public async Task WhenExecuteSearchRequest(string dn, int messageId)
{
var payload = LdapPacketBuilder.NewSearchRequest(messageId, dn, SearchRequestScopes.WholeSubtree, SearchRequestDeferAliases.NeverDerefAliases, 10, 10, false, new List <string> {
}, (opt) =>
{
opt.SetPresentFilter("objectClass");
}).Serialize().ToArray();
await _stream.WriteAsync(payload);
bool isSearchResultDone = false;
int i = 0;
while (!isSearchResultDone)
{
var data = new byte[5000];
await _stream.ReadAsync(data, 0, data.Length);
var ldapPacket = LdapPacket.Extract(data.ToList());
var ldapPacketJSON = JObject.FromObject(ldapPacket);
if (ldapPacket.ProtocolOperation.Operation is SearchResultDone)
{
isSearchResultDone = true;
_scenarioContext.Set(ldapPacketJSON, "searchResultDone");
}
else
{
_scenarioContext.Set(ldapPacketJSON, $"searchResultEntry-{i}");
}
i++;
}
}
public async Task <ICollection <LdapPacket> > Handle(LdapPacket ldapPacket)
{
switch (ldapPacket.ProtocolOperation.Tag.LdapCommand)
{
case LdapCommands.AddRequest:
return(await _addRequestCommandHandler.Execute(new AddRequestCommand
{
MessageId = ldapPacket.MessageId,
Controls = ldapPacket.Controls,
ProtocolOperation = ldapPacket.ProtocolOperation
}));
case LdapCommands.BindRequest:
return(await _bindRequestCommandHandler.Execute(new BindRequestCommand
{
MessageId = ldapPacket.MessageId,
Controls = ldapPacket.Controls,
ProtocolOperation = ldapPacket.ProtocolOperation
}));
case LdapCommands.SearchRequest:
return(await _searchRequestCommandHandler.Execute(new SearchRequestCommand
{
MessageId = ldapPacket.MessageId,
Controls = ldapPacket.Controls,
ProtocolOperation = ldapPacket.ProtocolOperation
}));
}
throw new LdapException(Global.OperationDoesntExist, LDAPResultCodes.ProtocolError, string.Empty);
}
public void When_Serialize_BindResponse_With_Error()
{
var operation = new BindResponse();
operation.Result = new LDAPResult
{
MatchedDN = new DEROctetString("administrator"),
DiagnosticMessage = new DEROctetString("error"),
ResultCode = new DEREnumerated <LDAPResultCodes>
{
Value = LDAPResultCodes.AuthMethodNotSupported
}
};
var ldapPacket = new LdapPacket
{
MessageId = new DERInteger(1),
ProtocolOperation = new DERProtocolOperation
{
Operation = operation
}
};
var payload = ldapPacket.Serialize();
var deserializedLdapPacket = LdapPacket.Extract(payload);
var ldapResult = operation.Result as LDAPResult;
Assert.NotNull(deserializedLdapPacket);
Assert.Equal("administrator", ldapResult.MatchedDN.Value);
Assert.Equal("error", ldapResult.DiagnosticMessage.Value);
Assert.Equal(LDAPResultCodes.AuthMethodNotSupported, ldapResult.ResultCode.Value);
}
public void TestPacketPartialAttribute()
{
var expected = "3084000000800204000000016478042d636e3d62696e64557365722c636e3d55736572732c64633d6465762c64633d636f6d70616e792c64633d636f6d3047301804037569643111040f75736572756964676f657368657265302b040b6f626a656374436c617373311c040c616161616161616161616161040c626262626262626262626262";
var responseEntryPacket = new LdapPacket(1);
var searchResultEntry = new LdapAttribute(LdapOperation.SearchResultEntry);
searchResultEntry.ChildAttributes.Add(new LdapAttribute(UniversalDataType.OctetString, "cn=bindUser,cn=Users,dc=dev,dc=company,dc=com")); // objectName
var partialAttributeList = new LdapAttribute(UniversalDataType.Sequence);
partialAttributeList.ChildAttributes.Add(new LdapPartialAttribute("uid", "useruidgoeshere"));
partialAttributeList.ChildAttributes.Add(new LdapPartialAttribute("objectClass", new List <String> {
"aaaaaaaaaaaa", "bbbbbbbbbbbb"
}));
searchResultEntry.ChildAttributes.Add(partialAttributeList);
responseEntryPacket.ChildAttributes.Add(searchResultEntry);
var responsEntryBytes = responseEntryPacket.GetBytes();
