Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:99642 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 83001 invoked from network); 26 Jun 2017 10:45:37 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 26 Jun 2017 10:45:37 -0000 Authentication-Results: pb1.pair.com header.from=andreas@heigl.org; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=andreas@heigl.org; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain heigl.org designates 195.191.240.18 as permitted sender) X-PHP-List-Original-Sender: andreas@heigl.org X-Host-Fingerprint: 195.191.240.18 hos109.unaxus.net Received: from [195.191.240.18] ([195.191.240.18:56333] helo=hos109.unaxus.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 42/CF-12245-DC5E0595 for ; Mon, 26 Jun 2017 06:45:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=heigl.org; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From: References:To:Subject:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe :List-Post:List-Owner:List-Archive; bh=5i+0I+aIgbMjmobjBNV/LqJmKuLuk11ztl0y7F5HbOU=; b=k4C/JXYIp/65KqYwyC/W+OkJki va2JLg8BfyRjeXibezYKbR2XfFqaw2wABbttTZb1dVDTnETbJtLSyNyMQEKyfocvUxCQmLDlQ8xCX 2RiLObjFVST0VJvttIO+89zXUtbPBdxnHsUhQrvq3it6dY59vgNUIeeMDfiSuRSrWqQNMT20CSr/L QRMu0VAVCGUBEugV2bsnjDKNln14ROw5HJ0emAH5RMEAbXa35QYxk3c4WFOEwaTw/2hZ3aqnN+eAw FzQ6fSXnTbsg3f1qgvcjVdV1WwjGRzKN7PPd9Y7oNM60dyXkCxKfXw/kykE6gxyBVOl9iKZD5ODYf KeDh9AeA==; Received: from [212.185.30.151] (port=58935 helo=localadmins-MacBook-Pro.local) by hos109.unaxus.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89) (envelope-from ) id 1dPRWL-001gU1-Od; Mon, 26 Jun 2017 12:45:29 +0200 To: =?UTF-8?Q?C=c3=b4me_Chilliet?= , php-internals References: <8613502.pYZHiygsMh@mcmic-probook> Openpgp: id=967CCFA50DFFEE03BB8BF5F2CA9213C75BFCE472 Message-ID: <25e41de7-9545-d6f5-e8f8-46c47392ab71@heigl.org> Date: Mon, 26 Jun 2017 12:45:26 +0200 MIME-Version: 1.0 In-Reply-To: <8613502.pYZHiygsMh@mcmic-probook> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="mWjXIqA2nJFOe5teJRdrfiOE0R1XS3U5u" X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - hos109.unaxus.net X-AntiAbuse: Original Domain - lists.php.net X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - heigl.org X-Get-Message-Sender-Via: hos109.unaxus.net: authenticated_id: a.heigl+heigl.org/only user confirmed/virtual account not confirmed X-Authenticated-Sender: hos109.unaxus.net: a.heigl@heigl.org Subject: Re: [PHP-DEV] PHP-LDAP EXOP support From: andreas@heigl.org (Andreas Heigl) --mWjXIqA2nJFOe5teJRdrfiOE0R1XS3U5u Content-Type: multipart/mixed; boundary="cKqVqu9EHvBR0Vp22EE0SLReMwH7m6kck"; protected-headers="v1" From: Andreas Heigl To: =?UTF-8?Q?C=c3=b4me_Chilliet?= , php-internals Message-ID: <25e41de7-9545-d6f5-e8f8-46c47392ab71@heigl.org> Subject: Re: [PHP-DEV] PHP-LDAP EXOP support References: <8613502.pYZHiygsMh@mcmic-probook> In-Reply-To: <8613502.pYZHiygsMh@mcmic-probook> --cKqVqu9EHvBR0Vp22EE0SLReMwH7m6kck Content-Type: multipart/mixed; boundary="------------7BD1041C850F9FEE1F926285" This is a multi-part message in MIME format. --------------7BD1041C850F9FEE1F926285 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi C=C3=B4me. Am 26.06.17 um 11:34 schrieb C=C3=B4me Chilliet: > Hello, >=20 > Some time ago, someone said on the tracker that there was an up to date= patch for php-ldap exop and controls: https://bugs.php.net/bug.php?id=3D= 69445 > It appeared the code was in fact not up to date, at least not for PHP7.= >=20 > But it was enough to make me try again to work from there to add EXOP s= upport to PHP-LDAP, so I extracted the part about EXOP from the patch and= worked from there to have something working with current master. > The result is there for now: https://github.com/MCMic/php-src/tree/ldap= _exop Thanks for that work! >=20 > At least the methods for passwd and whoami EXOPs are working fine. >=20 > Which PHP release should a change like that target? The first possible release IMHO would be PHP.Next (sadly=E2=80=A6), as th= ere's already been a feature-freeze for PHP 7.2=E2=80=A6 While that means that we have to wait another year until that feature comes into production it also means that we might be able to have a more conscise exop-handling for ldap by then=E2=80=A6 > Do I need to open an RFC for these methods? As we add functionality to the language we should have one=E2=80=A6 shoul= dn't we? >=20 > For now I just fixed code from the original patch mainly but I would li= ke to rework the API as I=E2=80=99m not convinced by the current state. > ldap_exop and ldap_parse_exop API seems reasonable, but ldap_exop expec= ts ber encoded data as request data and I=E2=80=99m not sure how to creat= e that. > I think we should add a PHP method to ber encode, or change ldap_exop t= o accept an other format and ber encode internally. > For the helper methods for whoami and passwd, I=E2=80=99m a bit puzzled= =2E > They can work like this now: >=20 > ldap_exop_whoami($link, $authzid); // This return TRUE upon success or = FALSE otherwise > $r =3D ldap_exop_whoami($link); // This return a result object you need= to parse > ldap_parse_exop_whoami($link, $r, $authzid); // This will parse the res= ult object and fill the third param with the result >=20 > I would go for something a lot simpler like ldap_exop_whoami($link) dir= ectly returning the string result, or FALSE if it fails. >=20 > For ldap_exop_passwd, I would go for ldap_exop_passwd($link, $user, $ol= dpw, $newpw) which would return FALSE on failure, TRUE on success with a = new password, or the generated password if $newpw is empty. >=20 > So I would ditch ldap_parse_exop_whoami and ldap_parse_exop_passwd. Peo= ple can use ldap_exop and ldap_parse_exop if they want to work with resul= t objects. > I guess we will also need constants for OID of all known EXOP operation= s out