From: LaMont Jones <lamont@debian.org>
Subject: Set default LDAP protocol version to 3
Forwarded: not-needed

--- postfix.orig/src/global/dict_ldap.c
+++ postfix/src/global/dict_ldap.c
@@ -1557,7 +1557,7 @@ DICT   *dict_ldap_open(const char *ldaps
     /*
      * Define LDAP Protocol Version.
      */
-    dict_ldap->version = cfg_get_int(dict_ldap->parser, "version", 2, 2, 0);
+    dict_ldap->version = cfg_get_int(dict_ldap->parser, "version", 3, 2, 0);
     switch (dict_ldap->version) {
     case 2:
 	dict_ldap->version = LDAP_VERSION2;
@@ -1566,9 +1566,9 @@ DICT   *dict_ldap_open(const char *ldaps
 	dict_ldap->version = LDAP_VERSION3;
 	break;
     default:
-	msg_warn("%s: %s Unknown version %d, using 2.", myname, ldapsource,
+	msg_warn("%s: %s Unknown version %d, using 3.", myname, ldapsource,
 		 dict_ldap->version);
-	dict_ldap->version = LDAP_VERSION2;
+	dict_ldap->version = LDAP_VERSION3;
     }
 
 #if defined(LDAP_API_FEATURE_X_OPENLDAP)
--- postfix.orig/proto/ldap_table
+++ postfix/proto/ldap_table
@@ -491,7 +491,7 @@
 # .IP "\fBchase_referrals (default: 0)\fR"
 #	Sets (or clears) LDAP_OPT_REFERRALS (requires LDAP version
 #	3 support).
-# .IP "\fBversion (default: 2)\fR"
+# .IP "\fBversion (default: 3)\fR"
 #	Specifies the LDAP protocol version to use.
 # .IP "\fBdebuglevel (default: 0)\fR"
 #	What level to set for debugging in the OpenLDAP libraries.