[389-devel] please review: Ticket #47553 - Automated the verification procedure
https://fedorahosted.org/389/ticket/47553 https://fedorahosted.org/389/attachment/ticket/47553/0001-Ticket-47553-Automated-the-verification-procedure.patch pgpP9S0Ua1jWm.pgp Description: PGP signature -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel
Re: [389-devel] [lib389] Deref control advice needed
On 08/27/2015 02:31 AM, Rich Megginson wrote: On 08/26/2015 03:28 AM, William Brown wrote: In relation to ticket 47757, I have started work on a deref control for Noriko. The idea is to get it working in lib389, then get it upstreamed into pyldap. At this point it's all done, except that the actual request control doesn't appear to work. Could one of the lib389 / ldap python experts cast their eye over this and let me know where I've gone wrong? I have improved this, but am having issues with the asn1spec for ber decoding. I have attached the updated patch, but specifically the issue is in _controls.py I would appreciate if anyone could take a look at this, and let me know if there is something I have missed. Not sure, but here is some code I did without using pyasn: https://github.com/richm/scripts/blob/master/derefctrl.py This is quite old by now, and is probably bit rotted with respect to python-ldap and python3. Old !! but it worked like a charm for me. I just had to do this modif because of change in python-ldap IIRC diff derefctrl.py /tmp/derefctrl_orig.py 0a1 > 151,152c152 < self.criticality,self.derefspeclist,self.entry = criticality,derefspeclist or [],None < #LDAPControl.__init__(self,DerefCtrl.controlType,criticality,derefspeclist) --- > LDAPControl.__init__(self,DerefCtrl.controlType,criticality,derefspeclist) 154c154 < def encodeControlValue(self): --- > def encodeControlValue(self,value): 156c156 < for (derefattr,attrs) in self.derefspeclist: --- > for (derefattr,attrs) in value: """ controlValue ::= SEQUENCE OF derefRes DerefRes DerefRes ::= SEQUENCE { derefAttr AttributeDescription, derefValLDAPDN, attrVals[0] PartialAttributeList OPTIONAL } PartialAttributeList ::= SEQUENCE OF partialAttribute PartialAttribute """ class DerefRes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('derefAttr', AttributeDescription()), namedtype.NamedType('derefVal', LDAPDN()), namedtype.OptionalNamedType('attrVals', PartialAttributeList()), ) class DerefResultControlValue(univ.SequenceOf): componentType = DerefRes() def decodeControlValue(self,encodedControlValue): self.entry = {} #decodedValue,_ = decoder.decode(encodedControlValue,asn1Spec=DerefResultControlValue()) # Gets the error: TagSet(Tag(tagClass=0, tagFormat=32, tagId=16), Tag(tagClass=128, tagFormat=32, tagId=0)) not in asn1Spec: {TagSet(Tag(tagClass=0, tagFormat=32, tagId=16)): PartialAttributeList()}/{} decodedValue,_ = decoder.decode(encodedControlValue) print(decodedValue.prettyPrint()) # Pretty print yields #Sequence: <-- Sequence of # =Sequence: <-- derefRes # =uniqueMember <-- derefAttr # =uid=test,dc=example,dc=com <-- derefVal # =Sequence: <-- attrVals # =uid # =Set: #=test # For now, while asn1spec is sad, we'll just rely on it being well formed # However, this isn't good, as without the asn1spec, we seem to actually be dropping values for result in decodedValue: derefAttr, derefVal, _ = result self.entry[str(derefAttr)] = str(derefVal) -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel
Re: [389-devel] [lib389] Deref control advice needed
> > > > Old !! but it worked like a charm for me. I just had to do this modif > > because of change in python-ldap IIRC > > OK. But I would rather use William's version which is based on pyasn1 - > it hurts my brain to hand code BER . . . https://fedorahosted.org/389/ticket/48262 Please take a look and review. -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel
Re: [389-devel] [lib389] Deref control advice needed
On 09/02/2015 10:35 AM, thierry bordaz wrote: On 08/27/2015 02:31 AM, Rich Megginson wrote: On 08/26/2015 03:28 AM, William Brown wrote: In relation to ticket 47757, I have started work on a deref control for Noriko. The idea is to get it working in lib389, then get it upstreamed into pyldap. At this point it's all done, except that the actual request control doesn't appear to work. Could one of the lib389 / ldap python experts cast their eye over this and let me know where I've gone wrong? I have improved this, but am having issues with the asn1spec for ber decoding. I have attached the updated patch, but specifically the issue is in _controls.py I would appreciate if anyone could take a look at this, and let me know if there is something I have missed. Not sure, but here is some code I did without using pyasn: https://github.com/richm/scripts/blob/master/derefctrl.py This is quite old by now, and is probably bit rotted with respect to python-ldap and python3. Old !! but it worked like a charm for me. I just had to do this modif because of change in python-ldap IIRC OK. But I would rather use William's version which is based on pyasn1 - it hurts my brain to hand code BER . . . diff derefctrl.py /tmp/derefctrl_orig.py 0a1 > 151,152c152 < self.criticality,self.derefspeclist,self.entry = criticality,derefspeclist or [],None < #LDAPControl.__init__(self,DerefCtrl.controlType,criticality,derefspeclist) --- > LDAPControl.__init__(self,DerefCtrl.controlType,criticality,derefspeclist) 154c154 < def encodeControlValue(self): --- > def encodeControlValue(self,value): 156c156 < for (derefattr,attrs) in self.derefspeclist: --- > for (derefattr,attrs) in value: """ controlValue ::= SEQUENCE OF derefRes DerefRes DerefRes ::= SEQUENCE { derefAttr AttributeDescription, derefValLDAPDN, attrVals[0] PartialAttributeList OPTIONAL } PartialAttributeList ::= SEQUENCE OF partialAttribute PartialAttribute """ class DerefRes(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('derefAttr', AttributeDescription()), namedtype.NamedType('derefVal', LDAPDN()), namedtype.OptionalNamedType('attrVals', PartialAttributeList()), ) class DerefResultControlValue(univ.SequenceOf): componentType = DerefRes() def decodeControlValue(self,encodedControlValue): self.entry = {} #decodedValue,_ = decoder.decode(encodedControlValue,asn1Spec=DerefResultControlValue()) # Gets the error: TagSet(Tag(tagClass=0, tagFormat=32, tagId=16), Tag(tagClass=128, tagFormat=32, tagId=0)) not in asn1Spec: {TagSet(Tag(tagClass=0, tagFormat=32, tagId=16)): PartialAttributeList()}/{} decodedValue,_ = decoder.decode(encodedControlValue) print(decodedValue.prettyPrint()) # Pretty print yields #Sequence: <-- Sequence of # =Sequence: <-- derefRes # =uniqueMember <-- derefAttr # =uid=test,dc=example,dc=com <-- derefVal # =Sequence: <-- attrVals # =uid # =Set: #=test # For now, while asn1spec is sad, we'll just rely on it being well formed # However, this isn't good, as without the asn1spec, we seem to actually be dropping values for result in decodedValue: derefAttr, derefVal, _ = result self.entry[str(derefAttr)] = str(derefVal) -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel