ldaptor API Reference

Submodules

ldaptor.attributeset module

class ldaptor.attributeset.LDAPAttributeSet(key, *a, **kw)[source]

Bases: set

add(key)[source]

Adding key to the attributes with checking if it exists as byte or unicode string

copy()[source]

Return a shallow copy of a set.

remove(key)[source]

Removing key from the attributes with checking if it exists as byte or unicode string

ldaptor.checkers module

class ldaptor.checkers.LDAPBindingChecker(cfg)[source]

Bases: object

The avatarID returned is an LDAPEntry.

credentialInterfaces = (<InterfaceClass twisted.cred.credentials.IUsernamePassword>,)
requestAvatarId(credentials)[source]
ldaptor.checkers.makeFilter(name, template=None)[source]

ldaptor.config module

class ldaptor.config.LDAPConfig(baseDN=None, serviceLocationOverrides=None, identityBaseDN=None, identitySearch=None)[source]

Bases: object

baseDN = None
copy(**kw)[source]
getBaseDN()[source]
getIdentityBaseDN()[source]
getIdentitySearch(name)[source]
getServiceLocationOverrides()[source]
identityBaseDN = None
identitySearch = None
exception ldaptor.config.MissingBaseDNError[source]

Bases: Exception

Configuration must specify a base DN

ldaptor.config.loadConfig(configFiles=None, reload=False)[source]

Load configuration file.

ldaptor.config.useLMhash()[source]

Read configuration file if necessary and return whether to use LanMan hashes or not.

ldaptor.delta module

Changes to the content of one single LDAP entry.

(This means these do not belong here: adding or deleting of entries, changing of location in tree)

class ldaptor.delta.Add(key, *a, **kw)[source]

Bases: ldaptor.delta.Modification

asLDIF()[source]
patch(entry)[source]
class ldaptor.delta.AddOp(entry)[source]

Bases: ldaptor.delta.Operation

asLDIF()[source]
patch(root)[source]

Find the correct entry in IConnectedLDAPEntry and patch it.

@param root: IConnectedLDAPEntry that is at the root of the subtree the patch applies to.

@returns: Deferred with None or failure.

class ldaptor.delta.Delete(key, *a, **kw)[source]

Bases: ldaptor.delta.Modification

asLDIF()[source]
patch(entry)[source]
class ldaptor.delta.DeleteOp(dn)[source]

Bases: ldaptor.delta.Operation

asLDIF()[source]
patch(root)[source]

Find the correct entry in IConnectedLDAPEntry and patch it.

@param root: IConnectedLDAPEntry that is at the root of the subtree the patch applies to.

@returns: Deferred with None or failure.

class ldaptor.delta.Modification(key, *a, **kw)[source]

Bases: ldaptor.attributeset.LDAPAttributeSet

asLDAP()[source]
patch(entry)[source]
class ldaptor.delta.ModifyOp(dn, modifications=[])[source]

Bases: ldaptor.delta.Operation

asLDAP()[source]
asLDIF()[source]
classmethod fromLDAP(request)[source]
patch(root)[source]

Find the correct entry in IConnectedLDAPEntry and patch it.

@param root: IConnectedLDAPEntry that is at the root of the subtree the patch applies to.

@returns: Deferred with None or failure.

class ldaptor.delta.Operation[source]

Bases: object

patch(root)[source]

Find the correct entry in IConnectedLDAPEntry and patch it.

@param root: IConnectedLDAPEntry that is at the root of the subtree the patch applies to.

@returns: Deferred with None or failure.

class ldaptor.delta.Replace(key, *a, **kw)[source]

Bases: ldaptor.delta.Modification

asLDIF()[source]
patch(entry)[source]

ldaptor.dns module

DNS-related utilities.

ldaptor.dns.aton(ip)[source]
ldaptor.dns.aton_numbits(num)[source]
ldaptor.dns.aton_octets(ip)[source]
ldaptor.dns.netmaskToNumbits(netmask)[source]
ldaptor.dns.ntoa(n)[source]
ldaptor.dns.ptrSoaName(ip, netmask)[source]

Convert an IP address and netmask to a CIDR delegation -style zone name.

ldaptor.entry module

class ldaptor.entry.BaseLDAPEntry(dn, attributes={})[source]

Bases: ldaptor._encoder.WireStrAlias

bind(password)[source]
buildAttributeSet(key, values)[source]
diff(other)[source]

Compute differences between this and another LDAP entry.

@param other: An LDAPEntry to compare to.

