/* DN matches */
for ( i = 0; i < dnmaxcount && dn_data[i].rm_eo > 0; i++ ) {
- char *debugmsg = "=> match[dn%d]: %d %d ";
char *data = e->e_ndn;
- Debug( LDAP_DEBUG_ACL, debugmsg, i,
+ Debug( LDAP_DEBUG_ACL, "=> match[dn%d]: %d %d ", i,
(int)dn_data[i].rm_so,
(int)dn_data[i].rm_eo );
if ( dn_data[i].rm_so <= dn_data[0].rm_eo ) {
/* val matches */
for ( i = 0; i < valmaxcount && val_data[i].rm_eo > 0; i++ ) {
- char *debugmsg = "=> match[val%d]: %d %d ";
char *data = val->bv_val;
- Debug( LDAP_DEBUG_ACL, debugmsg, i,
+ Debug( LDAP_DEBUG_ACL, "=> match[val%d]: %d %d ", i,
(int)val_data[i].rm_so,
(int)val_data[i].rm_eo );
if ( val_data[i].rm_so <= val_data[0].rm_eo ) {
AccessControlState *state )
{
const char *attr;
- int dnlen, patlen;
+ ber_len_t dnlen;
AccessControl *prev;
assert( e != NULL );
continue;
} else {
+ ber_len_t patlen;
+
Debug( LDAP_DEBUG_ACL, "=> dn: [%d] %s\n",
*count, a->acl_dn_pat.bv_val, 0 );
patlen = a->acl_dn_pat.bv_len;
} else if ( a->acl_dn_style == ACL_STYLE_ONE ) {
ber_len_t rdnlen = 0;
- int sep = 0;
+ ber_len_t sep = 0;
if ( dnlen <= patlen )
continue;
}
rdnlen = dn_rdnlen( NULL, &e->e_nname );
- if ( rdnlen != dnlen - patlen - sep )
+ if ( rdnlen + patlen + sep != dnlen )
continue;
} else if ( a->acl_dn_style == ACL_STYLE_SUBTREE ) {
}
if ( a->acl_attrval_style == ACL_STYLE_REGEX ) {
- int rc;
-
Debug( LDAP_DEBUG_ACL,
"acl_get: valpat %s\n",
a->acl_attrval.bv_val, 0, 0 );
- if ( rc = regexec ( &a->acl_attrval_re,
+ if ( regexec ( &a->acl_attrval_re,
val->bv_val,
matches->val_count,
matches->val_data, 0 ) )
continue;
} else {
- int patlen, vdnlen;
+ ber_len_t patlen, vdnlen;
patlen = a->acl_attrval.bv_len;
vdnlen = val->bv_len;
continue;
rdnlen = dn_rdnlen( NULL, val );
- if ( rdnlen != vdnlen - patlen - 1 )
+ if ( rdnlen + patlen + 1 != vdnlen )
continue;
} else if ( a->acl_attrval_style == ACL_STYLE_SUBTREE ) {
acl_mask_dn(
Operation *op,
Entry *e,
- AttributeDescription *desc,
struct berval *val,
AccessControl *a,
AclRegexMatches *matches,
AclRegexMatches tmp_matches,
*tmp_matchesp = &tmp_matches;
int rc = 0;
- int dnoffset;
regmatch_t *tmp_data;
MATCHES_MEMSET( &tmp_matches );
Entry *e,
struct berval *val,
AccessControl *a,
- Access *b,
- int i,
- AclRegexMatches *matches,
int count,
AccessControlState *state,
slap_dn_access *bdn,
char accessmaskbuf[ACCESSMASK_MAXLEN];
#endif /* DEBUG */
const char *attr;
+#ifdef SLAP_DYNACL
slap_mask_t a2pmask = ACL_ACCESS2PRIV( access );
+#endif /* SLAP_DYNACL */
assert( a != NULL );
assert( mask != NULL );
* is maintained in a_dn_pat.
*/
- if ( acl_mask_dn( op, e, desc, val, a, matches,
+ if ( acl_mask_dn( op, e, val, a, matches,
&b->a_dn, &op->o_ndn ) )
{
continue;
ndn = op->o_ndn;
}
- if ( acl_mask_dn( op, e, desc, val, a, matches,
+ if ( acl_mask_dn( op, e, val, a, matches,
&b->a_realdn, &ndn ) )
{
continue;
}
if ( b->a_dn_at != NULL ) {
- if ( acl_mask_dnattr( op, e, val, a, b, i,
- matches, count, state,
+ if ( acl_mask_dnattr( op, e, val, a,
+ count, state,
&b->a_dn, &op->o_ndn ) )
{
continue;
ndn = op->o_ndn;
}
- if ( acl_mask_dnattr( op, e, val, a, b, i,
- matches, count, state,
+ if ( acl_mask_dnattr( op, e, val, a,
+ count, state,
&b->a_realdn, &ndn ) )
{
continue;