From ad3a3b2c52a241fdfd6905541d30e8d7a3794dd8 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Wed, 10 Jun 2015 08:24:00 +0200
Subject: [PATCH] allow to add additional authentication before ldap

---
 op/op.Login.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/op/op.Login.php b/op/op.Login.php
index 4287b64b9..2c460f6bc 100644
--- a/op/op.Login.php
+++ b/op/op.Login.php
@@ -66,6 +66,8 @@ if($settings->_enableGuestLogin && (int) $settings->_guestID) {
 	}
 }
 
+$user = false;
+
 //
 // LDAP Sign In
 //
@@ -74,8 +76,7 @@ if($settings->_enableGuestLogin && (int) $settings->_guestID) {
  * if authentication against ldap succeeds.
  * _ldapHost will only have a value if the ldap connector has been enabled
  */
-$user = false;
-if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
+if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
 	if (isset($settings->_ldapPort) && is_int($settings->_ldapPort)) {
 		$ds = ldap_connect($settings->_ldapHost, $settings->_ldapPort);
 	} else {