Esempi in Python per LDAPBindRequest, esempi in Python per OPSI.ldaptor.protocols.pureldap.LDAPBindRequest

Esempio n. 1

0

Mostra file

File: test_proxy.py Progetto: mpice-mn/python-opsi

 def test_unbind_clientEOF(self):
     server = self.createServer(
         [
             pureldap.LDAPBindResponse(resultCode=0),
         ],
         [],
     )
     server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=2)))
     reactor.iterate()  #TODO
     client = server.client
     client.assertSent(pureldap.LDAPBindRequest())
     self.assertEquals(
         server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=0),
                                  id=2)))
     server.connectionLost(error.ConnectionDone)
     reactor.iterate()  #TODO
     client.assertSent(pureldap.LDAPBindRequest(),
                       'fake-unbind-by-LDAPClientTestDriver')
     self.assertEquals(
         server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=0),
                                  id=2)))

Esempio n. 2

0

Mostra file

File: test_svcbindproxy.py Progetto: mpice-mn/python-opsi

    def test_bind_match_success(self):
        server = self.createServer(
            services=[
                'svc1',
                'svc2',
                'svc3',
            ],
            fallback=True,
            responses=[

                # svc1
                [
                    pureldap.LDAPSearchResultEntry(
                        r'cn=svc1+owner=cn\=jack\,dc\=example\,dc\=com,dc=example,dc=com',
                        attributes=[]),
                    pureldap.LDAPSearchResultDone(
                        ldaperrors.Success.resultCode)
                ],
                [
                    pureldap.LDAPBindResponse(
                        resultCode=ldaperrors.Success.resultCode)
                ],
            ])

        server.dataReceived(
            str(
                pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                    dn='cn=jack,dc=example,dc=com', auth='secret'),
                                     id=4)))
        reactor.iterate()  #TODO
        client = server.client

        client.assertSent(
            pureldap.LDAPSearchRequest(
                baseObject='dc=example,dc=com',
                derefAliases=0,
                sizeLimit=0,
                timeLimit=0,
                typesOnly=0,
                filter=ldapfilter.parseFilter(
                    '(&' + '(objectClass=serviceSecurityObject)' +
                    '(owner=cn=jack,dc=example,dc=com)' + '(cn=svc1)' +
                    ('(|(!(validFrom=*))(validFrom<=%s))' % server.now) +
                    ('(|(!(validUntil=*))(validUntil>=%s))' % server.now) +
                    ')'),
                attributes=('1.1', )),
            pureldap.LDAPBindRequest(
                dn=
                r'cn=svc1+owner=cn\=jack\,dc\=example\,dc\=com,dc=example,dc=com',
                auth='secret'),
        )
        self.assertEquals(
            server.transport.value(),
            str(
                pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                    resultCode=ldaperrors.Success.resultCode,
                    matchedDN='cn=jack,dc=example,dc=com'),
                                     id=4)))

Esempio n. 3

0

Mostra file

File: test_proxy.py Progetto: mpice-mn/python-opsi

 def test_search(self):
     server = self.createServer(
         [
             pureldap.LDAPBindResponse(resultCode=0),
         ],
         [
             pureldap.LDAPSearchResultEntry('cn=foo,dc=example,dc=com',
                                            [('a', ['b'])]),
             pureldap.LDAPSearchResultEntry('cn=bar,dc=example,dc=com',
                                            [('b', ['c'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ],
     )
     server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=2)))
     server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPSearchRequest(), id=3)))
     reactor.iterate()  #TODO
     self.assertEquals(
         server.transport.value(),
         str(
             pureldap.LDAPMessage(
                 pureldap.LDAPBindResponse(resultCode=0), id=2)) + str(
                     pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                         'cn=foo,dc=example,dc=com', [('a', ['b'])]),
                                          id=3)) +
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                 'cn=bar,dc=example,dc=com', [('b', ['c'])]),
                                  id=3)) +
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
                 ldaperrors.Success.resultCode),
                                  id=3)))