Console.WriteLine(Utils.ByteArrayToString(responsEntryBytes));
var packet = LdapPacket.ParsePacket(responsEntryBytes);
RecurseAttributes(packet);
Assert.AreEqual(expected, Utils.ByteArrayToString(packet.GetBytes()));
}
public void TestLdapAttributeParse()
{
var expected = "30490201016044020103042d636e3d62696e64557365722c636e3d55736572732c64633d6465762c64633d636f6d70616e792c64633d636f6d801062696e645573657250617373776f7264";
var packetBytes = Utils.StringToByteArray(expected);
var packet = LdapPacket.ParsePacket(packetBytes);
Assert.AreEqual(expected, Utils.ByteArrayToString(packet.GetBytes()));
}
public void TestLdapAttributeParse3()
{
var expected = "30620201026340041164633d636f6d70616e792c64633d636f6d0a01020a010302010202010b010100a31a040e73414d4163636f756e744e616d65040876666f7274656c693000a01b30190417322e31362e3834302e312e3131333733302e332e342e32";
var packetBytes = Utils.StringToByteArray(expected);
var packet = LdapPacket.ParsePacket(packetBytes);
Assert.AreEqual(expected, Utils.ByteArrayToString(packet.GetBytes()));
}
public void TestLdapAttributeSequenceGetBytesShortcut()
{
var packet = new LdapPacket(1);
var bindresponse = new LdapResultAttribute(LdapOperation.BindResponse, LdapResult.success);
packet.ChildAttributes.Add(bindresponse);
var expected = "300f02040000000161070a010004000400"; // "300c02010161070a010004000400";
Assert.AreEqual(expected, Utils.ByteArrayToString(packet.GetBytes()));
}
public void TestPacketParsingBindRequest()
{
var bytes = "30490201016044020103042d636e3d62696e64557365722c636e3d55736572732c64633d6465762c64633d636f6d70616e792c64633d636f6d801062696e645573657250617373776f7264";
var expected = "30490201016044020103042d636e3d62696e64557365722c636e3d55736572732c64633d6465762c64633d636f6d70616e792c64633d636f6d801062696e645573657250617373776f7264";
var packetBytes = Utils.StringToByteArray(bytes);
var stream = new MemoryStream(packetBytes);
LdapPacket.TryParsePacket(stream, out var packet);
RecurseAttributes(packet);
Assert.AreEqual(expected, Utils.ByteArrayToString(packet.GetBytes()));
}
private async Task Send(byte[] payload)
{
await _stream.WriteAsync(payload);
var data = new byte[5000];
await _stream.ReadAsync(data, 0, data.Length);
var ldapPacket = LdapPacket.Extract(data.ToList());
var ldapPacketJSON = JObject.FromObject(ldapPacket);
_scenarioContext.Set(ldapPacketJSON, "ldapPacket");
}
public void When_Serialize_SearchRequest()
{
var payload = LdapPacketBuilder.NewSearchRequest(1, "cn=system", SearchRequestScopes.BaseObject, SearchRequestDeferAliases.NeverDerefAliases, 10, 10, false, new List <string> {
}, (opt) =>
{
opt.SetEqualFilter("name", "value");
}).Serialize().ToList();
var ldapPacket = LdapPacket.Extract(payload);
var searchRequest = ldapPacket.ProtocolOperation.Operation as SearchRequest;
Assert.NotNull(searchRequest);
}
public void TestPacketParsingmorethan255()
{
var bytes = "308400000159020200d563840000014f04000a01000a0100020100020178010100870b6f626a656374636c61737330840000012b0411737562736368656d61537562656e747279040d6473536572766963654e616d65040e6e616d696e67436f6e7465787473041464656661756c744e616d696e67436f6e746578740413736368656d614e616d696e67436f6e74657874041a636f6e66696775726174696f6e4e616d696e67436f6e746578740417726f6f74446f6d61696e4e616d696e67436f6e746578740410737570706f72746564436f6e74726f6c0414737570706f727465644c44415056657273696f6e0415737570706f727465644c444150506f6c69636965730417737570706f727465645341534c4d656368616e69736d73040b646e73486f73744e616d65040f6c646170536572766963654e616d65040a7365727665724e616d650415737570706f727465644361706162696c6974696573";
var expected = bytes;
var packetBytes = Utils.StringToByteArray(bytes);
var stream = new MemoryStream(packetBytes);
