Index: newpki-server-2.0.0/publication/ldap/src/publication_ldap.cpp
===================================================================
--- newpki-server-2.0.0.orig/publication/ldap/src/publication_ldap.cpp	2008-01-30 10:22:26.000000000 +0100
+++ newpki-server-2.0.0/publication/ldap/src/publication_ldap.cpp	2008-01-30 10:26:26.000000000 +0100
@@ -83,7 +83,7 @@
 
 	if(m_Connection)
 	{
-		ldap_unbind_s(m_Connection);
+		ldap_unbind_ext_s(m_Connection, NULL, NULL);
 		m_Connection = NULL;
 	}
 
@@ -94,8 +94,9 @@
 	const char * strPort;
 	unsigned int Port;
 	const char * Username;
-	const char * Password;
+	struct berval Password;
 	int protoVersion;
+	char * uri = NULL;
 
 	Server = Options.Get("Server");
 	strPort = Options.Get("Port");
@@ -112,19 +113,21 @@
 		return 0;
 	}
 	Username = Options.Get("Username");
-	Password = Options.Get("Password");
+	Password.bv_val = (char*)Options.Get("Password");
+	Password.bv_len = strlen(Password.bv_val);
 
 
 
 
-	m_Connection = ldap_init((char*)Server, Port);
+	asprintf(&uri, "ldap://%s:%u", (char*)Server, Port);
+	ldap_initialize(&m_Connection, uri);
 	if(!m_Connection)
 	{
 		LastError = ldap_err2string(LDAP_LAST_ERROR);
 		return 0;
 	}
 
-	LdapRet = ldap_bind_s(m_Connection, (char*)Username, (char*)Password, LDAP_AUTH_SIMPLE);
+	LdapRet = ldap_sasl_bind_s(m_Connection, (char*)Username, LDAP_SASL_SIMPLE, &Password, NULL, NULL, NULL);
 	if(LdapRet != LDAP_SUCCESS)
 	{
 		/* Wrong protocol version try another one */
@@ -135,7 +138,7 @@
 			if(LdapRet != LDAP_SUCCESS)
 			{
 				LastError = ldap_err2string(LdapRet);
-				ldap_unbind_s(m_Connection);
+				ldap_unbind_ext_s(m_Connection, NULL, NULL);
 				m_Connection = NULL;
 				return 0;
 			}
@@ -145,16 +148,16 @@
 			if(LdapRet != LDAP_SUCCESS)
 			{
 				LastError = ldap_err2string(LdapRet);
-				ldap_unbind_s(m_Connection);
+				ldap_unbind_ext_s(m_Connection, NULL, NULL);
 				m_Connection = NULL;
 				return 0;
 			}
 			/* Retry to connect */
-			LdapRet = ldap_bind_s(m_Connection, (char*)Username, (char*)Password, LDAP_AUTH_SIMPLE);
+			LdapRet = ldap_sasl_bind_s(m_Connection, (char*)Username, LDAP_SASL_SIMPLE, &Password, NULL, NULL, NULL);
 			if(LdapRet != LDAP_SUCCESS)
 			{
 				LastError = ldap_err2string(LdapRet);
-				ldap_unbind_s(m_Connection);
+				ldap_unbind_ext_s(m_Connection, NULL, NULL);
 				m_Connection = NULL;
 				return 0;
 			}
@@ -162,7 +165,7 @@
 		else
 		{
 			LastError = ldap_err2string(LdapRet);
-			ldap_unbind_s(m_Connection);
+			ldap_unbind_ext_s(m_Connection, NULL, NULL);
 			m_Connection = NULL;
 			return 0;
 		}
@@ -177,7 +180,7 @@
 	
 	if(m_Connection)
 	{
-		ldap_unbind_s(m_Connection);
+		ldap_unbind_ext_s(m_Connection, NULL, NULL);
 		m_Connection = NULL;
 	}
 	ERR_remove_state(0);
@@ -507,7 +510,7 @@
 	
 
 	*pMsg=NULL;
-	if((LdapRet = ldap_search_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, pMsg)) != LDAP_SUCCESS)
+	if((LdapRet = ldap_search_ext_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, pMsg)) != LDAP_SUCCESS)
 	{
 		if(*pMsg)
 		{
@@ -521,7 +524,7 @@
 				return 0;
 			}
 
