]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/result.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ACIs from Mark Valence <kurash@sassafras.com> (ITS#261)
[openldap] / servers / slapd / result.c
diff --git a/servers/slapd/result.c b/servers/slapd/result.c
index 1ed5717d7b2cc0afd23b18406ceb63d52d8bc65b..9ec57f76264ae8b77beca8cf0f3ede3fef115710 100644 (file)
--- a/servers/slapd/result.c
+++ b/servers/slapd/result.c
@@ -572,7 +572,7 @@ send_search_entry(
                acl = acl_get_applicable( be, op, e, a->a_type,
                        MAXREMATCHES, matches );
 
-               if ( ! acl_access_allowed( acl, be, conn, e,
+               if ( ! acl_access_allowed( acl, a->a_type, be, conn, e,
                        NULL, op, ACL_READ, edn, matches ) ) 
                {
                        continue;
@@ -589,7 +589,7 @@ send_search_entry(
                if ( ! attrsonly ) {
                        for ( i = 0; a->a_vals[i] != NULL; i++ ) {
                                if ( a->a_syntax & SYNTAX_DN && 
-                                       ! acl_access_allowed( acl, be, conn, e, a->a_vals[i], op,
+                                       ! acl_access_allowed( acl, a->a_type, be, conn, e, a->a_vals[i], op,
                                                ACL_READ, edn, matches) )
                                {
                                        continue;
@@ -647,7 +647,7 @@ send_search_entry(
                acl = acl_get_applicable( be, op, e, a->a_type,
                        MAXREMATCHES, matches );
 
-               if ( ! acl_access_allowed( acl, be, conn, e,
+               if ( ! acl_access_allowed( acl, a->a_type, be, conn, e,
                        NULL, op, ACL_READ, edn, matches ) ) 
                {
                        continue;
@@ -664,7 +664,7 @@ send_search_entry(
                if ( ! attrsonly ) {
                        for ( i = 0; a->a_vals[i] != NULL; i++ ) {
                                if ( a->a_syntax & SYNTAX_DN && 
-                                       ! acl_access_allowed( acl, be, conn, e, a->a_vals[i], op,
+                                       ! acl_access_allowed( acl, a->a_type, be, conn, e, a->a_vals[i], op,
                                                ACL_READ, edn, matches) )
                                {
                                        continue;
Cloned from git://git.openldap.org/openldap.git