"=> access_allowed: %s access %s by %s\n",
access2str( access ),
ACL_GRANT(mask, access) ? "granted" : "denied",
- accessmask2str( mask, accessmaskbuf ) );
+ accessmask2str( mask, accessmaskbuf, 1 ) );
ret = ACL_GRANT(mask, access);
"=> acl_mask: to %s by \"%s\", (%s) \n",
val ? "value" : "all values",
op->o_ndn.bv_val ? op->o_ndn.bv_val : "",
- accessmask2str( *mask, accessmaskbuf ) );
+ accessmask2str( *mask, accessmaskbuf, 1) );
if( state && ( state->as_recorded & ACL_STATE_RECORDED_VD )
}
}
Debug(LDAP_DEBUG_ACL, "<= aci_mask grant %s deny %s\n",
- accessmask2str(tgrant,accessmaskbuf),
- accessmask2str(tdeny, accessmaskbuf1), 0);
+ accessmask2str(tgrant,accessmaskbuf, 1),
+ accessmask2str(tdeny, accessmaskbuf1, 1), 0);
}
/* If the entry level aci didn't contain anything valid for the
}
}
Debug(LDAP_DEBUG_ACL, "<= aci_mask grant %s deny %s\n",
- accessmask2str(tgrant,accessmaskbuf),
- accessmask2str(tdeny, accessmaskbuf1), 0);
+ accessmask2str(tgrant,accessmaskbuf, 1),
+ accessmask2str(tdeny, accessmaskbuf1, 1), 0);
}
break;
Debug( LDAP_DEBUG_ACL,
"<= acl_mask: [%d] applying %s (%s)\n",
- i, accessmask2str( modmask, accessmaskbuf ),
+ i, accessmask2str( modmask, accessmaskbuf, 1 ),
b->a_type == ACL_CONTINUE
? "continue"
: b->a_type == ACL_BREAK
Debug( LDAP_DEBUG_ACL,
"<= acl_mask: [%d] mask: %s\n",
- i, accessmask2str(*mask, accessmaskbuf), 0 );
+ i, accessmask2str(*mask, accessmaskbuf, 1), 0 );
if( b->a_type == ACL_CONTINUE ) {
continue;
Debug( LDAP_DEBUG_ACL,
"<= acl_mask: no more <who> clauses, returning %s (stop)\n",
- accessmask2str(*mask, accessmaskbuf), 0, 0 );
+ accessmask2str(*mask, accessmaskbuf, 1), 0, 0 );
return ACL_STOP;
}
}
static int
-dynacl_aci_print( void *priv )
+dynacl_aci_unparse( void *priv, struct berval *bv )
{
AttributeDescription *ad = ( AttributeDescription * )priv;
+ char *ptr;
assert( ad );
- fprintf( stderr, " aci=%s", ad->ad_cname.bv_val );
+ bv->bv_val = ch_malloc( STRLENOF(" aci=") + ad->ad_cname.bv_len + 1 );
+ ptr = lutil_strcopy( bv->bv_val, " aci=" );
+ ptr = lutil_strcopy( ptr, ad->ad_cname.bv_val );
+ bv->bv_len = ptr - bv->bv_val;
return 0;
}
}
Debug( LDAP_DEBUG_ACL, "<= aci_mask grant %s deny %s\n",
- accessmask2str( tgrant, accessmaskbuf ),
- accessmask2str( tdeny, accessmaskbuf1 ), 0 );
+ accessmask2str( tgrant, accessmaskbuf, 1 ),
+ accessmask2str( tdeny, accessmaskbuf1, 1 ), 0 );
}
/* If the entry level aci didn't contain anything valid for the
}
}
Debug( LDAP_DEBUG_ACL, "<= aci_mask grant %s deny %s\n",
