README
¶
Basic LDAP v3 functionality for the GO programming language.
Most features are used in the test files. ldaplocal_test.go tests
most new features.
Required Librarys:
github.com/mavricknz/asn1-ber
Working:
Connecting to LDAP server
Binding to LDAP server
Searching for entries
Compiling string filters to LDAP filters
Paging Search Results
Mulitple internal goroutines to handle network traffic
Makes library goroutine safe
Can perform multiple search requests at the same time and return
the results to the proper goroutine. All requests are blocking
requests, so the goroutine does not need special handling
Request Controls - MatchedValuesRequest, PermissiveModifyRequest,
ManageDsaITRequest, SubtreeDeleteRequest, Paging, ServerSideSort
Tests Implemented:
Filter Compile / Decompile
Local OpenDJ Tests for most Operations
Experimental:
LDIF Reader - LDIF entries only (~16k entries/sec)
Some limited documentation
TODO:
LDIF Reader - mods/adds/deletes/...
Test to not depend on initial Directory setup
Do something with binary attributes.
FilterExtensibleMatch Decode
Modify DN Requests / Responses
Implement Tests / Benchmarks
Timeouts (connect Go 1.1?), Timeout Operations.
Documentation
¶
Overview ¶
File contains Bind functionality
This package provides LDAP client functions.
This package provides LDAP client functions.
File contains Entry structures and functions ¶
An LDAP search filter is defined in Section 4.5.1 of [RFC4511]
Filter ::= CHOICE {
and [0] SET SIZE (1..MAX) OF filter Filter,
or [1] SET SIZE (1..MAX) OF filter Filter,
not [2] Filter,
equalityMatch [3] AttributeValueAssertion,
substrings [4] SubstringFilter,
greaterOrEqual [5] AttributeValueAssertion,
lessOrEqual [6] AttributeValueAssertion,
present [7] AttributeDescription,
approxMatch [8] AttributeValueAssertion,
extensibleMatch [9] MatchingRuleAssertion }
SubstringFilter ::= SEQUENCE {
type AttributeDescription,
-- initial and final can occur at most once
substrings SEQUENCE SIZE (1..MAX) OF substring CHOICE {
initial [0] AssertionValue,
any [1] AssertionValue,
final [2] AssertionValue } }
AttributeValueAssertion ::= SEQUENCE {
attributeDesc AttributeDescription,
assertionValue AssertionValue }
MatchingRuleAssertion ::= SEQUENCE {
matchingRule [1] MatchingRuleId OPTIONAL,
type [2] AttributeDescription OPTIONAL,
matchValue [3] AssertionValue,
dnAttributes [4] BOOLEAN DEFAULT FALSE }
AttributeDescription ::= LDAPString
-- Constrained to <attributedescription>
-- [RFC4512]
AttributeValue ::= OCTET STRING
MatchingRuleId ::= LDAPString
AssertionValue ::= OCTET STRING
LDAPString ::= OCTET STRING -- UTF-8 encoded,
-- [Unicode] characters
This package provides LDAP client functions.
This package provides LDAP MatchingRule functions.
File contains Search functionality
Index ¶
- Constants
- Variables
- func AttributeValueAssertion(attr, op, value string) (*ber.Packet, error)
- func CompileFilter(filter string) (*ber.Packet, error)
- func DebugBinaryFile(FileName string) error
- func DecompileFilter(packet *ber.Packet) (ret string, err error)
- func EscapeFilterValue(filter string) string
- func IsBinary(attrName string) (isBinary bool)
- func NeedsBase64Encoding(val string) bool
- func NewLDAPError(resultCode uint8, sText string) error
- func UnescapeFilterValue(filter string) string
- type AddRequest
- type CompareRequest
- type ConnectionInfo
- type Control
- func FindControl(controls []Control, controlType string) (position int, control Control)
- func NewControlPagingFromPacket(p *ber.Packet) (Control, error)
- func NewControlServerSideSortResponse(p *ber.Packet) (Control, error)
- func NewControlStringFromPacket(p *ber.Packet) (Control, error)
- func NewControlVlvResponse(p *ber.Packet) (Control, error)
- func ReplaceControl(controls []Control, control Control) (oldControl Control)
- type ControlMatchedValuesRequest
- type ControlPaging
- type ControlServerSideSortRequest
- type ControlServerSideSortResponse
- type ControlString
- func NewControlManageDsaITRequest(criticality bool) *ControlString
- func NewControlNoOpRequest() *ControlString
- func NewControlPermissiveModifyRequest(criticality bool) *ControlString
- func NewControlString(ControlType string, Criticality bool, ControlValue string) *ControlString
- func NewControlSubtreeDeleteRequest(criticality bool) *ControlString
- type ControlVlvRequest
- type ControlVlvResponse
- type DeleteRequest
- type Dialable
- type Dialer
- type DiscreteSearchResult
- type Entry
