 if (ldap_set_option(ldap, option, &val)) {
2445 RETURN_FALSE;
2446 }
2447 } break;
2448 #ifdef LDAP_OPT_NETWORK_TIMEOUT
2449 case LDAP_OPT_NETWORK_TIMEOUT:
2450 {
2451 struct timeval timeout;
2452
2453 convert_to_long_ex(newval);
2454 timeout.tv_sec = Z_LVAL_P(newval);
2455 timeout.tv_usec = 0;
2456 if (ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
2457 RETURN_FALSE;
2458 }
2459 } break;
2460 #elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
2461 case LDAP_X_OPT_CONNECT_TIMEOUT:
2462 {
2463 int timeout;
2464
2465 convert_to_long_ex(newval);
2466 timeout = 1000 * Z_LVAL_P(newval); /* Convert to milliseconds */
2467 if (ldap_set_option(ldap, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
2468 RETURN_FALSE;
2469 }
2470 } break;
2471 #endif
2472 #ifdef LDAP_OPT_TIMEOUT
2473 case LDAP_OPT_TIMEOUT:
2474 {
2475 struct timeval timeout;
2476
2477 convert_to_long_ex(newval);
2478 timeout.tv_sec = Z_LVAL_P(newval);
2479 timeout.tv_usec = 0;
2480 if (ldap_set_option(ldap, LDAP_OPT_TIMEOUT, (void *) &timeout)) {
2481 RETURN_FALSE;
2482 }
2483 } break;
2484 #endif
2485 /* options with string value */
2486 case LDAP_OPT_ERROR_STRING:
2487 #ifdef LDAP_OPT_HOST_NAME
2488 case LDAP_OPT_HOST_NAME:
2489 #endif
2490 #ifdef HAVE_LDAP_SASL
2491 case LDAP_OPT_X_SASL_MECH:
2492 case LDAP_OPT_X_SASL_REALM:
2493 case LDAP_OPT_X_SASL_AUTHCID:
2494 case LDAP_OPT_X_SASL_AUTHZID:
2495 #endif
2496 #if (LDAP_API_VERSION > 2000)
2497 case LDAP_OPT_X_TLS_CACERTDIR:
2498 case LDAP_OPT_X_TLS_CACERTFILE:
2499 case LDAP_OPT_X_TLS_CERTFILE:
2500 case LDAP_OPT_X_TLS_CIPHER_SUITE:
2501 case LDAP_OPT_X_TLS_KEYFILE:
2502 case LDAP_OPT_X_TLS_RANDOM_FILE:
2503 #endif
2504 #ifdef LDAP_OPT_X_TLS_CRLFILE
2505 case LDAP_OPT_X_TLS_CRLFILE:
2506 #endif
2507 #ifdef LDAP_OPT_X_TLS_DHFILE
2508 case LDAP_OPT_X_TLS_DHFILE:
2509 #endif
2510 #ifdef LDAP_OPT_MATCHED_DN
2511 case LDAP_OPT_MATCHED_DN:
2512 #endif
2513 {
2514 char *val;
2515 convert_to_string_ex(newval);
2516 val = Z_STRVAL_P(newval);
2517 if (ldap_set_option(ldap, option, val)) {
2518 RETURN_FALSE;
2519 }
2520 } break;
2521 /* options with boolean value */
2522 case LDAP_OPT_REFERRALS:
2523 #ifdef LDAP_OPT_RESTART
2524 case LDAP_OPT_RESTART:
2525 #endif
2526 #ifdef LDAP_OPT_X_SASL_NOCANON
2527 case LDAP_OPT_X_SASL_NOCANON:
2528 #endif
2529 {
2530 void *val;
2531 convert_to_boolean_ex(newval);
2532 val = Z_TYPE_P(newval) == IS_TRUE
2533 ? LDAP_OPT_ON : LDAP_OPT_OFF;
2534 if (ldap_set_option(ldap, option, val)) {
2535 RETURN_FALSE;
2536 }
2537 } break;
2538 /* options with control list value */
2539 case LDAP_OPT_SERVER_CONTROLS:
2540 case LDAP_OPT_CLIENT_CONTROLS:
2541 {
2542 LDAPControl *ctrl, **ctrls, **ctrlp;
2543 zval *ctrlval, *val;
2544 int ncontrols;
2545 char error=0;
2546
2547 if (Z_TYPE_P(newval) != IS_ARRAY) {
2548 php_error_docref(NULL, E_WARNING, "Expected array value for this option");
2549 RETURN_FALSE;
2550 }
2551 ncontrols = zend_hash_num_elements(Z_ARRVAL_P(newval));
2552 ctrls = safe_emalloc((1 + ncontrols), sizeof(*ctrls), 0);
2553 *ctrls = NULL;
2554 ctrlp = ctrls;
2555 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(newval), ctrlval) {
2556 if (Z_TYPE_P(ctrlval) != IS_ARRAY) {
2557 php_error_docref(NULL, E_WARNING, "The array value must contain only arrays, where each array is a control");
2558 error = 1;
2559 break;
2560 }
2561 if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "oid", sizeof("oid") - 1)) == NULL) {
2562 php_error_docref(NULL, E_WARNING, "Control must have an oid key");
2563 error = 1;
2564 break;
2565 }
2566 ctrl = *ctrlp = emalloc(sizeof(**ctrlp));
2567 convert_to_string_ex(val);
2568 ctrl->ldctl_oid = Z_STRVAL_P(val);
2569 if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "value", sizeof("value") - 1)) != NULL) {
2570 convert_to_string_ex(val);
2571 ctrl->ldctl_value.bv_val = Z_STRVAL_P(val);
2572 ctrl->ldctl_value.bv_len = Z_STRLEN_P(val);
2573 } else {
2574 ctrl->ldctl_value.bv_val = NULL;
2575 ctrl->ldctl_value.bv_len = 0;
2576 }
2577 if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "iscritical", sizeof("iscritical") - 1)) != NULL) {
2578 convert_to_boolean_ex(val);
2579 ctrl->ldctl_iscritical = Z_TYPE_P(val) == IS_TRUE;
2580 } else {
2581 ctrl->ldctl_iscritical = 0;
2582 }
2583
2584 ++ctrlp;
2585 *ctrlp = NULL;
2586 } ZEND_HASH_FOREACH_END();
2587 if (!error) {
2588 error = ldap_set_option(ldap, option, ctrls);
2589 }
2590 ctrlp = ctrls;
2591 while (*ctrlp) {
2592 efree(*ctrlp);
2593 ctrlp++;
2594 }
2595 efree(ctrls);
2596 if (error) {
2597 RETURN_FALSE;
2598 }
2599 } break;
2600 default:
2601 RETURN_FALSE;
2602 }
2603 RETURN_TRUE;
2604 }
2605 /* }}} */
2606
2607 #ifdef HAVE_LDAP_PARSE_RESULT
2608 /* {{{ proto bool ldap_parse_result(resource link, resource result, int errcode, string matcheddn, string errmsg, array referrals)
2609 Extract information from result */
PHP_FUNCTION(ldap_parse_result)2610 PHP_FUNCTION(ldap_parse_result)
2611 {
2612 zval *link, *result, *errcode, *matcheddn, *errmsg, *referrals;
2613 ldap_linkdata *ld;
2614 LDAPMessage *ldap_result;
2615 char **lreferrals, **refp;
2616 char *lmatcheddn, *lerrmsg;
2617 int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
2618
2619 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrz/|z/z/z/", &link, &result, &errcode, &matcheddn, &errmsg, &referrals) != SUCCESS) {
2620 return;
2621 }
2622
2623 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2624 RETURN_FALSE;
2625 }
2626
2627 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2628 RETURN_FALSE;
2629 }
2630
2631 rc = ldap_parse_result(ld->link, ldap_result, &lerrcode,
2632 myargcount > 3 ? &lmatcheddn : NULL,
2633 myargcount > 4 ? &lerrmsg : NULL,
2634 myargcount > 5 ? &lreferrals : NULL,
2635 NULL /* &serverctrls */,
2636 0);
2637 if (rc != LDAP_SUCCESS) {
2638 php_error_docref(NULL, E_WARNING, "Unable to parse result: %s", ldap_err2string(rc));
2639 RETURN_FALSE;
2640 }
2641
2642 zval_ptr_dtor(errcode);
2643 ZVAL_LONG(errcode, lerrcode);
2644
2645 /* Reverse -> fall through */
2646 switch (myargcount) {
2647 case 6:
2648 zval_ptr_dtor(referrals);
2649 array_init(referrals);
2650 if (lreferrals != NULL) {
