From: Pierangelo Masarati Date: Tue, 12 Apr 2005 22:13:42 +0000 (+0000) Subject: fix slapacl when doing cross-database access checking X-Git-Tag: OPENLDAP_AC_BP~910 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=2430af4e8bbfb5e852321efc09bcdaf816f60286;p=openldap fix slapacl when doing cross-database access checking --- diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 60bbfa0dc7..268306ebfe 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -427,8 +427,9 @@ access_allowed_mask( } if ( op->o_bd == NULL ) { - op->o_bd = LDAP_STAILQ_FIRST(&backendDB); + op->o_bd = LDAP_STAILQ_FIRST( &backendDB ); be_null = 1; + #ifdef LDAP_DEVEL /* * FIXME: experimental; use first backend rules @@ -436,7 +437,7 @@ access_allowed_mask( if ( frontendDB->be_acl != NULL ) { op->o_bd = frontendDB; } -#endif +#endif /* LDAP_DEVEL */ } assert( op->o_bd != NULL ); diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c index 7d967db27a..5b516c1737 100644 --- a/servers/slapd/slapacl.c +++ b/servers/slapd/slapacl.c @@ -45,7 +45,6 @@ print_access( int rc; slap_mask_t mask; char accessmaskbuf[ACCESSMASK_MAXLEN]; - slap_access_t access = ACL_AUTH; rc = access_allowed_mask( op, e, desc, nval, ACL_AUTH, NULL, &mask ); @@ -71,9 +70,25 @@ slapacl( int argc, char **argv ) Entry e = { 0 }, *ep = &e; char *attr = NULL; int doclose = 0; + BackendDB *bd; slap_tool_init( progname, SLAPACL, argc, argv ); + if ( !dryrun ) { + int i = 0; + + LDAP_STAILQ_FOREACH( bd, &backendDB, be_next ) { + if ( bd != be && backend_startup( bd ) ) { + fprintf( stderr, "backend_startup(#%d%s%s) failed\n", + i, + bd->be_suffix ? ": " : "", + bd->be_suffix ? bd->be_suffix[0].bv_val : "" ); + rc = 1; + goto destroy; + } + } + } + argv = &argv[ optind ]; argc -= optind; @@ -339,6 +354,12 @@ destroy:; if ( doclose ) { be->be_entry_close( be ); } + + LDAP_STAILQ_FOREACH( bd, &backendDB, be_next ) { + if ( bd != be ) { + backend_shutdown( bd ); + } + } } slap_tool_destroy();