php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #35610 Too many certificates give timeout in ldap_bind when using ldaps
Submitted: 2005-12-09 06:56 UTC Modified: 2005-12-09 09:05 UTC
From: newslettersforjml at exrei dot fi Assigned:
Status: Not a bug Package: Performance problem
PHP Version: 4.4.1 OS: Linux 2.6.8
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: newslettersforjml at exrei dot fi
New email:
PHP Version: OS:

 

 [2005-12-09 06:56 UTC] newslettersforjml at exrei dot fi
Description:
------------
If you have lots of certificates in certs dir (from where php checks certs) ldap_bind gives timeout.

Test system was P III 733MHz with 256MB ram. I tried with perl and ldapsearch and bind worked just fine with all certs in place. When one uses Debian Sarge and installs ca-certificates it installs about 60-75 certs. Before removing these certs I got timeout, after removing I got success.

I tested ldap_bind against MS 2003 server AD.

Reproduce code:
---------------
$auth_user = "AD\\user";
$passwd = "pwd";
$connect=ldap_connect("ldaps://192.168.1.1");
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);

$bind=ldap_bind($connect, $auth_user, $passwd);

print "<br>";
print ldap_error($connect);
print "<br>";


Expected result:
----------------
<br>Success<br>

Actual result:
--------------
Timeout

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-12-09 09:05 UTC] sniper@php.net
We only wrap around the openldap library and openssl. If those fail, it's not our problem.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 26 20:01:29 2024 UTC