Skip to content

[Ldap] Fix LDAP connection options #46325

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 14, 2022
Merged

[Ldap] Fix LDAP connection options #46325

merged 1 commit into from
May 14, 2022

Conversation

buffcode
Copy link
Contributor

@buffcode buffcode commented May 11, 2022
edited
Loading

Q A
Branch? 4.4
Bug fix? yes
New feature? no
Deprecations? no
License MIT

This PR adds support for the LDAP_OPT_X_TLS_CACERTFILE option in order to specify a CA file which should be used. It is available since the same PHP version as the other options and may just have been forgotten.

Furthermore the connection options need to be applied at different stages in order to be effective.

Connection options are tagged to be preconnect-options and are executed before ldap_connect, all other options continue to be applied between ldap_connect and ldap_bind.

Be aware that there is no LDAP documentation about which option is global and thus not requiring a connection and which needs one.

The preconnect options from this PR come from trial-and-error testing and mailing list entries at OpenLDAP.

Maybe also relevant:

@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has a contribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (see https://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (see https://symfony.com/releases)
  • Features and deprecations must be submitted against the 6.1 branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

@carsonbot carsonbot added this to the 6.1 milestone May 11, 2022
@derrabus derrabus added the Ldap label May 11, 2022
@carsonbot carsonbot changed the title add support for CA cert file [Ldap] add support for CA cert file May 11, 2022
@buffcode buffcode changed the title [Ldap] add support for CA cert file [Ldap] [WIP] Fix LDAP connection options May 12, 2022
@buffcode buffcode changed the base branch from 6.1 to 4.4 May 12, 2022 07:02
@buffcode buffcode changed the title [Ldap] [WIP] Fix LDAP connection options [Ldap] Fix LDAP connection options May 12, 2022
@derrabus derrabus modified the milestones: 6.1, 4.4 May 12, 2022
@carsonbot
Copy link

Hey!

I think @arekzb has recently worked with this code. Maybe they can help review this?

Cheers!

Carsonbot

@nicolas-grekas
Copy link
Member

Thank you @buffcode.

@nicolas-grekas nicolas-grekas merged commit ddfb4a8 into symfony:4.4 May 14, 2022
@fabpot fabpot mentioned this pull request May 14, 2022
Merged
This was referenced May 27, 2022
Merged
Merged
Merged
@tatankat tatankat mentioned this pull request Aug 3, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas left review comments

@stof stof stof left review comments

Assignees
No one assigned
Labels
Ldap Status: Needs Review
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
5 participants
@buffcode @carsonbot @nicolas-grekas @stof @derrabus