From 7efa7171e34a39e35cfb44459089fbfcaa4cfdc3 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Fri, 11 May 2012 15:42:05 +0200
Subject: [PATCH] LDAP: wrong assumptions for case (in)sensitivity, implement
 far better solution

---
 apps/user_ldap/group_ldap.php | 16 ++++------------
 apps/user_ldap/lib_ldap.php   | 15 ++++++++++++---
 2 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index 34141e51f4..168476a78e 100755
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -47,9 +47,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
 			return false;
 		}
 		//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
-		$read = ($members = OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr))
-			||  ($members = OC_LDAP::readAttribute($dn_group, strtolower($this->ldapGroupMemberAssocAttr)));
-		if(!$read) {
+		$members = OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr);
+		if(!$members) {
 			return false;
 		}
 
@@ -101,11 +100,6 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
 			$this->ldapGroupMemberAssocAttr.'='.$uid
 		));
 		$groups = OC_LDAP::fetchListOfGroups($filter, array(OC_LDAP::conf('ldapGroupDisplayName'),'dn'));
-		if(count($groups) == 0) {
-			//usually, LDAP attributes are said to be case insensitive. But there are exceptions... So we try it once more
-			$filter = str_replace($this->ldapGroupMemberAssocAttr, strtolower($this->ldapGroupMemberAssocAttr), $filter);
-			$groups = OC_LDAP::fetchListOfGroups($filter, array(OC_LDAP::conf('ldapGroupDisplayName'),'dn'));
-		}
 		$userGroups = OC_LDAP::ownCloudGroupNames($groups);
 
 		return array_unique($userGroups, SORT_LOCALE_STRING);
@@ -121,10 +115,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
 			return array();
 		}
 
-		//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
-		$read = ($members = OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr))
-			||  ($members = OC_LDAP::readAttribute($groupDN, strtolower($this->ldapGroupMemberAssocAttr)));
-		if(!$read) {
+		$members = OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr);
+		if(!$members) {
 			return array();
 		}
 
diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index 30806a63b0..e8d91d0e03 100755
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -413,7 +413,9 @@ class OC_LDAP {
 		$cr = self::getConnectionResource();
 		$rr = ldap_read($cr, $dn, 'objectClass=*', array($attr));
 		$er = ldap_first_entry($cr, $rr);
-		$result = ldap_get_attributes($cr, $er);
+		//LDAP attributes are not case sensitive
+		$result = array_change_key_case(ldap_get_attributes($cr, $er));
+		$attr = strtolower($attr);
 
 		if(isset($result[$attr]) && $result[$attr]['count'] > 0){
 			$values = array();
@@ -493,8 +495,15 @@ class OC_LDAP {
 					}
 					$i++;
 				} else {
-					if(isset($item[$attr[0]])) {
-						$selection[] = $item[$attr[0]];
+					//tribute to case insensitivity
+					if(!is_array($item)) {
+						continue;
+					}
+					$item = array_change_key_case($item);
+					$key = strtolower($attr[0]);
+
+					if(isset($item[$key])) {
+						$selection[] = $item[$key];
 					}
 				}