From 3efaf508e43a975640c6290123826d7ae766012e Mon Sep 17 00:00:00 2001
From: Alexie Papanicolaou <alpapan@gmail.com>
Date: Fri, 9 Dec 2022 18:05:06 +1100
Subject: [PATCH 1/2] Addresses #35642: LDAP variables can be integers

Signed-off-by: Alexie Papanicolaou <alpapan@gmail.com>
---
 apps/user_ldap/lib/Configuration.php           |  2 +-
 apps/user_ldap/lib/Group_LDAP.php              | 12 ++++++++----
 apps/user_ldap/lib/Mapping/AbstractMapping.php |  3 ++-
 apps/user_ldap/lib/User_LDAP.php               |  6 ++++--
 4 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/apps/user_ldap/lib/Configuration.php b/apps/user_ldap/lib/Configuration.php
index f2090291d3203..82d2ec1fe508c 100644
--- a/apps/user_ldap/lib/Configuration.php
+++ b/apps/user_ldap/lib/Configuration.php
@@ -332,7 +332,7 @@ protected function setMultiLine(string $varName, $value): void {
 		} else {
 			$finalValue = [];
 			foreach ($value as $key => $val) {
-				if (is_string($val)) {
+				if (is_string($val) || is_numeric($int)) {
 					$val = trim($val);
 					if ($val !== '') {
 						//accidental line breaks are not wanted and can cause
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index b32e031175ff9..b1e040213af4d 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -703,7 +703,8 @@ public function getUserGroups($uid) {
 					if ($userMatch !== false) {
 						// match found so this user is in this group
 						$groupName = $this->access->dn2groupname($dynamicGroup['dn'][0]);
-						if (is_string($groupName)) {
+						// in case it is just an integer (is_string(int) returns false
+						if (is_string($groupName) || is_numeric($groupName)) {
 							// be sure to never return false if the dn could not be
 							// resolved to a name, for whatever reason.
 							$groups[] = $groupName;
@@ -730,7 +731,8 @@ public function getUserGroups($uid) {
 			$groupDNs = $this->_getGroupDNsFromMemberOf($userDN);
 			foreach ($groupDNs as $dn) {
 				$groupName = $this->access->dn2groupname($dn);
-				if (is_string($groupName)) {
+                                // in case it is just an integer (is_string(int) returns false
+				if (is_string($groupName) || is_numeric($groupName)) {
 					// be sure to never return false if the dn could not be
 					// resolved to a name, for whatever reason.
 					$groups[] = $groupName;
@@ -1138,7 +1140,8 @@ public function groupExists($gid) {
 	protected function filterValidGroups(array $listOfGroups): array {
 		$validGroupDNs = [];
 		foreach ($listOfGroups as $key => $item) {
-			$dn = is_string($item) ? $item : $item['dn'][0];
+                        // in case it is just an integer (is_string(int) returns false
+			$dn = !is_array($item) ? $item : $item['dn'][0];
 			if (is_array($item) && !isset($item[$this->access->connection->ldapGroupDisplayName][0])) {
 				continue;
 			}
@@ -1191,7 +1194,8 @@ public function createGroup($gid) {
 			if ($dn = $this->groupPluginManager->createGroup($gid)) {
 				//updates group mapping
 				$uuid = $this->access->getUUID($dn, false);
-				if (is_string($uuid)) {
+                                // in case it is just an integer, not sure if this UUID could ever be an int though
+				if (is_string($uuid) || is_numeric($uuid)) {
 					$this->access->mapAndAnnounceIfApplicable(
 						$this->access->getGroupMapper(),
 						$dn,
diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php
index 8fbad6aae3a6e..5bd009fbf443e 100644
--- a/apps/user_ldap/lib/Mapping/AbstractMapping.php
+++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php
@@ -192,7 +192,8 @@ public function setUUIDbyDN($uuid, $fdn): bool {
 	 */
 	protected function getDNHash(string $fdn): string {
 		$hash = hash('sha256', $fdn, false);
-		if (is_string($hash)) {
+		// very rare but a hash could just be numbers? is_string(int) would return false
+		if (is_string($hash) || is_numeric($hash)) {
 			return $hash;
 		} else {
 			throw new \RuntimeException('hash function did not return a string');
diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php
index 650c974da8173..2e0e2f0efee1d 100644
--- a/apps/user_ldap/lib/User_LDAP.php
+++ b/apps/user_ldap/lib/User_LDAP.php
@@ -304,7 +304,8 @@ public function getUsers($search = '', $limit = 10, $offset = 0) {
 	 * @throws \OC\ServerNotAvailableException
 	 */
 	public function userExistsOnLDAP($user, bool $ignoreCache = false): bool {
-		if (is_string($user)) {
+                // in case it is just an integer (is_string(int) returns false
+		if (is_string($user) || is_numeric($user)) {
 			$user = $this->access->userManager->get($user);
 		}
 		if (is_null($user)) {
@@ -645,7 +646,8 @@ public function createUser($username, $password) {
 				if (is_string($dn)) {
 					// the NC user creation work flow requires a know user id up front
 					$uuid = $this->access->getUUID($dn, true);
-					if (is_string($uuid)) {
+					// not sure if UUID could ever be just a number
+					if (is_string($uuid) || is_numeric($uuid)) {
 						$this->access->mapAndAnnounceIfApplicable(
 							$this->access->getUserMapper(),
 							$dn,

From 25ad28c1d5c2340f3dad1c372f7def7780e89584 Mon Sep 17 00:00:00 2001
From: Alexie Papanicolaou <alpapan@gmail.com>
Date: Wed, 14 Dec 2022 14:32:57 +1100
Subject: [PATCH 2/2] Changes for #35701

---
 apps/user_ldap/lib/Configuration.php           | 2 +-
 apps/user_ldap/lib/Mapping/AbstractMapping.php | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/apps/user_ldap/lib/Configuration.php b/apps/user_ldap/lib/Configuration.php
index 82d2ec1fe508c..3b05f23a24f48 100644
--- a/apps/user_ldap/lib/Configuration.php
+++ b/apps/user_ldap/lib/Configuration.php
@@ -332,7 +332,7 @@ protected function setMultiLine(string $varName, $value): void {
 		} else {
 			$finalValue = [];
 			foreach ($value as $key => $val) {
-				if (is_string($val) || is_numeric($int)) {
+				if (is_string($val) || is_numeric($val)) {
 					$val = trim($val);
 					if ($val !== '') {
 						//accidental line breaks are not wanted and can cause
diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php
index 5bd009fbf443e..8fbad6aae3a6e 100644
--- a/apps/user_ldap/lib/Mapping/AbstractMapping.php
+++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php
@@ -192,8 +192,7 @@ public function setUUIDbyDN($uuid, $fdn): bool {
 	 */
 	protected function getDNHash(string $fdn): string {
 		$hash = hash('sha256', $fdn, false);
-		// very rare but a hash could just be numbers? is_string(int) would return false
-		if (is_string($hash) || is_numeric($hash)) {
+		if (is_string($hash)) {
 			return $hash;
 		} else {
 			throw new \RuntimeException('hash function did not return a string');