@return: None if equal, otherwise a ModifyOp that would make this entry look like other.

dn = None
get(key, default=None)[source]
getLDIF()[source]
hasMember(dn)[source]
has_key(key)[source]
items()[source]
keys()[source]
toWire()[source]
class ldaptor.entry.EditableLDAPEntry(dn, attributes={})[source]

Bases: ldaptor.entry.BaseLDAPEntry

commit()[source]
delete()[source]
move(newDN)[source]
setPassword(newPasswd, salt=None)[source]

Update the password for the entry with a new password and salt passed as bytes.

undo()[source]
ldaptor.entry.sshaDigest(passphrase, salt=None)[source]

Return the salted SHA for passphrase which is passed as bytes.

ldaptor.entryhelpers module

class ldaptor.entryhelpers.DiffTreeMixin[source]

Bases: object

diffTree(other, result=None)[source]
class ldaptor.entryhelpers.MatchMixin[source]

Bases: object

match(filter)[source]
class ldaptor.entryhelpers.SearchByTreeWalkingMixin[source]

Bases: object

search(filterText=None, filterObject=None, attributes=(), scope=None, derefAliases=None, sizeLimit=0, timeLimit=0, typesOnly=0, callback=None)[source]
class ldaptor.entryhelpers.SubtreeFromChildrenMixin[source]

Bases: object

subtree(callback=None)[source]
ldaptor.entryhelpers.safelower(s)[source]

As string.lower(), but return s if something goes wrong.

ldaptor.generate_password module

exception ldaptor.generate_password.PwgenException[source]

Bases: Exception

class ldaptor.generate_password.ReadPassword(deferred, count=1)[source]

Bases: twisted.internet.protocol.ProcessProtocol

errReceived(data)[source]

Some data was received from stderr.

outReceived(data)[source]

Some data was received from stdout.

processEnded(reason)[source]

Called when the child process exits and all file descriptors associated with it have been closed.

@type reason: L{twisted.python.failure.Failure}

ldaptor.generate_password.generate(reactor, n=1)[source]

ldaptor.inmemory module

class ldaptor.inmemory.InMemoryLDIFProtocol[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIF

Receive LDIF data and gather results into an ReadOnlyInMemoryLDAPEntry.

You can override lookupFailed and addFailed to provide smarter error handling. They are called as Deferred errbacks; returning the reason causes error to pass onward and abort the whole operation. Returning None from lookupFailed skips that entry, but continues loading.

When the full LDIF data has been read, the completed Deferred will trigger.

addFailed(reason, entry)[source]
connectionLost(reason)[source]

Called when the connection is shut down.

Clear any circular references here, and any external references to this Protocol. The connection has been closed.

@type reason: L{twisted.python.failure.Failure}

gotEntry(entry)[source]
lookupFailed(reason, entry)[source]
exception ldaptor.inmemory.LDAPCannotRemoveRootError(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPNamingViolation

Cannot remove root of LDAP tree

class ldaptor.inmemory.ReadOnlyInMemoryLDAPEntry(*a, **kw)[source]

Bases: ldaptor.entry.EditableLDAPEntry, ldaptor.entryhelpers.DiffTreeMixin, ldaptor.entryhelpers.SubtreeFromChildrenMixin, ldaptor.entryhelpers.MatchMixin, ldaptor.entryhelpers.SearchByTreeWalkingMixin

addChild(rdn, attributes)[source]

TODO ugly API. Returns the created entry.

children(callback=None)[source]
commit()[source]
delete()[source]
deleteChild(rdn)[source]
fetch(*attributes)[source]
lookup(dn)[source]
move(newDN)[source]
parent()[source]
ldaptor.inmemory.fromLDIFFile(f)[source]

Read LDIF data from a file.

ldaptor.interfaces module

ldaptor.ldapfilter module

exception ldaptor.ldapfilter.InvalidLDAPFilter(msg, loc, text)[source]

Bases: Exception

ldaptor.ldapfilter.parseExtensible(attr, s)[source]
ldaptor.ldapfilter.parseFilter(s)[source]

Converting source string to pureldap.LDAPFilter

Source string is converted to unicode as pyparsing cannot parse bytes objects with the rules declared in this module.

ldaptor.ldapfilter.parseMaybeSubstring(attrType, s)[source]

ldaptor.ldiftree module

Manage LDAP data as a tree of LDIF files.

exception ldaptor.ldiftree.LDAPCannotRemoveRootError(message=None)[source]

