allow options in dynacl configuration

2025-01-06 10:46:21 +08:00 · 2005-08-22 16:28:50 +00:00 · 2005-08-22 16:28:50 +00:00 · 849ecbcf1f
commit 849ecbcf1f
parent 4bc8197dcb
3 changed files with 31 additions and 11 deletions
--- a/servers/slapd/aci.c
+++ b/servers/slapd/aci.c
@ -608,7 +608,13 @@ aci_init( void )
 * umbrella, because sets share some helpers with ACIs.
 */
 static int
-dynacl_aci_parse( const char *fname, int lineno, slap_style_t sty, const char *right, void **privp )
+dynacl_aci_parse(
+	const char *fname,
+	int lineno,
+	const char *opts,
+	slap_style_t sty,
+	const char *right,
+	void **privp )
 {
 	AttributeDescription	*ad = NULL;
 	const char		*text = NULL;
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@ -70,7 +70,14 @@ static int		check_scope( BackendDB *be, AccessControl *a );

 #ifdef SLAP_DYNACL
 static int
-slap_dynacl_config( const char *fname, int lineno, Access *b, const char *name, slap_style_t sty, const char *right )
+slap_dynacl_config(
+	const char *fname,
+	int lineno,
+	Access *b,
+	const char *name,
+	const char *opts,
+	slap_style_t sty,
+	const char *right )
 {
 	slap_dynacl_t	*da, *tmp;
 	int		rc = 0;
@ -93,7 +100,7 @@ slap_dynacl_config( const char *fname, int lineno, Access *b, const char *name,
 	*tmp = *da;

 	if ( tmp->da_parse ) {
-		rc = ( *tmp->da_parse )( fname, lineno, sty, right, &tmp->da_private );
+		rc = ( *tmp->da_parse )( fname, lineno, opts, sty, right, &tmp->da_private );
 		if ( rc ) {
 			ch_free( tmp );
 			return rc;
@ -1490,17 +1497,23 @@ parse_acl(

 #ifdef SLAP_DYNACL
 				{
-					char		*name = NULL;
+					char		*name = NULL,
+							*opts = NULL;
 					
 					if ( strcasecmp( left, "aci" ) == 0 ) {
 						name = "aci";
 						
 					} else if ( strncasecmp( left, "dynacl/", STRLENOF( "dynacl/" ) ) == 0 ) {
 						name = &left[ STRLENOF( "dynacl/" ) ];
+						opts = strchr( name, '/' );
+						if ( opts ) {
+							opts[ 0 ] = '\0';
+							opts++;
+						}
 					}

 					if ( name ) {
-						if ( slap_dynacl_config( fname, lineno, b, name, sty, right ) ) {
+						if ( slap_dynacl_config( fname, lineno, b, name, opts, sty, right ) ) {
 							fprintf( stderr, "%s: line %d: "
 								"unable to configure dynacl \"%s\"\n",
 								fname, lineno, name );
@ -2122,7 +2135,7 @@ acl_usage( void )
 			"\t[aci[=<attrname>]]\n"
 #endif
 #ifdef SLAP_DYNACL
-			"\t[dynacl/<name>[.<dynstyle>][=<pattern>]]\n"
+			"\t[dynacl/<name>[/<options>][.<dynstyle>][=<pattern>]]\n"
 #endif /* SLAP_DYNACL */
 			"\t[ssf=<n>] [transport_ssf=<n>] [tls_ssf=<n>] [sasl_ssf=<n>]\n",
 		"<style> ::= exact | regex | base(Object)\n"
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@ -1259,9 +1259,10 @@ struct slap_op;
 /*
 * "dynamic" ACL infrastructure (for ACIs and more)
 */
-typedef int (slap_dynacl_parse)( const char *fname, int lineno, slap_style_t, const char *, void **privp );
-typedef int (slap_dynacl_unparse)( void *priv, struct berval *bv );
-typedef int (slap_dynacl_mask)(
+typedef int (slap_dynacl_parse) LDAP_P(( const char *fname, int lineno,
+	const char *opts, slap_style_t, const char *, void **privp ));
+typedef int (slap_dynacl_unparse) LDAP_P(( void *priv, struct berval *bv ));
+typedef int (slap_dynacl_mask) LDAP_P((
 		void			*priv,
 		struct slap_op		*op,
 		Entry			*e,
@ -1270,8 +1271,8 @@ typedef int (slap_dynacl_mask)(
 		int			nmatch,
 		regmatch_t		*matches,
 		slap_access_t		*grant,
-		slap_access_t		*deny );
-typedef int (slap_dynacl_destroy)( void *priv );
+		slap_access_t		*deny ));
+typedef int (slap_dynacl_destroy) LDAP_P(( void *priv ));

 typedef struct slap_dynacl_t {
 	char			*da_name;