LdapPacket.TryParsePacket(stream, out var packet);
RecurseAttributes(packet);
var output = Utils.ByteArrayToString(packet.GetBytes());
Console.WriteLine(bytes);
Console.WriteLine(output);
Assert.AreEqual(expected, output);
}
public void TestPacketThunderbirdSearch()
{
var bytes = "30840000048e020102638400000485041164633d6578616d706c652c64633d636f6d0a01020a0100020164020100010100a08400000105a184000000ffa40d0402636e30078105686d6d6d6da4140409676976656e4e616d6530078105686d6d6d6da40d0402736e30078105686d6d6d6da41a040f6d6f7a696c6c614e69636b6e616d6530078105686d6d6d6da40f04046d61696c30078105686d6d6d6da41d04126d6f7a696c6c615365636f6e64456d61696c30078105686d6d6d6da018a416040b6465736372697074696f6e30078105686d6d6d6da40c04016f30078105686d6d6d6da40d04026f7530078105686d6d6d6da41004057469746c6530078105686d6d6d6da419040e6d6f7a696c6c61576f726b55726c30078105686d6d6d6da419040e6d6f7a696c6c61486f6d6555726c30078105686d6d6d6d30840000035204057469746c650402736e04077375726e616d6504176d6f7a696c6c61486f6d654c6f63616c6974794e616d650402636e040a636f6d6d6f6e6e616d650409676976656e4e616d6504106d6f7a696c6c61486f6d65537461746504046d61696c04016f0407636f6d70616e7904126d6f7a696c6c61486f6d6553747265657432040f6d6f7a696c6c614e69636b6e616d650410786d6f7a696c6c616e69636b6e616d6504066d6f62696c65040963656c6c70686f6e65040863617270686f6e65040f6d6f6469667974696d657374616d7004076e7341494d696404116e73637061696d73637265656e6e616d65040f74656c6570686f6e654e756d6265720409626972746879656172040163040b636f756e7472796e616d6504116d6f7a696c6c61486f6d65537472656574040a706f7374616c436f646504037a6970040e6d6f7a696c6c61437573746f6d310407637573746f6d3104166d6f7a696c6c61486f6d65436f756e7472794e616d65040273740406726567696f6e040e6d6f7a696c6c61437573746f6d320407637573746f6d32040e6d6f7a696c6c61486f6d6555726c0407686f6d6575726c04126d6f7a696c6c61576f726b5374726565743204126d6f7a696c6c615365636f6e64456d61696c0413786d6f7a696c6c617365636f6e64656d61696c041866616373696d696c6574656c6570686f6e656e756d6265720403666178040b6465736372697074696f6e04056e6f746573040e6d6f7a696c6c61437573746f6d330407637573746f6d330409686f6d6550686f6e6504126d6f7a696c6c6155736548746d6c4d61696c0413786d6f7a696c6c6175736568746d6c6d61696c040862697274686461790406737472656574040d73747265657461646472657373040d706f73744f6666696365426f78040e6d6f7a696c6c61437573746f6d340407637573746f6d3404016c04086c6f63616c69747904057061676572040a706167657270686f6e6504026f75040a6465706172746d656e7404106465706172746d656e746e756d62657204076f7267756e6974040a62697274686d6f6e7468040e6d6f7a696c6c61576f726b55726c0407776f726b75726c040a6c6162656c656455524904156d6f7a696c6c61486f6d65506f7374616c436f6465040b6f626a656374436c617373";
var expected = bytes;
var packetBytes = Utils.StringToByteArray(bytes);
var stream = new MemoryStream(packetBytes);
LdapPacket.TryParsePacket(stream, out var packet);
RecurseAttributes(packet);
var output = Utils.ByteArrayToString(packet.GetBytes());
Console.WriteLine(bytes);
Console.WriteLine(output);
Assert.AreEqual(expected, output);
}
public void When_Serialize_BindRequest()
{
var payload = LdapPacketBuilder.NewBindRequest(1, 3, "administrator", (opt) =>
{
opt.SetSimpleAuthentication("password");
}).Serialize().ToList();
var ldapPacket = LdapPacket.Extract(payload);
var bindRequest = ldapPacket.ProtocolOperation.Operation as BindRequest;
var simpleAuthChoice = bindRequest.Authentication as SimpleAuthChoice;
Assert.NotNull(ldapPacket);
Assert.Equal(1, ldapPacket.MessageId.Value);
Assert.Equal(3, bindRequest.Version.Value);
Assert.Equal("administrator", bindRequest.Name.Value);
Assert.Equal("password", simpleAuthChoice.Value.Value);
}
public void TestLdapAttributeSequenceGetBytesString()
{
var packet = new LdapPacket(1);