-			if((LdapRet = ldap_search_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, pMsg)) != LDAP_SUCCESS)
+			if((LdapRet = ldap_search_ext_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, pMsg)) != LDAP_SUCCESS)
 			{
 				if(*pMsg)
 				{
@@ -628,7 +631,7 @@
 		mString::Encode("ISO-8859-1", "UTF-8", RDN, strRDN);
 
 
-	if((LdapRet = ldap_modify_s(m_Connection, (char*)strRDN.c_str(), Mods)) != LDAP_SUCCESS)
+	if((LdapRet = ldap_modify_ext_s(m_Connection, (char*)strRDN.c_str(), Mods, NULL, NULL)) != LDAP_SUCCESS)
 	{
 		if(LdapRet == LDAP_SERVER_DOWN)
 		{
@@ -637,7 +640,7 @@
 				return 0;
 			}
 
-			if((LdapRet = ldap_modify_s(m_Connection, (char*)strRDN.c_str(), Mods)) != LDAP_SUCCESS)
+			if((LdapRet = ldap_modify_ext_s(m_Connection, (char*)strRDN.c_str(), Mods, NULL, NULL)) != LDAP_SUCCESS)
 			{
 				LastError = ldap_err2string(LdapRet);
 				return 0;
@@ -684,7 +687,7 @@
 	char * Name;
 	LDAPMessage* currMsg;
 	char * attrName;
-	char ** attrValue;
+	struct berval ** attrValue;
 	BerElement* ptr;
 	int currNumMatch;
 	int maxNumMatch;
@@ -753,18 +756,18 @@
 					}
 					if( (pos = Dn.SeekEntryName(FixedName, HASHTABLE_NOT_FOUND)) != HASHTABLE_NOT_FOUND )
 					{
-						attrValue = ldap_get_values(m_Connection, currMsg, attrName);
+						attrValue = ldap_get_values_len(m_Connection, currMsg, attrName);
 						if(attrValue)
 						{
 							Value = Dn.Get(pos);
 							if(Value)
 							{
-								if(stricmp(Value, *attrValue) == 0)
+								if(stricmp(Value, attrValue[0]->bv_val) == 0)
 								{
 									currNumMatch++;
 								}
 							}
-							ldap_value_free(attrValue);
+							ldap_value_free_len(attrValue);
 						}
 					}
 					ldap_memfree(attrName);
Index: newpki-server-2.0.0/src/ClientLDAP.cpp
===================================================================
--- newpki-server-2.0.0.orig/src/ClientLDAP.cpp	2008-01-30 10:22:26.000000000 +0100
+++ newpki-server-2.0.0/src/ClientLDAP.cpp	2008-01-30 10:22:28.000000000 +0100
@@ -76,7 +76,7 @@
 {
 	if(m_Connection)
 	{
-		ldap_unbind_s(m_Connection);
+		ldap_unbind_ext_s(m_Connection, NULL, NULL);
 		m_Connection = NULL;
 	}
 }
@@ -105,7 +105,7 @@
 		strSearch = SearchString;
 
 	pMsg=NULL;
-	if((LdapRet = ldap_search_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, &pMsg)) != LDAP_SUCCESS)
+	if((LdapRet = ldap_search_ext_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &pMsg)) != LDAP_SUCCESS)
 	{
 		// Should we try to reconnect
 		switch(LdapRet)
@@ -118,7 +118,7 @@
 				}
 				ldap_set_option(m_Connection, LDAP_OPT_SIZELIMIT, (void *)&MaxResults);
 				ldap_set_option(m_Connection, LDAP_OPT_TIMELIMIT, (void *)&MaxTime);
-				if((LdapRet = ldap_search_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, &pMsg)) != LDAP_SUCCESS)
+				if((LdapRet = ldap_search_ext_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &pMsg)) != LDAP_SUCCESS)
 				{
 					NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
 					ERR_add_error_data(2, "ldap_search_s : ", ldap_err2string(LdapRet));
@@ -159,7 +159,7 @@
 	LdapResult newResult;
 	char * Name;
 	char * attrName;
-	char ** attrValue;
+	struct berval ** attrValue;
 	BerElement* ptr;
 