- accessmask2str( tgrant, accessmaskbuf ),
- accessmask2str( tdeny, accessmaskbuf1 ), 0 );
+ accessmask2str( tgrant, accessmaskbuf, 1 ),
+ accessmask2str( tdeny, accessmaskbuf1, 1 ), 0 );
}
break;
static slap_dynacl_t dynacl_aci = {
"aci",
dynacl_aci_parse,
- dynacl_aci_print,
+ dynacl_aci_unparse,
dynacl_aci_mask,
NULL,
NULL,
}
char *
-accessmask2str( slap_mask_t mask, char *buf )
+accessmask2str( slap_mask_t mask, char *buf, int debug )
{
int none = 1;
char *ptr = buf;
ptr = lutil_strcopy( ptr, "unknown" );
}
+ if ( !debug ) {
+ *ptr = '\0';
+ return buf;
+ }
*ptr++ = '(';
}
}
if ( none ) {
- *ptr++ = '0';
+ ptr = buf;
}
if ( ACL_IS_LEVEL( mask ) ) {
return( ACL_INVALID_ACCESS );
}
-#ifdef LDAP_DEBUG
+#define ACLBUF_MAXLEN 8192
-static void
-print_access( Access *b )
+static char aclbuf[ACLBUF_MAXLEN];
+
+static char *
+access2text( Access *b, char *ptr )
{
char maskbuf[ACCESSMASK_MAXLEN];
- fprintf( stderr, "\tby" );
+ ptr = lutil_strcopy( ptr, "\tby" );
if ( !BER_BVISEMPTY( &b->a_dn_pat ) ) {
+ *ptr++ = ' ';
if ( ber_bvccmp( &b->a_dn_pat, '*' ) ||
- b->a_dn_style == ACL_STYLE_ANONYMOUS /* strcmp( b->a_dn_pat.bv_val, "anonymous" ) == 0 */ ||
- b->a_dn_style == ACL_STYLE_USERS /* strcmp( b->a_dn_pat.bv_val, "users" ) == 0 */ ||
- b->a_dn_style == ACL_STYLE_SELF /* strcmp( b->a_dn_pat.bv_val, "self" ) == 0 */ )
+ b->a_dn_style == ACL_STYLE_ANONYMOUS ||
+ b->a_dn_style == ACL_STYLE_USERS ||
+ b->a_dn_style == ACL_STYLE_SELF )
{
- fprintf( stderr, " %s", b->a_dn_pat.bv_val );
+ ptr = lutil_strcopy( ptr, b->a_dn_pat.bv_val );
} else {
- fprintf( stderr, " dn.%s=\"%s\"",
- style_strings[b->a_dn_style], b->a_dn_pat.bv_val );
+ ptr = lutil_strcopy( ptr, "dn." );
+ ptr = lutil_strcopy( ptr, style_strings[b->a_dn_style] );
+ *ptr++ = '=';
+ *ptr++ = '"';
+ ptr = lutil_strcopy( ptr, b->a_dn_pat.bv_val );
+ *ptr++ = '"';
}
}
if ( b->a_dn_at != NULL ) {
- fprintf( stderr, " dnattr=%s", b->a_dn_at->ad_cname.bv_val );
+ ptr = lutil_strcopy( ptr, " dnattr=" );
+ ptr = lutil_strcopy( ptr, b->a_dn_at->ad_cname.bv_val );
}
if ( !BER_BVISEMPTY( &b->a_group_pat ) ) {
- fprintf( stderr, " group/%s/%s.%s=\"%s\"",
- b->a_group_oc ? b->a_group_oc->soc_cname.bv_val : "groupOfNames",
- b->a_group_at ? b->a_group_at->ad_cname.bv_val : "member",
- style_strings[b->a_group_style],
- b->a_group_pat.bv_val );
+ ptr = lutil_strcopy( ptr, " group/" );
+ ptr = lutil_strcopy( ptr, b->a_group_oc ?
+ b->a_group_oc->soc_cname.bv_val : "groupOfNames" );
+ *ptr++ = '/';
+ ptr = lutil_strcopy( ptr, b->a_group_at ?
