Re: [PHP] Public/Private Key Encryption
On Sun, Feb 06, 2005 at 09:23:30PM +, Daniel Bowett wrote: Is there any way I can use public/private key encryption in php in a similar way to mcrypt. I have got php encrypting the data using gnugp but need to automate the decrytping element which is proving difficult because of the way the password is passed. Don't know exactly what mcrypt does, but you can find an example of public key crypto with PHP at http://www.venaas.no/php/ Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Password in LDAP with php
On Mon, Jan 05, 2004 at 10:45:58AM -0500, Chakravarthy Cuddapah wrote: You can do this in PHP. Check this: http://us4.php.net/manual/en/ref.ldap.php I wrote a form in PHP to add users to LDAP, change passwords etc. Check this https://www.cuddapahonline.net/ldap/ I can send the forms if you want. I'm also planning to commit to PHP a new function that uses the LDAP control specificed in RFC 3062 for changing passwords. I have some code that might work... The point is that instead of updating the userPassword attribute, doing your own hashing etc. you just give the LDAP server the old and new password in clear text. This is very useful in cases where the password isn't stored in the LDAP tree itself. It requires the LDAP server to support RFC 3062 though, not sure if there are others than OpenLDAP. I would need some volunteer that could test a patch. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] racing NO domain names problems! (For nordmenn!)
On Tue, Dec 16, 2003 at 07:30:09PM +0100, Kim Steinhaug wrote:
To solve this problem you need a norwegian keyboard so I
Nah, you can just cut and paste (:
might aswell type the whole question in norwegian, sorry gyez!
---
Jeg har støtt på noen problemer når det gjelder å konvertere
domenenavn mot Norids egen ACE konverter. Jeg har prøvd
med både POST metoder og GET metoder men resultatet blir
uansett det samme.
Jeg sender en henvendelse til Norids side, og ønsker å parse
resultatet, problemet er bare at Norids side nekter å godta selve
bokstavene æøå av en eller annen grunn. En metode er eks.
?
$page
='http://www.norid.no/domenenavnbaser/ace/?action=Convertname=blåbær.no';
$fd=fopen($page,r);
while ($line=fgets($fd,1000)) {
echo $line; } fclose ($fd);
?
Som du ser på det som kommer ut godtaes ikke ÆØÅ.
Jeg har prøvd å sende blåbær som bl%E5b%E6r.no men samme problem.
Jeg tenkte kanskje det er en begrensning med GET eller at de har lagt inn en
sperre på GET for å bare bruke POST, men den gang ei. POST med sockets
gir samme resultat, uanhengig om man benytter å eller %E5.
Blir POST data kodet annerledes en GET data, altså å=%E5?
In the document with the form, it says:
form method=post action=/domenenavnbaser/ace/
enctype=application/x-www-form-urlencoded
so I guess it will work if you use this encoding. But the document is
also in UTF-8, so you may have to do UTF-8 encoding first and then URL
encode that perhaps.
It works with e.g. mozilla, I guess you could also try to see what
exactly it sends.
Someone non-Norwegian might have suggestions regardig UTF-8 documents
and URL-encoding. I think browser sends post data with same charset
as the main document...
Stig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php / ldap
On Wed, Oct 30, 2002 at 09:28:00AM -0500, GC wrote: Hi, using php_ldapadd, I get this error in ldap.log: Oct 30 09:23:43 Lunar slapd[10714]: conn=202 op=1 RESULT tag=105 err=65 text=object class 'posixAccount' requires attribute 'uidNumber' How do I get the next available uid number from my ldap database and then use that number for uidnumber? This is a classic LDAP problem. If you have server side sorting you can ask for uidNumber in sorted order, and set sizelimit to 1. Not all servers support it though, and it's not easy to specify this in PHP. Another possibility might be to remember last max, and only search for larger values (of course you could search for all). Finally if you can control how data is updated, you could have a special attribute in a special object containing the highest uid, and update that whenever you add a higher one. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ldap_add problem
On Thu, Oct 24, 2002 at 04:37:56PM -0400, GC wrote: Hi, I wrote a simple page that tries to enter a string into a LDAP server. I get the following error: Warning: LDAP: add operation could not be completed. in /var/www/html/user/adduser_p.php on line 65 Where in my log files can I go to look for more detailed info on that error, I don't know if I have logging enabled for slapd. Thanks!! There are a number of things that could be wrong, but the most likely is access rights I suppose. The best way to solve this is indeed to turn on more logging in slapd if necessary. Please see slapd docs for how to do this. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: LDAP (NDS) authentication example...
On Thu, Sep 12, 2002 at 09:37:22AM +1000, joshua wrote: i'm not sure if i follow you. i have never used ldap to write authentication scripts as i've only used the .htaccess method. to retrieve data you need to bind using a username/password combination that is valid. i guess you could test your user's username/password by using it to attempt a bind. The example below is correct, however in many cases you can avoid the anonymous search. If say for all users you have entries with dn's like uid=dj, o=users, dc=mycompany, dc=com you can just do $dn = uid=$inp_uid, o=users, dc=mycompany, dc=com; $ds = ldap_connect(ldap.someserver.com); $r = ldap_bind($ds, $dn, $inp_passwd); and check whether $r is true. Someone reported that there is some implementation where this is falsely true for empty password, so prior to this I would chech that the password string is non-empty, just to be sure. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP and LDAP over SSL
On Wed, Sep 04, 2002 at 02:26:49PM +0200, Søren Henning Dalgaard wrote: I can make an ldap_connect with the ldaps://hostname/ parameter but what next: How can make an ldap_bind command? How can I encrypt and decrypt the data? When using ldaps:// all communications are through SSL, you do bind etc as usual and your data will be tunneled through SSL. How do I specify a key/certificate for encrypting and decrypting? For SSL and the necessary encryption you only need a certificate at the server. It seems you have done this, that is enough for the communications to be encrypted. You may want to give your client a certificate for the CA that signed the server certificate, see my mail on LDAP and SSL on php-general from Aug 26th (and the mail I replied to). It is also possible to give the client a certificate if you want the server to know which client it is talking to. For details on LDAP and SSL I suggest you look at OpenLDAP docs, in OpenLDAP list archives etc. Doing SSL with OpenLDAP is the same when using PHP and other tools. Using ldaps:// in the connect is similar to using -H ldaps:// to OpenLDAP tools like ldapsearch etc. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] LDAP Authentication problem
On Wed, Sep 04, 2002 at 03:58:18PM -0400, Brad Harriger wrote: I'm trying to retrieve information from an NDS server using LDAP functions in PHP 4.06. I am able to establish the connection and bind to the server using an anonymous bind, but when I try to bind as a valid user, the app seems to run in an infinite loop. I'm not sure where to look for the cause of this problem. Any suggestions would be appreciated. The app, is that your PHP script? Or is it the LDAP library (PHP is stuck in ldap_bind()?), or is it the NDS server? Perhaps you should try to authenticate and search with ldapsearch or similar tool and see if it happens then? Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP and LDAP over SSL
On Fri, Aug 23, 2002 at 11:52:11AM -0500, Curtis Robinson wrote: So, I see that php does not have the CA. But, I have no clue as to where to define the location of the CA in the php configuration. So, does anyone know how I can configure this option? Are you using OpenLDAP? The below is only valid for OpenLDAP. When you tested on the command line, didn't you modify your ldap.conf? Anyway, in ldap.conf you can specify: TLS_CACERT /path/to/ca.crt Make sure that this file is readable by your webserver. You might also want to specify the following in .ldaprc (in the users home directory): TLS_CERT /path/to/client.crt TLS_KEY /path/to/client.key If you run apache as say nobody, they must be in the home directory of nobody I guess... Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ldap_rename refused to work
On Wed, Aug 14, 2002 at 02:18:58AM -0700, Roger Thomas wrote: built: php-4.2.2 with openldap 2.0.25 i tried using the ldap_rename function to modify the dn of my ldap db but nothing seems to happen. the record was not change at all. i have followed closely the code-snippet that was given by Mr Stig Venaas at: http://marc.theaimsgroup.com/?l=php-generalm=100949195224325w=2 But you're not doing what I wrote... // we want to transfer user roger from Civil Engineering to Credit section in Finance $r=ldap_rename($ds, uid=roger,ou=People,ou=Civil,o=Engineering,dc=mydomain,dc=net, uid=roger,ou=People,ou=Credit,o=Finance,dc=mydomain,dc=net, dc=mydomain,dc=net,TRUE); The third parameter should be the new rdn (which is the same as the old), and the fourth should be new parent. So it should look like this: $r=ldap_rename($ds, uid=roger,ou=People,ou=Civil,o=Engineering,dc=mydomain,dc=net, uid=roger, ou=People,ou=Credit,o=Finance,dc=mydomain,dc=net, TRUE); Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: ldap_add() - null values in fields produce an value #0 invalid per syntax error on ldap server
On Thu, Jul 18, 2002 at 08:17:59PM -0500, Richard Lynch wrote: #0 is basically just LDAP's way to represent NULL, most likely. $info[mail]=; // - NULL VALUE HERE // The following lines also produce the same result... //$info[mail]=NULL; // --- NULL value here //$info[mail]=\0; // --- NULL value here //$info[mail]; // --- NULL value here Whoa! Never mind. Something is very broken in the LDAP stuff if '' and NULL from PHP are being turned into NULL in LDAP, and then LDAP complains about it... Nah... and NULL (and I suppose \0) are all being changed to the string before PHP attempts to add it. What I think the LDAP server tries to say, is that the syntax doesn't accept an empty string as value. I tried to create an LDIF file containing an attribute with no value, like this: dn: cn=stig,o=photos,dc=venaas,dc=no objectClass: photo cn: stig description: and I got exactly the same error from ldap_add(1). So this is in my opinion an LDAP issue and not a PHP issue. OpenLDAP 2 has more proper schema checking. Perhaps you could try to turn off schema checking? Or I guess in theory the syntax for the relevant attribute could be made more relaxed. You could try to ask about this on the openldap-software list if you need more LDAP help. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ldap_modify parameters?
On Thu, Aug 01, 2002 at 09:52:12AM -0400, Chad Day wrote: Also tried that, no success, unless I am missing something. ... $info[st]=stchanged!; ... ldap_modify($ds, 'uid=testing,cn=online-leagues.com', $info); Fatal error: LDAP: Unknown Attribute in the data in /usr/local/www/sites/online-leagues.com/htdocs/ldapform.php on line 31 The problem is that $info contains not just the LDAP data, but also a list of attributes, like say $info[2] == st. I wish that were never put in there, but we have to live with it now. You either have to create a new array with exactly you want in the entry (or I guess remove these extra values, use var_dump($info) and you should see what I'm talking of), or instead use ldap_mod_replace() using say $mods[st] = stchamged; ldap_mod_replace($ds, 'uid=testing,cn=online-leagues.com', $mods); Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Image out of LDAP
Hi On Tue, Jul 30, 2002 at 09:00:09AM +0200, Manuel Vazquez wrote: Good morning, I'm running a OpenLDAP database which includes JPEG photos for some entries. The purpose is to view these images on a web page. Unfortunately I do not have much experience with PHP so any help would be very appreciated. The archives should be useful. See http://marc.theaimsgroup.com/?l=php-devm=102495056502016w=2 for the general idea. For the actual script, have a look at http://marc.theaimsgroup.com/?l=php-generalm=93635963618041w=2 Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP and geographic maps
On Thu, Jul 11, 2002 at 04:26:38PM -0700, Lazor, Ed wrote: I was just checking it out. That map is awesome! What's funny is that it even has an option to display the picture of a house at the coordinates you specify. Thanks for the compliment *grin* I have no idea why I didn't. Probably just got lazy hehe My only excuse is that I think vacation mode has kicked in - even though it doesn't technically start until tomorrow evening. I'm also very interested in this stuff. I have some plans for storing geographical coordinates in a database (LDAP in my case) and plot locations on a map. I have some simple stuff misusing mapblast, see http://www.venaas.no/whereami/ Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ./onfigureing php
On Tue, Jun 25, 2002 at 03:33:28PM -0400, [EMAIL PROTECTED] wrote: I am trying to configure php4.2.1 with following commands on a Redhat 7.2 box ./configure --with-mysql --with-apache=../apache_1.3.20 --enable-track-vars --with-imap=../imap-2001.RELEASE-CANDIDATE.1 --with-config-file-path=/opt/apache --with-ldap=/usr/local --with-gd --with-jpeg-dir=/usr/local --with-jpeg --with-xpm-dir=/usr/local --with-xpm --with-ttf=/usr/local --with-snmp=/opt/ucd-snmp However i am getting the following error. configure: error: Cannot find ldap.h I have configured and comnpliled openldap-2.0.15 with the following commands ./configure --prefix=/usr/local/openldap2.0.15 Since openldap is installed in /usr/local/openldap2.0.15 you should use --with-ldap=/usr/local/openldap2.0.15 when configuring PHP. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Binding to LDAP/SASL w/PHP
Hi Quinn I see no one has responded yet. As I said on the OpenLDAP list, this is not currently possible. Maybe I implement something some time in the future, but patches would be welcome... If no one responds, I suggest you go to http://bugs.php.net/ and submit a feature request. Or you could of course help implement something if you like. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] cannot see LDAP userPassword and createTimestamp attr
On Tue, Feb 26, 2002 at 07:42:15PM -0800, tim tom wrote: why can't i see the createTimestamp and userPassword bcos i did an *authenticated bind* ! the script: This depends on the LDAP server. createTimestamp is an operational attribute and is not returned by default. You can specify explicitly that you want this attribute, or use the magical name + to get all operational attributes. The userPassword attribute is normally protected but it seems like you fixed that. I think the problem you see is that PHP always returns attributes in lower case. It might be a good idea to do var_dump() of array returned by ldap_get_entries() to see what's in it. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP and OpenLDAP
