MDL-41304: Hide and handle LDAP error when user not in context being checked

diff --git a/lib/ldaplib.php b/lib/ldaplib.php
index 2312451..54bb661 100644 (file)
--- a/lib/ldaplib.php
+++ b/lib/ldaplib.php
@@ -247,9 +247,11 @@ function ldap_find_userdn($ldapconnection, $username, $contexts, $objectclass, $
         }
 
         if ($search_sub) {
-            $ldap_result = ldap_search($ldapconnection, $context,
-                                       '(&'.$objectclass.'('.$search_attrib.'='.ldap_filter_addslashes($username).'))',
-                                       array($search_attrib));
+            if (!$ldap_result = @ldap_search($ldapconnection, $context,
+                                           '(&'.$objectclass.'('.$search_attrib.'='.ldap_filter_addslashes($username).'))',
+                                           array($search_attrib))) {
+                break; // Not found in this context.
+            }
         } else {
             $ldap_result = ldap_list($ldapconnection, $context,
                                      '(&'.$objectclass.'('.$search_attrib.'='.ldap_filter_addslashes($username).'))',