示例#1
0
    def handleStartTLSRequest(self, request, controls, reply):
        """
        If the protocol factory has an `options` attribute it is assumed
        to be a `twisted.internet.ssl.CertificateOptions` that can be used
        to initiate TLS on the transport.

        Otherwise, this method returns an `unavailable` result code.
        """
        debug_flag = self.debug
        if debug_flag:
            log.msg("Received startTLS request: " + repr(request))
        if hasattr(self.factory, 'options'):
            if self.startTLS_initiated:
                msg = pureldap.LDAPStartTLSResponse(
                    resultCode=ldaperrors.LDAPOperationsError.resultCode)
                log.msg(
                    "Session already using TLS.  "
                    "Responding with 'operationsError' (1): " + repr(msg))
            else:
                if debug_flag:
                    log.msg("Setting success result code ...")
                msg = pureldap.LDAPStartTLSResponse(
                    resultCode=ldaperrors.Success.resultCode)
                if debug_flag:
                    log.msg("Replying with successful LDAPStartTLSResponse ...")
                reply(msg)
                if debug_flag:
                    log.msg("Initiating startTLS on transport ...")
                self.transport.startTLS(self.factory.options)
                self.startTLS_initiated = True
                msg = None
        else:
            msg = pureldap.LDAPStartTLSResponse(
                resultCode=ldaperrors.LDAPUnavailable.resultCode)
            log.msg(
                "StartTLS not implemented.  "
                "Responding with 'unavailable' (52): " + repr(msg))
        return defer.succeed(msg)
示例#2
0
 def _failedToConnectToProxiedServer(self, err):
     """
     The connection to the proxied server failed.
     """
     log.msg("[ERROR] Could not connect to proxied server.  "
             "Error was:\n{}".format(err))
     while len(self.queuedRequests) > 0:
         request, controls, reply = self.queuedRequests.pop(0)
         if isinstance(request, pureldap.LDAPBindRequest):
             msg = pureldap.LDAPBindResponse(
                 resultCode=ldaperrors.LDAPUnavailable.resultCode)
         elif isinstance(request, pureldap.LDAPStartTLSRequest):
             msg = pureldap.LDAPStartTLSResponse(
                 resultCode=ldaperrors.LDAPUnavailable.resultCode)
         else:
             continue
         reply(msg)
     self.transport.loseConnection()
示例#3
0
    def test_TLS_failure(self):
        clock = Clock()
        ldapclient.reactor = clock
        client, transport = self.create_test_client()
        d = client.startTLS()
        clock.advance(1)
        error = ldaperrors.LDAPOperationsError()
        op = pureldap.LDAPStartTLSResponse(error.resultCode)
        response = pureldap.LDAPMessage(op)
        response.id -= 1
        resp_bytestring = response.toWire()
        client.dataReceived(resp_bytestring)

        def cb_(thing):
            expected = ldaperrors.LDAPOperationsError
            self.assertEqual(expected, type(thing.value))

        d.addErrback(cb_)
        return d