Menu
▾
▴
python-ldap-dev
|
From: Andreas H. <aha...@te...> - 2007-06-05 21:12:52
Attachments:
preread-asn1.py
|
I have been having fun with controls. Today I tried to use the Pre-Read control together with the modify+increment extension, so that modify+increment becomes actually useful. I first added the encoding part to the ldap.so module, but later got a response from the pyasn1 mailing list and tried again in pure python. The result is attached. It's not complete yet, just a test. The script uses mod_increment to increment uidNumber and gidNumber by one. Attached to the modify operation is the preread control, so the response includes the value prior to the modification. Here is the output of two consecutive runs. Both attributes started at 1000 in LDAP: $ ./preread-asn1.py res: (103, [], 2, [PreReadControl(1.3.6.1.1.13.1,1.3.6.1.1.13.1,'0M\x04\x1fcn=unixIdPool,dc=example,dc=com0*0\x13\x04\tgidNumber1\x06\x04\x0410000\x13\x04\tuidNumber1\x06\x04\x041000')]) $ ./preread-asn1.py res: (103, [], 2, [PreReadControl(1.3.6.1.1.13.1,1.3.6.1.1.13.1,'0M\x04\x1fcn=unixIdPool,dc=example,dc=com0*0\x13\x04\tgidNumber1\x06\x04\x0410010\x13\x04\tuidNumber1\x06\x04\x041001')]) First one returns "1000", and the second one "1001" for both attributes. Now it's at 1002. The decoding part will probably be more difficult... As the control response is a SearchResultEntry which is a bit more complex to decode. |
|
From: <mi...@st...> - 2007-06-06 12:16:22
|
Andreas, Andreas Hasenack wrote: > I have been having fun with controls. Today I tried to use the Pre-Read > control together with the modify+increment extension, so that > modify+increment becomes actually useful. Thanks for sharing your experiences. > I first added the encoding part to the ldap.so module, but later got a > response from the pyasn1 mailing list and tried again in pure python. Saw your postings there. I'm also lurking on the pyasn1-users mailing list. The author seems to be quite responsive. > The decoding part will probably be more difficult... As the control > response is a SearchResultEntry which is a bit more complex to decode. How about exposing the function LDAPmessage_to_python() in message.c. It's used also to parse search results invoked by l_ldap_result3() in LDAPObject.c. Ciao, Michael. |
|
From: Andreas H. <aha...@te...> - 2007-06-06 12:38:43
|
On Wed, Jun 06, 2007 at 02:16:11PM +0200, Michael Ströder wrote: > Andreas, > > Andreas Hasenack wrote: > > I have been having fun with controls. Today I tried to use the Pre-Read > > control together with the modify+increment extension, so that > > modify+increment becomes actually useful. > > Thanks for sharing your experiences. > > > I first added the encoding part to the ldap.so module, but later got a > > response from the pyasn1 mailing list and tried again in pure python. > > Saw your postings there. I'm also lurking on the pyasn1-users mailing > list. The author seems to be quite responsive. Yes he does > > The decoding part will probably be more difficult... As the control > > response is a SearchResultEntry which is a bit more complex to decode. > > How about exposing the function LDAPmessage_to_python() in message.c. > It's used also to parse search results invoked by l_ldap_result3() in > LDAPObject.c. Right. Later on I was thinking "but wait, python-ldap must already have such a function". I will check. Thanks |
|
From: Andreas H. <aha...@te...> - 2007-06-20 20:50:40
|
On Wed, Jun 06, 2007 at 02:16:11PM +0200, Michael Ströder wrote: > Andreas, > > Andreas Hasenack wrote: > > I have been having fun with controls. Today I tried to use the Pre-Read > > control together with the modify+increment extension, so that > > modify+increment becomes actually useful. > > Thanks for sharing your experiences. > > > I first added the encoding part to the ldap.so module, but later got a > > response from the pyasn1 mailing list and tried again in pure python. > > Saw your postings there. I'm also lurking on the pyasn1-users mailing > list. The author seems to be quite responsive. > > > > The decoding part will probably be more difficult... As the control > > response is a SearchResultEntry which is a bit more complex to decode. > > How about exposing the function LDAPmessage_to_python() in message.c. > It's used also to parse search results invoked by l_ldap_result3() in > LDAPObject.c. Hmm, the problem is that at that moment of decoding the control I don't have access to the LDAP* structure anymore, so I can't use LDAPmessage_to_python(). Or I'm missing something. All I have is the controlValue, which is an ldap message as returned by ldap_result which I would usually parse with ldap_first_message(3) and ldap_next_message(3). |
|
From: <mi...@st...> - 2007-07-19 11:21:35
|