there. As already mentioned on IRC I'm much more in favour of keeping the naming more simple and use ldap_whoami and ldap_passwd instead of the ldap_exop_whoami and ldap_Exop_passwd as there is no exop-parameter necessary. Though we need to add the requirement of the server handling that to the docs! I'd use the _exop_ part only for functions that actually *need* an exop-parameter. Cheers Andreas --=20 ,,, (o o) +---------------------------------------------------------ooO-(_)-Ooo-+ | Andreas Heigl | | mailto:andreas@heigl.org N 50=C2=B022'59.5" E 08=C2=B0= 23'58" | | http://andreas.heigl.org http://hei.gl/wiFKy7 | +---------------------------------------------------------------------+ | http://hei.gl/root-ca | +---------------------------------------------------------------------+ --------------7BD1041C850F9FEE1F926285 Content-Type: application/pgp-keys; name="0x5BFCE472.asc" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="0x5BFCE472.asc" -----BEGIN PGP PUBLIC KEY BLOCK----- Comment: GPGTools - http://gpgtools.org mQINBE3KN1MBEADGe05xU5j7MACvtWwxAoNTJJJDKaAqQDyG9jikhPIcpO5tQ0+a 0dgm/6f6iiNMGfXxjFJzTItGp583do2bXn/qawCt/1hiR5VPxlCLfApGiYqJYRg3 7r73+tJVGZ2rajZeNnT6l2PSRqhmnhKeEcJkdFWIjsdppwRsTH4juIRxexLnjbCF /jChFMLGi/1qcAuPbhJhlH0gFNqB3bhD04yDFU1Ovy7H/nN75Is/yIPhMMP2bYUr V0OcgUoL53pm+tkwcBV0/LPset0PP3xeRhkR9HN/xZV5EG9Vvka6N3041Rc3Yudb b3PbsAZ6eynJTaCSK2lU7rMUgL1GnrhnpDP4Beew7gxbTb4pxFGwRO1w+992TuYg IRqTQlLYZgQzokJf4vDzdSltejS02SLEIKhm4h78+DU/v0axfAEqR3qySKxhPEST KQgOnUJICjMYFMxg4NCdHvv1n3bYJoFomJ7FI0x5645gehfGjbTeDwRoe/ygH4MP 4MQtCQAbKklsqTcKNWHi0ceyKK4yGv3IdDfNxJw+moBPkEVOiP8MBLk9Sf9q/s18 di7GndrB5y6uGnqNoF7L2iwtYOSMuncZTKVmuIHl6+Xk/sT/f6qCVcaCF8jP78i/ uF13hi5Uz6cQw810LXVYdfksmfqWuZppghA9izYmQKAaHBq+GA7BDHYZCQARAQAB tCFBbmRyZWFzIEhlaWdsIDxhbmRyZWFzQGhlaWdsLm9yZz6JAj4EEwECACgFAk3K N1MCGy8FCRLP94AGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEMqSE8db/ORy Rc4P/0lpGzpCUcDe4iYYCUkJPhyG7TSjv+I1d8+ubNDA22NOCfaW0rAFXI1rLTJ8 PwIiGO0KMDUYr7aszpBztL1eF0m47RfPsUFuA1WftGaBOPc0VzuAQ2NPVCvmgD92 UmwX+FN2Q+qIs2YgohXqy2zlTbpGCSLKVFvy0wb5NaT4VrKwR/7rza66oivFBEnm nhpJXWZZAS6c47jZe+6isbSEc4S5Gq3fKbt//IlzmZcg0KLSaRTmJVqrThWetsLx lE3AdhrsN0a0KoOCAvwYvg1G872/FDQquoQh3tFWGPBxIqH0buISlsr5t7Ox2IgB enHu2Kzt0zOSljsKjtkRFZqYDpwmr+vhufuix+Bf9pXJYGP0HgXkA06Du3LFcfU7 RS2uIni84m/J+eJaZxiI9MbkcHKsqPCgd4Yt1NmnGvhphe9WIDZS/vYV2LrBmEA8 fx5qM/DBWIZPaQnyqzrAhMJNEoIUSarxJTB3PNalcFBgwKETHmph0nkKxa1gZZBL LNORqUk3woD/NRlsL0PpLrbRR65/1+hYNz7wVqRhELNc9lKVpAtl90wcu8QcZg3g bzZzUij3IwrHYI6+AIOyE1bq+rGYmtDgWRm43mpAqteXEbXFywpAsK8yZsoCn8Pj cCiQ1iY602dXS4y5P9g32mMAmAZ7jhxXWolAmRIPeRMRHVixuQINBE3KN1MBEADG m+FqKwkYDCYhMwZJnjsCr54irqRaQSkZglyK4PfDGRW/2vjTwfxat2znHHYGzDQW Aa9D9muW3evDSfKfxomLY+z46zLwBB8Vkla8jtoi7RzdNLUIcO1alFMPj6LQTYgQ fBOkMG6gXcikwO0mVO6fslSNJUXQ5bNX/+nCnR2Y8i+EmKMljcJQdn/WeQ6OCM1A ckgyP4Ga9INptLvzDqxGIc+GsrQli6k+GrZeNMH830dzgUSeOouVrFhjWyqgwVn/ gRjAQQ3CJbCNZFkMnl4gQpOoIqglwKy+Gw5F51GXkJf7NCDjJKVypZ2ybLaHGgBx 