+ b->a_group_at->ad_cname.bv_val : "member" );
+ *ptr++ = '.';
+ ptr = lutil_strcopy( ptr, style_strings[b->a_group_style] );
+ *ptr++ = '=';
+ *ptr++ = '"';
+ ptr = lutil_strcopy( ptr, b->a_group_pat.bv_val );
+ *ptr++ = '"';
}
if ( !BER_BVISEMPTY( &b->a_peername_pat ) ) {
- fprintf( stderr, " peername=\"%s\"", b->a_peername_pat.bv_val );
+ ptr = lutil_strcopy( ptr, " peername=\"" );
+ ptr = lutil_strcopy( ptr, b->a_peername_pat.bv_val );
+ *ptr++ = '"';
}
if ( !BER_BVISEMPTY( &b->a_sockname_pat ) ) {
- fprintf( stderr, " sockname=\"%s\"", b->a_sockname_pat.bv_val );
+ ptr = lutil_strcopy( ptr, " sockname=\"" );
+ ptr = lutil_strcopy( ptr, b->a_sockname_pat.bv_val );
+ *ptr++ = '"';
}
if ( !BER_BVISEMPTY( &b->a_domain_pat ) ) {
- fprintf( stderr, " domain=%s", b->a_domain_pat.bv_val );
+ ptr = lutil_strcopy( ptr, " domain=" );
+ ptr = lutil_strcopy( ptr, b->a_domain_pat.bv_val );
}
if ( !BER_BVISEMPTY( &b->a_sockurl_pat ) ) {
- fprintf( stderr, " sockurl=\"%s\"", b->a_sockurl_pat.bv_val );
+ ptr = lutil_strcopy( ptr, " sockurl=\"" );
+ ptr = lutil_strcopy( ptr, b->a_sockurl_pat.bv_val );
+ *ptr++ = '"';
}
if ( !BER_BVISEMPTY( &b->a_set_pat ) ) {
- fprintf( stderr, " set=\"%s\"", b->a_set_pat.bv_val );
+ ptr = lutil_strcopy( ptr, " set=\"" );
+ ptr = lutil_strcopy( ptr, b->a_set_pat.bv_val );
+ *ptr++ = '"';
}
#ifdef SLAP_DYNACL
slap_dynacl_t *da;
for ( da = b->a_dynacl; da; da = da->da_next ) {
- if ( da->da_print ) {
- (void)( *da->da_print )( da->da_private );
+ if ( da->da_unparse ) {
+ struct berval bv;
+ (void)( *da->da_unparse )( da->da_private, &bv );
+ ptr = lutil_strcopy( ptr, bv.bv_val );
+ ch_free( bv.bv_val );
}
}
}
#else /* ! SLAP_DYNACL */
#ifdef SLAPD_ACI_ENABLED
if ( b->a_aci_at != NULL ) {
- fprintf( stderr, " aci=%s", b->a_aci_at->ad_cname.bv_val );
+ ptr = lutil_strcopy( ptr, " aci=" );
+ ptr = lutil_strcopy( ptr, b->a_aci_at->ad_cname.bv_val );
}
#endif
#endif /* SLAP_DYNACL */
/* Security Strength Factors */
if ( b->a_authz.sai_ssf ) {
- fprintf( stderr, " ssf=%u",
+ ptr += sprintf( ptr, " ssf=%u",
b->a_authz.sai_ssf );
}
if ( b->a_authz.sai_transport_ssf ) {
- fprintf( stderr, " transport_ssf=%u",
+ ptr += sprintf( ptr, " transport_ssf=%u",
b->a_authz.sai_transport_ssf );
}
if ( b->a_authz.sai_tls_ssf ) {
- fprintf( stderr, " tls_ssf=%u",
+ ptr += sprintf( ptr, " tls_ssf=%u",
b->a_authz.sai_tls_ssf );
}
if ( b->a_authz.sai_sasl_ssf ) {
- fprintf( stderr, " sasl_ssf=%u",
+ ptr += sprintf( ptr, " sasl_ssf=%u",
b->a_authz.sai_sasl_ssf );
}
- fprintf( stderr, " %s%s",
- b->a_dn_self ? "self" : "",
- accessmask2str( b->a_access_mask, maskbuf ) );
+ *ptr++ = ' ';
+ if ( b->a_dn_self ) ptr = lutil_strcopy( ptr, "self" );
+ ptr = lutil_strcopy( ptr, accessmask2str( b->a_access_mask, maskbuf, 0 ));
+ if ( !maskbuf[0] ) ptr--;
if( b->a_type == ACL_BREAK ) {
- fprintf( stderr, " break" );
+ ptr = lutil_strcopy( ptr, " break" );
} else if( b->a_type == ACL_CONTINUE ) {
- fprintf( stderr, " continue" );
+ ptr = lutil_strcopy( ptr, " continue" );
} else if( b->a_type != ACL_STOP ) {
- fprintf( stderr, " unknown-control" );
+ ptr = lutil_strcopy( ptr, " unknown-control" );
