ldaptor.protocols.ldap package

Submodules

ldaptor.protocols.ldap.distinguishedname module

class ldaptor.protocols.ldap.distinguishedname.DistinguishedName(magic=None, stringValue=None, listOfRDNs=None)[source]

Bases: ldaptor._encoder.TextStrAlias

LDAP Distinguished Name.

contains(other)[source]

Does the tree rooted at DN contain or equal the other DN.

getDomainName()[source]
getText()[source]
listOfRDNs = None
split()[source]
up()[source]
exception ldaptor.protocols.ldap.distinguishedname.InvalidRelativeDistinguishedName(rdn)[source]

Bases: Exception

Invalid relative distinguished name. It is assumed that passed RDN is of str type: bytes for PY2 and unicode for PY3.

class ldaptor.protocols.ldap.distinguishedname.LDAPAttributeTypeAndValue(stringValue=None, attributeType=None, value=None)[source]

Bases: ldaptor._encoder.TextStrAlias

attributeType = None
getText()[source]
value = None
class ldaptor.protocols.ldap.distinguishedname.RelativeDistinguishedName(magic=None, stringValue=None, attributeTypesAndValues=None)[source]

Bases: ldaptor._encoder.TextStrAlias

LDAP Relative Distinguished Name.

attributeTypesAndValues = None
count()[source]
getText()[source]
split()[source]
ldaptor.protocols.ldap.distinguishedname.escape(s)[source]
ldaptor.protocols.ldap.distinguishedname.unescape(s)[source]

ldaptor.protocols.ldap.fetchschema module

ldaptor.protocols.ldap.fetchschema.fetch(client, baseObject)[source]

ldaptor.protocols.ldap.ldapclient module

LDAP protocol client

class ldaptor.protocols.ldap.ldapclient.LDAPClient[source]

Bases: twisted.internet.protocol.Protocol

An LDAP client

berdecoder = <LDAPBERDecoderContext_TopLevel identities={0x10: LDAPMessage} fallback=None inherit=<LDAPBERDecoderContext_LDAPMessage identities={0x80: LDAPControls, 0x53: LDAPSearchResultReference} fallback=<LDAPBERDecoderContext identities={0x41: LDAPBindResponse, 0x40: LDAPBindRequest, 0x42: LDAPUnbindRequest, 0x43: LDAPSearchRequest, 0x44: LDAPSearchResultEntry, 0x45: LDAPSearchResultDone, 0x53: LDAPSearchResultReference, 0x83: LDAPReferral, 0x46: LDAPModifyRequest, 0x47: LDAPModifyResponse, 0x48: LDAPAddRequest, 0x49: LDAPAddResponse, 0x4a: LDAPDelRequest, 0x4b: LDAPDelResponse, 0x57: LDAPExtendedRequest, 0x58: LDAPExtendedResponse, 0x4c: LDAPModifyDNRequest, 0x4d: LDAPModifyDNResponse, 0x50: LDAPAbandonRequest, 0x4e: LDAPCompareRequest, 0x4f: LDAPCompareResponse} fallback=<BERDecoderContext identities={0x01: BERBoolean, 0x02: BERInteger, 0x04: BEROctetString, 0x05: BERNull, 0x0a: BEREnumerated, 0x10: BERSequence, 0x11: BERSet} fallback=None inherit=None> inherit=None> inherit=<LDAPBERDecoderContext identities={0x41: LDAPBindResponse, 0x40: LDAPBindRequest, 0x42: LDAPUnbindRequest, 0x43: LDAPSearchRequest, 0x44: LDAPSearchResultEntry, 0x45: LDAPSearchResultDone, 0x53: LDAPSearchResultReference, 0x83: LDAPReferral, 0x46: LDAPModifyRequest, 0x47: LDAPModifyResponse, 0x48: LDAPAddRequest, 0x49: LDAPAddResponse, 0x4a: LDAPDelRequest, 0x4b: LDAPDelResponse, 0x57: LDAPExtendedRequest, 0x58: LDAPExtendedResponse, 0x4c: LDAPModifyDNRequest, 0x4d: LDAPModifyDNResponse, 0x50: LDAPAbandonRequest, 0x4e: LDAPCompareRequest, 0x4f: LDAPCompareResponse} fallback=<BERDecoderContext identities={0x01: BERBoolean, 0x02: BERInteger, 0x04: BEROctetString, 0x05: BERNull, 0x0a: BEREnumerated, 0x10: BERSequence, 0x11: BERSet} fallback=None inherit=None> inherit=None>>>
bind(dn='', auth='')[source]

@depreciated: Use e.bind(auth).

