+
+ } else {
+ *is_tls = 0;
+ }
+
+ return rc;
+}
+#endif /* HAVE_TLS */
+
+static int
+ldap_back_prepare_conn( struct ldapconn **lcp, Operation *op, SlapReply *rs, ldap_back_send_t sendok )
+{
+ struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ int vers = op->o_protocol;
+ LDAP *ld = NULL;
+#ifdef HAVE_TLS
+ int is_tls = op->o_conn->c_is_tls;
+#endif /* HAVE_TLS */
+
+ assert( lcp != NULL );
+
+ rs->sr_err = ldap_initialize( &ld, li->url );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ goto error_return;
+ }
+
+ /* Set LDAP version. This will always succeed: If the client
+ * bound with a particular version, then so can we.
+ */
+ ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, (const void *)&vers );
+
+ /* automatically chase referrals ("[dont-]chase-referrals" statement) */
+ if ( LDAP_BACK_CHASE_REFERRALS( li ) ) {
+ ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_ON );
+ }
+
+#ifdef HAVE_TLS
+ rs->sr_err = ldap_back_start_tls( ld,
+ op->o_protocol, &is_tls,
+ li->url, li->flags, &rs->sr_text );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ ldap_unbind_ext( ld, NULL, NULL );
+ goto error_return;