mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
Add "allow update_anon"
Fix -USLAP_X_LISTENER_MOD builds
This commit is contained in:
parent
15c5943edd
commit
36569048ff
@ -910,7 +910,9 @@ backend_check_restrictions(
|
||||
return LDAP_CONFIDENTIALITY_REQUIRED;
|
||||
}
|
||||
|
||||
if( op->o_ndn.bv_len == 0 ) {
|
||||
if( !( global_allows & SLAP_ALLOW_UPDATE_ANON ) &&
|
||||
op->o_ndn.bv_len == 0 )
|
||||
{
|
||||
*text = "modifications require authentication";
|
||||
return LDAP_STRONG_AUTH_REQUIRED;
|
||||
}
|
||||
|
@ -1257,15 +1257,17 @@ read_config( const char *fname, int depth )
|
||||
} else if( strcasecmp( cargv[i], "bind_anon_dn" ) == 0 ) {
|
||||
allows |= SLAP_ALLOW_BIND_ANON_DN;
|
||||
|
||||
} else if( strcasecmp( cargv[i], "update_anon" ) == 0 ) {
|
||||
allows |= SLAP_ALLOW_UPDATE_ANON;
|
||||
|
||||
} else if( strcasecmp( cargv[i], "none" ) != 0 ) {
|
||||
#ifdef NEW_LOGGING
|
||||
LDAP_LOG( CONFIG, CRIT,
|
||||
"%s: line %d: unknown feature %s in "
|
||||
"\"allow <features>\" line.\n",
|
||||
LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
|
||||
"unknown feature %s in \"allow <features>\" line.\n",
|
||||
fname, lineno, cargv[1] );
|
||||
#else
|
||||
Debug( LDAP_DEBUG_ANY,
|
||||
"%s: line %d: unknown feature %s in \"allow <features>\" line\n",
|
||||
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
|
||||
"unknown feature %s in \"allow <features>\" line\n",
|
||||
fname, lineno, cargv[i] );
|
||||
#endif
|
||||
|
||||
|
@ -672,13 +672,16 @@ static int slap_open_listener(
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(LDAP_PF_LOCAL) || defined(SLAP_X_LISTENER_MOD)
|
||||
#ifdef LDAP_PF_LOCAL
|
||||
#ifdef SLAP_X_LISTENER_MOD
|
||||
if ( lud->lud_exts ) {
|
||||
err = get_url_perms( lud->lud_exts, &l.sl_perms, &crit );
|
||||
} else {
|
||||
} else
|
||||
#endif /* SLAP_X_LISTENER_MOD */
|
||||
{
|
||||
l.sl_perms = S_IRWXU;
|
||||
}
|
||||
#endif /* LDAP_PF_LOCAL || SLAP_X_LISTENER_MOD */
|
||||
#endif /* LDAP_PF_LOCAL */
|
||||
|
||||
ldap_free_urldesc( lud );
|
||||
if ( err ) {
|
||||
|
@ -1261,7 +1261,9 @@ struct slap_backend_db {
|
||||
|
||||
#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
|
||||
#define SLAP_ALLOW_BIND_ANON_CRED 0x0002U /* cred should be empty */
|
||||
#define SLAP_ALLOW_BIND_ANON_DN 0x0003U /* dn should be empty */
|
||||
#define SLAP_ALLOW_BIND_ANON_DN 0x0004U /* dn should be empty */
|
||||
|
||||
#define SLAP_ALLOW_UPDATE_ANON 0x0008U /* allow anonymous updates */
|
||||
|
||||
#define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */
|
||||
#define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */
|
||||
@ -1767,9 +1769,7 @@ typedef struct slap_conn {
|
||||
struct slap_listener {
|
||||
struct berval sl_url;
|
||||
struct berval sl_name;
|
||||
#ifdef SLAP_X_LISTENER_MOD
|
||||
mode_t sl_perms;
|
||||
#endif /* SLAP_X_LISTENER_MOD */
|
||||
#ifdef HAVE_TLS
|
||||
int sl_is_tls;
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user