Logging in with an AD-user that has no corresponding user in the TeamPass database reveals ALL passwords for a limited period.

[mflage]

Steps to reproduce

1. Battle with LDAP integration setup (a hassle in itself to get working)
2. Log in with a user that doesn't exist in the local TeamPass database
3. View all passwords

Expected behaviour

The user shouldn't be allowed to log in at all, as it has no corresponding entry in the local TeamPass database.

Actual behaviour

Instead the user can view ALL passwords.

Server configuration

Operating system:
Debian Jessie 8.5

Web server:
Apache 2.4.10

Database:
MariaDB 5.5.47

PHP version:
5.6.22-0

Teampass version:
2.1.23

Updated from an older Teampass or fresh install:
Updated from older TeamPass version.

Client configuration

Browser:
Different

Operating system:
Generally Microsoft Windows

Logs

Web server error log

Insert your webserver log here

Firebug log (How to?)

Insert the Firebug log here

[nilsteampassnet]

Please update to 2.1.26

[Qutianer]

Same as #1153 ?

[jsandova]

This issue still exists with version 2.1.27.

[nilsteampassnet]

As I cannot test, can you please do the next change assuming you are using 2.1.27

Open file sources/identify.php, around line 545 found

        DB::insert(
            prefix_table('users'),
            array(
                'login' => $username,
                'pw' => $data['pw'],
                'email' => @$user_info_from_ad[0]['mail'][0],
                'name' => $user_info_from_ad[0]['givenname'][0],
                'lastname' => $user_info_from_ad[0]['sn'][0],
                'admin' => '0',
                'gestionnaire' => '0',
                'can_manage_all_users' => '0',
                'personal_folder' => $_SESSION['settings']['enable_pf_feature'] == "1" ? '1' : '0',
                'fonction_id' => '0',
                'groupes_interdits' => '0',
                'groupes_visibles' => '0',
                'last_pw_change' => time(),
                'user_language' => $_SESSION['settings']['default_language']
            )
        );

and replace by

        DB::insert(
            prefix_table('users'),
            array(
                'login' => $username,
                'pw' => $data['pw'],
                'email' => @$user_info_from_ad[0]['mail'][0],
                'name' => $user_info_from_ad[0]['givenname'][0],
                'lastname' => $user_info_from_ad[0]['sn'][0],
                'admin' => '0',
                'gestionnaire' => '0',
                'can_manage_all_users' => '0',
                'personal_folder' => $_SESSION['settings']['enable_pf_feature'] == "1" ? '1' : '0',
                'fonction_id' => '',
                'groupes_interdits' => '',
                'groupes_visibles' => '',
                'last_pw_change' => time(),
                'user_language' => $_SESSION['settings']['default_language'],
                'encrypted_psk' => ''
            )
        );

Note if you are in 2.1.26, then remove the last entry 'encrypted_psk' => ''

[mflage]

I wish I could, but all my efforts to upgrade this product as thus far failed horribly, so I'm still running 2.1.24.

…

-- Marius Den 22.06.2017 20.00, skrev Nils Laumaillé:

As I cannot test, can you please do the next change assuming you are using 2.1.27 Open file |sources/identify.php|, around line 545 found |DB::insert( prefix_table('users'), array( 'login' => $username, 'pw' => $data['pw'], 'email' => @$user_info_from_ad[0]['mail'][0], 'name' => $user_info_from_ad[0]['givenname'][0], 'lastname' => $user_info_from_ad[0]['sn'][0], 'admin' => '0', 'gestionnaire' => '0', 'can_manage_all_users' => '0', 'personal_folder' => $_SESSION['settings']['enable_pf_feature'] == "1" ? '1' : '0', 'fonction_id' => '0', 'groupes_interdits' => '0', 'groupes_visibles' => '0', 'last_pw_change' => time(), 'user_language' => $_SESSION['settings']['default_language'] ) ); | and replace by |DB::insert( prefix_table('users'), array( 'login' => $username, 'pw' => $data['pw'], 'email' => @$user_info_from_ad[0]['mail'][0], 'name' => $user_info_from_ad[0]['givenname'][0], 'lastname' => $user_info_from_ad[0]['sn'][0], 'admin' => '0', 'gestionnaire' => '0', 'can_manage_all_users' => '0', 'personal_folder' => $_SESSION['settings']['enable_pf_feature'] == "1" ? '1' : '0', 'fonction_id' => '', 'groupes_interdits' => '', 'groupes_visibles' => '', 'last_pw_change' => time(), 'user_language' => $_SESSION['settings']['default_language'], 'encrypted_psk' => '' ) ); | Note if you are in *2.1.26*, then remove the last entry |'encrypted_psk' => ''| — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#1530 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAzGxBl0IW3ypyGoryJwdf1_Xv5VaWu2ks5sGqvCgaJpZM4KNpgx>.