63 lines
1.7 KiB
Diff
63 lines
1.7 KiB
Diff
--- cyrus-imapd-2.2.12/lib/acl_afs.c.orig 2005-07-14 17:12:53 +0300
|
|
+++ cyrus-imapd-2.2.12/lib/acl_afs.c 2005-07-14 17:17:44 +0300
|
|
@@ -119,12 +119,17 @@
|
|
char *thisid, *nextid;
|
|
int oldaccess = 0;
|
|
char *rights;
|
|
+ int identifier_found = 0;
|
|
+ int identifier_overridden = 0;
|
|
|
|
/* Convert 'identifier' into canonical form */
|
|
if (*identifier == '-') {
|
|
char *canonid = auth_canonifyid(identifier+1, 0);
|
|
- if (!canonid) {
|
|
+ if (!canonid && access != 0L) {
|
|
return -1;
|
|
+ } else if (!canonid && access == 0L) {
|
|
+ canonid = identifier+1;
|
|
+ identifier_overridden = 1;
|
|
}
|
|
newidentifier = xmalloc(strlen(canonid)+2);
|
|
newidentifier[0] = '-';
|
|
@@ -135,9 +140,15 @@
|
|
}
|
|
}
|
|
else {
|
|
+ newidentifier = xmalloc(strlen(identifier)+1);
|
|
+ strlcpy(newidentifier, identifier, strlen(identifier)+1);
|
|
+
|
|
identifier = auth_canonifyid(identifier, 0);
|
|
- if (!identifier) {
|
|
+ if (!identifier && access != 0L) {
|
|
return -1;
|
|
+ } else if(!identifier && access == 0L) {
|
|
+ identifier = newidentifier;
|
|
+ identifier_overridden = 1;
|
|
}
|
|
if (canonproc) {
|
|
access = canonproc(canonrock, identifier, access);
|
|
@@ -165,6 +176,7 @@
|
|
*nextid++ = '\0';
|
|
|
|
if (strcmp(identifier, thisid) == 0) {
|
|
+ identifier_found = 1;
|
|
oldaccess = cyrus_acl_strtomask(rights);
|
|
break;
|
|
}
|
|
@@ -172,6 +184,15 @@
|
|
nextid[-1] = '\t';
|
|
}
|
|
|
|
+ /*
|
|
+ * In case we have overridden the canonification of the
|
|
+ * identifier, but still the identifier does not exist in
|
|
+ * the mailboxdb, then return error as normally expected.
|
|
+ */
|
|
+ if(identifier_overridden && !identifier_found) {
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
switch (mode) {
|
|
case ACL_MODE_SET:
|
|
break;
|