Two new flags in Connection. One to indicate that it is a raw TLS

section (that is, not SASL).  The second to indicate that we need to
do SSL_accept on this connection.

diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index d7fd7eb4c4aa5276d63e762d7ccb4e5a66ef0700..439ebd6853312bd9b3f0b84da8098b7209e44e71 100644 (file)
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -601,6 +601,9 @@ typedef struct slap_conn {
        BerElement      *c_currentber;  /* ber we're attempting to read */
        int             c_writewaiter;  /* true if writer is waiting */
 
+       int     c_is_tls;               /* true if this LDAP over raw TLS */
+       int     c_needs_tls_accept;     /* true if SSL_accept should be called */
+
        long    c_n_ops_received;               /* num of ops received (next op_id) */
        long    c_n_ops_executing;      /* num of ops currently executing */
        long    c_n_ops_pending;                /* num of ops pending execution */