如何解决将ldaptor Python代理与StartTLS一起使用-未实现错误StartTLS
我正在尝试使用StartTLS身份验证设置代理。
我使用了the official ldaptor documentation中的第一个Python Proxy Recipe,设置了一个侦听localhost:12345的代理,并将请求传递给侦听localhost:389的LDAP服务器。
代码在这里:
#! /usr/bin/env python
from ldaptor.protocols import pureldap
from ldaptor.protocols.ldap.ldapclient import LDAPClient
from ldaptor.protocols.ldap.ldapconnector import connectToLDAPEndpoint
from ldaptor.protocols.ldap.proxybase import ProxyBase
from twisted.internet import defer,protocol,reactor
from twisted.python import log
from functools import partial
import sys
class LoggingProxy(ProxyBase):
"""
A simple example of using `ProxyBase` to log requests and responses.
"""
def handleProxiedResponse(self,response,request,controls):
"""
Log the representation of the responses received.
"""
log.msg("Request => " + repr(request))
log.msg("Response => " + repr(response))
return defer.succeed(response)
def ldapBindRequestRepr(self):
l=[]
l.append('version={0}'.format(self.version))
l.append('dn={0}'.format(repr(self.dn)))
l.append('auth=****')
if self.tag!=self.__class__.tag:
l.append('tag={0}'.format(self.tag))
l.append('sasl={0}'.format(repr(self.sasl)))
return self.__class__.__name__+'('+','.join(l)+')'
pureldap.LDAPBindRequest.__repr__ = ldapBindRequestRepr
if __name__ == '__main__':
"""
Demonstration LDAP proxy; listens on localhost:12345 and
passes all requests to localhost:389.
"""
log.startLogging(sys.stderr)
factory = protocol.ServerFactory()
proxiedEndpointStr = 'tcp:host=localhost:port=389'
use_tls = True
clientConnector = partial(
connectToLDAPEndpoint,reactor,proxiedEndpointStr,LDAPClient)
def buildProtocol():
proto = LoggingProxy()
proto.clientConnector = clientConnector
proto.use_tls = use_tls
return proto
factory.protocol = buildProtocol
reactor.listenTCP(12345,factory)
reactor.run()
到目前为止,该方法有效,并且在使用Apache Directory Studio时也可以达到预期的结果:
2020-10-06 13:19:37+0200 [-] Log opened.
2020-10-06 13:19:37+0200 [-] ServerFactory starting on 12345
2020-10-06 13:19:37+0200 [-] Starting factory <twisted.internet.protocol.ServerFactory object at 0x7fc557ee23a0>
2020-10-06 13:24:40+0200 [-] Starting factory <twisted.internet.endpoints.connectProtocol.<locals>.OneShotFactory object at 0x7fc557ef3f10>
2020-10-06 13:24:40+0200 [LDAPClient,client] Request => LDAPBindRequest(version=3,dn=b'cn=Administrator,dc=dept,dc=office,dc=company,dc=de',auth=****,sasl=False)
2020-10-06 13:24:40+0200 [LDAPClient,client] Response => LDAPBindResponse(resultCode=0)
2020-10-06 13:24:40+0200 [-] Stopping factory <twisted.internet.endpoints.connectProtocol.<locals>.OneShotFactory object at 0x7fc557ef3f10>
但是,当我想将Apache Directory Studio中的身份验证方法从“无身份验证”更改为“ StartTLS”时,我的python脚本出现以下错误:
2020-10-06 13:25:43+0200 [-] Log opened.
2020-10-06 13:25:43+0200 [-] ServerFactory starting on 12345
2020-10-06 13:25:43+0200 [-] Starting factory <twisted.internet.protocol.ServerFactory object at 0x7f3a47a34fa0>
2020-10-06 13:25:51+0200 [-] Starting factory <twisted.internet.endpoints.connectProtocol.<locals>.OneShotFactory object at 0x7f3a47a43790>
2020-10-06 13:25:52+0200 [LoggingProxy,127.0.0.1] StartTLS not implemented. Responding with 'unavailable' (52): LDAPStartTLSResponse()
2020-10-06 13:25:52+0200 [-] Stopping factory <twisted.internet.endpoints.connectProtocol.<locals>.OneShotFactory object at 0x7f3a47a43790>
我是该领域的新手,所以我不知道代码中要更改什么。我已经将use_tls设置为True。
有人可以帮忙吗?
谢谢!
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。