Projects
Kolab:3.4:Updates
php-pear-Net-LDAP3
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 17
View file
php-pear-Net-LDAP3.spec
Changed
@@ -23,7 +23,7 @@ %else Name: php-Net-LDAP3 %endif -Version: 1.0.1 +Version: 1.0.2 Release: 1%{?dist} Summary: Object oriented interface for searching and manipulating LDAP-entries Group: Development/Libraries @@ -31,10 +31,6 @@ URL: http://kolab.org Source0: pear-Net-LDAP3-%{version}.tar.gz -Patch0: 0001-Correct-variable-used-to-determine-acl-rights.patch -Patch1: 0002-Use-the-right-properties-for-mozldap-ldapsearch-call.patch -Patch2: 0003-Add-possibility-to-return-user-attributes-from-login.patch -Patch3: 0004-Fix-handling-of-special-characters-in-RDN-attributes.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch @@ -50,11 +46,6 @@ %prep %setup -q -n pear-Net-LDAP3-%{version} -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 - %build %install @@ -77,6 +68,9 @@ %{_datadir}/%{php}/Net/LDAP3/Result.php %changelog +* Fri Jan 23 2015 Jeroen van Meeuwen <vanmeeuwen@kolabsys.com> - 1.0.2-1 +- New upstream release 1.0.2 + * Sun Dec 07 2014 Christoph Wickert <cwickert@fedoraproject.org> - 1.0.1-3 - Use the right properties for /mozldap/ldapsearch calls - Add possibility to return user attributes from login() (#3858)
View file
0001-Correct-variable-used-to-determine-acl-rights.patch
Deleted
@@ -1,25 +0,0 @@ -From 14269316c5a7b1ab1ec34da52bfe3565c4dfaf94 Mon Sep 17 00:00:00 2001 -From: "Jeroen van Meeuwen (Kolab Systems)" <vanmeeuwen@kolabsys.com> -Date: Wed, 1 Oct 2014 14:36:18 +0200 -Subject: [PATCH] Correct variable used to determine acl rights - ---- - lib/Net/LDAP3.php | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/Net/LDAP3.php b/lib/Net/LDAP3.php -index b1e0572..82bc055 100644 ---- a/lib/Net/LDAP3.php -+++ b/lib/Net/LDAP3.php -@@ -2291,7 +2291,7 @@ class Net_LDAP3 - } - - private function parse_aclrights(&$attributes, $attribute_value) { -- $components = explode(':', $rights); -+ $components = explode(':', $attribute_value); - $_acl_target = array_shift($components); - $_acl_value = trim(implode(':', $components)); - --- -1.9.3 -
View file
0002-Use-the-right-properties-for-mozldap-ldapsearch-call.patch
Deleted
@@ -1,28 +0,0 @@ -From ee60f50af2c4d27cec8d6c4253981f583236b5ff Mon Sep 17 00:00:00 2001 -From: Thomas Bruederli <thomas@roundcube.net> -Date: Tue, 14 Oct 2014 12:18:33 +0200 -Subject: [PATCH 2/4] Use the right properties for /mozldap/ldapsearch calls - ---- - lib/Net/LDAP3.php | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/lib/Net/LDAP3.php b/lib/Net/LDAP3.php -index 82bc055..d370a45 100644 ---- a/lib/Net/LDAP3.php -+++ b/lib/Net/LDAP3.php -@@ -723,9 +723,9 @@ class Net_LDAP3 - $moz_ldapsearch, - '-x', - '-h', -- $this->_ldap_server, -+ $this->_current_host, - '-p', -- $this->_ldap_port, -+ $this->config_get('port', 389), - '-b', - escapeshellarg($entry_dn), - '-s', --- -1.9.3 -
View file
0003-Add-possibility-to-return-user-attributes-from-login.patch
Deleted
@@ -1,169 +0,0 @@ -From 6eeff12a1c8d3897704676bee8523c08ca841f8a Mon Sep 17 00:00:00 2001 -From: Aleksander Machniak <machniak@kolabsys.com> -Date: Tue, 4 Nov 2014 08:49:49 -0500 -Subject: [PATCH 3/4] Add possibility to return user attributes from login() - (#3858) + small code improvements. - ---- - lib/Net/LDAP3.php | 69 +++++++++++++++++++++++++++---------------------------- - 1 file changed, 34 insertions(+), 35 deletions(-) - -diff --git a/lib/Net/LDAP3.php b/lib/Net/LDAP3.php -index d370a45..3930a07 100644 ---- a/lib/Net/LDAP3.php -+++ b/lib/Net/LDAP3.php -@@ -1068,7 +1068,7 @@ class Net_LDAP3 - return $replica_hosts; - } - -- public function login($username, $password, $domain = null) -+ public function login($username, $password, $domain = null, &$attributes = null) - { - $this->_debug("Net_LDAP3::login(\$username = '" . $username . "', \$password = '****', \$domain = '" . $domain . "')"); - -@@ -1102,6 +1102,12 @@ class Net_LDAP3 - return null; - } - -+ // fetch user attributes if requested -+ if (!empty($attributes)) { -+ $attributes = $this->get_entry($entry_dn, $attributes); -+ $attributes = self::normalize_entry($attributes, true); -+ } -+ - return $entry_dn; - } - -@@ -1149,7 +1155,7 @@ class Net_LDAP3 - - $this->_debug("Net::LDAP3::login() actual filter: " . $filter); - -- $result = $this->search($base_dn, $filter, 'sub'); -+ $result = $this->search($base_dn, $filter, 'sub', $attributes); - - if (!$result) { - $this->_debug("Could not search $base_dn with $filter"); -@@ -1165,9 +1171,8 @@ class Net_LDAP3 - return null; - } - -- $entries = $result->entries(); -- $entry = self::normalize_result($entries); -- $entry_dn = key($entry); -+ $entries = $result->entries(true); -+ $entry_dn = key($entries); - - $bound = $this->bind($entry_dn, $password); - -@@ -1176,6 +1181,11 @@ class Net_LDAP3 - return null; - } - -+ // replace attributes list with key-value data -+ if (!empty($attributes)) { -+ $attributes = $entries[$entry_dn]; -+ } -+ - return $entry_dn; - } - -@@ -1747,10 +1757,11 @@ class Net_LDAP3 - * Turn an LDAP entry into a regular PHP array with attributes as keys. - * - * @param array $entry Attributes array as retrieved from ldap_get_attributes() or ldap_get_entries() -+ * @param bool $flat Convert one-element-array values into strings - * - * @return array Hash array with attributes as keys - */ -- public static function normalize_entry($entry) -+ public static function normalize_entry($entry, $flat = false) - { - $rec = array(); - for ($i=0; $i < $entry['count']; $i++) { -@@ -1758,6 +1769,10 @@ class Net_LDAP3 - for ($j=0; $j < $entry[$attr]['count']; $j++) { - $rec[$attr][$j] = $entry[$attr][$j]; - } -+ -+ if ($flat && count($rec[$attr]) == 1) { -+ $rec[$attr] = $rec[$attr][0]; -+ } - } - - return $rec; -@@ -1775,34 +1790,19 @@ class Net_LDAP3 - $result = array(); - - for ($x = 0; $x < $_result['count']; $x++) { -- $dn = $_result[$x]['dn']; -- $result[$dn] = array(); -- for ($y = 0; $y < $_result[$x]['count']; $y++) { -- $attr = $_result[$x][$y]; -- if ($_result[$x][$attr]['count'] == 1) { -- switch ($attr) { -- case 'objectclass': -- $result[$dn][$attr] = array(strtolower($_result[$x][$attr][0])); -- break; -- default: -- $result[$dn][$attr] = $_result[$x][$attr][0]; -- break; -- } -+ $dn = $_result[$x]['dn']; -+ $entry = self::normalize_entry($_result[$x], true); -+ -+ if (!empty($entry['objectclass'])) { -+ if (is_array($entry['objectclass'])) { -+ $entry['objectclass'] = array_map('strtolower', $entry['objectclass']); - } - else { -- $result[$dn][$attr] = array(); -- for ($z = 0; $z < $_result[$x][$attr]['count']; $z++) { -- switch ($attr) { -- case 'objectclass': -- $result[$dn][$attr][] = strtolower($_result[$x][$attr][$z]); -- break; -- default: -- $result[$dn][$attr][] = $_result[$x][$attr][$z]; -- break; -- } -- } -+ $entry['objectclass'] = strtolower($entry['objectclass']); - } - } -+ -+ $result[$dn] = $entry; - } - - return $result; -@@ -1813,16 +1813,15 @@ class Net_LDAP3 - switch ($scope) { - case 2: - return 'sub'; -- break; -+ - case 1: - return 'one'; -- break; -+ - case 0: - return 'base'; -- break; -+ - default: - $this->_debug("Scope $scope is not a valid scope integer"); -- break; - } - } - -@@ -1837,7 +1836,7 @@ class Net_LDAP3 - { - switch ($scope) { - case 'sub': -- $function = $ns_function = 'ldap_search'; -+ $function = $ns_function = 'ldap_search'; - break; - case 'base': - $function = $ns_function = 'ldap_read'; --- -1.9.3 -
View file
0004-Fix-handling-of-special-characters-in-RDN-attributes.patch
Deleted
@@ -1,234 +0,0 @@ -From 5b282ccd4f97b1359abd058e7e6afefb167cf916 Mon Sep 17 00:00:00 2001 -From: Aleksander Machniak <machniak@kolabsys.com> -Date: Fri, 14 Nov 2014 07:01:02 -0500 -Subject: [PATCH 4/4] Fix handling of special characters in RDN attributes - (#3905) Fix update of objects which base DN contains special characters - (#3824) - ---- - lib/Net/LDAP3.php | 120 ++++++++++++++++++++++++++++++++++++++---------------- - 1 file changed, 84 insertions(+), 36 deletions(-) - -diff --git a/lib/Net/LDAP3.php b/lib/Net/LDAP3.php -index 3930a07..311b3d2 100644 ---- a/lib/Net/LDAP3.php -+++ b/lib/Net/LDAP3.php -@@ -1298,7 +1298,7 @@ class Net_LDAP3 - - $this->_debug("old attrs. is array, new attrs. is not array. new attr. exists in old attrs."); - -- $rdn_attr_value = array_shift($old_attrs[$attr]); -+ $rdn_attr_value = array_shift($old_attrs[$attr]); - $_attr_to_remove = array(); - - foreach ($old_attrs[$attr] as $value) { -@@ -1313,14 +1313,14 @@ class Net_LDAP3 - - if (strtolower($new_attrs[$attr]) !== strtolower($rdn_attr_value)) { - $this->_debug("new attrs is not the same as the old rdn value, issuing a rename"); -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr][0]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); - } - } - else { - $this->_debug("new attrs is not the same as any of the old rdn value, issuing a full rename"); -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); - } - } - else { -@@ -1331,17 +1331,17 @@ class Net_LDAP3 - } - else { - // TODO: This fails. -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr][0]; -- $mod_array['del'][$attr] = $old_attrs[$attr][0]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr][0], true); -+ $mod_array['del'][$attr] = $old_attrs[$attr][0]; - } - } - } - else { - if (!is_array($new_attrs[$attr])) { - $this->_debug("Renaming " . $old_attrs[$attr] . " to " . $new_attrs[$attr]); -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); - } - else { - $this->_debug("Adding to replace"); -@@ -1350,7 +1350,6 @@ class Net_LDAP3 - continue; - } - } -- - } - else { - if (!isset($new_attrs[$attr]) || $new_attrs[$attr] === '' || (is_array($new_attrs[$attr]) && empty($new_attrs[$attr]))) { -@@ -1446,9 +1445,12 @@ class Net_LDAP3 - $old_ou = implode(',', $subject_dn_components); - } - -+ $subject_dn = self::unified_dn($subject_dn); -+ $prefix = self::unified_dn('ou=' . $old_ou) . ','; -+ - // object is an organizational unit -- if (strpos($subject_dn, 'ou=' . $old_ou) === 0) { -- $root = substr($subject_dn, strlen($old_ou) + 4); // remove ou=*, -+ if (strpos($subject_dn, $prefix) === 0) { -+ $root = substr($subject_dn, strlen($prefix)); // remove ou=*, - - if ((!empty($new_attrs['base_dn']) && strtolower($new_attrs['base_dn']) !== strtolower($root)) - || (strtolower($old_ou) !== strtolower($new_ou)) -@@ -1459,15 +1461,22 @@ class Net_LDAP3 - - $mod_array['rename']['new_parent'] = $root; - $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = 'ou=' . $new_ou; -+ $mod_array['rename']['new_rdn'] = 'ou=' . self::quote_string($new_ou, true); - } - } - // not OU object, but changed ou attribute -- else if ((!empty($old_ou) && !empty($new_ou)) && strtolower($old_ou) !== strtolower($new_ou)) { -- $mod_array['rename']['new_parent'] = $new_ou; -- if (empty($mod_array['rename']['dn']) || empty($mod_array['rename']['new_rdn'])) { -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$rdn_attr]; -+ else if (!empty($old_ou) && !empty($new_ou)) { -+ // unify DN strings for comparison -+ $old_ou = self::unified_dn($old_ou); -+ $new_ou = self::unified_dn($new_ou); -+ -+ if (strtolower($old_ou) !