ITS#8427 Only do StartTLS if configured

diff --git a/servers/slapd/back-asyncmeta/conn.c b/servers/slapd/back-asyncmeta/conn.c
index 64a852098ae1fb0f155e6baaad91411548a96e71..eeac2a11148478363f0ff02550e89aefcc5f9677 100644 (file)
--- a/servers/slapd/back-asyncmeta/conn.c
+++ b/servers/slapd/back-asyncmeta/conn.c
@@ -227,10 +227,7 @@ asyncmeta_init_one_conn(
                bindconf_tls_set( sb, msc->msc_ld );
 
                if ( !is_ldaps ) {
-                       if ( sb == &mt->mt_idassert.si_bc && sb->sb_tls_ctx ) {
-                               do_start_tls = 1;
-
-                       } else if ( META_BACK_TGT_USE_TLS( mt )
+                       if ( META_BACK_TGT_USE_TLS( mt )
                                || ( op->o_conn->c_is_tls && META_BACK_TGT_PROPAGATE_TLS( mt ) ) )
                        {
                                do_start_tls = 1;

diff --git a/servers/slapd/back-meta/conn.c b/servers/slapd/back-meta/conn.c
index 6696725ac88eb9ee23443260fbc038539d1d40b9..e93fac777253d8f1a111770c0593ef023d80013c 100644 (file)
--- a/servers/slapd/back-meta/conn.c
+++ b/servers/slapd/back-meta/conn.c
@@ -431,10 +431,7 @@ retry_lock:;
                bindconf_tls_set( sb, msc->msc_ld );
 
                if ( !is_ldaps ) {
-                       if ( sb == &mt->mt_idassert.si_bc && sb->sb_tls_ctx ) {
-                               do_start_tls = 1;
-
-                       } else if ( META_BACK_TGT_USE_TLS( mt )
+                       if ( META_BACK_TGT_USE_TLS( mt )
                                || ( op->o_conn->c_is_tls && META_BACK_TGT_PROPAGATE_TLS( mt ) ) )
                        {
                                do_start_tls = 1;