需要发送消息ID设置为0值的LDAP搜索请求(作为RFC验证测试的一部分)。尝试从apache目录api示例部分中修改以下代码:
import java.io.IOException;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.api.ldap.model.message.SearchRequest;
import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.exception.LdapNoPermissionException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
public class ManageLDAPConnection {
private static Dn getSafeSearchBaseDn(String dn) throws LdapInvalidDnException{
Dn searchBaseDn = null;
if (dn != null && !dn.isEmpty()){
searchBaseDn = new Dn(dn);
}else{
searchBaseDn = Dn.ROOT_DSE;
}
return searchBaseDn;
}
public static void main (String[] args) {
int messageId = 0;
int port = 389;
String username = "<Admin CN>";
String password = "<Password>";
String hostname = "<IP>";
SearchCursor searchResult = null;
String dn = "<DN>";
String filterExpr = "(objectclass=*)";
org.apache.directory.api.ldap.model.message.SearchScope searchScopeValue = org.apache.directory.api.ldap.model.message.SearchScope.OBJECT;
LdapConnection connection = new LdapNetworkConnection(hostname, port);
try {
connection.bind(username, password);
System.out.println("Connected successfully");
} catch (LdapException e) {
System.out.println("Unable to bind");
}
try {
SearchRequest searchRequest = new SearchRequestImpl();
System.out.println(searchRequest.getMessageId());
searchRequest.setMessageId(0);
System.out.println(searchRequest.getMessageId());
searchRequest.setBase(getSafeSearchBaseDn(dn));
searchRequest.setFilter(filterExpr);
searchRequest.setScope(searchScopeValue);
searchResult = connection.search(searchRequest);
} catch (LdapNoPermissionException e){
System.out.println("No permission exception");
} catch (LdapException e){
System.out.println("LDAP Exception: " + e.getMessage());
}
}
}
上面的代码能够发送请求,但消息ID仍然以非零的形式发送, 即使已完成以下任务:
searchRequest.setMessageId(0);
答案 0 :(得分:0)
您显然必须使用不同的库,或修改此库,或者转到较低级别。毫无疑问,这个图书馆可以防止你在脚下射击。
答案 1 :(得分:0)
在python的pyasn1-modules中有一些解决方案。以下似乎运作良好:
from pyasn1.type import univ, namedval, namedtype, tag
from pyasn1.codec.ber import encoder
import socket
from pyasn1_modules.rfc2251 import *
ldap_bind_request = BindRequest()
ldap_bind_request.setComponentByName('version', 3)
ldap_bind_request.setComponentByName('name', 'cn=admin,o=org')
ldap_auth = AuthenticationChoice()
ldap_auth.setComponentByName('simple', 'mypwd')
ldap_bind_request.setComponentByName('authentication', ldap_auth)
ldap_message = LDAPMessage()
ldap_message.setComponentByName('messageID', 0)
ldap_message.setComponentByName('protocolOp', ldap_bind_request)
print(ldap_bind_request.prettyPrint())
print(dir(ldap_bind_request))
encoded_request = encoder.encode(ldap_message)
print(encoded_request)
asock = socket.socket()
asock.connect(('127.0.0.1', 389))
asock.send(encoded_request)
有一些名为JAVA ASN.1编译器(JAC)的东西。试着看看它们是否提供类似的东西,而不是面向对象的复杂性,这在java中很常见:)