def test_equality_noMatch(self):
o = inmemory.ReadOnlyInMemoryLDAPEntry(dn='cn=foo,dc=example,dc=com',
attributes={
'objectClass': ['a', 'b'],
'aValue': ['a'],
'bValue': ['b'],
})
result = o.match(
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureber.BEROctetString('aValue'),
assertionValue=pureber.BEROctetString('b')))
self.assertEqual(result, False)
def test_equality_noMatch(self):
o = inmemory.ReadOnlyInMemoryLDAPEntry(
dn="cn=foo,dc=example,dc=com",
attributes={
"objectClass": ["a", "b"],
"aValue": ["a"],
"bValue": ["b"],
},
)
result = o.match(
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureber.BEROctetString("aValue"),
assertionValue=pureber.BEROctetString("b"),
))
self.assertEqual(result, False)
def testPartialBEROctetStringEncodings(self):
"""BEROctetString(encoded="...") with too short input should throw BERExceptionInsufficientData"""
m=str(pureber.BEROctetString("x"))
assert len(m)==3
self.assertRaises(pureber.BERExceptionInsufficientData, pureber.berDecodeObject, pureber.BERDecoderContext(), m[:2])
self.assertRaises(pureber.BERExceptionInsufficientData, pureber.berDecodeObject, pureber.BERDecoderContext(), m[:1])
self.assertEquals((None, 0), pureber.berDecodeObject(pureber.BERDecoderContext(), ''))
def create_paged_search_controls(self, page_size=10, cookie=b''):
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [(b'1.2.840.113556.1.4.319', None, control_value.toWire())]
return controls
def testToBEROctetStringKnownValues(self):
"""BEROctetString(n).toWire() should give known result with known input"""
for st, encoded in self.knownValues:
result = pureber.BEROctetString(st)
result = result.toWire()
result = l(result)
self.assertEqual(encoded, result)
def testToBEROctetStringKnownValues(self):
"""str(BEROctetString(n)) should give known result with known input"""
for st, encoded in self.knownValues:
result = pureber.BEROctetString(st)
result = str(result)
result = list(map(ord, result))
self.assertEqual(encoded, result)
def getHosts(nets, e, filter):
filt = pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription("objectClass"),
assertionValue=pureber.BEROctetString("ipHost"),
)
if filter:
filt = pureldap.LDAPFilter_and(value=(filter, filt))
def _cbGotHost(e):
host = Host(str(e.dn), str(only(e, "cn")),
list(str(i) for i in e["ipHostNumber"]))
for hostIP in host.ipAddresses:
parent = None
for net in nets:
if net.isInNet(hostIP.ipAddress):
parent = net
break
if parent:
hostIP.printZone(parent.name)
else:
sys.stderr.write("IP address %s is in no net, discarding.\n" %
hostIP)
d = e.search(filterObject=filt,
attributes=["ipHostNumber", "cn"],
callback=_cbGotHost)
return d
def buildFilter(hosts):
for host in hosts:
f = pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription("member"),
assertionValue=pureber.BEROctetString(str(host.dn)),
)
yield f
def testSanity(self):
"""BEROctetString(encoded=BEROctetString(n*'x')).value==n*'x' for some values of n"""
for n in 0,1,2,3,4,5,6,100,126,127,128,129,1000,2000:
encoded = str(pureber.BEROctetString(n*'x'))
result, bytes = pureber.berDecodeObject(pureber.BERDecoderContext(), encoded)
self.assertEquals(bytes, len(encoded))
assert isinstance(result, pureber.BEROctetString)
result = result.value
assert n*'x'==result
def testSanity(self):
"""BEROctetString(encoded=BEROctetString(n*'x')).value==n*'x' for some values of n"""
for n in 0, 1, 2, 3, 4, 5, 6, 100, 126, 127, 128, 129, 1000, 2000:
encoded = pureber.BEROctetString(n * b"x").toWire()
result, bytes = pureber.berDecodeObject(
pureber.BERDecoderContext(), encoded)
self.assertEqual(bytes, len(encoded))
self.assertIsInstance(result, pureber.BEROctetString)
result = result.value
self.assertEqual(n * b"x", result)
def create_paged_search_controls(self, page_size=10, cookie=b''):
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