@todo: Remove this method when there are no callers.

connectionLost(reason=<twisted.python.failure.Failure twisted.internet.error.ConnectionDone: Connection was closed cleanly.>)[source]

Called when TCP connection has been lost

connectionMade()[source]

TCP connection has opened

dataReceived(recd)[source]

Called whenever data is received.

Use this method to translate to a higher-level message. Usually, some callback will be made upon the receipt of each complete protocol message.

@param data: a string of indeterminate length. Please keep in mind

that you will probably need to buffer some data, as partial (or multiple) protocol messages may be received! I recommend that unit tests for protocols call through to this method with differing chunk sizes, down to one byte at a time.

debug = False
handle(msg)[source]
send(op, controls=None)[source]

Send an LDAP operation to the server. @param op: the operation to send @type op: LDAPProtocolRequest @param controls: Any controls to be included in the request. @type controls: LDAPControls @return: the response from server @rtype: Deferred LDAPProtocolResponse

send_multiResponse(op, handler, *args, **kwargs)[source]

Send an LDAP operation to the server, expecting one or more responses.

If handler is provided, it will receive a LDAP response as its first argument. The Deferred returned by this function will never fire.

If handler is not provided, the Deferred returned by this function will fire with the final LDAP response.

@param op: the operation to send @type op: LDAPProtocolRequest @param handler: a callable that will be called for each response. It should return a boolean, whether this was the final response. @param args: positional arguments to pass to handler @param kwargs: keyword arguments to pass to handler @return: the result from the first handler as a deferred that completes when the first response has been received @rtype: Deferred LDAPProtocolResponse

send_multiResponse_ex(op, controls=None, handler=None, *args, **kwargs)[source]

Send an LDAP operation to the server, expecting one or more responses.

If handler is provided, it will receive a LDAP response and response controls as its first 2 arguments. The Deferred returned by this function will never fire.

If handler is not provided, the Deferred returned by this function will fire with a tuple of the first LDAP response and any associated response controls.

@param op: the operation to send @type op: LDAPProtocolRequest @param controls: LDAP controls to send with the message. @type controls: LDAPControls @param handler: a callable that will be called for each response. It should return a boolean, whether this was the final response. @param args: positional arguments to pass to handler @param kwargs: keyword arguments to pass to handler @return: the result from the last handler as a deferred that completes when the last response has been received @rtype: Deferred LDAPProtocolResponse

send_noResponse(op, controls=None)[source]

Send an LDAP operation to the server, with no response expected.

@param op: the operation to send @type op: LDAPProtocolRequest

startTLS(ctx=None)[source]

Start Transport Layer Security.

It is the callers responsibility to make sure other things are not happening at the same time.

@todo: server hostname check, see rfc2830 section 3.6. @return: a deferred that will complete when the TLS handshake is complete.

unbind()[source]
unsolicitedNotification(msg)[source]
exception ldaptor.protocols.ldap.ldapclient.LDAPClientConnectionLostException(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

toWire()[source]
exception ldaptor.protocols.ldap.ldapclient.LDAPStartTLSBusyError(onwire, message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPOperationsError

toWire()[source]
exception ldaptor.protocols.ldap.ldapclient.LDAPStartTLSInvalidResponseName(responseName)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

toWire()[source]

ldaptor.protocols.ldap.ldapconnector module

class ldaptor.protocols.ldap.ldapconnector.LDAPClientCreator(reactor, protocolClass, *args, **kwargs)[source]

Bases: twisted.internet.protocol.ClientCreator

connect(dn, overrides=None, bindAddress=None)[source]

Connect to remote host, return Deferred of resulting protocol instance.

connectAnonymously(dn, overrides=None)[source]

Connect to remote host and bind anonymously, return Deferred of resulting protocol instance.

