[Twisted-Python] ldaptor problem with STARTTLS and python 3
Dear all, I am experiencing an error when trying to use the quick usage example posted on the ldaptor github page https://github.com/twisted/ldaptor . I have included the starttls command to promote the connection to an encrypted one, but I am experiencing an deprecation warning: DeprecationWarning: LDAPStartTLSInvalidResponseName.__str__ method is deprecated and will not be used for getting bytes representation in the future releases, use LDAPStartTLSInvalidResponseName.toWire instead category=DeprecationWarning) This puzzles me as I cannot track this error down. The usual strategy to introduce debugging print statements or start the debugger like "import pdb; pdb.set_trace()" does not work. I would appreciate help here how to debug this deferred code. Besides this warning I am receiving no output whatsoever. Also print statements in the example method do not print anything, which is strange to me. To debug it on a networking level, I have wiresharked the ldap communication and it seems fine (see below): REQUEST Transmission Control Protocol, Src Port: 53964, Dst Port: 389, Seq: 1, Ack: 1, Len: 31 Lightweight Directory Access Protocol LDAPMessage extendedReq(1) messageID: 1 protocolOp: extendedReq (23) extendedReq requestName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response In: 2587] RESPONSE Transmission Control Protocol, Src Port: 389, Dst Port: 53964, Seq: 1, Ack: 32, Len: 46 Lightweight Directory Access Protocol LDAPMessage extendedResp(1) messageID: 1 protocolOp: extendedResp (24) extendedResp resultCode: success (0) matchedDN: errorMessage: responseName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response To: 2581] [Time: 0.245555000 seconds] I have posted the example code with the starttls command in this gist: https://gist.github.com/westfeld/bb1d5e8727ce13910623933e041e9782 Thanks for your help! Best regards, Thomas
On Tue, 28 May 2019 at 11:22, Thomas Westfeld
Dear all,
I am experiencing an error when trying to use the quick usage example posted on the ldaptor github page https://github.com/twisted/ldaptor . I have included the starttls command to promote the connection to an encrypted one, but I am experiencing an deprecation warning:
DeprecationWarning: LDAPStartTLSInvalidResponseName.__str__ method is deprecated and will not be used for getting bytes representation in the future releases, use LDAPStartTLSInvalidResponseName.toWire instead category=DeprecationWarning)
This puzzles me as I cannot track this error down. The usual strategy to introduce debugging print statements or start the debugger like "import pdb; pdb.set_trace()" does not work. I would appreciate help here how to debug this deferred code.
Besides this warning I am receiving no output whatsoever. Also print statements in the example method do not print anything, which is strange to me.
To debug it on a networking level, I have wiresharked the ldap communication and it seems fine (see below):
REQUEST
Transmission Control Protocol, Src Port: 53964, Dst Port: 389, Seq: 1, Ack: 1, Len: 31 Lightweight Directory Access Protocol LDAPMessage extendedReq(1) messageID: 1 protocolOp: extendedReq (23) extendedReq requestName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response In: 2587]
RESPONSE
Transmission Control Protocol, Src Port: 389, Dst Port: 53964, Seq: 1, Ack: 32, Len: 46 Lightweight Directory Access Protocol LDAPMessage extendedResp(1) messageID: 1 protocolOp: extendedResp (24) extendedResp resultCode: success (0) matchedDN: errorMessage: responseName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response To: 2581] [Time: 0.245555000 seconds]
I have posted the example code with the starttls command in this gist:
https://gist.github.com/westfeld/bb1d5e8727ce13910623933e041e9782
It looks like a bug. With the Python3 migration the usage of the implicit __str__ for serialization/marshaling of the LDAP messages was removed. Please add a new issue/ticket/bug in Github for ldaptor. I am debugging these things by patching the ldap code and adding a PDB call here https://github.com/twisted/ldaptor/blob/d3c191921bd32c359a3e4974c2251f9af852... then you can go up and see where str is called, and consider if it should be repalced with .toWire() Cheers -- Adi Roiban
-----Original Message----- From: Twisted-Python [mailto:twisted-python-bounces@twistedmatrix.com] On Behalf Of Adi Roiban Sent: Tuesday, May 28, 2019 12:39 PM To: Twisted general discussion Subject: Re: [Twisted-Python] ldaptor problem with STARTTLS and python 3
On Tue, 28 May 2019 at 11:22, Thomas Westfeld
wrote: Dear all,
I am experiencing an error when trying to use the quick usage example posted on
the ldaptor github page https://github.com/twisted/ldaptor . I have included the starttls command to promote the connection to an encrypted one, but I am experiencing an deprecation warning:
DeprecationWarning: LDAPStartTLSInvalidResponseName.__str__ method is
category=DeprecationWarning)
This puzzles me as I cannot track this error down. The usual strategy to introduce debugging print statements or start the debugger like "import pdb; pdb.set_trace()" does not work. I would appreciate help here how to debug this deferred code.
