Re: [PHP] Public/Private Key Encryption

2005-02-06 Thread Stig Venaas
On Sun, Feb 06, 2005 at 09:23:30PM +, Daniel Bowett wrote:
> Is there any way I can use public/private key encryption in php in a 
> similar way to mcrypt.
> 
> I have got php encrypting the data using gnugp but need to automate the 
> decrytping element which is proving difficult because of the way the 
> password is passed.

Don't know exactly what mcrypt does, but you can find an example of
public key crypto with PHP at http://www.venaas.no/php/

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Password in LDAP with php

2004-01-05 Thread Stig Venaas
On Mon, Jan 05, 2004 at 10:45:58AM -0500, Chakravarthy Cuddapah wrote:
> You can do this in PHP. Check this: http://us4.php.net/manual/en/ref.ldap.php
> I wrote a form in PHP to add users to LDAP, change passwords etc. Check this 
> https://www.cuddapahonline.net/ldap/ 
> I can send the forms if you want. 

I'm also planning to commit to PHP a new function that uses the LDAP
control specificed in RFC 3062 for changing passwords. I have some code
that might work... The point is that instead of updating the userPassword
attribute, doing your own hashing etc. you just give the LDAP server the
old and new password in clear text. This is very useful in cases where
the password isn't stored in the LDAP tree itself. It requires the LDAP
server to support RFC 3062 though, not sure if there are others than
OpenLDAP.

I would need some volunteer that could test a patch.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] racing NO domain names problems! (For nordmenn!)

2003-12-16 Thread Stig Venaas
On Tue, Dec 16, 2003 at 07:30:09PM +0100, Kim Steinhaug wrote:
> To solve this problem you need a norwegian keyboard so I

Nah, you can just cut and paste (:

> might aswell type the whole question in norwegian, sorry gyez!
> 
> ---
> 
> Jeg har støtt på noen problemer når det gjelder å konvertere
> domenenavn mot Norids egen ACE konverter. Jeg har prøvd
> med både POST metoder og GET metoder men resultatet blir
> uansett det samme.
> 
> Jeg sender en henvendelse til Norids side, og ønsker å parse
> resultatet, problemet er bare at Norids side nekter å godta selve
> bokstavene æøå av en eller annen grunn. En metode er eks.
> 
>  $page
> ='http://www.norid.no/domenenavnbaser/ace/?action=Convert&name=blåbær.no';
> $fd=fopen($page,"r");
>  while ($line=fgets($fd,1000)) {
>  echo $line; } fclose ($fd);
> ?>
> 
> Som du ser på det som kommer ut godtaes ikke ÆØÅ.
> 
> Jeg har prøvd å sende "blåbær" som "bl%E5b%E6r.no" men samme problem.
> Jeg tenkte kanskje det er en begrensning med GET eller at de har lagt inn en
> sperre på GET for å bare bruke POST, men den gang ei. POST med sockets
> gir samme resultat, uanhengig om man benytter "å" eller "%E5".
> Blir POST data kodet annerledes en GET data, altså "å"=>"%E5"?

In the document with the form, it says:



so I guess it will work if you use this encoding. But the document is
also in UTF-8, so you may have to do UTF-8 encoding first and then URL
encode that perhaps.

It works with e.g. mozilla, I guess you could also try to see what
exactly it sends.

Someone non-Norwegian might have suggestions regardig UTF-8 documents
and URL-encoding. I think browser sends post data with same charset
as the main document...

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] php / ldap

2002-11-04 Thread Stig Venaas
On Wed, Oct 30, 2002 at 09:28:00AM -0500, GC wrote:
> Hi, using php_ldapadd, I get this error in ldap.log:
> 
> Oct 30 09:23:43 Lunar slapd[10714]: conn=202 op=1 RESULT tag=105 err=65
> text=object class 'posixAccount' requires attribute 'uidNumber'
> 
> How do I get the next available uid number from my ldap database and then
> use that number for uidnumber?

This is a classic LDAP problem. If you have server side sorting you can
ask for uidNumber in sorted order, and set sizelimit to 1. Not all
servers support it though, and it's not easy to specify this in PHP.
Another possibility might be to remember last max, and only search for
larger values (of course you could search for all). Finally if you can
control how data is updated, you could have a special attribute in a
special object containing the highest uid, and update that whenever
you add a higher one.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] ldap_add problem

2002-10-26 Thread Stig Venaas
On Thu, Oct 24, 2002 at 04:37:56PM -0400, GC wrote:
> Hi, I wrote a simple page that tries to enter a string into a LDAP server.
> I get the following error:
> 
> Warning: LDAP: add operation could not be completed. in
> /var/www/html/user/adduser_p.php on line 65
> 
> Where in my log files can I go to look for more detailed info on that error,
> I don't know if I have logging enabled for slapd.  Thanks!!

There are a number of things that could be wrong, but the most likely
is access rights I suppose. The best way to solve this is indeed to
turn on more logging in slapd if necessary. Please see slapd
docs for how to do this.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Re: LDAP (NDS) authentication example...

2002-09-22 Thread Stig Venaas

On Thu, Sep 12, 2002 at 09:37:22AM +1000, joshua wrote:
> i'm not sure if i follow you. i have never used ldap to write 
> authentication scripts as i've only used the .htaccess method.
> 
> to retrieve data you need to bind using a username/password combination 
> that is valid. i guess you could test your user's username/password by 
> using it to attempt a bind.

The example below is correct, however in many cases you can avoid the
anonymous search. If say for all users you have entries with dn's like

uid=dj, o=users, dc=mycompany, dc=com

you can just do 

$dn = "uid=$inp_uid, o=users, dc=mycompany, dc=com";
$ds = ldap_connect("ldap.someserver.com");
$r = ldap_bind($ds, $dn, $inp_passwd);

and check whether $r is true. Someone reported that there is some
implementation where this is falsely true for empty password, so
prior to this I would chech that the password string is non-empty,
just to be sure.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] LDAP Authentication problem

2002-09-08 Thread Stig Venaas

On Wed, Sep 04, 2002 at 03:58:18PM -0400, Brad Harriger wrote:
> I'm trying to retrieve information from an NDS server using LDAP 
> functions in PHP 4.06.  I am able to establish the connection and bind 
> to the server using an anonymous bind, but when I try to bind as a valid 
> user, the app seems to run in an infinite loop.  I'm not sure where to 
> look for the cause of this problem.  Any suggestions would be appreciated.

The app, is that your PHP script? Or is it the LDAP library (PHP is
stuck in ldap_bind()?), or is it the NDS server? Perhaps you should
try to authenticate and search with ldapsearch or similar tool and
see if it happens then?

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] PHP and LDAP over SSL

2002-09-08 Thread Stig Venaas

On Wed, Sep 04, 2002 at 02:26:49PM +0200, Søren Henning Dalgaard wrote:
> I can make an ldap_connect with the ldaps://hostname/ parameter but what
> next:
> How can make an ldap_bind command?
> How can I encrypt and decrypt the data?

When using ldaps:// all communications are through SSL, you do bind
etc as usual and your data will be tunneled through SSL.

> How do I specify a key/certificate for encrypting and decrypting?

For SSL and the necessary encryption you only need a certificate at
the server. It seems you have done this, that is enough for the
communications to be encrypted. You may want to give your client a
certificate for the CA that signed the server certificate, see my
mail on LDAP and SSL on php-general from Aug 26th (and the mail I
replied to). It is also possible to give the client a certificate if
you want the server to know which client it is talking to.

For details on LDAP and SSL I suggest you look at OpenLDAP docs, in
OpenLDAP list archives etc. Doing SSL with OpenLDAP is the same
when using PHP and other tools. Using ldaps:// in the connect is
similar to using -H ldaps:// to OpenLDAP tools like ldapsearch etc.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] PHP and LDAP over SSL

2002-08-25 Thread Stig Venaas

On Fri, Aug 23, 2002 at 11:52:11AM -0500, Curtis Robinson wrote:
> So, I see that php does not have the CA.  But, I have no clue as to where
> to define the location of the CA in the php configuration.  So, does
> anyone know how I can configure this option?

Are you using OpenLDAP? The below is only valid for OpenLDAP.

When you tested on the command line, didn't you modify your ldap.conf?
Anyway, in ldap.conf you can specify:

TLS_CACERT /path/to/ca.crt

Make sure that this file is readable by your webserver.

You might also want to specify the following in .ldaprc (in the
users home directory):

TLS_CERT /path/to/client.crt
TLS_KEY /path/to/client.key

If you run apache as say nobody, they must be in the home directory
of nobody I guess...

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] ldap_rename refused to work

2002-08-14 Thread Stig Venaas

On Wed, Aug 14, 2002 at 02:18:58AM -0700, Roger Thomas wrote:
> built: php-4.2.2 with openldap 2.0.25
> 
> i tried using the ldap_rename function to modify the dn of my ldap db but
> nothing seems to happen. the record was not change at all. i have followed
> closely the code-snippet that was given by Mr Stig Venaas at:
> http://marc.theaimsgroup.com/?l=php-general&m=100949195224325&w=2

But you're not doing what I wrote...