2651 refp = lreferrals;
2652 while (*refp) {
2653 add_next_index_string(referrals, *refp);
2654 refp++;
2655 }
2656 ldap_memvfree((void**)lreferrals);
2657 }
2658 case 5:
2659 zval_ptr_dtor(errmsg);
2660 if (lerrmsg == NULL) {
2661 ZVAL_EMPTY_STRING(errmsg);
2662 } else {
2663 ZVAL_STRING(errmsg, lerrmsg);
2664 ldap_memfree(lerrmsg);
2665 }
2666 case 4:
2667 zval_ptr_dtor(matcheddn);
2668 if (lmatcheddn == NULL) {
2669 ZVAL_EMPTY_STRING(matcheddn);
2670 } else {
2671 ZVAL_STRING(matcheddn, lmatcheddn);
2672 ldap_memfree(lmatcheddn);
2673 }
2674 }
2675 RETURN_TRUE;
2676 }
2677 /* }}} */
2678 #endif
2679
2680 /* {{{ Extended operation response parsing, Pierangelo Masarati */
2681 #ifdef HAVE_LDAP_PARSE_EXTENDED_RESULT
2682 /* {{{ proto bool ldap_parse_exop(resource link, resource result [, string retdata [, string retoid]])
2683 Extract information from extended operation result */
PHP_FUNCTION(ldap_parse_exop)2684 PHP_FUNCTION(ldap_parse_exop)
2685 {
2686 zval *link, *result, *retdata, *retoid;
2687 ldap_linkdata *ld;
2688 LDAPMessage *ldap_result;
2689 char *lretoid;
2690 struct berval *lretdata;
2691 int rc, myargcount = ZEND_NUM_ARGS();
2692
2693 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|z/z/", &link, &result, &retdata, &retoid) != SUCCESS) {
2694 WRONG_PARAM_COUNT;
2695 }
2696
2697 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2698 RETURN_FALSE;
2699 }
2700
2701 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2702 RETURN_FALSE;
2703 }
2704
2705 rc = ldap_parse_extended_result(ld->link, ldap_result,
2706 myargcount > 3 ? &lretoid: NULL,
2707 myargcount > 2 ? &lretdata: NULL,
2708 0);
2709 if (rc != LDAP_SUCCESS) {
2710 php_error_docref(NULL, E_WARNING, "Unable to parse extended operation result: %s", ldap_err2string(rc));
2711 RETURN_FALSE;
2712 }
2713
2714 /* Reverse -> fall through */
2715 switch (myargcount) {
2716 case 4:
2717 zval_dtor(retoid);
2718 if (lretoid == NULL) {
2719 ZVAL_EMPTY_STRING(retoid);
2720 } else {
2721 ZVAL_STRING(retoid, lretoid);
2722 ldap_memfree(lretoid);
2723 }
2724 case 3:
2725 /* use arg #3 as the data returned by the server */
2726 zval_dtor(retdata);
2727 if (lretdata == NULL) {
2728 ZVAL_EMPTY_STRING(retdata);
2729 } else {
2730 ZVAL_STRINGL(retdata, lretdata->bv_val, lretdata->bv_len);
2731 ldap_memfree(lretdata->bv_val);
2732 ldap_memfree(lretdata);
2733 }
2734 }
2735 RETURN_TRUE;
2736 }
2737 /* }}} */
2738 #endif
2739 /* }}} */
2740
2741 /* {{{ proto resource ldap_first_reference(resource link, resource result)
2742 Return first reference */
PHP_FUNCTION(ldap_first_reference)2743 PHP_FUNCTION(ldap_first_reference)
2744 {
2745 zval *link, *result;
2746 ldap_linkdata *ld;
2747 ldap_resultentry *resultentry;
2748 LDAPMessage *ldap_result, *entry;
2749
2750 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
2751 return;
2752 }
2753
2754 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2755 RETURN_FALSE;
2756 }
2757
2758 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2759 RETURN_FALSE;
2760 }
2761
2762 if ((entry = ldap_first_reference(ld->link, ldap_result)) == NULL) {
2763 RETVAL_FALSE;
2764 } else {
2765 resultentry = emalloc(sizeof(ldap_resultentry));
2766 RETVAL_RES(zend_register_resource(resultentry, le_result_entry));
2767 ZVAL_COPY(&resultentry->res, result);
2768 resultentry->data = entry;
2769 resultentry->ber = NULL;
2770 }
2771 }
2772 /* }}} */
2773
2774 /* {{{ proto resource ldap_next_reference(resource link, resource reference_entry)
2775 Get next reference */
PHP_FUNCTION(ldap_next_reference)2776 PHP_FUNCTION(ldap_next_reference)
2777 {
2778 zval *link, *result_entry;
2779 ldap_linkdata *ld;
2780 ldap_resultentry *resultentry, *resultentry_next;
2781 LDAPMessage *entry_next;
2782
2783 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
2784 return;
2785 }
2786
2787 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2788 RETURN_FALSE;
2789 }
2790
2791 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
2792 RETURN_FALSE;
2793 }
2794
2795 if ((entry_next = ldap_next_reference(ld->link, resultentry->data)) == NULL) {
2796 RETVAL_FALSE;
2797 } else {
2798 resultentry_next = emalloc(sizeof(ldap_resultentry));
2799 RETVAL_RES(zend_register_resource(resultentry_next, le_result_entry));
2800 ZVAL_COPY(&resultentry_next->res, &resultentry->res);
2801 resultentry_next->data = entry_next;
2802 resultentry_next->ber = NULL;
2803 }
2804 }
2805 /* }}} */
2806
2807 #ifdef HAVE_LDAP_PARSE_REFERENCE
2808 /* {{{ proto bool ldap_parse_reference(resource link, resource reference_entry, array referrals)
2809 Extract information from reference entry */
PHP_FUNCTION(ldap_parse_reference)2810 PHP_FUNCTION(ldap_parse_reference)
2811 {
2812 zval *link, *result_entry, *referrals;
2813 ldap_linkdata *ld;
2814 ldap_resultentry *resultentry;
2815 char **lreferrals, **refp;
2816
2817 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrz/", &link, &result_entry, &referrals) != SUCCESS) {
2818 return;
2819 }
2820
2821 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2822 RETURN_FALSE;
2823 }
2824
2825 if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
2826 RETURN_FALSE;
2827 }
2828
2829 if (ldap_parse_reference(ld->link, resultentry->data, &lreferrals, NULL /* &serverctrls */, 0) != LDAP_SUCCESS) {
2830 RETURN_FALSE;
2831 }
2832
2833 zval_ptr_dtor(referrals);
2834 array_init(referrals);
2835 if (lreferrals != NULL) {
2836 refp = lreferrals;
2837 while (*refp) {
2838 add_next_index_string(referrals, *refp);
2839 refp++;
2840 }
2841 ldap_memvfree((void**)lreferrals);
2842 }
2843 RETURN_TRUE;
2844 }
2845 /* }}} */
2846 #endif
2847
2848 /* {{{ proto bool ldap_rename(resource link, string dn, string newrdn, string newparent, bool deleteoldrdn)
2849 Modify the name of an entry */
PHP_FUNCTION(ldap_rename)2850 PHP_FUNCTION(ldap_rename)
2851 {
2852 zval *link;
2853 ldap_linkdata *ld;
2854 int rc;
2855 char *dn, *newrdn, *newparent;
2856 size_t dn_len, newrdn_len, newparent_len;
2857 zend_bool deleteoldrdn;
2858
2859 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsssb", &link, &dn, &dn_len, &newrdn, &newrdn_len, &newparent, &newparent_len, &deleteoldrdn) != SUCCESS) {
2860 return;
2861 }
2862
2863 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2864 RETURN_FALSE;
2865 }
2866
2867 if (newparent_len == 0) {
2868 newparent = NULL;
2869 }
2870
2871 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2872 rc = ldap_rename_s(ld->link, dn, newrdn, newparent, deleteoldrdn, NULL, NULL);
2873 #else
2874 if (newparent_len != 0) {
2875 php_error_docref(NULL, E_WARNING, "You are using old LDAP API, newparent must be the empty string, can only modify RDN");
2876 RETURN_FALSE;
2877 }
2878 /* could support old APIs but need check for ldap_modrdn2()/ldap_modrdn() */
2879 rc = ldap_modrdn2_s(ld->link, dn, newrdn, deleteoldrdn);
2880 #endif
2881
2882 if (rc == LDAP_SUCCESS) {
2883 RETURN_TRUE;
2884 }
2885 RETURN_FALSE;
2886 }
2887 /* }}} */
2888
2889 #ifdef HAVE_LDAP_START_TLS_S
2890 /* {{{ proto bool ldap_start_tls(resource link)
2891 Start TLS */
PHP_FUNCTION(ldap_start_tls)2892 PHP_FUNCTION(ldap_start_tls)
2893 {
2894 zval *link;
2895 ldap_linkdata *ld;
2896 int rc, protocol = LDAP_VERSION3;
2897
2898 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
2899 return;
2900 }
2901
2902 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2903 RETURN_FALSE;
2904 }
2905
2906 if (((rc = ldap_set_option(ld->link, LDAP_OPT_PROTOCOL_VERSION, &protocol)) != LDAP_SUCCESS) ||
2907 ((rc = ldap_start_tls_s(ld->link, NULL, NULL)) != LDAP_SUCCESS)
2908 ) {
2909 php_error_docref(NULL, E_WARNING,"Unable to start TLS: %s", ldap_err2string(rc));
2910 RETURN_FALSE;
2911 } else {
2912 RETURN_TRUE;
2913 }
2914 }
2915 /* }}} */
2916 #endif
2917 #endif /* (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP */
2918
2919 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
2920 /* {{{ _ldap_rebind_proc()
2921 */
_ldap_rebind_proc(LDAP * ldap,const char * url,ber_tag_t req,ber_int_t msgid,void * params)2922 int _ldap_rebind_proc(LDAP *ldap, const char *url, ber_tag_t req, ber_int_t msgid, void *params)
2923 {
2924 ldap_linkdata *ld;
2925 int retval;
2926 zval cb_args[2];
2927 zval cb_retval;
2928 zval *cb_link = (zval *) params;
2929
2930 ld = (ldap_linkdata *) zend_fetch_resource_ex(cb_link, "ldap link", le_link);
2931
2932 /* link exists and callback set? */
2933 if (ld == NULL || Z_ISUNDEF(ld->rebindproc)) {
2934 php_error_docref(NULL, E_WARNING, "Link not found or no callback set");
2935 return LDAP_OTHER;
2936 }
2937
2938 /* callback */
2939 ZVAL_COPY_VALUE(&cb_args[0], cb_link);
2940 ZVAL_STRING(&cb_args[1], url);
2941 if (call_user_function_ex(EG(function_table), NULL, &ld->rebindproc, &cb_retval, 2, cb_args, 0, NULL) == SUCCESS && !Z_ISUNDEF(cb_retval)) {
2942 convert_to_long_ex(&cb_retval);
2943 retval = Z_LVAL(cb_retval);
2944 zval_ptr_dtor(&cb_retval);
2945 } else {
2946 php_error_docref(NULL, E_WARNING, "rebind_proc PHP callback failed");
2947 retval = LDAP_OTHER;
2948 }
2949 zval_ptr_dtor(&cb_args[1]);
2950 return retval;
2951 }
2952 /* }}} */
2953
2954 /* {{{ proto bool ldap_set_rebind_proc(resource link, string callback)
2955 Set a callback function to do re-binds on referral chasing. */
PHP_FUNCTION(ldap_set_rebind_proc)2956 PHP_FUNCTION(ldap_set_rebind_proc)
2957 {
2958 zval *link, *callback;
2959 ldap_linkdata *ld;
2960
2961 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rz", &link, &callback) != SUCCESS) {
2962 RETURN_FALSE;
2963 }
2964
2965 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2966 RETURN_FALSE;
2967 }
2968
2969 if (Z_TYPE_P(callback) == IS_STRING && Z_STRLEN_P(callback) == 0) {
2970 /* unregister rebind procedure */
2971 if (!Z_ISUNDEF(ld->rebindproc)) {
2972 zval_ptr_dtor(&ld->rebindproc);
2973 ZVAL_UNDEF(&ld->rebindproc);
2974 ldap_set_rebind_proc(ld->link, NULL, NULL);
2975 }
2976 RETURN_TRUE;
2977 }
2978
2979 /* callable? */
2980 if (!zend_is_callable(callback, 0, NULL)) {
2981 zend_string *callback_name = zend_get_callable_name(callback);
2982 php_error_docref(NULL, E_WARNING, "Two arguments expected for '%s' to be a valid callback", ZSTR_VAL(callback_name));
2983 zend_string_release(callback_name);
2984 RETURN_FALSE;
2985 }
2986
2987 /* register rebind procedure */
2988 if (Z_ISUNDEF(ld->rebindproc)) {
2989 ldap_set_rebind_proc(ld->link, _ldap_rebind_proc, (void *) link);
2990 } else {
2991 zval_ptr_dtor(&ld->rebindproc);
2992 }
2993
2994 ZVAL_COPY(&ld->rebindproc, callback);
2995 RETURN_TRUE;
2996 }
2997 /* }}} */
2998 #endif
2999
php_ldap_do_escape(const zend_bool * map,const char * value,size_t valuelen,zend_long flags)3000 static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, size_t valuelen, zend_long flags)
3001 {
3002 char hex[] = "0123456789abcdef";
3003 size_t i, p = 0;
3004 size_t len = 0;
3005 zend_string *ret;
3006
3007 for (i = 0; i < valuelen; i++) {
3008 len += (map[(unsigned char) value[i]]) ? 3 : 1;
3009 }
3010 /* Per RFC 4514, a leading and trailing space must be escaped */
3011 if ((flags & PHP_LDAP_ESCAPE_DN) && (value[0] == ' ')) {
3012 len += 2;
3013 }
3014 if ((flags & PHP_LDAP_ESCAPE_DN) && ((valuelen > 1) && (value[valuelen - 1] == ' '))) {
3015 len += 2;
3016 }
3017
3018 ret = zend_string_alloc(len, 0);
3019
3020 for (i = 0; i < valuelen; i++) {
3021 unsigned char v = (unsigned char) value[i];
3022
3023 if (map[v] || ((flags & PHP_LDAP_ESCAPE_DN) && ((i == 0) || (i + 1 == valuelen)) && (v == ' '))) {
3024 ZSTR_VAL(ret)[p++] = '\\';
3025 ZSTR_VAL(ret)[p++] = hex[v >> 4];
3026 ZSTR_VAL(ret)[p++] = hex[v & 0x0f];
3027 } else {
3028 ZSTR_VAL(ret)[p++] = v;
3029 }
3030 }
3031
3032 ZSTR_VAL(ret)[p] = '\0';
3033 ZSTR_LEN(ret) = p;
3034 return ret;
3035 }
3036
php_ldap_escape_map_set_chars(zend_bool * map,const char * chars,const int charslen,char escape)3037 static void php_ldap_escape_map_set_chars(zend_bool *map, const char *chars, const int charslen, char escape)
3038 {
3039 int i = 0;
3040 while (i < charslen) {
3041 map[(unsigned char) chars[i++]] = escape;
3042 }
3043 }
3044
PHP_FUNCTION(ldap_escape)3045 PHP_FUNCTION(ldap_escape)
3046 {
3047 char *value, *ignores;
3048 size_t valuelen = 0, ignoreslen = 0;
3049 int i;
3050 zend_long flags = 0;
3051 zend_bool map[256] = {0}, havecharlist = 0;