Esempio n. 4

0

Mostra file

 def test_bind(self):
     self.server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=4)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=0),
                                  id=4)))

Esempio n. 5

0

Mostra file

File: test_proxy.py Progetto: mpice-mn/python-opsi

 def test_bind(self):
     server = self.createServer([
         pureldap.LDAPBindResponse(resultCode=0),
     ])
     server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=4)))
     reactor.iterate()  #TODO
     self.assertEquals(
         server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=0),
                                  id=4)))

Esempio n. 6

0

Mostra file

 def test_bind_badVersion_1_anonymous(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindRequest(version=1),
                                  id=32)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                 resultCode=ldaperrors.LDAPProtocolError.resultCode,
                 errorMessage='Version 1 not supported'),
                                  id=32)))

Esempio n. 7

0

Mostra file

 def test_bind_invalidCredentials_nonExisting(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                 dn='cn=non-existing,dc=example,dc=com', auth='invalid'),
                                  id=78)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                 resultCode=ldaperrors.LDAPInvalidCredentials.resultCode),
                                  id=78)))

Esempio n. 8

0

Mostra file

 def test_bind_invalidCredentials_badPassword(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                 dn='cn=thingie,ou=stuff,dc=example,dc=com',
                 auth='invalid'),
                                  id=734)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                 resultCode=ldaperrors.LDAPInvalidCredentials.resultCode),
                                  id=734)))

Esempio n. 9

0

Mostra file

File: ldapclient.py Progetto: mpice-mn/python-opsi

    def bind(self, dn='', auth=''):
        """
        @depreciated: Use e.bind(auth).

        @todo: Remove this method when there are no callers.
        """
        if not self.connected:
            raise LDAPClientConnectionLostException()
        else:
            r = pureldap.LDAPBindRequest(dn=dn, auth=auth)
            d = self.send(r)
            d.addCallback(self._handle_bind_msg)
        return d

Esempio n. 10

0

Mostra file

 def test_control_unknown_critical(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindRequest(),
                                  id=2,
                                  controls=[
                                      ('42.42.42.42', True, None),
                                  ])))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                 resultCode=ldaperrors.LDAPUnavailableCriticalExtension.
                 resultCode,
                 errorMessage='Unknown control 42.42.42.42'),
                                  id=2)))

Esempio n. 11

0

Mostra file

 def test_bind_success(self):
     self.thingie['userPassword'] = [
         '{SSHA}yVLLj62rFf3kDAbzwEU0zYAVvbWrze8='
     ]  # "secret"
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                 dn='cn=thingie,ou=stuff,dc=example,dc=com', auth='secret'),
                                  id=4)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                 resultCode=0,
                 matchedDN='cn=thingie,ou=stuff,dc=example,dc=com'),
                                  id=4)))

Esempio n. 12

0

Mostra file

 def test_control_unknown_nonCritical(self):
     self.thingie['userPassword'] = [
         '{SSHA}yVLLj62rFf3kDAbzwEU0zYAVvbWrze8='
     ]  # "secret"
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                 dn='cn=thingie,ou=stuff,dc=example,dc=com', auth='secret'),
                                  controls=[('42.42.42.42', False, None)],
                                  id=4)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                 resultCode=0,
                 matchedDN='cn=thingie,ou=stuff,dc=example,dc=com'),
                                  id=4)))

Esempio n. 13

0

Mostra file

    def test_unknownRequest(self):
        # make server miss one of the handle_* attributes
        # without having to modify the LDAPServer class
        class MockServer(ldapserver.LDAPServer):
            handle_LDAPBindRequest = property()

        self.server.__class__ = MockServer
        self.server.dataReceived(
            str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=2)))
        self.assertEquals(
            self.server.transport.value(),
            str(
                pureldap.LDAPMessage(pureldap.LDAPExtendedResponse(
                    resultCode=ldaperrors.LDAPProtocolError.resultCode,
                    responseName='1.3.6.1.4.1.1466.20036',
                    errorMessage='Unknown request'),
                                     id=2)))

