php · petk · Jul 22, 2024
diff --git a/UPGRADING b/UPGRADING
@@ -408,10 +408,12 @@ PHP 8.4 UPGRADE NOTES
     IntlGregorianCalendar::createFromDateTime() instead.
 
 - LDAP:
-  . Calling ldap_connect() with more than 2 arguments is deprecated. Use
-    ldap_connect_wallet() instead.
+  . Calling ldap_connect() with more than 2 arguments is deprecated.
   . Calling ldap_exop() with more than 4 arguments is deprecated. Use
     ldap_exop_sync() instead.
+  . The ldap_connect_wallet() has been removed.
+  . Constants GSLC_SSL_NO_AUTH, GSLC_SSL_ONEWAY_AUTH, and GSLC_SSL_TWOWAY_AUTH
+    have been removed.
 
 - PDO_PGSQL:
   . Using escaped question marks (??) inside dollar-quoted strings is deprecated.

diff --git a/UPGRADING.INTERNALS b/UPGRADING.INTERNALS
@@ -124,6 +124,8 @@ PHP 8.4 INTERNALS UPGRADE NOTES
      ext/ftp and ext/mysqlnd is enabled implicitly, when building with
      ext/openssl (--with-openssl), or explicitly by using new configure options
      --with-ftp-ssl and --with-mysqlnd-ssl.
+   - The configure option --with-ldap doesn't accept the path to Oracle Instant
+     Client anymore in favor of optional OpenLDAP paths only.
    - New configure option --with-openssl-legacy-provider to enable OpenSSL
      legacy provider.
    - COOKIE_IO_FUNCTIONS_T symbol has been removed (use cookie_io_functions_t).

diff --git a/ext/ldap/config.m4 b/ext/ldap/config.m4
@@ -7,33 +7,6 @@ AC_DEFUN([PHP_LDAP_CHECKS], [
     LDAP_DIR=$1
     LDAP_INCDIR=$1/ldap/public
     LDAP_LIBDIR=$1/$PHP_LIBDIR
-  else
-
-    dnl Find Oracle Instant Client RPM header location corresponding to the
-    dnl given lib path e.g. for --with-ldap=/usr/lib/oracle/12.1/client64/lib
-    AC_CHECK_SIZEOF([long])
-    AC_MSG_CHECKING([if we're at 64-bit platform])
-    AS_IF([test "$ac_cv_sizeof_long" -eq 4],[
-      AC_MSG_RESULT([no])
-      PHP_OCI8_IC_LIBDIR_SUFFIX=""
-    ],[
-      AC_MSG_RESULT([yes])
-      PHP_OCI8_IC_LIBDIR_SUFFIX=64
-    ])
-
-    OCISDKRPMINC=`echo "$1" | $SED -e 's!^/usr/lib/oracle/\(.*\)/client\('${PHP_OCI8_IC_LIBDIR_SUFFIX}'\)*/lib[/]*$!/usr/include/oracle/\1/client\2!'`
-
-    dnl Check for Oracle Instant Client RPM install
-    if test -f $OCISDKRPMINC/ldap.h; then
-      LDAP_DIR=$1
-      LDAP_INCDIR=$OCISDKRPMINC
-      LDAP_LIBDIR=$1
-    dnl Check for Oracle Instant Client ZIP install
-    elif test -f $1/sdk/include/ldap.h; then
-      LDAP_DIR=$1
-      LDAP_INCDIR=$1/sdk/include
-      LDAP_LIBDIR=$1
-    fi
   fi
 ])
 
@@ -75,18 +48,6 @@ if test "$PHP_LDAP" != "no"; then
   elif test -f $LDAP_LIBDIR/libldap.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/libldap.$SHLIB_SUFFIX_NAME.3 || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/libldap.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/libldap.$SHLIB_SUFFIX_NAME.3 || test -f $LDAP_LIBDIR/libldap.3.dylib; then
     PHP_ADD_LIBRARY_WITH_PATH(ldap, $LDAP_LIBDIR, LDAP_SHARED_LIBADD)
 
-  elif test -f $LDAP_LIBDIR/libclntsh.$SHLIB_SUFFIX_NAME.12.1 || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/libclntsh.$SHLIB_SUFFIX_NAME.12.1; then
-    PHP_ADD_LIBRARY_WITH_PATH(clntsh, $LDAP_LIBDIR, LDAP_SHARED_LIBADD)
-    AC_DEFINE(HAVE_ORALDAP,1,[ ])
-
-  elif test -f $LDAP_LIBDIR/libclntsh.$SHLIB_SUFFIX_NAME.11.1 || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/libclntsh.$SHLIB_SUFFIX_NAME.11.1; then
-    PHP_ADD_LIBRARY_WITH_PATH(clntsh, $LDAP_LIBDIR, LDAP_SHARED_LIBADD)
-    AC_DEFINE(HAVE_ORALDAP,1,[ ])
-
-  elif test -f $LDAP_LIBDIR/libclntsh.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/libclntsh.$SHLIB_SUFFIX_NAME; then
-     PHP_ADD_LIBRARY_WITH_PATH(clntsh, $LDAP_LIBDIR, LDAP_SHARED_LIBADD)
-     AC_DEFINE(HAVE_ORALDAP,1,[ ])
-
   else
     AC_MSG_ERROR([Cannot find ldap libraries in $LDAP_LIBDIR.])
   fi

diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
@@ -916,39 +916,20 @@ PHP_FUNCTION(ldap_connect)
 	char *host = NULL;
 	size_t hostlen = 0;
 	zend_long port = LDAP_PORT;
-#ifdef HAVE_ORALDAP
-	char *wallet = NULL, *walletpasswd = NULL;
-	size_t walletlen = 0, walletpasswdlen = 0;
-	zend_long authmode = GSLC_SSL_NO_AUTH;
-	int ssl=0;
-#endif
 	ldap_linkdata *ld;
 	LDAP *ldap = NULL;
 
+	// TODO: Remove this.
 	if (ZEND_NUM_ARGS() > 2) {
 	    zend_error(E_DEPRECATED, "Calling ldap_connect() with Oracle-specific arguments is deprecated, "
 			"use ldap_connect_wallet() instead");
 	} else if (ZEND_NUM_ARGS() == 2) {
 		zend_error(E_DEPRECATED, "Usage of ldap_connect with two arguments is deprecated");
 	}
 
-#ifdef HAVE_ORALDAP
-	if (ZEND_NUM_ARGS() == 3 || ZEND_NUM_ARGS() == 4) {
-		WRONG_PARAM_COUNT;
-	}
-
-	if (zend_parse_parameters(ZEND_NUM_ARGS(), "|s!lssl", &host, &hostlen, &port, &wallet, &walletlen, &walletpasswd, &walletpasswdlen, &authmode) != SUCCESS) {
-		RETURN_THROWS();
-	}
-
-	if (ZEND_NUM_ARGS() == 5) {
-		ssl = 1;
-	}
-#else
 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "|s!l", &host, &hostlen, &port) != SUCCESS) {
 		RETURN_THROWS();
 	}
-#endif
 
 	if (LDAPG(max_links) != -1 && LDAPG(num_links) >= LDAPG(max_links)) {
 		php_error_docref(NULL, E_WARNING, "Too many open links (" ZEND_LONG_FMT ")", LDAPG(num_links));
@@ -1002,95 +983,17 @@ PHP_FUNCTION(ldap_connect)
 		zval_ptr_dtor(return_value);
 		RETURN_FALSE;
 	} else {
-#ifdef HAVE_ORALDAP
-		if (ssl) {
-			if (ldap_init_SSL(&ldap->ld_sb, wallet, walletpasswd, authmode)) {
-				zval_ptr_dtor(return_value);
-				php_error_docref(NULL, E_WARNING, "SSL init failed");
-				RETURN_FALSE;
-			}
-		}
-#endif
 		LDAPG(num_links)++;
 		ld->link = ldap;
 	}
 
 }
 /* }}} */
 
-#if defined(HAVE_ORALDAP) && defined(LDAP_API_FEATURE_X_OPENLDAP)
-PHP_FUNCTION(ldap_connect_wallet) {
-	char *host = NULL;
-	size_t hostlen = 0;
-	char *wallet = NULL, *walletpasswd = NULL;
-	size_t walletlen = 0, walletpasswdlen = 0;
-	zend_long authmode = GSLC_SSL_NO_AUTH;
-	bool ssl = false;
-
-	ldap_linkdata *ld;
-	LDAP *ldap = NULL;
-
-	if (zend_parse_parameters(ZEND_NUM_ARGS(), "s!ss|l",
-		&host, &hostlen, &wallet, &walletlen, &walletpasswd, &walletpasswdlen, &authmode) != SUCCESS
-	) {
-		RETURN_THROWS();
-	}
-
-	if (authmode != 0) {
-		ssl = true;
-	}
-
-	if (LDAPG(max_links) != -1 && LDAPG(num_links) >= LDAPG(max_links)) {
-		php_error_docref(NULL, E_WARNING, "Too many open links (" ZEND_LONG_FMT ")", LDAPG(num_links));
-		RETURN_FALSE;
-	}
-
-	object_init_ex(return_value, ldap_link_ce);
-	ld = Z_LDAP_LINK_P(return_value);
-
-	{
-		int rc = LDAP_SUCCESS;
-		char *url = host;
-		if (url && !ldap_is_ldap_url(url)) {
-			size_t urllen = hostlen + sizeof( "ldap://:65535" );
-
-			url = emalloc(urllen);
-			snprintf( url, urllen, "ldap://%s", host );
-		}
-
-		/* ldap_init() is deprecated, use ldap_initialize() instead. */
-		rc = ldap_initialize(&ldap, url);
-		if (url != host) {
-			efree(url);
-		}
-		if (rc != LDAP_SUCCESS) {
-			zval_ptr_dtor(return_value);
-			php_error_docref(NULL, E_WARNING, "Could not create session handle: %s", ldap_err2string(rc));
-			RETURN_FALSE;
-		}
-	}
-
-	if (ldap == NULL) {
-		zval_ptr_dtor(return_value);
-		RETURN_FALSE;
-	} else {
-		if (ssl) {
-			if (ldap_init_SSL(&ldap->ld_sb, wallet, walletpasswd, authmode)) {
-				zval_ptr_dtor(return_value);
-				php_error_docref(NULL, E_WARNING, "SSL init failed");
-				RETURN_FALSE;
-			}
-		}
-		LDAPG(num_links)++;
-		ld->link = ldap;
-	}
-}
-#endif
-
 /* {{{ _get_lderrno */
 static int _get_lderrno(LDAP *ldap)
 {
-#if LDAP_API_VERSION > 2000 || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 	int lderr;
 
 	/* New versions of OpenLDAP do it this way */
@@ -1105,7 +1008,7 @@ static int _get_lderrno(LDAP *ldap)
 /* {{{ _set_lderrno */
 static void _set_lderrno(LDAP *ldap, int lderr)
 {
-#if LDAP_API_VERSION > 2000 || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 	/* New versions of OpenLDAP do it this way */
 	ldap_set_option(ldap, LDAP_OPT_ERROR_NUMBER, &lderr);
 #else
@@ -1391,7 +1294,7 @@ static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, in
 {
 	/* sizelimit */
 	if (sizelimit > -1) {
-#if (LDAP_API_VERSION >= 2004) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION >= 2004
 		ldap_get_option(ldap, LDAP_OPT_SIZELIMIT, old_sizelimit);
 		ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, &sizelimit);
 #else
@@ -1402,7 +1305,7 @@ static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, in
 
 	/* timelimit */
 	if (timelimit > -1) {
-#if (LDAP_API_VERSION >= 2004) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION >= 2004
 		ldap_get_option(ldap, LDAP_OPT_TIMELIMIT, old_timelimit);
 		ldap_set_option(ldap, LDAP_OPT_TIMELIMIT, &timelimit);
 #else
@@ -1413,7 +1316,7 @@ static void php_set_opts(LDAP *ldap, int sizelimit, int timelimit, int deref, in
 