class ldaptor.protocols.ldap.ldapconnector.LDAPConnector(reactor, dn, factory, overrides=None, bindAddress=None)[source]

Bases: twisted.names.srvconnect.SRVConnector

connect()[source]

Start connection to remote server.

pickServer()[source]

Pick the next server.

ldaptor.protocols.ldap.ldapconnector.connectToLDAPEndpoint(reactor, endpointStr, clientProtocol)[source]

ldaptor.protocols.ldap.ldaperrors module

exception ldaptor.protocols.ldap.ldaperrors.LDAPAdminLimitExceeded(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'adminLimitExceeded'
resultCode = 11
exception ldaptor.protocols.ldap.ldaperrors.LDAPAffectsMultipleDSAs(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'affectsMultipleDSAs'
resultCode = 71
exception ldaptor.protocols.ldap.ldaperrors.LDAPAliasDereferencingProblem(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'aliasDereferencingProblem'
resultCode = 36
exception ldaptor.protocols.ldap.ldaperrors.LDAPAliasProblem(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'aliasProblem'
resultCode = 33
exception ldaptor.protocols.ldap.ldaperrors.LDAPAttributeOrValueExists(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'attributeOrValueExists'
resultCode = 20
exception ldaptor.protocols.ldap.ldaperrors.LDAPAuthMethodNotSupported(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'authMethodNotSupported'
resultCode = 7
exception ldaptor.protocols.ldap.ldaperrors.LDAPBusy(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'busy'
resultCode = 51
exception ldaptor.protocols.ldap.ldaperrors.LDAPCompareFalse(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'compareFalse'
resultCode = 5
exception ldaptor.protocols.ldap.ldaperrors.LDAPCompareTrue(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'compareTrue'
resultCode = 6
exception ldaptor.protocols.ldap.ldaperrors.LDAPConfidentialityRequired(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'confidentialityRequired'
resultCode = 13
exception ldaptor.protocols.ldap.ldaperrors.LDAPConstraintViolation(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'constraintViolation'
resultCode = 19
exception ldaptor.protocols.ldap.ldaperrors.LDAPEntryAlreadyExists(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'entryAlreadyExists'
resultCode = 68
exception ldaptor.protocols.ldap.ldaperrors.LDAPException(message=None)[source]

Bases: Exception, ldaptor.protocols.ldap.ldaperrors.LDAPResult

toWire()[source]
class ldaptor.protocols.ldap.ldaperrors.LDAPExceptionCollection(name, bases, attributes)[source]

Bases: type

Storage for the LDAP result codes and the corresponding classes.

collection = {0: <class 'ldaptor.protocols.ldap.ldaperrors.Success'>, 1: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPOperationsError'>, 2: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPProtocolError'>, 3: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPTimeLimitExceeded'>, 4: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPSizeLimitExceeded'>, 5: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPCompareFalse'>, 6: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPCompareTrue'>, 7: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPAuthMethodNotSupported'>, 8: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPStrongAuthRequired'>, 10: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPReferral'>, 11: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPAdminLimitExceeded'>, 12: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPUnavailableCriticalExtension'>, 13: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPConfidentialityRequired'>, 14: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPSaslBindInProgress'>, 16: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPNoSuchAttribute'>, 17: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPUndefinedAttributeType'>, 18: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPInappropriateMatching'>, 19: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPConstraintViolation'>, 20: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPAttributeOrValueExists'>, 21: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPInvalidAttributeSyntax'>, 32: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPNoSuchObject'>, 33: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPAliasProblem'>, 34: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPInvalidDNSyntax'>, 36: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPAliasDereferencingProblem'>, 48: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPInappropriateAuthentication'>, 49: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPInvalidCredentials'>, 50: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPInsufficientAccessRights'>, 51: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPBusy'>, 52: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPUnavailable'>, 53: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPUnwillingToPerform'>, 54: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPLoopDetect'>, 64: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPNamingViolation'>, 65: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPObjectClassViolation'>, 66: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPNotAllowedOnNonLeaf'>, 67: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPNotAllowedOnRDN'>, 68: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPEntryAlreadyExists'>, 69: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPObjectClassModsProhibited'>, 71: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPAffectsMultipleDSAs'>, 80: <class 'ldaptor.protocols.ldap.ldaperrors.LDAPOther'>}
classmethod get_instance(code, message)[source]

