Patch: add OpenLDAPaci #public# access (ITS#2005)

			================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

I couldn't find a way for an OpenLDAPaci to grant public access to an
entry, so I added a dnType #public# for that.  It is in the position
of subjectDn in the draft, which seems kind of stupid, so I put it
in the position of dnType instead.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.

diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c
index 1295b9950791cbbf6dcfc2bb2f42461601767be9..449138fae094c0ef8d424eecb2411e40b8c06945 100644 (file)
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -1746,10 +1746,10 @@ aci_mask(
 
        if (ber_bvstrcasecmp( &aci_bv_access_id, &bv ) == 0) {
                struct berval ndn;
-               rc = 1;
+               rc = 0;
                if ( dnNormalize2(NULL, &sdn, &ndn) == LDAP_SUCCESS ) {
-                       if (!dn_match( &op->o_ndn, &ndn))
-                               rc = 0;
+                       if (dn_match( &op->o_ndn, &ndn))
+                               rc = 1;
                        free(ndn.bv_val);
                }
                return (rc);