diff options
| author | Côme Chilliet <91878298+come-nc@users.noreply.github.com> | 2022-05-09 10:30:55 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-09 10:30:55 +0300 |
| commit | f2810d07258b184d7e2bc9fa062e17316297bc83 (patch) | |
| tree | a8a0eb6678e753301950ed9ffc75480120481562 | |
| parent | ba927cd185e7ff7c1d2828dfd518ee05702aef3d (diff) | |
| parent | a9e674bec043670e7a151b1a9430c38bac61f761 (diff) | |
Merge pull request #32282 from nextcloud/backport/32246/stable24
[stable24] Don't use hash to check if binding worked
| -rw-r--r-- | apps/user_ldap/lib/Connection.php | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php index 565fb415e58..89b58b7ebfd 100644 --- a/apps/user_ldap/lib/Connection.php +++ b/apps/user_ldap/lib/Connection.php @@ -128,7 +128,7 @@ class Connection extends LDAPUtility { protected $ignoreValidation = false; /** - * @var array{dn?: mixed, hash?: string, result?: bool} + * @var array{sum?: string, result?: bool} */ protected $bindResult = []; @@ -672,11 +672,7 @@ class Connection extends LDAPUtility { if ( count($this->bindResult) !== 0 - && $this->bindResult['dn'] === $this->configuration->ldapAgentName - && \OC::$server->getHasher()->verify( - $this->configPrefix . $this->configuration->ldapAgentPassword, - $this->bindResult['hash'] - ) + && $this->bindResult['sum'] === md5($this->configuration->ldapAgentName . $this->configPrefix . $this->configuration->ldapAgentPassword) ) { // don't attempt to bind again with the same data as before // bind might have been invoked via getConnectionResource(), @@ -689,8 +685,7 @@ class Connection extends LDAPUtility { $this->configuration->ldapAgentPassword); $this->bindResult = [ - 'dn' => $this->configuration->ldapAgentName, - 'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword), + 'sum' => md5($this->configuration->ldapAgentName . $this->configPrefix . $this->configuration->ldapAgentPassword), 'result' => $ldapLogin, ]; |