var bindrequest = new LdapAttribute(LdapOperation.BindRequest);
bindrequest.ChildAttributes.Add(new LdapAttribute(UniversalDataType.Integer, (Byte)3));
bindrequest.ChildAttributes.Add(new LdapAttribute(UniversalDataType.OctetString, "cn=bindUser,cn=Users,dc=dev,dc=company,dc=com"));
bindrequest.ChildAttributes.Add(new LdapAttribute((byte)0, "bindUserPassword"));
packet.ChildAttributes.Add(bindrequest);
var expected = "304c0204000000016044020103042d636e3d62696e64557365722c636e3d55736572732c64633d6465762c64633d636f6d70616e792c64633d636f6d801062696e645573657250617373776f7264"; // "30490201016044020103042d636e3d62696e64557365722c636e3d55736572732c64633d6465762c64633d636f6d70616e792c64633d636f6d801062696e645573657250617373776f7264";
Assert.AreEqual(expected, Utils.ByteArrayToString(packet.GetBytes()));
}
public static LdapPacket NewSearchRequest(int messageId, string baseObject, SearchRequestScopes scope, SearchRequestDeferAliases searchRequestDeferAliases, int sizeLimit, int timeLimit, bool typesOnly, ICollection <string> attributes, Action <SearchRequestBuilder> callback)
{
var builder = new SearchRequestBuilder(baseObject, scope, searchRequestDeferAliases, sizeLimit, timeLimit, typesOnly, attributes);
callback(builder);
var result = new LdapPacket
{
MessageId = new DERInteger(messageId),
ProtocolOperation = new DERProtocolOperation
{
Operation = builder.Build()
}
};
return(result);
}
private static LdapPacket BuildError(LdapPacket request, LdapException ex)
{
BaseOperationDone operation = null;
switch (request.ProtocolOperation.Tag.LdapCommand)
{
case LdapCommands.AddRequest:
operation = new AddResponse();
break;
case LdapCommands.BindRequest:
operation = new BindResponse();
break;
case LdapCommands.DelRequest:
operation = new DelResponse();
break;
case LdapCommands.SearchRequest:
operation = new SearchResultDone();
break;
case LdapCommands.ModifyRequest:
operation = new ModifyResponse();
break;
}
operation.Result = new LDAPResult
{
MatchedDN = new DEROctetString(ex.Target),
DiagnosticMessage = new DEROctetString(ex.Message),
ResultCode = new DEREnumerated <LDAPResultCodes>
{
Value = ex.Code
}
};
var ldapPacket = new LdapPacket
{
MessageId = request.MessageId,
ProtocolOperation = new DERProtocolOperation
{
Operation = operation
}
};
return(ldapPacket);
}
public static LdapPacket NewBindRequest(int messageId, int version, string name, Action <BindRequestBuilder> callback)
{
var bindRequestBuilder = new BindRequestBuilder(version, name);
callback(bindRequestBuilder);
var bindRequest = bindRequestBuilder.Build();
var result = new LdapPacket
{
MessageId = new DERInteger(messageId),
ProtocolOperation = new DERProtocolOperation
{
Operation = bindRequest
}
};
return(result);
}
public static LdapPacket NewAddRequest(int messageId, string distinguishedName, Action <AddRequestBuilder> callback)
{
var addRequestBuilder = new AddRequestBuilder(distinguishedName);
callback(addRequestBuilder);
var addRequest = addRequestBuilder.Build();
var result = new LdapPacket
{
MessageId = new DERInteger(messageId),
ProtocolOperation = new DERProtocolOperation
{
Operation = addRequest
}
};
return(result);
}
public void When_Serialize_AddRequest()
{
var payload = LdapPacketBuilder.NewAddRequest(1, "administrator", (opt) =>
{
opt.AddAttribute("objectClass", new List <string>
{
"inetOrgPerson"
});
}).Serialize().ToList();
var ldapPacket = LdapPacket.Extract(payload);
var addRequest = ldapPacket.ProtocolOperation.Operation as AddRequest;
Assert.NotNull(ldapPacket);
Assert.Equal(1, ldapPacket.MessageId.Value);
Assert.True(addRequest.Attributes.Values.Count() == 1);
Assert.Equal("objectClass", addRequest.Attributes.Values.First().Type.Value);
}
