[ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 2 package Net::LDAP::ASN; 3 4 $VERSION = "0.08"; 5 6 use Convert::ASN1; 7 8 my $asn = Convert::ASN1->new; 9 10 sub import { 11 my $pkg = shift; 12 my $caller = caller; 13 14 foreach my $macro (@_) { 15 my $obj = $asn->find($macro) 16 or require Carp and Carp::croak("Unknown macro '$macro'"); 17 18 *{"$caller\::$macro"} = \$obj; 19 } 20 } 21 22 $asn->prepare(<<LDAP_ASN) or die $asn->error; 23 24 -- We have split LDAPMessage into LDAPResponse and LDAPRequest 25 -- The purpose of this is two fold 26 -- 1) for encode we don't want the protocolOp 27 -- in the hierarchy as it is not really needed 28 -- 2) For decode we do want it, this allows Net::LDAP::Message::decode 29 -- to be much simpler. Decode will also be faster due to 30 -- less elements in the CHOICE 31 32 LDAPRequest ::= SEQUENCE { 33 messageID MessageID, 34 --protocolOp 35 CHOICE { 36 bindRequest BindRequest, 37 unbindRequest UnbindRequest, 38 searchRequest SearchRequest, 39 modifyRequest ModifyRequest, 40 addRequest AddRequest, 41 delRequest DelRequest, 42 modDNRequest ModifyDNRequest, 43 compareRequest CompareRequest, 44 abandonRequest AbandonRequest, 45 extendedReq ExtendedRequest} 46 controls [0] Controls OPTIONAL } 47 48 LDAPResponse ::= SEQUENCE { 49 messageID MessageID, 50 protocolOp CHOICE { 51 bindResponse BindResponse, 52 searchResEntry SearchResultEntry, 53 searchResDone SearchResultDone, 54 searchResRef SearchResultReference, 55 modifyResponse ModifyResponse, 56 addResponse AddResponse, 57 delResponse DelResponse, 58 modDNResponse ModifyDNResponse, 59 compareResponse CompareResponse, 60 extendedResp ExtendedResponse, 61 intermediateResponse IntermediateResponse } 62 controls [0] Controls OPTIONAL } 63 64 MessageID ::= INTEGER -- (0 .. maxInt) 65 66 -- maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) -- 67 68 LDAPString ::= OCTET STRING -- UTF8String ?? 69 70 LDAPOID ::= OCTET STRING 71 72 LDAPDN ::= LDAPString 73 74 RelativeLDAPDN ::= LDAPString 75 76 AttributeType ::= LDAPString 77 78 AttributeDescription ::= LDAPString 79 80 AttributeDescriptionList ::= SEQUENCE OF 81 AttributeDescription 82 83 AttributeValue ::= OCTET STRING 84 85 AttributeValueAssertion ::= SEQUENCE { 86 attributeDesc AttributeDescription, 87 assertionValue AssertionValue } 88 89 AssertionValue ::= OCTET STRING 90 91 Attribute ::= SEQUENCE { 92 type AttributeDescription, 93 vals SET OF AttributeValue } 94 95 MatchingRuleId ::= LDAPString 96 97 LDAPResult ::= SEQUENCE { 98 resultCode ENUMERATED { 99 success (0), 100 operationsError (1), 101 protocolError (2), 102 timeLimitExceeded (3), 103 sizeLimitExceeded (4), 104 compareFalse (5), 105 compareTrue (6), 106 authMethodNotSupported (7), 107 strongAuthRequired (8), 108 -- 9 reserved -- 109 referral (10), -- new 110 adminLimitExceeded (11), -- new 111 unavailableCriticalExtension (12), -- new 112 confidentialityRequired (13), -- new 113 saslBindInProgress (14), -- new 114 noSuchAttribute (16), 115 undefinedAttributeType (17), 116 inappropriateMatching (18), 117 constraintViolation (19), 118 attributeOrValueExists (20), 119 invalidAttributeSyntax (21), 120 -- 22-31 unused -- 121 noSuchObject (32), 122 aliasProblem (33), 123 invalidDNSyntax (34), 124 -- 35 reserved for undefined isLeaf -- 125 aliasDereferencingProblem (36), 126 -- 37-47 unused -- 127 inappropriateAuthentication (48), 128 invalidCredentials (49), 129 insufficientAccessRights (50), 130 busy (51), 131 unavailable (52), 132 unwillingToPerform (53), 133 loopDetect (54), 