Operation *op, Entry *e,
AttributeDescription *desc,
struct berval *val,
- int nmatches, regmatch_t *matches );
+ int nmatches, regmatch_t *matches,
+ AccessControlState *state );
static slap_control_t acl_mask(
AccessControl *ac, slap_mask_t *mask,
assert( state->as_vd_acl != NULL );
a = state->as_vd_acl;
- mask = state->as_vd_acl_mask;
count = state->as_vd_acl_count;
- AC_MEMCPY( matches, state->as_vd_acl_matches, sizeof(matches) );
- goto vd_access;
+ if ( !ACL_IS_INVALID( state->as_vd_acl_mask )) {
+ mask = state->as_vd_acl_mask;
+ AC_MEMCPY( matches, state->as_vd_acl_matches, sizeof(matches) );
+ goto vd_access;
+ }
} else {
if ( state ) state->as_vi_acl = NULL;
}
while((a = acl_get( a, &count, op, e, desc, val,
- MAXREMATCHES, matches )) != NULL)
+ MAXREMATCHES, matches, state )) != NULL)
{
int i;
return ret;
}
+
/*
* acl_get - return the acl applicable to entry e, attribute
* attr. the acl returned is suitable for use in subsequent calls to
AttributeDescription *desc,
struct berval *val,
int nmatch,
- regmatch_t *matches )
+ regmatch_t *matches,
+ AccessControlState *state )
{
const char *attr;
int dnlen, patlen;
if ( val == NULL ) {
continue;
}
+
+ if( state && !( state->as_recorded & ACL_STATE_RECORDED_VD )) {
+ state->as_recorded |= ACL_STATE_RECORDED_VD;
+ state->as_vd_acl = a;
+ state->as_vd_acl_count = *count;
+ state->as_vd_access = a->acl_access;
+ state->as_vd_access_count = 1;
+ ACL_INVALIDATE( state->as_vd_acl_mask );
+ }
+
if ( a->acl_attrval_style == ACL_STYLE_REGEX ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
projects / openldap / commitdiff