Commit fbe9dce8 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Import ACL to dn="" bug fix (ITS#1921)

parent 8ed2a23a
OpenLDAP 2.1 Change Log
OpenLDAP 2.1.3 Release
Fixed slapd access to dn="" bug (ITS#1921)
Fixed slapd structuralObjectClass lastmod bug (ITS#1904)
Fixed slapd krbName bug (ITS#1913)
Fixed slapd schema error alignment bug
......
......@@ -395,7 +395,7 @@ acl_get(
for ( ; a != NULL; a = a->acl_next ) {
(*count) ++;
if (a->acl_dn_pat.bv_len != 0) {
if ( a->acl_dn_pat.bv_len || ( a->acl_dn_style != ACL_STYLE_REGEX )) {
if ( a->acl_dn_style == ACL_STYLE_REGEX ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
......
......@@ -118,7 +118,9 @@ parse_acl(
}
if ( strcasecmp( argv[i], "*" ) == 0 ) {
if( a->acl_dn_pat.bv_len != 0 ) {
if( a->acl_dn_pat.bv_len ||
( a->acl_dn_style != ACL_STYLE_REGEX ) )
{
fprintf( stderr,
"%s: line %d: dn pattern"
" already specified in to clause.\n",
......@@ -142,7 +144,9 @@ parse_acl(
}
if ( strcasecmp( left, "dn" ) == 0 ) {
if( a->acl_dn_pat.bv_len != 0 ) {
if( a->acl_dn_pat.bv_len != 0 ||
( a->acl_dn_style != ACL_STYLE_REGEX ) )
{
fprintf( stderr,
"%s: line %d: dn pattern"
" already specified in to clause.\n",
......@@ -230,7 +234,9 @@ parse_acl(
a->acl_dn_pat.bv_len = 0;
}
if( a->acl_dn_pat.bv_len != 0 ) {
if( a->acl_dn_pat.bv_len != 0 ||
( a->acl_dn_style != ACL_STYLE_REGEX ) )
{
if ( a->acl_dn_style != ACL_STYLE_REGEX ) {
struct berval bv;
rc = dnNormalize2( NULL, &a->acl_dn_pat, &bv);
......
......@@ -34,6 +34,9 @@ rootpw secret
# cn=monitor, cn=schema, and cn=config
#
access to dn="" by * read
access to dn.base="" by * read
access to attr=objectclass
by * =rsc stop
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment