[QA] oc_appconfig stores passwords unencrypted #38989
Description
Seen in oc 10.8.0-beta2
#38728 encrypts mount passwords stored in the database. But there are more locations where passwords are stored unencrypted:
MariaDB [owncloud]> select * from oc_appconfig where configkey like '%pass%';
+-----------+------------------------+--------------+
| appid | configkey | configvalue |
+-----------+------------------------+--------------+
| user_ldap | s01ldap_agent_password | b3duY2xvdWQ= |
| user_ldap | s02ldap_agent_password | UEBzc3cwcmQ= |
+-----------+------------------------+--------------+
2 rows in set (0.005 sec)
These two are base64 encoded, and can be trivially converted back to their plain text representation (owncloud and P@ssw0rd)