Skip to content
Permalink
Browse files Browse the repository at this point in the history
Prevent the LDAP validator from accepting an empty password.
  • Loading branch information
skinkie committed Feb 11, 2014
1 parent dc1f76f commit fbda667
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion cherokee/validator_ldap.c
Expand Up @@ -335,7 +335,8 @@ cherokee_validator_ldap_check (cherokee_validator_ldap_t *ldap,
/* Sanity checks
*/
if ((conn->validator == NULL) ||
cherokee_buffer_is_empty (&conn->validator->user))
cherokee_buffer_is_empty (&conn->validator->user) ||
cherokee_buffer_is_empty (&conn->validator->passwd))
return ret_error;

size = cherokee_buffer_cnt_cspn (&conn->validator->user, 0, "*()");
Expand Down

0 comments on commit fbda667

Please sign in to comment.