ACIs from Mark Valence <kurash@sassafras.com> (ITS#261)

[openldap] / servers / slapd / result.c

diff --git a/servers/slapd/result.c b/servers/slapd/result.c
index 6f3434276d82b02533cf00e3e3ab72354451f26b..9ec57f76264ae8b77beca8cf0f3ede3fef115710 100644 (file)
--- a/servers/slapd/result.c
+++ b/servers/slapd/result.c
@@ -217,10 +217,10 @@ send_ldap_response(
        ber_tag_t       tag,
        ber_int_t       msgid,
     ber_int_t  err,
-    char       *matched,
-    char       *text,
+    const char *matched,
+    const char *text,
        struct berval   **ref,
-       char    *resoid,
+       const char      *resoid,
        struct berval   *resdata,
        LDAPControl **ctrls
 )
@@ -299,7 +299,7 @@ send_ldap_disconnect(
     Connection *conn,
     Operation  *op,
     ber_int_t  err,
-    char       *text
+    const char *text
 )
 {
        ber_tag_t tag;
@@ -353,8 +353,8 @@ send_ldap_result(
     Connection *conn,
     Operation  *op,
     ber_int_t  err,
-    char       *matched,
-    char       *text,
+    const char *matched,
+    const char *text,
        struct berval **ref,
        LDAPControl **ctrls
 )
@@ -381,7 +381,8 @@ send_ldap_result(
                        err = LDAP_NO_SUCH_OBJECT;
                } else if ( op->o_protocol < LDAP_VERSION3 ) {
                        err = LDAP_PARTIAL_RESULTS;
-                       tmp = text = v2ref( ref );
+                       tmp = v2ref( ref );
+                       text = tmp;
                        ref = NULL;
                }
        }
@@ -420,8 +421,8 @@ send_search_result(
     Connection *conn,
     Operation  *op,
     ber_int_t  err,
-    char       *matched,
-       char    *text,
+    const char *matched,
+       const char      *text,
     struct berval **refs,
        LDAPControl **ctrls,
     int                nentries
@@ -445,7 +446,8 @@ send_search_result(
                        err = LDAP_PARTIAL_RESULTS;
                }
 
-               tmp = text = v2ref( refs );
+               tmp = v2ref( refs );
+               text = tmp;
                refs = NULL;
 
        } else {
@@ -570,7 +572,7 @@ send_search_entry(
                acl = acl_get_applicable( be, op, e, a->a_type,
                        MAXREMATCHES, matches );
 
-               if ( ! acl_access_allowed( acl, be, conn, e,
+               if ( ! acl_access_allowed( acl, a->a_type, be, conn, e,
                        NULL, op, ACL_READ, edn, matches ) ) 
                {
                        continue;
@@ -587,7 +589,7 @@ send_search_entry(
                if ( ! attrsonly ) {
                        for ( i = 0; a->a_vals[i] != NULL; i++ ) {
                                if ( a->a_syntax & SYNTAX_DN && 
-                                       ! acl_access_allowed( acl, be, conn, e, a->a_vals[i], op,
+                                       ! acl_access_allowed( acl, a->a_type, be, conn, e, a->a_vals[i], op,
                                                ACL_READ, edn, matches) )
                                {
                                        continue;
@@ -645,7 +647,7 @@ send_search_entry(
                acl = acl_get_applicable( be, op, e, a->a_type,
                        MAXREMATCHES, matches );
 
-               if ( ! acl_access_allowed( acl, be, conn, e,
+               if ( ! acl_access_allowed( acl, a->a_type, be, conn, e,
                        NULL, op, ACL_READ, edn, matches ) ) 
                {
                        continue;
@@ -662,7 +664,7 @@ send_search_entry(
                if ( ! attrsonly ) {
                        for ( i = 0; a->a_vals[i] != NULL; i++ ) {
                                if ( a->a_syntax & SYNTAX_DN && 
-                                       ! acl_access_allowed( acl, be, conn, e, a->a_vals[i], op,
+                                       ! acl_access_allowed( acl, a->a_type, be, conn, e, a->a_vals[i], op,
                                                ACL_READ, edn, matches) )
                                {
                                        continue;