osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Слідкувати 15
В обрані 7
Вікі 捐赠
本站源代码
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
Гілка: gamification
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'gamification'
${ noResults }
com/vendor/gopkg.in/ldap.v3/dn.go

248 lines
7.4KB
Неформатований Постійне посилання Blame Історія 

  1. // File contains DN parsing functionality

  2. //

  3. // https://tools.ietf.org/html/rfc4514

  4. //

  5. //   distinguishedName = [ relativeDistinguishedName

  6. //         *( COMMA relativeDistinguishedName ) ]

  7. //     relativeDistinguishedName = attributeTypeAndValue

  8. //         *( PLUS attributeTypeAndValue )

  9. //     attributeTypeAndValue = attributeType EQUALS attributeValue

  10. //     attributeType = descr / numericoid

  11. //     attributeValue = string / hexstring

  12. //

  13. //     ; The following characters are to be escaped when they appear

  14. //     ; in the value to be encoded: ESC, one of <escaped>, leading

  15. //     ; SHARP or SPACE, trailing SPACE, and NULL.

  16. //     string =   [ ( leadchar / pair ) [ *( stringchar / pair )

  17. //        ( trailchar / pair ) ] ]

  18. //

  19. //     leadchar = LUTF1 / UTFMB

  20. //     LUTF1 = %x01-1F / %x21 / %x24-2A / %x2D-3A /

  21. //        %x3D / %x3F-5B / %x5D-7F

  22. //

  23. //     trailchar  = TUTF1 / UTFMB

  24. //     TUTF1 = %x01-1F / %x21 / %x23-2A / %x2D-3A /

  25. //        %x3D / %x3F-5B / %x5D-7F

  26. //

  27. //     stringchar = SUTF1 / UTFMB

  28. //     SUTF1 = %x01-21 / %x23-2A / %x2D-3A /

  29. //        %x3D / %x3F-5B / %x5D-7F

  30. //

  31. //     pair = ESC ( ESC / special / hexpair )

  32. //     special = escaped / SPACE / SHARP / EQUALS

  33. //     escaped = DQUOTE / PLUS / COMMA / SEMI / LANGLE / RANGLE

  34. //     hexstring = SHARP 1*hexpair

  35. //     hexpair = HEX HEX

  36. //

  37. //  where the productions <descr>, <numericoid>, <COMMA>, <DQUOTE>,

  38. //  <EQUALS>, <ESC>, <HEX>, <LANGLE>, <NULL>, <PLUS>, <RANGLE>, <SEMI>,

  39. //  <SPACE>, <SHARP>, and <UTFMB> are defined in [RFC4512].

  40. //

  41. 

  42. package ldap

  43. 

  44. import (

  45. 	"bytes"

  46. 	enchex "encoding/hex"

  47. 	"errors"

  48. 	"fmt"

  49. 	"strings"

  50. 

  51. 	"gopkg.in/asn1-ber.v1"

  52. )

  53. 

  54. // AttributeTypeAndValue represents an attributeTypeAndValue from https://tools.ietf.org/html/rfc4514

  55. type AttributeTypeAndValue struct {

  56. 	// Type is the attribute type

  57. 	Type string

  58. 	// Value is the attribute value

  59. 	Value string

  60. }

  61. 

  62. // RelativeDN represents a relativeDistinguishedName from https://tools.ietf.org/html/rfc4514

  63. type RelativeDN struct {

  64. 	Attributes []*AttributeTypeAndValue

  65. }

  66. 

  67. // DN represents a distinguishedName from https://tools.ietf.org/html/rfc4514

  68. type DN struct {

  69. 	RDNs []*RelativeDN

  70. }

  71. 

  72. // ParseDN returns a distinguishedName or an error

  73. func ParseDN(str string) (*DN, error) {

  74. 	dn := new(DN)

  75. 	dn.RDNs = make([]*RelativeDN, 0)

  76. 	rdn := new(RelativeDN)

  77. 	rdn.Attributes = make([]*AttributeTypeAndValue, 0)

  78. 	buffer := bytes.Buffer{}

  79. 	attribute := new(AttributeTypeAndValue)

  80. 	escaping := false

  81. 

