Page MenuHomePhorge

PHP 8.3: ldap_connect() call signature deprecated
Open, Needs TriagePublic

Description

https://we.phorge.it/source/phorge/browse/master/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php includes the line
$conn = @ldap_connect($host, $this->port);
Per https://www.php.net/manual/en/function.ldap-connect.php this signature is deprecated since PHP 8.3.
Instead, a full LDAP URI should be passed as the only parameter.

I don't have an LDAP server handy to test. My vague assumption would be:

diff --git a/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php b/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php
index 14047c1761..72c68a5470 100644
--- a/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php
+++ b/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php
@@ -305,7 +305,12 @@ final class PhutilLDAPAuthAdapter extends PhutilAuthAdapter {
           'port' => $this->port,
         ));
 
-      $conn = @ldap_connect($host, $this->port);
+      if ($this->ldapStartTLS) {
+        $ldap_server_uri = 'ldap://' . $host . ':' . $this->port;
+      } else {
+        $ldap_server_uri = 'ldaps://' . $host . ':' . $this->port;
+      }
+      $conn = @ldap_connect($ldap_server_uri);
 
       $profiler->endServiceCall(
         $call_id,
@@ -315,7 +320,7 @@ final class PhutilLDAPAuthAdapter extends PhutilAuthAdapter {
 
       if (!$conn) {
         throw new Exception(
-          pht('Unable to connect to LDAP server (%s:%d).', $host, $port));
+          pht('Unable to connect to LDAP server (%s).', $ldap_server_uri));
       }
 
       $options = array(