1/*
2   +----------------------------------------------------------------------+
3   | PHP Version 7                                                        |
4   +----------------------------------------------------------------------+
5   | Copyright (c) 1997-2015 The PHP Group                                |
6   +----------------------------------------------------------------------+
7   | This source file is subject to version 3.01 of the PHP license,      |
8   | that is bundled with this package in the file LICENSE, and is        |
9   | available through the world-wide-web at the following url:           |
10   | http://www.php.net/license/3_01.txt                                  |
11   | If you did not receive a copy of the PHP license and are unable to   |
12   | obtain it through the world-wide-web, please send a note to          |
13   | license@php.net so we can mail you a copy immediately.               |
14   +----------------------------------------------------------------------+
15   | Authors: Amitay Isaacs  <amitay@w-o-i.com>                           |
16   |          Eric Warnke    <ericw@albany.edu>                           |
17   |          Rasmus Lerdorf <rasmus@php.net>                             |
18   |          Gerrit Thomson <334647@swin.edu.au>                         |
19   |          Jani Taskinen  <sniper@iki.fi>                              |
20   |          Stig Venaas    <venaas@uninett.no>                          |
21   |          Doug Goldstein <cardoe@cardoe.com>                          |
22   | PHP 4.0 updates:  Zeev Suraski <zeev@zend.com>                       |
23   +----------------------------------------------------------------------+
24 */
25
26/* $Id: 80ed4961c23b1e75f4450b7dec9abeb20f4aa6bc $ */
27#define IS_EXT_MODULE
28
29#ifdef HAVE_CONFIG_H
30#include "config.h"
31#endif
32
33/* Additional headers for NetWare */
34#if defined(NETWARE) && (NEW_LIBC)
35#include <sys/select.h>
36#include <sys/timeval.h>
37#endif
38
39#include "php.h"
40#include "php_ini.h"
41
42#include <stddef.h>
43
44#include "ext/standard/dl.h"
45#include "php_ldap.h"
46
47#ifdef PHP_WIN32
48#include <string.h>
49#include "config.w32.h"
50#if HAVE_NSLDAP
51#include <winsock2.h>
52#endif
53#define strdup _strdup
54#undef WINDOWS
55#undef strcasecmp
56#undef strncasecmp
57#define WINSOCK 1
58#define __STDC__ 1
59#endif
60
61#include "ext/standard/php_string.h"
62#include "ext/standard/info.h"
63
64#ifdef HAVE_LDAP_SASL_H
65#include <sasl.h>
66#elif defined(HAVE_LDAP_SASL_SASL_H)
67#include <sasl/sasl.h>
68#endif
69
70#define PHP_LDAP_ESCAPE_FILTER 0x01
71#define PHP_LDAP_ESCAPE_DN     0x02
72
73#if defined(LDAP_CONTROL_PAGEDRESULTS) && !defined(HAVE_LDAP_CONTROL_FIND)
74LDAPControl *ldap_control_find( const char *oid, LDAPControl **ctrls, LDAPControl ***nextctrlp)
75{
76    assert(nextctrlp == NULL);
77    return ldap_find_control(oid, ctrls);
78}
79#endif
80
81#if !defined(LDAP_API_FEATURE_X_OPENLDAP)
82void ldap_memvfree(void **v)
83{
84    ldap_value_free((char **)v);
85}
86#endif
87
88typedef struct {
89    LDAP *link;
90#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
91    zval rebindproc;
92#endif
93} ldap_linkdata;
94
95typedef struct {
96    LDAPMessage *data;
97    BerElement  *ber;
98    zval         res;
99} ldap_resultentry;
100
101ZEND_DECLARE_MODULE_GLOBALS(ldap)
102static PHP_GINIT_FUNCTION(ldap);
103
104static int le_link, le_result, le_result_entry;
105
106#ifdef COMPILE_DL_LDAP
107ZEND_GET_MODULE(ldap)
108#endif
109
110static void _close_ldap_link(zend_resource *rsrc) /* {{{ */
111{
112    ldap_linkdata *ld = (ldap_linkdata *)rsrc->ptr;
113
114    ldap_unbind_ext(ld->link, NULL, NULL);
115#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
116    zval_ptr_dtor(&ld->rebindproc);
117#endif
118
119    efree(ld);
120    LDAPG(num_links)--;
121}
122/* }}} */
123
124static void _free_ldap_result(zend_resource *rsrc) /* {{{ */
125{
126    LDAPMessage *result = (LDAPMessage *)rsrc->ptr;
127    ldap_msgfree(result);
128}
129/* }}} */
130
131static void _free_ldap_result_entry(zend_resource *rsrc) /* {{{ */
132{
133    ldap_resultentry *entry = (ldap_resultentry *)rsrc->ptr;
134
135    if (entry->ber != NULL) {
136        ber_free(entry->ber, 0);
137        entry->ber = NULL;
138    }
139    zval_ptr_dtor(&entry->res);
140    efree(entry);
141}
142/* }}} */
143
144/* {{{ PHP_INI_BEGIN
145 */
146PHP_INI_BEGIN()
147    STD_PHP_INI_ENTRY_EX("ldap.max_links", "-1", PHP_INI_SYSTEM, OnUpdateLong, max_links, zend_ldap_globals, ldap_globals, display_link_numbers)
148PHP_INI_END()
149/* }}} */
150
151/* {{{ PHP_GINIT_FUNCTION
152 */
153static PHP_GINIT_FUNCTION(ldap)
154{
155    ldap_globals->num_links = 0;
156}
157/* }}} */
158
159/* {{{ PHP_MINIT_FUNCTION
160 */
161PHP_MINIT_FUNCTION(ldap)
162{
163    REGISTER_INI_ENTRIES();
164
165    /* Constants to be used with deref-parameter in php_ldap_do_search() */
166    REGISTER_LONG_CONSTANT("LDAP_DEREF_NEVER", LDAP_DEREF_NEVER, CONST_PERSISTENT | CONST_CS);
167    REGISTER_LONG_CONSTANT("LDAP_DEREF_SEARCHING", LDAP_DEREF_SEARCHING, CONST_PERSISTENT | CONST_CS);
168    REGISTER_LONG_CONSTANT("LDAP_DEREF_FINDING", LDAP_DEREF_FINDING, CONST_PERSISTENT | CONST_CS);
169    REGISTER_LONG_CONSTANT("LDAP_DEREF_ALWAYS", LDAP_DEREF_ALWAYS, CONST_PERSISTENT | CONST_CS);
170
171    /* Constants to be used with ldap_modify_batch() */
172    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_ADD", LDAP_MODIFY_BATCH_ADD, CONST_PERSISTENT | CONST_CS);
173    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE", LDAP_MODIFY_BATCH_REMOVE, CONST_PERSISTENT | CONST_CS);
174    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE_ALL", LDAP_MODIFY_BATCH_REMOVE_ALL, CONST_PERSISTENT | CONST_CS);
175    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REPLACE", LDAP_MODIFY_BATCH_REPLACE, CONST_PERSISTENT | CONST_CS);
176    REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_ATTRIB", LDAP_MODIFY_BATCH_ATTRIB, CONST_PERSISTENT | CONST_CS);
177    REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_MODTYPE", LDAP_MODIFY_BATCH_MODTYPE, CONST_PERSISTENT | CONST_CS);
178    REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_VALUES", LDAP_MODIFY_BATCH_VALUES, CONST_PERSISTENT | CONST_CS);
179
180#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
181    /* LDAP options */
182    REGISTER_LONG_CONSTANT("LDAP_OPT_DEREF", LDAP_OPT_DEREF, CONST_PERSISTENT | CONST_CS);
183    REGISTER_LONG_CONSTANT("LDAP_OPT_SIZELIMIT", LDAP_OPT_SIZELIMIT, CONST_PERSISTENT | CONST_CS);
184    REGISTER_LONG_CONSTANT("LDAP_OPT_TIMELIMIT", LDAP_OPT_TIMELIMIT, CONST_PERSISTENT | CONST_CS);
185#ifdef LDAP_OPT_NETWORK_TIMEOUT
186    REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_OPT_NETWORK_TIMEOUT, CONST_PERSISTENT | CONST_CS);
187#elif defined (LDAP_X_OPT_CONNECT_TIMEOUT)
188    REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_X_OPT_CONNECT_TIMEOUT, CONST_PERSISTENT | CONST_CS);
189#endif
190    REGISTER_LONG_CONSTANT("LDAP_OPT_PROTOCOL_VERSION", LDAP_OPT_PROTOCOL_VERSION, CONST_PERSISTENT | CONST_CS);
191    REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_NUMBER", LDAP_OPT_ERROR_NUMBER, CONST_PERSISTENT | CONST_CS);
192    REGISTER_LONG_CONSTANT("LDAP_OPT_REFERRALS", LDAP_OPT_REFERRALS, CONST_PERSISTENT | CONST_CS);
193#ifdef LDAP_OPT_RESTART
194    REGISTER_LONG_CONSTANT("LDAP_OPT_RESTART", LDAP_OPT_RESTART, CONST_PERSISTENT | CONST_CS);
195#endif
196#ifdef LDAP_OPT_HOST_NAME
197    REGISTER_LONG_CONSTANT("LDAP_OPT_HOST_NAME", LDAP_OPT_HOST_NAME, CONST_PERSISTENT | CONST_CS);
198#endif
199    REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_STRING", LDAP_OPT_ERROR_STRING, CONST_PERSISTENT | CONST_CS);
200#ifdef LDAP_OPT_MATCHED_DN
201    REGISTER_LONG_CONSTANT("LDAP_OPT_MATCHED_DN", LDAP_OPT_MATCHED_DN, CONST_PERSISTENT | CONST_CS);
202#endif
203    REGISTER_LONG_CONSTANT("LDAP_OPT_SERVER_CONTROLS", LDAP_OPT_SERVER_CONTROLS, CONST_PERSISTENT | CONST_CS);
204    REGISTER_LONG_CONSTANT("LDAP_OPT_CLIENT_CONTROLS", LDAP_OPT_CLIENT_CONTROLS, CONST_PERSISTENT | CONST_CS);
205#endif
206#ifdef LDAP_OPT_DEBUG_LEVEL
207    REGISTER_LONG_CONSTANT("LDAP_OPT_DEBUG_LEVEL", LDAP_OPT_DEBUG_LEVEL, CONST_PERSISTENT | CONST_CS);
208#endif
209
210#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
211    REGISTER_LONG_CONSTANT("LDAP_OPT_DIAGNOSTIC_MESSAGE", LDAP_OPT_DIAGNOSTIC_MESSAGE, CONST_PERSISTENT | CONST_CS);
212#endif
213
214#ifdef HAVE_LDAP_SASL
215    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_MECH", LDAP_OPT_X_SASL_MECH, CONST_PERSISTENT | CONST_CS);
216    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_REALM", LDAP_OPT_X_SASL_REALM, CONST_PERSISTENT | CONST_CS);
217    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHCID", LDAP_OPT_X_SASL_AUTHCID, CONST_PERSISTENT | CONST_CS);
218    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHZID", LDAP_OPT_X_SASL_AUTHZID, CONST_PERSISTENT | CONST_CS);
219#endif
220
221#ifdef ORALDAP
222    REGISTER_LONG_CONSTANT("GSLC_SSL_NO_AUTH", GSLC_SSL_NO_AUTH, CONST_PERSISTENT | CONST_CS);
223    REGISTER_LONG_CONSTANT("GSLC_SSL_ONEWAY_AUTH", GSLC_SSL_ONEWAY_AUTH, CONST_PERSISTENT | CONST_CS);
224    REGISTER_LONG_CONSTANT("GSLC_SSL_TWOWAY_AUTH", GSLC_SSL_TWOWAY_AUTH, CONST_PERSISTENT | CONST_CS);
225#endif
226
227    REGISTER_LONG_CONSTANT("LDAP_ESCAPE_FILTER", PHP_LDAP_ESCAPE_FILTER, CONST_PERSISTENT | CONST_CS);
228    REGISTER_LONG_CONSTANT("LDAP_ESCAPE_DN", PHP_LDAP_ESCAPE_DN, CONST_PERSISTENT | CONST_CS);
229
230    le_link = zend_register_list_destructors_ex(_close_ldap_link, NULL, "ldap link", module_number);
231    le_result = zend_register_list_destructors_ex(_free_ldap_result, NULL, "ldap result", module_number);
232    le_result_entry = zend_register_list_destructors_ex(_free_ldap_result_entry, NULL, "ldap result entry", module_number);
233
234    ldap_module_entry.type = type;
235
236    return SUCCESS;
237}
238/* }}} */
239
240/* {{{ PHP_MSHUTDOWN_FUNCTION
241 */
242PHP_MSHUTDOWN_FUNCTION(ldap)
243{
244    UNREGISTER_INI_ENTRIES();
245    return SUCCESS;
246}
247/* }}} */
248
249/* {{{ PHP_MINFO_FUNCTION
250 */
251PHP_MINFO_FUNCTION(ldap)
252{
253    char tmp[32];
254#if HAVE_NSLDAP
255    LDAPVersion ver;
256    double SDKVersion;
257#endif
258
259    php_info_print_table_start();
260    php_info_print_table_row(2, "LDAP Support", "enabled");
261    php_info_print_table_row(2, "RCS Version", "$Id: 80ed4961c23b1e75f4450b7dec9abeb20f4aa6bc $");
262
263    if (LDAPG(max_links) == -1) {
264        snprintf(tmp, 31, ZEND_LONG_FMT "/unlimited", LDAPG(num_links));
265    } else {
266        snprintf(tmp, 31, ZEND_LONG_FMT "/" ZEND_LONG_FMT, LDAPG(num_links), LDAPG(max_links));
267    }
268    php_info_print_table_row(2, "Total Links", tmp);
269
270#ifdef LDAP_API_VERSION
271    snprintf(tmp, 31, "%d", LDAP_API_VERSION);
272    php_info_print_table_row(2, "API Version", tmp);
273#endif
274
275#ifdef LDAP_VENDOR_NAME
276    php_info_print_table_row(2, "Vendor Name", LDAP_VENDOR_NAME);
277#endif
278
279#ifdef LDAP_VENDOR_VERSION
280    snprintf(tmp, 31, "%d", LDAP_VENDOR_VERSION);
281    php_info_print_table_row(2, "Vendor Version", tmp);
282#endif
283
284#if HAVE_NSLDAP
285    SDKVersion = ldap_version(&ver);
286    snprintf(tmp, 31, "%F", SDKVersion/100.0);
287    php_info_print_table_row(2, "SDK Version", tmp);
288
289    snprintf(tmp, 31, "%F", ver.protocol_version/100.0);
290    php_info_print_table_row(2, "Highest LDAP Protocol Supported", tmp);
291
292    snprintf(tmp, 31, "%F", ver.SSL_version/100.0);
293    php_info_print_table_row(2, "SSL Level Supported", tmp);
294
295    if (ver.security_level != LDAP_SECURITY_NONE) {
296        snprintf(tmp, 31, "%d", ver.security_level);
297    } else {
298        strcpy(tmp, "SSL not enabled");
299    }
300    php_info_print_table_row(2, "Level of Encryption", tmp);
301#endif
302
303#ifdef HAVE_LDAP_SASL
304    php_info_print_table_row(2, "SASL Support", "Enabled");
305#endif
306
307    php_info_print_table_end();
308    DISPLAY_INI_ENTRIES();
309}
310/* }}} */
311
312/* {{{ proto resource ldap_connect([string host [, int port [, string wallet [, string wallet_passwd [, int authmode]]]]])
313   Connect to an LDAP server */
314PHP_FUNCTION(ldap_connect)
315{
316    char *host = NULL;
317    size_t hostlen = 0;
318    zend_long port = LDAP_PORT;
319#ifdef HAVE_ORALDAP
320    char *wallet = NULL, *walletpasswd = NULL;
321    size_t walletlen = 0, walletpasswdlen = 0;
322    zend_long authmode = GSLC_SSL_NO_AUTH;
323    int ssl=0;
324#endif
325    ldap_linkdata *ld;
326    LDAP *ldap = NULL;
327
328#ifdef HAVE_ORALDAP
329    if (ZEND_NUM_ARGS() == 3 || ZEND_NUM_ARGS() == 4) {
330        WRONG_PARAM_COUNT;
331    }
332
333    if (zend_parse_parameters(ZEND_NUM_ARGS(), "|slssl", &host, &hostlen, &port, &wallet, &walletlen, &walletpasswd, &walletpasswdlen, &authmode) != SUCCESS) {
334        RETURN_FALSE;
335    }
336
337    if (ZEND_NUM_ARGS() == 5) {
338        ssl = 1;
339    }
340#else
341    if (zend_parse_parameters(ZEND_NUM_ARGS(), "|sl", &host, &hostlen, &port) != SUCCESS) {
342        RETURN_FALSE;
343    }
344#endif
345
346    if (LDAPG(max_links) != -1 && LDAPG(num_links) >= LDAPG(max_links)) {
347        php_error_docref(NULL, E_WARNING, "Too many open links (%pd)", LDAPG(num_links));
348        RETURN_FALSE;
349    }
350
351    ld = ecalloc(1, sizeof(ldap_linkdata));
352
353    {
354        int rc = LDAP_SUCCESS;
355        char    *url = host;
356        if (!ldap_is_ldap_url(url)) {
357            int urllen = hostlen + sizeof( "ldap://:65535" );
358
359            if (port <= 0 || port > 65535) {
360                php_error_docref(NULL, E_WARNING, "invalid port number: %ld", port);
361                RETURN_FALSE;
362            }
363
364            url = emalloc(urllen);
365            snprintf( url, urllen, "ldap://%s:%ld", host ? host : "", port );
366        }
367
368#ifdef LDAP_API_FEATURE_X_OPENLDAP
369        /* ldap_init() is deprecated, use ldap_initialize() instead.