Bases: ldaptor.protocols.ldap.ldaperrors.LDAPNamingViolation

Cannot remove root of LDAP tree

class ldaptor.ldiftree.LDIFTreeEntry(path, dn=None, *a, **kw)[source]

Bases: ldaptor.entry.EditableLDAPEntry, ldaptor.entryhelpers.DiffTreeMixin, ldaptor.entryhelpers.SubtreeFromChildrenMixin, ldaptor.entryhelpers.MatchMixin, ldaptor.entryhelpers.SearchByTreeWalkingMixin

addChild(rdn, attributes)[source]
children(callback=None)[source]
commit()[source]
delete()[source]
deleteChild(rdn)[source]
lookup(dn)[source]
move(newDN)[source]
parent()[source]
exception ldaptor.ldiftree.LDIFTreeEntryContainsMultipleEntries[source]

Bases: Exception

LDIFTree entry contains multiple LDIF entries.

exception ldaptor.ldiftree.LDIFTreeEntryContainsNoEntries[source]

Bases: Exception

LDIFTree entry does not contain a valid LDIF entry.

exception ldaptor.ldiftree.LDIFTreeNoSuchObject[source]

Bases: Exception

LDIFTree does not contain such entry.

class ldaptor.ldiftree.StoreParsedLDIF[source]

Bases: ldaptor.protocols.ldap.ldifprotocol.LDIF

connectionLost(reason)[source]

Called when the connection is shut down.

Clear any circular references here, and any external references to this Protocol. The connection has been closed.

@type reason: L{twisted.python.failure.Failure}

gotEntry(obj)[source]
ldaptor.ldiftree.get(path, dn)[source]
ldaptor.ldiftree.put(path, entry)[source]

ldaptor.numberalloc module

Find an available uidNumber/gidNumber/other similar number.

class ldaptor.numberalloc.freeNumberGuesser(makeAGuess, min=None, max=None)[source]

Bases: object

startGuessing()[source]
ldaptor.numberalloc.getFreeNumber(ldapObject, numberType, min=None, max=None)[source]
class ldaptor.numberalloc.ldapGuesser(ldapObject, numberType)[source]

Bases: object

guess(num)[source]

ldaptor.schema module

class ldaptor.schema.ASN1ParserThingie[source]

Bases: object

class ldaptor.schema.AttributeTypeDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie, ldaptor._encoder.WireStrAlias

ASN Syntax:

AttributeTypeDescription = "(" whsp
        numericoid whsp                ; AttributeType identifier
        [ "NAME" qdescrs ]             ; name used in AttributeType
        [ "DESC" qdstring ]            ; description
        [ "OBSOLETE" whsp ]
        [ "SUP" woid ]                 ; derived from this other AttributeType
        [ "EQUALITY" woid              ; Matching Rule name
        [ "ORDERING" woid              ; Matching Rule name
        [ "SUBSTR" woid ]              ; Matching Rule name
        [ "SYNTAX" whsp noidlen whsp ] ; see section 4.3
        [ "SINGLE-VALUE" whsp ]        ; default multi-valued
        [ "COLLECTIVE" whsp ]          ; default not collective
        [ "NO-USER-MODIFICATION" whsp ]; default user modifiable
        [ "USAGE" whsp AttributeUsage ]; default userApplications
        whsp ")"

AttributeUsage =
        "userApplications"     /
        "directoryOperation"   /
        "distributedOperation" / ; DSA-shared
        "dSAOperation"          ; DSA-specific, value depends on server

noidlen = numericoid [ "{" len "}" ]

len     = numericstring
toWire()[source]
class ldaptor.schema.MatchingRuleDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie, ldaptor._encoder.WireStrAlias

ASN Syntax:

MatchingRuleDescription = "(" whsp
        numericoid whsp  ; MatchingRule identifier
        [ "NAME" qdescrs ]
        [ "DESC" qdstring ]
        [ "OBSOLETE" whsp ]
        "SYNTAX" numericoid
        whsp ")"
toWire()[source]
class ldaptor.schema.ObjectClassDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie, ldaptor._encoder.WireStrAlias

ASN Syntax:

d               = "0" / "1" / "2" / "3" / "4" /
                  "5" / "6" / "7" / "8" / "9"

numericstring   = 1*d

numericoid      = numericstring *( "." numericstring )

space           = 1*" "

whsp            = [ space ]

descr           = keystring

qdescr          = whsp "'" descr "'" whsp

qdescrlist      = [ qdescr *( qdescr ) ]

