diff --git a/include/ldap.h b/include/ldap.h
index 072c0a5809ce5582f74f24a399a9c98a530a4612..e9352f9dbc30f47ec73e21899615a5a26484aa2c 100644
--- a/include/ldap.h
+++ b/include/ldap.h
@@ -995,7 +995,9 @@ ldap_initialize LDAP_P((
 
 LIBLDAP_F( int )
 ldap_start_tls LDAP_P((
-	LDAP *ld ));
+	LDAP *ld,
+	LDAPControl **serverctrls,
+	LDAPControl **clientctrls ));
 
 /*
  * in messages.c:
diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c
index 99525b1bd6122136237ab05e7fa72d7af8386035..7ff7d5a740615bace6d34dc0ac4549e0e6e53ede 100644
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@@ -228,7 +228,9 @@ ldap_initialize( LDAP **ldp, LDAP_CONST char *url )
 }
 
 int
-ldap_start_tls ( LDAP *ld )
+ldap_start_tls ( LDAP *ld,
+				LDAPControl **serverctrls,
+				LDAPControl **clientctrls )
 {
 #ifdef HAVE_TLS
 	LDAPConn *lc;
@@ -246,7 +248,7 @@ ldap_start_tls ( LDAP *ld )
 		if (ldap_pvt_tls_inplace(lc->lconn_sb) != 0)
 			return LDAP_OPERATIONS_ERROR;
 		rc = ldap_extended_operation_s(ld, LDAP_EXOP_START_TLS,
-							NULL, NULL, NULL, &rspoid, &rspdata);
+							NULL, serverctrls, clientctrls, &rspoid, &rspdata);
 		if (rc != LDAP_SUCCESS)
 			return rc;
 		rc = ldap_pvt_tls_start( lc->lconn_sb, ld->ld_options.ldo_tls_ctx );