From ef3d895cb80a5b0830817ffaa5dc0a92edd93723 Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Thu, 11 Jul 2002 01:45:22 +0000
Subject: [PATCH] More ACL to dn="" bug fixing... and add test006-acl check

---
 servers/slapd/aclparse.c  | 12 +++++++++---
 tests/data/slapd-acl.conf |  3 +++
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c
index f53d273aa6..02703af470 100644
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -118,7 +118,9 @@ parse_acl(
 				}
 
 				if ( strcasecmp( argv[i], "*" ) == 0 ) {
-					if( a->acl_dn_pat.bv_len != 0 ) {
+					if( a->acl_dn_pat.bv_len ||
+						( a->acl_dn_style != ACL_STYLE_REGEX ) )
+					{
 						fprintf( stderr,
 							"%s: line %d: dn pattern"
 							" already specified in to clause.\n",
@@ -142,7 +144,9 @@ parse_acl(
 				}
 
 				if ( strcasecmp( left, "dn" ) == 0 ) {
-					if( a->acl_dn_pat.bv_len != 0 ) {
+					if( a->acl_dn_pat.bv_len != 0 ||
+						( a->acl_dn_style != ACL_STYLE_REGEX ) )
+					{
 						fprintf( stderr,
 							"%s: line %d: dn pattern"
 							" already specified in to clause.\n",
@@ -230,7 +234,9 @@ parse_acl(
 				a->acl_dn_pat.bv_len = 0;
 			}
 			
-			if( a->acl_dn_pat.bv_len != 0 ) {
+			if( a->acl_dn_pat.bv_len != 0 ||
+				( a->acl_dn_style != ACL_STYLE_REGEX ) )
+			{
 				if ( a->acl_dn_style != ACL_STYLE_REGEX ) {
 					struct berval bv;
 					rc = dnNormalize2( NULL, &a->acl_dn_pat, &bv);
diff --git a/tests/data/slapd-acl.conf b/tests/data/slapd-acl.conf
index d04ae6b4d2..81cfba6d76 100644
--- a/tests/data/slapd-acl.conf
+++ b/tests/data/slapd-acl.conf
@@ -34,6 +34,9 @@ rootpw		secret
 # cn=monitor, cn=schema, and cn=config
 #
 
+access to dn="" by * read
+access to dn.base="" by * read
+
 access		to attr=objectclass
 		by * =rsc stop
 
-- 
2.39.5