-
Notifications
You must be signed in to change notification settings - Fork 355
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add Extended request operations #516
base: master
Are you sure you want to change the base?
Conversation
4dba82f
to
efdaca2
Compare
For reference the Wireshark dissection implementation: https://github.com/wireshark/wireshark/blob/bdc5f76203a9091006d3bb8e0101191a8c8f74e6/epan/dissectors/packet-ldap.c#L2836-L2840 |
@cpuschma hi, I ran into the same problem and I'm working on it now.Tell me, did you manage to implement it? |
Hi @cpuschma -- I'm going to try and reproduce this behavior on my end and see if I can discern what is going on. Also, just in case you didn't already realize it, RFC2251 was obsoleted by RFC4511. The section number in question, however, remains 4.12. Jesse 😃 |
OK, to begin I cloned the As the hostname implies, I am using OpenDJ on my local system.
If I swap the Bind user to someone not anonymous, the response is also correct (for OpenDJ):
Now ... these are the correct results. The
Note that specific detail:
Note it is OPTIONAL, as indicated. I am wondering if you were getting unexpected results because the OID you were testing with was perhaps of a similar use to LDAP "Who Am I?", in that NO value is expected? This is a wild, wild guess, but I'm offering it nonetheless. Jesse 😃 |
Implementation suggestions:
|
@JesseCoretta Thank you for pointing out the obsolete RFC document, didn't notice that! Also thank you for your suggestions regarding the function signatures 👍 |
@cpuschma ... happy to help. Did you see my second comment, regarding the "Who Am I?" operation? If you tell me what OID you were testing with, I can reproduce on my end. I only used RFC 4532 because it is well known, no idea if thats what you were testing.... |
This implements the base for "Extended Requests" as defined in RFC2251 Section 4.12. I'm having trouble getting the requestValue to work, as this seems to get ignored by the server and Wireshark showing errors regarding unexpected fields. Additionally, submitting the
requestName
as LDAPOID (basically an alias for an BER-encoded OCTET STRING), the server immediately closes the connection without returning an error (tested against Active Directory and OpenLDAP). It works when switching tober.TagEOC
.I'm open for ideas or anyone who has experience with implementing the "Extended Request" operation!