Class: Net::LDAP::PDU
- Inherits:
-
Object
- Object
- Net::LDAP::PDU
- Defined in:
- lib/net/ldap/pdu.rb
Overview
Defines the Protocol Data Unit (PDU) for LDAP. An LDAP PDU always looks like a BER SEQUENCE with at least two elements: an INTEGER message ID number and an application-specific SEQUENCE. Some LDAPv3 packets also include an optional third element, a sequence of “controls” (see RFC 2251 section 4.1.12 for more information).
The application-specific tag in the sequence tells us what kind of packet it is, and each kind has its own format, defined in RFC-1777.
Observe that many clients (such as ldapsearch) do not necessarily enforce the expected application tags on received protocol packets. This implementation does interpret the RFC strictly in this regard, and it remains to be seen whether there are servers out there that will not work well with our approach.
Currently, we only support controls on SearchResult.
tools.ietf.org/html/rfc4511#section-4.1.1 tools.ietf.org/html/rfc4511#section-4.1.9
Defined Under Namespace
Classes: Error
Constant Summary collapse
- BindRequest =
0
- BindResult =
1
- UnbindRequest =
2
- SearchRequest =
3
- SearchReturnedData =
4
- SearchResult =
5
- ModifyRequest =
see also SearchResultReferral (19) tools.ietf.org/html/rfc4511#section-4.6
6
- ModifyResponse =
7
- AddRequest =
8
- AddResponse =
9
- DeleteRequest =
10
- DeleteResponse =
11
- ModifyRDNRequest =
12
- ModifyRDNResponse =
13
- CompareRequest =
14
- CompareResponse =
15
- AbandonRequest =
16
- SearchResultReferral =
19
- ExtendedRequest =
23
- ExtendedResponse =
24
- IntermediateResponse =
25
Instance Attribute Summary collapse
-
#app_tag ⇒ Object
readonly
The application protocol format tag.
-
#bind_parameters ⇒ Object
readonly
Returns the value of attribute bind_parameters.
-
#extended_response ⇒ Object
readonly
Returns the value of attribute extended_response.
-
#ldap_controls ⇒ Object
(also: #result_controls)
readonly
Returns RFC-2251 Controls if any.
-
#message_id ⇒ Object
(also: #msg_id)
readonly
The LDAP packet message ID.
-
#search_entry ⇒ Object
readonly
Returns the value of attribute search_entry.
-
#search_parameters ⇒ Object
readonly
Returns the value of attribute search_parameters.
-
#search_referrals ⇒ Object
readonly
Returns the value of attribute search_referrals.
Instance Method Summary collapse
- #error_message ⇒ Object
- #failure? ⇒ Boolean
-
#initialize(ber_object) ⇒ PDU
constructor
Messy.
-
#result ⇒ Object
Returns a hash which (usually) defines the members :resultCode, :errorMessage, and :matchedDN.
-
#result_code(code = :resultCode) ⇒ Object
This returns an LDAP result code taken from the PDU, but it will be nil if there wasn’t a result code.
-
#result_server_sasl_creds ⇒ Object
Return serverSaslCreds, which are only present in BindResponse packets.
- #status ⇒ Object
- #success? ⇒ Boolean
Constructor Details
#initialize(ber_object) ⇒ PDU
Messy. Does this functionality belong somewhere else?
