Merge remote-tracking branch 'upstream/develop' into develop

This commit is contained in:
Roland Häder 2016-12-20 15:50:39 +01:00
commit a020086128

View File

@ -159,14 +159,19 @@ class exAuth {
$sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]); $sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
$this->writeDebugLog("[debug] checking isuser for ". $sUser."@".$aCommand[2]); $this->writeDebugLog("[debug] checking isuser for ". $sUser."@".$aCommand[2]);
// If the hostnames doesn't match, we try to check remotely // Does the hostname match? So we try directly
if ($a->get_hostname() != $aCommand[2]) if ($a->get_hostname() == $aCommand[2]) {
$found = $this->check_user($aCommand[2], $aCommand[1], true);
else {
$sQuery = "SELECT `uid` FROM `user` WHERE `nickname`='".dbesc($sUser)."'"; $sQuery = "SELECT `uid` FROM `user` WHERE `nickname`='".dbesc($sUser)."'";
$this->writeDebugLog("[debug] using query ". $sQuery); $this->writeDebugLog("[debug] using query ". $sQuery);
$r = q($sQuery); $r = q($sQuery);
$found = dbm::is_result($r); $found = dbm::is_result($r);
} else {
$found = false;
}
// If the hostnames doesn't match or there is some failure, we try to check remotely
if (!$found) {
$found = $this->check_user($aCommand[2], $aCommand[1], true);
} }
if ($found) { if ($found) {
@ -227,10 +232,8 @@ class exAuth {
$sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]); $sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
$this->writeDebugLog("[debug] doing auth for ".$sUser."@".$aCommand[2]); $this->writeDebugLog("[debug] doing auth for ".$sUser."@".$aCommand[2]);
// If the hostnames doesn't match, we try to authenticate remotely // Does the hostname match? So we try directly
if ($a->get_hostname() != $aCommand[2]) if ($a->get_hostname() == $aCommand[2]) {
$Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true);
else {
$sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='".dbesc($sUser)."'"; $sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='".dbesc($sUser)."'";
$this->writeDebugLog("[debug] using query ". $sQuery); $this->writeDebugLog("[debug] using query ". $sQuery);
if ($oResult = q($sQuery)) { if ($oResult = q($sQuery)) {
@ -246,6 +249,13 @@ class exAuth {
$this->writeLog("[exAuth] got password ".$oConfig[0]["v"]); $this->writeLog("[exAuth] got password ".$oConfig[0]["v"]);
$Error = ($aCommand[3] != $oConfig[0]["v"]); $Error = ($aCommand[3] != $oConfig[0]["v"]);
} }
} else {
$Error = true;
}
// If the hostnames doesn't match or there is some failure, we try to check remotely
if ($Error) {
$Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true);
} }
if ($Error) { if ($Error) {