def asLDAP(self):
if self._LDAP_OP is None:
raise NotImplementedError("%s.asLDAP not implemented" %
self.__class__.__name__)
return str(
pureber.BERSequence([
pureber.BEREnumerated(self._LDAP_OP),
pureber.BERSequence([
pureldap.LDAPAttributeDescription(self.key),
pureber.BERSet(map(pureldap.LDAPString, list(self))),
]),
]))
def testDecdeInvalidInput(self):
"""
It raises BERExceptionInsufficientData when trying to decode from
data which is not valid.
"""
m = pureber.BERSequence([pureber.BERInteger(2)]).toWire()
self.assertEqual(5, len(m))
self.assertRaises(
pureber.BERExceptionInsufficientData,
pureber.berDecodeObject,
pureber.BERDecoderContext(),
m[:4],
)
self.assertRaises(
pureber.BERExceptionInsufficientData,
pureber.berDecodeObject,
pureber.BERDecoderContext(),
m[:3],
)
self.assertRaises(
pureber.BERExceptionInsufficientData,
pureber.berDecodeObject,
pureber.BERDecoderContext(),
m[:2],
)
self.assertRaises(
pureber.BERExceptionInsufficientData,
pureber.berDecodeObject,
pureber.BERDecoderContext(),
m[:1],
)
self.assertEqual((None, 0),
pureber.berDecodeObject(pureber.BERDecoderContext(),
""))
def testToBERSequenceKnownValues(self):
"""str(BERSequence(x)) should give known result with known input"""
for content, encoded in self.knownValues:
result = pureber.BERSequence(content)
result = str(result)
result = map(ord, result)
assert encoded==result
def create_paged_search_controls(self, page_size=10, cookie=b''):
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [(b'1.2.840.113556.1.4.319', None, control_value.toWire())]
return controls
def cookie(self):
if self.remain_count <= 0:
return b''
return pureber.BERSequence([
pureber.BERInteger(self.remain_count),
pureber.BERInteger(self.last_id),
]).toWire()
def testStringRepresentatinLargerInteger(self):
"""
It can represent a sequence of a single integer which has a
multi bites value.
"""
sut = pureber.BERSequence([pureber.BERInteger(128)])
result = sut.toWire()
self.assertEqual(b"0\x04\x02\x02\x00\x80", result)
def testStringRepresentatinSmallInteger(self):
"""
It can represent a sequence of a single integer which has a
single byte value.
"""
sut = pureber.BERSequence([pureber.BERInteger(2)])
result = sut.toWire()
self.assertEqual(b"0\x03\x02\x01\x02", result)
def testStringRepresentationEmpty(self):
"""
It can return the byte string representation for empty sequence which
is just the zero/null byte.
"""
sut = pureber.BERSequence([])
result = sut.toWire()
self.assertEqual(b"0\x00", result)
def create_paged_search_controls(self, page_size=10, cookie=b''):
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
# DUO EDIT D46281: Make criticality optional
# controls = [(b'1.2.840.113556.1.4.319', None, control_value.toWire())]
controls = [(b'1.2.840.113556.1.4.319', False, control_value.toWire())]
# END EDIT
return controls
def testPartialBERSequenceEncodings(self):
"""BERSequence(encoded="...") with too short input should throw BERExceptionInsufficientData"""
m=str(pureber.BERSequence([pureber.BERInteger(2)]))
assert len(m)==5
self.assertRaises(pureber.BERExceptionInsufficientData, pureber.berDecodeObject, pureber.BERDecoderContext(), m[:4])
self.assertRaises(pureber.BERExceptionInsufficientData, pureber.berDecodeObject, pureber.BERDecoderContext(), m[:3])
self.assertRaises(pureber.BERExceptionInsufficientData, pureber.berDecodeObject, pureber.BERDecoderContext(), m[:2])
self.assertRaises(pureber.BERExceptionInsufficientData, pureber.berDecodeObject, pureber.BERDecoderContext(), m[:1])
self.assertEquals((None, 0), pureber.berDecodeObject(pureber.BERDecoderContext(), ''))
def asLDAP(self):
if self._LDAP_OP is None:
raise NotImplementedError("%s.asLDAP not implemented"
% self.__class__.__name__)
tmplist = list(self)
newlist = []
for x in range(len(tmplist)):
if (isinstance(tmplist[x], unicode)):
value = tmplist[x].encode('utf-8')
newlist.append(value)
else:
value = tmplist[x]
newlist.append(value)
return str(pureber.BERSequence([
pureber.BEREnumerated(self._LDAP_OP),
pureber.BERSequence([ pureldap.LDAPAttributeDescription(self.key),
pureber.BERSet(map(pureldap.LDAPString, newlist)),
]),
]))
def testStringRepresentatinMultipleIntegers(self):
"""
It can represent a sequence of multiple integer.
