--- imap/global.c.old	2007-06-25 21:10:55.000000000 +0200
+++ imap/global.c	2007-06-28 21:57:45.000000000 +0200
@@ -364,13 +364,13 @@ char *canonify_userid(char *user, char *
 	const char *uri;
 	const char *base;
 	const char *binddn;
-	const char *bindpw;
+	struct berval bindpw;
 	struct timeval timeout;
 	char filter[255];
 	LDAP *handle;
 	LDAPMessage *res;
 	LDAPMessage *entry;
-	char ** vals;
+	struct berval ** vals;
 
 	int rc;
 
@@ -395,7 +395,8 @@ char *canonify_userid(char *user, char *
 			uri = config_getstring(IMAPOPT_LDAP_URI);
 			base = config_getstring(IMAPOPT_LDAP_BASE);
 			binddn = config_getstring(IMAPOPT_LDAP_BIND_DN);
-			bindpw = config_getstring(IMAPOPT_LDAP_PASSWORD);
+			bindpw.bv_val = (char *) config_getstring(IMAPOPT_LDAP_PASSWORD);
+			bindpw.bv_len = strlen(bindpw.bv_val);
 			timeout.tv_sec = config_getint(IMAPOPT_LDAP_TIME_LIMIT);
 			timeout.tv_usec = 0;
 			sprintf(filter, "(uid=%s)", user);
@@ -403,33 +404,33 @@ char *canonify_userid(char *user, char *
 			if (rc != LDAP_SUCCESS) {
 				syslog(LOG_ERR, "ldap_initialize failed (%s)", uri);
 			} else {
-				rc = ldap_simple_bind_s(handle, binddn, bindpw);
+				rc = ldap_sasl_bind_s(handle, binddn, LDAP_SASL_SIMPLE, &bindpw, NULL, NULL, NULL);
 				if (rc != LDAP_SUCCESS) {
-					syslog(LOG_ERR, "ldap_simple_bind() failed %d (%s)", rc, ldap_err2string(rc));
+					syslog(LOG_ERR, "ldap_sasl_bind_s() failed %d (%s)", rc, ldap_err2string(rc));
 				} else {
-					rc = ldap_search_st(handle, base, LDAP_SCOPE_SUBTREE, filter, NULL, 0, &timeout, &res);
+					rc = ldap_search_ext_s(handle, base, LDAP_SCOPE_SUBTREE, filter, NULL, 0, NULL, NULL, &timeout, 0, &res);
 						if (rc != LDAP_SUCCESS) {
 							syslog(LOG_ERR, "ldap_search_st failed %d (%s)", rc, ldap_err2string(rc));
 						} else {
 							if ( (entry = ldap_first_entry(handle, res)) != NULL ) {
 								// read mail attribute from entry
-								if ( (vals = ldap_get_values(handle, entry, "mail")) ) {
-									if (strchr(vals[0], '@')) {
+								if ( (vals = ldap_get_values_len(handle, entry, "mail")) ) {
+									if (strchr((*vals)->bv_val, '@')) {
 										static char buf[81]; /* same size as in auth_canonifyid */
-										strncpy( buf, vals[0], sizeof(buf) );
+										strncpy( buf, (*vals)->bv_val, sizeof(buf) );
 										buf[80] = '\0'; /* make sure it's null-terminated */
-										ldap_value_free( vals );
+										ldap_value_free_len( vals );
 										ldap_msgfree( res );
-										ldap_unbind_s(handle); /* also frees handle */
+										ldap_unbind_ext_s(handle, NULL, NULL); /* also frees handle */
 										return auth_canonifyid( buf, 0) ;
 									}
-									ldap_value_free( vals );
+									ldap_value_free_len( vals );
 								}                
 							}
 							ldap_msgfree( res );
 						}
 				}
-				ldap_unbind_s(handle); /* also frees handle */
+				ldap_unbind_ext_s(handle, NULL, NULL); /* also frees handle */
 			}
 		}
 	if (domain) {