Re: How to create a user with certificate with lib389

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm really suspicious here that your escape bytes is not needed for ldap as much as to prevent python state leaking into the string and the data. I'm wondering if there is a better approach .... 

Can ldap filters take base64 instead? Perhaps the issue with your filter atm is that you are putting a byte string into an f string so that formats with escapes. Have you tried ensure_str() instead? 



> On 13 Jun 2019, at 15:29, Anuj Borah <aborah@xxxxxxxxxx> wrote:
> 
> Yes, it is. but with escape_bytes function only.
> 
> (Pdb) Accounts(standalone, DEFAULT_SUFFIX).filter(f"(userCertificate={crt})")
> *** ldap.FILTER_ERROR: {'desc': 'Bad search filter', 'errno': 2, 'info': 'No such file or directory'}
> 
> And finally .
> Accounts(standalone, DEFAULT_SUFFIX).filter(f"(userCertificate={escape_bytes(crt)})")  >>> escape_bytes(this is function i want to put in utils.py)
> [<account1.Account object at 0x7f31b1578ef0>]
> 
> 
> 
> On Thu, Jun 13, 2019 at 6:56 PM William Brown <wbrown@xxxxxxx> wrote:
> Is the test case *just* testing if binary searching of attributes works? 
> 
> > On 13 Jun 2019, at 15:25, Anuj Borah <aborah@xxxxxxxxxx> wrote:
> > 
> > @William Brown 
> > 
> > 
> > This is my test case in bash form . Hope this helps.
> > 
> > dn: uid=user4F, ou=People, dc=example, dc=com
> > uid: user4F
> > cn: User 4F
> > sn: 4444444444444444
> > givenName: FFFFFFFFFFFFFFFF
> > ou: People
> > objectClass: top
> > objectClass: person
> > objectClass: organizationalPerson
> > objectClass: inetOrgPerson
> > description: This is user4F's description
> > mail: 
> > user4F@xxxxxxxx
> > 
> > userPassword: user4F
> > userCertificate;binary:: MIID5zCCA1CgAwIBAgIDAIF5MA0GCSqGSIb3DQEBBQUAMF4xCzAJ
> >  BgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE
> >  CxMDUEtJMRkwFwYDVQQDExBET0QgQ0xBU1MgMyBDQS0zMB4XDTAxMTExNDAwMDAwMFoXDTA0MTEx
> >  MzAwMDAwMFowdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE
> >  CxMDRG9EMQwwCgYDVQQLEwNQS0kxDDAKBgNVBAsTA1VTTjEiMCAGA1UEAxMZU0xBQ0suU1RBQ0VZ
> >  LkouMTAzNTQ3MjE4MTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnma4IZobULRwrDto4O/U
> >  mXXVtW1MDuYhooo7/5H6O+9WVWIHMKNW+TvonliezYE/N3VwHG8IFJrnjzHjtrmD/iYi+kl3jz5U
> >  QmaS/F1fDiP2/G9hEhc5QP6ZCpjWUjf/0m0NjwFiAxLGWNQV9oBqhWU+fwBxD4gGMWRwzGrbVK8C
> >  AwEAAaOCAZowggGWMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBQH4UHGgQthSDSPSnwyinB7
> >  UgD4MzAdBgNVHQ4EFgQUa6cO9LyOgFuZhaw2S+CKYh8W6NIwFgYDVR0gBA8wDTALBglghkgBZQIB
> >  CwkwfgYDVR0SBHcwdYZzbGRhcDovL2RzLTMuYzNwa2kuY2hhbWIuZGlzYS5taWwvY24lM2RET0Ql