# DUO EDIT D46281: Make criticality optional
# controls = [(b'1.2.840.113556.1.4.319', None, control_value.toWire())]
controls = [(b'1.2.840.113556.1.4.319', False, control_value.toWire())]
# END EDIT
return controls
def test_lessOrEqual_noMatch(self):
o = inmemory.ReadOnlyInMemoryLDAPEntry(dn='cn=foo,dc=example,dc=com',
attributes={
'objectClass': ['a', 'b'],
'aValue': ['b'],
'num': [4],
})
result = o.match(
pureldap.LDAPFilter_lessOrEqual(pureber.BEROctetString('num'),
pureber.BERInteger(3)))
self.assertEqual(result, False)
def request_page_(client, basedn, page_size=100, cookie='', **search_kwds):
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [('1.2.840.113556.1.4.319', None, control_value)]
search_kwds['controls'] = controls
search_kwds['return_controls'] = True
o = LDAPEntry(client, basedn)
results, resp_controls = yield o.search(**search_kwds)
cookie = get_paged_search_cookie_(resp_controls)
defer.returnValue((results, cookie))
def test_lessOrEqual_noMatch(self):
o = inmemory.ReadOnlyInMemoryLDAPEntry(
dn="cn=foo,dc=example,dc=com",
attributes={
"objectClass": ["a", "b"],
"aValue": ["b"],
"num": [4],
},
)
result = o.match(
pureldap.LDAPFilter_lessOrEqual(pureber.BEROctetString("num"),
pureber.BERInteger(3)))
self.assertEqual(result, False)
def process_entry(client, args, search_filter, page_size=100, cookie=''):
basedn = args.base_dn
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [('1.2.840.113556.1.4.319', None, control_value)]
o = LDAPEntry(client, basedn)
results, resp_controls = yield o.search(filterText=search_filter,
attributes=['dn'],
controls=controls,
return_controls=True)
cookie = get_paged_search_cookie(resp_controls)
defer.returnValue((results, cookie))
def test_message_repr(self):
page_size = 10
cookie = "xyzzy"
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [('1.2.840.113556.1.4.319', None, control_value)]
search_request = pureldap.LDAPSearchRequest(
"cn=foo,ou=baz,dc=example,dc=org")
ldap_msg = pureldap.LDAPMessage(id=1,
value=search_request,
controls=controls,
tag=1)
expected_value = "LDAPMessage(id=1, value=LDAPSearchRequest(baseObject='cn=foo,ou=baz,dc=example,dc=org', scope=2, derefAliases=0, sizeLimit=0, timeLimit=0, typesOnly=0, filter=LDAPFilter_present(value='objectClass'), attributes=[]), controls=[('1.2.840.113556.1.4.319', None, BERSequence(value=[BERInteger(value=10), BEROctetString(value='xyzzy')]))], tag=1)"
self.assertEqual(expected_value, repr(ldap_msg))
def testPartialBEROctetStringEncodings(self):
"""BEROctetString(encoded="...") with too short input should throw BERExceptionInsufficientData"""
m = pureber.BEROctetString("x").toWire()
self.assertEqual(3, len(m))
self.assertRaises(
pureber.BERExceptionInsufficientData,
pureber.berDecodeObject,
pureber.BERDecoderContext(),
m[:2],
)
self.assertRaises(
pureber.BERExceptionInsufficientData,
pureber.berDecodeObject,
pureber.BERDecoderContext(),
m[:1],
)
self.assertEqual((None, 0),
pureber.berDecodeObject(pureber.BERDecoderContext(),
""))
def _paged_search(
self,
client,
base_dn,
filter_text,
attributes,
pagination=PAGINATION_TYPE_CRITICAL,
max_result_size=None,
page_size=DEFAULT_PAGE_SIZE,
):
"""
Given a bound client, search exhaustively using RFC 2696.
Return a list of dictionaries containing the attributes
of the resulting entries.
* attributes: Set of lower-case byte-strings.
"""
res = []
def handle_msg(value, controls, d):
try:
if isinstance(value, pureldap.LDAPSearchResultDone):
e = ldaperrors.get(value.resultCode, value.errorMessage)
if isinstance(e, (ldaperrors.Success,
ldaperrors.LDAPSizeLimitExceeded)):
cookie = get_cookie(controls)
d.callback((None, cookie))
else:
d.callback((e, None))
elif isinstance(value, pureldap.LDAPSearchResultEntry):
# Always send DN. Overwrite DN from attribute set, if any.
obj = {
"distinguishedname": [escape_bytes(value.objectName)]
}
for k, vs in value.attributes:
# Smash attribute name case.
k = k.decode().lower()