> // we want to transfer user roger from Civil Engineering to Credit section in
> Finance
> $r=ldap_rename($ds,
> "uid=roger,ou=People,ou=Civil,o=Engineering,dc=mydomain,dc=net",
> "uid=roger,ou=People,ou=Credit,o=Finance,dc=mydomain,dc=net",
> "dc=mydomain,dc=net",TRUE);

The third parameter should be the new rdn (which is the same as the old),
and the fourth should be new parent. So it should look like this:

$r=ldap_rename($ds,
"uid=roger,ou=People,ou=Civil,o=Engineering,dc=mydomain,dc=net",
"uid=roger",
"ou=People,ou=Credit,o=Finance,dc=mydomain,dc=net", TRUE);

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Please help with array_diff()

2002-08-09 Thread Stig Venaas

On Fri, Aug 09, 2002 at 07:50:46PM +0200, Gandalf wrote:
> Well of course $foo[0] contains the first dimension of the $foo array and 
> the same goes for $bar[0].
> 
> It is still not working as it should, i am close to going nuts.

If I understood you correctly, there is no element 0 in $foo and
no element 0 in $bar, only name and email or whatever it was.
The array array("name"=>"Gandalf", "email"=>"[EMAIL PROTECTED]") for
instance has no 0 element.

Or did I misunderstand you? When trying to understand how things work
or asking for help it's good ti simplify the script as much as possible.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] ldap_modify parameters?

2002-08-02 Thread Stig Venaas

On Thu, Aug 01, 2002 at 09:52:12AM -0400, Chad Day wrote:
> Also tried that, no success, unless I am missing something.
> 
> ...
>   $info["st"]="stchanged!";
> ...
> 
>   ldap_modify($ds, 'uid=testing,cn=online-leagues.com', $info);
> 
> Fatal error: LDAP: Unknown Attribute in the data in
> /usr/local/www/sites/online-leagues.com/htdocs/ldapform.php on line 31

The problem is that $info contains not just the LDAP data, but also
a list of attributes, like say $info[2] == "st". I wish that were
never put in there, but we have to live with it now. You either have
to create a new array with exactly you want in the entry (or I guess
remove these extra values, use var_dump($info) and you should see
what I'm talking of), or instead use ldap_mod_replace() using say

$mods["st"] = "stchamged";
ldap_mod_replace($ds, 'uid=testing,cn=online-leagues.com', $mods);

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Re: ldap_add() - null values in fields produce an "value #0 invalid per syntax" error on ldap server

2002-08-02 Thread Stig Venaas

On Thu, Jul 18, 2002 at 08:17:59PM -0500, Richard Lynch wrote:
> #0 is basically just LDAP's way to represent NULL, most likely.
> 
> >$info["mail"]="";  // <- NULL VALUE HERE
> >// The following lines also produce the same result...
> >//$info["mail"]=NULL;  // <--- NULL value here
> >//$info["mail"]="\0";  // <--- NULL value here
> >//$info["mail"];   // <--- NULL value here
> 
> Whoa!
> 
> Never mind.
> 
> Something is very broken in the LDAP stuff if '' and NULL from PHP are being
> turned into NULL in LDAP, and then LDAP complains about it...

Nah... "" and NULL (and I suppose "\0") are all being changed to the
string "" before PHP attempts to add it. What I think the LDAP server
tries to say, is that the syntax doesn't accept an empty string as
value. I tried to create an LDIF file containing an attribute with no
value, like this:

dn: cn=stig,o=photos,dc=venaas,dc=no
objectClass: photo
cn: stig
description:

and I got exactly the same error from ldap_add(1). So this is in my
opinion an LDAP issue and not a PHP issue. OpenLDAP 2 has more
proper schema checking. Perhaps you could try to turn off schema
checking? Or I guess in theory the syntax for the relevant attribute
could be made more relaxed. You could try to ask about this on the
openldap-software list if you need more LDAP help.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Image out of LDAP

2002-07-30 Thread Stig Venaas

Hi

On Tue, Jul 30, 2002 at 09:00:09AM +0200, Manuel Vazquez wrote:
> Good morning,
> 
> I'm running a OpenLDAP database which includes JPEG photos for some entries.
> The purpose is to view these images on a web page. Unfortunately I do not
> have much experience with PHP so any help would be very appreciated.

The archives should be useful. See

http://marc.theaimsgroup.com/?l=php-dev&m=102495056502016&w=2

for the general idea. For the actual script, have a look at

http://marc.theaimsgroup.com/?l=php-general&m=93635963618041&w=2

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] PHP and geographic maps

2002-07-12 Thread Stig Venaas

On Thu, Jul 11, 2002 at 04:26:38PM -0700, Lazor, Ed wrote:
> I was just checking it out.  That map is awesome!  What's funny is that it
> even has an option to display the picture of a house at the coordinates you
> specify.
> 
> Thanks for the compliment *grin*  I have no idea why I didn't.  Probably
> just got lazy hehe  My only excuse is that I think vacation mode has kicked
> in - even though it doesn't technically start until tomorrow evening.

I'm also very interested in this stuff. I have some plans for storing
geographical coordinates in a database (LDAP in my case) and plot
locations on a map. I have some simple stuff misusing mapblast, see
http://www.venaas.no/whereami/

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] ./onfigureing php

2002-06-25 Thread Stig Venaas

On Tue, Jun 25, 2002 at 03:33:28PM -0400, [EMAIL PROTECTED] wrote:
> I am trying to configure php4.2.1 with following commands
> on a Redhat 7.2 box
> 
> ./configure --with-mysql --with-apache=../apache_1.3.20 
> --enable-track-vars 
> --with-imap=../imap-2001.RELEASE-CANDIDATE.1 
> --with-config-file-path=/opt/apache --with-ldap=/usr/local 
> --with-gd --with-jpeg-dir=/usr/local --with-jpeg 
> --with-xpm-dir=/usr/local --with-xpm --with-ttf=/usr/local 
> --with-snmp=/opt/ucd-snmp
> 
> However i am getting the following error.
> "configure: error: Cannot find ldap.h"
> 
> I have configured and comnpliled openldap-2.0.15 
> with the following commands
> 
> ./configure --prefix=/usr/local/openldap2.0.15 

Since openldap is installed in /usr/local/openldap2.0.15 you should
use --with-ldap=/usr/local/openldap2.0.15 when configuring PHP.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Binding to LDAP/SASL w/PHP

2002-04-19 Thread Stig Venaas

Hi Quinn

I see no one has responded yet. As I said on the OpenLDAP list, this is
not currently possible. Maybe I implement something some time in the
future, but patches would be welcome... If no one responds, I suggest
you go to http://bugs.php.net/ and submit a feature request. Or you
could of course help implement something if you like.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] cannot see LDAP userPassword and createTimestamp attr

2002-03-21 Thread Stig Venaas

On Tue, Feb 26, 2002 at 07:42:15PM -0800, tim tom wrote:
> why can't i see the createTimestamp and userPassword bcos i did an *authenticated 
>bind* !
> the script:

This depends on the LDAP server. createTimestamp is an operational
attribute and is not returned by default. You can specify explicitly
that you want this attribute, or use the magical name "+" to get all
operational attributes. The userPassword attribute is normally
protected but it seems like you fixed that. I think the problem you
see is that PHP always returns attributes in lower case. It might be
a good idea to do var_dump() of array returned by ldap_get_entries()
to see what's in it.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] PHP and OpenLDAP

2002-01-07 Thread Stig Venaas

On Thu, Jan 03, 2002 at 10:42:30AM -0700, Quinn Perkins wrote:
> I have installed OpenLDAP 2.x on an OS X Server 10.1.2 box. Everything 
> seems to be fine. I have written a simple PHP front end to modify LDAP 
> values. I can modify values in the core.schema without any problem, but 
> if I try to modify anything in cosine.schema or inetorgperson.schema, I 
> get an error (Warning: LDAP: modify operation could not be completed. in 
> ldapeditor.b2.php on line 247)
> 
> This ONLY happens when I try and modify a value in a schema other than 
> core.schema. The project I am working on will require use of cosine and 
> inetorgperson schemas. This is a test page to make sure I can read/write 
> values.

I see you don't modify the object class, does the current object class
allow the new attributes. If say the current class is person, you will
get an error.

You could also try to look at your slapd log. You could also get a
lot of useful info from slapd by starting it in debug mode (-d7) or
some other number than 7 perhaps.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] ldap rename, anyone? help!

2001-12-27 Thread Stig Venaas

I'll try to help you out.

On Wed, Dec 19, 2001 at 04:10:32PM +, Greg Ulyatt wrote:
> I can set the LDAP version no problem (from 2 to 3 to have this
> function), but every time I try anything with the ldap_rename function,
> it comes back as an unsupported call (protocol error). Does anyone out
> there know why this would happen and how to get ldap_rename working?