3052
3053 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|sl", &value, &valuelen, &ignores, &ignoreslen, &flags) != SUCCESS) {
3054 return;
3055 }
3056
3057 if (!valuelen) {
3058 RETURN_EMPTY_STRING();
3059 }
3060
3061 if (flags & PHP_LDAP_ESCAPE_FILTER) {
3062 havecharlist = 1;
3063 php_ldap_escape_map_set_chars(map, "\\*()\0", sizeof("\\*()\0") - 1, 1);
3064 }
3065
3066 if (flags & PHP_LDAP_ESCAPE_DN) {
3067 havecharlist = 1;
3068 php_ldap_escape_map_set_chars(map, "\\,=+<>;\"#\r", sizeof("\\,=+<>;\"#\r") - 1, 1);
3069 }
3070
3071 if (!havecharlist) {
3072 for (i = 0; i < 256; i++) {
3073 map[i] = 1;
3074 }
3075 }
3076
3077 if (ignoreslen) {
3078 php_ldap_escape_map_set_chars(map, ignores, ignoreslen, 0);
3079 }
3080
3081 RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen, flags));
3082 }
3083
3084 #ifdef STR_TRANSLATION
3085 /* {{{ php_ldap_do_translate
3086 */
php_ldap_do_translate(INTERNAL_FUNCTION_PARAMETERS,int way)3087 static void php_ldap_do_translate(INTERNAL_FUNCTION_PARAMETERS, int way)
3088 {
3089 char *value;
3090 size_t value_len;
3091 int result;
3092
3093 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &value, &value_len) != SUCCESS) {
3094 return;
3095 }
3096
3097 if (value_len == 0) {
3098 RETURN_FALSE;
3099 }
3100
3101 if (way == 1) {
3102 result = ldap_8859_to_t61(&value, &value_len, 0);
3103 } else {
3104 result = ldap_t61_to_8859(&value, &value_len, 0);
3105 }
3106
3107 if (result == LDAP_SUCCESS) {
3108 RETVAL_STRINGL(value, value_len);
3109 free(value);
3110 } else {
3111 php_error_docref(NULL, E_WARNING, "Conversion from iso-8859-1 to t61 failed: %s", ldap_err2string(result));
3112 RETVAL_FALSE;
3113 }
3114 }
3115 /* }}} */
3116
3117 /* {{{ proto string ldap_t61_to_8859(string value)
3118 Translate t61 characters to 8859 characters */
PHP_FUNCTION(ldap_t61_to_8859)3119 PHP_FUNCTION(ldap_t61_to_8859)
3120 {
3121 php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);
3122 }
3123 /* }}} */
3124
3125 /* {{{ proto string ldap_8859_to_t61(string value)
3126 Translate 8859 characters to t61 characters */
PHP_FUNCTION(ldap_8859_to_t61)3127 PHP_FUNCTION(ldap_8859_to_t61)
3128 {
3129 php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 1);
3130 }
3131 /* }}} */
3132 #endif
3133
3134 #ifdef LDAP_CONTROL_PAGEDRESULTS
3135 /* {{{ proto mixed ldap_control_paged_result(resource link, int pagesize [, bool iscritical [, string cookie]])
3136 Inject paged results control*/
PHP_FUNCTION(ldap_control_paged_result)3137 PHP_FUNCTION(ldap_control_paged_result)
3138 {
3139 zend_long pagesize;
3140 zend_bool iscritical;
3141 zval *link;
3142 char *cookie = NULL;
3143 size_t cookie_len = 0;
3144 struct berval lcookie = { 0, NULL };
3145 ldap_linkdata *ld;
3146 LDAP *ldap;
3147 BerElement *ber = NULL;
3148 LDAPControl ctrl, *ctrlsp[2];
3149 int rc, myargcount = ZEND_NUM_ARGS();
3150
3151 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rl|bs", &link, &pagesize, &iscritical, &cookie, &cookie_len) != SUCCESS) {
3152 return;
3153 }
3154
3155 if (Z_TYPE_P(link) == IS_NULL) {
3156 ldap = NULL;
3157 } else {
3158 if ((ld = (ldap_linkdata *)zend_fetch_resource_ex(link, "ldap link", le_link)) == NULL) {
3159 RETURN_FALSE;
3160 }
3161 ldap = ld->link;
3162 }
3163
3164 ber = ber_alloc_t(LBER_USE_DER);
3165 if (ber == NULL) {
3166 php_error_docref(NULL, E_WARNING, "Unable to alloc BER encoding resources for paged results control");
3167 RETURN_FALSE;
3168 }
3169
3170 ctrl.ldctl_iscritical = 0;
3171
3172 switch (myargcount) {
3173 case 4:
3174 lcookie.bv_val = cookie;
3175 lcookie.bv_len = cookie_len;
3176 /* fallthru */
3177 case 3:
3178 ctrl.ldctl_iscritical = (int)iscritical;
3179 /* fallthru */
3180 }
3181
3182 if (ber_printf(ber, "{iO}", (int)pagesize, &lcookie) == LBER_ERROR) {
3183 php_error_docref(NULL, E_WARNING, "Unable to BER printf paged results control");
3184 RETVAL_FALSE;
3185 goto lcpr_error_out;
3186 }
3187 rc = ber_flatten2(ber, &ctrl.ldctl_value, 0);
3188 if (rc == LBER_ERROR) {
3189 php_error_docref(NULL, E_WARNING, "Unable to BER encode paged results control");
3190 RETVAL_FALSE;
3191 goto lcpr_error_out;
3192 }
3193
3194 ctrl.ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
3195
3196 if (ldap) {
3197 /* directly set the option */
3198 ctrlsp[0] = &ctrl;
3199 ctrlsp[1] = NULL;
3200
3201 rc = ldap_set_option(ldap, LDAP_OPT_SERVER_CONTROLS, ctrlsp);
3202 if (rc != LDAP_SUCCESS) {
3203 php_error_docref(NULL, E_WARNING, "Unable to set paged results control: %s (%d)", ldap_err2string(rc), rc);
3204 RETVAL_FALSE;
3205 goto lcpr_error_out;
3206 }
3207 RETVAL_TRUE;
3208 } else {
3209 /* return a PHP control object */
3210 array_init(return_value);
3211
3212 add_assoc_string(return_value, "oid", ctrl.ldctl_oid);
3213 if (ctrl.ldctl_value.bv_len) {
3214 add_assoc_stringl(return_value, "value", ctrl.ldctl_value.bv_val, ctrl.ldctl_value.bv_len);
3215 }
3216 if (ctrl.ldctl_iscritical) {
3217 add_assoc_bool(return_value, "iscritical", ctrl.ldctl_iscritical);
3218 }
3219 }
3220
3221 lcpr_error_out:
3222 if (ber != NULL) {
3223 ber_free(ber, 1);
3224 }
3225 return;
3226 }
3227 /* }}} */
3228
3229 /* {{{ proto bool ldap_control_paged_result_response(resource link, resource result [, string &cookie [, int &estimated]])
3230 Extract paged results control response */
PHP_FUNCTION(ldap_control_paged_result_response)3231 PHP_FUNCTION(ldap_control_paged_result_response)
3232 {
3233 zval *link, *result, *cookie, *estimated;
3234 struct berval lcookie;
3235 int lestimated;
3236 ldap_linkdata *ld;
3237 LDAPMessage *ldap_result;
3238 LDAPControl **lserverctrls, *lctrl;
3239 BerElement *ber;
3240 ber_tag_t tag;
3241 int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
3242
3243 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|z/z/", &link, &result, &cookie, &estimated) != SUCCESS) {
3244 return;
3245 }
3246
3247 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
3248 RETURN_FALSE;
3249 }
3250
3251 if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
3252 RETURN_FALSE;
3253 }
3254
3255 rc = ldap_parse_result(ld->link,
3256 ldap_result,
3257 &lerrcode,
3258 NULL, /* matcheddn */
3259 NULL, /* errmsg */
3260 NULL, /* referrals */
3261 &lserverctrls,
3262 0);
3263
3264 if (rc != LDAP_SUCCESS) {
3265 php_error_docref(NULL, E_WARNING, "Unable to parse result: %s (%d)", ldap_err2string(rc), rc);
3266 RETURN_FALSE;
3267 }
3268
3269 if (lerrcode != LDAP_SUCCESS) {
3270 php_error_docref(NULL, E_WARNING, "Result is: %s (%d)", ldap_err2string(lerrcode), lerrcode);
3271 RETURN_FALSE;
3272 }
3273
3274 if (lserverctrls == NULL) {
3275 php_error_docref(NULL, E_WARNING, "No server controls in result");
3276 RETURN_FALSE;
3277 }
3278
3279 lctrl = ldap_control_find(LDAP_CONTROL_PAGEDRESULTS, lserverctrls, NULL);
3280 if (lctrl == NULL) {
3281 ldap_controls_free(lserverctrls);
3282 php_error_docref(NULL, E_WARNING, "No paged results control response in result");
3283 RETURN_FALSE;
3284 }
3285
3286 ber = ber_init(&lctrl->ldctl_value);
3287 if (ber == NULL) {
3288 ldap_controls_free(lserverctrls);
3289 php_error_docref(NULL, E_WARNING, "Unable to alloc BER decoding resources for paged results control response");
3290 RETURN_FALSE;
3291 }
3292
3293 tag = ber_scanf(ber, "{io}", &lestimated, &lcookie);
3294 (void)ber_free(ber, 1);
3295
3296 if (tag == LBER_ERROR) {
3297 ldap_controls_free(lserverctrls);
3298 php_error_docref(NULL, E_WARNING, "Unable to decode paged results control response");
3299 RETURN_FALSE;
3300 }
3301
3302 if (lestimated < 0) {
3303 ldap_controls_free(lserverctrls);
3304 php_error_docref(NULL, E_WARNING, "Invalid paged results control response value");
3305 RETURN_FALSE;
3306 }
3307
3308 ldap_controls_free(lserverctrls);
3309 if (myargcount == 4) {
3310 zval_dtor(estimated);
3311 ZVAL_LONG(estimated, lestimated);
3312 }
3313
3314 zval_ptr_dtor(cookie);
3315 if (lcookie.bv_len == 0) {
3316 ZVAL_EMPTY_STRING(cookie);
3317 } else {
3318 ZVAL_STRINGL(cookie, lcookie.bv_val, lcookie.bv_len);
3319 }
3320 ldap_memfree(lcookie.bv_val);
3321
3322 RETURN_TRUE;
3323 }
3324 /* }}} */
3325 #endif
3326
3327 /* {{{ Extended operations, Pierangelo Masarati */
3328 #ifdef HAVE_LDAP_EXTENDED_OPERATION_S
3329 /* {{{ proto resource ldap_exop(resource link, string reqoid [, string reqdata [, array servercontrols [, string &retdata [, string &retoid]]]])
3330 Extended operation */
PHP_FUNCTION(ldap_exop)3331 PHP_FUNCTION(ldap_exop)
3332 {
3333 zval *servercontrols;
3334 zval *link, *reqoid, *reqdata, *retdata, *retoid;
3335 char *lreqoid, *lretoid = NULL;
3336 struct berval lreqdata, *lretdata = NULL;
3337 ldap_linkdata *ld;
3338 LDAPMessage *ldap_res;
3339 int rc, msgid, myargcount = ZEND_NUM_ARGS();
3340 /* int reqoid_len, reqdata_len, retdata_len, retoid_len, retdat_len; */
3341
3342 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rz|zzz/z/", &link, &reqoid, &reqdata, &servercontrols, &retdata, &retoid) != SUCCESS) {
3343 WRONG_PARAM_COUNT;
3344 }
3345
3346 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
3347 RETURN_FALSE;
3348 }
3349
3350 switch (myargcount) {
3351 case 6:
3352 case 5:
3353 case 4:
3354 case 3:
3355 convert_to_string_ex(reqdata);
3356 lreqdata.bv_val = Z_STRVAL_P(reqdata);
3357 lreqdata.bv_len = Z_STRLEN_P(reqdata);
3358 /* fallthru */
3359 case 2:
3360 convert_to_string_ex(reqoid);
3361 lreqoid = Z_STRVAL_P(reqoid);
3362 }
3363
3364 if (myargcount > 4) {
3365 /* synchronous call */
3366 rc = ldap_extended_operation_s(ld->link, lreqoid,
3367 lreqdata.bv_len > 0 ? &lreqdata: NULL,
3368 NULL,
3369 NULL,
3370 myargcount > 5 ? &lretoid : NULL,
3371 &lretdata );
3372 if (rc != LDAP_SUCCESS ) {
3373 php_error_docref(NULL, E_WARNING, "Extended operation %s failed: %s (%d)", lreqoid, ldap_err2string(rc), rc);
3374 RETURN_FALSE;
3375 }
3376
3377 /* Reverse -> fall through */
3378 switch (myargcount) {
3379 case 6:
3380 zval_dtor(retoid);
3381 if (lretoid == NULL) {
3382 ZVAL_EMPTY_STRING(retoid);
3383 } else {
3384 ZVAL_STRING(retoid, lretoid);
3385 ldap_memfree(lretoid);
3386 }
3387 case 5:
3388 /* use arg #5 as the data returned by the server */
3389 zval_dtor(retdata);
3390 if (lretdata == NULL) {
3391 ZVAL_EMPTY_STRING(retdata);
3392 } else {
3393 ZVAL_STRINGL(retdata, lretdata->bv_val, lretdata->bv_len);
3394 ldap_memfree(lretdata->bv_val);
3395 ldap_memfree(lretdata);
3396 }
3397 }
3398
3399 RETURN_TRUE;
3400 }
3401
3402 /* asynchronous call */
3403 rc = ldap_extended_operation(ld->link, lreqoid,
3404 lreqdata.bv_len > 0 ? &lreqdata: NULL,
3405 NULL, NULL, &msgid);
3406 if (rc != LDAP_SUCCESS ) {
3407 php_error_docref(NULL, E_WARNING, "Extended operation %s failed: %s (%d)", lreqoid, ldap_err2string(rc), rc);
3408 RETURN_FALSE;
3409 }
3410
3411 rc = ldap_result(ld->link, msgid, 1 /* LDAP_MSG_ALL */, NULL, &ldap_res);
3412 if (rc == -1) {
3413 php_error_docref(NULL, E_WARNING, "Extended operation %s failed", lreqoid);
3414 RETURN_FALSE;
3415 }
3416
3417 /* return a PHP control object */
3418 RETVAL_RES(zend_register_resource(ldap_res, le_result));
3419 }
3420 /* }}} */
3421 #endif
3422
3423 #ifdef HAVE_LDAP_PASSWD_S
3424 /* {{{ proto bool|string ldap_exop_passwd(resource link [, string user [, string oldpw [, string newpw ]]])
3425 Passwd modify extended operation */
PHP_FUNCTION(ldap_exop_passwd)3426 PHP_FUNCTION(ldap_exop_passwd)
3427 {
3428 zval *link, *user, *newpw, *oldpw;
3429 struct berval luser, loldpw, lnewpw, lgenpasswd;
3430 ldap_linkdata *ld;
3431 int rc, myargcount = ZEND_NUM_ARGS();
3432
3433 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r|zzz", &link, &user, &oldpw, &newpw) == FAILURE) {
3434 WRONG_PARAM_COUNT;
3435 }
3436
3437 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
3438 RETURN_FALSE;
3439 }
3440
3441 luser.bv_len = 0;
3442 loldpw.bv_len = 0;
3443 lnewpw.bv_len = 0;
3444
3445 switch (myargcount) {
3446 case 4:
3447 convert_to_string_ex(newpw);
3448 lnewpw.bv_val = Z_STRVAL_P(newpw);
3449 lnewpw.bv_len = Z_STRLEN_P(newpw);
3450
3451 case 3:
3452 convert_to_string_ex(oldpw);
3453 loldpw.bv_val = Z_STRVAL_P(oldpw);
3454 loldpw.bv_len = Z_STRLEN_P(oldpw);
3455
3456 case 2:
3457 convert_to_string_ex(user);
3458 luser.bv_val = Z_STRVAL_P(user);
3459 luser.bv_len = Z_STRLEN_P(user);
3460 }
3461
3462 /* synchronous call */
3463 rc = ldap_passwd_s(ld->link, &luser,
3464 loldpw.bv_len > 0 ? &loldpw : NULL,
3465 lnewpw.bv_len > 0 ? &lnewpw : NULL,
3466 &lgenpasswd, NULL, NULL);
3467 if (rc != LDAP_SUCCESS ) {
3468 php_error_docref(NULL, E_WARNING, "Passwd modify extended operation failed: %s (%d)", ldap_err2string(rc), rc);
3469 RETURN_FALSE;
3470 }
3471
3472 if (lnewpw.bv_len == 0) {
3473 if (lgenpasswd.bv_len == 0) {
3474 RETVAL_EMPTY_STRING();
3475 } else {
3476 RETVAL_STRINGL(lgenpasswd.bv_val, lgenpasswd.bv_len);
3477 }
3478 } else {
3479 RETURN_TRUE;
3480 }
3481
3482 ldap_memfree(lgenpasswd.bv_val);
3483 }
3484 /* }}} */
3485 #endif
3486
3487 #ifdef HAVE_LDAP_WHOAMI_S
3488 /* {{{ proto bool|string ldap_exop_whoami(resource link)
3489 Whoami extended operation */
PHP_FUNCTION(ldap_exop_whoami)3490 PHP_FUNCTION(ldap_exop_whoami)
3491 {
3492 zval *link;
3493 struct berval *lauthzid;
3494 ldap_linkdata *ld;
3495 int rc, myargcount = ZEND_NUM_ARGS();
3496
3497 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) == FAILURE) {
3498 WRONG_PARAM_COUNT;
3499 }
3500
3501 if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
3502 RETURN_FALSE;
3503 }
3504
3505 /* synchronous call */
3506 rc = ldap_whoami_s(ld->link, &lauthzid, NULL, NULL);
3507 if (rc != LDAP_SUCCESS ) {
3508 php_error_docref(NULL, E_WARNING, "Whoami extended operation failed: %s (%d)", ldap_err2string(rc), rc);
3509 RETURN_FALSE;
3510 }
3511
3512 if (lauthzid == NULL) {
3513 RETVAL_EMPTY_STRING();
3514 } else {
3515 RETVAL_STRINGL(lauthzid->bv_val, lauthzid->bv_len);
3516 ldap_memfree(lauthzid->bv_val);
3517 ldap_memfree(lauthzid);
3518 }
3519 }
3520 /* }}} */
3521 #endif
3522 /* }}} */
3523
3524 /* }}} */
3525
3526 /* {{{ arginfo */
3527 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_connect, 0, 0, 0)
3528 ZEND_ARG_INFO(0, hostname)
3529 ZEND_ARG_INFO(0, port)
3530 #ifdef HAVE_ORALDAP
3531 ZEND_ARG_INFO(0, wallet)
3532 ZEND_ARG_INFO(0, wallet_passwd)
3533 ZEND_ARG_INFO(0, authmode)
3534 #endif
3535 ZEND_END_ARG_INFO()
3536
3537 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_resource, 0, 0, 1)
3538 ZEND_ARG_INFO(0, link_identifier)
3539 ZEND_END_ARG_INFO()
3540
3541 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_bind, 0, 0, 1)
3542 ZEND_ARG_INFO(0, link_identifier)
3543 ZEND_ARG_INFO(0, bind_rdn)
3544 ZEND_ARG_INFO(0, bind_password)
3545 ZEND_END_ARG_INFO()
3546
3547 #ifdef HAVE_LDAP_SASL
3548 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sasl_bind, 0, 0, 1)
3549 ZEND_ARG_INFO(0, link)
3550 ZEND_ARG_INFO(0, binddn)
3551 ZEND_ARG_INFO(0, password)
3552 ZEND_ARG_INFO(0, sasl_mech)
3553 ZEND_ARG_INFO(0, sasl_realm)
3554 ZEND_ARG_INFO(0, sasl_authz_id)
3555 ZEND_ARG_INFO(0, props)
3556 ZEND_END_ARG_INFO()
3557 #endif
3558
3559 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_read, 0, 0, 3)
3560 ZEND_ARG_INFO(0, link_identifier)
3561 ZEND_ARG_INFO(0, base_dn)
3562 ZEND_ARG_INFO(0, filter)
3563 ZEND_ARG_INFO(0, attributes)
3564 ZEND_ARG_INFO(0, attrsonly)
3565 ZEND_ARG_INFO(0, sizelimit)
3566 ZEND_ARG_INFO(0, timelimit)
3567 ZEND_ARG_INFO(0, deref)
3568 ZEND_END_ARG_INFO()
3569
3570 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_list, 0, 0, 3)
3571 ZEND_ARG_INFO(0, link_identifier)
3572 ZEND_ARG_INFO(0, base_dn)
3573 ZEND_ARG_INFO(0, filter)
3574 ZEND_ARG_INFO(0, attributes)
3575 ZEND_ARG_INFO(0, attrsonly)
3576 ZEND_ARG_INFO(0, sizelimit)
3577 ZEND_ARG_INFO(0, timelimit)
3578 ZEND_ARG_INFO(0, deref)
3579 ZEND_END_ARG_INFO()
3580
3581 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_search, 0, 0, 3)
3582 ZEND_ARG_INFO(0, link_identifier)
3583 ZEND_ARG_INFO(0, base_dn)
3584 ZEND_ARG_INFO(0, filter)
3585 ZEND_ARG_INFO(0, attributes)
3586 ZEND_ARG_INFO(0, attrsonly)
3587 ZEND_ARG_INFO(0, sizelimit)
3588 ZEND_ARG_INFO(0, timelimit)
3589 ZEND_ARG_INFO(0, deref)
3590 ZEND_END_ARG_INFO()
3591
3592 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_count_entries, 0, 0, 2)
3593 ZEND_ARG_INFO(0, link_identifier)
3594 ZEND_ARG_INFO(0, result_identifier)
3595 ZEND_END_ARG_INFO()
3596
3597 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_entry, 0, 0, 2)
3598 ZEND_ARG_INFO(0, link_identifier)
3599 ZEND_ARG_INFO(0, result_identifier)
3600 ZEND_END_ARG_INFO()
3601
3602 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_entry, 0, 0, 2)
3603 ZEND_ARG_INFO(0, link_identifier)
3604 ZEND_ARG_INFO(0, result_identifier)
3605 ZEND_END_ARG_INFO()
3606
3607 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_entries, 0, 0, 2)
3608 ZEND_ARG_INFO(0, link_identifier)
3609 ZEND_ARG_INFO(0, result_identifier)
3610 ZEND_END_ARG_INFO()
3611
3612 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_attribute, 0, 0, 2)
3613 ZEND_ARG_INFO(0, link_identifier)
3614 ZEND_ARG_INFO(0, result_entry_identifier)
3615 ZEND_END_ARG_INFO()
3616
3617 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_attribute, 0, 0, 2)
3618 ZEND_ARG_INFO(0, link_identifier)
3619 ZEND_ARG_INFO(0, result_entry_identifier)
3620 ZEND_END_ARG_INFO()
3621
3622 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_attributes, 0, 0, 2)
3623 ZEND_ARG_INFO(0, link_identifier)
3624 ZEND_ARG_INFO(0, result_entry_identifier)
3625 ZEND_END_ARG_INFO()
3626
3627 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values, 0, 0, 3)
3628 ZEND_ARG_INFO(0, link_identifier)
3629 ZEND_ARG_INFO(0, result_entry_identifier)
3630 ZEND_ARG_INFO(0, attribute)
3631 ZEND_END_ARG_INFO()
3632
3633 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values_len, 0, 0, 3)
3634 ZEND_ARG_INFO(0, link_identifier)
3635 ZEND_ARG_INFO(0, result_entry_identifier)
3636 ZEND_ARG_INFO(0, attribute)
3637 ZEND_END_ARG_INFO()
3638
3639 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_dn, 0, 0, 2)
3640 ZEND_ARG_INFO(0, link_identifier)
3641 ZEND_ARG_INFO(0, result_entry_identifier)
3642 ZEND_END_ARG_INFO()
3643
3644 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_explode_dn, 0, 0, 2)
3645 ZEND_ARG_INFO(0, dn)
3646 ZEND_ARG_INFO(0, with_attrib)
3647 ZEND_END_ARG_INFO()
3648
3649 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_dn2ufn, 0, 0, 1)
3650 ZEND_ARG_INFO(0, dn)
3651 ZEND_END_ARG_INFO()
3652
