From fac6e6579776ec18969e93394e446890591d6c38 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Tue, 18 Mar 2014 09:20:03 +0000
Subject: [PATCH] LDAP search filter should not be an empty string

---
 authserv/ldap_model.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authserv/ldap_model.py b/authserv/ldap_model.py
index a3f7358..49c827f 100644
--- a/authserv/ldap_model.py
+++ b/authserv/ldap_model.py
@@ -57,7 +57,7 @@ class UserDb(model.UserDb):
             #
             if 'dn' in ldap_params:
                 base = ldap_params['dn'].replace('%s', escape_dn_chars(username))
-                filt = ldap_params.get('filter', '').replace('%s', escape_filter_chars(username))
+                filt = ldap_params.get('filter', '(objectClass=*)').replace('%s', escape_filter_chars(username))
                 scope = ldap.SCOPE_BASE
             else:
                 base = ldap_params['base'].replace('%s', escape_dn_chars(username))
-- 
GitLab