1/*
2   +----------------------------------------------------------------------+
3   | PHP Version 7                                                        |
4   +----------------------------------------------------------------------+
5   | Copyright (c) 1997-2015 The PHP Group                                |
6   +----------------------------------------------------------------------+
7   | This source file is subject to version 3.01 of the PHP license,      |
8   | that is bundled with this package in the file LICENSE, and is        |
9   | available through the world-wide-web at the following url:           |
10   | http://www.php.net/license/3_01.txt                                  |
11   | If you did not receive a copy of the PHP license and are unable to   |
12   | obtain it through the world-wide-web, please send a note to          |
13   | license@php.net so we can mail you a copy immediately.               |
14   +----------------------------------------------------------------------+
15   | Authors: Amitay Isaacs  <amitay@w-o-i.com>                           |
16   |          Eric Warnke    <ericw@albany.edu>                           |
17   |          Rasmus Lerdorf <rasmus@php.net>                             |
18   |          Gerrit Thomson <334647@swin.edu.au>                         |
19   |          Jani Taskinen  <sniper@iki.fi>                              |
20   |          Stig Venaas    <venaas@uninett.no>                          |
21   |          Doug Goldstein <cardoe@cardoe.com>                          |
22   | PHP 4.0 updates:  Zeev Suraski <zeev@zend.com>                       |
23   +----------------------------------------------------------------------+
24 */
25
26/* $Id: 945f065a768b91494e6fe2d20573efd99e8fe166 $ */
27#define IS_EXT_MODULE
28
29#ifdef HAVE_CONFIG_H
30#include "config.h"
31#endif
32
33/* Additional headers for NetWare */
34#if defined(NETWARE) && (NEW_LIBC)
35#include <sys/select.h>
36#include <sys/timeval.h>
37#endif
38
39#include "php.h"
40#include "php_ini.h"
41
42#include <stddef.h>
43
44#include "ext/standard/dl.h"
45#include "php_ldap.h"
46
47#ifdef PHP_WIN32
48#include <string.h>
49#include "config.w32.h"
50#if HAVE_NSLDAP
51#include <winsock2.h>
52#endif
53#define strdup _strdup
54#undef WINDOWS
55#undef strcasecmp
56#undef strncasecmp
57#define WINSOCK 1
58#define __STDC__ 1
59#endif
60
61#include "ext/standard/php_string.h"
62#include "ext/standard/info.h"
63
64#ifdef HAVE_LDAP_SASL_H
65#include <sasl.h>
66#elif defined(HAVE_LDAP_SASL_SASL_H)
67#include <sasl/sasl.h>
68#endif
69
70#define PHP_LDAP_ESCAPE_FILTER 0x01
71#define PHP_LDAP_ESCAPE_DN     0x02
72
73typedef struct {
74    LDAP *link;
75#if defined(HAVE_3ARG_SETREBINDPROC)
76    zval rebindproc;
77#endif
78} ldap_linkdata;
79
80typedef struct {
81    LDAPMessage *data;
82    BerElement  *ber;
83    zval         res;
84} ldap_resultentry;
85
86ZEND_DECLARE_MODULE_GLOBALS(ldap)
87static PHP_GINIT_FUNCTION(ldap);
88
89static int le_link, le_result, le_result_entry;
90
91#ifdef COMPILE_DL_LDAP
92ZEND_GET_MODULE(ldap)
93#endif
94
95static void _close_ldap_link(zend_resource *rsrc) /* {{{ */
96{
97    ldap_linkdata *ld = (ldap_linkdata *)rsrc->ptr;
98
99    /* ldap_unbind_s() is deprecated;
100     * the distinction between ldap_unbind() and ldap_unbind_s() is moot */
101    ldap_unbind_ext(ld->link, NULL, NULL);
102#ifdef HAVE_3ARG_SETREBINDPROC
103    zval_ptr_dtor(&ld->rebindproc);
104#endif
105
106    efree(ld);
107    LDAPG(num_links)--;
108}
109/* }}} */
110
111static void _free_ldap_result(zend_resource *rsrc) /* {{{ */
112{
113    LDAPMessage *result = (LDAPMessage *)rsrc->ptr;
114    ldap_msgfree(result);
115}
116/* }}} */
117
118static void _free_ldap_result_entry(zend_resource *rsrc) /* {{{ */
119{
120    ldap_resultentry *entry = (ldap_resultentry *)rsrc->ptr;
121
122    if (entry->ber != NULL) {
123        ber_free(entry->ber, 0);
124        entry->ber = NULL;
125    }
126    zval_ptr_dtor(&entry->res);
127    efree(entry);
128}
129/* }}} */
130
131/* {{{ PHP_INI_BEGIN
132 */
133PHP_INI_BEGIN()
134    STD_PHP_INI_ENTRY_EX("ldap.max_links", "-1", PHP_INI_SYSTEM, OnUpdateLong, max_links, zend_ldap_globals, ldap_globals, display_link_numbers)
135PHP_INI_END()
136/* }}} */
137
138/* {{{ PHP_GINIT_FUNCTION
139 */
140static PHP_GINIT_FUNCTION(ldap)
141{
142    ldap_globals->num_links = 0;
143}
144/* }}} */
145
146/* {{{ PHP_MINIT_FUNCTION
147 */
148PHP_MINIT_FUNCTION(ldap)
149{
150    REGISTER_INI_ENTRIES();
151
152    /* Constants to be used with deref-parameter in php_ldap_do_search() */
153    REGISTER_LONG_CONSTANT("LDAP_DEREF_NEVER", LDAP_DEREF_NEVER, CONST_PERSISTENT | CONST_CS);
154    REGISTER_LONG_CONSTANT("LDAP_DEREF_SEARCHING", LDAP_DEREF_SEARCHING, CONST_PERSISTENT | CONST_CS);
155    REGISTER_LONG_CONSTANT("LDAP_DEREF_FINDING", LDAP_DEREF_FINDING, CONST_PERSISTENT | CONST_CS);
156    REGISTER_LONG_CONSTANT("LDAP_DEREF_ALWAYS", LDAP_DEREF_ALWAYS, CONST_PERSISTENT | CONST_CS);
157
158    /* Constants to be used with ldap_modify_batch() */
159    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_ADD", LDAP_MODIFY_BATCH_ADD, CONST_PERSISTENT | CONST_CS);
160    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE", LDAP_MODIFY_BATCH_REMOVE, CONST_PERSISTENT | CONST_CS);
161    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REMOVE_ALL", LDAP_MODIFY_BATCH_REMOVE_ALL, CONST_PERSISTENT | CONST_CS);
162    REGISTER_LONG_CONSTANT("LDAP_MODIFY_BATCH_REPLACE", LDAP_MODIFY_BATCH_REPLACE, CONST_PERSISTENT | CONST_CS);
163    REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_ATTRIB", LDAP_MODIFY_BATCH_ATTRIB, CONST_PERSISTENT | CONST_CS);
164    REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_MODTYPE", LDAP_MODIFY_BATCH_MODTYPE, CONST_PERSISTENT | CONST_CS);
165    REGISTER_STRING_CONSTANT("LDAP_MODIFY_BATCH_VALUES", LDAP_MODIFY_BATCH_VALUES, CONST_PERSISTENT | CONST_CS);
166
167#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
168    /* LDAP options */
169    REGISTER_LONG_CONSTANT("LDAP_OPT_DEREF", LDAP_OPT_DEREF, CONST_PERSISTENT | CONST_CS);
170    REGISTER_LONG_CONSTANT("LDAP_OPT_SIZELIMIT", LDAP_OPT_SIZELIMIT, CONST_PERSISTENT | CONST_CS);
171    REGISTER_LONG_CONSTANT("LDAP_OPT_TIMELIMIT", LDAP_OPT_TIMELIMIT, CONST_PERSISTENT | CONST_CS);
172#ifdef LDAP_OPT_NETWORK_TIMEOUT
173    REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_OPT_NETWORK_TIMEOUT, CONST_PERSISTENT | CONST_CS);
174#elif defined (LDAP_X_OPT_CONNECT_TIMEOUT)
175    REGISTER_LONG_CONSTANT("LDAP_OPT_NETWORK_TIMEOUT", LDAP_X_OPT_CONNECT_TIMEOUT, CONST_PERSISTENT | CONST_CS);
176#endif
177    REGISTER_LONG_CONSTANT("LDAP_OPT_PROTOCOL_VERSION", LDAP_OPT_PROTOCOL_VERSION, CONST_PERSISTENT | CONST_CS);
178    REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_NUMBER", LDAP_OPT_ERROR_NUMBER, CONST_PERSISTENT | CONST_CS);
179    REGISTER_LONG_CONSTANT("LDAP_OPT_REFERRALS", LDAP_OPT_REFERRALS, CONST_PERSISTENT | CONST_CS);
180#ifdef LDAP_OPT_RESTART
181    REGISTER_LONG_CONSTANT("LDAP_OPT_RESTART", LDAP_OPT_RESTART, CONST_PERSISTENT | CONST_CS);
182#endif
183#ifdef LDAP_OPT_HOST_NAME
184    REGISTER_LONG_CONSTANT("LDAP_OPT_HOST_NAME", LDAP_OPT_HOST_NAME, CONST_PERSISTENT | CONST_CS);
185#endif
186    REGISTER_LONG_CONSTANT("LDAP_OPT_ERROR_STRING", LDAP_OPT_ERROR_STRING, CONST_PERSISTENT | CONST_CS);
187#ifdef LDAP_OPT_MATCHED_DN
188    REGISTER_LONG_CONSTANT("LDAP_OPT_MATCHED_DN", LDAP_OPT_MATCHED_DN, CONST_PERSISTENT | CONST_CS);
189#endif
190    REGISTER_LONG_CONSTANT("LDAP_OPT_SERVER_CONTROLS", LDAP_OPT_SERVER_CONTROLS, CONST_PERSISTENT | CONST_CS);
191    REGISTER_LONG_CONSTANT("LDAP_OPT_CLIENT_CONTROLS", LDAP_OPT_CLIENT_CONTROLS, CONST_PERSISTENT | CONST_CS);
192#endif
193#ifdef LDAP_OPT_DEBUG_LEVEL
194    REGISTER_LONG_CONSTANT("LDAP_OPT_DEBUG_LEVEL", LDAP_OPT_DEBUG_LEVEL, CONST_PERSISTENT | CONST_CS);
195#endif
196
197#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
198    REGISTER_LONG_CONSTANT("LDAP_OPT_DIAGNOSTIC_MESSAGE", LDAP_OPT_DIAGNOSTIC_MESSAGE, CONST_PERSISTENT | CONST_CS);
199#endif
200
201#ifdef HAVE_LDAP_SASL
202    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_MECH", LDAP_OPT_X_SASL_MECH, CONST_PERSISTENT | CONST_CS);
203    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_REALM", LDAP_OPT_X_SASL_REALM, CONST_PERSISTENT | CONST_CS);
204    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHCID", LDAP_OPT_X_SASL_AUTHCID, CONST_PERSISTENT | CONST_CS);
205    REGISTER_LONG_CONSTANT("LDAP_OPT_X_SASL_AUTHZID", LDAP_OPT_X_SASL_AUTHZID, CONST_PERSISTENT | CONST_CS);
206#endif
207
208#ifdef ORALDAP
209    REGISTER_LONG_CONSTANT("GSLC_SSL_NO_AUTH", GSLC_SSL_NO_AUTH, CONST_PERSISTENT | CONST_CS);
210    REGISTER_LONG_CONSTANT("GSLC_SSL_ONEWAY_AUTH", GSLC_SSL_ONEWAY_AUTH, CONST_PERSISTENT | CONST_CS);
211    REGISTER_LONG_CONSTANT("GSLC_SSL_TWOWAY_AUTH", GSLC_SSL_TWOWAY_AUTH, CONST_PERSISTENT | CONST_CS);
212#endif
213
214    REGISTER_LONG_CONSTANT("LDAP_ESCAPE_FILTER", PHP_LDAP_ESCAPE_FILTER, CONST_PERSISTENT | CONST_CS);
215    REGISTER_LONG_CONSTANT("LDAP_ESCAPE_DN", PHP_LDAP_ESCAPE_DN, CONST_PERSISTENT | CONST_CS);
216
217    le_link = zend_register_list_destructors_ex(_close_ldap_link, NULL, "ldap link", module_number);
218    le_result = zend_register_list_destructors_ex(_free_ldap_result, NULL, "ldap result", module_number);
219    le_result_entry = zend_register_list_destructors_ex(_free_ldap_result_entry, NULL, "ldap result entry", module_number);
220
221    ldap_module_entry.type = type;
222
223    return SUCCESS;
224}
225/* }}} */
226
227/* {{{ PHP_MSHUTDOWN_FUNCTION
228 */
229PHP_MSHUTDOWN_FUNCTION(ldap)
230{
231    UNREGISTER_INI_ENTRIES();
232    return SUCCESS;
233}
234/* }}} */
235
236/* {{{ PHP_MINFO_FUNCTION
237 */
238PHP_MINFO_FUNCTION(ldap)
239{
240    char tmp[32];
241#if HAVE_NSLDAP
242    LDAPVersion ver;
243    double SDKVersion;
244#endif
245
246    php_info_print_table_start();
247    php_info_print_table_row(2, "LDAP Support", "enabled");
248    php_info_print_table_row(2, "RCS Version", "$Id: 945f065a768b91494e6fe2d20573efd99e8fe166 $");
249
250    if (LDAPG(max_links) == -1) {
251        snprintf(tmp, 31, ZEND_LONG_FMT "/unlimited", LDAPG(num_links));
252    } else {
253        snprintf(tmp, 31, ZEND_LONG_FMT "/" ZEND_LONG_FMT, LDAPG(num_links), LDAPG(max_links));
254    }
255    php_info_print_table_row(2, "Total Links", tmp);
256
257#ifdef LDAP_API_VERSION
258    snprintf(tmp, 31, "%d", LDAP_API_VERSION);
259    php_info_print_table_row(2, "API Version", tmp);
260#endif
261
262#ifdef LDAP_VENDOR_NAME
263    php_info_print_table_row(2, "Vendor Name", LDAP_VENDOR_NAME);
264#endif
265
266#ifdef LDAP_VENDOR_VERSION
267    snprintf(tmp, 31, "%d", LDAP_VENDOR_VERSION);
268    php_info_print_table_row(2, "Vendor Version", tmp);
269#endif
270
271#if HAVE_NSLDAP
272    SDKVersion = ldap_version(&ver);
273    snprintf(tmp, 31, "%F", SDKVersion/100.0);
274    php_info_print_table_row(2, "SDK Version", tmp);
275
276    snprintf(tmp, 31, "%F", ver.protocol_version/100.0);
277    php_info_print_table_row(2, "Highest LDAP Protocol Supported", tmp);
278
279    snprintf(tmp, 31, "%F", ver.SSL_version/100.0);
280    php_info_print_table_row(2, "SSL Level Supported", tmp);
281
282    if (ver.security_level != LDAP_SECURITY_NONE) {
283        snprintf(tmp, 31, "%d", ver.security_level);
284    } else {
285        strcpy(tmp, "SSL not enabled");
286    }
287    php_info_print_table_row(2, "Level of Encryption", tmp);
288#endif
289
290#ifdef HAVE_LDAP_SASL
291    php_info_print_table_row(2, "SASL Support", "Enabled");
292#endif
293
294    php_info_print_table_end();
295    DISPLAY_INI_ENTRIES();
296}
297/* }}} */
298
299/* {{{ proto resource ldap_connect([string host [, int port [, string wallet [, string wallet_passwd [, int authmode]]]]])
300   Connect to an LDAP server */
301PHP_FUNCTION(ldap_connect)
302{
303    char *host = NULL;
304    size_t hostlen = 0;
305    zend_long port = LDAP_PORT;
306#ifdef HAVE_ORALDAP
307    char *wallet = NULL, *walletpasswd = NULL;
308    size_t walletlen = 0, walletpasswdlen = 0;
309    zend_long authmode = GSLC_SSL_NO_AUTH;
310    int ssl=0;
311#endif
312    ldap_linkdata *ld;
313    LDAP *ldap = NULL;
314
315#ifdef HAVE_ORALDAP
316    if (ZEND_NUM_ARGS() == 3 || ZEND_NUM_ARGS() == 4) {
317        WRONG_PARAM_COUNT;
318    }
319
320    if (zend_parse_parameters(ZEND_NUM_ARGS(), "|slssl", &host, &hostlen, &port, &wallet, &walletlen, &walletpasswd, &walletpasswdlen, &authmode) != SUCCESS) {
321        RETURN_FALSE;
322    }
323
324    if (ZEND_NUM_ARGS() == 5) {
325        ssl = 1;
326    }
327#else
328    if (zend_parse_parameters(ZEND_NUM_ARGS(), "|sl", &host, &hostlen, &port) != SUCCESS) {
329        RETURN_FALSE;
330    }
331#endif
332
333    if (LDAPG(max_links) != -1 && LDAPG(num_links) >= LDAPG(max_links)) {
334        php_error_docref(NULL, E_WARNING, "Too many open links (%pd)", LDAPG(num_links));
335        RETURN_FALSE;
336    }
337
338    ld = ecalloc(1, sizeof(ldap_linkdata));
339
340    /* OpenLDAP provides a specific call to detect valid LDAP URIs;
341     * ldap_init()/ldap_open() is deprecated, use ldap_initialize() instead.
