upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-01-04 06:01:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Permit access defined by uniqueMember and not only DN-valued

Browse source 
attributes.  This allows using groupOfUniqueNames for
access control.
Fix small typo in MRA definition.
This commit is contained in:
Julio Sánchez Fernández 2000-10-09 19:09:22 +00:00
parent bbe9651ca9
commit 6777a3a41a
2 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
servers/slapd/aclparse.c
View file

@ -508,7 +508,9 @@ parse_acl(
}
if( !is_at_syntax( b->a_group_at->ad_type,
SLAPD_DN_SYNTAX ) )
SLAPD_DN_SYNTAX ) &&
!is_at_syntax( b->a_group_at->ad_type,
SLAPD_NAMEUID_SYNTAX ) )
{
fprintf( stderr,
"%s: line %d: group \"%s\": inappropriate syntax: %s\n",

3
servers/slapd/slap.h
View file

@ -103,6 +103,7 @@ LDAP_BEGIN_DECL
/* must match in schema_init.c */
#define SLAPD_DN_SYNTAX "1.3.6.1.4.1.1466.115.121.1.12"
#define SLAPD_NAMEUID_SYNTAX "1.3.6.1.4.1.1466.115.121.1.34"
#define SLAPD_GROUP_ATTR "member"
#define SLAPD_GROUP_CLASS "groupOfNames"
#define SLAPD_ROLE_ATTR "roleOccupant"
@ -527,7 +528,7 @@ typedef struct slap_filter {
#define f_mr_rule f_un.f_un_mra->ma_rule
#define f_mr_desc f_un.f_un_mra->ma_desc
#define f_mr_value f_un.f_un_mra->ma_value
#define f_mr_dnaddrs f_un.f_un_mra->ma_dnattrs
#define f_mr_dnattrs f_un.f_un_mra->ma_dnattrs
/* and, or, not */
struct slap_filter *f_un_complex;