From: Jan Schneider Date: Fri, 17 Sep 2010 16:46:40 +0000 (+0200) Subject: Drop different bind DNs. Consumer code is responsible for binding with the correct... X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=887f206bc7c23c24f9fbc9ce07aae571bc9fe07e;p=horde.git Drop different bind DNs. Consumer code is responsible for binding with the correct credentials. --- diff --git a/framework/Ldap/lib/Horde/Ldap.php b/framework/Ldap/lib/Horde/Ldap.php index eda4b917b..7f9808daa 100644 --- a/framework/Ldap/lib/Horde/Ldap.php +++ b/framework/Ldap/lib/Horde/Ldap.php @@ -47,11 +47,8 @@ class Horde_Ldap 'port' => 389, 'version' => 3, 'starttls' => false, - 'searchdn' => '', - 'searchpw' => '', - 'writeas' => 'search', - 'writedn' => '', - 'writepw' => '', + 'binddn' => '', + 'bindpw' => '', 'basedn' => '', 'options' => array(), 'filter' => '(objectClass=*)', @@ -199,10 +196,10 @@ class Horde_Ldap { /* Fetch current bind credentials. */ if (empty($dn)) { - $dn = $this->_config['searchdn']; + $dn = $this->_config['binddn']; } if (empty($password)) { - $password = $this->_config['searchpw']; + $password = $this->_config['bindpw']; } /* Connect first, if we haven't so far. This will also bind @@ -210,20 +207,20 @@ class Horde_Ldap if (!$this->_link) { /* Store old credentials so we can revert them later, then * overwrite config with new bind credentials. */ - $olddn = $this->_config['searchdn']; - $oldpw = $this->_config['searchpw']; + $olddn = $this->_config['binddn']; + $oldpw = $this->_config['bindpw']; /* Overwrite bind credentials in config so * _connect() knows about them. */ - $this->_config['searchdn'] = $dn; - $this->_config['searchpw'] = $password; + $this->_config['binddn'] = $dn; + $this->_config['bindpw'] = $password; /* Try to connect with provided credentials. */ $msg = $this->_connect(); /* Reset to previous config. */ - $this->_config['searchdn'] = $olddn; - $this->_config['searchpw'] = $oldpw; + $this->_config['binddn'] = $olddn; + $this->_config['bindpw'] = $oldpw; return; } @@ -349,13 +346,11 @@ class Horde_Ldap } catch (Exception $e) { /* The bind failed, discard link and save error msg. * Then record the host as down and try next one. */ - if ($e->getCode() == 0x02 && !$version_set) { + if ($this->errorName($e->getCode()) == 'LDAP_PROTOCOL_ERROR' && + !$version_set) { /* Provide a finer grained error message if protocol error * arises because of invalid version. */ - $e = new Horde_Ldap_Exception($e->getMessage() - . ' (could not set LDAP protocol version to ' - . $this->_config['version'].')', - $e->getCode()); + $e = new Horde_Ldap_Exception($e->getMessage() . ' (could not set LDAP protocol version to ' . $this->_config['version'].')', $e->getCode()); } $this->_link = false; $current_error = $e; @@ -524,11 +519,6 @@ class Horde_Ldap */ public function add(Horde_Ldap_Entry $entry) { - /* Rebind as the write DN. */ - if (!empty($this->_config['writedn'])) { - $this->bind($this->_config['writedn'], $this->_config['writepw']); - } - /* Continue attempting the add operation in a loop until we get a * success, a definitive failure, or the world ends. */ while (true) { @@ -586,11 +576,6 @@ class Horde_Ldap throw new Horde_Ldap_Exception('Parameter is not a string nor an entry object!'); } - /* Re-bind as the write DN if not using searchdn credentials. */ - if (!empty($this->_config['writedn'])) { - $this->bind($this->_config['writedn'], $this->_config['writepw']); - } - /* Recursive delete searches for children and calls delete for them. */ if ($recursive) { $result = @ldap_list($this->_link, $dn, '(objectClass=*)', array(null), 0, 0); @@ -682,11 +667,6 @@ class Horde_Ldap */ public function modify($entry, $parms = array()) { - /* Re-bind as the write DN. */ - if (!empty($this->_config['writedn'])) { - $this->bind($this->_config['writedn'], $this->_config['writepw']); - } - if (is_string($entry)) { $entry = $this->getEntry($entry); } diff --git a/framework/Ldap/test/Horde/Ldap/LdapTest.php b/framework/Ldap/test/Horde/Ldap/LdapTest.php index b99f201ac..293083b0a 100644 --- a/framework/Ldap/test/Horde/Ldap/LdapTest.php +++ b/framework/Ldap/test/Horde/Ldap/LdapTest.php @@ -58,8 +58,8 @@ class Horde_Ldap_LdapTest extends Horde_Ldap_TestBase $lcfg = array('hostspec' => array('nonexistant.ldap.horde.org', self::$ldapcfg['server']['hostspec']), 'port' => self::$ldapcfg['server']['port'], - 'writedn' => self::$ldapcfg['server']['writedn'], - 'writepw' => self::$ldapcfg['server']['writepw']); + 'binddn' => self::$ldapcfg['server']['binddn'], + 'bindpw' => self::$ldapcfg['server']['bindpw']); $ldap = new Horde_Ldap($lcfg); } diff --git a/framework/Ldap/test/Horde/Ldap/conf.php.dist b/framework/Ldap/test/Horde/Ldap/conf.php.dist index 0d71890ab..3672bb7f9 100644 --- a/framework/Ldap/test/Horde/Ldap/conf.php.dist +++ b/framework/Ldap/test/Horde/Ldap/conf.php.dist @@ -4,8 +4,8 @@ $conf = array( 'hostspec' => 'localhost', 'port' => 389, 'basedn' => 'ou=hordetest,dc=example,dc=com', - 'writedn' => 'cn=admin,dc=example,dc=com', - 'writepw' => 'secret'), + 'binddn' => 'cn=admin,dc=example,dc=com', + 'bindpw' => 'secret'), 'capability' => array( 'anonymous' => true, 'tls' => true),