diff -Naur openca-ocspd-1.7.0.orig/src/hash-db.c openca-ocspd-1.7.0.new/src/hash-db.c
--- openca-ocspd-1.7.0.orig/src/hash-db.c	2013-02-20 14:08:37.959103608 +0100
+++ openca-ocspd-1.7.0.new/src/hash-db.c	2013-02-20 16:36:05.511726770 +0100
@@ -127,6 +127,8 @@
 	LDAP	*ld = NULL;
 	int	protocol = -1;
 	int	ret = 0;
+	char * cp = NULL;
+	struct berval bv;
 
 	
         (void) signal( SIGPIPE, SIG_IGN );
@@ -144,11 +146,23 @@
 	if(ocspd_conf->verbose)
 		syslog( LOG_INFO, "INFO::Connecting to LDAP (%s)", url->addr );
 
-	if (( ld = ldap_init( url->addr, url->port )) == NULL ) {
-		syslog( LOG_ERR, "ERROR::ldap_init failure!");
+	cp = malloc(strlen(url->addr) + 14);
+
+	if (!cp) {
+		syslog( LOG_ERR, "ERROR::No memory for LDAP url");
+		return NULL;
+	}
+
+	sprintf(cp, "ldap://%s:%d", url->addr, url->port);
+
+	if (ldap_initialize(&ld, cp) != LDAP_SUCCESS) {
+		free(cp);
+		syslog( LOG_ERR, "ERROR::ldap_initialize failure!");
 		return NULL;
 	}
 
+	free(cp);
+
 	if(ocspd_conf->verbose)
 		syslog( LOG_INFO, "INFO::Connection established (%s)",
 			url->addr );
@@ -159,13 +173,16 @@
 						!= LDAP_OPT_SUCCESS ) {
 		syslog( LOG_ERR, "ERROR::Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
                                  protocol );
-		ldap_unbind(ld);
+		ldap_unbind_ext(ld, NULL, NULL);
 		return(NULL);
 	}
 
-	if ( (ret = ldap_bind_s( ld, url->usr, url->pwd, LDAP_AUTH_SIMPLE )) 
-			!= LDAP_SUCCESS ) {
-		syslog( LOG_ERR, "ERROR::ldap_bind_s failure (%s:%d) [%d]",
+	bv.bv_len = strlen(url->pwd);
+	bv.bv_val = url->pwd;
+
+	if ((ret = ldap_sasl_bind_s(ld, url->usr, LDAP_SASL_SIMPLE, &bv,
+	    NULL, NULL, NULL)) != LDAP_SUCCESS) {
+		syslog( LOG_ERR, "ERROR::ldap_sasl_bind_s failure (%s:%d) [%d]",
 		     url->addr, url->port, ret );
 		return NULL;
 	}
@@ -199,9 +216,8 @@
 	}
 
 	/* We search for the exact match, so LDAP_SCOPE_BASE is used here */
-	if (( rc = ldap_search_s( ld, url->dn, LDAP_SCOPE_BASE,
-			filter, attrs, 0, &res )) != LDAP_SUCCESS ) {
-
+	if ((rc = ldap_search_ext_s(ld, url->dn, LDAP_SCOPE_BASE, filter,
+	    attrs, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &res)) != LDAP_SUCCESS) {
 		if ( rc != LDAP_NO_SUCH_OBJECT ) {
 			syslog( LOG_ERR, 
 				"LDAP: [%s] object not found", url->dn );
@@ -282,7 +298,7 @@
 
 end:
 	if(res) ldap_msgfree( res );
-	if(ld) ldap_unbind( ld );
+	if(ld) ldap_unbind_ext(ld, NULL, NULL);
 
 	if( ocspd_conf->verbose )
 		syslog( LOG_INFO, "INFO::LDAP::Successfully unbinded");
@@ -300,6 +316,7 @@
 	struct berval **vals = NULL;
 	LDAPMessage *res = NULL;
 	BIO	*membio = NULL;
+	struct berval bv;
 
 	X509_CRL *crl = NULL;
 
@@ -307,11 +324,14 @@
 		return NULL;
 	}
 
-	if ( (ret = ldap_bind_s( ld, url->usr, url->pwd, LDAP_AUTH_SIMPLE )) 
-			!= LDAP_SUCCESS ) {
-		syslog( LOG_ERR, "LDAP: ldap_bind_s failure (%s:%d) [%d]",
+	bv.bv_len = strlen(url->pwd);
+	bv.bv_val = url->pwd;
+
+	if ((ret = ldap_sasl_bind_s(ld, url->usr, LDAP_SASL_SIMPLE, &bv,
+	    NULL, NULL, NULL)) != LDAP_SUCCESS) {
+		syslog( LOG_ERR, "LDAP: ldap_sasl_bind_s failure (%s:%d) [%d]",
 		     url->addr, url->port, ret );
-		// ldap_perror( ld, "ldap_bind" );
+		// ldap_perror( ld, "ldap_sasl_bind_s" );
 		return NULL;
 	}
 
@@ -319,9 +339,8 @@
 		syslog( LOG_INFO, "INFO::LDAP::Successfully binded (%s)", url->dn);
 
 	/* We search for the exact match, so LDAP_SCOPE_BASE is used here */
-	if (( rc = ldap_search_s( ld, url->dn, LDAP_SCOPE_BASE,
-			filter, attrs, 0, &res )) != LDAP_SUCCESS ) {
-
+	if ((rc = ldap_search_ext_s(ld, url->dn, LDAP_SCOPE_BASE, filter,
+	    attrs, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &res)) != LDAP_SUCCESS) {
 		if ( rc != LDAP_NO_SUCH_OBJECT ) 
 			syslog( LOG_ERR, "ERROR::LDAP::[%s] NOT found", 
 				url->dn );
@@ -372,7 +391,7 @@
 
 end:
 	if(res) ldap_msgfree( res );
-	if(ld) ldap_unbind( ld );
+	if(ld) ldap_unbind_ext(ld, NULL, NULL);
 
 	if( ocspd_conf->verbose )
 		syslog( LOG_INFO, "INFO::LDAP::Successfully unbinded" );