Besides this warning I am receiving no output whatsoever. Also print statements in
deprecated and will not be used for getting bytes representation in the future releases, use LDAPStartTLSInvalidResponseName.toWire instead the example method do not print anything, which is strange to me.
To debug it on a networking level, I have wiresharked the ldap communication and
it seems fine (see below):
REQUEST
Transmission Control Protocol, Src Port: 53964, Dst Port: 389, Seq: 1, Ack: 1,
Len: 31
Lightweight Directory Access Protocol LDAPMessage extendedReq(1) messageID: 1 protocolOp: extendedReq (23) extendedReq requestName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response In: 2587]
RESPONSE
Transmission Control Protocol, Src Port: 389, Dst Port: 53964, Seq: 1, Ack: 32, Len: 46 Lightweight Directory Access Protocol LDAPMessage extendedResp(1) messageID: 1 protocolOp: extendedResp (24) extendedResp resultCode: success (0) matchedDN: errorMessage: responseName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response To: 2581] [Time: 0.245555000 seconds]
I have posted the example code with the starttls command in this gist:
https://gist.github.com/westfeld/bb1d5e8727ce13910623933e041e9782
It looks like a bug.
With the Python3 migration the usage of the implicit __str__ for serialization/marshaling of the LDAP messages was removed.
Please add a new issue/ticket/bug in Github for ldaptor.
I am debugging these things by patching the ldap code and adding a PDB call here https://github.com/twisted/ldaptor/blob/d3c191921bd32c359a3e4974c2251f9af852... b2b/ldaptor/_encoder.py#L56
then you can go up and see where str is called, and consider if it should be repalced with .toWire()
Cheers
-- Adi Roiban
Dear all, it turns out to be an issue with binary vs. string. The __str__ method was called by the errback only. This has been fixed in pull request #147 already. All the observed errors have been fixed in the pre-release 19.1 version of ldaptor. The example is working with STARTTLS when using HEAD. Thanks for the great community for fixing things so quickly. I am looking forward to the 19.1. release. Regards, Thomas
On Wed, 29 May 2019 at 08:21, Thomas Westfeld
[snip]
Dear all,
it turns out to be an issue with binary vs. string. The __str__ method was called by the errback only. This has been fixed in pull request #147 already. All the observed errors have been fixed in the pre-release 19.1 version of ldaptor. The example is working with STARTTLS when using HEAD.
Thanks for the great community for fixing things so quickly.
I am looking forward to the 19.1. release.
Hi Thomas, If you have time, you can check https://github.com/twisted/ldaptor/pull/148 I guess that once that PR is merged we can make a new public release Are you testing this on Python2 or Python3? -- Adi Roiban
On Wed, 29 May 2019 at 08:21, Thomas Westfeld
wrote: [snip]
Dear all,
it turns out to be an issue with binary vs. string. The __str__ method was called by the errback only. This has been fixed in pull request #147 already. All the observed errors have been fixed in the pre-release 19.1 version of ldaptor. The example is working with STARTTLS when using HEAD.
Thanks for the great community for fixing things so quickly.
I am looking forward to the 19.1. release.
Hi Thomas,
If you have time, you can check https://github.com/twisted/ldaptor/pull/148
I guess that once that PR is merged we can make a new public release
Are you testing this on Python2 or Python3?
I am testing this both on Python 2.7 and on Python 3.6, however for my production setting I want to go to Python 3.6 or 3.7 respectively. The sundowning of Python 2.7 forced me to port my programs.
-- Adi Roiban
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
participants (2)
-
Adi Roiban
-
Thomas Westfeld