Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| e8a23e0ede | |||
| 125eea5afc |
65
debian/changelog
vendored
65
debian/changelog
vendored
@ -1,65 +0,0 @@
|
||||
ldaptool (0.6-1) unstable; urgency=medium
|
||||
|
||||
* move --json to --full_json; remove --human JSON output, replace with --json, but don't merge multiple values - use list instead
|
||||
* run ./fmt.sh to fix lint
|
||||
|
||||
-- Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de> Thu, 11 May 2023 17:30:04 +0200
|
||||
|
||||
ldaptool (0.5-1) unstable; urgency=medium
|
||||
|
||||
[ Daniel Dizdarevic ]
|
||||
* :Fix version requirement for python3.10
|
||||
|
||||
[ Stefan Bühler ]
|
||||
* handle missing KeePass entry
|
||||
|
||||
[ Daniel Dizdarevic ]
|
||||
* Catch invalid passwords in keepass
|
||||
* Catch CTRL+C and CTRL+D in password prompts
|
||||
|
||||
[ Stefan Bühler ]
|
||||
* improve some error messages
|
||||
* improve config loading: don't modify dicts to allow yaml repeated nodes
|
||||
* add argument to postprocess steps and support index/slicing in DN-related hooks; document them
|
||||
* decode securityIdentifier attribute as SID
|
||||
|
||||
-- Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de> Wed, 10 May 2023 19:53:51 +0200
|
||||
|
||||
ldaptool (0.4-1) unstable; urgency=medium
|
||||
|
||||
* move argument/column handling to decoder (prepare for more post-processing in decoder)
|
||||
* move json output format handling to main tool from decoder
|
||||
* support attribute post-processing; :<len>, and DN :domain, :path, :fullpath
|
||||
* use Enum instead of StrEnum for python3.10
|
||||
|
||||
-- Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de> Tue, 02 May 2023 16:54:00 +0200
|
||||
|
||||
ldaptool (0.3-1) unstable; urgency=medium
|
||||
|
||||
* ldaptool: move output arguments from search to main
|
||||
* run sort internally, refactor table output into separate method
|
||||
* refactor table variant handling
|
||||
* add html output format
|
||||
* README.md: document csvkit dependency
|
||||
* debian: require csvkit (markdown table is an essential feature)
|
||||
|
||||
-- Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de> Fri, 28 Apr 2023 19:31:37 +0200
|
||||
|
||||
ldaptool (0.2-1) unstable; urgency=medium
|
||||
|
||||
* README.md: fix typo
|
||||
* enable tls unless kerberos is used (SASL GSS-API doesn't seem to work over TLS)
|
||||
|
||||
-- Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de> Fri, 28 Apr 2023 17:21:35 +0200
|
||||
|
||||
ldaptool (0.1-1) unstable; urgency=medium
|
||||
|
||||
* Initial release.
|
||||
|
||||
-- Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de> Fri, 28 Apr 2023 12:09:30 +0200
|
||||
|
||||
ldaptool (0.1-0) unstable; urgency=medium
|
||||
|
||||
* Stub ITP lintian.
|
||||
|
||||
-- Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de> Fri, 28 Apr 2023 12:09:29 +0200
|
||||
43
debian/control
vendored
43
debian/control
vendored
@ -1,43 +0,0 @@
|
||||
Source: ldaptool
|
||||
Section: net
|
||||
Priority: optional
|
||||
Maintainer: Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de>
|
||||
Rules-Requires-Root: no
|
||||
Build-Depends:
|
||||
debhelper-compat (= 13),
|
||||
pybuild-plugin-pyproject,
|
||||
flit,
|
||||
dh-sequence-python3,
|
||||
python3,
|
||||
python3-ldap,
|
||||
python3-yaml,
|
||||
python3-pykeepass,
|
||||
#Testsuite: autopkgtest-pkg-python
|
||||
Standards-Version: 4.6.2
|
||||
Homepage: https://git-nks-public.tik.uni-stuttgart.de/net/ldaptool
|
||||
|
||||
Package: python3-ldaptool
|
||||
Architecture: all
|
||||
Depends:
|
||||
${python3:Depends},
|
||||
${misc:Depends},
|
||||
Recommends:
|
||||
python3-pykeepass,
|
||||
Description: CLI tool to run ldap queries
|
||||
CLI tool to query LDAP/AD servers, featuring various output formats
|
||||
and a configuration for different realms.
|
||||
.
|
||||
This package installs the library for Python 3.
|
||||
|
||||
Package: ldaptool
|
||||
Architecture: all
|
||||
Depends:
|
||||
python3-ldaptool (=${binary:Version}),
|
||||
${python3:Depends},
|
||||
${misc:Depends},
|
||||
csvkit,
|
||||
Description: CLI tool to run ldap queries
|
||||
CLI tool to query LDAP/AD servers, featuring various output formats
|
||||
and a configuration for different realms.
|
||||
.
|
||||
This package installs the script.
|
||||
27
debian/copyright
vendored
27
debian/copyright
vendored
@ -1,27 +0,0 @@
|
||||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Source: <https://git-nks-public.tik.uni-stuttgart.de/net/ldaptool>
|
||||
Upstream-Name: ldaptool
|
||||
|
||||
Files:
|
||||
*
|
||||
Copyright:
|
||||
2023 Stefan Bühler <stefan.buehler@tik.uni-stuttgart.de>
|
||||
2023 Daniel Dizdarevic <daniel.dizdarevic@tik.uni-stuttgart.de>
|
||||
License: MIT
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
.