Get an instance of the correct exception for this result code.

exception ldaptor.protocols.ldap.ldaperrors.LDAPInappropriateAuthentication(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'inappropriateAuthentication'
resultCode = 48
exception ldaptor.protocols.ldap.ldaperrors.LDAPInappropriateMatching(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'inappropriateMatching'
resultCode = 18
exception ldaptor.protocols.ldap.ldaperrors.LDAPInsufficientAccessRights(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'insufficientAccessRights'
resultCode = 50
exception ldaptor.protocols.ldap.ldaperrors.LDAPInvalidAttributeSyntax(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'invalidAttributeSyntax'
resultCode = 21
exception ldaptor.protocols.ldap.ldaperrors.LDAPInvalidCredentials(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'invalidCredentials'
resultCode = 49
exception ldaptor.protocols.ldap.ldaperrors.LDAPInvalidDNSyntax(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'invalidDNSyntax'
resultCode = 34
exception ldaptor.protocols.ldap.ldaperrors.LDAPLoopDetect(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'loopDetect'
resultCode = 54
exception ldaptor.protocols.ldap.ldaperrors.LDAPNamingViolation(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'namingViolation'
resultCode = 64
exception ldaptor.protocols.ldap.ldaperrors.LDAPNoSuchAttribute(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'noSuchAttribute'
resultCode = 16
exception ldaptor.protocols.ldap.ldaperrors.LDAPNoSuchObject(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'noSuchObject'
resultCode = 32
exception ldaptor.protocols.ldap.ldaperrors.LDAPNotAllowedOnNonLeaf(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'notAllowedOnNonLeaf'
resultCode = 66
exception ldaptor.protocols.ldap.ldaperrors.LDAPNotAllowedOnRDN(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'notAllowedOnRDN'
resultCode = 67
exception ldaptor.protocols.ldap.ldaperrors.LDAPObjectClassModsProhibited(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'objectClassModsProhibited'
resultCode = 69
exception ldaptor.protocols.ldap.ldaperrors.LDAPObjectClassViolation(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'objectClassViolation'
resultCode = 65
exception ldaptor.protocols.ldap.ldaperrors.LDAPOperationsError(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'operationsError'
resultCode = 1
exception ldaptor.protocols.ldap.ldaperrors.LDAPOther(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'other'
resultCode = 80
exception ldaptor.protocols.ldap.ldaperrors.LDAPProtocolError(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'protocolError'
resultCode = 2
exception ldaptor.protocols.ldap.ldaperrors.LDAPReferral(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'referral'
resultCode = 10
class ldaptor.protocols.ldap.ldaperrors.LDAPResult[source]

Bases: object

name = None
resultCode = None
exception ldaptor.protocols.ldap.ldaperrors.LDAPSaslBindInProgress(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'saslBindInProgress'
resultCode = 14
exception ldaptor.protocols.ldap.ldaperrors.LDAPSizeLimitExceeded(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'sizeLimitExceeded'
resultCode = 4
exception ldaptor.protocols.ldap.ldaperrors.LDAPStrongAuthRequired(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'strongAuthRequired'
resultCode = 8
exception ldaptor.protocols.ldap.ldaperrors.LDAPTimeLimitExceeded(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'timeLimitExceeded'
resultCode = 3
exception ldaptor.protocols.ldap.ldaperrors.LDAPUnavailable(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'unavailable'
resultCode = 52
exception ldaptor.protocols.ldap.ldaperrors.LDAPUnavailableCriticalExtension(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'unavailableCriticalExtension'
resultCode = 12
exception ldaptor.protocols.ldap.ldaperrors.LDAPUndefinedAttributeType(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'undefinedAttributeType'
resultCode = 17
exception ldaptor.protocols.ldap.ldaperrors.LDAPUnknownError(resultCode, message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

toWire()[source]
exception ldaptor.protocols.ldap.ldaperrors.LDAPUnwillingToPerform(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

name = b'unwillingToPerform'
resultCode = 53
class ldaptor.protocols.ldap.ldaperrors.Success(msg)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPResult

name = b'success'
resultCode = 0
ldaptor.protocols.ldap.ldaperrors.get(resultCode, errorMessage)[source]

