Class: Net::LDAP::PDU

Inherits:
Object
  • Object
show all
Defined in:
lib/net/ldap/pdu.rb

Overview

Defines the Protocol Data Unit (PDU) for LDAP. An LDAP PDU always looks like a BER SEQUENCE with at least two elements: an INTEGER message ID number and an application-specific SEQUENCE. Some LDAPv3 packets also include an optional third element, a sequence of “controls” (see RFC 2251 section 4.1.12 for more information).

The application-specific tag in the sequence tells us what kind of packet it is, and each kind has its own format, defined in RFC-1777.

Observe that many clients (such as ldapsearch) do not necessarily enforce the expected application tags on received protocol packets. This implementation does interpret the RFC strictly in this regard, and it remains to be seen whether there are servers out there that will not work well with our approach.

Currently, we only support controls on SearchResult.

tools.ietf.org/html/rfc4511#section-4.1.1 tools.ietf.org/html/rfc4511#section-4.1.9

Defined Under Namespace

Classes: Error

Constant Summary collapse

BindRequest =
0
BindResult =
1
UnbindRequest =
2
SearchRequest =
3
SearchReturnedData =
4
SearchResult =
5
ModifyRequest =

see also SearchResultReferral (19) tools.ietf.org/html/rfc4511#section-4.6

6
ModifyResponse =
7
AddRequest =
8
AddResponse =
9
DeleteRequest =
10
DeleteResponse =
11
ModifyRDNRequest =
12
ModifyRDNResponse =
13
CompareRequest =
14
CompareResponse =
15
AbandonRequest =
16
SearchResultReferral =
19
ExtendedRequest =
23
ExtendedResponse =
24
IntermediateResponse =
25

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(ber_object) ⇒ PDU

Messy. Does this functionality belong somewhere else?



85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# File 'lib/net/ldap/pdu.rb', line 85

def initialize(ber_object)
  begin
    @message_id = ber_object[0].to_i
    # Grab the bottom five bits of the identifier so we know which type of
    # PDU this is.
    #
    # This is safe enough in LDAP-land, but it is recommended that other
    # approaches be taken for other protocols in the case that there's an
    # app-specific tag that has both primitive and constructed forms.
    @app_tag = ber_object[1].ber_identifier & 0x1f
    @ldap_controls = []
  rescue Exception => ex
    raise Net::LDAP::PDU::Error, "LDAP PDU Format Error: #{ex.message}"
  end

  case @app_tag
  when BindResult
    parse_bind_response(ber_object[1])
  when SearchReturnedData
    parse_search_return(ber_object[1])
  when SearchResultReferral
    parse_search_referral(ber_object[1])
  when SearchResult
    parse_ldap_result(ber_object[1])
  when ModifyResponse
    parse_ldap_result(ber_object[1])
  when AddResponse
    parse_ldap_result(ber_object[1])
  when DeleteResponse
    parse_ldap_result(ber_object[1])
  when ModifyRDNResponse
    parse_ldap_result(ber_object[1])
  when SearchRequest
    parse_ldap_search_request(ber_object[1])
  when BindRequest
    parse_bind_request(ber_object[1])
  when UnbindRequest
    parse_unbind_request(ber_object[1])
  when ExtendedResponse
    parse_extended_response(ber_object[1])
  else
    raise Error.new("unknown pdu-type: #{@app_tag}")
  end

  parse_controls(ber_object[2]) if ber_object[2]
end

Instance Attribute Details

#app_tagObject (readonly)

The application protocol format tag.



71
72
73
# File 'lib/net/ldap/pdu.rb', line 71

def app_tag
  @app_tag
end

#bind_parametersObject (readonly)

Returns the value of attribute bind_parameters.



76
77
78
# File 'lib/net/ldap/pdu.rb', line 76

def bind_parameters
  @bind_parameters
end

#extended_responseObject (readonly)

Returns the value of attribute extended_response.



77
78
79
# File 'lib/net/ldap/pdu.rb', line 77

def extended_response
  @extended_response
end

#ldap_controlsObject (readonly) Also known as: result_controls

Returns RFC-2251 Controls if any.



81
82
83
# File 'lib/net/ldap/pdu.rb', line 81

def ldap_controls
  @ldap_controls
end

#message_idObject (readonly) Also known as: msg_id

The LDAP packet message ID.



66
67
68
# File 'lib/net/ldap/pdu.rb', line 66

def message_id
  @message_id
end

#search_entryObject (readonly)

Returns the value of attribute search_entry.



73
74
75
# File 'lib/net/ldap/pdu.rb', line 73

def search_entry
  @search_entry
end

#search_parametersObject (readonly)

Returns the value of attribute search_parameters.



75
76
77
# File 'lib/net/ldap/pdu.rb', line 75

def search_parameters
  @search_parameters
end

#search_referralsObject (readonly)

Returns the value of attribute search_referrals.



74
75
76
# File 'lib/net/ldap/pdu.rb', line 74

def search_referrals
  @search_referrals
end

Instance Method Details

#error_messageObject



140
141
142
# File 'lib/net/ldap/pdu.rb', line 140

def error_message
  result[:errorMessage] || ""
end

#failure?Boolean

Returns:

  • (Boolean)


160
161
162
# File 'lib/net/ldap/pdu.rb', line 160

def failure?
  !success?
end

#resultObject

Returns a hash which (usually) defines the members :resultCode, :errorMessage, and :matchedDN. These values come directly from an LDAP response packet returned by the remote peer. Also see #result_code.



136
137
138
# File 'lib/net/ldap/pdu.rb', line 136

def result
  @ldap_result || {}
end

#result_code(code = :resultCode) ⇒ Object

This returns an LDAP result code taken from the PDU, but it will be nil if there wasn’t a result code. That can easily happen depending on the type of packet.



148
149
150
# File 'lib/net/ldap/pdu.rb', line 148

def result_code(code = :resultCode)
  @ldap_result and @ldap_result[code]
end

#result_server_sasl_credsObject

Return serverSaslCreds, which are only present in BindResponse packets. – Messy. Does this functionality belong somewhere else? We ought to refactor the accessors of this class before they get any kludgier.



169
170
171
# File 'lib/net/ldap/pdu.rb', line 169

def result_server_sasl_creds
  @ldap_result && @ldap_result[:serverSaslCreds]
end

#statusObject



152
153
154
# File 'lib/net/ldap/pdu.rb', line 152

def status
  Net::LDAP::ResultCodesNonError.include?(result_code) ? :success : :failure
end

#success?Boolean

Returns:

  • (Boolean)


156
157
158
# File 'lib/net/ldap/pdu.rb', line 156

def success?
  status == :success
end