== strtolower($new_ou)) { -+ $mod_array['rename']['new_parent'] = $new_ou; -+ if (empty($mod_array['rename']['dn']) || empty($mod_array['rename']['new_rdn'])) { -+ $rdn_attr_value = self::quote_string($new_attrs[$rdn_attr], true); -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $rdn_attr_value; -+ } - } - } - -@@ -2202,23 +2211,23 @@ class Net_LDAP3 - - private function modify_entry_attributes($subject_dn, $attributes) - { -- // Opportunities to set false include failed ldap commands. -- $result = true; -- - if (is_array($attributes['rename']) && !empty($attributes['rename'])) { -- $olddn = $attributes['rename']['dn']; -- $newrdn = $attributes['rename']['new_rdn']; -- -- if (!empty($attributes['rename']['new_parent'])) { -- $new_parent = $attributes['rename']['new_parent']; -- } -- else { -- $new_parent = null; -- } -+ $olddn = $attributes['rename']['dn']; -+ $newrdn = $attributes['rename']['new_rdn']; -+ $new_parent = $attributes['rename']['new_parent']; - - $this->_debug("LDAP: C: Rename $olddn to $newrdn,$new_parent"); - -- $result = ldap_rename($this->conn, $olddn, $newrdn, $new_parent, true); -+ // Note: for some reason the operation fails if RDN contains special characters -+ // and last argument of ldap_rename() is set to TRUE. That's why we use FALSE. -+ // However, we need to modify RDN attribute value later, otherwise it -+ // will contain an array of previous and current values -+ for ($i = 1; $i >= 0; $i--) { -+ $result = ldap_rename($this->conn, $olddn, $newrdn, $new_parent, $i == 1); -+ if ($result) { -+ break; -+ } -+ } - - if ($result) { - $this->_debug("LDAP: S: OK"); -@@ -2233,6 +2242,12 @@ class Net_LDAP3 - $old_parent_dn = implode(",", $old_parent_dn_components); - $subject_dn = $newrdn . ',' . $old_parent_dn; - } -+ -+ // modify RDN attribute value, see note above -+ if (!$i && empty($attributes['replace'][$attr])) { -+ list($attr, $val) = explode('=', $newrdn, 2); -+ $attributes['replace'][$attr] = self::quote_string($val, true, true); -+ } - } - else { - $this->_debug("LDAP: S: " . ldap_error($this->conn)); -@@ -2514,14 +2529,15 @@ class Net_LDAP3 - /** - * Quotes attribute value string - * -- * @param string $str Attribute value -- * @param bool $dn True if the attribute is a DN -+ * @param string $str Attribute value -+ * @param bool $dn True if the attribute is a DN -+ * @param bool $reverse Do reverse replacement - * - * @return string Quoted string - */ -- public static function quote_string($str, $is_dn = false) -+ public static function quote_string($str, $is_dn = false, $reverse = false) - { -- // take firt entry if array given -+ // take first entry if array given - if (is_array($str)) { - $str = reset($str); - } -@@ -2549,10 +2565,42 @@ class Net_LDAP3 - ); - } - -+ if ($reverse) { -+ return str_replace(array_values($replace), array_keys($replace), $str); -+ } -+ - return strtr($str, $replace); - } - - /** -+ * Unify DN string for comparison -+ * -+ * @para string $str DN string -+ * -+ * @return string Unified DN string -+ */ -+ public static function unified_dn($str) -+ { -+ $result = array(); -+ -+ foreach (explode(',', $str) as $token) { -+ list($attr, $value) = explode('=', $token, 2); -+ -+ $pos = 0; -+ while (preg_match('/\\\\[0-9a-fA-F]{2}/', $value, $matches, PREG_OFFSET_CAPTURE, $pos)) { -+ $char = chr(hexdec(substr($matches[0][0], 1))); -+ $pos = $matches[0][1]; -+ $value = substr_replace($value, $char, $pos, 3); -+ $pos += 1; -+ } -+ -+ $result[] = $attr . '=' . self::quote_string($value, true); -+ } -+ -+ return implode(',', $result); -+ } -+ -+ /** - * create ber encoding for sort control - * - * @param array List of cols to sort by --- -1.9.3 -
View file
pear-Net-LDAP3-1.0.1-collated.patch
Deleted
@@ -1,393 +0,0 @@ -diff --git a/lib/Net/LDAP3.php b/lib/Net/LDAP3.php -index b1e0572..311b3d2 100644 ---- a/lib/Net/LDAP3.php -+++ b/lib/Net/LDAP3.php -@@ -723,9 +723,9 @@ class Net_LDAP3 - $moz_ldapsearch, - '-x', - '-h', -- $this->_ldap_server, -+ $this->_current_host, - '-p', -- $this->_ldap_port, -+ $this->config_get('port', 389), - '-b', - escapeshellarg($entry_dn), - '-s', -@@ -1068,7 +1068,7 @@ class Net_LDAP3 - return $replica_hosts; - } - -- public function login($username, $password, $domain = null) -+ public function login($username, $password, $domain = null, &$attributes = null) - { - $this->_debug("Net_LDAP3::login(\$username = '" . $username . "', \$password = '****', \$domain = '" . $domain . "')"); - -@@ -1102,6 +1102,12 @@ class Net_LDAP3 - return null; - } - -+ // fetch user attributes if requested -+ if (!empty($attributes)) { -+ $attributes = $this->get_entry($entry_dn, $attributes); -+ $attributes = self::normalize_entry($attributes, true); -+ } -+ - return $entry_dn; - } - -@@ -1149,7 +1155,7 @@ class Net_LDAP3 - - $this->_debug("Net::LDAP3::login() actual filter: " . $filter); - -- $result = $this->search($base_dn, $filter, 'sub'); -+ $result = $this->search($base_dn, $filter, 'sub', $attributes); - - if (!$result) { - $this->_debug("Could not search $base_dn with $filter"); -@@ -1165,9 +1171,8 @@ class Net_LDAP3 - return null; - } - -- $entries = $result->entries(); -- $entry = self::normalize_result($entries); -- $entry_dn = key($entry); -+ $entries = $result->entries(true); -+ $entry_dn = key($entries); - - $bound = $this->bind($entry_dn, $password); - -@@ -1176,6 +1181,11 @@ class Net_LDAP3 - return null; - } - -+ // replace attributes list with key-value data -+ if (!empty($attributes)) { -+ $attributes = $entries[$entry_dn]; -+ } -+ - return $entry_dn; - } - -@@ -1288,7 +1298,7 @@ class Net_LDAP3 - - $this->_debug("old attrs. is array, new attrs. is not array. new attr. exists in old attrs."); - -- $rdn_attr_value = array_shift($old_attrs[$attr]); -+ $rdn_attr_value = array_shift($old_attrs[$attr]); - $_attr_to_remove = array(); - - foreach ($old_attrs[$attr] as $value) { -@@ -1303,14 +1313,14 @@ class Net_LDAP3 - - if (strtolower($new_attrs[$attr]) !