I'm thinking of improving ldap_rename() a bit, but doesn't it work if
you do ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3) prior to
binding, and then supply non-zero strings for all "dn" arguments?
Something like:
ldap_rename($ds, "uid=foo,dc=my-company,dc=com", "uid=bar",
"dc=my-company,dc=com", TRUE);

If this doesn't work, let me know and I'll do some research and apply
the necessary fix. I've been planning for a while to make ldap_rename()
more usable (work with old API, v2 etc).

Sorry for not responding before,

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] Again (still?) problems with php and ldaps

2001-12-06 Thread Stig Venaas

On Thu, Dec 06, 2001 at 12:08:12PM +0100, Susanne Benkert wrote:
> After recompiling my Php with the newest LDAP-Libraries and Openssl
> "ldap_connect("ldap://hostname";)" works. But I still have problems with
> "ldap_connect("ldaps://hostname")": 

Could you check whether ldapsearch -H "ldaps://hostname" works? PHP
should work if and only if this works. As hostname you should use
the same as the CN in the certificate, probably the FQDN (full
hostname and domain).

> What did I wrong? Does Php need its own Key/Certificate (as client
> certificate)? Or is something wrong with my server certificate of Ldap?
> (But I can't imagine, because other actions like ldapsearch already seem
> to work with TLS.) 

Did you also try with -H ldaps:// and the same hostname? Client
certificate is only needed if you put "TLSVerifyClient 1" in
slapd.conf on the server.

> Has anything should be change in the configuration of php when using it
> with SSL and Openldap?

No.

I suggest you try to get ldapsearch -H ldaps://host/ to work first.
If it doesn't work (and you don't get more answers here), please ask
on the OpenLDAP lists. If you get ldapsearch -H to work, but not PHP,
then this is the place to ask or submit a report at bugs.php.net. I'm
pretty sure ldapsearch -H will give the same error though.

I see now that you did mail the OpenLDAP list as well. I think that
is the right place, but there is a danger people there will think
it's a PHP problem. If you don't get answers there, test with
ldapsearch -H, and if that fails, post that on the OpenLDAP list as
well, since in that case PHP isn't involved.

I could try to provide more help if necessary, but I'll be mostly
available for over a week now, so I hope some others will offer
help as well.

Don't give up,

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] ldap_connect("URI")?

2001-12-04 Thread Stig Venaas

On Tue, Dec 04, 2001 at 12:19:24PM +0100, Susanne Benkert wrote:
> > This works for me. For ldap_connect("ldap://hostname";) to work, you need
> > OpenLDAP 2.x libs but that's all. Are you sure PHP is using that library?
> 
> I'm quite sure, because other ldap functions work properly such as
> ldap_connect("hostname"); or ldapsearch()...
> I already have a few PHP websites which are using these functions
> without problems. Only the newer ones like ldap_set_option() or
> ldap_start_tls() or (as mentioned) ldap_connect() with an URI don't
> work, although I use a PHP version that should support these things.
> 
> Are there any additional libs for that?

It really sounds like you are using PHP with another LDAP library than
OpenLDAP 2.x or Netscape. If you could recompile PHP, could you try to
see what LDAP library is used in the compilation? Maybe you can see it
by grepping for ldap in config.log. Could you check if you have the
file ldap.h in several locations. Has all the ldap.h you find got
something like this inside them:
#define LDAP_API_VERSION   2004

PHP checks for this to determine if ldap_set_option() etc. should be
included.

If the ldap.h comes from OpenLDAP 2.x, LDAP_API_VERSION should be
defined.

Stig


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] PHP & LDAP

2001-12-04 Thread Stig Venaas

On Tue, Dec 04, 2001 at 07:41:14AM +0800, Hafiz Malik wrote:
> hi there..
> i'm succesfully add ldap entry(jpegphoto) using PHP via below codes..
> but failed to modify it.. any ideas?

Not really. Could you check what ldap_modify() returns, did you get
any warnings from PHP? Turn on more debugging if necessary. Could
you also try to do the same operation with ldap_modify on the
command line? It might also be good to check your LDAP server logs
(turn on more debugging if necessary).

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] ldap_connect("URI")?

2001-12-04 Thread Stig Venaas

Hi again Susanne, I'm on this list too...

On Tue, Dec 04, 2001 at 11:13:51AM +0100, Susanne Benkert wrote:
> The LDAP server is already recompiled and running with ssl/tsl-support.
> PHP-4.0.6. is compiled "with-openssl". But when I try to use
> "ldap_connect('ldaps://hostname/')" like suggested in the manual, the
> script can't connect the server. Also 'ldap://...' or 'http://..' don't
> work, so it seems, that PHP doesn't support URIs in this position, but
> according to the manual it should do.
> 
> What's wrong with my script or my installation?
> Thank you for your support.

This works for me. For ldap_connect("ldap://hostname";) to work, you need
OpenLDAP 2.x libs but that's all. Are you sure PHP is using that library?
If you use for instance Linux, you could try to check with "ldd binary".
Also when you configure PHP, you can try --with-ldap=ldapinstalldirectory
and not just --with-ldap. When this is working, you can start thinking of
ldaps.

For ldap_connect("ldaps://hostname") to work, you need to compile the
OpenLDAP 2.x libs with SSL/TLS, and also configure PHP with --with-openssl.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] LDAP sorting

2001-11-30 Thread Stig Venaas

The LDAP sorting code I posted a couple of days ago was a bit lacking.
Here's a function that should work:

function myldap_sort($data, $attr) {
// -1 because of the count entry
echo "#", $n = count($data) - 1;
for ($i=0; $i<$n; $i++) {
$a[$i]=$data[$i][$attr][0];
}
asort($a);
reset($a);
for ($j=0; list($i,) = each($a); $j++) {
$sorted[$j] = $data[$i];
}
return $sorted;
}

It's not fast, but should work. Example usage:
$info = ldap_get_entries($ds, $sr);
$sorted = myldap_sort($info, "cn");

It assumes that the attribute specified is present in all the entries,
and only uses the first value of the attribute.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] Memory leaks with LDAP?

2001-11-29 Thread Stig Venaas

On Thu, Nov 29, 2001 at 09:38:19AM -0700, Darren Gamble wrote:
> Hey all,
> 
> Has anyone else had problems with memory leaks using PHP's LDAP functions?

Yes

> I'm running php-4.0.6-7 as a module for apache-1.3.20-16; all Redhat 7.2
> RPMs.
> 
> I posted a message on the PHP bug page recently, but, by reading the posting
> guidelines on that page it seems that there is a good chance that no one
> will even look at it.  I'm hoping that someone on this list has encountered
> something similar and would be able to share their resolution.

I'm trying to keep track of all LDAP related reports. If yours haven't
been attended to, please give me the report number.

A number of leaks have been fixed recently, could you test with a recent
snapshot from snaps.php.net (or CVS)? I think the fixes will be in 4.1.0
as well, you might test it (or one of the RCs) when it's released
shortly. If you still see leaks, please mail me a shortest possible
script that demonstrates the problem.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] LDAP server side sorting

2001-11-28 Thread Stig Venaas

On Wed, Nov 28, 2001 at 05:26:22PM +0200, Christos Sintoris wrote:
> 
> Server side sorting is useful when network traffic costs more than
> processing time. 

Yes, there are some exceptions.

> The server side sorting control in conjunction with the virtual list
> view control returns only a subset of entries to the client. 

Yes.

> In the PHP Manual is stated that is possible to set ldap controls using
> the ldap_set_option directive. This however does not seem to work. The
> code I used to try this is below.
> 
> I would like to know if anyone has tried it successfully or has any
> experience in setting up server side controls through php.

I have, it works. If you were to use it for this, you would have to BER
encode a sequence and pass a string not an array. But that's not the
main problem. The way I interpret RFC 2891, the server side control is
to be sent along with the search operation, not as a individual
operation. This is not currently supported in PHP. I'm sort of planning
to implement it. I'm not able to test it though, if you or others know
of a publicly available server that I can test against, let me know
(okay, I could probably find one myself with some digging around).

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] LDAP sorting

2001-11-28 Thread Stig Venaas

On Wed, Nov 28, 2001 at 03:08:52PM +0930, [EMAIL PROTECTED] wrote:
> Hi All-
> 
> Can anyone tell me if PHP's LDAP functions support "server side sorting of
> search results" as defined in this RFC:
> 
> http://www.ietf.org/rfc/rfc2891.txt

Not currently, maybe it will...  Depends on how many wants it.

> Sorting results from LDAP searches in PHP is a pain because of the
> structure
> of the result array.

Yes, but I think that's a poor excuse for doing it on the server side.
I think this should be done by the client in most cases.  One might
also need to take the clients locale into account when sorting the
data.

> Alternatively if anyone has a nice function for sorting the array returned
> by
> ldap_get_entries() by any desired attribute, that would be a great help
> also.

