[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5548) syncprov evaluates ACL rules with wrong connection info
Full_Name: Rein Tollevik
Version: 2.4.10 (CVS head)
OS: linux, solaris
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (84.215.2.34)
Submitted by: rein
Access control rules that uses connection data are evaluated using the wrong
connection structure. The problem is in syncprov_matchop() where it around line
1233 assigns:
op2.o_hdr = op->o_hdr;
This causes ACL rules to be tested against the connection that made the change,
not the syncrepl connection. It should retain the value from ss->s_op.
Rein Tollevik
Basefarm AS