From: josh at endries dot org
Operating system: RHEL4
PHP version: 5.2.11
PHP Bug Type: LDAP related
Bug description: LDAP doesn't work from Apache 2.0 module but does from CLI
Description:
------------
I'm trying to connect to LDAP using SSL or TLS but it doesn't work when
run through the Apache 2 module. It appears to work fine when run via the
CLI. I'm using the same exact code in each script. Using strace I can see
the script read ldap.conf and the CA files, but with the module (connecting
to the httpd process) it doesn't read any files. It dies after trying to
verify the CA. I have a real cert and my CA is in /etc/openldap/cacerts,
but of course if these (or anything else) isn't read in, it wouldn't be
trusted. Using TLS or SSL doesn't matter, nor does using a URI instead of
hostname/port pair. I have recompiled to make sure they both use the same
libraries, and I have "TLS_REQCERT never" in /etc/openldap/ldap.conf, which
are the suggestions I found online.
Reproduce code:
---------------
<?php
$hostname = 'ldap.domain.org';
$port = '389';
$dn = '...';
$password = '...';
if (!is_resource(($ldap = ldap_connect($hostname, $port)))) throw new
Exception("LDAP connection failed: ".ldap_error($ldap));
if (ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3) !== true) throw
new Exception("Protocol version 3 not supported.");
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if (ldap_start_tls($ldap) !== true) throw new
Exception(ldap_error($ldap));
if (ldap_bind($ldap, $dn, $password) !== true) throw new
Exception(ldap_error($ldap));
echo('ok');
Expected result:
----------------
"ok", which I do get in the CLI.
Actual result:
--------------
Warning: ldap_start_tls() [function.ldap-start-tls]: Unable to start TLS:
Connect error in /var/www/html/test.php on line 15
Fatal error: Uncaught exception 'Exception' with message 'Connect error'
in /var/www/html/test.php:15 Stack trace: #0 {main} thrown in
/var/www/html/test.php on line 15
(from the web server)
--
Edit bug report at http://bugs.php.net/?id=49737&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=49737&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=49737&r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=49737&r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=49737&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=49737&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=49737&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=49737&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=49737&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=49737&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=49737&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=49737&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=49737&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=49737&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=49737&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=49737&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=49737&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=49737&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=49737&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=49737&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=49737&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=49737&r=mysqlcfg
