int nmatch, regmatch_t *matches);
typedef struct AclSetCookie {
- Operation *op;
- Entry *e;
+ SetCookie asc_cookie;
+#define asc_op asc_cookie.set_op
+ Entry *asc_e;
} AclSetCookie;
SLAP_SET_GATHER acl_set_gather;
{
assert( maskp != NULL );
- ACL_PRIV_SET( *maskp, ACL_ACCESS2PRIV( access ) );
+ /* assign all */
+ ACL_LVL_ASSIGN_MANAGE( *maskp );
return 1;
}
assert( attr != NULL );
+ ACL_INIT( mask );
+
/* grant database root access */
if ( be_isroot( op ) ) {
Debug( LDAP_DEBUG_ACL, "<= root access granted\n", 0, 0, 0 );
* if we get here it means a non-root user is trying to
* manage data, so we need to check its privileges.
*/
- if ( access_level == ACL_WRITE && is_at_no_user_mod( desc->ad_type )
+ if ( access_level == ACL_WRITE
+ && is_at_no_user_mod( desc->ad_type )
&& desc != slap_schema.si_ad_entry
&& desc != slap_schema.si_ad_children )
{
}
rdnlen = dn_rdnlen( NULL, opndn );
- if ( rdnlen != odnlen - patlen - 1 ) {
+ if ( rdnlen - ( odnlen - patlen - 1 ) != 0 ) {
goto dn_match_cleanup;
}
}
} else if ( b->a_style == ACL_STYLE_LEVEL ) {
- int level;
- struct berval ndn;
+ int level = b->a_level;
+ struct berval ndn;
if ( odnlen <= patlen ) {
goto dn_match_cleanup;
goto dn_match_cleanup;
}
- level = b->a_level;
ndn = *opndn;
for ( ; level > 0; level-- ) {
if ( BER_BVISEMPTY( &ndn ) ) {
/* Grab the searchbase and see if an appropriate database can be found */
ber_str2bv( ludp->lud_dn, 0, 0, &op2.o_req_dn );
rc = dnNormalize( 0, NULL, NULL, &op2.o_req_dn,
- &op2.o_req_ndn, cp->op->o_tmpmemctx );
+ &op2.o_req_ndn, cp->asc_op->o_tmpmemctx );
BER_BVZERO( &op2.o_req_dn );
if ( rc != LDAP_SUCCESS ) {
goto url_done;
/* Grab the filter */
if ( ludp->lud_filter ) {
ber_str2bv_x( ludp->lud_filter, 0, 0, &op2.ors_filterstr,
- cp->op->o_tmpmemctx );
+ cp->asc_op->o_tmpmemctx );
} else {
op2.ors_filterstr = defaultFilter_bv;
}
- op2.ors_filter = str2filter_x( cp->op, op2.ors_filterstr.bv_val );
+ op2.ors_filter = str2filter_x( cp->asc_op, op2.ors_filterstr.bv_val );
if ( op2.ors_filter == NULL ) {
rc = LDAP_PROTOCOL_ERROR;
goto url_done;
;
anlistp = slap_sl_malloc( sizeof( AttributeName ) * ( nattrs + 2 ),
- cp->op->o_tmpmemctx );
+ cp->asc_op->o_tmpmemctx );
for ( ; ludp->lud_attrs[ nattrs ]; nattrs++ ) {
ber_str2bv( ludp->lud_attrs[ nattrs ], 0, 0, &anlistp[ nattrs ].an_name );
p.cookie = cookie;
- op2.o_hdr = cp->op->o_hdr;
+ op2.o_hdr = cp->asc_op->o_hdr;
op2.o_tag = LDAP_REQ_SEARCH;
op2.o_ndn = op2.o_bd->be_rootndn;
op2.o_callback = &cb;
op2.o_time = slap_get_time();
op2.o_do_not_cache = 1;
op2.o_is_auth_check = 0;
- ber_dupbv_x( &op2.o_req_dn, &op2.o_req_ndn, cp->op->o_tmpmemctx );
+ ber_dupbv_x( &op2.o_req_dn, &op2.o_req_ndn, cp->asc_op->o_tmpmemctx );
op2.ors_slimit = SLAP_NO_LIMIT;
op2.ors_tlimit = SLAP_NO_LIMIT;
