mirror of
https://git.openldap.org/openldap/openldap.git
synced 2026-02-03 20:40:05 -05:00
swap be_isroot and be_isroot_dn symbols
This commit is contained in:
Kurt Zeilenga
parent
37ef5350bd
commit
c7e89d57be
13 changed files with 30 additions and 24 deletions
|
|
@ -228,7 +228,7 @@ access_allowed(
|
|||
#endif /* LDAP_SLAPI */
|
||||
|
||||
/* grant database root access */
|
||||
if ( be != NULL && be_isroot( be, &op->o_ndn ) ) {
|
||||
if ( be != NULL && be_isroot( op ) ) {
|
||||
#ifdef NEW_LOGGING
|
||||
LDAP_LOG( ACL, INFO,
|
||||
"access_allowed: conn %lu root access granted\n",
|
||||
|
|
@ -1568,7 +1568,7 @@ acl_check_modlist(
|
|||
assert( be != NULL );
|
||||
|
||||
/* short circuit root database access */
|
||||
if ( be_isroot_dn( op ) ) {
|
||||
if ( be_isroot( op ) ) {
|
||||
#ifdef NEW_LOGGING
|
||||
LDAP_LOG( ACL, DETAIL1,
|
||||
"acl_check_modlist: conn %lu access granted to root user\n",
|
||||
|
|
|
|||
|
|
@ -298,7 +298,7 @@ retry: /* transaction retry */
|
|||
* no parent!
|
||||
* if not attempting to add entry at suffix or with parent ""
|
||||
*/
|
||||
if (( !be_isroot_dn( op ) || pdn.bv_len > 0 )
|
||||
if (( !be_isroot( op ) || pdn.bv_len > 0 )
|
||||
&& !is_entry_glue( op->oq_add.rs_e ))
|
||||
{
|
||||
#ifdef NEW_LOGGING
|
||||
|
|
|
|||
|
|
@ -244,7 +244,7 @@ retry: /* transaction retry */
|
|||
|
||||
} else {
|
||||
/* no parent, must be root to delete */
|
||||
if( ! be_isroot_dn( op ) ) {
|
||||
if( ! be_isroot( op ) ) {
|
||||
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
|
||||
|| be_isupdate( op->o_bd, &op->o_ndn ) ) {
|
||||
p = (Entry *)&slap_entry_root;
|
||||
|
|
|
|||
|
|
@ -390,7 +390,7 @@ retry: /* transaction retry */
|
|||
|
||||
} else {
|
||||
/* no parent, modrdn entry directly under root */
|
||||
isroot = be_isroot_dn( op );
|
||||
isroot = be_isroot( op );
|
||||
if ( ! isroot ) {
|
||||
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
|
||||
|| be_isupdate( op->o_bd, &op->o_ndn ) ) {
|
||||
|
|
@ -600,7 +600,7 @@ retry: /* transaction retry */
|
|||
|
||||
} else {
|
||||
if ( isroot == -1 ) {
|
||||
isroot = be_isroot_dn( op );
|
||||
isroot = be_isroot( op );
|
||||
}
|
||||
|
||||
np_dn = NULL;
|
||||
|
|
|
|||
|
|
@ -247,7 +247,7 @@ ldbm_back_add(
|
|||
} else {
|
||||
assert( pdn.bv_val == NULL || *pdn.bv_val == '\0' );
|
||||
|
||||
if ( !be_isroot_dn( op )
|
||||
if ( !be_isroot( op )
|
||||
&& !is_entry_glue( op->oq_add.rs_e ))
|
||||
{
|
||||
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
|
||||
|
|
|
|||
|
|
@ -194,7 +194,7 @@ ldbm_back_delete(
|
|||
|
||||
} else {
|
||||
/* no parent, must be root to delete */
|
||||
if( ! be_isroot_dn( op ) ) {
|
||||
if( ! be_isroot( op ) ) {
|
||||
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
|
||||
p = (Entry *)&slap_entry_root;
|
||||
|
||||
|
|
|
|||
|
|
@ -246,7 +246,7 @@ ldbm_back_modrdn(
|
|||
|
||||
} else {
|
||||
/* no parent, must be root to modify rdn */
|
||||
isroot = be_isroot_dn( op );
|
||||
isroot = be_isroot( op );
|
||||
if ( ! isroot ) {
|
||||
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
|
||||
int can_access;
|
||||
|
|
@ -418,7 +418,7 @@ ldbm_back_modrdn(
|
|||
|
||||
/* no parent, must be root to modify newSuperior */
|
||||
if ( isroot == -1 ) {
|
||||
isroot = be_isroot_dn( op );
|
||||
isroot = be_isroot( op );
|
||||
}
|
||||
|
||||
if ( ! isroot ) {
|
||||
|
|
|
|||
|
|
@ -714,7 +714,7 @@ be_issuffix(
|
|||
}
|
||||
|
||||
int
|
||||
be_isroot( Backend *be, struct berval *ndn )
|
||||
be_isroot_dn( Backend *be, struct berval *ndn )
|
||||
{
|
||||
if ( !ndn->bv_len ) {
|
||||
return( 0 );
|
||||
|
|
@ -748,9 +748,9 @@ be_root_dn( Backend *be )
|
|||
}
|
||||
|
||||
int
|
||||
be_isroot_dn( Operation *op )
|
||||
be_isroot( Operation *op )
|
||||
{
|
||||
return be_isroot( op->o_bd, &op->o_ndn );
|
||||
return be_isroot_dn( op->o_bd, &op->o_ndn );
|
||||
}
|
||||
|
||||
int
|
||||
|
|
@ -759,7 +759,7 @@ be_isroot_pw( Operation *op )
|
|||
int result;
