upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-01-03 05:30:07 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix ITS#1607, longstanding bug in group and dnattr acls, gave access

Browse source 
to anonymous connections.
This commit is contained in:
Howard Chu 2002-03-20 13:11:37 +00:00
parent 780d427fa6
commit 6b0fb09e0d
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
servers/slapd/acl.c
View file

@ -768,7 +768,7 @@ acl_mask(
}
}
if ( b->a_dn_at != NULL && op->o_ndn.bv_len != 0 ) {
if ( b->a_dn_at != NULL ) {
Attribute *at;
struct berval bv;
int rc, match = 0;
@ -777,6 +777,10 @@ acl_mask(
assert( attr != NULL );
if ( op->o_ndn.bv_len == 0 ) {
continue;
}
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
"acl_mask: conn %d check a_dn_pat: %s\n",
@ -843,12 +847,16 @@ acl_mask(
}
}
if ( b->a_group_pat.bv_len && op->o_ndn.bv_len ) {
if ( b->a_group_pat.bv_len ) {
char buf[1024];
struct berval bv;
struct berval ndn = { 0, NULL };
int rc;
if ( op->o_ndn.bv_len == 0 ) {
continue;
}
bv.bv_len = sizeof(buf) - 1;
bv.bv_val = buf;