370         */
371        rc = ldap_initialize(&ldap, url);
372#else /* ! LDAP_API_FEATURE_X_OPENLDAP */
373        /* ldap_init does not support URLs.
374         * We must try the original host and port information.
375         */
376        ldap = ldap_init(host, port);
377        if (ldap == NULL) {
378            efree(ld);
379            php_error_docref(NULL, E_WARNING, "Could not create session handle");
380            RETURN_FALSE;
381        }
382#endif /* ! LDAP_API_FEATURE_X_OPENLDAP */
383        if (url != host) {
384            efree(url);
385        }
386        if (rc != LDAP_SUCCESS) {
387            efree(ld);
388            php_error_docref(NULL, E_WARNING, "Could not create session handle: %s", ldap_err2string(rc));
389            RETURN_FALSE;
390        }
391    }
392
393    if (ldap == NULL) {
394        efree(ld);
395        RETURN_FALSE;
396    } else {
397#ifdef HAVE_ORALDAP
398        if (ssl) {
399            if (ldap_init_SSL(&ldap->ld_sb, wallet, walletpasswd, authmode)) {
400                efree(ld);
401                php_error_docref(NULL, E_WARNING, "SSL init failed");
402                RETURN_FALSE;
403            }
404        }
405#endif
406        LDAPG(num_links)++;
407        ld->link = ldap;
408        RETURN_RES(zend_register_resource(ld, le_link));
409    }
410
411}
412/* }}} */
413
414/* {{{ _get_lderrno
415 */
416static int _get_lderrno(LDAP *ldap)
417{
418#if !HAVE_NSLDAP
419#if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
420    int lderr;
421
422    /* New versions of OpenLDAP do it this way */
423    ldap_get_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
424    return lderr;
425#else
426    return ldap->ld_errno;
427#endif
428#else
429    return ldap_get_lderrno(ldap, NULL, NULL);
430#endif
431}
432/* }}} */
433
434/* {{{ _set_lderrno
435 */
436static void _set_lderrno(LDAP *ldap, int lderr)
437{
438#if !HAVE_NSLDAP
439#if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
440    /* New versions of OpenLDAP do it this way */
441    ldap_set_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
442#else
443    ldap->ld_errno = lderr;
444#endif
445#else
446    ldap_set_lderrno(ldap, lderr, NULL, NULL);
447#endif
448}
449/* }}} */
450
451/* {{{ proto bool ldap_bind(resource link [, string dn [, string password]])
452   Bind to LDAP directory */
453PHP_FUNCTION(ldap_bind)
454{
455    zval *link;
456    char *ldap_bind_dn = NULL, *ldap_bind_pw = NULL;
457    size_t ldap_bind_dnlen, ldap_bind_pwlen;
458    ldap_linkdata *ld;
459    int rc;
460
461    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r|ss", &link, &ldap_bind_dn, &ldap_bind_dnlen, &ldap_bind_pw, &ldap_bind_pwlen) != SUCCESS) {
462        RETURN_FALSE;
463    }
464
465    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
466        RETURN_FALSE;
467    }
468
469    if (ldap_bind_dn != NULL && memchr(ldap_bind_dn, '\0', ldap_bind_dnlen) != NULL) {
470        _set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
471        php_error_docref(NULL, E_WARNING, "DN contains a null byte");
472        RETURN_FALSE;
473    }
474
475    if (ldap_bind_pw != NULL && memchr(ldap_bind_pw, '\0', ldap_bind_pwlen) != NULL) {
476        _set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
477        php_error_docref(NULL, E_WARNING, "Password contains a null byte");
478        RETURN_FALSE;
479    }
480
481    {
482#ifdef LDAP_API_FEATURE_X_OPENLDAP
483        /* ldap_simple_bind_s() is deprecated, use ldap_sasl_bind_s() instead.
484         */
485        struct berval   cred;
486
487        cred.bv_val = ldap_bind_pw;
488        cred.bv_len = ldap_bind_pw ? ldap_bind_pwlen : 0;
489        rc = ldap_sasl_bind_s(ld->link, ldap_bind_dn, LDAP_SASL_SIMPLE, &cred,
490                NULL, NULL,     /* no controls right now */
491                NULL);    /* we don't care about the server's credentials */
492#else /* ! LDAP_API_FEATURE_X_OPENLDAP */
493        rc = ldap_simple_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw);
494#endif /* ! LDAP_API_FEATURE_X_OPENLDAP */
495    }
496    if ( rc != LDAP_SUCCESS) {
497        php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
498        RETURN_FALSE;
499    } else {
500        RETURN_TRUE;
501    }
502}
503/* }}} */
504
505#ifdef HAVE_LDAP_SASL
506typedef struct {
507    char *mech;
508    char *realm;
509    char *authcid;
510    char *passwd;
511    char *authzid;
512} php_ldap_bictx;
513
514/* {{{ _php_sasl_setdefs
515 */
516static php_ldap_bictx *_php_sasl_setdefs(LDAP *ld, char *sasl_mech, char *sasl_realm, char *sasl_authc_id, char *passwd, char *sasl_authz_id)
517{
518    php_ldap_bictx *ctx;
519
520    ctx = ber_memalloc(sizeof(php_ldap_bictx));
521    ctx->mech    = (sasl_mech) ? ber_strdup(sasl_mech) : NULL;
522    ctx->realm   = (sasl_realm) ? ber_strdup(sasl_realm) : NULL;
523    ctx->authcid = (sasl_authc_id) ? ber_strdup(sasl_authc_id) : NULL;
524    ctx->passwd  = (passwd) ? ber_strdup(passwd) : NULL;
525    ctx->authzid = (sasl_authz_id) ? ber_strdup(sasl_authz_id) : NULL;
526
527    if (ctx->mech == NULL) {
528        ldap_get_option(ld, LDAP_OPT_X_SASL_MECH, &ctx->mech);
529    }
530    if (ctx->realm == NULL) {
531        ldap_get_option(ld, LDAP_OPT_X_SASL_REALM, &ctx->realm);
532    }
533    if (ctx->authcid == NULL) {
534        ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHCID, &ctx->authcid);
535    }
536    if (ctx->authzid == NULL) {
537        ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHZID, &ctx->authzid);
538    }
539
540    return ctx;
541}
542/* }}} */
543
544/* {{{ _php_sasl_freedefs
545 */
546static void _php_sasl_freedefs(php_ldap_bictx *ctx)
547{
548    if (ctx->mech) ber_memfree(ctx->mech);
549    if (ctx->realm) ber_memfree(ctx->realm);
550    if (ctx->authcid) ber_memfree(ctx->authcid);
551    if (ctx->passwd) ber_memfree(ctx->passwd);
552    if (ctx->authzid) ber_memfree(ctx->authzid);
553    ber_memfree(ctx);
554}
555/* }}} */
556
557/* {{{ _php_sasl_interact
558   Internal interact function for SASL */
559static int _php_sasl_interact(LDAP *ld, unsigned flags, void *defaults, void *in)
560{
561    sasl_interact_t *interact = in;
562    const char *p;
563    php_ldap_bictx *ctx = defaults;
564
565    for (;interact->id != SASL_CB_LIST_END;interact++) {
566        p = NULL;
567        switch(interact->id) {
568            case SASL_CB_GETREALM:
569                p = ctx->realm;
570                break;
571            case SASL_CB_AUTHNAME:
572                p = ctx->authcid;
573                break;
574            case SASL_CB_USER:
575                p = ctx->authzid;
576                break;
577            case SASL_CB_PASS:
578                p = ctx->passwd;
579                break;
580        }
581        if (p) {
582            interact->result = p;
583            interact->len = strlen(interact->result);
584        }
585    }
586    return LDAP_SUCCESS;
587}
588/* }}} */
589
590/* {{{ proto bool ldap_sasl_bind(resource link [, string binddn [, string password [, string sasl_mech [, string sasl_realm [, string sasl_authc_id [, string sasl_authz_id [, string props]]]]]]])
591   Bind to LDAP directory using SASL */
592PHP_FUNCTION(ldap_sasl_bind)
593{
594    zval *link;
595    ldap_linkdata *ld;
596    char *binddn = NULL;
597    char *passwd = NULL;
598    char *sasl_mech = NULL;
599    char *sasl_realm = NULL;
600    char *sasl_authz_id = NULL;
601    char *sasl_authc_id = NULL;
602    char *props = NULL;
603    size_t rc, dn_len, passwd_len, mech_len, realm_len, authc_id_len, authz_id_len, props_len;
604    php_ldap_bictx *ctx;
605
606    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r|sssssss", &link, &binddn, &dn_len, &passwd, &passwd_len, &sasl_mech, &mech_len, &sasl_realm, &realm_len, &sasl_authc_id, &authc_id_len, &sasl_authz_id, &authz_id_len, &props, &props_len) != SUCCESS) {
607        RETURN_FALSE;
608    }
609
610    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
611        RETURN_FALSE;
612    }
613
614    ctx = _php_sasl_setdefs(ld->link, sasl_mech, sasl_realm, sasl_authc_id, passwd, sasl_authz_id);
615
616    if (props) {
617        ldap_set_option(ld->link, LDAP_OPT_X_SASL_SECPROPS, props);
618    }
619
620    rc = ldap_sasl_interactive_bind_s(ld->link, binddn, ctx->mech, NULL, NULL, LDAP_SASL_QUIET, _php_sasl_interact, ctx);
621    if (rc != LDAP_SUCCESS) {
622        php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
623        RETVAL_FALSE;
624    } else {
625        RETVAL_TRUE;
626    }
627    _php_sasl_freedefs(ctx);
628}
629/* }}} */
630#endif /* HAVE_LDAP_SASL */
631
632/* {{{ proto bool ldap_unbind(resource link)
633   Unbind from LDAP directory */
634PHP_FUNCTION(ldap_unbind)
635{
636    zval *link;
637    ldap_linkdata *ld;
638
639    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
640        RETURN_FALSE;
641    }
642
643    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
644        RETURN_FALSE;
645    }
646
647    zend_list_close(Z_RES_P(link));
648    RETURN_TRUE;
649}
650/* }}} */
651
652/* {{{ php_set_opts
653 */
654static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, int *old_sizelimit, int *old_timelimit, int *old_deref)
655{
656    /* sizelimit */
657    if (sizelimit > -1) {
658#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
659        ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_sizelimit);
660        ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, &sizelimit);
661#else
662        *old_sizelimit = ldap->ld_sizelimit;
663        ldap->ld_sizelimit = sizelimit;
664#endif
665    }
666
667    /* timelimit */
668    if (timelimit > -1) {
669#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
670        ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_timelimit);
671        ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit);
672#else
673        *old_timelimit = ldap->ld_timelimit;
674        ldap->ld_timelimit = timelimit;
675#endif
676    }
677
678    /* deref */
679    if (deref > -1) {
680#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
681        ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_deref);
682        ldap_set_option(ldap, LDAP_OPT_DEREF, &deref);
683#else
684        *old_deref = ldap->ld_deref;
685        ldap->ld_deref = deref;
686#endif
687    }
688}
689/* }}} */
690
691/* {{{ php_ldap_do_search
692 */
693static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
694{
695    zval *link, *base_dn, *filter, *attrs = NULL, *attr;
696    zend_long attrsonly, sizelimit, timelimit, deref;
697    char *ldap_base_dn = NULL, *ldap_filter = NULL, **ldap_attrs = NULL;
698    ldap_linkdata *ld = NULL;
699    LDAPMessage *ldap_res;
700    int ldap_attrsonly = 0, ldap_sizelimit = -1, ldap_timelimit = -1, ldap_deref = -1;
701    int old_ldap_sizelimit = -1, old_ldap_timelimit = -1, old_ldap_deref = -1;
702    int num_attribs = 0, ret = 1, i, errno, argcount = ZEND_NUM_ARGS();
703
704    if (zend_parse_parameters(argcount, "zzz|allll", &link, &base_dn, &filter, &attrs, &attrsonly,
705        &sizelimit, &timelimit, &deref) == FAILURE) {
706        return;
707    }
708
709    /* Reverse -> fall through */
710    switch (argcount) {
711        case 8:
712            ldap_deref = deref;
713        case 7:
714            ldap_timelimit = timelimit;
715        case 6:
716            ldap_sizelimit = sizelimit;
717        case 5:
718            ldap_attrsonly = attrsonly;
719        case 4:
720            num_attribs = zend_hash_num_elements(Z_ARRVAL_P(attrs));
721            ldap_attrs = safe_emalloc((num_attribs+1), sizeof(char *), 0);
722
723            for (i = 0; i<num_attribs; i++) {
724                if ((attr = zend_hash_index_find(Z_ARRVAL_P(attrs), i)) == NULL) {
725                    php_error_docref(NULL, E_WARNING, "Array initialization wrong");
726                    ret = 0;
727                    goto cleanup;
728                }
729
730                SEPARATE_ZVAL(attr);
731                convert_to_string_ex(attr);
732                ldap_attrs[i] = Z_STRVAL_P(attr);
733            }
734            ldap_attrs[num_attribs] = NULL;
735        default:
736            break;
737    }
738
739    /* parallel search? */
740    if (Z_TYPE_P(link) == IS_ARRAY) {
741        int i, nlinks, nbases, nfilters, *rcs;
742        ldap_linkdata **lds;
743        zval *entry, resource;
744
745        nlinks = zend_hash_num_elements(Z_ARRVAL_P(link));
746        if (nlinks == 0) {
747            php_error_docref(NULL, E_WARNING, "No links in link array");
748            ret = 0;
749            goto cleanup;
750        }
751
752        if (Z_TYPE_P(base_dn) == IS_ARRAY) {
753            nbases = zend_hash_num_elements(Z_ARRVAL_P(base_dn));
754            if (nbases != nlinks) {
755                php_error_docref(NULL, E_WARNING, "Base must either be a string, or an array with the same number of elements as the links array");
756                ret = 0;
757                goto cleanup;
758            }
759            zend_hash_internal_pointer_reset(Z_ARRVAL_P(base_dn));
760        } else {
761            nbases = 0; /* this means string, not array */
762            /* If anything else than string is passed, ldap_base_dn = NULL */
763            if (Z_TYPE_P(base_dn) == IS_STRING) {
764                ldap_base_dn = Z_STRVAL_P(base_dn);
765            } else {
766                ldap_base_dn = NULL;
767            }
768        }
769
770        if (Z_TYPE_P(filter) == IS_ARRAY) {
771            nfilters = zend_hash_num_elements(Z_ARRVAL_P(filter));
772            if (nfilters != nlinks) {
773                php_error_docref(NULL, E_WARNING, "Filter must either be a string, or an array with the same number of elements as the links array");
774                ret = 0;
775                goto cleanup;
776            }
777            zend_hash_internal_pointer_reset(Z_ARRVAL_P(filter));
778        } else {
779            nfilters = 0; /* this means string, not array */
780            convert_to_string_ex(filter);
781            ldap_filter = Z_STRVAL_P(filter);
782        }
783
784        lds = safe_emalloc(nlinks, sizeof(ldap_linkdata), 0);
785        rcs = safe_emalloc(nlinks, sizeof(*rcs), 0);
786
787        zend_hash_internal_pointer_reset(Z_ARRVAL_P(link));
788        for (i=0; i<nlinks; i++) {
789            entry = zend_hash_get_current_data(Z_ARRVAL_P(link));
790
791            ld = (ldap_linkdata *) zend_fetch_resource_ex(entry, "ldap link", le_link);
792            if (ld == NULL) {
793                ret = 0;
794                goto cleanup_parallel;
795            }
796            if (nbases != 0) { /* base_dn an array? */
797                entry = zend_hash_get_current_data(Z_ARRVAL_P(base_dn));
798                zend_hash_move_forward(Z_ARRVAL_P(base_dn));
799
800                /* If anything else than string is passed, ldap_base_dn = NULL */
801                if (Z_TYPE_P(entry) == IS_STRING) {
802                    ldap_base_dn = Z_STRVAL_P(entry);
803                } else {
804                    ldap_base_dn = NULL;
805                }
806            }
807            if (nfilters != 0) { /* filter an array? */
808                entry = zend_hash_get_current_data(Z_ARRVAL_P(filter));
809                zend_hash_move_forward(Z_ARRVAL_P(filter));
810                convert_to_string_ex(entry);
811                ldap_filter = Z_STRVAL_P(entry);
812            }
813
814            php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
815
816            /* Run the actual search */
817            ldap_search_ext(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly, NULL, NULL, NULL, ldap_sizelimit, &rcs[i]);
818            lds[i] = ld;
819            zend_hash_move_forward(Z_ARRVAL_P(link));
820        }
821
822        array_init(return_value);
823
824        /* Collect results from the searches */
825        for (i=0; i<nlinks; i++) {
826            if (rcs[i] != -1) {
827                rcs[i] = ldap_result(lds[i]->link, LDAP_RES_ANY, 1 /* LDAP_MSG_ALL */, NULL, &ldap_res);
828            }
829            if (rcs[i] != -1) {
830                ZVAL_RES(&resource, zend_register_resource(ldap_res, le_result));
831                add_next_index_zval(return_value, &resource);
832            } else {
833                add_next_index_bool(return_value, 0);
834            }
835        }
836
837cleanup_parallel:
838        efree(lds);
839        efree(rcs);
840    } else {
841        convert_to_string_ex(filter);
842        ldap_filter = Z_STRVAL_P(filter);
843
844        /* If anything else than string is passed, ldap_base_dn = NULL */
845        if (Z_TYPE_P(base_dn) == IS_STRING) {
846            ldap_base_dn = Z_STRVAL_P(base_dn);
847        }
848
849        ld = (ldap_linkdata *) zend_fetch_resource_ex(link, "ldap link", le_link);
850        if (ld == NULL) {
851            ret = 0;
852            goto cleanup;
853        }
854
855        php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
856
857        /* Run the actual search */
858        errno = ldap_search_ext_s(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly, NULL, NULL, NULL, ldap_sizelimit, &ldap_res);
859
860        if (errno != LDAP_SUCCESS
861            && errno != LDAP_SIZELIMIT_EXCEEDED
862#ifdef LDAP_ADMINLIMIT_EXCEEDED
863            && errno != LDAP_ADMINLIMIT_EXCEEDED
864#endif
865#ifdef LDAP_REFERRAL
866            && errno != LDAP_REFERRAL
867#endif
868        ) {
869            php_error_docref(NULL, E_WARNING, "Search: %s", ldap_err2string(errno));
870            ret = 0;
871        } else {
872            if (errno == LDAP_SIZELIMIT_EXCEEDED) {
873                php_error_docref(NULL, E_WARNING, "Partial search results returned: Sizelimit exceeded");
874            }
875#ifdef LDAP_ADMINLIMIT_EXCEEDED
876            else if (errno == LDAP_ADMINLIMIT_EXCEEDED) {
877                php_error_docref(NULL, E_WARNING, "Partial search results returned: Adminlimit exceeded");
878            }
879#endif
880
881            RETVAL_RES(zend_register_resource(ldap_res, le_result));
882        }
883    }
884
885cleanup:
886    if (ld) {
887        /* Restoring previous options */
888        php_set_opts(ld->link, old_ldap_sizelimit, old_ldap_timelimit, old_ldap_deref, &ldap_sizelimit, &ldap_timelimit, &ldap_deref);
889    }
890    if (ldap_attrs != NULL) {
891        efree(ldap_attrs);
892    }
893    if (!ret) {
894        RETVAL_BOOL(ret);
895    }
896}
897/* }}} */
898
899/* {{{ proto resource ldap_read(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
900   Read an entry */
901PHP_FUNCTION(ldap_read)
902{
903    php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_BASE);
904}
905/* }}} */
906
907/* {{{ proto resource ldap_list(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
908   Single-level search */
909PHP_FUNCTION(ldap_list)
910{
911    php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_ONELEVEL);
912}
913/* }}} */
914
915/* {{{ proto resource ldap_search(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
916   Search LDAP tree under base_dn */
917PHP_FUNCTION(ldap_search)
918{
919    php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_SUBTREE);
920}
921/* }}} */
922
923/* {{{ proto bool ldap_free_result(resource result)
924   Free result memory */
925PHP_FUNCTION(ldap_free_result)
926{
927    zval *result;
928    LDAPMessage *ldap_result;
929
930    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &result) != SUCCESS) {
931        return;
932    }
933
934    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
935        RETURN_FALSE;
936    }
937
938    zend_list_close(Z_RES_P(result));  /* Delete list entry */
939    RETVAL_TRUE;
940}
941/* }}} */
942
943/* {{{ proto int ldap_count_entries(resource link, resource result)
944   Count the number of entries in a search result */
945PHP_FUNCTION(ldap_count_entries)
946{
947    zval *link, *result;
948    ldap_linkdata *ld;
949    LDAPMessage *ldap_result;
950
951    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
952        return;
953    }
954
955    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
956        RETURN_FALSE;
957    }
958
959    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
960        RETURN_FALSE;
961    }
962
963    RETURN_LONG(ldap_count_entries(ld->link, ldap_result));
964}
965/* }}} */
966
967/* {{{ proto resource ldap_first_entry(resource link, resource result)
968   Return first result id */
969PHP_FUNCTION(ldap_first_entry)
970{
971    zval *link, *result;
972    ldap_linkdata *ld;
973    ldap_resultentry *resultentry;
974    LDAPMessage *ldap_result, *entry;
975
976    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
977        return;
978    }
979
980    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
981        RETURN_FALSE;
982    }
983
984    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
985        RETURN_FALSE;
986    }
987
988    if ((entry = ldap_first_entry(ld->link, ldap_result)) == NULL) {
989        RETVAL_FALSE;
990    } else {
991        resultentry = emalloc(sizeof(ldap_resultentry));
992        RETVAL_RES(zend_register_resource(resultentry, le_result_entry));
993        ZVAL_COPY(&resultentry->res, result);
994        resultentry->data = entry;
995        resultentry->ber = NULL;
996    }
997}
998/* }}} */
999
1000/* {{{ proto resource ldap_next_entry(resource link, resource result_entry)
1001   Get next result entry */
1002PHP_FUNCTION(ldap_next_entry)
1003{
1004    zval *link, *result_entry;
1005    ldap_linkdata *ld;
1006    ldap_resultentry *resultentry, *resultentry_next;
1007    LDAPMessage *entry_next;
1008
1009    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1010        return;
1011    }
1012
1013    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1014        RETURN_FALSE;
1015    }
1016    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1017        RETURN_FALSE;
1018    }
1019
1020    if ((entry_next = ldap_next_entry(ld->link, resultentry->data)) == NULL) {
1021        RETVAL_FALSE;
1022    } else {
1023        resultentry_next = emalloc(sizeof(ldap_resultentry));
1024        RETVAL_RES(zend_register_resource(resultentry_next, le_result_entry));
1025        ZVAL_COPY(&resultentry_next->res, &resultentry->res);
1026        resultentry_next->data = entry_next;
1027        resultentry_next->ber = NULL;
1028    }
1029}
1030/* }}} */
1031
1032/* {{{ proto array ldap_get_entries(resource link, resource result)
1033   Get all result entries */
1034PHP_FUNCTION(ldap_get_entries)
1035{
1036    zval *link, *result;
1037    LDAPMessage *ldap_result, *ldap_result_entry;
1038    zval tmp1, tmp2;
1039    ldap_linkdata *ld;
1040    LDAP *ldap;
1041    int num_entries, num_attrib, num_values, i;
1042    BerElement *ber;
1043    char *attribute;
1044    size_t attr_len;
1045    struct berval **ldap_value;
1046    char *dn;
1047
1048    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
1049        return;
1050    }
1051
1052    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1053        RETURN_FALSE;
1054    }
1055    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
1056        RETURN_FALSE;
1057    }
1058
1059    ldap = ld->link;
1060    num_entries = ldap_count_entries(ldap, ldap_result);
1061
1062    array_init(return_value);
1063    add_assoc_long(return_value, "count", num_entries);
1064
1065    if (num_entries == 0) {
1066        return;
1067    }
1068
1069    ldap_result_entry = ldap_first_entry(ldap, ldap_result);
1070    if (ldap_result_entry == NULL) {
1071        zval_dtor(return_value);
1072        RETURN_FALSE;
1073    }
1074
1075    num_entries = 0;
1076    while (ldap_result_entry != NULL) {
1077        array_init(&tmp1);
1078
1079        num_attrib = 0;
1080        attribute = ldap_first_attribute(ldap, ldap_result_entry, &ber);
1081
1082        while (attribute != NULL) {
1083            ldap_value = ldap_get_values_len(ldap, ldap_result_entry, attribute);
1084            num_values = ldap_count_values_len(ldap_value);
1085
1086            array_init(&tmp2);
1087            add_assoc_long(&tmp2, "count", num_values);
1088            for (i = 0; i < num_values; i++) {
1089                add_index_stringl(&tmp2, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len);
1090            }
1091            ldap_value_free_len(ldap_value);
1092
1093            attr_len = strlen(attribute);
1094            zend_hash_str_update(Z_ARRVAL(tmp1), php_strtolower(attribute, attr_len), attr_len, &tmp2);
1095            add_index_string(&tmp1, num_attrib, attribute);
1096
1097            num_attrib++;
1098#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1099            ldap_memfree(attribute);
1100#endif
1101            attribute = ldap_next_attribute(ldap, ldap_result_entry, ber);
1102        }
1103#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1104        if (ber != NULL) {
1105            ber_free(ber, 0);
1106        }
1107#endif
1108
1109        add_assoc_long(&tmp1, "count", num_attrib);
1110        dn = ldap_get_dn(ldap, ldap_result_entry);
1111        add_assoc_string(&tmp1, "dn", dn);
1112#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1113        ldap_memfree(dn);
1114#else
1115        free(dn);
1116#endif
1117
1118        zend_hash_index_update(Z_ARRVAL_P(return_value), num_entries, &tmp1);
1119
1120        num_entries++;
1121        ldap_result_entry = ldap_next_entry(ldap, ldap_result_entry);
1122    }
1123
1124    add_assoc_long(return_value, "count", num_entries);
1125
1126}
1127/* }}} */
1128
1129/* {{{ proto string ldap_first_attribute(resource link, resource result_entry)
1130   Return first attribute */
1131PHP_FUNCTION(ldap_first_attribute)
1132{
1133    zval *link, *result_entry;
1134    ldap_linkdata *ld;
1135    ldap_resultentry *resultentry;
1136    char *attribute;
1137    zend_long dummy_ber;
1138
1139    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1140        return;
1141    }
1142
1143    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1144        RETURN_FALSE;
1145    }
1146
1147    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1148        RETURN_FALSE;
1149    }
1150
1151    if ((attribute = ldap_first_attribute(ld->link, resultentry->data, &resultentry->ber)) == NULL) {
1152        RETURN_FALSE;
1153    } else {
1154        RETVAL_STRING(attribute);
1155#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1156        ldap_memfree(attribute);
1157#endif
1158    }
1159}
1160/* }}} */
1161
1162/* {{{ proto string ldap_next_attribute(resource link, resource result_entry)
1163   Get the next attribute in result */
1164PHP_FUNCTION(ldap_next_attribute)
1165{
1166    zval *link, *result_entry;
1167    ldap_linkdata *ld;
1168    ldap_resultentry *resultentry;
1169    char *attribute;
1170    zend_long dummy_ber;
1171
1172    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1173        return;
1174    }
1175
1176    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1177        RETURN_FALSE;
1178    }
1179
1180    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1181        RETURN_FALSE;
1182    }
1183
1184    if (resultentry->ber == NULL) {
1185        php_error_docref(NULL, E_WARNING, "called before calling ldap_first_attribute() or no attributes found in result entry");
1186        RETURN_FALSE;
1187    }
1188
1189    if ((attribute = ldap_next_attribute(ld->link, resultentry->data, resultentry->ber)) == NULL) {
1190#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1191        if (resultentry->ber != NULL) {
1192            ber_free(resultentry->ber, 0);
1193            resultentry->ber = NULL;
1194        }
1195#endif
1196        RETURN_FALSE;
1197    } else {
1198        RETVAL_STRING(attribute);
1199#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1200        ldap_memfree(attribute);
1201#endif
1202    }
1203}
1204/* }}} */
1205
1206/* {{{ proto array ldap_get_attributes(resource link, resource result_entry)
1207   Get attributes from a search result entry */
1208PHP_FUNCTION(ldap_get_attributes)
1209{
1210    zval *link, *result_entry;
1211    zval tmp;
1212    ldap_linkdata *ld;
1213    ldap_resultentry *resultentry;
1214    char *attribute;
1215    struct berval **ldap_value;
1216    int i, num_values, num_attrib;
1217    BerElement *ber;
1218
1219    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1220        return;
1221    }
1222
1223    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1224        RETURN_FALSE;
1225    }
1226
1227    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1228        RETURN_FALSE;
1229    }
1230
1231    array_init(return_value);
1232    num_attrib = 0;
1233
1234    attribute = ldap_first_attribute(ld->link, resultentry->data, &ber);
1235    while (attribute != NULL) {
1236        ldap_value = ldap_get_values_len(ld->link, resultentry->data, attribute);
1237        num_values = ldap_count_values_len(ldap_value);
1238
1239        array_init(&tmp);
1240        add_assoc_long(&tmp, "count", num_values);
1241        for (i = 0; i < num_values; i++) {
1242            add_index_stringl(&tmp, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len);
1243        }
1244        ldap_value_free_len(ldap_value);
1245
1246        zend_hash_str_update(Z_ARRVAL_P(return_value), attribute, strlen(attribute), &tmp);
1247        add_index_string(return_value, num_attrib, attribute);
1248
1249        num_attrib++;
1250#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1251        ldap_memfree(attribute);
1252#endif
1253        attribute = ldap_next_attribute(ld->link, resultentry->data, ber);
1254    }
1255#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1256    if (ber != NULL) {
1257        ber_free(ber, 0);
1258    }
1259#endif
1260
1261    add_assoc_long(return_value, "count", num_attrib);
1262}