1erNJ3pR7IucxNlg3QFhcWu76xTksL8O5BLnm0bPMQOKRyNjYcc4YUe3PjNxCIjX nIeWK9/U/t06f4eXC9xhsYFdFA6QajamhgM0J9gxnYxz5sblutmhZenWqb4U7dxU vfocrczdGvRtRuEtU2B1o2663fGOmft4YGW8YtX+eKo1KpmPHOzLn/zKrsOko9gz Fmepdm17ZEuS2InB5AlrKc33KF8+pYlCBtq9ytvpP/WIW5oeHUdxNtVb3nASfhGQ 3/3G5xZyZOuCFnUmA+Vow8uJ1IIjmt+4sij6los75jYDsRhNJYB7F9zA0q7WOlHq gRHnDXIt4/IJsOalAs+OLEekTuDbs2EC+skuFZWtTwARAQABiQREBBgBAgAPBQJN yjdTAhsuBQkSz/eAAikJEMqSE8db/ORywV0gBBkBAgAGBQJNyjdTAAoJEIzaj3Oo uEPwrVEP/0qNIEUJ1YkG/e4IF0x5tDylNsvSo5EniHZSNrlzh+BXhrWKod33DjON uvh1CO+AWjPKJoZskLSgb8S5N0r96zwpZ7yxsDUh+inTGRI+cPhR9aAs3qrms53Z D5nY2QO4c8MId4/1lTjFa8zvUAPurH8K9UMN/X90ycin6PEr8BuiZKMdcJy3msK1 ecGhHlWT8Kt2/g8ajItht2dmfzKk+qRNl1oK96hvTO93P2BrQ6m/9Zj7PDGpoXHU NF0lR7r7VNE/GJono+bbrrUxuF1J9UGCNZBxjD6jLiDrItHvJZejKigUd2piRTTz tBDpLa0x0MQppH9IxRDHuCuJRYMhwNsoH9C0xJj3uxJ2W3wxSst5yTMml9sgJsJh dRAkeEqZJ7FnvIAcPij6cMpyVeJa4GrkzApY2miwfjgkPaJ536FnCdxHT1yh/+hC Yt/Grc+q4Rx4FyyxfhF6h/U4hcdNhVFztNckGRPNI8jO6glaKrpF8X68YuZ/Z+6J JpR1hsarNdY3s6DFbXMZ1Q8QVrhuVzniPd+P6mGooRTSZGc/JvcqjPidohIyFxPw WuGtxCVe8qmbmoG/mYPHk+/VPCHf/rsQx1CnzMT5OmPJfGR9hI6hmJ+6WX0m/hLl 900XZ0vGNtQCBmSyh33VNHrKE8TbShK52jzxUjtuugsVU9/N8Ti/sfYP/AgV4FQ2 QDQzRfzbgFxiiGEuk55ogu7v6IujkhKZmOxeyjDQ72R/0S9nQyk40cd/vs3czWAe mtqYyWhGakcTPDpcL1kW67TYJEQEvFGwF2wZe/wj3+EIbNKXpS1ltpUXnkm1efda ZlRxAAfaj/MIPHFa/tYeXDjTRb3CRiZTHD7qQtPPvj0B/lAml1cYxklCkfFfxHIs Ju+xMsPAB3AFCPRZkLYH7NT+v/GTeS20K0cNc3hrLXbEBiAjlCqUFNz9C4siMhSE m9zK2WuFtr1UGYkyOfu/Zj2NKYjRiyuwq0h4qaWvx7QdGnkLAfLZ/XdvYKw2nmTf c+f23F4UGwEPWyrzzPhxm3xiZU8Cv4Tk2tLNeiz+CWMKkxu+2jVyamOxzWfUdEAc jyJyKQBXNjGX03omFZXuieEK2jAYWQ5uNH8AiZZd+8M554Vx0UMD9QIx6ePLAv+J G46HocX2MDZm9xb/D93wjIRgeCqsn8LaUSjpxpu0Y4TxU8qvzYrHW40NE4rn+8Mw jvrcSLkumu7t2i3MZOMMdI8i+E9+rDYEm6HTtX2R2p0ZmbmwWCt8lnph1FUT0oOc l5cyoCalGWqXSks5Eh0a7ncmN730DfRmkChi66y2DY2kjVTHp8QY+zHe6eAQa0N+ kCfE3dqmB4tHk5zsM4JV093o3dQ+3dSNxeVO =3Dyfwz -----END PGP PUBLIC KEY BLOCK----- --------------7BD1041C850F9FEE1F926285-- --cKqVqu9EHvBR0Vp22EE0SLReMwH7m6kck-- --mWjXIqA2nJFOe5teJRdrfiOE0R1XS3U5u Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIzBAEBCAAdFiEENHMr85T+FLwCJRBgjNqPc6i4Q/AFAllQ5cYACgkQjNqPc6i4 Q/A8QhAAhY13y//Pg0nYklvE4My2ys/hsEtvvUUSS+145EPyNlkbQKrmyV1ME5pF NAGzvEF3LmPwc54S+2pV9Sd6wWFe5OFfZdPsGGDqilIrPR65pa3Qr91zi7caCh8V Z3drGOJbNMJ6YXnB9erra/u5j5r98ICMmz+i0k0yRSh2QEfAdKGOhwISOpPt5p6v beSZ0Zq6AsUeJRwezDhKrnZdWLbj3hhYnn3cCrJdYOt0XHQB0hPDp/aDmqCjm5+f A7phFy205q4y+3dQezzoVeMew2L+z+jITN+/gIfrFKhEzueEVSs7tmcnZrabYi7Q b0OW9x5bjXn1KqRR5XRJI53AnoHF8fdKG5KiYIsymnmy4fldUEmhyrgckuNXmfkL +1Vxy/9nmbbEoSidW+gS0vI0Kul0YGiEdAICmbuSdcsO209BECfU3Nhpkm2jxmGh iF3o4cl5oFSoOlznxVKZ7mcUDS6nWFY2WLsX6IYjOiI5yY7ANTx/RHnpNB+1tXXz WW4+i965fGShbgxkeYN8BaiqemWu/nSz84waSlFS6FdbEu2MJowJ3FvrrbcaP3V4 YGtdz214ETjgqmdiTFRMKNvOrTLMcYs4DY4D5pyepTRqxqZAnUKw9GCVJZMw9GTa 8/lREf4DXRcnI08l1abqRhAwfre6MMZQYm+T0GGNotNUXQC8Zmk= =zpnc -----END PGP SIGNATURE----- --mWjXIqA2nJFOe5teJRdrfiOE0R1XS3U5u--