From 84d2482ddbff9564c9ad75b2d30af66e3ddfd44d Mon Sep 17 00:00:00 2001 From: Christopher Speller Date: Thu, 12 May 2016 15:08:58 -0400 Subject: Updating go depencancies. Switching to go1.6 vendoring (#2949) --- .../src/github.com/go-ldap/ldap/.gitignore | 0 .../src/github.com/go-ldap/ldap/.travis.yml | 15 - .../_workspace/src/github.com/go-ldap/ldap/LICENSE | 27 -- .../src/github.com/go-ldap/ldap/README.md | 55 --- .../_workspace/src/github.com/go-ldap/ldap/add.go | 104 ----- .../_workspace/src/github.com/go-ldap/ldap/bind.go | 135 ------ .../src/github.com/go-ldap/ldap/client.go | 23 -- .../src/github.com/go-ldap/ldap/compare.go | 85 ---- .../_workspace/src/github.com/go-ldap/ldap/conn.go | 369 ----------------- .../src/github.com/go-ldap/ldap/control.go | 332 --------------- .../src/github.com/go-ldap/ldap/debug.go | 24 -- .../_workspace/src/github.com/go-ldap/ldap/del.go | 79 ---- .../_workspace/src/github.com/go-ldap/ldap/dn.go | 155 ------- .../_workspace/src/github.com/go-ldap/ldap/doc.go | 4 - .../src/github.com/go-ldap/ldap/error.go | 137 ------- .../src/github.com/go-ldap/ldap/filter.go | 456 --------------------- .../_workspace/src/github.com/go-ldap/ldap/ldap.go | 286 ------------- .../src/github.com/go-ldap/ldap/modify.go | 156 ------- .../src/github.com/go-ldap/ldap/passwdmodify.go | 137 ------- .../src/github.com/go-ldap/ldap/search.go | 403 ------------------ 20 files changed, 2982 deletions(-) delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/.gitignore delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/.travis.yml delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/LICENSE delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/README.md delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/add.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/bind.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/client.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/compare.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/conn.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/control.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/debug.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/del.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/dn.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/doc.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/error.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/filter.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/ldap.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/modify.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/passwdmodify.go delete mode 100644 Godeps/_workspace/src/github.com/go-ldap/ldap/search.go (limited to 'Godeps/_workspace/src/github.com/go-ldap') diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/.gitignore b/Godeps/_workspace/src/github.com/go-ldap/ldap/.gitignore deleted file mode 100644 index e69de29bb..000000000 diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/.travis.yml b/Godeps/_workspace/src/github.com/go-ldap/ldap/.travis.yml deleted file mode 100644 index a7a38951b..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/.travis.yml +++ /dev/null @@ -1,15 +0,0 @@ -language: go -go: - - 1.2 - - 1.3 - - 1.4 - - 1.5 - - tip -go_import_path: gopkg.in/ldap.v2 -install: - - go get gopkg.in/asn1-ber.v1 - - go get gopkg.in/ldap.v2 - - go get code.google.com/p/go.tools/cmd/cover || go get golang.org/x/tools/cmd/cover - - go build -v ./... -script: - - go test -v -cover ./... diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/LICENSE b/Godeps/_workspace/src/github.com/go-ldap/ldap/LICENSE deleted file mode 100644 index 744875676..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2012 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/README.md b/Godeps/_workspace/src/github.com/go-ldap/ldap/README.md deleted file mode 100644 index 68121c3e2..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/README.md +++ /dev/null @@ -1,55 +0,0 @@ -[![GoDoc](https://godoc.org/gopkg.in/ldap.v1?status.svg)](https://godoc.org/gopkg.in/ldap.v1) -[![Build Status](https://travis-ci.org/go-ldap/ldap.svg)](https://travis-ci.org/go-ldap/ldap) - -# Basic LDAP v3 functionality for the GO programming language. - -## Install - -For the latest version use: - - go get gopkg.in/ldap.v2 - -Import the latest version with: - - import "gopkg.in/ldap.v2" - - -## Required Libraries: - - - gopkg.in/asn1-ber.v1 - -## Working: - - - Connecting to LDAP server - - Binding to LDAP server - - Searching for entries - - Compiling string filters to LDAP filters - - Paging Search Results - - Modify Requests / Responses - - Add Requests / Responses - - Delete Requests / Responses - - Better Unicode support - -## Examples: - - - search - - modify - -## Tests Implemented: - - - Filter Compile / Decompile - -## TODO: - - - [x] Add Requests / Responses - - [x] Delete Requests / Responses - - [x] Modify DN Requests / Responses - - [ ] Compare Requests / Responses - - [ ] Implement Tests / Benchmarks - - - ---- -The Go gopher was designed by Renee French. (http://reneefrench.blogspot.com/) -The design is licensed under the Creative Commons 3.0 Attributions license. -Read this article for more details: http://blog.golang.org/gopher diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/add.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/add.go deleted file mode 100644 index 643ce5ffe..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/add.go +++ /dev/null @@ -1,104 +0,0 @@ -// -// https://tools.ietf.org/html/rfc4511 -// -// AddRequest ::= [APPLICATION 8] SEQUENCE { -// entry LDAPDN, -// attributes AttributeList } -// -// AttributeList ::= SEQUENCE OF attribute Attribute - -package ldap - -import ( - "errors" - "log" - - "gopkg.in/asn1-ber.v1" -) - -type Attribute struct { - attrType string - attrVals []string -} - -func (a *Attribute) encode() *ber.Packet { - seq := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Attribute") - seq.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, a.attrType, "Type")) - set := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSet, nil, "AttributeValue") - for _, value := range a.attrVals { - set.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, value, "Vals")) - } - seq.AppendChild(set) - return seq -} - -type AddRequest struct { - dn string - attributes []Attribute -} - -func (a AddRequest) encode() *ber.Packet { - request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationAddRequest, nil, "Add Request") - request.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, a.dn, "DN")) - attributes := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Attributes") - for _, attribute := range a.attributes { - attributes.AppendChild(attribute.encode()) - } - request.AppendChild(attributes) - return request -} - -func (a *AddRequest) Attribute(attrType string, attrVals []string) { - a.attributes = append(a.attributes, Attribute{attrType: attrType, attrVals: attrVals}) -} - -func NewAddRequest(dn string) *AddRequest { - return &AddRequest{ - dn: dn, - } - -} - -func (l *Conn) Add(addRequest *AddRequest) error { - messageID := l.nextMessageID() - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - packet.AppendChild(addRequest.encode()) - - l.Debug.PrintPacket(packet) - - channel, err := l.sendMessage(packet) - if err != nil { - return err - } - if channel == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - l.Debug.Printf("%d: waiting for response", messageID) - packet = <-channel - l.Debug.Printf("%d: got response %p", messageID, packet) - if packet == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not retrieve message")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return err - } - ber.PrintPacket(packet) - } - - if packet.Children[1].Tag == ApplicationAddResponse { - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return NewError(resultCode, errors.New(resultDescription)) - } - } else { - log.Printf("Unexpected Response: %d", packet.Children[1].Tag) - } - - l.Debug.Printf("%d: returning", messageID) - return nil -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/bind.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/bind.go deleted file mode 100644 index 4ad4b896c..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/bind.go +++ /dev/null @@ -1,135 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ldap - -import ( - "errors" - - "gopkg.in/asn1-ber.v1" -) - -type SimpleBindRequest struct { - Username string - Password string - Controls []Control -} - -type SimpleBindResult struct { - Controls []Control -} - -func NewSimpleBindRequest(username string, password string, controls []Control) *SimpleBindRequest { - return &SimpleBindRequest{ - Username: username, - Password: password, - Controls: controls, - } -} - -func (bindRequest *SimpleBindRequest) encode() *ber.Packet { - request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationBindRequest, nil, "Bind Request") - request.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, 3, "Version")) - request.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, bindRequest.Username, "User Name")) - request.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 0, bindRequest.Password, "Password")) - - request.AppendChild(encodeControls(bindRequest.Controls)) - - return request -} - -func (l *Conn) SimpleBind(simpleBindRequest *SimpleBindRequest) (*SimpleBindResult, error) { - messageID := l.nextMessageID() - - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - encodedBindRequest := simpleBindRequest.encode() - packet.AppendChild(encodedBindRequest) - - if l.Debug { - ber.PrintPacket(packet) - } - - channel, err := l.sendMessage(packet) - if err != nil { - return nil, err - } - if channel == nil { - return nil, NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - packet = <-channel - if packet == nil { - return nil, NewError(ErrorNetwork, errors.New("ldap: could not retrieve response")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return nil, err - } - ber.PrintPacket(packet) - } - - result := &SimpleBindResult{ - Controls: make([]Control, 0), - } - - if len(packet.Children) == 3 { - for _, child := range packet.Children[2].Children { - result.Controls = append(result.Controls, DecodeControl(child)) - } - } - - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return result, NewError(resultCode, errors.New(resultDescription)) - } - - return result, nil -} - -func (l *Conn) Bind(username, password string) error { - messageID := l.nextMessageID() - - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - bindRequest := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationBindRequest, nil, "Bind Request") - bindRequest.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, 3, "Version")) - bindRequest.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, username, "User Name")) - bindRequest.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 0, password, "Password")) - packet.AppendChild(bindRequest) - - if l.Debug { - ber.PrintPacket(packet) - } - - channel, err := l.sendMessage(packet) - if err != nil { - return err - } - if channel == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - packet = <-channel - if packet == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not retrieve response")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return err - } - ber.PrintPacket(packet) - } - - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return NewError(resultCode, errors.New(resultDescription)) - } - - return nil -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/client.