/* aclparse.c - routines to parse and check acl's */
/* $OpenLDAP$ */
/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
}
} else if ( strncasecmp( left, "attr", 4 ) == 0 ) {
- a->acl_attrs = str2bvec( a->acl_attrs,
+ a->acl_attrs = str2anlist( a->acl_attrs,
right, "," );
+ if ( a->acl_attrs == NULL ) {
+ fprintf( stderr,
+ "%s: line %d: unknown attr \"%s\" in to clause\n",
+ fname, lineno, right );
+ acl_usage();
+ }
} else {
fprintf( stderr,
"%s: line %d: expecting <what> got \"%s\"\n",
{
int rc;
- struct berval val;
- struct berval *vals[2];
+ struct berval vals[2];
- val.bv_val = b->a_group_oc->soc_oid;
- val.bv_len = strlen(val.bv_val);
- vals[0] = &val;
- vals[1] = NULL;
+ vals[0].bv_val = b->a_group_oc->soc_oid;
+ vals[0].bv_len = strlen(vals[0].bv_val);
+ vals[1].bv_val = NULL;
rc = oc_check_allowed( b->a_group_at->ad_type, vals, NULL );
acl_free( AccessControl *a )
{
Access *n;
+ AttributeName *an;
if ( a->acl_filter )
filter_free( a->acl_filter );
if ( a->acl_dn_pat.bv_len )
free ( a->acl_dn_pat.bv_val );
- if ( a->acl_attrs )
- ber_bvecfree( a->acl_attrs );
+ if ( a->acl_attrs ) {
+ for ( an = a->acl_attrs; an->an_name.bv_val; an++ ) {
+ free( an->an_name.bv_val );
+ }
+ free( a->acl_attrs );
+ }
for (; a->acl_access; a->acl_access = n) {
n = a->acl_access->a_next;
access_free( a->acl_access );
}
if ( a->acl_attrs != NULL ) {
- int i, first = 1;
+ int first = 1;
+ AttributeName *an;
to++;
fprintf( stderr, " attrs=" );
- for ( i = 0; a->acl_attrs[i] != NULL; i++ ) {
+ for ( an = a->acl_attrs; an && an->an_name.bv_val; an++ ) {
if ( ! first ) {
fprintf( stderr, "," );
}
- fputs( a->acl_attrs[i]->bv_val, stderr );
+ fputs( an->an_name.bv_val, stderr );
first = 0;
}
fprintf( stderr, "\n" );