- func (e *Entry) AddAttributeValue(attributeName, value string)
- func (e *Entry) AddAttributeValues(attributeName string, values []string)
- func (e *Entry) GetAttributeIndex(Attribute string) int
- func (e *Entry) GetAttributeValue(attributeName string) string
- func (e *Entry) GetAttributeValues(attributeName string) []string
- func (req *Entry) RecordType() uint8
- func (e *Entry) String() string
- type EntryAttribute
- type LDAPConnection
- func (l *LDAPConnection) Abandon(abandonMessageID uint64) error
- func (l *LDAPConnection) Add(req *AddRequest) error
- func (l *LDAPConnection) Bind(username, password string) error
- func (l *LDAPConnection) Close() error
- func (l *LDAPConnection) Compare(req *CompareRequest) (bool, error)
- func (l *LDAPConnection) Connect() error
- func (l *LDAPConnection) Delete(delReq *DeleteRequest) (error error)
- func (l *LDAPConnection) ModDn(req *ModDnRequest) error
- func (l *LDAPConnection) Modify(modReq *ModifyRequest) error
- func (l *LDAPConnection) Search(searchRequest *SearchRequest) (*SearchResult, error)
- func (l *LDAPConnection) SearchWithHandler(searchRequest *SearchRequest, resultHandler SearchResultHandler, ...) error
- func (l *LDAPConnection) SearchWithPaging(searchRequest *SearchRequest, pagingSize uint32) (*SearchResult, error)
- type LDAPError
- type LDIFReader
- type LDIFRecord
- type LDIFWriter
- type Mod
- type ModDnRequest
- type ModifyRequest
- type SearchRequest
- type SearchResult
- type SearchResultHandler
- type ServerSideSortAttrRuleOrder
- type TimedDialable
- type TimedDialer
- type VlvOffSet
Constants ¶
View Source
const ( MessageQuit = 0 MessageRequest = 1 MessageResponse = 2 MessageFinish = 3 )
View Source
const ( ControlTypeMatchedValuesRequest = "1.2.826.0.1.3344810.2.3" ControlTypePermissiveModifyRequest = "1.2.840.113556.1.4.1413" ControlTypePaging = "1.2.840.113556.1.4.319" ControlTypeManageDsaITRequest = "2.16.840.1.113730.3.4.2" ControlTypeSubtreeDeleteRequest = "1.2.840.113556.1.4.805" ControlTypeNoOpRequest = "1.3.6.1.4.1.4203.1.10.2" ControlTypeServerSideSortRequest = "1.2.840.113556.1.4.473" ControlTypeServerSideSortResponse = "1.2.840.113556.1.4.474" ControlTypeVlvRequest = "2.16.840.1.113730.3.4.9" ControlTypeVlvResponse = "2.16.840.1.113730.3.4.10" )
View Source
const ( FilterAnd = 0 FilterOr = 1 FilterNot = 2 FilterEqualityMatch = 3 FilterSubstrings = 4 FilterGreaterOrEqual = 5 FilterLessOrEqual = 6 FilterPresent = 7 FilterApproxMatch = 8 FilterExtensibleMatch = 9 )
View Source
const ( FilterSubstringsInitial = 0 FilterSubstringsAny = 1 FilterSubstringsFinal = 2 )
View Source
const ( TagMatchingRule = 1 TagMatchingType = 2 TagMatchValue = 3 TagMatchDnAttributes = 4 )
View Source
const ( ApplicationBindRequest = 0 ApplicationBindResponse = 1 ApplicationUnbindRequest = 2 ApplicationSearchRequest = 3 ApplicationSearchResultEntry = 4 ApplicationSearchResultDone = 5 ApplicationModifyRequest = 6 ApplicationModifyResponse = 7 ApplicationAddRequest = 8 ApplicationAddResponse = 9 ApplicationDelRequest = 10 ApplicationDelResponse = 11 ApplicationModifyDNRequest = 12 ApplicationModifyDNResponse = 13 ApplicationCompareRequest = 14 ApplicationCompareResponse = 15 ApplicationAbandonRequest = 16 ApplicationSearchResultReference = 19 ApplicationExtendedRequest = 23 ApplicationExtendedResponse = 24 )
LDAP Application Codes
View Source
const ( LDAPResultSuccess = 0 LDAPResultOperationsError = 1 LDAPResultProtocolError = 2 LDAPResultTimeLimitExceeded = 3 LDAPResultSizeLimitExceeded = 4 LDAPResultCompareFalse = 5 LDAPResultCompareTrue = 6 LDAPResultAuthMethodNotSupported = 7 LDAPResultStrongAuthRequired = 8 LDAPResultReferral = 10 LDAPResultAdminLimitExceeded = 11 LDAPResultConfidentialityRequired = 13 LDAPResultSaslBindInProgress = 14 LDAPResultNoSuchAttribute = 16 LDAPResultUndefinedAttributeType = 17 LDAPResultInappropriateMatching = 18 LDAPResultConstraintViolation = 19 LDAPResultAttributeOrValueExists = 20 LDAPResultInvalidAttributeSyntax = 21 LDAPResultNoSuchObject = 32 LDAPResultAliasProblem = 33 LDAPResultInvalidDNSyntax = 34 LDAPResultAliasDereferencingProblem = 36 LDAPResultInappropriateAuthentication = 48 LDAPResultInvalidCredentials = 49 LDAPResultInsufficientAccessRights = 50 LDAPResultBusy = 51 LDAPResultUnwillingToPerform = 53 LDAPResultLoopDetect = 54 LDAPResultNamingViolation = 64 LDAPResultObjectClassViolation = 65 LDAPResultNotAllowedOnNonLeaf = 66 LDAPResultNotAllowedOnRDN = 67 LDAPResultEntryAlreadyExists = 68 LDAPResultObjectClassModsProhibited = 69 LDAPResultAffectsMultipleDSAs = 71 LDAPResultOther = 80 ErrorNetwork = 201 ErrorFilterCompile = 202 ErrorFilterDecompile = 203 ErrorDebugging = 204 ErrorEncoding = 205 ErrorDecoding = 206 ErrorMissingControl = 207 ErrorInvalidArgument = 208 ErrorLDIFRead = 209 ErrorLDIFWrite = 210 ErrorClosing = 211 ErrorUnknown = 212 )