342     */
343    {
344        int rc;
345        char    *url = host;
346        if (!ldap_is_ldap_url(url)) {
347            int urllen = hostlen + sizeof( "ldap://:65535" );
348
349            if (port <= 0 || port > 65535) {
350                php_error_docref(NULL, E_WARNING, "invalid port number: %ld", port);
351                RETURN_FALSE;
352            }
353
354            url = emalloc(urllen);
355            snprintf( url, urllen, "ldap://%s:%ld", host ? host : "", port );
356        }
357
358        rc = ldap_initialize(&ldap, url);
359        if (url != host) {
360            efree(url);
361        }
362        if (rc != LDAP_SUCCESS) {
363            efree(ld);
364            php_error_docref(NULL, E_WARNING, "Could not create session handle: %s", ldap_err2string(rc));
365            RETURN_FALSE;
366        }
367    }
368
369    if (ldap == NULL) {
370        efree(ld);
371        RETURN_FALSE;
372    } else {
373#ifdef HAVE_ORALDAP
374        if (ssl) {
375            if (ldap_init_SSL(&ldap->ld_sb, wallet, walletpasswd, authmode)) {
376                efree(ld);
377                php_error_docref(NULL, E_WARNING, "SSL init failed");
378                RETURN_FALSE;
379            }
380        }
381#endif
382        LDAPG(num_links)++;
383        ld->link = ldap;
384        RETURN_RES(zend_register_resource(ld, le_link));
385    }
386
387}
388/* }}} */
389
390/* {{{ _get_lderrno
391 */
392static int _get_lderrno(LDAP *ldap)
393{
394#if !HAVE_NSLDAP
395#if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
396    int lderr;
397
398    /* New versions of OpenLDAP do it this way */
399    ldap_get_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
400    return lderr;
401#else
402    return ldap->ld_errno;
403#endif
404#else
405    return ldap_get_lderrno(ldap, NULL, NULL);
406#endif
407}
408/* }}} */
409
410/* {{{ _set_lderrno
411 */
412static void _set_lderrno(LDAP *ldap, int lderr)
413{
414#if !HAVE_NSLDAP
415#if LDAP_API_VERSION > 2000 || HAVE_ORALDAP
416    /* New versions of OpenLDAP do it this way */
417    ldap_set_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
418#else
419    ldap->ld_errno = lderr;
420#endif
421#else
422    ldap_set_lderrno(ldap, lderr, NULL, NULL);
423#endif
424}
425/* }}} */
426
427/* {{{ proto bool ldap_bind(resource link [, string dn [, string password]])
428   Bind to LDAP directory */
429PHP_FUNCTION(ldap_bind)
430{
431    zval *link;
432    char *ldap_bind_dn = NULL, *ldap_bind_pw = NULL;
433    size_t ldap_bind_dnlen, ldap_bind_pwlen;
434    ldap_linkdata *ld;
435    int rc;
436
437    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r|ss", &link, &ldap_bind_dn, &ldap_bind_dnlen, &ldap_bind_pw, &ldap_bind_pwlen) != SUCCESS) {
438        RETURN_FALSE;
439    }
440
441    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
442        RETURN_FALSE;
443    }
444
445    if (ldap_bind_dn != NULL && memchr(ldap_bind_dn, '\0', ldap_bind_dnlen) != NULL) {
446        _set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
447        php_error_docref(NULL, E_WARNING, "DN contains a null byte");
448        RETURN_FALSE;
449    }
450
451    if (ldap_bind_pw != NULL && memchr(ldap_bind_pw, '\0', ldap_bind_pwlen) != NULL) {
452        _set_lderrno(ld->link, LDAP_INVALID_CREDENTIALS);
453        php_error_docref(NULL, E_WARNING, "Password contains a null byte");
454        RETURN_FALSE;
455    }
456
457    {
458        struct berval   cred;
459
460        /* ldap_bind_s() is deprecated; use ldap_sasl_bind_s() instead */
461        cred.bv_val = ldap_bind_pw;
462        cred.bv_len = ldap_bind_pw ? ldap_bind_pwlen : 0;
463        rc = ldap_sasl_bind_s(ld->link, ldap_bind_dn, LDAP_SASL_SIMPLE, &cred,
464                NULL, NULL,     /* no controls right now */
465                NULL);    /* we don't care about the server's credentials */
466    }
467    if ( rc != LDAP_SUCCESS) {
468        php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
469        RETURN_FALSE;
470    } else {
471        RETURN_TRUE;
472    }
473}
474/* }}} */
475
476#ifdef HAVE_LDAP_SASL
477typedef struct {
478    char *mech;
479    char *realm;
480    char *authcid;
481    char *passwd;
482    char *authzid;
483} php_ldap_bictx;
484
485/* {{{ _php_sasl_setdefs
486 */
487static php_ldap_bictx *_php_sasl_setdefs(LDAP *ld, char *sasl_mech, char *sasl_realm, char *sasl_authc_id, char *passwd, char *sasl_authz_id)
488{
489    php_ldap_bictx *ctx;
490
491    ctx = ber_memalloc(sizeof(php_ldap_bictx));
492    ctx->mech    = (sasl_mech) ? ber_strdup(sasl_mech) : NULL;
493    ctx->realm   = (sasl_realm) ? ber_strdup(sasl_realm) : NULL;
494    ctx->authcid = (sasl_authc_id) ? ber_strdup(sasl_authc_id) : NULL;
495    ctx->passwd  = (passwd) ? ber_strdup(passwd) : NULL;
496    ctx->authzid = (sasl_authz_id) ? ber_strdup(sasl_authz_id) : NULL;
497
498    if (ctx->mech == NULL) {
499        ldap_get_option(ld, LDAP_OPT_X_SASL_MECH, &ctx->mech);
500    }
501    if (ctx->realm == NULL) {
502        ldap_get_option(ld, LDAP_OPT_X_SASL_REALM, &ctx->realm);
503    }
504    if (ctx->authcid == NULL) {
505        ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHCID, &ctx->authcid);
506    }
507    if (ctx->authzid == NULL) {
508        ldap_get_option(ld, LDAP_OPT_X_SASL_AUTHZID, &ctx->authzid);
509    }
510
511    return ctx;
512}
513/* }}} */
514
515/* {{{ _php_sasl_freedefs
516 */
517static void _php_sasl_freedefs(php_ldap_bictx *ctx)
518{
519    if (ctx->mech) ber_memfree(ctx->mech);
520    if (ctx->realm) ber_memfree(ctx->realm);
521    if (ctx->authcid) ber_memfree(ctx->authcid);
522    if (ctx->passwd) ber_memfree(ctx->passwd);
523    if (ctx->authzid) ber_memfree(ctx->authzid);
524    ber_memfree(ctx);
525}
526/* }}} */
527
528/* {{{ _php_sasl_interact
529   Internal interact function for SASL */
530static int _php_sasl_interact(LDAP *ld, unsigned flags, void *defaults, void *in)
531{
532    sasl_interact_t *interact = in;
533    const char *p;
534    php_ldap_bictx *ctx = defaults;
535
536    for (;interact->id != SASL_CB_LIST_END;interact++) {
537        p = NULL;
538        switch(interact->id) {
539            case SASL_CB_GETREALM:
540                p = ctx->realm;
541                break;
542            case SASL_CB_AUTHNAME:
543                p = ctx->authcid;
544                break;
545            case SASL_CB_USER:
546                p = ctx->authzid;
547                break;
548            case SASL_CB_PASS:
549                p = ctx->passwd;
550                break;
551        }
552        if (p) {
553            interact->result = p;
554            interact->len = strlen(interact->result);
555        }
556    }
557    return LDAP_SUCCESS;
558}
559/* }}} */
560
561/* {{{ proto bool ldap_sasl_bind(resource link [, string binddn [, string password [, string sasl_mech [, string sasl_realm [, string sasl_authc_id [, string sasl_authz_id [, string props]]]]]]])
562   Bind to LDAP directory using SASL */
563PHP_FUNCTION(ldap_sasl_bind)
564{
565    zval *link;
566    ldap_linkdata *ld;
567    char *binddn = NULL;
568    char *passwd = NULL;
569    char *sasl_mech = NULL;
570    char *sasl_realm = NULL;
571    char *sasl_authz_id = NULL;
572    char *sasl_authc_id = NULL;
573    char *props = NULL;
574    size_t rc, dn_len, passwd_len, mech_len, realm_len, authc_id_len, authz_id_len, props_len;
575    php_ldap_bictx *ctx;
576
577    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r|sssssss", &link, &binddn, &dn_len, &passwd, &passwd_len, &sasl_mech, &mech_len, &sasl_realm, &realm_len, &sasl_authc_id, &authc_id_len, &sasl_authz_id, &authz_id_len, &props, &props_len) != SUCCESS) {
578        RETURN_FALSE;
579    }
580
581    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
582        RETURN_FALSE;
583    }
584
585    ctx = _php_sasl_setdefs(ld->link, sasl_mech, sasl_realm, sasl_authc_id, passwd, sasl_authz_id);
586
587    if (props) {
588        ldap_set_option(ld->link, LDAP_OPT_X_SASL_SECPROPS, props);
589    }
590
591    rc = ldap_sasl_interactive_bind_s(ld->link, binddn, ctx->mech, NULL, NULL, LDAP_SASL_QUIET, _php_sasl_interact, ctx);
592    if (rc != LDAP_SUCCESS) {
593        php_error_docref(NULL, E_WARNING, "Unable to bind to server: %s", ldap_err2string(rc));
594        RETVAL_FALSE;
595    } else {
596        RETVAL_TRUE;
597    }
598    _php_sasl_freedefs(ctx);
599}
600/* }}} */
601#endif /* HAVE_LDAP_SASL */
602
603/* {{{ proto bool ldap_unbind(resource link)
604   Unbind from LDAP directory */
605PHP_FUNCTION(ldap_unbind)
606{
607    zval *link;
608    ldap_linkdata *ld;
609
610    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
611        RETURN_FALSE;
612    }
613
614    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
615        RETURN_FALSE;
616    }
617
618    zend_list_close(Z_RES_P(link));
619    RETURN_TRUE;
620}
621/* }}} */
622
623/* {{{ php_set_opts
624 */
625static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, int *old_sizelimit, int *old_timelimit, int *old_deref)
626{
627    /* sizelimit */
628    if (sizelimit > -1) {
629#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
630        ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_sizelimit);
631        ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, &sizelimit);
632#else
633        *old_sizelimit = ldap->ld_sizelimit;
634        ldap->ld_sizelimit = sizelimit;
635#endif
636    }
637
638    /* timelimit */
639    if (timelimit > -1) {
640#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
641        ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_timelimit);
642        ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit);
643#else
644        *old_timelimit = ldap->ld_timelimit;
645        ldap->ld_timelimit = timelimit;
646#endif
647    }
648
649    /* deref */
650    if (deref > -1) {
651#if (LDAP_API_VERSION >= 2004) || HAVE_NSLDAP || HAVE_ORALDAP
652        ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_deref);
653        ldap_set_option(ldap, LDAP_OPT_DEREF, &deref);
654#else
655        *old_deref = ldap->ld_deref;
656        ldap->ld_deref = deref;
657#endif
658    }
659}
660/* }}} */
661
662/* {{{ php_ldap_do_search
663 */
664static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
665{
666    zval *link, *base_dn, *filter, *attrs = NULL, *attr;
667    zend_long attrsonly, sizelimit, timelimit, deref;
668    char *ldap_base_dn = NULL, *ldap_filter = NULL, **ldap_attrs = NULL;
669    ldap_linkdata *ld = NULL;
670    LDAPMessage *ldap_res;
671    int ldap_attrsonly = 0, ldap_sizelimit = -1, ldap_timelimit = -1, ldap_deref = -1;
672    int old_ldap_sizelimit = -1, old_ldap_timelimit = -1, old_ldap_deref = -1;
673    int num_attribs = 0, ret = 1, i, errno, argcount = ZEND_NUM_ARGS();
674
675    if (zend_parse_parameters(argcount, "zzz|allll", &link, &base_dn, &filter, &attrs, &attrsonly,
676        &sizelimit, &timelimit, &deref) == FAILURE) {
677        return;
678    }
679
680    /* Reverse -> fall through */
681    switch (argcount) {
682        case 8:
683            ldap_deref = deref;
684        case 7:
685            ldap_timelimit = timelimit;
686        case 6:
687            ldap_sizelimit = sizelimit;
688        case 5:
689            ldap_attrsonly = attrsonly;
690        case 4:
691            num_attribs = zend_hash_num_elements(Z_ARRVAL_P(attrs));
692            ldap_attrs = safe_emalloc((num_attribs+1), sizeof(char *), 0);
693
694            for (i = 0; i<num_attribs; i++) {
695                if ((attr = zend_hash_index_find(Z_ARRVAL_P(attrs), i)) == NULL) {
696                    php_error_docref(NULL, E_WARNING, "Array initialization wrong");
697                    ret = 0;
698                    goto cleanup;
699                }
700
701                SEPARATE_ZVAL(attr);
702                convert_to_string_ex(attr);
703                ldap_attrs[i] = Z_STRVAL_P(attr);
704            }
705            ldap_attrs[num_attribs] = NULL;
706        default:
707            break;
708    }
709
710    /* parallel search? */
711    if (Z_TYPE_P(link) == IS_ARRAY) {
712        int i, nlinks, nbases, nfilters, *rcs;
713        ldap_linkdata **lds;
714        zval *entry, resource;
715
716        nlinks = zend_hash_num_elements(Z_ARRVAL_P(link));
717        if (nlinks == 0) {
718            php_error_docref(NULL, E_WARNING, "No links in link array");
719            ret = 0;
720            goto cleanup;
721        }
722
723        if (Z_TYPE_P(base_dn) == IS_ARRAY) {
724            nbases = zend_hash_num_elements(Z_ARRVAL_P(base_dn));
725            if (nbases != nlinks) {
726                php_error_docref(NULL, E_WARNING, "Base must either be a string, or an array with the same number of elements as the links array");
727                ret = 0;
728                goto cleanup;
729            }
730            zend_hash_internal_pointer_reset(Z_ARRVAL_P(base_dn));
731        } else {
732            nbases = 0; /* this means string, not array */
733            /* If anything else than string is passed, ldap_base_dn = NULL */
734            if (Z_TYPE_P(base_dn) == IS_STRING) {
735                ldap_base_dn = Z_STRVAL_P(base_dn);
736            } else {
737                ldap_base_dn = NULL;
738            }
739        }
740
741        if (Z_TYPE_P(filter) == IS_ARRAY) {
742            nfilters = zend_hash_num_elements(Z_ARRVAL_P(filter));
743            if (nfilters != nlinks) {
744                php_error_docref(NULL, E_WARNING, "Filter must either be a string, or an array with the same number of elements as the links array");
745                ret = 0;
746                goto cleanup;
747            }
748            zend_hash_internal_pointer_reset(Z_ARRVAL_P(filter));
749        } else {
750            nfilters = 0; /* this means string, not array */
751            convert_to_string_ex(filter);
752            ldap_filter = Z_STRVAL_P(filter);
753        }
754
755        lds = safe_emalloc(nlinks, sizeof(ldap_linkdata), 0);
756        rcs = safe_emalloc(nlinks, sizeof(*rcs), 0);
757
758        zend_hash_internal_pointer_reset(Z_ARRVAL_P(link));
759        for (i=0; i<nlinks; i++) {
760            entry = zend_hash_get_current_data(Z_ARRVAL_P(link));
761
762            ld = (ldap_linkdata *) zend_fetch_resource_ex(entry, "ldap link", le_link);
763            if (ld == NULL) {
764                ret = 0;
765                goto cleanup_parallel;
766            }
767            if (nbases != 0) { /* base_dn an array? */
768                entry = zend_hash_get_current_data(Z_ARRVAL_P(base_dn));
769                zend_hash_move_forward(Z_ARRVAL_P(base_dn));
770
771                /* If anything else than string is passed, ldap_base_dn = NULL */
772                if (Z_TYPE_P(entry) == IS_STRING) {
773                    ldap_base_dn = Z_STRVAL_P(entry);
774                } else {
775                    ldap_base_dn = NULL;
776                }
777            }
778            if (nfilters != 0) { /* filter an array? */
779                entry = zend_hash_get_current_data(Z_ARRVAL_P(filter));
780                zend_hash_move_forward(Z_ARRVAL_P(filter));
781                convert_to_string_ex(entry);
782                ldap_filter = Z_STRVAL_P(entry);
783            }
784
785            php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
786
787            /* Run the actual search */
788            ldap_search_ext(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly, NULL, NULL, NULL, ldap_sizelimit, &rcs[i]);
789            lds[i] = ld;
790            zend_hash_move_forward(Z_ARRVAL_P(link));
791        }
792
793        array_init(return_value);
794
795        /* Collect results from the searches */
796        for (i=0; i<nlinks; i++) {
797            if (rcs[i] != -1) {
798                rcs[i] = ldap_result(lds[i]->link, LDAP_RES_ANY, 1 /* LDAP_MSG_ALL */, NULL, &ldap_res);
799            }
800            if (rcs[i] != -1) {
801                ZVAL_RES(&resource, zend_register_resource(ldap_res, le_result));
802                add_next_index_zval(return_value, &resource);
803            } else {
804                add_next_index_bool(return_value, 0);
805            }
806        }
807
808cleanup_parallel:
809        efree(lds);
810        efree(rcs);
811    } else {
812        convert_to_string_ex(filter);
813        ldap_filter = Z_STRVAL_P(filter);
814
815        /* If anything else than string is passed, ldap_base_dn = NULL */
816        if (Z_TYPE_P(base_dn) == IS_STRING) {
817            ldap_base_dn = Z_STRVAL_P(base_dn);
818        }
819
820        ld = (ldap_linkdata *) zend_fetch_resource_ex(link, "ldap link", le_link);
821        if (ld == NULL) {
822            ret = 0;
823            goto cleanup;
824        }
825
826        php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
827
828        /* Run the actual search */
829        errno = ldap_search_ext_s(ld->link, ldap_base_dn, scope, ldap_filter, ldap_attrs, ldap_attrsonly, NULL, NULL, NULL, ldap_sizelimit, &ldap_res);
830
831        if (errno != LDAP_SUCCESS
832            && errno != LDAP_SIZELIMIT_EXCEEDED
833#ifdef LDAP_ADMINLIMIT_EXCEEDED
834            && errno != LDAP_ADMINLIMIT_EXCEEDED
835#endif
836#ifdef LDAP_REFERRAL
837            && errno != LDAP_REFERRAL
838#endif
839        ) {
840            php_error_docref(NULL, E_WARNING, "Search: %s", ldap_err2string(errno));
841            ret = 0;
842        } else {
843            if (errno == LDAP_SIZELIMIT_EXCEEDED) {
844                php_error_docref(NULL, E_WARNING, "Partial search results returned: Sizelimit exceeded");
845            }
846#ifdef LDAP_ADMINLIMIT_EXCEEDED
847            else if (errno == LDAP_ADMINLIMIT_EXCEEDED) {
848                php_error_docref(NULL, E_WARNING, "Partial search results returned: Adminlimit exceeded");
849            }
850#endif
851
852            RETVAL_RES(zend_register_resource(ldap_res, le_result));
853        }
854    }
855
856cleanup:
857    if (ld) {
858        /* Restoring previous options */
859        php_set_opts(ld->link, old_ldap_sizelimit, old_ldap_timelimit, old_ldap_deref, &ldap_sizelimit, &ldap_timelimit, &ldap_deref);
860    }
861    if (ldap_attrs != NULL) {
862        efree(ldap_attrs);
863    }
864    if (!ret) {
865        RETVAL_BOOL(ret);
866    }
867}
868/* }}} */
869
870/* {{{ proto resource ldap_read(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
871   Read an entry */
872PHP_FUNCTION(ldap_read)
873{
874    php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_BASE);
875}
876/* }}} */
877
878/* {{{ proto resource ldap_list(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
879   Single-level search */
880PHP_FUNCTION(ldap_list)
881{
882    php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_ONELEVEL);
883}
884/* }}} */
885
886/* {{{ proto resource ldap_search(resource|array link, string base_dn, string filter [, array attrs [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]])
887   Search LDAP tree under base_dn */
888PHP_FUNCTION(ldap_search)
889{
890    php_ldap_do_search(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_SCOPE_SUBTREE);
891}
892/* }}} */
893
894/* {{{ proto bool ldap_free_result(resource result)
895   Free result memory */
896PHP_FUNCTION(ldap_free_result)
897{
898    zval *result;
899    LDAPMessage *ldap_result;
900
901    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &result) != SUCCESS) {
902        return;
903    }
904
905    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
906        RETURN_FALSE;
907    }
908
909    zend_list_close(Z_RES_P(result));  /* Delete list entry */
910    RETVAL_TRUE;
911}
912/* }}} */
913
914/* {{{ proto int ldap_count_entries(resource link, resource result)
915   Count the number of entries in a search result */
916PHP_FUNCTION(ldap_count_entries)
917{
918    zval *link, *result;
919    ldap_linkdata *ld;
920    LDAPMessage *ldap_result;
921
922    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
923        return;
924    }
925
926    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
927        RETURN_FALSE;
928    }
929
930    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
931        RETURN_FALSE;
932    }
933
934    RETURN_LONG(ldap_count_entries(ld->link, ldap_result));
935}
936/* }}} */
937
938/* {{{ proto resource ldap_first_entry(resource link, resource result)
939   Return first result id */
940PHP_FUNCTION(ldap_first_entry)
941{
942    zval *link, *result;
943    ldap_linkdata *ld;
944    ldap_resultentry *resultentry;
945    LDAPMessage *ldap_result, *entry;
946
947    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
948        return;
949    }
950
951    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
952        RETURN_FALSE;
953    }
954
955    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
956        RETURN_FALSE;
957    }
958
959    if ((entry = ldap_first_entry(ld->link, ldap_result)) == NULL) {
960        RETVAL_FALSE;
961    } else {
962        resultentry = emalloc(sizeof(ldap_resultentry));
963        RETVAL_RES(zend_register_resource(resultentry, le_result_entry));
964        ZVAL_COPY(&resultentry->res, result);
965        resultentry->data = entry;
966        resultentry->ber = NULL;
967    }
968}
969/* }}} */
970
971/* {{{ proto resource ldap_next_entry(resource link, resource result_entry)
972   Get next result entry */
973PHP_FUNCTION(ldap_next_entry)
974{
975    zval *link, *result_entry;
976    ldap_linkdata *ld;
977    ldap_resultentry *resultentry, *resultentry_next;
978    LDAPMessage *entry_next;
979
980    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
981        return;
982    }
983
984    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
985        RETURN_FALSE;
986    }
987    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
988        RETURN_FALSE;
989    }
990
991    if ((entry_next = ldap_next_entry(ld->link, resultentry->data)) == NULL) {
992        RETVAL_FALSE;
993    } else {
994        resultentry_next = emalloc(sizeof(ldap_resultentry));
995        RETVAL_RES(zend_register_resource(resultentry_next, le_result_entry));
996        ZVAL_COPY(&resultentry_next->res, &resultentry->res);
997        resultentry_next->data = entry_next;
998        resultentry_next->ber = NULL;
999    }
1000}
1001/* }}} */
1002
1003/* {{{ proto array ldap_get_entries(resource link, resource result)
1004   Get all result entries */
1005PHP_FUNCTION(ldap_get_entries)
1006{
1007    zval *link, *result;
1008    LDAPMessage *ldap_result, *ldap_result_entry;
1009    zval tmp1, tmp2;
1010    ldap_linkdata *ld;
1011    LDAP *ldap;
1012    int num_entries, num_attrib, num_values, i;
1013    BerElement *ber;
1014    char *attribute;
1015    size_t attr_len;
1016    struct berval **ldap_value;
1017    char *dn;
1018
1019    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
1020        return;
1021    }
1022
1023    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1024        RETURN_FALSE;
1025    }
1026    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
1027        RETURN_FALSE;
1028    }
1029
1030    ldap = ld->link;
1031    num_entries = ldap_count_entries(ldap, ldap_result);
1032
1033    array_init(return_value);
1034    add_assoc_long(return_value, "count", num_entries);
1035
1036    if (num_entries == 0) {
1037        return;
1038    }
1039
1040    ldap_result_entry = ldap_first_entry(ldap, ldap_result);
1041    if (ldap_result_entry == NULL) {
1042        zval_dtor(return_value);
1043        RETURN_FALSE;
1044    }
1045
1046    num_entries = 0;
1047    while (ldap_result_entry != NULL) {
1048        array_init(&tmp1);
1049
1050        num_attrib = 0;
1051        attribute = ldap_first_attribute(ldap, ldap_result_entry, &ber);
1052
1053        while (attribute != NULL) {
1054            ldap_value = ldap_get_values_len(ldap, ldap_result_entry, attribute);
1055            num_values = ldap_count_values_len(ldap_value);
1056
1057            array_init(&tmp2);
1058            add_assoc_long(&tmp2, "count", num_values);
1059            for (i = 0; i < num_values; i++) {
1060                add_index_stringl(&tmp2, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len);
1061            }
1062            ldap_value_free_len(ldap_value);
1063
1064            attr_len = strlen(attribute);
1065            zend_hash_str_update(Z_ARRVAL(tmp1), php_strtolower(attribute, attr_len), attr_len, &tmp2);
1066            add_index_string(&tmp1, num_attrib, attribute);
1067
1068            num_attrib++;
1069#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1070            ldap_memfree(attribute);
1071#endif
1072            attribute = ldap_next_attribute(ldap, ldap_result_entry, ber);
1073        }
1074#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1075        if (ber != NULL) {
1076            ber_free(ber, 0);
1077        }
1078#endif
1079
1080        add_assoc_long(&tmp1, "count", num_attrib);
1081        dn = ldap_get_dn(ldap, ldap_result_entry);
1082        add_assoc_string(&tmp1, "dn", dn);
1083#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1084        ldap_memfree(dn);
1085#else
1086        free(dn);
1087#endif
1088
1089        zend_hash_index_update(Z_ARRVAL_P(return_value), num_entries, &tmp1);
1090
1091        num_entries++;
1092        ldap_result_entry = ldap_next_entry(ldap, ldap_result_entry);
1093    }
1094
1095    add_assoc_long(return_value, "count", num_entries);
1096
1097}
1098/* }}} */
1099
1100/* {{{ proto string ldap_first_attribute(resource link, resource result_entry)
1101   Return first attribute */
1102PHP_FUNCTION(ldap_first_attribute)
1103{
1104    zval *link, *result_entry;
1105    ldap_linkdata *ld;
1106    ldap_resultentry *resultentry;
1107    char *attribute;
1108    zend_long dummy_ber;
1109
1110    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1111        return;
1112    }
1113
1114    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1115        RETURN_FALSE;
1116    }
1117
1118    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1119        RETURN_FALSE;
1120    }
1121
1122    if ((attribute = ldap_first_attribute(ld->link, resultentry->data, &resultentry->ber)) == NULL) {
1123        RETURN_FALSE;
1124    } else {
1125        RETVAL_STRING(attribute);
1126#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1127        ldap_memfree(attribute);
1128#endif
1129    }
1130}
1131/* }}} */
1132
1133/* {{{ proto string ldap_next_attribute(resource link, resource result_entry)
1134   Get the next attribute in result */
1135PHP_FUNCTION(ldap_next_attribute)
1136{
1137    zval *link, *result_entry;
1138    ldap_linkdata *ld;
1139    ldap_resultentry *resultentry;
1140    char *attribute;
1141    zend_long dummy_ber;
1142
1143    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|l", &link, &result_entry, &dummy_ber) != SUCCESS) {
1144        return;
1145    }
1146
1147    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1148        RETURN_FALSE;
1149    }
1150
1151    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1152        RETURN_FALSE;
1153    }
1154
1155    if (resultentry->ber == NULL) {
1156        php_error_docref(NULL, E_WARNING, "called before calling ldap_first_attribute() or no attributes found in result entry");
1157        RETURN_FALSE;
1158    }
1159
1160    if ((attribute = ldap_next_attribute(ld->link, resultentry->data, resultentry->ber)) == NULL) {
1161#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1162        if (resultentry->ber != NULL) {
1163            ber_free(resultentry->ber, 0);
1164            resultentry->ber = NULL;
1165        }
1166#endif
1167        RETURN_FALSE;
1168    } else {
1169        RETVAL_STRING(attribute);
1170#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1171        ldap_memfree(attribute);
1172#endif
1173    }
1174}
1175/* }}} */
1176
1177/* {{{ proto array ldap_get_attributes(resource link, resource result_entry)
1178   Get attributes from a search result entry */
1179PHP_FUNCTION(ldap_get_attributes)
1180{
1181    zval *link, *result_entry;
1182    zval tmp;
1183    ldap_linkdata *ld;
1184    ldap_resultentry *resultentry;
1185    char *attribute;
1186    struct berval **ldap_value;
1187    int i, num_values, num_attrib;
1188    BerElement *ber;
1189
1190    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1191        return;
1192    }
1193
1194    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1195        RETURN_FALSE;
1196    }
1197
1198    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1199        RETURN_FALSE;
1200    }
1201
1202    array_init(return_value);
1203    num_attrib = 0;
1204
1205    attribute = ldap_first_attribute(ld->link, resultentry->data, &ber);
1206    while (attribute != NULL) {
1207        ldap_value = ldap_get_values_len(ld->link, resultentry->data, attribute);
1208        num_values = ldap_count_values_len(ldap_value);
1209
1210        array_init(&tmp);
1211        add_assoc_long(&tmp, "count", num_values);
1212        for (i = 0; i < num_values; i++) {
1213            add_index_stringl(&tmp, i, ldap_value[i]->bv_val, ldap_value[i]->bv_len);
1214        }
1215        ldap_value_free_len(ldap_value);
1216
1217        zend_hash_str_update(Z_ARRVAL_P(return_value), attribute, strlen(attribute), &tmp);
1218        add_index_string(return_value, num_attrib, attribute);
1219
1220        num_attrib++;
1221#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1222        ldap_memfree(attribute);
1223#endif
1224        attribute = ldap_next_attribute(ld->link, resultentry->data, ber);
1225    }
1226#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1227    if (ber != NULL) {
1228        ber_free(ber, 0);
1229    }
1230#endif
1231
1232    add_assoc_long(return_value, "count", num_attrib);
1233}
1234/* }}} */
1235
1236/* {{{ proto array ldap_get_values_len(resource link, resource result_entry, string attribute)
