From 625aef4718e49b768e4ba7b8f499da77b4711b94 Mon Sep 17 00:00:00 2001
From: David Anderson <davea@ssl.berkeley.edu>
Date: Sun, 19 Oct 2014 09:32:59 -0700
Subject: [PATCH] LDAP auth: bug fix

---
 html/user/lookup_account.php | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/html/user/lookup_account.php b/html/user/lookup_account.php
index f35847d6c9..67e53c6613 100644
--- a/html/user/lookup_account.php
+++ b/html/user/lookup_account.php
@@ -76,12 +76,11 @@ if (LDAP_HOST && $ldap_auth) {
 
     // if the given password hash matches (auth+email), accept it
     //
-    if ($user->passwd_hash == $passwd_hash || $auth_hash == $passwd_hash) {
-        echo "<account_out>\n";
-        echo "<authenticator>$user->authenticator</authenticator>\n";
-        echo "</account_out>\n";
-    } else {
+    if ($user->passwd_hash != $passwd_hash && $auth_hash != $passwd_hash) {
         xml_error(ERR_BAD_PASSWD);
     }
 }
+echo "<account_out>\n";
+echo "<authenticator>$user->authenticator</authenticator>\n";
+echo "</account_out>\n";
 ?>