+ } else {
+ if ( !maskbuf[0] ) ptr = lutil_strcopy( ptr, " stop" );
}
+ *ptr++ = '\n';
- fprintf( stderr, "\n" );
+ return ptr;
}
-
-static void
-print_acl( Backend *be, AccessControl *a )
+void
+acl_unparse( AccessControl *a, struct berval *bv )
{
+ Access *b;
+ char *ptr;
int to = 0;
- Access *b;
+ struct berval abv;
- fprintf( stderr, "%s ACL: access to",
- be == NULL ? "Global" : "Backend" );
+ bv->bv_val = aclbuf;
+ bv->bv_len = 0;
- if ( !BER_BVISEMPTY( &a->acl_dn_pat ) ) {
+ ptr = bv->bv_val;
+
+ ptr = lutil_strcopy( ptr, "access to" );
+ if ( !BER_BVISNULL( &a->acl_dn_pat ) ) {
to++;
- fprintf( stderr, " dn.%s=\"%s\"\n",
- style_strings[a->acl_dn_style], a->acl_dn_pat.bv_val );
+ ptr = lutil_strcopy( ptr, " dn." );
+ ptr = lutil_strcopy( ptr, style_strings[a->acl_dn_style] );
+ *ptr++ = '=';
+ *ptr++ = '"';
+ ptr = lutil_strcopy( ptr, a->acl_dn_pat.bv_val );
+ ptr = lutil_strcopy( ptr, "\"\n" );
}
if ( a->acl_filter != NULL ) {
to++;
filter2bv( a->acl_filter, &bv );
- fprintf( stderr, " filter=%s\n", bv.bv_val );
+ ptr = lutil_strcopy( ptr, " filter=\"" );
+ ptr = lutil_strcopy( ptr, bv.bv_val );
+ *ptr++ = '"';
+ *ptr++ = '\n';
ch_free( bv.bv_val );
}
AttributeName *an;
to++;
- fprintf( stderr, " attrs=" );
+ ptr = lutil_strcopy( ptr, " attrs=" );
for ( an = a->acl_attrs; an && !BER_BVISNULL( &an->an_name ); an++ ) {
- if ( ! first ) fprintf( stderr, "," );
+ if ( ! first ) *ptr++ = ',';
if (an->an_oc) {
- fputc( an->an_oc_exclude ? '!' : '@', stderr);
- fputs( an->an_oc->soc_cname.bv_val, stderr );
+ *ptr++ = an->an_oc_exclude ? '!' : '@';
+ ptr = lutil_strcopy( ptr, an->an_oc->soc_cname.bv_val );
} else {
- fputs( an->an_name.bv_val, stderr );
+ ptr = lutil_strcopy( ptr, an->an_name.bv_val );
}
first = 0;
}
- fprintf( stderr, "\n" );
+ *ptr++ = '\n';
}
if ( !BER_BVISEMPTY( &a->acl_attrval ) ) {
to++;
- fprintf( stderr, " val.%s=\"%s\"\n",
- style_strings[a->acl_attrval_style], a->acl_attrval.bv_val );
-
+ ptr = lutil_strcopy( ptr, " val." );
+ ptr = lutil_strcopy( ptr, style_strings[a->acl_attrval_style] );
+ *ptr++ = '=';
+ *ptr++ = '"';
+ ptr = lutil_strcopy( ptr, a->acl_attrval.bv_val );
+ *ptr++ = '"';
+ *ptr++ = '\n';
}
- if( !to ) fprintf( stderr, " *\n" );
+ if( !to ) {
+ ptr = lutil_strcopy( ptr, " *\n" );
+ }
for ( b = a->acl_access; b != NULL; b = b->a_next ) {
- print_access( b );
+ ptr = access2text( b, ptr );
}
+ *ptr = '\0';
+ bv->bv_len = ptr - bv->bv_val;
+}
+
+#ifdef LDAP_DEBUG
+
+static void
+print_acl( Backend *be, AccessControl *a )
+{
+ int to = 0;
+ Access *b;
+ struct berval bv;
- fprintf( stderr, "\n" );
+ acl_unparse( a, &bv );
+ fprintf( stderr, "%s ACL: %s\n",
+ be == NULL ? "Global" : "Backend", bv.bv_val );
}
#endif /* LDAP_DEBUG */
char *global_realm = NULL;
char *ldap_srvtab = "";
char **default_passwd_hash = NULL;
+char *passwd_salt;
+char *logfileName;
struct berval default_search_base = BER_BVNULL;
struct berval default_search_nbase = BER_BVNULL;
"( OLcfgAt:6 NAME 'olcAuthRewrite' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString )", NULL, NULL },
- { "authz-policy", "policy", 2, 2, 0, ARG_MAGIC|CFG_AZPOLICY,
