rfc2251.py 26 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563
  1. #
  2. # This file is part of pyasn1-modules software.
  3. #
  4. # Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
  5. # License: http://snmplabs.com/pyasn1/license.html
  6. #
  7. # LDAP message syntax
  8. #
  9. # ASN.1 source from:
  10. # http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/ldap.asn
  11. #
  12. # Sample captures from:
  13. # http://wiki.wireshark.org/SampleCaptures/
  14. #
  15. from pyasn1.type import constraint
  16. from pyasn1.type import namedtype
  17. from pyasn1.type import namedval
  18. from pyasn1.type import tag
  19. from pyasn1.type import univ
  20. maxInt = univ.Integer(2147483647)
  21. class LDAPString(univ.OctetString):
  22. pass
  23. class LDAPOID(univ.OctetString):
  24. pass
  25. class LDAPDN(LDAPString):
  26. pass
  27. class RelativeLDAPDN(LDAPString):
  28. pass
  29. class AttributeType(LDAPString):
  30. pass
  31. class AttributeDescription(LDAPString):
  32. pass
  33. class AttributeDescriptionList(univ.SequenceOf):
  34. componentType = AttributeDescription()
  35. class AttributeValue(univ.OctetString):
  36. pass
  37. class AssertionValue(univ.OctetString):
  38. pass
  39. class AttributeValueAssertion(univ.Sequence):
  40. componentType = namedtype.NamedTypes(
  41. namedtype.NamedType('attributeDesc', AttributeDescription()),
  42. namedtype.NamedType('assertionValue', AssertionValue())
  43. )
  44. class Attribute(univ.Sequence):
  45. componentType = namedtype.NamedTypes(
  46. namedtype.NamedType('type', AttributeDescription()),
  47. namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
  48. )
  49. class MatchingRuleId(LDAPString):
  50. pass
  51. class Control(univ.Sequence):
  52. componentType = namedtype.NamedTypes(
  53. namedtype.NamedType('controlType', LDAPOID()),
  54. namedtype.DefaultedNamedType('criticality', univ.Boolean('False')),
  55. namedtype.OptionalNamedType('controlValue', univ.OctetString())
  56. )
  57. class Controls(univ.SequenceOf):
  58. componentType = Control()
  59. class LDAPURL(LDAPString):
  60. pass
  61. class Referral(univ.SequenceOf):
  62. componentType = LDAPURL()
  63. class SaslCredentials(univ.Sequence):
  64. componentType = namedtype.NamedTypes(
  65. namedtype.NamedType('mechanism', LDAPString()),
  66. namedtype.OptionalNamedType('credentials', univ.OctetString())
  67. )
  68. class AuthenticationChoice(univ.Choice):
  69. componentType = namedtype.NamedTypes(
  70. namedtype.NamedType('simple', univ.OctetString().subtype(
  71. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  72. namedtype.NamedType('reserved-1', univ.OctetString().subtype(
  73. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  74. namedtype.NamedType('reserved-2', univ.OctetString().subtype(
  75. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  76. namedtype.NamedType('sasl',
  77. SaslCredentials().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  78. )
  79. class BindRequest(univ.Sequence):
  80. tagSet = univ.Sequence.tagSet.tagImplicitly(
  81. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0)
  82. )
  83. componentType = namedtype.NamedTypes(
  84. namedtype.NamedType('version', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(1, 127))),
  85. namedtype.NamedType('name', LDAPDN()),
  86. namedtype.NamedType('authentication', AuthenticationChoice())
  87. )
  88. class PartialAttributeList(univ.SequenceOf):
  89. componentType = univ.Sequence(
  90. componentType=namedtype.NamedTypes(
  91. namedtype.NamedType('type', AttributeDescription()),
  92. namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
  93. )
  94. )
  95. class SearchResultEntry(univ.Sequence):
  96. tagSet = univ.Sequence.tagSet.tagImplicitly(
  97. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 4)
  98. )
  99. componentType = namedtype.NamedTypes(
  100. namedtype.NamedType('objectName', LDAPDN()),
  101. namedtype.NamedType('attributes', PartialAttributeList())
  102. )
  103. class MatchingRuleAssertion(univ.Sequence):
  104. componentType = namedtype.NamedTypes(
  105. namedtype.OptionalNamedType('matchingRule', MatchingRuleId().subtype(
  106. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  107. namedtype.OptionalNamedType('type', AttributeDescription().subtype(
  108. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  109. namedtype.NamedType('matchValue',
  110. AssertionValue().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