op2.ors_attrs = anlistp;
op2.ors_attrsonly = 0;
- op2.o_private = cp->op->o_private;
+ op2.o_private = cp->asc_op->o_private;
cb.sc_private = &p;
url_done:;
if ( op2.ors_filter ) {
- filter_free_x( cp->op, op2.ors_filter );
+ filter_free_x( cp->asc_op, op2.ors_filter );
}
if ( !BER_BVISNULL( &op2.o_req_ndn ) ) {
- slap_sl_free( op2.o_req_ndn.bv_val, cp->op->o_tmpmemctx );
+ slap_sl_free( op2.o_req_ndn.bv_val, cp->asc_op->o_tmpmemctx );
}
if ( !BER_BVISNULL( &op2.o_req_dn ) ) {
- slap_sl_free( op2.o_req_dn.bv_val, cp->op->o_tmpmemctx );
+ slap_sl_free( op2.o_req_dn.bv_val, cp->asc_op->o_tmpmemctx );
}
if ( ludp ) {
ldap_free_urldesc( ludp );
}
if ( anlistp && anlistp != anlist ) {
- slap_sl_free( anlistp, cp->op->o_tmpmemctx );
+ slap_sl_free( anlistp, cp->asc_op->o_tmpmemctx );
}
return p.bvals;
* plain strings, since syntax is not known. It should
* also return the syntax or some "comparison cookie".
*/
- rc = dnNormalize( 0, NULL, NULL, name, &ndn, cp->op->o_tmpmemctx );
+ rc = dnNormalize( 0, NULL, NULL, name, &ndn, cp->asc_op->o_tmpmemctx );
if ( rc == LDAP_SUCCESS ) {
if ( desc == slap_schema.si_ad_entryDN ) {
bvals = (BerVarray)slap_sl_malloc( sizeof( BerValue ) * 2,
- cp->op->o_tmpmemctx );
+ cp->asc_op->o_tmpmemctx );
bvals[ 0 ] = ndn;
BER_BVZERO( &bvals[ 1 ] );
BER_BVZERO( &ndn );
} else {
- backend_attribute( cp->op,
- cp->e, &ndn, desc, &bvals, ACL_NONE );
+ backend_attribute( cp->asc_op,
+ cp->asc_e, &ndn, desc, &bvals, ACL_NONE );
}
if ( !BER_BVISNULL( &ndn ) ) {
- slap_sl_free( ndn.bv_val, cp->op->o_tmpmemctx );
+ slap_sl_free( ndn.bv_val, cp->asc_op->o_tmpmemctx );
}
}
}
if ( !BER_BVISNULL( &set ) ) {
- cookie.op = op;
- cookie.e = e;
- rc = ( slap_set_filter( acl_set_gather, (SetCookie *)&cookie, &set,
+ cookie.asc_op = op;
+ cookie.asc_e = e;
+ rc = ( slap_set_filter(
+ acl_set_gather,
+ (SetCookie *)&cookie, &set,
&op->o_ndn, &e->e_nname, NULL ) > 0 );
slap_sl_free( set.bv_val, op->o_tmpmemctx );
}
{
if ( flags & SLAP_SET_REFVAL ) {
if ( ! ( flags & SLAP_SET_REFARR ) ) {
- cp->op->o_tmpfree( set, cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpfree( set, cp->set_op->o_tmpmemctx );
}
} else {
- ber_bvarray_free_x( set, cp->op->o_tmpmemctx );
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
}
}
for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ )
;
- newset = cp->op->o_tmpcalloc( i + 1,
+ newset = cp->set_op->o_tmpcalloc( i + 1,
sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpmemctx );
if ( newset == NULL ) {
return NULL;
}
if ( flags & SLAP_SET_REFVAL ) {
for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ ) {
ber_dupbv_x( &newset[ i ], &set[ i ],
- cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpmemctx );
}
} else {
if ( lset == NULL || BER_BVISNULL( lset ) ) {