# Server may not honor attributes (e.g.
# SearchByTreeWalkingMixin).
if attributes and k.encode() not in attributes:
continue
# Covert value to list and encode for JSON.
vs = [escape_bytes(v) for v in vs]
obj[k] = vs
# Refuse to return certain attributes even if all
# attributes were requested.
obj.pop("userpassword", None)
res.append(obj)
except Exception:
log.failure("Unexpected error handling message")
finally:
return isinstance(value, (
pureldap.LDAPBindResponse,
pureldap.LDAPSearchResultDone,
))
if filter_text:
filter_obj = ldapfilter.parseFilter(filter_text)
else:
filter_obj = None
op = pureldap.LDAPSearchRequest(
baseObject=base_dn,
scope=pureldap.LDAP_SCOPE_wholeSubtree,
derefAliases=0,
sizeLimit=0,
timeLimit=0,
typesOnly=0,
filter=filter_obj,
attributes=attributes,
)
if pagination == PAGINATION_TYPE_CRITICAL:
# AD may ignore the RFC 2696 control if it is not
# critical. The caller can override this default if the
# control should be present but not critical or absent.
criticality = True
else:
criticality = False
cookie = pureber.BEROctetString("")
while True:
if pagination == PAGINATION_TYPE_DISABLE:
controls = None
else:
controls = [
(
RFC_2696_CONTROL_TYPE,
criticality,
pureber.BERSequence([
pureber.BERInteger(page_size),
cookie,
]),
),
]
d = defer.Deferred()
yield client.send(
op=op,
controls=controls,
handler=functools.partial(handle_msg, d=d),
return_controls=True,
)
# handle_msg() is synchronous so d should be called by the
# time it returns to LDAPClient.handle().
if d.called:
e, cookie = yield d
else:
log.error("Paging cookie not found!")
break
if e is not None:
# So the RPC caller can distinguish between problems
# with the search (e.g. bad configuration) and
# searches that return no results.
if isinstance(e, ldaperrors.LDAPOperationsError
) and e.message.decode().startswith(
const.LDAP_SUCCESSFUL_BIND_NEEDED_ERROR):
raise ldap.client.ConnectionNotProperlyBoundError(
"Search failed because either there was no bind on this connection or there were insufficient privileges with the bound user. If you are attempting to use integrated authentication with SSPI please make sure the server running the Authentication Proxy is domain joined."
)
else:
raise e
if not cookie.value:
break
if max_result_size is not None and len(res) > max_result_size:
break
defer.returnValue(res)
class KnownValues(unittest.TestCase):
knownValues = ( # class, args, kwargs, expected_result
(pureldap.LDAPModifyRequest, [], {
"object":
'cn=foo, dc=example, dc=com',
"modification": [
pureber.BERSequence([
pureber.BEREnumerated(0),
pureber.BERSequence([
pureldap.LDAPAttributeDescription('bar'),
pureber.BERSet([
pureldap.LDAPString('a'),
pureldap.LDAPString('b'),
]),
]),
]),
],
}, None, [0x66, 50] +
([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 20] +
([0x30, 18] +
([0x0a, 0x01, 0x00] + [0x30, 13] +
([0x04, len("bar")] + l("bar") + [0x31, 0x06] +
([0x04, len("a")] + l("a") + [0x04, len("b")] + l("b"))))))),
(pureldap.LDAPModifyRequest, [], {
"object":
'cn=foo, dc=example, dc=com',
"modification": [
pureber.BERSequence([
pureber.BEREnumerated(1L),
pureber.BERSequence([
pureber.BEROctetString('bar'),
pureber.BERSet([]),
]),
]),
],
}, None, [0x66, 0x2c] +
([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 0x0e] +
([0x30, 0x0c] + ([0x0a, 0x01, 0x01] + [0x30, 0x07] +
([0x04, 0x03] + l("bar") + [0x31, 0x00]))))),
(pureldap.LDAPFilter_not, [], {
"value": pureldap.LDAPFilter_present("foo"),
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureber.BERDecoderContext()),
[0xa2, 0x05] + [0x87] + [len("foo")] + l("foo")),
(
pureldap.LDAPFilter_or,
[],
{
"value": [
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='cn'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='uid'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
]
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureber.BERDecoderContext()),
[0xa1, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] +
[len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] +
l("uid") + [0x04] + [len("foo")] + l("foo"),
),
(
pureldap.LDAPFilter_and,
[],
{
"value": [
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='cn'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='uid'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
]
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureber.BERDecoderContext()),