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/client.go deleted file mode 100644 index d3401f9e6..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/client.go +++ /dev/null @@ -1,23 +0,0 @@ -package ldap - -import "crypto/tls" - -// Client knows how to interact with an LDAP server -type Client interface { - Start() - StartTLS(config *tls.Config) error - Close() - - Bind(username, password string) error - SimpleBind(simpleBindRequest *SimpleBindRequest) (*SimpleBindResult, error) - - Add(addRequest *AddRequest) error - Del(delRequest *DelRequest) error - Modify(modifyRequest *ModifyRequest) error - - Compare(dn, attribute, value string) (bool, error) - PasswordModify(passwordModifyRequest *PasswordModifyRequest) (*PasswordModifyResult, error) - - Search(searchRequest *SearchRequest) (*SearchResult, error) - SearchWithPaging(searchRequest *SearchRequest, pagingSize uint32) (*SearchResult, error) -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/compare.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/compare.go deleted file mode 100644 index 802e9cc93..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/compare.go +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright 2014 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. -// -// File contains Compare functionality -// -// https://tools.ietf.org/html/rfc4511 -// -// CompareRequest ::= [APPLICATION 14] SEQUENCE { -// entry LDAPDN, -// ava AttributeValueAssertion } -// -// AttributeValueAssertion ::= SEQUENCE { -// attributeDesc AttributeDescription, -// assertionValue AssertionValue } -// -// AttributeDescription ::= LDAPString -// -- Constrained to -// -- [RFC4512] -// -// AttributeValue ::= OCTET STRING -// - -package ldap - -import ( - "errors" - "fmt" - - "gopkg.in/asn1-ber.v1" -) - -// Compare checks to see if the attribute of the dn matches value. Returns true if it does otherwise -// false with any error that occurs if any. -func (l *Conn) Compare(dn, attribute, value string) (bool, error) { - messageID := l.nextMessageID() - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - - request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationCompareRequest, nil, "Compare Request") - request.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, dn, "DN")) - - ava := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "AttributeValueAssertion") - ava.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, attribute, "AttributeDesc")) - ava.AppendChild(ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagOctetString, value, "AssertionValue")) - request.AppendChild(ava) - packet.AppendChild(request) - - l.Debug.PrintPacket(packet) - - channel, err := l.sendMessage(packet) - if err != nil { - return false, err - } - if channel == nil { - return false, NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - l.Debug.Printf("%d: waiting for response", messageID) - packet = <-channel - l.Debug.Printf("%d: got response %p", messageID, packet) - if packet == nil { - return false, NewError(ErrorNetwork, errors.New("ldap: could not retrieve message")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return false, err - } - ber.PrintPacket(packet) - } - - if packet.Children[1].Tag == ApplicationCompareResponse { - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode == LDAPResultCompareTrue { - return true, nil - } else if resultCode == LDAPResultCompareFalse { - return false, nil - } else { - return false, NewError(resultCode, errors.New(resultDescription)) - } - } - return false, fmt.Errorf("Unexpected Response: %d", packet.Children[1].Tag) -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/conn.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/conn.go deleted file mode 100644 index 2f16443f6..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/conn.go +++ /dev/null @@ -1,369 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ldap - -import ( - "crypto/tls" - "errors" - "fmt" - "log" - "net" - "sync" - "time" - - "gopkg.in/asn1-ber.v1" -) - -const ( - MessageQuit = 0 - MessageRequest = 1 - MessageResponse = 2 - MessageFinish = 3 -) - -type messagePacket struct { - Op int - MessageID int64 - Packet *ber.Packet - Channel chan *ber.Packet -} - -type sendMessageFlags uint - -const ( - startTLS sendMessageFlags = 1 << iota -) - -// Conn represents an LDAP Connection -type Conn struct { - conn net.Conn - isTLS bool - isClosing bool - isStartingTLS bool - Debug debugging - chanConfirm chan bool - chanResults map[int64]chan *ber.Packet - chanMessage chan *messagePacket - chanMessageID chan int64 - wgSender sync.WaitGroup - wgClose sync.WaitGroup - once sync.Once - outstandingRequests uint - messageMutex sync.Mutex -} - -var _ Client = &Conn{} - -// DefaultTimeout is a package-level variable that sets the timeout value -// used for the Dial and DialTLS methods. -// -// WARNING: since this is a package-level variable, setting this value from -// multiple places will probably result in undesired behaviour. -var DefaultTimeout = 60 * time.Second - -// Dial connects to the given address on the given network using net.Dial -// and then returns a new Conn for the connection. -func Dial(network, addr string) (*Conn, error) { - c, err := net.DialTimeout(network, addr, DefaultTimeout) - if err != nil { - return nil, NewError(ErrorNetwork, err) - } - conn := NewConn(c, false) - conn.Start() - return conn, nil -} - -// DialTLS connects to the given address on the given network using tls.Dial -// and then returns a new Conn for the connection. -func DialTLS(network, addr string, config *tls.Config) (*Conn, error) { - dc, err := net.DialTimeout(network, addr, DefaultTimeout) - if err != nil { - return nil, NewError(ErrorNetwork, err) - } - c := tls.Client(dc, config) - err = c.Handshake() - if err != nil { - // Handshake error, close the established connection before we return an error - dc.Close() - return nil, NewError(ErrorNetwork, err) - } - conn := NewConn(c, true) - conn.Start() - return conn, nil -} - -// NewConn returns a new Conn using conn for network I/O. -func NewConn(conn net.Conn, isTLS bool) *Conn { - return &Conn{ - conn: conn, - chanConfirm: make(chan bool), - chanMessageID: make(chan int64), - chanMessage: make(chan *messagePacket, 10), - chanResults: map[int64]chan *ber.Packet{}, - isTLS: isTLS, - } -} - -func (l *Conn) Start() { - go l.reader() - go l.processMessages() - l.wgClose.Add(1) -} - -// Close closes the connection. -func (l *Conn) Close() { - l.once.Do(func() { - l.isClosing = true - l.wgSender.Wait() - - l.Debug.Printf("Sending quit message and waiting for confirmation") - l.chanMessage <- &messagePacket{Op: MessageQuit} - <-l.chanConfirm - close(l.chanMessage) - - l.Debug.Printf("Closing network connection") - if err := l.conn.Close(); err != nil { - log.Print(err) - } - - l.wgClose.Done() - }) - l.wgClose.Wait() -} - -// Returns the next available messageID -func (l *Conn) nextMessageID() int64 { - if l.chanMessageID != nil { - if messageID, ok := <-l.chanMessageID; ok { - return messageID - } - } - return 0 -} - -// StartTLS sends the command to start a TLS session and then creates a new TLS Client -func (l *Conn) StartTLS(config *tls.Config) error { - messageID := l.nextMessageID() - - if l.isTLS { - return NewError(ErrorNetwork, errors.New("ldap: already encrypted")) - } - - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationExtendedRequest, nil, "Start TLS") - request.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 0, "1.3.6.1.4.1.1466.20037", "TLS Extended Command")) - packet.AppendChild(request) - l.Debug.PrintPacket(packet) - - channel, err := l.sendMessageWithFlags(packet, startTLS) - if err != nil { - return err - } - if channel == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - - l.Debug.Printf("%d: waiting for response", messageID) - packet = <-channel - l.Debug.Printf("%d: got response %p", messageID, packet) - l.finishMessage(messageID) - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - l.Close() - return err - } - ber.PrintPacket(packet) - } - - if resultCode, message := getLDAPResultCode(packet); resultCode == LDAPResultSuccess { - conn := tls.Client(l.conn, config) - - if err := conn.Handshake(); err != nil { - l.Close() - return NewError(ErrorNetwork, fmt.Errorf("TLS handshake failed (%v)", err)) - } - - l.isTLS = true - l.conn = conn - } else { - return NewError(resultCode, fmt.Errorf("ldap: cannot StartTLS (%s)", message)) - } - go l.reader() - - return nil -} - -func (l *Conn) sendMessage(packet *ber.Packet) (chan *ber.Packet, error) { - return l.sendMessageWithFlags(packet, 0) -} - -func (l *Conn) sendMessageWithFlags(packet *ber.Packet, flags sendMessageFlags) (chan *ber.Packet, error) { - if l.isClosing { - return nil, NewError(ErrorNetwork, errors.New("ldap: connection closed")) - } - l.messageMutex.Lock() - l.Debug.Printf("flags&startTLS = %d", flags&startTLS) - if l.isStartingTLS { - l.messageMutex.Unlock() - return nil, NewError(ErrorNetwork, errors.New("ldap: connection is in startls phase.")) - } - if flags&startTLS != 0 { - if l.outstandingRequests != 0 { - l.messageMutex.Unlock() - return nil, NewError(ErrorNetwork, errors.New("ldap: cannot StartTLS with outstanding requests")) - } else { - l.isStartingTLS = true - } - } - l.outstandingRequests++ - - l.messageMutex.Unlock() - - out := make(chan *ber.Packet) - message := &messagePacket{ - Op: MessageRequest, - MessageID: packet.Children[0].Value.