aci_bv_br_all = BER_BVC("[all]"),
aci_bv_access_id = BER_BVC("access-id"),
aci_bv_anonymous = BER_BVC("anonymous"),
+ aci_bv_public = BER_BVC("public"),
aci_bv_users = BER_BVC("users"),
aci_bv_self = BER_BVC("self"),
aci_bv_dnattr = BER_BVC("dnattr"),
if ( b->a_domain_expand ) {
struct berval bv;
- bv.bv_len = sizeof(buf);
+ bv.bv_len = sizeof(buf) - 1;
bv.bv_val = buf;
string_expand(&bv, &b->a_domain_pat, e->e_ndn, matches);
const char *text;
AttributeDescription *desc = NULL;
if (slap_bv2ad(attr, &desc, &text) == LDAP_SUCCESS) {
- backend_attribute(cp->be, NULL, NULL,
+ backend_attribute(cp->be, NULL, cp->op,
cp->e, &ndn, desc, &bvals);
}
free(ndn.bv_val);
if ( dnNormalize2(NULL, &subjdn, &ndn) == LDAP_SUCCESS
&& slap_bv2ad(&setat, &desc, &text) == LDAP_SUCCESS )
{
- backend_attribute(be, NULL, NULL, e,
+ backend_attribute(be, NULL, op, e,
&ndn, desc, &bvals);
if ( bvals != NULL ) {
if ( bvals[0].bv_val != NULL ) {
if (grp_oc != NULL && grp_ad != NULL ) {
char buf[ACL_BUF_SIZE];
struct berval bv, ndn;
- bv.bv_len = sizeof( buf );
+ bv.bv_len = sizeof( buf ) - 1;
bv.bv_val = (char *)&buf;
string_expand(&bv, &subjdn, e->e_ndn, matches);
if ( dnNormalize2(NULL, &bv, &ndn) == LDAP_SUCCESS ) {
See draft-ietf-ldapext-aci-model-04.txt section 9.1 for
a full description of the format for this attribute.
+ Differences: "this" in the draft is "self" here, and
+ "self" and "public" is in the position of dnType.
For now, this routine only supports scope=entry.
*/
if (ber_bvstrcasecmp( &aci_bv_access_id, &bv ) == 0) {
struct berval ndn;
- rc = 1;
+ rc = 0;
if ( dnNormalize2(NULL, &sdn, &ndn) == LDAP_SUCCESS ) {
- if (!dn_match( &op->o_ndn, &ndn))
- rc = 0;
+ if (dn_match( &op->o_ndn, &ndn))
+ rc = 1;
free(ndn.bv_val);
}
return (rc);
+ } else if (ber_bvstrcasecmp( &aci_bv_public, &bv ) == 0) {
+ return(1);
+
} else if (ber_bvstrcasecmp( &aci_bv_self, &bv ) == 0) {
if (dn_match(&op->o_ndn, &e->e_nname))
return(1);
flag = 0;
for ( dp = bv->bv_val, sp = pat->bv_val; size < bv->bv_len &&
- sp < pat->bv_val + pat->bv_len ; sp++) {
+ sp < pat->bv_val + pat->bv_len ; sp++ )
+ {
/* did we previously see a $ */
if ( flag ) {
if ( flag == 1 && *sp == '$' ) {
size++;
flag = 0;
- } else if ( flag == 1 && *sp == '{') {
+ } else if ( flag == 1 && *sp == '{' /*'}'*/) {
flag = 2;
} else if ( *sp >= '0' && *sp <= '9' ) {
n = *sp - '0';
if ( flag == 2 ) {
- for ( sp++; *sp != '\0' && *sp != /* { */ '}'; sp++ ) {
+ for ( sp++; *sp != '\0' && *sp != /*'{'*/ '}'; sp++ ) {
if ( *sp >= '0' && *sp <= '9' ) {
n = 10*n + ( *sp - '0' );
}
}
- if ( *sp != /* { */ '}' ) {
+ if ( *sp != /*'{'*/ '}' ) {
/* error */
}
}
)
{
regex_t re;
- char newbuf[512];
+ char newbuf[ACL_BUF_SIZE];
struct berval bv;
int rc;
- bv.bv_len = sizeof(newbuf);
+ bv.bv_len = sizeof(newbuf) - 1;
bv.bv_val = newbuf;
if(str == NULL) str = "";
string_expand(&bv, pat, buf, matches);
if (( rc = regcomp(&re, newbuf, REG_EXTENDED|REG_ICASE))) {
- char error[512];
+ char error[ACL_BUF_SIZE];
regerror(rc, &re, error, sizeof(error));
#ifdef NEW_LOGGING
projects / openldap / blobdiff