ldaptor API Reference

Submodules

ldaptor.attributeset module

class ldaptor.attributeset.LDAPAttributeSet(key, *a, **kw)[source]

Bases: set

copy()[source]
difference(other)[source]
intersection(other)[source]
symmetric_difference(other)[source]
union(other)[source]

ldaptor.checkers module

class ldaptor.checkers.LDAPBindingChecker(cfg)[source]

The avatarID returned is an LDAPEntry.

credentialInterfaces = (<InterfaceClass twisted.cred.credentials.IUsernamePassword>,)
requestAvatarId(credentials)[source]
ldaptor.checkers.makeFilter(name, template=None)[source]

ldaptor.compat module

ldaptor.compat.print_(*args, **kwds)[source]

The new-style print function.

ldaptor.compat.callable(object) → bool

Return whether the object is callable (i.e., some kind of function). Note that classes are callable, as are instances with a __call__() method.

ldaptor.compat.base_string_types

alias of basestring

ldaptor.compat.u(s)[source]
ldaptor.compat.b(s)[source]
class ldaptor.compat.unicode(object='') → unicode object

Bases: basestring

unicode(string[, encoding[, errors]]) -> unicode object

Create a new Unicode object from the given encoded string. encoding defaults to the current default string encoding. errors can be ‘strict’, ‘replace’ or ‘ignore’ and defaults to ‘strict’.

capitalize() → unicode

Return a capitalized version of S, i.e. make the first character have upper case and the rest lower case.

center(width[, fillchar]) → unicode

Return S centered in a Unicode string of length width. Padding is done using the specified fill character (default is a space)

count(sub[, start[, end]]) → int

Return the number of non-overlapping occurrences of substring sub in Unicode string S[start:end]. Optional arguments start and end are interpreted as in slice notation.

decode([encoding[, errors]]) → string or unicode

Decodes S using the codec registered for encoding. encoding defaults to the default encoding. errors may be given to set a different error handling scheme. Default is ‘strict’ meaning that encoding errors raise a UnicodeDecodeError. Other possible values are ‘ignore’ and ‘replace’ as well as any other name registered with codecs.register_error that is able to handle UnicodeDecodeErrors.

encode([encoding[, errors]]) → string or unicode

Encodes S using the codec registered for encoding. encoding defaults to the default encoding. errors may be given to set a different error handling scheme. Default is ‘strict’ meaning that encoding errors raise a UnicodeEncodeError. Other possible values are ‘ignore’, ‘replace’ and ‘xmlcharrefreplace’ as well as any other name registered with codecs.register_error that can handle UnicodeEncodeErrors.

endswith(suffix[, start[, end]]) → bool

Return True if S ends with the specified suffix, False otherwise. With optional start, test S beginning at that position. With optional end, stop comparing S at that position. suffix can also be a tuple of strings to try.

expandtabs([tabsize]) → unicode

Return a copy of S where all tab characters are expanded using spaces. If tabsize is not given, a tab size of 8 characters is assumed.

find(sub[, start[, end]]) → int

Return the lowest index in S where substring sub is found, such that sub is contained within S[start:end]. Optional arguments start and end are interpreted as in slice notation.

Return -1 on failure.

format(*args, **kwargs) → unicode

Return a formatted version of S, using substitutions from args and kwargs. The substitutions are identified by braces (‘{‘ and ‘}’).

index(sub[, start[, end]]) → int

Like S.find() but raise ValueError when the substring is not found.

isalnum() → bool

Return True if all characters in S are alphanumeric and there is at least one character in S, False otherwise.

isalpha() → bool

Return True if all characters in S are alphabetic and there is at least one character in S, False otherwise.

isdecimal() → bool

Return True if there are only decimal characters in S, False otherwise.

isdigit() → bool

Return True if all characters in S are digits and there is at least one character in S, False otherwise.

islower() → bool

Return True if all cased characters in S are lowercase and there is at least one cased character in S, False otherwise.

isnumeric() → bool

Return True if there are only numeric characters in S, False otherwise.

isspace() → bool

Return True if all characters in S are whitespace and there is at least one character in S, False otherwise.