(int64), - Packet: packet, - Channel: out, - } - l.sendProcessMessage(message) - return out, nil -} - -func (l *Conn) finishMessage(messageID int64) { - if l.isClosing { - return - } - - l.messageMutex.Lock() - l.outstandingRequests-- - if l.isStartingTLS { - l.isStartingTLS = false - } - l.messageMutex.Unlock() - - message := &messagePacket{ - Op: MessageFinish, - MessageID: messageID, - } - l.sendProcessMessage(message) -} - -func (l *Conn) sendProcessMessage(message *messagePacket) bool { - if l.isClosing { - return false - } - l.wgSender.Add(1) - l.chanMessage <- message - l.wgSender.Done() - return true -} - -func (l *Conn) processMessages() { - defer func() { - if err := recover(); err != nil { - log.Printf("ldap: recovered panic in processMessages: %v", err) - } - for messageID, channel := range l.chanResults { - l.Debug.Printf("Closing channel for MessageID %d", messageID) - close(channel) - delete(l.chanResults, messageID) - } - close(l.chanMessageID) - l.chanConfirm <- true - close(l.chanConfirm) - }() - - var messageID int64 = 1 - for { - select { - case l.chanMessageID <- messageID: - messageID++ - case messagePacket, ok := <-l.chanMessage: - if !ok { - l.Debug.Printf("Shutting down - message channel is closed") - return - } - switch messagePacket.Op { - case MessageQuit: - l.Debug.Printf("Shutting down - quit message received") - return - case MessageRequest: - // Add to message list and write to network - l.Debug.Printf("Sending message %d", messagePacket.MessageID) - l.chanResults[messagePacket.MessageID] = messagePacket.Channel - // go routine - buf := messagePacket.Packet.Bytes() - - _, err := l.conn.Write(buf) - if err != nil { - l.Debug.Printf("Error Sending Message: %s", err.Error()) - break - } - case MessageResponse: - l.Debug.Printf("Receiving message %d", messagePacket.MessageID) - if chanResult, ok := l.chanResults[messagePacket.MessageID]; ok { - chanResult <- messagePacket.Packet - } else { - log.Printf("Received unexpected message %d", messagePacket.MessageID) - ber.PrintPacket(messagePacket.Packet) - } - case MessageFinish: - // Remove from message list - l.Debug.Printf("Finished message %d", messagePacket.MessageID) - close(l.chanResults[messagePacket.MessageID]) - delete(l.chanResults, messagePacket.MessageID) - } - } - } -} - -func (l *Conn) reader() { - cleanstop := false - defer func() { - if err := recover(); err != nil { - log.Printf("ldap: recovered panic in reader: %v", err) - } - if !cleanstop { - l.Close() - } - }() - - for { - if cleanstop { - l.Debug.Printf("reader clean stopping (without closing the connection)") - return - } - packet, err := ber.ReadPacket(l.conn) - if err != nil { - // A read error is expected here if we are closing the connection... - if !l.isClosing { - l.Debug.Printf("reader error: %s", err.Error()) - } - return - } - addLDAPDescriptions(packet) - if len(packet.Children) == 0 { - l.Debug.Printf("Received bad ldap packet") - continue - } - l.messageMutex.Lock() - if l.isStartingTLS { - cleanstop = true - } - l.messageMutex.Unlock() - message := &messagePacket{ - Op: MessageResponse, - MessageID: packet.Children[0].Value.(int64), - Packet: packet, - } - if !l.sendProcessMessage(message) { - return - } - - } -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/control.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/control.go deleted file mode 100644 index 4d8298093..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/control.go +++ /dev/null @@ -1,332 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ldap - -import ( - "fmt" - "strconv" - - "gopkg.in/asn1-ber.v1" -) - -const ( - ControlTypePaging = "1.2.840.113556.1.4.319" - ControlTypeBeheraPasswordPolicy = "1.3.6.1.4.1.42.2.27.8.5.1" - ControlTypeVChuPasswordMustChange = "2.16.840.1.113730.3.4.4" - ControlTypeVChuPasswordWarning = "2.16.840.1.113730.3.4.5" - ControlTypeManageDsaIT = "2.16.840.1.113730.3.4.2" -) - -var ControlTypeMap = map[string]string{ - ControlTypePaging: "Paging", - ControlTypeBeheraPasswordPolicy: "Password Policy - Behera Draft", - ControlTypeManageDsaIT: "Manage DSA IT", -} - -type Control interface { - GetControlType() string - Encode() *ber.Packet - String() string -} - -type ControlString struct { - ControlType string - Criticality bool - ControlValue string -} - -func (c *ControlString) GetControlType() string { - return c.ControlType -} - -func (c *ControlString) Encode() *ber.Packet { - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Control") - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, c.ControlType, "Control Type ("+ControlTypeMap[c.ControlType]+")")) - if c.Criticality { - packet.AppendChild(ber.NewBoolean(ber.ClassUniversal, ber.TypePrimitive, ber.TagBoolean, c.Criticality, "Criticality")) - } - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, string(c.ControlValue), "Control Value")) - return packet -} - -func (c *ControlString) String() string { - return fmt.Sprintf("Control Type: %s (%q) Criticality: %t Control Value: %s", ControlTypeMap[c.ControlType], c.ControlType, c.Criticality, c.ControlValue) -} - -type ControlPaging struct { - PagingSize uint32 - Cookie []byte -} - -func (c *ControlPaging) GetControlType() string { - return ControlTypePaging -} - -func (c *ControlPaging) Encode() *ber.Packet { - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Control") - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, ControlTypePaging, "Control Type ("+ControlTypeMap[ControlTypePaging]+")")) - - p2 := ber.Encode(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, nil, "Control Value (Paging)") - seq := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Search Control Value") - seq.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, uint64(c.PagingSize), "Paging Size")) - cookie := ber.Encode(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, nil, "Cookie") - cookie.Value = c.Cookie - cookie.Data.Write(c.Cookie) - seq.AppendChild(cookie) - p2.AppendChild(seq) - - packet.AppendChild(p2) - return packet -} - -func (c *ControlPaging) String() string { - return fmt.Sprintf( - "Control Type: %s (%q) Criticality: %t PagingSize: %d Cookie: %q", - ControlTypeMap[ControlTypePaging], - ControlTypePaging, - false, - c.PagingSize, - c.Cookie) -} - -func (c *ControlPaging) SetCookie(cookie []byte) { - c.Cookie = cookie -} - -type ControlBeheraPasswordPolicy struct { - Expire int64 - Grace int64 - Error int8 - ErrorString string -} - -func (c *ControlBeheraPasswordPolicy) GetControlType() string { - return ControlTypeBeheraPasswordPolicy -} - -func (c *ControlBeheraPasswordPolicy) Encode() *ber.Packet { - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Control") - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, ControlTypeBeheraPasswordPolicy, "Control Type ("+ControlTypeMap[ControlTypeBeheraPasswordPolicy]+")")) - - return packet -} - -func (c *ControlBeheraPasswordPolicy) String() string { - return fmt.Sprintf( - "Control Type: %s (%q) Criticality: %t Expire: %d Grace: %d Error: %d, ErrorString: %s", - ControlTypeMap[ControlTypeBeheraPasswordPolicy], - ControlTypeBeheraPasswordPolicy, - false, - c.Expire, - c.Grace, - c.Error, - c.ErrorString) -} - -type ControlVChuPasswordMustChange struct { - MustChange bool -} - -func (c *ControlVChuPasswordMustChange) GetControlType() string { - return ControlTypeVChuPasswordMustChange -} - -func (c *ControlVChuPasswordMustChange) Encode() *ber.Packet { - return nil -} - -func (c *ControlVChuPasswordMustChange) String() string { - return fmt.Sprintf( - "Control Type: %s (%q) Criticality: %t MustChange: %b", - ControlTypeMap[ControlTypeVChuPasswordMustChange], - ControlTypeVChuPasswordMustChange, - false, - c.MustChange) -} - -type ControlVChuPasswordWarning struct { - Expire int64 -} - -func (c *ControlVChuPasswordWarning) GetControlType() string { - return ControlTypeVChuPasswordWarning -} - -func (c *ControlVChuPasswordWarning) Encode() *ber.Packet { - return nil -} - -func (c *ControlVChuPasswordWarning) String() string { - return fmt.Sprintf( - "Control Type: %s (%q) Criticality: %t Expire: %b", - ControlTypeMap[ControlTypeVChuPasswordWarning], - ControlTypeVChuPasswordWarning, - false, - c.Expire) -} - -type ControlManageDsaIT struct { - Criticality bool -} - -func (c *ControlManageDsaIT) GetControlType() string { - return ControlTypeManageDsaIT -} - -func (c *ControlManageDsaIT) Encode() *ber.Packet { - //FIXME - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Control") - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, ControlTypeManageDsaIT, "Control Type ("+ControlTypeMap[ControlTypeManageDsaIT]+")")) - if c.Criticality { - packet.AppendChild(ber.NewBoolean(ber.ClassUniversal, ber.TypePrimitive, ber.TagBoolean, c.Criticality, "Criticality")) - } - return packet -} - -func (c *ControlManageDsaIT) String() string { - return fmt.Sprintf( - "Control Type: %s (%q) Criticality: %t", - ControlTypeMap[ControlTypeManageDsaIT], - ControlTypeManageDsaIT, - c.Criticality) -} - -func NewControlManageDsaIT(Criticality bool) *ControlManageDsaIT { - return &ControlManageDsaIT{Criticality: Criticality} -} - -func FindControl(controls []Control, controlType string) Control { - for _, c := range controls { - if c.GetControlType() == controlType { - return c - } - } - return nil -} - -func DecodeControl(packet *ber.Packet) Control { - ControlType := packet.Children[0].Value.(string) - Criticality := false - - packet.Children[0].Description = "Control Type (" + ControlTypeMap[ControlType] + ")" - value := packet.Children[1] - if len(packet.Children) == 3 { - value = packet.Children[2] - packet.Children[1].Description = "Criticality" - Criticality = packet.Children[1].Value.(bool) - } - - value.Description = "Control Value" - switch ControlType { - case ControlTypePaging: - value.Description += " (Paging)" - c := new(ControlPaging) - if value.Value != nil { - valueChildren := ber.DecodePacket(value.Data.Bytes()) - value.Data.Truncate(0) - value.Value = nil - value.AppendChild(valueChildren) - } - value = value.Children[0] - value.Description = "Search Control Value" - value.Children[0].Description = "Paging Size" - value.Children[1].Description = "Cookie" - c.PagingSize = uint32(value.Children[0].Value.(int64)) - c.Cookie = value.Children[1].Data.Bytes() - value.Children[1].Value = c.Cookie - return c - case ControlTypeBeheraPasswordPolicy: - value.Description += " (Password Policy - Behera)" - c := NewControlBeheraPasswordPolicy() - if value.Value != nil { - valueChildren := ber.DecodePacket(value.Data.Bytes()) - value.Data.Truncate(0) - value.Value = nil - value.AppendChild(valueChildren) - } - - sequence := value.Children[0] - - for _, child := range sequence.Children { - if child.Tag == 0 { - //Warning - child := child.Children[0] - packet := ber.DecodePacket(child.Data.Bytes()) - val, ok := packet.Value.(int64) - if ok { - if child.Tag == 0 { - //timeBeforeExpiration - c.Expire = val - child.Value = c.Expire - } else if child.Tag == 1 { - //graceAuthNsRemaining - c.Grace = val - child.Value = c.Grace - } - } - } else if child.Tag == 1 { - // Error - packet := ber.DecodePacket(child.Data.Bytes()) - val, ok := packet.Value.(int8) - if !ok { - // what to do? - val = -1 - } - c.Error = val - child.Value = c.Error - c.ErrorString = BeheraPasswordPolicyErrorMap[c.Error] - } - } - return c - case ControlTypeVChuPasswordMustChange: - c := &ControlVChuPasswordMustChange{MustChange: true} - return c - case ControlTypeVChuPasswordWarning: - c := &ControlVChuPasswordWarning{Expire: -1} - expireStr := ber.DecodeString(value.Data.Bytes()) - - expire, err := strconv.ParseInt(expireStr, 10, 64) - if err != nil { - return nil - } - c.Expire = expire - value.Value = c.Expire - - return c - } - c := new(ControlString) - c.ControlType = ControlType - c.Criticality = Criticality - c.ControlValue = value.Value.(string) - return c -} - -func NewControlString(controlType string, criticality bool, controlValue string) *ControlString { - return &ControlString{ - ControlType: controlType, - Criticality: criticality, - ControlValue: controlValue, - } -} - -func NewControlPaging(pagingSize uint32) *ControlPaging { - return &ControlPaging{PagingSize: pagingSize} -} - -func NewControlBeheraPasswordPolicy() *ControlBeheraPasswordPolicy { - return &ControlBeheraPasswordPolicy{ - Expire: -1, - Grace: -1, - Error: -1, - } -} - -func encodeControls(controls []Control) *ber.Packet { - packet := ber.Encode(ber.ClassContext, ber.TypeConstructed, 0, nil, "Controls") - for _, control := range controls { - packet.AppendChild(control.Encode()) - } - return packet -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/debug.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/debug.go deleted file mode 100644 index b8a7ecbff..