Esempio n. 14

0

Mostra file

 def test_bind_badVersion_4_nonExisting(self):
     # TODO make a test just like this one that would pass authentication
     # if version was correct, to ensure we don't leak that info either.
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                 version=4,
                 dn='cn=non-existing,dc=example,dc=com',
                 auth='invalid'),
                                  id=11)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                 resultCode=ldaperrors.LDAPProtocolError.resultCode,
                 errorMessage='Version 4 not supported'),
                                  id=11)))

Esempio n. 15

0

Mostra file

    def test_passwordModify_simple(self):
        # first bind to some entry
        self.thingie['userPassword'] = [
            '{SSHA}yVLLj62rFf3kDAbzwEU0zYAVvbWrze8='
        ]  # "secret"
        self.server.dataReceived(
            str(
                pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                    dn='cn=thingie,ou=stuff,dc=example,dc=com', auth='secret'),
                                     id=4)))
        self.assertEquals(
            self.server.transport.value(),
            str(
                pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                    resultCode=0,
                    matchedDN='cn=thingie,ou=stuff,dc=example,dc=com'),
                                     id=4)))
        self.server.transport.clear()

        self.server.dataReceived(
            str(
                pureldap.LDAPMessage(pureldap.LDAPPasswordModifyRequest(
                    userIdentity='cn=thingie,ou=stuff,dc=example,dc=com',
                    newPasswd='hushhush'),
                                     id=2)))
        self.assertEquals(
            self.server.transport.value(),
            str(
                pureldap.LDAPMessage(pureldap.LDAPExtendedResponse(
                    resultCode=ldaperrors.Success.resultCode,
                    responseName=pureldap.LDAPPasswordModifyRequest.oid),
                                     id=2)),
        )
        # tree changed
        secrets = self.thingie.get('userPassword', [])
        self.assertEquals(len(secrets), 1)
        for secret in secrets:
            self.assertEquals(secret[:len('{SSHA}')], '{SSHA}')
            raw = base64.decodestring(secret[len('{SSHA}'):])
            salt = raw[20:]
            self.assertEquals(entry.sshaDigest('hushhush', salt), secret)

Esempio n. 16

0

Mostra file

File: ldapsyntax.py Progetto: mpice-mn/python-opsi

 def bind(self, password):
     r = pureldap.LDAPBindRequest(dn=str(self.dn), auth=password)
     d = self.client.send(r)
     d.addCallback(self._handle_bind_msg)
     return d