It's not that hard.  What I do, is that I create a new simple array
with just the attribute values I want to sort on and preserve the
indices of the result array.  Next I sort that array (again
preserving indices).  The indices of the sorted array now give me
the order I should use when displaying the entries from the result
array.  Not that hard, it looks something like this:

$n=ldap_count_entries($ds,$sr);
$info = ldap_get_entries($ds, $sr);
ldap_free_result($sr);

for ($i=0; $i<$n; $i++) {
$cn[$i]=$info[$i]["cn"][0]);
}
asort($cn);
reset($cn);
for ($j=0; list($i,) = each($cn);) {
  $sorted[$j] = $info[$i];
}

Anyway, the next PHP release (in CVS or snapshots now) will have a
function ldap_sort() for client side sorting.  After you've done
the search, simply do ldap_sort($ds, $sr, "cn");
and you have sorted the results on cn, and you access the result
as usual afterwards.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] LDAP server side sorting

2001-11-28 Thread Stig Venaas

Hi

On Tue, Nov 27, 2001 at 04:08:39PM +0200, Christos Sintoris wrote:
> Does anybody know how to call ldap_set_option in order to use server side
> sorting?
> 
> using:
> $sortval="{'cn', 0,1}";
> $ctrl1 = array("oid" => "1.2.840.113556.1.4.473", "value" =>$sortval);
> ldap_set_option($ds, LDAP_OPT_SERVER_CONTROLS, array($ctrl1));
> 
> reports success, but ldap_get_option() returns nothing and a subsequend
> ldap_search
> returns protocol error. I use LDAP V3 (iPlanet).

I think perhaps the control would have to be given as part of the
search (which is not possible in PHP right now).  Support for this
might be added if several people find it useful.  Why do you want
server side sorting?  How about sorting it on the client side?
Next PHP release (in CVS now) will have a function ldap_sort()
that helps you do it on the client.  After the search, you can
simply do ldap_sort($ds, $sr, "cn"); if you want to search on cn.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] problem with function array_* that preserved the key

2001-11-14 Thread Stig Venaas

On Sat, Nov 03, 2001 at 03:54:23PM -0500, Reuben D Budiardja wrote:
> since the key are preserved, arrC is no longer indexed from 0. Well, in most 
> cases I don't care about the key if it's just indexed array. But since the 
> key I preserved, I can no longer do
> 
> for($i=0; $i   echo $arrC[$i];
> 
> if it happens that the returned indedex in array C 19, 20,25, for example. 
> Any workaround?

There are many other ways you could traverse the array, but I think
array_values() does what you want.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] array_unique() workaround?

2001-11-14 Thread Stig Venaas

On Wed, Nov 14, 2001 at 09:17:03AM +0100, Spunk S. Spunk III wrote:
> I'm working on a script that needs array_unique() but my host is using 4.0.4
> and it's broken in that build. Does anyone have a good workaround for this?
> I can wait for my host to upgrade but if I release this code, it would be
> better to have the workaround...
> 
> I just need a good way to check for dups in an array and remove them. I
> can't get my brain around it...

If you can sort the array, it is quite easy, simply sort it and look for
consecutive values that are equal.

Depending on your values, you might also try array_flip() twice. The
values becomes keys and keys values, and then back again. You will
then have unique values.

Yet another way could be to use array_count_values() perhaps.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] User Authentication against remote authentication serve r [ LDAP ]

2001-10-31 Thread Stig Venaas

On Mon, Oct 29, 2001 at 04:54:37PM -0700, Johnson, Kirk wrote:
> Thanks for the link, Kurt. Can you also point to any authentication code
> examples, or further discussion? The user comments in the manual suggest
> there are at least a couple ways to code stuff, ldap_compare vs ldap_bind.
> Any additional help appreciated.

I might be able to help if you have some more precise questions, but
basically there are two ways LDAP can be used. You can either use it
as a data store or you can have LDAP make the authentication decision
for you. If you want the user to supply username and password, the
authentication can be done as follows:

As data store:

Hopefully the passwords are stored encrypted. Then there are two ways.
If the password is stored encrypted with some unknown salt where the
salt is stored together with the password (like the traditional UNIX
way), your PHP script retrieves the encrypted password from LDAP,
checks the salt, encrypts the user supplied password using the salt,
and compare the two. If you don't use a salt you can encrypt the
password from the user and just do an ldap_compare to check that it's
the same as in the LDAP server. You get better security by not allowing
people to read the encrypted passwords from LDAP. To store passwords
"encrypted" in LDAP, SHA1 might be a good choice, PHP has this.

As decision maker:

You can simply bind to the server on behalf of the user, you use the
user supplied username and password as arguments to ldap_bind(). If
the bind succeeds, you let the user access your stuff. In this case
you should consider using SSL/TLS for talking to the server.

There are other ways to authenticate with LDAP, RFC 2829 gives a good
overview. You can find it at for instance
http://www.ietf.org/rfc/rfc2829.txt

I could go into more detail, but to write a complete general overview
would be a lot of work. You might also have a look at a really short
presentation I've made at
http://www.uninett.no/info/seminar/gnomis/ldapauth.pdf

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] php+apache 2

2001-10-02 Thread Stig Venaas

On Wed, Oct 03, 2001 at 01:32:13AM +0200, Jiri Mikulas wrote:
> sapi_apache2.c: In function `php_input_filter':
> sapi_apache2.c:248: too many arguments to function `ap_get_brigade'

I haven't looked that much at the code, you could perhaps try to
simply remove the last parameter... Not sure how well that would
work. I build with 2.0.18, I then had to remove the last parameter
in the ap_save_brigade call. Perhaps the best thing is to get the
latest from http://dev.apache.org/dist/.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] Generating UTF Files

2001-09-20 Thread Stig Venaas

On Thu, Sep 20, 2001 at 02:57:43PM +0200, Jens Kisters wrote:
> Hello,
> 
> I was asked to generate files in UTF-8 Format, where can i find infos on
> this?
> Is it a multi-byte charset?
> How do i use other charset in PHP? can i just switch to another charset and
> then make $a="a"; where a is the UTF reprensentation of 'a'?
> or will i have to mold bytes together myself using chr() ?

UTF-8 is only an encoding not a charset. You can use utf8_encode() and
utf8_decode in PHP. I think Unicode is often used with UTF-8.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] Compution of Fibonacci

2001-07-30 Thread Stig Venaas

On Tue, Jul 31, 2001 at 11:59:07AM +0500, Saquib Farooq wrote:
> hi
> 
>   well first of all you have to remove the colon -- ";" sign from
> the end of your while loop .. that will solve the problem for the time
> out.
>   then there is problem with your code, this code will never get you
> the fibonacci since the variable a,b and c never go abone 0, see. :).

Just in case anyone is interested... If you want to find the n'th
Fibonacci number and not go through the entires sequence, you can
use the formula:

F(n) = ( P^n - (-P)^(-n) ) / sqrt(5) where P = (1 + sqrt(5))/2

and it's also possible to extend Fibonacci numbers to negative n.
Pretty fascinating (:

Also, if you have F(n) you can find F(n+1). Let x denote F(n).

F(n+1) = floor( (x + 1 + sqrt(5x^2)) / 2).

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] LDAP trouble! Need help

2001-06-21 Thread Stig Venaas

Hei

On Wed, Jun 20, 2001 at 03:04:06PM +0200, Stig-Ørjan Smelror wrote:
> I have some problems while printing out values of attributes-types which
> have "Equality" and/or "Substrings" values.
> 
> Example:
> 
> $get_values = "".$info[0]["title"][0]; # OK. (prints out the value
> correct)
> 
> $get_values = "".$info[0]["postalCode"][0]; # NOT OK. (prints out
> nothing)
> 
> the "title" and "postalCode" attributes are even in the same objectclass
> (organizationalPerson), but
> the "postalCode" attribute has Equality=caseignoreMatch and
> Substrings=caseIgnoreSubstringsMatch ...

The matching doesn't make any difference. I bet the reason is that you
need to use "postalcode" rather than "postalCode" as index. It might
be a good idea to do var_dump($info) to see what it contains.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] Secure LDAP and php 4.0.4pl1

2001-06-21 Thread Stig Venaas

Hi

On Tue, May 22, 2001 at 10:18:38PM -0400, Scott Russell wrote:
> So, what can be done to alter the php ldap functions (and openldap libs?) so 
> that you can choose the SSL protocol to use when connecting? 

Sorry for the very late answer.

The way I see it, this is something that would require changes in the
openldap libs, but not in PHP. The best solutions I can think of are:

1. Configuration options in ldap.conf where you also can configure other
   SSL stuff. Don't remember if version can be configured currently, I
   would guess not.

2. Some sort of option in the ldaps URL.

I think 1 would be cleanest except that the easy fix would set the
version for all LDAP SSL connections.

