System.DirectoryServices.Protocols: Use LDAP V3 protocol by default

Fixes #109449
dotnet · Nov 1, 2024 · a9c3e8d · a9c3e8d
1 parent a67a869
commit a9c3e8d
Showing 1 changed file with 19 additions and 4 deletions.
diff --git a/src/libraries/Common/src/Interop/Linux/OpenLdap/Interop.Ldap.cs b/src/libraries/Common/src/Interop/Linux/OpenLdap/Interop.Ldap.cs
@@ -57,6 +57,12 @@ internal enum SaslChallengeType
         SASL_CB_GETREALM = 0x4008,
         SASL_CB_PROXY_POLICY = 0x8001,
     }
+
+    internal enum LdapVersion
+    {
+        LDAP_VERSION3 = 3,
+        LDAP_VERSION2 = 2,
+    }
 }
 
 internal delegate int LDAP_SASL_INTERACT_PROC(IntPtr ld, uint flags, IntPtr defaults, IntPtr interact);
@@ -92,10 +98,16 @@ static Ldap()
             // OpenLdap must be initialized on a single thread, once this is done it allows concurrent calls
             // By doing so in the static constructor we guarantee this is run before any other methods are called.
 
-            // we call ldap_get_option_int to get an option and trigger the initialization as reccomended by
-            // https://www.openldap.org/software//man.cgi?query=ldap_init
-            int unused = 0;
-            ldap_get_option_int(IntPtr.Zero, LdapOption.LDAP_OPT_DEBUG_LEVEL, ref unused);
+            // we call ldap_set_option to set the LDAP protocol version to V3 and trigger the initialization as recommended by
+            // https://www.openldap.org/software/man.cgi?query=ldap_init
+            // > Note:  the first call into the LDAP library also initializes the global
+            // > options for the library. As such  the  first  call  should  be  single-
+            // > threaded or otherwise protected to ensure that only one call is active.
+            // > It is recommended that ldap_get_option() or ldap_set_option()  be  used
+            // > in the program's main thread before any additional threads are created.
+            // > See ldap_get_option(3).
+            LdapVersion version = LdapVersion.LDAP_VERSION3;
+            ldap_set_option_version(IntPtr.Zero, LdapOption.LDAP_OPT_VERSION, ref version);
         }
 
         [LibraryImport(Libraries.OpenLdap, EntryPoint = "ldap_initialize", SetLastError = true)]
@@ -148,6 +160,9 @@ public static partial int ldap_search(
             int sizelimit,
             ref int messageNumber);
 
+        [LibraryImport(Libraries.OpenLdap, EntryPoint = "ldap_set_option", SetLastError = true)]
+        private static partial int ldap_set_option_version(IntPtr ld, LdapOption option, ref LdapVersion value);
+
         [LibraryImport(Libraries.OpenLdap, EntryPoint = "ldap_set_option", SetLastError = true)]
         public static partial int ldap_set_option_bool(ConnectionHandle ld, LdapOption option, [MarshalAs(UnmanagedType.Bool)] bool value);