From d579c76e9042c701a42bb22b5545a8e1f0118612 Mon Sep 17 00:00:00 2001
From: Jan Schneider <jan@horde.org>
Date: Mon, 20 Sep 2010 11:22:35 +0200
Subject: [PATCH] Properly catch and re-throw bind errors from Horde_Ldap.

---
 framework/Auth/lib/Horde/Auth/Ldap.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/framework/Auth/lib/Horde/Auth/Ldap.php b/framework/Auth/lib/Horde/Auth/Ldap.php
index 97c3946e9..d8dce3ef7 100644
--- a/framework/Auth/lib/Horde/Auth/Ldap.php
+++ b/framework/Auth/lib/Horde/Auth/Ldap.php
@@ -218,13 +218,13 @@ class Horde_Auth_Ldap extends Horde_Auth_Base
         $dn = $this->_findDN($userId);
 
         /* Attempt to bind to the LDAP server as the user. */
-        $bind = clone $this->_ldap;
         try {
-            if (!$bind->bind($dn, $credentials['password'])) {
-                throw new Horde_Auth_Exception('', Horde_Auth::REASON_FAILED);
-            }
+            $this->_ldap->bind($dn, $credentials['password']);
         } catch (Horde_Ldap_Exception $e) {
-            throw new Horde_Auth_Exception('', Horde_Auth::REASON_FAILED);
+            if (Horde_Ldap::errorName($e->getCode() == 'LDAP_INVALID_CREDENTIALS')) {
+                throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN);
+            }
+            throw new Horde_Auth_Exception($e->getMessage(), Horde_Auth::REASON_MESSAGE);
         }
 
         if ($this->_params['password_expiration'] == 'yes') {
-- 
2.11.0