fix continuation checking in dynacl (ITS#5637)

diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c
index 2d959190cce6acc3c859a4dc8e2948b4e8155087..7f97d57cf4c0bc5e9cc14e482c3aaec76f7aff2c 100644 (file)
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -63,7 +63,8 @@ static slap_control_t slap_acl_mask(
        int nmatch,
        regmatch_t *matches,
        int count,
-       AccessControlState *state );
+       AccessControlState *state,
+       slap_access_t access );
 
 static int     regex_matches(
        struct berval *pat, char *str, char *buf,
@@ -246,7 +247,7 @@ slap_access_allowed(
                }
 
                control = slap_acl_mask( a, &mask, op,
-                       e, desc, val, MAXREMATCHES, matches, count, state );
+                       e, desc, val, MAXREMATCHES, matches, count, state, access );
 
                if ( control != ACL_BREAK ) {
                        break;
@@ -1053,7 +1054,8 @@ slap_acl_mask(
        int                     nmatch,
        regmatch_t              *matches,
        int                     count,
-       AccessControlState      *state )
+       AccessControlState      *state,
+       slap_access_t   access )
 {
        int             i;
        Access          *b;
@@ -1061,7 +1063,7 @@ slap_acl_mask(
        char            accessmaskbuf[ACCESSMASK_MAXLEN];
 #endif /* DEBUG */
        const char      *attr;
-       slap_mask_t     a2pmask = ACL_ACCESS2PRIV( *mask );
+       slap_mask_t     a2pmask = ACL_ACCESS2PRIV( access );
 
        assert( a != NULL );
        assert( mask != NULL );
@@ -1790,8 +1792,6 @@ slap_acl_mask(
                        *mask = modmask;
                }
 
-               a2pmask = *mask;
-
                Debug( LDAP_DEBUG_ACL,
                        "<= acl_mask: [%d] mask: %s\n",
                        i, accessmask2str(*mask, accessmaskbuf, 1), 0 );