134 -- 55-63 unused -- 135 namingViolation (64), 136 objectClassViolation (65), 137 notAllowedOnNonLeaf (66), 138 notAllowedOnRDN (67), 139 entryAlreadyExists (68), 140 objectClassModsProhibited (69), 141 -- 70 reserved for CLDAP -- 142 affectsMultipleDSAs (71), -- new 143 -- 72-79 unused -- 144 other (80)} 145 -- 81-90 reserved for APIs -- 146 matchedDN LDAPDN, 147 errorMessage LDAPString, 148 referral [3] Referral OPTIONAL } 149 150 Referral ::= SEQUENCE OF LDAPURL 151 152 LDAPURL ::= LDAPString -- limited to characters permitted in URLs 153 154 Controls ::= SEQUENCE OF Control 155 156 -- Names changed here for backwards compat with previous 157 -- Net::LDAP --GMB 158 Control ::= SEQUENCE { 159 type LDAPOID, -- controlType 160 critical BOOLEAN OPTIONAL, -- DEFAULT FALSE, -- criticality 161 value OCTET STRING OPTIONAL } -- controlValue 162 163 BindRequest ::= [APPLICATION 0] SEQUENCE { 164 version INTEGER, -- (1 .. 127), 165 name LDAPDN, 166 authentication AuthenticationChoice } 167 168 AuthenticationChoice ::= CHOICE { 169 simple [0] OCTET STRING, 170 -- 1 and 2 reserved 171 sasl [3] SaslCredentials } 172 173 SaslCredentials ::= SEQUENCE { 174 mechanism LDAPString, 175 credentials OCTET STRING OPTIONAL } 176 177 BindResponse ::= [APPLICATION 1] SEQUENCE { 178 COMPONENTS OF LDAPResult, 179 serverSaslCreds [7] OCTET STRING OPTIONAL } 180 181 UnbindRequest ::= [APPLICATION 2] NULL 182 183 SearchRequest ::= [APPLICATION 3] SEQUENCE { 184 baseObject LDAPDN, 185 scope ENUMERATED { 186 baseObject (0), 187 singleLevel (1), 188 wholeSubtree (2) } 189 derefAliases ENUMERATED { 190 neverDerefAliases (0), 191 derefInSearching (1), 192 derefFindingBaseObj (2), 193 derefAlways (3) } 194 sizeLimit INTEGER , -- (0 .. maxInt), 195 timeLimit INTEGER , -- (0 .. maxInt), 196 typesOnly BOOLEAN, 197 filter Filter, 198 attributes AttributeDescriptionList } 199 200 Filter ::= CHOICE { 201 and [0] SET OF Filter, 202 or [1] SET OF Filter, 203 not [2] Filter, 204 equalityMatch [3] AttributeValueAssertion, 205 substrings [4] SubstringFilter, 206 greaterOrEqual [5] AttributeValueAssertion, 207 lessOrEqual [6] AttributeValueAssertion, 208 present [7] AttributeDescription, 209 approxMatch [8] AttributeValueAssertion, 210 extensibleMatch [9] MatchingRuleAssertion } 211 212 SubstringFilter ::= SEQUENCE { 213 type AttributeDescription, 214 -- at least one must be present 215 substrings SEQUENCE OF CHOICE { 216 initial [0] LDAPString, 217 any [1] LDAPString, 218 final [2] LDAPString } } 219 220 MatchingRuleAssertion ::= SEQUENCE { 221 matchingRule [1] MatchingRuleId OPTIONAL, 222 type [2] AttributeDescription OPTIONAL, 223 matchValue [3] AssertionValue, 224 dnAttributes [4] BOOLEAN OPTIONAL } -- DEFAULT FALSE } 225 226 SearchResultEntry ::= [APPLICATION 4] SEQUENCE { 227 objectName LDAPDN, 228 attributes PartialAttributeList } 229 230 PartialAttributeList ::= SEQUENCE OF SEQUENCE { 231 type AttributeDescription, 232 vals SET OF AttributeValue } 233 234 SearchResultReference ::= [APPLICATION 19] SEQUENCE OF LDAPURL 235 236 SearchResultDone ::= [APPLICATION 5] LDAPResult 237 238 ModifyRequest ::= [APPLICATION 6] SEQUENCE { 239 object LDAPDN, 240 modification SEQUENCE OF SEQUENCE { 241 operation ENUMERATED { 242 add (0), 243 delete (1), 244 replace (2), 245 increment (3) } -- increment from RFC 4525 246 modification AttributeTypeAndValues } } 247 248 AttributeTypeAndValues ::= SEQUENCE { 249 type AttributeDescription, 250 vals SET OF AttributeValue } 251 252 ModifyResponse ::= [APPLICATION 7] LDAPResult 253 254 