[0xa0, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] +
[len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] +
l("uid") + [0x04] + [len("foo")] + l("foo"),
),
(pureldap.LDAPModifyDNRequest, [], {
'entry': 'cn=foo,dc=example,dc=com',
'newrdn': 'uid=bar',
'deleteoldrdn': 0,
}, None, [0x6c, 0x26] + [0x04] + [len("cn=foo,dc=example,dc=com")] +
l("cn=foo,dc=example,dc=com") + [0x04] + [len("uid=bar")] +
l("uid=bar") + [0x01, 0x01, 0x00]),
(pureldap.LDAPModifyDNRequest, [], {
'entry': 'cn=aoue,dc=example,dc=com',
'newrdn': 'uid=aoue',
'deleteoldrdn': 0,
'newSuperior': 'ou=People,dc=example,dc=com',
}, None, [0x6c, 69] + [0x04] + [len("cn=aoue,dc=example,dc=com")] +
l("cn=aoue,dc=example,dc=com") + [0x04] + [len("uid=aoue")] +
l("uid=aoue") + [0x01, 0x01, 0x00] + [0x80] +
[len("ou=People,dc=example,dc=com")] +
l("ou=People,dc=example,dc=com")),
(
pureldap.LDAPSearchRequest,
[],
{
'baseObject': 'dc=yoja,dc=example,dc=com',
},
None,
[0x63, 57] + [0x04] + [len('dc=yoja,dc=example,dc=com')] +
l('dc=yoja,dc=example,dc=com')
# scope
+ [0x0a, 1, 2]
# derefAliases
+ [0x0a, 1, 0]
# sizeLimit
+ [0x02, 1, 0]
# timeLimit
+ [0x02, 1, 0]
# typesOnly
+ [0x01, 1, 0]
# filter
+ [135, 11] + l('objectClass')
# attributes
+ [48, 0]),
(pureldap.LDAPUnbindRequest, [], {}, None, [0x42, 0x00]),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
},
None,
[0x65, 0x07]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('')] + l('')
# errorMessage
+ [0x04] + [len('')] + l('')
# referral, TODO
+ []),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
'matchedDN': 'dc=foo,dc=example,dc=com',
},
None,
[0x65, 31]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('dc=foo,dc=example,dc=com')] +
l('dc=foo,dc=example,dc=com')
# errorMessage
+ [0x04] + [len('')] + l('')
# referral, TODO
+ []),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
'matchedDN': 'dc=foo,dc=example,dc=com',
'errorMessage': 'the foobar was fubar',
},
None,
[0x65, 51]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('dc=foo,dc=example,dc=com')] +
l('dc=foo,dc=example,dc=com')
# errorMessage
+ [0x04] + [len('the foobar was fubar')] +
l('the foobar was fubar', )
# referral, TODO
+ []),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
'errorMessage': 'the foobar was fubar',
},
None,
[0x65, 27]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('')] + l('')
# errorMessage
+ [0x04] + [len('the foobar was fubar')] +
l('the foobar was fubar', )
# referral, TODO
+ []),
(
pureldap.LDAPMessage,
[],
{
'id': 42,
'value': pureldap.LDAPBindRequest(),
},
pureldap.LDAPBERDecoderContext_TopLevel(
inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()))),
[0x30, 12]
# id
+ [0x02, 0x01, 42]
# value
+ l(str(pureldap.LDAPBindRequest()))),
(
pureldap.LDAPControl,
[],
{
'controlType': '1.2.3.4',
},
None,
[0x30, 9]
# controlType
+ [0x04, 7] + l("1.2.3.4")),
(
pureldap.LDAPControl,
[],
{
'controlType': '1.2.3.4',
'criticality': True,
},
None,
[0x30, 12]
# controlType
+ [0x04, 7] + l("1.2.3.4")
# criticality
+ [0x01, 1, 0xFF]),
(
pureldap.LDAPControl,
[],
{
'controlType': '1.2.3.4',
'criticality': True,
'controlValue': 'silly',
},
None,
[0x30, 19]
# controlType
+ [0x04, 7] + l("1.2.3.4")
# criticality
+ [0x01, 1, 0xFF]
# controlValue
+ [0x04, len("silly")] + l("silly")),
(
pureldap.LDAPMessage,
[],
{
'id':
42,
'value':
pureldap.LDAPBindRequest(),
'controls': [
('1.2.3.4', None, None),
('2.3.4.5', False),
('3.4.5.6', True, '\x00\x01\x02\xFF'),
],
},
pureldap.LDAPBERDecoderContext_TopLevel(
inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()))),
[0x30, 59]
# id
+ [0x02, 0x01, 42]
# value
+ l(str(pureldap.LDAPBindRequest()))
# controls
+ l(
str(
pureldap.LDAPControls(value=[
pureldap.LDAPControl(controlType='1.2.3.4'),
pureldap.LDAPControl(controlType='2.3.4.5',
criticality=False),
pureldap.LDAPControl(controlType='3.4.5.6',
criticality=True,
controlValue='\x00\x01\x02\xFF'),
]))),
),
(pureldap.LDAPFilter_equalityMatch, [], {
'attributeDesc': pureldap.LDAPAttributeDescription('cn'),
'assertionValue': pureldap.LDAPAssertionValue('foo'),
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())),
[0xa3, 9] + ([0x04, 2] + l('cn') + [0x04, 3] + l('foo'))),
(pureldap.LDAPFilter_or, [[
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('cn'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('uid'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('mail'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_substrings(