1237   Get all values with lengths from a result entry */
1238PHP_FUNCTION(ldap_get_values_len)
1239{
1240    zval *link, *result_entry;
1241    ldap_linkdata *ld;
1242    ldap_resultentry *resultentry;
1243    char *attr;
1244    struct berval **ldap_value_len;
1245    int i, num_values;
1246    size_t attr_len;
1247
1248    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrs", &link, &result_entry, &attr, &attr_len) != SUCCESS) {
1249        return;
1250    }
1251
1252    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1253        RETURN_FALSE;
1254    }
1255
1256    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1257        RETURN_FALSE;
1258    }
1259
1260    if ((ldap_value_len = ldap_get_values_len(ld->link, resultentry->data, attr)) == NULL) {
1261        php_error_docref(NULL, E_WARNING, "Cannot get the value(s) of attribute %s", ldap_err2string(_get_lderrno(ld->link)));
1262        RETURN_FALSE;
1263    }
1264
1265    num_values = ldap_count_values_len(ldap_value_len);
1266    array_init(return_value);
1267
1268    for (i=0; i<num_values; i++) {
1269        add_next_index_stringl(return_value, ldap_value_len[i]->bv_val, ldap_value_len[i]->bv_len);
1270    }
1271
1272    add_assoc_long(return_value, "count", num_values);
1273    ldap_value_free_len(ldap_value_len);
1274
1275}
1276/* }}} */
1277
1278/* {{{ proto string ldap_get_dn(resource link, resource result_entry)
1279   Get the DN of a result entry */
1280PHP_FUNCTION(ldap_get_dn)
1281{
1282    zval *link, *result_entry;
1283    ldap_linkdata *ld;
1284    ldap_resultentry *resultentry;
1285    char *text;
1286
1287    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
1288        return;
1289    }
1290
1291    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1292        RETURN_FALSE;
1293    }
1294
1295    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
1296        RETURN_FALSE;
1297    }
1298
1299    text = ldap_get_dn(ld->link, resultentry->data);
1300    if (text != NULL) {
1301        RETVAL_STRING(text);
1302#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1303        ldap_memfree(text);
1304#else
1305        free(text);
1306#endif
1307    } else {
1308        RETURN_FALSE;
1309    }
1310}
1311/* }}} */
1312
1313/* {{{ proto array ldap_explode_dn(string dn, int with_attrib)
1314   Splits DN into its component parts */
1315PHP_FUNCTION(ldap_explode_dn)
1316{
1317    zend_long with_attrib;
1318    char *dn, **ldap_value;
1319    int i, count;
1320    size_t dn_len;
1321
1322    if (zend_parse_parameters(ZEND_NUM_ARGS(), "sl", &dn, &dn_len, &with_attrib) != SUCCESS) {
1323        return;
1324    }
1325
1326    if (!(ldap_value = ldap_explode_dn(dn, with_attrib))) {
1327        /* Invalid parameters were passed to ldap_explode_dn */
1328        RETURN_FALSE;
1329    }
1330
1331    i=0;
1332    while (ldap_value[i] != NULL) i++;
1333    count = i;
1334
1335    array_init(return_value);
1336
1337    add_assoc_long(return_value, "count", count);
1338    for (i = 0; i<count; i++) {
1339        add_index_string(return_value, i, ldap_value[i]);
1340    }
1341
1342    /* ldap_value_free() is deprecated */
1343    ldap_memvfree((void **)ldap_value);
1344}
1345/* }}} */
1346
1347/* {{{ proto string ldap_dn2ufn(string dn)
1348   Convert DN to User Friendly Naming format */
1349PHP_FUNCTION(ldap_dn2ufn)
1350{
1351    char *dn, *ufn;
1352    size_t dn_len;
1353
1354    if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &dn, &dn_len) != SUCCESS) {
1355        return;
1356    }
1357
1358    ufn = ldap_dn2ufn(dn);
1359
1360    if (ufn != NULL) {
1361        RETVAL_STRING(ufn);
1362#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP || WINDOWS
1363        ldap_memfree(ufn);
1364#endif
1365    } else {
1366        RETURN_FALSE;
1367    }
1368}
1369/* }}} */
1370
1371
1372/* added to fix use of ldap_modify_add for doing an ldap_add, gerrit thomson. */
1373#define PHP_LD_FULL_ADD 0xff
1374/* {{{ php_ldap_do_modify
1375 */
1376static void php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS, int oper)
1377{
1378    zval *link, *entry, *value, *ivalue;
1379    ldap_linkdata *ld;
1380    char *dn;
1381    LDAPMod **ldap_mods;
1382    int i, j, num_attribs, num_values;
1383    size_t dn_len;
1384    int *num_berval;
1385    zend_string *attribute;
1386    zend_ulong index;
1387    int is_full_add=0; /* flag for full add operation so ldap_mod_add can be put back into oper, gerrit THomson */
1388
1389    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsa", &link, &dn, &dn_len, &entry) != SUCCESS) {
1390        return;
1391    }
1392
1393    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1394        RETURN_FALSE;
1395    }
1396
1397    num_attribs = zend_hash_num_elements(Z_ARRVAL_P(entry));
1398    ldap_mods = safe_emalloc((num_attribs+1), sizeof(LDAPMod *), 0);
1399    num_berval = safe_emalloc(num_attribs, sizeof(int), 0);
1400    zend_hash_internal_pointer_reset(Z_ARRVAL_P(entry));
1401
1402    /* added by gerrit thomson to fix ldap_add using ldap_mod_add */
1403    if (oper == PHP_LD_FULL_ADD) {
1404        oper = LDAP_MOD_ADD;
1405        is_full_add = 1;
1406    }
1407    /* end additional , gerrit thomson */
1408
1409    for (i = 0; i < num_attribs; i++) {
1410        ldap_mods[i] = emalloc(sizeof(LDAPMod));
1411        ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
1412        ldap_mods[i]->mod_type = NULL;
1413
1414        if (zend_hash_get_current_key(Z_ARRVAL_P(entry), &attribute, &index) == HASH_KEY_IS_STRING) {
1415            ldap_mods[i]->mod_type = estrndup(ZSTR_VAL(attribute), ZSTR_LEN(attribute));
1416        } else {
1417            php_error_docref(NULL, E_WARNING, "Unknown attribute in the data");
1418            /* Free allocated memory */
1419            while (i >= 0) {
1420                if (ldap_mods[i]->mod_type) {
1421                    efree(ldap_mods[i]->mod_type);
1422                }
1423                efree(ldap_mods[i]);
1424                i--;
1425            }
1426            efree(num_berval);
1427            efree(ldap_mods);
1428            RETURN_FALSE;
1429        }
1430
1431        value = zend_hash_get_current_data(Z_ARRVAL_P(entry));
1432
1433        if (Z_TYPE_P(value) != IS_ARRAY) {
1434            num_values = 1;
1435        } else {
1436            num_values = zend_hash_num_elements(Z_ARRVAL_P(value));
1437        }
1438
1439        num_berval[i] = num_values;
1440        ldap_mods[i]->mod_bvalues = safe_emalloc((num_values + 1), sizeof(struct berval *), 0);
1441
1442/* allow for arrays with one element, no allowance for arrays with none but probably not required, gerrit thomson. */
1443        if ((num_values == 1) && (Z_TYPE_P(value) != IS_ARRAY)) {
1444            convert_to_string_ex(value);
1445            ldap_mods[i]->mod_bvalues[0] = (struct berval *) emalloc (sizeof(struct berval));
1446            ldap_mods[i]->mod_bvalues[0]->bv_len = Z_STRLEN_P(value);
1447            ldap_mods[i]->mod_bvalues[0]->bv_val = Z_STRVAL_P(value);
1448        } else {
1449            for (j = 0; j < num_values; j++) {
1450                if ((ivalue = zend_hash_index_find(Z_ARRVAL_P(value), j)) == NULL) {
1451                    php_error_docref(NULL, E_WARNING, "Value array must have consecutive indices 0, 1, ...");
1452                    num_berval[i] = j;
1453                    num_attribs = i + 1;
1454                    RETVAL_FALSE;
1455                    goto errexit;
1456                }
1457                convert_to_string_ex(ivalue);
1458                ldap_mods[i]->mod_bvalues[j] = (struct berval *) emalloc (sizeof(struct berval));
1459                ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_P(ivalue);
1460                ldap_mods[i]->mod_bvalues[j]->bv_val = Z_STRVAL_P(ivalue);
1461            }
1462        }
1463        ldap_mods[i]->mod_bvalues[num_values] = NULL;
1464        zend_hash_move_forward(Z_ARRVAL_P(entry));
1465    }
1466    ldap_mods[num_attribs] = NULL;
1467
1468/* check flag to see if do_mod was called to perform full add , gerrit thomson */
1469    if (is_full_add == 1) {
1470        if ((i = ldap_add_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1471            php_error_docref(NULL, E_WARNING, "Add: %s", ldap_err2string(i));
1472            RETVAL_FALSE;
1473        } else RETVAL_TRUE;
1474    } else {
1475        if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1476            php_error_docref(NULL, E_WARNING, "Modify: %s", ldap_err2string(i));
1477            RETVAL_FALSE;
1478        } else RETVAL_TRUE;
1479    }
1480
1481errexit:
1482    for (i = 0; i < num_attribs; i++) {
1483        efree(ldap_mods[i]->mod_type);
1484        for (j = 0; j < num_berval[i]; j++) {
1485            efree(ldap_mods[i]->mod_bvalues[j]);
1486        }
1487        efree(ldap_mods[i]->mod_bvalues);
1488        efree(ldap_mods[i]);
1489    }
1490    efree(num_berval);
1491    efree(ldap_mods);
1492
1493    return;
1494}
1495/* }}} */
1496
1497/* {{{ proto bool ldap_add(resource link, string dn, array entry)
1498   Add entries to LDAP directory */
1499PHP_FUNCTION(ldap_add)
1500{
1501    /* use a newly define parameter into the do_modify so ldap_mod_add can be used the way it is supposed to be used , Gerrit THomson */
1502    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, PHP_LD_FULL_ADD);
1503}
1504/* }}} */
1505
1506/* three functions for attribute base modifications, gerrit Thomson */
1507
1508/* {{{ proto bool ldap_mod_replace(resource link, string dn, array entry)
1509   Replace attribute values with new ones */
1510PHP_FUNCTION(ldap_mod_replace)
1511{
1512    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_REPLACE);
1513}
1514/* }}} */
1515
1516/* {{{ proto bool ldap_mod_add(resource link, string dn, array entry)
1517   Add attribute values to current */
1518PHP_FUNCTION(ldap_mod_add)
1519{
1520    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_ADD);
1521}
1522/* }}} */
1523
1524/* {{{ proto bool ldap_mod_del(resource link, string dn, array entry)
1525   Delete attribute values */
1526PHP_FUNCTION(ldap_mod_del)
1527{
1528    php_ldap_do_modify(INTERNAL_FUNCTION_PARAM_PASSTHRU, LDAP_MOD_DELETE);
1529}
1530/* }}} */
1531
1532/* {{{ proto bool ldap_delete(resource link, string dn)
1533   Delete an entry from a directory */
1534PHP_FUNCTION(ldap_delete)
1535{
1536    zval *link;
1537    ldap_linkdata *ld;
1538    char *dn;
1539    int rc;
1540    size_t dn_len;
1541
1542    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rs", &link, &dn, &dn_len) != SUCCESS) {
1543        return;
1544    }
1545
1546    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1547        RETURN_FALSE;
1548    }
1549
1550    if ((rc = ldap_delete_ext_s(ld->link, dn, NULL, NULL)) != LDAP_SUCCESS) {
1551        php_error_docref(NULL, E_WARNING, "Delete: %s", ldap_err2string(rc));
1552        RETURN_FALSE;
1553    }
1554
1555    RETURN_TRUE;
1556}
1557/* }}} */
1558
1559/* {{{ _ldap_str_equal_to_const
1560 */
1561static int _ldap_str_equal_to_const(const char *str, uint str_len, const char *cstr)
1562{
1563    int i;
1564
1565    if (strlen(cstr) != str_len)
1566        return 0;
1567
1568    for (i = 0; i < str_len; ++i) {
1569        if (str[i] != cstr[i]) {
1570            return 0;
1571        }
1572    }
1573
1574    return 1;
1575}
1576/* }}} */
1577
1578/* {{{ _ldap_strlen_max
1579 */
1580static int _ldap_strlen_max(const char *str, uint max_len)
1581{
1582    int i;
1583
1584    for (i = 0; i < max_len; ++i) {
1585        if (str[i] == '\0') {
1586            return i;
1587        }
1588    }
1589
1590    return max_len;
1591}
1592/* }}} */
1593
1594/* {{{ _ldap_hash_fetch
1595 */
1596static void _ldap_hash_fetch(zval *hashTbl, const char *key, zval **out)
1597{
1598    *out = zend_hash_str_find(Z_ARRVAL_P(hashTbl), key, strlen(key));
1599}
1600/* }}} */
1601
1602/* {{{ proto bool ldap_modify_batch(resource link, string dn, array modifs)
1603   Perform multiple modifications as part of one operation */
1604PHP_FUNCTION(ldap_modify_batch)
1605{
1606    ldap_linkdata *ld;
1607    zval *link, *mods, *mod, *modinfo, *modval;
1608    zval *attrib, *modtype, *vals;
1609    zval *fetched;
1610    char *dn;
1611    size_t dn_len;
1612    int i, j, k;
1613    int num_mods, num_modprops, num_modvals;
1614    LDAPMod **ldap_mods;
1615    uint oper;
1616
1617    /*
1618    $mods = array(
1619        array(
1620            "attrib" => "unicodePwd",
1621            "modtype" => LDAP_MODIFY_BATCH_REMOVE,
1622            "values" => array($oldpw)
1623        ),
1624        array(
1625            "attrib" => "unicodePwd",
1626            "modtype" => LDAP_MODIFY_BATCH_ADD,
1627            "values" => array($newpw)
1628        ),
1629        array(
1630            "attrib" => "userPrincipalName",
1631            "modtype" => LDAP_MODIFY_BATCH_REPLACE,
1632            "values" => array("janitor@corp.contoso.com")
1633        ),
1634        array(
1635            "attrib" => "userCert",
1636            "modtype" => LDAP_MODIFY_BATCH_REMOVE_ALL
1637        )
1638    );
1639    */
1640
1641    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsa", &link, &dn, &dn_len, &mods) != SUCCESS) {
1642        return;
1643    }
1644
1645    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1646        RETURN_FALSE;
1647    }
1648
1649    /* perform validation */
1650    {
1651        zend_string *modkey;
1652        zend_long modtype;
1653
1654        /* to store the wrongly-typed keys */
1655        zend_ulong tmpUlong;
1656
1657        /* make sure the DN contains no NUL bytes */
1658        if (_ldap_strlen_max(dn, dn_len) != dn_len) {
1659            php_error_docref(NULL, E_WARNING, "DN must not contain NUL bytes");
1660            RETURN_FALSE;
1661        }
1662
1663        /* make sure the top level is a normal array */
1664        zend_hash_internal_pointer_reset(Z_ARRVAL_P(mods));
1665        if (zend_hash_get_current_key_type(Z_ARRVAL_P(mods)) != HASH_KEY_IS_LONG) {
1666            php_error_docref(NULL, E_WARNING, "Modifications array must not be string-indexed");
1667            RETURN_FALSE;
1668        }
1669
1670        num_mods = zend_hash_num_elements(Z_ARRVAL_P(mods));
1671
1672        for (i = 0; i < num_mods; i++) {
1673            /* is the numbering consecutive? */
1674            if ((fetched = zend_hash_index_find(Z_ARRVAL_P(mods), i)) == NULL) {
1675                php_error_docref(NULL, E_WARNING, "Modifications array must have consecutive indices 0, 1, ...");
1676                RETURN_FALSE;
1677            }
1678            mod = fetched;
1679
1680            /* is it an array? */
1681            if (Z_TYPE_P(mod) != IS_ARRAY) {
1682                php_error_docref(NULL, E_WARNING, "Each entry of modifications array must be an array itself");
1683                RETURN_FALSE;
1684            }
1685
1686            /* for the modification hashtable... */
1687            zend_hash_internal_pointer_reset(Z_ARRVAL_P(mod));
1688            num_modprops = zend_hash_num_elements(Z_ARRVAL_P(mod));
1689
1690            for (j = 0; j < num_modprops; j++) {
1691                /* are the keys strings? */
1692                if (zend_hash_get_current_key(Z_ARRVAL_P(mod), &modkey, &tmpUlong) != HASH_KEY_IS_STRING) {
1693                    php_error_docref(NULL, E_WARNING, "Each entry of modifications array must be string-indexed");
1694                    RETURN_FALSE;
1695                }
1696
1697                /* is this a valid entry? */
1698                if (
1699                    !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_ATTRIB) &&
1700                    !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_MODTYPE) &&
1701                    !_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_VALUES)
1702                ) {
1703                    php_error_docref(NULL, E_WARNING, "The only allowed keys in entries of the modifications array are '" LDAP_MODIFY_BATCH_ATTRIB "', '" LDAP_MODIFY_BATCH_MODTYPE "' and '" LDAP_MODIFY_BATCH_VALUES "'");
1704                    RETURN_FALSE;
1705                }
1706
1707                fetched = zend_hash_get_current_data(Z_ARRVAL_P(mod));
1708                modinfo = fetched;
1709
1710                /* does the value type match the key? */
1711                if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_ATTRIB)) {
1712                    if (Z_TYPE_P(modinfo) != IS_STRING) {
1713                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must be a string");
1714                        RETURN_FALSE;
1715                    }
1716
1717                    if (Z_STRLEN_P(modinfo) != _ldap_strlen_max(Z_STRVAL_P(modinfo), Z_STRLEN_P(modinfo))) {
1718                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must not contain NUL bytes");
1719                        RETURN_FALSE;
1720                    }
1721                }
1722                else if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_MODTYPE)) {
1723                    if (Z_TYPE_P(modinfo) != IS_LONG) {
1724                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_MODTYPE "' value must be a long");
1725                        RETURN_FALSE;
1726                    }
1727
1728                    /* is the value in range? */
1729                    modtype = Z_LVAL_P(modinfo);
1730                    if (
1731                        modtype != LDAP_MODIFY_BATCH_ADD &&
1732                        modtype != LDAP_MODIFY_BATCH_REMOVE &&
1733                        modtype != LDAP_MODIFY_BATCH_REPLACE &&
1734                        modtype != LDAP_MODIFY_BATCH_REMOVE_ALL
1735                    ) {
1736                        php_error_docref(NULL, E_WARNING, "The '" LDAP_MODIFY_BATCH_MODTYPE "' value must match one of the LDAP_MODIFY_BATCH_* constants");
1737                        RETURN_FALSE;
1738                    }
1739
1740                    /* if it's REMOVE_ALL, there must not be a values array; otherwise, there must */
1741                    if (modtype == LDAP_MODIFY_BATCH_REMOVE_ALL) {
1742                        if (zend_hash_str_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES))) {
1743                            php_error_docref(NULL, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must not be provided");
1744                            RETURN_FALSE;
1745                        }
1746                    }
1747                    else {
1748                        if (!zend_hash_str_exists(Z_ARRVAL_P(mod), LDAP_MODIFY_BATCH_VALUES, strlen(LDAP_MODIFY_BATCH_VALUES))) {
1749                            php_error_docref(NULL, E_WARNING, "If '" LDAP_MODIFY_BATCH_MODTYPE "' is not LDAP_MODIFY_BATCH_REMOVE_ALL, a '" LDAP_MODIFY_BATCH_VALUES "' array must be provided");
1750                            RETURN_FALSE;
1751                        }
1752                    }
1753                }
1754                else if (_ldap_str_equal_to_const(ZSTR_VAL(modkey), ZSTR_LEN(modkey), LDAP_MODIFY_BATCH_VALUES)) {
1755                    if (Z_TYPE_P(modinfo) != IS_ARRAY) {
1756                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' value must be an array");
1757                        RETURN_FALSE;
1758                    }
1759
1760                    /* is the array not empty? */
1761                    zend_hash_internal_pointer_reset(Z_ARRVAL_P(modinfo));
1762                    num_modvals = zend_hash_num_elements(Z_ARRVAL_P(modinfo));
1763                    if (num_modvals == 0) {
1764                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have at least one element");
1765                        RETURN_FALSE;
1766                    }
1767
1768                    /* are its keys integers? */
1769                    if (zend_hash_get_current_key_type(Z_ARRVAL_P(modinfo)) != HASH_KEY_IS_LONG) {
1770                        php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must not be string-indexed");
1771                        RETURN_FALSE;
1772                    }
1773
1774                    /* are the keys consecutive? */
1775                    for (k = 0; k < num_modvals; k++) {
1776                        if ((fetched = zend_hash_index_find(Z_ARRVAL_P(modinfo), k)) == NULL) {
1777                            php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_VALUES "' array must have consecutive indices 0, 1, ...");
1778                            RETURN_FALSE;
1779                        }
1780                        modval = fetched;
1781
1782                        /* is the data element a string? */
1783                        if (Z_TYPE_P(modval) != IS_STRING) {
1784                            php_error_docref(NULL, E_WARNING, "Each element of a '" LDAP_MODIFY_BATCH_VALUES "' array must be a string");
1785                            RETURN_FALSE;
1786                        }
1787                    }
1788                }
1789
1790                zend_hash_move_forward(Z_ARRVAL_P(mod));
1791            }
1792        }
1793    }
1794    /* validation was successful */
1795
1796    /* allocate array of modifications */
1797    ldap_mods = safe_emalloc((num_mods+1), sizeof(LDAPMod *), 0);
1798
1799    /* for each modification */
1800    for (i = 0; i < num_mods; i++) {
1801        /* allocate the modification struct */
1802        ldap_mods[i] = safe_emalloc(1, sizeof(LDAPMod), 0);
1803
1804        /* fetch the relevant data */
1805        fetched = zend_hash_index_find(Z_ARRVAL_P(mods), i);
1806        mod = fetched;
1807
1808        _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_ATTRIB, &attrib);
1809        _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_MODTYPE, &modtype);
1810        _ldap_hash_fetch(mod, LDAP_MODIFY_BATCH_VALUES, &vals);
1811
1812        /* map the modification type */
1813        switch (Z_LVAL_P(modtype)) {
1814            case LDAP_MODIFY_BATCH_ADD:
1815                oper = LDAP_MOD_ADD;
1816                break;
1817            case LDAP_MODIFY_BATCH_REMOVE:
1818            case LDAP_MODIFY_BATCH_REMOVE_ALL:
1819                oper = LDAP_MOD_DELETE;
1820                break;
1821            case LDAP_MODIFY_BATCH_REPLACE:
1822                oper = LDAP_MOD_REPLACE;
1823                break;
1824            default:
1825                php_error_docref(NULL, E_ERROR, "Unknown and uncaught modification type.");
1826                RETURN_FALSE;
1827        }
1828
1829        /* fill in the basic info */
1830        ldap_mods[i]->mod_op = oper | LDAP_MOD_BVALUES;
1831        ldap_mods[i]->mod_type = estrndup(Z_STRVAL_P(attrib), Z_STRLEN_P(attrib));
1832
1833        if (Z_LVAL_P(modtype) == LDAP_MODIFY_BATCH_REMOVE_ALL) {
1834            /* no values */
1835            ldap_mods[i]->mod_bvalues = NULL;
1836        }
1837        else {
1838            /* allocate space for the values as part of this modification */
1839            num_modvals = zend_hash_num_elements(Z_ARRVAL_P(vals));
1840            ldap_mods[i]->mod_bvalues = safe_emalloc((num_modvals+1), sizeof(struct berval *), 0);
1841
1842            /* for each value */
1843            for (j = 0; j < num_modvals; j++) {
1844                /* fetch it */
1845                fetched = zend_hash_index_find(Z_ARRVAL_P(vals), j);
1846                modval = fetched;
1847
1848                /* allocate the data struct */
1849                ldap_mods[i]->mod_bvalues[j] = safe_emalloc(1, sizeof(struct berval), 0);
1850
1851                /* fill it */
1852                ldap_mods[i]->mod_bvalues[j]->bv_len = Z_STRLEN_P(modval);
1853                ldap_mods[i]->mod_bvalues[j]->bv_val = estrndup(Z_STRVAL_P(modval), Z_STRLEN_P(modval));
1854            }
1855
1856            /* NULL-terminate values */
1857            ldap_mods[i]->mod_bvalues[num_modvals] = NULL;
1858        }
1859    }
1860
1861    /* NULL-terminate modifications */
1862    ldap_mods[num_mods] = NULL;
1863
1864    /* perform (finally) */
1865    if ((i = ldap_modify_ext_s(ld->link, dn, ldap_mods, NULL, NULL)) != LDAP_SUCCESS) {
1866        php_error_docref(NULL, E_WARNING, "Batch Modify: %s", ldap_err2string(i));
1867        RETVAL_FALSE;
1868    } else RETVAL_TRUE;
1869
1870    /* clean up */
1871    {
1872        for (i = 0; i < num_mods; i++) {
1873            /* attribute */
1874            efree(ldap_mods[i]->mod_type);
1875
1876            if (ldap_mods[i]->mod_bvalues != NULL) {
1877                /* each BER value */
1878                for (j = 0; ldap_mods[i]->mod_bvalues[j] != NULL; j++) {
1879                    /* free the data bytes */
1880                    efree(ldap_mods[i]->mod_bvalues[j]->bv_val);
1881
1882                    /* free the bvalue struct */
1883                    efree(ldap_mods[i]->mod_bvalues[j]);
1884                }
1885
1886                /* the BER value array */
1887                efree(ldap_mods[i]->mod_bvalues);
1888            }
1889
1890            /* the modification */
1891            efree(ldap_mods[i]);
1892        }
1893
1894        /* the modifications array */
1895        efree(ldap_mods);
1896    }
1897}
1898/* }}} */
1899
1900/* {{{ proto int ldap_errno(resource link)
1901   Get the current ldap error number */
1902PHP_FUNCTION(ldap_errno)
1903{
1904    zval *link;
1905    ldap_linkdata *ld;
1906
1907    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
1908        return;
1909    }
1910
1911    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1912        RETURN_FALSE;
1913    }
1914
1915    RETURN_LONG(_get_lderrno(ld->link));
1916}
1917/* }}} */
1918
1919/* {{{ proto string ldap_err2str(int errno)
1920   Convert error number to error string */
1921PHP_FUNCTION(ldap_err2str)
1922{
1923    zend_long perrno;
1924
1925    if (zend_parse_parameters(ZEND_NUM_ARGS(), "l", &perrno) != SUCCESS) {
1926        return;
1927    }
1928
1929    RETURN_STRING(ldap_err2string(perrno));
1930}
1931/* }}} */
1932
1933/* {{{ proto string ldap_error(resource link)
1934   Get the current ldap error string */
1935PHP_FUNCTION(ldap_error)
1936{
1937    zval *link;
1938    ldap_linkdata *ld;
1939    int ld_errno;
1940
1941    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
1942        return;
1943    }
1944
1945    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1946        RETURN_FALSE;
1947    }
1948
1949    ld_errno = _get_lderrno(ld->link);
1950
1951    RETURN_STRING(ldap_err2string(ld_errno));
1952}
1953/* }}} */
1954
1955/* {{{ proto bool ldap_compare(resource link, string dn, string attr, string value)
1956   Determine if an entry has a specific value for one of its attributes */
1957PHP_FUNCTION(ldap_compare)
1958{
1959    zval *link;
1960    char *dn, *attr, *value;
1961    size_t dn_len, attr_len, value_len;
1962    ldap_linkdata *ld;
1963    int errno;
1964    struct berval lvalue;
1965
1966    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsss", &link, &dn, &dn_len, &attr, &attr_len, &value, &value_len) != SUCCESS) {
1967        return;
1968    }
1969
1970    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
1971        RETURN_FALSE;
1972    }
1973
1974    lvalue.bv_val = value;
1975    lvalue.bv_len = value_len;
1976
1977    errno = ldap_compare_ext_s(ld->link, dn, attr, &lvalue, NULL, NULL);
1978
1979    switch (errno) {
1980        case LDAP_COMPARE_TRUE:
1981            RETURN_TRUE;
1982            break;
1983
1984        case LDAP_COMPARE_FALSE:
1985            RETURN_FALSE;
1986            break;
1987    }
1988
1989    php_error_docref(NULL, E_WARNING, "Compare: %s", ldap_err2string(errno));
1990    RETURN_LONG(-1);
1991}
1992/* }}} */
1993
1994/* {{{ proto bool ldap_sort(resource link, resource result, string sortfilter)
1995   Sort LDAP result entries */
1996PHP_FUNCTION(ldap_sort)
1997{
1998    zval *link, *result;
1999    ldap_linkdata *ld;
2000    char *sortfilter;
2001    size_t sflen;
2002    zend_resource *le;
2003
2004    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrs", &link, &result, &sortfilter, &sflen) != SUCCESS) {
2005        RETURN_FALSE;
2006    }
2007
2008    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2009        RETURN_FALSE;
2010    }
2011
2012    le = Z_RES_P(result);
2013    if (le->type != le_result) {
2014        php_error_docref(NULL, E_WARNING, "Supplied resource is not a valid ldap result resource");
2015        RETURN_FALSE;
2016    }
2017
2018    if (ldap_sort_entries(ld->link, (LDAPMessage **) &le->ptr, sflen ? sortfilter : NULL, strcmp) != LDAP_SUCCESS) {
2019        php_error_docref(NULL, E_WARNING, "%s", ldap_err2string(errno));
2020        RETURN_FALSE;
2021    }
2022
2023    RETURN_TRUE;
2024}
2025/* }}} */
2026
2027#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2028/* {{{ proto bool ldap_get_option(resource link, int option, mixed retval)
2029   Get the current value of various session-wide parameters */
2030PHP_FUNCTION(ldap_get_option)
2031{
2032    zval *link, *retval;
2033    ldap_linkdata *ld;
2034    zend_long option;
2035
2036    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rlz/", &link, &option, &retval) != SUCCESS) {
2037        return;
2038    }
2039
2040    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2041        RETURN_FALSE;
2042    }
2043
2044    switch (option) {
2045    /* options with int value */
2046    case LDAP_OPT_DEREF:
2047    case LDAP_OPT_SIZELIMIT:
2048    case LDAP_OPT_TIMELIMIT:
2049    case LDAP_OPT_PROTOCOL_VERSION:
2050    case LDAP_OPT_ERROR_NUMBER:
2051    case LDAP_OPT_REFERRALS:
2052#ifdef LDAP_OPT_RESTART
2053    case LDAP_OPT_RESTART:
2054#endif
2055        {
2056            int val;
2057
2058            if (ldap_get_option(ld->link, option, &val)) {
2059                RETURN_FALSE;
2060            }
2061            zval_ptr_dtor(retval);
2062            ZVAL_LONG(retval, val);
2063        } break;
2064#ifdef LDAP_OPT_NETWORK_TIMEOUT
2065    case LDAP_OPT_NETWORK_TIMEOUT:
