php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #42837 Timeout parameter for ldap_bind() and/or ldap_connect()
Submitted: 2007-10-03 14:07 UTC Modified: 2007-10-06 01:48 UTC
From: fernando dot wendt at gmail dot com Assigned: jani
Status: Closed Package: LDAP related
PHP Version: 5.2.4 OS: GNU-Linux
Private report: No CVE-ID:
 [2007-10-03 14:07 UTC] fernando dot wendt at gmail dot com
Description:
------------
I do suggest that PHP LDAP functions "ldap_bind" and/or "ldap_connect" are improved to suport a new parameter to control network timeout over the request.

At some cases, the HTTP request is send to webserver (like Ajax can do), and it can't be handling for stop processing - on the server side (because XMLHTTPRequest has an "abort" method avaliable - for the client side). So, if there are a lot of online users trying to get the same LDAP large entries, the webserver probably hangs up (or even crashes).

That hangs on the request processing for large data ranges from LDAP data sources (i.e: more than 5000 entries). Plus, the network state is too involved at this new suggested behavior, in order to be manipulated at some way.

So, adding this parameter function, PHP could limits the request response in order to control it, by the time.

Reproduce code:
---------------
$host = "localhost";
$basedn = "ou=MYCOMPANY";

if ($con = ldap_connect($host)){
  ldap_set_option($con, LDAP_OPT_TIMELIMIT, 10);
  echo "Connected";

  $ldapbind = ldap_bind($con);
  if ($ldapbind){
    //echo "Bind OK";
    $search = ldap_search($con, $basedn, "(cn=*)");
    echo "LDAP Entries:" . ldap_count_entries($con, $search);
  }
  else
    echo "No bind";
  ldap_unbind($con);
}
else
  echo "Not connected";

Expected result:
----------------
I would like to specify at ldap_connect($host, $time) and/or ldap_bind($con, $time) the number of seconds that request could be hanged on, while not expires.



Actual result:
--------------
As the only time limit is avaliable at ldap_search function, or even ldap_set_option, if there are a lot of entries to be handled, the request is being hanged on a very long time (TCP/IP connection).

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-10-06 01:40 UTC] jani@php.net
This is duplicate of bug #41017

I have a patch pending which makes LDAP_OPT_NETWORK_TIMEOUT option available to ldap_get_option/ldap_set_option functions.

Basic usage:

<?php

$ld = ldap_connect("ldap.example.com");
ldap_set_option($ld, LDAP_OPT_NETWORK_TIMEOUT, 10); /* 10 second timeout */
ldap_bind($ld);

?>

This will now not just hang there indefinately but will bail out after 10s if bind does not succeed before.

 [2007-10-06 01:48 UTC] jani@php.net
Patch applied to PHP_5_3 branch and will be available as of PHP 5.3.0 and above.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 20:01:57 2014 UTC