/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2004 The OpenLDAP Foundation.
+ * Copyright 2004-2005 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*
{
int rc = EXIT_SUCCESS;
const char *progname = "slapacl";
- Connection conn = {0};
- char opbuf[OPERATION_BUFFER_SIZE];
+ Connection conn = { 0 };
+ Listener listener;
+ char opbuf[OPERATION_BUFFER_SIZE];
Operation *op;
- Entry e = { 0 };
+ Entry e = { 0 }, *ep = &e;
char *attr = NULL;
slap_tool_init( progname, SLAPACL, argc, argv );
op = (Operation *)opbuf;
connection_fake_init( &conn, op, &conn );
+ conn.c_listener = &listener;
+ conn.c_listener_url = listener_url;
+ conn.c_peer_domain = peer_domain;
+ conn.c_peer_name = peer_name;
+ conn.c_sock_name = sock_name;
+ op->o_ssf = ssf;
+ op->o_transport_ssf = transport_ssf;
+ op->o_tls_ssf = tls_ssf;
+ op->o_sasl_ssf = sasl_ssf;
+
if ( !BER_BVISNULL( &authcID ) ) {
rc = slap_sasl_getdn( &conn, op, &authcID, NULL,
&authcDN, SLAP_GETDN_AUTHCID );
attr = slap_schema.si_ad_entry->ad_cname.bv_val;
}
+ if ( !dryrun ) {
+ ID id;
+
+ if ( !be->be_entry_open ||
+ !be->be_entry_close ||
+ !be->be_dn2id_get ||
+ !be->be_entry_get )
+ {
+ fprintf( stderr, "%s: target database "
+ "doesn't support necessary operations; "
+ "you may try with \"-u\" (dry run).\n",
+ progname );
+ rc = 1;
+ goto destroy;
+ }
+
+ if ( be->be_entry_open( be, 0 ) != 0 ) {
+ fprintf( stderr, "%s: could not open database.\n",
+ progname );
+ rc = 1;
+ goto destroy;
+ }
+
+ id = be->be_dn2id_get( be, &e.e_nname );
+ if ( id == NOID ) {
+ fprintf( stderr, "%s: unable to fetch ID of DN \"%s\"\n",
+ progname, e.e_nname.bv_val );
+ rc = 1;
+ goto destroy;
+ }
+ if ( be->be_id2entry_get( be, id, &ep ) != 0 ) {
+ fprintf( stderr, "%s: unable to fetch entry \"%s\" (%lu)\n",
+ progname, e.e_nname.bv_val, id );
+ rc = 1;
+ goto destroy;
+
+ }
+ }
+
for ( ; argc--; argv++ ) {
slap_mask_t mask;
AttributeDescription *desc = NULL;
int rc;
- struct berval val;
+ struct berval val = BER_BVNULL,
+ *valp = NULL;
const char *text;
char accessmaskbuf[ACCESSMASK_MAXLEN];
char *accessstr;
val.bv_val[0] = '\0';
val.bv_val++;
val.bv_len = strlen( val.bv_val );
+ valp = &val;
}
accessstr = strchr( attr, '/' );
break;
}
- rc = access_allowed_mask( op, &e, desc, &val, access,
+ rc = access_allowed_mask( op, ep, desc, valp, access,
NULL, &mask );
if ( accessstr ) {
desc->ad_cname.bv_val,
val.bv_val ? "=" : "",
val.bv_val ? val.bv_val : "",
- accessmask2str( mask, accessmaskbuf ) );
+ accessmask2str( mask, accessmaskbuf, 1 ) );
}
rc = 0;
attr = NULL;
}
destroy:;
+ ber_memfree( e.e_name.bv_val );
+ ber_memfree( e.e_nname.bv_val );
+ if ( !dryrun ) {
+ if ( ep != &e ) {
+ be_entry_release_r( op, ep );
+ }
+ be->be_entry_close( be );
+ }
+
slap_tool_destroy();
return rc;