https://bugs.openldap.org/show_bug.cgi?id=10023
--- Comment #11 from Howard Chu hyc@openldap.org --- (In reply to ipuleston@sonicwall.com from comment #6)
(In reply to Howard Chu from comment #4)
(In reply to ipuleston@sonicwall.com from comment #1)
Note that ldap_int_* functions are for internal use only, not for users to invoke.
Yes, as things stand OpenLDAP doesn't really support asynchronous connects with TLS. Without TLS, LDAP_OPT_CONNECT_ASYNC does give asynchronous connects, but when TLS is used the "connect and start TLS" operation that it currently provides becomes synchronous.
To address this I had to patch my port to add a ldap_tls_start_async() API for starting TLS after completing an async connect. It also provides for doing the TLS handshake step-by-step asynchronously.
I would be happy to provide this as a patch, should you want to pick it up.
Please do. I considered moving the TLS setup from ldap_int_open_conn() to ldap_new_connection() but not sure that really makes things any easier.