diff options
author | Quentin Dufour <quentin@deuxfleurs.fr> | 2021-09-16 13:41:01 +0200 |
---|---|---|
committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2021-09-16 13:41:01 +0200 |
commit | 477d7014edc787ba9a977acd19fcbfc55531768b (patch) | |
tree | ac8b65be8634fa9526cd727da60893244d11e88a /goldap/struct.go | |
parent | a53641e773730ba171df2602c8d199968d6e6447 (diff) | |
download | bottin-477d7014edc787ba9a977acd19fcbfc55531768b.tar.gz bottin-477d7014edc787ba9a977acd19fcbfc55531768b.zip |
Vendor goldap
Diffstat (limited to 'goldap/struct.go')
-rw-r--r-- | goldap/struct.go | 739 |
1 files changed, 739 insertions, 0 deletions
diff --git a/goldap/struct.go b/goldap/struct.go new file mode 100644 index 0000000..ae751e2 --- /dev/null +++ b/goldap/struct.go @@ -0,0 +1,739 @@ +package message + +type OCTETSTRING string +type INTEGER int32 // In this RFC the max INTEGER value is 2^31 - 1, so int32 is enough +type BOOLEAN bool +type ENUMERATED int32 + +// This appendix is normative. +// +// Lightweight-Directory-Access-Protocol-V3 {1 3 6 1 1 18} +// -- Copyright (C) The Internet Society (2006). This version of +// -- this ASN.1 module is part of RFC 4511; see the RFC itself +// -- for full legal notices. +// DEFINITIONS +// IMPLICIT TAGS +// EXTENSIBILITY IMPLIED ::= +// +// BEGIN +// +// LDAPMessage ::= SEQUENCE { +// messageID MessageID, +// protocolOp CHOICE { +// bindRequest BindRequest, +// bindResponse BindResponse, +// unbindRequest UnbindRequest, +// searchRequest SearchRequest, +// searchResEntry SearchResultEntry, +// searchResDone SearchResultDone, +// searchResRef SearchResultReference, +// modifyRequest ModifyRequest, +// modifyResponse ModifyResponse, +// addRequest AddRequest, +// addResponse AddResponse, +// delRequest DelRequest, +// delResponse DelResponse, +// modDNRequest ModifyDNRequest, +// modDNResponse ModifyDNResponse, +// compareRequest CompareRequest, +// compareResponse CompareResponse, +// abandonRequest AbandonRequest, +// extendedReq ExtendedRequest, +// extendedResp ExtendedResponse, +// ..., +// intermediateResponse IntermediateResponse }, +// controls [0] Controls OPTIONAL } +// +type LDAPMessage struct { + messageID MessageID + protocolOp ProtocolOp + controls *Controls +} + +const TagLDAPMessageControls = 0 + +type ProtocolOp interface { + size() int + write(*Bytes) int +} + +// MessageID ::= INTEGER (0 .. maxInt) +// +type MessageID INTEGER + +// maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) -- +const maxInt = INTEGER(2147483647) + +// +// LDAPString ::= OCTET STRING -- UTF-8 encoded, +// -- [ISO10646] characters +type LDAPString OCTETSTRING + +// +// +// +// +//Sermersheim Standards Track [Page 54] +// +// +//RFC 4511 LDAPv3 June 2006 +// +// +// LDAPOID ::= OCTET STRING -- Constrained to <numericoid> +// -- [RFC4512] +type LDAPOID OCTETSTRING + +// +// LDAPDN ::= LDAPString -- Constrained to <distinguishedName> +// -- [RFC4514] +type LDAPDN LDAPString + +// +// RelativeLDAPDN ::= LDAPString -- Constrained to <name-component> +// -- [RFC4514] +type RelativeLDAPDN LDAPString + +// +// AttributeDescription ::= LDAPString +// -- Constrained to <attributedescription> +// -- [RFC4512] +type AttributeDescription LDAPString + +// +// AttributeValue ::= OCTET STRING +type AttributeValue OCTETSTRING + +// +// AttributeValueAssertion ::= SEQUENCE { +// attributeDesc AttributeDescription, +// assertionValue AssertionValue } +type AttributeValueAssertion struct { + attributeDesc AttributeDescription + assertionValue AssertionValue +} + +// +// AssertionValue ::= OCTET STRING +type AssertionValue OCTETSTRING + +// +// PartialAttribute ::= SEQUENCE { +// type AttributeDescription, +// vals SET OF value AttributeValue } +type PartialAttribute struct { + type_ AttributeDescription + vals []AttributeValue +} + +// +// Attribute ::= PartialAttribute(WITH COMPONENTS { +// ..., +// vals (SIZE(1..MAX))}) +type Attribute PartialAttribute + +// +// MatchingRuleId ::= LDAPString +type MatchingRuleId LDAPString + +// +// LDAPResult ::= SEQUENCE { +// resultCode ENUMERATED { +// success (0), +// operationsError (1), +// protocolError (2), +// timeLimitExceeded (3), +// sizeLimitExceeded (4), +// compareFalse (5), +// compareTrue (6), +// authMethodNotSupported (7), +// strongerAuthRequired (8), +// -- 9 reserved -- +// referral (10), +// adminLimitExceeded (11), +// unavailableCriticalExtension (12), +// confidentialityRequired (13), +// saslBindInProgress (14), +// +// +// +//Sermersheim Standards Track [Page 55] +// +// +//RFC 4511 LDAPv3 June 2006 +// +// +// noSuchAttribute (16), +// undefinedAttributeType (17), +// inappropriateMatching (18), +// constraintViolation (19), +// attributeOrValueExists (20), +// invalidAttributeSyntax (21), +// -- 22-31 unused -- +// noSuchObject (32), +// aliasProblem (33), +// invalidDNSyntax (34), +// -- 35 reserved for undefined isLeaf -- +// aliasDereferencingProblem (36), +// -- 37-47 unused -- +// inappropriateAuthentication (48), +// invalidCredentials (49), +// insufficientAccessRights (50), +// busy (51), +// unavailable (52), +// unwillingToPerform (53), +// loopDetect (54), +// -- 55-63 unused -- +// namingViolation (64), +// objectClassViolation (65), +// notAllowedOnNonLeaf (66), +// notAllowedOnRDN (67), +// entryAlreadyExists (68), +// objectClassModsProhibited (69), +// -- 70 reserved for CLDAP -- +// affectsMultipleDSAs (71), +// -- 72-79 unused -- +// other (80), +// ... }, +// matchedDN LDAPDN, +// diagnosticMessage LDAPString, +// referral [3] Referral OPTIONAL } +// +type LDAPResult struct { + resultCode ENUMERATED + matchedDN LDAPDN + diagnosticMessage LDAPString + referral *Referral +} + +const TagLDAPResultReferral = 3 + +const ResultCodeSuccess = 0 +const ResultCodeOperationsError = 1 +const ResultCodeProtocolError = 2 +const ResultCodeTimeLimitExceeded = 3 +const ResultCodeSizeLimitExceeded = 4 +const ResultCodeCompareFalse = 5 +const ResultCodeCompareTrue = 6 +const ResultCodeAuthMethodNotSupported = 7 +const ResultCodeStrongerAuthRequired = 8 +const ResultCodeReferral = 10 +const ResultCodeAdminLimitExceeded = 11 +const ResultCodeUnavailableCriticalExtension = 12 +const ResultCodeConfidentialityRequired = 13 +const ResultCodeSaslBindInProgress = 14 +const ResultCodeNoSuchAttribute = 16 +const ResultCodeUndefinedAttributeType = 17 +const ResultCodeInappropriateMatching = 18 +const ResultCodeConstraintViolation = 19 +const ResultCodeAttributeOrValueExists = 20 +const ResultCodeInvalidAttributeSyntax = 21 +const ResultCodeNoSuchObject = 32 +const ResultCodeAliasProblem = 33 +const ResultCodeInvalidDNSyntax = 34 +const