Add SLAP_MR_ORDERED_INDEX - support for inequality indexing. Currently

[openldap] / servers / slapd / slapacl.c

diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c
index 9ffde3b85a7e07faa12d82b4fc5faf25e88307fb..5fdeae7e3125c8859de5c3236a92853657563ac3 100644 (file)
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -43,9 +43,6 @@ slapacl( int argc, char **argv )
        Operation               op;
        Entry                   e = { 0 };
 
-#ifdef NEW_LOGGING
-       lutil_log_initialize( argc, argv );
-#endif
        slap_tool_init( progname, SLAPACL, argc, argv );
 
        argv = &argv[ optind ];
@@ -65,8 +62,23 @@ slapacl( int argc, char **argv )
                        rc = 1;
                        goto destroy;
                }
+
+       } else if ( !BER_BVISNULL( &authcDN ) ) {
+               struct berval   ndn;
+
+               rc = dnNormalize( 0, NULL, NULL, &authcDN, &ndn, NULL );
+               if ( rc != LDAP_SUCCESS ) {
+                       fprintf( stderr, "autchDN=\"%s\" normalization failed %d (%s)\n",
+                                       authcDN.bv_val, rc,
+                                       ldap_err2string( rc ) );
+                       rc = 1;
+                       goto destroy;
+               }
+               ch_free( authcDN.bv_val );
+               authcDN = ndn;
        }
 
+
        if ( !BER_BVISNULL( &authcDN ) ) {
                fprintf( stderr, "DN: \"%s\"\n", authcDN.bv_val );
        }
@@ -129,14 +141,25 @@ slapacl( int argc, char **argv )
                        break;
                }
 
-               (void)access_allowed_mask( &op, &e, desc, &val, access,
+               rc = access_allowed_mask( &op, &e, desc, &val, access,
                                NULL, &mask );
 
-               fprintf( stderr, "%s%s%s: %s\n",
-                               desc->ad_cname.bv_val,
-                               val.bv_val ? "=" : "",
-                               val.bv_val ? val.bv_val : "",
-                               accessmask2str( mask, accessmaskbuf ) );
+               if ( accessstr ) {
+                       fprintf( stderr, "%s access to %s%s%s: %s\n",
+                                       accessstr,
+                                       desc->ad_cname.bv_val,
+                                       val.bv_val ? "=" : "",
+                                       val.bv_val ? val.bv_val : "",
+                                       rc ? "ALLOWED" : "DENIED" );
+
+               } else {
+                       fprintf( stderr, "%s%s%s: %s\n",
+                                       desc->ad_cname.bv_val,
+                                       val.bv_val ? "=" : "",
+                                       val.bv_val ? val.bv_val : "",
+                                       accessmask2str( mask, accessmaskbuf ) );
+               }
+               rc = 0;
        }
 
 destroy:;