示例#1
0
 def setUp(self):
     schema = SchemaInfo.from_json(edir_8_8_8_schema)
     info = DsaInfo.from_json(edir_8_8_8_dsa_info, schema)
     server = Server.from_definition('MockSyncServer', info, schema)
     self.connection = Connection(server,
                                  user='******',
                                  password='******',
                                  client_strategy=MOCK_SYNC)
示例#2
0
 def test_parse_search_filter_bad_object_class_type_check_true(self):
     self.assertRaises(LDAPObjectClassError,
                       parse_filter,
                       '(objectClass=bad)',
                       SchemaInfo.from_json(edir_8_8_8_schema),
                       test_auto_escape,
                       test_auto_encode,
                       check_names=True)
示例#3
0
 def test_parse_search_filter_bad_attribute_type_check_true(self):
     self.assertRaises(LDAPAttributeError,
                       parse_filter,
                       '(bad=admin)',
                       SchemaInfo.from_json(edir_8_8_8_schema),
                       test_auto_escape,
                       test_auto_encode,
                       check_names=True)
示例#4
0
 def test_parse_search_filter_bad_object_class_type_check_false(self):
     f = parse_filter('(objectClass=bad)',
                      SchemaInfo.from_json(edir_8_8_8_schema),
                      test_auto_escape,
                      test_auto_encode,
                      check_names=False)
     self.assertEqual(f.elements[0].tag, MATCH_EQUAL)
     self.assertEqual(f.elements[0].assertion['attr'], 'objectClass')
     self.assertEqual(f.elements[0].assertion['value'], b'bad')
示例#5
0
 def test_parse_search_filter_bad_attribute_type_check_false(self):
     f = parse_filter('(bad=admin)',
                      SchemaInfo.from_json(edir_8_8_8_schema),
                      test_auto_escape,
                      test_auto_encode,
                      check_names=False)
     self.assertEqual(f.elements[0].tag, MATCH_EQUAL)
     self.assertEqual(f.elements[0].assertion['attr'], 'bad')
     self.assertEqual(f.elements[0].assertion['value'], b'admin')
示例#6
0
def get_connection(bind=None,
                   use_ssl=None,
                   check_names=None,
                   lazy_connection=None,
                   authentication=None,
                   sasl_mechanism=None,
                   sasl_credentials=None,
                   ntlm_credentials=(None, None),
                   get_info=None,
                   usage=None,
                   fast_decoder=None,
                   simple_credentials=(None, None),
                   receive_timeout=None):
    if bind is None:
        bind = True
    if check_names is None:
        check_names = test_check_names
    if lazy_connection is None:
        lazy_connection = test_lazy_connection
    if authentication is None:
        authentication = test_authentication
    if get_info is None:
        get_info = test_get_info
    if usage is None:
        usage = test_usage
    if fast_decoder is None:
        fast_decoder = test_fast_decoder
    if receive_timeout is None:
        receive_timeout = test_receive_timeout
    if test_server_type == 'AD' and use_ssl is None:
        use_ssl = True  # Active directory forbids Add operations in cleartext

    if test_strategy not in [MOCK_SYNC, MOCK_ASYNC]:
        # define real server
        if isinstance(test_server, (list, tuple)):
            server = ServerPool(pool_strategy=test_pooling_strategy,
                                active=test_pooling_active,
                                exhaust=test_pooling_exhaust)
            for host in test_server:
                server.add(Server(host=host,
                                  use_ssl=use_ssl,
                                  port=test_port_ssl if use_ssl else test_port,
                                  allowed_referral_hosts=('*', True),
                                  get_info=get_info,
                                  mode=test_server_mode))
        else:
            server = Server(host=test_server,
                            use_ssl=use_ssl,
                            port=test_port_ssl if use_ssl else test_port,
                            allowed_referral_hosts=('*', True),
                            get_info=get_info,
                            mode=test_server_mode)
    else:
        if test_server_type == 'EDIR':
            schema = SchemaInfo.from_json(edir_8_8_8_schema)
            info = DsaInfo.from_json(edir_8_8_8_dsa_info, schema)
            server = Server.from_definition('MockSyncServer', info, schema)
        elif test_server_type == 'AD':
            schema = SchemaInfo.from_json(ad_2012_r2_schema)
            info = DsaInfo.from_json(ad_2012_r2_dsa_info, schema)
            server = Server.from_definition('MockSyncServer', info, schema)
        elif test_server_type == 'SLAPD':
            schema = SchemaInfo.from_json(slapd_2_4_schema)
            info = DsaInfo.from_json(slapd_2_4_dsa_info, schema)
            server = Server.from_definition('MockSyncServer', info, schema)

