#endif
slap_mask_t mask;
slap_control_t control;
+ const char *attr;
+ regmatch_t matches[MAXREMATCHES];
+
+ assert( e != NULL );
+ assert( desc != NULL );
+ assert( access > ACL_NONE );
- const char *attr = desc ? desc->ad_cname->bv_val : NULL;
+ attr = desc->ad_cname->bv_val;
- regmatch_t matches[MAXREMATCHES];
+ assert( attr != NULL );
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_ENTRY,
e->e_dn, attr );
#endif
+ if ( op == NULL ) {
+ /* no-op call */
+ return 1;
+ }
+
+ if ( be == NULL ) be = &backends[0];
assert( be != NULL );
- assert( e != NULL );
- assert( attr != NULL );
- assert( access > ACL_NONE );
/* grant database root access */
if ( be != NULL && be_isroot( be, op->o_ndn ) ) {
assert( e != NULL );
assert( count != NULL );
+ assert( desc != NULL );
- attr = desc ? desc->ad_cname->bv_val : NULL;
+ attr = desc->ad_cname->bv_val;
+
+ assert( attr != NULL );
if( a == NULL ) {
if( be == NULL ) {
#ifdef LDAP_DEBUG
char accessmaskbuf[ACCESSMASK_MAXLEN];
#endif
- const char *attr = desc ? desc->ad_cname->bv_val : NULL;
+ const char *attr;
assert( a != NULL );
assert( mask != NULL );
+ assert( desc != NULL );
+
+ attr = desc->ad_cname->bv_val;
+
+ assert( attr != NULL );
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_ENTRY,
struct berval bv;
int rc, match = 0;
const char *text;
- const char *desc = b->a_dn_at->ad_cname->bv_val;
+ const char *attr = b->a_dn_at->ad_cname->bv_val;
+
+ assert( attr != NULL );
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
"acl_mask: conn %d check a_dn_pat: %s\n",
- conn->c_connid, desc ));
+ conn->c_connid, attr ));
#else
Debug( LDAP_DEBUG_ACL, "<= check a_dn_at: %s\n",
- desc, 0, 0);
+ attr, 0, 0);
#endif
bv.bv_val = op->o_ndn;
bv.bv_len = strlen( bv.bv_val );
}
}
+ /* implicit "by * none" clause */
+ ACL_INIT(*mask);
+
#ifdef NEW_LOGGING
- LDAP_LOG(( "aci", LDAP_LEVEL_RESULTS,
+ LDAP_LOG(( "acl", LDAP_LEVEL_RESULTS,
"acl_mask: conn %d no more <who> clauses, returning %d (stop)\n",
conn->c_connid, accessmask2str( *mask, accessmaskbuf) ));
#else
int rc;
char *attr = desc->ad_cname->bv_val;
+ assert( attr != NULL );
+
/* parse an aci of the form:
oid#scope#action;rights;attr;rights;attr$action;rights;attr;rights;attr#dnType#subjectDN