From: Ondřej Kuzník <ondra@mistotebe.net>
Date: Thu, 13 Jun 2019 10:12:54 +0000 (+0200)
Subject: ITS#8427 Only do StartTLS if configured
X-Git-Tag: OPENLDAP_REL_ENG_2_4_48~66
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=653922c5051e1e6901d4b787a37494a433cd31a4;p=thirdparty%2Fopenldap.git

ITS#8427 Only do StartTLS if configured
---

diff --git a/servers/slapd/back-meta/conn.c b/servers/slapd/back-meta/conn.c
index 22cadb7000..a32ddabd1b 100644
--- a/servers/slapd/back-meta/conn.c
+++ b/servers/slapd/back-meta/conn.c
@@ -436,10 +436,7 @@ retry_lock:;
 		bindconf_tls_set( sb, msc->msc_ld );
 
 		if ( !is_ldaps ) {
-			if ( sb == &mt->mt_idassert.si_bc && sb->sb_tls_ctx ) {
-				do_start_tls = 1;
-
-			} else if ( META_BACK_TGT_USE_TLS( mt )
+			if ( META_BACK_TGT_USE_TLS( mt )
 				|| ( op->o_conn->c_is_tls && META_BACK_TGT_PROPAGATE_TLS( mt ) ) )
 			{
 				do_start_tls = 1;