5183f0
diff --git a/include/util_ldap.h b/include/util_ldap.h
5183f0
index f7cd736..f401e79 100644
5183f0
--- a/include/util_ldap.h
5183f0
+++ b/include/util_ldap.h
5183f0
@@ -32,7 +32,6 @@
5183f0
 #if APR_MAJOR_VERSION < 2
5183f0
 /* The LDAP API is currently only present in APR 1.x */
5183f0
 #include "apr_ldap.h"
5183f0
-#include "apr_ldap_rebind.h"
5183f0
 #else
5183f0
 #define APR_HAS_LDAP 0
5183f0
 #endif
5183f0
diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c
5183f0
index 08f986c..eecb3f7 100644
5183f0
--- a/modules/ldap/util_ldap.c
5183f0
+++ b/modules/ldap/util_ldap.c
5183f0
@@ -140,6 +140,38 @@ static int util_ldap_handler(request_rec *r)
5183f0
     return OK;
5183f0
 }
5183f0
 
5183f0
+/* For OpenLDAP with the 3-arg version of ldap_set_rebind_proc(), use
5183f0
+ * a simpler rebind callback than the implementation in APR-util.
5183f0
+ * Testing for API version >= 3001 appears safe although OpenLDAP
5183f0
+ * 2.1.x (API version = 2004) also has the 3-arg API. */
5183f0
+#if APR_HAS_OPENLDAP_LDAPSDK && defined(LDAP_API_VERSION) && LDAP_API_VERSION >= 3001
5183f0
+
5183f0
+#define uldap_rebind_init(p) APR_SUCCESS /* noop */
5183f0
+
5183f0
+static int uldap_rebind_proc(LDAP *ld, const char *url, ber_tag_t request,
5183f0
+                             ber_int_t msgid, void *params)
5183f0
+{
5183f0
+    util_ldap_connection_t *ldc = params;
5183f0
+
5183f0
+    return ldap_bind_s(ld, ldc->binddn, ldc->bindpw, LDAP_AUTH_SIMPLE);
5183f0
+}
5183f0
+
5183f0
+static apr_status_t uldap_rebind_add(util_ldap_connection_t *ldc)
5183f0
+{
5183f0
+    ldap_set_rebind_proc(ldc->ldap, uldap_rebind_proc, ldc);
5183f0
+    return APR_SUCCESS;
5183f0
+}
5183f0
+
5183f0
+#else /* !APR_HAS_OPENLDAP_LDAPSDK */
5183f0
+
5183f0
+#define USE_APR_LDAP_REBIND
5183f0
+#include <apr_ldap_rebind.h>
5183f0
+
5183f0
+#define uldap_rebind_init(p) apr_ldap_rebind_init(p)
5183f0
+#define uldap_rebind_add(ldc) apr_ldap_rebind_add((ldc)->rebind_pool, \
5183f0
+                                                  (ldc)->ldap, (ldc)->binddn, \
5183f0
+                                                  (ldc)->bindpw)
5183f0
+#endif
5183f0
 
5183f0
 
5183f0
 /* ------------------------------------------------------------------ */
5183f0
@@ -181,6 +213,13 @@ static apr_status_t uldap_connection_unbind(void *param)
5183f0
     util_ldap_connection_t *ldc = param;
5183f0
 
5183f0
     if (ldc) {
5183f0
+#ifdef USE_APR_LDAP_REBIND
5183f0
+        /* forget the rebind info for this conn */
5183f0
+        if (ldc->ChaseReferrals == AP_LDAP_CHASEREFERRALS_ON) {
5183f0
+            apr_pool_clear(ldc->rebind_pool);
5183f0
+        }
5183f0
+#endif
5183f0
+
5183f0
         if (ldc->ldap) {
5183f0
             if (ldc->r) { 
5183f0
                 ap_log_rerror(APLOG_MARK, APLOG_TRACE5, 0, ldc->r, "LDC %pp unbind", ldc); 
5183f0
@@ -189,12 +228,6 @@ static apr_status_t uldap_connection_unbind(void *param)
5183f0
             ldc->ldap = NULL;
5183f0
         }
5183f0
         ldc->bound = 0;
5183f0
-
5183f0
-        /* forget the rebind info for this conn */
5183f0
-        if (ldc->ChaseReferrals == AP_LDAP_CHASEREFERRALS_ON) {
5183f0
-            apr_ldap_rebind_remove(ldc->ldap);
5183f0
-            apr_pool_clear(ldc->rebind_pool);
5183f0
-        }
5183f0
     }
5183f0
 
5183f0
     return APR_SUCCESS;
5183f0
@@ -330,7 +363,7 @@ static int uldap_connection_init(request_rec *r,
5183f0
 
5183f0
     if (ldc->ChaseReferrals == AP_LDAP_CHASEREFERRALS_ON) {
5183f0
         /* Now that we have an ldap struct, add it to the referral list for rebinds. */
5183f0
-        rc = apr_ldap_rebind_add(ldc->rebind_pool, ldc->ldap, ldc->binddn, ldc->bindpw);
5183f0
+        rc = uldap_rebind_add(ldc);
5183f0
         if (rc != APR_SUCCESS) {
5183f0
             ap_log_error(APLOG_MARK, APLOG_ERR, rc, r->server, APLOGNO(01277)
5183f0
                     "LDAP: Unable to add rebind cross reference entry. Out of memory?");
5183f0
@@ -855,6 +888,7 @@ static util_ldap_connection_t *
5183f0
         /* whether or not to keep this connection in the pool when it's returned */
5183f0
         l->keep = (st->connection_pool_ttl == 0) ? 0 : 1;
5183f0
 
5183f0
+#ifdef USE_APR_LDAP_REBIND
5183f0
         if (l->ChaseReferrals == AP_LDAP_CHASEREFERRALS_ON) {
5183f0
             if (apr_pool_create(&(l->rebind_pool), l->pool) != APR_SUCCESS) {
5183f0
                 ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, APLOGNO(01286)
5183f0
@@ -865,6 +899,7 @@ static util_ldap_connection_t *
5183f0
                 return NULL;
5183f0
             }
5183f0
         }
5183f0
+#endif
5183f0
 
5183f0
         if (p) {
5183f0
             p->next = l;
5183f0
@@ -3051,7 +3086,7 @@ static int util_ldap_post_config(apr_pool_t *p, apr_pool_t *plog,
5183f0
     }
5183f0
 
5183f0
     /* Initialize the rebind callback's cross reference list. */
5183f0
-    apr_ldap_rebind_init (p);
5183f0
+    (void) uldap_rebind_init(p);
5183f0
 
5183f0
 #ifdef AP_LDAP_OPT_DEBUG
5183f0
     if (st->debug_level > 0) {