"""
sut = pureber.BERSequence(
[pureber.BERInteger(3),
pureber.BERInteger(128)])
result = sut.toWire()
self.assertEqual(b"0\x07\x02\x01\x03\x02\x02\x00\x80", result)
def request_page_(client, basedn, page_size=100, cookie='', **search_kwds):
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [('1.2.840.113556.1.4.319', None, control_value)]
search_kwds['controls'] = controls
search_kwds['return_controls'] = True
o = LDAPEntry(client, basedn)
results, resp_controls = yield o.search(**search_kwds)
cookie = get_paged_search_cookie_(resp_controls)
defer.returnValue((results, cookie))
def process_entry(client, args, search_filter, page_size=100, cookie=''):
basedn = args.base_dn
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [('1.2.840.113556.1.4.319', None, control_value)]
o = LDAPEntry(client, basedn)
results, resp_controls = yield o.search(filterText=search_filter,
attributes=['dn'],
controls=controls,
return_controls=True)
cookie = get_paged_search_cookie(resp_controls)
defer.returnValue((results, cookie))
def test_message_repr(self):
page_size = 10
cookie = "xyzzy"
control_value = pureber.BERSequence([
pureber.BERInteger(page_size),
pureber.BEROctetString(cookie),
])
controls = [('1.2.840.113556.1.4.319', None, control_value)]
search_request = pureldap.LDAPSearchRequest(
"cn=foo,ou=baz,dc=example,dc=org")
ldap_msg = pureldap.LDAPMessage(id=1,
value=search_request,
controls=controls,
tag=1)
expected_value = "LDAPMessage(id=1, value=LDAPSearchRequest(baseObject='cn=foo,ou=baz,dc=example,dc=org', scope=2, derefAliases=0, sizeLimit=0, timeLimit=0, typesOnly=0, filter=LDAPFilter_present(value='objectClass'), attributes=[]), controls=[('1.2.840.113556.1.4.319', None, BERSequence(value=[BERInteger(value=10), BEROctetString(value='xyzzy')]))], tag=1)"
self.assertEqual(expected_value, repr(ldap_msg))
def _paged_search(
self,
client,
base_dn,
filter_text,
attributes,
pagination=PAGINATION_TYPE_CRITICAL,
max_result_size=None,
page_size=DEFAULT_PAGE_SIZE,
):
"""
Given a bound client, search exhaustively using RFC 2696.
Return a list of dictionaries containing the attributes
of the resulting entries.
* attributes: Set of lower-case byte-strings.
"""
res = []
def handle_msg(value, controls, d):
try:
if isinstance(value, pureldap.LDAPSearchResultDone):
e = ldaperrors.get(value.resultCode, value.errorMessage)
if isinstance(e, (ldaperrors.Success,
ldaperrors.LDAPSizeLimitExceeded)):
cookie = get_cookie(controls)
d.callback((None, cookie))
else:
d.callback((e, None))
elif isinstance(value, pureldap.LDAPSearchResultEntry):
# Always send DN. Overwrite DN from attribute set, if any.
obj = {
"distinguishedname": [escape_bytes(value.objectName)]
}
for k, vs in value.attributes:
# Smash attribute name case.
k = k.decode().lower()
# Server may not honor attributes (e.g.
# SearchByTreeWalkingMixin).
if attributes and k.encode() not in attributes:
continue
# Covert value to list and encode for JSON.
vs = [escape_bytes(v) for v in vs]
obj[k] = vs
# Refuse to return certain attributes even if all
# attributes were requested.
obj.pop("userpassword", None)
res.append(obj)
except Exception:
log.failure("Unexpected error handling message")
finally:
return isinstance(value, (
pureldap.LDAPBindResponse,
pureldap.LDAPSearchResultDone,
))
if filter_text:
filter_obj = ldapfilter.parseFilter(filter_text)
else:
filter_obj = None
op = pureldap.LDAPSearchRequest(
baseObject=base_dn,
scope=pureldap.LDAP_SCOPE_wholeSubtree,
derefAliases=0,
sizeLimit=0,
timeLimit=0,
typesOnly=0,
filter=filter_obj,
attributes=attributes,
)
if pagination == PAGINATION_TYPE_CRITICAL:
# AD may ignore the RFC 2696 control if it is not
# critical. The caller can override this default if the
# control should be present but not critical or absent.
criticality = True
else:
criticality = False
cookie = pureber.BEROctetString("")
while True:
if pagination == PAGINATION_TYPE_DISABLE:
controls = None
else:
controls = [
(
RFC_2696_CONTROL_TYPE,
criticality,
pureber.BERSequence([
pureber.BERInteger(page_size),
cookie,
]),
),
]
d = defer.Deferred()
yield client.send(
op=op,
controls=controls,
handler=functools.partial(handle_msg, d=d),
return_controls=True,
)
# handle_msg() is synchronous so d should be called by the
# time it returns to LDAPClient.handle().
if d.called:
e, cookie = yield d
else:
log.error("Paging cookie not found!")
