diff options
| author | Julius Härtl <jus@bitgrid.net> | 2023-03-27 11:23:29 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-03-27 11:23:29 +0200 |
| commit | 4843bc771dc68b4875f8d9e82a650f5731f9bc7d (patch) | |
| tree | 8dc89ad6382a0aea7b582cfe1a84240ef1397bed | |
| parent | a854274875dd52223dfd0a0b6f78e1bb306904b6 (diff) | |
| parent | 339680c6a1dbd1cae184b4341a52c58a38d393e8 (diff) | |
| download | nextcloud-server-4843bc771dc68b4875f8d9e82a650f5731f9bc7d.tar.gz nextcloud-server-4843bc771dc68b4875f8d9e82a650f5731f9bc7d.zip | |
Merge pull request #37217 from nextcloud/backport/37192/stable26
| -rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index 38bbef8fb61..824e2e056c8 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -113,7 +113,7 @@ class PublicKeyTokenProvider implements IProvider { // We need to check against one old token to see if there is a password // hash that we can reuse for detecting outdated passwords $randomOldToken = $this->mapper->getFirstTokenForUser($uid); - $oldTokenMatches = $randomOldToken && $randomOldToken->getPasswordHash() && $this->hasher->verify(sha1($password) . $password, $randomOldToken->getPasswordHash()); + $oldTokenMatches = $randomOldToken && $randomOldToken->getPasswordHash() && $password !== null && $this->hasher->verify(sha1($password) . $password, $randomOldToken->getPasswordHash()); $dbToken = $this->newToken($token, $uid, $loginName, $password, $name, $type, $remember); |