Add "allow update_anon"

author Kurt Zeilenga <kurt@openldap.org>

Fri, 25 Oct 2002 18:47:24 +0000 (18:47 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Fri, 25 Oct 2002 18:47:24 +0000 (18:47 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Fri, 25 Oct 2002 18:47:24 +0000 (18:47 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Fri, 25 Oct 2002 18:47:24 +0000 (18:47 +0000)
diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c

index c71e1df78c8414133d3cb927f8071248786ad3d5..a54225e6bbe89d6d26b7c22afd424c310ec66f25 100644 (file)
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -910,7 +910,9 @@ backend_check_restrictions(
                                 return LDAP_CONFIDENTIALITY_REQUIRED;
                         }
  
-                       if( op->o_ndn.bv_len == 0 ) {
+                       if( !( global_allows & SLAP_ALLOW_UPDATE_ANON ) &&
+                               op->o_ndn.bv_len == 0 )
+                       {
                                 *text = "modifications require authentication";
                                 return LDAP_STRONG_AUTH_REQUIRED;
                         }
diff --git a/servers/slapd/config.c b/servers/slapd/config.c

index 44c410fac1f8eac7000e92b83a52d07804bacf66..ec599721838d9b991d8b65e63296881f625ffc71 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -1257,16 +1257,18 @@ read_config( const char *fname, int depth )
                                 } else if( strcasecmp( cargv[i], "bind_anon_dn" ) == 0 ) {
                                         allows |= SLAP_ALLOW_BIND_ANON_DN;
  
+                               } else if( strcasecmp( cargv[i], "update_anon" ) == 0 ) {
+                                       allows |= SLAP_ALLOW_UPDATE_ANON;
+
                                 } else if( strcasecmp( cargv[i], "none" ) != 0 ) {
  #ifdef NEW_LOGGING
-                                       LDAP_LOG( CONFIG, CRIT, 
-                                                  "%s: line %d: unknown feature %s in "
-                                                  "\"allow <features>\" line.\n",
-                                                  fname, lineno, cargv[1] );
+                                       LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
+                                               "unknown feature %s in \"allow <features>\" line.\n",
+                                               fname, lineno, cargv[1] );
  #else
-                                       Debug( LDAP_DEBUG_ANY,
-                   "%s: line %d: unknown feature %s in \"allow <features>\" line\n",
-                                           fname, lineno, cargv[i] );
+                                       Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+                                               "unknown feature %s in \"allow <features>\" line\n",
+                                               fname, lineno, cargv[i] );
  #endif
  
                                         return( 1 );
diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c

index 128fe161196961e8079446953187641db639e0aa..c514fcb672ba0be87d1e2b4c467c0a5a3ecb367f 100644 (file)
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -672,13 +672,16 @@ static int slap_open_listener(
                 }
         }
  
-#if defined(LDAP_PF_LOCAL) || defined(SLAP_X_LISTENER_MOD)
+#ifdef LDAP_PF_LOCAL
+#ifdef SLAP_X_LISTENER_MOD
         if ( lud->lud_exts ) {
                 err = get_url_perms( lud->lud_exts, &l.sl_perms, &crit );
-       } else {
+       } else
+#endif /* SLAP_X_LISTENER_MOD */
+       {
                 l.sl_perms = S_IRWXU;
         }
-#endif /* LDAP_PF_LOCAL || SLAP_X_LISTENER_MOD */
+#endif /* LDAP_PF_LOCAL */
  
         ldap_free_urldesc( lud );
         if ( err ) {
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h

index eac214f3e2d1e492ae4888dbe99368f7e3a3553f..bb611b8fc88e4b46b510aaba2365aee8b2739620 100644 (file)
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -1261,7 +1261,9 @@ struct slap_backend_db {
  
  #define SLAP_ALLOW_BIND_V2                     0x0001U /* LDAPv2 bind */
  #define SLAP_ALLOW_BIND_ANON_CRED      0x0002U /* cred should be empty */
-#define SLAP_ALLOW_BIND_ANON_DN                0x0003U /* dn should be empty */
+#define SLAP_ALLOW_BIND_ANON_DN                0x0004U /* dn should be empty */
+
+#define SLAP_ALLOW_UPDATE_ANON         0x0008U /* allow anonymous updates */
  
  #define SLAP_DISALLOW_BIND_ANON                0x0001U /* no anonymous */
  #define SLAP_DISALLOW_BIND_SIMPLE      0x0002U /* simple authentication */
@@ -1767,9 +1769,7 @@ typedef struct slap_conn {
  struct slap_listener {
         struct berval sl_url;
         struct berval sl_name;
-#ifdef SLAP_X_LISTENER_MOD
-       mode_t          sl_perms;
-#endif /* SLAP_X_LISTENER_MOD */
+       mode_t  sl_perms;
  #ifdef HAVE_TLS
         int             sl_is_tls;
  #endif
author	Kurt Zeilenga <kurt@openldap.org>
	Fri, 25 Oct 2002 18:47:24 +0000 (18:47 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Fri, 25 Oct 2002 18:47:24 +0000 (18:47 +0000)
servers/slapd/backend.c		patch \| blob \| history
servers/slapd/config.c		patch \| blob \| history
servers/slapd/daemon.c		patch \| blob \| history
servers/slapd/slap.h		patch \| blob \| history