+ { "authz-policy", "policy", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_AZPOLICY,
&config_generic, "( OLcfgAt:7 NAME 'olcAuthzPolicy' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString )", NULL, NULL },
{ "localSSF", "ssf", 2, 2, 0, ARG_LONG,
&local_ssf, "( OLcfgAt:26 NAME 'olcLocalSSF' "
"SYNTAX OMsInteger )", NULL, NULL },
- { "logfile", "file", 2, 2, 0, ARG_MAGIC|CFG_LOGFILE,
+ { "logfile", "file", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_LOGFILE,
&config_generic, "( OLcfgAt:27 NAME 'olcLogFile' "
"SYNTAX OMsDirectoryString )", NULL, NULL },
{ "loglevel", "level", 2, 0, 0, ARG_MAGIC,
{ "overlay", "overlay", 2, 2, 0, ARG_MAGIC,
&config_overlay, "( OLcfgAt:34 NAME 'olcOverlay' "
"SUP olcDatabase )", NULL, NULL },
- { "password-crypt-salt-format", "salt", 2, 2, 0, ARG_MAGIC|CFG_SALT,
+ { "password-crypt-salt-format", "salt", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_SALT,
&config_generic, "( OLcfgAt:35 NAME 'olcPasswordCryptSaltFormat' "
"SYNTAX OMsDirectoryString )", NULL, NULL },
{ "password-hash", "hash", 2, 2, 0, ARG_MAGIC,
c->value_int = ldap_pvt_thread_get_concurrency();
break;
case CFG_THREADS:
- c->value_int = connection_pool_max; break;
+ c->value_int = connection_pool_max;
+ break;
+ case CFG_SALT:
+ if ( passwd_salt )
+ c->value_string = passwd_salt;
+ else
+ rc = 1;
+ break;
+ case CFG_LIMITS:
+ rc = 1;
break;
case CFG_RO:
c->value_int = (c->be->be_restrictops & SLAP_RESTRICT_OP_WRITES) != 0;
break;
+ case CFG_AZPOLICY:
+ c->value_string = (char *)slap_sasl_getpolicy();
+ break;
+ case CFG_AZREGEXP:
+ rc = 1;
+ break;
+#ifdef HAVE_CYRUS_SASL
+ case CFG_SASLSECP:
+ rc = 1;
+ break;
+#endif
case CFG_DEPTH:
c->value_int = c->be->be_max_deref_depth;
break;
+ case CFG_OID:
+ rc = 1;
+ break;
case CFG_CHECK:
c->value_int = global_schemacheck;
break;
+ case CFG_ACL: {
+ AccessControl *a;
+ char *src, *dst, ibuf[11];
+ struct berval bv, abv;
+ for (i=0, a=c->be->be_acl; a; i++,a=a->acl_next) {
+ abv.bv_len = sprintf( ibuf, "{%x}", i );
+ acl_unparse( a, &bv );
+ abv.bv_val = ch_malloc( abv.bv_len + bv.bv_len + 1 );
+ AC_MEMCPY( abv.bv_val, ibuf, abv.bv_len );
+ /* Turn TAB / EOL into plain space */
+ for (src=bv.bv_val,dst=abv.bv_val+abv.bv_len; *src; src++) {
+ if (isspace(*src)) *dst++ = ' ';
+ else *dst++ = *src;
+ }
+ *dst = '\0';
+ if (dst[-1] == ' ') {
+ dst--;
+ *dst = '\0';
+ }
+ abv.bv_len = dst - abv.bv_val;
+ ber_bvarray_add( &c->rvalue_vals, &abv );
+ }
+ rc = (!i);
+ break;
+ }
case CFG_REPLOG:
c->value_string = c->be->be_replogfile;
break;
}
}
break;
+ case CFG_LOGFILE:
+ if ( logfileName )
+ c->value_string = logfileName;
+ else
+ rc = 1;
+ break;
case CFG_LASTMOD:
c->value_int = (SLAP_NOLASTMOD(c->be) == 0);
break;
case CFG_SSTR_IF_MIN:
c->value_int = index_substr_if_minlen;
break;
+#ifdef SLAPD_MODULES
+ case CFG_MODLOAD:
+ case CFG_MODPATH:
+ rc = 1;
+ break;
+#endif
+#ifdef LDAP_SLAPI
+ case CFG_PLUGIN:
+ rc = 1;
+ break;
+#endif
+#ifdef SLAP_AUTH_REWRITE
+ case CFG_REWRITE:
+ rc = 1;
+ break;
+#endif
default:
rc = 1;
}
break;
case CFG_SALT:
- lutil_salt_format(c->argv[1]);
+ if ( passwd_salt ) ch_free( passwd_salt );
