bug #39261 [Security] fix #39249, default entry_point compiler pass was returning too early (romaricdrigon)

chalasr · chalasr · commit 0b48115fed22 · 2020-12-01T10:40:15.000+01:00
This PR was merged into the 5.2 branch. Discussion ---------- [Security] fix #39249, default entry_point compiler pass was returning too early | Q | A | ------------- | --- | Branch? | 5.2 (bug introduced in 5.2.0, after RC2) | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix #39249 | License | MIT | Doc PR | N/A A `return` instead of `continue` was making compiler pass return after the first firewall. Hence subsequents firewalls never had a default entrypoint set. This issue would occur with all firewalls, with any type of authenticator, though I saw it first with `http_basic` - because it is a bit more opaque and harder to debug. Commits ------- c377805 [Security] fix #39249, default entry_point compiler pass was returning too early
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/RegisterEntryPointPass.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/RegisterEntryPointPass.php
@@ -50,7 +50,7 @@ public function process(ContainerBuilder $container)
             }
 
             if (!$entryPoints) {
-                return;
+                continue;
             }
 
             $config = $container->getDefinition('security.firewall.map.config.'.$firewallName);

Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,7 @@ public function process(ContainerBuilder $container)`
`50`	`50`	`}`
`51`	`51`
`52`	`52`	`if (!$entryPoints) {`
`53`		`- return;`
	`53`	`+ continue;`
`54`	`54`	`}`
`55`	`55`
`56`	`56`	`$config = $container->getDefinition('security.firewall.map.config.'.$firewallName);`