1263/* }}} */
1264
1265/* {{{ proto array ldap_get_values_len(resource link, resource result_entry, string attribute)
1266   Get all values with lengths from a result entry */
1267PHP_FUNCTION(ldap_get_values_len)
1268{
1269    zval *link, *result_entry;
1270    ldap_linkdata *ld;
1271    ldap_resultentry *resultentry;
1272    char *attr;
1273    struct berval **ldap_value_len;
1274    int i, num_values;
1275    size_t attr_len;
1276
1277    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrs", &link, &result_entry, &attr, &attr_len) != SUCCESS) {
1278        return;
1279    }
1280
1281    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1282        RETURN_FALSE;
1283    }
1284
1285    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1286        RETURN_FALSE;
1287    }
1288
1289    if ((ldap_value_len = ldap_get_values_len(ld->link, resultentry->data, attr)) == NULL) {
1290        php_error_docref(NULL, E_WARNING, "Cannot get the value(s) of attribute %s", ldap_err2string(_get_lderrno(ld->link)));
1291        RETURN_FALSE;
1292    }
1293
1294    num_values = ldap_count_values_len(ldap_value_len);
1295    array_init(return_value);
1296
1297    for (i=0; i<num_values; i++) {
1298        add_next_index_stringl(return_value, ldap_value_len[i]->bv_val, ldap_value_len[i]->bv_len);
1299    }
1300
1301    add_assoc_long(return_value, "count", num_values);
1302    ldap_value_free_len(ldap_value_len);
1303
1304}
1305/* }}} */
1306
1307/* {{{ proto string ldap_get_dn(resource link, resource result_entry)
1308   Get the DN of a result entry */
1309PHP_FUNCTION(ldap_get_dn)
1310{
1311    zval *link, *result_entry;
1312    ldap_linkdata *ld;
1313    ldap_resultentry *resultentry;
1314    char *text;
1315
1316    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1317        return;
1318    }
1319
1320    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1321        RETURN_FALSE;
1322    }
1323
1324    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1325        RETURN_FALSE;
1326    }
1327
1328    text = ldap_get_dn(ld->link, resultentry->data);
1329    if (text != NULL) {
1330        RETVAL_STRING(text);
1331#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1332        ldap_memfree(text);
1333#else
1334        free(text);
1335#endif
1336    } else {
1337        RETURN_FALSE;
1338    }
1339}
1340/* }}} */
1341
1342/* {{{ proto array ldap_explode_dn(string dn, int with_attrib)
1343   Splits DN into its component parts */
1344PHP_FUNCTION(ldap_explode_dn)
1345{
1346    zend_long with_attrib;
1347    char *dn, **ldap_value;
1348    int i, count;
1349    size_t dn_len;
1350
1351    if (zend_parse_parameters(ZEND_NUM_ARGS(), "sl", &dn, &dn_len, &with_attrib) != SUCCESS) {
1352        return;
1353    }
1354
1355    if (!(ldap_value = ldap_explode_dn(dn, with_attrib))) {
1356        /* Invalid parameters were passed to ldap_explode_dn */
1357        RETURN_FALSE;
1358    }
1359
1360    i=0;
1361    while (ldap_value[i] != NULL) i++;
1362    count = i;
1363
1364    array_init(return_value);
1365
1366    add_assoc_long(return_value, "count", count);
1367    for (i = 0; i<count; i++) {
1368        add_index_string(return_value, i, ldap_value[i]);
1369    }
1370
1371    ldap_memvfree((void **)ldap_value);
1372}
1373/* }}} */
1374
1375/* {{{ proto string ldap_dn2ufn(string dn)
1376   Convert DN to User Friendly Naming format */
1377PHP_FUNCTION(ldap_dn2ufn)
1378{
1379    char *dn, *ufn;
1380    size_t dn_len;
1381
1382    if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &dn, &dn_len) != SUCCESS) {
1383        return;
1384    }
1385
1386    ufn = ldap_dn2ufn(dn);
1387
1388    if (ufn != NULL) {
1389        RETVAL_STRING(ufn);
1390#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1391        ldap_memfree(ufn);
1392#endif
1393    } else {
1394        RETURN_FALSE;
1395    }
1396}
1397/* }}} */
1398
1399
1400/* added to fix use of ldap_modify_add for doing an ldap_add, gerrit thomson. */
1401#define PHP_LD_FULL_ADD 0xff
1402/* {{{ php_ldap_do_modify
1403 */
1404static void php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS, int oper)
1405{
1406    zval *link, *entry, *value, *ivalue;
1407    ldap_linkdata *ld;
1408    char *dn;
1409    LDAPMod **ldap_mods;
1410    int i, j, num_attribs, num_values;
1411    size_t dn_len;
1412    int *num_berval;
1413    zend_string *attribute;
1414    zend_ulong index;
1415    int is_full_add=0; /* flag for full add operation so ldap_mod_add can be put back into oper, gerrit THomson */
1416
1417    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsa", &link, &dn, &dn_len, &entry) != SUCCESS) {
1418        return;
1419    }
1420
1421    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1422        RETURN_FALSE;
1423    }
1424
1425    num_attribs = zend_hash_num_elements(Z_ARRVAL_P(entry));
1426    ldap_mods = safe_emalloc((num_attribs+1), sizeof(LDAPMod *), 0);
1427    num_berval = safe_emalloc(num_attribs, sizeof(int), 0);
1428    zend_hash_internal_pointer_reset(Z_ARRVAL_P(entry));
1429
1430    /* added by gerrit thomson to fix ldap_add using ldap_mod_add */
1431    if (oper == PHP_LD_FULL_ADD) {
1432        oper = LDAP_MOD_ADD;
1433        is_full_add = 1;
1434    }
1435    /* end additional , gerrit thomson */
1436
1437    for (i = 0; i < num_attribs; i++) {
1438        ldap_mods[i] = emalloc(sizeof(LDAPMod));
1439        ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
1440        ldap_mods[i]->mod_type = NULL;
1441
1442        if (zend_hash_get_current_key(Z_ARRVAL_P(entry), &attribute, &index) == HASH_KEY_IS_STRING) {
1443            ldap_mods[i]->mod_type = estrndup(ZSTR_VAL(attribute), ZSTR_LEN(attribute));
1444        } else {
1445            php_error_docref(NULL, E_WARNING, "Unknown attribute in the data");
1446            /* Free allocated memory */
1447            while (i >= 0) {
1448                if (ldap_mods[i]->mod_type) {
1449                    efree(ldap_mods[i]->mod_type);
1450                }
1451                efree(ldap_mods[i]);
1452                i--;
1453            }
1454            efree(num_berval);
1455            efree(ldap_mods);
1456            RETURN_FALSE;
1457        }
1458
1459        value = zend_hash_get_current_data(Z_ARRVAL_P(entry));
1460
1461        if (Z_TYPE_P(value) != IS_ARRAY) {
1462            num_values = 1;
1463        } else {
1464            num_values = zend_hash_num_elements(Z_ARRVAL_P(value));
1465        }
1466
1467        num_berval[i] = num_values;
1468        ldap_mods[i]->mod_bvalues = safe_emalloc((num_values + 1), sizeof(struct berval *), 0);
1469
1470/* allow for arrays with one element, no allowance for arrays with none but probably not required, gerrit thomson. */
1471        if ((num_values == 1) && (Z_TYPE_P(value) != IS_ARRAY)) {
1472            convert_to_string_ex(value);
1473            ldap_mods[i]->mod_bvalues[0] = (struct berval *) emalloc (sizeof(struct berval));
1474            ldap_mods[i]->mod_bvalues[0]->bv_len = Z_STRLEN_P(value);
1475            ldap_mods[i]->mod_bvalues[0]->bv_val = Z_STRVAL_P(value);
1476        } else {
1477            for (j = 0; j < num_values; j++) {
1478                if ((ivalue = zend_hash_index_find(Z_ARRVAL_P(value), j)) == NULL) {
1479                    php_error_docref(NULL, E_WARNING, "Value array must have consecutive indices 0, 1, ...");
1480                    num_berval[i] = j;
1481                    num_attribs = i + 1;
1482                    RETVAL_FALSE;
1483                    goto errexit;
1484                }
1485                convert_to_string_ex(ivalue);
1486                ldap_mods[i]->mod_bvalues[j] = (struct berval *) emalloc (sizeof(struct berval));
1487                ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_P(ivalue);
1488                ldap_mods[i]->mod_bvalues[j]->bv_val = Z_STRVAL_P(ivalue);
1489            }
1490        }
1491        ldap_mods[i]->mod_bvalues[num_values] = NULL;
1492        zend_hash_move_forward(Z_ARRVAL_P(entry));
1493    }
1494    ldap_mods[num_attribs] = NULL;
1495
1496/* check flag to see if do_mod was called to perform full add , gerrit thomson */
1497    if (is_full_add == 1) {
1498        if ((i = ldap_add_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1499            php_error_docref(NULL, E_WARNING, "Add: %s", ldap_err2string(i));
1500            RETVAL_FALSE;
1501        } else RETVAL_TRUE;
1502    } else {
1503        if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1504            php_error_docref(NULL, E_WARNING, "Modify: %s", ldap_err2string(i));
1505            RETVAL_FALSE;
1506        } else RETVAL_TRUE;
1507    }
1508
1509errexit:
1510    for (i = 0; i < num_attribs; i++) {
1511        efree(ldap_mods[i]->mod_type);
1512        for (j = 0; j < num_berval[i]; j++) {
1513            efree(ldap_mods[i]->mod_bvalues[j]);
1514        }
1515        efree(ldap_mods[i]->mod_bvalues);
1516        efree(ldap_mods[i]);
1517    }
1518    efree(num_berval);
1519    efree(ldap_mods);
1520
1521    return;
1522}
1523/* }}} */
1524
1525/* {{{ proto bool ldap_add(resource link, string dn, array entry)
1526   Add entries to LDAP directory */
1527PHP_FUNCTION(ldap_add)
1528{
1529    /* use a newly define parameter into the do_modify so ldap_mod_add can be used the way it is supposed to be used , Gerrit THomson */
1530    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, PHP_LD_FULL_ADD);
1531}
1532/* }}} */
1533
1534/* three functions for attribute base modifications, gerrit Thomson */
1535
1536/* {{{ proto bool ldap_mod_replace(resource link, string dn, array entry)
1537   Replace attribute values with new ones */
1538PHP_FUNCTION(ldap_mod_replace)
1539{
1540    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_REPLACE);
1541}
1542/* }}} */
1543
1544/* {{{ proto bool ldap_mod_add(resource link, string dn, array entry)
1545   Add attribute values to current */
1546PHP_FUNCTION(ldap_mod_add)
1547{
1548    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_ADD);
1549}
1550/* }}} */
1551
1552/* {{{ proto bool ldap_mod_del(resource link, string dn, array entry)
1553   Delete attribute values */
1554PHP_FUNCTION(ldap_mod_del)
1555{
1556    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_DELETE);
1557}
1558/* }}} */
1559
1560/* {{{ proto bool ldap_delete(resource link, string dn)
1561   Delete an entry from a directory */
1562PHP_FUNCTION(ldap_delete)
1563{
1564    zval *link;
1565    ldap_linkdata *ld;
1566    char *dn;
1567    int rc;
1568    size_t dn_len;
1569
1570    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rs", &link, &dn, &dn_len) != SUCCESS) {
1571        return;
1572    }
1573
1574    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1575        RETURN_FALSE;
1576    }
1577
1578    if ((rc = ldap_delete_ext_s(ld->link, dn, NULL, NULL)) != LDAP_SUCCESS) {
1579        php_error_docref(NULL, E_WARNING, "Delete: %s", ldap_err2string(rc));
1580        RETURN_FALSE;
1581    }
1582
1583    RETURN_TRUE;
1584}
1585/* }}} */
1586
1587/* {{{ _ldap_str_equal_to_const
1588 */
1589static int _ldap_str_equal_to_const(const char *str, uint str_len, const char *cstr)
1590{
1591    int i;
1592
1593    if (strlen(cstr) != str_len)
1594        return 0;
1595
1596    for (i = 0; i < str_len; ++i) {
1597        if (str[i] != cstr[i]) {
1598            return 0;
1599        }
1600    }
1601
1602    return 1;
1603}
1604/* }}} */
1605
1606/* {{{ _ldap_strlen_max
1607 */
1608static int _ldap_strlen_max(const char *str, uint max_len)
1609{
1610    int i;
1611
1612    for (i = 0; i < max_len; ++i) {
1613        if (str[i] == '\0') {
1614            return i;
1615        }
1616    }
1617
1618    return max_len;
1619}
1620/* }}} */
1621
1622/* {{{ _ldap_hash_fetch
1623 */
1624static void _ldap_hash_fetch(zval *hashTbl, const char *key, zval **out)
1625{
1626    *out = zend_hash_str_find(Z_ARRVAL_P(hashTbl), key, strlen(key));
1627}
1628/* }}} */
1629
1630/* {{{ proto bool ldap_modify_batch(resource link, string dn, array modifs)
1631   Perform multiple modifications as part of one operation */
1632PHP_FUNCTION(ldap_modify_batch)
1633{
1634    ldap_linkdata *ld;
1635    zval *link, *mods, *mod, *modinfo, *modval;
1636    zval *attrib, *modtype, *vals;
1637    zval *fetched;
1638    char *dn;
1639    size_t dn_len;
1640    int i, j, k;
1641    int num_mods, num_modprops, num_modvals;
1642    LDAPMod **ldap_mods;
1643    uint oper;
1644
1645    /*
1646    $mods = array(
1647        array(
1648            "attrib" => "unicodePwd",
1649            "modtype" => LDAP_MODIFY_BATCH_REMOVE,
1650            "values" => array($oldpw)
1651        ),
1652        array(
1653            "attrib" => "unicodePwd",
1654            "modtype" => LDAP_MODIFY_BATCH_ADD,
1655            "values" => array($newpw)
1656        ),
1657        array(
1658            "attrib" => "userPrincipalName",
1659            "modtype" => LDAP_MODIFY_BATCH_REPLACE,
1660            "values" => array("janitor@corp.contoso.com")
1661        ),
1662        array(
1663            "attrib" => "userCert",
1664            "modtype" => LDAP_MODIFY_BATCH_REMOVE_ALL
1665        )
1666    );
1667    */
1668
1669    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsa", &link, &dn, &dn_len, &mods) != SUCCESS) {
1670        return;
1671    }
1672
1673    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1674        RETURN_FALSE;
1675    }
1676
1677    /* perform validation */
1678    {
1679        zend_string *modkey;
1680        zend_long modtype;
1681
1682        /* to store the wrongly-typed keys */
1683        zend_ulong tmpUlong;
1684
1685        /* make sure the DN contains no NUL bytes */
1686        if (_ldap_strlen_max(dn, dn_len) != dn_len) {
1687            php_error_docref(NULL, E_WARNING, "DN must not contain NUL bytes");
1688            RETURN_FALSE;
1689        }
1690
1691        /* make sure the top level is a normal array */
1692        zend_hash_internal_pointer_reset(Z_ARRVAL_P(mods));
1693        if (zend_hash_get_current_key_type(Z_ARRVAL_P(mods)) != HASH_KEY_IS_LONG) {
1694            php_error_docref(NULL, E_WARNING, "Modifications array must not be string-indexed");
1695            RETURN_FALSE;
1696        }
1697
1698        num_mods = zend_hash_num_elements(Z_ARRVAL_P(mods));
1699
1700        for (i = 0; i < num_mods; i++) {
1701            /* is the numbering consecutive? */
1702            if ((fetched = zend_hash_index_find(Z_ARRVAL_P(mods), i)) == NULL) {
1703                php_error_docref(NULL, E_WARNING, "Modifications array must have consecutive indices 0, 1, ...");
1704                RETURN_FALSE;
1705            }
1706            mod = fetched;
1707
1708            /* is it an array? */
1709            if (Z_TYPE_P(mod) != IS_ARRAY) {
1710                php_error_docref(NULL, E_WARNING, "Each entry of modifications array must be an array itself");
1711                RETURN_FALSE;
1712            }
