def sasl_bind(client, host):
sasl_client = SASLClient(host, service='ldap', mechanism='GSSAPI')
sasl_credentials = SaslCredentials()
sasl_credentials.setComponentByName("mechanism", LDAPString("gssapi"))
sasl_credentials.setComponentByName("credentials", sasl_client.process(None))
authentication_choice = AuthenticationChoice()
authentication_choice.setComponentByName('sasl', sasl_credentials)
bind_request = BindRequest()
bind_request.setComponentByName('version', Version(3))
bind_request.setComponentByName('name', LDAPDN(''))
bind_request.setComponentByName('authentication', authentication_choice)
protocol_op = ProtocolOp()
protocol_op.setComponentByName("bindRequest", bind_request)
ber_encode(authentication_choice)
ber_encode(sasl_credentials)
print(bind_request.prettyPrint())
ber_encode(bind_request)
ber_encode(protocol_op)
response = yield from client.request(protocol_op)
print(response)
def encode_decode(lm):
"""Simulate transmission over the network"""
raw = ber_encode(lm)
response, raw = ber_decode(raw, asn1Spec=rfc4511.LDAPMessage())
if raw:
raise Exception('Unexpected leftover bits')
return response
def request(self, protocol_op):
message_id = self.get_message_id()
message = LDAPMessage()
message.setComponentByName('messageID', MessageID(message_id))
message.setComponentByName('protocolOp', protocol_op)
fut = asyncio.Future()
self._pending_messages[message_id] = fut
self._transport.write(ber_encode(message))
return (yield from fut)
def _prep_message(self, op, obj, controls=None):
"""Prepare a message for transmission"""
mid = self._next_message_id
self._next_message_id += 1
lm = pack(mid, op, obj, controls)
raw = ber_encode(lm)
if self._has_sasl_client():
raw = self._sasl_client.wrap(raw)
return mid, raw
def _prep_message(self, op, obj, controls=None):
"""Prepare a message for transmission"""
mid = self._next_message_id
self._next_message_id += 1
lm = pack(mid, op, obj, controls)
raw = ber_encode(lm)
if self._has_sasl_client():
raw = self._sasl_client.wrap(raw)
return mid, raw
def prepare(self, ctrl_value, criticality):
"""Prepare the paged results control value
:param ctrl_value: Either an integer page size or a tuple of (page size, cookie)
:type ctrl_value: int or tuple
:param criticality: True if the control is critical, false otherwise
:return: The protocol-level control object
"""
if isinstance(ctrl_value, int):
page_size = ctrl_value
cookie = ''
elif isinstance(ctrl_value, tuple):
page_size, cookie = ctrl_value
else:
raise TypeError('Must be int or tuple')
real_ctrl_value = RealSearchControlValue()
real_ctrl_value.setComponentByName('size', Size(page_size))
real_ctrl_value.setComponentByName('cookie', Cookie(cookie))
real_ctrl_value = ber_encode(real_ctrl_value)
return Control.prepare(self, real_ctrl_value, criticality)
def prepare(self, ctrl_value, criticality):
"""Prepare the paged results control value
:param ctrl_value: Either an integer page size or a tuple of (page size, cookie)
:type ctrl_value: int or tuple
:param criticality: True if the control is critical, false otherwise
:return: The protocol-level control object
"""
if isinstance(ctrl_value, int):
page_size = ctrl_value
cookie = ''
elif isinstance(ctrl_value, tuple):
page_size, cookie = ctrl_value
else:
raise TypeError('Must be int or tuple')
real_ctrl_value = RealSearchControlValue()
real_ctrl_value.setComponentByName('size', Size(page_size))
real_ctrl_value.setComponentByName('cookie', Cookie(cookie))
real_ctrl_value = ber_encode(real_ctrl_value)
return Control.prepare(self, real_ctrl_value, criticality)
def test_pagedresults(self):
"""Use the paged results controls to exercise the controls subsystem"""
extensions.paged_results.require()
mock_sock = MockLDAPSocket()
mock_sock.add_search_res_entry('', {
