enable use of asynchronous call to StartTLS

diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h
index 0c0e826bdd4e6984cb5b4b826ed7318b912b81c0..0a147799298913f501063bb227001c5611dbfe76 100644 (file)
--- a/servers/slapd/back-ldap/back-ldap.h
+++ b/servers/slapd/back-ldap/back-ldap.h
@@ -113,6 +113,9 @@ typedef enum ldap_back_send_t {
        LDAP_BACK_SENDRESULT            = (LDAP_BACK_SENDOK|LDAP_BACK_SENDERR)
 } ldap_back_send_t;
 
+/* define to use asynchronous StartTLS */
+#define SLAP_STARTTLS_ASYNCHRONOUS
+
 LDAP_END_DECL
 
 #include "proto-ldap.h"

diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c
index 1371f865e7f526cb49d18bf5669f341b748492d3..12d9e6d1473c40963f284ac5e78c2cb0eddb610a 100644 (file)
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -251,7 +251,7 @@ ldap_back_prepare_conn( struct ldapconn **lcp, Operation *op, SlapReply *rs, lda
        if ( ( LDAP_BACK_USE_TLS( li ) || ( op->o_conn->c_is_tls && LDAP_BACK_PROPAGATE_TLS( li ) ) )
                                && !ldap_is_ldaps_url( li->url ) )
        {
-#if 1
+#ifdef SLAP_STARTTLS_ASYNCHRONOUS
                /*
                 * use asynchronous StartTLS
                 * in case, chase referral (not implemented yet)
@@ -315,12 +315,12 @@ retry:;
                                ldap_msgfree( res );
                        }
                }
-#else
+#else /* ! SLAP_STARTTLS_ASYNCHRONOUS */
                /*
                 * use synchronous StartTLS
                 */
                rs->sr_err = ldap_start_tls_s( ld, NULL, NULL );
-#endif
+#endif /* ! SLAP_STARTTLS_ASYNCHRONOUS */
 
                /* if StartTLS is requested, only attempt it if the URL
                 * is not "ldaps://"; this may occur not only in case