X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Faci.c;h=28b99388ea2381f791e423411a116c095f774b8f;hb=f3c2c7ba48e67468e4052cea4699ffabad59a741;hp=e9e24985fe6a669d394054a0c7903a9844cbf085;hpb=4537065ffc6fcf717175dd8355af8ee95a96c47b;p=openldap

diff --git a/servers/slapd/aci.c b/servers/slapd/aci.c
index e9e24985fe..28b99388ea 100644
--- a/servers/slapd/aci.c
+++ b/servers/slapd/aci.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2006 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -40,7 +40,20 @@
 #include "lber_pvt.h"
 #include "lutil.h"
 
-#define ACI_BUF_SIZE 	1024	/* use most appropriate size */
+/* use most appropriate size */
+#define ACI_BUF_SIZE 			1024
+
+/* move to "stable" when no longer experimental */
+#define SLAPD_ACI_SYNTAX		"1.3.6.1.4.1.4203.666.2.1"
+
+/* change this to "OpenLDAPset" */
+#define SLAPD_ACI_SET_ATTR		"template"
+
+typedef enum slap_aci_scope_t {
+	SLAP_ACI_SCOPE_ENTRY		= 0x1,
+	SLAP_ACI_SCOPE_CHILDREN		= 0x2,
+	SLAP_ACI_SCOPE_SUBTREE		= ( SLAP_ACI_SCOPE_ENTRY | SLAP_ACI_SCOPE_CHILDREN )
+} slap_aci_scope_t;
 
 enum {
 	ACI_BV_ENTRY,
@@ -111,10 +124,7 @@ static const struct berval	aci_bv[] = {
 	BER_BVNULL
 };
 
-#ifdef SLAP_DYNACL
-static
-#endif /* SLAP_DYNACL */
-AttributeDescription *slap_ad_aci;
+static AttributeDescription	*slap_ad_aci;
 
 static int
 OpenLDAPaciValidate(
@@ -390,7 +400,7 @@ done:
 	return rc;
 }
 
-int
+static int
 aci_mask(
 	Operation		*op,
 	Entry			*e,
@@ -640,7 +650,7 @@ aci_mask(
 	return 0;
 }
 
-int
+static int
 aci_init( void )
 {
 	/* OpenLDAP eXperimental Syntax */
@@ -696,7 +706,7 @@ aci_init( void )
 		&rc, &text, LDAP_SCHEMA_ALLOW_ALL );
 	if ( !at ) {
 		Debug( LDAP_DEBUG_ANY,
-			"%s AttributeType load failed: %s %s\n",
+			"aci_init: AttributeType \"%s\" parse failed: %s %s\n",
 			aci_at.name, ldap_scherr2str( rc ), text );
 		return rc;
 	}
@@ -704,9 +714,9 @@ aci_init( void )
 	rc = at_add( at, 0, &sat, &text );
 	if ( rc != LDAP_SUCCESS ) {
 		ldap_attributetype_free( at );
-		fprintf( stderr, "iMUX_monitor_schema_init: "
-			"AttributeType load failed: %s %s\n",
-			scherr2str( rc ), text );
+		Debug( LDAP_DEBUG_ANY,
+			"aci_init: AttributeType \"%s\" load failed: %s %s\n",
+			aci_at.name, scherr2str( rc ), text );
 		return rc;
 	}
 	ldap_memfree( at );
@@ -715,7 +725,7 @@ aci_init( void )
 			aci_at.ad, &text );
 	if ( rc != LDAP_SUCCESS ) {
 		Debug( LDAP_DEBUG_ANY,
-			"unable to find AttributeDescription "
+			"aci_init: unable to find AttributeDescription "
 			"\"%s\": %d (%s)\n",
 			aci_at.name, rc, text );
 		return 1;
@@ -727,7 +737,6 @@ aci_init( void )
 	return rc;
 }
 