Get an instance of the correct exception for this resultCode.

ldaptor.protocols.ldap.ldapserver module

LDAP protocol server

class ldaptor.protocols.ldap.ldapserver.BaseLDAPServer[source]

Bases: twisted.internet.protocol.Protocol

berdecoder = <LDAPBERDecoderContext_TopLevel identities={0x10: LDAPMessage} fallback=None inherit=<LDAPBERDecoderContext_LDAPMessage identities={0x80: LDAPControls, 0x53: LDAPSearchResultReference} fallback=<LDAPBERDecoderContext identities={0x41: LDAPBindResponse, 0x40: LDAPBindRequest, 0x42: LDAPUnbindRequest, 0x43: LDAPSearchRequest, 0x44: LDAPSearchResultEntry, 0x45: LDAPSearchResultDone, 0x53: LDAPSearchResultReference, 0x83: LDAPReferral, 0x46: LDAPModifyRequest, 0x47: LDAPModifyResponse, 0x48: LDAPAddRequest, 0x49: LDAPAddResponse, 0x4a: LDAPDelRequest, 0x4b: LDAPDelResponse, 0x57: LDAPExtendedRequest, 0x58: LDAPExtendedResponse, 0x4c: LDAPModifyDNRequest, 0x4d: LDAPModifyDNResponse, 0x50: LDAPAbandonRequest, 0x4e: LDAPCompareRequest, 0x4f: LDAPCompareResponse} fallback=<BERDecoderContext identities={0x01: BERBoolean, 0x02: BERInteger, 0x04: BEROctetString, 0x05: BERNull, 0x0a: BEREnumerated, 0x10: BERSequence, 0x11: BERSet} fallback=None inherit=None> inherit=None> inherit=<LDAPBERDecoderContext identities={0x41: LDAPBindResponse, 0x40: LDAPBindRequest, 0x42: LDAPUnbindRequest, 0x43: LDAPSearchRequest, 0x44: LDAPSearchResultEntry, 0x45: LDAPSearchResultDone, 0x53: LDAPSearchResultReference, 0x83: LDAPReferral, 0x46: LDAPModifyRequest, 0x47: LDAPModifyResponse, 0x48: LDAPAddRequest, 0x49: LDAPAddResponse, 0x4a: LDAPDelRequest, 0x4b: LDAPDelResponse, 0x57: LDAPExtendedRequest, 0x58: LDAPExtendedResponse, 0x4c: LDAPModifyDNRequest, 0x4d: LDAPModifyDNResponse, 0x50: LDAPAbandonRequest, 0x4e: LDAPCompareRequest, 0x4f: LDAPCompareResponse} fallback=<BERDecoderContext identities={0x01: BERBoolean, 0x02: BERInteger, 0x04: BEROctetString, 0x05: BERNull, 0x0a: BEREnumerated, 0x10: BERSequence, 0x11: BERSet} fallback=None inherit=None> inherit=None>>>
checkControls(controls)[source]
connectionLost(reason=<twisted.python.failure.Failure twisted.internet.error.ConnectionDone: Connection was closed cleanly.>)[source]

Called when TCP connection has been lost

connectionMade()[source]

TCP connection has opened

dataReceived(recd)[source]

Called whenever data is received.

Use this method to translate to a higher-level message. Usually, some callback will be made upon the receipt of each complete protocol message.

@param data: a string of indeterminate length. Please keep in mind

that you will probably need to buffer some data, as partial (or multiple) protocol messages may be received! I recommend that unit tests for protocols call through to this method with differing chunk sizes, down to one byte at a time.

debug = False
failDefault(resultCode, errorMessage)[source]
handle(msg)[source]
handleUnknown(request, controls, callback)[source]
queue(id, op)[source]
unsolicitedNotification(msg)[source]
class ldaptor.protocols.ldap.ldapserver.LDAPServer[source]

