upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-23 16:19:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix ITS#3140

Browse source
This commit is contained in:
Pierangelo Masarati 2004-05-12 23:29:42 +00:00
parent d5367227a0
commit f109f1eb6d
2 changed files with 42 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
servers/slapd/acl.c
View file

@ -72,7 +72,8 @@ static struct berval
aci_bv_group_class = BER_BVC(SLAPD_GROUP_CLASS), aci_bv_group_class = BER_BVC(SLAPD_GROUP_CLASS),
aci_bv_group_attr = BER_BVC(SLAPD_GROUP_ATTR), aci_bv_group_attr = BER_BVC(SLAPD_GROUP_ATTR),
aci_bv_role_class = BER_BVC(SLAPD_ROLE_CLASS), aci_bv_role_class = BER_BVC(SLAPD_ROLE_CLASS),
aci_bv_role_attr = BER_BVC(SLAPD_ROLE_ATTR); aci_bv_role_attr = BER_BVC(SLAPD_ROLE_ATTR),
aci_bv_set_attr = BER_BVC(SLAPD_ACI_SET_ATTR);
static AccessControl * acl_get( static AccessControl * acl_get(
@ -1745,8 +1746,7 @@ aci_get_part(
char *p; char *p;
if (bv) { if (bv) {
bv->bv_len = 0; BER_BVZERO( bv );
bv->bv_val = NULL;
} }
len = list->bv_len; len = list->bv_len;
p = list->bv_val; p = list->bv_val;
@ -1808,9 +1808,12 @@ aci_match_set (
struct berval set = BER_BVNULL; struct berval set = BER_BVNULL;
int rc = 0; int rc = 0;
AciSetCookie cookie; AciSetCookie cookie;
Operation op2 = *op;
op2.o_conn = NULL;
if (setref == 0) { if (setref == 0) {
ber_dupbv_x( &set, subj, op->o_tmpmemctx ); ber_dupbv_x( &set, subj, op2.o_tmpmemctx );
} else { } else {
struct berval subjdn, ndn = BER_BVNULL; struct berval subjdn, ndn = BER_BVNULL;
struct berval setat; struct berval setat;
@ -1824,44 +1827,40 @@ aci_match_set (
} }
if ( aci_get_part( subj, 1, '/', &setat ) < 0 ) { if ( aci_get_part( subj, 1, '/', &setat ) < 0 ) {
setat.bv_val = SLAPD_ACI_SET_ATTR; setat = aci_bv_set_attr;
setat.bv_len = sizeof(SLAPD_ACI_SET_ATTR)-1;
} }
if ( setat.bv_val != NULL ) {
/* /*
* NOTE: dnNormalize honors the ber_len field * NOTE: dnNormalize honors the ber_len field
* as the length of the dn to be normalized * as the length of the dn to be normalized
*/ */
if ( dnNormalize(0, NULL, NULL, &subjdn, &ndn, op->o_tmpmemctx) == LDAP_SUCCESS if ( slap_bv2ad( &setat, &desc, &text ) == LDAP_SUCCESS ) {
&& slap_bv2ad(&setat, &desc, &text) == LDAP_SUCCESS ) if ( dnNormalize( 0, NULL, NULL, &subjdn, &ndn, op2.o_tmpmemctx ) == LDAP_SUCCESS )
{ {
backend_attribute(op, e, backend_attribute( &op2, e, &ndn, desc, &bvals );
&ndn, desc, &bvals); if ( bvals != NULL && !BER_BVISNULL( &bvals[0] ) ) {
if ( bvals != NULL ) {
if ( bvals[0].bv_val != NULL ) {
int i; int i;
set = bvals[0]; set = bvals[0];
bvals[0].bv_val = NULL; BER_BVZERO( &bvals[0] );
for (i=1;bvals[i].bv_val;i++); for ( i = 1; !BER_BVISNULL( &bvals[i] ); i++ );
bvals[0].bv_val = bvals[i-1].bv_val; bvals[0].bv_val = bvals[i-1].bv_val;
bvals[i-1].bv_val = NULL; BER_BVZERO( &bvals[i-1] );
} }
ber_bvarray_free_x(bvals, op->o_tmpmemctx); ber_bvarray_free_x( bvals, op2.o_tmpmemctx );
slap_sl_free( ndn.bv_val, op2.o_tmpmemctx );
} }
} }
if (ndn.bv_val)
free(ndn.bv_val);
}
} }
if (set.bv_val != NULL) { if ( !BER_BVISNULL( &set ) ) {
cookie.op = op; cookie.op = &op2;
cookie.e = e; cookie.e = e;
rc = ( slap_set_filter( aci_set_gather, (SetCookie *)&cookie, &set, rc = ( slap_set_filter( aci_set_gather, (SetCookie *)&cookie, &set,
&op->o_ndn, &e->e_nname, NULL) > 0); &op2.o_ndn, &e->e_nname, NULL ) > 0 );
slap_sl_free(set.bv_val, op->o_tmpmemctx); slap_sl_free( set.bv_val, op2.o_tmpmemctx );
} }
return(rc); return(rc);
} }

2
servers/slapd/aclparse.c
View file

@ -143,7 +143,7 @@ check_scope( BackendDB *be, AccessControl *a )
dn = be->be_nsuffix[ 0 ]; dn = be->be_nsuffix[ 0 ];
if ( a->acl_dn_pat.bv_len || ( a->acl_dn_style != ACL_STYLE_REGEX ) ) { if ( a->acl_dn_pat.bv_len || a->acl_dn_style != ACL_STYLE_REGEX ) {
slap_style_t style = a->acl_dn_style; slap_style_t style = a->acl_dn_style;
if ( style == ACL_STYLE_REGEX ) { if ( style == ACL_STYLE_REGEX ) {