2066        {
2067            struct timeval *timeout = NULL;
2068
2069            if (ldap_get_option(ld->link, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
2070                if (timeout) {
2071                    ldap_memfree(timeout);
2072                }
2073                RETURN_FALSE;
2074            }
2075            if (!timeout) {
2076                RETURN_FALSE;
2077            }
2078            zval_ptr_dtor(retval);
2079            ZVAL_LONG(retval, timeout->tv_sec);
2080            ldap_memfree(timeout);
2081        } break;
2082#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
2083    case LDAP_X_OPT_CONNECT_TIMEOUT:
2084        {
2085            int timeout;
2086
2087            if (ldap_get_option(ld->link, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
2088                RETURN_FALSE;
2089            }
2090            zval_ptr_dtor(retval);
2091            ZVAL_LONG(retval, (timeout / 1000));
2092        } break;
2093#endif
2094    /* options with string value */
2095    case LDAP_OPT_ERROR_STRING:
2096#ifdef LDAP_OPT_HOST_NAME
2097    case LDAP_OPT_HOST_NAME:
2098#endif
2099#ifdef HAVE_LDAP_SASL
2100    case LDAP_OPT_X_SASL_MECH:
2101    case LDAP_OPT_X_SASL_REALM:
2102    case LDAP_OPT_X_SASL_AUTHCID:
2103    case LDAP_OPT_X_SASL_AUTHZID:
2104#endif
2105#ifdef LDAP_OPT_MATCHED_DN
2106    case LDAP_OPT_MATCHED_DN:
2107#endif
2108        {
2109            char *val = NULL;
2110
2111            if (ldap_get_option(ld->link, option, &val) || val == NULL || *val == '\0') {
2112                if (val) {
2113                    ldap_memfree(val);
2114                }
2115                RETURN_FALSE;
2116            }
2117            zval_ptr_dtor(retval);
2118            ZVAL_STRING(retval, val);
2119            ldap_memfree(val);
2120        } break;
2121/* options not implemented
2122    case LDAP_OPT_SERVER_CONTROLS:
2123    case LDAP_OPT_CLIENT_CONTROLS:
2124    case LDAP_OPT_API_INFO:
2125    case LDAP_OPT_API_FEATURE_INFO:
2126*/
2127    default:
2128        RETURN_FALSE;
2129    }
2130    RETURN_TRUE;
2131}
2132/* }}} */
2133
2134/* {{{ proto bool ldap_set_option(resource link, int option, mixed newval)
2135   Set the value of various session-wide parameters */
2136PHP_FUNCTION(ldap_set_option)
2137{
2138    zval *link, *newval;
2139    ldap_linkdata *ld;
2140    LDAP *ldap;
2141    zend_long option;
2142
2143    if (zend_parse_parameters(ZEND_NUM_ARGS(), "zlz", &link, &option, &newval) != SUCCESS) {
2144        return;
2145    }
2146
2147    if (Z_TYPE_P(link) == IS_NULL) {
2148        ldap = NULL;
2149    } else {
2150        if ((ld = (ldap_linkdata *)zend_fetch_resource_ex(link, "ldap link", le_link)) == NULL) {
2151            RETURN_FALSE;
2152        }
2153        ldap = ld->link;
2154    }
2155
2156    switch (option) {
2157    /* options with int value */
2158    case LDAP_OPT_DEREF:
2159    case LDAP_OPT_SIZELIMIT:
2160    case LDAP_OPT_TIMELIMIT:
2161    case LDAP_OPT_PROTOCOL_VERSION:
2162    case LDAP_OPT_ERROR_NUMBER:
2163#ifdef LDAP_OPT_DEBUG_LEVEL
2164    case LDAP_OPT_DEBUG_LEVEL:
2165#endif
2166        {
2167            int val;
2168
2169            convert_to_long_ex(newval);
2170            val = Z_LVAL_P(newval);
2171            if (ldap_set_option(ldap, option, &val)) {
2172                RETURN_FALSE;
2173            }
2174        } break;
2175#ifdef LDAP_OPT_NETWORK_TIMEOUT
2176    case LDAP_OPT_NETWORK_TIMEOUT:
2177        {
2178            struct timeval timeout;
2179
2180            convert_to_long_ex(newval);
2181            timeout.tv_sec = Z_LVAL_P(newval);
2182            timeout.tv_usec = 0;
2183            if (ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, (void *) &timeout)) {
2184                RETURN_FALSE;
2185            }
2186        } break;
2187#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
2188    case LDAP_X_OPT_CONNECT_TIMEOUT:
2189        {
2190            int timeout;
2191
2192            convert_to_long_ex(newval);
2193            timeout = 1000 * Z_LVAL_P(newval); /* Convert to milliseconds */
2194            if (ldap_set_option(ldap, LDAP_X_OPT_CONNECT_TIMEOUT, &timeout)) {
2195                RETURN_FALSE;
2196            }
2197        } break;
2198#endif
2199        /* options with string value */
2200    case LDAP_OPT_ERROR_STRING:
2201#ifdef LDAP_OPT_HOST_NAME
2202    case LDAP_OPT_HOST_NAME:
2203#endif
2204#ifdef HAVE_LDAP_SASL
2205    case LDAP_OPT_X_SASL_MECH:
2206    case LDAP_OPT_X_SASL_REALM:
2207    case LDAP_OPT_X_SASL_AUTHCID:
2208    case LDAP_OPT_X_SASL_AUTHZID:
2209#endif
2210#ifdef LDAP_OPT_MATCHED_DN
2211    case LDAP_OPT_MATCHED_DN:
2212#endif
2213        {
2214            char *val;
2215            convert_to_string_ex(newval);
2216            val = Z_STRVAL_P(newval);
2217            if (ldap_set_option(ldap, option, val)) {
2218                RETURN_FALSE;
2219            }
2220        } break;
2221        /* options with boolean value */
2222    case LDAP_OPT_REFERRALS:
2223#ifdef LDAP_OPT_RESTART
2224    case LDAP_OPT_RESTART:
2225#endif
2226        {
2227            void *val;
2228            convert_to_boolean_ex(newval);
2229            val = Z_TYPE_P(newval) == IS_TRUE
2230                ? LDAP_OPT_ON : LDAP_OPT_OFF;
2231            if (ldap_set_option(ldap, option, val)) {
2232                RETURN_FALSE;
2233            }
2234        } break;
2235        /* options with control list value */
2236    case LDAP_OPT_SERVER_CONTROLS:
2237    case LDAP_OPT_CLIENT_CONTROLS:
2238        {
2239            LDAPControl *ctrl, **ctrls, **ctrlp;
2240            zval *ctrlval, *val;
2241            int ncontrols;
2242            char error=0;
2243
2244            if ((Z_TYPE_P(newval) != IS_ARRAY) || !(ncontrols = zend_hash_num_elements(Z_ARRVAL_P(newval)))) {
2245                php_error_docref(NULL, E_WARNING, "Expected non-empty array value for this option");
2246                RETURN_FALSE;
2247            }
2248            ctrls = safe_emalloc((1 + ncontrols), sizeof(*ctrls), 0);
2249            *ctrls = NULL;
2250            ctrlp = ctrls;
2251            ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(newval), ctrlval) {
2252                if (Z_TYPE_P(ctrlval) != IS_ARRAY) {
2253                    php_error_docref(NULL, E_WARNING, "The array value must contain only arrays, where each array is a control");
2254                    error = 1;
2255                    break;
2256                }
2257                if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "oid", sizeof("oid") - 1)) == NULL) {
2258                    php_error_docref(NULL, E_WARNING, "Control must have an oid key");
2259                    error = 1;
2260                    break;
2261                }
2262                ctrl = *ctrlp = emalloc(sizeof(**ctrlp));
2263                convert_to_string_ex(val);
2264                ctrl->ldctl_oid = Z_STRVAL_P(val);
2265                if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "value", sizeof("value") - 1)) != NULL) {
2266                    convert_to_string_ex(val);
2267                    ctrl->ldctl_value.bv_val = Z_STRVAL_P(val);
2268                    ctrl->ldctl_value.bv_len = Z_STRLEN_P(val);
2269                } else {
2270                    ctrl->ldctl_value.bv_val = NULL;
2271                    ctrl->ldctl_value.bv_len = 0;
2272                }
2273                if ((val = zend_hash_str_find(Z_ARRVAL_P(ctrlval), "iscritical", sizeof("iscritical") - 1)) != NULL) {
2274                    convert_to_boolean_ex(val);
2275                    ctrl->ldctl_iscritical = Z_TYPE_P(val) == IS_TRUE;
2276                } else {
2277                    ctrl->ldctl_iscritical = 0;
2278                }
2279
2280                ++ctrlp;
2281                *ctrlp = NULL;
2282            } ZEND_HASH_FOREACH_END();
2283            if (!error) {
2284                error = ldap_set_option(ldap, option, ctrls);
2285            }
2286            ctrlp = ctrls;
2287            while (*ctrlp) {
2288                efree(*ctrlp);
2289                ctrlp++;
2290            }
2291            efree(ctrls);
2292            if (error) {
2293                RETURN_FALSE;
2294            }
2295        } break;
2296    default:
2297        RETURN_FALSE;
2298    }
2299    RETURN_TRUE;
2300}
2301/* }}} */
2302
2303#ifdef HAVE_LDAP_PARSE_RESULT
2304/* {{{ proto bool ldap_parse_result(resource link, resource result, int errcode, string matcheddn, string errmsg, array referrals)
2305   Extract information from result */
2306PHP_FUNCTION(ldap_parse_result)
2307{
2308    zval *link, *result, *errcode, *matcheddn, *errmsg, *referrals;
2309    ldap_linkdata *ld;
2310    LDAPMessage *ldap_result;
2311    char **lreferrals, **refp;
2312    char *lmatcheddn, *lerrmsg;
2313    int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
2314
2315    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrz/|z/z/z/", &link, &result, &errcode, &matcheddn, &errmsg, &referrals) != SUCCESS) {
2316        return;
2317    }
2318
2319    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2320        RETURN_FALSE;
2321    }
2322
2323    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2324        RETURN_FALSE;
2325    }
2326
2327    rc = ldap_parse_result(ld->link, ldap_result, &lerrcode,
2328                myargcount > 3 ? &lmatcheddn : NULL,
2329                myargcount > 4 ? &lerrmsg : NULL,
2330                myargcount > 5 ? &lreferrals : NULL,
2331                NULL /* &serverctrls */,
2332                0);
2333    if (rc != LDAP_SUCCESS) {
2334        php_error_docref(NULL, E_WARNING, "Unable to parse result: %s", ldap_err2string(rc));
2335        RETURN_FALSE;
2336    }
2337
2338    zval_ptr_dtor(errcode);
2339    ZVAL_LONG(errcode, lerrcode);
2340
2341    /* Reverse -> fall through */
2342    switch (myargcount) {
2343        case 6:
2344            zval_ptr_dtor(referrals);
2345            array_init(referrals);
2346            if (lreferrals != NULL) {
2347                refp = lreferrals;
2348                while (*refp) {
2349                    add_next_index_string(referrals, *refp);
2350                    refp++;
2351                }
2352                ldap_memvfree((void**)lreferrals);
2353            }
2354        case 5:
2355            zval_ptr_dtor(errmsg);
2356            if (lerrmsg == NULL) {
2357                ZVAL_EMPTY_STRING(errmsg);
2358            } else {
2359                ZVAL_STRING(errmsg, lerrmsg);
2360                ldap_memfree(lerrmsg);
2361            }
2362        case 4:
2363            zval_ptr_dtor(matcheddn);
2364            if (lmatcheddn == NULL) {
2365                ZVAL_EMPTY_STRING(matcheddn);
2366            } else {
2367                ZVAL_STRING(matcheddn, lmatcheddn);
2368                ldap_memfree(lmatcheddn);
2369            }
2370    }
2371    RETURN_TRUE;
2372}
2373/* }}} */
2374#endif
2375
2376/* {{{ proto resource ldap_first_reference(resource link, resource result)
2377   Return first reference */
2378PHP_FUNCTION(ldap_first_reference)
2379{
2380    zval *link, *result;
2381    ldap_linkdata *ld;
2382    ldap_resultentry *resultentry;
2383    LDAPMessage *ldap_result, *entry;
2384
2385    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result) != SUCCESS) {
2386        return;
2387    }
2388
2389    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2390        RETURN_FALSE;
2391    }
2392
2393    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2394        RETURN_FALSE;
2395    }
2396
2397    if ((entry = ldap_first_reference(ld->link, ldap_result)) == NULL) {
2398        RETVAL_FALSE;
2399    } else {
2400        resultentry = emalloc(sizeof(ldap_resultentry));
2401        RETVAL_RES(zend_register_resource(resultentry, le_result_entry));
2402        ZVAL_COPY(&resultentry->res, result);
2403        resultentry->data = entry;
2404        resultentry->ber = NULL;
2405    }
2406}
2407/* }}} */
2408
2409/* {{{ proto resource ldap_next_reference(resource link, resource reference_entry)
2410   Get next reference */
2411PHP_FUNCTION(ldap_next_reference)
2412{
2413    zval *link, *result_entry;
2414    ldap_linkdata *ld;
2415    ldap_resultentry *resultentry, *resultentry_next;
2416    LDAPMessage *entry_next;
2417
2418    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr", &link, &result_entry) != SUCCESS) {
2419        return;
2420    }
2421
2422    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2423        RETURN_FALSE;
2424    }
2425
2426    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
2427        RETURN_FALSE;
2428    }
2429
2430    if ((entry_next = ldap_next_reference(ld->link, resultentry->data)) == NULL) {
2431        RETVAL_FALSE;
2432    } else {
2433        resultentry_next = emalloc(sizeof(ldap_resultentry));
2434        RETVAL_RES(zend_register_resource(resultentry_next, le_result_entry));
2435        ZVAL_COPY(&resultentry_next->res, &resultentry->res);
2436        resultentry_next->data = entry_next;
2437        resultentry_next->ber = NULL;
2438    }
2439}
2440/* }}} */
2441
2442#ifdef HAVE_LDAP_PARSE_REFERENCE
2443/* {{{ proto bool ldap_parse_reference(resource link, resource reference_entry, array referrals)
2444   Extract information from reference entry */
2445PHP_FUNCTION(ldap_parse_reference)
2446{
2447    zval *link, *result_entry, *referrals;
2448    ldap_linkdata *ld;
2449    ldap_resultentry *resultentry;
2450    char **lreferrals, **refp;
2451
2452    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rrz/", &link, &result_entry, &referrals) != SUCCESS) {
2453        return;
2454    }
2455
2456    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2457        RETURN_FALSE;
2458    }
2459
2460    if ((resultentry = (ldap_resultentry *)zend_fetch_resource(Z_RES_P(result_entry), "ldap result entry", le_result_entry)) == NULL) {
2461        RETURN_FALSE;
2462    }
2463
2464    if (ldap_parse_reference(ld->link, resultentry->data, &lreferrals, NULL /* &serverctrls */, 0) != LDAP_SUCCESS) {
2465        RETURN_FALSE;
2466    }
2467
2468    zval_ptr_dtor(referrals);
2469    array_init(referrals);
2470    if (lreferrals != NULL) {
2471        refp = lreferrals;
2472        while (*refp) {
2473            add_next_index_string(referrals, *refp);
2474            refp++;
2475        }
2476        ldap_memvfree((void**)lreferrals);
2477    }
2478    RETURN_TRUE;
2479}
2480/* }}} */
2481#endif
2482
2483/* {{{ proto bool ldap_rename(resource link, string dn, string newrdn, string newparent, bool deleteoldrdn)
2484   Modify the name of an entry */
2485PHP_FUNCTION(ldap_rename)
2486{
2487    zval *link;
2488    ldap_linkdata *ld;
2489    int rc;
2490    char *dn, *newrdn, *newparent;
2491    size_t dn_len, newrdn_len, newparent_len;
2492    zend_bool deleteoldrdn;
2493
2494    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rsssb", &link, &dn, &dn_len, &newrdn, &newrdn_len, &newparent, &newparent_len, &deleteoldrdn) != SUCCESS) {