On Thu, Jan 03, 2002 at 10:42:30AM -0700, Quinn Perkins wrote: I have installed OpenLDAP 2.x on an OS X Server 10.1.2 box. Everything seems to be fine. I have written a simple PHP front end to modify LDAP values. I can modify values in the core.schema without any problem, but if I try to modify anything in cosine.schema or inetorgperson.schema, I get an error (Warning: LDAP: modify operation could not be completed. in ldapeditor.b2.php on line 247) This ONLY happens when I try and modify a value in a schema other than core.schema. The project I am working on will require use of cosine and inetorgperson schemas. This is a test page to make sure I can read/write values. I see you don't modify the object class, does the current object class allow the new attributes. If say the current class is person, you will get an error. You could also try to look at your slapd log. You could also get a lot of useful info from slapd by starting it in debug mode (-d7) or some other number than 7 perhaps. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Again (still?) problems with php and ldaps
On Thu, Dec 06, 2001 at 12:08:12PM +0100, Susanne Benkert wrote: After recompiling my Php with the newest LDAP-Libraries and Openssl ldap_connect(ldap://hostname;) works. But I still have problems with ldap_connect(ldaps://hostname): Could you check whether ldapsearch -H ldaps://hostname works? PHP should work if and only if this works. As hostname you should use the same as the CN in the certificate, probably the FQDN (full hostname and domain). What did I wrong? Does Php need its own Key/Certificate (as client certificate)? Or is something wrong with my server certificate of Ldap? (But I can't imagine, because other actions like ldapsearch already seem to work with TLS.) Did you also try with -H ldaps:// and the same hostname? Client certificate is only needed if you put TLSVerifyClient 1 in slapd.conf on the server. Has anything should be change in the configuration of php when using it with SSL and Openldap? No. I suggest you try to get ldapsearch -H ldaps://host/ to work first. If it doesn't work (and you don't get more answers here), please ask on the OpenLDAP lists. If you get ldapsearch -H to work, but not PHP, then this is the place to ask or submit a report at bugs.php.net. I'm pretty sure ldapsearch -H will give the same error though. I see now that you did mail the OpenLDAP list as well. I think that is the right place, but there is a danger people there will think it's a PHP problem. If you don't get answers there, test with ldapsearch -H, and if that fails, post that on the OpenLDAP list as well, since in that case PHP isn't involved. I could try to provide more help if necessary, but I'll be mostly available for over a week now, so I hope some others will offer help as well. Don't give up, Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] ldap_connect(URI)?
Hi again Susanne, I'm on this list too...
On Tue, Dec 04, 2001 at 11:13:51AM +0100, Susanne Benkert wrote:
The LDAP server is already recompiled and running with ssl/tsl-support.
PHP-4.0.6. is compiled with-openssl. But when I try to use
ldap_connect('ldaps://hostname/') like suggested in the manual, the
script can't connect the server. Also 'ldap://...' or 'http://..' don't
work, so it seems, that PHP doesn't support URIs in this position, but
according to the manual it should do.
What's wrong with my script or my installation?
Thank you for your support.
This works for me. For ldap_connect(ldap://hostname;) to work, you need
OpenLDAP 2.x libs but that's all. Are you sure PHP is using that library?
If you use for instance Linux, you could try to check with ldd binary.
Also when you configure PHP, you can try --with-ldap=ldapinstalldirectory
and not just --with-ldap. When this is working, you can start thinking of
ldaps.
For ldap_connect(ldaps://hostname) to work, you need to compile the
OpenLDAP 2.x libs with SSL/TLS, and also configure PHP with --with-openssl.
Stig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP LDAP
On Tue, Dec 04, 2001 at 07:41:14AM +0800, Hafiz Malik wrote: hi there.. i'm succesfully add ldap entry(jpegphoto) using PHP via below codes.. but failed to modify it.. any ideas? Not really. Could you check what ldap_modify() returns, did you get any warnings from PHP? Turn on more debugging if necessary. Could you also try to do the same operation with ldap_modify on the command line? It might also be good to check your LDAP server logs (turn on more debugging if necessary). Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] ldap_connect(URI)?
On Tue, Dec 04, 2001 at 12:19:24PM +0100, Susanne Benkert wrote: This works for me. For ldap_connect(ldap://hostname;) to work, you need OpenLDAP 2.x libs but that's all. Are you sure PHP is using that library? I'm quite sure, because other ldap functions work properly such as ldap_connect(hostname); or ldapsearch()... I already have a few PHP websites which are using these functions without problems. Only the newer ones like ldap_set_option() or ldap_start_tls() or (as mentioned) ldap_connect() with an URI don't work, although I use a PHP version that should support these things. Are there any additional libs for that? It really sounds like you are using PHP with another LDAP library than OpenLDAP 2.x or Netscape. If you could recompile PHP, could you try to see what LDAP library is used in the compilation? Maybe you can see it by grepping for ldap in config.log. Could you check if you have the file ldap.h in several locations. Has all the ldap.h you find got something like this inside them: #define LDAP_API_VERSION 2004 PHP checks for this to determine if ldap_set_option() etc. should be included. If the ldap.h comes from OpenLDAP 2.x, LDAP_API_VERSION should be defined. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] LDAP sorting
The LDAP sorting code I posted a couple of days ago was a bit lacking.
Here's a function that should work:
function myldap_sort($data, $attr) {
// -1 because of the count entry
echo #, $n = count($data) - 1;
for ($i=0; $i$n; $i++) {
$a[$i]=$data[$i][$attr][0];
}
asort($a);
reset($a);
for ($j=0; list($i,) = each($a); $j++) {
$sorted[$j] = $data[$i];
}
return $sorted;
}
It's not fast, but should work. Example usage:
$info = ldap_get_entries($ds, $sr);
$sorted = myldap_sort($info, cn);
It assumes that the attribute specified is present in all the entries,
and only uses the first value of the attribute.
Stig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Memory leaks with LDAP?
On Thu, Nov 29, 2001 at 09:38:19AM -0700, Darren Gamble wrote: Hey all, Has anyone else had problems with memory leaks using PHP's LDAP functions? Yes I'm running php-4.0.6-7 as a module for apache-1.3.20-16; all Redhat 7.2 RPMs. I posted a message on the PHP bug page recently, but, by reading the posting guidelines on that page it seems that there is a good chance that no one will even look at it. I'm hoping that someone on this list has encountered something similar and would be able to share their resolution. I'm trying to keep track of all LDAP related reports. If yours haven't been attended to, please give me the report number. A number of leaks have been fixed recently, could you test with a recent snapshot from snaps.php.net (or CVS)? I think the fixes will be in 4.1.0 as well, you might test it (or one of the RCs) when it's released shortly. If you still see leaks, please mail me a shortest possible script that demonstrates the problem. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] LDAP server side sorting
Hi
On Tue, Nov 27, 2001 at 04:08:39PM +0200, Christos Sintoris wrote:
Does anybody know how to call ldap_set_option in order to use server side
sorting?
using:
$sortval={'cn', 0,1};
$ctrl1 = array(oid = 1.2.840.113556.1.4.473, value =$sortval);
ldap_set_option($ds, LDAP_OPT_SERVER_CONTROLS, array($ctrl1));
reports success, but ldap_get_option() returns nothing and a subsequend
ldap_search
returns protocol error. I use LDAP V3 (iPlanet).
