(ITS#8693) slaptest conversion of chain overlay generates invalid or undocumented starttls parameter

[jckidder@aep.com]

Full_Name: Jon Kidder
Version: 2.4.44
OS: RHEL 6.0
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (167.239.221.87)


This .conf section

overlay					chain
chain-uri				"ldaps://<myhost>"
chain-rebind-as-user	TRUE
chain-idassert-bind		bindmethod=simple binddn="<myuser>" credentials=<mycreds>
mode="self"
chain-tls				ldaps tls_cacert=/appl/openldap/etc/openldap/tls/cacerts.cer
chain-return-error		TRUE

becomes this ldap backend when using slaptest

# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 bdc4cf96
dn: olcDatabase={1}ldap
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDatabase: {1}ldap
olcDbURI: "ldaps://<myhost>"
olcDbStartTLS: ldaps  starttls=no tls_cacert="/appl/openldap/etc/openldap/tl
 s/cacerts.cer" tls_reqcert=demand tls_crlcheck=none
olcDbIDAssertBind: mode=self flags=prescriptive,proxy-authz-non-critical bin 
dmethod=simple timeout=0 network-timeout=0 binddn="cn=syncuser,ou=automaton 
s,ou=users,dc=global,dc=aep,dc=com" credentials=<mycreds> keepalive=0:0:0
olcDbRebindAsUser: TRUE
olcDbChaseReferrals: TRUE
olcDbTFSupport: no
olcDbProxyWhoAmI: FALSE
olcDbProtocolVersion: 3
olcDbSingleConn: FALSE
olcDbCancel: abandon
olcDbUseTemporaryConn: FALSE
olcDbConnectionPoolMax: 16
olcDbSessionTrackingRequest: FALSE
olcDbNoRefs: FALSE
olcDbNoUndefFilter: FALSE
olcDbOnErr: continue
olcDbKeepalive: 0:0:0
structuralObjectClass: olcLDAPConfig
entryUUID: 7b1cc741-120e-4ce2-b539-17791a361cb1
creatorsName: cn=config
createTimestamp: 20170707202053Z
entryCSN: 20170707202053.340477Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20170707202053Z

The starttls parameter of the chain-tls/tls/olcDBStartTLS attribute is either
invalid or undocumented.