Esempio n. 17

0

Mostra file

class KnownValues(unittest.TestCase):
    knownValues = (  # class, args, kwargs, expected_result
        (pureldap.LDAPModifyRequest, [], {
            "object":
            'cn=foo, dc=example, dc=com',
            "modification": [
                pureber.BERSequence([
                    pureber.BEREnumerated(0),
                    pureber.BERSequence([
                        pureldap.LDAPAttributeDescription('bar'),
                        pureber.BERSet([
                            pureldap.LDAPString('a'),
                            pureldap.LDAPString('b'),
                        ]),
                    ]),
                ]),
            ],
        }, None, [0x66, 50] +
         ([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 20] +
          ([0x30, 18] +
           ([0x0a, 0x01, 0x00] + [0x30, 13] +
            ([0x04, len("bar")] + l("bar") + [0x31, 0x06] +
             ([0x04, len("a")] + l("a") + [0x04, len("b")] + l("b"))))))),
        (pureldap.LDAPModifyRequest, [], {
            "object":
            'cn=foo, dc=example, dc=com',
            "modification": [
                pureber.BERSequence([
                    pureber.BEREnumerated(1L),
                    pureber.BERSequence([
                        pureber.BEROctetString('bar'),
                        pureber.BERSet([]),
                    ]),
                ]),
            ],
        }, None, [0x66, 0x2c] +
         ([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 0x0e] +
          ([0x30, 0x0c] + ([0x0a, 0x01, 0x01] + [0x30, 0x07] +
                           ([0x04, 0x03] + l("bar") + [0x31, 0x00]))))),
        (pureldap.LDAPFilter_not, [], {
            "value": pureldap.LDAPFilter_present("foo"),
        },
         pureldap.LDAPBERDecoderContext_Filter(
             fallback=pureber.BERDecoderContext()),
         [0xa2, 0x05] + [0x87] + [len("foo")] + l("foo")),
        (
            pureldap.LDAPFilter_or,
            [],
            {
                "value": [
                    pureldap.LDAPFilter_equalityMatch(
                        attributeDesc=pureldap.LDAPAttributeDescription(
                            value='cn'),
                        assertionValue=pureldap.LDAPAssertionValue(
                            value='foo')),
                    pureldap.LDAPFilter_equalityMatch(
                        attributeDesc=pureldap.LDAPAttributeDescription(
                            value='uid'),
                        assertionValue=pureldap.LDAPAssertionValue(
                            value='foo')),
                ]
            },
            pureldap.LDAPBERDecoderContext_Filter(
                fallback=pureber.BERDecoderContext()),
            [0xa1, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] +
            [len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] +
            l("uid") + [0x04] + [len("foo")] + l("foo"),
        ),
        (
            pureldap.LDAPFilter_and,
            [],
            {
                "value": [
                    pureldap.LDAPFilter_equalityMatch(
                        attributeDesc=pureldap.LDAPAttributeDescription(
                            value='cn'),
                        assertionValue=pureldap.LDAPAssertionValue(
                            value='foo')),
                    pureldap.LDAPFilter_equalityMatch(
                        attributeDesc=pureldap.LDAPAttributeDescription(
                            value='uid'),
                        assertionValue=pureldap.LDAPAssertionValue(
                            value='foo')),
                ]
            },
            pureldap.LDAPBERDecoderContext_Filter(
                fallback=pureber.BERDecoderContext()),
            [0xa0, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] +
            [len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] +
            l("uid") + [0x04] + [len("foo")] + l("foo"),
        ),
        (pureldap.LDAPModifyDNRequest, [], {
            'entry': 'cn=foo,dc=example,dc=com',
            'newrdn': 'uid=bar',
            'deleteoldrdn': 0,
        }, None, [0x6c, 0x26] + [0x04] + [len("cn=foo,dc=example,dc=com")] +
         l("cn=foo,dc=example,dc=com") + [0x04] + [len("uid=bar")] +
         l("uid=bar") + [0x01, 0x01, 0x00]),
        (pureldap.LDAPModifyDNRequest, [], {
            'entry': 'cn=aoue,dc=example,dc=com',
            'newrdn': 'uid=aoue',
