Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1# Impacket - Collection of Python classes for working with network protocols. 

2# 

3# SECUREAUTH LABS. Copyright (C) 2018 SecureAuth Corporation. All rights reserved. 

4# 

5# This software is provided under a slightly modified version 

6# of the Apache Software License. See the accompanying LICENSE file 

7# for more information. 

8# 

9# Description: 

10# RFC 4511 Minimalistic implementation. We don't need much functionality yet 

11# If we need more complex use cases we might opt to use a third party implementation 

12# Keep in mind the APIs are still unstable, might require to re-write your scripts 

13# as we change them. 

14# Adding [MS-ADTS] specific functionality 

15# 

16# Authors: 

17# Alberto Solino (@agsolino) 

18# Kacper Nowak (@kacpern) 

19# 

20from pyasn1.codec.ber import encoder, decoder 

21from pyasn1.type import univ, namedtype, namedval, tag, constraint 

22 

23__all__ = [ 

24 'CONTROL_PAGEDRESULTS', 'CONTROL_SDFLAGS', 'KNOWN_CONTROLS', 'NOTIFICATION_DISCONNECT', 'KNOWN_NOTIFICATIONS', 

25 # classes 

26 'ResultCode', 'Scope', 'DerefAliases', 'Operation', 'MessageID', 'LDAPString', 'LDAPOID', 'LDAPDN', 

27 'RelativeLDAPDN', 'AttributeDescription', 'AttributeValue', 'AssertionValue', 'MatchingRuleID', 'URI', 

28 'AttributeValueAssertion', 'PartialAttribute', 'PartialAttributeList', 'Attribute', 'AttributeList', 

29 'AttributeSelection', 'Referral', 'LDAPResult', 'SaslCredentials', 'AuthenticationChoice', 'BindRequest', 

30 'BindResponse', 'UnbindRequest', 'SubstringFilter', 'MatchingRuleAssertion', 'Filter', 'SearchRequest', 

31 'SearchResultEntry', 'SearchResultReference', 'SearchResultDone', 'ModifyRequest', 'ModifyResponse', 'AddRequest', 

32 'AddResponse', 'DelRequest', 'DelResponse', 'ModifyDNRequest', 'ModifyDNResponse', 'CompareRequest', 

33 'CompareResponse', 'AbandonRequest', 'ExtendedRequest', 'ExtendedResponse', 'IntermediateResponse', 'Control', 

34 'Controls', 'SimplePagedResultsControlValue', 'SimplePagedResultsControl', 'LDAPMessage' 

35] 

36 

37# Controls 

38CONTROL_PAGEDRESULTS = '1.2.840.113556.1.4.319' 

39CONTROL_SDFLAGS = '1.2.840.113556.1.4.801' 

40 

41KNOWN_CONTROLS = {} 

42 

43# Unsolicited notifications 

44NOTIFICATION_DISCONNECT = '1.3.6.1.4.1.1466.20036' 

45 

46KNOWN_NOTIFICATIONS = {NOTIFICATION_DISCONNECT: 'Notice of Disconnection'} 

47 

48maxInt = univ.Integer(2147483647) 

49 

50 

51class DefaultSequenceAndSetBaseMixin: 

52 def getComponentByPosition(self, idx, default=univ.noValue, instantiate=True): 

53 for cls in self.__class__.__bases__: 53 ↛ exitline 53 didn't return from function 'getComponentByPosition', because the loop on line 53 didn't complete

54 if cls is not DefaultSequenceAndSetBaseMixin: 

55 try: 

56 component = cls.getComponentByPosition(self, idx)#, default, instantiate) 

57 except AttributeError: 

58 continue 

59 if component is None: 59 ↛ 60line 59 didn't jump to line 60, because the condition on line 59 was never true

60 return self.setComponentByPosition(idx).getComponentByPosition(idx)# , default, instantiate) 

61 return component 

62 

63 

64class ResultCode(univ.Enumerated): 

65 namedValues = namedval.NamedValues( 

66 ('success', 0), 

67 ('operationsError', 1), 

68 ('protocolError', 2), 

69 ('timeLimitExceeded', 3), 

70 ('sizeLimitExceeded', 4), 

71 ('compareFalse', 5), 

72 ('compareTrue', 6), 

73 ('authMethodNotSupported', 7), 

74 ('strongerAuthRequired', 8), 

75 ('referral', 10), 

76 ('adminLimitExceeded', 11), 

77 ('unavailableCriticalExtension', 12), 

78 ('confidentialityRequired', 13), 

79 ('saslBindInProgress', 14), 

80 ('noSuchAttribute', 16), 

81 ('undefinedAttributeType', 17), 

82 ('inappropriateMatching', 18), 

83 ('constraintViolation', 19), 

84 ('attributeOrValueExists', 20), 

85 ('invalidAttributeSyntax', 21), 

86 ('noSuchObject', 32), 

87 ('aliasProblem', 33), 

88 ('invalidDNSyntax', 34), 

89 ('aliasDereferencingProblem', 36), 

90 ('inappropriateAuthentication', 48), 

91 ('invalidCredentials', 49), 

92 ('insufficientAccessRights', 50), 

93 ('busy', 51), 

94 ('unavailable', 52), 

95 ('unwillingToPerform', 53), 

96 ('loopDetect', 54), 

97 ('namingViolation', 64), 

98 ('objectClassViolation', 65), 

99 ('notAllowedOnNonLeaf', 66), 

100 ('notAllowedOnRDN', 67), 

101 ('entryAlreadyExists', 68), 

102 ('objectClassModsProhibited', 69), 

103 ('affectsMultipleDSAs', 71), 

104 ('other', 80), 

105 ) 

106 

107 

108class Scope(univ.Enumerated): 

109 namedValues = namedval.NamedValues( 

110 ('baseObject', 0), 

111 ('singleLevel', 1), 

112 ('wholeSubtree', 2), 

113 ) 

114 

115 

116class DerefAliases(univ.Enumerated): 

117 namedValues = namedval.NamedValues( 

118 ('neverDerefAliases', 0), 

119 ('derefInSearching', 1), 

120 ('derefFindingBaseObj', 2), 

121 ('derefAlways', 3), 

122 ) 

123 

124 

125class Operation(univ.Enumerated): 

126 namedValues = namedval.NamedValues( 

127 ('add', 0), 

128 ('delete', 1), 

129 ('replace', 2), 

130 ) 

131 

132 

133class MessageID(univ.Integer): 

134 subtypeSpec = constraint.ValueRangeConstraint(0, maxInt) 

135 

136 

137class LDAPString(univ.OctetString): 

138 encoding = 'utf-8' 

139 

140 

141class LDAPOID(univ.OctetString): 

142 pass 

143 

144 

145class LDAPDN(LDAPString): 

146 pass 

147 

148 

149class RelativeLDAPDN(LDAPString): 

150 pass 

151 

152 

153class AttributeDescription(LDAPString): 

154 pass 

155 

156 

157class AttributeValue(univ.OctetString): 

158 pass 

159 

160 

161class AssertionValue(univ.OctetString): 

162 pass 

163 

164 

165class MatchingRuleID(LDAPString): 

166 pass 

167 

168 

169class URI(LDAPString): 

170 pass 

171 

172 

173class AttributeValueAssertion(univ.Sequence): 

174 componentType = namedtype.NamedTypes( 

175 namedtype.NamedType('attributeDesc', AttributeDescription()), 

176 namedtype.NamedType('assertionValue', AssertionValue()) 

177 ) 

178 

179 

180class PartialAttribute(univ.Sequence): 

181 componentType = namedtype.NamedTypes( 

182 namedtype.NamedType('type', AttributeDescription()), 

183 namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) 

184 ) 

185 

186 

187class PartialAttributeList(univ.SequenceOf): 

188 componentType = PartialAttribute() 

189 

190 

191class Attribute(univ.Sequence): 

192 componentType = namedtype.NamedTypes( 

193 namedtype.NamedType('type', AttributeDescription()), 

194 namedtype.NamedType( 

195 'vals', 

196 univ.SetOf(componentType=AttributeValue()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, maxInt)) 

197 ) 

198 ) 

199 

200 

201class AttributeList(univ.SequenceOf): 

202 componentType = Attribute() 

203 

204 

205class AttributeSelection(univ.SequenceOf): 

206 componentType = LDAPString() 

207 

208 

209class Referral(univ.SequenceOf): 

210 componentType = URI() 

211 subtypeSpec = constraint.ValueSizeConstraint(1, maxInt) 

212 

213 

214class LDAPResult(univ.Sequence): 

215 componentType = namedtype.NamedTypes( 

216 namedtype.NamedType('resultCode', ResultCode()), 

217 namedtype.NamedType('matchedDN', LDAPDN()), 

218 namedtype.NamedType('diagnosticMessage', LDAPString()), 

219 namedtype.OptionalNamedType( 

220 'referral', Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)) 

221 ) 

222 ) 

223 

224 

225class SaslCredentials(univ.Sequence): 

226 componentType = namedtype.NamedTypes( 

227 namedtype.NamedType('mechanism', LDAPString()), 

228 namedtype.OptionalNamedType('credentials', univ.OctetString()) 

229 ) 

230 

231 

232class AuthenticationChoice(DefaultSequenceAndSetBaseMixin, univ.Choice): 

233 componentType = namedtype.NamedTypes( 

234 namedtype.NamedType( 

235 'simple', 

236 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) 

237 ), 

238 namedtype.NamedType( 

239 'sasl', 

240 SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)) 

241 ), 

242 namedtype.NamedType( 

243 'sicilyPackageDiscovery', 

244 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 9)) 

245 ), 

246 namedtype.NamedType( 

247 'sicilyNegotiate', 

248 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10)) 

249 ), 

250 namedtype.NamedType( 

251 'sicilyResponse', 

252 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11)) 

253 ) 

254 ) 

255 

256 

257class BindRequest(DefaultSequenceAndSetBaseMixin, univ.Sequence): 

258 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0)) 

259 componentType = namedtype.NamedTypes( 

260 namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))), 

261 namedtype.NamedType('name', LDAPDN()), 

262 namedtype.NamedType('authentication', AuthenticationChoice()) 

263 ) 

264 

265 

266class BindResponse(univ.Sequence): 

267 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) 

268 componentType = namedtype.NamedTypes( 

269 namedtype.NamedType('resultCode', ResultCode()), 

270 namedtype.NamedType('matchedDN', LDAPDN()), 

271 namedtype.NamedType('diagnosticMessage', LDAPString()), 

272 namedtype.OptionalNamedType( 

273 'referral', 

274 Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)) 

275 ), 

276 namedtype.OptionalNamedType( 

277 'serverSaslCreds', 

278 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7)) 

279 ) 

280 ) 

281 

282 

283class UnbindRequest(univ.Null): 

284 tagSet = univ.Null.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2)) 

285 

286 

287class SubstringFilter(DefaultSequenceAndSetBaseMixin, univ.Sequence): 

288 componentType = namedtype.NamedTypes( 

289 namedtype.NamedType('type', AttributeDescription()), 

290 namedtype.NamedType( 

291 'substrings', 

292 univ.SequenceOf(componentType=univ.Choice(componentType=namedtype.NamedTypes( 

293 namedtype.NamedType( 

294 'initial', 

295 AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) 

296 ), 

297 namedtype.NamedType( 

298 'any', 

299 AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) 

300 ), 

301 namedtype.NamedType( 

302 'final', 

303 AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)) 

304 ) 

305 ))) 

306 ) 

307 ) 

308 

309 

310class MatchingRuleAssertion(univ.Sequence): 

311 componentType = namedtype.NamedTypes( 

312 namedtype.OptionalNamedType( 

313 'matchingRule', 

314 MatchingRuleID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) 

315 ), 

316 namedtype.OptionalNamedType( 

317 'type', 

318 AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)) 

319 ), 

320 namedtype.NamedType( 

321 'matchValue', 

322 AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)) 

323 ), 

324 namedtype.DefaultedNamedType( 

325 'dnAttributes', 

326 univ.Boolean().subtype(value=False, implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)) 

327 ) 

328 ) 

329 

330 

331class Filter(DefaultSequenceAndSetBaseMixin, univ.Choice): 

332 pass 

333 

334 

335Filter.componentType = namedtype.NamedTypes( 

336 namedtype.NamedType( 

337 'and', 

338 univ.SetOf(componentType=Filter()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) 

339 ), 

340 namedtype.NamedType( 

341 'or', 

342 univ.SetOf(componentType=Filter()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) 

343 ), 

344 namedtype.NamedType( 

345 'not', 

346 univ.SetOf(componentType=Filter()).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)) 

347 #Filter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)) 

348 ), 

349 namedtype.NamedType( 

350 'equalityMatch', 

351 AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)) 

352 ), 

353 namedtype.NamedType( 

354 'substrings', 

355 SubstringFilter().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)) 

356 ), 

357 namedtype.NamedType( 

358 'greaterOrEqual', 

359 AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5)) 

360 ), 

361 namedtype.NamedType( 

362 'lessOrEqual', 

363 AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6)) 

364 ), 

365 namedtype.NamedType( 

366 'present', 

367 AttributeDescription().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7)) 

368 ), 

369 namedtype.NamedType( 

370 'approxMatch', 

371 AttributeValueAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8)) 

372 ), 

373 namedtype.NamedType( 

374 'extensibleMatch', 

375 MatchingRuleAssertion().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)) 

376 ) 

377) 

378 

379 

380class SearchRequest(DefaultSequenceAndSetBaseMixin, univ.Sequence): 

381 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3)) 

382 componentType = namedtype.NamedTypes( 

383 namedtype.NamedType('baseObject', LDAPDN()), 

384 namedtype.NamedType('scope', Scope()), 

385 namedtype.NamedType('derefAliases', DerefAliases()), 

386 namedtype.NamedType( 

387 'sizeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt)) 

388 ), 

389 namedtype.NamedType( 

390 'timeLimit', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt)) 

391 ), 

392 namedtype.NamedType('typesOnly', univ.Boolean()), 

393 namedtype.NamedType('filter', Filter()), 

394 namedtype.NamedType('attributes', AttributeSelection()) 

395 ) 

396 

397 

398class SearchResultEntry(univ.Sequence): 

399 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4)) 

400 componentType = namedtype.NamedTypes( 

401 namedtype.NamedType('objectName', LDAPDN()), 

402 namedtype.NamedType('attributes', PartialAttributeList()) 

403 ) 

404 

405 

406class SearchResultReference(univ.SequenceOf): 

407 tagSet = univ.SequenceOf.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 19)) 

408 componentType = URI() 

409 subtypeSpec = constraint.ValueSizeConstraint(1, maxInt) 

410 

411 

412class SearchResultDone(LDAPResult): 

413 tagSet = LDAPResult.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5)) 

414 

415 

416class ModifyRequest(DefaultSequenceAndSetBaseMixin, univ.Sequence): 

417 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6)) 

418 componentType = namedtype.NamedTypes( 

419 namedtype.NamedType('object', LDAPDN()), 

420 namedtype.NamedType( 

421 'changes', 

422 univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes( 

423 namedtype.NamedType('operation', Operation()), 

424 namedtype.NamedType('modification', PartialAttribute()) 

425 ))) 

426 ) 

427 ) 

428 

429 

430class ModifyResponse(LDAPResult): 

431 tagSet = LDAPResult.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7)) 

432 

433 

434class AddRequest(DefaultSequenceAndSetBaseMixin, univ.Sequence): 

435 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8)) 

436 componentType = namedtype.NamedTypes( 

437 namedtype.NamedType('entry', LDAPDN()), 

438 namedtype.NamedType('attributes', AttributeList()) 

439 ) 

440 

441 

442class AddResponse(LDAPResult): 

443 tagSet = LDAPResult.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9)) 

444 

445 

446class DelRequest(LDAPDN): 

447 tagSet = LDAPDN.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 10)) 

448 

449 

450class DelResponse(LDAPResult): 

451 tagSet = LDAPResult.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11)) 

452 

453 

454class ModifyDNRequest(univ.Sequence): 

455 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12)) 

456 componentType = namedtype.NamedTypes( 

457 namedtype.NamedType('entry', LDAPDN()), 

458 namedtype.NamedType('newrdn', RelativeLDAPDN()), 

459 namedtype.NamedType('deleteoldrdn', univ.Boolean()), 

460 namedtype.OptionalNamedType( 

461 'newSuperior', LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) 

462 ) 

463 ) 

464 

465 

466class ModifyDNResponse(LDAPResult): 

467 tagSet = LDAPResult.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13)) 

468 

469 

470class CompareRequest(DefaultSequenceAndSetBaseMixin, univ.Sequence): 

471 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14)) 

472 componentType = namedtype.NamedTypes( 

473 namedtype.NamedType('entry', LDAPDN()), 

474 namedtype.NamedType('ava', AttributeValueAssertion()) 

475 ) 

476 

477 

478class CompareResponse(LDAPResult): 

479 tagSet = LDAPResult.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15)) 

480 

481 

482class AbandonRequest(MessageID): 

483 tagSet = MessageID.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 16)) 

484 

485 

486class ExtendedRequest(univ.Sequence): 

487 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23)) 

488 componentType = namedtype.NamedTypes( 

489 namedtype.NamedType( 

490 'requestName', LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) 

491 ), 

492 namedtype.OptionalNamedType( 

493 'requestValue', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) 

494 ) 

495 ) 

496 

497 

498class ExtendedResponse(univ.Sequence): 

499 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24)) 

500 componentType = namedtype.NamedTypes( 

501 namedtype.NamedType('resultCode', ResultCode()), 

502 namedtype.NamedType('matchedDN', LDAPDN()), 

503 namedtype.NamedType('diagnosticMessage', LDAPString()), 

504 namedtype.OptionalNamedType( 

505 'referral', 

506 Referral().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)) 

507 ), 

508 namedtype.OptionalNamedType( 

509 'responseName', 

510 LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10)) 

511 ), 

512 namedtype.OptionalNamedType( 

513 'responseValue', 

514 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11)) 

515 ) 

516 ) 

517 

518 

519class IntermediateResponse(univ.Sequence): 

520 tagSet = univ.Sequence.tagSet.tagImplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 25)) 

521 componentType = namedtype.NamedTypes( 

522 namedtype.OptionalNamedType( 

523 'responseName', 

524 LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) 

525 ), 

526 namedtype.OptionalNamedType( 

527 'responseValue', 

528 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)) 

529 ) 

530 ) 

531 

532 

533class Control(univ.Sequence): 

534 componentType = namedtype.NamedTypes( 

535 namedtype.NamedType('controlType', LDAPOID()), 

536 namedtype.DefaultedNamedType('criticality', univ.Boolean().subtype(value=False)), 

537 namedtype.OptionalNamedType('controlValue', univ.OctetString()) 

538 ) 

539 

540 def setComponentByPosition(self, idx, value=univ.noValue, 

541 verifyConstraints=True, 

542 matchTags=True, 

543 matchConstraints=True): 

544 if idx == 0: # controlType 

545 try: 

546 cls = KNOWN_CONTROLS[value] 

547 if self.__class__ is not cls: 

548 self.__class__ = cls 

549 except KeyError: 

550 pass 

551 return univ.Sequence.setComponentByPosition(self, idx, value=value, 

552 verifyConstraints=verifyConstraints, 

553 matchTags=matchTags, 

554 matchConstraints=matchConstraints) 

555 

556 def encodeControlValue(self): 

557 pass 

558 

559 def decodeControlValue(self): 

560 return 

561 

562 def prettyPrint(self, scope=0): 

563 r = univ.Sequence.prettyPrint(self, scope) 

564 decodedControlValue = self.decodeControlValue() 

565 if decodedControlValue is not None: 

566 r = r[:r.rindex('=') + 1] + '%s\n' % decodedControlValue.prettyPrint(scope + 1) 

567 return r 

568 

569 

570class Controls(univ.SequenceOf): 

571 componentType = Control() 

572 

573 

574class SDFlagsControlValue(univ.Sequence): 

575 componentType = namedtype.NamedTypes( 

576 namedtype.NamedType('flags', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), 

577 ) 

578 

579class SDFlagsControl(Control): 

580 def __init__(self, criticality=None, flags=0x00000007, **kwargs): 

581 Control.__init__(self, **kwargs) 

582 self['controlType'] = CONTROL_SDFLAGS 

583 if criticality is not None: 

584 self['criticality'] = criticality 

585 self.flags = flags 

586 self.encodeControlValue() 

587 

588 def encodeControlValue(self): 

589 self['controlValue'] = encoder.encode( 

590 SDFlagsControlValue().setComponents(self.flags)) 

591 

592 def decodeControlValue(self): 

593 decodedControlValue, _ = decoder.decode(self['controlValue'], asn1Spec=SDFlagsControlValue()) 

594 self._flags = decodedControlValue[0] 

595 return decodedControlValue 

596 

597 def getCriticality(self): 

598 return self['criticality'] 

599 

600 def setCriticality(self, value): 

601 self['criticality'] = value 

602 

603 def getFlags(self): 

604 self.decodeControlValue() 

605 return self._flags 

606 

607 def setFlags(self, value): 

608 self._flags = value 

609 self.encodeControlValue() 

610 

611class SimplePagedResultsControlValue(univ.Sequence): 

612 componentType = namedtype.NamedTypes( 

613 namedtype.NamedType('size', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))), 

614 namedtype.NamedType('cookie', univ.OctetString()), 

615 ) 

616 

617 

618class SimplePagedResultsControl(Control): 

619 def __init__(self, criticality=None, size=1000, cookie='', **kwargs): 

620 Control.__init__(self, **kwargs) 

621 self['controlType'] = CONTROL_PAGEDRESULTS 

622 if criticality is not None: 

623 self['criticality'] = criticality 

624 self._size = size 

625 self._cookie = cookie 

626 self.encodeControlValue() 

627 

628 def encodeControlValue(self): 

629 self['controlValue'] = encoder.encode(SimplePagedResultsControlValue().setComponents(self._size, self._cookie)) 

630 

631 def decodeControlValue(self): 

632 decodedControlValue, _ = decoder.decode(self['controlValue'], asn1Spec=SimplePagedResultsControlValue()) 

633 self._size, self._cookie = decodedControlValue[0], decodedControlValue[1] 

634 return decodedControlValue 

635 

636 def getCriticality(self): 

637 return self['criticality'] 

638 

639 def setCriticality(self, value): 

640 self['criticality'] = value 

641 

642 def getSize(self): 

643 self.decodeControlValue() 

644 return self._size 

645 

646 def setSize(self, value): 

647 self._size = value 

648 self.encodeControlValue() 

649 

650 def getCookie(self): 

651 self.decodeControlValue() 

652 return self._cookie 

653 

654 def setCookie(self, value): 

655 self._cookie = value 

656 self.encodeControlValue() 

657 

658 

659KNOWN_CONTROLS[CONTROL_PAGEDRESULTS] = SimplePagedResultsControl 

660KNOWN_CONTROLS[CONTROL_SDFLAGS] = SDFlagsControl 

661 

662class LDAPMessage(DefaultSequenceAndSetBaseMixin, univ.Sequence): 

663 componentType = namedtype.NamedTypes( 

664 namedtype.NamedType('messageID', MessageID()), 

665 namedtype.NamedType('protocolOp', univ.Choice(componentType=namedtype.NamedTypes( 

666 namedtype.NamedType('bindRequest', BindRequest()), 

667 namedtype.NamedType('bindResponse', BindResponse()), 

668 namedtype.NamedType('unbindRequest', UnbindRequest()), 

669 namedtype.NamedType('searchRequest', SearchRequest()), 

670 namedtype.NamedType('searchResEntry', SearchResultEntry()), 

671 namedtype.NamedType('searchResDone', SearchResultDone()), 

672 namedtype.NamedType('searchResRef', SearchResultReference()), 

673 namedtype.NamedType('modifyRequest', ModifyRequest()), 

674 namedtype.NamedType('modifyResponse', ModifyResponse()), 

675 namedtype.NamedType('addRequest', AddRequest()), 

676 namedtype.NamedType('addResponse', AddResponse()), 

677 namedtype.NamedType('delRequest', DelRequest()), 

678 namedtype.NamedType('delResponse', DelResponse()), 

679 namedtype.NamedType('modDNRequest', ModifyDNRequest()), 

680 namedtype.NamedType('modDNResponse', ModifyDNResponse()), 

681 namedtype.NamedType('compareRequest', CompareRequest()), 

682 namedtype.NamedType('compareResponse', CompareResponse()), 

683 namedtype.NamedType('abandonRequest', AbandonRequest()), 

684 namedtype.NamedType('extendedReq', ExtendedRequest()), 

685 namedtype.NamedType('extendedResp', ExtendedResponse()), 

686 namedtype.NamedType('intermediateResponse', IntermediateResponse()) 

687 ))), 

688 namedtype.OptionalNamedType( 

689 'controls', 

690 Controls().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)) 

691 ), 

692 # fix AD nonconforming to RFC4511 

693 namedtype.OptionalNamedType( 

694 'responseName', 

695 LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10)) 

696 ), 

697 namedtype.OptionalNamedType( 

698 'responseValue', 

699 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11)) 

700 ) 

701 )