1713
1714            /* for the modification hashtable... */
1715            zend_hash_internal_pointer_reset(Z_ARRVAL_P(mod));
1716            num_modprops = zend_hash_num_elements(Z_ARRVAL_P(mod));
1717
1718            for (j = 0; j < num_modprops; j++) {
1719                /* are the keys strings? */
1720                if (zend_hash_get_current_key(Z_ARRVAL_P(mod), &modkey, &tmpUlong) != HASH_KEY_IS_STRING) {
1721                    php_error_docref(NULL, E_WARNING, "Each entry of modifications array must be string-indexed");
1722                    RETURN_FALSE;
1723                }
1724
1725                /* is this a valid entry? */
1726                if (
1727                    !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_ATTRIB) &&
1728                    !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_MODTYPE) &&
1729                    !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_VALUES)
1730                ) {
1731                    php_error_docref(NULL, E_WARNING, "The only allowed keys in entries of the modifications array are '" LDAP_MODIFY_BATCH_ATTRIB "', '" LDAP_MODIFY_BATCH_MODTYPE "' and '" LDAP_MODIFY_BATCH_VALUES "'");
1732                    RETURN_FALSE;
1733                }
1734
1735                fetched = zend_hash_get_current_data(Z_ARRVAL_P(mod));
1736                modinfo = fetched;
1737
1738                /* does the value type match the key? */
1739                if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_ATTRIB)) {
1740                    if (Z_TYPE_P(modinfo) != IS_STRING) {
1741                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must be a string");
1742                        RETURN_FALSE;
1743                    }
1744
1745                    if (Z_STRLEN_P(modinfo) != _ldap_strlen_max(Z_STRVAL_P(modinfo), Z_STRLEN_P(modinfo))) {
1746                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must not contain NUL bytes");
1747                        RETURN_FALSE;
1748                    }
1749                }
1750                else if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_MODTYPE)) {
1751                    if (Z_TYPE_P(modinfo) != IS_LONG) {
1752                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_MODTYPE "' value must be a long");
1753                        RETURN_FALSE;
1754                    }
1755
1756                    /* is the value in range? */
1757                    modtype = Z_LVAL_P(modinfo);
1758                    if (
1759                        modtype != LDAP_MODIFY_BATCH_ADD &&
1760                        modtype != LDAP_MODIFY_BATCH_REMOVE &&
1761                        modtype != LDAP_MODIFY_BATCH_REPLACE &&
1762                        modtype != LDAP_MODIFY_BATCH_REMOVE_ALL
1763                    ) {
1764                        php_error_docref(NULL, E_WARNING, "The '" LDAP_MODIFY_BATCH_MODTYPE "' value must match one of the LDAP_MODIFY_BATCH_* constants");
1765                        RETURN_FALSE;
1766                    }
1767
1768                    /* if it's REMOVE_ALL, there must not be a values array; otherwise, there must */
1769                    if (modtype == LDAP_MODIFY_BATCH_REMOVE_ALL) {
1770                        if (zend_hash_str_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES))) {
1771                            php_error_docref(NULL, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must not be provided");
1772                            RETURN_FALSE;
1773                        }
1774                    }
1775                    else {
1776                        if (!zend_hash_str_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES))) {
1777                            php_error_docref(NULL, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is not LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must be provided");
1778                            RETURN_FALSE;
1779                        }
1780                    }
1781                }
1782                else if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_VALUES)) {
1783                    if (Z_TYPE_P(modinfo) != IS_ARRAY) {
1784                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' value must be an array");
1785                        RETURN_FALSE;
1786                    }
1787
1788                    /* is the array not empty? */
1789                    zend_hash_internal_pointer_reset(Z_ARRVAL_P(modinfo));
1790                    num_modvals = zend_hash_num_elements(Z_ARRVAL_P(modinfo));
1791                    if (num_modvals == 0) {
1792                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have at least one element");
1793                        RETURN_FALSE;
1794                    }
1795
1796                    /* are its keys integers? */
1797                    if (zend_hash_get_current_key_type(Z_ARRVAL_P(modinfo)) != HASH_KEY_IS_LONG) {
1798                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must not be string-indexed");
1799                        RETURN_FALSE;
1800                    }
1801
1802                    /* are the keys consecutive? */
1803                    for (k = 0; k < num_modvals; k++) {
1804                        if ((fetched = zend_hash_index_find(Z_ARRVAL_P(modinfo), k)) == NULL) {
1805                            php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have consecutive indices 0, 1, ...");
1806                            RETURN_FALSE;
1807                        }
1808                        modval = fetched;
1809
1810                        /* is the data element a string? */
1811                        if (Z_TYPE_P(modval) != IS_STRING) {
1812                            php_error_docref(NULL, E_WARNING, "Each element of a '" LDAP_MODIFY_BATCH_VALUES "' array must be a string");
1813                            RETURN_FALSE;
1814                        }
1815                    }
1816                }
1817
1818                zend_hash_move_forward(Z_ARRVAL_P(mod));
1819            }
1820        }
1821    }
1822    /* validation was successful */
1823
1824    /* allocate array of modifications */
1825    ldap_mods = safe_emalloc((num_mods+1), sizeof(LDAPMod *), 0);
1826
1827    /* for each modification */
1828    for (i = 0; i < num_mods; i++) {
1829        /* allocate the modification struct */
1830        ldap_mods[i] = safe_emalloc(1, sizeof(LDAPMod), 0);
1831
1832        /* fetch the relevant data */
1833        fetched = zend_hash_index_find(Z_ARRVAL_P(mods), i);
1834        mod = fetched;
1835
1836        _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_ATTRIB, &attrib);
1837        _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_MODTYPE, &modtype);
1838        _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_VALUES, &vals);
1839
1840        /* map the modification type */
1841        switch (Z_LVAL_P(modtype)) {
1842            case LDAP_MODIFY_BATCH_ADD:
1843                oper = LDAP_MOD_ADD;
1844                break;
1845            case LDAP_MODIFY_BATCH_REMOVE:
1846            case LDAP_MODIFY_BATCH_REMOVE_ALL:
1847                oper = LDAP_MOD_DELETE;
1848                break;
1849            case LDAP_MODIFY_BATCH_REPLACE:
1850                oper = LDAP_MOD_REPLACE;
1851                break;
1852            default:
1853                php_error_docref(NULL, E_ERROR, "Unknown and uncaught modification type.");
1854                RETURN_FALSE;
1855        }
1856
1857        /* fill in the basic info */
1858        ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
1859        ldap_mods[i]->mod_type = estrndup(Z_STRVAL_P(attrib), Z_STRLEN_P(attrib));
1860
1861        if (Z_LVAL_P(modtype) == LDAP_MODIFY_BATCH_REMOVE_ALL) {
1862            /* no values */
1863            ldap_mods[i]->mod_bvalues = NULL;
1864        }
1865        else {
1866            /* allocate space for the values as part of this modification */
1867            num_modvals = zend_hash_num_elements(Z_ARRVAL_P(vals));
1868            ldap_mods[i]->mod_bvalues = safe_emalloc((num_modvals+1), sizeof(struct berval *), 0);
1869
1870            /* for each value */
1871            for (j = 0; j < num_modvals; j++) {
1872                /* fetch it */
1873                fetched = zend_hash_index_find(Z_ARRVAL_P(vals), j);
1874                modval = fetched;
1875
1876                /* allocate the data struct */
1877                ldap_mods[i]->mod_bvalues[j] = safe_emalloc(1, sizeof(struct berval), 0);
1878
1879                /* fill it */
1880                ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_P(modval);
1881                ldap_mods[i]->mod_bvalues[j]->bv_val = estrndup(Z_STRVAL_P(modval), Z_STRLEN_P(modval));
1882            }
1883
1884            /* NULL-terminate values */
1885            ldap_mods[i]->mod_bvalues[num_modvals] = NULL;
1886        }
1887    }
1888
1889    /* NULL-terminate modifications */
1890    ldap_mods[num_mods] = NULL;
1891
1892    /* perform (finally) */
1893    if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1894        php_error_docref(NULL, E_WARNING, "Batch Modify: %s", ldap_err2string(i));
1895        RETVAL_FALSE;
1896    } else RETVAL_TRUE;
1897
1898    /* clean up */
1899    {
1900        for (i = 0; i < num_mods; i++) {
1901            /* attribute */
1902            efree(ldap_mods[i]->mod_type);
1903
1904            if (ldap_mods[i]->mod_bvalues != NULL) {
1905                /* each BER value */
1906                for (j = 0; ldap_mods[i]->mod_bvalues[j] != NULL; j++) {
1907                    /* free the data bytes */
1908                    efree(ldap_mods[i]->mod_bvalues[j]->bv_val);
1909
1910                    /* free the bvalue struct */
1911                    efree(ldap_mods[i]->mod_bvalues[j]);
1912                }
1913
1914                /* the BER value array */
1915                efree(ldap_mods[i]->mod_bvalues);
1916            }
1917
1918            /* the modification */
1919            efree(ldap_mods[i]);
1920        }
1921
1922        /* the modifications array */
1923        efree(ldap_mods);
1924    }
1925}
1926/* }}} */
1927
1928/* {{{ proto int ldap_errno(resource link)
1929   Get the current ldap error number */
1930PHP_FUNCTION(ldap_errno)
1931{
1932    zval *link;
1933    ldap_linkdata *ld;
1934
1935    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
1936        return;
1937    }
1938
1939    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1940        RETURN_FALSE;
1941    }
1942
1943    RETURN_LONG(_get_lderrno(ld->link));
1944}
1945/* }}} */
1946
1947/* {{{ proto string ldap_err2str(int errno)
1948   Convert error number to error string */
1949PHP_FUNCTION(ldap_err2str)
1950{
1951    zend_long perrno;
1952
1953    if (zend_parse_parameters(ZEND_NUM_ARGS(), "l", &perrno) != SUCCESS) {
1954        return;
1955    }
1956
1957    RETURN_STRING(ldap_err2string(perrno));
1958}
1959/* }}} */
1960
1961/* {{{ proto string ldap_error(resource link)
1962   Get the current ldap error string */
1963PHP_FUNCTION(ldap_error)
1964{
1965    zval *link;
1966    ldap_linkdata *ld;
1967    int ld_errno;
1968
1969    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
1970        return;
1971    }
1972
1973    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1974        RETURN_FALSE;
1975    }
1976
1977    ld_errno = _get_lderrno(ld->link);
1978
1979    RETURN_STRING(ldap_err2string(ld_errno));
1980}
1981/* }}} */
1982
1983/* {{{ proto bool ldap_compare(resource link, string dn, string attr, string value)
1984   Determine if an entry has a specific value for one of its attributes */
1985PHP_FUNCTION(ldap_compare)
1986{
1987    zval *link;
1988    char *dn, *attr, *value;
1989    size_t dn_len, attr_len, value_len;
1990    ldap_linkdata *ld;
1991    int errno;
1992    struct berval lvalue;
1993
1994    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsss", &link, &dn, &dn_len, &attr, &attr_len, &value, &value_len) != SUCCESS) {
1995        return;
1996    }
1997
1998    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1999        RETURN_FALSE;
2000    }
2001
2002    lvalue.bv_val = value;
2003    lvalue.bv_len = value_len;
2004
2005    errno = ldap_compare_ext_s(ld->link, dn, attr, &lvalue, NULL, NULL);
2006
2007    switch (errno) {
2008        case LDAP_COMPARE_TRUE:
2009            RETURN_TRUE;
2010            break;
2011
2012        case LDAP_COMPARE_FALSE:
2013            RETURN_FALSE;
2014            break;
2015    }
2016
2017    php_error_docref(NULL, E_WARNING, "Compare: %s", ldap_err2string(errno));
2018    RETURN_LONG(-1);
2019}
2020/* }}} */
2021
2022/* {{{ proto bool ldap_sort(resource link, resource result, string sortfilter)
2023   Sort LDAP result entries */
2024PHP_FUNCTION(ldap_sort)
2025{
2026    zval *link, *result;
2027    ldap_linkdata *ld;
2028    char *sortfilter;
2029    size_t sflen;
2030    zend_resource *le;
2031
2032    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrs", &link, &result, &sortfilter, &sflen) != SUCCESS) {
2033        RETURN_FALSE;
2034    }
2035
2036    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2037        RETURN_FALSE;
2038    }
2039
2040    le = Z_RES_P(result);
2041    if (le->type != le_result) {
2042        php_error_docref(NULL, E_WARNING, "Supplied resource is not a valid ldap result resource");
2043        RETURN_FALSE;
2044    }
2045
2046    if (ldap_sort_entries(ld->link, (LDAPMessage **) &le->ptr, sflen ? sortfilter : NULL, strcmp) != LDAP_SUCCESS) {
2047        php_error_docref(NULL, E_WARNING, "%s", ldap_err2string(errno));
2048        RETURN_FALSE;
2049    }
2050
2051    RETURN_TRUE;
2052}
2053/* }}} */
2054
2055#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2056/* {{{ proto bool ldap_get_option(resource link, int option, mixed retval)
2057   Get the current value of various session-wide parameters */
2058PHP_FUNCTION(ldap_get_option)
2059{
2060    zval *link, *retval;
2061    ldap_linkdata *ld;
2062    zend_long option;
2063
2064    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rlz/", &link, &option, &retval) != SUCCESS) {
2065        return;
2066    }
2067
2068    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2069        RETURN_FALSE;
2070    }
2071
2072    switch (option) {
2073    /* options with int value */
2074    case LDAP_OPT_DEREF:
2075    case LDAP_OPT_SIZELIMIT:
2076    case LDAP_OPT_TIMELIMIT:
2077    case LDAP_OPT_PROTOCOL_VERSION:
2078    case LDAP_OPT_ERROR_NUMBER:
2079    case LDAP_OPT_REFERRALS:
2080#ifdef LDAP_OPT_RESTART
2081    case LDAP_OPT_RESTART:
2082#endif
2083        {
2084            int val;
2085
2086            if (ldap_get_option(ld->link, option, &val)) {
2087                RETURN_FALSE;
2088            }
2089            zval_ptr_dtor(retval);
2090            ZVAL_LONG(retval, val);
2091        } break;
2092#ifdef LDAP_OPT_NETWORK_TIMEOUT