  82. 	unescapedTrailingSpaces := 0

  83. 	stringFromBuffer := func() string {

  84. 		s := buffer.String()

  85. 		s = s[0 : len(s)-unescapedTrailingSpaces]

  86. 		buffer.Reset()

  87. 		unescapedTrailingSpaces = 0

  88. 		return s

  89. 	}

  90. 

  91. 	for i := 0; i < len(str); i++ {

  92. 		char := str[i]

  93. 		switch {

  94. 		case escaping:

  95. 			unescapedTrailingSpaces = 0

  96. 			escaping = false

  97. 			switch char {

  98. 			case ' ', '"', '#', '+', ',', ';', '<', '=', '>', '\\':

  99. 				buffer.WriteByte(char)

  100. 				continue

  101. 			}

  102. 			// Not a special character, assume hex encoded octet

  103. 			if len(str) == i+1 {

  104. 				return nil, errors.New("got corrupted escaped character")

  105. 			}

  106. 

  107. 			dst := []byte{0}

  108. 			n, err := enchex.Decode([]byte(dst), []byte(str[i:i+2]))

  109. 			if err != nil {

  110. 				return nil, fmt.Errorf("failed to decode escaped character: %s", err)

  111. 			} else if n != 1 {

  112. 				return nil, fmt.Errorf("expected 1 byte when un-escaping, got %d", n)

  113. 			}

  114. 			buffer.WriteByte(dst[0])

  115. 			i++

  116. 		case char == '\\':

  117. 			unescapedTrailingSpaces = 0

  118. 			escaping = true

  119. 		case char == '=':

  120. 			attribute.Type = stringFromBuffer()

  121. 			// Special case: If the first character in the value is # the

  122. 			// following data is BER encoded so we can just fast forward

  123. 			// and decode.

  124. 			if len(str) > i+1 && str[i+1] == '#' {

  125. 				i += 2

  126. 				index := strings.IndexAny(str[i:], ",+")

  127. 				data := str

  128. 				if index > 0 {

  129. 					data = str[i : i+index]

  130. 				} else {

  131. 					data = str[i:]

  132. 				}

  133. 				rawBER, err := enchex.DecodeString(data)

  134. 				if err != nil {

  135. 					return nil, fmt.Errorf("failed to decode BER encoding: %s", err)

  136. 				}

  137. 				packet, err := ber.DecodePacketErr(rawBER)

  138. 				if err != nil {

  139. 					return nil, fmt.Errorf("failed to decode BER packet: %s", err)

  140. 				}

  141. 				buffer.WriteString(packet.Data.String())

  142. 				i += len(data) - 1

  143. 			}

  144. 		case char == ',' || char == '+':

  145. 			// We're done with this RDN or value, push it

  146. 			if len(attribute.Type) == 0 {

  147. 				return nil, errors.New("incomplete type, value pair")

  148. 			}

  149. 			attribute.Value = stringFromBuffer()

  150. 			rdn.Attributes = append(rdn.Attributes, attribute)

  151. 			attribute = new(AttributeTypeAndValue)

  152. 			if char == ',' {

  153. 				dn.RDNs = append(dn.RDNs, rdn)

  154. 				rdn = new(RelativeDN)

  155. 				rdn.Attributes = make([]*AttributeTypeAndValue, 0)

  156. 			}

  157. 		case char == ' ' && buffer.Len() == 0:

  158. 			// ignore unescaped leading spaces

  159. 			continue

  160. 		default:

  161. 			if char == ' ' {

  162. 				// Track unescaped spaces in case they are trailing and we need to remove them

  163. 				unescapedTrailingSpaces++

  164. 			} else {

  165. 				// Reset if we see a non-space char

  166. 				unescapedTrailingSpaces = 0

  167. 			}

  168. 			buffer.WriteByte(char)

