Full_Name: Michael Ströder Version: 2.4.25 OS: URL: Submission from: (NULL) (84.163.53.138)
The very same client code was successfully tested with OpenDJ 2.4.1 but does not work with OpenLDAP 2.4.25.
See analysis by pyasn1 developer on the pyasn1 mailing list:
--------------------------------- snip --------------------------------- It looks to me that your BER data does not fully match ASN.1 specification for the SearchResultEntry object. According to RFC2251, the grammar is as follows:
SearchResultEntry ::= [APPLICATION 4] SEQUENCE { objectName LDAPDN, attributes PartialAttributeList }
...
Notice the [implicitly] tagged outer SEQUENCE. In your BER data, that additional tag seems to be missing and default tag for SEQUENCE type is used instead.
If you modify the original pyasn1 grammar for SearchResultEntry object to match your BER data (but not the standard!), pyasn1 decoder succeeds.
from pyasn1_modules.rfc2251 import SearchResultEntry from pyasn1.type.univ import Sequence from pyasn1.codec.ber import decoder ber = '0c\x043cn=Samba Unix UID
Pool,ou=Testing,dc=stroeder,dc=de0,0\x14\x04\tuidNumber1\x07\x04\x05100050\x14\x04\tgidNumber1\x07\x04\x0510005'
SearchResultEntry.tagSet
TagSet(Tag(tagClass=64, tagFormat=32, tagId=4)) # the following statement will invalidate SearchResultEntry grammar!
SearchResultEntry.tagSet = univ.Sequence.tagSet SearchResultEntry.tagSet
TagSet(Tag(tagClass=0, tagFormat=32, tagId=16))
searchResultEntry, _ = decoder.decode(ber,asn1Spec=SearchResultEntry()) print searchResultEntry.prettyPrint()
SearchResultEntry: objectName='cn=Samba Unix UID Pool,ou=Testing,dc=stroeder,dc=de' attributes=PartialAttributeList: Sequence: type='uidNumber' vals=SetOf: '10005' Sequence: type='gidNumber' vals=SetOf: '10005'
Therefore my impression is that OpenLDAP yields incorrect BER data for SearchResultEntry object. What do you think?
Cheers, Ilya
I'd like to decode a LDAPv3 control value returned by OpenLDAP 2.4.25 when Pre-Read-Control was sent along with a LDAP modify request. But decoding it does not work.
Short example:
from pyasn1_modules.rfc2251 import SearchResultEntry from pyasn1.codec.ber import decoder ber = '0c\x043cn=Samba Unix UID
Pool,ou=Testing,dc=stroeder,dc=de0,0\x14\x04\tuidNumber1\x07\x04\x05100050\x14\x04\tgidNumber1\x07\x04\x0510005'
decoder.decode(ber,asn1Spec=SearchResultEntry())
Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python2.6/site-packages/pyasn1-0.0.13a-py2.6.egg/pyasn1/codec/ber/decoder.py", line 663, in __call__ '%s not in asn1Spec: %s' % (tagSet, repr(asn1Spec)) pyasn1.error.PyAsn1Error: TagSet(Tag(tagClass=0, tagFormat=32, tagId=16)) not in asn1Spec: SearchResultEntry()