I think perhaps the control would have to be given as part of the
search (which is not possible in PHP right now). Support for this
might be added if several people find it useful. Why do you want
server side sorting? How about sorting it on the client side?
Next PHP release (in CVS now) will have a function ldap_sort()
that helps you do it on the client. After the search, you can
simply do ldap_sort($ds, $sr, cn); if you want to search on cn.
Stig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] LDAP sorting
On Wed, Nov 28, 2001 at 03:08:52PM +0930, [EMAIL PROTECTED] wrote:
Hi All-
Can anyone tell me if PHP's LDAP functions support server side sorting of
search results as defined in this RFC:
http://www.ietf.org/rfc/rfc2891.txt
Not currently, maybe it will... Depends on how many wants it.
Sorting results from LDAP searches in PHP is a pain because of the
structure
of the result array.
Yes, but I think that's a poor excuse for doing it on the server side.
I think this should be done by the client in most cases. One might
also need to take the clients locale into account when sorting the
data.
Alternatively if anyone has a nice function for sorting the array returned
by
ldap_get_entries() by any desired attribute, that would be a great help
also.
It's not that hard. What I do, is that I create a new simple array
with just the attribute values I want to sort on and preserve the
indices of the result array. Next I sort that array (again
preserving indices). The indices of the sorted array now give me
the order I should use when displaying the entries from the result
array. Not that hard, it looks something like this:
$n=ldap_count_entries($ds,$sr);
$info = ldap_get_entries($ds, $sr);
ldap_free_result($sr);
for ($i=0; $i$n; $i++) {
$cn[$i]=$info[$i][cn][0]);
}
asort($cn);
reset($cn);
for ($j=0; list($i,) = each($cn);) {
$sorted[$j] = $info[$i];
}
Anyway, the next PHP release (in CVS or snapshots now) will have a
function ldap_sort() for client side sorting. After you've done
the search, simply do ldap_sort($ds, $sr, cn);
and you have sorted the results on cn, and you access the result
as usual afterwards.
Stig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] LDAP server side sorting
On Wed, Nov 28, 2001 at 05:26:22PM +0200, Christos Sintoris wrote: Server side sorting is useful when network traffic costs more than processing time. Yes, there are some exceptions. The server side sorting control in conjunction with the virtual list view control returns only a subset of entries to the client. Yes. In the PHP Manual is stated that is possible to set ldap controls using the ldap_set_option directive. This however does not seem to work. The code I used to try this is below. I would like to know if anyone has tried it successfully or has any experience in setting up server side controls through php. I have, it works. If you were to use it for this, you would have to BER encode a sequence and pass a string not an array. But that's not the main problem. The way I interpret RFC 2891, the server side control is to be sent along with the search operation, not as a individual operation. This is not currently supported in PHP. I'm sort of planning to implement it. I'm not able to test it though, if you or others know of a publicly available server that I can test against, let me know (okay, I could probably find one myself with some digging around). Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] array_unique() workaround?
On Wed, Nov 14, 2001 at 09:17:03AM +0100, Spunk S. Spunk III wrote: I'm working on a script that needs array_unique() but my host is using 4.0.4 and it's broken in that build. Does anyone have a good workaround for this? I can wait for my host to upgrade but if I release this code, it would be better to have the workaround... I just need a good way to check for dups in an array and remove them. I can't get my brain around it... If you can sort the array, it is quite easy, simply sort it and look for consecutive values that are equal. Depending on your values, you might also try array_flip() twice. The values becomes keys and keys values, and then back again. You will then have unique values. Yet another way could be to use array_count_values() perhaps. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] problem with function array_* that preserved the key
On Sat, Nov 03, 2001 at 03:54:23PM -0500, Reuben D Budiardja wrote: since the key are preserved, arrC is no longer indexed from 0. Well, in most cases I don't care about the key if it's just indexed array. But since the key I preserved, I can no longer do for($i=0; $icount($arrC);$i++) echo $arrC[$i]; if it happens that the returned indedex in array C 19, 20,25, for example. Any workaround? There are many other ways you could traverse the array, but I think array_values() does what you want. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] User Authentication against remote authentication serve r [ LDAP ]
On Mon, Oct 29, 2001 at 04:54:37PM -0700, Johnson, Kirk wrote: Thanks for the link, Kurt. Can you also point to any authentication code examples, or further discussion? The user comments in the manual suggest there are at least a couple ways to code stuff, ldap_compare vs ldap_bind. Any additional help appreciated. I might be able to help if you have some more precise questions, but basically there are two ways LDAP can be used. You can either use it as a data store or you can have LDAP make the authentication decision for you. If you want the user to supply username and password, the authentication can be done as follows: As data store: Hopefully the passwords are stored encrypted. Then there are two ways. If the password is stored encrypted with some unknown salt where the salt is stored together with the password (like the traditional UNIX way), your PHP script retrieves the encrypted password from LDAP, checks the salt, encrypts the user supplied password using the salt, and compare the two. If you don't use a salt you can encrypt the password from the user and just do an ldap_compare to check that it's the same as in the LDAP server. You get better security by not allowing people to read the encrypted passwords from LDAP. To store passwords encrypted in LDAP, SHA1 might be a good choice, PHP has this. As decision maker: You can simply bind to the server on behalf of the user, you use the user supplied username and password as arguments to ldap_bind(). If the bind succeeds, you let the user access your stuff. In this case you should consider using SSL/TLS for talking to the server. There are other ways to authenticate with LDAP, RFC 2829 gives a good overview. You can find it at for instance http://www.ietf.org/rfc/rfc2829.txt I could go into more detail, but to write a complete general overview would be a lot of work. You might also have a look at a really short presentation I've made at http://www.uninett.no/info/seminar/gnomis/ldapauth.pdf Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] php+apache 2
On Wed, Oct 03, 2001 at 01:32:13AM +0200, Jiri Mikulas wrote: sapi_apache2.c: In function `php_input_filter': sapi_apache2.c:248: too many arguments to function `ap_get_brigade' I haven't looked that much at the code, you could perhaps try to simply remove the last parameter... Not sure how well that would work. I build with 2.0.18, I then had to remove the last parameter in the ap_save_brigade call. Perhaps the best thing is to get the latest from http://dev.apache.org/dist/. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Generating UTF Files
On Thu, Sep 20, 2001 at 02:57:43PM +0200, Jens Kisters wrote: Hello, I was asked to generate files in UTF-8 Format, where can i find infos on this? Is it a multi-byte charset? How do i use other charset in PHP? can i just switch to another charset and then make $a=a; where a is the UTF reprensentation of 'a'? or will i have to mold bytes together myself using chr() ? UTF-8 is only an encoding not a charset. You can use utf8_encode() and utf8_decode in PHP. I think Unicode is often used with UTF-8. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Compution of Fibonacci
On Tue, Jul 31, 2001 at 11:59:07AM +0500, Saquib Farooq wrote: hi well first of all you have to remove the colon -- ; sign from the end of your while loop .. that will solve the problem for the time out. then there is problem with your code, this code will never get you the fibonacci since the variable a,b and c never go abone 0, see. :). Just in case anyone is interested... If you want to find the n'th Fibonacci number and not go through the entires sequence, you can use the formula: F(n) = ( P^n - (-P)^(-n) ) / sqrt(5) where P = (1 + sqrt(5))/2 and it's also possible to extend Fibonacci numbers to negative n. Pretty fascinating (: Also, if you have F(n) you can find F(n+1). Let x denote F(n). F(n+1) = floor( (x + 1 + sqrt(5x^2)) / 2). Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Secure LDAP and php 4.0.4pl1
Hi On Tue, May 22, 2001 at 10:18:38PM -0400, Scott Russell wrote: So, what can be done to alter the php ldap functions (and openldap libs?) so that you can choose the SSL protocol to use when connecting? Sorry for the very late answer. The way I see it, this is something that would require changes in the openldap libs, but not in PHP. The best solutions I can think of are: 1. Configuration options in ldap.conf where you also can configure other SSL stuff. Don't remember if version can be configured currently, I would guess not. 2. Some sort of option in the ldaps URL. I think 1 would be cleanest except that the easy fix would set the version for all LDAP SSL connections. I suggest you bring this up on the OpenLDAP mailing lists. I think you should ask how to force openldap libs to use SSL version 2, no point in discussing PHP. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] LDAP trouble! Need help
Hei On Wed, Jun 20, 2001 at 03:04:06PM +0200, Stig-Ørjan Smelror wrote: I have some problems while printing out values of attributes-types which have Equality and/or Substrings values. Example: $get_values = .$info[0][title][0]; # OK. (prints out the value correct) $get_values = .$info[0][postalCode][0]; # NOT OK. (prints out nothing) the title and postalCode attributes are even in the same objectclass (organizationalPerson), but the postalCode attribute has Equality=caseignoreMatch and Substrings=caseIgnoreSubstringsMatch ... The matching doesn't make any difference. I bet the reason is that you need to use postalcode rather than postalCode as index. It might be a good idea to do var_dump($info) to see what it contains. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Secure LDAP and php 4.0.4pl1
On Mon, May 21, 2001 at 07:48:27PM -0400, Scott Russell wrote: Using php 4.0.4pl1 with ssl and ldap support I'm connecting to a secure ldap server. I want to be able to specify which level of ssl support I use, either ssl1, ssl2, or ssl3. By default it appears as if php is trying to connect using ssl3 which on my server fails during the ssl handshake. How can I tell the ldap_connect() / ldap_bind() functions to use ssl2 instead? All the work is done by the LDAP library, PHP just calls the LDAP library with ldaps://hostname, and the library does the rest. You would need to specify it in ldap.conf or something if at all possible. There was a problem with SSL/TLS and SASL in OpenLDAP. This should be fixed in 2.0.8, perhaps you should try without SASL if your library is compiled with SASL support. I've never had to care about ssl versions, I thought that should be worked out automatically. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: [PHP-DEV] Dynamic Update of DNS ??
On Tue, May 08, 2001 at 08:35:37AM -0400, Stig Sæther Bakken wrote: [Stig Venaas [EMAIL PROTECTED]] the LDAP back-end, see http://www/dns/bind/bind-sdb/. If you look at ^^^ I guess this will take most people to somewhere else than they expect. :-) - Stig Yes, I've got a few mails on this, I was in a hurry and just did a cut'n'paste. Almost as fun as telling people to go to localhost... The correct URL is http://www.venaas.no/dns/bind/bind-sdb/ Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: [PHP-DEV] Dynamic Update of DNS ??
On Mon, May 07, 2001 at 06:54:53PM +0200, Vincen Pujol wrote: Hi, Sorry for the crossposting but I don't know where to find a solution for this. I need to be able to update dynamically entries in a DNS (Bind 9). My DNS supports dynamic updates but how to do dynamic updates in my DNS server from a PHP Script ?? Might be interesting to add such a thing to PHP as a PEAR extension maybe, but you could use a separate program for that, and just execute it from PHP. Another possibility is to use my LDAP back-end for BIND rather than dynamic updates. The effect is mostly the same. BIND will look up the data in LDAP every time (lose some performance, normally not a problem), and you can modify the data at any time from for instance PHP by accessing the LDAP server. If anyone wants to look at the LDAP back-end, see http://www/dns/bind/bind-sdb/. If you look at it, please look at version .4 and the dnsZone. Versions prior to .4 shouldn't be used any more, I'll change the web page shortly. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP, LDAP ldap_set_option
On Wed, Apr 11, 2001 at 02:07:04PM +0200, Holger Flocken wrote: Hi, I want to use the LDAP functions of PHP to process every entry in an LDAP directory. Unfortunately the directory contains more than 2 entries and the PHP LDAP functions (ldap_search/ldap_list) report that the timelimit (30 seconds) has been exceed. I tried to use ldap_set_option($ds, LDAP_OPT_TIMELIMIT, 0), but this function doesn't seem to work properly. I'm currently using Apache 1.3.19 with PHP 4.0.4pl1 and Netscape LDAP SDK version 4.1. Does anybody know how I can remove the time limit? If the LDAP server supports it and is willing the option should work. You might want to look at the server config if you are able to. To test if the option works, you might try to set the timeout to say 10s. If it works I expect you to be able to shorten the timeout, but the server might refuse extending it. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] array_diff usage
On Mon, Apr 02, 2001 at 12:41:07AM -0700, V e r b a l wrote:
I'm daft. I don't understand the PHP Manual.
I have two arrays:
Open[0] contains 1 2 3 4 5
Closed[0] contains 1 2
So the arrays contain one string each? array_diff() won't work then.
Try this:
$a = array(1, 2, 3, 4, 5);
$b = array(1, 2);
$test = array_diff($a, $b);
$lines = count($test);
echo $lines;
var_dump($test);
The output should be:
3array(3) {
[2]=
int(3)
[3]=
int(4)
[4]=
int(5)
}
Stig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP LDAP SSL
On Tue, Mar 06, 2001 at 09:27:55AM +0100, Matthieu Le Corre wrote: I try to have the php ldap functions working with SSL , but when the code is executed the apache child die !!! is there anyone with that working Works fine for me. I know one other person with the same problem as you. He also tried with ldapsearch from OpenLDAP 2.0.7 and it crashed, so it seems to be an OpenLDAP problem. Perhaps you should try that as well, just use ldapsearch as usual, but use -H "ldaps://host" rather than -hhost. It then does the same as PHP does, and the result seems to be the same. In his case, the bug seems to be SASL related. I'm not using SASL and it works. So I advise you to try to compile 2.0.7 without SASL libraries, and try ldapsearch then. I don't know what platform you have, but ldd might show you which libraries your current ldapsearch uses. See also the thread "can't connect to secure LDAP server" on the openldap-software list. If it crashes, it would be good if you reported the bug at http://www.OpenLDAP.org/its/. Please try to give as much debug info as possible. gdb might help you. In case you don't know how to use gdb, here's some info. First execute "gdb ldapsearch". You should use the unstripped ldapsearch (openldap-2.0.7/clients/tools/ldapsearch in the source tree). Then on the gdb prompt "(gdb)" type "set args -H ldaps://nwserver.mydomain.com ..." (same arguments as on the command line), and then type run. You should then get some info about where it crashes. When it crashes, type the gdb command "bt". The output will help people know where it crashed. That should be in your bug report. I've assumed a few things here. If your not using OpenLDAP or ldapsearch doesn't crash, the problem is something else. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP LDAP SSL
On Tue, Mar 06, 2001 at 10:54:24AM +0100, Matthieu Le Corre wrote: Hum the ldapsearch work fine !!! with the command : ldapsearch -x -H "ldaps://x..xx:636" I have got a possitive response from server ! and I don't use SASL ... I got some info from the other guy. He also used RH7 which includes SASL libraries, and he had crashes in both PHP and ldapsearch. Could you see if your ldapsearch crashes if you don't use -x parameter? -x tells it not to use SASL while there are no similar option from PHP. The other guy solved it by compiling OpenLDAP 2.0.7 himself without SASL support and using that with PHP. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP LDAP SSL
On Tue, Mar 06, 2001 at 11:22:55AM +0100, Matthieu Le Corre wrote: i don't use SASL so when i use ldapsearch without -x I get "ldap_sasl_interactive_bind_s: Unknown authentication method" but it doesnt crash ! Okay, the other guy had a crash there. For me it works without -x and I don't use SASL either. when i use php ldap functions with ssl php doesn't crash but juste an Apache child crash ! so you think that if i compile openldap without SASL i will work ? i 'm really not sure because it's not that it doesn't work it's just crash ;( The Apache child probably crashes because of segfault or something in the LDAP code, but there could be other reasons. In theory you should get the same behavior with ldapsearch as from PHP. I'm not sure of anything, but what I would have done to debug it, is to use gdb either on the Apache process or on a stand-alone PHP. I prefer debugging with a stand-alon binary myself. Then run PHP with your script and see what happens. If you get a seg-fault or other crash, you can try to use gdb as I explained with ldapsearch to see where PHP crashes. Compiling PHP stand-alone is easy, do configure with just --with-ldap. You don't have to install it either, just run the resulting php binary. If it says something abous sasl where it crashes, I would try to compile OpenLDAP without SASL and then link PHP with the resulting libraries. If you try gdb on the PHP binary and get some message not related to sasl, or have problems using gdb, let me know. Stig -- Duct tape is like the force. It has a light side, and a dark side, and it holds the universe together ... -- Carl Zwanzig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP LDAP SSL
There's been some discussion on the OpenLDAP lists as well, and there seems to be a fix around. See http://www.openldap.org/its/index.cgi/Software%20Bugs?id=889 Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Getting LDAPS to work
On Tue, Feb 20, 2001 at 11:14:41AM -0400, Victor V . Evtushenko wrote:
* John Hallam [EMAIL PROTECTED] [010215 17:58]:
I have got php 4.0.4p1 configured with openssl 0.9.6
and ldap and I'm trying to get an ldap_connect to work
over ldaps as described in the ldap_connect
documentation.
I have no problem connecting using
ldap_connect(hostname) format but I do have a problem
with the URL format. This is what I am doing :-
$Host='ldaps://hostname/';
$ds=ldap_connect($Host);
What is wrong ?? any ideas ??
Why don't you try
$ds = ldap_connect("hostname", 689);
where 689 is port number for SSL connection? If you use another port
number, you should change 689 to whatever you use.
Because then you're not using SSL, and the URL format should work if
you use OpenLDAP 2.x.x libraries, and it does work for me. I've tested
it on Linux and I know people using this heavily on Solaris as well.
Stig
--
Duct tape is like the force. It has a light side, and a dark side, and
it holds the universe together ...
-- Carl Zwanzig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] whois
On Thu, Jan 25, 2001 at 03:37:26PM +0100, Ernest E Vogelsinger wrote:
At 15:13 25.01.2001, Andy Woolley said:
[snip]
I know this is a little off topic but for your information 'whois.ripe.net'
provide information for the .ba TLD
I too am looking for a database of Top Level Domains around the world so if
anyone knows of one I would be very much obliged If I could have a copy.
There's a very cool service out there, you can go to for instance
ba.whois-servers.net to find server for .ba.
So you can basically go to ${TLD}.whois-servers.net to find server for
$TLD.