            'deleteoldrdn': 0,
            'newSuperior': 'ou=People,dc=example,dc=com',
        }, None, [0x6c, 69] + [0x04] + [len("cn=aoue,dc=example,dc=com")] +
         l("cn=aoue,dc=example,dc=com") + [0x04] + [len("uid=aoue")] +
         l("uid=aoue") + [0x01, 0x01, 0x00] + [0x80] +
         [len("ou=People,dc=example,dc=com")] +
         l("ou=People,dc=example,dc=com")),
        (
            pureldap.LDAPSearchRequest,
            [],
            {
                'baseObject': 'dc=yoja,dc=example,dc=com',
            },
            None,
            [0x63, 57] + [0x04] + [len('dc=yoja,dc=example,dc=com')] +
            l('dc=yoja,dc=example,dc=com')
            # scope
            + [0x0a, 1, 2]
            # derefAliases
            + [0x0a, 1, 0]
            # sizeLimit
            + [0x02, 1, 0]
            # timeLimit
            + [0x02, 1, 0]
            # typesOnly
            + [0x01, 1, 0]
            # filter
            + [135, 11] + l('objectClass')
            # attributes
            + [48, 0]),
        (pureldap.LDAPUnbindRequest, [], {}, None, [0x42, 0x00]),
        (
            pureldap.LDAPSearchResultDone,
            [],
            {
                'resultCode': 0,
            },
            None,
            [0x65, 0x07]
            # resultCode
            + [0x0a, 0x01, 0x00]
            # matchedDN
            + [0x04] + [len('')] + l('')
            # errorMessage
            + [0x04] + [len('')] + l('')
            # referral, TODO
            + []),
        (
            pureldap.LDAPSearchResultDone,
            [],
            {
                'resultCode': 0,
                'matchedDN': 'dc=foo,dc=example,dc=com',
            },
            None,
            [0x65, 31]
            # resultCode
            + [0x0a, 0x01, 0x00]
            # matchedDN
            + [0x04] + [len('dc=foo,dc=example,dc=com')] +
            l('dc=foo,dc=example,dc=com')
            # errorMessage
            + [0x04] + [len('')] + l('')
            # referral, TODO
            + []),
        (
            pureldap.LDAPSearchResultDone,
            [],
            {
                'resultCode': 0,
                'matchedDN': 'dc=foo,dc=example,dc=com',
                'errorMessage': 'the foobar was fubar',
            },
            None,
            [0x65, 51]
            # resultCode
            + [0x0a, 0x01, 0x00]
            # matchedDN
            + [0x04] + [len('dc=foo,dc=example,dc=com')] +
            l('dc=foo,dc=example,dc=com')
            # errorMessage
            + [0x04] + [len('the foobar was fubar')] +
            l('the foobar was fubar', )
            # referral, TODO
            + []),
        (
            pureldap.LDAPSearchResultDone,
            [],
            {
                'resultCode': 0,
                'errorMessage': 'the foobar was fubar',
            },
            None,
            [0x65, 27]
            # resultCode
            + [0x0a, 0x01, 0x00]
            # matchedDN
            + [0x04] + [len('')] + l('')
            # errorMessage
            + [0x04] + [len('the foobar was fubar')] +
            l('the foobar was fubar', )
            # referral, TODO
            + []),
        (
            pureldap.LDAPMessage,
            [],
            {
                'id': 42,
                'value': pureldap.LDAPBindRequest(),
            },
            pureldap.LDAPBERDecoderContext_TopLevel(
                inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
                    fallback=pureldap.LDAPBERDecoderContext(
                        fallback=pureber.BERDecoderContext()),
                    inherit=pureldap.LDAPBERDecoderContext(
                        fallback=pureber.BERDecoderContext()))),
            [0x30, 12]
            # id
            + [0x02, 0x01, 42]
            # value
            + l(str(pureldap.LDAPBindRequest()))),
        (
            pureldap.LDAPControl,
            [],
            {
                'controlType': '1.2.3.4',
            },
            None,
            [0x30, 9]
            # controlType
            + [0x04, 7] + l("1.2.3.4")),
        (
            pureldap.LDAPControl,
            [],
            {
                'controlType': '1.2.3.4',
                'criticality': True,
            },
            None,
            [0x30, 12]
            # controlType
            + [0x04, 7] + l("1.2.3.4")
            # criticality
