From e57e2393022d0449b31ad0923b8346381f0b97c0 Mon Sep 17 00:00:00 2001 From: Andrew Engelbrecht Date: Fri, 7 Jan 2022 12:09:07 -0500 Subject: [PATCH] don't accept password if there is stderr in case there is some unexpected error like an undefined variable, with a 0 return code, we want to reject the login --- lib/Auth/Source/FSFDrupalAuth.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/Auth/Source/FSFDrupalAuth.php b/lib/Auth/Source/FSFDrupalAuth.php index 4acf2ba..617788e 100644 --- a/lib/Auth/Source/FSFDrupalAuth.php +++ b/lib/Auth/Source/FSFDrupalAuth.php @@ -168,16 +168,18 @@ class FSFDrupalAuth extends \SimpleSAML\Module\core\Auth\UserPassBase //Logger::debug('fsfdrupalauth:'.$this->authId.': authenticator stdout: '.$result); + $errors_found_yet = false; if ($errors != "") { Logger::error('fsfdrupalauth:'.$this->authId.': authenticator stderr: '.$errors); + $errors_found_yet = true; } if ($return_value != 0) { Logger::error('fsfdrupalauth:'.$this->authId.': authenticator non-zero return code: '.$return_value); - return false; + $errors_found_yet = true; } - return ($return_value == 0 && rtrim($result) == "true"); + return (!$errors_found_yet && rtrim($result) == "true"); } else { -- 2.25.1