From e1ac2a8edcd0d74d44cebc3136bb58379d4f440e Mon Sep 17 00:00:00 2001
From: Art Cancro <ajc@citadel.org>
Date: Tue, 22 Jun 2010 21:12:21 +0000
Subject: [PATCH] * LDAP auth - do not permit empty passwords

---
 citadel/ldap.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/citadel/ldap.c b/citadel/ldap.c
index 2e293276e..196254546 100644
--- a/citadel/ldap.c
+++ b/citadel/ldap.c
@@ -228,6 +228,11 @@ int CtdlTryPasswordLDAP(char *user_dn, const char *password)
 	LDAP *ldserver = NULL;
 	int i = (-1);
 
+	if (IsEmptyStr(password)) {
+		CtdlLogPrintf(CTDL_DEBUG, "LDAP: empty passwords are not permitted\n");
+		return(1);
+	}
+
 	CtdlLogPrintf(CTDL_DEBUG, "LDAP: trying to bind as %s\n", user_dn);
 	ldserver = ldap_init(config.c_ldap_host, config.c_ldap_port);
 	if (ldserver) {
-- 
2.30.2