From 9211d817326d426340cad5ea4b962836c1ef0f16 Mon Sep 17 00:00:00 2001
From: Ralf Becker <RalfBecker@outdoor-training.de>
Date: Thu, 16 Apr 2020 12:15:47 +0200
Subject: [PATCH] suppress warning and trace (containing passwords) if
 userPassword attribute is not accessible

---
 api/src/Auth/Ldap.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/src/Auth/Ldap.php b/api/src/Auth/Ldap.php
index 0c75ccffcf..2f383ece50 100644
--- a/api/src/Auth/Ldap.php
+++ b/api/src/Auth/Ldap.php
@@ -141,7 +141,7 @@ class Ldap implements Backend
 				{
 					$matches = null;
 					// try to query password from ldap server (might fail because of ACL) and check if we need to migrate the hash
-					if (($sri = ldap_search($ldap, $userDN,"(objectclass=*)", array('userPassword'))) &&
+					if (($sri = @ldap_search($ldap, $userDN,"(objectclass=*)", array('userPassword'))) &&
 						($values = ldap_get_entries($ldap, $sri)) && isset($values[0]['userpassword'][0]) &&
 						($type = preg_match('/^{(.+)}/',$values[0]['userpassword'][0],$matches) ? strtolower($matches[1]) : 'plain') &&
 						// for crypt use Api\Auth::crypt_compare to detect correct sub-type, strlen("{crypt}")=7
@@ -189,8 +189,8 @@ class Ldap implements Backend
 		{
 			$filter = "(&$filter(objectclass=posixaccount))";
 		}
-		$sri = ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes);
-		$allValues = ldap_get_entries($ldap, $sri);
+		$sri = @ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes);
+		$allValues = $sri ? ldap_get_entries($ldap, $sri) : [];
 
 		if ($allValues['count'] > 0)
 		{