LDAP Result Codes
View Source
const ( DefaultTimeout = 60 * time.Minute ResultChanBufferSize = 5 // buffer items in each chanResults default: 5 )
View Source
const ( AddRecord = 0 ModifyRecord = 1 ModDnRecord = 2 ModRdnRecord = 3 DeleteRecord = 4 EntryRecord = 255 )
View Source
const ( MatchingRule_numericStringOrderingMatch = "2.5.13.9" // 1.3.6.1.4.1.1466.115.121.1.36 MatchingRule_numericStringMatch = "2.5.13.8" // 1.3.6.1.4.1.1466.115.121.1.36 MatchingRule_caseExactSubstringsMatch = "2.5.13.7" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_caseExactOrderingMatch = "2.5.13.6" // 1.3.6.1.4.1.1466.115.121.1.15 MatchingRule_caseExactMatch = "2.5.13.5" // 1.3.6.1.4.1.1466.115.121.1.15 MatchingRule_caseIgnoreSubstringsMatch = "2.5.13.4" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_keywordMatch = "2.5.13.33" // 1.3.6.1.4.1.1466.115.121.1.15 MatchingRule_wordMatch = "2.5.13.32" // 1.3.6.1.4.1.1466.115.121.1.15 MatchingRule_directoryStringFirstComponentMatch = "2.5.13.31" // 1.3.6.1.4.1.1466.115.121.1.15 MatchingRule_objectIdentifierFirstComponentMatch = "2.5.13.30" // 1.3.6.1.4.1.1466.115.121.1.38 MatchingRule_caseIgnoreOrderingMatch = "2.5.13.3" // 1.3.6.1.4.1.1466.115.121.1.15 MatchingRule_integerFirstComponentMatch = "2.5.13.29" // 1.3.6.1.4.1.1466.115.121.1.27 MatchingRule_generalizedTimeOrderingMatch = "2.5.13.28" // 1.3.6.1.4.1.1466.115.121.1.24 MatchingRule_generalizedTimeMatch = "2.5.13.27" // 1.3.6.1.4.1.1466.115.121.1.24 MatchingRule_protocolInformationMatch = "2.5.13.24" // 1.3.6.1.4.1.1466.115.121.1.42 MatchingRule_uniqueMemberMatch = "2.5.13.23" // 1.3.6.1.4.1.1466.115.121.1.34 MatchingRule_presentationAddressMatch = "2.5.13.22" // 1.3.6.1.4.1.1466.115.121.1.43 MatchingRule_telephoneNumberSubstringsMatch = "2.5.13.21" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_telephoneNumberMatch = "2.5.13.20" // 1.3.6.1.4.1.1466.115.121.1.50 MatchingRule_caseIgnoreMatch = "2.5.13.2" // 1.3.6.1.4.1.1466.115.121.1.15 MatchingRule_octetStringSubstringsMatch = "2.5.13.19" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_octetStringOrderingMatch = "2.5.13.18" // 1.3.6.1.4.1.1466.115.121.1.40 MatchingRule_octetStringMatch = "2.5.13.17" // 1.3.6.1.4.1.1466.115.121.1.40 MatchingRule_bitStringMatch = "2.5.13.16" // 1.3.6.1.4.1.1466.115.121.1.6 MatchingRule_integerOrderingMatch = "2.5.13.15" // 1.3.6.1.4.1.1466.115.121.1.27 MatchingRule_integerMatch = "2.5.13.14" // 1.3.6.1.4.1.1466.115.121.1.27 MatchingRule_booleanMatch = "2.5.13.13" // 1.3.6.1.4.1.1466.115.121.1.7 MatchingRule_caseIgnoreListSubstringsMatch = "2.5.13.12" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_caseIgnoreListMatch = "2.5.13.11" // 1.3.6.1.4.1.1466.115.121.1.41 MatchingRule_numericStringSubstringsMatch = "2.5.13.10" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_distinguishedNameMatch = "2.5.13.1" // 1.3.6.1.4.1.1466.115.121.1.12 MatchingRule_objectIdentifierMatch = "2.5.13.0" // 1.3.6.1.4.1.1466.115.121.1.38 MatchingRule_authPasswordMatch = "1.3.6.1.4.1.4203.1.2.3" // 1.3.6.1.4.1.4203.1.1.2 DESC 'authentication password matching rule' MatchingRule_authPasswordExactMatch = "1.3.6.1.4.1.4203.1.2.2" // 1.3.6.1.4.1.4203.1.1.2 DESC 'authentication password exact matching rule' MatchingRule_caseExactIA5SubstringsMatch = "1.3.6.1.4.1.26027.1.4.902" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_partialDateAndTimeMatchingRule = "1.3.6.1.4.1.26027.1.4.7" // 1.3.6.1.4.1.1466.115.121.1.24 MatchingRule_relativeTimeLTOrderingMatch = "1.3.6.1.4.1.26027.1.4.6" // 1.3.6.1.4.1.1466.115.121.1.24 MatchingRule_relativeTimeGTOrderingMatch = "1.3.6.1.4.1.26027.1.4.5" // 1.3.6.1.4.1.1466.115.121.1.24 MatchingRule_historicalCsnOrderingMatch = "1.3.6.1.4.1.26027.1.4.4" // 1.3.6.1.4.1.1466.115.121.1.40 MatchingRule_ds_mr_user_password_equality = "1.3.6.1.4.1.26027.1.4.3" // 1.3.6.1.4.1.26027.1.3.1 DESC 'user password matching rule' MatchingRule_ds_mr_user_password_exact = "1.3.6.1.4.1.26027.1.4.2" // 1.3.6.1.4.1.26027.1.3.1 DESC 'user password exact matching rule' MatchingRule_ds_mr_double_metaphone_approx = "1.3.6.1.4.1.26027.1.4.1" // 1.3.6.1.4.1.26027.1.3.1 DESC 'Double Metaphone Approximate Match' MatchingRule_caseIgnoreIA5SubstringsMatch = "1.3.6.1.4.1.1466.109.114.3" // 1.3.6.1.4.1.1466.115.121.1.58 MatchingRule_caseIgnoreIA5Match = "1.3.6.1.4.1.1466.109.114.2" // 1.3.6.1.4.1.1466.115.121.1.26 MatchingRule_caseExactIA5Match = "1.3.6.1.4.1.1466.109.114.1" // 1.3.6.1.4.1.1466.115.121.1.26 MatchingRule_uuidOrderingMatch = "1.3.6.1.1.16.3" // 1.3.6.1.1.16.1 MatchingRule_uuidMatch = "1.3.6.1.1.16.2" // 1.3.6.1.1.16.1 )
