Merge pull request #25901 from nextcloud/backport/25860/stable19

[stable19] do not die after LDAP auth failed with expired acc
This commit is contained in:
Roeland Jago Douma 2021-03-03 08:35:21 +01:00 committed by GitHub
commit 4a111afc8d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions

View File

@ -671,9 +671,12 @@ class Connection extends LDAPUtility {
'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr), 'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
ILogger::WARN); ILogger::WARN);
// Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS // Set to failure mode, if LDAP error code is not one of
// or (needed for Apple Open Directory:) LDAP_INSUFFICIENT_ACCESS // - LDAP_SUCCESS (0)
if ($errno !== 0 && $errno !== 49 && $errno !== 50) { // - LDAP_INVALID_CREDENTIALS (49)
// - LDAP_INSUFFICIENT_ACCESS (50, spotted Apple Open Directory)
// - LDAP_UNWILLING_TO_PERFORM (53, spotted eDirectory)
if (!in_array($errno, [0, 49, 50, 53], true)) {
$this->ldapConnectionRes = null; $this->ldapConnectionRes = null;
} }