; object descriptors used as schema element names
qdescrs         = qdescr / ( whsp "(" qdescrlist ")" whsp )

dstring         = 1*utf8

qdstring        = whsp "'" dstring "'" whsp

descr           = keystring

oid             = descr / numericoid

woid            = whsp oid whsp

; set of oids of either form
oids            = woid / ( "(" oidlist ")" )

ObjectClassDescription = "(" whsp
        numericoid whsp      ; ObjectClass identifier
        [ "NAME" qdescrs ]
        [ "DESC" qdstring ]
        [ "OBSOLETE" whsp ]
        [ "SUP" oids ]       ; Superior ObjectClasses
        [ ( "ABSTRACT" / "STRUCTURAL" / "AUXILIARY" ) whsp ]
                             ; default structural
        [ "MUST" oids ]      ; AttributeTypes
        [ "MAY" oids ]       ; AttributeTypes
        whsp ")"
toWire()[source]
class ldaptor.schema.SyntaxDescription(text)[source]

Bases: ldaptor.schema.ASN1ParserThingie, ldaptor._encoder.WireStrAlias

ASN Syntax:

SyntaxDescription = "(" whsp
        numericoid whsp
        [ "DESC" qdstring ]
        whsp ")"
toWire()[source]
ldaptor.schema.extractWord(text)[source]
ldaptor.schema.peekWord(text)[source]

ldaptor.testutil module

Utilities for writing Twistedy unit tests and debugging.

class ldaptor.testutil.FakeTransport(proto)[source]

Bases: object

loseConnection()[source]
class ldaptor.testutil.LDAPClientTestDriver(*responses)[source]

Bases: object

A test driver that looks somewhat like a real LDAPClient.

Pass in a list of lists of LDAPProtocolResponses. For each sent LDAP message, the first item of said list is iterated through, and all the items are sent as responses to the callback. The sent LDAP messages are stored in self.sent, so you can assert that the sent messages are what they are supposed to be.

It is also possible to include a Failure instance instead of a list of LDAPProtocolResponses which will cause the errback to be called with the failure.

assertNothingSent()[source]
assertSent(*shouldBeSent)[source]
connectionLost(reason=None)[source]

Called when TCP connection has been lost

connectionMade()[source]

TCP connection has opened

fakeUnbindResponse = 'fake-unbind-by-LDAPClientTestDriver'
send(op)[source]
send_multiResponse(op, handler, *args, **kwargs)[source]
send_multiResponse_(op, controls, return_controls, handler, *args, **kwargs)[source]
send_multiResponse_ex(op, controls, handler, *args, **kwargs)[source]
send_noResponse(op)[source]
unbind()[source]
ldaptor.testutil.calltrace()[source]

Print out all function calls. For debug use only.

ldaptor.testutil.createServer(proto, *responses, **kw)[source]

Create an LDAP server for testing. :param proto: The server protocol factory (e.g. ProxyBase). :param responses: The responses to initialize the LDAPClientTestDrive. :param proto_args: Optional mapping passed as keyword args to protocol factory.

ldaptor.testutil.mustRaise(dummy)[source]

ldaptor.usage module

Command line argument/options available to various ldaptor tools.

class ldaptor.usage.Options[source]

Bases: twisted.python.usage.Options

optParameters = ()
postOptions()[source]

I am called after the options are parsed.

Override this method in your subclass to do something after the options have been parsed and assigned, like validate that all options are sane.

class ldaptor.usage.Options_base[source]

Bases: ldaptor.usage.Options_base_optional

postOptions_base()[source]
class ldaptor.usage.Options_base_optional[source]

Bases: object

optParameters = (('base', None, None, 'LDAP base dn'),)
class ldaptor.usage.Options_bind[source]

Bases: object

optParameters = (('binddn', None, None, 'use Distinguished Name to bind to the directory'), ('bind-auth-fd', None, None, 'read bind password from filedescriptor'))
postOptions_bind_auth_fd_numeric()[source]
class ldaptor.usage.Options_bind_mandatory[source]

Bases: ldaptor.usage.Options_bind

postOptions_bind_mandatory()[source]
class ldaptor.usage.Options_scope[source]

Bases: object

optParameters = (('scope', None, 'sub', 'LDAP search scope (one of base, one, sub)'),)
postOptions_scope()[source]
class ldaptor.usage.Options_service_location[source]

Bases: object

Mixing for providing the –service-location option.

opt_service_location(value)[source]

Service location, in the form BASEDN:HOST[:PORT]

postOptions_service_location()[source]
exception ldaptor.usage.UsageError[source]

Bases: Exception

Module contents

A Pure-Python Twisted library for LDAP