Page MenuHomePhorge
Create Task
Maniphest T15724

PHP 8.3: Usage of ldap_connect with two arguments is deprecated
Open, Needs TriagePublic
Actions

Description

https://we.phorge.it/source/phorge/browse/master/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php includes the line
$conn = @ldap_connect($host, $this->port);
Per https://www.php.net/manual/en/function.ldap-connect.php this signature is deprecated since PHP 8.3.
Instead, a full LDAP URI should be passed as the only parameter.

I don't have an LDAP server handy to test. My vague assumption would be:

diff --git a/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php b/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php
index 14047c1761..72c68a5470 100644
--- a/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php
+++ b/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php
@@ -305,7 +305,12 @@ final class PhutilLDAPAuthAdapter extends PhutilAuthAdapter {
           'port' => $this->port,
         ));
 
-      $conn = @ldap_connect($host, $this->port);
+      if ($this->ldapStartTLS) {
+        $ldap_server_uri = 'ldap://' . $host . ':' . $this->port;
+      } else {
+        $ldap_server_uri = 'ldaps://' . $host . ':' . $this->port;
+      }
+      $conn = @ldap_connect($ldap_server_uri);
 
       $profiler->endServiceCall(
         $call_id,
@@ -315,7 +320,7 @@ final class PhutilLDAPAuthAdapter extends PhutilAuthAdapter {
 
       if (!$conn) {
         throw new Exception(
-          pht('Unable to connect to LDAP server (%s:%d).', $host, $port));
+          pht('Unable to connect to LDAP server (%s).', $ldap_server_uri));
       }
 
       $options = array(

Revisions and Commits

rP Phorge
Needs ReviewD25792 Fix PHP 8.3 "Usage of ldap_connect with two arguments is deprecated" exception

Related Objects
Search...

View Standalone Graph
This task is connected to more than 200 other tasks. Only direct parents and subtasks are shown here. Use View Standalone Graph to show more of the graph.
StatusAssignedTask
· · ·
OpenNoneT15064 Make Phorge compatible with PHP 8.1/8.2/8.3
OpenNoneT15724 PHP 8.3: Usage of ldap_connect with two arguments is deprecated
· · ·

Event Timeline

aklapper created this task.Jan 26 2024, 17:52
Herald added subscribers: Cigaryno, Matthew, chris, tobiaswiese. · View Herald TranscriptJan 26 2024, 17:52
pppery added a project: PHP 8 support.Jun 8 2024, 23:59
avivey subscribed.Jun 9 2024, 06:54

So PHP, very wow

Note: This function does not open a connection. It checks whether the given parameters are plausible and can be used to open a connection as soon as one is needed.

https://www.php.net/manual/en/function.ldap-connect.php

aklapper added a comment.Aug 19 2024, 18:48

Confirming my suspicion on PHP 8.3 (while I'm still struggling to successfully bind locally).
As far as I can tell (well, I'm running into ldap_bind(): Unable to bind to server: Can't contact LDAP server after the patch above while my local LDAP server is running but that's nothing new triggered by the patch above), the patch above seems to work.

[2024-08-19 18:41:33] ERROR 8192: Usage of ldap_connect with two arguments is deprecated at [/var/www/html/phorge/phorge/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php:308]
arcanist(head=master, ref.master=0d5f4379709d), ava(head=wmf/stable, ref.master=d3f5a1c67bb4, ref.wmf/stable=0b414fb56fe3), phorge(head=master, ref.master=9c684c80d63d), translations(head=wmf/stable, ref.master=09fe573a932a, ref.wmf/stable=ad3c1bb2af60)
  #0 ldap_connect(string, string) called at [<phorge>/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php:308]
  #1 PhutilLDAPAuthAdapter::establishConnection() called at [<phorge>/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php:213]
  #2 PhutilLDAPAuthAdapter::loadLDAPUserData() called at [<phorge>/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php:161]
  #3 PhutilLDAPAuthAdapter::getLDAPUserData() called at [<phorge>/src/applications/auth/adapter/PhutilLDAPAuthAdapter.php:114]
  #4 PhutilLDAPAuthAdapter::getAccountID() called at [<phorge>/src/applications/auth/adapter/PhutilAuthAdapter.php:30]
  #5 PhutilAuthAdapter::newAccountIdentifiers() called at [<phorge>/src/applications/auth/adapter/PhutilAuthAdapter.php:22]
  #6 PhutilAuthAdapter::getAccountIdentifiers() called at [<phorge>/src/applications/auth/provider/PhabricatorLDAPAuthProvider.php:169]
  #7 PhabricatorLDAPAuthProvider::processLoginRequest(PhabricatorAuthLoginController) called at [<phorge>/src/applications/auth/controller/PhabricatorAuthLoginController.php:42]
  #8 PhabricatorAuthLoginController::handleRequest(AphrontRequest) called at [<phorge>/src/aphront/configuration/AphrontApplicationConfiguration.php:284]
  #9 AphrontApplicationConfiguration::processRequest(AphrontRequest, PhutilDeferredLog, AphrontPHPHTTPSink, MultimeterControl) called at [<phorge>/src/aphront/configuration/AphrontApplicationConfiguration.php:203]
  #10 AphrontApplicationConfiguration::runHTTPRequest(AphrontPHPHTTPSink) called at [<phorge>/webroot/index.php:35]
aklapper renamed this task from PHP 8.3: ldap_connect() call signature deprecated to PHP 8.3: Usage of ldap_connect with two arguments is deprecated.Aug 19 2024, 18:48
aklapper added a revision: D25792: Fix PHP 8.3 "Usage of ldap_connect with two arguments is deprecated" exception.Aug 19 2024, 19:49
Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under Apache 2.0 or other open source licenses. · CC BY-SA 4.0 · Apache 2.0