break
if e is not None:
# So the RPC caller can distinguish between problems
# with the search (e.g. bad configuration) and
# searches that return no results.
if isinstance(e, ldaperrors.LDAPOperationsError
) and e.message.decode().startswith(
const.LDAP_SUCCESSFUL_BIND_NEEDED_ERROR):
raise ldap.client.ConnectionNotProperlyBoundError(
"Search failed because either there was no bind on this connection or there were insufficient privileges with the bound user. If you are attempting to use integrated authentication with SSPI please make sure the server running the Authentication Proxy is domain joined."
)
else:
raise e
if not cookie.value:
break
if max_result_size is not None and len(res) > max_result_size:
break
defer.returnValue(res)
class KnownValues(unittest.TestCase):
knownValues = ( # class, args, kwargs, expected_result
(pureldap.LDAPModifyRequest, [], {
"object":
'cn=foo, dc=example, dc=com',
"modification": [
pureber.BERSequence([
pureber.BEREnumerated(0),
pureber.BERSequence([
pureldap.LDAPAttributeDescription('bar'),
pureber.BERSet([
pureldap.LDAPString('a'),
pureldap.LDAPString('b'),
]),
]),
]),
],
}, None, [0x66, 50] +
([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 20] +
([0x30, 18] +
([0x0a, 0x01, 0x00] + [0x30, 13] +
([0x04, len("bar")] + l("bar") + [0x31, 0x06] +
([0x04, len("a")] + l("a") + [0x04, len("b")] + l("b"))))))),
(pureldap.LDAPModifyRequest, [], {
"object":
'cn=foo, dc=example, dc=com',
"modification": [
pureber.BERSequence([
pureber.BEREnumerated(1L),
pureber.BERSequence([
pureber.BEROctetString('bar'),
pureber.BERSet([]),
]),
]),
],
}, None, [0x66, 0x2c] +
([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 0x0e] +
([0x30, 0x0c] + ([0x0a, 0x01, 0x01] + [0x30, 0x07] +
([0x04, 0x03] + l("bar") + [0x31, 0x00]))))),
(pureldap.LDAPFilter_not, [], {
"value": pureldap.LDAPFilter_present("foo"),
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureber.BERDecoderContext()),
[0xa2, 0x05] + [0x87] + [len("foo")] + l("foo")),
(
pureldap.LDAPFilter_or,
[],
{
"value": [
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='cn'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='uid'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
]
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureber.BERDecoderContext()),
[0xa1, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] +
[len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] +
l("uid") + [0x04] + [len("foo")] + l("foo"),
),
(
pureldap.LDAPFilter_and,
[],
{
"value": [
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='cn'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
value='uid'),
assertionValue=pureldap.LDAPAssertionValue(
value='foo')),
]
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureber.BERDecoderContext()),
[0xa0, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] +
[len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] +
l("uid") + [0x04] + [len("foo")] + l("foo"),
),
(pureldap.LDAPModifyDNRequest, [], {
'entry': 'cn=foo,dc=example,dc=com',
'newrdn': 'uid=bar',
'deleteoldrdn': 0,
}, None, [0x6c, 0x26] + [0x04] + [len("cn=foo,dc=example,dc=com")] +
l("cn=foo,dc=example,dc=com") + [0x04] + [len("uid=bar")] +
l("uid=bar") + [0x01, 0x01, 0x00]),
(pureldap.LDAPModifyDNRequest, [], {
'entry': 'cn=aoue,dc=example,dc=com',
'newrdn': 'uid=aoue',
'deleteoldrdn': 0,
'newSuperior': 'ou=People,dc=example,dc=com',
}, None, [0x6c, 69] + [0x04] + [len("cn=aoue,dc=example,dc=com")] +
l("cn=aoue,dc=example,dc=com") + [0x04] + [len("uid=aoue")] +
l("uid=aoue") + [0x01, 0x01, 0x00] + [0x80] +
[len("ou=People,dc=example,dc=com")] +
l("ou=People,dc=example,dc=com")),
(
pureldap.LDAPSearchRequest,
[],
{
'baseObject': 'dc=yoja,dc=example,dc=com',
},
None,
[0x63, 57] + [0x04] + [len('dc=yoja,dc=example,dc=com')] +
l('dc=yoja,dc=example,dc=com')
# scope
+ [0x0a, 1, 2]
# derefAliases
+ [0x0a, 1, 0]
# sizeLimit
+ [0x02, 1, 0]
# timeLimit
+ [0x02, 1, 0]
# typesOnly
+ [0x01, 1, 0]