Bases: ldaptor.protocols.ldap.ldapserver.BaseLDAPServer

An LDAP server

boundUser = None
extendedRequest_LDAPPasswordModifyRequest(data, reply)[source]
fail_LDAPAddRequest

alias of ldaptor.protocols.pureldap.LDAPAddResponse

fail_LDAPBindRequest

alias of ldaptor.protocols.pureldap.LDAPBindResponse

fail_LDAPCompareRequest

alias of ldaptor.protocols.pureldap.LDAPCompareResponse

fail_LDAPDelRequest

alias of ldaptor.protocols.pureldap.LDAPDelResponse

fail_LDAPExtendedRequest

alias of ldaptor.protocols.pureldap.LDAPExtendedResponse

fail_LDAPModifyDNRequest

alias of ldaptor.protocols.pureldap.LDAPModifyDNResponse

fail_LDAPModifyRequest

alias of ldaptor.protocols.pureldap.LDAPModifyResponse

fail_LDAPSearchRequest

alias of ldaptor.protocols.pureldap.LDAPSearchResultDone

getRootDSE(request, reply)[source]
handle_LDAPAddRequest(request, controls, reply)[source]
handle_LDAPBindRequest(request, controls, reply)[source]
handle_LDAPCompareRequest(request, controls, reply)[source]
handle_LDAPDelRequest(request, controls, reply)[source]
handle_LDAPExtendedRequest(request, controls, reply)[source]
handle_LDAPModifyDNRequest(request, controls, reply)[source]
handle_LDAPModifyRequest(request, controls, reply)[source]
handle_LDAPSearchRequest(request, controls, reply)[source]
handle_LDAPUnbindRequest(request, controls, reply)[source]
exception ldaptor.protocols.ldap.ldapserver.LDAPServerConnectionLostException(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPException

ldaptor.protocols.ldap.ldapsyntax module

Pythonic API for LDAP operations.

exception ldaptor.protocols.ldap.ldapsyntax.CannotRemoveRDNError(key, val=None)[source]

Bases: Exception

The attribute to be removed is the RDN for the object and cannot be removed.

exception ldaptor.protocols.ldap.ldapsyntax.DNNotPresentError[source]

Bases: Exception

The requested DN cannot be found by the server.

class ldaptor.protocols.ldap.ldapsyntax.JournaledLDAPAttributeSet(ldapObject, *a, **kw)[source]

Bases: ldaptor.attributeset.LDAPAttributeSet

add(value)[source]

Adding key to the attributes with checking if it exists as byte or unicode string

clear()[source]

Remove all elements from this set.

remove(value)[source]

Removing key from the attributes with checking if it exists as byte or unicode string

update(sequence)[source]

Update a set with the union of itself and others.

ldaptor.protocols.ldap.ldapsyntax.LDAPEntry

alias of ldaptor.protocols.ldap.ldapsyntax.LDAPEntryWithClient

class ldaptor.protocols.ldap.ldapsyntax.LDAPEntryWithAutoFill(*args, **kwargs)[source]

Bases: ldaptor.protocols.ldap.ldapsyntax.LDAPEntryWithClient

addAutofiller(autoFiller)[source]
journal(journalOperation)[source]

Add a Modification into the list of modifications that need to be flushed to the LDAP server.

Normal callers should not use this, they should use the o[‘foo’]=[‘bar’, ‘baz’] -style API that enforces schema, handles errors and updates the cached data.

class ldaptor.protocols.ldap.ldapsyntax.LDAPEntryWithClient(client, dn, attributes={}, complete=0)[source]

Bases: ldaptor.entry.EditableLDAPEntry

addChild(rdn, attributes)[source]
bind(password)[source]
buildAttributeSet(key, values)[source]
commit()[source]
delete()[source]
fetch(*attributes)[source]
get(*a, **kw)[source]
has_key(*a, **kw)[source]
items()[source]
journal(journalOperation)[source]

Add a Modification into the list of modifications that need to be flushed to the LDAP server.

Normal callers should not use this, they should use the o[‘foo’]=[‘bar’, ‘baz’] -style API that enforces schema, handles errors and updates the cached data.

keys()[source]
lookup(dn)[source]
move(newDN)[source]
namingContext()[source]
search(filterText=None, filterObject=None, attributes=(), scope=None, derefAliases=None, sizeLimit=0, sizeLimitIsNonFatal=False, timeLimit=0, typesOnly=0, callback=None, controls=None, return_controls=False)[source]
setPassword(newPasswd)[source]

Update the password for the entry with a new password and salt passed as bytes.

setPasswordMaybe_ExtendedOperation(newPasswd)

Set the password on this object.