  111. namedtype.DefaultedNamedType('dnAttributes', univ.Boolean('False').subtype(
  112. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
  113. )
  114. class SubstringFilter(univ.Sequence):
  115. componentType = namedtype.NamedTypes(
  116. namedtype.NamedType('type', AttributeDescription()),
  117. namedtype.NamedType('substrings',
  118. univ.SequenceOf(
  119. componentType=univ.Choice(
  120. componentType=namedtype.NamedTypes(
  121. namedtype.NamedType(
  122. 'initial', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
  123. ),
  124. namedtype.NamedType(
  125. 'any', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))
  126. ),
  127. namedtype.NamedType(
  128. 'final', LDAPString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))
  129. )
  130. )
  131. )
  132. )
  133. )
  134. )
  135. # Ugly hack to handle recursive Filter reference (up to 3-levels deep).
  136. class Filter3(univ.Choice):
  137. componentType = namedtype.NamedTypes(
  138. namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
  139. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
  140. namedtype.NamedType('substrings', SubstringFilter().subtype(
  141. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
  142. namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
  143. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
  144. namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
  145. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
  146. namedtype.NamedType('present', AttributeDescription().subtype(
  147. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
  148. namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
  149. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
  150. namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
  151. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
  152. )
  153. class Filter2(univ.Choice):
  154. componentType = namedtype.NamedTypes(
  155. namedtype.NamedType('and', univ.SetOf(componentType=Filter3()).subtype(
  156. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  157. namedtype.NamedType('or', univ.SetOf(componentType=Filter3()).subtype(
  158. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
  159. namedtype.NamedType('not',
  160. Filter3().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
  161. namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
  162. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
  163. namedtype.NamedType('substrings', SubstringFilter().subtype(
  164. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
  165. namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
  166. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
  167. namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
  168. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
  169. namedtype.NamedType('present', AttributeDescription().subtype(
  170. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
  171. namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
  172. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
  173. namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
  174. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
  175. )
  176. class Filter(univ.Choice):
  177. componentType = namedtype.NamedTypes(
  178. namedtype.NamedType('and', univ.SetOf(componentType=Filter2()).subtype(
  179. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  180. namedtype.NamedType('or', univ.SetOf(componentType=Filter2()).subtype(
  181. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
  182. namedtype.NamedType('not',
  183. Filter2().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
  184. namedtype.NamedType('equalityMatch', AttributeValueAssertion().subtype(
  185. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
  186. namedtype.NamedType('substrings', SubstringFilter().subtype(
  187. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
  188. namedtype.NamedType('greaterOrEqual', AttributeValueAssertion().subtype(
  189. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
  190. namedtype.NamedType('lessOrEqual', AttributeValueAssertion().subtype(
  191. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
  192. namedtype.NamedType('present', AttributeDescription().subtype(
  193. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
  194. namedtype.NamedType('approxMatch', AttributeValueAssertion().subtype(
