ITS#9279 Send Netscape expired control as a bare string

libraries/libldap/ppolicy.c

@@ -221,44 +221,34 @@ ldap_parse_password_expiring_control(
 	LDAPControl    *ctrl,
 	long           *secondsp )
 {
-	BerElement  *ber;
-	struct berval time_string;
 	long seconds = 0;
+	char buf[sizeof("-2147483648")];
 	char *next;
 
 	assert( ld != NULL );
 	assert( LDAP_VALID( ld ) );
 	assert( ctrl != NULL );
 
-	if ( !ctrl->ldctl_value.bv_val ) {
+	if ( BER_BVISEMPTY( &ctrl->ldctl_value ) ||
+		ctrl->ldctl_value.bv_len >= sizeof(buf) ) {
 		ld->ld_errno = LDAP_DECODING_ERROR;
 		return(ld->ld_errno);
 	}
 
-	/* Create a BerElement from the berval returned in the control. */
-	ber = ber_init(&ctrl->ldctl_value);
+	memcpy( buf, ctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_len );
+	buf[ctrl->ldctl_value.bv_len] = '\0';
 
-	if (ber == NULL) {
-		ld->ld_errno = LDAP_NO_MEMORY;
-		return(ld->ld_errno);
-	}
-
-	if ( ber_get_stringbv( ber, &time_string, 0 ) == LBER_ERROR ) goto exit;
-
-	seconds = strtol( time_string.bv_val, &next, 10 );
-	if ( next == time_string.bv_val || next[0] != '\0' ) goto exit;
+	seconds = strtol( buf, &next, 10 );
+	if ( next == buf || next[0] != '\0' ) goto exit;
 
 	if ( secondsp != NULL ) {
 		*secondsp = seconds;
 	}
 
-	ber_free(ber, 1);
-
 	ld->ld_errno = LDAP_SUCCESS;
 	return(ld->ld_errno);
 
   exit:
-	ber_free(ber, 1);
 	ld->ld_errno = LDAP_DECODING_ERROR;
 	return(ld->ld_errno);
 }

servers/slapd/overlays/ppolicy.c

@@ -449,24 +449,13 @@ fail:
 static LDAPControl *
 create_passexpiry( Operation *op, int expired, int warn )
 {
-	BerElementBuffer berbuf;
-	BerElement *ber = (BerElement *) &berbuf;
-	LDAPControl c = { 0 }, *cp;
+	LDAPControl *cp;
 	char buf[sizeof("-2147483648")];
 	struct berval bv = { .bv_val = buf, .bv_len = sizeof(buf) };
-	int rc;
-
-	BER_BVZERO( &c.ldctl_value );
 
 	bv.bv_len = snprintf( bv.bv_val, bv.bv_len, "%d", warn );
 
-	ber_init2( ber, NULL, LBER_USE_DER );
-	ber_printf( ber, "O", &bv );
-
-	if (ber_flatten2( ber, &c.ldctl_value, 0 ) == -1) {
-		return NULL;
-	}
-	cp = op->o_tmpalloc( sizeof( LDAPControl ) + c.ldctl_value.bv_len, op->o_tmpmemctx );
+	cp = op->o_tmpalloc( sizeof( LDAPControl ) + bv.bv_len, op->o_tmpmemctx );
 	if ( expired ) {
 		cp->ldctl_oid = (char *)ppolicy_pwd_expired_oid;
 	} else {
@@ -474,11 +463,8 @@ create_passexpiry( Operation *op, int expired, int warn )
 	}
 	cp->ldctl_iscritical = 0;
 	cp->ldctl_value.bv_val = (char *)&cp[1];
-	cp->ldctl_value.bv_len = c.ldctl_value.bv_len;
-	AC_MEMCPY( cp->ldctl_value.bv_val, c.ldctl_value.bv_val, c.ldctl_value.bv_len );
-fail:
-	(void)ber_free_buf(ber);
-
+	cp->ldctl_value.bv_len = bv.bv_len;
+	AC_MEMCPY( cp->ldctl_value.bv_val, bv.bv_val, bv.bv_len );
 	return cp;
 }