> >  MjBDTEFTUyUyMDMlMjBDQS0zJTJjb3UlM2RQS0klMmNvdSUzZERvRCUyY28lM2RVLlMuJTIwR292
> >  ZXJubWVudCUyY2MlM2RVUzCBqwYDVR0fBIGjMIGgMIGdoIGaoIGXhoGUbGRhcDovL2RzLTMuYzNw
> >  a2kuY2hhbWIuZGlzYS5taWwvY24lM2RET0QlMjBDTEFTUyUyMDMlMjBDQS0zJTJjb3UlM2RQS0kl
> >  MmNvdSUzZERvRCUyY28lM2RVLlMuJTIwR292ZXJubWVudCUyY2MlM2RVUz9jZXJ0aWZpY2F0ZXJl
> >  dm9jYXRpb25saXN0O2JpbmFyeTANBgkqhkiG9w0BAQUFAAOBgQB5aLv3JjaAb+eIOrW3niXs96na
> >  mbjDq1IbWK55YVcpCBgD2fYasSlEmnt7ykQlYW8woRORaKv9ERpTcfcg4odi9VbtzIyzYHVyY5DU
> >  LuaEhqNiKCnjqWXPeMHmtD2H6nBiDAo6tfyitL5E+NUhz+Rigq7xT5g0Jqo1gXq1jJFdCw==
> > 
> > 
> > 
> > #./ldapsearch -p 9090 -D "cn=directory manager" -w secret12 -b "ou=people, dc=example, dc=com" "(usercertificate;binary=*)"
> > 
> > #./ldapsearch -p 9090 -D "cn=directory manager" -w secret12 -b "ou=people, dc=example, dc=com" "(usercertificate=*)"
> > 
> > #./ldapsearch -p 9090 -D "cn=directory manager" -w secret12 -b "ou=people, dc=example, dc=com" "(usercertificate;binary=\4d\49\49\44\35\7a\43\43\41\31\43\67\41\77\49\42\41\67\49\44\41\49\46\35\4d\41\30\47\43\53\71\47\53\49\62\33\44\51\45\42\42\51\55\41\4d\46\34\78\43\7a\41\4a\42\67\4e\56\42\41\59\54\41\6c\56\54\4d\52\67\77\46\67\59\44\56\51\51\4b\45\77\39\56\4c\6c\4d\75\49\45\64\76\64\6d\56\79\62\6d\31\6c\62\6e\51\78\44\44\41\4b\42\67\4e\56\42\41\73\54\41\30\52\76\52\44\45\4d\4d\41\6f\47\41\31\55\45\43\78\4d\44\55\45\74\4a\4d\52\6b\77\46\77\59\44\56\51\51\44\45\78\42\45\54\30\51\67\51\30\78\42\55\31\4d\67\4d\79\42\44\51\53\30\7a\4d\42\34\58\44\54\41\78\4d\54\45\78\4e\44\41\77\4d\44\41\77\4d\46\6f\58\44\54\41\30\4d\54\45\78\4d\7a\41\77\4d\44\41\77\4d\46\6f\77\64\54\45\4c\4d\41\6b\47\41\31\55\45\42\68\4d\43\56\56\4d\78\47\44\41\57\42\67\4e\56\42\41\6f\54\44\31\55\75\55\79\34\67\52\32\39\32\5a\58\4a\75\62\57\56\75\64\44\45\4d\4d\41\6f\47\41\31\55\45\43\78\4d\44\52\47\39\45\4d\51\77\77\43\67\59\44\56\51\51\4c\45\77\4e\51\53\30\6b\78\44\44\41\4b\42\67\4e\56\42\41\73\54\41\31\56\54\54\6a\45\69\4d\43\41\47\41\31\55\45\41\78\4d\5a\55\30\78\42\51\30\73\75\55\31\52\42\51\30\56\5a\4c\6b\6f\75\4d\54\41\7a\4e\54\51\33\4d\6a\45\34\4d\54\43\42\6e\7a\41\4e\42\67\6b\71\68\6b\69\47\39\77\30\42\41\51\45\46\41\41\4f\42\6a\51\41\77\67\59\6b\43\67\59\45\41\6e\6d\61\34\49\5a\6f\62\55\4c\52\77\72\44\74\6f\34\4f\2f\55\6d\58\58\56\74\57\31\4d\44\75\59\68\6f\6f\6f\37\2f\35\48\36\4f\2b\39\57\56\57\49\48\4d\4b\4e\57\2b\54\76\6f\6e\6c\69\65\7a\59\45\2f\4e\33\56\77\48\47\38\49\46\4a\72\6e\6a\7a\48\6a\74\72\6d\44\2f\69\59\69\2b\6b\6c\33\6a\7a\35\55\51\6d\61\53\2f\46\31\66\44\69\50\32\2f\47\39\68\45\68\63\35\51\50\36\5a\43\70\6a\57\55\6a\66\2f\30\6d\30\4e\6a\77\46\69\41\78\4c\47\57\4e\51\56\39\6f\42\71\68\57\55\2b\66\77\42\78\44\34\67\47\4d\57\52\77\7a\47\72\62\56\4b\38\43\41\77\45\41\41\61\4f\43\41\5a\6f\77\67\67\47\57\4d\41\34\47\41\31\55\64\44\77\45\42\2f\77\51\45\41\77\49\47\77\44\41\66\42\67\4e\56\48\53\4d\45\47\44\41\57\67\42\51\48\34\
