From d868fcdda4f6644b0c4dffea3f3e29e3ad764d00 Mon Sep 17 00:00:00 2001 From: Quanah Gibson-Mount Date: Wed, 3 Sep 2008 02:46:09 +0000 Subject: [PATCH] ITS#5637 don't copy strings if not necessary fix log message --- CHANGES | 1 + servers/slapd/acl.c | 20 +++++++++++--------- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index 58559af152..b842d0e107 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,7 @@ OpenLDAP 2.4.12 Engineering Fixed liblutil executables on Windows (ITS#5604) Fixed slapd aci performance (ITS#5636) Fixed slapd custom attribute inheritance (ITS#5642) + Fixed slapd dynacl mask handling (ITS#5637) Fixed slapd firstComponentMatch normalization (ITS#5634) Fixed slapd overlay control registration (ITS#5649) Fixed slapd socket closing on Windows (ITS#5606) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 2d959190cc..5913ea9907 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -63,7 +63,8 @@ static slap_control_t slap_acl_mask( int nmatch, regmatch_t *matches, int count, - AccessControlState *state ); + AccessControlState *state, + slap_access_t access ); static int regex_matches( struct berval *pat, char *str, char *buf, @@ -246,7 +247,7 @@ slap_access_allowed( } control = slap_acl_mask( a, &mask, op, - e, desc, val, MAXREMATCHES, matches, count, state ); + e, desc, val, MAXREMATCHES, matches, count, state, access ); if ( control != ACL_BREAK ) { break; @@ -1053,7 +1054,8 @@ slap_acl_mask( int nmatch, regmatch_t *matches, int count, - AccessControlState *state ) + AccessControlState *state, + slap_access_t access ) { int i; Access *b; @@ -1061,7 +1063,7 @@ slap_acl_mask( char accessmaskbuf[ACCESSMASK_MAXLEN]; #endif /* DEBUG */ const char *attr; - slap_mask_t a2pmask = ACL_ACCESS2PRIV( *mask ); + slap_mask_t a2pmask = ACL_ACCESS2PRIV( access ); assert( a != NULL ); assert( mask != NULL ); @@ -1790,8 +1792,6 @@ slap_acl_mask( *mask = modmask; } - a2pmask = *mask; - Debug( LDAP_DEBUG_ACL, "<= acl_mask: [%d] mask: %s\n", i, accessmask2str(*mask, accessmaskbuf, 1), 0 ); @@ -2114,7 +2114,7 @@ acl_set_gather( SetCookie *cookie, struct berval *name, AttributeDescription *de if ( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, "%s acl_set_gather: DN=\"%s\" normalize failed\n", - cp->asc_op->o_log_prefix, op2.o_req_dn.bv_val, 0 ); + cp->asc_op->o_log_prefix, ludp->lud_dn, 0 ); goto url_done; } @@ -2275,7 +2275,7 @@ acl_match_set ( AclSetCookie cookie; if ( default_set_attribute == NULL ) { - ber_dupbv_x( &set, subj, op->o_tmpmemctx ); + set = *subj; } else { struct berval subjdn, ndn = BER_BVNULL; @@ -2324,7 +2324,9 @@ acl_match_set ( acl_set_gather, (SetCookie *)&cookie, &set, &op->o_ndn, &e->e_nname, NULL ) > 0 ); - slap_sl_free( set.bv_val, op->o_tmpmemctx ); + if ( set.bv_val != subj->bv_val ) { + slap_sl_free( set.bv_val, op->o_tmpmemctx ); + } } return(rc); -- 2.39.5