File 0002-auth-Fix-default-SASL-bind-for-LDAP.patch of Package dovecot22.3550

From adb497977f0719bb75df2afcf4932125d107de4b Mon Sep 17 00:00:00 2001
From: "Matwey V. Kornilov" <matwey.kornilov@gmail.com>
Date: Wed, 21 Sep 2016 10:55:47 +0300
Subject: [PATCH 2/2] auth: Fix default SASL bind for LDAP

User may configure Dovecot to use SASL bind as default bind method.  This can
be the case when ldapi:/// (or ldaps:///) with SASL EXTERNAL is used.
Currently, Dovecot returns LDAP connection to wrong bind state after first
successful auth bind, LDAP simple bind always used to rebind.  This may broke
setup when ACL in LDAP configured not to allow search/bind for such simple
bind.
---
 src/auth/db-ldap.c | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

Index: dovecot-2.2.13/src/auth/db-ldap.c
===================================================================
--- dovecot-2.2.13.orig/src/auth/db-ldap.c
+++ dovecot-2.2.13/src/auth/db-ldap.c
@@ -1022,7 +1022,7 @@ static int db_ldap_bind_sasl(struct ldap
 }
 #endif
 
-static int db_ldap_bind(struct ldap_connection *conn)
+static int db_ldap_bind_simple(struct ldap_connection *conn)
 {
 	int msgid;
 
@@ -1051,6 +1051,19 @@ static int db_ldap_bind(struct ldap_conn
 	return 0;
 }
 
+static int db_ldap_bind(struct ldap_connection *conn)
+{
+	if (conn->set.sasl_bind) {
+		if (db_ldap_bind_sasl(conn) < 0)
+			return -1;
+	} else {
+		if (db_ldap_bind_simple(conn) < 0)
+			return -1;
+	}
+
+	return 0;
+}
+
 static void db_ldap_get_fd(struct ldap_connection *conn)
 {
 	int ret;
@@ -1204,13 +1217,9 @@ int db_ldap_connect(struct ldap_connecti
 #endif
 	}
 
-	if (conn->set.sasl_bind) {
-		if (db_ldap_bind_sasl(conn) < 0)
-			return -1;
-	} else {
-		if (db_ldap_bind(conn) < 0)
-			return -1;
-	}
+	if (db_ldap_bind(conn) < 0)
+		return -1;
+
 	if (debug) {
 		if (gettimeofday(&end, NULL) == 0) {
 			int msecs = timeval_diff_msecs(&end, &start);