istitle() → bool

Return True if S is a titlecased string and there is at least one character in S, i.e. upper- and titlecase characters may only follow uncased characters and lowercase characters only cased ones. Return False otherwise.

isupper() → bool

Return True if all cased characters in S are uppercase and there is at least one cased character in S, False otherwise.

join(iterable) → unicode

Return a string which is the concatenation of the strings in the iterable. The separator between elements is S.

ljust(width[, fillchar]) → int

Return S left-justified in a Unicode string of length width. Padding is done using the specified fill character (default is a space).

lower() → unicode

Return a copy of the string S converted to lowercase.

lstrip([chars]) → unicode

Return a copy of the string S with leading whitespace removed. If chars is given and not None, remove characters in chars instead. If chars is a str, it will be converted to unicode before stripping

partition(sep) -> (head, sep, tail)

Search for the separator sep in S, and return the part before it, the separator itself, and the part after it. If the separator is not found, return S and two empty strings.

replace(old, new[, count]) → unicode

Return a copy of S with all occurrences of substring old replaced by new. If the optional argument count is given, only the first count occurrences are replaced.

rfind(sub[, start[, end]]) → int

Return the highest index in S where substring sub is found, such that sub is contained within S[start:end]. Optional arguments start and end are interpreted as in slice notation.

Return -1 on failure.

rindex(sub[, start[, end]]) → int

Like S.rfind() but raise ValueError when the substring is not found.

rjust(width[, fillchar]) → unicode

Return S right-justified in a Unicode string of length width. Padding is done using the specified fill character (default is a space).

rpartition(sep) -> (head, sep, tail)

Search for the separator sep in S, starting at the end of S, and return the part before it, the separator itself, and the part after it. If the separator is not found, return two empty strings and S.

rsplit([sep[, maxsplit]]) → list of strings

Return a list of the words in S, using sep as the delimiter string, starting at the end of the string and working to the front. If maxsplit is given, at most maxsplit splits are done. If sep is not specified, any whitespace string is a separator.

rstrip([chars]) → unicode

Return a copy of the string S with trailing whitespace removed. If chars is given and not None, remove characters in chars instead. If chars is a str, it will be converted to unicode before stripping

split([sep[, maxsplit]]) → list of strings

Return a list of the words in S, using sep as the delimiter string. If maxsplit is given, at most maxsplit splits are done. If sep is not specified or is None, any whitespace string is a separator and empty strings are removed from the result.

splitlines(keepends=False) → list of strings

Return a list of the lines in S, breaking at line boundaries. Line breaks are not included in the resulting list unless keepends is given and true.

startswith(prefix[, start[, end]]) → bool

Return True if S starts with the specified prefix, False otherwise. With optional start, test S beginning at that position. With optional end, stop comparing S at that position. prefix can also be a tuple of strings to try.

strip([chars]) → unicode

Return a copy of the string S with leading and trailing whitespace removed. If chars is given and not None, remove characters in chars instead. If chars is a str, it will be converted to unicode before stripping

swapcase() → unicode

Return a copy of S with uppercase characters converted to lowercase and vice versa.

title() → unicode

Return a titlecased version of S, i.e. words start with title case characters, all remaining cased characters have lower case.

translate(table) → unicode

Return a copy of the string S, where all characters have been mapped through the given translation table, which must be a mapping of Unicode ordinals to Unicode ordinals, Unicode strings or None. Unmapped characters are left untouched. Characters mapped to None are deleted.

upper() → unicode

Return a copy of S converted to uppercase.

zfill(width) → unicode

Pad a numeric string S with zeros on the left, to fill a field of the specified width. The string S is never truncated.

ldaptor.compat.bytes

alias of str

ldaptor.compat.uascii_to_str(s)[source]

helper to convert ascii unicode -> native str

ldaptor.compat.bascii_to_str(s)[source]

helper to convert ascii bytes -> native str

ldaptor.compat.str_to_uascii(s)[source]

helper to convert ascii native str -> unicode

ldaptor.compat.str_to_bascii(s)[source]

helper to convert ascii native str -> bytes

ldaptor.compat.join_unicode()

S.join(iterable) -> unicode

Return a string which is the concatenation of the strings in the iterable. The separator between elements is S.

ldaptor.compat.join_bytes()

