[sork] LDAP patch for "accounts" module

John Dalbec jpdalbec at ysu.edu
Tue Apr 22 16:19:36 PDT 2003


We're looking to disable anonymous binds to our LDAP service.  I've 
patched the ldap.php driver to allow non-anonymous binding.  If the 
binddn and bindpw are not configured, the driver still binds anonymously.
John
-------------- next part --------------
--- accounts/lib/Driver/ldap.php.orig	Tue Feb 25 18:33:43 2003
+++ accounts/lib/Driver/ldap.php	Tue Apr 22 15:11:39 2003
@@ -39,6 +39,8 @@
         $this->_params['port']       = array_key_exists('port', $params)       ? $params['port'] : 389;
         $this->_params['basedn']     = array_key_exists('basedn', $params)     ? $params['basedn'] : '';
         $this->_params['attr']       = array_key_exists('attr', $params)       ? $params['attr'] : 'uid';
+        $this->_params['binddn']     = array_key_exists('attr', $params)       ? $params['binddn'] : '';
+        $this->_params['bindpw']     = array_key_exists('attr', $params)       ? $params['bindpw'] : '';
     }
 
 
@@ -59,8 +61,8 @@
            return PEAR::raiseError(_("Could not connect to ldap server"));
         }
 
-        // bind as anonymous
-        $result = @ldap_bind($this->_ds);
+        $result = @ldap_bind($this->_ds, $this->_params['binddn'],
+                             $this->_params['bindpw']);
         if (!$result) {
           return PEAR::raiseError(_("Could not bind to ldap server"));
         }
@@ -98,8 +100,8 @@
            return PEAR::raiseError(_("Could not connect to ldap server"));
         }
 
-        // bind as anonymous
-        $result = @ldap_bind($this->_ds);
+        $result = @ldap_bind($this->_ds, $this->_params['binddn'],
+                             $this->_params['bindpw']);
         if (!$result) {
           return PEAR::raiseError(_("Could not bind to ldap server"));
         }
@@ -133,8 +135,8 @@
            return PEAR::raiseError(_("Could not connect to ldap server"));
         }
 
-        // bind as anonymous
-        $result = @ldap_bind($this->_ds);
+        $result = @ldap_bind($this->_ds, $this->_params['binddn'],
+                             $this->_params['bindpw']);
         if (!$result) {
           return PEAR::raiseError(_("Could not bind to ldap server"));
         }


More information about the sork mailing list