+ /* can't start TLS if there are other op's around */
+ if (( conn->c_ops != NULL &&
+ (conn->c_ops != op || op->o_next != NULL)) ||
+ ( conn->c_pending_ops != NULL))
+ {
+ *text = "cannot start TLS when operations our outstanding";
+ rc = LDAP_OPERATIONS_ERROR;
+ goto done;
+ }
+
+ if ( ( global_disallows & SLAP_DISALLOW_TLS_AUTHC ) &&
+ ( conn->c_dn != NULL ) )
+ {
+ *text = "cannot start TLS after authentication";
+ rc = LDAP_OPERATIONS_ERROR;
+ goto done;
+ }
+
+ if ( ( global_allows & SLAP_ALLOW_TLS_2_ANON ) &&
+ ( conn->c_dn != NULL ) )
+ {
+ /* force to anonymous */
+ connection2anonymous( conn );
+ }
+