From 0cc5705cbd6eb18fd3dbdf633f148ec21c685bc0 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Thu, 19 Oct 2017 16:05:07 +0200
Subject: [PATCH 1/3] ldap_backend: fail login if attribute retrieval fails
 (#19482)

---
 src/authentic2/backends/ldap_backend.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/authentic2/backends/ldap_backend.py b/src/authentic2/backends/ldap_backend.py
index 80f1baa..7b87eaf 100644
--- a/src/authentic2/backends/ldap_backend.py
+++ b/src/authentic2/backends/ldap_backend.py
@@ -193,7 +193,7 @@ class LDAPUser(get_user_model()):
 
     def get_attributes(self):
         conn = self.get_connection()
-        return self.ldap_backend.get_ldap_attributes(self.block, conn, self.dn)
+        return self.ldap_backend.get_ldap_attributes(self.block, conn, self.dn) or {}
 
     def save(self, *args, **kwargs):
         if hasattr(self, 'keep_pk'):
@@ -676,7 +676,7 @@ class LDAPBackend(object):
             results = conn.search_s(dn, ldap.SCOPE_BASE, '(objectclass=*)', attributes)
         except ldap.LDAPError:
             log.exception('unable to retrieve attributes of dn %r', dn)
-            return {}
+            return None
         attribute_map = cls.normalize_ldap_results(results[0][1])
         # add mandatory attributes
         for key, mandatory_values in mandatory_attributes_values.iteritems():
-- 
2.1.4