public async Task <ICollection <LdapPacket> > Execute(BindRequestCommand bindRequestCommand)
{
var bindRequest = bindRequestCommand.ProtocolOperation.Operation as BindRequest;
var dn = bindRequest.Name.Value;
var authenticationHandler = _authenticationHandlerFactory.Build(bindRequest.Authentication.Type);
if (authenticationHandler == null)
{
throw new LdapException(Global.AuthenticationMethodNotSupported, LDAPResultCodes.AuthMethodNotSupported, dn);
}
var entry = await _ldapEntryQueryStore.Get(dn);
if (entry == null)
{
throw new LdapException(string.Format(Global.EntryDoesntExist, dn), LDAPResultCodes.NoSuchObject, dn);
}
await authenticationHandler.Authenticate(entry, bindRequest);
var donePacket = new LdapPacket
{
MessageId = bindRequestCommand.MessageId,
ProtocolOperation = new DERProtocolOperation
{
Operation = new BindResponse
{
Result = new LDAPResult
{
MatchedDN = new DEROctetString(bindRequest.Name.Value),
ResultCode = new DEREnumerated <LDAPResultCodes>
{
Value = LDAPResultCodes.Success
},
DiagnosticMessage = new DEROctetString(string.Empty)
}
}
}
};
return(new List <LdapPacket>
{
donePacket
});
}
/// <summary>
/// Handle bindrequests
/// </summary>
/// <param name="bindrequest"></param>
private Boolean HandleBindRequest(Stream stream, LdapPacket requestPacket)
{
var bindrequest = requestPacket.ChildAttributes.SingleOrDefault(o => o.LdapOperation == LdapOperation.BindRequest);
var username = bindrequest.ChildAttributes[1].GetValue <String>();
var password = bindrequest.ChildAttributes[2].GetValue <String>();
var response = LdapResult.invalidCredentials;
if (username == "cn=bindUser,cn=Users,dc=dev,dc=company,dc=com" && password == "bindUserPassword" ||
username == "cn=user,dc=example,dc=com" && password == "123")
{
response = LdapResult.success;
}
var responsePacket = new LdapPacket(requestPacket.MessageId);
responsePacket.ChildAttributes.Add(new LdapResultAttribute(LdapOperation.BindResponse, response));
var responseBytes = responsePacket.GetBytes();
stream.Write(responseBytes, 0, responseBytes.Length);
return(response == LdapResult.success);
}
public void TestLdapAttributeSequenceGetBytes2()
{
var packet = new LdapPacket(1);
var bindresponse = new LdapAttribute(LdapOperation.BindResponse);
var resultCode = new LdapAttribute(UniversalDataType.Enumerated, (Byte)LdapResult.success);
bindresponse.ChildAttributes.Add(resultCode);
var matchedDn = new LdapAttribute(UniversalDataType.OctetString);
var diagnosticMessage = new LdapAttribute(UniversalDataType.OctetString);
bindresponse.ChildAttributes.Add(matchedDn);
bindresponse.ChildAttributes.Add(diagnosticMessage);
packet.ChildAttributes.Add(bindresponse);
var expected = "300f02040000000161070a010004000400"; // "300c02010161070a010004000400";
Assert.AreEqual(expected, Utils.ByteArrayToString(packet.GetBytes()));
}
/// <summary>
/// Handle clients
/// </summary>
/// <param name="ar"></param>
private void HandleClient(TcpClient client)
{
try
{
_log.Debug($"Connection from {client.Client.RemoteEndPoint}");
var isBound = false;
var stream = client.GetStream();
while (LdapPacket.TryParsePacket(stream, out var requestPacket))
{
LogPacket(requestPacket);
if (requestPacket.ChildAttributes.Any(o => o.LdapOperation == LdapOperation.BindRequest))
{
isBound = HandleBindRequest(stream, requestPacket);
}
if (isBound) // Only handle other requests if the client is bound, dont allow any anonymous searches
{
if (requestPacket.ChildAttributes.Any(o => o.LdapOperation == LdapOperation.SearchRequest))
{
HandleSearchRequest(stream, requestPacket);
}
}
}
_log.Debug($"Connection closed to {client.Client.RemoteEndPoint}");
}
catch (IOException ioex)
{
_log.Warn("oops", ioex);
}
catch (Exception ex)
{
_log.Error("Something went wrong", ex);
}
}
/// <summary>
/// Handle search requests
/// </summary>
/// <param name="searchRequest"></param>
/// <returns></returns>
private void HandleSearchRequest(NetworkStream stream, LdapPacket requestPacket)
{
var searchRequest = requestPacket.ChildAttributes.SingleOrDefault(o => o.LdapOperation == LdapOperation.SearchRequest);
var filter = searchRequest.ChildAttributes[6];
if ((LdapFilterChoice)filter.ContextType == LdapFilterChoice.equalityMatch && filter.ChildAttributes[0].GetValue <String>() == "sAMAccountName" && filter.ChildAttributes[1].GetValue <String>() == "testuser") // equalityMatch
{
var responseEntryPacket = new LdapPacket(requestPacket.MessageId);
var searchResultEntry = new LdapAttribute(LdapOperation.SearchResultEntry);
searchResultEntry.ChildAttributes.Add(new LdapAttribute(UniversalDataType.OctetString, "cn=testuser,cn=Users,dc=dev,dc=company,dc=com"));
searchResultEntry.ChildAttributes.Add(new LdapAttribute(UniversalDataType.Sequence));
responseEntryPacket.ChildAttributes.Add(searchResultEntry);
var responsEntryBytes = responseEntryPacket.GetBytes();
stream.Write(responsEntryBytes, 0, responsEntryBytes.Length);
}
var responseDonePacket = new LdapPacket(requestPacket.MessageId);
responseDonePacket.ChildAttributes.Add(new LdapResultAttribute(LdapOperation.SearchResultDone, LdapResult.success));
var responseDoneBytes = responseDonePacket.GetBytes();
stream.Write(responseDoneBytes, 0, responseDoneBytes.Length);
}
public async Task <ICollection <LdapPacket> > Execute(AddRequestCommand addRequestCommand)
{
var addRequest = addRequestCommand.ProtocolOperation.Operation as AddRequest;
var dn = addRequest.Entry.Value;
var objectClassAttributes = addRequest.Attributes.Values.Where(v => v.Type.Value == _options.ObjectClassAttributeName);
if (!objectClassAttributes.Any())
{
throw new LdapException(string.Format(Global.AttributeIsMissing, _options.ObjectClassAttributeName), LDAPResultCodes.Other, dn);
}
var existingRepresentation = await _ldapQueryStore.Get(dn);
if (existingRepresentation != null)
{
throw new LdapException(string.Format(Global.EntryAlreadyExists, dn), LDAPResultCodes.EntryAlreadyExists, dn);
}
var parentDN = dn.ExtractParentDN();
var parentRepresentation = await _ldapQueryStore.Get(parentDN);
if (parentRepresentation == null)
{
throw new LdapException(string.Format(Global.ParentDoesntExist, parentDN), LDAPResultCodes.NoSuchObject, parentDN);
}
var existingObjectClasses = await _ldapQueryStore.GetByAttributes(objectClassAttributes.Select(attr => new KeyValuePair <string, string>(_options.NameAttributeName, attr.Vals.Values.First().Value)).ToList());
var mustAttributeTypes = existingObjectClasses.SelectMany(obj => obj.Attributes.Where(attr => attr.Name == _options.MustAttributeName));
var mayAttributeTypes = existingObjectClasses.SelectMany(obj => obj.Attributes.Where(attr => attr.Name == _options.MayAttributeName));
var attributeTypes = new List <string>();
attributeTypes.AddRange(mustAttributeTypes.SelectMany(m => m.Values));
attributeTypes.AddRange(mayAttributeTypes.SelectMany(m => m.Values));
var existingObjectClassNames = existingObjectClasses.Select(entry => entry.Attributes.First(attr => attr.Name == _options.NameAttributeName).Values.First());
var unknownObjectClasses = objectClassAttributes.Where(obj => !existingObjectClassNames.Contains(obj.Vals.Values.First().Value)).Select(kvp => kvp.Vals.Values.First().Value);
if (unknownObjectClasses.Any())
{
throw new LdapException(string.Format(Global.UnknownObjectClasses, string.Join(",", unknownObjectClasses)), LDAPResultCodes.Other, dn);
}
var missingRequiredAttributes = mustAttributeTypes.Where(attr => !addRequest.Attributes.Values.Any(a => attr.Values.Contains(a.Type.Value)));
