the logic of this check was completely reversed; in case '*' is used, on't test the regula expression

This commit is contained in:
Pierangelo Masarati 2002-04-02 08:18:30 +00:00
parent b082ed9355
commit ab6ad34692
2 changed files with 24 additions and 11 deletions

View File

@ -623,7 +623,7 @@ acl_mask(
}
} else if ( b->a_dn_style == ACL_STYLE_REGEX ) {
if ( ber_bvccmp( &b->a_dn_pat, '*' ) == 0 ) {
if ( !ber_bvccmp( &b->a_dn_pat, '*' ) ) {
int ret = regex_matches( &b->a_dn_pat,
op->o_ndn.bv_val, e->e_ndn, matches );
@ -685,7 +685,7 @@ acl_mask(
b->a_sockurl_pat.bv_val, 0, 0 );
#endif
if ( ber_bvccmp( &b->a_sockurl_pat, '*' ) != 0) {
if ( !ber_bvccmp( &b->a_sockurl_pat, '*' ) ) {
if ( b->a_sockurl_style == ACL_STYLE_REGEX) {
if (!regex_matches( &b->a_sockurl_pat, conn->c_listener_url.bv_val,
e->e_ndn, matches ) )
@ -708,7 +708,7 @@ acl_mask(
Debug( LDAP_DEBUG_ACL, "<= check a_domain_pat: %s\n",
b->a_domain_pat.bv_val, 0, 0 );
#endif
if ( ber_bvccmp( &b->a_domain_pat, '*' ) != 0) {
if ( !ber_bvccmp( &b->a_domain_pat, '*' ) ) {
if ( b->a_domain_style == ACL_STYLE_REGEX) {
if (!regex_matches( &b->a_domain_pat, conn->c_peer_domain.bv_val,
e->e_ndn, matches ) )
@ -731,7 +731,7 @@ acl_mask(
Debug( LDAP_DEBUG_ACL, "<= check a_peername_path: %s\n",
b->a_peername_pat.bv_val, 0, 0 );
#endif
if ( ber_bvccmp( &b->a_peername_pat, '*' ) != 0) {
if ( !ber_bvccmp( &b->a_peername_pat, '*' ) ) {
if ( b->a_peername_style == ACL_STYLE_REGEX) {
if (!regex_matches( &b->a_peername_pat, conn->c_peer_name.bv_val,
e->e_ndn, matches ) )
@ -754,7 +754,7 @@ acl_mask(
Debug( LDAP_DEBUG_ACL, "<= check a_sockname_path: %s\n",
b->a_sockname_pat.bv_val, 0, 0 );
#endif
if ( ber_bvccmp( &b->a_sockname_pat, '*' ) != 0) {
if ( !ber_bvccmp( &b->a_sockname_pat, '*' ) ) {
if ( b->a_sockname_style == ACL_STYLE_REGEX) {
if (!regex_matches( &b->a_sockname_pat, conn->c_sock_name.bv_val,
e->e_ndn, matches ) )

View File

@ -16,6 +16,7 @@
#include <ac/unistd.h>
#include "slap.h"
#include "lber_pvt.h"
static void split(char *line, int splitchar, char **left, char **right);
static void access_append(Access **l, Access *a);
@ -365,7 +366,9 @@ parse_acl(
} else {
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
if ( !ber_bvccmp( &bv, '*' ) ) {
regtest(fname, lineno, bv.bv_val);
}
}
} else if ( right == NULL || *right == '\0' ) {
fprintf( stderr,
@ -479,7 +482,9 @@ parse_acl(
if (sty == ACL_STYLE_REGEX) {
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
if ( !ber_bvccmp( &bv, '*' ) ) {
regtest(fname, lineno, bv.bv_val);
}
b->a_group_pat = bv;
} else {
ber_str2bv( right, 0, 0, &bv );
@ -605,7 +610,9 @@ parse_acl(
if (sty == ACL_STYLE_REGEX) {
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
if ( !ber_bvccmp( &bv, '*' ) ) {
regtest(fname, lineno, bv.bv_val);
}
b->a_peername_pat = bv;
} else {
ber_str2bv( right, 0, 1, &b->a_peername_pat );
@ -632,7 +639,9 @@ parse_acl(
if (sty == ACL_STYLE_REGEX) {
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
if ( !ber_bvccmp( &bv, '*' ) ) {
regtest(fname, lineno, bv.bv_val);
}
b->a_sockname_pat = bv;
} else {
ber_str2bv( right, 0, 1, &b->a_sockname_pat );
@ -659,7 +668,9 @@ parse_acl(
if (sty == ACL_STYLE_REGEX) {
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
if ( !ber_bvccmp( &bv, '*' ) ) {
regtest(fname, lineno, bv.bv_val);
}
b->a_domain_pat = bv;
} else {
ber_str2bv( right, 0, 1, &b->a_domain_pat );
@ -686,7 +697,9 @@ parse_acl(
if (sty == ACL_STYLE_REGEX) {
bv.bv_val = right;
acl_regex_normalized_dn( &bv );
regtest(fname, lineno, bv.bv_val);
if ( !ber_bvccmp( &bv, '*' ) ) {
regtest(fname, lineno, bv.bv_val);
}
b->a_sockurl_pat = bv;
} else {
ber_str2bv( right, 0, 1, &b->a_sockurl_pat );