X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fsaslauthz.c;h=a30340e31aa1101e936388543d7b0a0382b96d9a;hb=b94a77687075b0eb2d54d087b8b956d197c1023c;hp=28e44248cd71df6f374ff5eb30119c134fd7d86f;hpb=03dba8c111ce3f0b8e59daec6a4aa2c27b651249;p=openldap

diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index 28e44248cd..a30340e31a 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -87,6 +87,10 @@ struct rewrite_info	*sasl_rwinfo = NULL;
 #define	SASL_AUTHZ_TO	0x02
 #define SASL_AUTHZ_AND	0x10
 
+static const char *policy_txt[] = {
+	"none", "from", "to", "any"
+};
+
 static int authz_policy = SASL_AUTHZ_NONE;
 
 static
@@ -113,6 +117,14 @@ int slap_sasl_setpolicy( const char *arg )
 	return rc;
 }
 
+const char * slap_sasl_getpolicy()
+{
+	if ( authz_policy == (SASL_AUTHZ_FROM | SASL_AUTHZ_TO | SASL_AUTHZ_AND) )
+		return "all";
+	else
+		return policy_txt[authz_policy];
+}
+
 int slap_parse_user( struct berval *id, struct berval *user,
 		struct berval *realm, struct berval *mech )
 {
@@ -592,10 +604,6 @@ int slap_sasl_regexp_rewrite_config(
 
 int slap_sasl_regexp_config( const char *match, const char *replace )
 {
-#ifdef SLAP_AUTH_REWRITE
-	return slap_sasl_regexp_rewrite_config( "sasl-regexp", 0,
-			match, replace, AUTHID_CONTEXT );
-#else /* ! SLAP_AUTH_REWRITE */
 	int rc;
 	SaslRegexp_t *reg;
 
@@ -607,6 +615,13 @@ int slap_sasl_regexp_config( const char *match, const char *replace )
 	reg->sr_match = ch_strdup( match );
 	reg->sr_replace = ch_strdup( replace );
 
+#ifdef SLAP_AUTH_REWRITE
+	rc = slap_sasl_regexp_rewrite_config( "sasl-regexp", 0,
+			match, replace, AUTHID_CONTEXT );
+	if ( rc == LDAP_SUCCESS ) nSaslRegexp++;
+	return rc;
+#else /* ! SLAP_AUTH_REWRITE */
+
 	/* Precompile matching pattern */
 	rc = regcomp( &reg->sr_workspace, reg->sr_match, REG_EXTENDED|REG_ICASE );
 	if ( rc ) {
@@ -625,6 +640,35 @@ int slap_sasl_regexp_config( const char *match, const char *replace )
 #endif /* ! SLAP_AUTH_REWRITE */
 }
 
+void slap_sasl_regexp_unparse( BerVarray *out )
+{
+	int i;
+	struct berval bv;
+	BerVarray bva = NULL;
+	char ibuf[32], *ptr;
+	struct berval idx;
+
+	if ( !nSaslRegexp ) return;
+
+	idx.bv_val = ibuf;
+	bva = ch_malloc( (nSaslRegexp+1) * sizeof(struct berval) );
+	BER_BVZERO(bva+nSaslRegexp);
+	for ( i=0; i<nSaslRegexp; i++ ) {
+		idx.bv_len = sprintf( idx.bv_val, "{%d}", i);
+		bva[i].bv_len = idx.bv_len + strlen( SaslRegexp[i].sr_match ) +
+			strlen( SaslRegexp[i].sr_replace ) + 5;
+		bva[i].bv_val = ch_malloc( bva[i].bv_len+1 );
+		ptr = lutil_strcopy( bva[i].bv_val, ibuf );
+		*ptr++ = '"';
+		ptr = lutil_strcopy( ptr, SaslRegexp[i].sr_match );
+		ptr = lutil_strcopy( ptr, "\" \"" );
+		ptr = lutil_strcopy( ptr, SaslRegexp[i].sr_replace );
+		*ptr++ = '"';
+		*ptr = '\0';
+	}
+	*out = bva;
+}
+
 /* Perform replacement on regexp matches */
 static void slap_sasl_rx_exp(
 	const char *rep,