-----Original Message----- From: Twisted-Python [mailto:twisted-python-bounces@twistedmatrix.com] On Behalf Of Adi Roiban Sent: Tuesday, May 28, 2019 12:39 PM To: Twisted general discussion Subject: Re: [Twisted-Python] ldaptor problem with STARTTLS and python 3

On Tue, 28 May 2019 at 11:22, Thomas Westfeld wrote:

...

Dear all,

I am experiencing an error when trying to use the quick usage example posted on

the ldaptor github page https://github.com/twisted/ldaptor . I have included the starttls command to promote the connection to an encrypted one, but I am experiencing an deprecation warning:

...

DeprecationWarning: LDAPStartTLSInvalidResponseName.__str__ method is

...

category=DeprecationWarning)

This puzzles me as I cannot track this error down. The usual strategy to introduce debugging print statements or start the debugger like "import pdb; pdb.set_trace()" does not work. I would appreciate help here how to debug this deferred code.

Besides this warning I am receiving no output whatsoever. Also print statements in

deprecated and will not be used for getting bytes representation in the future releases, use LDAPStartTLSInvalidResponseName.toWire instead the example method do not print anything, which is strange to me.

...

To debug it on a networking level, I have wiresharked the ldap communication and

it seems fine (see below):

...

REQUEST

Transmission Control Protocol, Src Port: 53964, Dst Port: 389, Seq: 1, Ack: 1,

Len: 31

...

Lightweight Directory Access Protocol LDAPMessage extendedReq(1) messageID: 1 protocolOp: extendedReq (23) extendedReq requestName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response In: 2587]

RESPONSE

Transmission Control Protocol, Src Port: 389, Dst Port: 53964, Seq: 1, Ack: 32, Len: 46 Lightweight Directory Access Protocol LDAPMessage extendedResp(1) messageID: 1 protocolOp: extendedResp (24) extendedResp resultCode: success (0) matchedDN: errorMessage: responseName: 1.3.6.1.4.1.1466.20037 (LDAP_START_TLS_OID) [Response To: 2581] [Time: 0.245555000 seconds]

I have posted the example code with the starttls command in this gist:

https://gist.github.com/westfeld/bb1d5e8727ce13910623933e041e9782

It looks like a bug.

With the Python3 migration the usage of the implicit __str__ for serialization/marshaling of the LDAP messages was removed.

Please add a new issue/ticket/bug in Github for ldaptor.

I am debugging these things by patching the ldap code and adding a PDB call here https://github.com/twisted/ldaptor/blob/d3c191921bd32c359a3e4974c2251f9af852... b2b/ldaptor/_encoder.py#L56

then you can go up and see where str is called, and consider if it should be repalced with .toWire()

Cheers

-- Adi Roiban

Dear all, it turns out to be an issue with binary vs. string. The __str__ method was called by the errback only. This has been fixed in pull request #147 already. All the observed errors have been fixed in the pre-release 19.1 version of ldaptor. The example is working with STARTTLS when using HEAD. Thanks for the great community for fixing things so quickly. I am looking forward to the 19.1. release. Regards, Thomas

On Wed, 29 May 2019 at 08:21, Thomas Westfeld wrote:

...

[snip]

...

Dear all,

it turns out to be an issue with binary vs. string. The __str__ method was called by the errback only. This has been fixed in pull request #147 already. All the observed errors have been fixed in the pre-release 19.1 version of ldaptor. The example is working with STARTTLS when using HEAD.

Thanks for the great community for fixing things so quickly.

I am looking forward to the 19.1. release.

Hi Thomas,

If you have time, you can check https://github.com/twisted/ldaptor/pull/148

I guess that once that PR is merged we can make a new public release

Are you testing this on Python2 or Python3?

I am testing this both on Python 2.7 and on Python 3.6, however for my production setting I want to go to Python 3.6 or 3.7 respectively. The sundowning of Python 2.7 forced me to port my programs.

-- Adi Roiban

_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python