            + [0x01, 1, 0xFF]),
        (
            pureldap.LDAPControl,
            [],
            {
                'controlType': '1.2.3.4',
                'criticality': True,
                'controlValue': 'silly',
            },
            None,
            [0x30, 19]
            # controlType
            + [0x04, 7] + l("1.2.3.4")
            # criticality
            + [0x01, 1, 0xFF]
            # controlValue
            + [0x04, len("silly")] + l("silly")),
        (
            pureldap.LDAPMessage,
            [],
            {
                'id':
                42,
                'value':
                pureldap.LDAPBindRequest(),
                'controls': [
                    ('1.2.3.4', None, None),
                    ('2.3.4.5', False),
                    ('3.4.5.6', True, '\x00\x01\x02\xFF'),
                ],
            },
            pureldap.LDAPBERDecoderContext_TopLevel(
                inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
                    fallback=pureldap.LDAPBERDecoderContext(
                        fallback=pureber.BERDecoderContext()),
                    inherit=pureldap.LDAPBERDecoderContext(
                        fallback=pureber.BERDecoderContext()))),
            [0x30, 59]
            # id
            + [0x02, 0x01, 42]
            # value
            + l(str(pureldap.LDAPBindRequest()))
            # controls
            + l(
                str(
                    pureldap.LDAPControls(value=[
                        pureldap.LDAPControl(controlType='1.2.3.4'),
                        pureldap.LDAPControl(controlType='2.3.4.5',
                                             criticality=False),
                        pureldap.LDAPControl(controlType='3.4.5.6',
                                             criticality=True,
                                             controlValue='\x00\x01\x02\xFF'),
                    ]))),
        ),
        (pureldap.LDAPFilter_equalityMatch, [], {
            'attributeDesc': pureldap.LDAPAttributeDescription('cn'),
            'assertionValue': pureldap.LDAPAssertionValue('foo'),
        },
         pureldap.LDAPBERDecoderContext_Filter(
             fallback=pureldap.LDAPBERDecoderContext(
                 fallback=pureber.BERDecoderContext()),
             inherit=pureldap.LDAPBERDecoderContext(
                 fallback=pureber.BERDecoderContext())),
         [0xa3, 9] + ([0x04, 2] + l('cn') + [0x04, 3] + l('foo'))),
        (pureldap.LDAPFilter_or, [[
            pureldap.LDAPFilter_equalityMatch(
                attributeDesc=pureldap.LDAPAttributeDescription('cn'),
                assertionValue=pureldap.LDAPAssertionValue('foo')),
            pureldap.LDAPFilter_equalityMatch(
                attributeDesc=pureldap.LDAPAttributeDescription('uid'),
                assertionValue=pureldap.LDAPAssertionValue('foo')),
            pureldap.LDAPFilter_equalityMatch(
                attributeDesc=pureldap.LDAPAttributeDescription('mail'),
                assertionValue=pureldap.LDAPAssertionValue('foo')),
            pureldap.LDAPFilter_substrings(
                type='mail',
                substrings=[pureldap.LDAPFilter_substrings_initial('foo@')]),
        ]], {},
         pureldap.LDAPBERDecoderContext_Filter(
             fallback=pureldap.LDAPBERDecoderContext(
                 fallback=pureber.BERDecoderContext()),
             inherit=pureldap.LDAPBERDecoderContext(
                 fallback=pureber.BERDecoderContext())), [0xA1, 52] +
         ([0xa3, 9] +
          ([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
          ([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
          ([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
          ([0x04, 4] + l('mail') + [0x30, 6] + ([0x80, 4] + l('foo@'))))),
        (pureldap.LDAPSearchRequest, [], {
            'baseObject':
            'dc=example,dc=com',
            'scope':
            pureldap.LDAP_SCOPE_wholeSubtree,
            'derefAliases':
            pureldap.LDAP_DEREF_neverDerefAliases,
            'sizeLimit':
            1,
            'timeLimit':
            0,
            'typesOnly':
            False,
            'filter':
            pureldap.LDAPFilter_or([
                pureldap.LDAPFilter_equalityMatch(
                    attributeDesc=pureldap.LDAPAttributeDescription('cn'),
                    assertionValue=pureldap.LDAPAssertionValue('foo')),
                pureldap.LDAPFilter_equalityMatch(
                    attributeDesc=pureldap.LDAPAttributeDescription('uid'),
                    assertionValue=pureldap.LDAPAssertionValue('foo')),
                pureldap.LDAPFilter_equalityMatch(
                    attributeDesc=pureldap.LDAPAttributeDescription('mail'),
                    assertionValue=pureldap.LDAPAssertionValue('foo')),
                pureldap.LDAPFilter_substrings(
                    type='mail',
                    substrings=[
                        pureldap.LDAPFilter_substrings_initial('foo@')
                    ]),
            ]),
            'attributes': [''],
        },
         pureldap.LDAPBERDecoderContext_LDAPMessage(
             fallback=pureldap.LDAPBERDecoderContext(
                 fallback=pureber.BERDecoderContext()),
             inherit=pureldap.LDAPBERDecoderContext(
                 fallback=pureber.BERDecoderContext())), [0x63, 92] +
         ([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] +
          [0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] +
          [0x01, 1, 0x00] + [0xA1, 52] +
          ([0xa3, 9] +
           ([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
           ([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
           ([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
           ([0x04, 4] + l('mail') + [0x30, 6] +
            ([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))),
        (
            pureldap.LDAPMessage,
            [],
            {
                'id':
                1L,
                'value':
                pureldap.LDAPSearchRequest(
                    baseObject='dc=example,dc=com',
                    scope=pureldap.LDAP_SCOPE_wholeSubtree,
                    derefAliases=pureldap.LDAP_DEREF_neverDerefAliases,
                    sizeLimit=1,
                    timeLimit=0,
                    typesOnly=False,
                    filter=pureldap.LDAPFilter_or([
                        pureldap.LDAPFilter_equalityMatch(
                            attributeDesc=pureldap.LDAPAttributeDescription(
                                'cn'),
                            assertionValue=pureldap.LDAPAssertionValue('foo')),
                        pureldap.LDAPFilter_equalityMatch(
                            attributeDesc=pureldap.LDAPAttributeDescription(
                                'uid'),
                            assertionValue=pureldap.LDAPAssertionValue('foo')),
                        pureldap.LDAPFilter_equalityMatch(
                            attributeDesc=pureldap.LDAPAttributeDescription(
                                'mail'),
                            assertionValue=pureldap.LDAPAssertionValue('foo')),
                        pureldap.LDAPFilter_substrings(
                            type='mail',
                            substrings=[
                                pureldap.LDAPFilter_substrings_initial('foo@')
                            ]),
                    ]),
                    attributes=[''],
                ),
            },
            pureldap.LDAPBERDecoderContext_TopLevel(
                inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
                    fallback=pureldap.LDAPBERDecoderContext(
                        fallback=pureber.BERDecoderContext()),
                    inherit=pureldap.LDAPBERDecoderContext(
                        fallback=pureber.BERDecoderContext()))),
            [0x30, 97]
            # id
            + [0x02, 1, 1]
            # value
            + [0x63, 92] +
            ([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] +
             [0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] +
             [0x01, 1, 0x00] + [0xA1, 52] +
             ([0xa3, 9] +
              ([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
              ([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
              ([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
              ([0x04, 4] + l('mail') + [0x30, 6] +
               ([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))),
        (pureldap.LDAPExtendedRequest, [], {
            'requestName': '42.42.42',
            'requestValue': 'foo',
        }, None, [0x40 | 0x20 | 23, 1 + 1 + 8 + 1 + 1 + 3] +
         ([0x80 | 0] + [len('42.42.42')] + l('42.42.42')) +
         ([0x80 | 1] + [len('foo')] + l('foo'))),
    )

