diff options
| author | Vincent Petry <vincent@nextcloud.com> | 2022-05-05 18:09:20 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-05 18:09:20 +0200 |
| commit | 99151a55890727253339f49406e2ceba56db47e4 (patch) | |
| tree | 6bcf69439d4e411ec9dd762f30e9f3a7a7749e3f | |
| parent | fe24091ffb62191237709ae8e5a2cf6cc50f3d56 (diff) | |
| parent | 95b5187300a1ace0878e135ce98b1558c1a04355 (diff) | |
| download | nextcloud-server-99151a55890727253339f49406e2ceba56db47e4.tar.gz nextcloud-server-99151a55890727253339f49406e2ceba56db47e4.zip | |
Merge pull request #32246 from nextcloud/performance/remove-bind-hash
Don't use hash to check if binding worked
| -rw-r--r-- | apps/user_ldap/lib/Connection.php | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php index 565fb415e58..89b58b7ebfd 100644 --- a/apps/user_ldap/lib/Connection.php +++ b/apps/user_ldap/lib/Connection.php @@ -128,7 +128,7 @@ class Connection extends LDAPUtility { protected $ignoreValidation = false; /** - * @var array{dn?: mixed, hash?: string, result?: bool} + * @var array{sum?: string, result?: bool} */ protected $bindResult = []; @@ -672,11 +672,7 @@ class Connection extends LDAPUtility { if ( count($this->bindResult) !== 0 - && $this->bindResult['dn'] === $this->configuration->ldapAgentName - && \OC::$server->getHasher()->verify( - $this->configPrefix . $this->configuration->ldapAgentPassword, - $this->bindResult['hash'] - ) + && $this->bindResult['sum'] === md5($this->configuration->ldapAgentName . $this->configPrefix . $this->configuration->ldapAgentPassword) ) { // don't attempt to bind again with the same data as before // bind might have been invoked via getConnectionResource(), @@ -689,8 +685,7 @@ class Connection extends LDAPUtility { $this->configuration->ldapAgentPassword); $this->bindResult = [ - 'dn' => $this->configuration->ldapAgentName, - 'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword), + 'sum' => md5($this->configuration->ldapAgentName . $this->configPrefix . $this->configuration->ldapAgentPassword), 'result' => $ldapLogin, ]; |