From: Kurt Zeilenga Date: Fri, 13 Dec 2002 00:18:54 +0000 (+0000) Subject: cleanup X-Git-Tag: NO_SLAP_OP_BLOCKS~683 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=7be4d566d7ee36d0c06acc6023518f7e4221ba8e;p=openldap cleanup --- diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 02ee9f7ed1..70c6127d78 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -1562,8 +1562,7 @@ int slap_sasl_getdn( Connection *conn, char *id, int len, is_dn = SET_DN; ber_str2bv( id, len, 1, dn ); - } else - { + } else { /* convert to u: form */ is_dn = SET_U; dn->bv_val = id; diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index 2bf375c5b3..aa01dca507 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -51,16 +51,17 @@ int slap_sasl_setpolicy( const char *arg ) { int rc = LDAP_SUCCESS; - if ( strcasecmp( arg, "none" ) == 0 ) + if ( strcasecmp( arg, "none" ) == 0 ) { authz_policy = SASL_AUTHZ_NONE; - else if ( strcasecmp( arg, "from" ) == 0 ) + } else if ( strcasecmp( arg, "from" ) == 0 ) { authz_policy = SASL_AUTHZ_FROM; - else if ( strcasecmp( arg, "to" ) == 0 ) + } else if ( strcasecmp( arg, "to" ) == 0 ) { authz_policy = SASL_AUTHZ_TO; - else if ( strcasecmp( arg, "both" ) == 0 ) + } else if ( strcasecmp( arg, "both" ) == 0 ) { authz_policy = SASL_AUTHZ_FROM | SASL_AUTHZ_TO; - else + } else { rc = LDAP_OTHER; + } return rc; } @@ -292,8 +293,9 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out ) saslname, 0, 0 ); #endif - if (( saslname == NULL ) || ( nSaslRegexp == 0 )) + if (( saslname == NULL ) || ( nSaslRegexp == 0 )) { return( 0 ); + } /* Match the normalized SASL name to the saslregexp patterns */ for( reg = SaslRegexp,i=0; i= nSaslRegexp ) - return( 0 ); + if( i >= nSaslRegexp ) return( 0 ); /* * The match pattern may have been of the form "a(b.*)c(d.*)e" and the @@ -379,9 +380,9 @@ static int sasl_sc_smatch( BackendDB *be, Connection *conn, Operation *o, if (dn_match(sm->dn, &e->e_nname)) { sm->match = 1; return -1; /* short-circuit the search */ - } else { - return 1; } + + return 1; } /* @@ -411,12 +412,12 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert assertDN->bv_val, rule->bv_val,0 ); #else Debug( LDAP_DEBUG_TRACE, - "===>slap_sasl_match: comparing DN %s to rule %s\n", assertDN->bv_val, rule->bv_val, 0 ); + "===>slap_sasl_match: comparing DN %s to rule %s\n", + assertDN->bv_val, rule->bv_val, 0 ); #endif rc = slap_parseURI( rule, &searchbase, &scope, &filter ); - if( rc != LDAP_SUCCESS ) - goto CONCLUDED; + if( rc != LDAP_SUCCESS ) goto CONCLUDED; /* Massive shortcut: search scope == base */ if( scope == LDAP_SCOPE_BASE ) { @@ -426,10 +427,11 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert rc = regexec(®, assertDN->bv_val, 0, NULL, 0); regfree( ® ); } - if ( rc == 0 ) + if ( rc == 0 ) { rc = LDAP_SUCCESS; - else + } else { rc = LDAP_INAPPROPRIATE_AUTH; + } goto CONCLUDED; } @@ -468,14 +470,16 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert scope, /*deref=*/1, /*sizelimit=*/0, /*time=*/0, filter, /*fstr=*/NULL, /*attrs=*/NULL, /*attrsonly=*/0 ); - if (sm.match) + if (sm.match) { rc = LDAP_SUCCESS; - else + } else { rc = LDAP_INAPPROPRIATE_AUTH; + } CONCLUDED: if( searchbase.bv_len ) ch_free( searchbase.bv_val ); if( filter ) filter_free( filter ); + #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, "slap_sasl_match: comparison returned %d\n", rc, 0, 0 ); @@ -518,14 +522,12 @@ slap_sasl_check_authz( Connection *conn, rc = backend_attribute( NULL, NULL, conn->c_sasl_bindop, NULL, searchDN, ad, &vals ); - if( rc != LDAP_SUCCESS ) - goto COMPLETE; + if( rc != LDAP_SUCCESS ) goto COMPLETE; /* Check if the *assertDN matches any **vals */ for( i=0; vals[i].bv_val != NULL; i++ ) { rc = slap_sasl_match( conn, &vals[i], assertDN, authc ); - if ( rc == LDAP_SUCCESS ) - goto COMPLETE; + if ( rc == LDAP_SUCCESS ) goto COMPLETE; } rc = LDAP_INAPPROPRIATE_AUTH;