2093    case LDAP_OPT_NETWORK_TIMEOUT:
2094        {
2095            struct timeval *timeout = NULL;
2096
2097            if (ldap_get_option(ld->link, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
2098                if (timeout) {
2099                    ldap_memfree(timeout);
2100                }
2101                RETURN_FALSE;
2102            }
2103            if (!timeout) {
2104                RETURN_FALSE;
2105            }
2106            zval_ptr_dtor(retval);
2107            ZVAL_LONG(retval, timeout->tv_sec);
2108            ldap_memfree(timeout);
2109        } break;
2110#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
2111    case LDAP_X_OPT_CONNECT_TIMEOUT:
2112        {
2113            int timeout;
2114
2115            if (ldap_get_option(ld->link, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
2116                RETURN_FALSE;
2117            }
2118            zval_ptr_dtor(retval);
2119            ZVAL_LONG(retval, (timeout / 1000));
2120        } break;
2121#endif
2122    /* options with string value */
2123    case LDAP_OPT_ERROR_STRING:
2124#ifdef LDAP_OPT_HOST_NAME
2125    case LDAP_OPT_HOST_NAME:
2126#endif
2127#ifdef HAVE_LDAP_SASL
2128    case LDAP_OPT_X_SASL_MECH:
2129    case LDAP_OPT_X_SASL_REALM:
2130    case LDAP_OPT_X_SASL_AUTHCID:
2131    case LDAP_OPT_X_SASL_AUTHZID:
2132#endif
2133#ifdef LDAP_OPT_MATCHED_DN
2134    case LDAP_OPT_MATCHED_DN:
2135#endif
2136        {
2137            char *val = NULL;
2138
2139            if (ldap_get_option(ld->link, option, &val) || val == NULL || *val == '\0') {
2140                if (val) {
2141                    ldap_memfree(val);
2142                }
2143                RETURN_FALSE;
2144            }
2145            zval_ptr_dtor(retval);
2146            ZVAL_STRING(retval, val);
2147            ldap_memfree(val);
2148        } break;
2149/* options not implemented
2150    case LDAP_OPT_SERVER_CONTROLS:
2151    case LDAP_OPT_CLIENT_CONTROLS:
2152    case LDAP_OPT_API_INFO:
2153    case LDAP_OPT_API_FEATURE_INFO:
2154*/
2155    default:
2156        RETURN_FALSE;
2157    }
2158    RETURN_TRUE;
2159}
2160/* }}} */
2161
2162/* {{{ proto bool ldap_set_option(resource link, int option, mixed newval)
2163   Set the value of various session-wide parameters */
2164PHP_FUNCTION(ldap_set_option)
2165{
2166    zval *link, *newval;
2167    ldap_linkdata *ld;
2168    LDAP *ldap;
2169    zend_long option;
2170
2171    if (zend_parse_parameters(ZEND_NUM_ARGS(), "zlz", &link, &option, &newval) != SUCCESS) {
2172        return;
2173    }
2174
2175    if (Z_TYPE_P(link) == IS_NULL) {
2176        ldap = NULL;
2177    } else {
2178        if ((ld = (ldap_linkdata *)zend_fetch_resource_ex(link, "ldap link", le_link)) == NULL) {
2179            RETURN_FALSE;
2180        }
2181        ldap = ld->link;
2182    }
2183
2184    switch (option) {
2185    /* options with int value */
2186    case LDAP_OPT_DEREF:
2187    case LDAP_OPT_SIZELIMIT:
2188    case LDAP_OPT_TIMELIMIT:
2189    case LDAP_OPT_PROTOCOL_VERSION:
2190    case LDAP_OPT_ERROR_NUMBER:
2191#ifdef LDAP_OPT_DEBUG_LEVEL
2192    case LDAP_OPT_DEBUG_LEVEL:
2193#endif
2194        {
2195            int val;
2196
2197            convert_to_long_ex(newval);
2198            val = Z_LVAL_P(newval);
2199            if (ldap_set_option(ldap, option, &val)) {
2200                RETURN_FALSE;
2201            }
2202        } break;
2203#ifdef LDAP_OPT_NETWORK_TIMEOUT
2204    case LDAP_OPT_NETWORK_TIMEOUT:
2205        {
2206            struct timeval timeout;
2207
2208            convert_to_long_ex(newval);
2209            timeout.tv_sec = Z_LVAL_P(newval);
2210            timeout.tv_usec = 0;
2211            if (ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
2212                RETURN_FALSE;
2213            }
2214        } break;
2215#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
2216    case LDAP_X_OPT_CONNECT_TIMEOUT:
2217        {
2218            int timeout;
2219
2220            convert_to_long_ex(newval);
2221            timeout = 1000 * Z_LVAL_P(newval); /* Convert to milliseconds */
2222            if (ldap_set_option(ldap, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
2223                RETURN_FALSE;
2224            }
2225        } break;
2226#endif
2227        /* options with string value */
2228    case LDAP_OPT_ERROR_STRING:
2229#ifdef LDAP_OPT_HOST_NAME
2230    case LDAP_OPT_HOST_NAME:
2231#endif
2232#ifdef HAVE_LDAP_SASL
2233    case LDAP_OPT_X_SASL_MECH:
2234    case LDAP_OPT_X_SASL_REALM:
2235    case LDAP_OPT_X_SASL_AUTHCID:
2236    case LDAP_OPT_X_SASL_AUTHZID:
2237#endif
2238#ifdef LDAP_OPT_MATCHED_DN
2239    case LDAP_OPT_MATCHED_DN:
2240#endif
2241        {
2242            char *val;
2243            convert_to_string_ex(newval);
2244            val = Z_STRVAL_P(newval);
2245            if (ldap_set_option(ldap, option, val)) {
2246                RETURN_FALSE;
2247            }
2248        } break;
2249        /* options with boolean value */
2250    case LDAP_OPT_REFERRALS:
2251#ifdef LDAP_OPT_RESTART
2252    case LDAP_OPT_RESTART:
2253#endif
2254        {
2255            void *val;
2256            convert_to_boolean_ex(newval);
2257            val = Z_TYPE_P(newval) == IS_TRUE
2258                ? LDAP_OPT_ON : LDAP_OPT_OFF;
2259            if (ldap_set_option(ldap, option, val)) {
2260                RETURN_FALSE;
2261            }
2262        } break;
2263        /* options with control list value */
2264    case LDAP_OPT_SERVER_CONTROLS:
2265    case LDAP_OPT_CLIENT_CONTROLS:
2266        {
2267            LDAPControl *ctrl, **ctrls, **ctrlp;
2268            zval *ctrlval, *val;
2269            int ncontrols;
2270            char error=0;
2271
2272            if ((Z_TYPE_P(newval) != IS_ARRAY) || !(ncontrols = zend_hash_num_elements(Z_ARRVAL_P(newval)))) {
2273                php_error_docref(NULL, E_WARNING, "Expected non-empty array value for this option");
2274                RETURN_FALSE;
2275            }
2276            ctrls = safe_emalloc((1 + ncontrols), sizeof(*ctrls), 0);
2277            *ctrls = NULL;
2278            ctrlp = ctrls;
2279            ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(newval), ctrlval) {
2280                if (Z_TYPE_P(ctrlval) != IS_ARRAY) {
2281                    php_error_docref(NULL, E_WARNING, "The array value must contain only arrays, where each array is a control");
2282                    error = 1;
2283                    break;
2284                }
2285                if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "oid", sizeof("oid") - 1)) == NULL) {
2286                    php_error_docref(NULL, E_WARNING, "Control must have an oid key");
2287                    error = 1;
2288                    break;
2289                }
2290                ctrl = *ctrlp = emalloc(sizeof(**ctrlp));
2291                convert_to_string_ex(val);
2292                ctrl->ldctl_oid = Z_STRVAL_P(val);
2293                if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "value", sizeof("value") - 1)) != NULL) {
2294                    convert_to_string_ex(val);
2295                    ctrl->ldctl_value.bv_val = Z_STRVAL_P(val);
2296                    ctrl->ldctl_value.bv_len = Z_STRLEN_P(val);
2297                } else {
2298                    ctrl->ldctl_value.bv_val = NULL;
2299                    ctrl->ldctl_value.bv_len = 0;
2300                }
2301                if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "iscritical", sizeof("iscritical") - 1)) != NULL) {
2302                    convert_to_boolean_ex(val);
2303                    ctrl->ldctl_iscritical = Z_TYPE_P(val) == IS_TRUE;
2304                } else {
2305                    ctrl->ldctl_iscritical = 0;
2306                }
2307
2308                ++ctrlp;
2309                *ctrlp = NULL;
2310            } ZEND_HASH_FOREACH_END();
2311            if (!error) {
2312                error = ldap_set_option(ldap, option, ctrls);
2313            }
2314            ctrlp = ctrls;
2315            while (*ctrlp) {
2316                efree(*ctrlp);
2317                ctrlp++;
2318            }
2319            efree(ctrls);
2320            if (error) {
2321                RETURN_FALSE;
2322            }
2323        } break;
2324    default:
2325        RETURN_FALSE;
2326    }
2327    RETURN_TRUE;
2328}
2329/* }}} */
2330
2331#ifdef HAVE_LDAP_PARSE_RESULT
2332/* {{{ proto bool ldap_parse_result(resource link, resource result, int errcode, string matcheddn, string errmsg, array referrals)
2333   Extract information from result */
2334PHP_FUNCTION(ldap_parse_result)
2335{
2336    zval *link, *result, *errcode, *matcheddn, *errmsg, *referrals;
2337    ldap_linkdata *ld;
2338    LDAPMessage *ldap_result;
2339    char **lreferrals, **refp;
2340    char *lmatcheddn, *lerrmsg;
2341    int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
2342
2343    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrz/|z/z/z/", &link, &result, &errcode, &matcheddn, &errmsg, &referrals) != SUCCESS) {
2344        return;
2345    }
2346
2347    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2348        RETURN_FALSE;
2349    }
2350
2351    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2352        RETURN_FALSE;
2353    }
2354
2355    rc = ldap_parse_result(ld->link, ldap_result, &lerrcode,
2356                myargcount > 3 ? &lmatcheddn : NULL,
2357                myargcount > 4 ? &lerrmsg : NULL,
2358                myargcount > 5 ? &lreferrals : NULL,
2359                NULL /* &serverctrls */,
2360                0);
2361    if (rc != LDAP_SUCCESS) {
2362        php_error_docref(NULL, E_WARNING, "Unable to parse result: %s", ldap_err2string(rc));
2363        RETURN_FALSE;
2364    }
2365
2366    zval_ptr_dtor(errcode);
2367    ZVAL_LONG(errcode, lerrcode);
2368
2369    /* Reverse -> fall through */
2370    switch (myargcount) {
2371        case 6:
2372            zval_ptr_dtor(referrals);
2373            array_init(referrals);
2374            if (lreferrals != NULL) {
2375                refp = lreferrals;
2376                while (*refp) {
2377                    add_next_index_string(referrals, *refp);
2378                    refp++;
2379                }
2380                ldap_memvfree((void**)lreferrals);
2381            }
2382        case 5:
2383            zval_ptr_dtor(errmsg);
2384            if (lerrmsg == NULL) {
2385                ZVAL_EMPTY_STRING(errmsg);
2386            } else {
2387                ZVAL_STRING(errmsg, lerrmsg);
2388                ldap_memfree(lerrmsg);
2389            }
2390        case 4:
2391            zval_ptr_dtor(matcheddn);
2392            if (lmatcheddn == NULL) {
2393                ZVAL_EMPTY_STRING(matcheddn);
2394            } else {
2395                ZVAL_STRING(matcheddn, lmatcheddn);
2396                ldap_memfree(lmatcheddn);
2397            }
2398    }
2399    RETURN_TRUE;
2400}
2401/* }}} */
2402#endif
2403
2404/* {{{ proto resource ldap_first_reference(resource link, resource result)
2405   Return first reference */
2406PHP_FUNCTION(ldap_first_reference)
2407{
2408    zval *link, *result;
2409    ldap_linkdata *ld;
2410    ldap_resultentry *resultentry;
2411    LDAPMessage *ldap_result, *entry;
2412
2413    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
2414        return;
2415    }
2416
2417    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2418        RETURN_FALSE;
2419    }
2420
2421    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2422        RETURN_FALSE;
2423    }
2424
2425    if ((entry = ldap_first_reference(ld->link, ldap_result)) == NULL) {
2426        RETVAL_FALSE;
2427    } else {
2428        resultentry = emalloc(sizeof(ldap_resultentry));
2429        RETVAL_RES(zend_register_resource(resultentry, le_result_entry));
2430        ZVAL_COPY(&resultentry->res, result);
2431        resultentry->data = entry;
2432        resultentry->ber = NULL;
2433    }
2434}
2435/* }}} */
2436
2437/* {{{ proto resource ldap_next_reference(resource link, resource reference_entry)
2438   Get next reference */
2439PHP_FUNCTION(ldap_next_reference)
2440{
2441    zval *link, *result_entry;
2442    ldap_linkdata *ld;
2443    ldap_resultentry *resultentry, *resultentry_next;
2444    LDAPMessage *entry_next;
2445
2446    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
2447        return;
2448    }
2449
2450    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2451        RETURN_FALSE;
2452    }
2453
2454    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
2455        RETURN_FALSE;
2456    }
2457
2458    if ((entry_next = ldap_next_reference(ld->link, resultentry->data)) == NULL) {
2459        RETVAL_FALSE;
2460    } else {
2461        resultentry_next = emalloc(sizeof(ldap_resultentry));
2462        RETVAL_RES(zend_register_resource(resultentry_next, le_result_entry));
2463        ZVAL_COPY(&resultentry_next->res, &resultentry->res);
2464        resultentry_next->data = entry_next;
2465        resultentry_next->ber = NULL;
2466    }
2467}
2468/* }}} */
2469
2470#ifdef HAVE_LDAP_PARSE_REFERENCE
2471/* {{{ proto bool ldap_parse_reference(resource link, resource reference_entry, array referrals)
2472   Extract information from reference entry */
2473PHP_FUNCTION(ldap_parse_reference)
2474{
2475    zval *link, *result_entry, *referrals;
2476    ldap_linkdata *ld;
2477    ldap_resultentry *resultentry;
2478    char **lreferrals, **refp;
2479
2480    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrz/", &link, &result_entry, &referrals) != SUCCESS) {
2481        return;
2482    }
2483
2484    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2485        RETURN_FALSE;
2486    }
2487
2488    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
2489        RETURN_FALSE;
2490    }
2491
2492    if (ldap_parse_reference(ld->link, resultentry->data, &lreferrals, NULL /* &serverctrls */, 0) != LDAP_SUCCESS) {
2493        RETURN_FALSE;
2494    }
2495
2496    zval_ptr_dtor(referrals);
2497    array_init(referrals);
2498    if (lreferrals != NULL) {
2499        refp = lreferrals;
2500        while (*refp) {
2501            add_next_index_string(referrals, *refp);
2502            refp++;
2503        }
2504        ldap_memvfree((void**)lreferrals);
2505    }
2506    RETURN_TRUE;
2507}
2508/* }}} */
2509#endif
2510
2511/* {{{ proto bool ldap_rename(resource link, string dn, string newrdn, string newparent, bool deleteoldrdn)
2512   Modify the name of an entry */
2513PHP_FUNCTION(ldap_rename)
2514{
2515    zval *link;
2516    ldap_linkdata *ld;
2517    int rc;
2518    char *dn, *newrdn, *newparent;
2519    size_t dn_len, newrdn_len, newparent_len;
2520    zend_bool deleteoldrdn;
2521
2522    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsssb", &link, &dn, &dn_len, &newrdn, &newrdn_len, &newparent, &newparent_len, &deleteoldrdn) != SUCCESS) {
2523        return;