ResultCodeAliasDereferencingProblem = 36 +const ResultCodeInappropriateAuthentication = 48 +const ResultCodeInvalidCredentials = 49 +const ResultCodeInsufficientAccessRights = 50 +const ResultCodeBusy = 51 +const ResultCodeUnavailable = 52 +const ResultCodeUnwillingToPerform = 53 +const ResultCodeLoopDetect = 54 +const ResultCodeNamingViolation = 64 +const ResultCodeObjectClassViolation = 65 +const ResultCodeNotAllowedOnNonLeaf = 66 +const ResultCodeNotAllowedOnRDN = 67 +const ResultCodeEntryAlreadyExists = 68 +const ResultCodeObjectClassModsProhibited = 69 +const ResultCodeAffectsMultipleDSAs = 71 +const ResultCodeOther = 80 + +var EnumeratedLDAPResultCode = map[ENUMERATED]string{ + ResultCodeSuccess: "success", + ResultCodeOperationsError: "operationsError", + ResultCodeProtocolError: "protocolError", + ResultCodeTimeLimitExceeded: "timeLimitExceeded", + ResultCodeSizeLimitExceeded: "sizeLimitExceeded", + ResultCodeCompareFalse: "compareFalse", + ResultCodeCompareTrue: "compareTrue", + ResultCodeAuthMethodNotSupported: "authMethodNotSupported", + ResultCodeStrongerAuthRequired: "strongerAuthRequired", + // -- 9 reserved -- + ResultCodeReferral: "referral", + ResultCodeAdminLimitExceeded: "adminLimitExceeded", + ResultCodeUnavailableCriticalExtension: "unavailableCriticalExtension", + ResultCodeConfidentialityRequired: "confidentialityRequired", + ResultCodeSaslBindInProgress: "saslBindInProgress", + ResultCodeNoSuchAttribute: "noSuchAttribute", + ResultCodeUndefinedAttributeType: "undefinedAttributeType", + ResultCodeInappropriateMatching: "inappropriateMatching", + ResultCodeConstraintViolation: "constraintViolation", + ResultCodeAttributeOrValueExists: "attributeOrValueExists", + ResultCodeInvalidAttributeSyntax: "invalidAttributeSyntax", + // -- 22-31 unused -- + ResultCodeNoSuchObject: "noSuchObject", + ResultCodeAliasProblem: "aliasProblem", + ResultCodeInvalidDNSyntax: "invalidDNSyntax", + // -- 35 reserved for undefined isLeaf -- + ResultCodeAliasDereferencingProblem: "aliasDereferencingProblem", + // -- 37-47 unused -- + ResultCodeInappropriateAuthentication: "inappropriateAuthentication", + ResultCodeInvalidCredentials: "invalidCredentials", + ResultCodeInsufficientAccessRights: "insufficientAccessRights", + ResultCodeBusy: "busy", + ResultCodeUnavailable: "unavailable", + ResultCodeUnwillingToPerform: "unwillingToPerform", + ResultCodeLoopDetect: "loopDetect", + // -- 55-63 unused -- + ResultCodeNamingViolation: "namingViolation", + ResultCodeObjectClassViolation: "objectClassViolation", + ResultCodeNotAllowedOnNonLeaf: "notAllowedOnNonLeaf", + ResultCodeNotAllowedOnRDN: "notAllowedOnRDN", + ResultCodeEntryAlreadyExists: "entryAlreadyExists", + ResultCodeObjectClassModsProhibited: "objectClassModsProhibited", + // -- 70 reserved for CLDAP -- + ResultCodeAffectsMultipleDSAs: "affectsMultipleDSAs", + // -- 72-79 unused -- + ResultCodeOther: "other", +} + +// Referral ::= SEQUENCE SIZE (1..MAX) OF uri URI +type Referral []URI + +// +// URI ::= LDAPString -- limited to characters permitted in +// -- URIs +type URI LDAPString + +// +// Controls ::= SEQUENCE OF control Control +type Controls []Control + +// +// Control ::= SEQUENCE { +// controlType LDAPOID, +// criticality BOOLEAN DEFAULT FALSE, +// controlValue OCTET STRING OPTIONAL } +type Control struct { + controlType LDAPOID + criticality BOOLEAN + controlValue *OCTETSTRING +} + +// +// +// +// +//Sermersheim Standards Track [Page 56] +// +// +//RFC 4511 LDAPv3 June 2006 +// +// +// BindRequest ::= [APPLICATION 0] SEQUENCE { +// version INTEGER (1 .. 