123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597 |
- """
- """
-
- # Created on 2014.05.14
- #
- # Author: Giovanni Cannata
- #
- # Copyright 2014 - 2018 Giovanni Cannata
- #
- # This file is part of ldap3.
- #
- # ldap3 is free software: you can redistribute it and/or modify
- # it under the terms of the GNU Lesser General Public License as published
- # by the Free Software Foundation, either version 3 of the License, or
- # (at your option) any later version.
- #
- # ldap3 is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU Lesser General Public License for more details.
- #
- # You should have received a copy of the GNU Lesser General Public License
- # along with ldap3 in the COPYING and COPYING.LESSER files.
- # If not, see <http://www.gnu.org/licenses/>.
-
- from os import sep
- from .results import RESULT_OPERATIONS_ERROR, RESULT_PROTOCOL_ERROR, RESULT_TIME_LIMIT_EXCEEDED, RESULT_SIZE_LIMIT_EXCEEDED, \
- RESULT_STRONGER_AUTH_REQUIRED, RESULT_REFERRAL, RESULT_ADMIN_LIMIT_EXCEEDED, RESULT_UNAVAILABLE_CRITICAL_EXTENSION, \
- RESULT_AUTH_METHOD_NOT_SUPPORTED, RESULT_UNDEFINED_ATTRIBUTE_TYPE, RESULT_NO_SUCH_ATTRIBUTE, \
- RESULT_SASL_BIND_IN_PROGRESS, RESULT_CONFIDENTIALITY_REQUIRED, RESULT_INAPPROPRIATE_MATCHING, \
- RESULT_CONSTRAINT_VIOLATION, \
- RESULT_ATTRIBUTE_OR_VALUE_EXISTS, RESULT_INVALID_ATTRIBUTE_SYNTAX, RESULT_NO_SUCH_OBJECT, RESULT_ALIAS_PROBLEM, \
- RESULT_INVALID_DN_SYNTAX, RESULT_ALIAS_DEREFERENCING_PROBLEM, RESULT_INVALID_CREDENTIALS, RESULT_LOOP_DETECTED, \
- RESULT_ENTRY_ALREADY_EXISTS, RESULT_LCUP_SECURITY_VIOLATION, RESULT_CANCELED, RESULT_E_SYNC_REFRESH_REQUIRED, \
- RESULT_NO_SUCH_OPERATION, RESULT_LCUP_INVALID_DATA, RESULT_OBJECT_CLASS_MODS_PROHIBITED, RESULT_NAMING_VIOLATION, \
- RESULT_INSUFFICIENT_ACCESS_RIGHTS, RESULT_OBJECT_CLASS_VIOLATION, RESULT_TOO_LATE, RESULT_CANNOT_CANCEL, \
- RESULT_LCUP_UNSUPPORTED_SCHEME, RESULT_BUSY, RESULT_AFFECT_MULTIPLE_DSAS, RESULT_UNAVAILABLE, \
- RESULT_NOT_ALLOWED_ON_NON_LEAF, \
- RESULT_UNWILLING_TO_PERFORM, RESULT_OTHER, RESULT_LCUP_RELOAD_REQUIRED, RESULT_ASSERTION_FAILED, \
- RESULT_AUTHORIZATION_DENIED, RESULT_LCUP_RESOURCES_EXHAUSTED, RESULT_NOT_ALLOWED_ON_RDN, \
- RESULT_INAPPROPRIATE_AUTHENTICATION
- import socket
-
-
- # LDAPException hierarchy
- class LDAPException(Exception):
- pass
-
-
- class LDAPOperationResult(LDAPException):
- def __new__(cls, result=None, description=None, dn=None, message=None, response_type=None, response=None):
- if cls is LDAPOperationResult and result and result in exception_table:
- exc = super(LDAPOperationResult, exception_table[result]).__new__(
- exception_table[result]) # create an exception of the required result error
- exc.result = result
- exc.description = description
- exc.dn = dn
- exc.message = message
- exc.type = response_type
- exc.response = response
- else:
- exc = super(LDAPOperationResult, cls).__new__(cls)
- return exc
-
- def __init__(self, result=None, description=None, dn=None, message=None, response_type=None, response=None):
- self.result = result
- self.description = description
