From 1254c4592597e462fe276e0c62ea8f7e52e686e3 Mon Sep 17 00:00:00 2001
From: Alexandru Bagu <alexandru.bagu@gmail.com>
Date: Fri, 25 Jul 2025 19:29:46 +0300
Subject: [PATCH 1/2] Update ngx_http_auth_ldap_module.c

Wake up connection once we have search results
---
 ngx_http_auth_ldap_module.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c
index 031390e..2a1306e 100644
--- a/ngx_http_auth_ldap_module.c
+++ b/ngx_http_auth_ldap_module.c
@@ -2029,6 +2029,7 @@ ngx_http_auth_ldap_read_handler(ngx_event_t *rev)
                     if (ber != NULL) {
                         ber_free(ber, 0);
                     }
+                    ngx_http_auth_ldap_reply_connection(c, 0, NULL);
                 } else if (ldap_msgtype(result) == LDAP_RES_SEARCH_RESULT) {
                     ngx_log_error(NGX_LOG_INFO, c->log, 0, "ngx_http_auth_ldap_read_handler: Cnx[%d] Received search result (%d: %s [%s])",
                         c->cnx_idx, error_code, ldap_err2string(error_code), error_msg ? error_msg : "-");

From 165aa98335a3d5051e2342b89f16696462675dd3 Mon Sep 17 00:00:00 2001
From: Alexandru Bagu <alexandru.bagu@gmail.com>
Date: Fri, 25 Jul 2025 19:55:43 +0300
Subject: [PATCH 2/2] Update ngx_http_auth_ldap_module.c

Return 401 if we timed out the connection to allow another login attempt (invalid credentials will trigger a timeout)
---
 ngx_http_auth_ldap_module.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c
index 2a1306e..972fee9 100644
--- a/ngx_http_auth_ldap_module.c
+++ b/ngx_http_auth_ldap_module.c
@@ -2526,6 +2526,7 @@ ngx_http_auth_ldap_authenticate(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t
 
     if (r->connection->write->timedout) {
         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "ngx_http_auth_ldap_authenticate: Authentication timed out");
+	r->connection->write->timedout = 0;
         if (ctx->c != NULL) {
             if (ctx->server && ctx->server->clean_on_timeout) {
                 // Authentication response timeouted => Close and clean the corresponding LDAP connection
@@ -2547,7 +2548,7 @@ ngx_http_auth_ldap_authenticate(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t
             ngx_queue_remove(&ctx->queue);
         }
 
-        return NGX_ERROR;
+        return 401;
     }
 
     /*