From 72aada3c7ca2f501626fad64e5dd9c63a03e7e8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1t=C3=A9=20Kocsis?= Date: Wed, 12 Jul 2023 01:08:17 +0200 Subject: [PATCH] Implement ldap_connect_wallet() --- ext/ldap/ldap.c | 69 +++++++++++++++++++++++++++++++++++++++++ ext/ldap/ldap.stub.php | 9 ++++-- ext/ldap/ldap_arginfo.h | 21 ++++++++++++- 3 files changed, 95 insertions(+), 4 deletions(-) diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c index 5b4d0864c15..5b87a93c624 100644 --- a/ext/ldap/ldap.c +++ b/ext/ldap/ldap.c @@ -1016,6 +1016,75 @@ PHP_FUNCTION(ldap_connect) } /* }}} */ +#if defined(HAVE_ORALDAP) && defined(LDAP_API_FEATURE_X_OPENLDAP) +PHP_FUNCTION(ldap_connect_wallet) { + char *host = NULL; + size_t hostlen = 0; + char *wallet = NULL, *walletpasswd = NULL; + size_t walletlen = 0, walletpasswdlen = 0; + zend_long authmode = GSLC_SSL_NO_AUTH; + bool ssl = false; + + ldap_linkdata *ld; + LDAP *ldap = NULL; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "s!ss|l", + &host, &hostlen, &wallet, &walletlen, &walletpasswd, &walletpasswdlen, &authmode) != SUCCESS + ) { + RETURN_THROWS(); + } + + if (authmode != 0) { + ssl = true; + } + + if (LDAPG(max_links) != -1 && LDAPG(num_links) >= LDAPG(max_links)) { + php_error_docref(NULL, E_WARNING, "Too many open links (" ZEND_LONG_FMT ")", LDAPG(num_links)); + RETURN_FALSE; + } + + object_init_ex(return_value, ldap_link_ce); + ld = Z_LDAP_LINK_P(return_value); + + { + int rc = LDAP_SUCCESS; + char *url = host; + if (url && !ldap_is_ldap_url(url)) { + size_t urllen = hostlen + sizeof( "ldap://:65535" ); + + url = emalloc(urllen); + snprintf( url, urllen, "ldap://%s", host ); + } + + /* ldap_init() is deprecated, use ldap_initialize() instead. */ + rc = ldap_initialize(&ldap, url); + if (url != host) { + efree(url); + } + if (rc != LDAP_SUCCESS) { + zval_ptr_dtor(return_value); + php_error_docref(NULL, E_WARNING, "Could not create session handle: %s", ldap_err2string(rc)); + RETURN_FALSE; + } + } + + if (ldap == NULL) { + zval_ptr_dtor(return_value); + RETURN_FALSE; + } else { + if (ssl) { + if (ldap_init_SSL(&ldap->ld_sb, wallet, walletpasswd, authmode)) { + zval_ptr_dtor(return_value); + php_error_docref(NULL, E_WARNING, "SSL init failed"); + RETURN_FALSE; + } + } + LDAPG(num_links)++; + ld->link = ldap; + } +} +#endif + /* {{{ _get_lderrno */ static int _get_lderrno(LDAP *ldap) { diff --git a/ext/ldap/ldap.stub.php b/ext/ldap/ldap.stub.php index 19deffccad9..4f660ef7662 100644 --- a/ext/ldap/ldap.stub.php +++ b/ext/ldap/ldap.stub.php @@ -609,11 +609,14 @@ namespace { const LDAP_CONTROL_VLVRESPONSE = UNKNOWN; #endif - #ifdef HAVE_ORALDAP +#ifdef HAVE_ORALDAP function ldap_connect(?string $uri = null, int $port = 389, string $wallet = UNKNOWN, #[\SensitiveParameter] string $password = UNKNOWN, int $auth_mode = GSLC_SSL_NO_AUTH): LDAP\Connection|false {} - #else +#ifdef LDAP_API_FEATURE_X_OPENLDAP + function