From 97a992b700142f69afd484b7d80dc15233586f45 Mon Sep 17 00:00:00 2001
From: Prune <prune@lecentre.net>
Date: Thu, 27 Feb 2014 10:18:54 -0500
Subject: [PATCH] Update ngx_http_auth_ldap_module.c

added a rebind as privileged user in the same function as the user bind to reset the connextion to a usable state
---
 ngx_http_auth_ldap_module.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c
index 3ed2049..ac34845 100644
--- a/ngx_http_auth_ldap_module.c
+++ b/ngx_http_auth_ldap_module.c
@@ -1957,6 +1957,17 @@ ngx_http_auth_ldap_check_bind(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t *c
             ctx->c->msgid);
         ctx->c->state = STATE_BINDING;
         ctx->iteration++;
+        
+	// added by prune - 20140227
+	// we have to rebind THIS SAME connection as admin user or the next search could be
+	// made as non privileged user
+	// see https://github.com/kvspb/nginx-auth-ldap/issues/36
+	// this is quick and dirty patch
+        int rebind_msgid;
+        cred.bv_val = (char *) ctx->server->bind_dn_passwd.data;
+        cred.bv_len = ctx->server->bind_dn_passwd.len;
+        rc = ldap_sasl_bind(ctx->c->ld,(const char *) ctx->server->bind_dn.data, LDAP_SASL_SIMPLE, &cred, NULL, NULL, &rebind_msgid);
+        
         return NGX_AGAIN;
     }