/* aclparse.c - routines to parse and check acl's */
/* $OpenLDAP$ */
/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
} else if ( strncasecmp( left, "attr", 4 ) == 0 ) {
a->acl_attrs = str2anlist( a->acl_attrs,
right, "," );
+ if ( a->acl_attrs == NULL ) {
+ fprintf( stderr,
+ "%s: line %d: unknown attr \"%s\" in to clause\n",
+ fname, lineno, right );
+ acl_usage();
+ }
} else {
fprintf( stderr,
"%s: line %d: expecting <what> got \"%s\"\n",
acl_usage();
}
- if( b->a_peername_pat != NULL ) {
+ if( b->a_peername_pat.bv_len ) {
fprintf( stderr,
"%s: line %d: peername pattern already specified.\n",
fname, lineno );
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
- b->a_peername_pat = bv.bv_val;
+ b->a_peername_pat = bv;
} else {
- b->a_peername_pat = ch_strdup( right );
+ ber_str2bv( right, 0, 1, &b->a_peername_pat );
}
continue;
}
acl_usage();
}
- if( b->a_sockname_pat != NULL ) {
+ if( b->a_sockname_pat.bv_len ) {
fprintf( stderr,
"%s: line %d: sockname pattern already specified.\n",
fname, lineno );
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
- b->a_sockname_pat = bv.bv_val;
+ b->a_sockname_pat = bv;
} else {
- b->a_sockname_pat = ch_strdup( right );
+ ber_str2bv( right, 0, 1, &b->a_sockname_pat );
}
continue;
}
acl_usage();
}
- if( b->a_domain_pat != NULL ) {
+ if( b->a_domain_pat.bv_len ) {
fprintf( stderr,
"%s: line %d: domain pattern already specified.\n",
fname, lineno );
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
- b->a_domain_pat = bv.bv_val;
+ b->a_domain_pat = bv;
} else {
- b->a_domain_pat = ch_strdup( right );
+ ber_str2bv( right, 0, 1, &b->a_domain_pat );
}
continue;
}
acl_usage();
}
- if( b->a_sockurl_pat != NULL ) {
+ if( b->a_sockurl_pat.bv_len ) {
fprintf( stderr,
"%s: line %d: sockurl pattern already specified.\n",
fname, lineno );
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
- b->a_sockurl_pat = bv.bv_val;
+ b->a_sockurl_pat = bv;
} else {
- b->a_sockurl_pat = ch_strdup( right );
+ ber_str2bv( right, 0, 1, &b->a_sockurl_pat );
}
continue;
}
}
} else {
- rc = slap_str2ad( SLAPD_ACI_ATTR, &b->a_aci_at, &text );
-
- if( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
- "%s: line %d: aci \"%s\": %s\n",
- fname, lineno, SLAPD_ACI_ATTR, text );
- acl_usage();
- }
+ b->a_aci_at = slap_schema.si_ad_aci;
}
if( !is_at_syntax( b->a_aci_at->ad_type,
{
if ( a->a_dn_pat.bv_val )
free ( a->a_dn_pat.bv_val );
- if ( a->a_peername_pat )
- free ( a->a_peername_pat );
- if ( a->a_sockname_pat )
- free ( a->a_sockname_pat );
- if ( a->a_domain_pat )
- free ( a->a_domain_pat );
- if ( a->a_sockurl_pat )
- free ( a->a_sockurl_pat );
+ if ( a->a_peername_pat.bv_val )
+ free ( a->a_peername_pat.bv_val );
+ if ( a->a_sockname_pat.bv_val )
+ free ( a->a_sockname_pat.bv_val );
+ if ( a->a_domain_pat.bv_val )
+ free ( a->a_domain_pat.bv_val );
+ if ( a->a_sockurl_pat.bv_val )
+ free ( a->a_sockurl_pat.bv_val );
if ( a->a_set_pat.bv_len )
free ( a->a_set_pat.bv_val );
if ( a->a_group_pat.bv_len )
}
}
- if ( b->a_peername_pat != NULL ) {
- fprintf( stderr, " peername=%s", b->a_peername_pat );
+ if ( b->a_peername_pat.bv_len != 0 ) {
+ fprintf( stderr, " peername=%s", b->a_peername_pat.bv_val );
}
- if ( b->a_sockname_pat != NULL ) {
- fprintf( stderr, " sockname=%s", b->a_sockname_pat );
+ if ( b->a_sockname_pat.bv_len != 0 ) {
+ fprintf( stderr, " sockname=%s", b->a_sockname_pat.bv_val );
}
- if ( b->a_domain_pat != NULL ) {
- fprintf( stderr, " domain=%s", b->a_domain_pat );
+ if ( b->a_domain_pat.bv_len != 0 ) {
+ fprintf( stderr, " domain=%s", b->a_domain_pat.bv_val );
}
- if ( b->a_sockurl_pat != NULL ) {
- fprintf( stderr, " sockurl=%s", b->a_sockurl_pat );
+ if ( b->a_sockurl_pat.bv_len != 0 ) {
+ fprintf( stderr, " sockurl=%s", b->a_sockurl_pat.bv_val );
}
#ifdef SLAPD_ACI_ENABLED
projects / openldap / blobdiff