From dd80dce4110fec321d23d7536dba069d10bd7014 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Mon, 30 Jul 2007 01:05:28 +0000
Subject: [PATCH] Provide a configuration option that makes it possible for the administrator to control whether responses to failed bind operations include an error message that explains the problem.  By default, failed bind operations will return a response that indicates the operation failed, but will not include any error message (although it will be written to the access log).  However, if the administrator decides that the benefit of providing this information to the client outweighs any potential security risk, then this option may be used to include that message in the response to the client as well as having it written to the access log.

---
 opends/src/server/org/opends/server/core/BindOperationBasis.java |   17 ++++++++++++-----
 1 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/BindOperationBasis.java b/opends/src/server/org/opends/server/core/BindOperationBasis.java
index 94dba4d..58e39e5 100644
--- a/opends/src/server/org/opends/server/core/BindOperationBasis.java
+++ b/opends/src/server/org/opends/server/core/BindOperationBasis.java
@@ -516,16 +516,23 @@
    */
   public final void setAuthFailureReason(int id, String reason)
   {
-    if (id < 0)
+    if (DirectoryServer.returnBindErrorMessages())
     {
-      authFailureID = 0;
+      appendErrorMessage(reason);
     }
     else
     {
-      authFailureID = id;
-    }
+      if (id < 0)
+      {
+        authFailureID = 0;
+      }
+      else
+      {
+        authFailureID = id;
+      }
 
-    authFailureReason = reason;
+      authFailureReason = reason;
+    }
   }
 
   /**

--
Gitblit v1.10.0