xref: /PHP-5.5/ext/ldap/ldap.c (revision 73c1be26)
1 /*
2    +----------------------------------------------------------------------+
3    | PHP Version 5                                                        |
4    +----------------------------------------------------------------------+
5    | Copyright (c) 1997-2015 The PHP Group                                |
6    +----------------------------------------------------------------------+
7    | This source file is subject to version 3.01 of the PHP license,      |
8    | that is bundled with this package in the file LICENSE, and is        |
9    | available through the world-wide-web at the following url:           |
10    | http://www.php.net/license/3_01.txt                                  |
11    | If you did not receive a copy of the PHP license and are unable to   |
12    | obtain it through the world-wide-web, please send a note to          |
13    | license@php.net so we can mail you a copy immediately.               |
14    +----------------------------------------------------------------------+
15    | Authors: Amitay Isaacs  <amitay@w-o-i.com>                           |
16    |          Eric Warnke    <ericw@albany.edu>                           |
17    |          Rasmus Lerdorf <rasmus@php.net>                             |
18    |          Gerrit Thomson <334647@swin.edu.au>                         |
19    |          Jani Taskinen  <sniper@iki.fi>                              |
20    |          Stig Venaas    <venaas@uninett.no>                          |
21    |          Doug Goldstein <cardoe@cardoe.com>                          |
22    | PHP 4.0 updates:  Zeev Suraski <zeev@zend.com>                       |
23    +----------------------------------------------------------------------+
24  */
25 
26 /* $Id: 4db15e5bb92af06390fd31ab784837ab21a3d2ce $ */
27 #define IS_EXT_MODULE
28 
29 #ifdef HAVE_CONFIG_H
30 #include "config.h"
31 #endif
32 
33 /* Additional headers for NetWare */
34 #if defined(NETWARE) && (NEW_LIBC)
35 #include <sys/select.h>
36 #include <sys/timeval.h>
37 #endif
38 
39 #include "php.h"
40 #include "php_ini.h"
41 
42 #include <stddef.h>
43 
44 #include "ext/standard/dl.h"
45 #include "php_ldap.h"
46 
47 #ifdef PHP_WIN32
48 #include <string.h>
49 #include "config.w32.h"
50 #if HAVE_NSLDAP
51 #include <winsock2.h>
52 #endif
53 #define strdup _strdup
54 #undef WINDOWS
55 #undef strcasecmp
56 #undef strncasecmp
57 #define WINSOCK 1
58 #define __STDC__ 1
59 #endif
60 
61 #include "ext/standard/php_string.h"
62 #include "ext/standard/info.h"
63 
64 #ifdef HAVE_LDAP_SASL_H
65 #include <sasl.h>
66 #elif defined(HAVE_LDAP_SASL_SASL_H)
67 #include <sasl/sasl.h>
68 #endif
69 
70 typedef struct {
71 	LDAP *link;
72 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
73 	zval *rebindproc;
74 #endif
75 } ldap_linkdata;
76 
77 typedef struct {
78 	LDAPMessage *data;
79 	BerElement *ber;
80 	int id;
81 } ldap_resultentry;
82 
83 ZEND_DECLARE_MODULE_GLOBALS(ldap)
84 static PHP_GINIT_FUNCTION(ldap);
85 
86 static int le_link, le_result, le_result_entry;
87 
88 #ifdef COMPILE_DL_LDAP
ZEND_GET_MODULE(ldap)89 ZEND_GET_MODULE(ldap)
90 #endif
91 
92 static void _close_ldap_link(zend_rsrc_list_entry *rsrc TSRMLS_DC) /* {{{ */
93 {
94 	ldap_linkdata *ld = (ldap_linkdata *)rsrc->ptr;
95 
96 	ldap_unbind_s(ld->link);
97 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
98 	if (ld->rebindproc != NULL) {
99 		zval_dtor(ld->rebindproc);
100 		FREE_ZVAL(ld->rebindproc);
101 	}
102 #endif
103 	efree(ld);
104 	LDAPG(num_links)--;
105 }
106 /* }}} */
107 
_free_ldap_result(zend_rsrc_list_entry * rsrc TSRMLS_DC)108 static void _free_ldap_result(zend_rsrc_list_entry *rsrc TSRMLS_DC) /* {{{ */
109 {
110 	LDAPMessage *result = (LDAPMessage *)rsrc->ptr;
111 	ldap_msgfree(result);
112 }
113 /* }}} */
114 
_free_ldap_result_entry(zend_rsrc_list_entry * rsrc TSRMLS_DC)115 static void _free_ldap_result_entry(zend_rsrc_list_entry *rsrc TSRMLS_DC) /* {{{ */
116 {
117 	ldap_resultentry *entry = (ldap_resultentry *)rsrc->ptr;
118 
119 	if (entry->ber != NULL) {
120 		ber_free(entry->ber, 0);
121 		entry->ber = NULL;
122 	}
123 	zend_list_delete(entry->id);
124 	efree(entry);
125 }
126 /* }}} */
127 
128 /* {{{ PHP_INI_BEGIN
129  */
130 PHP_INI_BEGIN()
131 	STD_PHP_INI_ENTRY_EX("ldap.max_links", "-1", PHP_INI_SYSTEM, OnUpdateLong, max_links, zend_ldap_globals, ldap_globals, display_link_numbers)
PHP_INI_END()132 PHP_INI_END()
133 /* }}} */
134 
135 /* {{{ PHP_GINIT_FUNCTION
136  */
137 static PHP_GINIT_FUNCTION(ldap)
138 {
139 	ldap_globals->num_links = 0;
140 }
141 /* }}} */
142 
143 /* {{{ PHP_MINIT_FUNCTION
144  */
PHP_MINIT_FUNCTION(ldap)145 PHP_MINIT_FUNCTION(ldap)
146 {
147 	REGISTER_INI_ENTRIES();
148 
149 	/* Constants to be used with deref-parameter in php_ldap_do_search() */
150 	REGISTER_LONG_CONSTANT("LDAP_DEREF_NEVER", LDAP_DEREF_NEVER, CONST_PERSISTENT | CONST_CS);
151 	REGISTER_LONG_CONSTANT("LDAP_DEREF_SEARCHING", LDAP_DEREF_SEARCHING, CONST_PERSISTENT | CONST_CS);
152 	REGISTER_LONG_CONSTANT("LDAP_DEREF_FINDING", LDAP_DEREF_FINDING, CONST_PERSISTENT | CONST_CS);
153 	REGISTER_LONG_CONSTANT("LDAP_DEREF_ALWAYS", LDAP_DEREF_ALWAYS, CONST_PERSISTENT | CONST_CS);
154 
155 	/* Constants to be used with ldap_modify_batch() */
156 	REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_ADD", LDAP_MODIFY_BATCH_ADD, CONST_PERSISTENT | CONST_CS);
157 	REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE", LDAP_MODIFY_BATCH_REMOVE, CONST_PERSISTENT | CONST_CS);
158 	REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE_ALL", LDAP_MODIFY_BATCH_REMOVE_ALL, CONST_PERSISTENT | CONST_CS);
159 	REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REPLACE", LDAP_MODIFY_BATCH_REPLACE, CONST_PERSISTENT | CONST_CS);
160 	REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_ATTRIB", LDAP_MODIFY_BATCH_ATTRIB, CONST_PERSISTENT | CONST_CS);
161 	REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_MODTYPE", LDAP_MODIFY_BATCH_MODTYPE, CONST_PERSISTENT | CONST_CS);
162 	REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_VALUES", LDAP_MODIFY_BATCH_VALUES, CONST_PERSISTENT | CONST_CS);
163 
164 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
165 	/* LDAP options */
166 	REGISTER_LONG_CONSTANT("LDAP_OPT_DEREF", LDAP_OPT_DEREF, CONST_PERSISTENT | CONST_CS);
167 	REGISTER_LONG_CONSTANT("LDAP_OPT_SIZELIMIT", LDAP_OPT_SIZELIMIT, CONST_PERSISTENT | CONST_CS);
168 	REGISTER_LONG_CONSTANT("LDAP_OPT_TIMELIMIT", LDAP_OPT_TIMELIMIT, CONST_PERSISTENT | CONST_CS);
169 #ifdef LDAP_OPT_NETWORK_TIMEOUT
170 	REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_OPT_NETWORK_TIMEOUT, CONST_PERSISTENT | CONST_CS);
171 #elif defined (LDAP_X_OPT_CONNECT_TIMEOUT)
172 	REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_X_OPT_CONNECT_TIMEOUT, CONST_PERSISTENT | CONST_CS);
173 #endif
174 	REGISTER_LONG_CONSTANT("LDAP_OPT_PROTOCOL_VERSION", LDAP_OPT_PROTOCOL_VERSION, CONST_PERSISTENT | CONST_CS);
175 	REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_NUMBER", LDAP_OPT_ERROR_NUMBER, CONST_PERSISTENT | CONST_CS);
176 	REGISTER_LONG_CONSTANT("LDAP_OPT_REFERRALS", LDAP_OPT_REFERRALS, CONST_PERSISTENT | CONST_CS);
177 #ifdef LDAP_OPT_RESTART
178 	REGISTER_LONG_CONSTANT("LDAP_OPT_RESTART", LDAP_OPT_RESTART, CONST_PERSISTENT | CONST_CS);
179 #endif
180 #ifdef LDAP_OPT_HOST_NAME
181 	REGISTER_LONG_CONSTANT("LDAP_OPT_HOST_NAME", LDAP_OPT_HOST_NAME, CONST_PERSISTENT | CONST_CS);
182 #endif
183 	REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_STRING", LDAP_OPT_ERROR_STRING, CONST_PERSISTENT | CONST_CS);
184 #ifdef LDAP_OPT_MATCHED_DN
185 	REGISTER_LONG_CONSTANT("LDAP_OPT_MATCHED_DN", LDAP_OPT_MATCHED_DN, CONST_PERSISTENT | CONST_CS);
186 #endif
187 	REGISTER_LONG_CONSTANT("LDAP_OPT_SERVER_CONTROLS", LDAP_OPT_SERVER_CONTROLS, CONST_PERSISTENT | CONST_CS);
188 	REGISTER_LONG_CONSTANT("LDAP_OPT_CLIENT_CONTROLS", LDAP_OPT_CLIENT_CONTROLS, CONST_PERSISTENT | CONST_CS);
189 #endif
190 #ifdef LDAP_OPT_DEBUG_LEVEL
191 	REGISTER_LONG_CONSTANT("LDAP_OPT_DEBUG_LEVEL", LDAP_OPT_DEBUG_LEVEL, CONST_PERSISTENT | CONST_CS);
192 #endif
193 
194 #ifdef HAVE_LDAP_SASL
195 	REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_MECH", LDAP_OPT_X_SASL_MECH, CONST_PERSISTENT | CONST_CS);
196 	REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_REALM", LDAP_OPT_X_SASL_REALM, CONST_PERSISTENT | CONST_CS);
197 	REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHCID", LDAP_OPT_X_SASL_AUTHCID, CONST_PERSISTENT | CONST_CS);
198 	REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHZID", LDAP_OPT_X_SASL_AUTHZID, CONST_PERSISTENT | CONST_CS);
199 #endif
200 
201 #ifdef ORALDAP
202 	REGISTER_LONG_CONSTANT("GSLC_SSL_NO_AUTH", GSLC_SSL_NO_AUTH, CONST_PERSISTENT | CONST_CS);
203 	REGISTER_LONG_CONSTANT("GSLC_SSL_ONEWAY_AUTH", GSLC_SSL_ONEWAY_AUTH, CONST_PERSISTENT | CONST_CS);
204 	REGISTER_LONG_CONSTANT("GSLC_SSL_TWOWAY_AUTH", GSLC_SSL_TWOWAY_AUTH, CONST_PERSISTENT | CONST_CS);
205 #endif
206 
207 	le_link = zend_register_list_destructors_ex(_close_ldap_link, NULL, "ldap link", module_number);
208 	le_result = zend_register_list_destructors_ex(_free_ldap_result, NULL, "ldap result", module_number);
209 	le_result_entry = zend_register_list_destructors_ex(_free_ldap_result_entry, NULL, "ldap result entry", module_number);
210 
211 	Z_TYPE(ldap_module_entry) = type;
212 
213 	return SUCCESS;
214 }
215 /* }}} */
216 
217 /* {{{ PHP_MSHUTDOWN_FUNCTION
218  */
PHP_MSHUTDOWN_FUNCTION(ldap)219 PHP_MSHUTDOWN_FUNCTION(ldap)
220 {
221 	UNREGISTER_INI_ENTRIES();
222 	return SUCCESS;
223 }
224 /* }}} */
225 
226 /* {{{ PHP_MINFO_FUNCTION
227  */
PHP_MINFO_FUNCTION(ldap)228 PHP_MINFO_FUNCTION(ldap)
229 {
230 	char tmp[32];
231 #if HAVE_NSLDAP
232 	LDAPVersion ver;
233 	double SDKVersion;
234 #endif
235 
236 	php_info_print_table_start();
237 	php_info_print_table_row(2, "LDAP Support", "enabled");
238 	php_info_print_table_row(2, "RCS Version", "$Id: 4db15e5bb92af06390fd31ab784837ab21a3d2ce $");
239 
240 	if (LDAPG(max_links) == -1) {
241 		snprintf(tmp, 31, "%ld/unlimited", LDAPG(num_links));
242 	} else {
243 		snprintf(tmp, 31, "%ld/%ld", LDAPG(num_links), LDAPG(max_links));
244 	}
245 	php_info_print_table_row(2, "Total Links", tmp);
246 
247 #ifdef LDAP_API_VERSION
248 	snprintf(tmp, 31, "%d", LDAP_API_VERSION);
249 	php_info_print_table_row(2, "API Version", tmp);
250 #endif
251 
252 #ifdef LDAP_VENDOR_NAME
253 	php_info_print_table_row(2, "Vendor Name", LDAP_VENDOR_NAME);
254 #endif
255 
256 #ifdef LDAP_VENDOR_VERSION
257 	snprintf(tmp, 31, "%d", LDAP_VENDOR_VERSION);
258 	php_info_print_table_row(2, "Vendor Version", tmp);
259 #endif
260 
261 #if HAVE_NSLDAP
262 	SDKVersion = ldap_version(&ver);
263 	snprintf(tmp, 31, "%F", SDKVersion/100.0);
264 	php_info_print_table_row(2, "SDK Version", tmp);
265 
266 	snprintf(tmp, 31, "%F", ver.protocol_version/100.0);
267 	php_info_print_table_row(2, "Highest LDAP Protocol Supported", tmp);
268 
269 	snprintf(tmp, 31, "%F", ver.SSL_version/100.0);
270 	php_info_print_table_row(2, "SSL Level Supported", tmp);
271 
272 	if (ver.security_level != LDAP_SECURITY_NONE) {
273 		snprintf(tmp, 31, "%d", ver.security_level);
274 	} else {
275 		strcpy(tmp, "SSL not enabled");
276 	}
277 	php_info_print_table_row(2, "Level of Encryption", tmp);
278 #endif
279 
280 #ifdef HAVE_LDAP_SASL
281 	php_info_print_table_row(2, "SASL Support", "Enabled");
282 #endif
283 
284 	php_info_print_table_end();
285 	DISPLAY_INI_ENTRIES();
286 }
287 /* }}} */
288 
289 /* {{{ proto resource ldap_connect([string host [, int port [, string wallet [, string wallet_passwd [, int authmode]]]]])
290    Connect to an LDAP server */
PHP_FUNCTION(ldap_connect)291 PHP_FUNCTION(ldap_connect)
292 {
293 	char *host = NULL;
294 	int hostlen;
295 	long port = 389; /* Default port */
296 #ifdef HAVE_ORALDAP
297 	char *wallet = NULL, *walletpasswd = NULL;
298 	int walletlen = 0, walletpasswdlen = 0;
299 	long authmode = GSLC_SSL_NO_AUTH;
300 	int ssl=0;
301 #endif
302 	ldap_linkdata *ld;
303 	LDAP *ldap;
304 
305 #ifdef HAVE_ORALDAP
306 	if (ZEND_NUM_ARGS() == 3 || ZEND_NUM_ARGS() == 4) {
307 		WRONG_PARAM_COUNT;
308 	}
309 
310 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|slssl", &host, &hostlen, &port, &wallet, &walletlen, &walletpasswd, &walletpasswdlen, &authmode) != SUCCESS) {
311 		RETURN_FALSE;
312 	}
313 
314 	if (ZEND_NUM_ARGS() == 5) {
315 		ssl = 1;
316 	}
317 #else
318 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|sl", &host, &hostlen, &port) != SUCCESS) {
319 		RETURN_FALSE;
320 	}
321 #endif
322 
323 	if (LDAPG(max_links) != -1 && LDAPG(num_links) >= LDAPG(max_links)) {
324 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Too many open links (%ld)", LDAPG(num_links));
325 		RETURN_FALSE;
326 	}
327 
328 	ld = ecalloc(1, sizeof(ldap_linkdata));
329 
330 #ifdef LDAP_API_FEATURE_X_OPENLDAP
331 	if (host != NULL && strchr(host, '/')) {
332 		int rc;
333 
334 		rc = ldap_initialize(&ldap, host);
335 		if (rc != LDAP_SUCCESS) {
336 			efree(ld);
337 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not create session handle: %s", ldap_err2string(rc));
338 			RETURN_FALSE;
339 		}
340 	} else {
341 		ldap = ldap_init(host, port);
342 	}
343 #else
344 	ldap = ldap_open(host, port);
345 #endif
346 
347 	if (ldap == NULL) {
348 		efree(ld);
349 		RETURN_FALSE;
350 	} else {
351 #ifdef HAVE_ORALDAP
352 		if (ssl) {
353 			if (ldap_init_SSL(&ldap->ld_sb, wallet, walletpasswd, authmode)) {
354 				efree(ld);
355 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL init failed");
356 				RETURN_FALSE;
357 			}
358 		}
359 #endif
360 		LDAPG(num_links)++;
361 		ld->link = ldap;
362 		ZEND_REGISTER_RESOURCE(return_value, ld, le_link);
363 	}
364 
365 }
366 /* }}} */
367 
368 /* {{{ _get_lderrno
369  */
_get_lderrno(LDAP * ldap)370 static int _get_lderrno(LDAP *ldap)
371 {
372 #if !HAVE_NSLDAP
373 #if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
374 	int lderr;
375 
376 	/* New versions of OpenLDAP do it this way */
377 	ldap_get_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
378 	return lderr;
379 #else
380 	return ldap->ld_errno;
381 #endif
382 #else
383 	return ldap_get_lderrno(ldap, NULL, NULL);
384 #endif
385 }
386 /* }}} */
387 
388 /* {{{ _set_lderrno
389  */
_set_lderrno(LDAP * ldap,int lderr)390 static void _set_lderrno(LDAP *ldap, int lderr)
391 {
392 #if !HAVE_NSLDAP
393 #if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
394 	/* New versions of OpenLDAP do it this way */
395 	ldap_set_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
396 #else
397 	ldap->ld_errno = lderr;
398 #endif
399 #else
400 	ldap_set_lderrno(ldap, lderr, NULL, NULL);
401 #endif
402 }
403 /* }}} */
404 
405 /* {{{ proto bool ldap_bind(resource link [, string dn [, string password]])
406    Bind to LDAP directory */
PHP_FUNCTION(ldap_bind)407 PHP_FUNCTION(ldap_bind)
408 {
409 	zval *link;
410 	char *ldap_bind_dn = NULL, *ldap_bind_pw = NULL;
411 	int ldap_bind_dnlen, ldap_bind_pwlen;
412 	ldap_linkdata *ld;
413 	int rc;
414 
415 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|ss", &link, &ldap_bind_dn, &ldap_bind_dnlen, &ldap_bind_pw, &ldap_bind_pwlen) != SUCCESS) {
416 		RETURN_FALSE;
417 	}
418 
419 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
420 
421 	if (ldap_bind_dn != NULL && memchr(ldap_bind_dn, '\0', ldap_bind_dnlen) != NULL) {
422 		_set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
423 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "DN contains a null byte");
424 		RETURN_FALSE;
425 	}
426 
427 	if (ldap_bind_pw != NULL && memchr(ldap_bind_pw, '\0', ldap_bind_pwlen) != NULL) {
428 		_set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
429 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Password contains a null byte");
430 		RETURN_FALSE;
431 	}
432 
433 	if ((rc = ldap_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw, LDAP_AUTH_SIMPLE)) != LDAP_SUCCESS) {
434 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
435 		RETURN_FALSE;
436 	} else {
437 		RETURN_TRUE;
438 	}
439 }
440 /* }}} */
441 
442 #ifdef HAVE_LDAP_SASL
443 typedef struct {
444 	char *mech;
445 	char *realm;
446 	char *authcid;
447 	char *passwd;
448 	char *authzid;
449 } php_ldap_bictx;
450 
451 /* {{{ _php_sasl_setdefs
452  */
_php_sasl_setdefs(LDAP * ld,char * sasl_mech,char * sasl_realm,char * sasl_authc_id,char * passwd,char * sasl_authz_id)453 static php_ldap_bictx *_php_sasl_setdefs(LDAP *ld, char *sasl_mech, char *sasl_realm, char *sasl_authc_id, char *passwd, char *sasl_authz_id)
454 {
455 	php_ldap_bictx *ctx;
456 
457 	ctx = ber_memalloc(sizeof(php_ldap_bictx));
458 	ctx->mech    = (sasl_mech) ? ber_strdup(sasl_mech) : NULL;
459 	ctx->realm   = (sasl_realm) ? ber_strdup(sasl_realm) : NULL;
460 	ctx->authcid = (sasl_authc_id) ? ber_strdup(sasl_authc_id) : NULL;
461 	ctx->passwd  = (passwd) ? ber_strdup(passwd) : NULL;
462 	ctx->authzid = (sasl_authz_id) ? ber_strdup(sasl_authz_id) : NULL;
463 
464 	if (ctx->mech == NULL) {
465 		ldap_get_option(ld, LDAP_OPT_X_SASL_MECH, &ctx->mech);
466 	}
467 	if (ctx->realm == NULL) {
468 		ldap_get_option(ld, LDAP_OPT_X_SASL_REALM, &ctx->realm);
469 	}
470 	if (ctx->authcid == NULL) {
471 		ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHCID, &ctx->authcid);
472 	}
473 	if (ctx->authzid == NULL) {
474 		ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHZID, &ctx->authzid);
475 	}
476 
477 	return ctx;
478 }
479 /* }}} */
480 
481 /* {{{ _php_sasl_freedefs
482  */
_php_sasl_freedefs(php_ldap_bictx * ctx)483 static void _php_sasl_freedefs(php_ldap_bictx *ctx)
484 {
485 	if (ctx->mech) ber_memfree(ctx->mech);
486 	if (ctx->realm) ber_memfree(ctx->realm);
487 	if (ctx->authcid) ber_memfree(ctx->authcid);
488 	if (ctx->passwd) ber_memfree(ctx->passwd);
489 	if (ctx->authzid) ber_memfree(ctx->authzid);
490 	ber_memfree(ctx);
491 }
492 /* }}} */
493 
494 /* {{{ _php_sasl_interact
495    Internal interact function for SASL */
_php_sasl_interact(LDAP * ld,unsigned flags,void * defaults,void * in)496 static int _php_sasl_interact(LDAP *ld, unsigned flags, void *defaults, void *in)
497 {
498 	sasl_interact_t *interact = in;
499 	const char *p;
500 	php_ldap_bictx *ctx = defaults;
501 
502 	for (;interact->id != SASL_CB_LIST_END;interact++) {
503 		p = NULL;
504 		switch(interact->id) {
505 			case SASL_CB_GETREALM:
506 				p = ctx->realm;
507 				break;
508 			case SASL_CB_AUTHNAME:
509 				p = ctx->authcid;
510 				break;
511 			case SASL_CB_USER:
512 				p = ctx->authzid;
513 				break;
514 			case SASL_CB_PASS:
515 				p = ctx->passwd;
516 				break;
517 		}
518 		if (p) {
519 			interact->result = p;
520 			interact->len = strlen(interact->result);
521 		}
522 	}
523 	return LDAP_SUCCESS;
524 }
525 /* }}} */
526 
527 /* {{{ proto bool ldap_sasl_bind(resource link [, string binddn [, string password [, string sasl_mech [, string sasl_realm [, string sasl_authc_id [, string sasl_authz_id [, string props]]]]]]])
528    Bind to LDAP directory using SASL */
PHP_FUNCTION(ldap_sasl_bind)529 PHP_FUNCTION(ldap_sasl_bind)
530 {
531 	zval *link;
532 	ldap_linkdata *ld;
533 	char *binddn = NULL;
534 	char *passwd = NULL;
535 	char *sasl_mech = NULL;
536 	char *sasl_realm = NULL;
537 	char *sasl_authz_id = NULL;
538 	char *sasl_authc_id = NULL;
539 	char *props = NULL;
540 	int rc, dn_len, passwd_len, mech_len, realm_len, authc_id_len, authz_id_len, props_len;
541 	php_ldap_bictx *ctx;
542 
543 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|sssssss", &link, &binddn, &dn_len, &passwd, &passwd_len, &sasl_mech, &mech_len, &sasl_realm, &realm_len, &sasl_authc_id, &authc_id_len, &sasl_authz_id, &authz_id_len, &props, &props_len) != SUCCESS) {
544 		RETURN_FALSE;
545 	}
546 
547 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
548 
549 	ctx = _php_sasl_setdefs(ld->link, sasl_mech, sasl_realm, sasl_authc_id, passwd, sasl_authz_id);
550 
551 	if (props) {
552 		ldap_set_option(ld->link, LDAP_OPT_X_SASL_SECPROPS, props);
553 	}
554 
555 	rc = ldap_sasl_interactive_bind_s(ld->link, binddn, ctx->mech, NULL, NULL, LDAP_SASL_QUIET, _php_sasl_interact, ctx);
556 	if (rc != LDAP_SUCCESS) {
557 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
558 		RETVAL_FALSE;
559 	} else {
560 		RETVAL_TRUE;
561 	}
562 	_php_sasl_freedefs(ctx);
563 }
564 /* }}} */
565 #endif /* HAVE_LDAP_SASL */
566 
567 /* {{{ proto bool ldap_unbind(resource link)
568    Unbind from LDAP directory */
PHP_FUNCTION(ldap_unbind)569 PHP_FUNCTION(ldap_unbind)
570 {
571 	zval *link;
572 	ldap_linkdata *ld;
573 
574 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &link) != SUCCESS) {
575 		RETURN_FALSE;
576 	}
577 
578 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
579 
580 	zend_list_delete(Z_LVAL_P(link));
581 	RETURN_TRUE;
582 }
583 /* }}} */
584 
585 /* {{{ php_set_opts
586  */
php_set_opts(LDAP * ldap,int sizelimit,int timelimit,int deref,int * old_sizelimit,int * old_timelimit,int * old_deref)587 static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, int *old_sizelimit, int *old_timelimit, int *old_deref)
588 {
589 	/* sizelimit */
590 	if (sizelimit > -1) {
591 #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
592 		ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_sizelimit);
593 		ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, &sizelimit);
594 #else
595 		*old_sizelimit = ldap->ld_sizelimit;
596 		ldap->ld_sizelimit = sizelimit;
597 #endif
598 	}
599 
600 	/* timelimit */
601 	if (timelimit > -1) {
602 #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
603 		ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_timelimit);
604 		ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit);
605 #else
606 		*old_timelimit = ldap->ld_timelimit;
607 		ldap->ld_timelimit = timelimit;
608 #endif
609 	}
610 
611 	/* deref */
612 	if (deref > -1) {
613 #if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
614 		ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_deref);
615 		ldap_set_option(ldap, LDAP_OPT_DEREF, &deref);
616 #else
617 		*old_deref = ldap->ld_deref;
618 		ldap->ld_deref = deref;
619 #endif
620 	}
621 }
622 /* }}} */
623 
624 /* {{{ php_ldap_do_search
625  */
php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS,int scope)626 static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
627 {
628 	zval *link, *base_dn, **filter, *attrs = NULL, **attr;
629 	long attrsonly, sizelimit, timelimit, deref;
630 	char *ldap_base_dn = NULL, *ldap_filter = NULL, **ldap_attrs = NULL;
631 	ldap_linkdata *ld = NULL;
632 	LDAPMessage *ldap_res;
633 	int ldap_attrsonly = 0, ldap_sizelimit = -1, ldap_timelimit = -1, ldap_deref = -1;
634 	int old_ldap_sizelimit = -1, old_ldap_timelimit = -1, old_ldap_deref = -1;
635 	int num_attribs = 0, ret = 1, i, errno, argcount = ZEND_NUM_ARGS();
636 
637 	if (zend_parse_parameters(argcount TSRMLS_CC, "zzZ|allll", &link, &base_dn, &filter, &attrs, &attrsonly,
638 		&sizelimit, &timelimit, &deref) == FAILURE) {
639 		return;
640 	}
641 
642 	/* Reverse -> fall through */
643 	switch (argcount) {
644 		case 8:
645 			ldap_deref = deref;
646 		case 7:
647 			ldap_timelimit = timelimit;
648 		case 6:
649 			ldap_sizelimit = sizelimit;
650 		case 5:
651 			ldap_attrsonly = attrsonly;
652 		case 4:
653 			num_attribs = zend_hash_num_elements(Z_ARRVAL_P(attrs));
654 			ldap_attrs = safe_emalloc((num_attribs+1), sizeof(char *), 0);
655 
656 			for (i = 0; i<num_attribs; i++) {
657 				if (zend_hash_index_find(Z_ARRVAL_P(attrs), i, (void **) &attr) != SUCCESS) {
658 					php_error_docref(NULL TSRMLS_CC, E_WARNING, "Array initialization wrong");
659 					ret = 0;
660 					goto cleanup;
661 				}
662 
663 				SEPARATE_ZVAL(attr);
664 				convert_to_string_ex(attr);
665 				ldap_attrs[i] = Z_STRVAL_PP(attr);
666 			}
667 			ldap_attrs[num_attribs] = NULL;
668 		default:
669 			break;
670 	}
671 
672 	/* parallel search? */
673 	if (Z_TYPE_P(link) == IS_ARRAY) {
674 		int i, nlinks, nbases, nfilters, *rcs;
675 		ldap_linkdata **lds;
676 		zval **entry, *resource;
677 
678 		nlinks = zend_hash_num_elements(Z_ARRVAL_P(link));
679 		if (nlinks == 0) {
680 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "No links in link array");
681 			ret = 0;
682 			goto cleanup;
683 		}
684 
685 		if (Z_TYPE_P(base_dn) == IS_ARRAY) {
686 			nbases = zend_hash_num_elements(Z_ARRVAL_P(base_dn));
687 			if (nbases != nlinks) {
688 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Base must either be a string, or an array with the same number of elements as the links array");
689 				ret = 0;
690 				goto cleanup;
691 			}
692 			zend_hash_internal_pointer_reset(Z_ARRVAL_P(base_dn));
693 		} else {
694 			nbases = 0; /* this means string, not array */
695 			/* If anything else than string is passed, ldap_base_dn = NULL */
696 			if (Z_TYPE_P(base_dn) == IS_STRING) {
697 				ldap_base_dn = Z_STRVAL_P(base_dn);
698 			} else {
699 				ldap_base_dn = NULL;
700 			}
701 		}
702 
703 		if (Z_TYPE_PP(filter) == IS_ARRAY) {
704 			nfilters = zend_hash_num_elements(Z_ARRVAL_PP(filter));
705 			if (nfilters != nlinks) {
706 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Filter must either be a string, or an array with the same number of elements as the links array");
707 				ret = 0;
708 				goto cleanup;
709 			}
710 			zend_hash_internal_pointer_reset(Z_ARRVAL_PP(filter));
711 		} else {
712 			nfilters = 0; /* this means string, not array */
713 			convert_to_string_ex(filter);
714 			ldap_filter = Z_STRVAL_PP(filter);
715 		}
716 
717 		lds = safe_emalloc(nlinks, sizeof(ldap_linkdata), 0);
718 		rcs = safe_emalloc(nlinks, sizeof(*rcs), 0);
719 
720 		zend_hash_internal_pointer_reset(Z_ARRVAL_P(link));
721 		for (i=0; i<nlinks; i++) {
722 			zend_hash_get_current_data(Z_ARRVAL_P(link), (void **)&entry);
723 
724 			ld = (ldap_linkdata *) zend_fetch_resource(entry TSRMLS_CC, -1, "ldap link", NULL, 1, le_link);
725 			if (ld == NULL) {
726 				ret = 0;
727 				goto cleanup_parallel;
728 			}
729 			if (nbases != 0) { /* base_dn an array? */
730 				zend_hash_get_current_data(Z_ARRVAL_P(base_dn), (void **)&entry);
731 				zend_hash_move_forward(Z_ARRVAL_P(base_dn));
732 
733 				/* If anything else than string is passed, ldap_base_dn = NULL */
734 				if (Z_TYPE_PP(entry) == IS_STRING) {
735 					ldap_base_dn = Z_STRVAL_PP(entry);
736 				} else {
737 					ldap_base_dn = NULL;
738 				}
739 			}
740 			if (nfilters != 0) { /* filter an array? */
741 				zend_hash_get_current_data(Z_ARRVAL_PP(filter), (void **)&entry);
742 				zend_hash_move_forward(Z_ARRVAL_PP(filter));
743 				convert_to_string_ex(entry);
744 				ldap_filter = Z_STRVAL_PP(entry);
745 			}
746 
747 			php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
748 
749 			/* Run the actual search */
750 			rcs[i] = ldap_search(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly);
751 			lds[i] = ld;
752 			zend_hash_move_forward(Z_ARRVAL_P(link));
753 		}
754 
755 		array_init(return_value);
756 
757 		/* Collect results from the searches */
758 		for (i=0; i<nlinks; i++) {
759 			MAKE_STD_ZVAL(resource);
760 			if (rcs[i] != -1) {
761 				rcs[i] = ldap_result(lds[i]->link, LDAP_RES_ANY, 1 /* LDAP_MSG_ALL */, NULL, &ldap_res);
762 			}
763 			if (rcs[i] != -1) {
764 				ZEND_REGISTER_RESOURCE(resource, ldap_res, le_result);
765 				add_next_index_zval(return_value, resource);
766 			} else {
767 				add_next_index_bool(return_value, 0);
768 			}
769 		}
770 
771 cleanup_parallel:
772 		efree(lds);
773 		efree(rcs);
774 	} else {
775 		convert_to_string_ex(filter);
776 		ldap_filter = Z_STRVAL_PP(filter);
777 
778 		/* If anything else than string is passed, ldap_base_dn = NULL */
779 		if (Z_TYPE_P(base_dn) == IS_STRING) {
780 			ldap_base_dn = Z_STRVAL_P(base_dn);
781 		}
782 
783 		ld = (ldap_linkdata *) zend_fetch_resource(&link TSRMLS_CC, -1, "ldap link", NULL, 1, le_link);
784 		if (ld == NULL) {
785 			ret = 0;
786 			goto cleanup;
787 		}
788 
789 		php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
790 
791 		/* Run the actual search */
792 		errno = ldap_search_s(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly, &ldap_res);
793 
794 		if (errno != LDAP_SUCCESS
795 			&& errno != LDAP_SIZELIMIT_EXCEEDED
796 #ifdef LDAP_ADMINLIMIT_EXCEEDED
797 			&& errno != LDAP_ADMINLIMIT_EXCEEDED
798 #endif
799 #ifdef LDAP_REFERRAL
800 			&& errno != LDAP_REFERRAL
801 #endif
802 		) {
803 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Search: %s", ldap_err2string(errno));
804 			ret = 0;
805 		} else {
806 			if (errno == LDAP_SIZELIMIT_EXCEEDED) {
807 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Partial search results returned: Sizelimit exceeded");
808 			}
809 #ifdef LDAP_ADMINLIMIT_EXCEEDED
810 			else if (errno == LDAP_ADMINLIMIT_EXCEEDED) {
811 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Partial search results returned: Adminlimit exceeded");
812 			}
813 #endif
814 
815 			ZEND_REGISTER_RESOURCE(return_value, ldap_res, le_result);
816 		}
817 	}
818 
819 cleanup:
820 	if (ld) {
821 		/* Restoring previous options */
822 		php_set_opts(ld->link, old_ldap_sizelimit, old_ldap_timelimit, old_ldap_deref, &ldap_sizelimit, &ldap_timelimit, &ldap_deref);
823 	}
824 	if (ldap_attrs != NULL) {
825 		efree(ldap_attrs);
826 	}
827 	if (!ret) {
828 		RETVAL_BOOL(ret);
829 	}
830 }
831 /* }}} */
832 
833 /* {{{ proto resource ldap_read(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
834    Read an entry */
PHP_FUNCTION(ldap_read)835 PHP_FUNCTION(ldap_read)
836 {
837 	php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_BASE);
838 }
839 /* }}} */
840 
841 /* {{{ proto resource ldap_list(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
842    Single-level search */
PHP_FUNCTION(ldap_list)843 PHP_FUNCTION(ldap_list)
844 {
845 	php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_ONELEVEL);
846 }
847 /* }}} */
848 
849 /* {{{ proto resource ldap_search(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
850    Search LDAP tree under base_dn */
PHP_FUNCTION(ldap_search)851 PHP_FUNCTION(ldap_search)
852 {
853 	php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_SUBTREE);
854 }
855 /* }}} */
856 
857 /* {{{ proto bool ldap_free_result(resource result)
858    Free result memory */
PHP_FUNCTION(ldap_free_result)859 PHP_FUNCTION(ldap_free_result)
860 {
861 	zval *result;
862 	LDAPMessage *ldap_result;
863 
864 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &result) != SUCCESS) {
865 		return;
866 	}
867 
868 	ZEND_FETCH_RESOURCE(ldap_result, LDAPMessage *, &result, -1, "ldap result", le_result);
869 
870 	zend_list_delete(Z_LVAL_P(result));  /* Delete list entry */
871 	RETVAL_TRUE;
872 }
873 /* }}} */
874 
875 /* {{{ proto int ldap_count_entries(resource link, resource result)
876    Count the number of entries in a search result */
PHP_FUNCTION(ldap_count_entries)877 PHP_FUNCTION(ldap_count_entries)
878 {
879 	zval *link, *result;
880 	ldap_linkdata *ld;
881 	LDAPMessage *ldap_result;
882 
883 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result) != SUCCESS) {
884 		return;
885 	}
886 
887 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
888 	ZEND_FETCH_RESOURCE(ldap_result, LDAPMessage *, &result, -1, "ldap result", le_result);
889 
890 	RETURN_LONG(ldap_count_entries(ld->link, ldap_result));
891 }
892 /* }}} */
893 
894 /* {{{ proto resource ldap_first_entry(resource link, resource result)
895    Return first result id */
PHP_FUNCTION(ldap_first_entry)896 PHP_FUNCTION(ldap_first_entry)
897 {
898 	zval *link, *result;
899 	ldap_linkdata *ld;
900 	ldap_resultentry *resultentry;
901 	LDAPMessage *ldap_result, *entry;
902 
903 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result) != SUCCESS) {
904 		return;
905 	}
906 
907 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
908 	ZEND_FETCH_RESOURCE(ldap_result, LDAPMessage *, &result, -1, "ldap result", le_result);
909 
910 	if ((entry = ldap_first_entry(ld->link, ldap_result)) == NULL) {
911 		RETVAL_FALSE;
912 	} else {
913 		resultentry = emalloc(sizeof(ldap_resultentry));
914 		ZEND_REGISTER_RESOURCE(return_value, resultentry, le_result_entry);
915 		resultentry->id = Z_LVAL_P(result);
916 		zend_list_addref(resultentry->id);
917 		resultentry->data = entry;
918 		resultentry->ber = NULL;
919 	}
920 }
921 /* }}} */
922 
923 /* {{{ proto resource ldap_next_entry(resource link, resource result_entry)
924    Get next result entry */
PHP_FUNCTION(ldap_next_entry)925 PHP_FUNCTION(ldap_next_entry)
926 {
927 	zval *link, *result_entry;
928 	ldap_linkdata *ld;
929 	ldap_resultentry *resultentry, *resultentry_next;
930 	LDAPMessage *entry_next;
931 
932 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result_entry) != SUCCESS) {
933 		return;
934 	}
935 
936 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
937 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
938 
939 	if ((entry_next = ldap_next_entry(ld->link, resultentry->data)) == NULL) {
940 		RETVAL_FALSE;
941 	} else {
942 		resultentry_next = emalloc(sizeof(ldap_resultentry));
943 		ZEND_REGISTER_RESOURCE(return_value, resultentry_next, le_result_entry);
944 		resultentry_next->id = resultentry->id;
945 		zend_list_addref(resultentry->id);
946 		resultentry_next->data = entry_next;
947 		resultentry_next->ber = NULL;
948 	}
949 }
950 /* }}} */
951 
952 /* {{{ proto array ldap_get_entries(resource link, resource result)
953    Get all result entries */
PHP_FUNCTION(ldap_get_entries)954 PHP_FUNCTION(ldap_get_entries)
955 {
956 	zval *link, *result;
957 	LDAPMessage *ldap_result, *ldap_result_entry;
958 	zval *tmp1, *tmp2;
959 	ldap_linkdata *ld;
960 	LDAP *ldap;
961 	int num_entries, num_attrib, num_values, i;
962 	BerElement *ber;
963 	char *attribute;
964 	size_t attr_len;
965 	struct berval **ldap_value;
966 	char *dn;
967 
968 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result) != SUCCESS) {
969 		return;
970 	}
971 
972 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
973 	ZEND_FETCH_RESOURCE(ldap_result, LDAPMessage *, &result, -1, "ldap result", le_result);
974 
975 	ldap = ld->link;
976 	num_entries = ldap_count_entries(ldap, ldap_result);
977 
978 	array_init(return_value);
979 	add_assoc_long(return_value, "count", num_entries);
980 
981 	if (num_entries == 0) {
982 		return;
983 	}
984 
985 	ldap_result_entry = ldap_first_entry(ldap, ldap_result);
986 	if (ldap_result_entry == NULL) {
987 		zval_dtor(return_value);
988 		RETURN_FALSE;
989 	}
990 
991 	num_entries = 0;
992 	while (ldap_result_entry != NULL) {
993 		MAKE_STD_ZVAL(tmp1);
994 		array_init(tmp1);
995 
996 		num_attrib = 0;
997 		attribute = ldap_first_attribute(ldap, ldap_result_entry, &ber);
998 
999 		while (attribute != NULL) {
1000 			ldap_value = ldap_get_values_len(ldap, ldap_result_entry, attribute);
1001 			num_values = ldap_count_values_len(ldap_value);
1002 
1003 			MAKE_STD_ZVAL(tmp2);
1004 			array_init(tmp2);
1005 			add_assoc_long(tmp2, "count", num_values);
1006 			for (i = 0; i < num_values; i++) {
1007 				add_index_stringl(tmp2, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len, 1);
1008 			}
1009 			ldap_value_free_len(ldap_value);
1010 
1011 			attr_len = strlen(attribute);
1012 			zend_hash_update(Z_ARRVAL_P(tmp1), php_strtolower(attribute, attr_len), attr_len+1, (void *) &tmp2, sizeof(zval *), NULL);
1013 			add_index_string(tmp1, num_attrib, attribute, 1);
1014 
1015 			num_attrib++;
1016 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1017 			ldap_memfree(attribute);
1018 #endif
1019 			attribute = ldap_next_attribute(ldap, ldap_result_entry, ber);
1020 		}
1021 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1022 		if (ber != NULL) {
1023 			ber_free(ber, 0);
1024 		}
1025 #endif
1026 
1027 		add_assoc_long(tmp1, "count", num_attrib);
1028 		dn = ldap_get_dn(ldap, ldap_result_entry);
1029 		add_assoc_string(tmp1, "dn", dn, 1);
1030 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1031 		ldap_memfree(dn);
1032 #else
1033 		free(dn);
1034 #endif
1035 
1036 		zend_hash_index_update(Z_ARRVAL_P(return_value), num_entries, (void *) &tmp1, sizeof(zval *), NULL);
1037 
1038 		num_entries++;
1039 		ldap_result_entry = ldap_next_entry(ldap, ldap_result_entry);
1040 	}
1041 
1042 	add_assoc_long(return_value, "count", num_entries);
1043 
1044 }
1045 /* }}} */
1046 
1047 /* {{{ proto string ldap_first_attribute(resource link, resource result_entry)
1048    Return first attribute */
PHP_FUNCTION(ldap_first_attribute)1049 PHP_FUNCTION(ldap_first_attribute)
1050 {
1051 	zval *link, *result_entry;
1052 	ldap_linkdata *ld;
1053 	ldap_resultentry *resultentry;
1054 	char *attribute;
1055 	long dummy_ber;
1056 
1057 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1058 		return;
1059 	}
1060 
1061 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1062 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
1063 
1064 	if ((attribute = ldap_first_attribute(ld->link, resultentry->data, &resultentry->ber)) == NULL) {
1065 		RETURN_FALSE;
1066 	} else {
1067 		RETVAL_STRING(attribute, 1);
1068 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1069 		ldap_memfree(attribute);
1070 #endif
1071 	}
1072 }
1073 /* }}} */
1074 
1075 /* {{{ proto string ldap_next_attribute(resource link, resource result_entry)
1076    Get the next attribute in result */
PHP_FUNCTION(ldap_next_attribute)1077 PHP_FUNCTION(ldap_next_attribute)
1078 {
1079 	zval *link, *result_entry;
1080 	ldap_linkdata *ld;
1081 	ldap_resultentry *resultentry;
1082 	char *attribute;
1083 	long dummy_ber;
1084 
1085 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1086 		return;
1087 	}
1088 
1089 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1090 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
1091 
1092 	if (resultentry->ber == NULL) {
1093 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "called before calling ldap_first_attribute() or no attributes found in result entry");
1094 		RETURN_FALSE;
1095 	}
1096 
1097 	if ((attribute = ldap_next_attribute(ld->link, resultentry->data, resultentry->ber)) == NULL) {
1098 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1099 		if (resultentry->ber != NULL) {
1100 			ber_free(resultentry->ber, 0);
1101 			resultentry->ber = NULL;
1102 		}
1103 #endif
1104 		RETURN_FALSE;
1105 	} else {
1106 		RETVAL_STRING(attribute, 1);
1107 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1108 		ldap_memfree(attribute);
1109 #endif
1110 	}
1111 }
1112 /* }}} */
1113 
1114 /* {{{ proto array ldap_get_attributes(resource link, resource result_entry)
1115    Get attributes from a search result entry */
PHP_FUNCTION(ldap_get_attributes)1116 PHP_FUNCTION(ldap_get_attributes)
1117 {
1118 	zval *link, *result_entry;
1119 	zval *tmp;
1120 	ldap_linkdata *ld;
1121 	ldap_resultentry *resultentry;
1122 	char *attribute;
1123 	struct berval **ldap_value;
1124 	int i, num_values, num_attrib;
1125 	BerElement *ber;
1126 
1127 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result_entry) != SUCCESS) {
1128 		return;
1129 	}
1130 
1131 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1132 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
1133 
1134 	array_init(return_value);
1135 	num_attrib = 0;
1136 
1137 	attribute = ldap_first_attribute(ld->link, resultentry->data, &ber);
1138 	while (attribute != NULL) {
1139 		ldap_value = ldap_get_values_len(ld->link, resultentry->data, attribute);
1140 		num_values = ldap_count_values_len(ldap_value);
1141 
1142 		MAKE_STD_ZVAL(tmp);
1143 		array_init(tmp);
1144 		add_assoc_long(tmp, "count", num_values);
1145 		for (i = 0; i < num_values; i++) {
1146 			add_index_stringl(tmp, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len, 1);
1147 		}
1148 		ldap_value_free_len(ldap_value);
1149 
1150 		zend_hash_update(Z_ARRVAL_P(return_value), attribute, strlen(attribute)+1, (void *) &tmp, sizeof(zval *), NULL);
1151 		add_index_string(return_value, num_attrib, attribute, 1);
1152 
1153 		num_attrib++;
1154 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1155 		ldap_memfree(attribute);
1156 #endif
1157 		attribute = ldap_next_attribute(ld->link, resultentry->data, ber);
1158 	}
1159 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1160 	if (ber != NULL) {
1161 		ber_free(ber, 0);
1162 	}
1163 #endif
1164 
1165 	add_assoc_long(return_value, "count", num_attrib);
1166 }
1167 /* }}} */
1168 
1169 /* {{{ proto array ldap_get_values_len(resource link, resource result_entry, string attribute)
1170    Get all values with lengths from a result entry */
PHP_FUNCTION(ldap_get_values_len)1171 PHP_FUNCTION(ldap_get_values_len)
1172 {
1173 	zval *link, *result_entry;
1174 	ldap_linkdata *ld;
1175 	ldap_resultentry *resultentry;
1176 	char *attr;
1177 	struct berval **ldap_value_len;
1178 	int i, num_values, attr_len;
1179 
1180 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rrs", &link, &result_entry, &attr, &attr_len) != SUCCESS) {
1181 		return;
1182 	}
1183 
1184 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1185 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
1186 
1187 	if ((ldap_value_len = ldap_get_values_len(ld->link, resultentry->data, attr)) == NULL) {
1188 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot get the value(s) of attribute %s", ldap_err2string(_get_lderrno(ld->link)));
1189 		RETURN_FALSE;
1190 	}
1191 
1192 	num_values = ldap_count_values_len(ldap_value_len);
1193 	array_init(return_value);
1194 
1195 	for (i=0; i<num_values; i++) {
1196 		add_next_index_stringl(return_value, ldap_value_len[i]->bv_val, ldap_value_len[i]->bv_len, 1);
1197 	}
1198 
1199 	add_assoc_long(return_value, "count", num_values);
1200 	ldap_value_free_len(ldap_value_len);
1201 
1202 }
1203 /* }}} */
1204 
1205 /* {{{ proto string ldap_get_dn(resource link, resource result_entry)
1206    Get the DN of a result entry */
PHP_FUNCTION(ldap_get_dn)1207 PHP_FUNCTION(ldap_get_dn)
1208 {
1209 	zval *link, *result_entry;
1210 	ldap_linkdata *ld;
1211 	ldap_resultentry *resultentry;
1212 	char *text;
1213 
1214 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result_entry) != SUCCESS) {
1215 		return;
1216 	}
1217 
1218 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1219 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
1220 
1221 	text = ldap_get_dn(ld->link, resultentry->data);
1222 	if (text != NULL) {
1223 		RETVAL_STRING(text, 1);
1224 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1225 		ldap_memfree(text);
1226 #else
1227 		free(text);
1228 #endif
1229 	} else {
1230 		RETURN_FALSE;
1231 	}
1232 }
1233 /* }}} */
1234 
1235 /* {{{ proto array ldap_explode_dn(string dn, int with_attrib)
1236    Splits DN into its component parts */
PHP_FUNCTION(ldap_explode_dn)1237 PHP_FUNCTION(ldap_explode_dn)
1238 {
1239 	long with_attrib;
1240 	char *dn, **ldap_value;
1241 	int i, count, dn_len;
1242 
1243 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl", &dn, &dn_len, &with_attrib) != SUCCESS) {
1244 		return;
1245 	}
1246 
1247 	if (!(ldap_value = ldap_explode_dn(dn, with_attrib))) {
1248 		/* Invalid parameters were passed to ldap_explode_dn */
1249 		RETURN_FALSE;
1250 	}
1251 
1252 	i=0;
1253 	while (ldap_value[i] != NULL) i++;
1254 	count = i;
1255 
1256 	array_init(return_value);
1257 
1258 	add_assoc_long(return_value, "count", count);
1259 	for (i = 0; i<count; i++) {
1260 		add_index_string(return_value, i, ldap_value[i], 1);
1261 	}
1262 
1263 	ldap_value_free(ldap_value);
1264 }
1265 /* }}} */
1266 
1267 /* {{{ proto string ldap_dn2ufn(string dn)
1268    Convert DN to User Friendly Naming format */
PHP_FUNCTION(ldap_dn2ufn)1269 PHP_FUNCTION(ldap_dn2ufn)
1270 {
1271 	char *dn, *ufn;
1272 	int dn_len;
1273 
1274 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &dn, &dn_len) != SUCCESS) {
1275 		return;
1276 	}
1277 
1278 	ufn = ldap_dn2ufn(dn);
1279 
1280 	if (ufn != NULL) {
1281 		RETVAL_STRING(ufn, 1);
1282 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1283 		ldap_memfree(ufn);
1284 #endif
1285 	} else {
1286 		RETURN_FALSE;
1287 	}
1288 }
1289 /* }}} */
1290 
1291 
1292 /* added to fix use of ldap_modify_add for doing an ldap_add, gerrit thomson. */
1293 #define PHP_LD_FULL_ADD 0xff
1294 /* {{{ php_ldap_do_modify
1295  */
php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS,int oper)1296 static void php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS, int oper)
1297 {
1298 	zval *link, *entry, **value, **ivalue;
1299 	ldap_linkdata *ld;
1300 	char *dn;
1301 	LDAPMod **ldap_mods;
1302 	int i, j, num_attribs, num_values, dn_len;
1303 	int *num_berval;
1304 	char *attribute;
1305 	ulong index;
1306 	int is_full_add=0; /* flag for full add operation so ldap_mod_add can be put back into oper, gerrit THomson */
1307 
1308 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsa", &link, &dn, &dn_len, &entry) != SUCCESS) {
1309 		return;
1310 	}
1311 
1312 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1313 
1314 	num_attribs = zend_hash_num_elements(Z_ARRVAL_P(entry));
1315 	ldap_mods = safe_emalloc((num_attribs+1), sizeof(LDAPMod *), 0);
1316 	num_berval = safe_emalloc(num_attribs, sizeof(int), 0);
1317 	zend_hash_internal_pointer_reset(Z_ARRVAL_P(entry));
1318 
1319 	/* added by gerrit thomson to fix ldap_add using ldap_mod_add */
1320 	if (oper == PHP_LD_FULL_ADD) {
1321 		oper = LDAP_MOD_ADD;
1322 		is_full_add = 1;
1323 	}
1324 	/* end additional , gerrit thomson */
1325 
1326 	for (i = 0; i < num_attribs; i++) {
1327 		ldap_mods[i] = emalloc(sizeof(LDAPMod));
1328 		ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
1329 		ldap_mods[i]->mod_type = NULL;
1330 
1331 		if (zend_hash_get_current_key(Z_ARRVAL_P(entry), &attribute, &index, 0) == HASH_KEY_IS_STRING) {
1332 			ldap_mods[i]->mod_type = estrdup(attribute);
1333 		} else {
1334 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown attribute in the data");
1335 			/* Free allocated memory */
1336 			while (i >= 0) {
1337 				if (ldap_mods[i]->mod_type) {
1338 					efree(ldap_mods[i]->mod_type);
1339 				}
1340 				efree(ldap_mods[i]);
1341 				i--;
1342 			}
1343 			efree(num_berval);
1344 			efree(ldap_mods);
1345 			RETURN_FALSE;
1346 		}
1347 
1348 		zend_hash_get_current_data(Z_ARRVAL_P(entry), (void **)&value);
1349 
1350 		if (Z_TYPE_PP(value) != IS_ARRAY) {
1351 			num_values = 1;
1352 		} else {
1353 			num_values = zend_hash_num_elements(Z_ARRVAL_PP(value));
1354 		}
1355 
1356 		num_berval[i] = num_values;
1357 		ldap_mods[i]->mod_bvalues = safe_emalloc((num_values + 1), sizeof(struct berval *), 0);
1358 
1359 /* allow for arrays with one element, no allowance for arrays with none but probably not required, gerrit thomson. */
1360 		if ((num_values == 1) && (Z_TYPE_PP(value) != IS_ARRAY)) {
1361 			convert_to_string_ex(value);
1362 			ldap_mods[i]->mod_bvalues[0] = (struct berval *) emalloc (sizeof(struct berval));
1363 			ldap_mods[i]->mod_bvalues[0]->bv_len = Z_STRLEN_PP(value);
1364 			ldap_mods[i]->mod_bvalues[0]->bv_val = Z_STRVAL_PP(value);
1365 		} else {
1366 			for (j = 0; j < num_values; j++) {
1367 				if (zend_hash_index_find(Z_ARRVAL_PP(value), j, (void **) &ivalue) != SUCCESS) {
1368 					php_error_docref(NULL TSRMLS_CC, E_WARNING, "Value array must have consecutive indices 0, 1, ...");
1369 					num_berval[i] = j;
1370 					num_attribs = i + 1;
1371 					RETVAL_FALSE;
1372 					goto errexit;
1373 				}
1374 				convert_to_string_ex(ivalue);
1375 				ldap_mods[i]->mod_bvalues[j] = (struct berval *) emalloc (sizeof(struct berval));
1376 				ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_PP(ivalue);
1377 				ldap_mods[i]->mod_bvalues[j]->bv_val = Z_STRVAL_PP(ivalue);
1378 			}
1379 		}
1380 		ldap_mods[i]->mod_bvalues[num_values] = NULL;
1381 		zend_hash_move_forward(Z_ARRVAL_P(entry));
1382 	}
1383 	ldap_mods[num_attribs] = NULL;
1384 
1385 /* check flag to see if do_mod was called to perform full add , gerrit thomson */
1386 	if (is_full_add == 1) {
1387 		if ((i = ldap_add_s(ld->link, dn, ldap_mods)) != LDAP_SUCCESS) {
1388 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Add: %s", ldap_err2string(i));
1389 			RETVAL_FALSE;
1390 		} else RETVAL_TRUE;
1391 	} else {
1392 		if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1393 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Modify: %s", ldap_err2string(i));
1394 			RETVAL_FALSE;
1395 		} else RETVAL_TRUE;
1396 	}
1397 
1398 errexit:
1399 	for (i = 0; i < num_attribs; i++) {
1400 		efree(ldap_mods[i]->mod_type);
1401 		for (j = 0; j < num_berval[i]; j++) {
1402 			efree(ldap_mods[i]->mod_bvalues[j]);
1403 		}
1404 		efree(ldap_mods[i]->mod_bvalues);
1405 		efree(ldap_mods[i]);
1406 	}
1407 	efree(num_berval);
1408 	efree(ldap_mods);
1409 
1410 	return;
1411 }
1412 /* }}} */
1413 
1414 /* {{{ proto bool ldap_add(resource link, string dn, array entry)
1415    Add entries to LDAP directory */
PHP_FUNCTION(ldap_add)1416 PHP_FUNCTION(ldap_add)
1417 {
1418 	/* use a newly define parameter into the do_modify so ldap_mod_add can be used the way it is supposed to be used , Gerrit THomson */
1419 	php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, PHP_LD_FULL_ADD);
1420 }
1421 /* }}} */
1422 
1423 /* three functions for attribute base modifications, gerrit Thomson */
1424 
1425 /* {{{ proto bool ldap_mod_replace(resource link, string dn, array entry)
1426    Replace attribute values with new ones */
PHP_FUNCTION(ldap_mod_replace)1427 PHP_FUNCTION(ldap_mod_replace)
1428 {
1429 	php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_REPLACE);
1430 }
1431 /* }}} */
1432 
1433 /* {{{ proto bool ldap_mod_add(resource link, string dn, array entry)
1434    Add attribute values to current */
PHP_FUNCTION(ldap_mod_add)1435 PHP_FUNCTION(ldap_mod_add)
1436 {
1437 	php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_ADD);
1438 }
1439 /* }}} */
1440 
1441 /* {{{ proto bool ldap_mod_del(resource link, string dn, array entry)
1442    Delete attribute values */
PHP_FUNCTION(ldap_mod_del)1443 PHP_FUNCTION(ldap_mod_del)
1444 {
1445 	php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_DELETE);
1446 }
1447 /* }}} */
1448 
1449 /* {{{ proto bool ldap_delete(resource link, string dn)
1450    Delete an entry from a directory */
PHP_FUNCTION(ldap_delete)1451 PHP_FUNCTION(ldap_delete)
1452 {
1453 	zval *link;
1454 	ldap_linkdata *ld;
1455 	char *dn;
1456 	int rc, dn_len;
1457 
1458 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &link, &dn, &dn_len) != SUCCESS) {
1459 		return;
1460 	}
1461 
1462 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1463 
1464 	if ((rc = ldap_delete_s(ld->link, dn)) != LDAP_SUCCESS) {
1465 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Delete: %s", ldap_err2string(rc));
1466 		RETURN_FALSE;
1467 	}
1468 
1469 	RETURN_TRUE;
1470 }
1471 /* }}} */
1472 
1473 /* {{{ _ldap_str_equal_to_const
1474  */
_ldap_str_equal_to_const(const char * str,uint str_len,const char * cstr)1475 static int _ldap_str_equal_to_const(const char *str, uint str_len, const char *cstr)
1476 {
1477 	int i;
1478 
1479 	if (strlen(cstr) != str_len)
1480 		return 0;
1481 
1482 	for (i = 0; i < str_len; ++i) {
1483 		if (str[i] != cstr[i]) {
1484 			return 0;
1485 		}
1486 	}
1487 
1488 	return 1;
1489 }
1490 /* }}} */
1491 
1492 /* {{{ _ldap_strlen_max
1493  */
_ldap_strlen_max(const char * str,uint max_len)1494 static int _ldap_strlen_max(const char *str, uint max_len)
1495 {
1496 	int i;
1497 
1498 	for (i = 0; i < max_len; ++i) {
1499 		if (str[i] == '\0') {
1500 			return i;
1501 		}
1502 	}
1503 
1504 	return max_len;
1505 }
1506 /* }}} */
1507 
1508 /* {{{ _ldap_hash_fetch
1509  */
_ldap_hash_fetch(zval * hashTbl,const char * key,zval ** out)1510 static void _ldap_hash_fetch(zval *hashTbl, const char *key, zval **out)
1511 {
1512 	zval **fetched;
1513 	if (zend_hash_find(Z_ARRVAL_P(hashTbl), key, strlen(key)+1, (void **) &fetched) == SUCCESS) {
1514 		*out = *fetched;
1515 	}
1516 	else {
1517 		*out = NULL;
1518 	}
1519 }
1520 /* }}} */
1521 
1522 /* {{{ proto bool ldap_modify_batch(resource link, string dn, array modifs)
1523    Perform multiple modifications as part of one operation */
PHP_FUNCTION(ldap_modify_batch)1524 PHP_FUNCTION(ldap_modify_batch)
1525 {
1526 	ldap_linkdata *ld;
1527 	zval *link, *mods, *mod, *modinfo, *modval;
1528 	zval *attrib, *modtype, *vals;
1529 	zval **fetched;
1530 	char *dn;
1531 	int dn_len;
1532 	int i, j, k;
1533 	int num_mods, num_modprops, num_modvals;
1534 	LDAPMod **ldap_mods;
1535 	uint oper;
1536 
1537 	/*
1538 	$mods = array(
1539 		array(
1540 			"attrib" => "unicodePwd",
1541 			"modtype" => LDAP_MODIFY_BATCH_REMOVE,
1542 			"values" => array($oldpw)
1543 		),
1544 		array(
1545 			"attrib" => "unicodePwd",
1546 			"modtype" => LDAP_MODIFY_BATCH_ADD,
1547 			"values" => array($newpw)
1548 		),
1549 		array(
1550 			"attrib" => "userPrincipalName",
1551 			"modtype" => LDAP_MODIFY_BATCH_REPLACE,
1552 			"values" => array("janitor@corp.contoso.com")
1553 		),
1554 		array(
1555 			"attrib" => "userCert",
1556 			"modtype" => LDAP_MODIFY_BATCH_REMOVE_ALL
1557 		)
1558 	);
1559 	*/
1560 
1561 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsa", &link, &dn, &dn_len, &mods) != SUCCESS) {
1562 		return;
1563 	}
1564 
1565 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1566 
1567 	/* perform validation */
1568 	{
1569 		char *modkey;
1570 		uint modkeylen;
1571 		long modtype;
1572 
1573 		/* to store the wrongly-typed keys */
1574 		ulong tmpUlong;
1575 
1576 		/* make sure the DN contains no NUL bytes */
1577 		if (_ldap_strlen_max(dn, dn_len) != dn_len) {