'supportedControl': [pagedresults.OID],
'namingContexts': ['o=testing']
})
mock_sock.add_search_res_done('')
ldap = LDAP(mock_sock)
test_dn = 'o=testing'
test_cookie = 'foo'
test_size = 2
# prepare response control
controls = rfc4511.Controls()
control = rfc4511.Control()
ctrl_value = pagedresults.RealSearchControlValue()
ctrl_value.setComponentByName('size', pagedresults.Size(test_size))
ctrl_value.setComponentByName('cookie', pagedresults.Cookie(test_cookie))
control.setComponentByName('controlType', rfc4511.LDAPOID(pagedresults.OID))
control.setComponentByName('controlValue', ber_encode(ctrl_value))
controls.setComponentByPosition(0, control)
# prepare search results
mock_sock.add_search_res_entry(test_dn, {})
mock_sock.add_search_res_entry(test_dn, {})
mock_sock.add_search_res_done(test_dn, controls=controls)
# do search with critical
ctrl_kwds = {pagedresults.LaurelinExtension.PagedResultsControl.keyword: critical(test_size)}
search = ldap.search(test_dn, **ctrl_kwds)
# get all results
results = list(search)
self.assertEqual(len(results), test_size)
self.assertTrue(hasattr(search, pagedresults.LaurelinExtension.PagedResultsControl.response_attr))
self.assertEqual(getattr(search, pagedresults.LaurelinExtension.PagedResultsControl.response_attr), test_cookie)
def test_pagedresults(self):
"""Use the paged results controls to exercise the controls subsystem"""
LDAP.activate_extension('laurelin.extensions.pagedresults')
mock_sock = MockLDAPSocket()
mock_sock.add_search_res_entry('', {
'supportedControl': [pagedresults.OID],
'namingContexts': ['o=testing']
})
mock_sock.add_search_res_done('')
ldap = LDAP(mock_sock)
test_dn = 'o=testing'
test_cookie = 'foo'
test_size = 2
# prepare response control
controls = rfc4511.Controls()
control = rfc4511.Control()
ctrl_value = pagedresults.RealSearchControlValue()
ctrl_value.setComponentByName('size', pagedresults.Size(test_size))
ctrl_value.setComponentByName('cookie', pagedresults.Cookie(test_cookie))
control.setComponentByName('controlType', rfc4511.LDAPOID(pagedresults.OID))
control.setComponentByName('controlValue', ber_encode(ctrl_value))
controls.setComponentByPosition(0, control)
# prepare search results
mock_sock.add_search_res_entry(test_dn, {})
mock_sock.add_search_res_entry(test_dn, {})
mock_sock.add_search_res_done(test_dn, controls=controls)
# do search with critical
ctrl_kwds = {pagedresults.PagedResultsControl.keyword: critical(test_size)}
search = ldap.search(test_dn, **ctrl_kwds)
# get all results
results = list(search)
self.assertEqual(len(results), test_size)
self.assertTrue(hasattr(search, pagedresults.PagedResultsControl.response_attr))
self.assertEqual(getattr(search, pagedresults.PagedResultsControl.response_attr), test_cookie)
def add_message(self, lm):
"""Add a new response message to be received"""
raw = ber_encode(lm)
self._outgoing_queue.append(raw)
async def send(self, lm: rfc4511.LDAPMessage):
"""Encode and send an LDAP message"""
self.writer.write(ber_encode(lm))
await self.writer.drain()
#!/usr/bin/python
from hexdump import hexdump, dump
from pyasn1.codec.ber.encoder import encode as ber_encode
from pyasn1.codec.cer.encoder import encode as cer_encode
from pyasn1.codec.der.encoder import encode as der_encode
from pyasn1.type import univ, char
# BER
print("*** BASIC ENCODING RULES ***")
print("BOOLEAN True")
bytes = ber_encode(univ.Boolean(True))
print(dump(bytes))
print("BOOLEAN False")
bytes = ber_encode(univ.Boolean(False))
print(dump(bytes))
print("INTEGER 5")
bytes = ber_encode(univ.Integer(5))
print(dump(bytes))
print("INTEGER 90000")
bytes = ber_encode(univ.Integer(90000))
print(dump(bytes))
print("BITSTRING 101100111000")
bytes = ber_encode(univ.BitString("101100111000"))
print(dump(bytes))