2524    }
2525
2526    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2527        RETURN_FALSE;
2528    }
2529
2530    if (newparent_len == 0) {
2531        newparent = NULL;
2532    }
2533
2534#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2535    rc = ldap_rename_s(ld->link, dn, newrdn, newparent, deleteoldrdn, NULL, NULL);
2536#else
2537    if (newparent_len != 0) {
2538        php_error_docref(NULL, E_WARNING, "You are using old LDAP API, newparent must be the empty string, can only modify RDN");
2539        RETURN_FALSE;
2540    }
2541/* could support old APIs but need check for ldap_modrdn2()/ldap_modrdn() */
2542    rc = ldap_modrdn2_s(ld->link, dn, newrdn, deleteoldrdn);
2543#endif
2544
2545    if (rc == LDAP_SUCCESS) {
2546        RETURN_TRUE;
2547    }
2548    RETURN_FALSE;
2549}
2550/* }}} */
2551
2552#ifdef HAVE_LDAP_START_TLS_S
2553/* {{{ proto bool ldap_start_tls(resource link)
2554   Start TLS */
2555PHP_FUNCTION(ldap_start_tls)
2556{
2557    zval *link;
2558    ldap_linkdata *ld;
2559    int rc, protocol = LDAP_VERSION3;
2560
2561    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
2562        return;
2563    }
2564
2565    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2566        RETURN_FALSE;
2567    }
2568
2569    if (((rc = ldap_set_option(ld->link, LDAP_OPT_PROTOCOL_VERSION, &protocol)) != LDAP_SUCCESS) ||
2570        ((rc = ldap_start_tls_s(ld->link, NULL, NULL)) != LDAP_SUCCESS)
2571    ) {
2572        php_error_docref(NULL, E_WARNING,"Unable to start TLS: %s", ldap_err2string(rc));
2573        RETURN_FALSE;
2574    } else {
2575        RETURN_TRUE;
2576    }
2577}
2578/* }}} */
2579#endif
2580#endif /* (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP */
2581
2582#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
2583/* {{{ _ldap_rebind_proc()
2584*/
2585int _ldap_rebind_proc(LDAP *ldap, const char *url, ber_tag_t req, ber_int_t msgid, void *params)
2586{
2587    ldap_linkdata *ld;
2588    int retval;
2589    zval cb_args[2];
2590    zval cb_retval;
2591    zval *cb_link = (zval *) params;
2592
2593    ld = (ldap_linkdata *) zend_fetch_resource_ex(cb_link, "ldap link", le_link);
2594
2595    /* link exists and callback set? */
2596    if (ld == NULL || Z_ISUNDEF(ld->rebindproc)) {
2597        php_error_docref(NULL, E_WARNING, "Link not found or no callback set");
2598        return LDAP_OTHER;
2599    }
2600
2601    /* callback */
2602    ZVAL_COPY_VALUE(&cb_args[0], cb_link);
2603    ZVAL_STRING(&cb_args[1], url);
2604    if (call_user_function_ex(EG(function_table), NULL, &ld->rebindproc, &cb_retval, 2, cb_args, 0, NULL) == SUCCESS && !Z_ISUNDEF(cb_retval)) {
2605        convert_to_long_ex(&cb_retval);
2606        retval = Z_LVAL(cb_retval);
2607        zval_ptr_dtor(&cb_retval);
2608    } else {
2609        php_error_docref(NULL, E_WARNING, "rebind_proc PHP callback failed");
2610        retval = LDAP_OTHER;
2611    }
2612    zval_ptr_dtor(&cb_args[1]);
2613    return retval;
2614}
2615/* }}} */
2616
2617/* {{{ proto bool ldap_set_rebind_proc(resource link, string callback)
2618   Set a callback function to do re-binds on referral chasing. */
2619PHP_FUNCTION(ldap_set_rebind_proc)
2620{
2621    zval *link, *callback;
2622    ldap_linkdata *ld;
2623    zend_string *callback_name;
2624
2625    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rz", &link, &callback) != SUCCESS) {
2626        RETURN_FALSE;
2627    }
2628
2629    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2630        RETURN_FALSE;
2631    }
2632
2633    if (Z_TYPE_P(callback) == IS_STRING && Z_STRLEN_P(callback) == 0) {
2634        /* unregister rebind procedure */
2635        if (!Z_ISUNDEF(ld->rebindproc)) {
2636            zval_ptr_dtor(&ld->rebindproc);
2637            ZVAL_UNDEF(&ld->rebindproc);
2638            ldap_set_rebind_proc(ld->link, NULL, NULL);
2639        }
2640        RETURN_TRUE;
2641    }
2642
2643    /* callable? */
2644    if (!zend_is_callable(callback, 0, &callback_name)) {
2645        php_error_docref(NULL, E_WARNING, "Two arguments expected for '%s' to be a valid callback", ZSTR_VAL(callback_name));
2646        zend_string_release(callback_name);
2647        RETURN_FALSE;
2648    }
2649    zend_string_release(callback_name);
2650
2651    /* register rebind procedure */
2652    if (Z_ISUNDEF(ld->rebindproc)) {
2653        ldap_set_rebind_proc(ld->link, _ldap_rebind_proc, (void *) link);
2654    } else {
2655        zval_ptr_dtor(&ld->rebindproc);
2656    }
2657
2658    ZVAL_COPY(&ld->rebindproc, callback);
2659    RETURN_TRUE;
2660}
2661/* }}} */
2662#endif
2663
2664static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, size_t valuelen)
2665{
2666    char hex[] = "0123456789abcdef";
2667    int i, p = 0;
2668    size_t len = 0;
2669    zend_string *ret;
2670
2671    for (i = 0; i < valuelen; i++) {
2672        len += (map[(unsigned char) value[i]]) ? 3 : 1;
2673    }
2674
2675    ret =  zend_string_alloc(len, 0);
2676
2677    for (i = 0; i < valuelen; i++) {
2678        unsigned char v = (unsigned char) value[i];
2679
2680        if (map[v]) {
2681            ZSTR_VAL(ret)[p++] = '\\';
2682            ZSTR_VAL(ret)[p++] = hex[v >> 4];
2683            ZSTR_VAL(ret)[p++] = hex[v & 0x0f];
2684        } else {
2685            ZSTR_VAL(ret)[p++] = v;
2686        }
2687    }
2688
2689    ZSTR_VAL(ret)[p] = '\0';
2690    ZSTR_LEN(ret) = p;
2691    return ret;
2692}
2693
2694static void php_ldap_escape_map_set_chars(zend_bool *map, const char *chars, const int charslen, char escape)
2695{
2696    int i = 0;
2697    while (i < charslen) {
2698        map[(unsigned char) chars[i++]] = escape;
2699    }
2700}
2701
2702PHP_FUNCTION(ldap_escape)
2703{
2704    char *value, *ignores;
2705    size_t valuelen = 0, ignoreslen = 0;
2706    int i;
2707    zend_long flags = 0;
2708    zend_bool map[256] = {0}, havecharlist = 0;
2709
2710    if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|sl", &value, &valuelen, &ignores, &ignoreslen, &flags) != SUCCESS) {
2711        return;
2712    }
2713
2714    if (!valuelen) {
2715        RETURN_EMPTY_STRING();
2716    }
2717
2718    if (flags & PHP_LDAP_ESCAPE_FILTER) {
2719        havecharlist = 1;
2720        php_ldap_escape_map_set_chars(map, "\\*()\0", sizeof("\\*()\0") - 1, 1);
2721    }
2722
2723    if (flags & PHP_LDAP_ESCAPE_DN) {
2724        havecharlist = 1;
2725        php_ldap_escape_map_set_chars(map, "\\,=+<>;\"#", sizeof("\\,=+<>;\"#") - 1, 1);
2726    }
2727
2728    if (!havecharlist) {
2729        for (i = 0; i < 256; i++) {
2730            map[i] = 1;
2731        }
2732    }
2733
2734    if (ignoreslen) {
2735        php_ldap_escape_map_set_chars(map, ignores, ignoreslen, 0);
2736    }
2737
2738    RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen));
2739}
2740
2741#ifdef STR_TRANSLATION
2742/* {{{ php_ldap_do_translate
2743 */
2744static void php_ldap_do_translate(INTERNAL_FUNCTION_PARAMETERS, int way)
2745{
2746    char *value;
2747    size_t value_len;
2748    int result;
2749
2750    if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &value, &value_len) != SUCCESS) {
2751        return;
2752    }
2753
2754    if (value_len == 0) {
2755        RETURN_FALSE;
2756    }
2757
2758    if (way == 1) {
2759        result = ldap_8859_to_t61(&value, &value_len, 0);
2760    } else {
2761        result = ldap_t61_to_8859(&value, &value_len, 0);
2762    }
2763
2764    if (result == LDAP_SUCCESS) {
2765        RETVAL_STRINGL(value, value_len);
2766        free(value);
2767    } else {
2768        php_error_docref(NULL, E_WARNING, "Conversion from iso-8859-1 to t61 failed: %s", ldap_err2string(result));
2769        RETVAL_FALSE;
2770    }
2771}
2772/* }}} */
2773
2774/* {{{ proto string ldap_t61_to_8859(string value)
2775   Translate t61 characters to 8859 characters */
2776PHP_FUNCTION(ldap_t61_to_8859)
2777{
2778    php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);
2779}
2780/* }}} */
2781
2782/* {{{ proto string ldap_8859_to_t61(string value)
2783   Translate 8859 characters to t61 characters */
2784PHP_FUNCTION(ldap_8859_to_t61)
2785{
2786    php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 1);
2787}
2788/* }}} */
2789#endif
2790
2791#ifdef LDAP_CONTROL_PAGEDRESULTS
2792/* {{{ proto mixed ldap_control_paged_result(resource link, int pagesize [, bool iscritical [, string cookie]])
2793   Inject paged results control*/
2794PHP_FUNCTION(ldap_control_paged_result)
2795{
2796    zend_long pagesize;
2797    zend_bool iscritical;
2798    zval *link;
2799    char *cookie = NULL;
2800    size_t cookie_len = 0;
2801    struct berval lcookie = { 0, NULL };
2802    ldap_linkdata *ld;
2803    LDAP *ldap;
2804    BerElement *ber = NULL;
2805    LDAPControl ctrl, *ctrlsp[2];
2806    int rc, myargcount = ZEND_NUM_ARGS();
2807
2808    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rl|bs", &link, &pagesize, &iscritical, &cookie, &cookie_len) != SUCCESS) {
2809        return;
2810    }
2811
2812    if (Z_TYPE_P(link) == IS_NULL) {
2813        ldap = NULL;
2814    } else {
2815        if ((ld = (ldap_linkdata *)zend_fetch_resource_ex(link, "ldap link", le_link)) == NULL) {
2816            RETURN_FALSE;
2817        }
2818        ldap = ld->link;
2819    }
2820
2821    ber = ber_alloc_t(LBER_USE_DER);
2822    if (ber == NULL) {
2823        php_error_docref(NULL, E_WARNING, "Unable to alloc BER encoding resources for paged results control");
2824        RETURN_FALSE;
2825    }
2826
2827    ctrl.ldctl_iscritical = 0;
2828
2829    switch (myargcount) {
2830        case 4:
2831            lcookie.bv_val = cookie;
2832            lcookie.bv_len = cookie_len;
2833            /* fallthru */
2834        case 3:
2835            ctrl.ldctl_iscritical = (int)iscritical;
2836            /* fallthru */
2837    }
2838
2839    if (ber_printf(ber, "{iO}", (int)pagesize, &lcookie) == LBER_ERROR) {
2840        php_error_docref(NULL, E_WARNING, "Unable to BER printf paged results control");
2841        RETVAL_FALSE;
2842        goto lcpr_error_out;
2843    }
2844    rc = ber_flatten2(ber, &ctrl.ldctl_value, 0);
2845    if (rc == LBER_ERROR) {
2846        php_error_docref(NULL, E_WARNING, "Unable to BER encode paged results control");
2847        RETVAL_FALSE;
2848        goto lcpr_error_out;
2849    }
2850
2851    ctrl.ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
2852
2853    if (ldap) {
2854        /* directly set the option */
2855        ctrlsp[0] = &ctrl;
2856        ctrlsp[1] = NULL;
2857
2858        rc = ldap_set_option(ldap, LDAP_OPT_SERVER_CONTROLS, ctrlsp);
2859        if (rc != LDAP_SUCCESS) {
2860            php_error_docref(NULL, E_WARNING, "Unable to set paged results control: %s (%d)", ldap_err2string(rc), rc);
2861            RETVAL_FALSE;
2862            goto lcpr_error_out;
2863        }
2864        RETVAL_TRUE;
2865    } else {
2866        /* return a PHP control object */
2867        array_init(return_value);
2868
2869        add_assoc_string(return_value, "oid", ctrl.ldctl_oid);
2870        if (ctrl.ldctl_value.bv_len) {
2871            add_assoc_stringl(return_value, "value", ctrl.ldctl_value.bv_val, ctrl.ldctl_value.bv_len);
2872        }
2873        if (ctrl.ldctl_iscritical) {
2874            add_assoc_bool(return_value, "iscritical", ctrl.ldctl_iscritical);
2875        }
2876    }
2877
2878lcpr_error_out:
2879    if (ber != NULL) {
2880        ber_free(ber, 1);
2881    }
2882    return;
2883}
2884/* }}} */
2885
2886/* {{{ proto bool ldap_control_paged_result_response(resource link, resource result [, string &cookie [, int &estimated]])
2887   Extract paged results control response */
2888PHP_FUNCTION(ldap_control_paged_result_response)
2889{
2890    zval *link, *result, *cookie, *estimated;
2891    struct berval lcookie;
2892    int lestimated;
2893    ldap_linkdata *ld;
2894    LDAPMessage *ldap_result;
2895    LDAPControl **lserverctrls, *lctrl;
2896    BerElement *ber;
2897    ber_tag_t tag;
2898    int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
2899
2900    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|z/z/", &link, &result, &cookie, &estimated) != SUCCESS) {
2901        return;
2902    }
2903
2904    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2905        RETURN_FALSE;
2906    }
2907
2908    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2909        RETURN_FALSE;
2910    }
2911
2912    rc = ldap_parse_result(ld->link,
2913                ldap_result,
2914                &lerrcode,
2915                NULL,       /* matcheddn */
2916                NULL,       /* errmsg */
2917                NULL,       /* referrals */
2918                &lserverctrls,
2919                0);
2920
2921    if (rc != LDAP_SUCCESS) {
2922        php_error_docref(NULL, E_WARNING, "Unable to parse result: %s (%d)", ldap_err2string(rc), rc);
2923        RETURN_FALSE;
2924    }
2925
2926    if (lerrcode != LDAP_SUCCESS) {
2927        php_error_docref(NULL, E_WARNING, "Result is: %s (%d)", ldap_err2string(lerrcode), lerrcode);
2928        RETURN_FALSE;
2929    }
2930
2931    if (lserverctrls == NULL) {
2932        php_error_docref(NULL, E_WARNING, "No server controls in result");
2933        RETURN_FALSE;
2934    }
2935
2936    lctrl = ldap_control_find(LDAP_CONTROL_PAGEDRESULTS, lserverctrls, NULL);
2937    if (lctrl == NULL) {
2938        ldap_controls_free(lserverctrls);
2939        php_error_docref(NULL, E_WARNING, "No paged results control response in result");
2940        RETURN_FALSE;
2941    }
2942
2943    ber = ber_init(&lctrl->ldctl_value);
2944    if (ber == NULL) {
2945        ldap_controls_free(lserverctrls);
2946        php_error_docref(NULL, E_WARNING, "Unable to alloc BER decoding resources for paged results control response");
2947        RETURN_FALSE;
2948    }
2949
2950    tag = ber_scanf(ber, "{io}", &lestimated, &lcookie);
2951    (void)ber_free(ber, 1);
2952
2953    if (tag == LBER_ERROR) {
2954        ldap_controls_free(lserverctrls);
2955        php_error_docref(NULL, E_WARNING, "Unable to decode paged results control response");
2956        RETURN_FALSE;
2957    }
2958
2959    if (lestimated < 0) {
2960        ldap_controls_free(lserverctrls);
2961        php_error_docref(NULL, E_WARNING, "Invalid paged results control response value");
2962        RETURN_FALSE;
2963    }
2964
2965    ldap_controls_free(lserverctrls);
2966    if (myargcount == 4) {
2967        zval_dtor(estimated);
2968        ZVAL_LONG(estimated, lestimated);
2969    }
2970
2971    zval_ptr_dtor(cookie);
2972    if (lcookie.bv_len == 0) {
2973        ZVAL_EMPTY_STRING(cookie);
2974    } else {
2975        ZVAL_STRINGL(cookie, lcookie.bv_val, lcookie.bv_len);
2976    }
2977    ldap_memfree(lcookie.bv_val);
2978
2979    RETURN_TRUE;
2980}
2981/* }}} */
2982#endif
2983
2984/* {{{ arginfo */
2985ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_connect, 0, 0, 0)
2986    ZEND_ARG_INFO(0, hostname)
