Ensure we have a password at this point.

If the client failed to send a password, bail out. Fixes some authentication issues on some broken clients.
horde · Oct 2, 2013 · c37838d · c37838d
1 parent 48b2d54
commit c37838d
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/framework/Core/lib/Horde/Core/ActiveSync/Driver.php b/framework/Core/lib/Horde/Core/ActiveSync/Driver.php
@@ -193,6 +193,10 @@ public function authenticate($username, $password, $domain = null)
         }
 
         // Now check Basic. Happens for authtype == 'basic' || 'basic_cert'
+        if (empty($password)) {
+            $this->_logger->notice('Device failed to pass the user password.');
+            return false;
+        }
         if ((empty($conf['activesync']['auth']['type']) || (!empty($conf['activesync']['auth']['type']) && $conf['activesync']['auth']['type'] != 'cert')) &&
             !$this->_auth->authenticate($username, array('password' => $password))) {