I suggest you bring this up on the OpenLDAP mailing lists. I think
you should ask how to force openldap libs to use SSL version 2, no
point in discussing PHP.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] Secure LDAP and php 4.0.4pl1

2001-05-21 Thread Stig Venaas

On Mon, May 21, 2001 at 07:48:27PM -0400, Scott Russell wrote:
> Using php 4.0.4pl1 with ssl and ldap support I'm connecting to a secure ldap
> server. I want to be able to specify which level of ssl support I use,
> either ssl1, ssl2, or ssl3. By default it appears as if php is trying to
> connect using ssl3 which on my server fails during the ssl handshake.
> 
> How can I tell the ldap_connect() / ldap_bind() functions to use ssl2 instead?

All the work is done by the LDAP library, PHP just calls the LDAP library
with ldaps://hostname, and the library does the rest. You would need to
specify it in ldap.conf or something if at all possible.

There was a problem with SSL/TLS and SASL in OpenLDAP. This should be
fixed in 2.0.8, perhaps you should try without SASL if your library is
compiled with SASL support. I've never had to care about ssl versions,
I thought that should be worked out automatically.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




[PHP] Re: [PHP-DEV] Dynamic Update of DNS ??

2001-05-08 Thread Stig Venaas

On Tue, May 08, 2001 at 08:35:37AM -0400, Stig Sæther Bakken wrote:
> [Stig Venaas <[EMAIL PROTECTED]>]
> > the LDAP back-end, see http://www/dns/bind/bind-sdb/. If you look at
> ^^^
> I guess this will take most people to somewhere else than they
> expect. :-)
> 
>  - Stig

Yes, I've got a few mails on this, I was in a hurry and just did a
cut'n'paste. Almost as fun as telling people to go to localhost...
The correct URL is http://www.venaas.no/dns/bind/bind-sdb/

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




[PHP] Re: [PHP-DEV] Dynamic Update of DNS ??

2001-05-07 Thread Stig Venaas

On Mon, May 07, 2001 at 06:54:53PM +0200, Vincen Pujol wrote:
>  Hi,
>  Sorry for the crossposting but I don't know where to find a 
> solution for this. I need to be able to update dynamically entries in a DNS 
> (Bind 9). My DNS supports dynamic updates but how to do dynamic updates in 
> my DNS server from a PHP Script ??

Might be interesting to add such a thing to PHP as a PEAR extension
maybe, but you could use a separate program for that, and just execute
it from PHP. Another possibility is to use my LDAP back-end for BIND
rather than dynamic updates. The effect is mostly the same. BIND will
look up the data in LDAP every time (lose some performance, normally
not a problem), and you can modify the data at any time from for
instance PHP by accessing the LDAP server. If anyone wants to look at
the LDAP back-end, see http://www/dns/bind/bind-sdb/. If you look at
it, please look at version .4 and the dnsZone. Versions prior to .4
shouldn't be used any more, I'll change the web page shortly.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] PHP, LDAP & ldap_set_option

2001-04-11 Thread Stig Venaas

On Wed, Apr 11, 2001 at 02:07:04PM +0200, Holger Flocken wrote:
> Hi,
> 
> I want to use the LDAP functions of PHP to process every entry in an LDAP
> directory. Unfortunately the directory contains more than 2 entries and
> the PHP LDAP functions
> (ldap_search/ldap_list) report that the timelimit (30 seconds) has been
> exceed.
> 
> I tried to use ldap_set_option($ds, LDAP_OPT_TIMELIMIT, 0), but this
> function doesn't seem to work properly.
> 
> I'm currently using Apache 1.3.19 with PHP 4.0.4pl1 and Netscape LDAP SDK
> version 4.1.
> 
> Does anybody know how I can remove the time limit?

If the LDAP server supports it and is willing the option should work.
You might want to look at the server config if you are able to. To
test if the option works, you might try to set the timeout to say 10s.
If it works I expect you to be able to shorten the timeout, but the
server might refuse extending it.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] array_diff usage

2001-04-02 Thread Stig Venaas

On Mon, Apr 02, 2001 at 05:15:26PM +0200, Martin Skjöldebrand wrote:
> I'm afraid I dont quite under stand the output you gave (maybe ... or do 
> you mean var_dump included the number of the array elements?)

First I echoed the number, then var_dump() also printed it, try
var_dump yourself.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] array_diff usage

2001-04-02 Thread Stig Venaas

On Mon, Apr 02, 2001 at 12:41:07AM -0700, V e r b a l wrote:
> I'm daft. I don't understand the PHP Manual.
> 
> I have two arrays:
> Open[0] contains 1 2 3 4 5
> Closed[0] contains 1 2

So the arrays contain one string each? array_diff() won't work then.
Try this:

$a = array(1, 2, 3, 4, 5);
$b = array(1, 2);
$test = array_diff($a, $b);
$lines = count($test);
echo $lines;
var_dump($test);

The output should be:

3array(3) {
  [2]=>
  int(3)
  [3]=>
  int(4)
  [4]=>
  int(5)
}

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] PHP LDAP & SSL

2001-03-06 Thread Stig Venaas

There's been some discussion on the OpenLDAP lists as well, and there
seems to be a fix around. See
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=889

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] PHP LDAP & SSL

2001-03-06 Thread Stig Venaas

On Tue, Mar 06, 2001 at 11:22:55AM +0100, Matthieu Le Corre wrote:
> i don't use SASL
> so when i use ldapsearch without -x 
> I get "ldap_sasl_interactive_bind_s: Unknown authentication method"
> but it doesnt crash !

Okay, the other guy had a crash there. For me it works without -x and
I don't use SASL either.

> when i use php ldap functions with ssl 
> php doesn't crash but juste an Apache child crash !
> so you think that if i compile openldap without SASL i will work ?
> i 'm really not sure because it's not that it doesn't work it's just crash ;(

The Apache child probably crashes because of segfault or something in the
LDAP code, but there could be other reasons. In theory you should get the
same behavior with ldapsearch as from PHP.

I'm not sure of anything, but what I would have done to debug it, is to
use gdb either on the Apache process or on a stand-alone PHP. I prefer
debugging with a stand-alon binary myself. Then run PHP with your script
and see what happens. If you get a seg-fault or other crash, you can try
to use gdb as I explained with ldapsearch to see where PHP crashes.
Compiling PHP stand-alone is easy, do configure with just --with-ldap.
You don't have to install it either, just run the resulting php binary.
If it says something abous sasl where it crashes, I would try to compile
OpenLDAP without SASL and then link PHP with the resulting libraries.

If you try gdb on the PHP binary and get some message not related to sasl,
or have problems using gdb, let me know.

Stig

-- 
Duct tape is like the force.  It has a light side, and a dark side, and
it holds the universe together ...
-- Carl Zwanzig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] PHP LDAP & SSL

2001-03-06 Thread Stig Venaas

On Tue, Mar 06, 2001 at 10:54:24AM +0100, Matthieu Le Corre wrote:
> Hum the ldapsearch work fine !!!
> with the command : ldapsearch -x -H "ldaps://x..xx:636"
> I have got a possitive response from server !
> and I don't use SASL ...

I got some info from the other guy. He also used RH7 which includes
SASL libraries, and he had crashes in both PHP and ldapsearch. Could
you see if your ldapsearch crashes if you don't use -x parameter? -x
tells it not to use SASL while there are no similar option from PHP.
The other guy solved it by compiling OpenLDAP 2.0.7 himself without
SASL support and using that with PHP.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] PHP LDAP & SSL

2001-03-06 Thread Stig Venaas

On Tue, Mar 06, 2001 at 09:27:55AM +0100, Matthieu Le Corre wrote:
> I try to have the php ldap functions working with SSL ,
> but when the code is executed the apache child die !!!
> is there anyone with that working 

Works fine for me. I know one other person with the same problem as you.
He also tried with ldapsearch from OpenLDAP 2.0.7 and it crashed, so it
seems to be an OpenLDAP problem. Perhaps you should try that as well,
just use ldapsearch as usual, but use -H "ldaps://host" rather than
-hhost. It then does the same as PHP does, and the result seems to be
the same.

In his case, the bug seems to be SASL related. I'm not using SASL and
it works. So I advise you to try to compile 2.0.7 without SASL libraries,
and try ldapsearch then. I don't know what platform you have, but ldd
might show you which libraries your current ldapsearch uses. See also
the thread "can't connect to secure LDAP server" on the openldap-software
list.

If it crashes, it would be good if you reported the bug at
http://www.OpenLDAP.org/its/. Please try to give as much debug info
as possible. gdb might help you. In case you don't know how to use
gdb, here's some info.

First execute "gdb ldapsearch". You should use the unstripped
ldapsearch (openldap-2.0.7/clients/tools/ldapsearch in the source tree).
Then on the gdb prompt "(gdb)" type
"set args -H ldaps://nwserver.mydomain.com ..." (same arguments as
on the command line), and then type run. You should then get some
info about where it crashes. When it crashes, type the gdb command
"bt". The output will help people know where it crashed. That should
be in your bug report.

I've assumed a few things here. If your not using OpenLDAP or
ldapsearch doesn't crash, the problem is something else.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] Getting LDAPS to work

2001-02-21 Thread Stig Venaas

On Tue, Feb 20, 2001 at 11:14:41AM -0400, Victor V . Evtushenko wrote:
> * John Hallam <[EMAIL PROTECTED]> [010215 17:58]:
> > I have got php 4.0.4p1 configured with openssl 0.9.6
> > and ldap and I'm trying to get an ldap_connect to work
> > over ldaps as described in the ldap_connect
> > documentation.
> > 
> > I have no problem connecting using
> > ldap_connect(hostname) format but I do have a problem
> > with the URL format. This is what I am doing :-
> > 
> > $Host='ldaps://hostname/';
> > $ds=ldap_connect($Host);
> > 
> > What is wrong ?? any ideas ??
> > 
> Why don't you try 
> $ds = ldap_connect("hostname", 689);
> where 689 is port number for SSL connection? If you use another port
> number, you should change 689 to whatever you use.

Because then you're not using SSL, and the URL format should work if
you use OpenLDAP 2.x.x libraries, and it does work for me. I've tested
it on Linux and I know people using this heavily on Solaris as well.

Stig

-- 
Duct tape is like the force.  It has a light side, and a dark side, and
it holds the universe together ...
-- Carl Zwanzig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] whois

2001-01-25 Thread Stig Venaas

On Thu, Jan 25, 2001 at 03:37:26PM +0100, Ernest E Vogelsinger wrote:
> At 15:13 25.01.2001, Andy Woolley said:
> [snip]
> >I know this is a little off topic but for your information 'whois.ripe.net'
> >provide information for the .ba TLD
> >
> >I too am looking for a database of Top Level Domains around the world so if
> >anyone knows of one I would be very much obliged If I could have a copy.

There's a very cool service out there, you can go to for instance
ba.whois-servers.net to find server for .ba.

So you can basically go to ${TLD}.whois-servers.net to find server for
$TLD.

Stig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




[PHP-CVS] cvs: php4 /ext/ldap ldap.c

2001-01-17 Thread Stig Venaas

venaas  Wed Jan 17 05:43:40 2001 EDT

  Modified files:  
/php4/ext/ldap  ldap.c 
  Log:
  Making parallel search allow different filter for each link
  
  
Index: php4/ext/ldap/ldap.c
diff -u php4/ext/ldap/ldap.c:1.80 php4/ext/ldap/ldap.c:1.81
--- php4/ext/ldap/ldap.c:1.80   Sat Jan 13 02:00:27 2001
+++ php4/ext/ldap/ldap.cWed Jan 17 05:43:39 2001
@@ -23,7 +23,7 @@
  */
  
 
-/* $Id: ldap.c,v 1.80 2001/01/13 10:00:27 venaas Exp $ */
+/* $Id: ldap.c,v 1.81 2001/01/17 13:43:39 venaas Exp $ */
 #define IS_EXT_MODULE
 
 #include "php.h"
@@ -235,7 +235,7 @@
 
php_info_print_table_start();
php_info_print_table_row(2, "LDAP Support", "enabled" );
-   php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.80 2001/01/13 
10:00:27 venaas Exp $" );
+   php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.81 2001/01/17 
+13:43:39 venaas Exp $" );
php_info_print_table_row(2, "Total Links", maxl );
 #ifdef LDAP_API_VERSION
snprintf(ldapapiversion, 31, "%d", LDAP_API_VERSION);
@@ -671,11 +671,10 @@
ldap_attrs[num_attribs] = NULL;

case 3 :
-   convert_to_string_ex(filter);
-   ldap_filter = (*filter)->value.str.val;
-
/* parallel search? */
if (Z_TYPE_PP(link) != IS_ARRAY) {
+   convert_to_string_ex(filter);
+   ldap_filter = Z_STRVAL_PP(filter);
convert_to_string_ex(base_dn);
ldap_base_dn = Z_STRVAL_PP(base_dn);
}
@@ -688,7 +687,7 @@
 
/* parallel search? */
if (Z_TYPE_PP(link) == IS_ARRAY) {
-   int i, nlinks, nbases, *rcs;
+   int i, nlinks, nbases, nfilters, *rcs;
LDAP **links;
zval **entry;

@@ -717,6 +716,22 @@
ldap_base_dn = Z_STRLEN_PP(base_dn) < 1 ? NULL : 
Z_STRVAL_PP(base_dn);
}
 
+   if (Z_TYPE_PP(filter) == IS_ARRAY) {
+   nfilters = zend_hash_num_elements(Z_ARRVAL_PP(filter));
+   if (nfilters != nlinks) {
+   php_error(E_WARNING, "LDAP: Filter must either be a 
+string, or an array with the same number of elements as the links array");
+   if (ldap_attrs != NULL) {
+   efree(ldap_attrs);
+   }
+   RETURN_FALSE;
+   }
+   zend_hash_internal_pointer_reset(Z_ARRVAL_PP(filter));
+   } else {
+   nfilters = 0; /* this means string, not array */
+   convert_to_string_ex(filter);
+   ldap_filter = Z_STRVAL_PP(filter);
+   }
+
links = emalloc(nlinks * sizeof(*links));
rcs = emalloc(nlinks * sizeof(*rcs));

@@ -737,6 +752,12 @@
zend_hash_move_forward(Z_ARRVAL_PP(base_dn));
convert_to_string_ex(entry);
ldap_base_dn = Z_STRLEN_PP(entry) < 1 ? NULL : 
Z_STRVAL_PP(entry);
+   }
+   if (nfilters != 0) { /* filter an array? */
+   zend_hash_get_current_data(Z_ARRVAL_PP(filter), (void 
+**)&entry);
+   zend_hash_move_forward(Z_ARRVAL_PP(filter));
+   convert_to_string_ex(entry);
+   ldap_filter = Z_STRVAL_PP(entry);
}
 
php_set_opts(ldap, ldap_sizelimit, ldap_timelimit, ldap_deref);



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




[PHP-CVS] cvs: php4 / configure.in /main network.c

2001-01-13 Thread Stig Venaas

venaas  Sat Jan 13 03:48:47 2001 EDT

  Modified files:  
/php4   configure.in 
/php4/main  network.c 
  Log:
  Simplified code a bit, added detailed error reporting, and fixed a bug
  when getaddrinfo returned a non-IP family before IP families
  
  
Index: php4/configure.in
diff -u php4/configure.in:1.209 php4/configure.in:1.210
--- php4/configure.in:1.209 Tue Jan  9 17:34:40 2001
+++ php4/configure.in   Sat Jan 13 03:48:47 2001
@@ -1,4 +1,4 @@
-dnl ## $Id: configure.in,v 1.209 2001/01/10 01:34:40 ssb Exp $ -*- sh -*-
+dnl ## $Id: configure.in,v 1.210 2001/01/13 11:48:47 venaas Exp $ -*- sh -*-
 dnl ## Process this file with autoconf to produce a configure script.
 
 divert(1)
@@ -356,6 +356,7 @@
 ctime_r \
 cuserid \
 flock \
+gai_strerror \
 gcvt \
 getlogin \
 gethostbyaddr \
Index: php4/main/network.c
diff -u php4/main/network.c:1.10 php4/main/network.c:1.11
--- php4/main/network.c:1.10Thu Oct 19 05:18:02 2000
+++ php4/main/network.c Sat Jan 13 03:48:47 2001
@@ -15,7 +15,7 @@
| Authors: Stig Venaas <[EMAIL PROTECTED]> |
+--+
  */
-/* $Id: network.c,v 1.10 2000/10/19 12:18:02 venaas Exp $ */
+/* $Id: network.c,v 1.11 2001/01/13 11:48:47 venaas Exp $ */
 
 #include "php.h"
 
@@ -59,6 +59,44 @@
 # define SOCK_CONN_ERR -1
 #endif
 
+#ifdef HAVE_GAI_STRERROR
+#  define PHP_GAI_STRERROR(x) (gai_strerror(x))
+#else
+#  define PHP_GAI_STRERROR(x) (php_gai_strerror(x))
+static char *php_gai_strerror(int code) {
+static struct {
+int code;
+const char *msg;
+} values[] = {
+#  ifdef EAI_ADDRFAMILY
+{EAI_ADDRFAMILY, "Address family for hostname not supported"},
+#  endif
+{EAI_AGAIN, "Temporary failure in name resolution"},
+{EAI_BADFLAGS, "Bad value for ai_flags"},
+{EAI_FAIL, "Non-recoverable failure in name resolution"},
+{EAI_FAMILY, "ai_family not supported"},
+{EAI_MEMORY, "Memory allocation failure"},
+#  ifdef EAI_NODATA
+{EAI_NODATA, "No address associated with hostname"},
+#  endif
+{EAI_NONAME, "Name or service not known"},
+{EAI_SERVICE, "Servname not supported for ai_socktype"},
+{EAI_SOCKTYPE, "ai_socktype not supported"},
+{EAI_SYSTEM, "System error"},
+{0, NULL}
+};
+int i;
+
+for (i = 0; values[i].msg != NULL; i++) {
+if (values[i].code == code) {
+return (char *)values[i].msg;
+}
+}
+
+return "Unknown error";
+}
+#endif
+
 static void php_network_freeaddresses(struct sockaddr **sal)
 {
struct sockaddr **sap;
@@ -73,53 +111,47 @@
 static int php_network_getaddresses(const char *host, struct sockaddr ***sal)
 {
struct sockaddr **sap;
-   
-if (host != NULL) {
+
+   if (host == NULL) {
+   return -1;
+   }
+
+   {
 #ifdef HAVE_GETADDRINFO
-struct addrinfo hints, *res, *sai;
+   struct addrinfo hints, *res, *sai;
int n;
 
