def handle_LDAPModifyDNRequest(self, request, controls, reply): self.checkControls(controls) dn = distinguishedname.DistinguishedName(request.entry) newrdn = distinguishedname.RelativeDistinguishedName(request.newrdn) deleteoldrdn = bool(request.deleteoldrdn) if not deleteoldrdn: raise ldaperrors.LDAPUnwillingToPerform( "Cannot handle preserving old RDN yet.") newSuperior = request.newSuperior if newSuperior is None: newSuperior = dn.up() else: newSuperior = distinguishedname.DistinguishedName(newSuperior) newdn = distinguishedname.DistinguishedName( listOfRDNs=(newrdn,)+newSuperior.split()) root = interfaces.IConnectedLDAPEntry(self.factory) d = root.lookup(dn) def _gotEntry(entry): d = entry.move(newdn) return d def _report(entry): return pureldap.LDAPModifyDNResponse(resultCode=0) d.addCallback(_gotEntry) d.addCallback(_report) return d
def getRootDSE(self, request, reply): root = interfaces.IConnectedLDAPEntry(self.factory) reply(pureldap.LDAPSearchResultEntry( objectName='', attributes=[('supportedLDAPVersion', ['3']), ('namingContexts', [str(root.dn)]), ('supportedExtension', [ pureldap.LDAPPasswordModifyRequest.oid, ]), ], )) return pureldap.LDAPSearchResultDone( resultCode=ldaperrors.Success.resultCode)
def handle_LDAPModifyRequest(self, request, controls, reply): self.checkControls(controls) root = interfaces.IConnectedLDAPEntry(self.factory) mod = delta.ModifyOp.fromLDAP(request) d = mod.patch(root) def _patched(entry): return entry.commit() d.addCallback(_patched) def _report(entry): return pureldap.LDAPModifyResponse(resultCode=0) d.addCallback(_report) return d
def handle_LDAPDelRequest(self, request, controls, reply): self.checkControls(controls) dn = distinguishedname.DistinguishedName(request.value) root = interfaces.IConnectedLDAPEntry(self.factory) d = root.lookup(dn) def _gotEntry(entry): d = entry.delete() return d d.addCallback(_gotEntry) def _report(entry): return pureldap.LDAPDelResponse(resultCode=0) d.addCallback(_report) return d
def handle_LDAPSearchRequest(self, request, controls, reply): self.checkControls(controls) if (request.baseObject == '' and request.scope == pureldap.LDAP_SCOPE_baseObject and request.filter == pureldap.LDAPFilter_present('objectClass')): return self.getRootDSE(request, reply) dn = distinguishedname.DistinguishedName(request.baseObject) root = interfaces.IConnectedLDAPEntry(self.factory) d = root.lookup(dn) d.addCallback(self._cbSearchGotBase, dn, request, reply) d.addErrback(self._cbSearchLDAPError) d.addErrback(defer.logError) d.addErrback(self._cbSearchOtherError) return d
def handle_LDAPCompareRequest(self, request, controls, reply): def _cbCompareGotBase(base, ava, reply): def _done(result_list): if result_list: resultCode = ldaperrors.LDAPCompareTrue.resultCode else: resultCode = ldaperrors.LDAPCompareFalse.resultCode return pureldap.LDAPCompareResponse(resultCode) # base.search only works with Filter Objects, and not with # AttributeValueAssertion objects. Here we convert the AVA to an # equivalent Filter so we can re-use the existing search # functionality we require. search_filter = pureldap.LDAPFilter_equalityMatch( attributeDesc=ava.attributeDesc, assertionValue=ava.assertionValue ) d = base.search( filterObject=search_filter, scope=pureldap.LDAP_SCOPE_baseObject, derefAliases=pureldap.LDAP_DEREF_neverDerefAliases ) d.addCallback(_done) return d def _cbCompareLDAPError(reason): reason.trap(ldaperrors.LDAPException) return pureldap.LDAPCompareResponse( resultCode=reason.value.resultCode) def _cbCompareOtherError(reason): return pureldap.LDAPCompareResponse( resultCode=ldaperrors.other, errorMessage=reason.getErrorMessage()) self.checkControls(controls) dn = distinguishedname.DistinguishedName(request.entry) root = interfaces.IConnectedLDAPEntry(self.factory) d = root.lookup(dn) d.addCallback(_cbCompareGotBase, request.ava, reply) d.addErrback(_cbCompareLDAPError) d.addErrback(defer.logError) d.addErrback(_cbCompareOtherError) return d