    if authentication == SASL:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                authentication=SASL,
                                sasl_mechanism=sasl_mechanism,
                                sasl_credentials=sasl_credentials,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)
    elif authentication == NTLM:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                user=ntlm_credentials[0],
                                password=ntlm_credentials[1],
                                authentication=NTLM,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)
    elif authentication == ANONYMOUS:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                user=None,
                                password=None,
                                authentication=ANONYMOUS,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)
    else:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                user=simple_credentials[0] or test_user,
                                password=simple_credentials[1] or test_password,
                                authentication=authentication,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)

    if test_strategy in [MOCK_SYNC, MOCK_ASYNC]:
        # create authentication identities for testing mock strategies
        connection.strategy.add_entry(test_user, {'objectClass': 'inetOrgPerson', 'userPassword': test_password})
        connection.strategy.add_entry(test_secondary_user, {'objectClass': 'inetOrgPerson', 'userPassword': test_secondary_password})
        connection.strategy.add_entry(test_sasl_user_dn, {'objectClass': 'inetOrgPerson', 'userPassword': test_sasl_password})
        connection.strategy.add_entry(test_sasl_secondary_user_dn, {'objectClass': 'inetOrgPerson', 'userPassword': test_sasl_secondary_password})
        # connection.strategy.add_entry(test_ntlm_user, {'objectClass': 'inetOrgPerson', 'userPassword': test_ntlm_password})
        if bind:
            connection.bind()

    return connection
示例#7
0
import sys

from ldap3.operation.search import parse_filter, compile_filter
from ldap3.protocol.schemas.ad2012R2 import ad_2012_r2_schema, ad_2012_r2_dsa_info
from ldap3.protocol.rfc4512 import SchemaInfo
from pyasn1.codec.der import decoder, encoder

from msldap.protocol.query import query_syntax_converter
from msldap.protocol.messages import LDAPMessage, Filter

# https://ldap3.readthedocs.io/bind.html
if __name__ == '__main__':

    qry = r'(&(servicePrincipalName=*)(!(sAMAccountName=*$)))'

    schema = SchemaInfo.from_json(ad_2012_r2_schema)
    auto_escape = True
    auto_encode = True
    validator = None
    check_names = False

    res = parse_filter(qry, schema, auto_escape, auto_encode, validator,
                       check_names)
    print(repr(res))
    res = compile_filter(res.elements[0])
    print(repr(res))
    print(encoder.encode(res).hex())

    msg = Filter.load(encoder.encode(res))
    print(msg.native)
示例#8
0
 def test_parse_search_filter_bad_object_class_type_check_false(self):
     f = parse_filter('(objectClass=bad)', SchemaInfo.from_json(edir_8_8_8_schema), test_auto_escape, test_auto_encode, test_validator, check_names=False)
     self.assertEqual(f.elements[0].tag, MATCH_EQUAL)
     self.assertEqual(f.elements[0].assertion['attr'], 'objectClass')
     self.assertEqual(f.elements[0].assertion['value'], b'bad')
示例#9
0
 def test_parse_search_filter_bad_object_class_type_check_true(self):
     self.assertRaises(LDAPObjectClassError, parse_filter, '(objectClass=bad)', SchemaInfo.from_json(edir_8_8_8_schema), test_auto_escape, test_auto_encode, test_validator, check_names=True)
示例#10
0
 def test_parse_search_filter_bad_attribute_type_check_true(self):
     self.assertRaises(LDAPAttributeError, parse_filter, '(bad=admin)', SchemaInfo.from_json(edir_8_8_8_schema), test_auto_escape, test_auto_encode, test_validator, check_names=True)
 def setUp(self):
     schema = SchemaInfo.from_json(edir_8_8_8_schema)
     info = DsaInfo.from_json(edir_8_8_8_dsa_info, schema)
     server = Server.from_definition('MockSyncServer', info, schema)
     self.connection = Connection(server, user='******', password='******', client_strategy=MOCK_SYNC)
示例#12
0
def get_connection(bind=None,
                   use_ssl=None,
                   check_names=None,
                   lazy_connection=None,
                   authentication=None,
                   sasl_mechanism=None,
                   sasl_credentials=None,
                   ntlm_credentials=(None, None),
                   get_info=None,
                   usage=None,
                   fast_decoder=None,
                   simple_credentials=(None, None),
                   receive_timeout=None):
    if bind is None:
        bind = True
    if check_names is None:
        check_names = test_check_names
    if lazy_connection is None:
        lazy_connection = test_lazy_connection
    if authentication is None:
        authentication = test_authentication
    if get_info is None:
        get_info = test_get_info
    if usage is None:
        usage = test_usage
    if fast_decoder is None:
        fast_decoder = test_fast_decoder
    if receive_timeout is None:
        receive_timeout = test_receive_timeout
    if test_server_type == 'AD' and use_ssl is None:
        use_ssl = True  # Active directory forbids Add operations in cleartext

    if test_strategy not in [MOCK_SYNC, MOCK_ASYNC]:
        # define real server
        if isinstance(test_server, (list, tuple)):
            server = ServerPool(pool_strategy=test_pooling_strategy,
                                active=test_pooling_active,
                                exhaust=test_pooling_exhaust)
            for host in test_server:
                server.add(Server(host=host,
                                  use_ssl=use_ssl,
                                  port=test_port_ssl if use_ssl else test_port,
                                  allowed_referral_hosts=('*', True),
                                  get_info=get_info,
                                  mode=test_server_mode))
        else:
            server = Server(host=test_server,
                            use_ssl=use_ssl,
                            port=test_port_ssl if use_ssl else test_port,
                            allowed_referral_hosts=('*', True),
                            get_info=get_info,
                            mode=test_server_mode)
    else:
        if test_server_type == 'EDIR':
            schema = SchemaInfo.from_json(edir_8_8_8_schema)
            info = DsaInfo.from_json(edir_8_8_8_dsa_info, schema)
            server = Server.from_definition('MockSyncServer', info, schema)
        elif test_server_type == 'AD':
            schema = SchemaInfo.from_json(ad_2012_r2_schema)
            info = DsaInfo.from_json(ad_2012_r2_dsa_info, schema)
            server = Server.from_definition('MockSyncServer', info, schema)
        elif test_server_type == 'SLAPD':
            schema = SchemaInfo.from_json(slapd_2_4_schema)
            info = DsaInfo.from_json(slapd_2_4_dsa_info, schema)
            server = Server.from_definition('MockSyncServer', info, schema)

    if authentication == SASL:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                authentication=SASL,
                                sasl_mechanism=sasl_mechanism,
                                sasl_credentials=sasl_credentials,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)
    elif authentication == NTLM:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                user=ntlm_credentials[0],
                                password=ntlm_credentials[1],
                                authentication=NTLM,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)
    elif authentication == ANONYMOUS:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                user=None,
                                password=None,
                                authentication=ANONYMOUS,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)
    else:
        connection = Connection(server,
                                auto_bind=bind,
                                version=3,
                                client_strategy=test_strategy,
                                user=simple_credentials[0] or test_user,
                                password=simple_credentials[1] or test_password,
                                authentication=authentication,
                                lazy=lazy_connection,
                                pool_name='pool1',
                                check_names=check_names,
                                collect_usage=usage,
                                fast_decoder=fast_decoder,
                                receive_timeout=receive_timeout)

    if test_strategy in [MOCK_SYNC, MOCK_ASYNC]:
        # create authentication identities for testing mock strategies
        connection.strategy.add_entry(test_user, {'objectClass': 'inetOrgPerson', 'userPassword': test_password})
        connection.strategy.add_entry(test_secondary_user, {'objectClass': 'inetOrgPerson', 'userPassword': test_secondary_password})
        connection.strategy.add_entry(test_sasl_user_dn, {'objectClass': 'inetOrgPerson', 'userPassword': test_sasl_password})
        connection.strategy.add_entry(test_sasl_secondary_user_dn, {'objectClass': 'inetOrgPerson', 'userPassword': test_sasl_secondary_password})
        # connection.strategy.add_entry(test_ntlm_user, {'objectClass': 'inetOrgPerson', 'userPassword': test_ntlm_password})
        if bind:
            connection.bind()

    return connection