X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslapacl.c;h=5fdeae7e3125c8859de5c3236a92853657563ac3;hb=62b6b326338d5162b0f570eaeb8a227fbc5a9c62;hp=9ffde3b85a7e07faa12d82b4fc5faf25e88307fb;hpb=2919bc09ac89efb58f9c23ddf49d471452157384;p=openldap

diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c
index 9ffde3b85a..5fdeae7e31 100644
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -43,9 +43,6 @@ slapacl( int argc, char **argv )
 	Operation		op;
 	Entry			e = { 0 };
 
-#ifdef NEW_LOGGING
-	lutil_log_initialize( argc, argv );
-#endif
 	slap_tool_init( progname, SLAPACL, argc, argv );
 
 	argv = &argv[ optind ];
@@ -65,8 +62,23 @@ slapacl( int argc, char **argv )
 			rc = 1;
 			goto destroy;
 		}
+
+	} else if ( !BER_BVISNULL( &authcDN ) ) {
+		struct berval	ndn;
+
+		rc = dnNormalize( 0, NULL, NULL, &authcDN, &ndn, NULL );
+		if ( rc != LDAP_SUCCESS ) {
+			fprintf( stderr, "autchDN=\"%s\" normalization failed %d (%s)\n",
+					authcDN.bv_val, rc,
+					ldap_err2string( rc ) );
+			rc = 1;
+			goto destroy;
+		}
+		ch_free( authcDN.bv_val );
+		authcDN = ndn;
 	}
 
+
 	if ( !BER_BVISNULL( &authcDN ) ) {
 		fprintf( stderr, "DN: \"%s\"\n", authcDN.bv_val );
 	}
@@ -129,14 +141,25 @@ slapacl( int argc, char **argv )
 			break;
 		}
 
-		(void)access_allowed_mask( &op, &e, desc, &val, access,
+		rc = access_allowed_mask( &op, &e, desc, &val, access,
 				NULL, &mask );
 
-		fprintf( stderr, "%s%s%s: %s\n",
-				desc->ad_cname.bv_val,
-				val.bv_val ? "=" : "",
-				val.bv_val ? val.bv_val : "",
-				accessmask2str( mask, accessmaskbuf ) );
+		if ( accessstr ) {
+			fprintf( stderr, "%s access to %s%s%s: %s\n",
+					accessstr,
+					desc->ad_cname.bv_val,
+					val.bv_val ? "=" : "",
+					val.bv_val ? val.bv_val : "",
+					rc ? "ALLOWED" : "DENIED" );
+
+		} else {
+			fprintf( stderr, "%s%s%s: %s\n",
+					desc->ad_cname.bv_val,
+					val.bv_val ? "=" : "",
+					val.bv_val ? val.bv_val : "",
+					accessmask2str( mask, accessmaskbuf ) );
+		}
+		rc = 0;
 	}
 
 destroy:;