55\48\47\67\51\74\68\53\44\53\50\53\6e\77\79\69\6e\42\37\55\67\44\34\4d\7a\41\64\42\67\4e\56\48\51\34\45\46\67\51\55\61\36\63\4f\39\4c\79\4f\67\46\75\5a\68\61\77\32\53\2b\43\4b\59\68\38\57\36\4e\49\77\46\67\59\44\56\52\30\67\42\41\38\77\44\54\41\4c\42\67\6c\67\68\6b\67\42\5a\51\49\42\43\77\6b\77\66\67\59\44\56\52\30\53\42\48\63\77\64\59\5a\7a\62\47\52\68\63\44\6f\76\4c\32\52\7a\4c\54\4d\75\59\7a\4e\77\61\32\6b\75\59\32\68\68\62\57\49\75\5a\47\6c\7a\59\53\35\74\61\57\77\76\59\32\34\6c\4d\32\52\45\54\30\51\6c\4d\6a\42\44\54\45\46\54\55\79\55\79\4d\44\4d\6c\4d\6a\42\44\51\53\30\7a\4a\54\4a\6a\62\33\55\6c\4d\32\52\51\53\30\6b\6c\4d\6d\4e\76\64\53\55\7a\5a\45\52\76\52\43\55\79\59\32\38\6c\4d\32\52\56\4c\6c\4d\75\4a\54\49\77\52\32\39\32\5a\58\4a\75\62\57\56\75\64\43\55\79\59\32\4d\6c\4d\32\52\56\55\7a\43\42\71\77\59\44\56\52\30\66\42\49\47\6a\4d\49\47\67\4d\49\47\64\6f\49\47\61\6f\49\47\58\68\6f\47\55\62\47\52\68\63\44\6f\76\4c\32\52\7a\4c\54\4d\75\59\7a\4e\77\61\32\6b\75\59\32\68\68\62\57\49\75\5a\47\6c\7a\59\53\35\74\61\57\77\76\59\32\34\6c\4d\32\52\45\54\30\51\6c\4d\6a\42\44\54\45\46\54\55\79\55\79\4d\44\4d\6c\4d\6a\42\44\51\53\30\7a\4a\54\4a\6a\62\33\55\6c\4d\32\52\51\53\30\6b\6c\4d\6d\4e\76\64\53\55\7a\5a\45\52\76\52\43\55\79\59\32\38\6c\4d\32\52\56\4c\6c\4d\75\4a\54\49\77\52\32\39\32\5a\58\4a\75\62\57\56\75\64\43\55\79\59\32\4d\6c\4d\32\52\56\55\7a\39\6a\5a\58\4a\30\61\57\5a\70\59\32\46\30\5a\58\4a\6c\64\6d\39\6a\59\58\52\70\62\32\35\73\61\58\4e\30\4f\32\4a\70\62\6d\46\79\65\54\41\4e\42\67\6b\71\68\6b\69\47\39\77\30\42\41\51\55\46\41\41\4f\42\67\51\42\35\61\4c\76\33\4a\6a\61\41\62\2b\65\49\4f\72\57\33\6e\69\58\73\39\36\6e\61\6d\62\6a\44\71\31\49\62\57\4b\35\35\59\56\63\70\43\42\67\44\32\66\59\61\73\53\6c\45\6d\6e\74\37\79\6b\51\6c\59\57\38\77\6f\52\4f\52\61\4b\76\39\45\52\70\54\63\66\63\67\34\6f\64\69\39\56\62\74\7a\49\79\7a\59\48\56\79\59\35\44\55\4c\75\61\45\68\71\4e\69\4b\43\6e\6a\71\57\58\50\65\4d\48\6d\74\44\32\48\36\6e\42\69\44\41\6f\36\74\66\79\69\74\4c\35\45\2b\4e\55\68\7a\2b\52\69\67\71\37\78\54\35\67\30
\4a\71\6f\31\67\58\71\31\6a\4a\46\64\43\77\3d\3d)"
> > 
> > ./ldapsearch -p 9090 -D "cn=directory manager" -w secret12 -b "ou=people, dc=example, dc=com" "(usercertificate=\4d\49\49\44\35\7a\43\43\41\31\43\67\41\77\49\42\41\67\49\44\41\49\46\35\4d\41\30\47\43\53\71\47\53\49\62\33\44\51\45\42\42\51\55\41\4d\46\34\78\43\7a\41\4a\42\67\4e\56\42\41\59\54\41\6c\56\54\4d\52\67\77\46\67\59\44\56\51\51\4b\45\77\39\56\4c\6c\4d\75\49\45\64\76\64\6d\56\79\62\6d\31\6c\62\6e\51\78\44\44\41\4b\42\67\4e\56\42\41\73\54\41\30\52\76\52\44\45\4d\4d\41\6f\47\41\31\55\45\43\78\4d\44\55\45\74\4a\4d\52\6b\77\46\77\59\44\56\51\51\44\45\78\42\45\54\30\51\67\51\30\78\42\55\31\4d\67\4d\79\42\44\51\53\30\7a\4d\42\34\58\44\54\41\78\4d\54\45\78\4e\44\41\77\4d\44\41\77\4d\46\6f\58\44\54\41\30\4d\54\45\78\4d\7a\41\77\4d\44\41\77\4d\46\6f\77\64\54\45\4c\4d\41\6b\47\41\31\55\45\42\68\4d\43\56\56\4d\78\47\44\41\57\42\67\4e\56\42\41\6f\54\44\31\55\75\55\79\34\67\52\32\39\32\5a\58\4a\75\62\57\56\75\64\44\45\4d\4d\41\6f\47\41\31\55\45\43\78\4d\44\52\47\39\45\4d\51\77\77\43\67\59\44\56\51\51\4c\45\77\4e\51\53\30\6b\78\44\44\41\4b\42\67\4e\56\42\41\73\54\41\31\56\54\54\6a\45\69\4d\43\41\47\41\31\55\45\41\78\4d\5a\55\30\78\42\51\30\73\75\55\31\52\42\51\30\56\5a\4c\6b\6f\75\4d\54\41\7a\4e\54\51\33\4d\6a\45\34\4d\54\43\42\6e\7a\41\4e\42\67\6b\71\68\6b\69\47\39\77\30\42\41\51\45\46\41\41\4f\42\6a\51\41\77\67\59\6b\43\67\59\45\41\6e\6d\61\34\49\5a\6f\62\55\4c\52\77\72\44\74\6f\34\4f\2f\55\6d\58\58\56\74\57\31\4d\44\75\59\68\6f\6f\6f\37\2f\35\48\36\4f\2b\39\57\56\57\49\48\4d\4b\4e\57\2b\54\76\6f\6e\6c\69\65\7a\59\45\2f\4e\33\56\77\48\47\38\49\46\4a\72\6e\6a\7a\48\6a\74\72\6d\44\2f\69\59\69\2b\6b\6c\33\6a\7a\35\55\51\6d\61\53\2f\46\31\66\44\69\50\32\2f\47\39\68\45\68\63\35\51\50\36\5a\43\70\6a\57\55\6a\66\2f\30\6d\30\4e\6a\77\46\69\41\78\4c\47\57\4e\51\56\39\6f\42\71\68\57\55\2b\66\77\42\78\44\34\67\47\4d\57\52\77\7a\47\72\62\56\4b\38\43\41\77\45\41\41\61\4f\43\41\5a\6f\77\67\67\47\57\4d\41\34\47\41\31\55\64\44\77\45\42\2f\77\51\45\41\77\49\47\77\44\41\66\42\67\4e\56\48\53\4d\45\47\44\41\57\67\42\51\48\34\55\48\47
\67\51\74\68\53\44\53\50\53\6e\77\79\69\6e\42\37\55\67\44\34\4d\7a\41\64\42\67\4e\56\48\51\34\45\46\67\51\55\61\36\63\4f\39\4c\79\4f\67\46\75\5a\68\61\77\32\53\2b\43\4b\59\68\38\57\36\4e\49\77\46\67\59\44\56\52\30\67\42\41\38\77\44\54\41\4c\42\67\6c\67\68\6b\67\42\5a\51\49\42\43\77\6b\77\66\67\59\44\56\52\30\53\42\48\63\77\64\59\5a\7a\62\47\52\68\63\44\6f\76\4c\32\52\7a\4c\54\4d\75\59\7a\4e\77\61\32\6b\75\59\32\68\68\62\57\49\75\5a\47\6c\7a\59\53\35\74\61\57\77\76\59\32\34\6c\4d\32\52\45\54\30\51\6c\4d\6a\42\44\54\45\46\54\55\79\55\79\4d\44\4d\6c\4d\6a\42\44\51\53\30\7a\4a\54\4a\6a\62\33\55\6c\4d\32\52\51\53\30\6b\6c\4d\6d\4e\76\64\53\55\7a\5a\45\52\76\52\43\55\79\59\32\38\6c\4d\32\52\56\4c\6c\4d\75\4a\54\49\77\52\32\39\32\5a\58\4a\75\62