S.join(iterable) -> string

Return a string which is the concatenation of the strings in the iterable. The separator between elements is S.

ldaptor.compat.join_byte_values(values)[source]
ldaptor.compat.join_byte_elems()

S.join(iterable) -> string

Return a string which is the concatenation of the strings in the iterable. The separator between elements is S.

ldaptor.compat.byte_elem_value()

ord(c) -> integer

Return the integer ordinal of a one-character string.

ldaptor.compat.iter_byte_values(s)[source]

iterate over byte string as sequence of ints 0-255

ldaptor.compat.irange

alias of xrange

class ldaptor.compat.imap

Bases: object

imap(func, *iterables) –> imap object

Make an iterator that computes the function using arguments from each of the iterables. Like map() except that it returns an iterator instead of a list and that it stops when the shortest iterable is exhausted instead of filling in None for shorter iterables.

next
ldaptor.compat.lmap()

map(function, sequence[, sequence, ...]) -> list

Return a list of the results of applying the function to the items of the argument sequence(s). If more than one sequence is given, the function is called with an argument list consisting of the corresponding item of each sequence, substituting None for missing values when not all sequences have the same length. If the function is None, return a list of the items of the sequence (or a list of tuples if more than one sequence).

ldaptor.compat.iteritems(d)[source]
ldaptor.compat.itervalues(d)[source]
ldaptor.compat.next(iterator[, default])

Return the next item from the iterator. If default is given and the iterator is exhausted, it is returned instead of raising StopIteration.

ldaptor.compat.exc_err()[source]

return current error object (to avoid try/except syntax change)

ldaptor.compat.get_method_function(func)[source]

given (potential) method, return underlying function

ldaptor.compat.add_doc(obj, doc)[source]

add docstring to an object

ldaptor.config module

class ldaptor.config.LDAPConfig(baseDN=None, serviceLocationOverrides=None, identityBaseDN=None, identitySearch=None)[source]

Bases: object

baseDN = None
copy(**kw)[source]
getBaseDN()[source]
getIdentityBaseDN()[source]
getIdentitySearch(name)[source]
getServiceLocationOverrides()[source]
identityBaseDN = None
identitySearch = None
exception ldaptor.config.MissingBaseDNError[source]

Bases: exceptions.Exception

Configuration must specify a base DN

ldaptor.config.loadConfig(configFiles=None, reload=False)[source]

Load configuration file.

ldaptor.config.useLMhash()[source]

Read configuration file if necessary and return whether to use LanMan hashes or not.

ldaptor.delta module

Changes to the content of one single LDAP entry.

(This means these do not belong here: adding or deleting of entries, changing of location in tree)

class ldaptor.delta.Add(key, *a, **kw)[source]

Bases: ldaptor.delta.Modification

asLDIF()[source]
patch(entry)[source]
class ldaptor.delta.AddOp(entry)[source]

Bases: ldaptor.delta.Operation

asLDIF()[source]
patch(root)[source]
class ldaptor.delta.Delete(key, *a, **kw)[source]

Bases: ldaptor.delta.Modification

asLDIF()[source]
patch(entry)[source]
class ldaptor.delta.DeleteOp(dn)[source]

Bases: ldaptor.delta.Operation

asLDIF()[source]
patch(root)[source]
class ldaptor.delta.Modification(key, *a, **kw)[source]

Bases: ldaptor.attributeset.LDAPAttributeSet

asLDAP()[source]
patch(entry)[source]
class ldaptor.delta.ModifyOp(dn, modifications=[])[source]

Bases: ldaptor.delta.Operation

asLDAP()[source]
asLDIF()[source]
classmethod fromLDAP(class_, request)[source]
patch(root)[source]
class ldaptor.delta.Operation[source]

Bases: object

patch(root)[source]

Find the correct entry in IConnectedLDAPEntry and patch it.

@param root: IConnectedLDAPEntry that is at the root of the subtree the patch applies to.

