diff options
| author | Nathan Kinder <nkinder@redhat.com> | 2009-10-02 13:47:38 -0700 |
|---|---|---|
| committer | Nathan Kinder <nkinder@redhat.com> | 2009-10-02 13:47:38 -0700 |
| commit | 5593a5f7da88ae37ae032b95c7a3a369e8d61a1a (patch) | |
| tree | ee0802fd37f211498a7fe5c462c97dbf7cbff9ad /ldap/servers/plugins/acl/aclinit.c | |
| parent | ab6e5a77de769f55d55e70d7754ec732385e7067 (diff) | |
| download | ds-5593a5f7da88ae37ae032b95c7a3a369e8d61a1a.tar.gz ds-5593a5f7da88ae37ae032b95c7a3a369e8d61a1a.tar.xz ds-5593a5f7da88ae37ae032b95c7a3a369e8d61a1a.zip | |
Add ssf bind rule to access control plug-in.
This patch adds a new ssf bind rule keyword to the access control
plug-in. This allows you to write ACIs that require a specific
level of encryption for the rule to apply. The new keyword can
be used with '=', '!=', '<', '>', '<=' and '>=' comparators.
I added code that stores the SSF in effect for an operation into
the operation struct. The value that we store is the higher of
the two between the SASL SSF and the SSL/TLS SSF.
Diffstat (limited to 'ldap/servers/plugins/acl/aclinit.c')
| -rw-r--r-- | ldap/servers/plugins/acl/aclinit.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ldap/servers/plugins/acl/aclinit.c b/ldap/servers/plugins/acl/aclinit.c index 46095925..e99e57fc 100644 --- a/ldap/servers/plugins/acl/aclinit.c +++ b/ldap/servers/plugins/acl/aclinit.c @@ -567,5 +567,12 @@ __aclinit__RegisterLases(void) "Unable to register USERATTR Las\n"); return ACL_ERR; } + if (ACL_LasRegister(NULL, DS_LAS_SSF, + (LASEvalFunc_t)DS_LASSSFEval, + (LASFlushFunc_t)NULL) < 0) { + slapi_log_error (SLAPI_LOG_FATAL, plugin_name, + "Unable to register SSF Las\n"); + return ACL_ERR; + } return ACL_OK; } |