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/debug.go +++ /dev/null @@ -1,24 +0,0 @@ -package ldap - -import ( - "log" - - "gopkg.in/asn1-ber.v1" -) - -// debbuging type -// - has a Printf method to write the debug output -type debugging bool - -// write debug output -func (debug debugging) Printf(format string, args ...interface{}) { - if debug { - log.Printf(format, args...) - } -} - -func (debug debugging) PrintPacket(packet *ber.Packet) { - if debug { - ber.PrintPacket(packet) - } -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/del.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/del.go deleted file mode 100644 index 2f0eae1cd..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/del.go +++ /dev/null @@ -1,79 +0,0 @@ -// -// https://tools.ietf.org/html/rfc4511 -// -// DelRequest ::= [APPLICATION 10] LDAPDN - -package ldap - -import ( - "errors" - "log" - - "gopkg.in/asn1-ber.v1" -) - -type DelRequest struct { - DN string - Controls []Control -} - -func (d DelRequest) encode() *ber.Packet { - request := ber.Encode(ber.ClassApplication, ber.TypePrimitive, ApplicationDelRequest, d.DN, "Del Request") - request.Data.Write([]byte(d.DN)) - return request -} - -func NewDelRequest(DN string, - Controls []Control) *DelRequest { - return &DelRequest{ - DN: DN, - Controls: Controls, - } -} - -func (l *Conn) Del(delRequest *DelRequest) error { - messageID := l.nextMessageID() - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - packet.AppendChild(delRequest.encode()) - if delRequest.Controls != nil { - packet.AppendChild(encodeControls(delRequest.Controls)) - } - - l.Debug.PrintPacket(packet) - - channel, err := l.sendMessage(packet) - if err != nil { - return err - } - if channel == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - l.Debug.Printf("%d: waiting for response", messageID) - packet = <-channel - l.Debug.Printf("%d: got response %p", messageID, packet) - if packet == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not retrieve message")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return err - } - ber.PrintPacket(packet) - } - - if packet.Children[1].Tag == ApplicationDelResponse { - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return NewError(resultCode, errors.New(resultDescription)) - } - } else { - log.Printf("Unexpected Response: %d", packet.Children[1].Tag) - } - - l.Debug.Printf("%d: returning", messageID) - return nil -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/dn.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/dn.go deleted file mode 100644 index 5d83c5e9a..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/dn.go +++ /dev/null @@ -1,155 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. -// -// File contains DN parsing functionallity -// -// https://tools.ietf.org/html/rfc4514 -// -// distinguishedName = [ relativeDistinguishedName -// *( COMMA relativeDistinguishedName ) ] -// relativeDistinguishedName = attributeTypeAndValue -// *( PLUS attributeTypeAndValue ) -// attributeTypeAndValue = attributeType EQUALS attributeValue -// attributeType = descr / numericoid -// attributeValue = string / hexstring -// -// ; The following characters are to be escaped when they appear -// ; in the value to be encoded: ESC, one of , leading -// ; SHARP or SPACE, trailing SPACE, and NULL. -// string = [ ( leadchar / pair ) [ *( stringchar / pair ) -// ( trailchar / pair ) ] ] -// -// leadchar = LUTF1 / UTFMB -// LUTF1 = %x01-1F / %x21 / %x24-2A / %x2D-3A / -// %x3D / %x3F-5B / %x5D-7F -// -// trailchar = TUTF1 / UTFMB -// TUTF1 = %x01-1F / %x21 / %x23-2A / %x2D-3A / -// %x3D / %x3F-5B / %x5D-7F -// -// stringchar = SUTF1 / UTFMB -// SUTF1 = %x01-21 / %x23-2A / %x2D-3A / -// %x3D / %x3F-5B / %x5D-7F -// -// pair = ESC ( ESC / special / hexpair ) -// special = escaped / SPACE / SHARP / EQUALS -// escaped = DQUOTE / PLUS / COMMA / SEMI / LANGLE / RANGLE -// hexstring = SHARP 1*hexpair -// hexpair = HEX HEX -// -// where the productions , , , , -// , , , , , , , , -// , , and are defined in [RFC4512]. -// - -package ldap - -import ( - "bytes" - enchex "encoding/hex" - "errors" - "fmt" - "strings" - - ber "gopkg.in/asn1-ber.v1" -) - -type AttributeTypeAndValue struct { - Type string - Value string -} - -type RelativeDN struct { - Attributes []*AttributeTypeAndValue -} - -type DN struct { - RDNs []*RelativeDN -} - -func ParseDN(str string) (*DN, error) { - dn := new(DN) - dn.RDNs = make([]*RelativeDN, 0) - rdn := new(RelativeDN) - rdn.Attributes = make([]*AttributeTypeAndValue, 0) - buffer := bytes.Buffer{} - attribute := new(AttributeTypeAndValue) - escaping := false - - for i := 0; i < len(str); i++ { - char := str[i] - if escaping { - escaping = false - switch char { - case ' ', '"', '#', '+', ',', ';', '<', '=', '>', '\\': - buffer.WriteByte(char) - continue - } - // Not a special character, assume hex encoded octet - if len(str) == i+1 { - return nil, errors.New("Got corrupted escaped character") - } - - dst := []byte{0} - n, err := enchex.Decode([]byte(dst), []byte(str[i:i+2])) - if err != nil { - return nil, errors.New( - fmt.Sprintf("Failed to decode escaped character: %s", err)) - } else if n != 1 { - return nil, errors.New( - fmt.Sprintf("Expected 1 byte when un-escaping, got %d", n)) - } - buffer.WriteByte(dst[0]) - i++ - } else if char == '\\' { - escaping = true - } else if char == '=' { - attribute.Type = buffer.String() - buffer.Reset() - // Special case: If the first character in the value is # the - // following data is BER encoded so we can just fast forward - // and decode. - if len(str) > i+1 && str[i+1] == '#' { - i += 2 - index := strings.IndexAny(str[i:], ",+") - data := str - if index > 0 { - data = str[i : i+index] - } else { - data = str[i:] - } - raw_ber, err := enchex.DecodeString(data) - if err != nil { - return nil, errors.New( - fmt.Sprintf("Failed to decode BER encoding: %s", err)) - } - packet := ber.DecodePacket(raw_ber) - buffer.WriteString(packet.Data.String()) - i += len(data) - 1 - } - } else if char == ',' || char == '+' { - // We're done with this RDN or value, push it - attribute.Value = buffer.String() - rdn.Attributes = append(rdn.Attributes, attribute) - attribute = new(AttributeTypeAndValue) - if char == ',' { - dn.RDNs = append(dn.RDNs, rdn) - rdn = new(RelativeDN) - rdn.Attributes = make([]*AttributeTypeAndValue, 0) - } - buffer.Reset() - } else { - buffer.WriteByte(char) - } - } - if buffer.Len() > 0 { - if len(attribute.Type) == 0 { - return nil, errors.New("DN ended with incomplete type, value pair") - } - attribute.Value = buffer.String() - rdn.Attributes = append(rdn.Attributes, attribute) - dn.RDNs = append(dn.RDNs, rdn) - } - return dn, nil -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/doc.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/doc.go deleted file mode 100644 index f20d39bc9..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/doc.go +++ /dev/null @@ -1,4 +0,0 @@ -/* -Package ldap provides basic LDAP v3 functionality. -*/ -package ldap diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/error.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/error.go deleted file mode 100644 index 2dbc30ac0..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/error.go +++ /dev/null @@ -1,137 +0,0 @@ -package ldap - -import ( - "fmt" - - "gopkg.in/asn1-ber.v1" -) - -// LDAP Result Codes -const ( - LDAPResultSuccess = 0 - LDAPResultOperationsError = 1 - LDAPResultProtocolError = 2 - LDAPResultTimeLimitExceeded = 3 - LDAPResultSizeLimitExceeded = 4 - LDAPResultCompareFalse = 5 - LDAPResultCompareTrue = 6 - LDAPResultAuthMethodNotSupported = 7 - LDAPResultStrongAuthRequired = 8 - LDAPResultReferral = 10 - LDAPResultAdminLimitExceeded = 11 - LDAPResultUnavailableCriticalExtension = 12 - LDAPResultConfidentialityRequired = 13 - LDAPResultSaslBindInProgress = 14 - LDAPResultNoSuchAttribute = 16 - LDAPResultUndefinedAttributeType = 17 - LDAPResultInappropriateMatching = 18 - LDAPResultConstraintViolation = 19 - LDAPResultAttributeOrValueExists = 20 - LDAPResultInvalidAttributeSyntax = 21 - LDAPResultNoSuchObject = 32 - LDAPResultAliasProblem = 33 - LDAPResultInvalidDNSyntax = 34 - LDAPResultAliasDereferencingProblem = 36 - LDAPResultInappropriateAuthentication = 48 - LDAPResultInvalidCredentials = 49 - LDAPResultInsufficientAccessRights = 50 - LDAPResultBusy = 51 - LDAPResultUnavailable = 52 - LDAPResultUnwillingToPerform = 53 - LDAPResultLoopDetect = 54 - LDAPResultNamingViolation = 64 - LDAPResultObjectClassViolation = 65 - LDAPResultNotAllowedOnNonLeaf = 66 - LDAPResultNotAllowedOnRDN = 67 - LDAPResultEntryAlreadyExists = 68 - LDAPResultObjectClassModsProhibited = 69 - LDAPResultAffectsMultipleDSAs = 71 - LDAPResultOther = 80 - - ErrorNetwork = 200 - ErrorFilterCompile = 201 - ErrorFilterDecompile = 202 - ErrorDebugging = 203 - ErrorUnexpectedMessage = 204 - ErrorUnexpectedResponse = 205 -) - -var LDAPResultCodeMap = map[uint8]string{ - LDAPResultSuccess: "Success", - LDAPResultOperationsError: "Operations Error", - LDAPResultProtocolError: "Protocol Error", - LDAPResultTimeLimitExceeded: "Time Limit Exceeded", - LDAPResultSizeLimitExceeded: "Size Limit Exceeded", - LDAPResultCompareFalse: "Compare False", - LDAPResultCompareTrue: "Compare True", - LDAPResultAuthMethodNotSupported: "Auth Method Not Supported", - LDAPResultStrongAuthRequired: "Strong Auth Required", - LDAPResultReferral: "Referral", - LDAPResultAdminLimitExceeded: "Admin Limit Exceeded", - LDAPResultUnavailableCriticalExtension: "Unavailable Critical Extension", - LDAPResultConfidentialityRequired: "Confidentiality Required", - LDAPResultSaslBindInProgress: "Sasl Bind In Progress", - LDAPResultNoSuchAttribute: "No Such Attribute", - LDAPResultUndefinedAttributeType: "Undefined Attribute Type", - LDAPResultInappropriateMatching: "Inappropriate Matching", - LDAPResultConstraintViolation: "Constraint Violation", - LDAPResultAttributeOrValueExists: "Attribute Or Value Exists", - LDAPResultInvalidAttributeSyntax: "Invalid Attribute Syntax", - LDAPResultNoSuchObject: "No Such Object", - LDAPResultAliasProblem: "Alias Problem", - LDAPResultInvalidDNSyntax: "Invalid DN Syntax", - LDAPResultAliasDereferencingProblem: "Alias Dereferencing Problem", - LDAPResultInappropriateAuthentication: "Inappropriate Authentication", - LDAPResultInvalidCredentials: "Invalid Credentials", - LDAPResultInsufficientAccessRights: "Insufficient Access Rights", - LDAPResultBusy: "Busy", - LDAPResultUnavailable: "Unavailable", - LDAPResultUnwillingToPerform: "Unwilling To Perform", - LDAPResultLoopDetect: "Loop Detect", - LDAPResultNamingViolation: "Naming Violation", - LDAPResultObjectClassViolation: "Object Class Violation", - LDAPResultNotAllowedOnNonLeaf: "Not Allowed On Non Leaf", - LDAPResultNotAllowedOnRDN: "Not Allowed On RDN", - LDAPResultEntryAlreadyExists: "Entry Already Exists", - LDAPResultObjectClassModsProhibited: "Object Class Mods Prohibited", - LDAPResultAffectsMultipleDSAs: "Affects Multiple DSAs", - LDAPResultOther: "Other", -} - -func getLDAPResultCode(packet *ber.Packet) (code uint8, description string) { - if len(packet.Children) >= 2 { - response := packet.Children[1] - if response.ClassType == ber.ClassApplication && response.TagType == ber.TypeConstructed && len(response.Children) >= 3 { - // Children[1].Children[2] is the diagnosticMessage which is guaranteed to exist as seen here: https://tools.ietf.org/html/rfc4511#section-4.1.9 - return uint8(response.Children[0].Value.(int64)), response.Children[2].Value.(string) - } - } - - return ErrorNetwork, "Invalid packet format" -} - -type Error struct { - Err error - ResultCode uint8 -} - -func (e *Error) Error() string { - return fmt.Sprintf("LDAP Result Code %d %q: %s", e.ResultCode, LDAPResultCodeMap[e.ResultCode], e.Err.Error()) -} - -func NewError(resultCode uint8, err error) error { - return &Error{ResultCode: resultCode, Err: err} -} - -func IsErrorWithCode(err error, desiredResultCode uint8) bool { - if err == nil { - return false - } - - serverError, ok := err.(*Error) - if !ok { - return false - } - - return serverError.ResultCode == desiredResultCode -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/filter.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/filter.go deleted file mode 100644 index 63bcec1e3..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/filter.go +++ /dev/null @@ -1,456 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ldap - -import ( - "bytes" - hexpac "encoding/hex" - "errors" - "fmt" - "strings" - "unicode/utf8" - - "gopkg.in/asn1-ber.v1" -) - -const ( - FilterAnd = 0 - FilterOr = 1 - FilterNot = 2 - FilterEqualityMatch = 3 - FilterSubstrings = 4 - FilterGreaterOrEqual = 5 - FilterLessOrEqual = 6 - FilterPresent = 7 - FilterApproxMatch = 8 - FilterExtensibleMatch = 9 -) - -var FilterMap = map[uint64]string{ - FilterAnd: "And", - FilterOr: "Or", - FilterNot: "Not", - FilterEqualityMatch: "Equality Match", - FilterSubstrings: "Substrings", - FilterGreaterOrEqual: "Greater Or Equal", - FilterLessOrEqual: "Less Or Equal", - FilterPresent: "Present", - FilterApproxMatch: "Approx Match", - FilterExtensibleMatch: "Extensible Match", -} - -const ( - FilterSubstringsInitial = 0 - FilterSubstringsAny = 1 - FilterSubstringsFinal = 2 -) - -var FilterSubstringsMap = map[uint64]string{ - FilterSubstringsInitial: "Substrings Initial", - FilterSubstringsAny: "Substrings Any", - FilterSubstringsFinal: "Substrings Final", -} - -const ( - MatchingRuleAssertionMatchingRule = 1 - MatchingRuleAssertionType = 2 - MatchingRuleAssertionMatchValue = 3 - MatchingRuleAssertionDNAttributes = 4 -) - -var MatchingRuleAssertionMap = map[uint64]string{ - MatchingRuleAssertionMatchingRule: "Matching Rule Assertion Matching Rule", - MatchingRuleAssertionType: "Matching Rule Assertion Type", - MatchingRuleAssertionMatchValue: "Matching Rule Assertion Match Value", - MatchingRuleAssertionDNAttributes: "Matching Rule Assertion DN Attributes", -} - -func CompileFilter(filter string) (*ber.Packet, error) { - if len(filter) == 0 || filter[0] != '(' { - return nil, NewError(ErrorFilterCompile, errors.New("ldap: filter does not start with an '('")) - } - packet, pos, err := compileFilter(filter, 1) - if err != nil { - return nil, err - } - if pos != len(filter) { - return nil, NewError(ErrorFilterCompile, errors.New("ldap: finished compiling filter with extra at end: "+fmt.Sprint(filter[pos:]))) - } - return packet, nil -} - -func DecompileFilter(packet *ber.Packet) (ret string, err error) { - defer func() { - if r := recover(); r != nil { - err = NewError(ErrorFilterDecompile, errors.New("ldap: error decompiling filter")) - } - }() - ret = "(" - err = nil - childStr := "" - - switch packet.Tag { - case FilterAnd: - ret += "&" - for _, child := range packet.Children { - childStr, err = DecompileFilter(child) - if err != nil { - return - } - ret += childStr - } - case FilterOr: - ret += "|" - for _, child := range packet.Children { - childStr, err = DecompileFilter(child) - if err != nil { - return - } - ret += childStr - } - case FilterNot: - ret += "!" - childStr, err = DecompileFilter(packet.Children[0]) - if err != nil { - return - } - ret += childStr - - case FilterSubstrings: - ret += ber.DecodeString(packet.Children[0].Data.Bytes()) - ret += "=" - for i, child := range packet.Children[1].Children { - if i == 0 && child.Tag != FilterSubstringsInitial { - ret += "*" - } - ret += EscapeFilter(ber.DecodeString(child.Data.Bytes())) - if child.Tag != FilterSubstringsFinal { - ret += "*" - } - } - case FilterEqualityMatch: - ret += ber.DecodeString(packet.Children[0].Data.Bytes()) - ret += "=" - ret += EscapeFilter(ber.DecodeString(packet.Children[1].Data.Bytes())) - case FilterGreaterOrEqual: - ret += ber.DecodeString(packet.Children[0].Data.Bytes()) - ret += ">=" - ret += EscapeFilter(ber.DecodeString(packet.Children[1].Data.Bytes())) - case FilterLessOrEqual: - ret += ber.DecodeString(packet.Children[0].Data.Bytes()) - ret += "<=" - ret += EscapeFilter(ber.DecodeString(packet.Children[1].Data.Bytes())) - case FilterPresent: - ret += ber.DecodeString(packet.Data.Bytes()) - ret += "=*" - case FilterApproxMatch: - ret += ber.DecodeString(packet.Children[0].Data.Bytes()) - ret += "~=" - ret += EscapeFilter(ber.DecodeString(packet.Children[1].Data.Bytes())) - case FilterExtensibleMatch: - attr := "" - dnAttributes := false - matchingRule := "" - value := "" - - for _, child := range packet.Children { - switch child.Tag { - case MatchingRuleAssertionMatchingRule: - matchingRule = ber.DecodeString(child.Data.Bytes()) - case MatchingRuleAssertionType: - attr = ber.DecodeString(child.Data.Bytes()) - case MatchingRuleAssertionMatchValue: - value = ber.DecodeString(child.Data.Bytes()) - case MatchingRuleAssertionDNAttributes: - dnAttributes = child.Value.(bool) - } - } - - if len(attr) > 0 { - ret += attr - } - if dnAttributes { - ret += ":dn" - } - if len(matchingRule) > 0 { - ret += ":" - ret += matchingRule - } - ret += ":=" - ret += EscapeFilter(value) - } - - ret += ")" - return -} - -func compileFilterSet(filter string, pos int, parent *ber.Packet) (int, error) { - for pos < len(filter) && filter[pos] == '(' { - child, newPos, err := compileFilter(filter, pos+1) - if err != nil { - return pos, err - } - pos = newPos - parent.AppendChild(child) - } - if pos == len(filter) { - return pos, NewError(ErrorFilterCompile, errors.New("ldap: unexpected end of filter")) - } - - return pos + 1, nil -} - -func compileFilter(filter string, pos int) (*ber.Packet, int, error) { - var ( - packet *ber.Packet - err error - ) - - defer func() { - if r := recover(); r != nil { - err = NewError(ErrorFilterCompile, errors.New("ldap: error compiling filter")) - } - }() - newPos := pos - - currentRune, currentWidth := utf8.DecodeRuneInString(filter[newPos:]) - - switch currentRune { - case utf8.RuneError: - return nil, 0, NewError(ErrorFilterCompile, fmt.Errorf("ldap: error reading rune at position %d", newPos)) - case '(': - packet, newPos, err = compileFilter(filter, pos+currentWidth) - newPos++ - return packet, newPos, err - case '&': - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterAnd, nil, FilterMap[FilterAnd]) - newPos, err = compileFilterSet(filter, pos+currentWidth, packet) - return packet, newPos, err - case '|': - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterOr, nil, FilterMap[FilterOr]) - newPos, err = compileFilterSet(filter, pos+currentWidth, packet) - return packet, newPos, err - case '!': - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterNot, nil, FilterMap[FilterNot]) - var child *ber.Packet - child, newPos, err = compileFilter(filter, pos+currentWidth) - packet.AppendChild(child) - return packet, newPos, err - default: - READING_ATTR := 0 - READING_EXTENSIBLE_MATCHING_RULE := 1 - READING_CONDITION := 2 - - state := READING_ATTR - - attribute := "" - extensibleDNAttributes := false - extensibleMatchingRule := "" - condition := "" - - for newPos < len(filter) { - remainingFilter := filter[newPos:] - currentRune, currentWidth = utf8.DecodeRuneInString(remainingFilter) - if currentRune == ')' { - break - } - if currentRune == utf8.RuneError { - return packet, newPos, NewError(ErrorFilterCompile, fmt.Errorf("ldap: error reading rune at position %d", newPos)) - } - - switch state { - case READING_ATTR: - switch { - // Extensible rule, with only DN-matching - case currentRune == ':' && strings.HasPrefix(remainingFilter, ":dn:="): - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterExtensibleMatch, nil, FilterMap[FilterExtensibleMatch]) - extensibleDNAttributes = true - state = READING_CONDITION - newPos += 5 - - // Extensible rule, with DN-matching and a matching OID - case currentRune == ':' && strings.HasPrefix(remainingFilter, ":dn:"): - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterExtensibleMatch, nil, FilterMap[FilterExtensibleMatch]) - extensibleDNAttributes = true - state = READING_EXTENSIBLE_MATCHING_RULE - newPos += 4 - - // Extensible rule, with attr only - case currentRune == ':' && strings.HasPrefix(remainingFilter, ":="): - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterExtensibleMatch, nil, FilterMap[FilterExtensibleMatch]) - state = READING_CONDITION - newPos += 2 - - // Extensible rule, with no DN attribute matching - case currentRune == ':': - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterExtensibleMatch, nil, FilterMap[FilterExtensibleMatch]) - state = READING_EXTENSIBLE_MATCHING_RULE - newPos += 1 - - // Equality condition - case currentRune == '=': - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterEqualityMatch, nil, FilterMap[FilterEqualityMatch]) - state = READING_CONDITION - newPos += 1 - - // Greater-than or equal - case currentRune == '>' && strings.HasPrefix(remainingFilter, ">="): - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterGreaterOrEqual, nil, FilterMap[FilterGreaterOrEqual]) - state = READING_CONDITION - newPos += 2 - - // Less-than or equal - case currentRune == '<' && strings.HasPrefix(remainingFilter, "<="): - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterLessOrEqual, nil, FilterMap[FilterLessOrEqual]) - state = READING_CONDITION - newPos += 2 - - // Approx - case currentRune == '~' && strings.HasPrefix(remainingFilter, "~="): - packet = ber.Encode(ber.ClassContext, ber.TypeConstructed, FilterApproxMatch, nil, FilterMap[FilterApproxMatch]) - state = READING_CONDITION - newPos += 2 - - // Still reading the attribute name - default: - attribute += fmt.Sprintf("%c", currentRune) - newPos += currentWidth - } - - case READING_EXTENSIBLE_MATCHING_RULE: - switch { - - // Matching rule OID is done - case currentRune == ':' && strings.HasPrefix(remainingFilter, ":="): - state = READING_CONDITION - newPos += 2 - - // Still reading the matching rule oid - default: - extensibleMatchingRule += fmt.Sprintf("%c", currentRune) - newPos += currentWidth - } - - case READING_CONDITION: - // append to the condition - condition += fmt.Sprintf("%c", currentRune) - newPos += currentWidth - } - } - - if newPos == len(filter) { - err = NewError(ErrorFilterCompile, errors.New("ldap: unexpected end of filter")) - return packet, newPos, err - } - if packet == nil { - err = NewError(ErrorFilterCompile, errors.New("ldap: error parsing filter")) - return packet, newPos, err - } - - switch { - case packet.Tag == FilterExtensibleMatch: - // MatchingRuleAssertion ::= SEQUENCE { - // matchingRule [1] MatchingRuleID OPTIONAL, - // type [2] AttributeDescription OPTIONAL, - // matchValue [3] AssertionValue, - // dnAttributes [4] BOOLEAN DEFAULT FALSE - // } - - // Include the matching rule oid, if specified - if len(extensibleMatchingRule) > 0 { - packet.