Don't call PasswordUtil when the algorithm is null

coheigea · coheigea · commit a7425ca3f6db · 2026-05-14T11:04:17.000+01:00
diff --git a/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/ConfigurableHashingInterceptor.java b/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/ConfigurableHashingInterceptor.java
@@ -127,7 +127,7 @@ private void includeHashed( Attribute attribute ) throws LdapInvalidAttributeVal
             // check if the given field is already hashed
             LdapSecurityConstants existingAlgo = PasswordUtil.findAlgorithm( bytes );
             
-            if ( existingAlgo == null ) 
+            if ( existingAlgo == null && algorithm != null ) 
             {
                 // not already hashed, so hash it
                 values.add( PasswordUtil.createStoragePassword( bytes, algorithm ) );
diff --git a/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/PasswordHashingInterceptor.java b/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/PasswordHashingInterceptor.java
@@ -161,7 +161,7 @@ private Attribute includeHashedPassword( Attribute pwdAt ) throws LdapException
             LdapSecurityConstants existingAlgo = PasswordUtil.findAlgorithm( userPassword.getBytes() );
 
             // if there exists NO algorithm, then hash the password
-            if ( existingAlgo == null )
+            if ( existingAlgo == null && algorithm != null )
             {
                 byte[] hashedPassword = PasswordUtil.createStoragePassword( userPassword.getBytes(), algorithm );
 

Original file line number	Diff line number	Diff line change
`@@ -127,7 +127,7 @@ private void includeHashed( Attribute attribute ) throws LdapInvalidAttributeVal`
`127`	`127`	`// check if the given field is already hashed`
`128`	`128`	`LdapSecurityConstants existingAlgo = PasswordUtil.findAlgorithm( bytes );`
`129`	`129`
`130`		`- if ( existingAlgo == null )`
	`130`	`+ if ( existingAlgo == null && algorithm != null )`
`131`	`131`	`{`
`132`	`132`	`// not already hashed, so hash it`
`133`	`133`	`values.add( PasswordUtil.createStoragePassword( bytes, algorithm ) );`
Original file line number	Diff line number	Diff line change
`@@ -161,7 +161,7 @@ private Attribute includeHashedPassword( Attribute pwdAt ) throws LdapException`
`161`	`161`	`LdapSecurityConstants existingAlgo = PasswordUtil.findAlgorithm( userPassword.getBytes() );`
`162`	`162`
`163`	`163`	`// if there exists NO algorithm, then hash the password`
`164`		`- if ( existingAlgo == null )`
	`164`	`+ if ( existingAlgo == null && algorithm != null )`
`165`	`165`	`{`
`166`	`166`	`byte[] hashedPassword = PasswordUtil.createStoragePassword( userPassword.getBytes(), algorithm );`
`167`	`167`