AddRequest ::= [APPLICATION 8] SEQUENCE { 255 objectName LDAPDN, 256 attributes AttributeList } 257 258 AttributeList ::= SEQUENCE OF SEQUENCE { 259 type AttributeDescription, 260 vals SET OF AttributeValue } 261 262 AddResponse ::= [APPLICATION 9] LDAPResult 263 264 DelRequest ::= [APPLICATION 10] LDAPDN 265 266 DelResponse ::= [APPLICATION 11] LDAPResult 267 268 ModifyDNRequest ::= [APPLICATION 12] SEQUENCE { 269 entry LDAPDN, 270 newrdn RelativeLDAPDN, 271 deleteoldrdn BOOLEAN, 272 newSuperior [0] LDAPDN OPTIONAL } 273 274 ModifyDNResponse ::= [APPLICATION 13] LDAPResult 275 276 CompareRequest ::= [APPLICATION 14] SEQUENCE { 277 entry LDAPDN, 278 ava AttributeValueAssertion } 279 280 CompareResponse ::= [APPLICATION 15] LDAPResult 281 282 AbandonRequest ::= [APPLICATION 16] MessageID 283 284 ExtendedRequest ::= [APPLICATION 23] SEQUENCE { 285 requestName [0] LDAPOID, 286 requestValue [1] OCTET STRING OPTIONAL } 287 288 ExtendedResponse ::= [APPLICATION 24] SEQUENCE { 289 COMPONENTS OF LDAPResult, 290 responseName [10] LDAPOID OPTIONAL, 291 response [11] OCTET STRING OPTIONAL } 292 293 IntermediateResponse ::= [APPLICATION 25] SEQUENCE { 294 responseName [0] LDAPOID OPTIONAL, 295 responseValue [1] OCTET STRING OPTIONAL } 296 297 298 -- Virtual List View Control 299 VirtualListViewRequest ::= SEQUENCE { 300 beforeCount INTEGER , --(0 .. maxInt), 301 afterCount INTEGER , --(0 .. maxInt), 302 CHOICE { 303 byoffset [0] SEQUENCE { 304 offset INTEGER , --(0 .. maxInt), 305 contentCount INTEGER } --(0 .. maxInt) } 306 byValue [1] AssertionValue } 307 -- byValue [1] greaterThanOrEqual assertionValue } 308 contextID OCTET STRING OPTIONAL } 309 310 VirtualListViewResponse ::= SEQUENCE { 311 targetPosition INTEGER , --(0 .. maxInt), 312 contentCount INTEGER , --(0 .. maxInt), 313 virtualListViewResult ENUMERATED { 314 success (0), 315 operatonsError (1), 316 unwillingToPerform (53), 317 insufficientAccessRights (50), 318 busy (51), 319 timeLimitExceeded (3), 320 adminLimitExceeded (11), 321 sortControlMissing (60), 322 indexRangeError (61), 323 other (80) } 324 contextID OCTET STRING OPTIONAL } 325 326 327 LDAPEntry ::= COMPONENTS OF AddRequest 328 329 -- RFC-2891 Server Side Sorting Control 330 -- Current parser does not allow a named entity following the ::= 331 -- so we use a COMPONENTS OF hack 332 SortRequestDummy ::= SEQUENCE { 333 order SEQUENCE OF SEQUENCE { 334 type OCTET STRING, 335 orderingRule [0] OCTET STRING OPTIONAL, 336 reverseOrder [1] BOOLEAN OPTIONAL } } 337 338 SortRequest ::= COMPONENTS OF SortRequestDummy 339 340 SortResult ::= SEQUENCE { 341 sortResult ENUMERATED { 342 success (0), -- results are sorted 343 operationsError (1), -- server internal failure 344 timeLimitExceeded (3), -- timelimit reached before 345 -- sorting was completed 346 strongAuthRequired (8), -- refused to return sorted 347 -- results via insecure 348 -- protocol 349 adminLimitExceeded (11), -- too many matching entries 350 -- for the server to sort 351 noSuchAttribute (16), -- unrecognized attribute 352 -- type in sort key 353 inappropriateMatching (18), -- unrecognized or inappro- 354 -- priate matching rule in 355 -- sort key 356 insufficientAccessRights (50), -- refused to return sorted 357 -- results to this client 358 busy (51), -- too busy to process 359 unwillingToPerform (53), -- unable to sort 360 other (80) } 361 attributeType [0] AttributeDescription OPTIONAL } 362 363 -- RFC-2696 Paged Results Control 364 realSearchControlValue ::= SEQUENCE { 365 size INTEGER, -- (0..maxInt), 366 -- requested