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
.
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
5
debian/gbp.conf
vendored
5
debian/gbp.conf
vendored
@ -1,5 +0,0 @@
|
||||
[DEFAULT]
|
||||
pristine-tar = False
|
||||
upstream-branch = main
|
||||
debian-branch = debian
|
||||
upstream-tag = ldaptool-%(version)s
|
||||
13
debian/rules
vendored
13
debian/rules
vendored
@ -1,13 +0,0 @@
|
||||
#!/usr/bin/make -f
|
||||
|
||||
export PYBUILD_NAME=ldaptool
|
||||
|
||||
%:
|
||||
dh $@ --buildsystem=pybuild
|
||||
|
||||
# we want /usr/bin/ldaptool in a separate package
|
||||
override_dh_auto_install:
|
||||
dh_auto_install
|
||||
|
||||
mkdir -p debian/ldaptool/usr
|
||||
mv debian/python3-ldaptool/usr/bin debian/ldaptool/usr/
|
||||
1
debian/source/format
vendored
1
debian/source/format
vendored
@ -1 +0,0 @@
|
||||
3.0 (quilt)
|
||||
1
debian/source/options
vendored
1
debian/source/options
vendored
@ -1 +0,0 @@
|
||||
extend-diff-ignore = "^[^/]*[.]egg-info/|^[.]vscode|/__pycache__/|^venv/|^.mypy_cache/"
|
||||
@ -100,6 +100,13 @@ class Attribute:
|
||||
except Exception:
|
||||
return
|
||||
|
||||
def _try_decode_grouptype(self) -> None:
|
||||
if self.utf8_clean:
|
||||
try:
|
||||
self.decoded = _types.grouptype.parse(self.utf8_clean.strip())
|
||||
except Exception:
|
||||
return
|
||||
|
||||
def _try_decode(self, args: Arguments) -> None:
|
||||
if self.name in ("objectSid", "securityIdentifier"):
|
||||
self._try_decode_sid()
|
||||
@ -115,6 +122,8 @@ class Attribute:
|
||||
self._try_decode_timestamp(args)
|
||||
elif self.name == "userAccountControl":
|
||||
self._try_decode_uac()
|
||||
elif self.name == "groupType":
|
||||
self._try_decode_grouptype()
|
||||
|
||||
@property
|
||||
def _base64_value(self) -> str:
|
||||
@ -190,13 +199,19 @@ class Decoder:
|
||||
return decoded_entry
|
||||
|
||||
def human(self, *, dn: str, obj: TDecoded) -> dict[str, str]:
|
||||
emit: dict[str, typing.Any] = dict(dn=dn)
|
||||
for name, attrs in obj.items():
|
||||
emit[name] = self.arguments.human_separator.join(attr.human() for attr in attrs)
|
||||
return emit
|
||||
|
||||
def simple_json(self, *, dn: str, obj: TDecoded) -> dict[str, str]:
|
||||
emit: dict[str, typing.Any] = dict(dn=dn)
|
||||
for name, attrs in obj.items():
|
||||
emit[name] = [attr.human() for attr in attrs]
|
||||
return emit
|
||||
|
||||
def emit_simple_json(self, *, dn: str, obj: TDecoded, file: typing.IO[str] = sys.stdout) -> None:
|
||||
emit = self.human(dn=dn, obj=obj)
|
||||
emit = self.simple_json(dn=dn, obj=obj)
|
||||
json.dump(emit, file, ensure_ascii=False)
|
||||
print(file=file) # terminate output dicts by newline
|
||||
|
||||
|
||||
@ -1,8 +1,9 @@
|
||||
from __future__ import annotations
|
||||
|
||||
from . import sid, timestamp, uac
|
||||
from . import grouptype, sid, timestamp, uac
|
||||
|
||||
__all__ = [
|
||||
"grouptype",
|
||||
"sid",
|
||||
"timestamp",
|
||||
"uac",
|
||||
|
||||
29
src/ldaptool/decode/_types/grouptype.py
Normal file
29
src/ldaptool/decode/_types/grouptype.py
Normal file
@ -0,0 +1,29 @@
|
||||
from __future__ import annotations
|
||||
|
||||
import enum
|
||||
import typing
|
||||
|
||||
|
||||
class GroupTypeFlags(enum.IntFlag):
|
||||
SYSTEM = 0x00000001
|
||||
SCOPE_GLOBAL = 0x00000002
|
||||
SCOPE_DOMAIN = 0x00000004
|
||||
SCOPE_UNIVERSAL = 0x00000008
|
||||
APP_BASIC = 0x00000010
|
||||
APP_QUERY = 0x00000020
|
||||
SECURITY = 0x80000000 # otherwise distribution
|
||||
|
||||
def flags(self) -> list[GroupTypeFlags]:
|
||||
# ignore "uncovered" bits for now
|
||||
value = self.value
|
||||
members = []
|
||||
for member in GroupTypeFlags:
|
||||
member_value = member.value
|
||||
if member_value and member_value & value == member_value:
|
||||
members.append(member)
|
||||
return members
|
||||
|
||||
|
||||
def parse(value: str) -> str:
|
||||
members = GroupTypeFlags(int(value)).flags()
|
||||
return ", ".join(typing.cast(str, member.name) for member in members)
|
||||
Loading…
Reference in New Issue
Block a user