Hello Andreas, I've added your demo script to python-ldap's CVS as Demo/pyasn1/prereadcontrol.py. I'd appreciate if you could implement the decodeControlValue() method with pyasn1. Ciao, Michael. Andreas Hasenack wrote: > I have been having fun with controls. Today I tried to use the Pre-Read > control together with the modify+increment extension, so that > modify+increment becomes actually useful. > > I first added the encoding part to the ldap.so module, but later got a > response from the pyasn1 mailing list and tried again in pure python. > The result is attached. It's not complete yet, just a test. > > The script uses mod_increment to increment uidNumber and gidNumber by > one. Attached to the modify operation is the preread control, so the > response includes the value prior to the modification. > > Here is the output of two consecutive runs. Both attributes started at > 1000 in LDAP: > > $ ./preread-asn1.py > res: (103, [], 2, [PreReadControl(1.3.6.1.1.13.1,1.3.6.1.1.13.1,'0M\x04\x1fcn=unixIdPool,dc=example,dc=com0*0\x13\x04\tgidNumber1\x06\x04\x0410000\x13\x04\tuidNumber1\x06\x04\x041000')]) > $ ./preread-asn1.py > res: (103, [], 2, [PreReadControl(1.3.6.1.1.13.1,1.3.6.1.1.13.1,'0M\x04\x1fcn=unixIdPool,dc=example,dc=com0*0\x13\x04\tgidNumber1\x06\x04\x0410010\x13\x04\tuidNumber1\x06\x04\x041001')]) > > First one returns "1000", and the second one "1001" for both attributes. > Now it's at 1002. > > The decoding part will probably be more difficult... As the control > response is a SearchResultEntry which is a bit more complex to decode. |
|
From: Andreas H. <aha...@te...> - 2007-07-19 14:09:04
|
On Thu, Jul 19, 2007 at 01:21:07PM +0200, Michael Ströder wrote: > Hello Andreas, > > I've added your demo script to python-ldap's CVS as > Demo/pyasn1/prereadcontrol.py. I'd appreciate if you could implement the > decodeControlValue() method with pyasn1. I think that would be more difficult, there are lots of classes that would need to be created, I guess almost the entire LDAP specification :) I'll try something with openldap's internal functions, but last time I hit a rock because I needed the connection object to do that, and it wasn't available. |
|
From: <mi...@st...> - 2007-07-19 15:03:32
|
Andreas Hasenack wrote: > On Thu, Jul 19, 2007 at 01:21:07PM +0200, Michael Str=F6der wrote: >> Hello Andreas, >> >> I've added your demo script to python-ldap's CVS as >> Demo/pyasn1/prereadcontrol.py. I'd appreciate if you could implement t= he >> decodeControlValue() method with pyasn1. >=20 > I think that would be more difficult, there are lots of classes that > would need to be created, I guess almost the entire LDAP specification > :) Hmm...do you really think so? > I'll try something with openldap's internal functions, but last time I > hit a rock because I needed the connection object to do that, and it > wasn't available. I'd be interested to implement support for the post-read control in web2ldap because if you add/modify entries to OpenLDAP's back-config the DNs may be modified (due to X-ORDERED). Ciao, Michael. |
|
From: Andreas H. <aha...@te...> - 2007-07-20 14:16:15
|
On Thu, Jul 19, 2007 at 05:03:12PM +0200, Michael Ströder wrote: > Andreas Hasenack wrote: > > On Thu, Jul 19, 2007 at 01:21:07PM +0200, Michael Ströder wrote: > >> Hello Andreas, > >> > >> I've added your demo script to python-ldap's CVS as > >> Demo/pyasn1/prereadcontrol.py. I'd appreciate if you could implement the > >> decodeControlValue() method with pyasn1. > > > > I think that would be more difficult, there are lots of classes that > > would need to be created, I guess almost the entire LDAP specification > > :) > > Hmm...do you really think so? That was my impression when I first tried it. Since the control result is exactly like the ldap search result value, it means it can hold a lot of things. > > I'll try something with openldap's internal functions, but last time I > > hit a rock because I needed the connection object to do that, and it > > wasn't available. > > I'd be interested to implement support for the post-read control in > web2ldap because if you add/modify entries to OpenLDAP's back-config the > DNs may be modified (due to X-ORDERED). Does web2ldap have any special handling of the back-config entries? I find that using a regular ldap client to handle these entries is cumbersome (didn't try web2ldap: only lyma and gq so far). |
|
From: <mi...@st...> - 2007-07-20 15:47:17
|
Andreas Hasenack wrote: > > Does web2ldap have any special handling of the back-config entries? Not up to now. But using the LDIF and HTML templates pre-configured for cn=config name space is quite handy. You can contact me off-list if you need further information on that. You might find some therein: http://www.openldap.org/conf/odd-tuebingen-2006/Michael.pdf The templates are available in the normal source distribution. > I find that using a regular ldap client to handle these entries is > cumbersome (didn't try web2ldap: only lyma and gq so far). In web2ldap the DN handling after add/modify is somewhat strange if the DN is changed by X-ORDERED handling. I presented this at ODD 2006. Kurt et al suggested to use post-read control. Ciao, Michael. |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X