2987    ZEND_ARG_INFO(0, port)
2988#ifdef HAVE_ORALDAP
2989    ZEND_ARG_INFO(0, wallet)
2990    ZEND_ARG_INFO(0, wallet_passwd)
2991    ZEND_ARG_INFO(0, authmode)
2992#endif
2993ZEND_END_ARG_INFO()
2994
2995ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_resource, 0, 0, 1)
2996    ZEND_ARG_INFO(0, link_identifier)
2997ZEND_END_ARG_INFO()
2998
2999ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_bind, 0, 0, 1)
3000    ZEND_ARG_INFO(0, link_identifier)
3001    ZEND_ARG_INFO(0, bind_rdn)
3002    ZEND_ARG_INFO(0, bind_password)
3003ZEND_END_ARG_INFO()
3004
3005#ifdef HAVE_LDAP_SASL
3006ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sasl_bind, 0, 0, 1)
3007    ZEND_ARG_INFO(0, link)
3008    ZEND_ARG_INFO(0, binddn)
3009    ZEND_ARG_INFO(0, password)
3010    ZEND_ARG_INFO(0, sasl_mech)
3011    ZEND_ARG_INFO(0, sasl_realm)
3012    ZEND_ARG_INFO(0, sasl_authz_id)
3013    ZEND_ARG_INFO(0, props)
3014ZEND_END_ARG_INFO()
3015#endif
3016
3017ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_read, 0, 0, 3)
3018    ZEND_ARG_INFO(0, link_identifier)
3019    ZEND_ARG_INFO(0, base_dn)
3020    ZEND_ARG_INFO(0, filter)
3021    ZEND_ARG_INFO(0, attributes)
3022    ZEND_ARG_INFO(0, attrsonly)
3023    ZEND_ARG_INFO(0, sizelimit)
3024    ZEND_ARG_INFO(0, timelimit)
3025    ZEND_ARG_INFO(0, deref)
3026ZEND_END_ARG_INFO()
3027
3028ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_list, 0, 0, 3)
3029    ZEND_ARG_INFO(0, link_identifier)
3030    ZEND_ARG_INFO(0, base_dn)
3031    ZEND_ARG_INFO(0, filter)
3032    ZEND_ARG_INFO(0, attributes)
3033    ZEND_ARG_INFO(0, attrsonly)
3034    ZEND_ARG_INFO(0, sizelimit)
3035    ZEND_ARG_INFO(0, timelimit)
3036    ZEND_ARG_INFO(0, deref)
3037ZEND_END_ARG_INFO()
3038
3039ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_search, 0, 0, 3)
3040    ZEND_ARG_INFO(0, link_identifier)
3041    ZEND_ARG_INFO(0, base_dn)
3042    ZEND_ARG_INFO(0, filter)
3043    ZEND_ARG_INFO(0, attributes)
3044    ZEND_ARG_INFO(0, attrsonly)
3045    ZEND_ARG_INFO(0, sizelimit)
3046    ZEND_ARG_INFO(0, timelimit)
3047    ZEND_ARG_INFO(0, deref)
3048ZEND_END_ARG_INFO()
3049
3050ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_count_entries, 0, 0, 2)
3051    ZEND_ARG_INFO(0, link_identifier)
3052    ZEND_ARG_INFO(0, result_identifier)
3053ZEND_END_ARG_INFO()
3054
3055ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_entry, 0, 0, 2)
3056    ZEND_ARG_INFO(0, link_identifier)
3057    ZEND_ARG_INFO(0, result_identifier)
3058ZEND_END_ARG_INFO()
3059
3060ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_entry, 0, 0, 2)
3061    ZEND_ARG_INFO(0, link_identifier)
3062    ZEND_ARG_INFO(0, result_identifier)
3063ZEND_END_ARG_INFO()
3064
3065ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_entries, 0, 0, 2)
3066    ZEND_ARG_INFO(0, link_identifier)
3067    ZEND_ARG_INFO(0, result_identifier)
3068ZEND_END_ARG_INFO()
3069
3070ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_attribute, 0, 0, 2)
3071    ZEND_ARG_INFO(0, link_identifier)
3072    ZEND_ARG_INFO(0, result_entry_identifier)
3073ZEND_END_ARG_INFO()
3074
3075ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_attribute, 0, 0, 2)
3076    ZEND_ARG_INFO(0, link_identifier)
3077    ZEND_ARG_INFO(0, result_entry_identifier)
3078ZEND_END_ARG_INFO()
3079
3080ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_attributes, 0, 0, 2)
3081    ZEND_ARG_INFO(0, link_identifier)
3082    ZEND_ARG_INFO(0, result_entry_identifier)
3083ZEND_END_ARG_INFO()
3084
3085ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values, 0, 0, 3)
3086    ZEND_ARG_INFO(0, link_identifier)
3087    ZEND_ARG_INFO(0, result_entry_identifier)
3088    ZEND_ARG_INFO(0, attribute)
3089ZEND_END_ARG_INFO()
3090
3091ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values_len, 0, 0, 3)
3092    ZEND_ARG_INFO(0, link_identifier)
3093    ZEND_ARG_INFO(0, result_entry_identifier)
3094    ZEND_ARG_INFO(0, attribute)
3095ZEND_END_ARG_INFO()
3096
3097ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_dn, 0, 0, 2)
3098    ZEND_ARG_INFO(0, link_identifier)
3099    ZEND_ARG_INFO(0, result_entry_identifier)
3100ZEND_END_ARG_INFO()
3101
3102ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_explode_dn, 0, 0, 2)
3103    ZEND_ARG_INFO(0, dn)
3104    ZEND_ARG_INFO(0, with_attrib)
3105ZEND_END_ARG_INFO()
3106
3107ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_dn2ufn, 0, 0, 1)
3108    ZEND_ARG_INFO(0, dn)
3109ZEND_END_ARG_INFO()
3110
3111ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_add, 0, 0, 3)
3112    ZEND_ARG_INFO(0, link_identifier)
3113    ZEND_ARG_INFO(0, dn)
3114    ZEND_ARG_INFO(0, entry)
3115ZEND_END_ARG_INFO()
3116
3117ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_delete, 0, 0, 2)
3118    ZEND_ARG_INFO(0, link_identifier)
3119    ZEND_ARG_INFO(0, dn)
3120ZEND_END_ARG_INFO()
3121
3122ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify, 0, 0, 3)
3123    ZEND_ARG_INFO(0, link_identifier)
3124    ZEND_ARG_INFO(0, dn)
3125    ZEND_ARG_INFO(0, entry)
3126ZEND_END_ARG_INFO()
3127
3128ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify_batch, 0, 0, 3)
3129    ZEND_ARG_INFO(0, link_identifier)
3130    ZEND_ARG_INFO(0, dn)
3131    ZEND_ARG_ARRAY_INFO(0, modifications_info, 0)
3132ZEND_END_ARG_INFO()
3133
3134ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_add, 0, 0, 3)
3135    ZEND_ARG_INFO(0, link_identifier)
3136    ZEND_ARG_INFO(0, dn)
3137    ZEND_ARG_INFO(0, entry)
3138ZEND_END_ARG_INFO()
3139
3140ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_replace, 0, 0, 3)
3141    ZEND_ARG_INFO(0, link_identifier)
3142    ZEND_ARG_INFO(0, dn)
3143    ZEND_ARG_INFO(0, entry)
3144ZEND_END_ARG_INFO()
3145
3146ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_del, 0, 0, 3)
3147    ZEND_ARG_INFO(0, link_identifier)
3148    ZEND_ARG_INFO(0, dn)
3149    ZEND_ARG_INFO(0, entry)
3150ZEND_END_ARG_INFO()
3151
3152ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_err2str, 0, 0, 1)
3153    ZEND_ARG_INFO(0, errno)
3154ZEND_END_ARG_INFO()
3155
3156ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_compare, 0, 0, 4)
3157    ZEND_ARG_INFO(0, link_identifier)
3158    ZEND_ARG_INFO(0, dn)
3159    ZEND_ARG_INFO(0, attribute)
3160    ZEND_ARG_INFO(0, value)
3161ZEND_END_ARG_INFO()
3162
3163ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sort, 0, 0, 3)
3164    ZEND_ARG_INFO(0, link)
3165    ZEND_ARG_INFO(0, result)
3166    ZEND_ARG_INFO(0, sortfilter)
3167ZEND_END_ARG_INFO()
3168
3169#ifdef LDAP_CONTROL_PAGEDRESULTS
3170ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result, 0, 0, 2)
3171    ZEND_ARG_INFO(0, link)
3172    ZEND_ARG_INFO(0, pagesize)
3173    ZEND_ARG_INFO(0, iscritical)
3174    ZEND_ARG_INFO(0, cookie)
3175ZEND_END_ARG_INFO();
3176
3177ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result_response, 0, 0, 2)
3178    ZEND_ARG_INFO(0, link)
3179    ZEND_ARG_INFO(0, result)
3180    ZEND_ARG_INFO(1, cookie)
3181    ZEND_ARG_INFO(1, estimated)
3182ZEND_END_ARG_INFO();
3183#endif
3184
3185#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
3186ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_rename, 0, 0, 5)
3187    ZEND_ARG_INFO(0, link_identifier)
3188    ZEND_ARG_INFO(0, dn)
3189    ZEND_ARG_INFO(0, newrdn)
3190    ZEND_ARG_INFO(0, newparent)
3191    ZEND_ARG_INFO(0, deleteoldrdn)
3192ZEND_END_ARG_INFO()
3193
3194ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_option, 0, 0, 3)
3195    ZEND_ARG_INFO(0, link_identifier)
3196    ZEND_ARG_INFO(0, option)
3197    ZEND_ARG_INFO(1, retval)
3198ZEND_END_ARG_INFO()
3199
3200ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_option, 0, 0, 3)
3201    ZEND_ARG_INFO(0, link_identifier)
3202    ZEND_ARG_INFO(0, option)
3203    ZEND_ARG_INFO(0, newval)
3204ZEND_END_ARG_INFO()
3205
3206ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_reference, 0, 0, 2)
3207    ZEND_ARG_INFO(0, link)
3208    ZEND_ARG_INFO(0, result)
3209ZEND_END_ARG_INFO()
3210
3211ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_reference, 0, 0, 2)
3212    ZEND_ARG_INFO(0, link)
3213    ZEND_ARG_INFO(0, entry)
3214ZEND_END_ARG_INFO()
3215
3216#ifdef HAVE_LDAP_PARSE_REFERENCE
3217ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_reference, 0, 0, 3)
3218    ZEND_ARG_INFO(0, link)
3219    ZEND_ARG_INFO(0, entry)
3220    ZEND_ARG_INFO(1, referrals)
3221ZEND_END_ARG_INFO()
3222#endif
3223
3224
3225#ifdef HAVE_LDAP_PARSE_RESULT
3226ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_result, 0, 0, 3)
3227    ZEND_ARG_INFO(0, link)
3228    ZEND_ARG_INFO(0, result)
3229    ZEND_ARG_INFO(1, errcode)
3230    ZEND_ARG_INFO(1, matcheddn)
3231    ZEND_ARG_INFO(1, errmsg)
3232    ZEND_ARG_INFO(1, referrals)
3233ZEND_END_ARG_INFO()
3234#endif
3235#endif
3236
3237#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
3238ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_rebind_proc, 0, 0, 2)
3239    ZEND_ARG_INFO(0, link)
3240    ZEND_ARG_INFO(0, callback)
3241ZEND_END_ARG_INFO()
3242#endif
3243
3244ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_escape, 0, 0, 1)
3245    ZEND_ARG_INFO(0, value)
3246    ZEND_ARG_INFO(0, ignore)
3247    ZEND_ARG_INFO(0, flags)
3248ZEND_END_ARG_INFO()
3249
3250#ifdef STR_TRANSLATION
3251ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_t61_to_8859, 0, 0, 1)
3252    ZEND_ARG_INFO(0, value)
3253ZEND_END_ARG_INFO()
3254
3255ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_8859_to_t61, 0, 0, 1)
3256    ZEND_ARG_INFO(0, value)
3257ZEND_END_ARG_INFO()
3258#endif
3259/* }}} */
3260
3261/*
3262    This is just a small subset of the functionality provided by the LDAP library. All the
3263    operations are synchronous. Referrals are not handled automatically.
3264*/
3265/* {{{ ldap_functions[]
3266 */
3267const zend_function_entry ldap_functions[] = {
3268    PHP_FE(ldap_connect,                                arginfo_ldap_connect)
3269    PHP_FALIAS(ldap_close,      ldap_unbind,            arginfo_ldap_resource)
3270    PHP_FE(ldap_bind,                                   arginfo_ldap_bind)
3271#ifdef HAVE_LDAP_SASL
3272    PHP_FE(ldap_sasl_bind,                              arginfo_ldap_sasl_bind)
3273#endif
3274    PHP_FE(ldap_unbind,                                 arginfo_ldap_resource)
3275    PHP_FE(ldap_read,                                   arginfo_ldap_read)
3276    PHP_FE(ldap_list,                                   arginfo_ldap_list)
3277    PHP_FE(ldap_search,                                 arginfo_ldap_search)
3278    PHP_FE(ldap_free_result,                            arginfo_ldap_resource)
3279    PHP_FE(ldap_count_entries,                          arginfo_ldap_count_entries)
3280    PHP_FE(ldap_first_entry,                            arginfo_ldap_first_entry)
3281    PHP_FE(ldap_next_entry,                             arginfo_ldap_next_entry)
3282    PHP_FE(ldap_get_entries,                            arginfo_ldap_get_entries)
3283    PHP_FE(ldap_first_attribute,                        arginfo_ldap_first_attribute)
3284    PHP_FE(ldap_next_attribute,                         arginfo_ldap_next_attribute)
3285    PHP_FE(ldap_get_attributes,                         arginfo_ldap_get_attributes)
3286    PHP_FALIAS(ldap_get_values, ldap_get_values_len,    arginfo_ldap_get_values)
3287    PHP_FE(ldap_get_values_len,                         arginfo_ldap_get_values_len)
3288    PHP_FE(ldap_get_dn,                                 arginfo_ldap_get_dn)
3289    PHP_FE(ldap_explode_dn,                             arginfo_ldap_explode_dn)
3290    PHP_FE(ldap_dn2ufn,                                 arginfo_ldap_dn2ufn)
3291    PHP_FE(ldap_add,                                    arginfo_ldap_add)
3292    PHP_FE(ldap_delete,                                 arginfo_ldap_delete)
3293    PHP_FE(ldap_modify_batch,                           arginfo_ldap_modify_batch)
3294    PHP_FALIAS(ldap_modify,     ldap_mod_replace,       arginfo_ldap_modify)
3295
3296/* additional functions for attribute based modifications, Gerrit Thomson */
3297    PHP_FE(ldap_mod_add,                                arginfo_ldap_mod_add)
3298    PHP_FE(ldap_mod_replace,                            arginfo_ldap_mod_replace)
3299    PHP_FE(ldap_mod_del,                                arginfo_ldap_mod_del)
3300/* end gjt mod */
3301
3302    PHP_FE(ldap_errno,                                  arginfo_ldap_resource)
3303    PHP_FE(ldap_err2str,                                arginfo_ldap_err2str)
3304    PHP_FE(ldap_error,                                  arginfo_ldap_resource)
3305    PHP_FE(ldap_compare,                                arginfo_ldap_compare)
3306    PHP_DEP_FE(ldap_sort,                                   arginfo_ldap_sort)
3307
3308#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
3309    PHP_FE(ldap_rename,                                 arginfo_ldap_rename)
3310    PHP_FE(ldap_get_option,                             arginfo_ldap_get_option)
3311    PHP_FE(ldap_set_option,                             arginfo_ldap_set_option)
3312    PHP_FE(ldap_first_reference,                        arginfo_ldap_first_reference)
3313    PHP_FE(ldap_next_reference,                         arginfo_ldap_next_reference)
3314#ifdef HAVE_LDAP_PARSE_REFERENCE
3315    PHP_FE(ldap_parse_reference,                        arginfo_ldap_parse_reference)
3316#endif
3317#ifdef HAVE_LDAP_PARSE_RESULT
3318    PHP_FE(ldap_parse_result,                           arginfo_ldap_parse_result)
3319#endif
3320#ifdef HAVE_LDAP_START_TLS_S
3321    PHP_FE(ldap_start_tls,                              arginfo_ldap_resource)
3322#endif
3323#endif
3324
3325#if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
3326    PHP_FE(ldap_set_rebind_proc,                        arginfo_ldap_set_rebind_proc)
3327#endif
3328
3329    PHP_FE(ldap_escape,                                 arginfo_ldap_escape)
3330
3331#ifdef STR_TRANSLATION
3332    PHP_FE(ldap_t61_to_8859,                            arginfo_ldap_t61_to_8859)
3333    PHP_FE(ldap_8859_to_t61,                            arginfo_ldap_8859_to_t61)
3334#endif
3335
3336#ifdef LDAP_CONTROL_PAGEDRESULTS
3337    PHP_FE(ldap_control_paged_result,                           arginfo_ldap_control_paged_result)
3338    PHP_FE(ldap_control_paged_result_response,      arginfo_ldap_control_paged_result_response)
3339#endif
3340    PHP_FE_END
3341};
3342/* }}} */
3343
3344zend_module_entry ldap_module_entry = { /* {{{ */
3345    STANDARD_MODULE_HEADER,
3346    "ldap",
3347    ldap_functions,
3348    PHP_MINIT(ldap),
3349    PHP_MSHUTDOWN(ldap),
3350    NULL,
3351    NULL,
3352    PHP_MINFO(ldap),
3353    PHP_LDAP_VERSION,
3354    PHP_MODULE_GLOBALS(ldap),
3355    PHP_GINIT(ldap),
3356    NULL,
3357    NULL,
3358    STANDARD_MODULE_PROPERTIES_EX
3359};
3360/* }}} */
3361
3362/*
3363 * Local variables:
3364 * tab-width: 4
3365 * c-basic-offset: 4
3366 * End:
3367 * vim600: sw=4 ts=4 fdm=marker
3368 * vim<600: sw=4 ts=4
3369 */
3370