ldap_connect_wallet(?string $uri = null, string $wallet, #[\SensitiveParameter] string $password, int $auth_mode = GSLC_SSL_NO_AUTH): LDAP\Connection|false {} +#endif +#else function ldap_connect(?string $uri = null, int $port = 389): LDAP\Connection|false {} - #endif +#endif function ldap_unbind(LDAP\Connection $ldap): bool {} diff --git a/ext/ldap/ldap_arginfo.h b/ext/ldap/ldap_arginfo.h index e44f4f04176..98bccba432a 100644 --- a/ext/ldap/ldap_arginfo.h +++ b/ext/ldap/ldap_arginfo.h @@ -1,5 +1,5 @@ /* This is a generated file, edit the .stub.php file instead. - * Stub hash: 893c86a23c81c32d2c8a4b2ca14a785cd8a99a37 */ + * Stub hash: 63ed5b30556367b8ce48a421a85b92ecf41413b7 */ #if defined(HAVE_ORALDAP) ZEND_BEGIN_ARG_WITH_RETURN_OBJ_TYPE_MASK_EX(arginfo_ldap_connect, 0, 0, LDAP\\Connection, MAY_BE_FALSE) @@ -11,6 +11,15 @@ ZEND_BEGIN_ARG_WITH_RETURN_OBJ_TYPE_MASK_EX(arginfo_ldap_connect, 0, 0, LDAP\\Co ZEND_END_ARG_INFO() #endif +#if defined(HAVE_ORALDAP) && defined(LDAP_API_FEATURE_X_OPENLDAP) +ZEND_BEGIN_ARG_WITH_RETURN_OBJ_TYPE_MASK_EX(arginfo_ldap_connect_wallet, 0, 3, LDAP\\Connection, MAY_BE_FALSE) + ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, uri, IS_STRING, 1, "null") + ZEND_ARG_TYPE_INFO(0, wallet, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, password, IS_STRING, 0) + ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, auth_mode, IS_LONG, 0, "GSLC_SSL_NO_AUTH") +ZEND_END_ARG_INFO() +#endif + #if !(defined(HAVE_ORALDAP)) ZEND_BEGIN_ARG_WITH_RETURN_OBJ_TYPE_MASK_EX(arginfo_ldap_connect, 0, 0, LDAP\\Connection, MAY_BE_FALSE) ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, uri, IS_STRING, 1, "null") @@ -344,6 +353,9 @@ ZEND_END_ARG_INFO() #if defined(HAVE_ORALDAP) ZEND_FUNCTION(ldap_connect); #endif +#if defined(HAVE_ORALDAP) && defined(LDAP_API_FEATURE_X_OPENLDAP) +ZEND_FUNCTION(ldap_connect_wallet); +#endif #if !(defined(HAVE_ORALDAP)) ZEND_FUNCTION(ldap_connect); #endif @@ -444,6 +456,9 @@ static const zend_function_entry ext_functions[] = { #if defined(HAVE_ORALDAP) ZEND_FE(ldap_connect, arginfo_ldap_connect) #endif +#if defined(HAVE_ORALDAP) && defined(LDAP_API_FEATURE_X_OPENLDAP) + ZEND_FE(ldap_connect_wallet, arginfo_ldap_connect_wallet) +#endif #if !(defined(HAVE_ORALDAP)) ZEND_FE(ldap_connect, arginfo_ldap_connect) #endif @@ -834,6 +849,10 @@ static void register_ldap_symbols(int module_number) zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "ldap_connect", sizeof("ldap_connect") - 1), 3, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); #endif +#if defined(HAVE_ORALDAP) && defined(LDAP_API_FEATURE_X_OPENLDAP) + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "ldap_connect_wallet", sizeof("ldap_connect_wallet") - 1), 2, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); +#endif zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "ldap_bind", sizeof("ldap_bind") - 1), 2, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0);