mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

allow setting misc params used by ACL checking

Browse Source
This commit is contained in:
Pierangelo Masarati 2005-03-30 22:29:35 +00:00
parent 94a9f84895
commit 83bb1c93cb
3 changed files with 94 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
servers/slapd/slapacl.c
View File

@ -39,8 +39,9 @@ slapacl( int argc, char **argv )
{ {
int rc = EXIT_SUCCESS; int rc = EXIT_SUCCESS;
const char *progname = "slapacl"; const char *progname = "slapacl";
Connection conn = {0}; Connection conn = { 0 };
char opbuf[OPERATION_BUFFER_SIZE]; Listener listener;
char opbuf[OPERATION_BUFFER_SIZE];
Operation *op; Operation *op;
Entry e = { 0 }; Entry e = { 0 };
char *attr = NULL; char *attr = NULL;
@ -53,6 +54,16 @@ slapacl( int argc, char **argv )
op = (Operation *)opbuf; op = (Operation *)opbuf;
connection_fake_init( &conn, op, &conn ); connection_fake_init( &conn, op, &conn );
conn.c_listener = &listener;
conn.c_listener_url = listener_url;
conn.c_peer_domain = peer_domain;
conn.c_peer_name = peer_name;
conn.c_sock_name = sock_name;
op->o_ssf = ssf;
op->o_transport_ssf = transport_ssf;
op->o_tls_ssf = tls_ssf;
op->o_sasl_ssf = sasl_ssf;
if ( !BER_BVISNULL( &authcID ) ) { if ( !BER_BVISNULL( &authcID ) ) {
rc = slap_sasl_getdn( &conn, op, &authcID, NULL, rc = slap_sasl_getdn( &conn, op, &authcID, NULL,
&authcDN, SLAP_GETDN_AUTHCID ); &authcDN, SLAP_GETDN_AUTHCID );

67
servers/slapd/slapcommon.c
View File

@ -55,7 +55,8 @@ usage( int tool, const char *progname )
switch( tool ) { switch( tool ) {
case SLAPACL: case SLAPACL:
options = "\n\t[-U authcID | -D authcDN]" options = "\n\t[-U authcID | -D authcDN]"
" -b DN [attr[/access][:value]] [...]\n"; " -b DN -o <var>[=<val>]"
"\n\t[attr[/access][:value]] [...]\n";
break; break;
case SLAPADD: case SLAPADD:
@ -91,6 +92,62 @@ usage( int tool, const char *progname )
exit( EXIT_FAILURE ); exit( EXIT_FAILURE );
} }
static int
parse_slapacl( void )
{
size_t len;
char *p;
p = strchr( optarg, '=' );
if ( p == NULL ) {
return -1;
}
len = p - optarg;
p++;
if ( strncasecmp( optarg, "sockurl", len ) == 0 ) {
if ( !BER_BVISNULL( &listener_url ) ) {
ber_memfree( listener_url.bv_val );
}
ber_str2bv( p, 0, 1, &listener_url );
} else if ( strncasecmp( optarg, "domain", len ) == 0 ) {
if ( !BER_BVISNULL( &peer_domain ) ) {
ber_memfree( peer_domain.bv_val );
}
ber_str2bv( p, 0, 1, &peer_domain );
} else if ( strncasecmp( optarg, "peername", len ) == 0 ) {
if ( !BER_BVISNULL( &peer_name ) ) {
ber_memfree( peer_name.bv_val );
}
ber_str2bv( p, 0, 1, &peer_name );
} else if ( strncasecmp( optarg, "sockname", len ) == 0 ) {
if ( !BER_BVISNULL( &sock_name ) ) {
ber_memfree( sock_name.bv_val );
}
ber_str2bv( p, 0, 1, &sock_name );
} else if ( strncasecmp( optarg, "ssf", len ) == 0 ) {
ssf = atoi( p );
} else if ( strncasecmp( optarg, "transport_ssf", len ) == 0 ) {
transport_ssf = atoi( p );
} else if ( strncasecmp( optarg, "tls_ssf", len ) == 0 ) {
tls_ssf = atoi( p );
} else if ( strncasecmp( optarg, "sasl_ssf", len ) == 0 ) {
sasl_ssf = atoi( p );
} else {
return -1;
}
return 0;
}
/* /*
* slap_tool_init - initialize slap utility, handle program options. * slap_tool_init - initialize slap utility, handle program options.
@ -157,7 +214,7 @@ slap_tool_init(
break; break;
case SLAPACL: case SLAPACL:
options = "b:D:d:f:F:U:v"; options = "b:D:d:f:F:o:U:v";
mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY; mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
break; break;
@ -209,6 +266,12 @@ slap_tool_init(
dbnum = atoi( optarg ); dbnum = atoi( optarg );
break; break;
case 'o':
if ( parse_slapacl() ) {
usage( tool, progname );
}
break;
case 'q': /* turn on quick */ case 'q': /* turn on quick */
mode |= SLAP_TOOL_QUICK; mode |= SLAP_TOOL_QUICK;
break; break;

16
servers/slapd/slapcommon.h
View File

@ -48,6 +48,14 @@ typedef struct tool_vars {
struct berval tv_authzID; struct berval tv_authzID;
struct berval tv_mech; struct berval tv_mech;
char *tv_realm; char *tv_realm;
struct berval tv_listener_url;
struct berval tv_peer_domain;
struct berval tv_peer_name;
struct berval tv_sock_name;
slap_ssf_t tv_ssf;
slap_ssf_t tv_transport_ssf;
slap_ssf_t tv_tls_ssf;
slap_ssf_t tv_sasl_ssf;
} tool_vars; } tool_vars;
extern tool_vars tool_globals; extern tool_vars tool_globals;
@ -67,6 +75,14 @@ extern tool_vars tool_globals;
#define authzID tool_globals.tv_authzID #define authzID tool_globals.tv_authzID
#define mech tool_globals.tv_mech #define mech tool_globals.tv_mech
#define realm tool_globals.tv_realm #define realm tool_globals.tv_realm
#define listener_url tool_globals.tv_listener_url
#define peer_domain tool_globals.tv_peer_domain
#define peer_name tool_globals.tv_peer_name
#define sock_name tool_globals.tv_sock_name
#define ssf tool_globals.tv_ssf
#define transport_ssf tool_globals.tv_transport_ssf
#define tls_ssf tool_globals.tv_tls_ssf
#define sasl_ssf tool_globals.tv_sasl_ssf
void slap_tool_init LDAP_P(( void slap_tool_init LDAP_P((
const char* name, const char* name,