2 files changed, 32 insertions, 13 deletions

diff --git a/modules/extra/m_ldap.cpp b/modules/extra/m_ldap.cpp
index a2bbcf655..e6e65e85c 100644
--- a/modules/extra/m_ldap.cpp
+++ b/modules/extra/m_ldap.cpp
@@ -240,12 +240,16 @@ class LDAPService : public LDAPProvider, public Thread, public Condition
 			for (LDAPMessage *cur = ldap_first_message(this->con, result); cur; cur = ldap_next_message(this->con, cur))
 			{
 				int cur_type = ldap_msgtype(cur);
-				char *dn = ldap_get_dn(this->con, cur);
 
 				LDAPAttributes attributes;
 
+				char *dn = ldap_get_dn(this->con, cur);
 				if (dn != NULL)
+				{
 					attributes["dn"].push_back(dn);
+					ldap_memfree(dn);
+					dn = NULL;
+				}
 
 				switch (cur_type)
 				{
@@ -265,7 +269,10 @@ class LDAPService : public LDAPProvider, public Thread, public Condition
 						ldap_result->type = LDAPResult::QUERY_MODIFY;
 						break;
 					case LDAP_RES_SEARCH_RESULT:
-						break; /* Ignore this */
+						// If we get here and ldap_result->type is LDAPResult::QUERY_UNKNOWN
+						// then the result set is empty
+						ldap_result->type = LDAPResult::QUERY_SEARCH;
+						break;
 					default:
 						Log(LOG_DEBUG) << "m_ldap: Unknown msg type " << cur_type;
 						continue;
@@ -321,9 +328,6 @@ class LDAPService : public LDAPProvider, public Thread, public Condition
 				}
 
 				ldap_result->messages.push_back(attributes);
-
-				if (dn != NULL)
-					ldap_memfree(dn);
 			}
 
 			ldap_msgfree(result);
diff --git a/modules/extra/m_ldap_authentication.cpp b/modules/extra/m_ldap_authentication.cpp
index 8a42553e5..0f0593c34 100644
--- a/modules/extra/m_ldap_authentication.cpp
+++ b/modules/extra/m_ldap_authentication.cpp
@@ -57,17 +57,32 @@ class IdentifyInterface : public LDAPInterface
 		{
 			case LDAPResult::QUERY_SEARCH:
 			{
-				try
+				if (!r.empty())
 				{
-					const LDAPAttributes &attr = r.get(0);
-					ii->dn = attr.get("dn");
-					Log(LOG_DEBUG) << "m_ldap_authenticationn: binding as " << ii->dn;
-					LDAPQuery id = ii->lprov->Bind(this, ii->dn, ii->pass);
-					this->Add(id, ii);
+					try
+					{
+						const LDAPAttributes &attr = r.get(0);
+						ii->dn = attr.get("dn");
+						Log(LOG_DEBUG) << "m_ldap_authenticationn: binding as " << ii->dn;
+						LDAPQuery id = ii->lprov->Bind(this, ii->dn, ii->pass);
+						this->Add(id, ii);
+					}
+					catch (const LDAPException &ex)
+					{
+						Log() << "m_ldap_authentication: Error binding after search: " << ex.GetReason();
+						delete ii;
+					}
 				}
-				catch (const LDAPException &ex)
+				else
 				{
-		                        Log() << "m_ldap_authentication: Error binding after search: " << ex.GetReason();
+					User *u = ii->user;
+					Command *c = ii->command;
+
+					u->Extend("m_ldap_authentication_error", NULL);
+
+					c->Execute(ii->source, ii->params);
+
+					delete ii;
 				}
 				break;
 			}