\57\56\75\64\43\55\79\59\32\4d\6c\4d\32\52\56\55\7a\43\42\71\77\59\44\56\52\30\66\42\49\47\6a\4d\49\47\67\4d\49\47\64\6f\49\47\61\6f\49\47\58\68\6f\47\55\62\47\52\68\63\44\6f\76\4c\32\52\7a\4c\54\4d\75\59\7a\4e\77\61\32\6b\75\59\32\68\68\62\57\49\75\5a\47\6c\7a\59\53\35\74\61\57\77\76\59\32\34\6c\4d\32\52\45\54\30\51\6c\4d\6a\42\44\54\45\46\54\55\79\55\79\4d\44\4d\6c\4d\6a\42\44\51\53\30\7a\4a\54\4a\6a\62\33\55\6c\4d\32\52\51\53\30\6b\6c\4d\6d\4e\76\64\53\55\7a\5a\45\52\76\52\43\55\79\59\32\38\6c\4d\32\52\56\4c\6c\4d\75\4a\54\49\77\52\32\39\32\5a\58\4a\75\62\57\56\75\64\43\55\79\59\32\4d\6c\4d\32\52\56\55\7a\39\6a\5a\58\4a\30\61\57\5a\70\59\32\46\30\5a\58\4a\6c\64\6d\39\6a\59\58\52\70\62\32\35\73\61\58\4e\30\4f\32\4a\70\62\6d\46\79\65\54\41\4e\42\67\6b\71\68\6b\69\47\39\77\30\42\41\51\55\46\41\41\4f\42\67\51\42\35\61\4c\76\33\4a\6a\61\41\62\2b\65\49\4f\72\57\33\6e\69\58\73\39\36\6e\61\6d\62\6a\44\71\31\49\62\57\4b\35\35\59\56\63\70\43\42\67\44\32\66\59\61\73\53\6c\45\6d\6e\74\37\79\6b\51\6c\59\57\38\77\6f\52\4f\52\61\4b\76\39\45\52\70\54\63\66\63\67\34\6f\64\69\39\56\62\74\7a\49\79\7a\59\48\56\79\59\35\44\55\4c\75\61\45\68\71\4e\69\4b\43\6e\6a\71\57\58\50\65\4d\48\6d\74\44\32\48\36\6e\42\69\44\41\6f\36\74\66\79\69\74\4c\35\45\2b\4e\55\68\7a\2b\52\69\67\71\37\78\54\35\67\30\4a\71\6
f\31\67\58\71\31\6a\4a\46\64\43\77\3d\3d)"
> > 
> > 
> > 
> > 
> > On Thu, Jun 13, 2019 at 6:50 PM William Brown <wbrown@xxxxxxx> wrote:
> > I'm sorry, you didn't answer my questions .... can you answer the below questions, exactly and precisely, else I can't help you :( 
> > 
> > > 
> > > * WHAT is the test you are creating? What does it test? How? What steps from start to finish? Please list this exactly.
> > > * Use SSCA to make the user cert - it creates pem and der copies
> > > * Have you looked at: https://pagure.io/389-ds-base/blob/master/f/src/lib389/lib389/idm/account.py#_103
> > > 
> > > Till this point all ok . But not ok .  Its giving error . 
> > > (Pdb) Account(standalone, 'uid=testuser,ou=People,dc=example,dc=com').enroll_certificate(tls_locs['crt_der_path'])
> > > *** NameError: name 'ds_is_older' is not defined
> > > 
> > > Or 
> > > 
> > > (Pdb) users.list()[0].enroll_certificate(tls_locs['crt_der_path'])
> > > *** NameError: name 'ds_is_older' is not defined
> > > 
> > > Is there a problem with account.py file . 
> > > 
> > > https://pagure.io/389-ds-base/blob/master/f/src/lib389/lib389/idm/account.py
> > > It did not import >>>>   from lib389.utils import (ds_is_older) 
> > > 
> > > 
> > > Any way after using SSCA we have got the user with userCertificate field .
> > > 
> > > (Pdb) Account(standalone, 'uid=testuser,ou=People,dc=example,dc=com')._unsafe_raw_entry()
> > > dn: uid=testuser,ou=People,dc=example,dc=com
> > > cn: testuser
> > > gidNumber: 2000
> > > homeDirectory: /home/testuser
> > > objectClass: top
> > > objectClass: account
> > > objectClass: posixaccount
> > > objectClass: inetOrgPerson
> > > objectClass: organizationalPerson
> > > objectClass: nsMemberOf
> > > objectClass: nsAccount
> > > objectClass: person
> > > sn: user
> > > uid: testuser
> > > uidNumber: 1000
> > > userCertificate;binary:: MIIFcjCCA1qgAwIBAgIFALFmh3wwDQYJKoZIhvcNAQELBQAwZTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxDjAMBgNVBAcTBTM4OWRzMRAwDgYDVQQKEwd0ZXN0aW5nMR8wHQYDVQQDExZzc2NhLjM4OWRzLmV4YW1wbGUuY29tMB4XDTE5MDYxMzEzMDkwM1oXDTIxMDYxMzEzMDkwM1owVzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxDjAMBgNVBAcTBTM4OWRzMRAwDgYDVQQKEwd0ZXN0aW5nMREwDwYDVQQDEwh0ZXN0dXNlcjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALUUafcfMOhoY+8C3L/IYPlaxex2BcYqbTbD+FWonRlp4pE1CdZbk/2jdzkndBVMl4iTF2L0+y3SyNOsG8Lonbdhxz5bxwhzhDpTBD3wLbFlF5r9fe5VR7KfbhvLUSPpfra+UfhiFzgRPkyItUi6KFvcc9Zt2toXBydRaef0yjwI2yv/ileelrCeFKDtUNPAjXnHnqXH/aqpm3cYYy0KWqxSeKe4ET8ymkffJs2Tsomd7ofgcwWtce5bdMxtbhc2sRIbbbdQRIf0mXromkXftAXjTZb9gUAsNESfuRwulY1vkyY5LRhUvDuufxMrEnooJ5t7a6oOsGGrsyQddOWJMPEakuJbMpC/IonMkJdF6oNnfWdruFqBcfP1pBxjiNz1ZFbE/XudBEEuHHRh8wrR5uljH3Y+AUTUUuhVm7Yiuo23B041C1lggVNXpeCxkcYwJDEvJfTzXKOrgL0Pk36u4FhnsXFfzcWJuiOSNdeiBtSOc68g3YmMZyfjCAXPk77TEqrm8KdwBKLg90nnyjEjYqquMMIPzCJVoyH0ckmzA/W8ClQ4VEHav6wmcLjH3tE6eJofl9cLTUL
> > >  6Yfuxijf6AFGkcAfhXtblLiB3jeKiqjC91gqWh+bbXRFIEx50LoColCo55mUAmbse4z/RNSFfCG6JViWDrRiTy8LiDgGfDj2tAgMBAAGjNzA1MBEGCWCGSAGG+EIBAQQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCBPAwDQYJKoZIhvcNAQELBQADggIBAEpq9ZWRdpXTFzYtY++vbZZyQ+EDAyIj34jKzmCsXvnT6LIfu6K1dYZl83bhLKriurFmQijZb98JVCT+i7LpICb6lVcNU9Jz9CtWf9cWTvpqXPlHRgS+qxGH96vIQ4PDPzcI7HhhPlz7THtuPY1jFdF/vY8nbNdWRrWymrCYxk27c7a1g5crixPwggs1Kv3Oy045Xyv5c9KfA511IEC/DGWwUyOVx6l7gYQXVTnWGqwF+JfLoZvWlqPdkoH7N3dHPdmZQsG9ZEghjslE2SbaUp2XpvyhU6XYa8q9NFMCnm2E07Jm7R/Spah/gl0YiscG6FMtI3EISagQb5vxIJT9UjnYfj9y7Mu/U31wQEos9plJHxMtFZBjbumrFxziCIhNLzTgzX77CnBwIdA69fU5YyRJLLge2uO6zJBbAHKyz+FGbz+lA+oLFMSYPA1McRagRpe5FdhFoajrwSe6NIErhyMfhgGLHr7OQTznRlkqafamsbnxa2f4HzVlMAw1j5CD4uCeJHKpAvRMb1BUYxXyyYrw8W0uFa5yuIa0TzK12gz6/AgxXKOAsH/WHGd9ial4hG9c746D/KMyqERszb0bRRs4ncMnJtXFov41/jd1btm6+Vs9FpnQKPJ27zMbG2S63NQ1V++M6EbggR7cQbFBErzsOt1Jp3sIssuE06hpsteB
> > > 
> > > 
> > > Now i want to filter that user with filter.
> > > 
> > > (Pdb) crt = open('/etc/dirsrv/slapd-standalone1/user-testuser.der', 'rb').read()
> > > (Pdb) crt
> > > b'0\x82\x05r0\x82\x03Z\xa0\x03\x02\x01\x02\x02\x05\x00\xb1f\x87|0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000e1\x0b0\t\x06\x03U\x04\x06\x13\x02AU1\x130\x11\x06\x03U\x04\x08\x13\nQueensland1\x0e0\x0c\x06\x03U\x04\x07\x13\x05389ds1\x100\x0e\x06\x03U\x04\n\x13\x07testing1\x1f0\x1d\x06\x03U\x04\x03\x13\x16ssca.389ds.example.com0\x1e\x17\r190613130903Z\x17\r210613130903Z0W1\x0b0\t\x06\x03U\x04\x06\x13\x02AU1\x130\x11\x06\x03U\x04\x08\x13\nQueensland1\x0e0\x0c\x06\x03U\x04\x07\x13\x05389ds1\x100\x0e\x06\x03U\x04\n\x13\x07testing1\x110\x0f\x06\x03U\x04\x03\x13\x08testuser0\x82\x02"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x02\x0f\x000\x82\x02\n\x02\x82\x02\x01\x00\xb5\x14i\xf7\x1f0\xe8hc\xef\x02\xdc\xbf\xc8`\xf9Z\xc5\xecv\x05\xc6*m6\xc3\xf8U\xa8\x9d\x19i\xe2\x915\t\xd6[\x93\xfd\xa3w9\'t\x15L\x97\x88\x93\x17b\xf4\xfb-\xd2\xc8\xd3\xac\x1b\xc2\xe8\x9d\xb7a\xc7>[\xc7\x08s\x84:S\x04=\xf0-\xb1e\x17\x9a\xfd}\xeeUG\xb2\x9fn\x1b\xcbQ#\xe9~\xb6\xbeQ\xf8b\x178\x11>L\x88\xb5H\xba([\xdcs\xd6m\xda\xda\x17\x07\'Qi\xe7\xf4\xca<\x08\xdb+\xff\x8aW\x9e\x96\xb0\x9e\x14\xa0\xedP\xd3\xc0\x8dy\xc7\x9e\xa5\xc7\xfd\xaa\xa9\x9bw\x18c-\nZ\xacRx\xa7\xb8\x11?2\x9aG\xdf&\xcd\x93\xb2\x89\x9d\xee\x87\xe0s\x05\xadq\xee[t\xccmn\x176\xb1\x12\x1bm\xb7PD\x87\xf4\x99z\xe8\x9aE\xdf\xb4\x05\xe3M\x96\xfd\x81@,4D\x9f\xb9\x1c.\x95\x8do\x93&9-\x18T\xbc;\xae\x7f\x13+\x12z(\'\x9b{k\xaa\x0e\xb0a\xab\xb3$\x1dt\xe5\x890\xf1\x1a\x92\xe2[2\x90\xbf"\x89\xcc\x90\x97E\xea\x83g}gk\xb8Z\x81q\xf3\xf5\xa4\x1cc\x88\xdc\xf5dV\xc4\xfd{\x9d\x04A.\x1cta\xf3\n\xd1\xe6\xe9c\x1fv>\x01D\xd4R\xe8U\x9b\xb6"\xba\x8d\xb7\x07N5\x0bY`\x81SW\xa5\xe0\xb1\x91\xc60$1/%\xf4\xf3\\\xa3\xab\x80\xbd\x0f\x93~\xae\xe0Xg\xb1q_\xcd\xc5\x89\xba#\x925\xd7\xa2\x06\xd4\x8es\xaf \xdd\x89\x8cg\'\xe3\x08\x05\xcf\x93\xbe\xd3\x12\xaa\xe6\xf0\xa7p\x04\xa2\xe0\xf7I\xe7\xca1#b\xaa\xae0\xc2\x0f\xcc"U\xa3!\xf4rI\xb3\x03\xf5\xbc\nT8TA\xda\xbf\xac&p\xb8\xc7\xde\xd1:x\x9a\x1f\x97\xd7\x0bMB\xfaa\xfb\xb1\x8a7\xfa\x00Q\xa4p\x07\xe1^\xd6\xe5. w\x8d\xe2\xa2\xaa0\xbd\xd6\n\x96\x87\xe6\xdb]\x11H\x13\x1et.\x80
\xa8\x94*9\xe6e\x00\x99\xbb\x1e\xe3?\xd15!_\x08n\x89V%\x83\xad\x18\x93\xcb\xc2\xe2\x0e\x01\x9f\x0e=\xad\x02\x03\x01\x00\x01\xa37050\x11\x06\t`\x86H\x01\x86\xf8B\x01\x01\x04\x04\x03\x02\x07\x800\x13\x06\x03U\x1d%\x04\x0c0\n\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x0b\x06\x03U\x1d\x0f\x04\x04\x03\x02\x04\xf00\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x02\x01\x00Jj\xf5\x95\x91v\x95\xd3\x176-c\xef\xafm\x96rC\xe1\x03\x03"#\xdf\x88\xca\xce`\xac^\xf9\xd3\xe8\xb2\x1f\xbb\xa2\xb5u\x86e\xf3v\xe1,\xaa\xe2\xba\xb1fB(\xd9o\xdf\tT$\xfe\x8b\xb2\xe9 &\xfa\x95W\rS\xd2s\xf4+V\x7f\xd7\x16N\xfaj\\\xf9GF\x04\xbe\xab\x11\x87\xf7\xab\xc8C\x83\xc3?7\x08\xecxa>\\\xfbL{n=\x8dc\x15\xd1\x7f\xbd\x8f\'l\xd7VF\xb5\xb2\x9a\xb0\x98\xc6M\xbbs\xb6\xb5\x83\x97+\x8b\x13\xf0\x82\x0b5*\xfd\xce\xcbN9_+\xf9s\xd2\x9f\x03\x9du @\xbf\x0ce\xb0S#\x95\xc7\xa9{\x81\x84\x17U9\xd6\x1a\xac\x05\xf8\x97\xcb\xa1\x9b\xd6\x96\xa3\xdd\x92\x81\xfb7wG=\xd9\x99B\xc1\xbddH!