def getRootDSE(self, request, reply): root = interfaces.IConnectedLDAPEntry(self.factory) reply( pureldap.LDAPSearchResultEntry( objectName="", attributes=[ ("supportedLDAPVersion", ["3"]), ("namingContexts", [root.dn.getText()]), ( "supportedExtension", [ pureldap.LDAPPasswordModifyRequest.oid, ], ), ], )) return pureldap.LDAPSearchResultDone( resultCode=ldaperrors.Success.resultCode)
def handle_LDAPBindRequest(self, request, controls, reply): if request.version != 3: raise ldaperrors.LDAPProtocolError("Version %u not supported" % request.version) self.checkControls(controls) if request.dn == b"": # anonymous bind self.boundUser = None return pureldap.LDAPBindResponse(resultCode=0) else: dn = distinguishedname.DistinguishedName(request.dn) root = interfaces.IConnectedLDAPEntry(self.factory) d = root.lookup(dn) def _noEntry(fail): fail.trap(ldaperrors.LDAPNoSuchObject) return None d.addErrback(_noEntry) def _gotEntry(entry, auth): if entry is None: raise ldaperrors.LDAPInvalidCredentials() d = entry.bind(auth) def _cb(entry): self.boundUser = entry msg = pureldap.LDAPBindResponse( resultCode=ldaperrors.Success.resultCode, matchedDN=entry.dn.getText(), ) return msg d.addCallback(_cb) return d d.addCallback(_gotEntry, request.auth) return d
def handle_LDAPAddRequest(self, request, controls, reply): self.checkControls(controls) attributes = {} for name, vals in request.attributes: attributes.setdefault(name.value, sets.Set()) attributes[name.value].update([x.value for x in vals]) dn = distinguishedname.DistinguishedName(request.entry) rdn = str(dn.split()[0]) parent = dn.up() root = interfaces.IConnectedLDAPEntry(self.factory) d = root.lookup(parent) def _gotEntry(parent): d = parent.addChild(rdn, attributes) return d d.addCallback(_gotEntry) def _report(entry): return pureldap.LDAPAddResponse(resultCode=0) d.addCallback(_report) return d
def handle_LDAPBindRequest(self, request, controls, reply): if request.version != 3: raise ldaperrors.LDAPProtocolError('Version %u not supported' % request.version) self.checkControls(controls) if request.dn == b'': # anonymous bind self.boundUser = None return pureldap.LDAPBindResponse(resultCode=0) root = interfaces.IConnectedLDAPEntry(self.factory) def _gotUPNResult(results): if len(results) != 1: # Not exactly one result, so this might not be an UNP. return distinguishedname.DistinguishedName(request.dn) # A single result, so the UPN might exist. return results[0].dn if b'@' in request.dn and b',' not in request.dn: # This might be an UPN request. filterText = b'(' + self._loginAttribute + b'=' + request.dn + b')' d = root.search(filterText=filterText) d.addCallback(_gotUPNResult) else: d = defer.succeed(distinguishedname.DistinguishedName(request.dn)) # Once the BIND DN is known, search for the LDAP entry. d.addCallback(lambda dn: root.lookup(dn)) def _noEntry(fail): """ Called when the requested BIND DN was not found. """ fail.trap(ldaperrors.LDAPNoSuchObject) return None d.addErrback(_noEntry) def _gotEntry(entry, auth): """ Called when the requested BIND DN was found. """ if entry is None: raise ldaperrors.LDAPInvalidCredentials() d = entry.bind(auth) def _cb(entry): """ Called when BIND operation was successful. """ self.boundUser = entry msg = pureldap.LDAPBindResponse( resultCode=ldaperrors.Success.resultCode, matchedDN=entry.dn) return msg d.addCallback(_cb) return d d.addCallback(_gotEntry, request.auth) return d