Stig
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
venaas Sat Jan 13 01:16:35 2001 EDT
Modified files:
/php4/ext/openssl openssl.c
Log:
Realized that emalloc() never returns NULL, simplified code
Index: php4/ext/openssl/openssl.c
diff -u php4/ext/openssl/openssl.c:1.6 php4/ext/openssl/openssl.c:1.7
--- php4/ext/openssl/openssl.c:1.6 Sun Jan 7 03:36:14 2001
+++ php4/ext/openssl/openssl.c Sat Jan 13 01:16:35 2001
@@ -16,7 +16,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.6 2001/01/07 11:36:14 venaas Exp $ */
+/* $Id: openssl.c,v 1.7 2001/01/13 09:16:35 venaas Exp $ */
#include "php.h"
#include "php_openssl.h"
@@ -292,9 +292,6 @@
ZEND_FETCH_RESOURCE(pkey, EVP_PKEY *, key, -1, "OpenSSL key", le_key);
siglen = EVP_PKEY_size(pkey);
sigbuf = emalloc(siglen + 1);
- if (sigbuf == NULL) {
- RETURN_FALSE;
- }
EVP_SignInit(md_ctx, EVP_sha1());
EVP_SignUpdate(md_ctx, Z_STRVAL_PP(data), Z_STRLEN_PP(data));
@@ -304,8 +301,8 @@
ZVAL_STRINGL(*signature, sigbuf, siglen, 0);
RETURN_TRUE;
} else {
- RETURN_FALSE;
efree(sigbuf);
+ RETURN_FALSE;
}
}
/* }}} */
@@ -366,20 +363,8 @@
}
pkeys = emalloc(nkeys * sizeof(*pkeys));
- if (pkeys == NULL) {
- RETURN_FALSE;
- }
eksl = emalloc(nkeys * sizeof(*eksl));
- if (eksl == NULL) {
- efree(pkeys);
- RETURN_FALSE;
- }
eks = emalloc(nkeys * sizeof(*eks));
- if (eks == NULL) {
- efree(eksl);
- efree(pkeys);
- RETURN_FALSE;
- }
convert_to_string_ex(data);
@@ -390,15 +375,6 @@
ZEND_FETCH_RESOURCE(pkeys[i], EVP_PKEY *, pubkey, -1,
"OpenSSL key", le_key);
eks[i] = emalloc(EVP_PKEY_size(pkeys[i]) + 1);
- if (eks[i] == NULL) {
- while (i--) {
- efree(eks[i]);
- }
- efree(eks);
- efree(eksl);
- efree(pkeys);
- RETURN_FALSE;
- }
zend_hash_move_forward_ex(pubkeysht, pos);
i++;
}
@@ -420,32 +396,10 @@
#if 0
/* Need this if allow ciphers that require initialization vector */
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
- if (ivlen) {
- iv = emalloc(ivlen + 1);
- if (iv == NULL) {
- for (i=0; inkeys; i++) {
- efree(eks[i]);
- }
- efree(eks);
- efree(eksl);
- efree(pkeys);
- RETURN_FALSE;
- }
- } else {
- iv = NULL;
- }
+ iv = ivlen ? emalloc(ivlen + 1) : NULL;
#endif
/* allocate one byte extra to make room for \0 */
buf = emalloc(Z_STRLEN_PP(data) + EVP_CIPHER_CTX_block_size(ctx));
- if (buf == NULL) {
- for (i=0; inkeys; i++) {
- efree(eks[i]);
- }
- efree(eks);
- efree(eksl);
- efree(pkeys);
- RETURN_FALSE;
- }
if (!EVP_SealInit(ctx, EVP_rc4(), eks, eksl, NULL, pkeys, nkeys)
#if OPENSSL_VERSION_NUMBER = 0x0090600fL
@@ -542,9 +496,6 @@
le_key);
buf = emalloc(Z_STRLEN_PP(data) + 1);
- if (buf == NULL) {
- RETURN_FALSE;
- }
if (EVP_OpenInit(ctx, EVP_rc4(), Z_STRVAL_PP(ekey),
Z_STRLEN_PP(ekey), NULL, pkey)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-CVS] cvs: php4 /ext/ldap ldap.c
venaas Sat Jan 13 02:00:31 2001 EDT
Modified files:
/php4/ext/ldap ldap.c
Log:
Fixed memory leaks that could happen in some error situations. Also removed
some unnecessary code in ldap_set_option()
Index: php4/ext/ldap/ldap.c
diff -u php4/ext/ldap/ldap.c:1.79 php4/ext/ldap/ldap.c:1.80
--- php4/ext/ldap/ldap.c:1.79 Fri Jan 12 14:08:26 2001
+++ php4/ext/ldap/ldap.cSat Jan 13 02:00:27 2001
@@ -23,7 +23,7 @@
*/
-/* $Id: ldap.c,v 1.79 2001/01/12 22:08:26 venaas Exp $ */
+/* $Id: ldap.c,v 1.80 2001/01/13 10:00:27 venaas Exp $ */
#define IS_EXT_MODULE
#include "php.h"
@@ -235,7 +235,7 @@
php_info_print_table_start();
php_info_print_table_row(2, "LDAP Support", "enabled" );
- php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.79 2001/01/12
22:08:26 venaas Exp $" );
+ php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.80 2001/01/13
+10:00:27 venaas Exp $" );
php_info_print_table_row(2, "Total Links", maxl );
#ifdef LDAP_API_VERSION
snprintf(ldapapiversion, 31, "%d", LDAP_API_VERSION);
@@ -660,6 +660,7 @@
for(i=0; inum_attribs; i++) {
if(zend_hash_index_find((*attrs)-value.ht, i, (void
**) attr) == FAILURE) {
php_error(E_WARNING, "LDAP: Array
initialization wrong");
+ efree(ldap_attrs);
RETURN_FALSE;
}
@@ -778,7 +779,12 @@
}
ldap = _get_ldap_link(link);
- if (ldap == NULL) RETURN_FALSE;
+ if (ldap == NULL) {
+ if (ldap_attrs != NULL) {
+ efree(ldap_attrs);
+ }
+ RETURN_FALSE;
+ }
php_set_opts(ldap, ldap_sizelimit, ldap_timelimit, ldap_deref);
@@ -1387,6 +1393,12 @@
ldap_mods[i]-mod_type = estrdup(attribute);
} else {
php_error(E_ERROR, "LDAP: Unknown Attribute in the data");
+ /* Free allocated memory */
+ while (i = 0) {
+ efree(ldap_mods[i--]);
+ }
+ efree(num_berval);
+ efree(ldap_mods);
RETURN_FALSE;
}
@@ -1770,9 +1782,6 @@
RETURN_FALSE;
}
ctrls = emalloc((1 + ncontrols) * sizeof(*ctrls));
- if (ctrls == NULL) {
- RETURN_FALSE;
- }
*ctrls = NULL;
ctrlp = ctrls;
zend_hash_internal_pointer_reset(Z_ARRVAL_PP(newval));
@@ -1781,7 +1790,6 @@
php_error(E_WARNING, "The array value must
contain only arrays, where each array is a control");
error = 1;
break;
- RETURN_FALSE;
}
if (zend_hash_find(Z_ARRVAL_PP(ctrlval), "oid",
sizeof("oid"), (void **) val) == FAILURE) {
php_error(E_WARNING, "Control must have an oid
key");
@@ -1789,10 +1797,6 @@
break;
}
ctrl = *ctrlp = emalloc(sizeof(**ctrlp));
- if (ctrl == NULL) {
- error = 1;
- break;
- }
convert_to_string_ex(val);
ctrl-ldctl_oid = Z_STRVAL_PP(val);
if (zend_hash_find(Z_ARRVAL_PP(ctrlval), "value",
sizeof("value"), (void **) val) == SUCCESS) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-CVS] cvs: php4 /ext/standard http_fopen_wrapper.c
venaas Fri Jan 12 12:49:25 2001 EDT
Modified files:
/php4/ext/standard http_fopen_wrapper.c
Log:
Follows redirects again, and $http_response_header now contains all headers
with an empty string as delimiter
@- Made fopen() of HTTP URL follow redirects, $http_response_header will