-memset( &hints, '\0', sizeof(hints) );
-hints.ai_family = AF_UNSPEC;
-if (getaddrinfo(host, NULL, &hints, &res))
-return -1;
-sai = res;
-   for (n=2; (sai = sai->ai_next) != NULL; n++);
-   *sal = emalloc(n * sizeof(*sal));
-   if (*sal == NULL)
+   memset(&hints, '\0', sizeof(hints));
+   hints.ai_family = AF_UNSPEC;
+   if (n = getaddrinfo(host, NULL, &hints, &res)) {
+   php_error(E_WARNING, "php_network_getaddresses: getaddrinfo 
+failed: %s", PHP_GAI_STRERROR(n));
return -1;
+   }
 
-sai = res;
+   sai = res;
+   for (n=2; (sai = sai->ai_next) != NULL; n++);
+   *sal = emalloc(n * sizeof(*sal));
+   sai = res;
sap = *sal;
-do {
-switch (sai->ai_family) {
+   do {
+   switch (sai->ai_family) {
 #  ifdef HAVE_IPV6
-case AF_INET6: {
+   case AF_INET6:
*sap = emalloc(sizeof(struct sockaddr_in6));
-   if (*sap == NULL) {
-   freeaddrinfo(res);
-   goto errexit;
-   }
*(struct sockaddr_in6 *)*sap =

[PHP-CVS] cvs: php4 /ext/ldap ldap.c

2001-01-13 Thread Stig Venaas

venaas  Sat Jan 13 02:00:31 2001 EDT

  Modified files:  
/php4/ext/ldap  ldap.c 
  Log:
  Fixed memory leaks that could happen in some error situations. Also removed
  some unnecessary code in ldap_set_option()
  
  
Index: php4/ext/ldap/ldap.c
diff -u php4/ext/ldap/ldap.c:1.79 php4/ext/ldap/ldap.c:1.80
--- php4/ext/ldap/ldap.c:1.79   Fri Jan 12 14:08:26 2001
+++ php4/ext/ldap/ldap.cSat Jan 13 02:00:27 2001
@@ -23,7 +23,7 @@
  */
  
 
-/* $Id: ldap.c,v 1.79 2001/01/12 22:08:26 venaas Exp $ */
+/* $Id: ldap.c,v 1.80 2001/01/13 10:00:27 venaas Exp $ */
 #define IS_EXT_MODULE
 
 #include "php.h"
@@ -235,7 +235,7 @@
 
php_info_print_table_start();
php_info_print_table_row(2, "LDAP Support", "enabled" );
-   php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.79 2001/01/12 
22:08:26 venaas Exp $" );
+   php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.80 2001/01/13 
+10:00:27 venaas Exp $" );
php_info_print_table_row(2, "Total Links", maxl );
 #ifdef LDAP_API_VERSION
snprintf(ldapapiversion, 31, "%d", LDAP_API_VERSION);
@@ -660,6 +660,7 @@
for(i=0; ivalue.ht, i, (void 
**) &attr) == FAILURE) {
php_error(E_WARNING, "LDAP: Array 
initialization wrong");
+   efree(ldap_attrs);
RETURN_FALSE;
}
 
@@ -778,7 +779,12 @@
}
 
ldap = _get_ldap_link(link);
-   if (ldap == NULL) RETURN_FALSE;
+   if (ldap == NULL) {
+   if (ldap_attrs != NULL) {
+   efree(ldap_attrs);
+   }
+   RETURN_FALSE;
+   }
 
php_set_opts(ldap, ldap_sizelimit, ldap_timelimit, ldap_deref);
 
@@ -1387,6 +1393,12 @@
ldap_mods[i]->mod_type = estrdup(attribute);
} else {
php_error(E_ERROR, "LDAP: Unknown Attribute in the data");
+   /* Free allocated memory */
+   while (i >= 0) {
+   efree(ldap_mods[i--]);
+   }
+   efree(num_berval);
+   efree(ldap_mods);   
RETURN_FALSE;
}
 
@@ -1770,9 +1782,6 @@
 RETURN_FALSE;
 }
ctrls = emalloc((1 + ncontrols) * sizeof(*ctrls));
-   if (ctrls == NULL) {
-   RETURN_FALSE;
-   }
*ctrls = NULL;
ctrlp = ctrls;
zend_hash_internal_pointer_reset(Z_ARRVAL_PP(newval));
@@ -1781,7 +1790,6 @@
php_error(E_WARNING, "The array value must 
contain only arrays, where each array is a control");
error = 1;
break;
-   RETURN_FALSE;
}
if (zend_hash_find(Z_ARRVAL_PP(ctrlval), "oid", 
sizeof("oid"), (void **) &val) == FAILURE) {
php_error(E_WARNING, "Control must have an oid 
key");
@@ -1789,10 +1797,6 @@
break;
}
ctrl = *ctrlp = emalloc(sizeof(**ctrlp));
-   if (ctrl == NULL) {
-   error = 1;
-   break;
-   }
convert_to_string_ex(val);
ctrl->ldctl_oid = Z_STRVAL_PP(val);
if (zend_hash_find(Z_ARRVAL_PP(ctrlval), "value", 
sizeof("value"), (void **) &val) == SUCCESS) {



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




[PHP-CVS] cvs: php4 /ext/openssl openssl.c

2001-01-13 Thread Stig Venaas

venaas  Sat Jan 13 01:16:35 2001 EDT

  Modified files:  
/php4/ext/openssl   openssl.c 
  Log:
  Realized that emalloc() never returns NULL, simplified code
  
  
Index: php4/ext/openssl/openssl.c
diff -u php4/ext/openssl/openssl.c:1.6 php4/ext/openssl/openssl.c:1.7
--- php4/ext/openssl/openssl.c:1.6  Sun Jan  7 03:36:14 2001
+++ php4/ext/openssl/openssl.c  Sat Jan 13 01:16:35 2001
@@ -16,7 +16,7 @@
+--+
  */
  
-/* $Id: openssl.c,v 1.6 2001/01/07 11:36:14 venaas Exp $ */
+/* $Id: openssl.c,v 1.7 2001/01/13 09:16:35 venaas Exp $ */
 
 #include "php.h"
 #include "php_openssl.h"
@@ -292,9 +292,6 @@
ZEND_FETCH_RESOURCE(pkey, EVP_PKEY *, key, -1, "OpenSSL key", le_key);
siglen = EVP_PKEY_size(pkey);
sigbuf = emalloc(siglen + 1);
-   if (sigbuf == NULL) {
-   RETURN_FALSE;
-   }
 
EVP_SignInit(&md_ctx, EVP_sha1());
EVP_SignUpdate(&md_ctx, Z_STRVAL_PP(data), Z_STRLEN_PP(data));
@@ -304,8 +301,8 @@
ZVAL_STRINGL(*signature, sigbuf, siglen, 0);
RETURN_TRUE;
} else {
-   RETURN_FALSE;
efree(sigbuf);
+   RETURN_FALSE;
}
 }
 /* }}} */
@@ -366,20 +363,8 @@
}
 
pkeys = emalloc(nkeys * sizeof(*pkeys));
-   if (pkeys == NULL) {
-   RETURN_FALSE;
-   }
eksl = emalloc(nkeys * sizeof(*eksl));
-   if (eksl == NULL) {
-   efree(pkeys);
-   RETURN_FALSE;
-   }
eks = emalloc(nkeys * sizeof(*eks));
-   if (eks == NULL) {
-   efree(eksl);
-   efree(pkeys);
-   RETURN_FALSE;
-   }

convert_to_string_ex(data);
 
@@ -390,15 +375,6 @@
ZEND_FETCH_RESOURCE(pkeys[i], EVP_PKEY *, pubkey, -1,
"OpenSSL key", le_key);
eks[i] = emalloc(EVP_PKEY_size(pkeys[i]) + 1);
-   if (eks[i] == NULL) {
-   while (i--) {
-   efree(eks[i]);
-   }
-   efree(eks);
-   efree(eksl);
-   efree(pkeys);
-   RETURN_FALSE;
-   }
 zend_hash_move_forward_ex(pubkeysht, &pos);
i++;
}
@@ -420,32 +396,10 @@
 #if 0
/* Need this if allow ciphers that require initialization vector */
ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
-   if (ivlen) {
-   iv = emalloc(ivlen + 1);
-   if (iv == NULL) {
-   for (i=0; i= 0x0090600fL
@@ -542,9 +496,6 @@
le_key);
 
buf = emalloc(Z_STRLEN_PP(data) + 1);
-   if (buf == NULL) {
-   RETURN_FALSE;
-   }
 
if (EVP_OpenInit(&ctx, EVP_rc4(), Z_STRVAL_PP(ekey),
  Z_STRLEN_PP(ekey), NULL, pkey)