-#ifdef SLAP_DYNACL
 static int
 dynacl_aci_parse(
 	const char *fname,
@@ -970,7 +979,6 @@ dynacl_aci_init( void )
 	return rc;
 }
 
-#endif /* SLAP_DYNACL */
 
 /* ACI syntax validation */
 
@@ -1394,16 +1402,14 @@ OpenLDAPaciValidate(
 		struct berval	ocbv = BER_BVNULL,
 				atbv = BER_BVNULL;
 
-		ocbv.bv_val = strchr( type.bv_val, '/' );
-		if ( ocbv.bv_val != NULL
-			&& ( ocbv.bv_val - type.bv_val ) < type.bv_len )
-		{
+		ocbv.bv_val = ber_bvchr( &type, '/' );
+		if ( ocbv.bv_val != NULL ) {
 			ocbv.bv_val++;
+			ocbv.bv_len = type.bv_len
+					- ( ocbv.bv_val - type.bv_val );
 
-			atbv.bv_val = strchr( ocbv.bv_val, '/' );
-			if ( atbv.bv_val != NULL
-				&& ( atbv.bv_val - ocbv.bv_val ) < ocbv.bv_len )
-			{
+			atbv.bv_val = ber_bvchr( &ocbv, '/' );
+			if ( atbv.bv_val != NULL ) {
 				AttributeDescription	*ad = NULL;
 				const char		*text = NULL;
 				int			rc;
@@ -1417,10 +1423,6 @@ OpenLDAPaciValidate(
 				if ( rc != LDAP_SUCCESS ) {
 					return LDAP_INVALID_SYNTAX;
 				}
-				
-			} else {
-				ocbv.bv_len = type.bv_len
-					- ( ocbv.bv_val - type.bv_val );
 			}
 
 			if ( oc_bvfind( &ocbv ) == NULL ) {
@@ -1549,10 +1551,8 @@ OpenLDAPaciPrettyNormal(
 			struct berval	ocbv = BER_BVNULL,
 					atbv = BER_BVNULL;
 
-			ocbv.bv_val = strchr( type.bv_val, '/' );
-			if ( ocbv.bv_val != NULL
-				&& ( ocbv.bv_val - type.bv_val ) < type.bv_len )
-			{
+			ocbv.bv_val = ber_bvchr( &type, '/' );
+			if ( ocbv.bv_val != NULL ) {
 				ObjectClass		*oc = NULL;
 				AttributeDescription	*ad = NULL;
 				const char		*text = NULL;
@@ -1564,10 +1564,8 @@ OpenLDAPaciPrettyNormal(
 				ocbv.bv_val++;
 				ocbv.bv_len = type.bv_len - ( ocbv.bv_val - type.bv_val );
 
-				atbv.bv_val = strchr( ocbv.bv_val, '/' );
-				if ( atbv.bv_val != NULL
-					&& ( atbv.bv_val - ocbv.bv_val ) < ocbv.bv_len )
-				{
+				atbv.bv_val = ber_bvchr( &ocbv, '/' );
+				if ( atbv.bv_val != NULL ) {
 					atbv.bv_val++;
 					atbv.bv_len = type.bv_len
 						- ( atbv.bv_val - type.bv_val );
@@ -1580,10 +1578,6 @@ OpenLDAPaciPrettyNormal(
 					}
 
 					bv.bv_len += STRLENOF( "/" ) + ad->ad_cname.bv_len;
-					
-				} else {
-					ocbv.bv_len = type.bv_len
-						- ( ocbv.bv_val - type.bv_val );
 				}
 
 				oc = oc_bvfind( &ocbv );
@@ -1708,7 +1702,7 @@ OpenLDAPaciNormalize(
 int
 init_module( int argc, char *argv[] )
 {
-	return slap_dynacl_register();
+	return dynacl_aci_init();
 }
 #endif /* SLAPD_ACI_ENABLED == SLAPD_MOD_DYNAMIC */