From 96d851d150d24fafbcc8b2f695d4bdee6cbd7173 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Wed, 01 Aug 2007 21:26:43 +0000
Subject: [PATCH] Fix a problem in the way that the Netscape password expired control was being encoded. It was previously thought to have no value, but in actuality it should have always have a value whose string representation should be "0".
---
opends/src/server/org/opends/server/controls/PasswordExpiredControl.java | 30 +++++++++++++++++-------------
opends/src/server/org/opends/server/messages/ProtocolMessages.java | 9 ++++-----
2 files changed, 21 insertions(+), 18 deletions(-)
diff --git a/opends/src/server/org/opends/server/controls/PasswordExpiredControl.java b/opends/src/server/org/opends/server/controls/PasswordExpiredControl.java
index c74c9a6..8208f94 100644
--- a/opends/src/server/org/opends/server/controls/PasswordExpiredControl.java
+++ b/opends/src/server/org/opends/server/controls/PasswordExpiredControl.java
@@ -28,6 +28,7 @@
+import org.opends.server.protocols.asn1.ASN1OctetString;
import org.opends.server.protocols.ldap.LDAPResultCode;
import org.opends.server.types.Control;
import org.opends.server.types.LDAPException;
@@ -39,23 +40,20 @@
/**
- * This class implements the Netscape password expired control. This is a very
- * simple control because it does not have a value.
+ * This class implements the Netscape password expired control. The value for
+ * this control should be a string that indicates the length of time until the
+ * password expires, but because it is already expired it will always be "0".
*/
public class PasswordExpiredControl
extends Control
{
-
-
-
/**
* Creates a new instance of the password expired control with the default
* settings.
*/
public PasswordExpiredControl()
{
- super(OID_NS_PASSWORD_EXPIRED, false);
-
+ super(OID_NS_PASSWORD_EXPIRED, false, new ASN1OctetString("0"));
}
@@ -70,8 +68,7 @@
*/
public PasswordExpiredControl(String oid, boolean isCritical)
{
- super(oid, isCritical);
-
+ super(oid, isCritical, new ASN1OctetString("0"));
}
@@ -93,12 +90,19 @@
{
if (control.hasValue())
{
- int msgID = MSGID_PWEXPIRED_CONTROL_HAS_VALUE;
- String message = getMessage(msgID);
- throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, msgID, message);
+ String valueStr = control.getValue().stringValue();
+ try
+ {
+ Integer.parseInt(valueStr);
+ }
+ catch (Exception e)
+ {
+ int msgID = MSGID_PWEXPIRED_CONTROL_INVALID_VALUE;
+ String message = getMessage(msgID);
+ throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, msgID, message);
+ }
}
-
return new PasswordExpiredControl(control.getOID(), control.isCritical());
}
diff --git a/opends/src/server/org/opends/server/messages/ProtocolMessages.java b/opends/src/server/org/opends/server/messages/ProtocolMessages.java
index 632fdc2..ad556c2 100644
--- a/opends/src/server/org/opends/server/messages/ProtocolMessages.java
+++ b/opends/src/server/org/opends/server/messages/ProtocolMessages.java
@@ -3766,9 +3766,9 @@
/**
* The message ID for the message that will be used if a password expired
- * control has a value. This does not take any arguments.
+ * control has an invalid value. This does not take any arguments.
*/
- public static final int MSGID_PWEXPIRED_CONTROL_HAS_VALUE =
+ public static final int MSGID_PWEXPIRED_CONTROL_INVALID_VALUE =
CATEGORY_MASK_PROTOCOL | SEVERITY_MASK_SEVERE_ERROR | 342;
@@ -6477,11 +6477,10 @@
"for use in matching attribute values");
- registerMessage(MSGID_PWEXPIRED_CONTROL_HAS_VALUE,
+ registerMessage(MSGID_PWEXPIRED_CONTROL_INVALID_VALUE,
"Cannot decode the provided control as a password " +
"expired control because the provided control had a " +
- "value but the password expired control should not have " +
- "a value");
+ "value that could not be parsed as an integer");
registerMessage(MSGID_PWEXPIRING_NO_CONTROL_VALUE,
--
Gitblit v1.10.0