At the moment just helper values for ServerSideSorting.
View Source
const ( ModAdd = 0 ModDelete = 1 ModReplace = 2 ModIncrement = 3 )
View Source
const ( ScopeBaseObject = 0 ScopeSingleLevel = 1 ScopeWholeSubtree = 2 )
View Source
const ( NeverDerefAliases = 0 DerefInSearching = 1 DerefFindingBaseObj = 2 DerefAlways = 3 )
View Source
const ( SearchResultEntry = ApplicationSearchResultEntry SearchResultReference = ApplicationSearchResultReference SearchResultDone = ApplicationSearchResultDone )
View Source
const (
FilterItem = 256
)
Variables ¶
View Source
var ApplicationMap = map[uint8]string{ ApplicationBindRequest: "Bind Request", ApplicationBindResponse: "Bind Response", ApplicationUnbindRequest: "Unbind Request", ApplicationSearchRequest: "Search Request", ApplicationSearchResultEntry: "Search Result Entry", ApplicationSearchResultDone: "Search Result Done", ApplicationModifyRequest: "Modify Request", ApplicationModifyResponse: "Modify Response", ApplicationAddRequest: "Add Request", ApplicationAddResponse: "Add Response", ApplicationDelRequest: "Del Request", ApplicationDelResponse: "Del Response", ApplicationModifyDNRequest: "Modify DN Request", ApplicationModifyDNResponse: "Modify DN Response", ApplicationCompareRequest: "Compare Request", ApplicationCompareResponse: "Compare Response", ApplicationAbandonRequest: "Abandon Request", ApplicationSearchResultReference: "Search Result Reference", ApplicationExtendedRequest: "Extended Request", ApplicationExtendedResponse: "Extended Response", }
View Source
var ControlDecodeMap = map[string]func(p *ber.Packet) (Control, error){ ControlTypeServerSideSortResponse: NewControlServerSideSortResponse, ControlTypePaging: NewControlPagingFromPacket, ControlTypeVlvResponse: NewControlVlvResponse, }
View Source
var ControlTypeMap = map[string]string{ ControlTypeMatchedValuesRequest: "MatchedValuesRequest", ControlTypePermissiveModifyRequest: "PermissiveModifyRequest", ControlTypePaging: "Paging", ControlTypeManageDsaITRequest: "ManageDsaITRequest", ControlTypeSubtreeDeleteRequest: "SubtreeDeleteRequest", ControlTypeNoOpRequest: "NoOpRequest", ControlTypeServerSideSortRequest: "ServerSideSortRequest", ControlTypeServerSideSortResponse: "ServerSideSortResponse", ControlTypeVlvRequest: "VlvRequest", ControlTypeVlvResponse: "VlvResponse", }
View Source
var DerefMap = map[int]string{ NeverDerefAliases: "NeverDerefAliases", DerefInSearching: "DerefInSearching", DerefFindingBaseObj: "DerefFindingBaseObj", DerefAlways: "DerefAlways", }
View Source
var FilterComponent = map[string]uint64{ "&": FilterAnd, "|": FilterOr, "!": FilterNot, "=": FilterEqualityMatch, ">=": FilterGreaterOrEqual, "<=": FilterLessOrEqual, "~=": FilterApproxMatch, }
View Source
var FilterDebug bool = false
View Source
var FilterMap = map[uint64]string{ FilterAnd: "And", FilterOr: "Or", FilterNot: "Not", FilterEqualityMatch: "Equality Match", FilterSubstrings: "Substrings", FilterGreaterOrEqual: "Greater Or Equal", FilterLessOrEqual: "Less Or Equal", FilterPresent: "Present", FilterApproxMatch: "Approx Match", FilterExtensibleMatch: "Extensible Match", }
View Source
var FilterSubstringsMap = map[uint64]string{ FilterSubstringsInitial: "Substrings Initial", FilterSubstringsAny: "Substrings Any", FilterSubstringsFinal: "Substrings Final", }
View Source
var LDAPResultCodeMap = map[uint8]string{ LDAPResultSuccess: "Success", LDAPResultOperationsError: "Operations Error", LDAPResultProtocolError: "Protocol Error", LDAPResultTimeLimitExceeded: "Time Limit Exceeded", LDAPResultSizeLimitExceeded: "Size Limit Exceeded", LDAPResultCompareFalse: "Compare False", LDAPResultCompareTrue: "Compare True", LDAPResultAuthMethodNotSupported: "Auth Method Not Supported", LDAPResultStrongAuthRequired: "Strong Auth Required", LDAPResultReferral: "Referral", LDAPResultAdminLimitExceeded: "Admin Limit Exceeded", LDAPResultUnavailableCriticalExtension: "Unavailable Critical Extension", LDAPResultConfidentialityRequired: "Confidentiality Required", LDAPResultSaslBindInProgress: "Sasl Bind In