diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2014-08-19 18:01:58 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2014-09-30 12:42:37 +0200 |
| commit | 9a63693227b3fd7a44fe3f89d2ab6149992f69e4 (patch) | |
| tree | 421d961ec32ebed04097453841c3321cce841501 /apps/user_ldap/lib | |
| parent | 5292a14cdfa9efe6d9220b341f3261fe72c39b17 (diff) | |
| download | nextcloud-server-9a63693227b3fd7a44fe3f89d2ab6149992f69e4.tar.gz nextcloud-server-9a63693227b3fd7a44fe3f89d2ab6149992f69e4.zip | |
properly cancel a Paginated Results operation in order to avoid protocol errors, fixes #10526
Diffstat (limited to 'apps/user_ldap/lib')
| -rw-r--r-- | apps/user_ldap/lib/access.php | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 570f445650d..392c0957d64 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -36,8 +36,16 @@ class Access extends LDAPUtility implements user\IUserTools { //never ever check this var directly, always use getPagedSearchResultState protected $pagedSearchedSuccessful; + /** + * @var string[] $cookies an array of returned Paged Result cookies + */ protected $cookies = array(); + /** + * @var string $lastCookie the last cookie returned from a Paged Results + * operation, defaults to an empty string + */ + protected $lastCookie = ''; public function __construct(Connection $connection, ILDAPWrapper $ldap, user\Manager $userManager) { @@ -84,7 +92,9 @@ class Access extends LDAPUtility implements user\IUserTools { \OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', \OCP\Util::DEBUG); return false; } - //all or nothing! otherwise we get in trouble with. + //Cancel possibly running Paged Results operation, otherwise we run in + //LDAP protocol errors + $this->abandonPagedSearch(); $dn = $this->DNasBaseParameter($dn); $rr = @$this->ldap->read($cr, $dn, $filter, array($attr)); if(!$this->ldap->isResource($rr)) { @@ -805,9 +815,6 @@ class Access extends LDAPUtility implements user\IUserTools { $linkResources = array_pad(array(), count($base), $cr); $sr = $this->ldap->search($linkResources, $base, $filter, $attr); $error = $this->ldap->errno($cr); - if ($pagedSearchOK) { - $this->ldap->controlPagedResult($cr, 999999, false, ""); - } if(!is_array($sr) || $error !== 0) { \OCP\Util::writeLog('user_ldap', 'Error when searching: '.$this->ldap->error($cr). @@ -1366,6 +1373,19 @@ class Access extends LDAPUtility implements user\IUserTools { } /** + * resets a running Paged Search operation + */ + private function abandonPagedSearch() { + if(count($this->cookies) > 0) { + $cr = $this->connection->getConnectionResource(); + $this->ldap->controlPagedResult($cr, 0, false, $this->lastCookie); + $this->getPagedSearchResultState(); + $this->lastCookie = ''; + $this->cookies = array(); + } + } + + /** * get a cookie for the next LDAP paged search * @param string $base a string with the base DN for the search * @param string $filter the search filter to identify the correct search @@ -1403,6 +1423,7 @@ class Access extends LDAPUtility implements user\IUserTools { if(!empty($cookie)) { $cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' .intval($limit) . '-' . intval($offset); $this->cookies[$cacheKey] = $cookie; + $this->lastCookie = $cookie; } } |