== strtolower($rdn_attr_value)) { - $this->_debug("new attrs is not the same as the old rdn value, issuing a rename"); -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr][0]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); - } - } - else { - $this->_debug("new attrs is not the same as any of the old rdn value, issuing a full rename"); -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); - } - } - else { -@@ -1321,17 +1331,17 @@ class Net_LDAP3 - } - else { - // TODO: This fails. -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr][0]; -- $mod_array['del'][$attr] = $old_attrs[$attr][0]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr][0], true); -+ $mod_array['del'][$attr] = $old_attrs[$attr][0]; - } - } - } - else { - if (!is_array($new_attrs[$attr])) { - $this->_debug("Renaming " . $old_attrs[$attr] . " to " . $new_attrs[$attr]); -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr]; -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); - } - else { - $this->_debug("Adding to replace"); -@@ -1340,7 +1350,6 @@ class Net_LDAP3 - continue; - } - } -- - } - else { - if (!isset($new_attrs[$attr]) || $new_attrs[$attr] === '' || (is_array($new_attrs[$attr]) && empty($new_attrs[$attr]))) { -@@ -1436,9 +1445,12 @@ class Net_LDAP3 - $old_ou = implode(',', $subject_dn_components); - } - -+ $subject_dn = self::unified_dn($subject_dn); -+ $prefix = self::unified_dn('ou=' . $old_ou) . ','; -+ - // object is an organizational unit -- if (strpos($subject_dn, 'ou=' . $old_ou) === 0) { -- $root = substr($subject_dn, strlen($old_ou) + 4); // remove ou=*, -+ if (strpos($subject_dn, $prefix) === 0) { -+ $root = substr($subject_dn, strlen($prefix)); // remove ou=*, - - if ((!empty($new_attrs['base_dn']) && strtolower($new_attrs['base_dn']) !== strtolower($root)) - || (strtolower($old_ou) !== strtolower($new_ou)) -@@ -1449,15 +1461,22 @@ class Net_LDAP3 - - $mod_array['rename']['new_parent'] = $root; - $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = 'ou=' . $new_ou; -+ $mod_array['rename']['new_rdn'] = 'ou=' . self::quote_string($new_ou, true); - } - } - // not OU object, but changed ou attribute -- else if ((!empty($old_ou) && !empty($new_ou)) && strtolower($old_ou) !== strtolower($new_ou)) { -- $mod_array['rename']['new_parent'] = $new_ou; -- if (empty($mod_array['rename']['dn']) || empty($mod_array['rename']['new_rdn'])) { -- $mod_array['rename']['dn'] = $subject_dn; -- $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$rdn_attr]; -+ else if (!empty($old_ou) && !empty($new_ou)) { -+ // unify DN strings for comparison -+ $old_ou = self::unified_dn($old_ou); -+ $new_ou = self::unified_dn($new_ou); -+ -+ if (strtolower($old_ou) !== strtolower($new_ou)) { -+ $mod_array['rename']['new_parent'] = $new_ou; -+ if (empty($mod_array['rename']['dn']) || empty($mod_array['rename']['new_rdn'])) { -+ $rdn_attr_value = self::quote_string($new_attrs[$rdn_attr], true); -+ $mod_array['rename']['dn'] = $subject_dn; -+ $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $rdn_attr_value; -+ } - } - } - -@@ -1747,10 +1766,11 @@ class Net_LDAP3 - * Turn an LDAP entry into a regular PHP array with attributes as keys. - * - * @param array $entry Attributes array as retrieved from ldap_get_attributes() or ldap_get_entries() -+ * @param bool $flat Convert one-element-array values into strings - * - * @return array Hash array with attributes as keys - */ -- public static function normalize_entry($entry) -+ public static function normalize_entry($entry, $flat = false) - { - $rec = array(); - for ($i=0; $i < $entry['count']; $i++) { -@@ -1758,6 +1778,10 @@ class Net_LDAP3 - for ($j=0; $j < $entry[$attr]['count']; $j++) { - $rec[$attr][$j] = $entry[$attr][$j]; - } -+ -+ if ($flat && count($rec[$attr]) == 1) { -+ $rec[$attr] = $rec[$attr][0]; -+ } - } - - return $rec; -@@ -1775,34 +1799,19 @@ class Net_LDAP3 - $result = array(); - - for ($x = 0; $x < $_result['count']; $x++) { -- $dn = $_result[$x]['dn']; -- $result[$dn] = array(); -- for ($y = 0; $y < $_result[$x]['count']; $y++) { -- $attr = $_result[$x][$y]; -- if ($_result[$x][$attr]['count'] == 1) { -- switch ($attr) { -- case 'objectclass': -- $result[$dn][$attr] = array(strtolower($_result[$x][$attr][0])); -- break; -- default: -- $result[$dn][$attr] = $_result[$x][$attr][0]; -- break; -- } -+ $dn = $_result[$x]['dn']; -+ $entry = self::normalize_entry($_result[$x], true); -+ -+ if (!empty($entry['objectclass'])) { -+ if (is_array($entry['objectclass'])) { -+ $entry['objectclass'] = array_map('strtolower', $entry['objectclass']); - } - else { -- $result[$dn][$attr] = array(); -- for ($z = 0; $z < $_result[$x][$attr]['count']; $z++) { -- switch ($attr) { -- case 'objectclass': -- $result[$dn][$attr][] = strtolower($_result[$x][$attr][$z]); -- break; -- default: -- $result[$dn][$attr][] = $_result[$x][$attr][$z]; -- break; -- } -- } -+ $entry['objectclass'] = strtolower($entry['objectclass']); - } - } -+ -+ $result[$dn] = $entry; - } - - return $result; -@@ -1813,16 +1822,15 @@ class Net_LDAP3 - switch ($scope) { - case 2: - return 'sub'; -- break; -+ - case 1: - return 'one'; -- break; -+ - case 0: - return 'base'; -- break; -+ - default: - $this->_debug("Scope $scope is not a valid