1578 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "DN must not contain NUL bytes");
1579 			RETURN_FALSE;
1580 		}
1581 
1582 		/* make sure the top level is a normal array */
1583 		zend_hash_internal_pointer_reset(Z_ARRVAL_P(mods));
1584 		if (zend_hash_get_current_key_type(Z_ARRVAL_P(mods)) != HASH_KEY_IS_LONG) {
1585 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Modifications array must not be string-indexed");
1586 			RETURN_FALSE;
1587 		}
1588 
1589 		num_mods = zend_hash_num_elements(Z_ARRVAL_P(mods));
1590 
1591 		for (i = 0; i < num_mods; i++) {
1592 			/* is the numbering consecutive? */
1593 			if (zend_hash_index_find(Z_ARRVAL_P(mods), i, (void **) &fetched) != SUCCESS) {
1594 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Modifications array must have consecutive indices 0, 1, ...");
1595 				RETURN_FALSE;
1596 			}
1597 			mod = *fetched;
1598 
1599 			/* is it an array? */
1600 			if (Z_TYPE_P(mod) != IS_ARRAY) {
1601 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Each entry of modifications array must be an array itself");
1602 				RETURN_FALSE;
1603 			}
1604 
1605 			/* for the modification hashtable... */
1606 			zend_hash_internal_pointer_reset(Z_ARRVAL_P(mod));
1607 			num_modprops = zend_hash_num_elements(Z_ARRVAL_P(mod));
1608 
1609 			for (j = 0; j < num_modprops; j++) {
1610 				/* are the keys strings? */
1611 				if (zend_hash_get_current_key_ex(Z_ARRVAL_P(mod), &modkey, &modkeylen, &tmpUlong, 0, NULL) != HASH_KEY_IS_STRING) {
1612 					php_error_docref(NULL TSRMLS_CC, E_WARNING, "Each entry of modifications array must be string-indexed");
1613 					RETURN_FALSE;
1614 				}
1615 
1616 				/* modkeylen includes the terminating NUL byte; remove that */
1617 				--modkeylen;
1618 
1619 				/* is this a valid entry? */
1620 				if (
1621 					!_ldap_str_equal_to_const(modkey, modkeylen, LDAP_MODIFY_BATCH_ATTRIB) &&
1622 					!_ldap_str_equal_to_const(modkey, modkeylen, LDAP_MODIFY_BATCH_MODTYPE) &&
1623 					!_ldap_str_equal_to_const(modkey, modkeylen, LDAP_MODIFY_BATCH_VALUES)
1624 				) {
1625 					php_error_docref(NULL TSRMLS_CC, E_WARNING, "The only allowed keys in entries of the modifications array are '" LDAP_MODIFY_BATCH_ATTRIB "', '" LDAP_MODIFY_BATCH_MODTYPE "' and '" LDAP_MODIFY_BATCH_VALUES "'");
1626 					RETURN_FALSE;
1627 				}
1628 
1629 				zend_hash_get_current_data(Z_ARRVAL_P(mod), (void **) &fetched);
1630 				modinfo = *fetched;
1631 
1632 				/* does the value type match the key? */
1633 				if (_ldap_str_equal_to_const(modkey, modkeylen, LDAP_MODIFY_BATCH_ATTRIB)) {
1634 					if (Z_TYPE_P(modinfo) != IS_STRING) {
1635 						php_error_docref(NULL TSRMLS_CC, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must be a string");
1636 						RETURN_FALSE;
1637 					}
1638 
1639 					if (Z_STRLEN_P(modinfo) != _ldap_strlen_max(Z_STRVAL_P(modinfo), Z_STRLEN_P(modinfo))) {
1640 						php_error_docref(NULL TSRMLS_CC, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must not contain NUL bytes");
1641 						RETURN_FALSE;
1642 					}
1643 				}
1644 				else if (_ldap_str_equal_to_const(modkey, modkeylen, LDAP_MODIFY_BATCH_MODTYPE)) {
1645 					if (Z_TYPE_P(modinfo) != IS_LONG) {
1646 						php_error_docref(NULL TSRMLS_CC, E_WARNING, "A '" LDAP_MODIFY_BATCH_MODTYPE "' value must be a long");
1647 						RETURN_FALSE;
1648 					}
1649 
1650 					/* is the value in range? */
1651 					modtype = Z_LVAL_P(modinfo);
1652 					if (
1653 						modtype != LDAP_MODIFY_BATCH_ADD &&
1654 						modtype != LDAP_MODIFY_BATCH_REMOVE &&
1655 						modtype != LDAP_MODIFY_BATCH_REPLACE &&
1656 						modtype != LDAP_MODIFY_BATCH_REMOVE_ALL
1657 					) {
1658 						php_error_docref(NULL TSRMLS_CC, E_WARNING, "The '" LDAP_MODIFY_BATCH_MODTYPE "' value must match one of the LDAP_MODIFY_BATCH_* constants");
1659 						RETURN_FALSE;
1660 					}
1661 
1662 					/* if it's REMOVE_ALL, there must not be a values array; otherwise, there must */
1663 					if (modtype == LDAP_MODIFY_BATCH_REMOVE_ALL) {
1664 						if (zend_hash_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES) + 1)) {
1665 							php_error_docref(NULL TSRMLS_CC, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must not be provided");
1666 							RETURN_FALSE;
1667 						}
1668 					}
1669 					else {
1670 						if (!zend_hash_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES) + 1)) {
1671 							php_error_docref(NULL TSRMLS_CC, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is not LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must be provided");
1672 							RETURN_FALSE;
1673 						}
1674 					}
1675 				}
1676 				else if (_ldap_str_equal_to_const(modkey, modkeylen, LDAP_MODIFY_BATCH_VALUES)) {
1677 					if (Z_TYPE_P(modinfo) != IS_ARRAY) {
1678 						php_error_docref(NULL TSRMLS_CC, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' value must be an array");
1679 						RETURN_FALSE;
1680 					}
1681 
1682 					/* is the array not empty? */
1683 					zend_hash_internal_pointer_reset(Z_ARRVAL_P(modinfo));
1684 					num_modvals = zend_hash_num_elements(Z_ARRVAL_P(modinfo));
1685 					if (num_modvals == 0) {
1686 						php_error_docref(NULL TSRMLS_CC, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have at least one element");
1687 						RETURN_FALSE;
1688 					}
1689 
1690 					/* are its keys integers? */
1691 					if (zend_hash_get_current_key_type(Z_ARRVAL_P(modinfo)) != HASH_KEY_IS_LONG) {
1692 						php_error_docref(NULL TSRMLS_CC, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must not be string-indexed");
1693 						RETURN_FALSE;
1694 					}
1695 
1696 					/* are the keys consecutive? */
1697 					for (k = 0; k < num_modvals; k++) {
1698 						if (zend_hash_index_find(Z_ARRVAL_P(modinfo), k, (void **) &fetched) != SUCCESS) {
1699 							php_error_docref(NULL TSRMLS_CC, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have consecutive indices 0, 1, ...");
1700 							RETURN_FALSE;
1701 						}
1702 						modval = *fetched;
1703 
1704 						/* is the data element a string? */
1705 						if (Z_TYPE_P(modval) != IS_STRING) {
1706 							php_error_docref(NULL TSRMLS_CC, E_WARNING, "Each element of a '" LDAP_MODIFY_BATCH_VALUES "' array must be a string");
1707 							RETURN_FALSE;
1708 						}
1709 					}
1710 				}
1711 
1712 				zend_hash_move_forward(Z_ARRVAL_P(mod));
1713 			}
1714 		}
1715 	}
1716 	/* validation was successful */
1717 
1718 	/* allocate array of modifications */
1719 	ldap_mods = safe_emalloc((num_mods+1), sizeof(LDAPMod *), 0);
1720 
1721 	/* for each modification */
1722 	for (i = 0; i < num_mods; i++) {
1723 		/* allocate the modification struct */
1724 		ldap_mods[i] = safe_emalloc(1, sizeof(LDAPMod), 0);
1725 
1726 		/* fetch the relevant data */
1727 		zend_hash_index_find(Z_ARRVAL_P(mods), i, (void **) &fetched);
1728 		mod = *fetched;
1729 
1730 		_ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_ATTRIB, &attrib);
1731 		_ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_MODTYPE, &modtype);
1732 		_ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_VALUES, &vals);
1733 
1734 		/* map the modification type */
1735 		switch (Z_LVAL_P(modtype)) {
1736 			case LDAP_MODIFY_BATCH_ADD:
1737 				oper = LDAP_MOD_ADD;
1738 				break;
1739 			case LDAP_MODIFY_BATCH_REMOVE:
1740 			case LDAP_MODIFY_BATCH_REMOVE_ALL:
1741 				oper = LDAP_MOD_DELETE;
1742 				break;
1743 			case LDAP_MODIFY_BATCH_REPLACE:
1744 				oper = LDAP_MOD_REPLACE;
1745 				break;
1746 			default:
1747 				php_error_docref(NULL TSRMLS_CC, E_ERROR, "Unknown and uncaught modification type.");
1748 				RETURN_FALSE;
1749 		}
1750 
1751 		/* fill in the basic info */
1752 		ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
1753 		ldap_mods[i]->mod_type = estrndup(Z_STRVAL_P(attrib), Z_STRLEN_P(attrib));
1754 
1755 		if (Z_LVAL_P(modtype) == LDAP_MODIFY_BATCH_REMOVE_ALL) {
1756 			/* no values */
1757 			ldap_mods[i]->mod_bvalues = NULL;
1758 		}
1759 		else {
1760 			/* allocate space for the values as part of this modification */
1761 			num_modvals = zend_hash_num_elements(Z_ARRVAL_P(vals));
1762 			ldap_mods[i]->mod_bvalues = safe_emalloc((num_modvals+1), sizeof(struct berval *), 0);
1763 
1764 			/* for each value */
1765 			for (j = 0; j < num_modvals; j++) {
1766 				/* fetch it */
1767 				zend_hash_index_find(Z_ARRVAL_P(vals), j, (void **) &fetched);
1768 				modval = *fetched;
1769 
1770 				/* allocate the data struct */
1771 				ldap_mods[i]->mod_bvalues[j] = safe_emalloc(1, sizeof(struct berval), 0);
1772 
1773 				/* fill it */
1774 				ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_P(modval);
1775 				ldap_mods[i]->mod_bvalues[j]->bv_val = estrndup(Z_STRVAL_P(modval), Z_STRLEN_P(modval));
1776 			}
1777 
1778 			/* NULL-terminate values */
1779 			ldap_mods[i]->mod_bvalues[num_modvals] = NULL;
1780 		}
1781 	}
1782 
1783 	/* NULL-terminate modifications */
1784 	ldap_mods[num_mods] = NULL;
1785 
1786 	/* perform (finally) */
1787 	if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1788 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Batch Modify: %s", ldap_err2string(i));
1789 		RETVAL_FALSE;
1790 	} else RETVAL_TRUE;
1791 
1792 	/* clean up */
1793 	{
1794 		for (i = 0; i < num_mods; i++) {
1795 			/* attribute */
1796 			efree(ldap_mods[i]->mod_type);
1797 
1798 			if (ldap_mods[i]->mod_bvalues != NULL) {
1799 				/* each BER value */
1800 				for (j = 0; ldap_mods[i]->mod_bvalues[j] != NULL; j++) {
1801 					/* free the data bytes */
1802 					efree(ldap_mods[i]->mod_bvalues[j]->bv_val);
1803 
1804 					/* free the bvalue struct */
1805 					efree(ldap_mods[i]->mod_bvalues[j]);
1806 				}
1807 
1808 				/* the BER value array */
1809 				efree(ldap_mods[i]->mod_bvalues);
1810 			}
1811 
1812 			/* the modification */
1813 			efree(ldap_mods[i]);
1814 		}
1815 
1816 		/* the modifications array */
1817 		efree(ldap_mods);
1818 	}
1819 }
1820 /* }}} */
1821 
1822 /* {{{ proto int ldap_errno(resource link)
1823    Get the current ldap error number */
PHP_FUNCTION(ldap_errno)1824 PHP_FUNCTION(ldap_errno)
1825 {
1826 	zval *link;
1827 	ldap_linkdata *ld;
1828 
1829 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &link) != SUCCESS) {
1830 		return;
1831 	}
1832 
1833 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1834 
1835 	RETURN_LONG(_get_lderrno(ld->link));
1836 }
1837 /* }}} */
1838 
1839 /* {{{ proto string ldap_err2str(int errno)
1840    Convert error number to error string */
PHP_FUNCTION(ldap_err2str)1841 PHP_FUNCTION(ldap_err2str)
1842 {
1843 	long perrno;
1844 
1845 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &perrno) != SUCCESS) {
1846 		return;
1847 	}
1848 
1849 	RETURN_STRING(ldap_err2string(perrno), 1);
1850 }
1851 /* }}} */
1852 
1853 /* {{{ proto string ldap_error(resource link)
1854    Get the current ldap error string */
PHP_FUNCTION(ldap_error)1855 PHP_FUNCTION(ldap_error)
1856 {
1857 	zval *link;
1858 	ldap_linkdata *ld;
1859 	int ld_errno;
1860 
1861 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &link) != SUCCESS) {
1862 		return;
1863 	}
1864 
1865 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1866 
1867 	ld_errno = _get_lderrno(ld->link);
1868 
1869 	RETURN_STRING(ldap_err2string(ld_errno), 1);
1870 }
1871 /* }}} */
1872 
1873 /* {{{ proto bool ldap_compare(resource link, string dn, string attr, string value)
1874    Determine if an entry has a specific value for one of its attributes */
PHP_FUNCTION(ldap_compare)1875 PHP_FUNCTION(ldap_compare)
1876 {
1877 	zval *link;
1878 	char *dn, *attr, *value;
1879 	int dn_len, attr_len, value_len;
1880 	ldap_linkdata *ld;
1881 	int errno;
1882 
1883 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsss", &link, &dn, &dn_len, &attr, &attr_len, &value, &value_len) != SUCCESS) {
1884 		return;
1885 	}
1886 
1887 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1888 
1889 	errno = ldap_compare_s(ld->link, dn, attr, value);
1890 
1891 	switch (errno) {
1892 		case LDAP_COMPARE_TRUE:
1893 			RETURN_TRUE;
1894 			break;
1895 
1896 		case LDAP_COMPARE_FALSE:
1897 			RETURN_FALSE;
1898 			break;
1899 	}
1900 
1901 	php_error_docref(NULL TSRMLS_CC, E_WARNING, "Compare: %s", ldap_err2string(errno));
1902 	RETURN_LONG(-1);
1903 }
1904 /* }}} */
1905 
1906 /* {{{ proto bool ldap_sort(resource link, resource result, string sortfilter)
1907    Sort LDAP result entries */
PHP_FUNCTION(ldap_sort)1908 PHP_FUNCTION(ldap_sort)
1909 {
1910 	zval *link, *result;
1911 	ldap_linkdata *ld;
1912 	char *sortfilter;
1913 	int sflen;
1914 	zend_rsrc_list_entry *le;
1915 
1916 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rrs", &link, &result, &sortfilter, &sflen) != SUCCESS) {
1917 		RETURN_FALSE;
1918 	}
1919 
1920 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1921 
1922 	if (zend_hash_index_find(&EG(regular_list), Z_LVAL_P(result), (void **) &le) != SUCCESS || le->type != le_result) {
1923 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Supplied resource is not a valid ldap result resource");
1924 		RETURN_FALSE;
1925 	}
1926 
1927 	if (ldap_sort_entries(ld->link, (LDAPMessage **) &le->ptr, sflen ? sortfilter : NULL, strcmp) != LDAP_SUCCESS) {
1928 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s", ldap_err2string(errno));
1929 		RETURN_FALSE;
1930 	}
1931 
1932 	RETURN_TRUE;
1933 }
1934 /* }}} */
1935 
1936 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
