diff options
author | Côme Chilliet <91878298+come-nc@users.noreply.github.com> | 2022-05-09 10:31:02 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-09 10:31:02 +0300 |
commit | 1a3276cfce59a2a6cd4703a212c1d098cdada793 (patch) | |
tree | 2a6c1cd795fedcaaca0bd06c38fcb1fa517d05c6 /apps | |
parent | 35420d9ba9c2b0605f28ef08d9da8ed62a0d4bd2 (diff) | |
parent | e3021049f4727f8b9a2ca6c23efa140b53efb817 (diff) |
Merge pull request #32283 from nextcloud/backport/32246/stable22
[stable22] Don't use hash to check if binding worked
Diffstat (limited to 'apps')
-rw-r--r-- | apps/user_ldap/lib/Connection.php | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php index 4abea708a0d..bfddee56658 100644 --- a/apps/user_ldap/lib/Connection.php +++ b/apps/user_ldap/lib/Connection.php @@ -125,7 +125,7 @@ class Connection extends LDAPUtility { protected $ignoreValidation = false; /** - * @var array{dn?: mixed, hash?: string, result?: bool} + * @var array{sum?: string, result?: bool} */ protected $bindResult = []; @@ -669,11 +669,7 @@ class Connection extends LDAPUtility { if ( count($this->bindResult) !== 0 - && $this->bindResult['dn'] === $this->configuration->ldapAgentName - && \OC::$server->getHasher()->verify( - $this->configPrefix . $this->configuration->ldapAgentPassword, - $this->bindResult['hash'] - ) + && $this->bindResult['sum'] === md5($this->configuration->ldapAgentName . $this->configPrefix . $this->configuration->ldapAgentPassword) ) { // don't attempt to bind again with the same data as before // bind might have been invoked via getConnectionResource(), @@ -686,8 +682,7 @@ class Connection extends LDAPUtility { $this->configuration->ldapAgentPassword); $this->bindResult = [ - 'dn' => $this->configuration->ldapAgentName, - 'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword), + 'sum' => md5($this->configuration->ldapAgentName . $this->configPrefix . $this->configuration->ldapAgentPassword), 'result' => $ldapLogin, ]; |