- self.dn = dn
- self.message = message
- self.type = response_type
- self.response = response
-
- def __str__(self):
- s = [self.__class__.__name__,
- str(self.result) if self.result else None,
- self.description if self.description else None,
- self.dn if self.dn else None,
- self.message if self.message else None,
- self.type if self.type else None,
- self.response if self.response else None]
-
- return ' - '.join([str(item) for item in s if s is not None])
-
- def __repr__(self):
- return self.__str__()
-
-
- class LDAPOperationsErrorResult(LDAPOperationResult):
- pass
-
-
- class LDAPProtocolErrorResult(LDAPOperationResult):
- pass
-
-
- class LDAPTimeLimitExceededResult(LDAPOperationResult):
- pass
-
-
- class LDAPSizeLimitExceededResult(LDAPOperationResult):
- pass
-
-
- class LDAPAuthMethodNotSupportedResult(LDAPOperationResult):
- pass
-
-
- class LDAPStrongerAuthRequiredResult(LDAPOperationResult):
- pass
-
-
- class LDAPReferralResult(LDAPOperationResult):
- pass
-
-
- class LDAPAdminLimitExceededResult(LDAPOperationResult):
- pass
-
-
- class LDAPUnavailableCriticalExtensionResult(LDAPOperationResult):
- pass
-
-
- class LDAPConfidentialityRequiredResult(LDAPOperationResult):
- pass
-
-
- class LDAPSASLBindInProgressResult(LDAPOperationResult):
- pass
-
-
- class LDAPNoSuchAttributeResult(LDAPOperationResult):
- pass
-
-
- class LDAPUndefinedAttributeTypeResult(LDAPOperationResult):
- pass
-
-
- class LDAPInappropriateMatchingResult(LDAPOperationResult):
- pass
-
-
- class LDAPConstraintViolationResult(LDAPOperationResult):
- pass
-
-
- class LDAPAttributeOrValueExistsResult(LDAPOperationResult):
- pass
-
-
- class LDAPInvalidAttributeSyntaxResult(LDAPOperationResult):
- pass
-
-
- class LDAPNoSuchObjectResult(LDAPOperationResult):
- pass
-
-
- class LDAPAliasProblemResult(LDAPOperationResult):
- pass
-
-
- class LDAPInvalidDNSyntaxResult(LDAPOperationResult):
- pass
-
-
- class LDAPAliasDereferencingProblemResult(LDAPOperationResult):
- pass
-
-
- class LDAPInappropriateAuthenticationResult(LDAPOperationResult):
- pass
-
-
- class LDAPInvalidCredentialsResult(LDAPOperationResult):
- pass
-
-
- class LDAPInsufficientAccessRightsResult(LDAPOperationResult):
- pass
-
-
- class LDAPBusyResult(LDAPOperationResult):
- pass
-
-
- class LDAPUnavailableResult(LDAPOperationResult):
- pass
-
-
- class LDAPUnwillingToPerformResult(LDAPOperationResult):
- pass
-
-
- class LDAPLoopDetectedResult(LDAPOperationResult):
- pass
-
-
- class LDAPNamingViolationResult(LDAPOperationResult):
- pass
-
-
- class LDAPObjectClassViolationResult(LDAPOperationResult):
- pass
-
-
- class LDAPNotAllowedOnNotLeafResult(LDAPOperationResult):
- pass
-
-
- class LDAPNotAllowedOnRDNResult(LDAPOperationResult):
- pass
-
-
- class LDAPEntryAlreadyExistsResult(LDAPOperationResult):
- pass
-
-
- class LDAPObjectClassModsProhibitedResult(LDAPOperationResult):
- pass
-
-
- class LDAPAffectMultipleDSASResult(LDAPOperationResult):
- pass
-
-
- class LDAPOtherResult(LDAPOperationResult):
- pass
-
-