3653 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_add, 0, 0, 3)
3654 ZEND_ARG_INFO(0, link_identifier)
3655 ZEND_ARG_INFO(0, dn)
3656 ZEND_ARG_INFO(0, entry)
3657 ZEND_END_ARG_INFO()
3658
3659 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_delete, 0, 0, 2)
3660 ZEND_ARG_INFO(0, link_identifier)
3661 ZEND_ARG_INFO(0, dn)
3662 ZEND_END_ARG_INFO()
3663
3664 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify, 0, 0, 3)
3665 ZEND_ARG_INFO(0, link_identifier)
3666 ZEND_ARG_INFO(0, dn)
3667 ZEND_ARG_INFO(0, entry)
3668 ZEND_END_ARG_INFO()
3669
3670 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify_batch, 0, 0, 3)
3671 ZEND_ARG_INFO(0, link_identifier)
3672 ZEND_ARG_INFO(0, dn)
3673 ZEND_ARG_ARRAY_INFO(0, modifications_info, 0)
3674 ZEND_END_ARG_INFO()
3675
3676 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_add, 0, 0, 3)
3677 ZEND_ARG_INFO(0, link_identifier)
3678 ZEND_ARG_INFO(0, dn)
3679 ZEND_ARG_INFO(0, entry)
3680 ZEND_END_ARG_INFO()
3681
3682 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_replace, 0, 0, 3)
3683 ZEND_ARG_INFO(0, link_identifier)
3684 ZEND_ARG_INFO(0, dn)
3685 ZEND_ARG_INFO(0, entry)
3686 ZEND_END_ARG_INFO()
3687
3688 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_del, 0, 0, 3)
3689 ZEND_ARG_INFO(0, link_identifier)
3690 ZEND_ARG_INFO(0, dn)
3691 ZEND_ARG_INFO(0, entry)
3692 ZEND_END_ARG_INFO()
3693
3694 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_err2str, 0, 0, 1)
3695 ZEND_ARG_INFO(0, errno)
3696 ZEND_END_ARG_INFO()
3697
3698 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_compare, 0, 0, 4)
3699 ZEND_ARG_INFO(0, link_identifier)
3700 ZEND_ARG_INFO(0, dn)
3701 ZEND_ARG_INFO(0, attribute)
3702 ZEND_ARG_INFO(0, value)
3703 ZEND_END_ARG_INFO()
3704
3705 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sort, 0, 0, 3)
3706 ZEND_ARG_INFO(0, link)
3707 ZEND_ARG_INFO(0, result)
3708 ZEND_ARG_INFO(0, sortfilter)
3709 ZEND_END_ARG_INFO()
3710
3711 #ifdef LDAP_CONTROL_PAGEDRESULTS
3712 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result, 0, 0, 2)
3713 ZEND_ARG_INFO(0, link)
3714 ZEND_ARG_INFO(0, pagesize)
3715 ZEND_ARG_INFO(0, iscritical)
3716 ZEND_ARG_INFO(0, cookie)
3717 ZEND_END_ARG_INFO();
3718
3719 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result_response, 0, 0, 2)
3720 ZEND_ARG_INFO(0, link)
3721 ZEND_ARG_INFO(0, result)
3722 ZEND_ARG_INFO(1, cookie)
3723 ZEND_ARG_INFO(1, estimated)
3724 ZEND_END_ARG_INFO();
3725 #endif
3726
3727 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
3728 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_rename, 0, 0, 5)
3729 ZEND_ARG_INFO(0, link_identifier)
3730 ZEND_ARG_INFO(0, dn)
3731 ZEND_ARG_INFO(0, newrdn)
3732 ZEND_ARG_INFO(0, newparent)
3733 ZEND_ARG_INFO(0, deleteoldrdn)
3734 ZEND_END_ARG_INFO()
3735
3736 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_option, 0, 0, 3)
3737 ZEND_ARG_INFO(0, link_identifier)
3738 ZEND_ARG_INFO(0, option)
3739 ZEND_ARG_INFO(1, retval)
3740 ZEND_END_ARG_INFO()
3741
3742 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_option, 0, 0, 3)
3743 ZEND_ARG_INFO(0, link_identifier)
3744 ZEND_ARG_INFO(0, option)
3745 ZEND_ARG_INFO(0, newval)
3746 ZEND_END_ARG_INFO()
3747
3748 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_reference, 0, 0, 2)
3749 ZEND_ARG_INFO(0, link)
3750 ZEND_ARG_INFO(0, result)
3751 ZEND_END_ARG_INFO()
3752
3753 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_reference, 0, 0, 2)
3754 ZEND_ARG_INFO(0, link)
3755 ZEND_ARG_INFO(0, entry)
3756 ZEND_END_ARG_INFO()
3757
3758 #ifdef HAVE_LDAP_PARSE_REFERENCE
3759 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_reference, 0, 0, 3)
3760 ZEND_ARG_INFO(0, link)
3761 ZEND_ARG_INFO(0, entry)
3762 ZEND_ARG_INFO(1, referrals)
3763 ZEND_END_ARG_INFO()
3764 #endif
3765
3766
3767 #ifdef HAVE_LDAP_PARSE_RESULT
3768 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_result, 0, 0, 3)
3769 ZEND_ARG_INFO(0, link)
3770 ZEND_ARG_INFO(0, result)
3771 ZEND_ARG_INFO(1, errcode)
3772 ZEND_ARG_INFO(1, matcheddn)
3773 ZEND_ARG_INFO(1, errmsg)
3774 ZEND_ARG_INFO(1, referrals)
3775 ZEND_END_ARG_INFO()
3776 #endif
3777 #endif
3778
3779 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
3780 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_rebind_proc, 0, 0, 2)
3781 ZEND_ARG_INFO(0, link)
3782 ZEND_ARG_INFO(0, callback)
3783 ZEND_END_ARG_INFO()
3784 #endif
3785
3786 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_escape, 0, 0, 1)
3787 ZEND_ARG_INFO(0, value)
3788 ZEND_ARG_INFO(0, ignore)
3789 ZEND_ARG_INFO(0, flags)
3790 ZEND_END_ARG_INFO()
3791
3792 #ifdef STR_TRANSLATION
3793 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_t61_to_8859, 0, 0, 1)
3794 ZEND_ARG_INFO(0, value)
3795 ZEND_END_ARG_INFO()
3796
3797 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_8859_to_t61, 0, 0, 1)
3798 ZEND_ARG_INFO(0, value)
3799 ZEND_END_ARG_INFO()
3800 #endif
3801
3802 #ifdef HAVE_LDAP_EXTENDED_OPERATION_S
3803 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_exop, 0, 0, 2)
3804 ZEND_ARG_INFO(0, link)
3805 ZEND_ARG_INFO(0, reqoid)
3806 ZEND_ARG_INFO(0, reqdata)
3807 ZEND_ARG_INFO(0, servercontrols)
3808 ZEND_ARG_INFO(1, retdata)
3809 ZEND_ARG_INFO(1, retoid)
3810 ZEND_END_ARG_INFO()
3811 #endif
3812
3813 #ifdef HAVE_LDAP_PASSWD_S
3814 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_exop_passwd, 0, 0, 4)
3815 ZEND_ARG_INFO(0, link)
3816 ZEND_ARG_INFO(0, user)
3817 ZEND_ARG_INFO(0, oldpw)
3818 ZEND_ARG_INFO(0, newpw)
3819 ZEND_END_ARG_INFO()
3820 #endif
3821
3822 #ifdef HAVE_LDAP_WHOAMI_S
3823 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_exop_whoami, 0, 0, 1)
3824 ZEND_ARG_INFO(0, link)
3825 ZEND_END_ARG_INFO()
3826 #endif
3827
3828 #ifdef HAVE_LDAP_PARSE_EXTENDED_RESULT
3829 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_exop, 0, 0, 4)
3830 ZEND_ARG_INFO(0, link)
3831 ZEND_ARG_INFO(0, result)
3832 ZEND_ARG_INFO(1, retdata)
3833 ZEND_ARG_INFO(1, retoid)
3834 ZEND_END_ARG_INFO()
3835 #endif
3836 /* }}} */
3837
3838 /*
3839 This is just a small subset of the functionality provided by the LDAP library. All the
3840 operations are synchronous. Referrals are not handled automatically.
