Class: Net::LDAP::PDU

Inherits:
Object
  • Object
show all
Defined in:
lib/net/ldap/pdu.rb

Overview

Defines the Protocol Data Unit (PDU) for LDAP. An LDAP PDU always looks like a BER SEQUENCE with at least two elements: an INTEGER message ID number and an application-specific SEQUENCE. Some LDAPv3 packets also include an optional third element, a sequence of “controls” (see RFC 2251 section 4.1.12 for more information).

The application-specific tag in the sequence tells us what kind of packet it is, and each kind has its own format, defined in RFC-1777.

Observe that many clients (such as ldapsearch) do not necessarily enforce the expected application tags on received protocol packets. This implementation does interpret the RFC strictly in this regard, and it remains to be seen whether there are servers out there that will not work well with our approach.

Currently, we only support controls on SearchResult.

Defined Under Namespace

Classes: Error

Constant Summary collapse

BindRequest =

This message packet is a bind request.

0
BindResult = 
1
UnbindRequest = 
2
SearchRequest = 
3
SearchReturnedData = 
4
SearchResult = 
5
ModifyResponse = 
7
AddResponse = 
9
DeleteResponse = 
11
ModifyRDNResponse = 
13
SearchResultReferral = 
19
ExtendedRequest = 
23
ExtendedResponse = 
24

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(ber_object) ⇒ PDU

Messy. Does this functionality belong somewhere else?



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
 
# File 'lib/net/ldap/pdu.rb', line 60

def initialize(ber_object)
  begin
    @message_id = ber_object[0].to_i
    # Grab the bottom five bits of the identifier so we know which type of
    # PDU this is.
    #
    # This is safe enough in LDAP-land, but it is recommended that other
    # approaches be taken for other protocols in the case that there's an
    # app-specific tag that has both primitive and constructed forms.
    @app_tag = ber_object[1].ber_identifier & 0x1f
    @ldap_controls = []
  rescue Exception => ex
    raise Net::LDAP::PDU::Error, "LDAP PDU Format Error: #{ex.message}"
  end

  case @app_tag
  when BindResult
    parse_bind_response(ber_object[1])
  when SearchReturnedData
    parse_search_return(ber_object[1])
  when SearchResultReferral
    parse_search_referral(ber_object[1])
  when SearchResult
    parse_ldap_result(ber_object[1])
  when ModifyResponse
    parse_ldap_result(ber_object[1])
  when AddResponse
    parse_ldap_result(ber_object[1])
  when DeleteResponse
    parse_ldap_result(ber_object[1])
  when ModifyRDNResponse
    parse_ldap_result(ber_object[1])
  when SearchRequest
    parse_ldap_search_request(ber_object[1])
  when BindRequest
    parse_bind_request(ber_object[1])
  when UnbindRequest
    parse_unbind_request(ber_object[1])
  when ExtendedResponse
    parse_ldap_result(ber_object[1])
  else
    raise LdapPduError.new("unknown pdu-type: #{@app_tag}")
  end

  parse_controls(ber_object[2]) if ber_object[2]
end

Instance Attribute Details

#app_tagObject (readonly)

The application protocol format tag.



47
48
49
 
# File 'lib/net/ldap/pdu.rb', line 47

def app_tag
  @app_tag
end

#bind_parametersObject (readonly)

Returns the value of attribute bind_parameters.



52
53
54
 
# File 'lib/net/ldap/pdu.rb', line 52

def bind_parameters
  @bind_parameters
end

#ldap_controlsObject (readonly) Also known as: result_controls

Returns RFC-2251 Controls if any.



56
57
58
 
# File 'lib/net/ldap/pdu.rb', line 56

def ldap_controls
  @ldap_controls
end

#message_idObject (readonly) Also known as: msg_id

The LDAP packet message ID.



42
43
44
 
# File 'lib/net/ldap/pdu.rb', line 42

def message_id
  @message_id
end

#search_entryObject (readonly)

Returns the value of attribute search_entry.



49
50
51
 
# File 'lib/net/ldap/pdu.rb', line 49

def search_entry
  @search_entry
end

#search_parametersObject (readonly)

Returns the value of attribute search_parameters.



51
52
53
 
# File 'lib/net/ldap/pdu.rb', line 51

def search_parameters
  @search_parameters
end

#search_referralsObject (readonly)

Returns the value of attribute search_referrals.



50
51
52
 
# File 'lib/net/ldap/pdu.rb', line 50

def search_referrals
  @search_referrals
end

Instance Method Details

#error_messageObject 



115
116
117
 
# File 'lib/net/ldap/pdu.rb', line 115

def error_message
  result[:errorMessage] || ""
end

#failure?Boolean

Returns:

  • (Boolean) 


135
136
137
 
# File 'lib/net/ldap/pdu.rb', line 135

def failure?
  !success?
end

#resultObject

Returns a hash which (usually) defines the members :resultCode, :errorMessage, and :matchedDN. These values come directly from an LDAP response packet returned by the remote peer. Also see #result_code.



111
112
113
 
# File 'lib/net/ldap/pdu.rb', line 111

def result
  @ldap_result || {}
end

#result_code(code = :resultCode) ⇒ Object

This returns an LDAP result code taken from the PDU, but it will be nil if there wasn’t a result code. That can easily happen depending on the type of packet.



123
124
125
 
# File 'lib/net/ldap/pdu.rb', line 123

def result_code(code = :resultCode)
  @ldap_result and @ldap_result[code]
end

#result_server_sasl_credsObject

Return serverSaslCreds, which are only present in BindResponse packets. – Messy. Does this functionality belong somewhere else? We ought to refactor the accessors of this class before they get any kludgier.



144
145
146
 
# File 'lib/net/ldap/pdu.rb', line 144

def result_server_sasl_creds
  @ldap_result && @ldap_result[:serverSaslCreds]
end

#statusObject 



127
128
129
 
# File 'lib/net/ldap/pdu.rb', line 127

def status
  result_code == 0 ? :success : :failure
end

#success?Boolean

Returns:

  • (Boolean) 


131
132
133
 
# File 'lib/net/ldap/pdu.rb', line 131

def success?
  status == :success
end