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, MatchingRuleAssertionMatchingRule, extensibleMatchingRule, MatchingRuleAssertionMap[MatchingRuleAssertionMatchingRule])) - } - - // Include the attribute, if specified - if len(attribute) > 0 { - packet.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, MatchingRuleAssertionType, attribute, MatchingRuleAssertionMap[MatchingRuleAssertionType])) - } - - // Add the value (only required child) - encodedString, err := escapedStringToEncodedBytes(condition) - if err != nil { - return packet, newPos, err - } - packet.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, MatchingRuleAssertionMatchValue, encodedString, MatchingRuleAssertionMap[MatchingRuleAssertionMatchValue])) - - // Defaults to false, so only include in the sequence if true - if extensibleDNAttributes { - packet.AppendChild(ber.NewBoolean(ber.ClassContext, ber.TypePrimitive, MatchingRuleAssertionDNAttributes, extensibleDNAttributes, MatchingRuleAssertionMap[MatchingRuleAssertionDNAttributes])) - } - - case packet.Tag == FilterEqualityMatch && condition == "*": - packet = ber.NewString(ber.ClassContext, ber.TypePrimitive, FilterPresent, attribute, FilterMap[FilterPresent]) - case packet.Tag == FilterEqualityMatch && strings.Contains(condition, "*"): - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, attribute, "Attribute")) - packet.Tag = FilterSubstrings - packet.Description = FilterMap[uint64(packet.Tag)] - seq := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Substrings") - parts := strings.Split(condition, "*") - for i, part := range parts { - if part == "" { - continue - } - var tag ber.Tag - switch i { - case 0: - tag = FilterSubstringsInitial - case len(parts) - 1: - tag = FilterSubstringsFinal - default: - tag = FilterSubstringsAny - } - encodedString, err := escapedStringToEncodedBytes(part) - if err != nil { - return packet, newPos, err - } - seq.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, tag, encodedString, FilterSubstringsMap[uint64(tag)])) - } - packet.AppendChild(seq) - default: - encodedString, err := escapedStringToEncodedBytes(condition) - if err != nil { - return packet, newPos, err - } - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, attribute, "Attribute")) - packet.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, encodedString, "Condition")) - } - - newPos += currentWidth - return packet, newPos, err - } -} - -// Convert from "ABC\xx\xx\xx" form to literal bytes for transport -func escapedStringToEncodedBytes(escapedString string) (string, error) { - var buffer bytes.Buffer - i := 0 - for i < len(escapedString) { - currentRune, currentWidth := utf8.DecodeRuneInString(escapedString[i:]) - if currentRune == utf8.RuneError { - return "", NewError(ErrorFilterCompile, fmt.Errorf("ldap: error reading rune at position %d", i)) - } - - // Check for escaped hex characters and convert them to their literal value for transport. - if currentRune == '\\' { - // http://tools.ietf.org/search/rfc4515 - // \ (%x5C) is not a valid character unless it is followed by two HEX characters due to not - // being a member of UTF1SUBSET. - if i+2 > len(escapedString) { - return "", NewError(ErrorFilterCompile, errors.New("ldap: missing characters for escape in filter")) - } - if escByte, decodeErr := hexpac.DecodeString(escapedString[i+1 : i+3]); decodeErr != nil { - return "", NewError(ErrorFilterCompile, errors.New("ldap: invalid characters for escape in filter")) - } else { - buffer.WriteByte(escByte[0]) - i += 2 // +1 from end of loop, so 3 total for \xx. - } - } else { - buffer.WriteRune(currentRune) - } - - i += currentWidth - } - return buffer.String(), nil -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/ldap.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/ldap.go deleted file mode 100644 index 1620aaea6..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/ldap.go +++ /dev/null @@ -1,286 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ldap - -import ( - "errors" - "io/ioutil" - "os" - - ber "gopkg.in/asn1-ber.v1" -) - -// LDAP Application Codes -const ( - ApplicationBindRequest = 0 - ApplicationBindResponse = 1 - ApplicationUnbindRequest = 2 - ApplicationSearchRequest = 3 - ApplicationSearchResultEntry = 4 - ApplicationSearchResultDone = 5 - ApplicationModifyRequest = 6 - ApplicationModifyResponse = 7 - ApplicationAddRequest = 8 - ApplicationAddResponse = 9 - ApplicationDelRequest = 10 - ApplicationDelResponse = 11 - ApplicationModifyDNRequest = 12 - ApplicationModifyDNResponse = 13 - ApplicationCompareRequest = 14 - ApplicationCompareResponse = 15 - ApplicationAbandonRequest = 16 - ApplicationSearchResultReference = 19 - ApplicationExtendedRequest = 23 - ApplicationExtendedResponse = 24 -) - -var ApplicationMap = map[uint8]string{ - ApplicationBindRequest: "Bind Request", - ApplicationBindResponse: "Bind Response", - ApplicationUnbindRequest: "Unbind Request", - ApplicationSearchRequest: "Search Request", - ApplicationSearchResultEntry: "Search Result Entry", - ApplicationSearchResultDone: "Search Result Done", - ApplicationModifyRequest: "Modify Request", - ApplicationModifyResponse: "Modify Response", - ApplicationAddRequest: "Add Request", - ApplicationAddResponse: "Add Response", - ApplicationDelRequest: "Del Request", - ApplicationDelResponse: "Del Response", - ApplicationModifyDNRequest: "Modify DN Request", - ApplicationModifyDNResponse: "Modify DN Response", - ApplicationCompareRequest: "Compare Request", - ApplicationCompareResponse: "Compare Response", - ApplicationAbandonRequest: "Abandon Request", - ApplicationSearchResultReference: "Search Result Reference", - ApplicationExtendedRequest: "Extended Request", - ApplicationExtendedResponse: "Extended Response", -} - -// Ldap Behera Password Policy Draft 10 (https://tools.ietf.org/html/draft-behera-ldap-password-policy-10) -const ( - BeheraPasswordExpired = 0 - BeheraAccountLocked = 1 - BeheraChangeAfterReset = 2 - BeheraPasswordModNotAllowed = 3 - BeheraMustSupplyOldPassword = 4 - BeheraInsufficientPasswordQuality = 5 - BeheraPasswordTooShort = 6 - BeheraPasswordTooYoung = 7 - BeheraPasswordInHistory = 8 -) - -var BeheraPasswordPolicyErrorMap = map[int8]string{ - BeheraPasswordExpired: "Password expired", - BeheraAccountLocked: "Account locked", - BeheraChangeAfterReset: "Password must be changed", - BeheraPasswordModNotAllowed: "Policy prevents password modification", - BeheraMustSupplyOldPassword: "Policy requires old password in order to change password", - BeheraInsufficientPasswordQuality: "Password fails quality checks", - BeheraPasswordTooShort: "Password is too short for policy", - BeheraPasswordTooYoung: "Password has been changed too recently", - BeheraPasswordInHistory: "New password is in list of old passwords", -} - -// Adds descriptions to an LDAP Response packet for debugging -func addLDAPDescriptions(packet *ber.Packet) (err error) { - defer func() { - if r := recover(); r != nil { - err = NewError(ErrorDebugging, errors.New("ldap: cannot process packet to add descriptions")) - } - }() - packet.Description = "LDAP Response" - packet.Children[0].Description = "Message ID" - - application := uint8(packet.Children[1].Tag) - packet.Children[1].Description = ApplicationMap[application] - - switch application { - case ApplicationBindRequest: - addRequestDescriptions(packet) - case ApplicationBindResponse: - addDefaultLDAPResponseDescriptions(packet) - case ApplicationUnbindRequest: - addRequestDescriptions(packet) - case ApplicationSearchRequest: - addRequestDescriptions(packet) - case ApplicationSearchResultEntry: - packet.Children[1].Children[0].Description = "Object Name" - packet.Children[1].Children[1].Description = "Attributes" - for _, child := range packet.Children[1].Children[1].Children { - child.Description = "Attribute" - child.Children[0].Description = "Attribute Name" - child.Children[1].Description = "Attribute Values" - for _, grandchild := range child.Children[1].Children { - grandchild.Description = "Attribute Value" - } - } - if len(packet.Children) == 3 { - addControlDescriptions(packet.Children[2]) - } - case ApplicationSearchResultDone: - addDefaultLDAPResponseDescriptions(packet) - case ApplicationModifyRequest: - addRequestDescriptions(packet) - case ApplicationModifyResponse: - case ApplicationAddRequest: - addRequestDescriptions(packet) - case ApplicationAddResponse: - case ApplicationDelRequest: - addRequestDescriptions(packet) - case ApplicationDelResponse: - case ApplicationModifyDNRequest: - addRequestDescriptions(packet) - case ApplicationModifyDNResponse: - case ApplicationCompareRequest: - addRequestDescriptions(packet) - case ApplicationCompareResponse: - case ApplicationAbandonRequest: - addRequestDescriptions(packet) - case ApplicationSearchResultReference: - case ApplicationExtendedRequest: - addRequestDescriptions(packet) - case ApplicationExtendedResponse: - } - - return nil -} - -func addControlDescriptions(packet *ber.Packet) { - packet.Description = "Controls" - for _, child := range packet.Children { - child.Description = "Control" - child.Children[0].Description = "Control Type (" + ControlTypeMap[child.Children[0].Value.(string)] + ")" - value := child.Children[1] - if len(child.Children) == 3 { - child.Children[1].Description = "Criticality" - value = child.Children[2] - } - value.Description = "Control Value" - - switch child.Children[0].Value.(string) { - case ControlTypePaging: - value.Description += " (Paging)" - if value.Value != nil { - valueChildren := ber.DecodePacket(value.Data.Bytes()) - value.Data.Truncate(0) - value.Value = nil - valueChildren.Children[1].Value = valueChildren.Children[1].Data.Bytes() - value.AppendChild(valueChildren) - } - value.Children[0].Description = "Real Search Control Value" - value.Children[0].Children[0].Description = "Paging Size" - value.Children[0].Children[1].Description = "Cookie" - - case ControlTypeBeheraPasswordPolicy: - value.Description += " (Password Policy - Behera Draft)" - if value.Value != nil { - valueChildren := ber.DecodePacket(value.Data.Bytes()) - value.Data.Truncate(0) - value.Value = nil - value.AppendChild(valueChildren) - } - sequence := value.Children[0] - for _, child := range sequence.Children { - if child.Tag == 0 { - //Warning - child := child.Children[0] - packet := ber.DecodePacket(child.Data.Bytes()) - val, ok := packet.Value.(int64) - if ok { - if child.Tag == 0 { - //timeBeforeExpiration - value.Description += " (TimeBeforeExpiration)" - child.Value = val - } else if child.Tag == 1 { - //graceAuthNsRemaining - value.Description += " (GraceAuthNsRemaining)" - child.Value = val - } - } - } else if child.Tag == 1 { - // Error - packet := ber.DecodePacket(child.Data.Bytes()) - val, ok := packet.Value.