 	/* deref */
 	if (deref > -1) {
-#if (LDAP_API_VERSION >= 2004) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION >= 2004
 		ldap_get_option(ldap, LDAP_OPT_DEREF, old_deref);
 		ldap_set_option(ldap, LDAP_OPT_DEREF, &deref);
 #else
@@ -1891,12 +1794,12 @@ PHP_FUNCTION(ldap_get_entries)
 			add_index_string(&tmp1, num_attrib, attribute);
 
 			num_attrib++;
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 			ldap_memfree(attribute);
 #endif
 			attribute = ldap_next_attribute(ldap, ldap_result_entry, ber);
 		}
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		if (ber != NULL) {
 			ber_free(ber, 0);
 		}
@@ -1909,7 +1812,7 @@ PHP_FUNCTION(ldap_get_entries)
 		} else {
 			add_assoc_null(&tmp1, "dn");
 		}
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		ldap_memfree(dn);
 #else
 		free(dn);
@@ -1947,7 +1850,7 @@ PHP_FUNCTION(ldap_first_attribute)
 		RETURN_FALSE;
 	} else {
 		RETVAL_STRING(attribute);
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		ldap_memfree(attribute);
 #endif
 	}
@@ -1977,7 +1880,7 @@ PHP_FUNCTION(ldap_next_attribute)
 	}
 
 	if ((attribute = ldap_next_attribute(ld->link, resultentry->data, resultentry->ber)) == NULL) {
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		if (resultentry->ber != NULL) {
 			ber_free(resultentry->ber, 0);
 			resultentry->ber = NULL;
@@ -1986,7 +1889,7 @@ PHP_FUNCTION(ldap_next_attribute)
 		RETURN_FALSE;
 	} else {
 		RETVAL_STRING(attribute);
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		ldap_memfree(attribute);
 #endif
 	}
@@ -2033,12 +1936,12 @@ PHP_FUNCTION(ldap_get_attributes)
 		add_index_string(return_value, num_attrib, attribute);
 
 		num_attrib++;
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		ldap_memfree(attribute);
 #endif
 		attribute = ldap_next_attribute(ld->link, resultentry->data, ber);
 	}
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 	if (ber != NULL) {
 		ber_free(ber, 0);
 	}
@@ -2106,7 +2009,7 @@ PHP_FUNCTION(ldap_get_dn)
 	text = ldap_get_dn(ld->link, resultentry->data);
 	if (text != NULL) {
 		RETVAL_STRING(text);
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		ldap_memfree(text);
 #else
 		free(text);
@@ -2163,7 +2066,7 @@ PHP_FUNCTION(ldap_dn2ufn)
 
 	if (ufn != NULL) {
 		RETVAL_STRING(ufn);
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 		ldap_memfree(ufn);
 #endif
 	} else {
@@ -2952,7 +2855,7 @@ PHP_FUNCTION(ldap_compare)
 }
 /* }}} */
 
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 /* {{{ Get the current value of various session-wide parameters */
 PHP_FUNCTION(ldap_get_option)
 {
@@ -3583,7 +3486,7 @@ static void php_ldap_do_rename(INTERNAL_FUNCTION_PARAMETERS, int ext)
 		newparent = NULL;
 	}
 
-#if (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP)
+#if LDAP_API_VERSION > 2000
 	if (serverctrls) {
 		lserverctrls = _php_ldap_controls_from_array(ld->link, serverctrls, 6);
 		if (lserverctrls == NULL) {
@@ -3681,7 +3584,7 @@ PHP_FUNCTION(ldap_start_tls)
 }
 /* }}} */
 #endif
-#endif /* (LDAP_API_VERSION > 2000) || defined(HAVE_ORALDAP) */
+#endif /* LDAP_API_VERSION > 2000 */
 
 #if defined(LDAP_API_FEATURE_X_OPENLDAP) && defined(HAVE_3ARG_SETREBINDPROC)
 /* {{{ _ldap_rebind_proc() */