Add "allow update_anon"

Fix -USLAP_X_LISTENER_MOD builds
This commit is contained in:
Kurt Zeilenga 2002-10-25 18:47:24 +00:00
parent 15c5943edd
commit 36569048ff
4 changed files with 22 additions and 15 deletions

View File

@ -910,7 +910,9 @@ backend_check_restrictions(
return LDAP_CONFIDENTIALITY_REQUIRED;
}
if( op->o_ndn.bv_len == 0 ) {
if( !( global_allows & SLAP_ALLOW_UPDATE_ANON ) &&
op->o_ndn.bv_len == 0 )
{
*text = "modifications require authentication";
return LDAP_STRONG_AUTH_REQUIRED;
}

View File

@ -1257,16 +1257,18 @@ read_config( const char *fname, int depth )
} else if( strcasecmp( cargv[i], "bind_anon_dn" ) == 0 ) {
allows |= SLAP_ALLOW_BIND_ANON_DN;
} else if( strcasecmp( cargv[i], "update_anon" ) == 0 ) {
allows |= SLAP_ALLOW_UPDATE_ANON;
} else if( strcasecmp( cargv[i], "none" ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT,
"%s: line %d: unknown feature %s in "
"\"allow <features>\" line.\n",
fname, lineno, cargv[1] );
LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
"unknown feature %s in \"allow <features>\" line.\n",
fname, lineno, cargv[1] );
#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: unknown feature %s in \"allow <features>\" line\n",
fname, lineno, cargv[i] );
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"unknown feature %s in \"allow <features>\" line\n",
fname, lineno, cargv[i] );
#endif
return( 1 );

View File

@ -672,13 +672,16 @@ static int slap_open_listener(
}
}
#if defined(LDAP_PF_LOCAL) || defined(SLAP_X_LISTENER_MOD)
#ifdef LDAP_PF_LOCAL
#ifdef SLAP_X_LISTENER_MOD
if ( lud->lud_exts ) {
err = get_url_perms( lud->lud_exts, &l.sl_perms, &crit );
} else {
} else
#endif /* SLAP_X_LISTENER_MOD */
{
l.sl_perms = S_IRWXU;
}
#endif /* LDAP_PF_LOCAL || SLAP_X_LISTENER_MOD */
#endif /* LDAP_PF_LOCAL */
ldap_free_urldesc( lud );
if ( err ) {

View File

@ -1261,7 +1261,9 @@ struct slap_backend_db {
#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
#define SLAP_ALLOW_BIND_ANON_CRED 0x0002U /* cred should be empty */
#define SLAP_ALLOW_BIND_ANON_DN 0x0003U /* dn should be empty */
#define SLAP_ALLOW_BIND_ANON_DN 0x0004U /* dn should be empty */
#define SLAP_ALLOW_UPDATE_ANON 0x0008U /* allow anonymous updates */
#define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */
#define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */
@ -1767,9 +1769,7 @@ typedef struct slap_conn {
struct slap_listener {
struct berval sl_url;
struct berval sl_name;
#ifdef SLAP_X_LISTENER_MOD
mode_t sl_perms;
#endif /* SLAP_X_LISTENER_MOD */
mode_t sl_perms;
#ifdef HAVE_TLS
int sl_is_tls;
#endif