page size from client 367 -- result set size estimate from server 368 cookie OCTET STRING } 369 370 -- draft-behera-ldap-password-policy-09 371 ppControlResponse ::= SEQUENCE { 372 warning [0] PPWarning OPTIONAL, 373 error [1] PPError OPTIONAL 374 } 375 PPWarning ::= CHOICE { 376 timeBeforeExpiration [0] INTEGER, -- (0..maxInt), 377 graceAuthNsRemaining [1] INTEGER -- (0..maxInt) 378 } 379 PPError ::= ENUMERATED { 380 passwordExpired (0), 381 accountLocked (1), 382 changeAfterReset (2), 383 passwordModNotAllowed (3), 384 mustSupplyOldPassword (4), 385 insufficientPasswordQuality (5), 386 passwordTooShort (6), 387 passwordTooYoung (7), 388 passwordInHistory (8) 389 } 390 391 -- RFC-4370 Proxied Authorization Control 392 proxyAuthValue ::= SEQUENCE { 393 proxyDN LDAPDN 394 } 395 396 -- RFC-3296 ManageDsaIT Control 397 ManageDsaIT ::= SEQUENCE { 398 dummy INTEGER OPTIONAL -- it really is unused 399 } 400 401 -- Persistent Search Control 402 PersistentSearch ::= SEQUENCE { 403 changeTypes INTEGER, 404 changesOnly BOOLEAN, 405 returnECs BOOLEAN 406 } 407 408 -- Entry Change Notification Control 409 EntryChangeNotification ::= SEQUENCE { 410 changeType ENUMERATED { 411 add (1), 412 delete (2), 413 modify (4), 414 modDN (8) 415 } 416 previousDN LDAPDN OPTIONAL, -- modifyDN ops. only 417 changeNumber INTEGER OPTIONAL -- if supported 418 } 419 420 -- RFC-3876 Matched Values Control 421 ValuesReturnFilter ::= SEQUENCE OF SimpleFilterItem 422 423 SimpleFilterItem ::= CHOICE { 424 equalityMatch [3] AttributeValueAssertion, 425 substrings [4] SubstringFilter, 426 greaterOrEqual [5] AttributeValueAssertion, 427 lessOrEqual [6] AttributeValueAssertion, 428 present [7] AttributeDescription, 429 approxMatch [8] AttributeValueAssertion, 430 extensibleMatch [9] SimpleMatchingAssertion } 431 432 SimpleMatchingAssertion ::= SEQUENCE { 433 matchingRule [1] MatchingRuleId OPTIONAL, 434 type [2] AttributeDescription OPTIONAL, 435 --- at least one of the above must be present 436 matchValue [3] AssertionValue } 437 438 -- RFC-4527 Pre-/Post-read Control 439 -- note: this is SearchResultEntry without the APPLICATION tag 440 prSearchResultEntry ::= SEQUENCE { 441 objectName LDAPDN, 442 attributes PartialAttributeList } 443 444 -- RFC-4533 LDAP Content Synchronization Operation 445 446 syncUUID ::= OCTET STRING -- (SIZE(16)) 447 448 syncCookie ::= OCTET STRING 449 450 syncRequestValue ::= SEQUENCE { 451 mode ENUMERATED { 452 -- 0 unused 453 refreshOnly (1), 454 -- 2 reserved 455 refreshAndPersist (3) 456 } 457 cookie syncCookie OPTIONAL, 458 reloadHint BOOLEAN OPTIONAL -- DEFAULT FALSE 459 } 460 461 syncStateValue ::= SEQUENCE { 462 state ENUMERATED { 463 present (0), 464 add (1), 465 modify (2), 466 delete (3) 467 } 468 entryUUID syncUUID, 469 cookie syncCookie OPTIONAL 470 } 471 472 syncDoneValue ::= SEQUENCE { 473 cookie syncCookie OPTIONAL, 474 refreshDeletes BOOLEAN OPTIONAL -- DEFAULT FALSE 475 } 476 477 syncInfoValue ::= CHOICE { 478 newcookie [0] syncCookie, 479 refreshDelete [1] SEQUENCE { 480 cookie syncCookie OPTIONAL, 481 refreshDone BOOLEAN OPTIONAL -- DEFAULT TRUE 482 } 483 refreshPresent [2] SEQUENCE { 484 cookie syncCookie OPTIONAL, 485 refreshDone BOOLEAN OPTIONAL -- DEFAULT TRUE 486 } 487 syncIdSet [3] SEQUENCE { 488 cookie syncCookie OPTIONAL, 489 refreshDeletes BOOLEAN OPTIONAL, -- DEFAULT FALSE 490 syncUUIDs SET OF syncUUID 491 } 492 } 493 494 LDAP_ASN 495 496 1; 497
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Tue Mar 17 22:47:18 2015 | Cross-referenced by PHPXref 0.7.1 |