- class LDAPLCUPResourcesExhaustedResult(LDAPOperationResult):
- pass
-
-
- class LDAPLCUPSecurityViolationResult(LDAPOperationResult):
- pass
-
-
- class LDAPLCUPInvalidDataResult(LDAPOperationResult):
- pass
-
-
- class LDAPLCUPUnsupportedSchemeResult(LDAPOperationResult):
- pass
-
-
- class LDAPLCUPReloadRequiredResult(LDAPOperationResult):
- pass
-
-
- class LDAPCanceledResult(LDAPOperationResult):
- pass
-
-
- class LDAPNoSuchOperationResult(LDAPOperationResult):
- pass
-
-
- class LDAPTooLateResult(LDAPOperationResult):
- pass
-
-
- class LDAPCannotCancelResult(LDAPOperationResult):
- pass
-
-
- class LDAPAssertionFailedResult(LDAPOperationResult):
- pass
-
-
- class LDAPAuthorizationDeniedResult(LDAPOperationResult):
- pass
-
-
- class LDAPESyncRefreshRequiredResult(LDAPOperationResult):
- pass
-
-
- exception_table = {RESULT_OPERATIONS_ERROR: LDAPOperationsErrorResult,
- RESULT_PROTOCOL_ERROR: LDAPProtocolErrorResult,
- RESULT_TIME_LIMIT_EXCEEDED: LDAPTimeLimitExceededResult,
- RESULT_SIZE_LIMIT_EXCEEDED: LDAPSizeLimitExceededResult,
- RESULT_AUTH_METHOD_NOT_SUPPORTED: LDAPAuthMethodNotSupportedResult,
- RESULT_STRONGER_AUTH_REQUIRED: LDAPStrongerAuthRequiredResult,
- RESULT_REFERRAL: LDAPReferralResult,
- RESULT_ADMIN_LIMIT_EXCEEDED: LDAPAdminLimitExceededResult,
- RESULT_UNAVAILABLE_CRITICAL_EXTENSION: LDAPUnavailableCriticalExtensionResult,
- RESULT_CONFIDENTIALITY_REQUIRED: LDAPConfidentialityRequiredResult,
- RESULT_SASL_BIND_IN_PROGRESS: LDAPSASLBindInProgressResult,
- RESULT_NO_SUCH_ATTRIBUTE: LDAPNoSuchAttributeResult,
- RESULT_UNDEFINED_ATTRIBUTE_TYPE: LDAPUndefinedAttributeTypeResult,
- RESULT_INAPPROPRIATE_MATCHING: LDAPInappropriateMatchingResult,
- RESULT_CONSTRAINT_VIOLATION: LDAPConstraintViolationResult,
- RESULT_ATTRIBUTE_OR_VALUE_EXISTS: LDAPAttributeOrValueExistsResult,
- RESULT_INVALID_ATTRIBUTE_SYNTAX: LDAPInvalidAttributeSyntaxResult,
- RESULT_NO_SUCH_OBJECT: LDAPNoSuchObjectResult,
- RESULT_ALIAS_PROBLEM: LDAPAliasProblemResult,
- RESULT_INVALID_DN_SYNTAX: LDAPInvalidDNSyntaxResult,
- RESULT_ALIAS_DEREFERENCING_PROBLEM: LDAPAliasDereferencingProblemResult,
- RESULT_INAPPROPRIATE_AUTHENTICATION: LDAPInappropriateAuthenticationResult,
- RESULT_INVALID_CREDENTIALS: LDAPInvalidCredentialsResult,
- RESULT_INSUFFICIENT_ACCESS_RIGHTS: LDAPInsufficientAccessRightsResult,
- RESULT_BUSY: LDAPBusyResult,
- RESULT_UNAVAILABLE: LDAPUnavailableResult,
- RESULT_UNWILLING_TO_PERFORM: LDAPUnwillingToPerformResult,
- RESULT_LOOP_DETECTED: LDAPLoopDetectedResult,
- RESULT_NAMING_VIOLATION: LDAPNamingViolationResult,
- RESULT_OBJECT_CLASS_VIOLATION: LDAPObjectClassViolationResult,
- RESULT_NOT_ALLOWED_ON_NON_LEAF: LDAPNotAllowedOnNotLeafResult,
- RESULT_NOT_ALLOWED_ON_RDN: LDAPNotAllowedOnRDNResult,
- RESULT_ENTRY_ALREADY_EXISTS: LDAPEntryAlreadyExistsResult,
- RESULT_OBJECT_CLASS_MODS_PROHIBITED: LDAPObjectClassModsProhibitedResult,
- RESULT_AFFECT_MULTIPLE_DSAS: LDAPAffectMultipleDSASResult,
- RESULT_OTHER: LDAPOtherResult,
- RESULT_LCUP_RESOURCES_EXHAUSTED: LDAPLCUPResourcesExhaustedResult,
- RESULT_LCUP_SECURITY_VIOLATION: LDAPLCUPSecurityViolationResult,