Progress", LDAPResultNoSuchAttribute: "No Such Attribute", LDAPResultUndefinedAttributeType: "Undefined Attribute Type", LDAPResultInappropriateMatching: "Inappropriate Matching", LDAPResultConstraintViolation: "Constraint Violation", LDAPResultAttributeOrValueExists: "Attribute Or Value Exists", LDAPResultInvalidAttributeSyntax: "Invalid Attribute Syntax", LDAPResultNoSuchObject: "No Such Object", LDAPResultAliasProblem: "Alias Problem", LDAPResultInvalidDNSyntax: "Invalid DN Syntax", LDAPResultAliasDereferencingProblem: "Alias Dereferencing Problem", LDAPResultInappropriateAuthentication: "Inappropriate Authentication", LDAPResultInvalidCredentials: "Invalid Credentials", LDAPResultInsufficientAccessRights: "Insufficient Access Rights", LDAPResultBusy: "Busy", LDAPResultUnavailable: "Unavailable", LDAPResultUnwillingToPerform: "Unwilling To Perform", LDAPResultLoopDetect: "Loop Detect", LDAPResultNamingViolation: "Naming Violation", LDAPResultObjectClassViolation: "Object Class Violation", LDAPResultNotAllowedOnNonLeaf: "Not Allowed On Non Leaf", LDAPResultNotAllowedOnRDN: "Not Allowed On RDN", LDAPResultEntryAlreadyExists: "Entry Already Exists", LDAPResultObjectClassModsProhibited: "Object Class Mods Prohibited", LDAPResultAffectsMultipleDSAs: "Affects Multiple DSAs", LDAPResultOther: "Other", ErrorNetwork: "ErrorNetwork", ErrorFilterCompile: "ErrorFilterCompile", ErrorFilterDecompile: "ErrorFilterDecompile", ErrorDebugging: "ErrorDebugging", ErrorEncoding: "ErrorEncoding", ErrorDecoding: "ErrorDecoding", ErrorMissingControl: "ErrorMissingControl", ErrorInvalidArgument: "ErrorInvalidArgument", ErrorLDIFRead: "ErrorLDIFRead", ErrorClosing: "ErrorClosing", }
View Source
var LDIFDebug bool = false
View Source
var ModMap map[uint8]string = map[uint8]string{ ModAdd: "add", ModDelete: "delete", ModReplace: "replace", ModIncrement: "increment", }
View Source
var ScopeMap = map[int]string{ ScopeBaseObject: "Base Object", ScopeSingleLevel: "Single Level", ScopeWholeSubtree: "Whole Subtree", }
View Source
var VlvDebug bool
Functions ¶
func AttributeValueAssertion ¶
func CompileFilter ¶
func DebugBinaryFile ¶
func DecompileFilter ¶
func EscapeFilterValue ¶
func NeedsBase64Encoding ¶
func NewLDAPError ¶
func UnescapeFilterValue ¶
Types ¶
type AddRequest ¶
func NewAddRequest ¶
func NewAddRequest(dn string) (req *AddRequest)
func (*AddRequest) AddAttribute ¶
func (req *AddRequest) AddAttribute(attr *EntryAttribute)
func (*AddRequest) AddAttributes ¶
func (req *AddRequest) AddAttributes(attrs []EntryAttribute)
func (*AddRequest) AddControl ¶
func (req *AddRequest) AddControl(control Control)
func (*AddRequest) Bytes ¶
func (req *AddRequest) Bytes() []byte
func (*AddRequest) RecordType ¶
func (req *AddRequest) RecordType() uint8
func (*AddRequest) String ¶
func (addReq *AddRequest) String() (dump string)
DumpAddRequest - Basic LDIF "like" dump for testing, no formating, etc
type CompareRequest ¶
func NewCompareRequest ¶
func NewCompareRequest(dn, name, value string) (req *CompareRequest)
type ConnectionInfo ¶
type ConnectionInfo struct {
Conn *LDAPConnection
MessageID uint64
}
type Control ¶
Control Interface
func FindControl ¶
func NewControlServerSideSortResponse ¶
SortResult ::= SEQUENCE {
sortResult ENUMERATED {
success (0), -- results are sorted
operationsError (1), -- server internal failure
timeLimitExceeded (3), -- timelimit reached before
-- sorting was completed
strongAuthRequired (8), -- refused to return sorted
-- results via insecure
-- protocol
adminLimitExceeded (11), -- too many matching entries
-- for the server to sort
noSuchAttribute (16), -- unrecognized attribute
-- type in sort key
inappropriateMatching (18), -- unrecognized or
-- inappropriate matching
-- rule in sort key
insufficientAccessRights (50), -- refused to return sorted
-- results to this client
busy (51), -- too busy to process
unwillingToPerform (53), -- unable to sort
other (80)
},
attributeType [0] AttributeDescription OPTIONAL }
func NewControlVlvResponse ¶
VirtualListViewResponse ::= SEQUENCE {
targetPosition INTEGER (0 .. maxInt),
contentCount INTEGER (0 .. maxInt),
virtualListViewResult ENUMERATED {
success (0),
operationsError (1),
protocolError (3),
unwillingToPerform (53),
insufficientAccessRights (50),
timeLimitExceeded (3),
adminLimitExceeded (11),
innapropriateMatching (18),
sortControlMissing (60),
offsetRangeError (61),
other(80),
... },
contextID OCTET STRING OPTIONAL }
func ReplaceControl ¶
type ControlMatchedValuesRequest ¶
