]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/aclparse.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
More system schema checks
[openldap] / servers / slapd / aclparse.c
diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c
index 53f1daf418752a5674a6aaddb59aaf39cdf751d8..d93f34ce0c25a25343cb83b78fd671e91f9bd2f9 100644 (file)
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -1,7 +1,7 @@
 /* aclparse.c - routines to parse and check acl's */
 /* $OpenLDAP$ */
 /*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -202,8 +202,14 @@ parse_acl(
                                        }
 
                                } else if ( strncasecmp( left, "attr", 4 ) == 0 ) {
-                                       a->acl_attrs = str2bvec( a->acl_attrs,
+                                       a->acl_attrs = str2anlist( a->acl_attrs,
                                                right, "," );
+                                       if ( a->acl_attrs == NULL ) {
+                                               fprintf( stderr,
+                               "%s: line %d: unknown attr \"%s\" in to clause\n",
+                                                   fname, lineno, right );
+                                               acl_usage();
+                                       }
                                } else {
                                        fprintf( stderr,
                                                "%s: line %d: expecting <what> got \"%s\"\n",
@@ -221,11 +227,10 @@ parse_acl(
                        if( a->acl_dn_pat.bv_len != 0 ) {
                                if ( a->acl_dn_style != ACL_STYLE_REGEX )
                                {
-                                       struct berval *bv = NULL;
-                                       dnNormalize( NULL, &a->acl_dn_pat, &bv);
+                                       struct berval bv;
+                                       dnNormalize2( NULL, &a->acl_dn_pat, &bv);
                                        free( a->acl_dn_pat.bv_val );
-                                       a->acl_dn_pat = *bv;
-                                       free( bv );
+                                       a->acl_dn_pat = bv;
                                } else {
                                        int e = regcomp( &a->acl_dn_re, a->acl_dn_pat.bv_val,
                                                         REG_EXTENDED | REG_ICASE );
@@ -378,10 +383,7 @@ parse_acl(
                                        }
 
                                        if ( sty != ACL_STYLE_REGEX ) {
-                                               struct berval *ndn = NULL;
-                                               dnNormalize(NULL, &bv, &ndn);
-                                               b->a_dn_pat = *ndn;
-                                               free(ndn);
+                                               dnNormalize2(NULL, &bv, &b->a_dn_pat);
                                                free(bv.bv_val);
                                        } else {
                                                b->a_dn_pat = bv;
@@ -473,11 +475,8 @@ parse_acl(
                                                regtest(fname, lineno, bv.bv_val);
                                                b->a_group_pat = bv;
                                        } else {
-                                               struct berval *ndn = NULL;
                                                ber_str2bv( right, 0, 0, &bv );
-                                               dnNormalize( NULL, &bv, &ndn );
-                                               b->a_group_pat = *ndn;
-                                               free(ndn);
+                                               dnNormalize2( NULL, &bv, &b->a_group_pat );
                                        }
 
                                        if (value && *value) {
@@ -559,13 +558,11 @@ parse_acl(
 
                                        {
                                                int rc;
-                                               struct berval val;
-                                               struct berval *vals[2];
+                                               struct berval vals[2];
 
-                                               val.bv_val = b->a_group_oc->soc_oid;
-                                               val.bv_len = strlen(val.bv_val);
-                                               vals[0] = &val;
-                                               vals[1] = NULL;
+                                               vals[0].bv_val = b->a_group_oc->soc_oid;
+                                               vals[0].bv_len = strlen(vals[0].bv_val);
+                                               vals[1].bv_val = NULL;
 
 
                                                rc = oc_check_allowed( b->a_group_at->ad_type, vals, NULL );
@@ -1063,8 +1060,11 @@ accessmask2str( slap_mask_t mask, char *buf )
        }
 
        if ( ACL_IS_LEVEL( mask ) ) {
-               *ptr = ')';
-       } 
+               *ptr++ = ')';
+       }
+
+       *ptr = '\0';
+
        return buf;
 }
 
@@ -1275,13 +1275,18 @@ void
 acl_free( AccessControl *a )
 {
        Access *n;
+       AttributeName *an;
 
        if ( a->acl_filter )
                filter_free( a->acl_filter );
        if ( a->acl_dn_pat.bv_len )
                free ( a->acl_dn_pat.bv_val );
-       if ( a->acl_attrs )
-               ber_bvecfree( a->acl_attrs );
+       if ( a->acl_attrs ) {
+               for ( an = a->acl_attrs; an->an_name.bv_val; an++ ) {
+                       free( an->an_name.bv_val );
+               }
+               free( a->acl_attrs );
+       }
        for (; a->acl_access; a->acl_access = n) {
                n = a->acl_access->a_next;
                access_free( a->acl_access );
@@ -1486,15 +1491,16 @@ print_acl( Backend *be, AccessControl *a )
        }
 
        if ( a->acl_attrs != NULL ) {
-               int     i, first = 1;
+               int     first = 1;
+               AttributeName *an;
                to++;
 
                fprintf( stderr, " attrs=" );
-               for ( i = 0; a->acl_attrs[i] != NULL; i++ ) {
+               for ( an = a->acl_attrs; an && an->an_name.bv_val; an++ ) {
                        if ( ! first ) {
                                fprintf( stderr, "," );
                        }
-                       fputs( a->acl_attrs[i]->bv_val, stderr );
+                       fputs( an->an_name.bv_val, stderr );
                        first = 0;
                }
                fprintf(  stderr, "\n" );
Cloned from git://git.openldap.org/openldap.git