127), +// name LDAPDN, +// authentication AuthenticationChoice } +const TagBindRequest = 0 +const BindRequestVersionMin = 1 +const BindRequestVersionMax = 127 + +type BindRequest struct { + version INTEGER + name LDAPDN + authentication AuthenticationChoice +} + +// +// AuthenticationChoice ::= CHOICE { +// simple [0] OCTET STRING, +// -- 1 and 2 reserved +// sasl [3] SaslCredentials, +// ... } +const TagAuthenticationChoiceSimple = 0 +const TagAuthenticationChoiceSaslCredentials = 3 + +type AuthenticationChoice interface { + sizeTagged(int) int +} + +// +// SaslCredentials ::= SEQUENCE { +// mechanism LDAPString, +// credentials OCTET STRING OPTIONAL } +type SaslCredentials struct { + mechanism LDAPString + credentials *OCTETSTRING +} + +// +// BindResponse ::= [APPLICATION 1] SEQUENCE { +// COMPONENTS OF LDAPResult, +// serverSaslCreds [7] OCTET STRING OPTIONAL } +const TagBindResponse = 1 +const TagBindResponseServerSaslCreds = 7 + +type BindResponse struct { + LDAPResult + serverSaslCreds *OCTETSTRING +} + +// +// UnbindRequest ::= [APPLICATION 2] NULL +const TagUnbindRequest = 2 + +type UnbindRequest struct { +} + +// +// SearchRequest ::= [APPLICATION 3] SEQUENCE { +// baseObject LDAPDN, +// scope ENUMERATED { +// baseObject (0), +// singleLevel (1), +// wholeSubtree (2), +// ... }, +// derefAliases ENUMERATED { +// neverDerefAliases (0), +// derefInSearching (1), +// derefFindingBaseObj (2), +// derefAlways (3) }, +// sizeLimit INTEGER (0 .. maxInt), +// timeLimit INTEGER (0 .. maxInt), +// typesOnly BOOLEAN, +// filter Filter, +// attributes AttributeSelection } +const TagSearchRequest = 3 + +type SearchRequest struct { + baseObject LDAPDN + scope ENUMERATED + derefAliases ENUMERATED + sizeLimit INTEGER + timeLimit INTEGER + typesOnly BOOLEAN + filter Filter + attributes AttributeSelection +} + +const SearchRequestScopeBaseObject = 0 +const SearchRequestSingleLevel = 1 +const SearchRequestHomeSubtree = 2 + +var EnumeratedSearchRequestScope = map[ENUMERATED]string{ + SearchRequestScopeBaseObject: "baseObject", + SearchRequestSingleLevel: "singleLevel", + SearchRequestHomeSubtree: "homeSubtree", +} + +const SearchRequetDerefAliasesNeverDerefAliases = 0 +const SearchRequetDerefAliasesDerefInSearching = 1 +const SearchRequetDerefAliasesDerefFindingBaseObj = 2 +const SearchRequetDerefAliasesDerefAlways = 3 + +var EnumeratedSearchRequestDerefAliases = map[ENUMERATED]string{ + SearchRequetDerefAliasesNeverDerefAliases: "neverDerefAliases", + SearchRequetDerefAliasesDerefInSearching: "derefInSearching", + SearchRequetDerefAliasesDerefFindingBaseObj: "derefFindingBaseObj", + SearchRequetDerefAliasesDerefAlways: "derefAlways", +} + +// +// AttributeSelection ::= SEQUENCE OF selector LDAPString +// -- The LDAPString is constrained to +// -- <attributeSelector> in Section 4.5.1.8 +type AttributeSelection []LDAPString + +// +// Filter ::= CHOICE { +// and [0] SET SIZE (1..MAX) OF filter Filter, +// or [1] SET SIZE (1..MAX) OF filter Filter, +// not [2] Filter, +// equalityMatch [3] AttributeValueAssertion, +// +// +// +//Sermersheim