2495        return;
2496    }
2497
2498    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2499        RETURN_FALSE;
2500    }
2501
2502    if (newparent_len == 0) {
2503        newparent = NULL;
2504    }
2505
2506#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
2507    rc = ldap_rename_s(ld->link, dn, newrdn, newparent, deleteoldrdn, NULL, NULL);
2508#else
2509    if (newparent_len != 0) {
2510        php_error_docref(NULL, E_WARNING, "You are using old LDAP API, newparent must be the empty string, can only modify RDN");
2511        RETURN_FALSE;
2512    }
2513/* could support old APIs but need check for ldap_modrdn2()/ldap_modrdn() */
2514    rc = ldap_modrdn2_s(ld->link, dn, newrdn, deleteoldrdn);
2515#endif
2516
2517    if (rc == LDAP_SUCCESS) {
2518        RETURN_TRUE;
2519    }
2520    RETURN_FALSE;
2521}
2522/* }}} */
2523
2524#ifdef HAVE_LDAP_START_TLS_S
2525/* {{{ proto bool ldap_start_tls(resource link)
2526   Start TLS */
2527PHP_FUNCTION(ldap_start_tls)
2528{
2529    zval *link;
2530    ldap_linkdata *ld;
2531    int rc, protocol = LDAP_VERSION3;
2532
2533    if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &link) != SUCCESS) {
2534        return;
2535    }
2536
2537    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2538        RETURN_FALSE;
2539    }
2540
2541    if (((rc = ldap_set_option(ld->link, LDAP_OPT_PROTOCOL_VERSION, &protocol)) != LDAP_SUCCESS) ||
2542        ((rc = ldap_start_tls_s(ld->link, NULL, NULL)) != LDAP_SUCCESS)
2543    ) {
2544        php_error_docref(NULL, E_WARNING,"Unable to start TLS: %s", ldap_err2string(rc));
2545        RETURN_FALSE;
2546    } else {
2547        RETURN_TRUE;
2548    }
2549}
2550/* }}} */
2551#endif
2552#endif /* (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP */
2553
2554#if defined(HAVE_3ARG_SETREBINDPROC)
2555/* {{{ _ldap_rebind_proc()
2556*/
2557int _ldap_rebind_proc(LDAP *ldap, const char *url, ber_tag_t req, ber_int_t msgid, void *params)
2558{
2559    ldap_linkdata *ld;
2560    int retval;
2561    zval cb_args[2];
2562    zval cb_retval;
2563    zval *cb_link = (zval *) params;
2564
2565    ld = (ldap_linkdata *) zend_fetch_resource_ex(cb_link, "ldap link", le_link);
2566
2567    /* link exists and callback set? */
2568    if (ld == NULL || Z_ISUNDEF(ld->rebindproc)) {
2569        php_error_docref(NULL, E_WARNING, "Link not found or no callback set");
2570        return LDAP_OTHER;
2571    }
2572
2573    /* callback */
2574    ZVAL_COPY_VALUE(&cb_args[0], cb_link);
2575    ZVAL_STRING(&cb_args[1], url);
2576    if (call_user_function_ex(EG(function_table), NULL, &ld->rebindproc, &cb_retval, 2, cb_args, 0, NULL) == SUCCESS && !Z_ISUNDEF(cb_retval)) {
2577        convert_to_long_ex(&cb_retval);
2578        retval = Z_LVAL(cb_retval);
2579        zval_ptr_dtor(&cb_retval);
2580    } else {
2581        php_error_docref(NULL, E_WARNING, "rebind_proc PHP callback failed");
2582        retval = LDAP_OTHER;
2583    }
2584    zval_ptr_dtor(&cb_args[1]);
2585    return retval;
2586}
2587/* }}} */
2588
2589/* {{{ proto bool ldap_set_rebind_proc(resource link, string callback)
2590   Set a callback function to do re-binds on referral chasing. */
2591PHP_FUNCTION(ldap_set_rebind_proc)
2592{
2593    zval *link, *callback;
2594    ldap_linkdata *ld;
2595    zend_string *callback_name;
2596
2597    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rz", &link, &callback) != SUCCESS) {
2598        RETURN_FALSE;
2599    }
2600
2601    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2602        RETURN_FALSE;
2603    }
2604
2605    if (Z_TYPE_P(callback) == IS_STRING && Z_STRLEN_P(callback) == 0) {
2606        /* unregister rebind procedure */
2607        if (!Z_ISUNDEF(ld->rebindproc)) {
2608            zval_ptr_dtor(&ld->rebindproc);
2609            ZVAL_UNDEF(&ld->rebindproc);
2610            ldap_set_rebind_proc(ld->link, NULL, NULL);
2611        }
2612        RETURN_TRUE;
2613    }
2614
2615    /* callable? */
2616    if (!zend_is_callable(callback, 0, &callback_name)) {
2617        php_error_docref(NULL, E_WARNING, "Two arguments expected for '%s' to be a valid callback", ZSTR_VAL(callback_name));
2618        zend_string_release(callback_name);
2619        RETURN_FALSE;
2620    }
2621    zend_string_release(callback_name);
2622
2623    /* register rebind procedure */
2624    if (Z_ISUNDEF(ld->rebindproc)) {
2625        ldap_set_rebind_proc(ld->link, _ldap_rebind_proc, (void *) link);
2626    } else {
2627        zval_ptr_dtor(&ld->rebindproc);
2628    }
2629
2630    ZVAL_COPY(&ld->rebindproc, callback);
2631    RETURN_TRUE;
2632}
2633/* }}} */
2634#endif
2635
2636static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, size_t valuelen)
2637{
2638    char hex[] = "0123456789abcdef";
2639    int i, p = 0;
2640    size_t len = 0;
2641    zend_string *ret;
2642
2643    for (i = 0; i < valuelen; i++) {
2644        len += (map[(unsigned char) value[i]]) ? 3 : 1;
2645    }
2646
2647    ret =  zend_string_alloc(len, 0);
2648
2649    for (i = 0; i < valuelen; i++) {
2650        unsigned char v = (unsigned char) value[i];
2651
2652        if (map[v]) {
2653            ZSTR_VAL(ret)[p++] = '\\';
2654            ZSTR_VAL(ret)[p++] = hex[v >> 4];
2655            ZSTR_VAL(ret)[p++] = hex[v & 0x0f];
2656        } else {
2657            ZSTR_VAL(ret)[p++] = v;
2658        }
2659    }
2660
2661    ZSTR_VAL(ret)[p] = '\0';
2662    ZSTR_LEN(ret) = p;
2663}
2664
2665static void php_ldap_escape_map_set_chars(zend_bool *map, const char *chars, const int charslen, char escape)
2666{
2667    int i = 0;
2668    while (i < charslen) {
2669        map[(unsigned char) chars[i++]] = escape;
2670    }
2671}
2672
2673PHP_FUNCTION(ldap_escape)
2674{
2675    char *value, *ignores;
2676    size_t valuelen = 0, ignoreslen = 0;
2677    int i;
2678    zend_long flags = 0;
2679    zend_bool map[256] = {0}, havecharlist = 0;
2680
2681    if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|sl", &value, &valuelen, &ignores, &ignoreslen, &flags) != SUCCESS) {
2682        return;
2683    }
2684
2685    if (!valuelen) {
2686        RETURN_EMPTY_STRING();
2687    }
2688
2689    if (flags & PHP_LDAP_ESCAPE_FILTER) {
2690        havecharlist = 1;
2691        php_ldap_escape_map_set_chars(map, "\\*()\0", sizeof("\\*()\0") - 1, 1);
2692    }
2693
2694    if (flags & PHP_LDAP_ESCAPE_DN) {
2695        havecharlist = 1;
2696        php_ldap_escape_map_set_chars(map, "\\,=+<>;\"#", sizeof("\\,=+<>;\"#") - 1, 1);
2697    }
2698
2699    if (!havecharlist) {
2700        for (i = 0; i < 256; i++) {
2701            map[i] = 1;
2702        }
2703    }
2704
2705    if (ignoreslen) {
2706        php_ldap_escape_map_set_chars(map, ignores, ignoreslen, 0);
2707    }
2708
2709    RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen));
2710}
2711
2712#ifdef STR_TRANSLATION
2713/* {{{ php_ldap_do_translate
2714 */
2715static void php_ldap_do_translate(INTERNAL_FUNCTION_PARAMETERS, int way)
2716{
2717    char *value;
2718    size_t value_len;
2719    int result;
2720
2721    if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &value, &value_len) != SUCCESS) {
2722        return;
2723    }
2724
2725    if (value_len == 0) {
2726        RETURN_FALSE;
2727    }
2728
2729    if (way == 1) {
2730        result = ldap_8859_to_t61(&value, &value_len, 0);
2731    } else {
2732        result = ldap_t61_to_8859(&value, &value_len, 0);
2733    }
2734
2735    if (result == LDAP_SUCCESS) {
2736        RETVAL_STRINGL(value, value_len);
2737        free(value);
2738    } else {
2739        php_error_docref(NULL, E_WARNING, "Conversion from iso-8859-1 to t61 failed: %s", ldap_err2string(result));
2740        RETVAL_FALSE;
2741    }
2742}
2743/* }}} */
2744
2745/* {{{ proto string ldap_t61_to_8859(string value)
2746   Translate t61 characters to 8859 characters */
2747PHP_FUNCTION(ldap_t61_to_8859)
2748{
2749    php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);
2750}
2751/* }}} */
2752
2753/* {{{ proto string ldap_8859_to_t61(string value)
2754   Translate 8859 characters to t61 characters */
2755PHP_FUNCTION(ldap_8859_to_t61)
2756{
2757    php_ldap_do_translate(INTERNAL_FUNCTION_PARAM_PASSTHRU, 1);
2758}
2759/* }}} */
2760#endif
2761
2762#ifdef LDAP_CONTROL_PAGEDRESULTS
2763/* {{{ proto mixed ldap_control_paged_result(resource link, int pagesize [, bool iscritical [, string cookie]])
2764   Inject paged results control*/
2765PHP_FUNCTION(ldap_control_paged_result)
2766{
2767    zend_long pagesize;
2768    zend_bool iscritical;
2769    zval *link;
2770    char *cookie = NULL;
2771    size_t cookie_len = 0;
2772    struct berval lcookie = { 0, NULL };
2773    ldap_linkdata *ld;
2774    LDAP *ldap;
2775    BerElement *ber = NULL;
2776    LDAPControl ctrl, *ctrlsp[2];
2777    int rc, myargcount = ZEND_NUM_ARGS();
2778
2779    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rl|bs", &link, &pagesize, &iscritical, &cookie, &cookie_len) != SUCCESS) {
2780        return;
2781    }
2782
2783    if (Z_TYPE_P(link) == IS_NULL) {
2784        ldap = NULL;
2785    } else {
2786        if ((ld = (ldap_linkdata *)zend_fetch_resource_ex(link, "ldap link", le_link)) == NULL) {
2787            RETURN_FALSE;
2788        }
2789        ldap = ld->link;
2790    }
2791
2792    ber = ber_alloc_t(LBER_USE_DER);
2793    if (ber == NULL) {
2794        php_error_docref(NULL, E_WARNING, "Unable to alloc BER encoding resources for paged results control");
2795        RETURN_FALSE;
2796    }
2797
2798    ctrl.ldctl_iscritical = 0;
2799
2800    switch (myargcount) {
2801        case 4:
2802            lcookie.bv_val = cookie;
2803            lcookie.bv_len = cookie_len;
2804            /* fallthru */
2805        case 3:
2806            ctrl.ldctl_iscritical = (int)iscritical;
2807            /* fallthru */
2808    }
2809
2810    if (ber_printf(ber, "{iO}", (int)pagesize, &lcookie) == LBER_ERROR) {
2811        php_error_docref(NULL, E_WARNING, "Unable to BER printf paged results control");
2812        RETVAL_FALSE;
2813        goto lcpr_error_out;
2814    }
2815    rc = ber_flatten2(ber, &ctrl.ldctl_value, 0);
2816    if (rc == LBER_ERROR) {
2817        php_error_docref(NULL, E_WARNING, "Unable to BER encode paged results control");
2818        RETVAL_FALSE;
2819        goto lcpr_error_out;
2820    }
2821
2822    ctrl.ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
2823
2824    if (ldap) {
2825        /* directly set the option */
2826        ctrlsp[0] = &ctrl;
2827        ctrlsp[1] = NULL;
2828
2829        rc = ldap_set_option(ldap, LDAP_OPT_SERVER_CONTROLS, ctrlsp);
2830        if (rc != LDAP_SUCCESS) {
2831            php_error_docref(NULL, E_WARNING, "Unable to set paged results control: %s (%d)", ldap_err2string(rc), rc);
2832            RETVAL_FALSE;
2833            goto lcpr_error_out;
2834        }
2835        RETVAL_TRUE;
2836    } else {
2837        /* return a PHP control object */
2838        array_init(return_value);
2839
2840        add_assoc_string(return_value, "oid", ctrl.ldctl_oid);
2841        if (ctrl.ldctl_value.bv_len) {
2842            add_assoc_stringl(return_value, "value", ctrl.ldctl_value.bv_val, ctrl.ldctl_value.bv_len);
2843        }
2844        if (ctrl.ldctl_iscritical) {
2845            add_assoc_bool(return_value, "iscritical", ctrl.ldctl_iscritical);
2846        }
2847    }
2848
2849lcpr_error_out:
2850    if (ber != NULL) {
2851        ber_free(ber, 1);
2852    }
2853    return;
2854}
2855/* }}} */
2856
2857/* {{{ proto bool ldap_control_paged_result_response(resource link, resource result [, string &cookie [, int &estimated]])
2858   Extract paged results control response */
2859PHP_FUNCTION(ldap_control_paged_result_response)
2860{
2861    zval *link, *result, *cookie, *estimated;
2862    struct berval lcookie;
2863    int lestimated;
2864    ldap_linkdata *ld;
2865    LDAPMessage *ldap_result;
2866    LDAPControl **lserverctrls, *lctrl;
2867    BerElement *ber;
2868    ber_tag_t tag;
2869    int rc, lerrcode, myargcount = ZEND_NUM_ARGS();
2870
2871    if (zend_parse_parameters(ZEND_NUM_ARGS(), "rr|z/z/", &link, &result, &cookie, &estimated) != SUCCESS) {
2872        return;
2873    }
2874
2875    if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {
2876        RETURN_FALSE;
2877    }
2878
2879    if ((ldap_result = (LDAPMessage *)zend_fetch_resource(Z_RES_P(result), "ldap result", le_result)) == NULL) {
2880        RETURN_FALSE;
2881    }
2882
2883    rc = ldap_parse_result(ld->link,
2884                ldap_result,
2885                &lerrcode,
2886                NULL,       /* matcheddn */
2887                NULL,       /* errmsg */
2888                NULL,       /* referrals */
2889                &lserverctrls,
2890                0);
2891
2892    if (rc != LDAP_SUCCESS) {
2893        php_error_docref(NULL, E_WARNING, "Unable to parse result: %s (%d)", ldap_err2string(rc), rc);
2894        RETURN_FALSE;
2895    }
2896
2897    if (lerrcode != LDAP_SUCCESS) {
2898        php_error_docref(NULL, E_WARNING, "Result is: %s (%d)", ldap_err2string(lerrcode), lerrcode);
2899        RETURN_FALSE;
2900    }
2901
2902    if (lserverctrls == NULL) {
2903        php_error_docref(NULL, E_WARNING, "No server controls in result");
2904        RETURN_FALSE;
2905    }
2906
2907    lctrl = ldap_control_find(LDAP_CONTROL_PAGEDRESULTS, lserverctrls, NULL);
2908    if (lctrl == NULL) {
2909        ldap_controls_free(lserverctrls);
2910        php_error_docref(NULL, E_WARNING, "No paged results control response in result");
2911        RETURN_FALSE;
2912    }
2913
2914    ber = ber_init(&lctrl->ldctl_value);
2915    if (ber == NULL) {
2916        ldap_controls_free(lserverctrls);
2917        php_error_docref(NULL, E_WARNING, "Unable to alloc BER decoding resources for paged results control response");
2918        RETURN_FALSE;
2919    }
2920
2921    tag = ber_scanf(ber, "{io}", &lestimated, &lcookie);
2922    (void)ber_free(ber, 1);
2923
2924    if (tag == LBER_ERROR) {
2925        ldap_controls_free(lserverctrls);
2926        php_error_docref(NULL, E_WARNING, "Unable to decode paged results control response");
2927        RETURN_FALSE;
2928    }
2929
2930    if (lestimated < 0) {
2931        ldap_controls_free(lserverctrls);
2932        php_error_docref(NULL, E_WARNING, "Invalid paged results control response value");
2933        RETURN_FALSE;
2934    }
2935
2936    ldap_controls_free(lserverctrls);
2937    if (myargcount == 4) {
2938        zval_dtor(estimated);
2939        ZVAL_LONG(estimated, lestimated);
2940    }
2941
2942    zval_ptr_dtor(cookie);
2943    if (lcookie.bv_len == 0) {
2944        ZVAL_EMPTY_STRING(cookie);
2945    } else {
2946        ZVAL_STRINGL(cookie, lcookie.bv_val, lcookie.bv_len);
2947    }
2948    ldap_memfree(lcookie.bv_val);
2949
2950    RETURN_TRUE;
2951}
2952/* }}} */
2953#endif
2954
2955/* {{{ arginfo */
2956ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_connect, 0, 0, 0)
