search

quanah / net-ldapapi

The Net::LDAPapi Perl Module uses the OpenLDAP and Mozilla C api's to directly access and manipulate an LDAP v2 or LDAP v3 server.
8 stars 6 forks source link

Server control responses get eaten after a NULL character in the berval #28

Closed phillipod closed 9 years ago

phillipod commented 9 years ago

This is gonna be a long comment, so I'll present the data in this comment and move to a second comment.

This code...

print "===== Server Side Sort and Virtual List View\n";

use Convert::ASN1;
use Devel::Hexdump 'xd';
use Data::Dumper;

print " + Loading ASN for SortKeyList, SortResult, VirtualListViewRequest, VirtualListViewResponse\n";

my $asn = Convert::ASN1->new;
$asn->prepare(<<ASN) or die "prepare: ", $asn->error;
  SortKey ::= SEQUENCE {
    attributeType   OCTET STRING,
    orderingRule    [0] OCTET STRING OPTIONAL,
    reverseOrder    [1] BOOLEAN
  }

  SortKeyList ::= SEQUENCE OF SortKey

  SortResult ::= SEQUENCE {
    sortResult  ENUMERATED,
    attributeType [0] OCTET STRING OPTIONAL
  }

  VirtualListViewRequest ::= SEQUENCE {
    beforeCount    INTEGER,
    afterCount     INTEGER,
    target       CHOICE {
      byOffset        [0] SEQUENCE {
        offset          INTEGER,
        contentCount    INTEGER
      },
      greaterThanOrEqual [1] OCTET STRING
    },
    contextID OCTET STRING OPTIONAL
  }

  VirtualListViewResponse ::= SEQUENCE {
    targetPosition    INTEGER,
    contentCount     INTEGER,
    virtualListViewResult ENUMERATED,
    contextID OCTET STRING OPTIONAL
  }

ASN

print " + Constructing Server Side Sort control\n";
my $sss = $asn->find('SortKeyList');
my $sss_response = $asn->find('SortResult');
my $sss_berval = $sss->encode([{attributeType => 'sn', 'orderingRule' => '2.5.13.3', reverseOrder => 1}]) or die $asn->error;
my $sss_ctrl = $ld->create_control(
  -oid => '1.2.840.113556.1.4.473',
  -berval => $sss_berval,
);

print "sss ctrl berval = \n";
print xd $sss_berval;

print " + Constructing Virtual List View control\n";
my $vlv = $asn->find('VirtualListViewRequest');
my $vlv_response = $asn->find('VirtualListViewResponse');
my $vlv_berval = $vlv->encode(beforeCount => 1, afterCount => 3, target => { byOffset => { offset => 1, contentCount => 0 } }) or die $asn->error;;
my $vlv_ctrl = $ld->create_control(
  -oid => '2.16.840.1.113730.3.4.9',
  -berval => $vlv_berval,
);

print "vlv ctrl berval = \n";
print xd $vlv_berval;

print " + Searching for results\n";
my $search_s_result = $ld->search_s(
  -basedn => "dc=example,dc=com",
  -scope => LDAP_SCOPE_SUBTREE,
  -filter => "(sn=*)",
  -sctrls => [$sss_ctrl, $vlv_ctrl]);

if ($search_s_result != LDAP_SUCCESS) {
  print " - Fail\n";
  print $ld->errstring . "\n";
}

print " + Parsing first entry\n";

my $entry = $ld->first_entry();

my %search_s_response = $ld->parse_result();
print "result = ";
print Dumper(\%search_s_response);

print " + Reading result-scope server response controls\n";

my @response_sctrls = @{$search_s_response{'serverctrls'}};

foreach my $response_sctrl (@response_sctrls) {
  my $oid = $ld->get_control_oid($response_sctrl);
  my $berval = $ld->get_control_berval($response_sctrl);
  my $isCritical = $ld->get_control_critical($response_sctrl);

  my $result;

  print " + Response control $response_sctrl [" . $oid . "]\n";
  print "berval = \n";
  print xd $berval;

  if ($oid eq "1.2.840.113556.1.4.474") {
    print " + Parsing SSS response berval\n";

    $result = $sss_response->decode($berval) || warn $sss_response->error;

  } elsif ($oid eq "2.16.840.1.113730.3.4.10") {
    print " + Parsing VLV response berval\n";

    $result = $vlv_response->decode($berval) || warn $vlv_response->error;
  }

  #print Dumper($result);

}

print " + Search results\n";
for ( ; $entry; $entry = $ld->next_entry) {
  print "dn: " . $ld->get_dn() . "\n";
}

Produces

===== Server Side Sort and Virtual List View
 + Loading ASN for SortKeyList, SortResult, VirtualListViewRequest, VirtualListViewResponse
 + Constructing Server Side Sort control
sss ctrl berval =
[0000]   30 13 30 11  04 02 73 6E  80 08 32 2E  35 2E 31 33   0.0. ..sn ..2. 5.13
[0010]   2E 33 81 01  FF                                      .3.. .
 + Constructing Virtual List View control
vlv ctrl berval =
[0000]   30 0E 02 01  01 02 01 03  A0 06 02 01  01 02 01 00   0... .... .... ....
 + Searching for results
 + Parsing first entry
result = {
  'matcheddn' => undef,
  'referrals' => [],
  'errmsg' => undef,
  'serverctrls' => [
                     22959920,
                     22271136
                   ],
  'errcode' => 0
}
 + Reading result-scope server response controls
 + Response control 22959920 [1.2.840.113556.1.4.474]
berval =
[0000]   30 03 0A 01                                          0...
 + Parsing SSS response berval
decode error at /usr/share/perl5/Convert/ASN1/_decode.pm line 64.
 + Response control 22271136 [2.16.840.1.113730.3.4.10]
berval =
[0000]   30 14 02 01  01 02 02 7E  B0 0A 01                   0... ...~ ...
 + Parsing VLV response berval
decode error at /usr/share/perl5/Convert/ASN1/_decode.pm line 64.
 + Search results
dn: cn=Test User,ou=Users,dc=example,dc=com
dn: cn=Ani Odey,ou=Users,dc=example,dc=com
dn: cn=Vevelyn Odette,ou=Users,dc=example,dc=com
dn: cn=Donyetta Odett,ou=Users,dc=example,dc=com

Wireshark output for same PDU

    LDAPMessage searchResDone(2) success [4 results]
        messageID: 2
        protocolOp: searchResDone (5)
            searchResDone
                resultCode: success (0)
                matchedDN:
                errorMessage:
        controls: 2 items
            Control
                SortResult
                    sortResult: success (0)
            Control
                controlValue: 301402010102027eb00a01000408403a877c677f0000
phillipod commented 9 years ago

For both the SSS and VLV controls, note the decode errors when parsing the responses for the berval. Also notice the hexdump of the berval immediately above.

Compare to the output from wireshark.

Looking at how serverctrls are returned to the caller from ldap_parse_result()..

// transfer returned controls to the perl code
if( serverctrls != NULL ) {
   for( i = 0; serverctrls[i] != NULL; i++ )
      av_push(serverctrls_av, newSViv((IV)serverctrls[i]));
}

So this seems to be building the serverctrls array, by taking a pointer to the returned serverctrl from the C SDK's ldap_parse_result(). Nothing funky going on here.

Heading on towards ldap_control_berval:

char *
ldap_control_berval(control)
    LDAPControl * control
    CODE:
    {
        RETVAL = control->ldctl_value.bv_val;
    }
    OUTPUT:
    RETVAL

So the return type is "char *" and it definitely doesn't reference the length. Probably will want to make this a PV with length return.