assert( attr != NULL );
+ if( op && op->o_is_auth_check && (access == ACL_SEARCH || access == ACL_READ)) {
+ access = ACL_AUTH;
+ }
if( state && state->as_recorded && state->as_vd_ad==desc) {
if( state->as_recorded & ACL_STATE_RECORDED_NV &&
val == NULL )
}
if ( b->a_sockurl_pat.bv_len ) {
+ if ( !conn->c_listener_url.bv_val ) {
+ continue;
+ }
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_sockurl_pat: %s\n",
}
if ( b->a_domain_pat.bv_len ) {
+ if ( !conn->c_peer_domain.bv_val ) {
+ continue;
+ }
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_domain_pat: %s\n",
}
if ( b->a_peername_pat.bv_len ) {
+ if ( !conn->c_peer_name.bv_val ) {
+ continue;
+ }
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
- "acl_mask: conn %lu check a_perrname_path: %s\n",
+ "acl_mask: conn %lu check a_peername_path: %s\n",
conn->c_connid, b->a_peername_pat.bv_val , 0 );
#else
Debug( LDAP_DEBUG_ACL, "<= check a_peername_path: %s\n",
}
if ( b->a_sockname_pat.bv_len ) {
+ if ( !conn->c_sock_name.bv_val ) {
+ continue;
+ }
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_mask: conn %lu check a_sockname_path: %s\n",
at = attrs_find( at->a_next, b->a_dn_at ) )
{
if( value_find_ex( b->a_dn_at,
- SLAP_MR_VALUE_NORMALIZED_MATCH, at->a_vals, &bv ) == 0 ) {
+ SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
+ at->a_vals, &bv ) == 0 )
+ {
/* found it */
match = 1;
break;
*/
if ( b->a_dn_self ) {
/* check if the target is an attribute. */
- if ( val == NULL )
- continue;
+ if ( val == NULL ) continue;
+
/* target is attribute, check if the attribute value
* is the op dn.
*/
at != NULL;
at = attrs_find( at->a_next, ad ) )
{
- if (value_find_ex( ad, SLAP_MR_VALUE_NORMALIZED_MATCH, at->a_vals, &bv) == 0 ) {
+ if (value_find_ex( ad, SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH, at->a_vals, &bv) == 0 ) {
rc = 1;
break;
}