Commit 98937068 authored by Ondřej Kuzník's avatar Ondřej Kuzník Committed by Quanah Gibson-Mount
Browse files

ITS#9279 Send Netscape expired control as a bare string

parent 68e4f250
...@@ -221,44 +221,34 @@ ldap_parse_password_expiring_control( ...@@ -221,44 +221,34 @@ ldap_parse_password_expiring_control(
LDAPControl *ctrl, LDAPControl *ctrl,
long *secondsp ) long *secondsp )
{ {
BerElement *ber;
struct berval time_string;
long seconds = 0; long seconds = 0;
char buf[sizeof("-2147483648")];
char *next; char *next;
assert( ld != NULL ); assert( ld != NULL );
assert( LDAP_VALID( ld ) ); assert( LDAP_VALID( ld ) );
assert( ctrl != NULL ); assert( ctrl != NULL );
if ( !ctrl->ldctl_value.bv_val ) { if ( BER_BVISEMPTY( &ctrl->ldctl_value ) ||
ctrl->ldctl_value.bv_len >= sizeof(buf) ) {
ld->ld_errno = LDAP_DECODING_ERROR; ld->ld_errno = LDAP_DECODING_ERROR;
return(ld->ld_errno); return(ld->ld_errno);
} }
/* Create a BerElement from the berval returned in the control. */ memcpy( buf, ctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_len );
ber = ber_init(&ctrl->ldctl_value); buf[ctrl->ldctl_value.bv_len] = '\0';
if (ber == NULL) { seconds = strtol( buf, &next, 10 );
ld->ld_errno = LDAP_NO_MEMORY; if ( next == buf || next[0] != '\0' ) goto exit;
return(ld->ld_errno);
}
if ( ber_get_stringbv( ber, &time_string, 0 ) == LBER_ERROR ) goto exit;
seconds = strtol( time_string.bv_val, &next, 10 );
if ( next == time_string.bv_val || next[0] != '\0' ) goto exit;
if ( secondsp != NULL ) { if ( secondsp != NULL ) {
*secondsp = seconds; *secondsp = seconds;
} }
ber_free(ber, 1);
ld->ld_errno = LDAP_SUCCESS; ld->ld_errno = LDAP_SUCCESS;
return(ld->ld_errno); return(ld->ld_errno);
exit: exit:
ber_free(ber, 1);
ld->ld_errno = LDAP_DECODING_ERROR; ld->ld_errno = LDAP_DECODING_ERROR;
return(ld->ld_errno); return(ld->ld_errno);
} }
......
...@@ -449,24 +449,13 @@ fail: ...@@ -449,24 +449,13 @@ fail:
static LDAPControl * static LDAPControl *
create_passexpiry( Operation *op, int expired, int warn ) create_passexpiry( Operation *op, int expired, int warn )
{ {
BerElementBuffer berbuf; LDAPControl *cp;
BerElement *ber = (BerElement *) &berbuf;
LDAPControl c = { 0 }, *cp;
char buf[sizeof("-2147483648")]; char buf[sizeof("-2147483648")];
struct berval bv = { .bv_val = buf, .bv_len = sizeof(buf) }; struct berval bv = { .bv_val = buf, .bv_len = sizeof(buf) };
int rc;
BER_BVZERO( &c.ldctl_value );
bv.bv_len = snprintf( bv.bv_val, bv.bv_len, "%d", warn ); bv.bv_len = snprintf( bv.bv_val, bv.bv_len, "%d", warn );
ber_init2( ber, NULL, LBER_USE_DER ); cp = op->o_tmpalloc( sizeof( LDAPControl ) + bv.bv_len, op->o_tmpmemctx );
ber_printf( ber, "O", &bv );
if (ber_flatten2( ber, &c.ldctl_value, 0 ) == -1) {
return NULL;
}
cp = op->o_tmpalloc( sizeof( LDAPControl ) + c.ldctl_value.bv_len, op->o_tmpmemctx );
if ( expired ) { if ( expired ) {
cp->ldctl_oid = (char *)ppolicy_pwd_expired_oid; cp->ldctl_oid = (char *)ppolicy_pwd_expired_oid;
} else { } else {
...@@ -474,11 +463,8 @@ create_passexpiry( Operation *op, int expired, int warn ) ...@@ -474,11 +463,8 @@ create_passexpiry( Operation *op, int expired, int warn )
} }
cp->ldctl_iscritical = 0; cp->ldctl_iscritical = 0;
cp->ldctl_value.bv_val = (char *)&cp[1]; cp->ldctl_value.bv_val = (char *)&cp[1];
cp->ldctl_value.bv_len = c.ldctl_value.bv_len; cp->ldctl_value.bv_len = bv.bv_len;
AC_MEMCPY( cp->ldctl_value.bv_val, c.ldctl_value.bv_val, c.ldctl_value.bv_len ); AC_MEMCPY( cp->ldctl_value.bv_val, bv.bv_val, bv.bv_len );
fail:
(void)ber_free_buf(ber);
return cp; return cp;
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment