1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 """LDAP protocol message conversion; no application logic here."""
18
19 from pureber import (
20
21 BERBoolean, BERDecoderContext, BEREnumerated, BERInteger, BERNull,
22 BEROctetString, BERSequence, BERSequenceOf, BERSet, BERStructured,
23
24 CLASS_APPLICATION, CLASS_CONTEXT,
25
26 berDecodeMultiple, berDecodeObject, int2berlen,
27 )
28
29 next_ldap_message_id=1
35
37 s = s.replace('\\', r'\5c')
38 s = s.replace('*', r'\2a')
39 s = s.replace('(', r'\28')
40 s = s.replace(')', r'\29')
41 s = s.replace('\0', r'\00')
42 return s
43
46
49
51 id = None
52 value = None
53
54 - def fromBER(klass, tag, content, berdecoder=None):
76 fromBER = classmethod(fromBER)
77
78 - def __init__(self, value=None, controls=None, id=None, tag=None):
86
92
94 l=[]
95 l.append('id=%r' % self.id)
96 l.append('value=%r' % self.value)
97 if self.tag!=self.__class__.tag:
98 l.append('tag=%d' % self.tag)
99 return self.__class__.__name__+'('+', '.join(l)+')'
100
104
106 raise NotImplementedError
107
111
114
119
121 tag=CLASS_APPLICATION|0x00
122
123 - def fromBER(klass, tag, content, berdecoder=None):
133 fromBER = classmethod(fromBER)
134
135 - def __init__(self, version=None, dn=None, auth=None, tag=None):
147
154
156 l=[]
157 l.append('version=%d' % self.version)
158 l.append('dn=%s' % repr(self.dn))
159 l.append('auth=%s' % repr(self.auth))
160 if self.tag!=self.__class__.tag:
161 l.append('tag=%d' % self.tag)
162 return self.__class__.__name__+'('+', '.join(l)+')'
163
164
165
168
169
170
187
188
189 -class LDAPResult(LDAPProtocolResponse, BERSequence):
190 - def fromBER(klass, tag, content, berdecoder=None):
207 fromBER = classmethod(fromBER)
208
209 - def __init__(self, resultCode=None, matchedDN=None, errorMessage=None, referral=None, serverSaslCreds=None, tag=None):
222
231
244
249
254
304
315
318
320 - def fromBER(klass, tag, content, berdecoder=None):
328 fromBER = classmethod(fromBER)
329
330 - def __init__(self, attributeDesc=None, assertionValue=None, tag=None):
331 BERSequence.__init__(self, value=[], tag=tag)
332 assert attributeDesc is not None
333 self.attributeDesc=attributeDesc
334 self.assertionValue=assertionValue
335
337 return str(BERSequence([self.attributeDesc,
338 self.assertionValue],
339 tag=self.tag))
340
342 if self.tag==self.__class__.tag:
343 return self.__class__.__name__+"(attributeDesc=%s, assertionValue=%s)"\
344 %(repr(self.attributeDesc), repr(self.assertionValue))
345 else:
346 return self.__class__.__name__+"(attributeDesc=%s, assertionValue=%s, tag=%d)"\
347 %(repr(self.attributeDesc), repr(self.assertionValue), self.tag)
348
349
353
360
366
372
406
413
419
420
426
432
439
441 tag = CLASS_CONTEXT|0x04
442
443 - def fromBER(klass, tag, content, berdecoder=None):
452 fromBER = classmethod(fromBER)
453
454 - def __init__(self, type=None, substrings=None, tag=None):
460
465
467 if self.tag==self.__class__.tag:
468 return self.__class__.__name__\
469 +"(type=%s, substrings=%s)"\
470 %(repr(self.type), repr(self.substrings))
471 else:
472 return self.__class__.__name__\
473 +"(type=%s, substrings=%s, tag=%d)"\
474 %(repr(self.type), repr(self.substrings), self.tag)
475
477 initial=None
478 final=None
479 any=[]
480
481 for s in self.substrings:
482 assert s is not None
483 if isinstance(s, LDAPFilter_substrings_initial):
484 assert initial is None
485 assert not any
486 assert final is None
487 initial=s.asText()
488 elif isinstance(s, LDAPFilter_substrings_final):
489 assert final is None
490 final=s.asText()
491 elif isinstance(s, LDAPFilter_substrings_any):
492 assert final is None
493 any.append(s.asText())
494 else:
495 raise 'TODO'
496
497 if initial is None:
498 initial=''
499 if final is None:
500 final=''
501
502
503 return '('+self.type+'=' \
504 +'*'.join([initial]+any+[final])+')'
505
512
519
525
533
536
539
543
547
551
555
563
565 matchingRule=None
566 type=None
567 matchValue=None
568 dnAttributes=None
569
570 - def fromBER(klass, tag, content, berdecoder=None):
571 l = berDecodeMultiple(content, LDAPBERDecoderContext_MatchingRuleAssertion(fallback=berdecoder, inherit=berdecoder))
572
573 assert 1<=len(l)<=4
574 if isinstance(l[0], LDAPMatchingRuleAssertion_matchingRule):
575 matchingRule=l[0]
576 del l[0]
577 if len(l)>1 \
578 and isinstance(l[0], LDAPMatchingRuleAssertion_type):
579 type=l[0]
580 del l[0]
581 if len(l)>1 \
582 and isinstance(l[0], LDAPMatchingRuleAssertion_matchValue):
583 matchValue=l[0]
584 del l[0]
585 if len(l)>1 \
586 and isinstance(l[0], LDAPMatchingRuleAssertion_dnAttributes):
587 dnAttributes=l[0]
588 del l[0]
589 assert matchValue
590 if not dnAttributes:
591 dnAttributes=None
592
593 assert 8<=len(l)<=8
594 r = klass(matchingRule=matchingRule,
595 type=type,
596 matchValue=matchValue,
597 dnAttributes=dnAttributes,
598 tag=tag)
599 return r
600 fromBER = classmethod(fromBER)
601
602 - def __init__(self, matchingRule=None, type=None,
603 matchValue=None, dnAttributes=None,
604 tag=None):
613
617
619 l=[]
620 l.append('matchingRule=%s' % repr(self.matchingRule))
621 l.append('type=%s' % repr(self.type))
622 l.append('matchValue=%s' % repr(self.matchValue))
623 l.append('dnAttributes=%s' % repr(self.dnAttributes))
624 if self.tag!=self.__class__.tag:
625 l.append('tag=%d' % self.tag)
626 return self.__class__.__name__+'('+', '.join(l)+')'
627
631
632
633 -class LDAPBERDecoderContext_Filter(BERDecoderContext):
634 Identities = {
635 LDAPFilter_and.tag: LDAPFilter_and,
636 LDAPFilter_or.tag: LDAPFilter_or,
637 LDAPFilter_not.tag: LDAPFilter_not,
638 LDAPFilter_equalityMatch.tag: LDAPFilter_equalityMatch,
639 LDAPFilter_substrings.tag: LDAPFilter_substrings,
640 LDAPFilter_greaterOrEqual.tag: LDAPFilter_greaterOrEqual,
641 LDAPFilter_lessOrEqual.tag: LDAPFilter_lessOrEqual,
642 LDAPFilter_present.tag: LDAPFilter_present,
643 LDAPFilter_approxMatch.tag: LDAPFilter_approxMatch,
644 LDAPFilter_extensibleMatch.tag: LDAPFilter_extensibleMatch,
645 }
646
647 LDAP_SCOPE_baseObject=0
648 LDAP_SCOPE_singleLevel=1
649 LDAP_SCOPE_wholeSubtree=2
650
651 LDAP_DEREF_neverDerefAliases=0
652 LDAP_DEREF_derefInSearching=1
653 LDAP_DEREF_derefFindingBaseObj=2
654 LDAP_DEREF_derefAlways=3
655
656 LDAPFilterMatchAll = LDAPFilter_present('objectClass')
657
659 tag=CLASS_APPLICATION|0x03
660
661 baseObject=''
662 scope=LDAP_SCOPE_wholeSubtree
663 derefAliases=LDAP_DEREF_neverDerefAliases
664 sizeLimit=0
665 timeLimit=0
666 typesOnly=0
667 filter=LDAPFilterMatchAll
668 attributes=[]
669
670
671
672 - def fromBER(klass, tag, content, berdecoder=None):
673 l = berDecodeMultiple(content, LDAPBERDecoderContext_Filter(fallback=berdecoder, inherit=berdecoder))
674
675 assert 8<=len(l)<=8
676 r = klass(baseObject=l[0].value,
677 scope=l[1].value,
678 derefAliases=l[2].value,
679 sizeLimit=l[3].value,
680 timeLimit=l[4].value,
681 typesOnly=l[5].value,
682 filter=l[6],
683 attributes=[x.value for x in l[7]],
684 tag=tag)
685 return r
686 fromBER = classmethod(fromBER)
687
688 - def __init__(self,
689 baseObject=None,
690 scope=None,
691 derefAliases=None,
692 sizeLimit=None,
693 timeLimit=None,
694 typesOnly=None,
695 filter=None,
696 attributes=None,
697 tag=None):
717
719 return str(BERSequence([
720 BEROctetString(self.baseObject),
721 BEREnumerated(self.scope),
722 BEREnumerated(self.derefAliases),
723 BERInteger(self.sizeLimit),
724 BERInteger(self.timeLimit),
725 BERBoolean(self.typesOnly),
726 self.filter,
727 BERSequenceOf(map(BEROctetString, self.attributes)),
728 ], tag=self.tag))
729
731 if self.tag==self.__class__.tag:
732 return self.__class__.__name__\
733 +("(baseObject=%s, scope=%s, derefAliases=%s, " \
734 +"sizeLimit=%s, timeLimit=%s, typesOnly=%s, " \
735 "filter=%s, attributes=%s)") \
736 %(repr(self.baseObject), self.scope,
737 self.derefAliases, self.sizeLimit,
738 self.timeLimit, self.typesOnly,
739 repr(self.filter), self.attributes)
740
741 else:
742 return self.__class__.__name__\
743 +("(baseObject=%s, scope=%s, derefAliases=%s, " \
744 +"sizeLimit=%s, timeLimit=%s, typesOnly=%s, " \
745 "filter=%s, attributes=%s, tag=%d)") \
746 %(repr(self.baseObject), self.scope,
747 self.derefAliases, self.sizeLimit,
748 self.timeLimit, self.typesOnly,
749 self.filter, self.attributes, self.tag)
750
751 -class LDAPSearchResultEntry(LDAPProtocolResponse, BERSequence):
752 tag=CLASS_APPLICATION|0x04
753
754 - def fromBER(klass, tag, content, berdecoder=None):
755 l = berDecodeMultiple(content, LDAPBERDecoderContext_Filter(fallback=berdecoder, inherit=berdecoder))
756
757 objectName=l[0].value
758 attributes=[]
759 for attr, li in l[1].data:
760 attributes.append((attr.value, map(lambda x: x.value, li)))
761 r = klass(objectName=objectName,
762 attributes=attributes,
763 tag=tag)
764 return r
765 fromBER = classmethod(fromBER)
766
767 - def __init__(self, objectName, attributes, tag=None):
768 LDAPProtocolResponse.__init__(self)
769 BERSequence.__init__(self, [], tag=tag)
770 assert objectName is not None
771 assert attributes is not None
772 self.objectName=objectName
773 self.attributes=attributes
774
776 return str(BERSequence([
777 BEROctetString(self.objectName),
778 BERSequence(map(lambda (attr,li):
779 BERSequence([BEROctetString(attr),
780 BERSet(map(BEROctetString,
781 li))]),
782 self.attributes)),
783 ], tag=self.tag))
784
785 - def __repr__(self):
786 if self.tag==self.__class__.tag:
787 return self.__class__.__name__\
788 +"(objectName=%s, attributes=%s"\
789 %(repr(str(self.objectName)),
790 repr(map(lambda (a,l):
791 (str(a),
792 map(lambda i, l=l: str(i), l)),
793 self.attributes)))
794 else:
795 return self.__class__.__name__\
796 +"(objectName=%s, attributes=%s, tag=%d"\
797 %(repr(str(self.objectName)),
798 repr(map(lambda (a,l):
799 (str(a),
800 map(lambda i, l=l: str(i), l)),
801 self.attributes)),
802 self.tag)
803
804
809
820
822 criticality = None
823 controlValue = None
824
825 - def fromBER(klass, tag, content, berdecoder=None):
826 l = berDecodeMultiple(content, berdecoder)
827
828 kw = {}
829 if l[1:]:
830 kw['criticality'] = l[1].value
831 if l[2:]:
832 kw['controlValue'] = l[2].value
833
834 assert not l[3:]
835
836 r = klass(controlType=l[0].value,
837 tag=tag,
838 **kw)
839 return r
840 fromBER = classmethod(fromBER)
841
842 - def __init__(self,
843 controlType, criticality=None, controlValue=None,
844 id=None, tag=None):
850
858
863
869
874
876 tag=CLASS_APPLICATION|0x06
877 object = None
878 modification = None
879
880 - def fromBER(klass, tag, content, berdecoder=None):
889 fromBER = classmethod(fromBER)
890
891 - def __init__(self, object=None, modification=None, tag=None):
892 """
893 Initialize the object
894
895 Example usage::
896
897 l = LDAPModifyRequest(
898 object='cn=foo,dc=example,dc=com',
899 modification=[
900
901 BERSequence([
902 BEREnumerated(0),
903 BERSequence([
904 LDAPAttributeDescription('attr1'),
905 BERSet([
906 LDAPString('value1'),
907 LDAPString('value2'),
908 ]),
909 ]),
910 ]),
911
912 BERSequence([
913 BEREnumerated(1),
914 BERSequence([
915 LDAPAttributeDescription('attr2'),
916 ]),
917 ]),
918
919 ])
920
921 But more likely you just want to say::
922
923 mod = delta.ModifyOp('cn=foo,dc=example,dc=com',
924 [delta.Add('attr1', ['value1', 'value2']),
925 delta.Delete('attr1', ['value1', 'value2'])])
926 l = mod.asLDAP()
927 """
928
929 LDAPProtocolRequest.__init__(self)
930 BERSequence.__init__(self, [], tag=tag)
931 self.object=object
932 self.modification=modification
933
939
947
948
951
953 tag = CLASS_APPLICATION|0x08
954
955 - def fromBER(klass, tag, content, berdecoder=None):
962 fromBER = classmethod(fromBER)
963
964 - def __init__(self, entry=None, attributes=None, tag=None):
965 """
966 Initialize the object
967
968 Example usage::
969
970 l=LDAPAddRequest(entry='cn=foo,dc=example,dc=com',
971 attributes=[(LDAPAttributeDescription("attrFoo"),
972 BERSet(value=(
973 LDAPAttributeValue("value1"),
974 LDAPAttributeValue("value2"),
975 ))),
976 (LDAPAttributeDescription("attrBar"),
977 BERSet(value=(
978 LDAPAttributeValue("value1"),
979 LDAPAttributeValue("value2"),
980 ))),
981 ])
982 """
983
984 LDAPProtocolRequest.__init__(self)
985 BERSequence.__init__(self, [], tag=tag)
986 self.entry=entry
987 self.attributes=attributes
988
994
996 if self.tag==self.__class__.tag:
997 return self.__class__.__name__+"(entry=%s, attributes=%s)"\
998 %(repr(self.entry), repr(self.attributes))
999 else:
1000 return self.__class__.__name__+"(entry=%s, attributes=%s, tag=%d)" \
1001 %(repr(self.entry), repr(self.attributes), self.tag)
1002
1003
1004
1007
1009 tag = CLASS_APPLICATION|0x0a
1010
1011 - def __init__(self, value=None, entry=None, tag=None):
1021
1024
1026 if self.tag==self.__class__.tag:
1027 return self.__class__.__name__+"(entry=%s)" \
1028 %repr(self.value)
1029 else:
1030 return self.__class__.__name__ \
1031 +"(entry=%s, tag=%d)" \
1032 %(repr(self.value), self.tag)
1033
1034
1038
1039
1044
1049
1051 tag=CLASS_APPLICATION|12
1052
1053 entry=None
1054 newrdn=None
1055 deleteoldrdn=None
1056 newSuperior=None
1057
1058 - def fromBER(klass, tag, content, berdecoder=None):
1073 fromBER = classmethod(fromBER)
1074
1075 - def __init__(self, entry, newrdn, deleteoldrdn, newSuperior=None,
1076 tag=None):
1096
1106
1108 l = [
1109 "entry=%s" % repr(self.entry),
1110 "newrdn=%s" % repr(self.newrdn),
1111 "deleteoldrdn=%s" % repr(self.deleteoldrdn),
1112 ]
1113 if self.newSuperior is not None:
1114 l.append("newSuperior=%s" % repr(self.newSuperior))
1115 if self.tag!=self.__class__.tag:
1116 l.append("tag=%d" % self.tag)
1117 return self.__class__.__name__ + "(" + ', '.join(l) + ")"
1118
1121
1122
1123
1124
1125
1126
1127
1130
1133
1136
1142
1180
1187
1199
1201 oid = '1.3.6.1.4.1.4203.1.11.1'
1202
1203 - def __init__(self, requestName=None,
1204 userIdentity=None, oldPasswd=None, newPasswd=None,
1205 tag=None):
1224
1226 l=[]
1227
1228 if self.tag!=self.__class__.tag:
1229 l.append('tag=%d' % self.tag)
1230 return self.__class__.__name__+'('+', '.join(l)+')'
1231
1237
1239 tag = CLASS_APPLICATION|0x18
1240
1241 responseName = None
1242 response = None
1243
1244 - def fromBER(klass, tag, content, berdecoder=None):
1261 fromBER = classmethod(fromBER)
1262
1263 - def __init__(self, resultCode=None, matchedDN=None, errorMessage=None,
1264 referral=None, serverSaslCreds=None,
1265 responseName=None, response=None,
1266 tag=None):
1275
1288
1290 """
1291 Request to start Transport Layer Security.
1292
1293 See RFC 2830 for details.
1294 """
1295 oid = '1.3.6.1.4.1.1466.20037'
1296
1297 - def __init__(self, requestName=None, tag=None):
1307
1309 l=[]
1310 if self.tag!=self.__class__.tag:
1311 l.append('tag=%d' % self.tag)
1312 return self.__class__.__name__+'('+', '.join(l)+')'
1313
1314 -class LDAPBERDecoderContext(BERDecoderContext):
1315 Identities = {
1316 LDAPBindResponse.tag: LDAPBindResponse,
1317 LDAPBindRequest.tag: LDAPBindRequest,
1318 LDAPUnbindRequest.tag: LDAPUnbindRequest,
1319 LDAPSearchRequest.tag: LDAPSearchRequest,
1320 LDAPSearchResultEntry.tag: LDAPSearchResultEntry,
1321 LDAPSearchResultDone.tag: LDAPSearchResultDone,
1322 LDAPReferral.tag: LDAPReferral,
1323 LDAPModifyRequest.tag: LDAPModifyRequest,
1324 LDAPModifyResponse.tag: LDAPModifyResponse,
1325 LDAPAddRequest.tag: LDAPAddRequest,
1326 LDAPAddResponse.tag: LDAPAddResponse,
1327 LDAPDelRequest.tag: LDAPDelRequest,
1328 LDAPDelResponse.tag: LDAPDelResponse,
1329 LDAPExtendedRequest.tag: LDAPExtendedRequest,
1330 LDAPExtendedResponse.tag: LDAPExtendedResponse,
1331 LDAPModifyDNRequest.tag: LDAPModifyDNRequest,
1332 LDAPModifyDNResponse.tag: LDAPModifyDNResponse,
1333 }
1334