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




[PHP-CVS] cvs: php4 /ext/ldap ldap.c

2001-01-12 Thread Stig Venaas

venaas  Fri Jan 12 14:08:26 2001 EDT

  Modified files:  
/php4/ext/ldap  ldap.c 
  Log:
  Added parallel search when given array of link identifiers
  @- Made ldap_list(), ldap_read() and ldap_search() do parallel search when
  @  first parameter is an array of link identifiers (Stig Venaas)
  
  
Index: php4/ext/ldap/ldap.c
diff -u php4/ext/ldap/ldap.c:1.78 php4/ext/ldap/ldap.c:1.79
--- php4/ext/ldap/ldap.c:1.78   Mon Jan  8 10:31:59 2001
+++ php4/ext/ldap/ldap.cFri Jan 12 14:08:26 2001
@@ -23,7 +23,7 @@
  */
  
 
-/* $Id: ldap.c,v 1.78 2001/01/08 18:31:59 eschmid Exp $ */
+/* $Id: ldap.c,v 1.79 2001/01/12 22:08:26 venaas Exp $ */
 #define IS_EXT_MODULE
 
 #include "php.h"
@@ -235,7 +235,7 @@
 
php_info_print_table_start();
php_info_print_table_row(2, "LDAP Support", "enabled" );
-   php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.78 2001/01/08 
18:31:59 eschmid Exp $" );
+   php_info_print_table_row(2, "RCS Version", "$Id: ldap.c,v 1.79 2001/01/12 
+22:08:26 venaas Exp $" );
php_info_print_table_row(2, "Total Links", maxl );
 #ifdef LDAP_API_VERSION
snprintf(ldapapiversion, 31, "%d", LDAP_API_VERSION);
@@ -576,6 +576,37 @@
 /* }}} */
 
 
+static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref)
+{
+   /* sizelimit */
+   if (sizelimit > -1) {
+#if ( LDAP_API_VERSION >= 2004 ) || HAVE_NSLDAP
+   ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, &sizelimit);
+#else
+   ldap->ld_sizelimit = sizelimit; 
+#endif
+   }
+
+   /* timelimit */
+   if (timelimit > -1) {
+#if ( LDAP_API_VERSION >= 2004 ) || HAVE_NSLDAP
+   ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit);
+#else
+   ldap->ld_timelimit = timelimit; 
+#endif
+   }
+
+   /* deref */
+   if (deref > -1) {
+#if ( LDAP_API_VERSION >= 2004 ) || HAVE_NSLDAP
+   ldap_set_option(ldap, LDAP_OPT_DEREF, &deref);
+#else
+   ldap->ld_deref = deref; 
+#endif
+   }
+}
+
+
 static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
 {
pval **link, **base_dn, **filter, **attrs, **attr, **attrsonly, **sizelimit, 
**timelimit, **deref;
@@ -586,7 +617,7 @@
int ldap_sizelimit = -1; 
int ldap_timelimit = -1; 
int ldap_deref = -1; 
-   LDAPMessage *ldap_result;
+   LDAPMessage *ldap_res;
int num_attribs = 0;
int i, errno;
int myargcount = ZEND_NUM_ARGS();
@@ -639,10 +670,14 @@
ldap_attrs[num_attribs] = NULL;

case 3 :
-   convert_to_string_ex(base_dn);
convert_to_string_ex(filter);
-   ldap_base_dn = (*base_dn)->value.str.val;
ldap_filter = (*filter)->value.str.val;
+
+   /* parallel search? */
+   if (Z_TYPE_PP(link) != IS_ARRAY) {
+   convert_to_string_ex(base_dn);
+   ldap_base_dn = Z_STRVAL_PP(base_dn);
+   }
break;
 
default:
@@ -650,6 +685,93 @@
break;
}
 
+   /* parallel search? */
+   if (Z_TYPE_PP(link) == IS_ARRAY) {
+   int i, nlinks, nbases, *rcs;
+   LDAP **links;
+   zval **entry;
+   
+   nlinks = zend_hash_num_elements(Z_ARRVAL_PP(link));
+   if (nlinks == 0) {
+   php_error(E_WARNING, "LDAP: No links in link array");
+   if (ldap_attrs != NULL) {
+   efree(ldap_attrs);
+   }
+   RETURN_FALSE;
+   }
+
+   if (Z_TYPE_PP(base_dn) == IS_ARRAY) {
+   nbases = zend_hash_num_elements(Z_ARRVAL_PP(base_dn));
+   if (nbases != nlinks) {
+   php_error(E_WARNING, "LDAP: Base must either be a 
+string, or an array with the same number of elements as the links array");
+   if (ldap_attrs != NULL) {
+   efree(ldap_attrs);
+   }
+   RETURN_FALSE;
+   }
+   zend_hash_internal_pointer_reset(Z_ARRVAL_PP(base_dn));
+   } else {
+   nbases = 0; /* this means string, not array */
+   convert_to_string_ex(base_dn);
+   ldap_base_dn = Z_STRLEN_PP(base_dn) < 1 ? NULL : 
+Z_STRVAL_PP(base_dn);
+   }
+
+   links = emalloc(nlinks * sizeof(*links));
+   rcs = emalloc(nlinks * sizeof(*

[PHP-CVS] cvs: php4 /ext/standard http_fopen_wrapper.c

2001-01-12 Thread Stig Venaas

venaas  Fri Jan 12 12:49:25 2001 EDT

  Modified files:  
/php4/ext/standard  http_fopen_wrapper.c 
  Log:
  Follows redirects again, and $http_response_header now contains all headers
  with an empty string as delimiter
  @- Made fopen() of HTTP URL follow redirects, $http_response_header will
  @  contain all headers with empty string as delimiter (Stig Venaas)
  
  
Index: php4/ext/standard/http_fopen_wrapper.c
diff -u php4/ext/standard/http_fopen_wrapper.c:1.3 
php4/ext/standard/http_fopen_wrapper.c:1.4
--- php4/ext/standard/http_fopen_wrapper.c:1.3  Fri Oct 27 18:31:56 2000
+++ php4/ext/standard/http_fopen_wrapper.c  Fri Jan 12 12:49:25 2001
@@ -17,7 +17,7 @@
|  Hartmut Holzgraefe <[EMAIL PROTECTED]>   |
+--+
  */
-/* $Id: http_fopen_wrapper.c,v 1.3 2000/10/28 01:31:56 zeev Exp $ */
+/* $Id: http_fopen_wrapper.c,v 1.4 2001/01/12 20:49:25 venaas Exp $ */
 
 #include "php.h"
 #include "php_globals.h"
@@ -263,26 +263,40 @@
}
}
}
-   {
-   ELS_FETCH();
 
-   zend_hash_update(EG(active_symbol_table), "http_response_header", 
sizeof("http_response_header"), (void **) &response_header, sizeof(zval *), NULL);
-   }
if (!reqok) {
SOCK_FCLOSE(*socketd);
*socketd = 0;
free_url(resource);
-#if 0
if (location[0] != '\0') {
-   return php_fopen_url_wrapper(location, mode, options, issock, 
socketd, opened_path);
+   zval **response_header_new, *entry, **entryp;
+
+   fp = php_fopen_url_wrap_http(location, mode, options, issock, 
+socketd, opened_path);
+   ELS_FETCH();
+   if (zend_hash_find(EG(active_symbol_table), 
+"http_response_header", sizeof("http_response_header"), (void **) 
+&response_header_new) == SUCCESS) {
+   entryp = &entry;
+   MAKE_STD_ZVAL(entry);
+   ZVAL_EMPTY_STRING(entry);
+   
+zend_hash_next_index_insert(Z_ARRVAL_P(response_header), entryp, sizeof(zval *), 
+NULL);
+   
+zend_hash_internal_pointer_reset(Z_ARRVAL_PP(response_header_new));
+   while 
+(zend_hash_get_current_data(Z_ARRVAL_PP(response_header_new), (void **)&entryp) == 
+SUCCESS) {
+   zval_add_ref(entryp);
+   
+zend_hash_next_index_insert(Z_ARRVAL_P(response_header), entryp, sizeof(zval *), 
+NULL);
+   
+zend_hash_move_forward(Z_ARRVAL_PP(response_header_new));
+   }
+   }
+   goto out;
} else {
-   return NULL;
+   fp = NULL;
+   goto out;
}
-#else
-   return NULL;
-#endif
}
free_url(resource);
*issock = 1;
+ out:
+   {
+   ELS_FETCH();
+   ZEND_SET_SYMBOL(EG(active_symbol_table), "http_response_header", 
+response_header);
+   }   
return (fp);
 }



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]