ITS#9279 Expose Netscape password policy controls in libldap

This commit is contained in:
Ondřej Kuzník 2020-06-23 11:49:00 +01:00 committed by Quanah Gibson-Mount
parent 521b8bbe4b
commit fd921e7121
2 changed files with 62 additions and 0 deletions
include
libraries/libldap

View File

@ -392,6 +392,10 @@ typedef struct ldapcontrol {
#define LDAP_TAG_X_ACCOUNT_USABILITY_REMAINING_GRACE ((ber_tag_t) 0x83U) /* primitive + 3 */
#define LDAP_TAG_X_ACCOUNT_USABILITY_UNTIL_UNLOCK ((ber_tag_t) 0x84U) /* primitive + 4 */
/* Netscape Password policy response controls */
#define LDAP_CONTROL_X_PASSWORD_EXPIRED "2.16.840.1.113730.3.4.4"
#define LDAP_CONTROL_X_PASSWORD_EXPIRING "2.16.840.1.113730.3.4.5"
/* LDAP Unsolicited Notifications */
#define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036" /* RFC 4511 */
#define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION
@ -2402,6 +2406,12 @@ LDAP_F( const char * )
ldap_passwordpolicy_err2txt LDAP_P(( LDAPPasswordPolicyError ));
#endif /* LDAP_CONTROL_PASSWORDPOLICYREQUEST */
LDAP_F( int )
ldap_parse_password_expiring_control LDAP_P((
LDAP *ld,
LDAPControl *ctrl,
long *secondsp ));
/*
* LDAP Dynamic Directory Services Refresh -- RFC 2589
* in dds.c

View File

@ -213,3 +213,55 @@ ldap_passwordpolicy_err2txt( LDAPPasswordPolicyError err )
}
#endif /* LDAP_CONTROL_PASSWORDPOLICYREQUEST */
#ifdef LDAP_CONTROL_X_PASSWORD_EXPIRING
int
ldap_parse_password_expiring_control(
LDAP *ld,
LDAPControl *ctrl,
long *secondsp )
{
BerElement *ber;
struct berval time_string;
long seconds = 0;
char *next;
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( ctrl != NULL );
if ( !ctrl->ldctl_value.bv_val ) {
ld->ld_errno = LDAP_DECODING_ERROR;
return(ld->ld_errno);
}
/* Create a BerElement from the berval returned in the control. */
ber = ber_init(&ctrl->ldctl_value);
if (ber == NULL) {
ld->ld_errno = LDAP_NO_MEMORY;
return(ld->ld_errno);
}
if ( ber_get_stringbv( ber, &time_string, 0 ) == LBER_ERROR ) goto exit;
seconds = strtol( time_string.bv_val, &next, 10 );
if ( next == time_string.bv_val || next[0] != '\0' ) goto exit;
if ( secondsp != NULL ) {
*secondsp = seconds;
}
ber_free(ber, 1);
ld->ld_errno = LDAP_SUCCESS;
return(ld->ld_errno);
exit:
ber_free(ber, 1);
ld->ld_errno = LDAP_DECODING_ERROR;
return(ld->ld_errno);
}
#endif /* LDAP_CONTROL_X_PASSWORD_EXPIRING */