#endif /* LDAP_SLAPI */
/* grant database root access */
- if ( be != NULL && be_isroot( be, &op->o_ndn ) ) {
+ if ( be != NULL && be_isroot( op ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, INFO,
"access_allowed: conn %lu root access granted\n",
assert( be != NULL );
/* short circuit root database access */
- if ( be_isroot_dn( op ) ) {
+ if ( be_isroot( op ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( ACL, DETAIL1,
"acl_check_modlist: conn %lu access granted to root user\n",
* no parent!
* if not attempting to add entry at suffix or with parent ""
*/
- if (( !be_isroot_dn( op ) || pdn.bv_len > 0 )
+ if (( !be_isroot( op ) || pdn.bv_len > 0 )
&& !is_entry_glue( op->oq_add.rs_e ))
{
#ifdef NEW_LOGGING
} else {
/* no parent, must be root to delete */
- if( ! be_isroot_dn( op ) ) {
+ if( ! be_isroot( op ) ) {
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
|| be_isupdate( op->o_bd, &op->o_ndn ) ) {
p = (Entry *)&slap_entry_root;
} else {
/* no parent, modrdn entry directly under root */
- isroot = be_isroot_dn( op );
+ isroot = be_isroot( op );
if ( ! isroot ) {
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
|| be_isupdate( op->o_bd, &op->o_ndn ) ) {
} else {
if ( isroot == -1 ) {
- isroot = be_isroot_dn( op );
+ isroot = be_isroot( op );
}
np_dn = NULL;
} else {
assert( pdn.bv_val == NULL || *pdn.bv_val == '\0' );
- if ( !be_isroot_dn( op )
+ if ( !be_isroot( op )
&& !is_entry_glue( op->oq_add.rs_e ))
{
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
} else {
/* no parent, must be root to delete */
- if( ! be_isroot_dn( op ) ) {
+ if( ! be_isroot( op ) ) {
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
p = (Entry *)&slap_entry_root;
} else {
/* no parent, must be root to modify rdn */
- isroot = be_isroot_dn( op );
+ isroot = be_isroot( op );
if ( ! isroot ) {
if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
int can_access;
/* no parent, must be root to modify newSuperior */
if ( isroot == -1 ) {
- isroot = be_isroot_dn( op );
+ isroot = be_isroot( op );
}
if ( ! isroot ) {
}
int
-be_isroot( Backend *be, struct berval *ndn )
+be_isroot_dn( Backend *be, struct berval *ndn )
{
if ( !ndn->bv_len ) {
return( 0 );
}
int
-be_isroot_dn( Operation *op )
+be_isroot( Operation *op )
{
- return be_isroot( op->o_bd, &op->o_ndn );
+ return be_isroot_dn( op->o_bd, &op->o_ndn );
}
int
int result;
char *errmsg;
- if ( ! be_isroot( op->o_bd, &op->o_req_ndn ) ) {
+ if ( ! be_isroot_dn( op->o_bd, &op->o_req_ndn ) ) {
return 0;
}
assert( op->o_tag == LDAP_REQ_SEARCH);
/* allow root to set no limit */
- if ( be_isroot_dn( op ) ) {
+ if ( be_isroot( op ) ) {
op->ors_limit = NULL;
if ( op->ors_tlimit == 0 ) {
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
/* Root bypasses policy */
- if ( !be_isroot( op->o_bd, &op->o_req_ndn )) {
+ if ( !be_isroot_dn( op->o_bd, &op->o_req_ndn )) {
Entry *e;
int i, rc;
ppbind *ppb;
/* Did we receive a password policy request control? */
for ( i=0; op->o_ctrls && op->o_ctrls[i]; i++ ) {
- if ( !strcmp( op->o_ctrls[i]->ldctl_oid, LDAP_CONTROL_PASSWORDPOLICYREQUEST ) ) {
+ if ( !strcmp( op->o_ctrls[i]->ldctl_oid,
+ LDAP_CONTROL_PASSWORDPOLICYREQUEST ) )
+ {
ppb->send_ctrl = 1;
break;
}
return rs->sr_err;
/* Check for password in entry */
- if ((pa = attr_find( op->oq_add.rs_e->e_attrs, slap_schema.si_ad_userPassword ))) {
+ if ((pa = attr_find( op->oq_add.rs_e->e_attrs,
+ slap_schema.si_ad_userPassword )))
+ {
/*
* new entry contains a password - if we're not the root user
* then we need to check that the password fits in with the
* security policy for the new entry.
*/
ppolicy_get( op, op->oq_add.rs_e, &pp );
- if (pp.pwdCheckQuality > 0 && !be_isroot_dn( op )) {
+ if (pp.pwdCheckQuality > 0 && !be_isroot( op )) {
struct berval *bv = &(pa->a_vals[0]);
int rc, i, send_ctrl = 0;
LDAPPasswordPolicyError pErr = PP_noError;
for(p=tl; p; p=p->next, hsize++); /* count history size */
}
- if (be_isroot_dn( op )) goto do_modify;
+ if (be_isroot( op )) goto do_modify;
/* This is a pwdModify exop that provided the old pw.
* We need to create a Delete mod for this old pw and
LDAP_SLAPD_F (int) be_issuffix LDAP_P(( Backend *be,
struct berval *suffix ));
-LDAP_SLAPD_F (int) be_isroot LDAP_P(( Backend *be, struct berval *ndn ));
-LDAP_SLAPD_F (int) be_isroot_dn LDAP_P(( Operation *op ));
+LDAP_SLAPD_F (int) be_isroot LDAP_P(( Operation *op ));
+LDAP_SLAPD_F (int) be_isroot_dn LDAP_P(( Backend *be, struct berval *ndn ));
LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Operation *op ));
LDAP_SLAPD_F (int) be_isupdate LDAP_P(( Backend *be, struct berval *ndn ));
LDAP_SLAPD_F (struct berval *) be_root_dn LDAP_P(( Backend *be ));
}
/* Allow the manager to authorize as any DN. */
- if( op->o_conn->c_authz_backend && be_isroot( op->o_conn->c_authz_backend, authcDN )) {
+ if( op->o_conn->c_authz_backend &&
+ be_isroot_dn( op->o_conn->c_authz_backend, authcDN ))
+ {
rc = LDAP_SUCCESS;
goto DONE;
}
char *opAuthType;
if ( op->o_bd != NULL ) {
- isRoot = be_isroot_dn( op );
+ isRoot = be_isroot( op );
isUpdateDn = be_isupdate( op->o_bd, &op->o_ndn );
}
projects / openldap / commitdiff