Let ldap_authenticate module use starttls()

When upgrading to version 6.4 I stumbled upon the problem that users couldn’t login anymore when using the ldap_authentication module. Comparing the differences I remembered that I had manually changed the module because I needed starttls() to be able to bind to the ldap server.
In my case the ldap server is a Samba Active Directory server which does not allow unencrypted connections.

By adding starttls() in the different places I was able to connect and authenticate users.

What is the best way forward? Should starttls be a configuration option which should be added to the trytond.conf?

It should probably support tls in the URI (like for smtp).

Just looked at the smtp code and using tls in the uri is just a cosmetic one. So it should be possible to use the same syntax. I will give it a try.