These calls belong in an ldap_destroy() library function.

Other pointers may have different representation.

Also don't lock op->o_conn->c_mutex.  It is already locked by slapd/abandon.c.

Use etest {...} | dtest {...} to test.

Remove TLS hard as an ldap.conf option as being not a over-writable
default.  The appropriate way to request ldaps:// is use an ldaps://
URI.  A rewrite to only sent hard for the default URIs but ignored
if the application provides it own URI would be acceptable.

search does not return error when base entry is not found

slapd-sycnrepl-slave-refresh.conf : renamed from slapd-syncrepl-slave.conf

test017-syncreplication         : renamed to test017-syncreplication-refresh

Otherwise slapd would break if SLAPD_MONITOR_DN contained a '%'.

an EOF will return with the previously set errno value.