From 63a8570a423a90c2eab0429722a67b64159029f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Deruss=C3=A9?= <jeremy@derusse.com>
Date: Wed, 2 Sep 2020 10:51:13 +0200
Subject: [PATCH] Add a warning comment on ldap empty password

---
 src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php b/src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php
index 65fef964a4..afe3e48f6e 100644
--- a/src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php
+++ b/src/Symfony/Component/Ldap/Adapter/ExtLdap/Connection.php
@@ -50,6 +50,8 @@ class Connection extends AbstractConnection
 
     /**
      * {@inheritdoc}
+     *
+     * @param string $password WARNING: When the LDAP server allows unauthenticated binds, a blank $password will always be valid.
      */
     public function bind($dn = null, $password = null)
     {