|
||||
char *errmsg;
|
||||
|
||||
if ( ! be_isroot( op->o_bd, &op->o_req_ndn ) ) {
|
||||
if ( ! be_isroot_dn( op->o_bd, &op->o_req_ndn ) ) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -780,7 +780,7 @@ limits_check( Operation *op, SlapReply *rs )
|
|||
assert( op->o_tag == LDAP_REQ_SEARCH);
|
||||
|
||||
/* allow root to set no limit */
|
||||
if ( be_isroot_dn( op ) ) {
|
||||
if ( be_isroot( op ) ) {
|
||||
op->ors_limit = NULL;
|
||||
|
||||
if ( op->ors_tlimit == 0 ) {
|
||||
|
|
|
|||
|
|
@ -1053,7 +1053,7 @@ ppolicy_bind( Operation *op, SlapReply *rs )
|
|||
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
|
||||
|
||||
/* Root bypasses policy */
|
||||
if ( !be_isroot( op->o_bd, &op->o_req_ndn )) {
|
||||
if ( !be_isroot_dn( op->o_bd, &op->o_req_ndn )) {
|
||||
Entry *e;
|
||||
int i, rc;
|
||||
ppbind *ppb;
|
||||
|
|
@ -1081,7 +1081,9 @@ ppolicy_bind( Operation *op, SlapReply *rs )
|
|||
|
||||
/* Did we receive a password policy request control? */
|
||||
for ( i=0; op->o_ctrls && op->o_ctrls[i]; i++ ) {
|
||||
if ( !strcmp( op->o_ctrls[i]->ldctl_oid, LDAP_CONTROL_PASSWORDPOLICYREQUEST ) ) {
|
||||
if ( !strcmp( op->o_ctrls[i]->ldctl_oid,
|
||||
LDAP_CONTROL_PASSWORDPOLICYREQUEST ) )
|
||||
{
|
||||
ppb->send_ctrl = 1;
|
||||
break;
|
||||
}
|
||||
|
|
@ -1172,14 +1174,16 @@ ppolicy_add(
|
|||
return rs->sr_err;
|
||||
|
||||
/* Check for password in entry */
|
||||
if ((pa = attr_find( op->oq_add.rs_e->e_attrs, slap_schema.si_ad_userPassword ))) {
|
||||
if ((pa = attr_find( op->oq_add.rs_e->e_attrs,
|
||||
slap_schema.si_ad_userPassword )))
|
||||
{
|
||||
/*
|
||||
* new entry contains a password - if we're not the root user
|
||||
* then we need to check that the password fits in with the
|
||||
* security policy for the new entry.
|
||||
*/
|
||||
ppolicy_get( op, op->oq_add.rs_e, &pp );
|
||||
if (pp.pwdCheckQuality > 0 && !be_isroot_dn( op )) {
|
||||
if (pp.pwdCheckQuality > 0 && !be_isroot( op )) {
|
||||
struct berval *bv = &(pa->a_vals[0]);
|
||||
int rc, i, send_ctrl = 0;
|
||||
LDAPPasswordPolicyError pErr = PP_noError;
|
||||
|
|
@ -1389,7 +1393,7 @@ ppolicy_modify( Operation *op, SlapReply *rs )
|
|||
for(p=tl; p; p=p->next, hsize++); /* count history size */
|
||||
}
|
||||
|
||||
if (be_isroot_dn( op )) goto do_modify;
|
||||
if (be_isroot( op )) goto do_modify;
|
||||
|
||||
/* This is a pwdModify exop that provided the old pw.
|
||||
* We need to create a Delete mod for this old pw and
|
||||
|
|
|
|||
|
|
@ -222,8 +222,8 @@ LDAP_SLAPD_F (BackendDB *) select_backend LDAP_P((
|
|||
|
||||
LDAP_SLAPD_F (int) be_issuffix LDAP_P(( Backend *be,
|
||||
struct berval *suffix ));
|
||||
LDAP_SLAPD_F (int) be_isroot LDAP_P(( Backend *be, struct berval *ndn ));
|
||||
LDAP_SLAPD_F (int) be_isroot_dn LDAP_P(( Operation *op ));
|
||||
LDAP_SLAPD_F (int) be_isroot LDAP_P(( Operation *op ));
|
||||
LDAP_SLAPD_F (int) be_isroot_dn LDAP_P(( Backend *be, struct berval *ndn ));
|
||||
LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Operation *op ));
|
||||
LDAP_SLAPD_F (int) be_isupdate LDAP_P(( Backend *be, struct berval *ndn ));
|
||||
LDAP_SLAPD_F (struct berval *) be_root_dn LDAP_P(( Backend *be ));
|
||||
|
|
|
|||
|
|
@ -1000,7 +1000,9 @@ int slap_sasl_authorized( Operation *op,
|
|||
}
|
||||
|
||||
/* Allow the manager to authorize as any DN. */
|
||||
if( op->o_conn->c_authz_backend && be_isroot( op->o_conn->c_authz_backend, authcDN )) {
|
||||
if( op->o_conn->c_authz_backend &&
|
||||
be_isroot_dn( op->o_conn->c_authz_backend, authcDN ))
|
||||
{
|
||||
rc = LDAP_SUCCESS;
|
||||
goto DONE;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2461,7 +2461,7 @@ int slapi_int_pblock_set_operation( Slapi_PBlock *pb, Operation *op )
|
|||
char *opAuthType;
|
||||
|
||||
if ( op->o_bd != NULL ) {
|
||||
isRoot = be_isroot_dn( op );
|
||||
isRoot = be_isroot( op );
|
||||
isUpdateDn = be_isupdate( op->o_bd, &op->o_ndn );
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue