mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-30 13:30:57 +08:00
Changed Access->a_set_pat and acl->acl_dn_pat to struct berval to eliminate
strlen() from acl processing.
This commit is contained in:
Howard Chu
parent
18cd610f2d
commit
9e0ab3da36
@ -314,7 +314,7 @@ acl_get(
|
||||
for ( ; a != NULL; a = a->acl_next ) {
|
||||
(*count) ++;
|
||||
|
||||
if (a->acl_dn_pat != NULL) {
|
||||
if (a->acl_dn_pat.bv_len != 0) {
|
||||
if ( a->acl_dn_style == ACL_STYLE_REGEX ) {
|
||||
#ifdef NEW_LOGGING
|
||||
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
|
||||
@ -336,7 +336,7 @@ acl_get(
|
||||
Debug( LDAP_DEBUG_ACL, "=> dn: [%d] %s\n",
|
||||
*count, a->acl_dn_pat, 0 );
|
||||
#endif
|
||||
patlen = strlen( a->acl_dn_pat );
|
||||
patlen = a->acl_dn_pat.bv_len;
|
||||
if ( dnlen < patlen )
|
||||
continue;
|
||||
|
||||
@ -369,7 +369,7 @@ acl_get(
|
||||
continue;
|
||||
}
|
||||
|
||||
if ( strcmp( a->acl_dn_pat, e->e_ndn + dnlen - patlen ) != 0 )
|
||||
if ( strcmp( a->acl_dn_pat.bv_val, e->e_ndn + dnlen - patlen ) != 0 )
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -771,12 +771,8 @@ acl_mask(
|
||||
}
|
||||
}
|
||||
|
||||
if ( b->a_set_pat != NULL ) {
|
||||
struct berval bv;
|
||||
|
||||
bv.bv_val = b->a_set_pat;
|
||||
bv.bv_len = strlen(b->a_set_pat);
|
||||
if (aci_match_set( &bv, be, e, conn, op, 0 ) == 0) {
|
||||
if ( b->a_set_pat.bv_len != 0 ) {
|
||||
if (aci_match_set( &b->a_set_pat, be, e, conn, op, 0 ) == 0) {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
@ -111,11 +111,6 @@ parse_acl(
|
||||
acl_usage();
|
||||
}
|
||||
a = (AccessControl *) ch_calloc( 1, sizeof(AccessControl) );
|
||||
a->acl_filter = NULL;
|
||||
a->acl_dn_pat = NULL;
|
||||
a->acl_attrs = NULL;
|
||||
a->acl_access = NULL;
|
||||
a->acl_next = NULL;
|
||||
for ( ++i; i < argc; i++ ) {
|
||||
if ( strcasecmp( argv[i], "by" ) == 0 ) {
|
||||
i--;
|
||||
@ -123,7 +118,7 @@ parse_acl(
|
||||
}
|
||||
|
||||
if ( strcasecmp( argv[i], "*" ) == 0 ) {
|
||||
if( a->acl_dn_pat != NULL ) {
|
||||
if( a->acl_dn_pat.bv_len != 0 ) {
|
||||
fprintf( stderr,
|
||||
"%s: line %d: dn pattern"
|
||||
" already specified in to clause.\n",
|
||||
@ -131,7 +126,8 @@ parse_acl(
|
||||
acl_usage();
|
||||
}
|
||||
|
||||
a->acl_dn_pat = ch_strdup( "*" );
|
||||
a->acl_dn_pat.bv_val = ch_strdup( "*" );
|
||||
a->acl_dn_pat.bv_len = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -146,7 +142,7 @@ parse_acl(
|
||||
}
|
||||
|
||||
if ( strcasecmp( left, "dn" ) == 0 ) {
|
||||
if( a->acl_dn_pat != NULL ) {
|
||||
if( a->acl_dn_pat.bv_len != 0 ) {
|
||||
fprintf( stderr,
|
||||
"%s: line %d: dn pattern"
|
||||
" already specified in to clause.\n",
|
||||
@ -166,26 +162,32 @@ parse_acl(
|
||||
|| strcmp(right, ".*$$") == 0
|
||||
|| strcmp(right, "^.*$$") == 0 )
|
||||
{
|
||||
a->acl_dn_pat = ch_strdup( "*" );
|
||||
a->acl_dn_pat.bv_val = ch_strdup( "*" );
|
||||
a->acl_dn_pat.bv_len = 1;
|
||||
|
||||
} else {
|
||||
a->acl_dn_pat = acl_regex_normalized_dn( right );
|
||||
a->acl_dn_pat.bv_val = acl_regex_normalized_dn( right );
|
||||
a->acl_dn_pat.bv_len = strlen( a->acl_dn_pat.bv_val );
|
||||
}
|
||||
} else if ( strcasecmp( style, "base" ) == 0 ) {
|
||||
a->acl_dn_style = ACL_STYLE_BASE;
|
||||
a->acl_dn_pat = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_val = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_len = strlen( right );
|
||||
|
||||
} else if ( strcasecmp( style, "one" ) == 0 ) {
|
||||
a->acl_dn_style = ACL_STYLE_ONE;
|
||||
a->acl_dn_pat = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_val = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_len = strlen( right );
|
||||
|
||||
} else if ( strcasecmp( style, "subtree" ) == 0 ) {
|
||||
a->acl_dn_style = ACL_STYLE_SUBTREE;
|
||||
a->acl_dn_pat = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_val = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_len = strlen( right );
|
||||
|
||||
} else if ( strcasecmp( style, "children" ) == 0 ) {
|
||||
a->acl_dn_style = ACL_STYLE_CHILDREN;
|
||||
a->acl_dn_pat = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_val = ch_strdup( right );
|
||||
a->acl_dn_pat.bv_len = strlen( right );
|
||||
|
||||
} else {
|
||||
fprintf( stderr,
|
||||
@ -221,18 +223,22 @@ parse_acl(
|
||||
}
|
||||
}
|
||||
|
||||
if ( a->acl_dn_pat != NULL && strcmp(a->acl_dn_pat, "*") == 0) {
|
||||
free( a->acl_dn_pat );
|
||||
a->acl_dn_pat = NULL;
|
||||
if ( a->acl_dn_pat.bv_len != 0 && strcmp(a->acl_dn_pat.bv_val, "*") == 0) {
|
||||
free( a->acl_dn_pat.bv_val );
|
||||
a->acl_dn_pat.bv_val = NULL;
|
||||
a->acl_dn_pat.bv_len = 0;
|
||||
}
|
||||
|
||||
if( a->acl_dn_pat != NULL ) {
|
||||
if( a->acl_dn_pat.bv_len != 0 ) {
|
||||
if ( a->acl_dn_style != ACL_STYLE_REGEX )
|
||||
{
|
||||
dn_normalize(a->acl_dn_pat);
|
||||
|
||||
struct berval *bv;
|
||||
dnNormalize( NULL, &a->acl_dn_pat, &bv);
|
||||
free( a->acl_dn_pat.bv_val );
|
||||
a->acl_dn_pat = *bv;
|
||||
free( bv );
|
||||
} else {
|
||||
int e = regcomp( &a->acl_dn_re, a->acl_dn_pat,
|
||||
int e = regcomp( &a->acl_dn_re, a->acl_dn_pat.bv_val,
|
||||
REG_EXTENDED | REG_ICASE );
|
||||
if ( e ) {
|
||||
char buf[512];
|
||||
@ -670,7 +676,7 @@ parse_acl(
|
||||
}
|
||||
|
||||
if ( strcasecmp( left, "set" ) == 0 ) {
|
||||
if( b->a_set_pat != NULL ) {
|
||||
if( b->a_set_pat.bv_len != 0 ) {
|
||||
fprintf( stderr,
|
||||
"%s: line %d: set attribute already specified.\n",
|
||||
fname, lineno );
|
||||
@ -685,7 +691,8 @@ parse_acl(
|
||||
}
|
||||
|
||||
b->a_set_style = sty;
|
||||
b->a_set_pat = ch_strdup(right);
|
||||
b->a_set_pat.bv_val = ch_strdup(right);
|
||||
b->a_set_pat.bv_len = strlen(right);
|
||||
|
||||
continue;
|
||||
}
|
||||
@ -1231,8 +1238,8 @@ access_free( Access *a )
|
||||
free ( a->a_domain_pat );
|
||||
if ( a->a_sockurl_pat )
|
||||
free ( a->a_sockurl_pat );
|
||||
if ( a->a_set_pat )
|
||||
free ( a->a_set_pat );
|
||||
if ( a->a_set_pat.bv_len )
|
||||
free ( a->a_set_pat.bv_val );
|
||||
if ( a->a_group_pat )
|
||||
free ( a->a_group_pat );
|
||||
free( a );
|
||||
@ -1245,8 +1252,8 @@ acl_free( AccessControl *a )
|
||||
|
||||
if ( a->acl_filter )
|
||||
filter_free( a->acl_filter );
|
||||
if ( a->acl_dn_pat )
|
||||
free ( a->acl_dn_pat );
|
||||
if ( a->acl_dn_pat.bv_len )
|
||||
free ( a->acl_dn_pat.bv_val );
|
||||
if ( a->acl_attrs )
|
||||
charray_free( a->acl_attrs );
|
||||
for (; a->acl_access; a->acl_access = n) {
|
||||
@ -1439,10 +1446,10 @@ print_acl( Backend *be, AccessControl *a )
|
||||
fprintf( stderr, "%s ACL: access to",
|
||||
be == NULL ? "Global" : "Backend" );
|
||||
|
||||
if ( a->acl_dn_pat != NULL ) {
|
||||
if ( a->acl_dn_pat.bv_len != 0 ) {
|
||||
to++;
|
||||
fprintf( stderr, " dn.%s=%s\n",
|
||||
style_strings[a->acl_dn_style], a->acl_dn_pat );
|
||||
style_strings[a->acl_dn_style], a->acl_dn_pat.bv_val );
|
||||
}
|
||||
|
||||
if ( a->acl_filter != NULL ) {
|
||||
|
||||
@ -796,7 +796,7 @@ typedef struct slap_access {
|
||||
slap_style_t a_sockurl_style;
|
||||
char *a_sockurl_pat;
|
||||
slap_style_t a_set_style;
|
||||
char *a_set_pat;
|
||||
struct berval a_set_pat;
|
||||
|
||||
#ifdef SLAPD_ACI_ENABLED
|
||||
AttributeDescription *a_aci_at;
|
||||
@ -817,7 +817,7 @@ typedef struct slap_acl {
|
||||
Filter *acl_filter;
|
||||
slap_style_t acl_dn_style;
|
||||
regex_t acl_dn_re;
|
||||
char *acl_dn_pat;
|
||||
struct berval acl_dn_pat;
|
||||
char **acl_attrs;
|
||||
|
||||
/* "by" part: list of who has what access to the entries */
|
||||
|
||||
Loading…
Reference in New Issue
Block a user