  195. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))),
  196. namedtype.NamedType('extensibleMatch', MatchingRuleAssertion().subtype(
  197. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
  198. )
  199. # End of Filter hack
  200. class SearchRequest(univ.Sequence):
  201. tagSet = univ.Sequence.tagSet.tagImplicitly(
  202. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 3)
  203. )
  204. componentType = namedtype.NamedTypes(
  205. namedtype.NamedType('baseObject', LDAPDN()),
  206. namedtype.NamedType('scope', univ.Enumerated(
  207. namedValues=namedval.NamedValues(('baseObject', 0), ('singleLevel', 1), ('wholeSubtree', 2)))),
  208. namedtype.NamedType('derefAliases', univ.Enumerated(
  209. namedValues=namedval.NamedValues(('neverDerefAliases', 0), ('derefInSearching', 1),
  210. ('derefFindingBaseObj', 2), ('derefAlways', 3)))),
  211. namedtype.NamedType('sizeLimit',
  212. univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
  213. namedtype.NamedType('timeLimit',
  214. univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, maxInt))),
  215. namedtype.NamedType('typesOnly', univ.Boolean()),
  216. namedtype.NamedType('filter', Filter()),
  217. namedtype.NamedType('attributes', AttributeDescriptionList())
  218. )
  219. class UnbindRequest(univ.Null):
  220. tagSet = univ.Sequence.tagSet.tagImplicitly(
  221. tag.Tag(tag.tagClassApplication, tag.tagFormatSimple, 2)
  222. )
  223. class BindResponse(univ.Sequence):
  224. tagSet = univ.Sequence.tagSet.tagImplicitly(
  225. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)
  226. )
  227. componentType = namedtype.NamedTypes(
  228. namedtype.NamedType('resultCode', univ.Enumerated(
  229. namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
  230. ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
  231. ('compareTrue', 6), ('authMethodNotSupported', 7),
  232. ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
  233. ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
  234. ('confidentialityRequired', 13), ('saslBindInProgress', 14),
  235. ('noSuchAttribute', 16), ('undefinedAttributeType', 17),
  236. ('inappropriateMatching', 18), ('constraintViolation', 19),
  237. ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
  238. ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
  239. ('reserved-35', 35), ('aliasDereferencingProblem', 36),
  240. ('inappropriateAuthentication', 48), ('invalidCredentials', 49),
  241. ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
  242. ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
  243. ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
  244. ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
  245. ('objectClassModsProhibited', 69), ('reserved-70', 70),
  246. ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
  247. ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
  248. ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
  249. ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
  250. namedtype.NamedType('matchedDN', LDAPDN()),
  251. namedtype.NamedType('errorMessage', LDAPString()),
  252. namedtype.OptionalNamedType('referral', Referral().subtype(
  253. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
  254. namedtype.OptionalNamedType('serverSaslCreds', univ.OctetString().subtype(
  255. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 7)))
  256. )
  257. class LDAPResult(univ.Sequence):
  258. componentType = namedtype.NamedTypes(
  259. namedtype.NamedType('resultCode', univ.Enumerated(
  260. namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
  261. ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
  262. ('compareTrue', 6), ('authMethodNotSupported', 7),
  263. ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
  264. ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
  265. ('confidentialityRequired', 13), ('saslBindInProgress', 14),
  266. ('noSuchAttribute', 16), ('undefinedAttributeType', 17),
  267. ('inappropriateMatching', 18), ('constraintViolation', 19),
  268. ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
  269. ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
  270. ('reserved-35', 35), ('aliasDereferencingProblem', 36),
  271. ('inappropriateAuthentication', 48), ('invalidCredentials', 49),
  272. ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
  273. ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
  274. ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
  275. ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
  276. ('objectClassModsProhibited', 69), ('reserved-70', 70),
  277. ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
  278. ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
  279. ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
  280. ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
  281. namedtype.NamedType('matchedDN', LDAPDN()),
  282. namedtype.NamedType('errorMessage', LDAPString()),
  283. namedtype.OptionalNamedType('referral', Referral().subtype(
  284. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
  285. )
  286. class SearchResultReference(univ.SequenceOf):
  287. tagSet = univ.Sequence.tagSet.tagImplicitly(
  288. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 19)
  289. )
  290. componentType = LDAPURL()
  291. class SearchResultDone(LDAPResult):
  292. tagSet = univ.Sequence.tagSet.tagImplicitly(
  293. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 5)
  294. )
  295. class AttributeTypeAndValues(univ.Sequence):
  296. componentType = namedtype.NamedTypes(
  297. namedtype.NamedType('type', AttributeDescription()),
  298. namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
  299. )
  300. class ModifyRequest(univ.Sequence):
  301. tagSet = univ.Sequence.tagSet.tagImplicitly(
  302. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 6)
  303. )
  304. componentType = namedtype.NamedTypes(
  305. namedtype.NamedType('object', LDAPDN()),
  306. namedtype.NamedType('modification',
  307. univ.SequenceOf(
  308. componentType=univ.Sequence(
  309. componentType=namedtype.NamedTypes(
  310. namedtype.NamedType(
  311. 'operation', univ.Enumerated(namedValues=namedval.NamedValues(('add', 0), ('delete', 1), ('replace', 2)))
  312. ),
  313. namedtype.NamedType('modification', AttributeTypeAndValues())))
  314. )
  315. )
  316. )
  317. class ModifyResponse(LDAPResult):
  318. tagSet = univ.Sequence.tagSet.tagImplicitly(
  319. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 7)
  320. )
  321. class AttributeList(univ.SequenceOf):
  322. componentType = univ.Sequence(
  323. componentType=namedtype.NamedTypes(
  324. namedtype.NamedType('type', AttributeDescription()),
  325. namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
  326. )
  327. )
  328. class AddRequest(univ.Sequence):
  329. tagSet = univ.Sequence.tagSet.tagImplicitly(
  330. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 8)
  331. )
  332. componentType = namedtype.NamedTypes(
  333. namedtype.NamedType('entry', LDAPDN()),
  334. namedtype.NamedType('attributes', AttributeList())
  335. )
  336. class AddResponse(LDAPResult):
  337. tagSet = univ.Sequence.tagSet.tagImplicitly(
  338. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 9)
  339. )
  340. class DelRequest(LDAPResult):
  341. tagSet = univ.Sequence.tagSet.tagImplicitly(
  342. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 10)
  343. )
  344. class DelResponse(LDAPResult):
  345. tagSet = univ.Sequence.tagSet.tagImplicitly(
  346. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 11)
  347. )
  348. class ModifyDNRequest(univ.Sequence):
  349. tagSet = univ.Sequence.tagSet.tagImplicitly(
  350. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 12)
  351. )
  352. componentType = namedtype.NamedTypes(
  353. namedtype.NamedType('entry', LDAPDN()),
  354. namedtype.NamedType('newrdn', RelativeLDAPDN()),
  355. namedtype.NamedType('deleteoldrdn', univ.Boolean()),
  356. namedtype.OptionalNamedType('newSuperior',
  357. LDAPDN().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
  358. )
  359. class ModifyDNResponse(LDAPResult):
  360. tagSet = univ.Sequence.tagSet.tagImplicitly(
  361. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 13)
  362. )
  363. class CompareRequest(univ.Sequence):
  364. tagSet = univ.Sequence.tagSet.tagImplicitly(
  365. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 14)
  366. )
  367. componentType = namedtype.NamedTypes(
  368. namedtype.NamedType('entry', LDAPDN()),
  369. namedtype.NamedType('ava', AttributeValueAssertion())
  370. )
  371. class CompareResponse(LDAPResult):
  372. tagSet = univ.Sequence.tagSet.tagImplicitly(
  373. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 15)
  374. )
  375. class AbandonRequest(LDAPResult):
  376. tagSet = univ.Sequence.tagSet.tagImplicitly(
  377. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 16)
  378. )
  379. class ExtendedRequest(univ.Sequence):
  380. tagSet = univ.Sequence.tagSet.tagImplicitly(
  381. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 23)
  382. )
  383. componentType = namedtype.NamedTypes(
  384. namedtype.NamedType('requestName',
  385. LDAPOID().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  386. namedtype.OptionalNamedType('requestValue', univ.OctetString().subtype(
  387. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  388. )
  389. class ExtendedResponse(univ.Sequence):
  390. tagSet = univ.Sequence.tagSet.tagImplicitly(
  391. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 24)
  392. )
  393. componentType = namedtype.NamedTypes(
  394. namedtype.NamedType('resultCode', univ.Enumerated(
  395. namedValues=namedval.NamedValues(('success', 0), ('operationsError', 1), ('protocolError', 2),
  396. ('timeLimitExceeded', 3), ('sizeLimitExceeded', 4), ('compareFalse', 5),
  397. ('compareTrue', 6), ('authMethodNotSupported', 7),
  398. ('strongAuthRequired', 8), ('reserved-9', 9), ('referral', 10),
  399. ('adminLimitExceeded', 11), ('unavailableCriticalExtension', 12),
  400. ('confidentialityRequired', 13), ('saslBindInProgress', 14),
  401. ('noSuchAttribute', 16), ('undefinedAttributeType', 17),
  402. ('inappropriateMatching', 18), ('constraintViolation', 19),
  403. ('attributeOrValueExists', 20), ('invalidAttributeSyntax', 21),
  404. ('noSuchObject', 32), ('aliasProblem', 33), ('invalidDNSyntax', 34),
  405. ('reserved-35', 35), ('aliasDereferencingProblem', 36),
  406. ('inappropriateAuthentication', 48), ('invalidCredentials', 49),
  407. ('insufficientAccessRights', 50), ('busy', 51), ('unavailable', 52),
  408. ('unwillingToPerform', 53), ('loopDetect', 54), ('namingViolation', 64),
  409. ('objectClassViolation', 65), ('notAllowedOnNonLeaf', 66),
  410. ('notAllowedOnRDN', 67), ('entryAlreadyExists', 68),
  411. ('objectClassModsProhibited', 69), ('reserved-70', 70),
  412. ('affectsMultipleDSAs', 71), ('other', 80), ('reserved-81', 81),
  413. ('reserved-82', 82), ('reserved-83', 83), ('reserved-84', 84),
  414. ('reserved-85', 85), ('reserved-86', 86), ('reserved-87', 87),
  415. ('reserved-88', 88), ('reserved-89', 89), ('reserved-90', 90)))),
  416. namedtype.NamedType('matchedDN', LDAPDN()),
  417. namedtype.NamedType('errorMessage', LDAPString()),
  418. namedtype.OptionalNamedType('referral', Referral().subtype(
  419. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
  420. namedtype.OptionalNamedType('responseName', LDAPOID().subtype(
  421. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 10))),
  422. namedtype.OptionalNamedType('response', univ.OctetString().subtype(
  423. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 11)))
  424. )
  425. class MessageID(univ.Integer):
  426. subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(
  427. 0, maxInt
  428. )
  429. class LDAPMessage(univ.Sequence):
  430. componentType = namedtype.NamedTypes(
  431. namedtype.NamedType('messageID', MessageID()),
  432. namedtype.NamedType(
  433. 'protocolOp', univ.Choice(
  434. componentType=namedtype.NamedTypes(
  435. namedtype.NamedType('bindRequest', BindRequest()),
  436. namedtype.NamedType('bindResponse', BindResponse()),
  437. namedtype.NamedType('unbindRequest', UnbindRequest()),
  438. namedtype.NamedType('searchRequest', SearchRequest()),
  439. namedtype.NamedType('searchResEntry', SearchResultEntry()),
  440. namedtype.NamedType('searchResDone', SearchResultDone()),
  441. namedtype.NamedType('searchResRef', SearchResultReference()),
  442. namedtype.NamedType('modifyRequest', ModifyRequest()),
  443. namedtype.NamedType('modifyResponse', ModifyResponse()),
  444. namedtype.NamedType('addRequest', AddRequest()),
  445. namedtype.NamedType('addResponse', AddResponse()),
  446. namedtype.NamedType('delRequest', DelRequest()),
  447. namedtype.NamedType('delResponse', DelResponse()),
  448. namedtype.NamedType('modDNRequest', ModifyDNRequest()),
  449. namedtype.NamedType('modDNResponse', ModifyDNResponse()),
  450. namedtype.NamedType('compareRequest', CompareRequest()),
  451. namedtype.NamedType('compareResponse', CompareResponse()),
  452. namedtype.NamedType('abandonRequest', AbandonRequest()),
  453. namedtype.NamedType('extendedReq', ExtendedRequest()),
  454. namedtype.NamedType('extendedResp', ExtendedResponse())
  455. )
  456. )
  457. ),
  458. namedtype.OptionalNamedType('controls', Controls().subtype(
  459. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
  460. )