3841 */
3842 /* {{{ ldap_functions[]
3843 */
3844 const zend_function_entry ldap_functions[] = {
3845 PHP_FE(ldap_connect, arginfo_ldap_connect)
3846 PHP_FALIAS(ldap_close, ldap_unbind, arginfo_ldap_resource)
3847 PHP_FE(ldap_bind, arginfo_ldap_bind)
3848 #ifdef HAVE_LDAP_SASL
3849 PHP_FE(ldap_sasl_bind, arginfo_ldap_sasl_bind)
3850 #endif
3851 PHP_FE(ldap_unbind, arginfo_ldap_resource)
3852 PHP_FE(ldap_read, arginfo_ldap_read)
3853 PHP_FE(ldap_list, arginfo_ldap_list)
3854 PHP_FE(ldap_search, arginfo_ldap_search)
3855 PHP_FE(ldap_free_result, arginfo_ldap_resource)
3856 PHP_FE(ldap_count_entries, arginfo_ldap_count_entries)
3857 PHP_FE(ldap_first_entry, arginfo_ldap_first_entry)
3858 PHP_FE(ldap_next_entry, arginfo_ldap_next_entry)
3859 PHP_FE(ldap_get_entries, arginfo_ldap_get_entries)
3860 PHP_FE(ldap_first_attribute, arginfo_ldap_first_attribute)
3861 PHP_FE(ldap_next_attribute, arginfo_ldap_next_attribute)
3862 PHP_FE(ldap_get_attributes, arginfo_ldap_get_attributes)
3863 PHP_FALIAS(ldap_get_values, ldap_get_values_len, arginfo_ldap_get_values)
3864 PHP_FE(ldap_get_values_len, arginfo_ldap_get_values_len)
3865 PHP_FE(ldap_get_dn, arginfo_ldap_get_dn)
3866 PHP_FE(ldap_explode_dn, arginfo_ldap_explode_dn)
3867 PHP_FE(ldap_dn2ufn, arginfo_ldap_dn2ufn)
3868 PHP_FE(ldap_add, arginfo_ldap_add)
3869 PHP_FE(ldap_delete, arginfo_ldap_delete)
3870 PHP_FE(ldap_modify_batch, arginfo_ldap_modify_batch)
3871 PHP_FALIAS(ldap_modify, ldap_mod_replace, arginfo_ldap_modify)
3872
3873 /* additional functions for attribute based modifications, Gerrit Thomson */
3874 PHP_FE(ldap_mod_add, arginfo_ldap_mod_add)
3875 PHP_FE(ldap_mod_replace, arginfo_ldap_mod_replace)
3876 PHP_FE(ldap_mod_del, arginfo_ldap_mod_del)
3877 /* end gjt mod */
3878
3879 PHP_FE(ldap_errno, arginfo_ldap_resource)
3880 PHP_FE(ldap_err2str, arginfo_ldap_err2str)
3881 PHP_FE(ldap_error, arginfo_ldap_resource)
3882 PHP_FE(ldap_compare, arginfo_ldap_compare)
3883 PHP_DEP_FE(ldap_sort, arginfo_ldap_sort)
3884
3885 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
3886 PHP_FE(ldap_rename, arginfo_ldap_rename)
3887 PHP_FE(ldap_get_option, arginfo_ldap_get_option)
3888 PHP_FE(ldap_set_option, arginfo_ldap_set_option)
3889 PHP_FE(ldap_first_reference, arginfo_ldap_first_reference)
3890 PHP_FE(ldap_next_reference, arginfo_ldap_next_reference)
3891 #ifdef HAVE_LDAP_PARSE_REFERENCE
3892 PHP_FE(ldap_parse_reference, arginfo_ldap_parse_reference)
3893 #endif
3894 #ifdef HAVE_LDAP_PARSE_RESULT
3895 PHP_FE(ldap_parse_result, arginfo_ldap_parse_result)
3896 #endif
3897 #ifdef HAVE_LDAP_START_TLS_S
3898 PHP_FE(ldap_start_tls, arginfo_ldap_resource)
3899 #endif
3900 #ifdef HAVE_LDAP_EXTENDED_OPERATION_S
3901 PHP_FE(ldap_exop, arginfo_ldap_exop)
3902 #endif
3903 #ifdef HAVE_LDAP_PASSWD_S
3904 PHP_FE(ldap_exop_passwd, arginfo_ldap_exop_passwd)
3905 #endif
3906 #ifdef HAVE_LDAP_WHOAMI_S
3907 PHP_FE(ldap_exop_whoami, arginfo_ldap_exop_whoami)
3908 #endif
3909 #ifdef HAVE_LDAP_PARSE_EXTENDED_RESULT
3910 PHP_FE(ldap_parse_exop, arginfo_ldap_parse_exop)
3911 #endif
3912 #endif
3913
3914 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
3915 PHP_FE(ldap_set_rebind_proc, arginfo_ldap_set_rebind_proc)
3916 #endif
3917
3918 PHP_FE(ldap_escape, arginfo_ldap_escape)
3919
3920 #ifdef STR_TRANSLATION
3921 PHP_FE(ldap_t61_to_8859, arginfo_ldap_t61_to_8859)
3922 PHP_FE(ldap_8859_to_t61, arginfo_ldap_8859_to_t61)
3923 #endif
3924
3925 #ifdef LDAP_CONTROL_PAGEDRESULTS
3926 PHP_FE(ldap_control_paged_result, arginfo_ldap_control_paged_result)
3927 PHP_FE(ldap_control_paged_result_response, arginfo_ldap_control_paged_result_response)
3928 #endif
3929 PHP_FE_END
3930 };
3931 /* }}} */
3932
3933 zend_module_entry ldap_module_entry = { /* {{{ */
3934 STANDARD_MODULE_HEADER,
3935 "ldap",
3936 ldap_functions,
3937 PHP_MINIT(ldap),
3938 PHP_MSHUTDOWN(ldap),
3939 NULL,
3940 NULL,
3941 PHP_MINFO(ldap),
3942 PHP_LDAP_VERSION,
3943 PHP_MODULE_GLOBALS(ldap),
3944 PHP_GINIT(ldap),
3945 NULL,
3946 NULL,
3947 STANDARD_MODULE_PROPERTIES_EX
3948 };
3949 /* }}} */
3950
3951 /*
3952 * Local variables:
3953 * tab-width: 4
3954 * c-basic-offset: 4
3955 * End:
3956 * vim600: sw=4 ts=4 fdm=marker
3957 * vim<600: sw=4 ts=4
3958 */
3959