func NewControlMatchedValuesRequest ¶
func NewControlMatchedValuesRequest(criticality bool, filter string) *ControlMatchedValuesRequest
func (*ControlMatchedValuesRequest) Decode ¶
func (c *ControlMatchedValuesRequest) Decode(p *ber.Packet) (*Control, error)
func (*ControlMatchedValuesRequest) Encode ¶
func (c *ControlMatchedValuesRequest) Encode() (p *ber.Packet, err error)
func (*ControlMatchedValuesRequest) GetControlType ¶
func (c *ControlMatchedValuesRequest) GetControlType() string
func (*ControlMatchedValuesRequest) String ¶
func (c *ControlMatchedValuesRequest) String() string
type ControlPaging ¶
func NewControlPaging ¶
func NewControlPaging(PagingSize uint32) *ControlPaging
func (*ControlPaging) Encode ¶
func (c *ControlPaging) Encode() (p *ber.Packet, err error)
func (*ControlPaging) GetControlType ¶
func (c *ControlPaging) GetControlType() string
func (*ControlPaging) SetCookie ¶
func (c *ControlPaging) SetCookie(Cookie []byte)
func (*ControlPaging) String ¶
func (c *ControlPaging) String() string
type ControlServerSideSortRequest ¶
type ControlServerSideSortRequest struct {
SortKeyList []ServerSideSortAttrRuleOrder
Criticality bool
}
func NewControlServerSideSortRequest ¶
func NewControlServerSideSortRequest(sortKeyList []ServerSideSortAttrRuleOrder, criticality bool) *ControlServerSideSortRequest
func (*ControlServerSideSortRequest) Decode ¶
func (c *ControlServerSideSortRequest) Decode(p *ber.Packet) (*Control, error)
func (*ControlServerSideSortRequest) Encode ¶
func (c *ControlServerSideSortRequest) Encode() (p *ber.Packet, err error)
func (*ControlServerSideSortRequest) GetControlType ¶
func (c *ControlServerSideSortRequest) GetControlType() string
func (*ControlServerSideSortRequest) String ¶
func (c *ControlServerSideSortRequest) String() string
type ControlServerSideSortResponse ¶
type ControlServerSideSortResponse struct {
AttributeName string // Optional
Criticality bool
Err error
}
func (*ControlServerSideSortResponse) Encode ¶
func (c *ControlServerSideSortResponse) Encode() (p *ber.Packet, err error)
func (*ControlServerSideSortResponse) GetControlType ¶
func (c *ControlServerSideSortResponse) GetControlType() string
func (*ControlServerSideSortResponse) String ¶
func (c *ControlServerSideSortResponse) String() string
type ControlString ¶
func NewControlManageDsaITRequest ¶
func NewControlManageDsaITRequest(criticality bool) *ControlString
func NewControlNoOpRequest ¶
func NewControlNoOpRequest() *ControlString
func NewControlPermissiveModifyRequest ¶
func NewControlPermissiveModifyRequest(criticality bool) *ControlString
func NewControlString ¶
func NewControlString(ControlType string, Criticality bool, ControlValue string) *ControlString
func NewControlSubtreeDeleteRequest ¶
func NewControlSubtreeDeleteRequest(criticality bool) *ControlString
func (*ControlString) Encode ¶
func (c *ControlString) Encode() (p *ber.Packet, err error)
func (*ControlString) GetControlType ¶
func (c *ControlString) GetControlType() string
func (*ControlString) String ¶
func (c *ControlString) String() string
type ControlVlvRequest ¶
type ControlVlvRequest struct {
Criticality bool
BeforeCount int32
AfterCount int32
ByOffset *VlvOffSet
GreaterThanOrEqual string
ContextID []byte
}
VirtualListViewRequest ::= SEQUENCE {
beforeCount INTEGER (0..maxInt),
afterCount INTEGER (0..maxInt),
target CHOICE {
byOffset [0] SEQUENCE {
offset INTEGER (1 .. maxInt),
contentCount INTEGER (0 .. maxInt) },
greaterThanOrEqual [1] AssertionValue },
contextID OCTET STRING OPTIONAL }
func (*ControlVlvRequest) Encode ¶
func (c *ControlVlvRequest) Encode() (*ber.Packet, error)
func (*ControlVlvRequest) GetControlType ¶
func (c *ControlVlvRequest) GetControlType() string
func (*ControlVlvRequest) String ¶
func (c *ControlVlvRequest) String() string
type ControlVlvResponse ¶
type ControlVlvResponse struct {
Criticality bool
TargetPosition uint64
ContentCount uint64
Err error // VirtualListViewResult
ContextID string
}
func (*ControlVlvResponse) Encode ¶
func (c *ControlVlvResponse) Encode() (p *ber.Packet, err error)
func (*ControlVlvResponse) GetControlType ¶
func (c *ControlVlvResponse) GetControlType() string
func (*ControlVlvResponse) String ¶
func (c *ControlVlvResponse) String() string
type DeleteRequest ¶
func NewDeleteRequest ¶
func NewDeleteRequest(dn string) (delReq *DeleteRequest)
func (*DeleteRequest) AddControl ¶
func (delReq *DeleteRequest) AddControl(control Control)
TDDO make generic for mod/del/search via interface.
