ITS#4550 don't overwrite remote server's err msg

[openldap] / servers / slapd / slapacl.c

diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c
index 13dfccc8825b317d9cb86178438d6395f526ab6a..c7b6c274cf5b170ebea4027cb5fa47e71b8063a1 100644 (file)
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -1,6 +1,6 @@
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2004-2005 The OpenLDAP Foundation.
+ * Copyright 2004-2006 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *
@@ -65,7 +65,7 @@ slapacl( int argc, char **argv )
        const char              *progname = "slapacl";
        Connection              conn = { 0 };
        Listener                listener;
-       char                    opbuf[OPERATION_BUFFER_SIZE];
+       OperationBuffer opbuf;
        Operation               *op = NULL;
        Entry                   e = { 0 }, *ep = &e;
        char                    *attr = NULL;
@@ -94,7 +94,7 @@ slapacl( int argc, char **argv )
        argv = &argv[ optind ];
        argc -= optind;
 
-       op = (Operation *)opbuf;
+       op = (Operation *) &opbuf;
        connection_fake_init( &conn, op, &conn );
 
        conn.c_listener = &listener;
@@ -313,12 +313,26 @@ slapacl( int argc, char **argv )
 
                accessstr = strchr( attr, '/' );
                if ( accessstr != NULL ) {
+                       int     invalid = 0;
+
                        accessstr[0] = '\0';
                        accessstr++;
                        access = str2access( accessstr );
-                       if ( access == ACL_INVALID_ACCESS ) {
+                       switch ( access ) {
+                       case ACL_INVALID_ACCESS:
                                fprintf( stderr, "unknown access \"%s\" for attribute \"%s\"\n",
                                                accessstr, attr );
+                               invalid = 1;
+                               break;
+
+                       case ACL_NONE:
+                               fprintf( stderr, "\"none\" not allowed for attribute \"%s\"\n",
+                                               attr );
+                               invalid = 1;
+                               break;
+                       }
+
+                       if ( invalid ) {
                                if ( continuemode ) {
                                        continue;
                                }