|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #42837 Timeout parameter for ldap_bind() and/or ldap_connect()
Submitted: 2007-10-03 14:07 UTC Modified: 2007-10-06 01:48 UTC
From: fernando dot wendt at gmail dot com Assigned: jani (profile)
Status: Closed Package: LDAP related
PHP Version: 5.2.4 OS: GNU-Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: fernando dot wendt at gmail dot com
New email:
PHP Version: OS:


 [2007-10-03 14:07 UTC] fernando dot wendt at gmail dot com
I do suggest that PHP LDAP functions "ldap_bind" and/or "ldap_connect" are improved to suport a new parameter to control network timeout over the request.

At some cases, the HTTP request is send to webserver (like Ajax can do), and it can't be handling for stop processing - on the server side (because XMLHTTPRequest has an "abort" method avaliable - for the client side). So, if there are a lot of online users trying to get the same LDAP large entries, the webserver probably hangs up (or even crashes).

That hangs on the request processing for large data ranges from LDAP data sources (i.e: more than 5000 entries). Plus, the network state is too involved at this new suggested behavior, in order to be manipulated at some way.

So, adding this parameter function, PHP could limits the request response in order to control it, by the time.

Reproduce code:
$host = "localhost";
$basedn = "ou=MYCOMPANY";

if ($con = ldap_connect($host)){
  ldap_set_option($con, LDAP_OPT_TIMELIMIT, 10);
  echo "Connected";

  $ldapbind = ldap_bind($con);
  if ($ldapbind){
    //echo "Bind OK";
    $search = ldap_search($con, $basedn, "(cn=*)");
    echo "LDAP Entries:" . ldap_count_entries($con, $search);
    echo "No bind";
  echo "Not connected";

Expected result:
I would like to specify at ldap_connect($host, $time) and/or ldap_bind($con, $time) the number of seconds that request could be hanged on, while not expires.

Actual result:
As the only time limit is avaliable at ldap_search function, or even ldap_set_option, if there are a lot of entries to be handled, the request is being hanged on a very long time (TCP/IP connection).


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2007-10-06 01:40 UTC]
This is duplicate of bug #41017

I have a patch pending which makes LDAP_OPT_NETWORK_TIMEOUT option available to ldap_get_option/ldap_set_option functions.

Basic usage:


$ld = ldap_connect("");
ldap_set_option($ld, LDAP_OPT_NETWORK_TIMEOUT, 10); /* 10 second timeout */


This will now not just hang there indefinately but will bail out after 10s if bind does not succeed before.

 [2007-10-06 01:48 UTC]
Patch applied to PHP_5_3 branch and will be available as of PHP 5.3.0 and above.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Apr 23 08:01:30 2024 UTC