if ( rset == NULL ) {
if ( lset == NULL ) {
- set = cp->op->o_tmpcalloc( 1,
+ set = cp->set_op->o_tmpcalloc( 1,
sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpmemctx );
BER_BVZERO( set );
return set;
}
}
i = slap_set_size( lset ) + slap_set_size( rset ) + 1;
- set = cp->op->o_tmpcalloc( i, sizeof(struct berval), cp->op->o_tmpmemctx );
+ set = cp->set_op->o_tmpcalloc( i, sizeof(struct berval), cp->set_op->o_tmpmemctx );
if ( set != NULL ) {
/* set_chase() depends on this routine to
* keep the first elements of the result
*/
for ( i = 0; !BER_BVISNULL( &lset[ i ] ); i++ ) {
if ( op_flags & SLAP_SET_LREFVAL ) {
- ber_dupbv_x( &set[ i ], &lset[ i ], cp->op->o_tmpmemctx );
+ ber_dupbv_x( &set[ i ], &lset[ i ], cp->set_op->o_tmpmemctx );
} else {
set[ i ] = lset[ i ];
if ( bvmatch( &rset[ i ], &set[ j ] ) )
{
if ( !( op_flags & SLAP_SET_RREFVAL ) ) {
- cp->op->o_tmpfree( rset[ i ].bv_val, cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpfree( rset[ i ].bv_val, cp->set_op->o_tmpmemctx );
BER_BVZERO( &rset[ i ] );
}
exists = 1;
if ( !exists ) {
if ( op_flags & SLAP_SET_RREFVAL ) {
- ber_dupbv_x( &set[ last ], &rset[ i ], cp->op->o_tmpmemctx );
+ ber_dupbv_x( &set[ last ], &rset[ i ], cp->set_op->o_tmpmemctx );
} else {
set[ last ] = rset[ i ];
if ( lset == NULL || BER_BVISNULL( lset )
|| rset == NULL || BER_BVISNULL( rset ) )
{
- set = cp->op->o_tmpcalloc( 1, sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ set = cp->set_op->o_tmpcalloc( 1, sizeof(struct berval),
+ cp->set_op->o_tmpmemctx );
BER_BVZERO( set );
} else {
}
if ( BER_BVISNULL( &rset[ j ] ) ) {
- cp->op->o_tmpfree( set[ i ].bv_val, cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpfree( set[ i ].bv_val, cp->set_op->o_tmpmemctx );
set[ i ] = set[ last ];
BER_BVZERO( &set[ last ] );
last--;
i = slap_set_size( rset );
j = slap_set_size( lset );
- set = cp->op->o_tmpcalloc( i * j + 1, sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ set = cp->set_op->o_tmpcalloc( i * j + 1, sizeof(struct berval),
+ cp->set_op->o_tmpmemctx );
if ( set == NULL ) {
break;
}
long k;
bv.bv_len = lset[ i ].bv_len + rset[ j ].bv_len;
- bv.bv_val = cp->op->o_tmpalloc( bv.bv_len + 1,
- cp->op->o_tmpmemctx );
+ bv.bv_val = cp->set_op->o_tmpalloc( bv.bv_len + 1,
+ cp->set_op->o_tmpmemctx );
if ( bv.bv_val == NULL ) {
slap_set_dispose( cp, set, 0 );
set = NULL;
for ( k = 0; k < last; k++ ) {
if ( bvmatch( &set[ k ], &bv ) ) {
- cp->op->o_tmpfree( bv.bv_val, cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpfree( bv.bv_val, cp->set_op->o_tmpmemctx );
break;
}
}
done:;
if ( !( op_flags & SLAP_SET_LREFARR ) && lset != NULL ) {
- cp->op->o_tmpfree( lset, cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpfree( lset, cp->set_op->o_tmpmemctx );
}