# filter
+ [135, 11] + l('objectClass')
# attributes
+ [48, 0]),
(pureldap.LDAPUnbindRequest, [], {}, None, [0x42, 0x00]),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
},
None,
[0x65, 0x07]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('')] + l('')
# errorMessage
+ [0x04] + [len('')] + l('')
# referral, TODO
+ []),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
'matchedDN': 'dc=foo,dc=example,dc=com',
},
None,
[0x65, 31]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('dc=foo,dc=example,dc=com')] +
l('dc=foo,dc=example,dc=com')
# errorMessage
+ [0x04] + [len('')] + l('')
# referral, TODO
+ []),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
'matchedDN': 'dc=foo,dc=example,dc=com',
'errorMessage': 'the foobar was fubar',
},
None,
[0x65, 51]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('dc=foo,dc=example,dc=com')] +
l('dc=foo,dc=example,dc=com')
# errorMessage
+ [0x04] + [len('the foobar was fubar')] +
l('the foobar was fubar', )
# referral, TODO
+ []),
(
pureldap.LDAPSearchResultDone,
[],
{
'resultCode': 0,
'errorMessage': 'the foobar was fubar',
},
None,
[0x65, 27]
# resultCode
+ [0x0a, 0x01, 0x00]
# matchedDN
+ [0x04] + [len('')] + l('')
# errorMessage
+ [0x04] + [len('the foobar was fubar')] +
l('the foobar was fubar', )
# referral, TODO
+ []),
(
pureldap.LDAPMessage,
[],
{
'id': 42,
'value': pureldap.LDAPBindRequest(),
},
pureldap.LDAPBERDecoderContext_TopLevel(
inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()))),
[0x30, 12]
# id
+ [0x02, 0x01, 42]
# value
+ l(str(pureldap.LDAPBindRequest()))),
(
pureldap.LDAPControl,
[],
{
'controlType': '1.2.3.4',
},
None,
[0x30, 9]
# controlType
+ [0x04, 7] + l("1.2.3.4")),
(
pureldap.LDAPControl,
[],
{
'controlType': '1.2.3.4',
'criticality': True,
},
None,
[0x30, 12]
# controlType
+ [0x04, 7] + l("1.2.3.4")
# criticality
+ [0x01, 1, 0xFF]),
(
pureldap.LDAPControl,
[],
{
'controlType': '1.2.3.4',
'criticality': True,
'controlValue': 'silly',
},
None,
[0x30, 19]
# controlType
+ [0x04, 7] + l("1.2.3.4")
# criticality
+ [0x01, 1, 0xFF]
# controlValue
+ [0x04, len("silly")] + l("silly")),
(
pureldap.LDAPMessage,
[],
{
'id':
42,
'value':
pureldap.LDAPBindRequest(),
'controls': [
('1.2.3.4', None, None),
('2.3.4.5', False),
('3.4.5.6', True, '\x00\x01\x02\xFF'),
],
},
pureldap.LDAPBERDecoderContext_TopLevel(
inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()))),
[0x30, 59]
# id
+ [0x02, 0x01, 42]
# value
+ l(str(pureldap.LDAPBindRequest()))
# controls
+ l(
str(
pureldap.LDAPControls(value=[
pureldap.LDAPControl(controlType='1.2.3.4'),
pureldap.LDAPControl(controlType='2.3.4.5',
criticality=False),
pureldap.LDAPControl(controlType='3.4.5.6',
criticality=True,
controlValue='\x00\x01\x02\xFF'),
]))),
),
(pureldap.LDAPFilter_equalityMatch, [], {
'attributeDesc': pureldap.LDAPAttributeDescription('cn'),
'assertionValue': pureldap.LDAPAssertionValue('foo'),
},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())),
[0xa3, 9] + ([0x04, 2] + l('cn') + [0x04, 3] + l('foo'))),
(pureldap.LDAPFilter_or, [[
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('cn'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('uid'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('mail'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_substrings(
type='mail',
substrings=[pureldap.LDAPFilter_substrings_initial('foo@')]),
]], {},
pureldap.LDAPBERDecoderContext_Filter(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())), [0xA1, 52] +
([0xa3, 9] +
([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
([0x04, 4] + l('mail') + [0x30, 6] + ([0x80, 4] + l('foo@'))))),
(pureldap.LDAPSearchRequest, [], {
'baseObject':
'dc=example,dc=com',
'scope':
pureldap.LDAP_SCOPE_wholeSubtree,
'derefAliases':
pureldap.LDAP_DEREF_neverDerefAliases,
'sizeLimit':
1,
'timeLimit':
0,
'typesOnly':
False,
'filter':
pureldap.LDAPFilter_or([
