php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #25454 ldap_bind produces an assertion error in cyrus.c
Submitted: 2003-09-09 12:02 UTC Modified: 2003-09-11 05:10 UTC
From: rolli at aum dot unibe dot ch Assigned:
Status: Not a bug Package: LDAP related
PHP Version: 4.3.3 OS: Linux-2.4
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: rolli at aum dot unibe dot ch
New email:
PHP Version: OS:

 

 [2003-09-09 12:02 UTC] rolli at aum dot unibe dot ch 
Description:
------------
When using ldap_bind() nothing happens as script execution stops immediatly. Verifying the script with CLI there's an assertion error in cyrus.c
The problem seems to be related to cyrus.c working with a cyrus-sasl-2.1x.

Checked the following:
Server 1: php-4.3.3 with cyrus-sasl-1.5.24 works
Server 2: php-4.3.3 with cyrus-sasl2-2.1.12 doesn't work

Both Servers compiled wiht:
'./configure' '--prefix=/usr/share' '--datadir=/usr/share/php' '--bindir=/usr/bin' '--libdir=/usr/share' '--includedir=/usr/include' '--with-_lib=lib' '--with-config-file-path=/etc' '--with-exec-dir=/usr/lib/php/bin' '--disable-debug' '--enable-bcmath' '--enable-calendar' '--enable-ctype' '--enable-dbase' '--enable-discard-path' '--enable-exif' '--enable-filepro' '--enable-ftp' '--enable-gd-imgstrttf' '--enable-gd-native-ttf' '--enable-inline-optimization' '--enable-magic-quotes' '--enable-mbstr-enc-trans' '--enable-mbstring' '--enable-mbregex' '--enable-memory-limit' '--enable-safe-mode' '--enable-shmop' '--enable-sigchild' '--enable-sysvsem' '--enable-sysvshm' '--enable-track-vars' '--enable-trans-sid' '--enable-versioning' '--enable-wddx' '--enable-yp' '--with-bz2' '--with-curl' '--with-dom=/usr/include/libxml2' '--with-ftp' '--with-gdbm' '--with-gettext' '--with-gmp' '--with-imap=yes' '--with-imap-ssl' '--with-imagick=/usr' '--with-openssl' '--with-iodbc' '--with-java=/usr/lib/SunJava2-1.4.1' '--with-jpeg-dir=/usr' '--with-ldap=yes' '--with-mcal=/usr' '--with-mcrypt' '--with-mnogosearch=/usr/local/mnogosearch' '--with-mysql=/usr' '--with-ndbm' '--with-pgsql=shared' '--with-png-dir=/usr' '--with-readline' '--with-snmp' '--with-t1lib' '--with-tiff-dir=/usr' '--with-ttf' '--with-freetype-dir=yes' '--with-xml' '--with-xmlrpc' '--with-dom-xslt=/usr' '--with-dom-exslt=/usr' '--with-xpm-dir=/usr/X11R6' '--with-zlib=yes' '--with-gd' '--enable-xslt' '--with-xslt-sablot' '--with-iconv' '--with-mm' '--with-pdflib=/usr' '--with-apxs=/usr/sbin/apxs' 

Reproduce code:
---------------
<?php
error_reporting(E_ALL);
echo "Connecting ...";
$ldapconn=ldap_connect("ldaps://id-auth01.unibe.ch, ldaps://id-auth02.unibe.ch","636");
if (is_resource($ldapconn)) { 
    echo "Binding ...";
    $ldapbind = ldap_bind($ldapconn);
    // verify binding
    if ($ldapbind) {
        echo "LDAP bind successful...";
    } else {
        echo "LDAP bind failed...";
    }
} 
ldap_close($ldapconn);
?>

Expected result:
----------------
I should see a pretty "LDAP bind successful". Acutally works on Server 1 with cyrus-sasl-1.5.24.

Actual result:
--------------
#mr@linux: php ldap.php
php: cyrus.c:469: ldap_int_sasl_open: Assertion `lc->lconn_sasl_ctx == ((void *)0)' failed.
Aborted

Then tested with above script and only one ldap-server in ldap_connect() leads to
Warning: ldap_bind():  Unable to bind to server: Can't contact LDAP server in
on Server 2, but works perfectly on Server 1.

So could it be ext/cyrus not compatible with cyrus-sasl2-2.1.12?

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-09-09 13:06 UTC] sniper@php.net 
First of all: Does this work with the openldap binaries, e.g.
ldapsearch ??
 [2003-09-09 13:09 UTC] sniper@php.net 
And where does it say that you can use multiple hosts in one connect? (FYI: This has absolutely NOTHING to do with ext/cyrus)
 [2003-09-09 13:15 UTC] sniper@php.net 
Nevermind the last comment, ldap_initialize() is just undocumented..had to read openldap sources a bit. :)
 [2003-09-09 15:35 UTC] sniper@php.net 
I tested your script and for me it just hangs in 'Binding..'.
No assert error here. Did you recompile openldap after upgrading cyrus-sasl?
 [2003-09-10 03:45 UTC] rolli at aum dot unibe dot ch 
Actually it's an SuSE 8.2. All installed software packages are original SuSE rpms. The only thing I compile for myself is PHP and the related packages like pdflib, mnogosearch, imagick.
 [2003-09-10 09:08 UTC] sniper@php.net 
So do the openldap binaries work or not???
I'm pretty sure this is not PHP bug at all as I could not 
reproduce this.
 [2003-09-11 02:33 UTC] rolli at aum dot unibe dot ch 
I have to apologize for this bug report.
Everything is fine with PHP and ext/ldap and ext/cyrus.

Sniper, you're right. The Problem was elsewhere. After diving deeper I realized that the sysadmin of the ldap-server has changed the certificates one day before I restarted with the project.
Actually, with the binaries I got this:

ldap_start_tls: Can't contact LDAP server (81)
        additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE

The certifactes are signed by selfsigned CA-Cert. So I fetched the CA-Cert and put it in /etc/openldap/ldap.conf. Now everything works again.

But I'm wondering cause on the other server there is a 2.0.x OpenLDAP-Client and this one doesn't complain about the cert.

Anyway the correct place for my problem would have been the mailing list. Sorry again. I closed the bug.

Regards
Michael
 [2003-09-11 05:10 UTC] magnus@php.net 
Not a bug => Bogus
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Feb 05 14:01:32 2025 UTC