8000 bug #58144 [Ldap] fail if `whoami()` is called before `saslBind()` (x… · symfony/symfony@542891f · GitHub
[go: up one dir, main page]
Skip to content

Commit 542891f

Browse files
fabpotfabpot
committed
bug #58144 [Ldap] fail if whoami() is called before saslBind() (xabbuh)
This PR was merged into the 7.2 branch. Discussion ---------- [Ldap] fail if `whoami()` is called before `saslBind()` | Q | A | ------------- | --- | Branch? | 7.2 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | | License | MIT Commits ------- 734ce16 fail if whoami() is called before saslBind()
2 parents 9e81345 + 734ce16 commit 542891f

File tree

2 files changed

+32
-0
lines changed

2 files changed

+32
-0
lines changed

src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
use Symfony\Component\Ldap\Exception\ConnectionTimeoutException;
1919
use Symfony\Component\Ldap\Exception\InvalidCredentialsException;
2020
use Symfony\Component\Ldap\Exception\LdapException;
21+
use Symfony\Component\Ldap\Exception\NotBoundException;
2122
use Symfony\Component\OptionsResolver\Options;
2223
use Symfony\Component\OptionsResolver\OptionsResolver;
2324

@@ -116,6 +117,10 @@ public function saslBind(?string $dn = null, #[\SensitiveParameter] ?string $pas
116117
*/
117118
public function whoami(): string
118119
{
120+
if (!$this->connection) {
121+
throw new NotBoundException(\sprintf('Cannot execute "%s()" before calling "%s::saslBind()".', __METHOD__, __CLASS__));
122+
}
123+
119124
if (false === $authzId = ldap_exop_whoami($this->connection)) {
120125
throw new LdapException(ldap_error($this->connection));
121126
}

src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/AdapterTest.php

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,12 +39,39 @@ public function testLdapEscape()
3939
*/
4040
public function testSaslBind()
4141
{
42+
$h = @ldap_connect(getenv('LDAP_HOST'), getenv('LDAP_PORT'));
43+
@ldap_set_option($h, \LDAP_OPT_PROTOCOL_VERSION, 3);
44+
45+
if (!$h || !@ldap_bind($h)) {
46+
$this->markTestSkipped('No server is listening on LDAP_HOST:LDAP_PORT');
47+
}
48+
49+
if (!@ldap_start_tls($h)) {
50+
ldap_unbind($h);
51+
$this->markTestSkipped('Cannot establish an encrypted connection');
52+
}
53+
54+
ldap_unbind($h);
55+
4256
$ldap = new Adapter($this->getLdapConfig());
4357

4458
$ldap->getConnection()->saslBind('cn=admin,dc=symfony,dc=com', 'symfony');
4559
$this->assertEquals('cn=admin,dc=symfony,dc=com', $ldap->getConnection()->whoami());
4660
}
4761

62+
/**
63+
* @gr 8716 oup functional
64+
*/
65+
public function testWhoamiWithoutSaslBind()
66+
{
67+
$ldap = new Adapter($this->getLdapConfig());
68+
69+
$this->expectException(NotBoundException::class);
70+
$this->expectExceptionMessage('Cannot execute "Symfony\Component\Ldap\Adapter\ExtLdap\Connection::whoami()" before calling "Symfony\Component\Ldap\Adapter\ExtLdap\Connection::saslBind()".');
71+
72+
$ldap->getConnection()->whoami();
73+
}
74+
4875
/**
4976
* @group functional
5077
*/

0 commit comments

Comments
 (0)
0