Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 542891f

Browse filesBrowse files
fabpotfabpot
committed
bug #58144 [Ldap] fail if whoami() is called before saslBind() (xabbuh)
This PR was merged into the 7.2 branch. Discussion ---------- [Ldap] fail if `whoami()` is called before `saslBind()` | Q | A | ------------- | --- | Branch? | 7.2 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | | License | MIT Commits ------- 734ce16 fail if whoami() is called before saslBind()
2 parents 9e81345 + 734ce16 commit 542891f
Copy full SHA for 542891f

File tree

2 files changed

+32
-0
lines changed
Filter options

2 files changed

+32
-0
lines changed

‎src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php
+5Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
use Symfony\Component\Ldap\Exception\ConnectionTimeoutException;
1919
use Symfony\Component\Ldap\Exception\InvalidCredentialsException;
2020
use Symfony\Component\Ldap\Exception\LdapException;
21+
use Symfony\Component\Ldap\Exception\NotBoundException;
2122
use Symfony\Component\OptionsResolver\Options;
2223
use Symfony\Component\OptionsResolver\OptionsResolver;
2324

@@ -116,6 +117,10 @@ public function saslBind(?string $dn = null, #[\SensitiveParameter] ?string $pas
116117
*/
117118
public function whoami(): string
118119
{
120+
if (!$this->connection) {
121+
throw new NotBoundException(\sprintf('Cannot execute "%s()" before calling "%s::saslBind()".', __METHOD__, __CLASS__));
122+
}
123+
119124
if (false === $authzId = ldap_exop_whoami($this->connection)) {
120125
throw new LdapException(ldap_error($this->connection));
121126
}

‎src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/AdapterTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/AdapterTest.php
+27Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,12 +39,39 @@ public function testLdapEscape()
3939
*/
4040
public function testSaslBind()
4141
{
42+
$h = @ldap_connect(getenv('LDAP_HOST'), getenv('LDAP_PORT'));
43+
@ldap_set_option($h, \LDAP_OPT_PROTOCOL_VERSION, 3);
44+
45+
if (!$h || !@ldap_bind($h)) {
46+
$this->markTestSkipped('No server is listening on LDAP_HOST:LDAP_PORT');
47+
}
48+
49+
if (!@ldap_start_tls($h)) {
50+
ldap_unbind($h);
51+
$this->markTestSkipped('Cannot establish an encrypted connection');
52+
}
53+
54+
ldap_unbind($h);
55+
4256
$ldap = new Adapter($this->getLdapConfig());
4357

4458
$ldap->getConnection()->saslBind('cn=admin,dc=symfony,dc=com', 'symfony');
4559
$this->assertEquals('cn=admin,dc=symfony,dc=com', $ldap->getConnection()->whoami());
4660
}
4761

62+
/**
63+
* @group functional
64+
*/
65+
public function testWhoamiWithoutSaslBind()
66+
{
67+
$ldap = new Adapter($this->getLdapConfig());
68+
69+
$this->expectException(NotBoundException::class);
70+
$this->expectExceptionMessage('Cannot execute "Symfony\Component\Ldap\Adapter\ExtLdap\Connection::whoami()" before calling "Symfony\Component\Ldap\Adapter\ExtLdap\Connection::saslBind()".');
71+
72+
$ldap->getConnection()->whoami();
73+
}
74+
4875
/**
4976
* @group functional
5077
*/

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.