if (missingRequiredAttributes.Any())
{
throw new LdapException(string.Format(Global.RequiredAttributeMissing, string.Join(",", missingRequiredAttributes.SelectMany(m => m.Values))), LDAPResultCodes.Other, dn);
}
var undefinedAttributes = addRequest.Attributes.Values.Where(attr => !attributeTypes.Any(d => d.Equals(attr.Type.Value, StringComparison.InvariantCultureIgnoreCase)));
if (undefinedAttributes.Any())
{
throw new LdapException(string.Format(Global.AttributesUndefined, string.Join(",", undefinedAttributes.Select(a => a.Type.Value))), LDAPResultCodes.Other, dn);
}
var record = new LDAPEntry
{
DistinguishedName = dn,
Attributes = new List <LDAPEntryAttribute>()
};
var attributes = await _ldapQueryStore.GetByAttributes(attributeTypes.Select(attr => new KeyValuePair <string, string>(_options.NameAttributeName, attr)).ToList());
foreach (var attr in addRequest.Attributes.Values)
{
var attribute = attributes.First(a => a.Attributes.Any(at => at.Name == _options.NameAttributeName && at.Values.Contains(attr.Type.Value)));
CheckSyntax(attribute, attr, dn);
var existingAttributes = addRequest.Attributes.Values.Where(a => a.Type.Value == attr.Type.Value);
if (IsSingleValue(attribute) && existingAttributes.Count() > 1)
{
throw new LdapException(string.Format(Global.SingleValue, attr.Type.Value), LDAPResultCodes.AttributeOrValueExists, dn);
}
record.Attributes.Add(new LDAPEntryAttribute
{
Id = Guid.NewGuid().ToString(),
Name = attr.Type.Value,
Values = attr.Vals.Values.Select(v => v.Value).ToList()
});
}
_ldapCommandStore.Add(record);
await _ldapCommandStore.SaveChanges();
var donePacket = new LdapPacket
{
MessageId = addRequestCommand.MessageId,
ProtocolOperation = new DERProtocolOperation
{
Operation = new AddResponse
{
Result = new LDAPResult
{
MatchedDN = addRequest.Entry,
ResultCode = new DEREnumerated <LDAPResultCodes>
{
Value = LDAPResultCodes.Success
},
DiagnosticMessage = new DEROctetString(string.Empty)
}
}
}
};
return(new List <LdapPacket>
{
donePacket
});
}
public void TestPacketMessageId()
{
var packet = new LdapPacket(Int32.MaxValue);
Assert.AreEqual(Int32.MaxValue, packet.MessageId);
}
private async Task HandleTcpClient(TcpClient client)
{
if (ClientConnected != null)
{
ClientConnected(this, EventArgs.Empty);
}
var stream = client.GetStream();
var ldapSession = new LdapSession(stream);
_ldapSessionStoreLst.Add(ldapSession);
bool isContinue = true;
while (!_tokenSource.IsCancellationRequested && isContinue)
{
LdapPacket ldapRequest = null;
try
{
byte[] buffer = new byte[1024];
stream.Read(buffer, 0, buffer.Length);
ldapRequest = LdapPacket.Extract(buffer.ToList());
// Sometimes we received empty request.
if (ldapRequest.Length == 0)
{
continue;
}
if (ldapSession.State == LdapSessionStates.Created && !(ldapRequest.ProtocolOperation.Operation is BindRequest))
{
throw new LdapException(Global.NoLdapSession, LDAPResultCodes.OperationsError, string.Empty);
}
ldapSession.State = LdapSessionStates.Authenticated;
var packetLst = await _ldapService.Handle(ldapRequest);
foreach (var packet in packetLst)
{
var payload = packet.Serialize();
await stream.WriteAsync(payload.ToArray(), 0, payload.Count());
}
}
catch (LdapException ex)
{
_logger.LogError(ex, ex.Message);
var res = BuildError(ldapRequest, ex).Serialize();
await stream.WriteAsync(res.ToArray(), 0, res.Count());
}
catch (ObjectDisposedException)
{
isContinue = false;
}
catch (Exception ex)
{
_logger.LogError(ex, ex.ToString());
isContinue = false;
client.Client.Disconnect(false);
}
}
_ldapSessionStoreLst.Remove(ldapSession);
if (ClientDisconnected != null)
{
ClientDisconnected(this, EventArgs.Empty);
}
}
