+#ifdef SASL_CHANNEL_BINDING /* 2.1.25+ */
+ {
+ char cbinding[64];
+ struct berval cbv = { sizeof(cbinding), cbinding };
+ if ( ldap_pvt_tls_get_unique( ssl, &cbv, 0 )) {
+ sasl_channel_binding_t *cb = ldap_memalloc( sizeof(*cb) +
+ cbv.bv_len);
+ cb->name = "ldap";
+ cb->critical = 0;
+ cb->data = (char *)(cb+1);
+ cb->len = cbv.bv_len;
+ memcpy( cb->data, cbv.bv_val, cbv.bv_len );
+ sasl_setprop( ld->ld_defconn->lconn_sasl_authctx,
+ SASL_CHANNEL_BINDING, cb );
+ ld->ld_defconn->lconn_sasl_cbind = cb;
+ }
+ }
+#endif