idassert also in case of SASL mechs that do not set authcId

CHANGES

@@ -5,6 +5,7 @@ OpenLDAP 2.3.39 Engineering
 	Fixed slapd password_hash config order (ITS#5082)
 	Fixed slapd slap_mods_check bug (ITS#5119)
 	Fixed slapd-bdb DB_CONFIG conversion bug (ITS#5118)
+	Fixed slapd-ldap SASL idassert w/o autchId
 	Fixed slapd-sql concurrency issue (ITS#5095)
 	Fixed slapo-pcache and -rwm interaction fix (ITS#4991) 
 	Fixed slapo-rwm modlist handling (ITS#5124)

servers/slapd/back-ldap/bind.c

@@ -2133,7 +2133,8 @@ ldap_back_proxy_authz_ctrl(
 	 * but if it is not set this test fails.  We need a different
 	 * means to detect if idassert is enabled */
 	if ( ( BER_BVISNULL( &si->si_bc.sb_authcId ) || BER_BVISEMPTY( &si->si_bc.sb_authcId ) )
-			&& ( BER_BVISNULL( &si->si_bc.sb_binddn ) || BER_BVISEMPTY( &si->si_bc.sb_binddn ) ) )
+		&& ( BER_BVISNULL( &si->si_bc.sb_binddn ) || BER_BVISEMPTY( &si->si_bc.sb_binddn ) )
+		&& BER_BVISNULL( &si->si_bc.sb_saslmech ) )
 	{
 		goto done;
 	}