mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-24 13:24:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

condition compilation of DISCLOSE checking (there's more to do)

Browse Source
This commit is contained in:
Pierangelo Masarati 2005-01-14 12:01:03 +00:00
parent 4644584a75
commit 0079b3ce45
2 changed files with 19 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
servers/slapd/back-sql/compare.c
View File

@ -67,7 +67,9 @@ backsql_compare( Operation *op, SlapReply *rs )
anlistp = anlist; anlistp = anlist;
} }
/*
* FIXME: deal with matchedDN/referral?
*/
rc = backsql_init_search( &bsi, &op->o_req_ndn, rc = backsql_init_search( &bsi, &op->o_req_ndn,
LDAP_SCOPE_BASE, LDAP_SCOPE_BASE,
SLAP_NO_LIMIT, SLAP_NO_LIMIT, SLAP_NO_LIMIT, SLAP_NO_LIMIT,
@ -79,19 +81,6 @@ backsql_compare( Operation *op, SlapReply *rs )
0, 0, 0 ); 0, 0, 0 );
rs->sr_err = LDAP_NO_SUCH_OBJECT; rs->sr_err = LDAP_NO_SUCH_OBJECT;
goto return_results; goto return_results;
} else {
Entry e = { 0 };
e.e_name = bsi.bsi_base_id.eid_dn;
e.e_nname = bsi.bsi_base_id.eid_ndn;
/* FIXME: need the whole entry (ITS#3480) */
if ( ! access_allowed( op, &e, slap_schema.si_ad_entry, NULL,
ACL_DISCLOSE, NULL ) ) {
rs->sr_err = LDAP_NO_SUCH_OBJECT;
goto return_results;
}
} }
if ( is_at_operational( op->oq_compare.rs_ava->aa_desc->ad_type ) ) { if ( is_at_operational( op->oq_compare.rs_ava->aa_desc->ad_type ) ) {
@ -126,11 +115,18 @@ backsql_compare( Operation *op, SlapReply *rs )
} }
e = &user_entry; e = &user_entry;
/* FIXME: need the whole entry (ITS#3480) */
if ( ! access_allowed( op, e, op->oq_compare.rs_ava->aa_desc, if ( ! access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
&op->oq_compare.rs_ava->aa_value, &op->oq_compare.rs_ava->aa_value,
ACL_COMPARE, NULL ) ) { ACL_COMPARE, NULL ) ) {
rs->sr_err = LDAP_INSUFFICIENT_ACCESS; #ifdef SLAP_ACL_HONOR_DISCLOSE
if ( ! access_allowed( op, &e, slap_schema.si_ad_entry, NULL,
ACL_DISCLOSE, NULL ) ) {
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else
#endif /* SLAP_ACL_HONOR_DISCLOSE */
{
rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
}
goto return_results; goto return_results;
} }

8
servers/slapd/back-sql/search.c
View File

@ -277,9 +277,15 @@ backsql_init_search(
bsi->bsi_status = rc; bsi->bsi_status = rc;
if ( rc != LDAP_SUCCESS ) { switch ( rc ) {
case LDAP_SUCCESS:
case LDAP_REFERRAL:
break;
default:
bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
bsi->bsi_op->o_tmpmemctx ); bsi->bsi_op->o_tmpmemctx );
break;
} }
return rc; return rc;