2957    ZEND_ARG_INFO(0, hostname)
2958    ZEND_ARG_INFO(0, port)
2959#ifdef HAVE_ORALDAP
2960    ZEND_ARG_INFO(0, wallet)
2961    ZEND_ARG_INFO(0, wallet_passwd)
2962    ZEND_ARG_INFO(0, authmode)
2963#endif
2964ZEND_END_ARG_INFO()
2965
2966ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_resource, 0, 0, 1)
2967    ZEND_ARG_INFO(0, link_identifier)
2968ZEND_END_ARG_INFO()
2969
2970ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_bind, 0, 0, 1)
2971    ZEND_ARG_INFO(0, link_identifier)
2972    ZEND_ARG_INFO(0, bind_rdn)
2973    ZEND_ARG_INFO(0, bind_password)
2974ZEND_END_ARG_INFO()
2975
2976#ifdef HAVE_LDAP_SASL
2977ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sasl_bind, 0, 0, 1)
2978    ZEND_ARG_INFO(0, link)
2979    ZEND_ARG_INFO(0, binddn)
2980    ZEND_ARG_INFO(0, password)
2981    ZEND_ARG_INFO(0, sasl_mech)
2982    ZEND_ARG_INFO(0, sasl_realm)
2983    ZEND_ARG_INFO(0, sasl_authz_id)
2984    ZEND_ARG_INFO(0, props)
2985ZEND_END_ARG_INFO()
2986#endif
2987
2988ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_read, 0, 0, 3)
2989    ZEND_ARG_INFO(0, link_identifier)
2990    ZEND_ARG_INFO(0, base_dn)
2991    ZEND_ARG_INFO(0, filter)
2992    ZEND_ARG_INFO(0, attributes)
2993    ZEND_ARG_INFO(0, attrsonly)
2994    ZEND_ARG_INFO(0, sizelimit)
2995    ZEND_ARG_INFO(0, timelimit)
2996    ZEND_ARG_INFO(0, deref)
2997ZEND_END_ARG_INFO()
2998
2999ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_list, 0, 0, 3)
3000    ZEND_ARG_INFO(0, link_identifier)
3001    ZEND_ARG_INFO(0, base_dn)
3002    ZEND_ARG_INFO(0, filter)
3003    ZEND_ARG_INFO(0, attributes)
3004    ZEND_ARG_INFO(0, attrsonly)
3005    ZEND_ARG_INFO(0, sizelimit)
3006    ZEND_ARG_INFO(0, timelimit)
3007    ZEND_ARG_INFO(0, deref)
3008ZEND_END_ARG_INFO()
3009
3010ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_search, 0, 0, 3)
3011    ZEND_ARG_INFO(0, link_identifier)
3012    ZEND_ARG_INFO(0, base_dn)
3013    ZEND_ARG_INFO(0, filter)
3014    ZEND_ARG_INFO(0, attributes)
3015    ZEND_ARG_INFO(0, attrsonly)
3016    ZEND_ARG_INFO(0, sizelimit)
3017    ZEND_ARG_INFO(0, timelimit)
3018    ZEND_ARG_INFO(0, deref)
3019ZEND_END_ARG_INFO()
3020
3021ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_count_entries, 0, 0, 2)
3022    ZEND_ARG_INFO(0, link_identifier)
3023    ZEND_ARG_INFO(0, result_identifier)
3024ZEND_END_ARG_INFO()
3025
3026ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_entry, 0, 0, 2)
3027    ZEND_ARG_INFO(0, link_identifier)
3028    ZEND_ARG_INFO(0, result_identifier)
3029ZEND_END_ARG_INFO()
3030
3031ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_entry, 0, 0, 2)
3032    ZEND_ARG_INFO(0, link_identifier)
3033    ZEND_ARG_INFO(0, result_identifier)
3034ZEND_END_ARG_INFO()
3035
3036ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_entries, 0, 0, 2)
3037    ZEND_ARG_INFO(0, link_identifier)
3038    ZEND_ARG_INFO(0, result_identifier)
3039ZEND_END_ARG_INFO()
3040
3041ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_attribute, 0, 0, 2)
3042    ZEND_ARG_INFO(0, link_identifier)
3043    ZEND_ARG_INFO(0, result_entry_identifier)
3044ZEND_END_ARG_INFO()
3045
3046ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_attribute, 0, 0, 2)
3047    ZEND_ARG_INFO(0, link_identifier)
3048    ZEND_ARG_INFO(0, result_entry_identifier)
3049ZEND_END_ARG_INFO()
3050
3051ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_attributes, 0, 0, 2)
3052    ZEND_ARG_INFO(0, link_identifier)
3053    ZEND_ARG_INFO(0, result_entry_identifier)
3054ZEND_END_ARG_INFO()
3055
3056ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values, 0, 0, 3)
3057    ZEND_ARG_INFO(0, link_identifier)
3058    ZEND_ARG_INFO(0, result_entry_identifier)
3059    ZEND_ARG_INFO(0, attribute)
3060ZEND_END_ARG_INFO()
3061
3062ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_values_len, 0, 0, 3)
3063    ZEND_ARG_INFO(0, link_identifier)
3064    ZEND_ARG_INFO(0, result_entry_identifier)
3065    ZEND_ARG_INFO(0, attribute)
3066ZEND_END_ARG_INFO()
3067
3068ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_dn, 0, 0, 2)
3069    ZEND_ARG_INFO(0, link_identifier)
3070    ZEND_ARG_INFO(0, result_entry_identifier)
3071ZEND_END_ARG_INFO()
3072
3073ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_explode_dn, 0, 0, 2)
3074    ZEND_ARG_INFO(0, dn)
3075    ZEND_ARG_INFO(0, with_attrib)
3076ZEND_END_ARG_INFO()
3077
3078ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_dn2ufn, 0, 0, 1)
3079    ZEND_ARG_INFO(0, dn)
3080ZEND_END_ARG_INFO()
3081
3082ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_add, 0, 0, 3)
3083    ZEND_ARG_INFO(0, link_identifier)
3084    ZEND_ARG_INFO(0, dn)
3085    ZEND_ARG_INFO(0, entry)
3086ZEND_END_ARG_INFO()
3087
3088ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_delete, 0, 0, 2)
3089    ZEND_ARG_INFO(0, link_identifier)
3090    ZEND_ARG_INFO(0, dn)
3091ZEND_END_ARG_INFO()
3092
3093ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify, 0, 0, 3)
3094    ZEND_ARG_INFO(0, link_identifier)
3095    ZEND_ARG_INFO(0, dn)
3096    ZEND_ARG_INFO(0, entry)
3097ZEND_END_ARG_INFO()
3098
3099ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_modify_batch, 0, 0, 3)
3100    ZEND_ARG_INFO(0, link_identifier)
3101    ZEND_ARG_INFO(0, dn)
3102    ZEND_ARG_ARRAY_INFO(0, modifications_info, 0)
3103ZEND_END_ARG_INFO()
3104
3105ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_add, 0, 0, 3)
3106    ZEND_ARG_INFO(0, link_identifier)
3107    ZEND_ARG_INFO(0, dn)
3108    ZEND_ARG_INFO(0, entry)
3109ZEND_END_ARG_INFO()
3110
3111ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_replace, 0, 0, 3)
3112    ZEND_ARG_INFO(0, link_identifier)
3113    ZEND_ARG_INFO(0, dn)
3114    ZEND_ARG_INFO(0, entry)
3115ZEND_END_ARG_INFO()
3116
3117ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_mod_del, 0, 0, 3)
3118    ZEND_ARG_INFO(0, link_identifier)
3119    ZEND_ARG_INFO(0, dn)
3120    ZEND_ARG_INFO(0, entry)
3121ZEND_END_ARG_INFO()
3122
3123ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_err2str, 0, 0, 1)
3124    ZEND_ARG_INFO(0, errno)
3125ZEND_END_ARG_INFO()
3126
3127ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_compare, 0, 0, 4)
3128    ZEND_ARG_INFO(0, link_identifier)
3129    ZEND_ARG_INFO(0, dn)
3130    ZEND_ARG_INFO(0, attribute)
3131    ZEND_ARG_INFO(0, value)
3132ZEND_END_ARG_INFO()
3133
3134ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_sort, 0, 0, 3)
3135    ZEND_ARG_INFO(0, link)
3136    ZEND_ARG_INFO(0, result)
3137    ZEND_ARG_INFO(0, sortfilter)
3138ZEND_END_ARG_INFO()
3139
3140#ifdef LDAP_CONTROL_PAGEDRESULTS
3141ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result, 0, 0, 2)
3142    ZEND_ARG_INFO(0, link)
3143    ZEND_ARG_INFO(0, pagesize)
3144    ZEND_ARG_INFO(0, iscritical)
3145    ZEND_ARG_INFO(0, cookie)
3146ZEND_END_ARG_INFO();
3147
3148ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_control_paged_result_response, 0, 0, 2)
3149    ZEND_ARG_INFO(0, link)
3150    ZEND_ARG_INFO(0, result)
3151    ZEND_ARG_INFO(1, cookie)
3152    ZEND_ARG_INFO(1, estimated)
3153ZEND_END_ARG_INFO();
3154#endif
3155
3156#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
3157ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_rename, 0, 0, 5)
3158    ZEND_ARG_INFO(0, link_identifier)
3159    ZEND_ARG_INFO(0, dn)
3160    ZEND_ARG_INFO(0, newrdn)
3161    ZEND_ARG_INFO(0, newparent)
3162    ZEND_ARG_INFO(0, deleteoldrdn)
3163ZEND_END_ARG_INFO()
3164
3165ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_get_option, 0, 0, 3)
3166    ZEND_ARG_INFO(0, link_identifier)
3167    ZEND_ARG_INFO(0, option)
3168    ZEND_ARG_INFO(1, retval)
3169ZEND_END_ARG_INFO()
3170
3171ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_option, 0, 0, 3)
3172    ZEND_ARG_INFO(0, link_identifier)
3173    ZEND_ARG_INFO(0, option)
3174    ZEND_ARG_INFO(0, newval)
3175ZEND_END_ARG_INFO()
3176
3177ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_first_reference, 0, 0, 2)
3178    ZEND_ARG_INFO(0, link)
3179    ZEND_ARG_INFO(0, result)
3180ZEND_END_ARG_INFO()
3181
3182ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_next_reference, 0, 0, 2)
3183    ZEND_ARG_INFO(0, link)
3184    ZEND_ARG_INFO(0, entry)
3185ZEND_END_ARG_INFO()
3186
3187#ifdef HAVE_LDAP_PARSE_REFERENCE
3188ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_reference, 0, 0, 3)
3189    ZEND_ARG_INFO(0, link)
3190    ZEND_ARG_INFO(0, entry)
3191    ZEND_ARG_INFO(1, referrals)
3192ZEND_END_ARG_INFO()
3193#endif
3194
3195
3196#ifdef HAVE_LDAP_PARSE_RESULT
3197ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_parse_result, 0, 0, 3)
3198    ZEND_ARG_INFO(0, link)
3199    ZEND_ARG_INFO(0, result)
3200    ZEND_ARG_INFO(1, errcode)
3201    ZEND_ARG_INFO(1, matcheddn)
3202    ZEND_ARG_INFO(1, errmsg)
3203    ZEND_ARG_INFO(1, referrals)
3204ZEND_END_ARG_INFO()
3205#endif
3206#endif
3207
3208#if defined(HAVE_3ARG_SETREBINDPROC)
3209ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_set_rebind_proc, 0, 0, 2)
3210    ZEND_ARG_INFO(0, link)
3211    ZEND_ARG_INFO(0, callback)
3212ZEND_END_ARG_INFO()
3213#endif
3214
3215ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_escape, 0, 0, 1)
3216    ZEND_ARG_INFO(0, value)
3217    ZEND_ARG_INFO(0, ignore)
3218    ZEND_ARG_INFO(0, flags)
3219ZEND_END_ARG_INFO()
3220
3221#ifdef STR_TRANSLATION
3222ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_t61_to_8859, 0, 0, 1)
3223    ZEND_ARG_INFO(0, value)
3224ZEND_END_ARG_INFO()
3225
3226ZEND_BEGIN_ARG_INFO_EX(arginfo_ldap_8859_to_t61, 0, 0, 1)
3227    ZEND_ARG_INFO(0, value)
3228ZEND_END_ARG_INFO()
3229#endif
3230/* }}} */
3231
3232/*
3233    This is just a small subset of the functionality provided by the LDAP library. All the
3234    operations are synchronous. Referrals are not handled automatically.
3235*/
3236/* {{{ ldap_functions[]
3237 */
3238const zend_function_entry ldap_functions[] = {
3239    PHP_FE(ldap_connect,                                arginfo_ldap_connect)
3240    PHP_FALIAS(ldap_close,      ldap_unbind,            arginfo_ldap_resource)
3241    PHP_FE(ldap_bind,                                   arginfo_ldap_bind)
3242#ifdef HAVE_LDAP_SASL
3243    PHP_FE(ldap_sasl_bind,                              arginfo_ldap_sasl_bind)
3244#endif
3245    PHP_FE(ldap_unbind,                                 arginfo_ldap_resource)
3246    PHP_FE(ldap_read,                                   arginfo_ldap_read)
3247    PHP_FE(ldap_list,                                   arginfo_ldap_list)
3248    PHP_FE(ldap_search,                                 arginfo_ldap_search)
3249    PHP_FE(ldap_free_result,                            arginfo_ldap_resource)
3250    PHP_FE(ldap_count_entries,                          arginfo_ldap_count_entries)
3251    PHP_FE(ldap_first_entry,                            arginfo_ldap_first_entry)
3252    PHP_FE(ldap_next_entry,                             arginfo_ldap_next_entry)
3253    PHP_FE(ldap_get_entries,                            arginfo_ldap_get_entries)
3254    PHP_FE(ldap_first_attribute,                        arginfo_ldap_first_attribute)
3255    PHP_FE(ldap_next_attribute,                         arginfo_ldap_next_attribute)
3256    PHP_FE(ldap_get_attributes,                         arginfo_ldap_get_attributes)
3257    PHP_FALIAS(ldap_get_values, ldap_get_values_len,    arginfo_ldap_get_values)
3258    PHP_FE(ldap_get_values_len,                         arginfo_ldap_get_values_len)
3259    PHP_FE(ldap_get_dn,                                 arginfo_ldap_get_dn)
3260    PHP_FE(ldap_explode_dn,                             arginfo_ldap_explode_dn)
3261    PHP_FE(ldap_dn2ufn,                                 arginfo_ldap_dn2ufn)
3262    PHP_FE(ldap_add,                                    arginfo_ldap_add)
3263    PHP_FE(ldap_delete,                                 arginfo_ldap_delete)
3264    PHP_FE(ldap_modify_batch,                           arginfo_ldap_modify_batch)
3265    PHP_FALIAS(ldap_modify,     ldap_mod_replace,       arginfo_ldap_modify)
3266
3267/* additional functions for attribute based modifications, Gerrit Thomson */
3268    PHP_FE(ldap_mod_add,                                arginfo_ldap_mod_add)
3269    PHP_FE(ldap_mod_replace,                            arginfo_ldap_mod_replace)
3270    PHP_FE(ldap_mod_del,                                arginfo_ldap_mod_del)
3271/* end gjt mod */
3272
3273    PHP_FE(ldap_errno,                                  arginfo_ldap_resource)
3274    PHP_FE(ldap_err2str,                                arginfo_ldap_err2str)
3275    PHP_FE(ldap_error,                                  arginfo_ldap_resource)
3276    PHP_FE(ldap_compare,                                arginfo_ldap_compare)
3277    PHP_DEP_FE(ldap_sort,                                   arginfo_ldap_sort)
3278
3279#if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP
3280    PHP_FE(ldap_rename,                                 arginfo_ldap_rename)
3281    PHP_FE(ldap_get_option,                             arginfo_ldap_get_option)
3282    PHP_FE(ldap_set_option,                             arginfo_ldap_set_option)
3283    PHP_FE(ldap_first_reference,                        arginfo_ldap_first_reference)
3284    PHP_FE(ldap_next_reference,                         arginfo_ldap_next_reference)
3285#ifdef HAVE_LDAP_PARSE_REFERENCE
3286    PHP_FE(ldap_parse_reference,                        arginfo_ldap_parse_reference)
3287#endif
3288#ifdef HAVE_LDAP_PARSE_RESULT
3289    PHP_FE(ldap_parse_result,                           arginfo_ldap_parse_result)
3290#endif
3291#ifdef HAVE_LDAP_START_TLS_S
3292    PHP_FE(ldap_start_tls,                              arginfo_ldap_resource)
3293#endif
3294#endif
3295
3296#if defined(HAVE_3ARG_SETREBINDPROC)
3297    PHP_FE(ldap_set_rebind_proc,                        arginfo_ldap_set_rebind_proc)
3298#endif
3299
3300    PHP_FE(ldap_escape,                                 arginfo_ldap_escape)
3301
3302#ifdef STR_TRANSLATION
3303    PHP_FE(ldap_t61_to_8859,                            arginfo_ldap_t61_to_8859)
3304    PHP_FE(ldap_8859_to_t61,                            arginfo_ldap_8859_to_t61)
3305#endif
3306
3307#ifdef LDAP_CONTROL_PAGEDRESULTS
3308    PHP_FE(ldap_control_paged_result,                           arginfo_ldap_control_paged_result)
3309    PHP_FE(ldap_control_paged_result_response,      arginfo_ldap_control_paged_result_response)
3310#endif
3311    PHP_FE_END
3312};
3313/* }}} */
3314
3315zend_module_entry ldap_module_entry = { /* {{{ */
3316    STANDARD_MODULE_HEADER,
3317    "ldap",
3318    ldap_functions,
3319    PHP_MINIT(ldap),
3320    PHP_MSHUTDOWN(ldap),
3321    NULL,
3322    NULL,
3323    PHP_MINFO(ldap),
3324    PHP_LDAP_VERSION,
3325    PHP_MODULE_GLOBALS(ldap),
3326    PHP_GINIT(ldap),
3327    NULL,
3328    NULL,
3329    STANDARD_MODULE_PROPERTIES_EX
3330};
3331/* }}} */
3332
3333/*
3334 * Local variables:
3335 * tab-width: 4
3336 * c-basic-offset: 4
3337 * End:
3338 * vim600: sw=4 ts=4 fdm=marker
3339 * vim<600: sw=4 ts=4
3340 */
3341