upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-18 18:18:06 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix ACL who logging

Browse source
This commit is contained in:
Pierangelo Masarati 2005-08-13 16:35:16 +00:00
parent 43312e8334
commit ca08246534
1 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
servers/slapd/acl.c
View file

@ -1218,6 +1218,9 @@ dn_match_cleanup:;
continue;
}
Debug( LDAP_DEBUG_ACL, "<= check a_group_pat: %s\n",
b->a_group_pat.bv_val, 0, 0 );
/* b->a_group is an unexpanded entry name, expanded it should be an
* entry with objectclass group* and we test to see if odn is one of
* the values in the attribute group
@ -1251,16 +1254,21 @@ dn_match_cleanup:;
}
if ( b->a_set_pat.bv_len != 0 ) {
struct berval bv;
char buf[ACL_BUF_SIZE];
if( b->a_set_style == ACL_STYLE_REGEX ){
struct berval bv;
char buf[ACL_BUF_SIZE];
Debug( LDAP_DEBUG_ACL, "<= check a_set_pat: %s\n",
b->a_set_pat.bv_val, 0, 0 );
if ( b->a_set_style == ACL_STYLE_REGEX ) {
bv.bv_len = sizeof(buf) - 1;
bv.bv_val = buf;
string_expand( &bv, &b->a_set_pat, e->e_ndn, matches );
}else{
} else {
bv = b->a_set_pat;
}
if (aci_match_set( &bv, op, e, 0 ) == 0) {
if ( aci_match_set( &bv, op, e, 0 ) == 0) {
continue;
}
}
@ -1336,6 +1344,9 @@ dn_match_cleanup:;
BerVarray bvals = NULL;
int ret,stop;
Debug( LDAP_DEBUG_ACL, " <= check a_aci_at: %s\n",
b->a_aci_at->ad_cname.bv_val, 0, 0 );
/* this case works different from the others above.
* since aci's themselves give permissions, we need
* to first check b->a_access_mask, the ACL's access level.