Standards Track [Page 57] +// +// +//RFC 4511 LDAPv3 June 2006 +// +// +// substrings [4] SubstringFilter, +// greaterOrEqual [5] AttributeValueAssertion, +// lessOrEqual [6] AttributeValueAssertion, +// present [7] AttributeDescription, +// approxMatch [8] AttributeValueAssertion, +// extensibleMatch [9] MatchingRuleAssertion, +// ... } +const TagFilterAnd = 0 +const TagFilterOr = 1 +const TagFilterNot = 2 +const TagFilterEqualityMatch = 3 +const TagFilterSubstrings = 4 +const TagFilterGreaterOrEqual = 5 +const TagFilterLessOrEqual = 6 +const TagFilterPresent = 7 +const TagFilterApproxMatch = 8 +const TagFilterExtensibleMatch = 9 + +type Filter interface { + size() int + write(*Bytes) int + getFilterTag() int +} +type FilterAnd []Filter +type FilterOr []Filter +type FilterNot struct { + Filter +} +type FilterEqualityMatch AttributeValueAssertion +type FilterSubstrings SubstringFilter +type FilterGreaterOrEqual AttributeValueAssertion +type FilterLessOrEqual AttributeValueAssertion +type FilterPresent AttributeDescription +type FilterApproxMatch AttributeValueAssertion +type FilterExtensibleMatch MatchingRuleAssertion + +// +// SubstringFilter ::= SEQUENCE { +// type AttributeDescription, +// substrings SEQUENCE SIZE (1..MAX) OF substring CHOICE { +// initial [0] AssertionValue, -- can occur at most once +// any [1] AssertionValue, +// final [2] AssertionValue } -- can occur at most once +// } +type SubstringFilter struct { + type_ AttributeDescription + substrings []Substring +} + +type Substring interface{} + +const TagSubstringInitial = 0 +const TagSubstringAny = 1 +const TagSubstringFinal = 2 + +type SubstringInitial AssertionValue +type SubstringAny AssertionValue +type SubstringFinal AssertionValue + +// +// MatchingRuleAssertion ::= SEQUENCE { +// matchingRule [1] MatchingRuleId OPTIONAL, +// type [2] AttributeDescription OPTIONAL, +// matchValue [3] AssertionValue, +// dnAttributes [4] BOOLEAN DEFAULT FALSE } +type MatchingRuleAssertion struct { + matchingRule *MatchingRuleId + type_ *AttributeDescription + matchValue AssertionValue + dnAttributes BOOLEAN +} + +const TagMatchingRuleAssertionMatchingRule = 1 +const TagMatchingRuleAssertionType = 2 +const TagMatchingRuleAssertionMatchValue = 3 +const TagMatchingRuleAssertionDnAttributes = 4 + +// +// SearchResultEntry ::= [APPLICATION 4] SEQUENCE { +// objectName LDAPDN, +// attributes PartialAttributeList } +const TagSearchResultEntry = 4 + +type SearchResultEntry struct { + objectName LDAPDN + attributes PartialAttributeList +} + +// +// PartialAttributeList ::= SEQUENCE OF +// partialAttribute PartialAttribute +type PartialAttributeList []PartialAttribute + +// +// SearchResultReference ::= [APPLICATION 19] SEQUENCE +// SIZE (1..MAX) OF uri URI +const TagSearchResultReference = 19 + +type SearchResultReference []URI + +// +// SearchResultDone ::= [APPLICATION 5] LDAPResult +const TagSearchResultDone = 5 + +type SearchResultDone LDAPResult + +// +// ModifyRequest ::= [APPLICATION 6] SEQUENCE { +// object LDAPDN, +// changes SEQUENCE OF change SEQUENCE { +// operation ENUMERATED { +// add (0), +// delete (1), +// replace (2), +// ... }, +// modification PartialAttribute } } +const TagModifyRequest = 6 + +type ModifyRequest struct { + object LDAPDN + changes []ModifyRequestChange +} +type ModifyRequestChange struct { + operation ENUMERATED + modification PartialAttribute +} + +const ModifyRequestChangeOperationAdd = 0 +const ModifyRequestChangeOperationDelete = 1 +const ModifyRequestChangeOperationReplace = 2 + +var EnumeratedModifyRequestChangeOperation = map[ENUMERATED]string{ + ModifyRequestChangeOperationAdd: "add", + ModifyRequestChangeOperationDelete: "delete", + ModifyRequestChangeOperationReplace: "replace", +} + +// +// ModifyResponse ::= [APPLICATION 7] LDAPResult +const TagModifyResponse = 7 + +type ModifyResponse LDAPResult + +// +// +// +// +// +// +//Sermersheim Standards Track [Page 58] +// +// +//RFC 4511 LDAPv3 June 2006 +// +// +// AddRequest ::= [APPLICATION 8] SEQUENCE { +// entry LDAPDN, +// attributes AttributeList } +const TagAddRequest = 8 + +type AddRequest struct { + entry LDAPDN + attributes AttributeList +} + +// +// AttributeList ::= SEQUENCE OF attribute Attribute +type AttributeList []Attribute + +// +// AddResponse ::= [APPLICATION 9] LDAPResult +const TagAddResponse = 9 + +type AddResponse LDAPResult + +// +// DelRequest ::= [APPLICATION 10] LDAPDN +const TagDelRequest = 10 + +type DelRequest LDAPDN + +// +// DelResponse ::= [APPLICATION 11] LDAPResult +const TagDelResponse = 11 + +type DelResponse LDAPResult + +// +// ModifyDNRequest ::= [APPLICATION 12] SEQUENCE { +// entry LDAPDN, +// newrdn RelativeLDAPDN, +// deleteoldrdn BOOLEAN, +// newSuperior [0] LDAPDN OPTIONAL } +const TagModifyDNRequest = 12 + +type ModifyDNRequest struct { + entry LDAPDN + newrdn RelativeLDAPDN + deleteoldrdn BOOLEAN + newSuperior *LDAPDN +} + +const TagModifyDNRequestNewSuperior = 0 + +// +// ModifyDNResponse ::= [APPLICATION 13] LDAPResult +const TagModifyDNResponse = 13 + +type ModifyDNResponse LDAPResult + +// +// CompareRequest ::= [APPLICATION 14] SEQUENCE { +// entry LDAPDN, +// ava AttributeValueAssertion } +const TagCompareRequest = 14 + +type CompareRequest struct { + entry LDAPDN + ava AttributeValueAssertion +} + +// CompareResponse ::= [APPLICATION 15] LDAPResult +const TagCompareResponse = 15 + +type CompareResponse LDAPResult + +// +// AbandonRequest ::= [APPLICATION 16] MessageID +const TagAbandonRequest = 16 + +type AbandonRequest MessageID + +// +// ExtendedRequest ::= [APPLICATION 23] SEQUENCE { +// requestName [0] LDAPOID, +// requestValue [1] OCTET STRING OPTIONAL } +const TagExtendedRequest = 23 + +type ExtendedRequest struct { + requestName LDAPOID + requestValue *OCTETSTRING +} + +const TagExtendedRequestName = 0 +const TagExtendedRequestValue = 1 + +// +// ExtendedResponse ::= [APPLICATION 24] SEQUENCE { +// COMPONENTS OF LDAPResult, +// responseName [10] LDAPOID OPTIONAL, +// responseValue [11] OCTET STRING OPTIONAL } +const TagExtendedResponse = 24 + +type ExtendedResponse struct { + LDAPResult + responseName *LDAPOID + responseValue *OCTETSTRING +} + +const TagExtendedResponseName = 10 +const TagExtendedResponseValue = 11 + +// +// IntermediateResponse ::= [APPLICATION 25] SEQUENCE { +// responseName [0] LDAPOID OPTIONAL, +// responseValue [1] OCTET STRING OPTIONAL } +const TagIntermediateResponse = 25 + +type IntermediateResponse struct { + responseName *LDAPOID + responseValue *OCTETSTRING +} + +const TagIntermediateResponseName = 0 +const TagIntermediateResponseValue = 1 + +// +// END +// |