From: Pierangelo Masarati Date: Wed, 12 May 2004 23:29:42 +0000 (+0000) Subject: fix ITS#3140 X-Git-Tag: OPENDLAP_REL_ENG_2_2_MP~388 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=f109f1eb6d5bb7c0c1dc46dffccd6e93c2c604ab;p=openldap fix ITS#3140 --- diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 23abde734f..4f75c60df4 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -72,7 +72,8 @@ static struct berval aci_bv_group_class = BER_BVC(SLAPD_GROUP_CLASS), aci_bv_group_attr = BER_BVC(SLAPD_GROUP_ATTR), aci_bv_role_class = BER_BVC(SLAPD_ROLE_CLASS), - aci_bv_role_attr = BER_BVC(SLAPD_ROLE_ATTR); + aci_bv_role_attr = BER_BVC(SLAPD_ROLE_ATTR), + aci_bv_set_attr = BER_BVC(SLAPD_ACI_SET_ATTR); static AccessControl * acl_get( @@ -1745,8 +1746,7 @@ aci_get_part( char *p; if (bv) { - bv->bv_len = 0; - bv->bv_val = NULL; + BER_BVZERO( bv ); } len = list->bv_len; p = list->bv_val; @@ -1805,63 +1805,62 @@ aci_match_set ( int setref ) { - struct berval set = BER_BVNULL; - int rc = 0; - AciSetCookie cookie; + struct berval set = BER_BVNULL; + int rc = 0; + AciSetCookie cookie; + Operation op2 = *op; + + op2.o_conn = NULL; if (setref == 0) { - ber_dupbv_x( &set, subj, op->o_tmpmemctx ); + ber_dupbv_x( &set, subj, op2.o_tmpmemctx ); } else { - struct berval subjdn, ndn = BER_BVNULL; - struct berval setat; - BerVarray bvals; - const char *text; - AttributeDescription *desc = NULL; + struct berval subjdn, ndn = BER_BVNULL; + struct berval setat; + BerVarray bvals; + const char *text; + AttributeDescription *desc = NULL; /* format of string is "entry/setAttrName" */ - if (aci_get_part(subj, 0, '/', &subjdn) < 0) { + if ( aci_get_part( subj, 0, '/', &subjdn ) < 0 ) { return(0); } - if ( aci_get_part(subj, 1, '/', &setat) < 0 ) { - setat.bv_val = SLAPD_ACI_SET_ATTR; - setat.bv_len = sizeof(SLAPD_ACI_SET_ATTR)-1; + if ( aci_get_part( subj, 1, '/', &setat ) < 0 ) { + setat = aci_bv_set_attr; } - if ( setat.bv_val != NULL ) { - /* - * NOTE: dnNormalize honors the ber_len field - * as the length of the dn to be normalized - */ - if ( dnNormalize(0, NULL, NULL, &subjdn, &ndn, op->o_tmpmemctx) == LDAP_SUCCESS - && slap_bv2ad(&setat, &desc, &text) == LDAP_SUCCESS ) + /* + * NOTE: dnNormalize honors the ber_len field + * as the length of the dn to be normalized + */ + if ( slap_bv2ad( &setat, &desc, &text ) == LDAP_SUCCESS ) { + if ( dnNormalize( 0, NULL, NULL, &subjdn, &ndn, op2.o_tmpmemctx ) == LDAP_SUCCESS ) { - backend_attribute(op, e, - &ndn, desc, &bvals); - if ( bvals != NULL ) { - if ( bvals[0].bv_val != NULL ) { - int i; - set = bvals[0]; - bvals[0].bv_val = NULL; - for (i=1;bvals[i].bv_val;i++); - bvals[0].bv_val = bvals[i-1].bv_val; - bvals[i-1].bv_val = NULL; - } - ber_bvarray_free_x(bvals, op->o_tmpmemctx); + backend_attribute( &op2, e, &ndn, desc, &bvals ); + if ( bvals != NULL && !BER_BVISNULL( &bvals[0] ) ) { + int i; + + set = bvals[0]; + BER_BVZERO( &bvals[0] ); + for ( i = 1; !BER_BVISNULL( &bvals[i] ); i++ ); + bvals[0].bv_val = bvals[i-1].bv_val; + BER_BVZERO( &bvals[i-1] ); } + ber_bvarray_free_x( bvals, op2.o_tmpmemctx ); + slap_sl_free( ndn.bv_val, op2.o_tmpmemctx ); } - if (ndn.bv_val) - free(ndn.bv_val); } } - if (set.bv_val != NULL) { - cookie.op = op; + if ( !BER_BVISNULL( &set ) ) { + cookie.op = &op2; cookie.e = e; - rc = (slap_set_filter(aci_set_gather, (SetCookie *)&cookie, &set, - &op->o_ndn, &e->e_nname, NULL) > 0); - slap_sl_free(set.bv_val, op->o_tmpmemctx); + rc = ( slap_set_filter( aci_set_gather, (SetCookie *)&cookie, &set, + &op2.o_ndn, &e->e_nname, NULL ) > 0 ); + slap_sl_free( set.bv_val, op2.o_tmpmemctx ); } + return(rc); } diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index efec82f904..b554fe0f2a 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -143,7 +143,7 @@ check_scope( BackendDB *be, AccessControl *a ) dn = be->be_nsuffix[ 0 ]; - if ( a->acl_dn_pat.bv_len || ( a->acl_dn_style != ACL_STYLE_REGEX ) ) { + if ( a->acl_dn_pat.bv_len || a->acl_dn_style != ACL_STYLE_REGEX ) { slap_style_t style = a->acl_dn_style; if ( style == ACL_STYLE_REGEX ) {