What is wrong with this LDAP filter packet? -

-

i trying port program queries ldap server perl go, , go version receiving response filter malformed:

00000057: ldaperr: dsid-0c0c0968, comment: server unable decode search request filter, data 0, v1db1\x00

i have used tcpdump capture data transmitted server both perl , go versions of program, , have found sending different filter packets. question not possible bugs in go program, understanding contents of ldap filter packets.

the encoded filter is:

(objectclass=*)

and perl-generated packet (which server likes) looks this:

ascii   .  .  o  b  j  e  c  t  c  l   s  s hex    87 0b 6f 62 6a 65 63 74 43 6c 61 73 73 byte#   0  1  2  3  4  5  6  7  8  9 10 11 12

the go-generated packet (which server doesn't like) looks this:

ascii  .  .  .  .  o  b  j  e  c  t  c  l   s  s hex   a7 0d 04 0b 6f 62 6a 65 63 74 43 6c 61 73 73 byte#  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14

this own breakdown of packets:

  • byte 0: tag

    when dissect byte 0 both packets, see identical, except primitive/constructed bit, set primitive in perl version, , constructed in go version. see der encoding details.

    bit# 87 6 54321 perl 10 0 00111 go   10 1 00111

  • byte 1: length

    11 bytes perl version, 13 go version

  • bytes 2-3 go version

    • byte 2: tag 04: substring filter (see section 4.5.1 of rfc 4511)
    • byte 3: length of 11 bytes

  • remainder: payload

    for both packets ascii text objectclass

my reading of rfc 4511 section 4.5.1 suggests go version "more" correct, yet perl version 1 works server. gives?

wireshark able parse both packets, , interprets them both equally.

the perl version correct, , go version incorrect.

as point out, rfc 4511 section 4.5.1 specifies encoding filter elements, like:

    filter ::= choice {          ,             [0] set size (1..max) of filter filter,          or              [1] set size (1..max) of filter filter,          not             [2] filter,          equalitymatch   [3] attributevalueassertion,          substrings      [4] substringfilter,          greaterorequal  [5] attributevalueassertion,          lessorequal     [6] attributevalueassertion,          present         [7] attributedescription,          approxmatch     [8] attributevalueassertion,          extensiblematch [9] matchingruleassertion,          ...  }

and in case, relevant portion is:

         present         [7] attributedescription,

the attributedescription element defined in section 4.1.4 of same specification:

    attributedescription ::= ldapstring                             -- constrained <attributedescription>                             -- [rfc4512]

and section 4.1.2:

    ldapstring ::= octet string -- utf-8 encoded,                                 -- [iso10646] characters

so means present filter component octet string, primitive element. go incorrectly converting constructed element, , directory server correctly rejecting malformed request.


Comments

Post a Comment

Popular posts from this blog

java - Oracle EBS .ClassNotFoundException: oracle.apps.fnd.formsClient.FormsLauncher.class ERROR -

-
i need in configuring java on machine because, when try loading forms, loader goes in circles , gives error: java.lang.classnotfoundexception: oracle.apps.fnd.formsclient.formslauncher.class @ sun.plugin2.applet.applet2classloader.findclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass0(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ java.lang.classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadcode(unknown source) @ sun.plugin2.applet.plugin2manager.createapplet(unknown source) @ sun.plugin2.applet.plugin2manager$appletexecutionrunnable.run (unknown source) @ java.lang.thread.run(unknown source) i have tried re-installing firefox, older versions of java runtime environments, disabling proxy. what missing? application working on other machines. i spent around 100 hours finding s...
Read more

c# - how to use buttonedit in devexpress gridcontrol -

-
Image
i trying create gridcontrol buttonedit in 1 of columns. when user clicks button edit, popups form select product. when selection done on popup, returns datarow selection main grid below. but when column loses focus, value wrote column disappear. here code creates gridcontrol's data , buttonedit's click event. private void frmsiparisnew_load(object sender, eventargs e) { dt = new datatable(); dt.columns.add("malzeme_kodu",typeof(string)); dt.columns.add("malzeme_aciklama", typeof(string)); dt.columns.add("adet", typeof(decimal)); dt.columns.add("birim", typeof(string)); dt.columns.add("fiyat", typeof(decimal)); dt.columns.add("kur", typeof(string)); dt.columns.add("tutar", typeof(decimal)); datarow dr = dt.newrow(); dt.rows.add(dr); gc.datasource = dt; } private void repositoryitembuttoneditmal...
Read more

How do you convert a timestamp into a datetime in python with the correct timezone? -

-
you naively expect work: import pytz datetime import datetime def tz_datetime_from_timestamp(timestamp): """convert timestamp datetime """ tz = pytz.timezone('australia/perth') server_time = datetime.utcnow() delta = tz.utcoffset(server_time) value = datetime.utcfromtimestamp(timestamp).replace(tzinfo=tz) return value + delta print tz_datetime_from_timestamp(1416387060) and convert timestamp 1416387060 wed nov 19 16:51:00 2014 gmt+8:00. ...but not. prints: 2014-11-19 16:51:00+07:43 the timezone of australia/perth not gmt+7:43. it gmt+8:00. unequivocally stated on australian government website http://www.australia.gov.au/about-australia/our-country/time : awst equal coordinated universal time plus 8 hours (utc +8). so, heck pytz pulling 7.43 from? well, turns out pytz pulls data http://www.iana.org/time-zones time zone database, , database states: # western australia # # rule name type in on @...
Read more