Set peeraddr also for IPv6, fixes ITS#1918

[openldap] / servers / slapd / limits.c

diff --git a/servers/slapd/limits.c b/servers/slapd/limits.c
index 85033305164d7be3b59ee5ad6d0cb6f611e224e6..c33726e71190b011a143de2f8a8eb210618142a3 100644 (file)
--- a/servers/slapd/limits.c
+++ b/servers/slapd/limits.c
@@ -1,6 +1,6 @@
 /* limits.c - routines to handle regex-based size and time limits */
 /*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -40,7 +40,7 @@ get_limits(
                        if ( ndn->bv_len == 0 ) {
                                break;
                        }
-                       if ( strcmp( lm[0]->lm_dn_pat->bv_val, ndn->bv_val ) == 0 ) {
+                       if ( dn_match( &lm[0]->lm_dn_pat, ndn ) ) {
                                *limit = &lm[0]->lm_limits;
                                return( 0 );
                        }
@@ -55,11 +55,11 @@ get_limits(
                                break;
                        }
 
-                       d = ndn->bv_len - lm[0]->lm_dn_pat->bv_len;
                        /* ndn shorter than dn_pat */
-                       if ( d < 0 ) {
+                       if ( ndn->bv_len < lm[0]->lm_dn_pat.bv_len ) {
                                break;
                        }
+                       d = ndn->bv_len - lm[0]->lm_dn_pat.bv_len;
 
                        /* allow exact match for SUBTREE only */
                        if ( d == 0 ) {
@@ -68,22 +68,21 @@ get_limits(
                                }
                        } else {
                                /* check for unescaped rdn separator */
-                               if ( !DN_SEPARATOR( ndn->bv_val[d-1] )
-                                       || DN_ESCAPE( ndn->bv_val[d-2] ) )
-                               {
+                               if ( !DN_SEPARATOR( ndn->bv_val[d-1] ) ) {
                                        break;
                                }
                        }
 
                        /* in case of (sub)match ... */
-                       if ( strcmp( lm[0]->lm_dn_pat->bv_val, &ndn->bv_val[d] ) == 0 ) {
+                       if ( lm[0]->lm_dn_pat.bv_len == ( ndn->bv_len - d )
+                                       && strcmp( lm[0]->lm_dn_pat.bv_val, &ndn->bv_val[d] ) == 0 ) {
                                /* check for exactly one rdn in case of ONE */
                                if ( lm[0]->lm_type == SLAP_LIMITS_ONE ) {
                                        /*
                                         * if ndn is more that one rdn
                                         * below dn_pat, continue
                                         */
-                                       if ( (size_t) dn_rdnlen( NULL, ndn->bv_val ) != d - 1 ) {
+                                       if ( (size_t) dn_rdnlen( NULL, ndn ) != d - 1 ) {
                                                break;
                                        }
                                }
@@ -121,6 +120,10 @@ get_limits(
                        }
                        break;
 
+               case SLAP_LIMITS_ANY:
+                       *limit = &lm[0]->lm_limits;
+                       return( 0 );
+
                default:
                        assert( 0 );    /* unreachable */
                        return( -1 );
@@ -157,9 +160,8 @@ add_limits(
                        struct berval bv;
                        bv.bv_val = (char *) pattern;
                        bv.bv_len = strlen( pattern );
-                       lm->lm_dn_pat = NULL;
 
-                       rc = dnNormalize( NULL, &bv, &lm->lm_dn_pat );
+                       rc = dnNormalize2( NULL, &bv, &lm->lm_dn_pat );
                        if ( rc != LDAP_SUCCESS ) {
                                ch_free( lm );
                                return( -1 );
@@ -170,10 +172,10 @@ add_limits(
        case SLAP_LIMITS_REGEX:
        case SLAP_LIMITS_UNDEFINED:
                lm->lm_type = SLAP_LIMITS_REGEX;
-               lm->lm_dn_pat = ber_bvstrdup( pattern );
-               if ( regcomp( &lm->lm_dn_regex, lm->lm_dn_pat->bv_val, 
+               ber_str2bv( pattern, 0, 1, &lm->lm_dn_pat );
+               if ( regcomp( &lm->lm_dn_regex, lm->lm_dn_pat.bv_val, 
                                        REG_EXTENDED | REG_ICASE ) ) {
-                       ber_bvfree( lm->lm_dn_pat );
+                       free( lm->lm_dn_pat.bv_val );
                        ch_free( lm );
                        return( -1 );
                }
@@ -181,8 +183,10 @@ add_limits(
 
        case SLAP_LIMITS_ANONYMOUS:
        case SLAP_LIMITS_USERS:
+       case SLAP_LIMITS_ANY:
                lm->lm_type = type;
-               lm->lm_dn_pat = NULL;
+               lm->lm_dn_pat.bv_val = NULL;
+               lm->lm_dn_pat.bv_len = 0;
                break;
        }
 
@@ -265,7 +269,10 @@ parse_limits(
         */
        
        pattern = argv[1];
-       if ( strcasecmp( pattern, "anonymous" ) == 0 ) {
+       if ( strcmp( pattern, "*" ) == 0) {
+               type = SLAP_LIMITS_ANY;
+
+       } else if ( strcasecmp( pattern, "anonymous" ) == 0 ) {
                type = SLAP_LIMITS_ANONYMOUS;
 
        } else if ( strcasecmp( pattern, "users" ) == 0 ) {
@@ -343,6 +350,17 @@ parse_limits(
 
                        /* skip '=' (required) */
                        pattern++;
+
+                       /* trim obvious cases */
+                       if ( strcmp( pattern, "*" ) == 0 ) {
+                               type = SLAP_LIMITS_ANY;
+                               pattern = NULL;
+
+                       } else if ( ( type == SLAP_LIMITS_REGEX || type == SLAP_LIMITS_UNDEFINED ) 
+                                       && strcmp( pattern, ".*" ) == 0 ) {
+                               type = SLAP_LIMITS_ANY;
+                               pattern = NULL;
+                       }
                }
        }