(int8) - if !ok { - val = -1 - } - child.Description = "Error" - child.Value = val - } - } - } - } -} - -func addRequestDescriptions(packet *ber.Packet) { - packet.Description = "LDAP Request" - packet.Children[0].Description = "Message ID" - packet.Children[1].Description = ApplicationMap[uint8(packet.Children[1].Tag)] - if len(packet.Children) == 3 { - addControlDescriptions(packet.Children[2]) - } -} - -func addDefaultLDAPResponseDescriptions(packet *ber.Packet) { - resultCode, _ := getLDAPResultCode(packet) - packet.Children[1].Children[0].Description = "Result Code (" + LDAPResultCodeMap[resultCode] + ")" - packet.Children[1].Children[1].Description = "Matched DN" - packet.Children[1].Children[2].Description = "Error Message" - if len(packet.Children[1].Children) > 3 { - packet.Children[1].Children[3].Description = "Referral" - } - if len(packet.Children) == 3 { - addControlDescriptions(packet.Children[2]) - } -} - -func DebugBinaryFile(fileName string) error { - file, err := ioutil.ReadFile(fileName) - if err != nil { - return NewError(ErrorDebugging, err) - } - ber.PrintBytes(os.Stdout, file, "") - packet := ber.DecodePacket(file) - addLDAPDescriptions(packet) - ber.PrintPacket(packet) - - return nil -} - -var hex = "0123456789abcdef" - -func mustEscape(c byte) bool { - return c > 0x7f || c == '(' || c == ')' || c == '\\' || c == '*' || c == 0 -} - -// EscapeFilter escapes from the provided LDAP filter string the special -// characters in the set `()*\` and those out of the range 0 < c < 0x80, -// as defined in RFC4515. -func EscapeFilter(filter string) string { - escape := 0 - for i := 0; i < len(filter); i++ { - if mustEscape(filter[i]) { - escape++ - } - } - if escape == 0 { - return filter - } - buf := make([]byte, len(filter)+escape*2) - for i, j := 0, 0; i < len(filter); i++ { - c := filter[i] - if mustEscape(c) { - buf[j+0] = '\\' - buf[j+1] = hex[c>>4] - buf[j+2] = hex[c&0xf] - j += 3 - } else { - buf[j] = c - j++ - } - } - return string(buf) -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/modify.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/modify.go deleted file mode 100644 index 4372a19dc..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/modify.go +++ /dev/null @@ -1,156 +0,0 @@ -// Copyright 2014 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. -// -// File contains Modify functionality -// -// https://tools.ietf.org/html/rfc4511 -// -// ModifyRequest ::= [APPLICATION 6] SEQUENCE { -// object LDAPDN, -// changes SEQUENCE OF change SEQUENCE { -// operation ENUMERATED { -// add (0), -// delete (1), -// replace (2), -// ... }, -// modification PartialAttribute } } -// -// PartialAttribute ::= SEQUENCE { -// type AttributeDescription, -// vals SET OF value AttributeValue } -// -// AttributeDescription ::= LDAPString -// -- Constrained to -// -- [RFC4512] -// -// AttributeValue ::= OCTET STRING -// - -package ldap - -import ( - "errors" - "log" - - "gopkg.in/asn1-ber.v1" -) - -const ( - AddAttribute = 0 - DeleteAttribute = 1 - ReplaceAttribute = 2 -) - -type PartialAttribute struct { - attrType string - attrVals []string -} - -func (p *PartialAttribute) encode() *ber.Packet { - seq := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "PartialAttribute") - seq.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, p.attrType, "Type")) - set := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSet, nil, "AttributeValue") - for _, value := range p.attrVals { - set.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, value, "Vals")) - } - seq.AppendChild(set) - return seq -} - -type ModifyRequest struct { - dn string - addAttributes []PartialAttribute - deleteAttributes []PartialAttribute - replaceAttributes []PartialAttribute -} - -func (m *ModifyRequest) Add(attrType string, attrVals []string) { - m.addAttributes = append(m.addAttributes, PartialAttribute{attrType: attrType, attrVals: attrVals}) -} - -func (m *ModifyRequest) Delete(attrType string, attrVals []string) { - m.deleteAttributes = append(m.deleteAttributes, PartialAttribute{attrType: attrType, attrVals: attrVals}) -} - -func (m *ModifyRequest) Replace(attrType string, attrVals []string) { - m.replaceAttributes = append(m.replaceAttributes, PartialAttribute{attrType: attrType, attrVals: attrVals}) -} - -func (m ModifyRequest) encode() *ber.Packet { - request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationModifyRequest, nil, "Modify Request") - request.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, m.dn, "DN")) - changes := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Changes") - for _, attribute := range m.addAttributes { - change := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Change") - change.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagEnumerated, uint64(AddAttribute), "Operation")) - change.AppendChild(attribute.encode()) - changes.AppendChild(change) - } - for _, attribute := range m.deleteAttributes { - change := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Change") - change.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagEnumerated, uint64(DeleteAttribute), "Operation")) - change.AppendChild(attribute.encode()) - changes.AppendChild(change) - } - for _, attribute := range m.replaceAttributes { - change := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Change") - change.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagEnumerated, uint64(ReplaceAttribute), "Operation")) - change.AppendChild(attribute.encode()) - changes.AppendChild(change) - } - request.AppendChild(changes) - return request -} - -func NewModifyRequest( - dn string, -) *ModifyRequest { - return &ModifyRequest{ - dn: dn, - } -} - -func (l *Conn) Modify(modifyRequest *ModifyRequest) error { - messageID := l.nextMessageID() - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - packet.AppendChild(modifyRequest.encode()) - - l.Debug.PrintPacket(packet) - - channel, err := l.sendMessage(packet) - if err != nil { - return err - } - if channel == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - l.Debug.Printf("%d: waiting for response", messageID) - packet = <-channel - l.Debug.Printf("%d: got response %p", messageID, packet) - if packet == nil { - return NewError(ErrorNetwork, errors.New("ldap: could not retrieve message")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return err - } - ber.PrintPacket(packet) - } - - if packet.Children[1].Tag == ApplicationModifyResponse { - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return NewError(resultCode, errors.New(resultDescription)) - } - } else { - log.Printf("Unexpected Response: %d", packet.Children[1].Tag) - } - - l.Debug.Printf("%d: returning", messageID) - return nil -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/passwdmodify.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/passwdmodify.go deleted file mode 100644 index 508b11ed7..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/passwdmodify.go +++ /dev/null @@ -1,137 +0,0 @@ -// This file contains the password modify extended operation as specified in rfc 3062 -// -// https://tools.ietf.org/html/rfc3062 -// - -package ldap - -import ( - "errors" - "fmt" - - "gopkg.in/asn1-ber.v1" -) - -const ( - passwordModifyOID = "1.3.6.1.4.1.4203.1.11.1" -) - -type PasswordModifyRequest struct { - UserIdentity string - OldPassword string - NewPassword string -} - -type PasswordModifyResult struct { - GeneratedPassword string -} - -func (r *PasswordModifyRequest) encode() (*ber.Packet, error) { - request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationExtendedRequest, nil, "Password Modify Extended Operation") - request.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 0, passwordModifyOID, "Extended Request Name: Password Modify OID")) - extendedRequestValue := ber.Encode(ber.ClassContext, ber.TypePrimitive, 1, nil, "Extended Request Value: Password Modify Request") - passwordModifyRequestValue := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Password Modify Request") - if r.UserIdentity != "" { - passwordModifyRequestValue.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 0, r.UserIdentity, "User Identity")) - } - if r.OldPassword != "" { - passwordModifyRequestValue.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 1, r.OldPassword, "Old Password")) - } - if r.NewPassword != "" { - passwordModifyRequestValue.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 2, r.NewPassword, "New Password")) - } - - extendedRequestValue.AppendChild(passwordModifyRequestValue) - request.AppendChild(extendedRequestValue) - - return request, nil -} - -// Create a new PasswordModifyRequest -// -// According to the RFC 3602: -// userIdentity is a string representing the user associated with the request. -// This string may or may not be an LDAPDN (RFC 2253). -// If userIdentity is empty then the operation will act on the user associated -// with the session. -// -// oldPassword is the current user's password, it can be empty or it can be -// needed depending on the session user access rights (usually an administrator -// can change a user's password without knowing the current one) and the -// password policy (see pwdSafeModify password policy's attribute) -// -// newPassword is the desired user's password. If empty the server can return -// an error or generate a new password that will be available in the -// PasswordModifyResult.GeneratedPassword -// -func NewPasswordModifyRequest(userIdentity string, oldPassword string, newPassword string) *PasswordModifyRequest { - return &PasswordModifyRequest{ - UserIdentity: userIdentity, - OldPassword: oldPassword, - NewPassword: newPassword, - } -} - -func (l *Conn) PasswordModify(passwordModifyRequest *PasswordModifyRequest) (*PasswordModifyResult, error) { - messageID := l.nextMessageID() - - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - - encodedPasswordModifyRequest, err := passwordModifyRequest.encode() - if err != nil { - return nil, err - } - packet.AppendChild(encodedPasswordModifyRequest) - - l.Debug.PrintPacket(packet) - - channel, err := l.sendMessage(packet) - if err != nil { - return nil, err - } - if channel == nil { - return nil, NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - result := &PasswordModifyResult{} - - l.Debug.Printf("%d: waiting for response", messageID) - packet = <-channel - l.Debug.Printf("%d: got response %p", messageID, packet) - - if packet == nil { - return nil, NewError(ErrorNetwork, errors.New("ldap: could not retrieve message")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return nil, err - } - ber.PrintPacket(packet) - } - - if packet.Children[1].Tag == ApplicationExtendedResponse { - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return nil, NewError(resultCode, errors.New(resultDescription)) - } - } else { - return nil, NewError(ErrorUnexpectedResponse, fmt.Errorf("Unexpected Response: %d", packet.Children[1].Tag)) - } - - extendedResponse := packet.Children[1] - for _, child := range extendedResponse.Children { - if child.Tag == 11 { - passwordModifyReponseValue := ber.DecodePacket(child.Data.Bytes()) - if len(passwordModifyReponseValue.Children) == 1 { - if passwordModifyReponseValue.Children[0].Tag == 0 { - result.GeneratedPassword = ber.DecodeString(passwordModifyReponseValue.Children[0].Data.Bytes()) - } - } - } - } - - return result, nil -} diff --git a/Godeps/_workspace/src/github.com/go-ldap/ldap/search.go b/Godeps/_workspace/src/github.com/go-ldap/ldap/search.go deleted file mode 100644 index f63c9fb02..000000000 --- a/Godeps/_workspace/src/github.com/go-ldap/ldap/search.go +++ /dev/null @@ -1,403 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. -// -// File contains Search functionality -// -// https://tools.ietf.org/html/rfc4511 -// -// SearchRequest ::= [APPLICATION 3] SEQUENCE { -// baseObject LDAPDN, -// scope ENUMERATED { -// baseObject (0), -// singleLevel (1), -// wholeSubtree (2), -// ... }, -// derefAliases ENUMERATED { -// neverDerefAliases (0), -// derefInSearching (1), -// derefFindingBaseObj (2), -// derefAlways (3) }, -// sizeLimit INTEGER (0 .. maxInt), -// timeLimit INTEGER (0 .. maxInt), -// typesOnly BOOLEAN, -// filter Filter, -// attributes AttributeSelection } -// -// AttributeSelection ::= SEQUENCE OF selector LDAPString -// -- The LDAPString is constrained to -// -- in Section 4.5.1.8 -// -// Filter ::= CHOICE { -// and [0] SET SIZE (1..MAX) OF filter Filter, -// or [1] SET SIZE (1..MAX) OF filter Filter, -// not [2] Filter, -// equalityMatch [3] AttributeValueAssertion, -// substrings [4] SubstringFilter, -// greaterOrEqual [5] AttributeValueAssertion, -// lessOrEqual [6] AttributeValueAssertion, -// present [7] AttributeDescription, -// approxMatch [8] AttributeValueAssertion, -// extensibleMatch [9] MatchingRuleAssertion, -// ... } -// -// SubstringFilter ::= SEQUENCE { -// type AttributeDescription, -// substrings SEQUENCE SIZE (1..MAX) OF substring CHOICE { -// initial [0] AssertionValue, -- can occur at most once -// any [1] AssertionValue, -// final [2] AssertionValue } -- can occur at most once -// } -// -// MatchingRuleAssertion ::= SEQUENCE { -// matchingRule [1] MatchingRuleId OPTIONAL, -// type [2] AttributeDescription OPTIONAL, -// matchValue [3] AssertionValue, -// dnAttributes [4] BOOLEAN DEFAULT FALSE } -// -// - -package ldap - -import ( - "errors" - "fmt" - "sort" - "strings" - - "gopkg.in/asn1-ber.v1" -) - -const ( - ScopeBaseObject = 0 - ScopeSingleLevel = 1 - ScopeWholeSubtree = 2 -) - -var ScopeMap = map[int]string{ - ScopeBaseObject: "Base Object", - ScopeSingleLevel: "Single Level", - ScopeWholeSubtree: "Whole Subtree", -} - -const ( - NeverDerefAliases = 0 - DerefInSearching = 1 - DerefFindingBaseObj = 2 - DerefAlways = 3 -) - -var DerefMap = map[int]string{ - NeverDerefAliases: "NeverDerefAliases", - DerefInSearching: "DerefInSearching", - DerefFindingBaseObj: "DerefFindingBaseObj", - DerefAlways: "DerefAlways", -} - -// NewEntry returns an Entry object with the specified distinguished name and attribute key-value pairs. -// The map of attributes is accessed in alphabetical order of the keys in order to ensure that, for the -// same input map of attributes, the output entry will contain the same order of attributes -func NewEntry(dn string, attributes map[string][]string) *Entry { - var attributeNames []string - for attributeName := range attributes { - attributeNames = append(attributeNames, attributeName) - } - sort.Strings(attributeNames) - - var encodedAttributes []*EntryAttribute - for _, attributeName := range attributeNames { - encodedAttributes = append(encodedAttributes, NewEntryAttribute(attributeName, attributes[attributeName])) - } - return &Entry{ - DN: dn, - Attributes: encodedAttributes, - } -} - -type Entry struct { - DN string - Attributes []*EntryAttribute -} - -func (e *Entry) GetAttributeValues(attribute string) []string { - for _, attr := range e.Attributes { - if attr.Name == attribute { - return attr.Values - } - } - return []string{} -} - -func (e *Entry) GetRawAttributeValues(attribute string) [][]byte { - for _, attr := range e.Attributes { - if attr.Name == attribute { - return attr.ByteValues - } - } - return [][]byte{} -} - -func (e *Entry) GetAttributeValue(attribute string) string { - values := e.GetAttributeValues(attribute) - if len(values) == 0 { - return "" - } - return values[0] -} - -func (e *Entry) GetRawAttributeValue(attribute string) []byte { - values := e.GetRawAttributeValues(attribute) - if len(values) == 0 { - return []byte{} - } - return values[0] -} - -func (e *Entry) Print() { - fmt.Printf("DN: %s\n", e.DN) - for _, attr := range e.Attributes { - attr.Print() - } -} - -func (e *Entry) PrettyPrint(indent int) { - fmt.Printf("%sDN: %s\n", strings.Repeat(" ", indent), e.DN) - for _, attr := range e.Attributes { - attr.PrettyPrint(indent + 2) - } -} - -// NewEntryAttribute returns a new EntryAttribute with the desired key-value pair -func NewEntryAttribute(name string, values []string) *EntryAttribute { - var bytes [][]byte - for _, value := range values { - bytes = append(bytes, []byte(value)) - } - return &EntryAttribute{ - Name: name, - Values: values, - ByteValues: bytes, - } -} - -type EntryAttribute struct { - Name string - Values []string - ByteValues [][]byte -} - -func (e *EntryAttribute) Print() { - fmt.Printf("%s: %s\n", e.Name, e.Values) -} - -func (e *EntryAttribute) PrettyPrint(indent int) { - fmt.Printf("%s%s: %s\n", strings.Repeat(" ", indent), e.Name, e.Values) -} - -type SearchResult struct { - Entries []*Entry - Referrals []string - Controls []Control -} - -func (s *SearchResult) Print() { - for _, entry := range s.Entries { - entry.Print() - } -} - -func (s *SearchResult) PrettyPrint(indent int) { - for _, entry := range s.Entries { - entry.PrettyPrint(indent) - } -} - -type SearchRequest struct { - BaseDN string - Scope int - DerefAliases int - SizeLimit int - TimeLimit int - TypesOnly bool - Filter string - Attributes []string - Controls []Control -} - -func (s *SearchRequest) encode() (*ber.Packet, error) { - request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationSearchRequest, nil, "Search Request") - request.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, s.BaseDN, "Base DN")) - request.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagEnumerated, uint64(s.Scope), "Scope")) - request.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagEnumerated, uint64(s.DerefAliases), "Deref Aliases")) - request.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, uint64(s.SizeLimit), "Size Limit")) - request.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, uint64(s.TimeLimit), "Time Limit")) - request.AppendChild(ber.NewBoolean(ber.ClassUniversal, ber.TypePrimitive, ber.TagBoolean, s.TypesOnly, "Types Only")) - // compile and encode filter - filterPacket, err := CompileFilter(s.Filter) - if err != nil { - return nil, err - } - request.AppendChild(filterPacket) - // encode attributes - attributesPacket := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "Attributes") - for _, attribute := range s.Attributes { - attributesPacket.AppendChild(ber.NewString(ber.ClassUniversal, ber.TypePrimitive, ber.TagOctetString, attribute, "Attribute")) - } - request.AppendChild(attributesPacket) - return request, nil -} - -func NewSearchRequest( - BaseDN string, - Scope, DerefAliases, SizeLimit, TimeLimit int, - TypesOnly bool, - Filter string, - Attributes []string, - Controls []Control, -) *SearchRequest { - return &SearchRequest{ - BaseDN: BaseDN, - Scope: Scope, - DerefAliases: DerefAliases, - SizeLimit: SizeLimit, - TimeLimit: TimeLimit, - TypesOnly: TypesOnly, - Filter: Filter, - Attributes: Attributes, - Controls: Controls, - } -} - -func (l *Conn) SearchWithPaging(searchRequest *SearchRequest, pagingSize uint32) (*SearchResult, error) { - if searchRequest.Controls == nil { - searchRequest.Controls = make([]Control, 0) - } - - pagingControl := NewControlPaging(pagingSize) - searchRequest.Controls = append(searchRequest.Controls, pagingControl) - searchResult := new(SearchResult) - for { - result, err := l.Search(searchRequest) - l.Debug.Printf("Looking for Paging Control...") - if err != nil { - return searchResult, err - } - if result == nil { - return searchResult, NewError(ErrorNetwork, errors.New("ldap: packet not received")) - } - - for _, entry := range result.Entries { - searchResult.Entries = append(searchResult.Entries, entry) - } - for _, referral := range result.Referrals { - searchResult.Referrals = append(searchResult.Referrals, referral) - } - for _, control := range result.Controls { - searchResult.Controls = append(searchResult.Controls, control) - } - - l.Debug.Printf("Looking for Paging Control...") - pagingResult := FindControl(result.Controls, ControlTypePaging) - if pagingResult == nil { - pagingControl = nil - l.Debug.Printf("Could not find paging control. Breaking...") - break - } - - cookie := pagingResult.(*ControlPaging).Cookie - if len(cookie) == 0 { - pagingControl = nil - l.Debug.Printf("Could not find cookie. Breaking...") - break - } - pagingControl.SetCookie(cookie) - } - - if pagingControl != nil { - l.Debug.Printf("Abandoning Paging...") - pagingControl.PagingSize = 0 - l.Search(searchRequest) - } - - return searchResult, nil -} - -func (l *Conn) Search(searchRequest *SearchRequest) (*SearchResult, error) { - messageID := l.nextMessageID() - packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request") - packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, messageID, "MessageID")) - // encode search request - encodedSearchRequest, err := searchRequest.encode() - if err != nil { - return nil, err - } - packet.AppendChild(encodedSearchRequest) - // encode search controls - if searchRequest.Controls != nil { - packet.AppendChild(encodeControls(searchRequest.Controls)) - } - - l.Debug.PrintPacket(packet) - - channel, err := l.sendMessage(packet) - if err != nil { - return nil, err - } - if channel == nil { - return nil, NewError(ErrorNetwork, errors.New("ldap: could not send message")) - } - defer l.finishMessage(messageID) - - result := &SearchResult{ - Entries: make([]*Entry, 0), - Referrals: make([]string, 0), - Controls: make([]Control, 0)} - - foundSearchResultDone := false - for !foundSearchResultDone { - l.Debug.Printf("%d: waiting for response", messageID) - packet = <-channel - l.Debug.Printf("%d: got response %p", messageID, packet) - if packet == nil { - return nil, NewError(ErrorNetwork, errors.New("ldap: could not retrieve message")) - } - - if l.Debug { - if err := addLDAPDescriptions(packet); err != nil { - return nil, err - } - ber.PrintPacket(packet) - } - - switch packet.Children[1].Tag { - case 4: - entry := new(Entry) - entry.DN = packet.Children[1].Children[0].Value.(string) - for _, child := range packet.Children[1].Children[1].Children { - attr := new(EntryAttribute) - attr.Name = child.Children[0].Value.(string) - for _, value := range child.Children[1].Children { - attr.Values = append(attr.Values, value.Value.(string)) - attr.ByteValues = append(attr.ByteValues, value.ByteValue) - } - entry.Attributes = append(entry.Attributes, attr) - } - result.Entries = append(result.Entries, entry) - case 5: - resultCode, resultDescription := getLDAPResultCode(packet) - if resultCode != 0 { - return result, NewError(resultCode, errors.New(resultDescription)) - } - if len(packet.Children) == 3 { - for _, child := range packet.Children[2].Children { - result.Controls = append(result.Controls, DecodeControl(child)) - } - } - foundSearchResultDone = true - case 19: - result.Referrals = append(result.Referrals, packet.Children[1].Children[0].Value.(string)) - } - } - l.Debug.Printf("%d: returning", messageID) - return result, nil -} -- cgit v1.2.3-1-g7c22