scope integer"); -- break; - } - } - -@@ -1837,7 +1845,7 @@ class Net_LDAP3 - { - switch ($scope) { - case 'sub': -- $function = $ns_function = 'ldap_search'; -+ $function = $ns_function = 'ldap_search'; - break; - case 'base': - $function = $ns_function = 'ldap_read'; -@@ -2203,23 +2211,23 @@ class Net_LDAP3 - - private function modify_entry_attributes($subject_dn, $attributes) - { -- // Opportunities to set false include failed ldap commands. -- $result = true; -- - if (is_array($attributes['rename']) && !empty($attributes['rename'])) { -- $olddn = $attributes['rename']['dn']; -- $newrdn = $attributes['rename']['new_rdn']; -- -- if (!empty($attributes['rename']['new_parent'])) { -- $new_parent = $attributes['rename']['new_parent']; -- } -- else { -- $new_parent = null; -- } -+ $olddn = $attributes['rename']['dn']; -+ $newrdn = $attributes['rename']['new_rdn']; -+ $new_parent = $attributes['rename']['new_parent']; - - $this->_debug("LDAP: C: Rename $olddn to $newrdn,$new_parent"); - -- $result = ldap_rename($this->conn, $olddn, $newrdn, $new_parent, true); -+ // Note: for some reason the operation fails if RDN contains special characters -+ // and last argument of ldap_rename() is set to TRUE. That's why we use FALSE. -+ // However, we need to modify RDN attribute value later, otherwise it -+ // will contain an array of previous and current values -+ for ($i = 1; $i >= 0; $i--) { -+ $result = ldap_rename($this->conn, $olddn, $newrdn, $new_parent, $i == 1); -+ if ($result) { -+ break; -+ } -+ } - - if ($result) { - $this->_debug("LDAP: S: OK"); -@@ -2234,6 +2242,12 @@ class Net_LDAP3 - $old_parent_dn = implode(",", $old_parent_dn_components); - $subject_dn = $newrdn . ',' . $old_parent_dn; - } -+ -+ // modify RDN attribute value, see note above -+ if (!$i && empty($attributes['replace'][$attr])) { -+ list($attr, $val) = explode('=', $newrdn, 2); -+ $attributes['replace'][$attr] = self::quote_string($val, true, true); -+ } - } - else { - $this->_debug("LDAP: S: " . ldap_error($this->conn)); -@@ -2291,7 +2305,7 @@ class Net_LDAP3 - } - - private function parse_aclrights(&$attributes, $attribute_value) { -- $components = explode(':', $rights); -+ $components = explode(':', $attribute_value); - $_acl_target = array_shift($components); - $_acl_value = trim(implode(':', $components)); - -@@ -2515,14 +2529,15 @@ class Net_LDAP3 - /** - * Quotes attribute value string - * -- * @param string $str Attribute value -- * @param bool $dn True if the attribute is a DN -+ * @param string $str Attribute value -+ * @param bool $dn True if the attribute is a DN -+ * @param bool $reverse Do reverse replacement - * - * @return string Quoted string - */ -- public static function quote_string($str, $is_dn = false) -+ public static function quote_string($str, $is_dn = false, $reverse = false) - { -- // take firt entry if array given -+ // take first entry if array given - if (is_array($str)) { - $str = reset($str); - } -@@ -2550,10 +2565,42 @@ class Net_LDAP3 - ); - } - -+ if ($reverse) { -+ return str_replace(array_values($replace), array_keys($replace), $str); -+ } -+ - return strtr($str, $replace); - } - - /** -+ * Unify DN string for comparison -+ * -+ * @para string $str DN string -+ * -+ * @return string Unified DN string -+ */ -+ public static function unified_dn($str) -+ { -+ $result = array(); -+ -+ foreach (explode(',', $str) as $token) { -+ list($attr, $value) = explode('=', $token, 2); -+ -+ $pos = 0; -+ while (preg_match('/\\\\[0-9a-fA-F]{2}/', $value, $matches, PREG_OFFSET_CAPTURE, $pos)) { -+ $char = chr(hexdec(substr($matches[0][0], 1))); -+ $pos = $matches[0][1]; -+ $value = substr_replace($value, $char, $pos, 3); -+ $pos += 1; -+ } -+ -+ $result[] = $attr . '=' . self::quote_string($value, true); -+ } -+ -+ return implode(',', $result); -+ } -+ -+ /** - * create ber encoding for sort control - * - * @param array List of cols to sort by
View file
debian.changelog
Changed
@@ -1,3 +1,9 @@ +php-net-ldap3 (1.0.2-0~kolab1) unstable; urgency=low + + * Release version 1.0.2 + + -- Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> Fri, 23 Jan 2015 15:27:46 +0100 + php-net-ldap3 (1.0.1-0~kolab5) unstable; urgency=low * Use the right properties for /mozldap/ldapsearch calls
View file
debian.series
Changed
@@ -1,1 +0,0 @@ -pear-Net-LDAP3-1.0.1-collated.patch -p1
View file
pear-Net-LDAP3-1.0.1.tar.gz/composer.json -> pear-Net-LDAP3-1.0.2.tar.gz/composer.json
Changed
@@ -2,7 +2,7 @@ "name": "kolab/Net_LDAP3", "description": "A successor of the PEAR:Net_LDAP2 module providing advanced functionality for accessing LDAP directories", "type": "library", - "version": "1.0.1", + "version": "1.0.2", "keywords": ["pear", "ldap", "vlv"], "homepage": "http://git.kolab.org/pear/Net_LDAP3/", "license": "GPL-3.0",
View file
pear-Net-LDAP3-1.0.1.tar.gz/lib/Net/LDAP3.php -> pear-Net-LDAP3-1.0.2.tar.gz/lib/Net/LDAP3.php
Changed