  169. 		}

  170. 	}

  171. 	if buffer.Len() > 0 {

  172. 		if len(attribute.Type) == 0 {

  173. 			return nil, errors.New("DN ended with incomplete type, value pair")

  174. 		}

  175. 		attribute.Value = stringFromBuffer()

  176. 		rdn.Attributes = append(rdn.Attributes, attribute)

  177. 		dn.RDNs = append(dn.RDNs, rdn)

  178. 	}

  179. 	return dn, nil

  180. }

  181. 

  182. // Equal returns true if the DNs are equal as defined by rfc4517 4.2.15 (distinguishedNameMatch).

  183. // Returns true if they have the same number of relative distinguished names

  184. // and corresponding relative distinguished names (by position) are the same.

  185. func (d *DN) Equal(other *DN) bool {

  186. 	if len(d.RDNs) != len(other.RDNs) {

  187. 		return false

  188. 	}

  189. 	for i := range d.RDNs {

  190. 		if !d.RDNs[i].Equal(other.RDNs[i]) {

  191. 			return false

  192. 		}

  193. 	}

  194. 	return true

  195. }

  196. 

  197. // AncestorOf returns true if the other DN consists of at least one RDN followed by all the RDNs of the current DN.

  198. // "ou=widgets,o=acme.com" is an ancestor of "ou=sprockets,ou=widgets,o=acme.com"

  199. // "ou=widgets,o=acme.com" is not an ancestor of "ou=sprockets,ou=widgets,o=foo.com"

  200. // "ou=widgets,o=acme.com" is not an ancestor of "ou=widgets,o=acme.com"

  201. func (d *DN) AncestorOf(other *DN) bool {

  202. 	if len(d.RDNs) >= len(other.RDNs) {

  203. 		return false

  204. 	}

  205. 	// Take the last `len(d.RDNs)` RDNs from the other DN to compare against

  206. 	otherRDNs := other.RDNs[len(other.RDNs)-len(d.RDNs):]

  207. 	for i := range d.RDNs {

  208. 		if !d.RDNs[i].Equal(otherRDNs[i]) {

  209. 			return false

  210. 		}

  211. 	}

  212. 	return true

  213. }

  214. 

  215. // Equal returns true if the RelativeDNs are equal as defined by rfc4517 4.2.15 (distinguishedNameMatch).

  216. // Relative distinguished names are the same if and only if they have the same number of AttributeTypeAndValues

  217. // and each attribute of the first RDN is the same as the attribute of the second RDN with the same attribute type.

  218. // The order of attributes is not significant.

  219. // Case of attribute types is not significant.

  220. func (r *RelativeDN) Equal(other *RelativeDN) bool {

  221. 	if len(r.Attributes) != len(other.Attributes) {

  222. 		return false

  223. 	}

  224. 	return r.hasAllAttributes(other.Attributes) && other.hasAllAttributes(r.Attributes)

  225. }

  226. 

  227. func (r *RelativeDN) hasAllAttributes(attrs []*AttributeTypeAndValue) bool {

  228. 	for _, attr := range attrs {

  229. 		found := false

  230. 		for _, myattr := range r.Attributes {

  231. 			if myattr.Equal(attr) {

  232. 				found = true

  233. 				break

  234. 			}

  235. 		}

  236. 		if !found {

  237. 			return false

  238. 		}

  239. 	}

  240. 	return true

  241. }

  242. 

  243. // Equal returns true if the AttributeTypeAndValue is equivalent to the specified AttributeTypeAndValue

  244. // Case of the attribute type is not significant

  245. func (a *AttributeTypeAndValue) Equal(other *AttributeTypeAndValue) bool {

  246. 	return strings.EqualFold(a.Type, other.Type) && a.Value == other.Value

  247. }
上海开阖软件有限公司 沪ICP备12045867号-1