if ( !( op_flags & SLAP_SET_RREFARR ) && rset != NULL ) {
- cp->op->o_tmpfree( rset, cp->op->o_tmpmemctx );
+ cp->set_op->o_tmpfree( rset, cp->set_op->o_tmpmemctx );
}
return set;
int i;
if ( set == NULL ) {
- set = cp->op->o_tmpcalloc( 1, sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ set = cp->set_op->o_tmpcalloc( 1, sizeof(struct berval),
+ cp->set_op->o_tmpmemctx );
BER_BVZERO( set );
return set;
}
return set;
}
- nset = cp->op->o_tmpcalloc( 1, sizeof(struct berval), cp->op->o_tmpmemctx );
+ nset = cp->set_op->o_tmpcalloc( 1, sizeof(struct berval), cp->set_op->o_tmpmemctx );
if ( nset == NULL ) {
slap_set_dispose( cp, set, 0 );
return NULL;
BerVarray set, lset;
BerVarray stack[ STACK_SIZE ] = { 0 };
int len, rc, stp;
- unsigned op;
+ unsigned long op;
char c, *filter = fbv->bv_val;
if ( results ) {
set = NULL;
} else if ( IS_OP( SF_TOP() ) ) {
- op = (unsigned)SF_POP();
+ op = (unsigned long)SF_POP();
lset = SF_POP();
SF_POP();
set = slap_set_join( cp, lset, op, set );
set = NULL;
} else if ( IS_OP( SF_TOP() ) ) {
- op = (unsigned)SF_POP();
+ op = (unsigned long)SF_POP();
lset = SF_POP();
set = slap_set_join( cp, lset, op, set );
if ( set == NULL ) {
SF_ERROR(syntax);
}
- set = cp->op->o_tmpcalloc( 2, sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ set = cp->set_op->o_tmpcalloc( 2, sizeof(struct berval),
+ cp->set_op->o_tmpmemctx );
if ( set == NULL ) {
SF_ERROR(memory);
}
- set->bv_val = cp->op->o_tmpcalloc( len + 1, sizeof(char),
- cp->op->o_tmpmemctx );
+ set->bv_val = cp->set_op->o_tmpcalloc( len + 1, sizeof(char),
+ cp->set_op->o_tmpmemctx );
if ( BER_BVISNULL( set ) ) {
SF_ERROR( memory );
}
if ( ( SF_TOP() == (void *)'/' ) || IS_SET( SF_TOP() ) ) {
SF_ERROR( syntax );
}
- set = cp->op->o_tmpcalloc( 2, sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ set = cp->set_op->o_tmpcalloc( 2, sizeof(struct berval),
+ cp->set_op->o_tmpmemctx );
if ( set == NULL ) {
SF_ERROR( memory );
}
- ber_dupbv_x( set, target, cp->op->o_tmpmemctx );
+ ber_dupbv_x( set, target, cp->set_op->o_tmpmemctx );
if ( BER_BVISNULL( set ) ) {
SF_ERROR( memory );
}
if ( ( SF_TOP() == (void *)'/' ) || IS_SET( SF_TOP() ) ) {
SF_ERROR( syntax );
}
- set = cp->op->o_tmpcalloc( 2, sizeof(struct berval),
- cp->op->o_tmpmemctx );
+ set = cp->set_op->o_tmpcalloc( 2, sizeof(struct berval),
+ cp->set_op->o_tmpmemctx );
if ( set == NULL ) {
SF_ERROR( memory );
}
- ber_dupbv_x( set, user, cp->op->o_tmpmemctx );
+ ber_dupbv_x( set, user, cp->set_op->o_tmpmemctx );
if ( BER_BVISNULL( set ) ) {
SF_ERROR( memory );
}
/* FIXME: ok ? */ ;
} else if ( IS_OP( SF_TOP() ) ) {
- op = (unsigned)SF_POP();
+ op = (unsigned long)SF_POP();
lset = SF_POP();
set = slap_set_join( cp, lset, op, set );
if ( set == NULL ) {
projects / openldap / commitdiff