[Tickets #506] NEW: [PATCH] LDAP v3 Binds required

bugs at bugs.horde.org bugs at bugs.horde.org
Tue Aug 24 20:41:33 PDT 2004 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/?id=506
-----------------------------------------------------------------------
 Ticket     | 506
 Created By | ben at alkaloid.net
 Summary    | [PATCH] LDAP v3 Binds required
 Queue      | Passwd
 Version    | 2.2.1
 State      | Unconfirmed
 Priority   | 2. Medium
 Type       | Bug
 Owners     | 
-----------------------------------------------------------------------


ben at alkaloid.net (2004-08-24 20:41) wrote:

In versions of OpenLDAP distributed with SuSE (and like other distributions)
LDAPv3 is required for modifications.  This small patch adds LDAPv3 to
passwd (code shamelessly stolen from horde/lib/Prefs/ldap.php).

--------snip patch below ----------

diff -urN passwd-2.2.1/config/conf.php.dist passwd/config/conf.php.dist
--- passwd-2.2.1/config/conf.php.dist   2003-01-20 20:28:29.000000000 -0500
+++ passwd/config/conf.php.dist 2004-08-24 23:06:42.000000000 -0400
@@ -25,6 +25,10 @@

 $conf['backend']['backend_list'] = 'hidden';

+// Determine whether or not to strip of the domain portion of the user's
+// authentication token.  By default we do.
+$conf['prefs']['strip_domain'] = 1;
+
 // Define usernames for which we will refuse to change passwords.
 // This may or may not work with realms or virtual hosting, depending on
setup

diff -urN passwd-2.2.1/lib/Driver/ldap.php passwd/lib/Driver/ldap.php
--- passwd-2.2.1/lib/Driver/ldap.php    2003-02-15 15:16:29.000000000 -0500
+++ passwd/lib/Driver/ldap.php  2004-08-24 23:25:04.000000000 -0400
@@ -34,6 +34,7 @@
         $this->_params['basedn']     = array_key_exists('basedn', $params) 
   ? $params['basedn'] : '';
         $this->_params['realm']      = array_key_exists('realm', $params)  
   ? $params['realm'] : '';
         $this->_params['userdn']     = array_key_exists('userdn', $params) 
   ? $params['userdn'] : null;
+        $this->_params['version']     = array_key_exists('version',
$params)     ? $params['version'] : null;
     }

     /**
@@ -47,6 +48,19 @@
      */
     function _connect($userdn = null, $password = null) {
         $this->_ds = ldap_connect($this->_params['host'],
$this->_params['port']);
+        /* Set the LDAP protocol version. */
+        if (array_key_exists('version', $this->_params)) {
+            if (!ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION,
+                                 $this->_params['version'])) {
+                Horde::logMessage(
+                    sprintf('Set LDAP protocol version to %d failed: [%d]
%s',
+                            $this->_params['version'],
+                            ldap_errno($this->connection),
+                            ldap_error($this->connection)),
+                            __FILE__, __LINE__);
+            }
+        }
+
         if (!$this->_ds) {
            return PEAR::raiseError(_("Could not connect to ldap server"));
         }

More information about the bugs mailing list