@@ -723,9 +723,9 @@ $moz_ldapsearch, '-x', '-h', - $this->_ldap_server, + $this->_current_host, '-p', - $this->_ldap_port, + $this->config_get('port', 389), '-b', escapeshellarg($entry_dn), '-s', @@ -779,7 +779,7 @@ // remove password from debug log $command_debug = $command; - $command_debug[11] = '*'; + $command_debug[13] = '*'; $command = implode(' ', $command); $command_debug = implode(' ', $command_debug); @@ -1068,7 +1068,7 @@ return $replica_hosts; } - public function login($username, $password, $domain = null) + public function login($username, $password, $domain = null, &$attributes = null) { $this->_debug("Net_LDAP3::login(\$username = '" . $username . "', \$password = '****', \$domain = '" . $domain . "')"); @@ -1102,6 +1102,12 @@ return null; } + // fetch user attributes if requested + if (!empty($attributes)) { + $attributes = $this->get_entry($entry_dn, $attributes); + $attributes = self::normalize_entry($attributes, true); + } + return $entry_dn; } @@ -1149,7 +1155,7 @@ $this->_debug("Net::LDAP3::login() actual filter: " . $filter); - $result = $this->search($base_dn, $filter, 'sub'); + $result = $this->search($base_dn, $filter, 'sub', $attributes); if (!$result) { $this->_debug("Could not search $base_dn with $filter"); @@ -1165,9 +1171,8 @@ return null; } - $entries = $result->entries(); - $entry = self::normalize_result($entries); - $entry_dn = key($entry); + $entries = $result->entries(true); + $entry_dn = key($entries); $bound = $this->bind($entry_dn, $password); @@ -1176,6 +1181,11 @@ return null; } + // replace attributes list with key-value data + if (!empty($attributes)) { + $attributes = $entries[$entry_dn]; + } + return $entry_dn; } @@ -1239,8 +1249,8 @@ // This is me cheating. Remove this special attribute. if (array_key_exists('ou', $old_attrs) || array_key_exists('ou', $new_attrs)) { - $old_ou = $old_attrs['ou']; - $new_ou = $new_attrs['ou']; + $old_ou = is_array($old_attrs['ou']) ? array_shift($old_attrs['ou']) : $old_attrs['ou']; + $new_ou = is_array($new_attrs['ou']) ? array_shift($new_attrs['ou']) : $new_attrs['ou']; unset($old_attrs['ou']); unset($new_attrs['ou']); } @@ -1288,7 +1298,7 @@ $this->_debug("old attrs. is array, new attrs. is not array. new attr. exists in old attrs."); - $rdn_attr_value = array_shift($old_attrs[$attr]); + $rdn_attr_value = array_shift($old_attrs[$attr]); $_attr_to_remove = array(); foreach ($old_attrs[$attr] as $value) { @@ -1303,14 +1313,14 @@ if (strtolower($new_attrs[$attr]) !== strtolower($rdn_attr_value)) { $this->_debug("new attrs is not the same as the old rdn value, issuing a rename"); - $mod_array['rename']['dn'] = $subject_dn; - $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr][0]; + $mod_array['rename']['dn'] = $subject_dn; + $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); } } else { $this->_debug("new attrs is not the same as any of the old rdn value, issuing a full rename"); - $mod_array['rename']['dn'] = $subject_dn; - $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr]; + $mod_array['rename']['dn'] = $subject_dn; + $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); } } else { @@ -1321,17 +1331,17 @@ } else { // TODO: This fails. - $mod_array['rename']['dn'] = $subject_dn; - $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr][0]; - $mod_array['del'][$attr] = $old_attrs[$attr][0]; + $mod_array['rename']['dn'] = $subject_dn; + $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr][0], true); + $mod_array['del'][$attr] = $old_attrs[$attr][0]; } } } else { if (!is_array($new_attrs[$attr])) { $this->_debug("Renaming " . $old_attrs[$attr] . " to " . $new_attrs[$attr]); - $mod_array['rename']['dn'] = $subject_dn; - $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr]; + $mod_array['rename']['dn'] = $subject_dn; + $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . self::quote_string($new_attrs[$attr], true); } else { $this->_debug("Adding to replace"); @@ -1340,7 +1350,6 @@ continue; } } - } else { if (!isset($new_attrs[$attr]) || $new_attrs[$attr] === '' || (is_array($new_attrs[$attr]) && empty($new_attrs[$attr]))) { @@ -1436,9 +1445,12 @@ $old_ou = implode(',', $subject_dn_components); } + $subject_dn = self::unified_dn($subject_dn); + $prefix = self::unified_dn('ou=' . $old_ou) . ','; + // object is an organizational unit - if (strpos($subject_dn, 'ou=' . $old_ou) === 0) { - $root = substr($subject_dn, strlen($old_ou) + 4); // remove ou=*, + if (strpos($subject_dn, $prefix) === 0) { + $root = substr($subject_dn, strlen($prefix)); // remove ou=*, if ((!empty($new_attrs['base_dn']) && strtolower($new_attrs['base_dn']) !== strtolower($root)) || (strtolower($old_ou) !== strtolower($new_ou)) @@ -1449,15 +1461,22 @@ $mod_array['rename']['new_parent'] = $root; $mod_array['rename']['dn'] = $subject_dn; - $mod_array['rename']['new_rdn'] = 'ou=' . $new_ou; + $mod_array['rename']['new_rdn'] = 'ou=' . self::quote_string($new_ou, true); } } // not OU object, but changed ou attribute - else if ((!empty($old_ou) && !empty($new_ou)) && strtolower($old_ou) !== strtolower($new_ou)) { - $mod_array['rename']['new_parent'] = $new_ou; - if (empty($mod_array['rename']['dn']) || empty($mod_array['rename']['new_rdn'])) { - $mod_array['rename']['dn'] = $subject_dn; - $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$rdn_attr]; + else if (!empty($old_ou) && !empty($new_ou)) { + // unify DN strings for comparison + $old_ou = self::unified_dn($old_ou); + $new_ou = self::unified_dn($new_ou); + + if (strtolower($old_ou) !== strtolower($new_ou)) { + $mod_array['rename']['new_parent'] = $new_ou; + if (empty($mod_array['rename']['dn']) || empty($mod_array['rename']['new_rdn'])) { + $rdn_attr_value = self::quote_string($new_attrs[$rdn_attr], true); + $mod_array['rename']['dn'] = $subject_dn; + $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $rdn_attr_value; + } } } @@ -1540,6 +1559,8 @@ $attrs = array('dn'); } + $function = self::scope_to_function($scope, $ns_function); + if (!