 	// The DN
@@ -183,7 +183,7 @@
 	{
 		if(!strstr(attrName, ";binary"))
 		{
-			attrValue = ldap_get_values(m_Connection, currMsg, attrName);
+			attrValue = ldap_get_values_len(m_Connection, currMsg, attrName);
 			if(attrValue)
 			{
 				// Did we already find the attribute UID and is this one
@@ -191,12 +191,12 @@
 				if(!newResult.get_uid().size() && m_ldap_attr_name == attrName)
 				{
 					if(m_utf8)
-						mString::Encode("UTF-8", "ISO-8859-1", *attrValue, newResult.get_uid());
+						mString::Encode("UTF-8", "ISO-8859-1", attrValue[0]->bv_val, newResult.get_uid());
 					else
-						newResult.set_uid(*attrValue);
+						newResult.set_uid(attrValue[0]->bv_val);
 				}
-				AddObject(newResult.get_objects(), attrName, *attrValue);
-				ldap_value_free(attrValue);
+				AddObject(newResult.get_objects(), attrName, attrValue[0]->bv_val);
+				ldap_value_free_len(attrValue);
 			}
 		}
 		ldap_memfree(attrName);
@@ -209,10 +209,12 @@
 {
 	LDAP_RC_TYPE LdapRet;
 	int protoVersion;
+	char *uri = NULL;
 
 	Disconnect();
 
-	m_Connection = ldap_init((char*)m_ldap_server.c_str(), m_ldap_port);
+	asprintf(&uri, "ldap://%s:%u", m_ldap_server.c_str(), m_ldap_port);
+	ldap_initialize(&m_Connection, uri);
 	if(!m_Connection)
 	{
 		NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
@@ -222,11 +224,14 @@
 
 	if(m_ldap_username.size())
 	{
-		LdapRet = ldap_bind_s(m_Connection, (char*)m_ldap_username.c_str(), (char*)m_ldap_password.c_str(), LDAP_AUTH_SIMPLE);
+		struct berval passwd;
+		passwd.bv_val = (char *)m_ldap_password.c_str();
+		passwd.bv_len = strlen(passwd.bv_val);
+		LdapRet = ldap_sasl_bind_s(m_Connection, (char*)m_ldap_username.c_str(), LDAP_SASL_SIMPLE, &passwd, NULL, NULL, NULL);
 	}
 	else
 	{
-		LdapRet = ldap_bind_s(m_Connection, NULL, NULL, LDAP_AUTH_SIMPLE);
+		LdapRet = ldap_sasl_bind_s(m_Connection, NULL, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL);
 	}
 
 	if(LdapRet != LDAP_SUCCESS)
@@ -256,16 +261,19 @@
 			/* Retry to connect */
 			if(m_ldap_username.size())
 			{
-				LdapRet = ldap_bind_s(m_Connection, (char*)m_ldap_username.c_str(), (char*)m_ldap_password.c_str(), LDAP_AUTH_SIMPLE);
+				struct berval passwd;
+				passwd.bv_val = (char *)m_ldap_password.c_str();
+				passwd.bv_len = strlen(passwd.bv_val);
+				LdapRet = ldap_sasl_bind_s(m_Connection, (char*)m_ldap_username.c_str(), LDAP_SASL_SIMPLE, &passwd, NULL, NULL, NULL);
 			}
 			else
 			{
-				LdapRet = ldap_bind_s(m_Connection, NULL, NULL, LDAP_AUTH_SIMPLE);
+				LdapRet = ldap_sasl_bind_s(m_Connection, NULL, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL);
 			}
 			if(LdapRet != LDAP_SUCCESS)
 			{
 				NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
-				ERR_add_error_data(2, "ldap_bind_s : ", ldap_err2string(LdapRet));
+				ERR_add_error_data(2, "ldap_sasl_bind_s : ", ldap_err2string(LdapRet));
 				Disconnect();
 				return false;
 			}
@@ -273,7 +281,7 @@
 		else
 		{
 			NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
-			ERR_add_error_data(2, "ldap_bind_s : ", ldap_err2string(LdapRet));
+			ERR_add_error_data(2, "ldap_sasl_bind_s : ", ldap_err2string(LdapRet));
 			Disconnect();
 			return false;
 		}