- RESULT_LCUP_INVALID_DATA: LDAPLCUPInvalidDataResult,
- RESULT_LCUP_UNSUPPORTED_SCHEME: LDAPLCUPUnsupportedSchemeResult,
- RESULT_LCUP_RELOAD_REQUIRED: LDAPLCUPReloadRequiredResult,
- RESULT_CANCELED: LDAPCanceledResult,
- RESULT_NO_SUCH_OPERATION: LDAPNoSuchOperationResult,
- RESULT_TOO_LATE: LDAPTooLateResult,
- RESULT_CANNOT_CANCEL: LDAPCannotCancelResult,
- RESULT_ASSERTION_FAILED: LDAPAssertionFailedResult,
- RESULT_AUTHORIZATION_DENIED: LDAPAuthorizationDeniedResult,
- RESULT_E_SYNC_REFRESH_REQUIRED: LDAPESyncRefreshRequiredResult}
-
-
- class LDAPExceptionError(LDAPException):
- pass
-
-
- # configuration exceptions
- class LDAPConfigurationError(LDAPExceptionError):
- pass
-
-
- class LDAPUnknownStrategyError(LDAPConfigurationError):
- pass
-
-
- class LDAPUnknownAuthenticationMethodError(LDAPConfigurationError):
- pass
-
-
- class LDAPSSLConfigurationError(LDAPConfigurationError):
- pass
-
-
- class LDAPDefinitionError(LDAPConfigurationError):
- pass
-
-
- class LDAPPackageUnavailableError(LDAPConfigurationError, ImportError):
- pass
-
-
- class LDAPConfigurationParameterError(LDAPConfigurationError):
- pass
-
-
- # abstract layer exceptions
- class LDAPKeyError(LDAPExceptionError, KeyError, AttributeError):
- pass
-
-
- class LDAPObjectError(LDAPExceptionError, ValueError):
- pass
-
-
- class LDAPAttributeError(LDAPExceptionError, ValueError, TypeError):
- pass
-
-
- class LDAPCursorError(LDAPExceptionError):
- pass
-
- class LDAPObjectDereferenceError(LDAPExceptionError):
- pass
-
- # security exceptions
- class LDAPSSLNotSupportedError(LDAPExceptionError, ImportError):
- pass
-
-
- class LDAPInvalidTlsSpecificationError(LDAPExceptionError):
- pass
-
-
- class LDAPInvalidHashAlgorithmError(LDAPExceptionError, ValueError):
- pass
-
-
- # connection exceptions
- class LDAPBindError(LDAPExceptionError):
- pass
-
-
- class LDAPInvalidServerError(LDAPExceptionError):
- pass
-
-
- class LDAPSASLMechanismNotSupportedError(LDAPExceptionError):
- pass
-
-
- class LDAPConnectionIsReadOnlyError(LDAPExceptionError):
- pass
-
-
- class LDAPChangeError(LDAPExceptionError, ValueError):
- pass
-
-
- class LDAPServerPoolError(LDAPExceptionError):
- pass
-
-
- class LDAPServerPoolExhaustedError(LDAPExceptionError):
- pass
-
-
- class LDAPInvalidPortError(LDAPExceptionError):
- pass
-
-
- class LDAPStartTLSError(LDAPExceptionError):
- pass
-
-
- class LDAPCertificateError(LDAPExceptionError):
- pass
-
-
- class LDAPUserNameNotAllowedError(LDAPExceptionError):
- pass
-
-
- class LDAPUserNameIsMandatoryError(LDAPExceptionError):
- pass
-
-
- class LDAPPasswordIsMandatoryError(LDAPExceptionError):
- pass
-
-
- class LDAPInvalidFilterError(LDAPExceptionError):
- pass
-
-
- class LDAPInvalidScopeError(LDAPExceptionError, ValueError):
- pass
-
-
- class LDAPInvalidDereferenceAliasesError(LDAPExceptionError, ValueError):
- pass
-
-
- class LDAPInvalidValueError(LDAPExceptionError, ValueError):
- pass
-
-
- class LDAPControlError(LDAPExceptionError, ValueError):
- pass
-
-
- class LDAPExtensionError(LDAPExceptionError, ValueError):
- pass
-
-
- class LDAPLDIFError(LDAPExceptionError):
- pass
-
-
- class LDAPSchemaError(LDAPExceptionError):
- pass
-
-
- class LDAPSASLPrepError(LDAPExceptionError):
- pass
-
-
- class LDAPSASLBindInProgressError(LDAPExceptionError):
- pass
-
-
- class LDAPMetricsError(LDAPExceptionError):
- pass
-
-
- class LDAPObjectClassError(LDAPExceptionError):
- pass
-
-
- class LDAPInvalidDnError(LDAPExceptionError):
- pass
-
-
- class LDAPResponseTimeoutError(LDAPExceptionError):
- pass
-
-
- class LDAPTransactionError(LDAPExceptionError):
- pass
-
-
- # communication exceptions
- class LDAPCommunicationError(LDAPExceptionError):
- pass
-
-
- class LDAPSocketOpenError(LDAPCommunicationError):
- pass
-
-
- class LDAPSocketCloseError(LDAPCommunicationError):
- pass
-
-
- class LDAPSocketReceiveError(LDAPCommunicationError, socket.error):
- pass
-
-
- class LDAPSocketSendError(LDAPCommunicationError, socket.error):
- pass
-
-
- class LDAPSessionTerminatedByServerError(LDAPCommunicationError):
- pass
-
-
- class LDAPUnknownResponseError(LDAPCommunicationError):
- pass
-
-
- class LDAPUnknownRequestError(LDAPCommunicationError):
- pass
-
-
- class LDAPReferralError(LDAPCommunicationError):
- pass
-
-
- # pooling exceptions
- class LDAPConnectionPoolNameIsMandatoryError(LDAPExceptionError):
- pass
-
-
- class LDAPConnectionPoolNotStartedError(LDAPExceptionError):
- pass
-
-
- # restartable strategy
- class LDAPMaximumRetriesError(LDAPExceptionError):
- def __str__(self):
- s = []
- if self.args:
- if isinstance(self.args, tuple):
- if len(self.args) > 0:
- s.append('LDAPMaximumRetriesError: ' + str(self.args[0]))
- if len(self.args) > 1:
- s.append('Exception history:')
- prev_exc = ''
- for i, exc in enumerate(self.args[1]): # args[1] contains exception history
- if str(exc[1]) != prev_exc:
- s.append((str(i).rjust(5) + ' ' + str(exc[0]) + ': ' + str(exc[1]) + ' - ' + str(exc[2])))
- prev_exc = str(exc[1])
-
- if len(self.args) > 2:
- s.append('Maximum number of retries reached: ' + str(self.args[2]))
- else:
- s = [LDAPExceptionError.__str__(self)]
-
- return sep.join(s)
-
-
- # exception factories
- def communication_exception_factory(exc_to_raise, exc):
- """
- Generates a new exception class of the requested type (subclass of LDAPCommunication) merged with the exception raised by the interpreter
- """
- if exc_to_raise.__name__ in [cls.__name__ for cls in LDAPCommunicationError.__subclasses__()]:
- return type(exc_to_raise.__name__, (exc_to_raise, type(exc)), dict())
- else:
- raise LDAPExceptionError('unable to generate exception type ' + str(exc_to_raise))
-
-
- def start_tls_exception_factory(exc_to_raise, exc):
- """
- Generates a new exception class of the requested type (subclass of LDAPCommunication) merged with the exception raised by the interpreter
- """
-
- if exc_to_raise.__name__ == 'LDAPStartTLSError':
- return type(exc_to_raise.__name__, (exc_to_raise, type(exc)), dict())
- else:
- raise LDAPExceptionError('unable to generate exception type ' + str(exc_to_raise))
|