extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-22 16:03:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

suppress warning and trace (containing passwords) if userPassword attribute is not accessible

Browse Source
This commit is contained in:
Ralf Becker 2020-04-16 12:15:47 +02:00
parent ddccf59758
commit 9211d81732
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
api/src/Auth/Ldap.php
View File

@ -141,7 +141,7 @@ class Ldap implements Backend
{
$matches = null;
// try to query password from ldap server (might fail because of ACL) and check if we need to migrate the hash
if (($sri = ldap_search($ldap, $userDN,"(objectclass=*)", array('userPassword'))) &&
if (($sri = @ldap_search($ldap, $userDN,"(objectclass=*)", array('userPassword'))) &&
($values = ldap_get_entries($ldap, $sri)) && isset($values[0]['userpassword'][0]) &&
($type = preg_match('/^{(.+)}/',$values[0]['userpassword'][0],$matches) ? strtolower($matches[1]) : 'plain') &&
// for crypt use Api\Auth::crypt_compare to detect correct sub-type, strlen("{crypt}")=7
@ -189,8 +189,8 @@ class Ldap implements Backend
{
$filter = "(&$filter(objectclass=posixaccount))";
}
$sri = ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes);
$allValues = ldap_get_entries($ldap, $sri);
$sri = @ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes);
$allValues = $sri ? ldap_get_entries($ldap, $sri) : [];
if ($allValues['count'] > 0)
{