@returns: Deferred with None or failure.

class ldaptor.delta.Replace(key, *a, **kw)[source]

Bases: ldaptor.delta.Modification

asLDIF()[source]
patch(entry)[source]

ldaptor.dns module

DNS-related utilities.

ldaptor.dns.aton(ip)[source]
ldaptor.dns.aton_numbits(num)[source]
ldaptor.dns.aton_octets(ip)[source]
ldaptor.dns.netmaskToNumbits(netmask)[source]
ldaptor.dns.ntoa(n)[source]
ldaptor.dns.ptrSoaName(ip, netmask)[source]

Convert an IP address and netmask to a CIDR delegation -style zone name.

ldaptor.entry module

class ldaptor.entry.BaseLDAPEntry(dn, attributes={})[source]

Bases: object

bind(password)[source]
buildAttributeSet(key, values)[source]
diff(other)[source]

Compute differences between this and another LDAP entry.

@param other: An LDAPEntry to compare to.

@return: None if equal, otherwise a ModifyOp that would make this entry look like other.

dn = None
get(key, default=None)[source]
hasMember(dn)[source]
has_key(key)[source]
items()[source]
keys()[source]
class ldaptor.entry.EditableLDAPEntry(dn, attributes={})[source]

Bases: ldaptor.entry.BaseLDAPEntry

commit()[source]
delete()[source]
move(newDN)[source]
setPassword(newPasswd, salt=None)[source]
undo()[source]
ldaptor.entry.sshaDigest(passphrase, salt=None)[source]

ldaptor.entryhelpers module

class ldaptor.entryhelpers.DiffTreeMixin[source]

Bases: object

diffTree(other, result=None)[source]
class ldaptor.entryhelpers.MatchMixin[source]

Bases: object

match(filter)[source]
class ldaptor.entryhelpers.SearchByTreeWalkingMixin[source]

Bases: object

search(filterText=None, filterObject=None, attributes=(), scope=None, derefAliases=None, sizeLimit=0, timeLimit=0, typesOnly=0, callback=None)[source]
class ldaptor.entryhelpers.SubtreeFromChildrenMixin[source]

Bases: object

subtree(callback=None)[source]

ldaptor.generate_password module

exception ldaptor.generate_password.PwgenException[source]

Bases: exceptions.Exception

class ldaptor.generate_password.ReadPassword(deferred, count=1)[source]

Bases: twisted.internet.protocol.ProcessProtocol

errReceived(data)[source]
outReceived(data)[source]
processEnded(reason)[source]
ldaptor.generate_password.generate(reactor, n=1)[source]

ldaptor.inmemory module

class ldaptor.inmemory.InMemoryLDIFProtocol[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIF

Receive LDIF data and gather results into an ReadOnlyInMemoryLDAPEntry.

You can override lookupFailed and addFailed to provide smarter error handling. They are called as Deferred errbacks; returning the reason causes error to pass onward and abort the whole operation. Returning None from lookupFailed skips that entry, but continues loading.

When the full LDIF data has been read, the completed Deferred will trigger.

addFailed(reason, entry)[source]
connectionLost(reason)[source]
gotEntry(entry)[source]
lookupFailed(reason, entry)[source]
exception ldaptor.inmemory.LDAPCannotRemoveRootError(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPNamingViolation

Cannot remove root of LDAP tree

class ldaptor.inmemory.ReadOnlyInMemoryLDAPEntry(*a, **kw)[source]

Bases: ldaptor.entry.EditableLDAPEntry, ldaptor.entryhelpers.DiffTreeMixin, ldaptor.entryhelpers.SubtreeFromChildrenMixin, ldaptor.entryhelpers.MatchMixin, ldaptor.entryhelpers.SearchByTreeWalkingMixin

addChild(rdn, attributes)[source]

TODO ugly API. Returns the created entry.

children(callback=None)[source]
commit()[source]
delete()[source]
deleteChild(rdn)[source]
fetch(*attributes)[source]
lookup(dn)[source]
move(newDN)[source]
parent()[source]
ldaptor.inmemory.fromLDIFFile(f)[source]

Read LDIF data from a file.

ldaptor.insensitive module

class ldaptor.insensitive.InsensitiveString[source]

Bases: str

A str subclass that performs all matching without regard to case.

ldaptor.interfaces module

ldaptor.ldapfilter module

exception ldaptor.ldapfilter.InvalidLDAPFilter(msg, loc, text)[source]