@param newPasswd: A string containing the new password.

@return: A Deferred that will complete when the operation is done.

setPasswordMaybe_Samba(newPasswd)[source]

Set the Samba password on this object if it is a sambaSamAccount or sambaAccount.

@param newPasswd: A string containing the new password.

@return: A Deferred that will complete when the operation is done.

setPassword_ExtendedOperation(newPasswd)[source]

Set the password on this object.

@param newPasswd: A string containing the new password.

@return: A Deferred that will complete when the operation is done.

setPassword_Samba(newPasswd, style=None)[source]

Set the Samba password on this object.

@param newPasswd: A string containing the new password.

@param style: one of ‘sambaSamAccount’, ‘sambaAccount’ or None. Specifies the style of samba accounts used. None is default and is the same as ‘sambaSamAccount’.

@return: A Deferred that will complete when the operation is done.

toWire()[source]
undo()[source]
exception ldaptor.protocols.ldap.ldapsyntax.MatchNotImplemented(op)[source]

Bases: NotImplementedError

Match type not implemented

exception ldaptor.protocols.ldap.ldapsyntax.NoContainingNamingContext[source]

Bases: Exception

The server contains to LDAP naming context that would contain this object.

exception ldaptor.protocols.ldap.ldapsyntax.ObjectDeletedError[source]

Bases: ldaptor.protocols.ldap.ldapsyntax.ObjectInBadStateError

The LDAP object has already been removed, unable to perform operations on it.

exception ldaptor.protocols.ldap.ldapsyntax.ObjectDirtyError[source]

Bases: ldaptor.protocols.ldap.ldapsyntax.ObjectInBadStateError

The LDAP object has a journal which needs to be committed or undone before this operation.

exception ldaptor.protocols.ldap.ldapsyntax.ObjectInBadStateError[source]

Bases: Exception

The LDAP object in in a bad state.

exception ldaptor.protocols.ldap.ldapsyntax.PasswordSetAborted[source]

Bases: Exception

Aborted

exception ldaptor.protocols.ldap.ldapsyntax.PasswordSetAggregateError(errors)[source]

Bases: Exception

Some of the password plugins failed

ldaptor.protocols.ldap.ldif module

Support for writing a set of directory entries as LDIF. You probably want to use this only indirectly, as in str(LDAPEntry(…)).

TODO support writing modify operations TODO support reading modify operations

TODO implement rest of syntax from RFC2849

ldaptor.protocols.ldap.ldif.asLDIF(dn, attributes)[source]
ldaptor.protocols.ldap.ldif.attributeAsLDIF(attribute, value)[source]
ldaptor.protocols.ldap.ldif.attributeAsLDIF_base64(attribute, value)[source]
ldaptor.protocols.ldap.ldif.base64_encode(s)[source]
ldaptor.protocols.ldap.ldif.containsNonprintable(s)[source]
ldaptor.protocols.ldap.ldif.manyAsLDIF(objects)[source]

ldaptor.protocols.ldap.ldifdelta module

class ldaptor.protocols.ldap.ldifdelta.LDIFDelta[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIF

MOD_SPEC_TO_DELTA = {b'add': <class 'ldaptor.delta.Add'>, b'delete': <class 'ldaptor.delta.Delete'>, b'replace': <class 'ldaptor.delta.Replace'>}
state_IN_ADD_ENTRY(line)[source]
state_IN_DELETE(line)[source]
state_IN_MOD_SPEC(line)[source]
state_WAIT_FOR_CHANGETYPE(line)[source]
state_WAIT_FOR_DN(line)[source]
state_WAIT_FOR_MOD_SPEC(line)[source]
exception ldaptor.protocols.ldap.ldifdelta.LDIFDeltaAddMissingAttributesError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

Add operation needs to have at least one attribute type and value.

exception ldaptor.protocols.ldap.ldifdelta.LDIFDeltaDeleteHasJunkAfterChangeTypeError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

Delete operation takes no attribute types or values.

exception ldaptor.protocols.ldap.ldifdelta.LDIFDeltaMissingChangeTypeError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF delta entry has no changetype.

