From d14caafc91ea6f417b1c602a91153764cc70f1d9 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Wed, 12 Nov 2014 10:15:46 -0500
Subject: [PATCH 29/30] Ticket 47953 - Should not check aci syntax when
 deleting an aci

Bug Description:  Trying to delete an aci that has an invalid sytenx, generates a
                  syntax error when trying to remove it.

Fix Description:  Do not check the syntax of an aci if it's being deleted.

https://fedorahosted.org/389/ticket/47953

Reviewed by: ?

(cherry picked from commit 3ce60db0a404b4663df6005b78027332d0e56f95)
(cherry picked from commit 6a435f1cce137990c9c55f3f571f97c09ad6d9f4)
---
 ldap/servers/plugins/acl/acl.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c
index fe863c8..5416330 100644
--- a/ldap/servers/plugins/acl/acl.c
+++ b/ldap/servers/plugins/acl/acl.c
@@ -1553,11 +1553,12 @@ acl_check_mods(
 
 				/* Are we adding/replacing a aci attribute
 				** value. In that case, we need to make
-				** sure that the new value has thr right 
+				** sure that the new value has the right
 				** syntax
 				*/
-				if (strcmp(mod->mod_type, 
-					aci_attr_type) == 0) {
+				if (!SLAPI_IS_MOD_DELETE(mod->mod_op) &&
+				    strcmp(mod->mod_type, aci_attr_type) == 0)
+				{
 					if ( 0 != (rv = acl_verify_syntax(pb, e_sdn,
 						mod->mod_bvalues[i], errbuf))) {
 						aclutil_print_err(rv, e_sdn, 
-- 
1.9.3