NAME
Net::LDAP::Gateway - Infrastructure to build LDAP gateways
SYNOPSIS
use Net::LDAP::Gateway;
DESCRIPTION
This module provides a set of low level functions to encode and decode LDAP packets
EXPORT
The following functions can be imported from this module:
- $normalized = ldap_dn_normalize($dn)
-
returns a normalized version of the given dn.
- $len = ldap_peek_message($buffer)
- ($len, $msgid, $op, $more) = ldap_peek_message($buffer)
-
If enough data is available in buffer, this function returns the size of the incomming packet. Otherwise it returns undef.
When called in list context, besides the packet len, if enough data is available from the buffer, this function also returns the message ID, the LDAP operation code and depending on the packet type, the dn or the error code.
- ($msgid, $op, $data) = ldap_shift_message($buffer)
-
Extracts and parses the next LDAP message available from $buffer.
$msgid
is the message id.$op
is the number associated to the requested operation as defined by the LDAP specification (symbolic names for those constants can be imported from Net::LDAP::Gateway::Constant).$data
is a hash representing all the data available on the packet as follows:- LDAP_OP_BIND_REQUEST [0]
-
$data = { version => $protocol_version, dn => $bind_dn, method => $auth_method, %method_data }
other authentication methods are currently not supported
- LDAP_OP_UNBIND_REQUEST [2]
-
The unbind request does not carry any extra data:
$data = {}
- LDAP_OP_SEARCH_REQUEST [3]
-
$data = { base_dn => $base_dn, scope => $scope, deref_aliases => $deref, size_limit => $sl, # optional time_limit => $tl, # optional types_only => 1, # optional filter => \@filter attributes => \@attr, # optional }
$scope
can take the valuesLDAP_SCOPE_BASE_OBJECT
[0],LDAP_SCOPE_SINGLE_LEVEL
[1] orLDAP_SCOPE_WHOLE_SUBTREE
[2].$deref
can take the valuesLDAP_DEREF_ALIASES_NEVER
[0],LDAP_DEREF_ALIASES_IN_SEARCHING
[1],LDAP_DEREF_ALIASES_FINDING_BASE_OBJ
[2] orLDAP_DEREF_ALIASES_ALWAYS
[3] - LDAP_OP_MODIFY_REQUEST [6]
-
$data = { dn => $dn, add => $add, changes => \@changes } @changes = ( { operation => $op, attribute => $attribute, values => \@values }, ... )
$op
can take the valuesLDAP_MODOP_REPLACE
,LDAP_MODOP_ADD
orLDAP_MODOP_DELETE
. - LDAP_OP_ADD_REQUEST [8]
-
$data = { dn => $dn, $attr1 => \@values1, $attr2 => \@values2, ... }
- LDAP_OP_DELETE_REQUEST [10]
-
$data = { dn => $dn }
- LDAP_OP_MODIFY_DN_REQUEST [12]
-
$data = { dn => $dn, new_rdn => $new_rdn, delete_old_rdn => 1, # optional new_superior => $superior, # optional
- LDAP_OP_COMPARE_REQUEST [14]
-
$data = { dn => $dn, attribute => $attr, value => $value }
- LDAP_OP_ABANDON_REQUEST [16]
-
$data = { message_id => $message_id }
- LDAP_OP_EXTENDED_REQUEST [23]
-
$data = { oid => $oid, value => $value }
- LDAP_OP_BIND_RESPONSE [1]
-
$data = { result => $result_code, matched_dn => $dn, message => $message, referrals => \@referrals, # optional sasl_credentials => $credentials # optional }
- LDAP_OP_SEARCH_ENTRY_RESPONSE [5]
-
$data = { dn => $entry_dn, $attr1 => \@values1, $attr2 => \@values2, ... }
- LDAP_OP_SEARCH_DONE_RESPONSE [5]
- LDAP_OP_MODIFY_RESPONSE [7]
- LDAP_OP_ADD_RESPONSE [9]
- LDAP_OP_DELETE_RESPONSE [11]
- LDAP_OP_MODIFY_DN_RESPONSE [13]
- LDAP_OP_COMPARE_RESPONSE [15]
- LDAP_OP_EXTENDED_RESPONSE [24]
-
$data = { result => $result_code, matched_dn => $dn, message => $message, referrals => \@referrals # optional }
$result_code
contains the status of the operation (see "Error codes" in Net::LDAP::Gateway::Constant).
- $msg = ldap_pack_message_ref($msgid, $op, \%data)
- $msg = ldap_pack_bind_request_ref($msgid, \%data)
- $msg = ldap_pack_bind_response_ref($msgid, \%data)
- $msg = ldap_pack_unbind_request_ref($msgid, \%data)
- $msg = ldap_pack_search_request_ref($msgid, \%data)
- $msg = ldap_pack_search_entry_response_ref($msgid, \%data)
- $msg = ldap_pack_search_done_response_ref($msgid, \%data)
- $msg = ldap_pack_modify_request_ref($msgid, \%data)
- $msg = ldap_pack_modify_response_ref($msgid, \%data)
- $msg = ldap_pack_add_request_ref($msgid, \%data)
- $msg = ldap_pack_add_response_ref($msgid, \%data)
- $msg = ldap_pack_delete_request_ref($msgid, \%data)
- $msg = ldap_pack_delete_response_ref($msgid, \%data)
- $msg = ldap_pack_modify_dn_request_ref($msgid, \%data)
- $msg = ldap_pack_modify_dn_response_ref($msgid, \%data)
- $msg = ldap_pack_compare_request_ref($msgid, \%data)
- $msg = ldap_pack_compare_response_ref($msgid, \%data)
- $msg = ldap_pack_abandon_request_ref($msgid, \%data)
- $msg = ldap_pack_extended_request_ref($msgid, \%data)
- $msg = ldap_pack_extended_response_ref($msgid, \%data)
-
These functions take a
$msgid
and a reference to a hash containing the message data and return the LDAP message.The data structured passed must be as documented on
ldap_shift_message
. - $msg = ldap_pack_bind_request($msgid, ...)
- $msg = ldap_pack_bind_response($msgid, $result, $matched_dn, $message, \@referrals, $SASL_creds)
- $msg = ldap_pack_unbind_request($msgid)
- $msg = ldap_pack_search_request($msgid, $base_dn, $scope, $deref, $size_limit, $time_limit, $types_only, $filter, \@attributes)
- $msg = ldap_pack_search_entry_response($msgid, $dn, $attr1 => \@values1, $attr2 => \@values2)
- $msg = ldap_pack_search_done_response($msgid, $result, $matched_dn, $message, \@referrals)
- $msg = ldap_pack_modify_request($msgid, ...)
- $msg = ldap_pack_modify_response($msgid, $result, $matched_dn, $message, \@referrals)
- $msg = ldap_pack_add_request($msgid, ...)
- $msg = ldap_pack_add_response($msgid, $result, $matched_dn, $message, \@referrals)
- $msg = ldap_pack_delete_request($msgid, ...)
- $msg = ldap_pack_delete_response($msgid, $result, $matched_dn, $message, \@referrals)
- $msg = ldap_pack_modify_dn_request($msgid, ...)
- $msg = ldap_pack_modify_dn_response($msgid, $result, $matched_dn, $message, \@referrals)
- $msg = ldap_pack_compare_request($msgid, ...)
- $msg = ldap_pack_compare_response($msgid, $result, $matched_dn, $message, \@referrals)
- $msg = ldap_pack_abandon_request($msgid, ...)
- $msg = ldap_pack_extended_request($msgid, ...)
- $msg = ldap_pack_extended_response($msgid, ...)
-
These functions take a
$msgid
and a list of arguments and return the corresponding LDAP message.
TODO
- - add support for SASL authentication
- - add support for common controls and extensions (requests welcome!)
- - support controls in packing methods
SEE ALSO
Other Perl LDAP related modules: Net::LDAP, Net::LDAPapi, Net::LDAP::Server.
LDAP RFCs 4511, 4513, 4515, 4517, 4519, 4510, 4512, 4514, 4516 and 4518.
AUTHOR
Salvador Fandiño, <sfandino@yahoo.com>
COPYRIGHT AND LICENSE
Copyright (C) 2009, 2010, 2011 by Qindel Formacion y Servicios S.L.
This Perl module is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This Perl module is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this package. If not, see http://www.gnu.org/licenses/.