@ contain all headers with empty string as delimiter (Stig Venaas)
Index: php4/ext/standard/http_fopen_wrapper.c
diff -u php4/ext/standard/http_fopen_wrapper.c:1.3
php4/ext/standard/http_fopen_wrapper.c:1.4
--- php4/ext/standard/http_fopen_wrapper.c:1.3 Fri Oct 27 18:31:56 2000
+++ php4/ext/standard/http_fopen_wrapper.c Fri Jan 12 12:49:25 2001
@@ -17,7 +17,7 @@
| Hartmut Holzgraefe [EMAIL PROTECTED] |
+--+
*/
-/* $Id: http_fopen_wrapper.c,v 1.3 2000/10/28 01:31:56 zeev Exp $ */
+/* $Id: http_fopen_wrapper.c,v 1.4 2001/01/12 20:49:25 venaas Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -263,26 +263,40 @@
}
}
}
- {
- ELS_FETCH();
- zend_hash_update(EG(active_symbol_table), "http_response_header",
sizeof("http_response_header"), (void **) response_header, sizeof(zval *), NULL);
- }
if (!reqok) {
SOCK_FCLOSE(*socketd);
*socketd = 0;
free_url(resource);
-#if 0
if (location[0] != '\0') {
- return php_fopen_url_wrapper(location, mode, options, issock,
socketd, opened_path);
+ zval **response_header_new, *entry, **entryp;
+
+ fp = php_fopen_url_wrap_http(location, mode, options, issock,
+socketd, opened_path);
+ ELS_FETCH();
+ if (zend_hash_find(EG(active_symbol_table),
+"http_response_header", sizeof("http_response_header"), (void **)
+response_header_new) == SUCCESS) {
+ entryp = entry;
+ MAKE_STD_ZVAL(entry);
+ ZVAL_EMPTY_STRING(entry);
+
+zend_hash_next_index_insert(Z_ARRVAL_P(response_header), entryp, sizeof(zval *),
+NULL);
+
+zend_hash_internal_pointer_reset(Z_ARRVAL_PP(response_header_new));
+ while
+(zend_hash_get_current_data(Z_ARRVAL_PP(response_header_new), (void **)entryp) ==
+SUCCESS) {
+ zval_add_ref(entryp);
+
+zend_hash_next_index_insert(Z_ARRVAL_P(response_header), entryp, sizeof(zval *),
+NULL);
+
+zend_hash_move_forward(Z_ARRVAL_PP(response_header_new));
+ }
+ }
+ goto out;
} else {
- return NULL;
+ fp = NULL;
+ goto out;
}
-#else
- return NULL;
-#endif
}
free_url(resource);
*issock = 1;
+ out:
+ {
+ ELS_FETCH();
+ ZEND_SET_SYMBOL(EG(active_symbol_table), "http_response_header",
+response_header);
+ }
return (fp);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-CVS] cvs: php4 /ext/ldap ldap.c
venaas Fri Jan 12 14:08:26 2001 EDT
Modified files:
/php4/ext/ldap ldap.c
Log:
Added parallel search when given array of link identifiers
@- Made ldap_list(), ldap_read() and ldap_search() do parallel search when
@ first parameter is an array of link identifiers (Stig Venaas)
Index: php4/ext/ldap/ldap.c
diff -u php4/ext/ldap/ldap.c:1.78 php4/ext/ldap/ldap.c:1.79
--- php4/ext/ldap/ldap.c:1.78 Mon Jan 8 10:31:59 2001
+++ php4/ext/ldap/ldap.cFri Jan 12 14:08:26 2001
@@ -23,7 +23,7 @@
*/
-/* $Id: ldap.c,v 1.78 2001/01/08 18:31:59 eschmid Exp $ */
+/* $Id: ldap.c,v 1.79 2001/01/12 22:08:26 venaas Exp $ */
#define IS_EXT_MODULE
#include "php.h"
@@ -235,7 +235,7 @@
php_info_print_table_start();
php_info_print_table_row(2, "LDAP Support", "enabled" );
- php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.78 2001/01/08
18:31:59 eschmid Exp $" );
+ php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.79 2001/01/12
+22:08:26 venaas Exp $" );
php_info_print_table_row(2, "Total Links", maxl );
#ifdef LDAP_API_VERSION
snprintf(ldapapiversion, 31, "%d", LDAP_API_VERSION);
@@ -576,6 +576,37 @@
/* }}} */
+static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref)
+{
+ /* sizelimit */
+ if (sizelimit -1) {
+#if ( LDAP_API_VERSION = 2004 ) || HAVE_NSLDAP
+ ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, sizelimit);
+#else
+ ldap-ld_sizelimit = sizelimit;
+#endif
+ }
+
+ /* timelimit */
+ if (timelimit -1) {
+#if ( LDAP_API_VERSION = 2004 ) || HAVE_NSLDAP
+ ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, timelimit);
+#else
+ ldap-ld_timelimit = timelimit;
+#endif
+ }
+
+ /* deref */
+ if (deref -1) {
+#if ( LDAP_API_VERSION = 2004 ) || HAVE_NSLDAP
+ ldap_set_option(ldap, LDAP_OPT_DEREF, deref);
+#else
+ ldap-ld_deref = deref;
+#endif
+ }
+}
+
+
static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
{
pval **link, **base_dn, **filter, **attrs, **attr, **attrsonly, **sizelimit,
**timelimit, **deref;
@@ -586,7 +617,7 @@
int ldap_sizelimit = -1;
int ldap_timelimit = -1;
int ldap_deref = -1;
- LDAPMessage *ldap_result;
+ LDAPMessage *ldap_res;
int num_attribs = 0;
int i, errno;
int myargcount = ZEND_NUM_ARGS();
@@ -639,10 +670,14 @@
ldap_attrs[num_attribs] = NULL;
case 3 :
- convert_to_string_ex(base_dn);
convert_to_string_ex(filter);
- ldap_base_dn = (*base_dn)-value.str.val;
ldap_filter = (*filter)-value.str.val;
+
+ /* parallel search? */
+ if (Z_TYPE_PP(link) != IS_ARRAY) {
+ convert_to_string_ex(base_dn);
+ ldap_base_dn = Z_STRVAL_PP(base_dn);
+ }
break;
default:
@@ -650,6 +685,93 @@
break;
}
+ /* parallel search? */
+ if (Z_TYPE_PP(link) == IS_ARRAY) {
+ int i, nlinks, nbases, *rcs;
+ LDAP **links;
+ zval **entry;
+
+ nlinks = zend_hash_num_elements(Z_ARRVAL_PP(link));
+ if (nlinks == 0) {
+ php_error(E_WARNING, "LDAP: No links in link array");
+ if (ldap_attrs != NULL) {
+ efree(ldap_attrs);
+ }
+ RETURN_FALSE;
+ }
+
+ if (Z_TYPE_PP(base_dn) == IS_ARRAY) {
+ nbases = zend_hash_num_elements(Z_ARRVAL_PP(base_dn));
+ if (nbases != nlinks) {
+ php_error(E_WARNING, "LDAP: Base must either be a
+string, or an array with the same number of elements as the links array");
+ if (ldap_attrs != NULL) {
+ efree(ldap_attrs);
+ }
+ RETURN_FALSE;
+ }
+ zend_hash_internal_pointer_reset(Z_ARRVAL_PP(base_dn));
+ } else {
+ nbases = 0; /* this means string, not array */
+ convert_to_string_ex(base_dn);
+ ldap_base_dn = Z_STRLEN_PP(base_dn) 1 ? NULL :
+Z_STRVAL_PP(base_dn);
+ }
+
+ links = emalloc(nlinks * sizeof(*links));
+ rcs = emalloc(nlinks * sizeof(*rcs));
+