\x8e\xc9D\xd9&\xdaR\x9d\x97\xa6\xfc\xa1S\xa5\xd8k\xca\xbd4S\x02\x9em\x84\xd3\xb2f\xed\x1f\xd2\xa5\xa8\x7f\x82]\x18\x8a\xc7\x06\xe8S-#q\x08I\xa8\x10o\x9b\xf1 \x94\xfdR9\xd8~?r\xec\xcb\xbfS}p@J,\xf6\x99I\x1f\x13-\x15\x90cn\xe9\xab\x17\x1c\xe2\x08\x88M/4\xe0\xcd~\xfb\npp!\xd0:\xf5\xf59c$I,\xb8\x1e\xda\xe3\xba\xcc\x90[\x00r\xb2\xcf\xe1Fo?\xa5\x03\xea\x0b\x14\xc4\x98<\rLq\x16\xa0F\x97\xb9\x15\xd8E\xa1\xa8\xeb\xc1\'\xba4\x81+\x87#\x1f\x86\x01\x8b\x1e\xbe\xceA<\xe7FY*i\xf6\xa6\xb1\xb9\xf1kg\xf8\x1f5e0\x0c5\x8f\x90\x83\xe2\xe0\x9e$r\xa9\x02\xf4LoPTc\x15\xf2\xc9\x8a\xf0\xf1m.\x15\xaer\xb8\x86\xb4O2\xb5\xda\x0c\xfa\xfc\x081\\\xa3\x80\xb0\x7f\xd6\x1cg}\x89\xa9x\x84o\\\xef\x8e\x83\xfc\xa32\xa8Dl\xcd\xbd\x1bE\x1b8\x9d\xc3\'&\xd5\xc5\xa2\xfe5\xfe7un\xd9\xba\xf9[=\x16\x99\xd0(\xf2v\xef3\x1b\x1bd\xba\xdc\xd45W\xef\x8c\xe8F\xe0\x81\x1e\xdcA\xb1A\x12\xbc\xec:\xddI\xa7{\x08\xb2\xcb\x84\xd3\xa8i\xb2\xd7\x81'
> > > 
> > > 
> > > (Pdb) Accounts(standalone, DEFAULT_SUFFIX).filter(f"(userCertificate={crt})")
> > > *** ldap.FILTER_ERROR: {'desc': 'Bad search filter', 'errno': 2, 'info': 'No such file or directory'}
> > > 
> > > And finally .
> > > Accounts(standalone, DEFAULT_SUFFIX).filter(f"(userCertificate={escape_bytes(crt)})")  >>> escape_bytes(this is function i want to put in utils.py)
> > > 
> > > 
> > > 
> > > Regards
> > > Anuj Borah
> > > 
> > > 
> > > 
> > > * Consider checking: https://pagure.io/389-ds-base/pull-request/49579#request_diff we can likely pull out the python from this branch and commit to master as it adds a lot of TLS support.
> > > 
> > > Thanks
> > > 
> > > —
> > > Sincerely,
> > > 
> > > William Brown
> > > 
> > > Senior Software Engineer, 389 Directory Server
> > > SUSE Labs
> > > 
> > 
> > —
> > Sincerely,
> > 
> > William Brown
> > 
> > Senior Software Engineer, 389 Directory Server
> > SUSE Labs
> > 
> 
> —
> Sincerely,
> 
> William Brown
> 
> Senior Software Engineer, 389 Directory Server
> SUSE Labs
> 

—
Sincerely,

William Brown

Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-devel mailing list -- 389-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-devel@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Directory Announce]     [Fedora Users]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora Art]     [Fedora Music]     [Fedora Packaging]     [CentOS]     [Fedora SELinux]     [Big List of Linux Books]     [KDE Users]     [Fedora Art]     [Fedora Docs]

  Powered by Linux