Bases: exceptions.Exception

ldaptor.ldapfilter.parseExtensible(attr, s)[source]
ldaptor.ldapfilter.parseFilter(s)[source]
ldaptor.ldapfilter.parseMaybeSubstring(attrType, s)[source]

ldaptor.ldiftree module

Manage LDAP data as a tree of LDIF files.

exception ldaptor.ldiftree.LDAPCannotRemoveRootError(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPNamingViolation

Cannot remove root of LDAP tree

class ldaptor.ldiftree.LDIFTreeEntry(path, dn=None, *a, **kw)[source]

Bases: ldaptor.entry.EditableLDAPEntry, ldaptor.entryhelpers.DiffTreeMixin, ldaptor.entryhelpers.SubtreeFromChildrenMixin, ldaptor.entryhelpers.MatchMixin, ldaptor.entryhelpers.SearchByTreeWalkingMixin

addChild(rdn, attributes)[source]
children(callback=None)[source]
commit()[source]
delete()[source]
deleteChild(rdn)[source]
lookup(dn)[source]
move(newDN)[source]
parent()[source]
exception ldaptor.ldiftree.LDIFTreeEntryContainsMultipleEntries[source]

Bases: exceptions.Exception

LDIFTree entry contains multiple LDIF entries.

exception ldaptor.ldiftree.LDIFTreeEntryContainsNoEntries[source]

Bases: exceptions.Exception

LDIFTree entry does not contain a valid LDIF entry.

exception ldaptor.ldiftree.LDIFTreeNoSuchObject[source]

Bases: exceptions.Exception

LDIFTree does not contain such entry.

class ldaptor.ldiftree.StoreParsedLDIF[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIF

connectionLost(reason)[source]
gotEntry(obj)[source]
ldaptor.ldiftree.get(path, dn)[source]
ldaptor.ldiftree.put(path, entry)[source]

ldaptor.md4 module

helper implementing insecure and obsolete md4 algorithm. used for NTHASH format, which is also insecure and broken, since it’s just md4(password)

implementated based on rfc at http://www.faqs.org/rfcs/rfc1320.html

ldaptor.md4.md4(content=None)[source]

wrapper for hashlib.new(‘md4’)

ldaptor.numberalloc module

Find an available uidNumber/gidNumber/other similar number.

class ldaptor.numberalloc.freeNumberGuesser(makeAGuess, min=None, max=None)[source]
startGuessing()[source]
ldaptor.numberalloc.getFreeNumber(ldapObject, numberType, min=None, max=None)[source]
class ldaptor.numberalloc.ldapGuesser(ldapObject, numberType)[source]
guess(num)[source]

ldaptor.schema module

class ldaptor.schema.ASN1ParserThingie[source]
class ldaptor.schema.AttributeTypeDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie

ASN Syntax:

AttributeTypeDescription = "(" whsp
        numericoid whsp                ; AttributeType identifier
        [ "NAME" qdescrs ]             ; name used in AttributeType
        [ "DESC" qdstring ]            ; description
        [ "OBSOLETE" whsp ]
        [ "SUP" woid ]                 ; derived from this other AttributeType
        [ "EQUALITY" woid              ; Matching Rule name
        [ "ORDERING" woid              ; Matching Rule name
        [ "SUBSTR" woid ]              ; Matching Rule name
        [ "SYNTAX" whsp noidlen whsp ] ; see section 4.3
        [ "SINGLE-VALUE" whsp ]        ; default multi-valued
        [ "COLLECTIVE" whsp ]          ; default not collective
        [ "NO-USER-MODIFICATION" whsp ]; default user modifiable
        [ "USAGE" whsp AttributeUsage ]; default userApplications
        whsp ")"

AttributeUsage =
        "userApplications"     /
        "directoryOperation"   /
        "distributedOperation" / ; DSA-shared
        "dSAOperation"          ; DSA-specific, value depends on server

noidlen = numericoid [ "{" len "}" ]

len     = numericstring
class ldaptor.schema.MatchingRuleDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie

ASN Syntax:

MatchingRuleDescription = "(" whsp
        numericoid whsp  ; MatchingRule identifier
        [ "NAME" qdescrs ]
        [ "DESC" qdstring ]
        [ "OBSOLETE" whsp ]
        "SYNTAX" numericoid
        whsp ")"
class ldaptor.schema.ObjectClassDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie

ASN Syntax:

d               = "0" / "1" / "2" / "3" / "4" /
                  "5" / "6" / "7" / "8" / "9"

numericstring   = 1*d

numericoid      = numericstring *( "." numericstring )

space           = 1*" "

whsp            = [ space ]

descr           = keystring

qdescr          = whsp "'" descr "'" whsp

qdescrlist      = [ qdescr *( qdescr ) ]

; object descriptors used as schema element names
qdescrs         = qdescr / ( whsp "(" qdescrlist ")" whsp )

dstring         = 1*utf8

qdstring        = whsp "'" dstring "'" whsp

descr           = keystring

oid             = descr / numericoid

woid            = whsp oid whsp

; set of oids of either form
oids            = woid / ( "(" oidlist ")" )

ObjectClassDescription = "(" whsp
        numericoid whsp      ; ObjectClass identifier
        [ "NAME" qdescrs ]
        [ "DESC" qdstring ]
        [ "OBSOLETE" whsp ]
        [ "SUP" oids ]       ; Superior ObjectClasses
        [ ( "ABSTRACT" / "STRUCTURAL" / "AUXILIARY" ) whsp ]
                             ; default structural
        [ "MUST" oids ]      ; AttributeTypes
        [ "MAY" oids ]       ; AttributeTypes
        whsp ")"
class ldaptor.schema.SyntaxDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie

ASN Syntax:

SyntaxDescription = "(" whsp
        numericoid whsp
        [ "DESC" qdstring ]
        whsp ")"
ldaptor.schema.extractWord(text)[source]
ldaptor.schema.peekWord(text)[source]

ldaptor.testutil module

Utilities for writing Twistedy unit tests and debugging.

class ldaptor.testutil.FakeTransport(proto)[source]
loseConnection()[source]
class ldaptor.testutil.LDAPClientTestDriver(*responses)[source]

A test driver that looks somewhat like a real LDAPClient.

Pass in a list of lists of LDAPProtocolResponses. For each sent LDAP message, the first item of said list is iterated through, and all the items are sent as responses to the callback. The sent LDAP messages are stored in self.sent, so you can assert that the sent messages are what they are supposed to be.

It is also possible to include a Failure instance instead of a list of LDAPProtocolResponses which will cause the errback to be called with the failure.

assertNothingSent()[source]
assertSent(*shouldBeSent)[source]
connectionLost(reason=None)[source]

Called when TCP connection has been lost

connectionMade()[source]

TCP connection has opened

send(op)[source]
send_multiResponse(op, handler, *args, **kwargs)[source]
send_noResponse(op)[source]
unbind()[source]
ldaptor.testutil.calltrace()[source]

Print out all function calls. For debug use only.

ldaptor.testutil.createServer(proto, *responses, **kw)[source]
ldaptor.testutil.mustRaise(dummy)[source]

ldaptor.usage module

class ldaptor.usage.Options[source]

Bases: twisted.python.usage.Options

optParameters = ()
postOptions()[source]
class ldaptor.usage.Options_base[source]

Bases: ldaptor.usage.Options_base_optional

postOptions_base()[source]
class ldaptor.usage.Options_base_optional[source]
optParameters = (('base', None, None, 'LDAP base dn'),)
class ldaptor.usage.Options_bind[source]
optParameters = (('binddn', None, None, 'use Distinguished Name to bind to the directory'), ('bind-auth-fd', None, None, 'read bind password from filedescriptor'))
postOptions_bind_auth_fd_numeric()[source]
class ldaptor.usage.Options_bind_mandatory[source]

Bases: ldaptor.usage.Options_bind

postOptions_bind_mandatory()[source]
class ldaptor.usage.Options_scope[source]
optParameters = (('scope', None, 'sub', 'LDAP search scope (one of base, one, sub)'),)
postOptions_scope()[source]
class ldaptor.usage.Options_service_location[source]
opt_service_location(value)[source]

Service location, in the form BASEDN:HOST[:PORT]

postOptions_service_location()[source]

Module contents