php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #42015 ldap_rename gets server error "DSA is unwilling to perform"
Submitted: 2007-07-17 02:50 UTC Modified: 2007-07-17 08:44 UTC
From: bob at mroczka dot com Assigned:
Status: Closed Package: LDAP related
PHP Version: 5.2.3 OS: solaris 8
Private report: No CVE-ID:
 [2007-07-17 02:50 UTC] bob at mroczka dot com
Description:
------------
i encountered this error while attempting to use ldap_rename against an IBM tivoli directory server.  if i used the command line ldapmodrn tool the same rename was successful.  i ran a network trace for each rename and found that php was not properly sending a null in the 4th argument (newparent) to ldap_rename_s when a null or empty string is passed in the php web page for this argument.  this was causing the ldap client library to send 2 additional hex bytes x'0800' at the end of the modrdn packet causing the server to return the unwilling error.  the following 2 line patch fixes this problem and sends a proper null when requested.

--- ext/ldap/ldap.c.orig        2006-06-15 13:33:07.000000000 -0500
+++ ext/ldap/ldap.c     2007-07-16 21:33:32.748612000 -0500
@@ -2114,7 +2114,8 @@
        convert_to_boolean_ex(deleteoldrdn);

 #if (LDAP_API_VERSION > 2000) || HAVE_NSLDAP || HAVE_ORALDAP_10
-       rc = ldap_rename_s(ld->link, Z_STRVAL_PP(dn), Z_STRVAL_PP(newrdn), Z_STRVAL_PP(newparent), Z_BVAL_PP(deleteoldrdn), NULL, NULL);
+       char *newp = Z_STRLEN_PP(newparent) < 1 ? NULL : Z_STRVAL_PP(newparent);
+       rc = ldap_rename_s(ld->link, Z_STRVAL_PP(dn), Z_STRVAL_PP(newrdn), newp, Z_BVAL_PP(deleteoldrdn), NULL, NULL);
 #else
        if (Z_STRLEN_PP(newparent) != 0) {
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "You are using old LDAP API, newparent must be the empty string, can only modify RDN");


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-07-17 08:44 UTC] jani@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Thanks for the excellent analysis (and patch, which I modified a bit though.. :)
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 06:02:13 2014 UTC