LDAP: wrong assumptions for case (in)sensitivity, implement far better solution

diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index 34141e51f400292b1c78d8cbc83b6441a9f4c4a8..168476a78ecd5d01ee6400632b946c3d9a38d2e7 100755 (executable)
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -47,9 +47,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
                        return false;
                }
                //usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
-               $read = ($members = OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr))
-                       ||  ($members = OC_LDAP::readAttribute($dn_group, strtolower($this->ldapGroupMemberAssocAttr)));
-               if(!$read) {
+               $members = OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr);
+               if(!$members) {
                        return false;
                }
 
@@ -101,11 +100,6 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
                        $this->ldapGroupMemberAssocAttr.'='.$uid
                ));
                $groups = OC_LDAP::fetchListOfGroups($filter, array(OC_LDAP::conf('ldapGroupDisplayName'),'dn'));
-               if(count($groups) == 0) {
-                       //usually, LDAP attributes are said to be case insensitive. But there are exceptions... So we try it once more
-                       $filter = str_replace($this->ldapGroupMemberAssocAttr, strtolower($this->ldapGroupMemberAssocAttr), $filter);
-                       $groups = OC_LDAP::fetchListOfGroups($filter, array(OC_LDAP::conf('ldapGroupDisplayName'),'dn'));
-               }
                $userGroups = OC_LDAP::ownCloudGroupNames($groups);
 
                return array_unique($userGroups, SORT_LOCALE_STRING);
@@ -121,10 +115,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
                        return array();
                }
 
-               //usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
-               $read = ($members = OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr))
-                       ||  ($members = OC_LDAP::readAttribute($groupDN, strtolower($this->ldapGroupMemberAssocAttr)));
-               if(!$read) {
+               $members = OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr);
+               if(!$members) {
                        return array();
                }
 

diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index 30806a63b084d7479cc507ca987495370efcc017..e8d91d0e037163fa562b88c581de36858aeb9c0b 100755 (executable)
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -413,7 +413,9 @@ class OC_LDAP {
                $cr = self::getConnectionResource();
                $rr = ldap_read($cr, $dn, 'objectClass=*', array($attr));
                $er = ldap_first_entry($cr, $rr);
-               $result = ldap_get_attributes($cr, $er);
+               //LDAP attributes are not case sensitive
+               $result = array_change_key_case(ldap_get_attributes($cr, $er));
+               $attr = strtolower($attr);
 
                if(isset($result[$attr]) && $result[$attr]['count'] > 0){
                        $values = array();
@@ -493,8 +495,15 @@ class OC_LDAP {
                                        }
                                        $i++;
                                } else {
-                                       if(isset($item[$attr[0]])) {
-                                               $selection[] = $item[$attr[0]];
+                                       //tribute to case insensitivity
+                                       if(!is_array($item)) {
+                                               continue;
+                                       }
+                                       $item = array_change_key_case($item);
+                                       $key = strtolower($attr[0]);
+
+                                       if(isset($item[$key])) {
+                                               $selection[] = $item[$key];
                                        }
                                }