type='mail',
substrings=[pureldap.LDAPFilter_substrings_initial('foo@')]),
]], {},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())), [0xA1, 52] +
([0xa3, 9] +
([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
([0x04, 4] + l('mail') + [0x30, 6] + ([0x80, 4] + l('foo@'))))),
(pureldap.LDAPSearchRequest, [], {
'baseObject':
'dc=example,dc=com',
'scope':
pureldap.LDAP_SCOPE_wholeSubtree,
'derefAliases':
pureldap.LDAP_DEREF_neverDerefAliases,
'sizeLimit':
1,
'timeLimit':
0,
'typesOnly':
False,
'filter':
pureldap.LDAPFilter_or([
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('cn'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('uid'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('mail'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_substrings(
type='mail',
substrings=[
pureldap.LDAPFilter_substrings_initial('foo@')
]),
]),
'attributes': [''],
},
pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())), [0x63, 92] +
([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] +
[0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] +
[0x01, 1, 0x00] + [0xA1, 52] +
([0xa3, 9] +
([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
([0x04, 4] + l('mail') + [0x30, 6] +
([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))),
(
pureldap.LDAPMessage,
[],
{
'id':
1L,
'value':
pureldap.LDAPSearchRequest(
baseObject='dc=example,dc=com',
scope=pureldap.LDAP_SCOPE_wholeSubtree,
derefAliases=pureldap.LDAP_DEREF_neverDerefAliases,
sizeLimit=1,
timeLimit=0,
typesOnly=False,
filter=pureldap.LDAPFilter_or([
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
'cn'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
'uid'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
'mail'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_substrings(
type='mail',
substrings=[
pureldap.LDAPFilter_substrings_initial('foo@')
]),
]),
attributes=[''],
),
},
pureldap.LDAPBERDecoderContext_TopLevel(
inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()))),
[0x30, 97]
# id
+ [0x02, 1, 1]
# value
+ [0x63, 92] +
([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] +
[0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] +
[0x01, 1, 0x00] + [0xA1, 52] +
([0xa3, 9] +
([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
([0x04, 4] + l('mail') + [0x30, 6] +
([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))),
(pureldap.LDAPExtendedRequest, [], {
'requestName': '42.42.42',
'requestValue': 'foo',
}, None, [0x40 | 0x20 | 23, 1 + 1 + 8 + 1 + 1 + 3] +
([0x80 | 0] + [len('42.42.42')] + l('42.42.42')) +
([0x80 | 1] + [len('foo')] + l('foo'))),
)
def testToLDAP(self):
"""str(LDAPClass(...)) should give known result with known input"""
for klass, args, kwargs, decoder, encoded in self.knownValues:
result = klass(*args, **kwargs)
result = str(result)
result = map(ord, result)
if result != encoded:
raise AssertionError, \
"Class %s(*%s, **%s) doesn't encode properly: " \
"%s != %s" % (klass.__name__,
repr(args), repr(kwargs),
repr(result), repr(encoded))
def testFromLDAP(self):
"""LDAPClass(encoded="...") should give known result with known input"""
for klass, args, kwargs, decoder, encoded in self.knownValues:
if decoder is None:
decoder = pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())
m = s(*encoded)
result, bytes = pureber.berDecodeObject(decoder, m)
self.assertEquals(bytes, len(m))
shouldBe = klass(*args, **kwargs)
#TODO shouldn't use str below
assert str(result)==str(shouldBe), \
"Class %s(*%s, **%s) doesn't decode properly: " \
"%s != %s" % (klass.__name__,
repr(args), repr(kwargs),
repr(result), repr(shouldBe))
def testPartial(self):
"""LDAPClass(encoded="...") with too short input should throw BERExceptionInsufficientData"""
for klass, args, kwargs, decoder, encoded in self.knownValues:
if decoder is None:
decoder = pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())
for i in xrange(1, len(encoded)):
m = s(*encoded)[:i]
self.assertRaises(pureber.BERExceptionInsufficientData,
pureber.berDecodeObject, decoder, m)
self.assertEquals((None, 0), pureber.berDecodeObject(decoder, ''))
def encode_control_value(self):
return pureber.BERSequence([
pureber.BERInteger(self.size),
pureber.BEROctetString(self.cookie),
]).toWire()