exception ldaptor.protocols.ldap.ldifdelta.LDIFDeltaModificationDifferentAttributeTypeError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

The attribute type for the change is not the as in the mod-spec header line.

exception ldaptor.protocols.ldap.ldifdelta.LDIFDeltaModificationMissingEndDashError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF delta modification has no ending dash.

exception ldaptor.protocols.ldap.ldifdelta.LDIFDeltaUnknownChangeTypeError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF delta entry has an unknown changetype.

exception ldaptor.protocols.ldap.ldifdelta.LDIFDeltaUnknownModificationError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF delta modification has unknown mod-spec.

ldaptor.protocols.ldap.ldifdelta.fromLDIFFile(f)[source]

Read LDIF data from a file.

ldaptor.protocols.ldap.ldifprotocol module

class ldaptor.protocols.ldap.ldifprotocol.LDIF[source]

Bases: twisted.protocols.basic.LineReceiver

connectionLost(reason=<twisted.python.failure.Failure twisted.internet.error.ConnectionDone: Connection was closed cleanly.>)[source]

Called when the connection is shut down.

Clear any circular references here, and any external references to this Protocol. The connection has been closed.

@type reason: L{twisted.python.failure.Failure}

data = None
delimiter = b'\n'
dn = None
gotEntry(obj)[source]
lastLine = None
lineReceived(line)[source]

Override this for when each line is received.

@param line: The line which was received with the delimiter removed. @type line: C{bytes}

logicalLineReceived(line)[source]
mode = b'HEADER'
parseValue(val)[source]
state_HEADER(line)[source]
state_IN_ENTRY(line)[source]
state_WAIT_FOR_DN(line)[source]
version = None
exception ldaptor.protocols.ldap.ldifprotocol.LDIFEntryStartsWithNonDNError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF entry starts with a non-DN line

exception ldaptor.protocols.ldap.ldifprotocol.LDIFEntryStartsWithSpaceError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

Invalid LDIF value format

exception ldaptor.protocols.ldap.ldifprotocol.LDIFLineWithoutSemicolonError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF line without semicolon seen

exception ldaptor.protocols.ldap.ldifprotocol.LDIFParseError[source]

Bases: Exception

Error parsing LDIF

exception ldaptor.protocols.ldap.ldifprotocol.LDIFTruncatedError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF appears to be truncated

exception ldaptor.protocols.ldap.ldifprotocol.LDIFUnsupportedVersionError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

LDIF version not supported

exception ldaptor.protocols.ldap.ldifprotocol.LDIFVersionNotANumberError[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIFParseError

Non-numeric LDIF version number

ldaptor.protocols.ldap.proxy module

LDAP protocol proxy server

class ldaptor.protocols.ldap.proxy.Proxy(config)[source]

Bases: ldaptor.protocols.ldap.ldapserver.BaseLDAPServer

client = None
connectionLost(reason)[source]

Called when TCP connection has been lost

connectionMade()[source]

TCP connection has opened

handleUnknown(request, controls, reply)[source]
handle_LDAPUnbindRequest(request, controls, reply)[source]
protocol

alias of ldaptor.protocols.ldap.ldapclient.LDAPClient

unbound = False
waitingConnect = []

ldaptor.protocols.ldap.svcbindproxy module

class ldaptor.protocols.ldap.svcbindproxy.ServiceBindingProxy(services=None, fallback=None, *a, **kw)[source]

Bases: ldaptor.protocols.ldap.proxy.Proxy

An LDAP proxy that handles non-anonymous bind requests specially.

BindRequests are intercepted and authentication is attempted against each configured service. This authentication is performed against a separate LDAP entry, found by searching for entries with

  • objectClass: serviceSecurityObject

  • owner: the DN of the original bind attempt

  • cn: the service name.

starting at the identity-base as configured in the config file.

Finally, if the authentication does not succeed against any of the configured services, the proxy can fallback to passing the bind request to the real server.

fail_LDAPBindRequest

alias of ldaptor.protocols.pureldap.LDAPBindResponse

fallback = False
handle_LDAPBindRequest(request, controls, reply)[source]
services = []
timestamp()[source]

Module contents

LDAP protocol logic