check conn->c_listener before use (hack to fix ITS#2361; need to review this part...

author Pierangelo Masarati <ando@openldap.org>

Mon, 10 Mar 2003 22:19:32 +0000 (22:19 +0000)

committer Pierangelo Masarati <ando@openldap.org>

Mon, 10 Mar 2003 22:19:32 +0000 (22:19 +0000)
author Pierangelo Masarati <ando@openldap.org>
Mon, 10 Mar 2003 22:19:32 +0000 (22:19 +0000)
committer Pierangelo Masarati <ando@openldap.org>
Mon, 10 Mar 2003 22:19:32 +0000 (22:19 +0000)
diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c

index f276270fbcc2a6b8f49c43e1d37384617953289d..09dfb0d7b3f5d2bedf97de9d7b620e5fb7c2f2df 100644 (file)
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -750,6 +750,15 @@ dn_match_cleanup:;
  #endif
  
                         if ( !ber_bvccmp( &b->a_sockurl_pat, '*' ) ) {
+                               /*
+                                * FIXME: conn->c_listener can be null
+                                * if the connection is faked (e.g. by
+                                * slapi)
+                                */
+                               if ( conn->c_listener == NULL ) {
+                                       continue;
+                               }
+
                                 if ( b->a_sockurl_style == ACL_STYLE_REGEX) {
                                         if (!regex_matches( &b->a_sockurl_pat, conn->c_listener_url.bv_val,
                                                         e->e_ndn, matches ) ) 
diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c

index 2d7c040baacb2c4026c4be91fec7afc3dbbd8dfe..637a1dfc31559ca78458fdecac31221459512ff0 100644 (file)
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -967,7 +967,7 @@ backend_check_restrictions(
                         }
  
  #ifdef SLAP_X_LISTENER_MOD
-                       if ( ! ( conn->c_listener->sl_perms & S_IWUSR ) ) {
+                       if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IWUSR ) ) {
                                 /* no "w" mode means readonly */
                                 *text = "modifications not allowed on this listener";
                                 return LDAP_UNWILLING_TO_PERFORM;
@@ -1026,7 +1026,7 @@ backend_check_restrictions(
  
  #ifdef SLAP_X_LISTENER_MOD
                 if ( !starttls && op->o_dn.bv_len == 0 ) {
-                       if ( ! ( conn->c_listener->sl_perms & S_IXUSR ) ) {
+                       if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IXUSR ) ) {
                                 /* no "x" mode means bind required */
                                 *text = "bind required on this listener";
                                 return LDAP_STRONG_AUTH_REQUIRED;
@@ -1034,7 +1034,7 @@ backend_check_restrictions(
                 }
  
                 if ( !starttls && !updateop ) {
-                       if ( ! ( conn->c_listener->sl_perms & S_IRUSR ) ) {
+                       if ( conn->c_listener && ! ( conn->c_listener->sl_perms & S_IRUSR ) ) {
                                 /* no "r" mode means no read */
                                 *text = "read not allowed on this listener";
                                 return LDAP_UNWILLING_TO_PERFORM;
author	Pierangelo Masarati <ando@openldap.org>
	Mon, 10 Mar 2003 22:19:32 +0000 (22:19 +0000)
committer	Pierangelo Masarati <ando@openldap.org>
	Mon, 10 Mar 2003 22:19:32 +0000 (22:19 +0000)
servers/slapd/acl.c		patch \| blob \| history
servers/slapd/backend.c		patch \| blob \| history