|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69574 ldap timeouts not enforced
Submitted: 2015-05-05 13:54 UTC Modified: 2015-09-10 10:00 UTC
From: ryan dot brothers at gmail dot com Assigned: mcmic (profile)
Status: Closed Package: LDAP related
PHP Version: 5.6.8 OS: Linux
Private report: No CVE-ID: None
 [2015-05-05 13:54 UTC] ryan dot brothers at gmail dot com
I am trying to simulate a LDAP server timing out.  I'm setting the options LDAP_OPT_NETWORK_TIMEOUT and LDAP_OPT_TIMELIMIT, but the script runs indefinitely without timing out.

In one ssh session, I am running the following command to simulate a socket listener:

nc -l 1234

If I run the below script in a second ssh session, it runs forever and never times out.

Is there a way to have this script timeout after a certain number of seconds?

Test script:
$ldap = ldap_connect('');

ldap_set_option($ldap, LDAP_OPT_NETWORK_TIMEOUT, 3);
ldap_set_option($ldap, LDAP_OPT_TIMELIMIT, 3);


Expected result:
Script times out in 3 seconds.

Actual result:
Script never times out.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2015-09-09 13:47 UTC]
I can’t reproduce this, I tried your script, I got «PHP Warning:  ldap_connect(): Could not create session handle: Bad parameter to an ldap routine in /tmp/test.php on line 3»
So I replaced the call to ldap_connect by «$ldap = ldap_connect('');»
I launched «nc -l 1234» in a shell, in an other one the PHP script, I only got «PHP Warning:  ldap_bind(): Unable to bind to server: Can't contact LDAP server in /tmp/test.php on line 8» immediatly, not even after 3 seconds.

Not sure how to test this otherwise…
 [2015-09-09 13:48 UTC]
I meant I replaced it by «$ldap = ldap_connect('localhost', 1234);», sorry.
 [2015-09-09 13:51 UTC]
Ok, got it, I had to do «nc -l -p 1234» instead of «nc -l 1234».
I can reproduce the bug.
 [2015-09-09 13:51 UTC]
-Status: Open +Status: Assigned -Assigned To: +Assigned To: mcmic
 [2015-09-09 15:24 UTC]
Ok, so the problem is:

LDAP_OPT_TIMELIMIT is only for searches, not bind operations
LDAP_OPT_NETWORK_TIMEOUT is for socket level timeout, in your test there is no such thing as the nc is indeed listening on the socket.

What you need is LDAP_OPT_TIMEOUT from openldap, which is not available yet in PHP.
So I’m gonna add this to php-ldap as it seems usefull.
 [2015-09-10 10:00 UTC]
-Status: Assigned +Status: Closed
 [2015-09-10 10:00 UTC]
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at

 For Windows:
Thank you for the report, and for helping us make PHP better.

I added support for LDAP_OPT_TIMEOUT, please check that it fixes your problem.
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Tue Aug 09 14:04:39 2022 UTC