1937 /* {{{ proto bool ldap_get_option(resource link, int option, mixed retval)
1938    Get the current value of various session-wide parameters */
PHP_FUNCTION(ldap_get_option)1939 PHP_FUNCTION(ldap_get_option)
1940 {
1941 	zval *link, *retval;
1942 	ldap_linkdata *ld;
1943 	long option;
1944 
1945 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rlz", &link, &option, &retval) != SUCCESS) {
1946 		return;
1947 	}
1948 
1949 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
1950 
1951 	switch (option) {
1952 	/* options with int value */
1953 	case LDAP_OPT_DEREF:
1954 	case LDAP_OPT_SIZELIMIT:
1955 	case LDAP_OPT_TIMELIMIT:
1956 	case LDAP_OPT_PROTOCOL_VERSION:
1957 	case LDAP_OPT_ERROR_NUMBER:
1958 	case LDAP_OPT_REFERRALS:
1959 #ifdef LDAP_OPT_RESTART
1960 	case LDAP_OPT_RESTART:
1961 #endif
1962 		{
1963 			int val;
1964 
1965 			if (ldap_get_option(ld->link, option, &val)) {
1966 				RETURN_FALSE;
1967 			}
1968 			zval_dtor(retval);
1969 			ZVAL_LONG(retval, val);
1970 		} break;
1971 #ifdef LDAP_OPT_NETWORK_TIMEOUT
1972 	case LDAP_OPT_NETWORK_TIMEOUT:
1973 		{
1974 			struct timeval *timeout = NULL;
1975 
1976 			if (ldap_get_option(ld->link, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
1977 				if (timeout) {
1978 					ldap_memfree(timeout);
1979 				}
1980 				RETURN_FALSE;
1981 			}
1982 			if (!timeout) {
1983 				RETURN_FALSE;
1984 			}
1985 			zval_dtor(retval);
1986 			ZVAL_LONG(retval, timeout->tv_sec);
1987 			ldap_memfree(timeout);
1988 		} break;
1989 #elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
1990 	case LDAP_X_OPT_CONNECT_TIMEOUT:
1991 		{
1992 			int timeout;
1993 
1994 			if (ldap_get_option(ld->link, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
1995 				RETURN_FALSE;
1996 			}
1997 			zval_dtor(retval);
1998 			ZVAL_LONG(retval, (timeout / 1000));
1999 		} break;
2000 #endif
2001 	/* options with string value */
2002 	case LDAP_OPT_ERROR_STRING:
2003 #ifdef LDAP_OPT_HOST_NAME
2004 	case LDAP_OPT_HOST_NAME:
2005 #endif
2006 #ifdef HAVE_LDAP_SASL
2007 	case LDAP_OPT_X_SASL_MECH:
2008 	case LDAP_OPT_X_SASL_REALM:
2009 	case LDAP_OPT_X_SASL_AUTHCID:
2010 	case LDAP_OPT_X_SASL_AUTHZID:
2011 #endif
2012 #ifdef LDAP_OPT_MATCHED_DN
2013 	case LDAP_OPT_MATCHED_DN:
2014 #endif
2015 		{
2016 			char *val = NULL;
2017 
2018 			if (ldap_get_option(ld->link, option, &val) || val == NULL || *val == '\0') {
2019 				if (val) {
2020 					ldap_memfree(val);
2021 				}
2022 				RETURN_FALSE;
2023 			}
2024 			zval_dtor(retval);
2025 			ZVAL_STRING(retval, val, 1);
2026 			ldap_memfree(val);
2027 		} break;
2028 /* options not implemented
2029 	case LDAP_OPT_SERVER_CONTROLS:
2030 	case LDAP_OPT_CLIENT_CONTROLS:
2031 	case LDAP_OPT_API_INFO:
2032 	case LDAP_OPT_API_FEATURE_INFO:
2033 */
2034 	default:
2035 		RETURN_FALSE;
2036 	}
2037 	RETURN_TRUE;
2038 }
2039 /* }}} */
2040 
2041 /* {{{ proto bool ldap_set_option(resource link, int option, mixed newval)
2042    Set the value of various session-wide parameters */
PHP_FUNCTION(ldap_set_option)2043 PHP_FUNCTION(ldap_set_option)
2044 {
2045 	zval *link, **newval;
2046 	ldap_linkdata *ld;
2047 	LDAP *ldap;
2048 	long option;
2049 
2050 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zlZ", &link, &option, &newval) != SUCCESS) {
2051 		return;
2052 	}
2053 
2054 	if (Z_TYPE_P(link) == IS_NULL) {
2055 		ldap = NULL;
2056 	} else {
2057 		ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2058 		ldap = ld->link;
2059 	}
2060 
2061 	switch (option) {
2062 	/* options with int value */
2063 	case LDAP_OPT_DEREF:
2064 	case LDAP_OPT_SIZELIMIT:
2065 	case LDAP_OPT_TIMELIMIT:
2066 	case LDAP_OPT_PROTOCOL_VERSION:
2067 	case LDAP_OPT_ERROR_NUMBER:
2068 #ifdef LDAP_OPT_DEBUG_LEVEL
2069 	case LDAP_OPT_DEBUG_LEVEL:
2070 #endif
2071 		{
2072 			int val;
2073 
2074 			convert_to_long_ex(newval);
2075 			val = Z_LVAL_PP(newval);
2076 			if (ldap_set_option(ldap, option, &val)) {
2077 				RETURN_FALSE;
2078 			}
2079 		} break;
2080 #ifdef LDAP_OPT_NETWORK_TIMEOUT
2081 	case LDAP_OPT_NETWORK_TIMEOUT:
2082 		{
2083 			struct timeval timeout;
2084 
2085 			convert_to_long_ex(newval);
2086 			timeout.tv_sec = Z_LVAL_PP(newval);
2087 			timeout.tv_usec = 0;
2088 			if (ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
2089 				RETURN_FALSE;
2090 			}
2091 		} break;
2092 #elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
2093 	case LDAP_X_OPT_CONNECT_TIMEOUT:
2094 		{
2095 			int timeout;
2096 
2097 			convert_to_long_ex(newval);
2098 			timeout = 1000 * Z_LVAL_PP(newval); /* Convert to milliseconds */
2099 			if (ldap_set_option(ldap, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
2100 				RETURN_FALSE;
2101 			}
2102 		} break;
2103 #endif
2104 		/* options with string value */
2105 	case LDAP_OPT_ERROR_STRING:
2106 #ifdef LDAP_OPT_HOST_NAME
2107 	case LDAP_OPT_HOST_NAME:
2108 #endif
2109 #ifdef HAVE_LDAP_SASL
2110 	case LDAP_OPT_X_SASL_MECH:
2111 	case LDAP_OPT_X_SASL_REALM:
2112 	case LDAP_OPT_X_SASL_AUTHCID:
2113 	case LDAP_OPT_X_SASL_AUTHZID:
2114 #endif
2115 #ifdef LDAP_OPT_MATCHED_DN
2116 	case LDAP_OPT_MATCHED_DN:
2117 #endif
2118 		{
2119 			char *val;
2120 			convert_to_string_ex(newval);
2121 			val = Z_STRVAL_PP(newval);
2122 			if (ldap_set_option(ldap, option, val)) {
2123 				RETURN_FALSE;
2124 			}
2125 		} break;
2126 		/* options with boolean value */
2127 	case LDAP_OPT_REFERRALS:
2128 #ifdef LDAP_OPT_RESTART
2129 	case LDAP_OPT_RESTART:
2130 #endif
2131 		{
2132 			void *val;
2133 			convert_to_boolean_ex(newval);
2134 			val = Z_LVAL_PP(newval)
2135 				? LDAP_OPT_ON : LDAP_OPT_OFF;
2136 			if (ldap_set_option(ldap, option, val)) {
2137 				RETURN_FALSE;
2138 			}
2139 		} break;
2140 		/* options with control list value */
2141 	case LDAP_OPT_SERVER_CONTROLS:
2142 	case LDAP_OPT_CLIENT_CONTROLS:
2143 		{
2144 			LDAPControl *ctrl, **ctrls, **ctrlp;
2145 			zval **ctrlval, **val;
2146 			int ncontrols;
2147 			char error=0;
2148 
2149 			if ((Z_TYPE_PP(newval) != IS_ARRAY) || !(ncontrols = zend_hash_num_elements(Z_ARRVAL_PP(newval)))) {
2150 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Expected non-empty array value for this option");
2151 				RETURN_FALSE;
2152 			}
2153 			ctrls = safe_emalloc((1 + ncontrols), sizeof(*ctrls), 0);
2154 			*ctrls = NULL;
2155 			ctrlp = ctrls;
2156 			zend_hash_internal_pointer_reset(Z_ARRVAL_PP(newval));
2157 			while (zend_hash_get_current_data(Z_ARRVAL_PP(newval), (void**)&ctrlval) == SUCCESS) {
2158 				if (Z_TYPE_PP(ctrlval) != IS_ARRAY) {
2159 					php_error_docref(NULL TSRMLS_CC, E_WARNING, "The array value must contain only arrays, where each array is a control");
2160 					error = 1;
2161 					break;
2162 				}
2163 				if (zend_hash_find(Z_ARRVAL_PP(ctrlval), "oid", sizeof("oid"), (void **) &val) != SUCCESS) {
2164 					php_error_docref(NULL TSRMLS_CC, E_WARNING, "Control must have an oid key");
2165 					error = 1;
2166 					break;
2167 				}
2168 				ctrl = *ctrlp = emalloc(sizeof(**ctrlp));
2169 				convert_to_string_ex(val);
2170 				ctrl->ldctl_oid = Z_STRVAL_PP(val);
2171 				if (zend_hash_find(Z_ARRVAL_PP(ctrlval), "value", sizeof("value"), (void **) &val) == SUCCESS) {
2172 					convert_to_string_ex(val);
2173 					ctrl->ldctl_value.bv_val = Z_STRVAL_PP(val);
2174 					ctrl->ldctl_value.bv_len = Z_STRLEN_PP(val);
2175 				} else {
2176 					ctrl->ldctl_value.bv_val = NULL;
2177 					ctrl->ldctl_value.bv_len = 0;
2178 				}
2179 				if (zend_hash_find(Z_ARRVAL_PP(ctrlval), "iscritical", sizeof("iscritical"), (void **) &val) == SUCCESS) {
2180 					convert_to_boolean_ex(val);
2181 					ctrl->ldctl_iscritical = Z_BVAL_PP(val);
2182 				} else {
2183 					ctrl->ldctl_iscritical = 0;
2184 				}
2185 
2186 				++ctrlp;
2187 				*ctrlp = NULL;
2188 				zend_hash_move_forward(Z_ARRVAL_PP(newval));
2189 			}
2190 			if (!error) {
2191 				error = ldap_set_option(ldap, option, ctrls);
2192 			}
2193 			ctrlp = ctrls;
2194 			while (*ctrlp) {
2195 				efree(*ctrlp);
2196 				ctrlp++;
2197 			}
2198 			efree(ctrls);
2199 			if (error) {
2200 				RETURN_FALSE;
2201 			}
2202 		} break;
2203 	default:
2204 		RETURN_FALSE;
2205 	}
2206 	RETURN_TRUE;
2207 }
2208 /* }}} */
2209 
2210 #ifdef HAVE_LDAP_PARSE_RESULT
2211 /* {{{ proto bool ldap_parse_result(resource link, resource result, int errcode, string matcheddn, string errmsg, array referrals)
2212    Extract information from result */
PHP_FUNCTION(ldap_parse_result)2213 PHP_FUNCTION(ldap_parse_result)
2214 {
2215 	zval *link, *result, *errcode, *matcheddn, *errmsg, *referrals;
2216 	ldap_linkdata *ld;
2217 	LDAPMessage *ldap_result;
2218 	char **lreferrals, **refp;
2219 	char *lmatcheddn, *lerrmsg;
2220 	int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
2221 
2222 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rrz|zzz", &link, &result, &errcode, &matcheddn, &errmsg, &referrals) != SUCCESS) {
2223 		return;
2224 	}
2225 
2226 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2227 	ZEND_FETCH_RESOURCE(ldap_result, LDAPMessage *, &result, -1, "ldap result", le_result);
2228 
2229 	rc = ldap_parse_result(ld->link, ldap_result, &lerrcode,
2230 				myargcount > 3 ? &lmatcheddn : NULL,
2231 				myargcount > 4 ? &lerrmsg : NULL,
2232 				myargcount > 5 ? &lreferrals : NULL,
2233 				NULL /* &serverctrls */,
2234 				0);
2235 	if (rc != LDAP_SUCCESS) {
2236 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to parse result: %s", ldap_err2string(rc));
2237 		RETURN_FALSE;
2238 	}
2239 
2240 	zval_dtor(errcode);
2241 	ZVAL_LONG(errcode, lerrcode);
2242 
2243 	/* Reverse -> fall through */
2244 	switch (myargcount) {
2245 		case 6:
2246 			zval_dtor(referrals);
2247 			array_init(referrals);
2248 			if (lreferrals != NULL) {
2249 				refp = lreferrals;
2250 				while (*refp) {
2251 					add_next_index_string(referrals, *refp, 1);
2252 					refp++;
2253 				}
2254 				ldap_value_free(lreferrals);
2255 			}
2256 		case 5:
2257 			zval_dtor(errmsg);
2258 			if (lerrmsg == NULL) {
2259 				ZVAL_EMPTY_STRING(errmsg);
2260 			} else {
2261 				ZVAL_STRING(errmsg, lerrmsg, 1);
2262 				ldap_memfree(lerrmsg);
2263 			}
2264 		case 4:
2265 			zval_dtor(matcheddn);
2266 			if (lmatcheddn == NULL) {
2267 				ZVAL_EMPTY_STRING(matcheddn);
2268 			} else {
2269 				ZVAL_STRING(matcheddn, lmatcheddn, 1);
2270 				ldap_memfree(lmatcheddn);
2271 			}
2272 	}
2273 	RETURN_TRUE;
2274 }
2275 /* }}} */
2276 #endif
2277 
2278 /* {{{ proto resource ldap_first_reference(resource link, resource result)
2279    Return first reference */
PHP_FUNCTION(ldap_first_reference)2280 PHP_FUNCTION(ldap_first_reference)
2281 {
2282 	zval *link, *result;
2283 	ldap_linkdata *ld;
2284 	ldap_resultentry *resultentry;
2285 	LDAPMessage *ldap_result, *entry;
2286 
2287 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result) != SUCCESS) {
2288 		return;
2289 	}
2290 
2291 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2292 	ZEND_FETCH_RESOURCE(ldap_result, LDAPMessage *, &result, -1, "ldap result", le_result);
2293 
2294 	if ((entry = ldap_first_reference(ld->link, ldap_result)) == NULL) {
2295 		RETVAL_FALSE;
2296 	} else {
2297 		resultentry = emalloc(sizeof(ldap_resultentry));
2298 		ZEND_REGISTER_RESOURCE(return_value, resultentry, le_result_entry);
2299 		resultentry->id = Z_LVAL_P(result);
2300 		zend_list_addref(resultentry->id);
2301 		resultentry->data = entry;
2302 		resultentry->ber = NULL;
2303 	}
2304 }
2305 /* }}} */
2306 
2307 /* {{{ proto resource ldap_next_reference(resource link, resource reference_entry)
2308    Get next reference */
PHP_FUNCTION(ldap_next_reference)2309 PHP_FUNCTION(ldap_next_reference)
2310 {
2311 	zval *link, *result_entry;
2312 	ldap_linkdata *ld;
2313 	ldap_resultentry *resultentry, *resultentry_next;
2314 	LDAPMessage *entry_next;
2315 
2316 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr", &link, &result_entry) != SUCCESS) {
2317 		return;
2318 	}
2319 
2320 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2321 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
2322 
2323 	if ((entry_next = ldap_next_reference(ld->link, resultentry->data)) == NULL) {
2324 		RETVAL_FALSE;
2325 	} else {
2326 		resultentry_next = emalloc(sizeof(ldap_resultentry));
2327 		ZEND_REGISTER_RESOURCE(return_value, resultentry_next, le_result_entry);
2328 		resultentry_next->id = resultentry->id;
2329 		zend_list_addref(resultentry->id);
2330 		resultentry_next->data = entry_next;
2331 		resultentry_next->ber = NULL;
2332 	}
2333 }
2334 /* }}} */
2335 
2336 #ifdef HAVE_LDAP_PARSE_REFERENCE
2337 /* {{{ proto bool ldap_parse_reference(resource link, resource reference_entry, array referrals)
2338    Extract information from reference entry */
PHP_FUNCTION(ldap_parse_reference)2339 PHP_FUNCTION(ldap_parse_reference)
2340 {
2341 	zval *link, *result_entry, *referrals;
2342 	ldap_linkdata *ld;
2343 	ldap_resultentry *resultentry;
2344 	char **lreferrals, **refp;
2345 
2346 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rrz", &link, &result_entry, &referrals) != SUCCESS) {
2347 		return;
2348 	}
2349 
2350 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2351 	ZEND_FETCH_RESOURCE(resultentry, ldap_resultentry *, &result_entry, -1, "ldap result entry", le_result_entry);
2352 
2353 	if (ldap_parse_reference(ld->link, resultentry->data, &lreferrals, NULL /* &serverctrls */, 0) != LDAP_SUCCESS) {
2354 		RETURN_FALSE;
2355 	}
2356 
