From ab6ad3469270ea9ece62bc26b37e05d94f16bc28 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Tue, 2 Apr 2002 08:18:30 +0000 Subject: [PATCH] the logic of this check was completely reversed; in case '*' is used, on't test the regula expression --- servers/slapd/acl.c | 10 +++++----- servers/slapd/aclparse.c | 25 +++++++++++++++++++------ 2 files changed, 24 insertions(+), 11 deletions(-) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 8e226d8861..ace21f1f65 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -623,7 +623,7 @@ acl_mask( } } else if ( b->a_dn_style == ACL_STYLE_REGEX ) { - if ( ber_bvccmp( &b->a_dn_pat, '*' ) == 0 ) { + if ( !ber_bvccmp( &b->a_dn_pat, '*' ) ) { int ret = regex_matches( &b->a_dn_pat, op->o_ndn.bv_val, e->e_ndn, matches ); @@ -685,7 +685,7 @@ acl_mask( b->a_sockurl_pat.bv_val, 0, 0 ); #endif - if ( ber_bvccmp( &b->a_sockurl_pat, '*' ) != 0) { + if ( !ber_bvccmp( &b->a_sockurl_pat, '*' ) ) { if ( b->a_sockurl_style == ACL_STYLE_REGEX) { if (!regex_matches( &b->a_sockurl_pat, conn->c_listener_url.bv_val, e->e_ndn, matches ) ) @@ -708,7 +708,7 @@ acl_mask( Debug( LDAP_DEBUG_ACL, "<= check a_domain_pat: %s\n", b->a_domain_pat.bv_val, 0, 0 ); #endif - if ( ber_bvccmp( &b->a_domain_pat, '*' ) != 0) { + if ( !ber_bvccmp( &b->a_domain_pat, '*' ) ) { if ( b->a_domain_style == ACL_STYLE_REGEX) { if (!regex_matches( &b->a_domain_pat, conn->c_peer_domain.bv_val, e->e_ndn, matches ) ) @@ -731,7 +731,7 @@ acl_mask( Debug( LDAP_DEBUG_ACL, "<= check a_peername_path: %s\n", b->a_peername_pat.bv_val, 0, 0 ); #endif - if ( ber_bvccmp( &b->a_peername_pat, '*' ) != 0) { + if ( !ber_bvccmp( &b->a_peername_pat, '*' ) ) { if ( b->a_peername_style == ACL_STYLE_REGEX) { if (!regex_matches( &b->a_peername_pat, conn->c_peer_name.bv_val, e->e_ndn, matches ) ) @@ -754,7 +754,7 @@ acl_mask( Debug( LDAP_DEBUG_ACL, "<= check a_sockname_path: %s\n", b->a_sockname_pat.bv_val, 0, 0 ); #endif - if ( ber_bvccmp( &b->a_sockname_pat, '*' ) != 0) { + if ( !ber_bvccmp( &b->a_sockname_pat, '*' ) ) { if ( b->a_sockname_style == ACL_STYLE_REGEX) { if (!regex_matches( &b->a_sockname_pat, conn->c_sock_name.bv_val, e->e_ndn, matches ) ) diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index c920d7b696..e559029bf5 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -16,6 +16,7 @@ #include #include "slap.h" +#include "lber_pvt.h" static void split(char *line, int splitchar, char **left, char **right); static void access_append(Access **l, Access *a); @@ -365,7 +366,9 @@ parse_acl( } else { bv.bv_val = right; acl_regex_normalized_dn( &bv ); - regtest(fname, lineno, bv.bv_val); + if ( !ber_bvccmp( &bv, '*' ) ) { + regtest(fname, lineno, bv.bv_val); + } } } else if ( right == NULL || *right == '\0' ) { fprintf( stderr, @@ -479,7 +482,9 @@ parse_acl( if (sty == ACL_STYLE_REGEX) { bv.bv_val = right; acl_regex_normalized_dn( &bv ); - regtest(fname, lineno, bv.bv_val); + if ( !ber_bvccmp( &bv, '*' ) ) { + regtest(fname, lineno, bv.bv_val); + } b->a_group_pat = bv; } else { ber_str2bv( right, 0, 0, &bv ); @@ -605,7 +610,9 @@ parse_acl( if (sty == ACL_STYLE_REGEX) { bv.bv_val = right; acl_regex_normalized_dn( &bv ); - regtest(fname, lineno, bv.bv_val); + if ( !ber_bvccmp( &bv, '*' ) ) { + regtest(fname, lineno, bv.bv_val); + } b->a_peername_pat = bv; } else { ber_str2bv( right, 0, 1, &b->a_peername_pat ); @@ -632,7 +639,9 @@ parse_acl( if (sty == ACL_STYLE_REGEX) { bv.bv_val = right; acl_regex_normalized_dn( &bv ); - regtest(fname, lineno, bv.bv_val); + if ( !ber_bvccmp( &bv, '*' ) ) { + regtest(fname, lineno, bv.bv_val); + } b->a_sockname_pat = bv; } else { ber_str2bv( right, 0, 1, &b->a_sockname_pat ); @@ -659,7 +668,9 @@ parse_acl( if (sty == ACL_STYLE_REGEX) { bv.bv_val = right; acl_regex_normalized_dn( &bv ); - regtest(fname, lineno, bv.bv_val); + if ( !ber_bvccmp( &bv, '*' ) ) { + regtest(fname, lineno, bv.bv_val); + } b->a_domain_pat = bv; } else { ber_str2bv( right, 0, 1, &b->a_domain_pat ); @@ -686,7 +697,9 @@ parse_acl( if (sty == ACL_STYLE_REGEX) { bv.bv_val = right; acl_regex_normalized_dn( &bv ); - regtest(fname, lineno, bv.bv_val); + if ( !ber_bvccmp( &bv, '*' ) ) { + regtest(fname, lineno, bv.bv_val); + } b->a_sockurl_pat = bv; } else { ber_str2bv( right, 0, 1, &b->a_sockurl_pat );