    def testToLDAP(self):
        """str(LDAPClass(...)) should give known result with known input"""
        for klass, args, kwargs, decoder, encoded in self.knownValues:
            result = klass(*args, **kwargs)
            result = str(result)
            result = map(ord, result)
            if result != encoded:
                raise AssertionError, \
                      "Class %s(*%s, **%s) doesn't encode properly: " \
                      "%s != %s" % (klass.__name__,
                                    repr(args), repr(kwargs),
                                    repr(result), repr(encoded))

    def testFromLDAP(self):
        """LDAPClass(encoded="...") should give known result with known input"""
        for klass, args, kwargs, decoder, encoded in self.knownValues:
            if decoder is None:
                decoder = pureldap.LDAPBERDecoderContext(
                    fallback=pureber.BERDecoderContext())
            m = s(*encoded)
            result, bytes = pureber.berDecodeObject(decoder, m)
            self.assertEquals(bytes, len(m))

            shouldBe = klass(*args, **kwargs)
            #TODO shouldn't use str below
            assert str(result)==str(shouldBe), \
                   "Class %s(*%s, **%s) doesn't decode properly: " \
                   "%s != %s" % (klass.__name__,
                                 repr(args), repr(kwargs),
                                 repr(result), repr(shouldBe))

    def testPartial(self):
        """LDAPClass(encoded="...") with too short input should throw BERExceptionInsufficientData"""
        for klass, args, kwargs, decoder, encoded in self.knownValues:
            if decoder is None:
                decoder = pureldap.LDAPBERDecoderContext(
                    fallback=pureber.BERDecoderContext())
            for i in xrange(1, len(encoded)):
                m = s(*encoded)[:i]
                self.assertRaises(pureber.BERExceptionInsufficientData,
                                  pureber.berDecodeObject, decoder, m)
            self.assertEquals((None, 0), pureber.berDecodeObject(decoder, ''))

Esempio n. 18

0

Mostra file

File: test_svcbindproxy.py Progetto: mpice-mn/python-opsi

    def test_bind_noMatchingServicesFound_fallback_badAuth(self):
        server = self.createServer(
            services=[
                'svc1',
                'svc2',
                'svc3',
            ],
            fallback=True,
            responses=[
                [pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode)],
                [pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode)],
                [pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode)],
                [
                    pureldap.LDAPBindResponse(
                        resultCode=ldaperrors.LDAPInvalidCredentials.resultCode
                    ),
                ],
            ])
        server.dataReceived(
            str(
                pureldap.LDAPMessage(pureldap.LDAPBindRequest(
                    dn='cn=jack,dc=example,dc=com', auth='wrong-s3krit'),
                                     id=4)))
        reactor.iterate()  #TODO
        client = server.client

        client.assertSent(
            pureldap.LDAPSearchRequest(
                baseObject='dc=example,dc=com',
                derefAliases=0,
                sizeLimit=0,
                timeLimit=0,
                typesOnly=0,
                filter=ldapfilter.parseFilter(
                    '(&' + '(objectClass=serviceSecurityObject)' +
                    '(owner=cn=jack,dc=example,dc=com)' + '(cn=svc1)' +
                    ('(|(!(validFrom=*))(validFrom<=%s))' % server.now) +
                    ('(|(!(validUntil=*))(validUntil>=%s))' % server.now) +
                    ')'),
                attributes=('1.1', )),
            pureldap.LDAPSearchRequest(
                baseObject='dc=example,dc=com',
                derefAliases=0,
                sizeLimit=0,
                timeLimit=0,
                typesOnly=0,
                filter=ldapfilter.parseFilter(
                    '(&' + '(objectClass=serviceSecurityObject)' +
                    '(owner=cn=jack,dc=example,dc=com)' + '(cn=svc2)' +
                    ('(|(!(validFrom=*))(validFrom<=%s))' % server.now) +
                    ('(|(!(validUntil=*))(validUntil>=%s))' % server.now) +
                    ')'),
                attributes=('1.1', )),
            pureldap.LDAPSearchRequest(
                baseObject='dc=example,dc=com',
                derefAliases=0,
                sizeLimit=0,
                timeLimit=0,
                typesOnly=0,
                filter=ldapfilter.parseFilter(
                    '(&' + '(objectClass=serviceSecurityObject)' +
                    '(owner=cn=jack,dc=example,dc=com)' + '(cn=svc3)' +
                    ('(|(!(validFrom=*))(validFrom<=%s))' % server.now) +
                    ('(|(!(validUntil=*))(validUntil>=%s))' % server.now) +
                    ')'),
                attributes=('1.1', )),
            pureldap.LDAPBindRequest(dn='cn=jack,dc=example,dc=com',
                                     auth='wrong-s3krit'))
        self.assertEquals(
            server.transport.value(),
            str(
                pureldap.LDAPMessage(pureldap.LDAPBindResponse(
                    resultCode=ldaperrors.LDAPInvalidCredentials.resultCode),
                                     id=4)))