2357 	zval_dtor(referrals);
2358 	array_init(referrals);
2359 	if (lreferrals != NULL) {
2360 		refp = lreferrals;
2361 		while (*refp) {
2362 			add_next_index_string(referrals, *refp, 1);
2363 			refp++;
2364 		}
2365 		ldap_value_free(lreferrals);
2366 	}
2367 	RETURN_TRUE;
2368 }
2369 /* }}} */
2370 #endif
2371 
2372 /* {{{ proto bool ldap_rename(resource link, string dn, string newrdn, string newparent, bool deleteoldrdn);
2373    Modify the name of an entry */
PHP_FUNCTION(ldap_rename)2374 PHP_FUNCTION(ldap_rename)
2375 {
2376 	zval *link;
2377 	ldap_linkdata *ld;
2378 	int rc;
2379 	char *dn, *newrdn, *newparent;
2380 	int dn_len, newrdn_len, newparent_len;
2381 	zend_bool deleteoldrdn;
2382 
2383 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsssb", &link, &dn, &dn_len, &newrdn, &newrdn_len, &newparent, &newparent_len, &deleteoldrdn) != SUCCESS) {
2384 		return;
2385 	}
2386 
2387 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2388 
2389 	if (newparent_len == 0) {
2390 		newparent = NULL;
2391 	}
2392 
2393 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2394 	rc = ldap_rename_s(ld->link, dn, newrdn, newparent, deleteoldrdn, NULL, NULL);
2395 #else
2396 	if (newparent_len != 0) {
2397 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "You are using old LDAP API, newparent must be the empty string, can only modify RDN");
2398 		RETURN_FALSE;
2399 	}
2400 /* could support old APIs but need check for ldap_modrdn2()/ldap_modrdn() */
2401 	rc = ldap_modrdn2_s(ld->link, dn, newrdn, deleteoldrdn);
2402 #endif
2403 
2404 	if (rc == LDAP_SUCCESS) {
2405 		RETURN_TRUE;
2406 	}
2407 	RETURN_FALSE;
2408 }
2409 /* }}} */
2410 
2411 #ifdef HAVE_LDAP_START_TLS_S
2412 /* {{{ proto bool ldap_start_tls(resource link)
2413    Start TLS */
PHP_FUNCTION(ldap_start_tls)2414 PHP_FUNCTION(ldap_start_tls)
2415 {
2416 	zval *link;
2417 	ldap_linkdata *ld;
2418 	int rc, protocol = LDAP_VERSION3;
2419 
2420 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &link) != SUCCESS) {
2421 		return;
2422 	}
2423 
2424 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2425 
2426 	if (((rc = ldap_set_option(ld->link, LDAP_OPT_PROTOCOL_VERSION, &protocol)) != LDAP_SUCCESS) ||
2427 		((rc = ldap_start_tls_s(ld->link, NULL, NULL)) != LDAP_SUCCESS)
2428 	) {
2429 		php_error_docref(NULL TSRMLS_CC, E_WARNING,"Unable to start TLS: %s", ldap_err2string(rc));
2430 		RETURN_FALSE;
2431 	} else {
2432 		RETURN_TRUE;
2433 	}
2434 }
2435 /* }}} */
2436 #endif
2437 #endif /* (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP */
2438 
2439 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
2440 /* {{{ _ldap_rebind_proc()
2441 */
_ldap_rebind_proc(LDAP * ldap,const char * url,ber_tag_t req,ber_int_t msgid,void * params)2442 int _ldap_rebind_proc(LDAP *ldap, const char *url, ber_tag_t req, ber_int_t msgid, void *params)
2443 {
2444 	ldap_linkdata *ld;
2445 	int retval;
2446 	zval *cb_url;
2447 	zval **cb_args[2];
2448 	zval *cb_retval;
2449 	zval *cb_link = (zval *) params;
2450 	TSRMLS_FETCH();
2451 
2452 	ld = (ldap_linkdata *) zend_fetch_resource(&cb_link TSRMLS_CC, -1, "ldap link", NULL, 1, le_link);
2453 
2454 	/* link exists and callback set? */
2455 	if (ld == NULL || ld->rebindproc == NULL) {
2456 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Link not found or no callback set");
2457 		return LDAP_OTHER;
2458 	}
2459 
2460 	/* callback */
2461 	MAKE_STD_ZVAL(cb_url);
2462 	ZVAL_STRING(cb_url, estrdup(url), 0);
2463 	cb_args[0] = &cb_link;
2464 	cb_args[1] = &cb_url;
2465 	if (call_user_function_ex(EG(function_table), NULL, ld->rebindproc, &cb_retval, 2, cb_args, 0, NULL TSRMLS_CC) == SUCCESS && cb_retval) {
2466 		convert_to_long_ex(&cb_retval);
2467 		retval = Z_LVAL_P(cb_retval);
2468 		zval_ptr_dtor(&cb_retval);
2469 	} else {
2470 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "rebind_proc PHP callback failed");
2471 		retval = LDAP_OTHER;
2472 	}
2473 	zval_dtor(cb_url);
2474 	FREE_ZVAL(cb_url);
2475 	return retval;
2476 }
2477 /* }}} */
2478 
2479 /* {{{ proto bool ldap_set_rebind_proc(resource link, string callback)
2480    Set a callback function to do re-binds on referral chasing. */
PHP_FUNCTION(ldap_set_rebind_proc)2481 PHP_FUNCTION(ldap_set_rebind_proc)
2482 {
2483 	zval *link, *callback;
2484 	ldap_linkdata *ld;
2485 	char *callback_name;
2486 
2487 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rz", &link, &callback) != SUCCESS) {
2488 		RETURN_FALSE;
2489 	}
2490 
2491 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2492 
2493 	if (Z_TYPE_P(callback) == IS_STRING && Z_STRLEN_P(callback) == 0) {
2494 		/* unregister rebind procedure */
2495 		if (ld->rebindproc != NULL) {
2496 			zval_dtor(ld->rebindproc);
2497 			FREE_ZVAL(ld->rebindproc);
2498 			ld->rebindproc = NULL;
2499 			ldap_set_rebind_proc(ld->link, NULL, NULL);
2500 		}
2501 		RETURN_TRUE;
2502 	}
2503 
2504 	/* callable? */
2505 	if (!zend_is_callable(callback, 0, &callback_name TSRMLS_CC)) {
2506 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Two arguments expected for '%s' to be a valid callback", callback_name);
2507 		efree(callback_name);
2508 		RETURN_FALSE;
2509 	}
2510 	efree(callback_name);
2511 
2512 	/* register rebind procedure */
2513 	if (ld->rebindproc == NULL) {
2514 		ldap_set_rebind_proc(ld->link, _ldap_rebind_proc, (void *) link);
2515 	} else {
2516 		zval_dtor(ld->rebindproc);
2517 	}
2518 
2519 	ALLOC_ZVAL(ld->rebindproc);
2520 	*ld->rebindproc = *callback;
2521 	zval_copy_ctor(ld->rebindproc);
2522 	RETURN_TRUE;
2523 }
2524 /* }}} */
2525 #endif
2526 
2527 #ifdef STR_TRANSLATION
2528 /* {{{ php_ldap_do_translate
2529  */
php_ldap_do_translate(INTERNAL_FUNCTION_PARAMETERS,int way)2530 static void php_ldap_do_translate(INTERNAL_FUNCTION_PARAMETERS, int way)
2531 {
2532 	char *value;
2533 	int result, ldap_len;
2534 
2535 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &value, &value_len) != SUCCESS) {
2536 		return;
2537 	}
2538 
2539 	if (value_len == 0) {
2540 		RETURN_FALSE;
2541 	}
2542 
2543 	if (way == 1) {
2544 		result = ldap_8859_to_t61(&value, &value_len, 0);
2545 	} else {
2546 		result = ldap_t61_to_8859(&value, &value_len, 0);
2547 	}
2548 
2549 	if (result == LDAP_SUCCESS) {
2550 		RETVAL_STRINGL(value, value_len, 1);
2551 		free(value);
2552 	} else {
2553 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Conversion from iso-8859-1 to t61 failed: %s", ldap_err2string(result));
2554 		RETVAL_FALSE;
2555 	}
2556 }
2557 /* }}} */
2558 
2559 /* {{{ proto string ldap_t61_to_8859(string value)
2560    Translate t61 characters to 8859 characters */
PHP_FUNCTION(ldap_t61_to_8859)2561 PHP_FUNCTION(ldap_t61_to_8859)
2562 {
2563 	php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);
2564 }
2565 /* }}} */
2566 
2567 /* {{{ proto string ldap_8859_to_t61(string value)
2568    Translate 8859 characters to t61 characters */
PHP_FUNCTION(ldap_8859_to_t61)2569 PHP_FUNCTION(ldap_8859_to_t61)
2570 {
2571 	php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 1);
2572 }
2573 /* }}} */
2574 #endif
2575 
2576 #ifdef LDAP_CONTROL_PAGEDRESULTS
2577 /* {{{ proto mixed ldap_control_paged_result(resource link, int pagesize [, bool iscritical [, string cookie]])
2578    Inject paged results control*/
PHP_FUNCTION(ldap_control_paged_result)2579 PHP_FUNCTION(ldap_control_paged_result)
2580 {
2581 	long pagesize;
2582 	zend_bool iscritical;
2583 	zval *link;
2584 	char *cookie = NULL;
2585 	int cookie_len = 0;
2586 	struct berval lcookie = { 0, NULL };
2587 	ldap_linkdata *ld;
2588 	LDAP *ldap;
2589 	BerElement *ber = NULL;
2590 	LDAPControl	ctrl, *ctrlsp[2];
2591 	int rc, myargcount = ZEND_NUM_ARGS();
2592 
2593 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rl|bs", &link, &pagesize, &iscritical, &cookie, &cookie_len) != SUCCESS) {
2594 		return;
2595 	}
2596 
2597 	if (Z_TYPE_P(link) == IS_NULL) {
2598 		ldap = NULL;
2599 	} else {
2600 		ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2601 		ldap = ld->link;
2602 	}
2603 
2604 	ber = ber_alloc_t(LBER_USE_DER);
2605 	if (ber == NULL) {
2606 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to alloc BER encoding resources for paged results control");
2607 		RETURN_FALSE;
2608 	}
2609 
2610 	ctrl.ldctl_iscritical = 0;
2611 
2612 	switch (myargcount) {
2613 		case 4:
2614 			lcookie.bv_val = cookie;
2615 			lcookie.bv_len = cookie_len;
2616 			/* fallthru */
2617 		case 3:
2618 			ctrl.ldctl_iscritical = (int)iscritical;
2619 			/* fallthru */
2620 	}
2621 
2622 	if (ber_printf(ber, "{iO}", (int)pagesize, &lcookie) == LBER_ERROR) {
2623 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to BER printf paged results control");
2624 		RETVAL_FALSE;
2625 		goto lcpr_error_out;
2626 	}
2627 	rc = ber_flatten2(ber, &ctrl.ldctl_value, 0);
2628 	if (rc == LBER_ERROR) {
2629 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to BER encode paged results control");
2630 		RETVAL_FALSE;
2631 		goto lcpr_error_out;
2632 	}
2633 
2634 	ctrl.ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
2635 
2636 	if (ldap) {
2637 		/* directly set the option */
2638 		ctrlsp[0] = &ctrl;
2639 		ctrlsp[1] = NULL;
2640 
2641 		rc = ldap_set_option(ldap, LDAP_OPT_SERVER_CONTROLS, ctrlsp);
2642 		if (rc != LDAP_SUCCESS) {
2643 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to set paged results control: %s (%d)", ldap_err2string(rc), rc);
2644 			RETVAL_FALSE;
2645 			goto lcpr_error_out;
2646 		}
2647 		RETVAL_TRUE;
2648 	} else {
2649 		/* return a PHP control object */
2650 		array_init(return_value);
2651 
2652 		add_assoc_string(return_value, "oid", ctrl.ldctl_oid, 1);
2653 		if (ctrl.ldctl_value.bv_len) {
2654 			add_assoc_stringl(return_value, "value", ctrl.ldctl_value.bv_val, ctrl.ldctl_value.bv_len, 1);
2655 		}
2656 		if (ctrl.ldctl_iscritical) {
2657 			add_assoc_bool(return_value, "iscritical", ctrl.ldctl_iscritical);
2658 		}
2659 	}
2660 
2661 lcpr_error_out:
2662 	if (ber != NULL) {
2663 		ber_free(ber, 1);
2664 	}
2665 	return;
2666 }
2667 /* }}} */
2668 
2669 /* {{{ proto bool ldap_control_paged_result_response(resource link, resource result [, string &cookie [, int &estimated]])
2670    Extract paged results control response */
PHP_FUNCTION(ldap_control_paged_result_response)2671 PHP_FUNCTION(ldap_control_paged_result_response)
2672 {
2673 	zval *link, *result, *cookie, *estimated;
2674 	struct berval lcookie;
2675 	int lestimated;
2676 	ldap_linkdata *ld;
2677 	LDAPMessage *ldap_result;
2678 	LDAPControl **lserverctrls, *lctrl;
2679 	BerElement *ber;
2680 	ber_tag_t tag;
2681 	int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
2682 
2683 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr|zz", &link, &result, &cookie, &estimated) != SUCCESS) {
2684 		return;
2685 	}
2686 
2687 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
2688 	ZEND_FETCH_RESOURCE(ldap_result, LDAPMessage *, &result, -1, "ldap result", le_result);
2689 
2690 	rc = ldap_parse_result(ld->link,
2691 				ldap_result,
2692 				&lerrcode,
2693 				NULL,		/* matcheddn */
2694 				NULL,		/* errmsg */
2695 				NULL,		/* referrals */
2696 				&lserverctrls,
2697 				0);
2698 
2699 	if (rc != LDAP_SUCCESS) {
2700 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to parse result: %s (%d)", ldap_err2string(rc), rc);
2701 		RETURN_FALSE;
2702 	}
2703 
2704 	if (lerrcode != LDAP_SUCCESS) {
2705 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Result is: %s (%d)", ldap_err2string(lerrcode), lerrcode);
2706 		RETURN_FALSE;
2707 	}
2708 
2709 	if (lserverctrls == NULL) {
2710 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "No server controls in result");
2711 		RETURN_FALSE;
2712 	}
2713 
2714 	lctrl = ldap_find_control(LDAP_CONTROL_PAGEDRESULTS, lserverctrls);
2715 	if (lctrl == NULL) {
2716 		ldap_controls_free(lserverctrls);
2717 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "No paged results control response in result");
2718 		RETURN_FALSE;
2719 	}
2720 
2721 	ber = ber_init(&lctrl->ldctl_value);
2722 	if (ber == NULL) {
2723 		ldap_controls_free(lserverctrls);
2724 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to alloc BER decoding resources for paged results control response");
2725 		RETURN_FALSE;
2726 	}
2727 
2728 	tag = ber_scanf(ber, "{io}", &lestimated, &lcookie);
2729 	(void)ber_free(ber, 1);
2730 
2731 	if (tag == LBER_ERROR) {
2732 		ldap_controls_free(lserverctrls);
2733 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to decode paged results control response");
2734 		RETURN_FALSE;
2735 	}
2736 
2737 	if (lestimated < 0) {
2738 		ldap_controls_free(lserverctrls);
2739 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid paged results control response value");
2740 		RETURN_FALSE;
2741 	}
2742 
2743 	ldap_controls_free(lserverctrls);
2744 	if (myargcount == 4) {
2745 		zval_dtor(estimated);
2746 		ZVAL_LONG(estimated, lestimated);
2747 	}
2748 
2749 	zval_dtor(cookie);
2750  	if (lcookie.bv_len == 0) {
2751 		ZVAL_EMPTY_STRING(cookie);
2752  	} else {
2753 		ZVAL_STRINGL(cookie, lcookie.bv_val, lcookie.bv_len, 1);
2754  	}
2755  	ldap_memfree(lcookie.bv_val);
2756 
2757 	RETURN_TRUE;
2758 }
2759 /* }}} */
2760 #endif
2761 
2762 /* {{{ arginfo */
2763 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_connect, 0, 0, 0)
2764 	ZEND_ARG_INFO(0, hostname)
2765 	ZEND_ARG_INFO(0, port)
2766 #ifdef HAVE_ORALDAP
2767 	ZEND_ARG_INFO(0, wallet)
2768 	ZEND_ARG_INFO(0, wallet_passwd)
2769 	ZEND_ARG_INFO(0, authmode)
2770 #endif
2771 ZEND_END_ARG_INFO()
2772 
2773 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_resource, 0, 0, 1)
2774 	ZEND_ARG_INFO(0, link_identifier)
2775 ZEND_END_ARG_INFO()
2776 
2777 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_bind, 0, 0, 1)
2778 	ZEND_ARG_INFO(0, link_identifier)
2779 	ZEND_ARG_INFO(0, bind_rdn)
2780 	ZEND_ARG_INFO(0, bind_password)
2781 ZEND_END_ARG_INFO()
2782 
2783 #ifdef HAVE_LDAP_SASL
2784 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sasl_bind, 0, 0, 1)
2785 	ZEND_ARG_INFO(0, link)
2786 	ZEND_ARG_INFO(0, binddn)
2787 	ZEND_ARG_INFO(0, password)
2788 	ZEND_ARG_INFO(0, sasl_mech)
2789 	ZEND_ARG_INFO(0, sasl_realm)
2790 	ZEND_ARG_INFO(0, sasl_authz_id)
2791 	ZEND_ARG_INFO(0, props)
2792 ZEND_END_ARG_INFO()
2793 #endif
2794 
2795 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_read, 0, 0, 3)
2796 	ZEND_ARG_INFO(0, link_identifier)
2797 	ZEND_ARG_INFO(0, base_dn)
2798 	ZEND_ARG_INFO(0, filter)
2799 	ZEND_ARG_INFO(0, attributes)
2800 	ZEND_ARG_INFO(0, attrsonly)
2801 	ZEND_ARG_INFO(0, sizelimit)
2802 	ZEND_ARG_INFO(0, timelimit)
2803 	ZEND_ARG_INFO(0, deref)
2804 ZEND_END_ARG_INFO()
2805 
2806 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_list, 0, 0, 3)
2807 	ZEND_ARG_INFO(0, link_identifier)
2808 	ZEND_ARG_INFO(0, base_dn)
2809 	ZEND_ARG_INFO(0, filter)
2810 	ZEND_ARG_INFO(0, attributes)
2811 	ZEND_ARG_INFO(0, attrsonly)
2812 	ZEND_ARG_INFO(0, sizelimit)
2813 	ZEND_ARG_INFO(0, timelimit)
2814 	ZEND_ARG_INFO(0, deref)
2815 ZEND_END_ARG_INFO()
2816 
2817 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_search, 0, 0, 3)
2818 	ZEND_ARG_INFO(0, link_identifier)
2819 	ZEND_ARG_INFO(0, base_dn)
2820 	ZEND_ARG_INFO(0, filter)
2821 	ZEND_ARG_INFO(0, attributes)
2822 	ZEND_ARG_INFO(0, attrsonly)
2823 	ZEND_ARG_INFO(0, sizelimit)
2824 	ZEND_ARG_INFO(0, timelimit)
2825 	ZEND_ARG_INFO(0, deref)
2826 ZEND_END_ARG_INFO()
2827 
2828 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_count_entries, 0, 0, 2)
2829 	ZEND_ARG_INFO(0, link_identifier)
2830 	ZEND_ARG_INFO(0, result_identifier)
2831 ZEND_END_ARG_INFO()
2832 
2833 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_entry, 0, 0, 2)
2834 	ZEND_ARG_INFO(0, link_identifier)
2835 	ZEND_ARG_INFO(0, result_identifier)
2836 ZEND_END_ARG_INFO()
2837 
2838 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_entry, 0, 0, 2)
2839 	ZEND_ARG_INFO(0, link_identifier)
2840 	ZEND_ARG_INFO(0, result_identifier)
2841 ZEND_END_ARG_INFO()
2842 
2843 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_entries, 0, 0, 2)
2844 	ZEND_ARG_INFO(0, link_identifier)
2845 	ZEND_ARG_INFO(0, result_identifier)
2846 ZEND_END_ARG_INFO()
2847 
2848 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_attribute, 0, 0, 2)
2849 	ZEND_ARG_INFO(0, link_identifier)
2850 	ZEND_ARG_INFO(0, result_entry_identifier)
2851 ZEND_END_ARG_INFO()
2852 
2853 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_attribute, 0, 0, 2)
2854 	ZEND_ARG_INFO(0, link_identifier)
2855 	ZEND_ARG_INFO(0, result_entry_identifier)
2856 ZEND_END_ARG_INFO()
2857 
2858 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_attributes, 0, 0, 2)
2859 	ZEND_ARG_INFO(0, link_identifier)
2860 	ZEND_ARG_INFO(0, result_entry_identifier)
2861 ZEND_END_ARG_INFO()
2862 
2863 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values, 0, 0, 3)
2864 	ZEND_ARG_INFO(0, link_identifier)
2865 	ZEND_ARG_INFO(0, result_entry_identifier)
2866 	ZEND_ARG_INFO(0, attribute)
2867 ZEND_END_ARG_INFO()
2868 
2869 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values_len, 0, 0, 3)
2870 	ZEND_ARG_INFO(0, link_identifier)
2871 	ZEND_ARG_INFO(0, result_entry_identifier)
2872 	ZEND_ARG_INFO(0, attribute)
2873 ZEND_END_ARG_INFO()
2874 
2875 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_dn, 0, 0, 2)
2876 	ZEND_ARG_INFO(0, link_identifier)
2877 	ZEND_ARG_INFO(0, result_entry_identifier)
2878 ZEND_END_ARG_INFO()
2879 
2880 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_explode_dn, 0, 0, 2)
2881 	ZEND_ARG_INFO(0, dn)
2882 	ZEND_ARG_INFO(0, with_attrib)
2883 ZEND_END_ARG_INFO()
2884 
2885 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_dn2ufn, 0, 0, 1)
2886 	ZEND_ARG_INFO(0, dn)
2887 ZEND_END_ARG_INFO()
2888 
2889 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_add, 0, 0, 3)
2890 	ZEND_ARG_INFO(0, link_identifier)
2891 	ZEND_ARG_INFO(0, dn)
2892 	ZEND_ARG_INFO(0, entry)
2893 ZEND_END_ARG_INFO()
2894 
2895 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_delete, 0, 0, 2)
2896 	ZEND_ARG_INFO(0, link_identifier)
2897 	ZEND_ARG_INFO(0, dn)
2898 ZEND_END_ARG_INFO()
2899 
2900 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify, 0, 0, 3)
2901 	ZEND_ARG_INFO(0, link_identifier)
2902 	ZEND_ARG_INFO(0, dn)
2903 	ZEND_ARG_INFO(0, entry)
2904 ZEND_END_ARG_INFO()
2905 
2906 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify_batch, 0, 0, 3)
2907 	ZEND_ARG_INFO(0, link_identifier)
2908 	ZEND_ARG_INFO(0, dn)
2909 	ZEND_ARG_ARRAY_INFO(0, modifications_info, 0)
2910 ZEND_END_ARG_INFO()
2911 
2912 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_add, 0, 0, 3)
2913 	ZEND_ARG_INFO(0, link_identifier)
2914 	ZEND_ARG_INFO(0, dn)
2915 	ZEND_ARG_INFO(0, entry)
2916 ZEND_END_ARG_INFO()
2917 
2918 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_replace, 0, 0, 3)
2919 	ZEND_ARG_INFO(0, link_identifier)
2920 	ZEND_ARG_INFO(0, dn)
2921 	ZEND_ARG_INFO(0, entry)
2922 ZEND_END_ARG_INFO()
2923 
2924 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_del, 0, 0, 3)
2925 	ZEND_ARG_INFO(0, link_identifier)
2926 	ZEND_ARG_INFO(0, dn)
2927 	ZEND_ARG_INFO(0, entry)
2928 ZEND_END_ARG_INFO()
2929 
2930 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_err2str, 0, 0, 1)
2931 	ZEND_ARG_INFO(0, errno)
2932 ZEND_END_ARG_INFO()
2933 
2934 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_compare, 0, 0, 4)
2935 	ZEND_ARG_INFO(0, link_identifier)
2936 	ZEND_ARG_INFO(0, dn)
2937 	ZEND_ARG_INFO(0, attribute)
2938 	ZEND_ARG_INFO(0, value)
2939 ZEND_END_ARG_INFO()
2940 
2941 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sort, 0, 0, 3)
2942 	ZEND_ARG_INFO(0, link)
2943 	ZEND_ARG_INFO(0, result)
2944 	ZEND_ARG_INFO(0, sortfilter)
2945 ZEND_END_ARG_INFO()
2946 
2947 #ifdef LDAP_CONTROL_PAGEDRESULTS
2948 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result, 0, 0, 2)
2949 	ZEND_ARG_INFO(0, link)
2950 	ZEND_ARG_INFO(0, pagesize)
2951 	ZEND_ARG_INFO(0, iscritical)
2952 	ZEND_ARG_INFO(0, cookie)
2953 ZEND_END_ARG_INFO();
2954 
2955 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result_response, 0, 0, 2)
2956 	ZEND_ARG_INFO(0, link)
2957 	ZEND_ARG_INFO(0, result)
2958 	ZEND_ARG_INFO(1, cookie)
2959 	ZEND_ARG_INFO(1, estimated)
2960 ZEND_END_ARG_INFO();
2961 #endif
2962 
2963 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2964 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_rename, 0, 0, 5)
2965 	ZEND_ARG_INFO(0, link_identifier)
2966 	ZEND_ARG_INFO(0, dn)
2967 	ZEND_ARG_INFO(0, newrdn)
2968 	ZEND_ARG_INFO(0, newparent)
2969 	ZEND_ARG_INFO(0, deleteoldrdn)
2970 ZEND_END_ARG_INFO()
2971 
2972 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_option, 0, 0, 3)
2973 	ZEND_ARG_INFO(0, link_identifier)
2974 	ZEND_ARG_INFO(0, option)
2975 	ZEND_ARG_INFO(1, retval)
2976 ZEND_END_ARG_INFO()
2977 
2978 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_option, 0, 0, 3)
2979 	ZEND_ARG_INFO(0, link_identifier)
2980 	ZEND_ARG_INFO(0, option)
2981 	ZEND_ARG_INFO(0, newval)
2982 ZEND_END_ARG_INFO()
2983 
2984 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_reference, 0, 0, 2)
2985 	ZEND_ARG_INFO(0, link)
2986 	ZEND_ARG_INFO(0, result)
2987 ZEND_END_ARG_INFO()
2988 
2989 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_reference, 0, 0, 2)
2990 	ZEND_ARG_INFO(0, link)
2991 	ZEND_ARG_INFO(0, entry)
2992 ZEND_END_ARG_INFO()
2993 
2994 #ifdef HAVE_LDAP_PARSE_REFERENCE
2995 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_reference, 0, 0, 3)
2996 	ZEND_ARG_INFO(0, link)
2997 	ZEND_ARG_INFO(0, entry)
2998 	ZEND_ARG_INFO(1, referrals)
2999 ZEND_END_ARG_INFO()
3000 #endif
3001 
3002 
3003 #ifdef HAVE_LDAP_PARSE_RESULT
3004 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_result, 0, 0, 3)
3005 	ZEND_ARG_INFO(0, link)
3006 	ZEND_ARG_INFO(0, result)
3007 	ZEND_ARG_INFO(1, errcode)
3008 	ZEND_ARG_INFO(1, matcheddn)
3009 	ZEND_ARG_INFO(1, errmsg)
3010 	ZEND_ARG_INFO(1, referrals)
3011 ZEND_END_ARG_INFO()
3012 #endif
3013 #endif
3014 
3015 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
3016 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_rebind_proc, 0, 0, 2)
3017 	ZEND_ARG_INFO(0, link)
3018 	ZEND_ARG_INFO(0, callback)
3019 ZEND_END_ARG_INFO()
3020 #endif
3021 
3022 #ifdef STR_TRANSLATION
3023 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_t61_to_8859, 0, 0, 1)
3024 	ZEND_ARG_INFO(0, value)
3025 ZEND_END_ARG_INFO()
3026 
3027 ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_8859_to_t61, 0, 0, 1)
3028 	ZEND_ARG_INFO(0, value)
3029 ZEND_END_ARG_INFO()
3030 #endif
3031 /* }}} */
3032 
3033 /*
3034 	This is just a small subset of the functionality provided by the LDAP library. All the
3035 	operations are synchronous. Referrals are not handled automatically.
3036 */
3037 /* {{{ ldap_functions[]
3038  */
3039 const zend_function_entry ldap_functions[] = {
3040 	PHP_FE(ldap_connect,								arginfo_ldap_connect)
3041 	PHP_FALIAS(ldap_close,		ldap_unbind,			arginfo_ldap_resource)
3042 	PHP_FE(ldap_bind,									arginfo_ldap_bind)
3043 #ifdef HAVE_LDAP_SASL
3044 	PHP_FE(ldap_sasl_bind,								arginfo_ldap_sasl_bind)
3045 #endif
3046 	PHP_FE(ldap_unbind,									arginfo_ldap_resource)
3047 	PHP_FE(ldap_read,									arginfo_ldap_read)
3048 	PHP_FE(ldap_list,									arginfo_ldap_list)
3049 	PHP_FE(ldap_search,									arginfo_ldap_search)
3050 	PHP_FE(ldap_free_result,							arginfo_ldap_resource)
3051 	PHP_FE(ldap_count_entries,							arginfo_ldap_count_entries)
3052 	PHP_FE(ldap_first_entry,							arginfo_ldap_first_entry)
3053 	PHP_FE(ldap_next_entry,								arginfo_ldap_next_entry)
3054 	PHP_FE(ldap_get_entries,							arginfo_ldap_get_entries)
3055 	PHP_FE(ldap_first_attribute,						arginfo_ldap_first_attribute)
3056 	PHP_FE(ldap_next_attribute,							arginfo_ldap_next_attribute)
3057 	PHP_FE(ldap_get_attributes,							arginfo_ldap_get_attributes)
3058 	PHP_FALIAS(ldap_get_values,	ldap_get_values_len,	arginfo_ldap_get_values)
3059 	PHP_FE(ldap_get_values_len,							arginfo_ldap_get_values_len)
3060 	PHP_FE(ldap_get_dn,									arginfo_ldap_get_dn)
3061 	PHP_FE(ldap_explode_dn,								arginfo_ldap_explode_dn)
3062 	PHP_FE(ldap_dn2ufn,									arginfo_ldap_dn2ufn)
3063 	PHP_FE(ldap_add,									arginfo_ldap_add)
3064 	PHP_FE(ldap_delete,									arginfo_ldap_delete)
3065 	PHP_FE(ldap_modify_batch,							arginfo_ldap_modify_batch)
3066 	PHP_FALIAS(ldap_modify,		ldap_mod_replace,		arginfo_ldap_modify)
3067 
3068 /* additional functions for attribute based modifications, Gerrit Thomson */
3069 	PHP_FE(ldap_mod_add,								arginfo_ldap_mod_add)
3070 	PHP_FE(ldap_mod_replace,							arginfo_ldap_mod_replace)
3071 	PHP_FE(ldap_mod_del,								arginfo_ldap_mod_del)
3072 /* end gjt mod */
3073 
3074 	PHP_FE(ldap_errno,									arginfo_ldap_resource)
3075 	PHP_FE(ldap_err2str,								arginfo_ldap_err2str)
3076 	PHP_FE(ldap_error,									arginfo_ldap_resource)
3077 	PHP_FE(ldap_compare,								arginfo_ldap_compare)
3078 	PHP_FE(ldap_sort,									arginfo_ldap_sort)
3079 
3080 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
3081 	PHP_FE(ldap_rename,									arginfo_ldap_rename)
3082 	PHP_FE(ldap_get_option,								arginfo_ldap_get_option)
3083 	PHP_FE(ldap_set_option,								arginfo_ldap_set_option)
3084 	PHP_FE(ldap_first_reference,						arginfo_ldap_first_reference)
3085 	PHP_FE(ldap_next_reference,							arginfo_ldap_next_reference)
3086 #ifdef HAVE_LDAP_PARSE_REFERENCE
3087 	PHP_FE(ldap_parse_reference,						arginfo_ldap_parse_reference)
3088 #endif
3089 #ifdef HAVE_LDAP_PARSE_RESULT
3090 	PHP_FE(ldap_parse_result,							arginfo_ldap_parse_result)
3091 #endif
3092 #ifdef HAVE_LDAP_START_TLS_S
3093 	PHP_FE(ldap_start_tls,								arginfo_ldap_resource)
3094 #endif
3095 #endif
3096 
3097 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
3098 	PHP_FE(ldap_set_rebind_proc,						arginfo_ldap_set_rebind_proc)
3099 #endif
3100 
3101 #ifdef STR_TRANSLATION
3102 	PHP_FE(ldap_t61_to_8859,							arginfo_ldap_t61_to_8859)
3103 	PHP_FE(ldap_8859_to_t61,							arginfo_ldap_8859_to_t61)
3104 #endif
3105 
3106 #ifdef LDAP_CONTROL_PAGEDRESULTS
3107 	PHP_FE(ldap_control_paged_result,							arginfo_ldap_control_paged_result)
3108 	PHP_FE(ldap_control_paged_result_response,		arginfo_ldap_control_paged_result_response)
3109 #endif
3110 	PHP_FE_END
3111 };
3112 /* }}} */
3113 
3114 zend_module_entry ldap_module_entry = { /* {{{ */
3115 	STANDARD_MODULE_HEADER,
3116 	"ldap",
3117 	ldap_functions,
3118 	PHP_MINIT(ldap),
3119 	PHP_MSHUTDOWN(ldap),
3120 	NULL,
3121 	NULL,
3122 	PHP_MINFO(ldap),
3123 	NO_VERSION_YET,
3124 	PHP_MODULE_GLOBALS(ldap),
3125 	PHP_GINIT(ldap),
3126 	NULL,
3127 	NULL,
3128 	STANDARD_MODULE_PROPERTIES_EX
3129 };
3130 /* }}} */
3131 
3132 /*
3133  * Local variables:
3134  * tab-width: 4
3135  * c-basic-offset: 4
3136  * End:
3137  * vim600: sw=4 ts=4 fdm=marker
3138  * vim<600: sw=4 ts=4
3139  */
3140