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 |
# File 'lib/net/ldap/pdu.rb', line 85 def initialize(ber_object) begin @message_id = ber_object[0].to_i # Grab the bottom five bits of the identifier so we know which type of # PDU this is. # # This is safe enough in LDAP-land, but it is recommended that other # approaches be taken for other protocols in the case that there's an # app-specific tag that has both primitive and constructed forms. @app_tag = ber_object[1].ber_identifier & 0x1f @ldap_controls = [] rescue Exception => ex raise Net::LDAP::PDU::Error, "LDAP PDU Format Error: #{ex.}" end case @app_tag when BindResult parse_bind_response(ber_object[1]) when SearchReturnedData parse_search_return(ber_object[1]) when SearchResultReferral parse_search_referral(ber_object[1]) when SearchResult parse_ldap_result(ber_object[1]) when ModifyResponse parse_ldap_result(ber_object[1]) when AddResponse parse_ldap_result(ber_object[1]) when DeleteResponse parse_ldap_result(ber_object[1]) when ModifyRDNResponse parse_ldap_result(ber_object[1]) when SearchRequest parse_ldap_search_request(ber_object[1]) when BindRequest parse_bind_request(ber_object[1]) when UnbindRequest parse_unbind_request(ber_object[1]) when ExtendedResponse parse_extended_response(ber_object[1]) else raise Error.new("unknown pdu-type: #{@app_tag}") end parse_controls(ber_object[2]) if ber_object[2] end |
Instance Attribute Details
#app_tag ⇒ Object (readonly)
The application protocol format tag.
71 72 73 |
# File 'lib/net/ldap/pdu.rb', line 71 def app_tag @app_tag end |
#bind_parameters ⇒ Object (readonly)
Returns the value of attribute bind_parameters.
76 77 78 |
# File 'lib/net/ldap/pdu.rb', line 76 def bind_parameters @bind_parameters end |
#extended_response ⇒ Object (readonly)
Returns the value of attribute extended_response.
77 78 79 |
# File 'lib/net/ldap/pdu.rb', line 77 def extended_response @extended_response end |
#ldap_controls ⇒ Object (readonly) Also known as: result_controls
Returns RFC-2251 Controls if any.
81 82 83 |
# File 'lib/net/ldap/pdu.rb', line 81 def ldap_controls @ldap_controls end |
#message_id ⇒ Object (readonly) Also known as: msg_id
The LDAP packet message ID.
66 67 68 |
# File 'lib/net/ldap/pdu.rb', line 66 def @message_id end |
#search_entry ⇒ Object (readonly)
Returns the value of attribute search_entry.
73 74 75 |
# File 'lib/net/ldap/pdu.rb', line 73 def search_entry @search_entry end |
#search_parameters ⇒ Object (readonly)
Returns the value of attribute search_parameters.
75 76 77 |
# File 'lib/net/ldap/pdu.rb', line 75 def search_parameters @search_parameters end |
#search_referrals ⇒ Object (readonly)
Returns the value of attribute search_referrals.
74 75 76 |
# File 'lib/net/ldap/pdu.rb', line 74 def search_referrals @search_referrals end |
Instance Method Details
#error_message ⇒ Object
140 141 142 |
# File 'lib/net/ldap/pdu.rb', line 140 def result[:errorMessage] || "" end |
#failure? ⇒ Boolean
160 161 162 |
# File 'lib/net/ldap/pdu.rb', line 160 def failure? !success? end |
#result ⇒ Object
Returns a hash which (usually) defines the members :resultCode, :errorMessage, and :matchedDN. These values come directly from an LDAP response packet returned by the remote peer. Also see #result_code.
136 137 138 |
# File 'lib/net/ldap/pdu.rb', line 136 def result @ldap_result || {} end |
#result_code(code = :resultCode) ⇒ Object
This returns an LDAP result code taken from the PDU, but it will be nil if there wasn’t a result code. That can easily happen depending on the type of packet.
148 149 150 |
# File 'lib/net/ldap/pdu.rb', line 148 def result_code(code = :resultCode) @ldap_result and @ldap_result[code] end |
#result_server_sasl_creds ⇒ Object
Return serverSaslCreds, which are only present in BindResponse packets. – Messy. Does this functionality belong somewhere else? We ought to refactor the accessors of this class before they get any kludgier.
169 170 171 |
# File 'lib/net/ldap/pdu.rb', line 169 def result_server_sasl_creds @ldap_result && @ldap_result[:serverSaslCreds] end |
#status ⇒ Object
152 153 154 |
# File 'lib/net/ldap/pdu.rb', line 152 def status Net::LDAP::ResultCodesNonError.include?(result_code) ? :success : :failure end |
#success? ⇒ Boolean
156 157 158 |
# File 'lib/net/ldap/pdu.rb', line 156 def success? status == :success end |