From 33d4c153207bf2fac9b652f434005b7e9ac692a0 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Mon, 22 Jul 2019 03:10:37 +0000
Subject: [PATCH] Revert "ITS#8427 Only do StartTLS if configured"

This reverts commit 653922c5051e1e6901d4b787a37494a433cd31a4.
---
 servers/slapd/back-meta/conn.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/servers/slapd/back-meta/conn.c b/servers/slapd/back-meta/conn.c
index a32ddabd1b..22cadb7000 100644
--- a/servers/slapd/back-meta/conn.c
+++ b/servers/slapd/back-meta/conn.c
@@ -436,7 +436,10 @@ retry_lock:;
 		bindconf_tls_set( sb, msc->msc_ld );
 
 		if ( !is_ldaps ) {
-			if ( META_BACK_TGT_USE_TLS( mt )
+			if ( sb == &mt->mt_idassert.si_bc && sb->sb_tls_ctx ) {
+				do_start_tls = 1;
+
+			} else if ( META_BACK_TGT_USE_TLS( mt )
 				|| ( op->o_conn->c_is_tls && META_BACK_TGT_PROPAGATE_TLS( mt ) ) )
 			{
 				do_start_tls = 1;
-- 
GitLab