From: Howard Chu Date: Mon, 15 Mar 2004 23:53:37 +0000 (+0000) Subject: ldap_parse_passwordpolicy_control takes a single LDAPControl* arg now, X-Git-Tag: OPENLDAP_REL_ENG_2_2_BP~292 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=2b86ace6534d52875b450f841337f6daa49095d9;p=openldap ldap_parse_passwordpolicy_control takes a single LDAPControl* arg now, use ldap_find_control to find it. Added ldap_passwordpolicy_err2text(). --- diff --git a/include/ldap.h b/include/ldap.h index 043cfb9263..00461e1829 100644 --- a/include/ldap.h +++ b/include/ldap.h @@ -1959,10 +1959,13 @@ ldap_create_passwordpolicy_control LDAP_P(( LDAP_F( int ) ldap_parse_passwordpolicy_control LDAP_P(( LDAP *ld, - LDAPControl **ctrls, + LDAPControl *ctrl, int *expirep, int *gracep, LDAPPasswordPolicyError *errorp )); +LDAP_F( const char * ) +ldap_passwordpolicy_err2txt LDAP_P(( LDAPPasswordPolicyError )); + LDAP_END_DECL #endif /* _LDAP_H */ diff --git a/libraries/libldap/ppcontrol.c b/libraries/libldap/ppcontrol.c index 05d92a4af8..b9c5e15ce7 100644 --- a/libraries/libldap/ppcontrol.c +++ b/libraries/libldap/ppcontrol.c @@ -77,9 +77,9 @@ ldap_create_passwordpolicy_control( LDAP *ld, ld (IN) An LDAP session handle. - ctrls (IN) The address of a NULL-terminated array of - LDAPControl structures, typically obtained - by a call to ldap_parse_result(). + ctrls (IN) The address of an + LDAPControl structure, typically obtained + by a call to ldap_find_control(). exptimep (OUT) This result parameter is filled in with the number of seconds before the password will expire, if expiration is imminent @@ -115,13 +115,12 @@ ldap_create_passwordpolicy_control( LDAP *ld, int ldap_parse_passwordpolicy_control( LDAP *ld, - LDAPControl **ctrls, + LDAPControl *ctrl, int *expirep, int *gracep, LDAPPasswordPolicyError *errorp ) { BerElement *ber; - LDAPControl *pControl; int i, exp = -1, grace = -1; ber_tag_t tag; ber_len_t berLen; @@ -130,26 +129,10 @@ ldap_parse_passwordpolicy_control( assert( ld != NULL ); assert( LDAP_VALID( ld ) ); + assert( ctrl ); - if (ctrls == NULL) { - ld->ld_errno = LDAP_CONTROL_NOT_FOUND; - return(ld->ld_errno); - } - - /* Search the list of control responses for a VLV control. */ - for (i=0; ctrls[i]; i++) { - pControl = ctrls[i]; - if (!strcmp(LDAP_CONTROL_PASSWORDPOLICYRESPONSE, pControl->ldctl_oid)) - goto foundPPControl; - } - - /* No sort control was found. */ - ld->ld_errno = LDAP_CONTROL_NOT_FOUND; - return(ld->ld_errno); - -foundPPControl: /* Create a BerElement from the berval returned in the control. */ - ber = ber_init(&pControl->ldctl_value); + ber = ber_init(&ctrl->ldctl_value); if (ber == NULL) { ld->ld_errno = LDAP_NO_MEMORY; @@ -202,3 +185,21 @@ foundPPControl: ld->ld_errno = LDAP_DECODING_ERROR; return(ld->ld_errno); } + +const char * +ldap_passwordpolicy_err2txt( LDAPPasswordPolicyError err ) +{ + switch(err) { + case PP_passwordExpired: return "Password expired"; + case PP_accountLocked: return "Account locked"; + case PP_changeAfterReset: return "Password must be changed"; + case PP_passwordModNotAllowed: return "Policy prevents password modification"; + case PP_mustSupplyOldPassword: return "Policy requires old password in order to change password"; + case PP_insufficientPasswordQuality: return "Password fails quality checks"; + case PP_passwordTooShort: return "Password is too short for policy"; + case PP_passwordTooYoung: return "Password has been changed too recently"; + case PP_passwordInHistory: return "New password is in list of old passwords"; + case PP_noError: return "No error"; + default: return "Unknown error code"; + } +}