Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-36245

[LDAP] DN encoding mangling login names

    Details

      Description

      I have two identical Moodle installations on the same machine using the same LDAP back-end. On v2.1.2 LDAP auth plugin is able to log in users, but in 2.3.2 it seems to be broken. I see the following in my LDAP logs when trying to log in as user "test":

      BIND dn="cn=manager,dc=x,dc=y,dc=z" mech=SIMPLE ssf=0
      conn=1801 op=0 RESULT tag=97 err=0 text=
      conn=1801 op=1 SRCH base="ou=people,dc=x,dc=y,dc=z" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=\00est))"

      Note the first letter of the uid which has been mangled, to (I think) NULL. Doing the same on the v2.1.2 installation presents the correct DN to LDAP. I am using OpenLDAP v 2.4.33. All PHP environment requirements are satisfied.

      I am also unable to unset the bind_dn and bind_password values in the LDAP auth plugin's configuration page, so I used the manager DN for testing.

        Gliffy Diagrams

          Activity

          Hide
          ziyan ziyan maraikar added a comment -

          Well it seems to be a broken icon implementation in either php 5.3.8 or libiconv 1.13.1. Looks like there are a couple of PHP bugs related to this. Here's a minimal example that triggers the problem on my system with just plain ASCII strings.
          <?php
          $text='ziyan';
          $result = iconv('utf-8', 'utf-8'.'//TRANSLIT', $text);
          echo $result;
          ?>
          OUTPUT: iyan (there's a null at the front)

          Show
          ziyan ziyan maraikar added a comment - Well it seems to be a broken icon implementation in either php 5.3.8 or libiconv 1.13.1. Looks like there are a couple of PHP bugs related to this. Here's a minimal example that triggers the problem on my system with just plain ASCII strings. <?php $text='ziyan'; $result = iconv('utf-8', 'utf-8'.'//TRANSLIT', $text); echo $result; ?> OUTPUT: iyan (there's a null at the front)
          Hide
          ziyan ziyan maraikar added a comment -

          Replacing iconv with mb_convert_encoding seems to work (at least in the trivial case)
          $result = mb_convert_encoding($text,'utf-8', 'utf-8' );

          Show
          ziyan ziyan maraikar added a comment - Replacing iconv with mb_convert_encoding seems to work (at least in the trivial case) $result = mb_convert_encoding($text,'utf-8', 'utf-8' );
          Hide
          ziyan ziyan maraikar added a comment -

          Definitely an issue with php-iconv as the following works fine:

          echo ziyan | iconv -f utf-8 -t utf-8

          How on earth do you put up with insanity like this in PHP's core libraries?? Each of the dozen functions to do the same thing seem to be broken in a different way!

          Show
          ziyan ziyan maraikar added a comment - Definitely an issue with php-iconv as the following works fine: echo ziyan | iconv -f utf-8 -t utf-8 How on earth do you put up with insanity like this in PHP's core libraries?? Each of the dozen functions to do the same thing seem to be broken in a different way!
          Hide
          skodak Petr Skoda added a comment -

          I have patched the textlib::convert() to cope a bit better with borked iconv, hopefully that might resolve the problem for you.

          In any case I would strongly recommend to use PHP with correctly working icon especially if you used non-ascii characters in your language.

          Show
          skodak Petr Skoda added a comment - I have patched the textlib::convert() to cope a bit better with borked iconv, hopefully that might resolve the problem for you. In any case I would strongly recommend to use PHP with correctly working icon especially if you used non-ascii characters in your language.
          Hide
          ziyan ziyan maraikar added a comment -

          Hi Petr,

          Thanks for fixing this. As I noted above libiconv itself seems to work fine, so it's likely a bug in the php module. We're using v5.3.8; I'll update this bug if the problem persists in the latest v5.4.x.

          Show
          ziyan ziyan maraikar added a comment - Hi Petr, Thanks for fixing this. As I noted above libiconv itself seems to work fine, so it's likely a bug in the php module. We're using v5.3.8; I'll update this bug if the problem persists in the latest v5.4.x.
          Hide
          skodak Petr Skoda added a comment - - edited

          Yes, there are different ways how to build the iconv extension. Unfortunately some distros use buggy glibc instead of the recommended libiconv...

          Show
          skodak Petr Skoda added a comment - - edited Yes, there are different ways how to build the iconv extension. Unfortunately some distros use buggy glibc instead of the recommended libiconv...
          Hide
          stronk7 Eloy Lafuente (stronk7) added a comment -

          Integrated (22, 23, 24 and master), thanks!

          (22 cherry-picked and created simpletest assertions)

          Show
          stronk7 Eloy Lafuente (stronk7) added a comment - Integrated (22, 23, 24 and master), thanks! (22 cherry-picked and created simpletest assertions)
          Hide
          stronk7 Eloy Lafuente (stronk7) added a comment -

          Passing, tests run on master, 24 and 22.

          Show
          stronk7 Eloy Lafuente (stronk7) added a comment - Passing, tests run on master, 24 and 22.
          Hide
          stronk7 Eloy Lafuente (stronk7) added a comment -

          Changes are now upstream, thanks for your collaboration!

          If you are going to have any celebration next days, enjoy with your gang, if not, too!

          Ciao

          Show
          stronk7 Eloy Lafuente (stronk7) added a comment - Changes are now upstream, thanks for your collaboration! If you are going to have any celebration next days, enjoy with your gang, if not, too! Ciao

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                14/Jan/13