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('cn'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('uid'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription('mail'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_substrings(
type='mail',
substrings=[
pureldap.LDAPFilter_substrings_initial('foo@')
]),
]),
'attributes': [''],
},
pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())), [0x63, 92] +
([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] +
[0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] +
[0x01, 1, 0x00] + [0xA1, 52] +
([0xa3, 9] +
([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
([0x04, 4] + l('mail') + [0x30, 6] +
([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))),
(
pureldap.LDAPMessage,
[],
{
'id':
1L,
'value':
pureldap.LDAPSearchRequest(
baseObject='dc=example,dc=com',
scope=pureldap.LDAP_SCOPE_wholeSubtree,
derefAliases=pureldap.LDAP_DEREF_neverDerefAliases,
sizeLimit=1,
timeLimit=0,
typesOnly=False,
filter=pureldap.LDAPFilter_or([
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
'cn'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
'uid'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_equalityMatch(
attributeDesc=pureldap.LDAPAttributeDescription(
'mail'),
assertionValue=pureldap.LDAPAssertionValue('foo')),
pureldap.LDAPFilter_substrings(
type='mail',
substrings=[
pureldap.LDAPFilter_substrings_initial('foo@')
]),
]),
attributes=[''],
),
},
pureldap.LDAPBERDecoderContext_TopLevel(
inherit=pureldap.LDAPBERDecoderContext_LDAPMessage(
fallback=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()),
inherit=pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext()))),
[0x30, 97]
# id
+ [0x02, 1, 1]
# value
+ [0x63, 92] +
([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] +
[0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] +
[0x01, 1, 0x00] + [0xA1, 52] +
([0xa3, 9] +
([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] +
([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] +
([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] +
([0x04, 4] + l('mail') + [0x30, 6] +
([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))),
(pureldap.LDAPExtendedRequest, [], {
'requestName': '42.42.42',
'requestValue': 'foo',
}, None, [0x40 | 0x20 | 23, 1 + 1 + 8 + 1 + 1 + 3] +
([0x80 | 0] + [len('42.42.42')] + l('42.42.42')) +
([0x80 | 1] + [len('foo')] + l('foo'))),
)
def testToLDAP(self):
"""str(LDAPClass(...)) should give known result with known input"""
for klass, args, kwargs, decoder, encoded in self.knownValues:
result = klass(*args, **kwargs)
result = str(result)
result = map(ord, result)
if result != encoded:
raise AssertionError, \
"Class %s(*%s, **%s) doesn't encode properly: " \
"%s != %s" % (klass.__name__,
repr(args), repr(kwargs),
repr(result), repr(encoded))
def testFromLDAP(self):
"""LDAPClass(encoded="...") should give known result with known input"""
for klass, args, kwargs, decoder, encoded in self.knownValues:
if decoder is None:
decoder = pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())
m = s(*encoded)
result, bytes = pureber.berDecodeObject(decoder, m)
self.assertEquals(bytes, len(m))
shouldBe = klass(*args, **kwargs)
#TODO shouldn't use str below
assert str(result)==str(shouldBe), \
"Class %s(*%s, **%s) doesn't decode properly: " \
"%s != %s" % (klass.__name__,
repr(args), repr(kwargs),
repr(result), repr(shouldBe))
def testPartial(self):
"""LDAPClass(encoded="...") with too short input should throw BERExceptionInsufficientData"""
for klass, args, kwargs, decoder, encoded in self.knownValues:
if decoder is None:
decoder = pureldap.LDAPBERDecoderContext(
fallback=pureber.BERDecoderContext())
for i in xrange(1, len(encoded)):
m = s(*encoded)[:i]
self.assertRaises(pureber.BERExceptionInsufficientData,
pureber.berDecodeObject, decoder, m)
self.assertEquals((None, 0), pureber.berDecodeObject(decoder, ''))
def encode_control_value(self):
return pureber.BERSequence([
pureber.BERInteger(self.size),
pureber.BEROctetString(self.cookie),
]).toWire()