func (*DeleteRequest) RecordType ¶
func (req *DeleteRequest) RecordType() uint8
type DiscreteSearchResult ¶
type Entry ¶
type Entry struct {
DN string
Attributes []*EntryAttribute
}
func (*Entry) AddAttributeValue ¶
AddAttributeValue - Add a single Attr value no check is done for duplicate values.
func (*Entry) AddAttributeValues ¶
AddAttributeValues - Add via a name and slice of values no check is done for duplicate values.
func (*Entry) GetAttributeIndex ¶
func (*Entry) GetAttributeValue ¶
GetAttributeValue - returning an empty string is a bad idea some directory servers will return empty attr values (Sunone). Just asking for trouble.
func (*Entry) GetAttributeValues ¶
func (*Entry) RecordType ¶
type EntryAttribute ¶
type LDAPConnection ¶
type LDAPConnection struct {
IsTLS bool
IsSSL bool
Debug bool
Addr string
NetworkConnectTimeout time.Duration
ReadTimeout time.Duration
AbandonMessageOnReadTimeout bool
TlsConfig *tls.Config
Dialer Dialable
// contains filtered or unexported fields
}
Conn - LDAP Connection and also pre/post connect configuation
IsTLS bool // default false IsSSL bool // default false Debug bool // default false NetworkConnectTimeout time.Duration // default 0 no timeout ReadTimeout time.Duration // default 0 no timeout AbandonMessageOnReadTimeout bool // send abandon on a ReadTimeout (not for searches yet) Addr string // default empty Dialer Dialable // default nil, optional network dialer to use (net.Dial()/net.DialTimeout() by default)
A minimal connection...
ldap := NewLDAPConnection("localhost",389)
err := ldap.Connect() // Connects the existing connection, or returns an error
func NewLDAPConnection ¶
func NewLDAPConnection(server string, port uint16) *LDAPConnection
NewConn returns a new basic connection. Should start connection via Connect
func NewLDAPSSLConnection ¶
func NewLDAPSSLConnection(server string, port uint16, tlsConfig *tls.Config) *LDAPConnection
func NewLDAPTLSConnection ¶
func NewLDAPTLSConnection(server string, port uint16, tlsConfig *tls.Config) *LDAPConnection
func (*LDAPConnection) Abandon ¶
func (l *LDAPConnection) Abandon(abandonMessageID uint64) error
Will return an error. Normally due to closed connection.
func (*LDAPConnection) Add ¶
func (l *LDAPConnection) Add(req *AddRequest) error
func (*LDAPConnection) Bind ¶
func (l *LDAPConnection) Bind(username, password string) error
Simple bind to the server. If using a timeout you should close the connection on a bind failure.
func (*LDAPConnection) Compare ¶
func (l *LDAPConnection) Compare(req *CompareRequest) (bool, error)
func (*LDAPConnection) Connect ¶
func (l *LDAPConnection) Connect() error
Connect connects using information in LDAPConnection. LDAPConnection should be populated with connection information.
func (*LDAPConnection) Delete ¶
func (l *LDAPConnection) Delete(delReq *DeleteRequest) (error error)
func (*LDAPConnection) Modify ¶
func (l *LDAPConnection) Modify(modReq *ModifyRequest) error
Example...
func modifyTest(l *ldap.Conn){
var modDNs []string = []string{"cn=test,ou=People,dc=example,dc=com"}
var modAttrs []string = []string{"cn"}
var modValues []string = []string{"aaa", "bbb", "ccc"}
modreq := ldap.NewModifyRequest(modDNs[0])
mod := ldap.NewMod(ldap.ModAdd, modAttrs[0], modValues)
modreq.AddMod(mod)
err := l.Modify(modreq)
if err != nil {
fmt.Printf("Modify : %s : result = %d\n",modDNs[0],err.ResultCode)
return
}
fmt.Printf("Modify Success")
}
ModifyRequest ::= [APPLICATION 6] SEQUENCE {
object LDAPDN,
changes SEQUENCE OF change SEQUENCE {
operation ENUMERATED {
add (0),
delete (1),
replace (2),
... },
modification PartialAttribute } }
func (*LDAPConnection) Search ¶
func (l *LDAPConnection) Search(searchRequest *SearchRequest) (*SearchResult, error)
Search is a blocking search. nil error on success.
func (*LDAPConnection) SearchWithHandler ¶
func (l *LDAPConnection) SearchWithHandler( searchRequest *SearchRequest, resultHandler SearchResultHandler, errorChan chan<- error, ) error
SearchWithHandler is the workhorse. Sends requests, decodes results and passes on to SearchResultHandlers to process.
