From: csteipp <csteipp@wikimedia.org>
Date: Fri, 31 Aug 2012 03:38:05 +0000 (-0700)
Subject: (bug 39184) LDAP password leakage
X-Git-Tag: 1.31.0-rc.0~22504
X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_ecrire%28%22lang_raccourcis%22%2C%22module=%24nom_module%22%29%20.%20%22?a=commitdiff_plain;h=ed5b57566724e63930531d418606c68b542cb1a2;p=lhc%2Fweb%2Fwiklou.git

(bug 39184) LDAP password leakage

Allow AuthPlugin to determine if user passwords should be stored
locally.

* Released as part of 1.20wmf10, 1.19.2, 1.18.5

Change-Id: Ie41bed7ecf5390f8815128c227bae371880a6058
---

diff --git a/includes/AuthPlugin.php b/includes/AuthPlugin.php
index c7fcf93f3c..2e42439c9f 100644
--- a/includes/AuthPlugin.php
+++ b/includes/AuthPlugin.php
@@ -176,6 +176,15 @@ class AuthPlugin {
 		return true;
 	}
 
+	/**
+	 * Should MediaWiki store passwords in its local database?
+	 *
+	 * @return bool
+	 */
+	public function allowSetLocalPassword() {
+		return true;
+	}
+
 	/**
 	 * Set the given password in the authentication database.
 	 * As a special case, the password may be set to null to request
diff --git a/includes/User.php b/includes/User.php
index 13748de39b..0a3db4c07c 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -2891,11 +2891,16 @@ class User {
 	 * @todo Only rarely do all these fields need to be set!
 	 */
 	public function saveSettings() {
+		global $wgAuth;
+
 		$this->load();
 		if ( wfReadOnly() ) { return; }
 		if ( 0 == $this->mId ) { return; }
 
 		$this->mTouched = self::newTouchedTimestamp();
+		if ( !$wgAuth->allowSetLocalPassword() ) {
+			$this->mPassword = '';
+		}
 
 		$dbw = wfGetDB( DB_MASTER );
 		$dbw->update( 'user',