+ passwd_salt = c->value_string;
+ lutil_salt_format(passwd_salt);
break;
case CFG_LIMITS:
break;
case CFG_AZPOLICY:
+ ch_free(c->value_string);
if (slap_sasl_setpolicy( c->argv[1] )) {
Debug(LDAP_DEBUG_ANY, "%s: unable to parse value \"%s\" in"
" \"authz-policy <policy>\"\n",
break;
case CFG_LOGFILE: {
- FILE *logfile = fopen(c->argv[1], "w");
+ if ( logfileName ) ch_free( logfileName );
+ logfileName = c->value_string;
+ FILE *logfile = fopen(logfileName, "w");
if(logfile) lutil_debug_file(logfile);
break;
}
LDAP_SLAPD_F (slap_access_t) str2access LDAP_P(( const char *str ));
#define ACCESSMASK_MAXLEN sizeof("unknown (+wrscan)")
-LDAP_SLAPD_F (char *) accessmask2str LDAP_P(( slap_mask_t mask, char* ));
+LDAP_SLAPD_F (char *) accessmask2str LDAP_P(( slap_mask_t mask, char*, int debug ));
LDAP_SLAPD_F (slap_mask_t) str2accessmask LDAP_P(( const char *str ));
+LDAP_SLAPD_F (void) acl_unparse LDAP_P(( AccessControl*, struct berval* ));
LDAP_SLAPD_F (void) acl_destroy LDAP_P(( AccessControl*, AccessControl* ));
LDAP_SLAPD_F (void) acl_free LDAP_P(( AccessControl *a ));
LDAP_SLAPD_F (int) slap_sasl_regexp_config LDAP_P((
const char *match, const char *replace ));
LDAP_SLAPD_F (int) slap_sasl_setpolicy LDAP_P(( const char * ));
+LDAP_SLAPD_F (const char *) slap_sasl_getpolicy LDAP_P(( void ));
#ifdef SLAP_AUTH_REWRITE
LDAP_SLAPD_F (int) slap_sasl_rewrite_config LDAP_P((
const char *fname,
#define SASL_AUTHZ_TO 0x02
#define SASL_AUTHZ_AND 0x10
+static const char *policy_txt[] = {
+ "none", "from", "to", "any"
+};
+
static int authz_policy = SASL_AUTHZ_NONE;
static
return rc;
}
+const char * slap_sasl_getpolicy()
+{
+ if ( authz_policy == (SASL_AUTHZ_FROM | SASL_AUTHZ_TO | SASL_AUTHZ_AND) )
+ return "all";
+ else
+ return policy_txt[authz_policy];
+}
+
int slap_parse_user( struct berval *id, struct berval *user,
struct berval *realm, struct berval *mech )
{
/*
* "dynamic" ACL infrastructure (for ACIs and more)
*/
-typedef int (*slap_dynacl_parse)( const char *fname, int lineno, slap_style_t, const char *, void **privp );
-typedef int (*slap_dynacl_print)( void *priv );
-typedef int (*slap_dynacl_mask)(
+typedef int (slap_dynacl_parse)( const char *fname, int lineno, slap_style_t, const char *, void **privp );
+typedef int (slap_dynacl_unparse)( void *priv, struct berval *bv );
+typedef int (slap_dynacl_mask)(
void *priv,
struct slap_op *op,
Entry *e,
regmatch_t *matches,
slap_access_t *grant,
slap_access_t *deny );
-typedef int (*slap_dynacl_destroy)( void *priv );
+typedef int (slap_dynacl_destroy)( void *priv );
typedef struct slap_dynacl_t {
char *da_name;
- slap_dynacl_parse da_parse;
- slap_dynacl_print da_print;
- slap_dynacl_mask da_mask;
- slap_dynacl_destroy da_destroy;
+ slap_dynacl_parse *da_parse;
+ slap_dynacl_unparse *da_unparse;
+ slap_dynacl_mask *da_mask;
+ slap_dynacl_destroy *da_destroy;
void *da_private;
struct slap_dynacl_t *da_next;
desc->ad_cname.bv_val,
val.bv_val ? "=" : "",
val.bv_val ? val.bv_val : "",
- accessmask2str( mask, accessmaskbuf ) );
+ accessmask2str( mask, accessmaskbuf, 1 ) );
}
rc = 0;
attr = NULL;
projects / openldap / commitdiff