+ Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d BIND dn=\"%s\" method=%ld\n",
+ op->o_connid, op->o_opid, ndn, (unsigned long) method, 0 );
+
+ if ( version < LDAP_VERSION_MIN || version > LDAP_VERSION_MAX ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+ "do_bind: conn %d unknown version = %ld\n",
+ conn->c_connid, (unsigned long)version ));
+#else
+ Debug( LDAP_DEBUG_ANY, "do_bind: unknown version=%ld\n",
+ (unsigned long) version, 0, 0 );
+#endif
+ send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
+ NULL, "requested protocol version not supported", NULL, NULL );
+ goto cleanup;
+
+ } else if (( global_disallows & SLAP_DISALLOW_BIND_V2 ) &&
+ version < LDAP_VERSION3 )
+ {
+ send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
+ NULL, "requested protocol version not allowed", NULL, NULL );
+ goto cleanup;
+ }
+
+ /* we set connection version regardless of whether bind succeeds
+ * or not.
+ */
+ ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ conn->c_protocol = version;
+ ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+
+ if ( method == LDAP_AUTH_SASL ) {
+ char *edn;
+ slap_ssf_t ssf = 0;
+
+ if ( version < LDAP_VERSION3 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+ "do_bind: conn %d sasl with LDAPv%ld\n",
+ conn->c_connid, (unsigned long)version ));
+#else
+ Debug( LDAP_DEBUG_ANY, "do_bind: sasl with LDAPv%ld\n",
+ (unsigned long) version, 0, 0 );
+#endif
+ send_ldap_disconnect( conn, op,
+ LDAP_PROTOCOL_ERROR, "SASL bind requires LDAPv3" );
+ rc = SLAPD_DISCONNECT;
+ goto cleanup;
+ }
+
+ if( mech == NULL || *mech == '\0' ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+ "do_bind: conn %d no SASL mechanism provided\n",
+ conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "do_bind: no sasl mechanism provided\n",
+ 0, 0, 0 );
+#endif
+ send_ldap_result( conn, op, rc = LDAP_AUTH_METHOD_NOT_SUPPORTED,
+ NULL, "no SASL mechanism provided", NULL, NULL );
+ goto cleanup;
+ }