SearchResultHandler, an interface, implemeneted by SearchResult. Handles the discreteSearchResults. Can provide own implemented to work on a result by result basis. errorChan - if nil then blocking, else error returned via channel upon completion. returns error if blocking.
func (*LDAPConnection) SearchWithPaging ¶
func (l *LDAPConnection) SearchWithPaging(searchRequest *SearchRequest, pagingSize uint32) (*SearchResult, error)
SearchWithPaging adds a paging control to the the searchRequest, with a size of pagingSize. It combines all the paged results into the returned SearchResult. It is a helper function for use with servers that require paging for certain result sizes (AD?).
It is NOT an efficent way to process huge result sets i.e. it doesn't process on a pageSize number of entries, it returns the combined result.
type LDAPError ¶
type LDAPError struct {
ResultCode uint8
// contains filtered or unexported fields
}
type LDIFReader ¶
type LDIFReader struct {
Version string
Charset string
Reader *bufio.Reader
NoMoreEntries bool
EntryCount uint64
LineCount uint64
}
func NewLDIFReader ¶
func NewLDIFReader(reader io.Reader) (*LDIFReader, error)
func (*LDIFReader) ReadLDIFEntry ¶
func (lr *LDIFReader) ReadLDIFEntry() (LDIFRecord, error)
type LDIFRecord ¶
type LDIFRecord interface {
RecordType() uint8
}
type LDIFWriter ¶
type LDIFWriter struct {
Writer *bufio.Writer
EncAsBinary func(string) bool
LineCount uint64
// contains filtered or unexported fields
}
func NewLDIFWriter ¶
func NewLDIFWriter(writer io.Writer) (*LDIFWriter, error)
func (*LDIFWriter) WriteLDIFRecord ¶
func (lw *LDIFWriter) WriteLDIFRecord(record LDIFRecord) error
type Mod ¶
type Mod struct {
ModOperation uint8
Modification EntryAttribute
}
Reuse search struct, should Values be a [][]byte
type EntryAttribute struct {
Name string
Values []string
}
type ModDnRequest ¶
type ModifyRequest ¶
func NewModifyRequest ¶
func NewModifyRequest(dn string) (req *ModifyRequest)
func (*ModifyRequest) AddControl ¶
func (req *ModifyRequest) AddControl(control Control)
func (*ModifyRequest) AddMod ¶
func (req *ModifyRequest) AddMod(mod *Mod)
func (*ModifyRequest) AddMods ¶
func (req *ModifyRequest) AddMods(mods []Mod)
func (*ModifyRequest) Bytes ¶
func (req *ModifyRequest) Bytes() []byte
func (*ModifyRequest) RecordType ¶
func (req *ModifyRequest) RecordType() uint8
func (*ModifyRequest) String ¶
func (req *ModifyRequest) String() (dump string)
Basic LDIF dump, no formating, etc
type SearchRequest ¶
type SearchRequest struct {
BaseDN string
Scope int
DerefAliases int
SizeLimit int
TimeLimit int
TypesOnly bool
Filter string
Attributes []string
Controls []Control
}
SearchRequest passed to Search functions.
func NewSearchRequest ¶
func NewSimpleSearchRequest ¶
func NewSimpleSearchRequest( BaseDN string, Scope int, Filter string, Attributes []string, ) *SearchRequest
NewSimpleSearchRequest only requires four parameters and defaults the other returned SearchRequest values to typical values...
DerefAliases: NeverDerefAliases SizeLimit: 0 TimeLimit: 0 TypesOnly: false Controls: nil
func (*SearchRequest) AddControl ¶
func (req *SearchRequest) AddControl(control Control)
AddControl adds the provided control to a SearchRequest
type SearchResult ¶
func (*SearchResult) ProcessDiscreteResult ¶
func (sr *SearchResult) ProcessDiscreteResult(dsr *DiscreteSearchResult, connInfo *ConnectionInfo) (stopProcessing bool, err error)
ProcessDiscreteResult handles an individual result from a server. Member of the SearchResultHandler interface. Results are placed into a SearchResult.
func (*SearchResult) String ¶
func (sr *SearchResult) String() (dump string)
type SearchResultHandler ¶
type SearchResultHandler interface {
ProcessDiscreteResult(*DiscreteSearchResult, *ConnectionInfo) (bool, error)
}
type TimedDialable ¶
An interface for a network dialing method compatible with net.DialTimeout()
type TimedDialer ¶
Converts a net.DialTimeout() compatible function to TimedDialable
func (TimedDialer) DialTimeout ¶
Source Files
Click to show internal directories.
Click to hide internal directories.