[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replacement for ldap_sort_entries

On 24/06/2015 16:37, Côme BERNIGAUD wrote:
On 2015-06-24 16:19, Michael Ströder wrote:
Côme BERNIGAUD wrote:
I’m trying to get rid of the -DLDAP_DEPRECATED=1 option when building the
php-ldap module.
For other functions it went fine but the php function ldap_sort is using
ldap_sort_entries which is deprecated with no replacement.
As I can’t remove ldap_sort from PHP API, I need to find a way to replace this
function call if I want to get rid of deprecated calls.

How about reimplementing it in PHP?

Not sure if you mean in the PHP language or in the PHP binary. The first one is not possible if I’m not mistaking, the second one is indeed what I’d like to do but not sure how.

I need the API to stay exactly the same.
ldap_sort is called after the call to ldap_search and before the call to ldap_get_entries. So it needs to work on the result themselves so that they are sorted when the next ldap accessing results function is called. That’s why it needs to be done in the C code. And that’s why it needs access to the LDAPMessage struct which is internal to OpenLDAP as far as I understood things.
The logic of that sorting is broken. Sorting by DN (or by value) requires the knowledge of the syntax and matching rule(s) of the corresponding attributes. First of all, the client is not supposed to know much about it. Second, a wise implementation would normalize values (or DNs), then sort. An accurate implementation of those functionalities based on the deprecated API would be at least inefficient. It would be much wiser to do the sorting at the client's side, after extracting data from the LDAP results. And the PHP interface should deprecate those functions as well.


Pierangelo Masarati
Associate Professor
Dipartimento di Scienze e Tecnologie Aerospaziali
Politecnico di Milano