This commit is contained in:
Pierangelo Masarati 2001-12-29 10:30:23 +00:00
parent dd59babf43
commit 3930a390e0
5 changed files with 32 additions and 28 deletions

View File

@ -164,12 +164,12 @@ access_allowed(
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1, LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
"access_allowed: conn %d backend default %s access %s to \"%s\"\n", "access_allowed: conn %d backend default %s access %s to \"%s\"\n",
conn->c_connid, access2str( access ), conn->c_connid, access2str( access ),
be->be_dfltaccess >= access ? "granted" : "denied", op->o_dn )); be->be_dfltaccess >= access ? "granted" : "denied", op->o_dn.bv_val ));
#else #else
Debug( LDAP_DEBUG_ACL, Debug( LDAP_DEBUG_ACL,
"=> access_allowed: backend default %s access %s to \"%s\"\n", "=> access_allowed: backend default %s access %s to \"%s\"\n",
access2str( access ), access2str( access ),
be->be_dfltaccess >= access ? "granted" : "denied", op->o_dn ); be->be_dfltaccess >= access ? "granted" : "denied", op->o_dn.bv_val );
#endif #endif
return be->be_dfltaccess >= access; return be->be_dfltaccess >= access;
@ -181,12 +181,12 @@ access_allowed(
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1, LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
"access_allowed: conn %d global default %s access %s to \"%s\"\n", "access_allowed: conn %d global default %s access %s to \"%s\"\n",
conn->c_connid, access2str( access ), conn->c_connid, access2str( access ),
global_default_access >= access ? "granted" : "denied", op->o_dn )); global_default_access >= access ? "granted" : "denied", op->o_dn.bv_val ));
#else #else
Debug( LDAP_DEBUG_ACL, Debug( LDAP_DEBUG_ACL,
"=> access_allowed: global default %s access %s to \"%s\"\n", "=> access_allowed: global default %s access %s to \"%s\"\n",
access2str( access ), access2str( access ),
global_default_access >= access ? "granted" : "denied", op->o_dn ); global_default_access >= access ? "granted" : "denied", op->o_dn.bv_val );
#endif #endif
return global_default_access >= access; return global_default_access >= access;
#endif #endif
@ -477,7 +477,7 @@ acl_mask(
LDAP_LOG(( "acl", LDAP_LEVEL_ARGS, LDAP_LOG(( "acl", LDAP_LEVEL_ARGS,
" to %s by \"%s\", (%s) \n", " to %s by \"%s\", (%s) \n",
val ? "value" : "all values", val ? "value" : "all values",
op->o_ndn ? op->o_ndn : "", op->o_ndn.bv_val ? op->o_ndn.bv_val : "",
accessmask2str( *mask, accessmaskbuf ) )); accessmask2str( *mask, accessmaskbuf ) ));
#else #else
Debug( LDAP_DEBUG_ACL, Debug( LDAP_DEBUG_ACL,
@ -754,8 +754,8 @@ acl_mask(
if ( b->a_group_pat.bv_len && op->o_ndn.bv_len ) { if ( b->a_group_pat.bv_len && op->o_ndn.bv_len ) {
char buf[1024]; char buf[1024];
struct berval bv = {1024, buf }; struct berval bv = { sizeof(buf) - 1, buf };
struct berval ndn = {0, NULL }; struct berval ndn = { 0, NULL };
int rc; int rc;
/* b->a_group is an unexpanded entry name, expanded it should be an /* b->a_group is an unexpanded entry name, expanded it should be an

View File

@ -1056,8 +1056,11 @@ accessmask2str( slap_mask_t mask, char *buf )
} }
if ( ACL_IS_LEVEL( mask ) ) { if ( ACL_IS_LEVEL( mask ) ) {
*ptr = ')'; *ptr++ = ')';
} }
*ptr = '\0';
return buf; return buf;
} }

View File

@ -143,7 +143,7 @@ meta_back_db_config(
#endif /* uncomment if uri MUST be a branch of suffix */ #endif /* uncomment if uri MUST be a branch of suffix */
LDAPURLDesc *ludp; LDAPURLDesc *ludp;
char *last; char *last;
struct berval dn, *pdn = NULL, *ndn = NULL; struct berval dn;
int rc; int rc;
if ( argc != 2 ) { if ( argc != 2 ) {
@ -319,7 +319,7 @@ meta_back_db_config(
/* name to use for meta_back_group */ /* name to use for meta_back_group */
} else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) { } else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
int i = li->ntargets-1; int i = li->ntargets-1;
struct berval dn, *ndn = NULL; struct berval dn;
if ( i < 0 ) { if ( i < 0 ) {
fprintf( stderr, fprintf( stderr,
@ -359,12 +359,12 @@ meta_back_db_config(
fname, lineno ); fname, lineno );
return 1; return 1;
} }
li->targets[ i ]->bindpw = ber_bvstrdup( argv[ 1 ] ); ber_str2bv( argv[ 1 ], 0L, 1, &li->targets[ i ]->bindpw );
/* name to use as pseudo-root dn */ /* name to use as pseudo-root dn */
} else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) { } else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
int i = li->ntargets-1; int i = li->ntargets-1;
struct berval dn, *ndn = NULL; struct berval dn;
if ( i < 0 ) { if ( i < 0 ) {
fprintf( stderr, fprintf( stderr,
@ -404,7 +404,7 @@ meta_back_db_config(
fname, lineno ); fname, lineno );
return 1; return 1;
} }
li->targets[ i ]->pseudorootpw = ber_bvstrdup( argv[ 1 ] ); ber_str2bv( argv[ 1 ], 0L, 1, &li->targets[ i ]->pseudorootpw );
/* dn massaging */ /* dn massaging */
} else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) { } else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) {

View File

@ -30,15 +30,16 @@ access to dn.regex="[^,]+,ou=Groups,dc=[^,]+,o=Foo Bar,c=US" attr=cn
access to * access to *
by * read by * read
#######################################################################
# ldbm database definitions
#######################################################################
include ./slapd-ldbm.conf
####################################################################### #######################################################################
# ldap database with suffix massage definitions # ldap database with suffix massage definitions
####################################################################### #######################################################################
include ./slapd-ldap.conf include ./slapd-ldap.conf
#######################################################################
# ldbm database definitions
#######################################################################
include ./slapd-ldbm.conf

View File

@ -187,17 +187,17 @@ target_free(
if ( lt->suffix.bv_val ) { if ( lt->suffix.bv_val ) {
free( lt->suffix.bv_val ); free( lt->suffix.bv_val );
} }
if ( lt->binddn ) { if ( lt->binddn.bv_val ) {
ber_bvfree( lt->binddn ); free( lt->binddn.bv_val );
} }
if ( lt->bindpw ) { if ( lt->bindpw.bv_val ) {
ber_bvfree( lt->bindpw ); free( lt->bindpw.bv_val );
} }
if ( lt->pseudorootdn ) { if ( lt->pseudorootdn.bv_val ) {
ber_bvfree( lt->pseudorootdn ); free( lt->pseudorootdn.bv_val );
} }
if ( lt->pseudorootpw ) { if ( lt->pseudorootpw.bv_val ) {
ber_bvfree( lt->pseudorootpw ); free( lt->pseudorootpw.bv_val );
} }
if ( lt->rwinfo ) { if ( lt->rwinfo ) {
rewrite_info_delete( lt->rwinfo ); rewrite_info_delete( lt->rwinfo );