$count_only && ($sort = $this->find_vlv($base_dn, $filter, $scope, $props['sort']))) { // when using VLV, we get the total count by... // ...either reading numSubOrdinates attribute @@ -1564,9 +1585,15 @@ $this->vlv_active = false; } - $function = self::scope_to_function($scope, $ns_function); $sizelimit = (int) $this->config['sizelimit']; $timelimit = (int) $this->config['timelimit']; + $phplimit = (int) @ini_get('max_execution_time'); + + // set LDAP time limit to be (one second) less than PHP time limit + // otherwise we have no chance to log the error below + if ($phplimit && $timelimit >= $phplimit) { + $timelimit = $phplimit - 1; + } $this->_debug("Using function $function on scope $scope (\$ns_function is $ns_function)"); @@ -1591,7 +1618,7 @@ $ldap_result = @$function($this->conn, $base_dn, $filter, $attrs, 0, $sizelimit, $timelimit); if (!$ldap_result) { - $this->_debug("$function failed for dn=$base_dn: ".ldap_error($this->conn)); + $this->_warning("$function failed for dn=$base_dn: ".ldap_error($this->conn)); return false; } @@ -1606,14 +1633,20 @@ $this->_debug("S: ".($errmsg ? $errmsg : ldap_error($this->conn))); } } - else if ($this->debug) { + else { $this->_debug("S: ".ldap_count_entries($this->conn, $ldap_result)." record(s) found"); } $result = new Net_LDAP3_Result($this->conn, $base_dn, $filter, $scope, $ldap_result); - $result->set('offset', $last_offset); - $result->set('count', $vlv_count); - $result->set('vlv', true); + + if (isset($last_offset)) { + $result->set('offset', $last_offset); + } + if (isset($vlv_count)) { + $result->set('count', $vlv_count); + } + + $result->set('vlv', $this->vlv_active); return $count_only ? $result->count() : $result; } @@ -1674,6 +1707,8 @@ $filter = ''; foreach ((array) $search['params'] as $field => $param) { + $value = (array) $param['value']; + switch ((string)$param['type']) { case 'prefix': $prefix = ''; @@ -1692,6 +1727,13 @@ case '<=': $prefix = ''; $suffix = ''; + + // this is a common query to find entry by DN, make sure + // it is a unified DN so special characters are handled correctly + if ($field == 'entrydn') { + $value = array_map(array('Net_LDAP3', 'unified_dn'), $value); + } + break; case 'exists': @@ -1709,16 +1751,20 @@ $operator = $param['type'] && in_array($param['type'], $operators) ? $param['type'] : '='; - if (is_array($param['value'])) { + if (count($value) < 2) { + $value = array_pop($value); + } + + if (is_array($value)) { $val_filter = array(); - foreach ($param['value'] as $val) { - $value = self::quote_string($val); - $val_filter[] = "(" . $field . $operator . $prefix . $value . $suffix . ")"; + foreach ($value as $val) { + $val = self::quote_string($val); + $val_filter[] = "(" . $field . $operator . $prefix . $val . $suffix . ")"; } $filter .= "(|" . implode($val_filter, '') . ")"; } else { - $value = self::quote_string($param['value']); + $value = self::quote_string($value); $filter .= "(" . $field . $operator . $prefix . $value . $suffix . ")"; } } @@ -1747,10 +1793,11 @@ * Turn an LDAP entry into a regular PHP array with attributes as keys. * * @param array $entry Attributes array as retrieved from ldap_get_attributes() or ldap_get_entries() + * @param bool $flat Convert one-element-array values into strings * * @return array Hash array with attributes as keys */ - public static function normalize_entry($entry) + public static function normalize_entry($entry, $flat = false) { $rec = array(); for ($i=0; $i < $entry['count']; $i++) { @@ -1758,6 +1805,10 @@ for ($j=0; $j < $entry[$attr]['count']; $j++) { $rec[$attr][$j] = $entry[$attr][$j]; } + + if ($flat && count($rec[$attr]) == 1) { + $rec[$attr] = $rec[$attr][0]; + } } return $rec; @@ -1775,34 +1826,19 @@ $result = array(); for ($x = 0; $x < $_result['count']; $x++) { - $dn = $_result[$x]['dn']; - $result[$dn] = array(); - for ($y = 0; $y < $_result[$x]['count']; $y++) { - $attr = $_result[$x][$y]; - if ($_result[$x][$attr]['count'] == 1) { - switch ($attr) { - case 'objectclass': - $result[$dn][$attr] = array(strtolower($_result[$x][$attr][0])); - break; - default: - $result[$dn][$attr] = $_result[$x][$attr][0]; - break; - } + $dn = $_result[$x]['dn']; + $entry = self::normalize_entry($_result[$x], true); + + if (!empty($entry['objectclass'])) { + if (is_array($entry['objectclass'])) { + $entry['objectclass'] = array_map('strtolower', $entry['objectclass']); } else { - $result[$dn][$attr] = array(); - for ($z = 0; $z < $_result[$x][$attr]['count']; $z++) { - switch ($attr) { - case 'objectclass': - $result[$dn][$attr][] = strtolower($_result[$x][$attr][$z]); - break; - default: - $result[$dn][$attr][] = $_result[$x][$attr][$z]; - break; - } - } + $entry['objectclass'] = strtolower($entry['objectclass']); } } + + $result[$dn] = $entry; } return $result; @@ -1813,16 +1849,15 @@ switch ($scope) { case 2: return 'sub'; - break; + case 1: return 'one'; - break; + case 0: return 'base'; - break; + default: $this->_debug("Scope $scope is not a valid scope integer"); - break; } } @@ -1837,7 +1872,7 @@ { switch ($scope) { case 'sub': - $function = $ns_function = 'ldap_search'; + $function = $ns_function = 'ldap_search'; break; case 'base': $function = $ns_function = 'ldap_read'; @@ -1910,25 +1945,28 @@ // Not passing any sort attributes means you don't care if (!empty($sort_attrs)) { - $sort_attrs = (array) $sort_attrs; + $sort_attrs = array_map('strtolower', (array) $sort_attrs); + foreach ($vlv_index[$base_dn]['sort'] as $sss_config) { + $sss_config = array_map('strtolower', $sss_config); if (count(array_intersect($sort_attrs, $sss_config)) == count($sort_attrs)) { + $this->_debug("Sorting matches"); + return $sort_attrs; } } - $this->_error("The requested sorting does not match any server-side sorting configuration"); - - return false; + $this->_debug("Sorting does not match"); } else { - return $vlv_index[$base_dn]['sort'][0]; + $sort = array_filter((array) $vlv_index[$base_dn]['sort'][0]); + $this->_debug("Sorting unimportant"); + + return $sort; } } else { - $this->_debug("Scope does not match. VLV: " . var_export($vlv_index[$base_dn]['scope'], true) - . " while looking for " . var_export($scope, true)); - return false; + $this->_debug("Scope does not match"); } } else { @@ -1946,14 +1984,47 @@ */ protected function find_vlv_indexes_and_searches() { + // Use of Virtual List View control has been specifically disabled. if ($this->config['vlv'] === false) { return false; } + // Virtual List View control has been configured in kolab.conf, for example; + // + // [ldap] + // vlv = [ + // { + // 'ou=People,dc=example,dc=org': { + // 'scope': 'sub', + // 'filter': '(objectclass=inetorgperson)', + // 'sort' : [ + // [ + // 'displayname', + // 'sn', + // 'givenname', + // 'cn' + // ] + // ] + // } + // }, + // { + // 'ou=Groups,dc=example,dc=org': { + // 'scope': 'sub', + // 'filter': '(objectclass=groupofuniquenames)', + // 'sort' : [ + // [ + // 'cn' + // ] + // ] + // } + // }, + // ] + // if (is_array($this->config['vlv'])) { return $this->config['vlv']; } + // We have done this dance before. if ($this->_vlv_indexes_and_searches !== null) { return $this->_vlv_indexes_and_searches; } @@ -2011,7 +2082,7 @@ $_vlv_sort = array(); foreach ($vlv_indexes as $vlv_index_dn => $vlv_index_attrs) { - $_vlv_sort[] = explode(' ', $vlv_index_attrs['vlvsort']); + $_vlv_sort[] = explode(' ', trim($vlv_index_attrs['vlvsort'])); } $this->_vlv_indexes_and_searches[] = array( @@ -2203,23 +2274,23 @@ private function modify_entry_attributes($subject_dn, $attributes) { - // Opportunities to set false include failed ldap commands. - $result = true; - if (is_array($attributes['rename']) && !empty($attributes['rename'])) { - $olddn = $attributes['rename']['dn']; - $newrdn = $attributes['rename']['new_rdn']; - - if (!empty($attributes['rename']['new_parent'])) { - $new_parent = $attributes['rename']['new_parent']; - } - else { - $new_parent = null; - } + $olddn = $attributes['rename']['dn']; + $newrdn = $attributes['rename']['new_rdn']; + $new_parent = $attributes['rename']['new_parent']; $this->_debug("LDAP: C: Rename $olddn to $newrdn,$new_parent"); - $result = ldap_rename($this->conn, $olddn, $newrdn, $new_parent, true); + // Note: for some reason the operation fails if RDN contains special characters + // and last argument of ldap_rename() is set to TRUE. That's why we use FALSE. + // However, we need to modify RDN attribute value later, otherwise it + // will contain an array of previous and current values + for ($i = 1; $i >= 0; $i--) { + $result = ldap_rename($this->conn, $olddn, $newrdn, $new_parent, $i == 1); + if ($result) { + break; + } + } if ($result) { $this->_debug("LDAP: S: OK"); @@ -2234,6 +2305,12 @@ $old_parent_dn = implode(",", $old_parent_dn_components); $subject_dn = $newrdn . ',' . $old_parent_dn; } + + // modify RDN attribute value, see note above + if (!$i && empty($attributes['replace'][$attr])) { + list($attr, $val) = explode('=', $newrdn, 2); + $attributes['replace'][$attr] = self::quote_string($val, true, true); + } } else { $this->_debug("LDAP: S: " . ldap_error($this->conn)); @@ -2291,7 +2368,7 @@ } private function parse_aclrights(&$attributes, $attribute_value) { - $components = explode(':', $rights); + $components = explode(':', $attribute_value); $_acl_target = array_shift($components); $_acl_value = trim(implode(':', $components)); @@ -2515,14 +2592,15 @@ /** * Quotes attribute value string * - * @param string $str Attribute value - * @param bool $dn True if the attribute is a DN + * @param string $str Attribute value + * @param bool $dn True if the attribute is a DN + * @param bool $reverse Do reverse replacement * * @return string Quoted string */ - public static function quote_string($str, $is_dn = false) + public static function quote_string($str, $is_dn = false, $reverse = false) { - // take firt entry if array given + // take first entry if array given if (is_array($str)) { $str = reset($str); } @@ -2550,10 +2628,42 @@ ); } + if ($reverse) { + return str_replace(array_values($replace), array_keys($replace), $str); + } + return strtr($str, $replace); } /** + * Unify DN string for comparison + * + * @para string $str DN string + * + * @return string Unified DN string + */ + public static function unified_dn($str) + { + $result = array(); + + foreach (explode(',', $str) as $token) { + list($attr, $value) = explode('=', $token, 2); + + $pos = 0; + while (preg_match('/\\\\[0-9a-fA-F]{2}/', $value, $matches, PREG_OFFSET_CAPTURE, $pos)) { + $char = chr(hexdec(substr($matches[0][0], 1))); + $pos = $matches[0][1]; + $value = substr_replace($value, $char, $pos, 3); + $pos += 1; + } + + $result[] = $attr . '=' . self::quote_string($value, true); + } + + return implode(',', $result); + } + + /** * create ber encoding for sort control * * @param array List of cols to sort by
View file
php-net-ldap3.dsc
Changed
@@ -2,7 +2,7 @@ Source: php-net-ldap3 Binary: php-net-ldap3 Architecture: all -Version: 1.0.1-0~kolab5 +Version: 1.0.2-0~kolab1 Maintainer: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> Uploaders: Christoph Wickert <wickert@kolabsys.com> Homepage: http://kolab.org @@ -12,5 +12,5 @@ Package-List: php-net-ldap3 deb php optional Files: - 00000000000000000000000000000000 0 pear-Net-LDAP3-1.0.1.tar.gz + 00000000000000000000000000000000 0 pear-Net-LDAP3-1.0.2.tar.gz 00000000000000000000000000000000 0 debian.tar.gz
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.