LDAPSearchResultReference basic implementation

[GrayAn]

This PR is a fix for issue #144 . LDAPSearchResultReference class was not fully implemented and did not have tests before (so I accidently broke it while porting pureldap code for Python 3). I attempted to implement it accordingly to the RFC but not sure if it really works: I need a LDAP server with this feature to test it (Active Directory for example).

Contributor Checklist:

• I have updated the release notes at docs/source/NEWS.rst
• I have updated the automated tests.
• All tests pass on your local dev environment. See CONTRIBUTING.rst.

[codecov]

Codecov Report

Merging #145 into master will increase coverage by 0.04%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master     #145      +/-   ##
==========================================
+ Coverage   92.38%   92.42%   +0.04%     
==========================================
  Files          72       72              
  Lines        9649     9663      +14     
  Branches      928      929       +1     
==========================================
+ Hits         8914     8931      +17     
+ Misses        593      590       -3     
  Partials      142      142

Impacted Files	Coverage Δ
ldaptor/test/test_pureldap.py	99.33% <100%> (-0.67%)	⬇️
ldaptor/protocols/pureldap.py	88.49% <100%> (+0.6%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c9f7621...f8d22d0. Read the comment docs.

[GrayAn]

Well, this time I have no idea what codecov does not like :)

[psi29a]

Can anyone who has access to an AD, can they test this code against it?

[cwaldbieser]

I'll try to take a look at it.

[cwaldbieser]

Hmm-- I'm not sure I can generate a query that will create an LDAP Search Result reference. I do have access to an AD, but it is just a single, unpartitioned domain. Is there some way to create an reference entry that can be queried?

On a different note, I ran into a number of cases where I got an error similar to the one in #144.

During handling of the above exception, another exception occurred:

It looks like all the exceptions being raised inherit from ldaperrors.LDAPException. That class has had its __str__() implementation switched to toWire(), but that doesn't seem right-- the exception handling code in Twisted seems to expect an exception that can be printed:

Traceback (most recent call last):
  File "/home/waldbiec/.virtualenvs/txldap_ad_client-hpiTWo4R/lib/python3.6/site-packages/twisted/python/reflect.py", line 448, in safe_str
    return str(o)
TypeError: __str__ returned non-string (type bytes)

I got this error during StartTLS negotiation and when I tried to query the rootDSE and got a "NO SUCH OBJECT" response. In the former case, the issue seems to be similar to the 2nd error described in #144.

In the protocols.ldap.ldapclient.LDAPClient._cbStartTLS() callback, the comparison between msg.responseName and pureldap.LDAPStartTLSResponse.oid fails because one is a byte-string and the other is a unicode string. If I decoded msg.responseName to UTF-8 first, the comparison worked as I would have expected.

I only tried this in python 3. I've been weaning myself off python 2.7 this year.

[GrayAn]

Thanks @cwaldbieser !

I fixed these issues in the other pull requests: #146 and #147 .

[GrayAn]

One of my colleagues gave me an access to his Active Directory test instance. And luckily it responded with a LDAPSearchResultReference message to the search request:

C->S LDAPMessage(id=2, value=LDAPSearchRequest(baseObject=u'cn=configuration,dc=foo,dc=kama,dc=gs', scope=2, derefAliases=0, sizeLimit=0, timeLimit=0, typesOnly=0, filter=LDAPFilter_present(value='objectClass'), attributes=('objectClass',)), controls=None)
C<-S LDAPMessage(id=2, value=LDAPSearchResultEntry(objectName='CN=Configuration,DC=foo,DC=kama,DC=gs', attributes=[('objectClass', ['top', 'configuration'])], controls=None)
...
C<-S LDAPMessage(id=2, value=LDAPSearchResultReference(uris=[LDAPString(value='ldap://foo.kama.gs/CN=Schema,CN=Configuration,DC=foo,DC=kama,DC=gs')]), controls=None)
C<-S LDAPMessage(id=2, value=LDAPSearchResultDone(resultCode=4), controls=None)

I tried it on Python 2.7 and 3.6 versions.
Looks like it actually works, not only in the tests :)

[cwaldbieser]

Thanks, this looked good to me. It's good to know this actually worked against a real example!

[GrayAn]

Thank you! Maybe we can make a release? There was a number of bug fixes since the last release.

[psi29a]

Glad this was tested against something live.

Is everyone on board for another release?

[cwaldbieser]

Yes, a release seems prudent.