From d2b89fb7fc03481b93bb287f15eede6680f556af Mon Sep 17 00:00:00 2001
From: ritt <stefan.ritt@psi.ch>
Date: Thu, 10 Feb 2022 17:47:12 +0100
Subject: [PATCH] Check for empty password in LDAP authentication

---
 src/auth.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/auth.c b/src/auth.c
index a049076a..77f4eed5 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -258,8 +258,14 @@ int auth_verify_password_ldap(LOGBOOK *lbs, const char *user, const char *passwo
    
    ldap_ld = NULL;
    memset(&ldap_bindDN[0], 0, sizeof(ldap_bindDN));
-   
-   if(!ldap_init(lbs,error_str,error_size)) {
+
+   if (!strcmp(password, "")) {
+      strlcpy(error_str, "<b>LDAP authentication failed, no password provided</b>", error_size);
+      write_logfile(lbs, "LDAP authentication failed, no password provided");
+      return FALSE;
+   }
+
+   if (!ldap_init(lbs,error_str, error_size)) {
       strlcpy(error_str, "<b>LDAP initialization error</b><br>", error_size);
       strlcat(error_str, "<br>Please check your LDAP configuration.", error_size);
       return FALSE;