From 8fcc29ee8b7b5ed600c8ec7116f52486718467f6 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 10 Dec 2013 17:50:45 +0100 Subject: [PATCH 1/3] only check ldap_errno if an ldap_* function actually fails fix wizard errors reset search paging right after the search, not before some of the possible next search operations cookie contains binary characters, don't log it (avoids json_encode(): Invalid UTF-8 sequence in argument errors) --- apps/user_ldap/lib/access.php | 10 ++++++---- apps/user_ldap/lib/ldap.php | 6 ++++-- apps/user_ldap/lib/wizard.php | 1 + 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index b7e4023dd7..018cf13c91 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -63,7 +63,6 @@ class Access extends LDAPUtility { return false; } //all or nothing! otherwise we get in trouble with. - $this->initPagedSearch($filter, array($dn), $attr, 99999, 0); $dn = $this->DNasBaseParameter($dn); $rr = @$this->ldap->read($cr, $dn, $filter, array($attr)); if(!$this->ldap->isResource($rr)) { @@ -707,6 +706,9 @@ class Access extends LDAPUtility { $linkResources = array_pad(array(), count($base), $cr); $sr = $this->ldap->search($linkResources, $base, $filter, $attr); $error = $this->ldap->errno($cr); + if ($pagedSearchOK) { + $this->ldap->controlPagedResult($cr, 0, false, ""); + } if(!is_array($sr) || $error !== 0) { \OCP\Util::writeLog('user_ldap', 'Error when searching: '.$this->ldap->error($cr). @@ -1236,9 +1238,9 @@ class Access extends LDAPUtility { if($this->connection->hasPagedResultSupport && !is_null($limit)) { $offset = intval($offset); //can be null \OCP\Util::writeLog('user_ldap', - 'initializing paged search for Filter'.$filter.' base '.print_r($bases, true) + 'initializing paged search for Filter '.$filter.' base '.print_r($bases, true) .' attr '.print_r($attr, true). ' limit ' .$limit.' offset '.$offset, - \OCP\Util::INFO); + \OCP\Util::DEBUG); //get the cookie from the search for the previous search, required by LDAP foreach($bases as $base) { @@ -1260,7 +1262,7 @@ class Access extends LDAPUtility { } if(!is_null($cookie)) { if($offset > 0) { - \OCP\Util::writeLog('user_ldap', 'Cookie '.$cookie, \OCP\Util::INFO); + \OCP\Util::writeLog('user_ldap', 'Cookie '.CRC32($cookie), \OCP\Util::INFO); } $pagedSearchOK = $this->ldap->controlPagedResult( $this->connection->getConnectionResource(), $limit, diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php index de9b7481c1..0e5f78cd28 100644 --- a/apps/user_ldap/lib/ldap.php +++ b/apps/user_ldap/lib/ldap.php @@ -78,7 +78,7 @@ class LDAP implements ILDAPWrapper { } public function nextEntry($link, $result) { - return $this->invokeLDAPMethod('next_entry', $link, $result); + return ldap_next_entry($link, $result); } public function read($link, $baseDN, $filter, $attr) { @@ -139,7 +139,9 @@ class LDAP implements ILDAPWrapper { if(function_exists($func)) { $this->preFunctionCall($func, $arguments); $result = call_user_func_array($func, $arguments); - $this->postFunctionCall(); + if ($result === FALSE) { + $this->postFunctionCall(); + } return $result; } } diff --git a/apps/user_ldap/lib/wizard.php b/apps/user_ldap/lib/wizard.php index e79090febc..04ea87d53e 100644 --- a/apps/user_ldap/lib/wizard.php +++ b/apps/user_ldap/lib/wizard.php @@ -799,6 +799,7 @@ class Wizard extends LDAPUtility { \OCP\Util::writeLog('user_ldap', 'Wiz: Setting LDAP Options ', \OCP\Util::DEBUG); //set LDAP options $this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3); + $this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0); $this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT); if($tls) { $isTlsWorking = @$this->ldap->startTls($cr); From 6585bd5a500292a284490e96250d465280f3c34b Mon Sep 17 00:00:00 2001 From: root Date: Wed, 11 Dec 2013 11:00:53 +0100 Subject: [PATCH 2/3] "reset" ldap pagedSearch control by setting it to a high value call nextEntry via invokeLDAPMethod --- apps/user_ldap/lib/ldap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php index 0e5f78cd28..d1ca91045b 100644 --- a/apps/user_ldap/lib/ldap.php +++ b/apps/user_ldap/lib/ldap.php @@ -78,7 +78,7 @@ class LDAP implements ILDAPWrapper { } public function nextEntry($link, $result) { - return ldap_next_entry($link, $result); + return $this->invokeLDAPMethod('next_entry', $link, $result); } public function read($link, $baseDN, $filter, $attr) { From f850fcfac51080baf1af90d59a8d94b80721c819 Mon Sep 17 00:00:00 2001 From: Alexander Bergolth Date: Thu, 6 Mar 2014 12:23:20 +0100 Subject: [PATCH 3/3] "reset" ldap pagedSearch control by setting it to a high value --- apps/user_ldap/lib/access.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 018cf13c91..01bfbb4cbf 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -707,7 +707,7 @@ class Access extends LDAPUtility { $sr = $this->ldap->search($linkResources, $base, $filter, $attr); $error = $this->ldap->errno($cr); if ($pagedSearchOK) { - $this->ldap->controlPagedResult($cr, 0, false, ""); + $this->ldap->controlPagedResult($cr, 999999, false, ""); } if(!is_array($sr) || $error !== 0) { \OCP\Util::writeLog('user_ldap',