Sending LDAP request with message ID

Question

Need to send an LDAP search request with message ID set to 0 value (as part of RFC validation testing). Tried the following modified code from apache directory api examples section:

import java.io.IOException;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.api.ldap.model.message.SearchRequest;
import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.exception.LdapNoPermissionException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;

public class ManageLDAPConnection {

private static Dn getSafeSearchBaseDn(String dn) throws LdapInvalidDnException{
     Dn searchBaseDn = null;
     if (dn != null && !dn.isEmpty()){
         searchBaseDn = new Dn(dn);
    }else{
         searchBaseDn = Dn.ROOT_DSE;
    }
    return searchBaseDn;
 }

public static void main (String[] args) {

int messageId = 0;
int port = 389;
String username = "<Admin CN>";
String password = "<Password>";
String hostname = "<IP>";
SearchCursor searchResult = null;
String dn = "<DN>";
String filterExpr = "(objectclass=*)";

org.apache.directory.api.ldap.model.message.SearchScope searchScopeValue = org.apache.directory.api.ldap.model.message.SearchScope.OBJECT;

LdapConnection connection = new LdapNetworkConnection(hostname, port);

try {
    connection.bind(username, password);       
    System.out.println("Connected successfully");
} catch (LdapException e) {
    System.out.println("Unable to bind");
}

try {
    SearchRequest searchRequest = new SearchRequestImpl();
    System.out.println(searchRequest.getMessageId());
    searchRequest.setMessageId(0);
    System.out.println(searchRequest.getMessageId());
        searchRequest.setBase(getSafeSearchBaseDn(dn));
        searchRequest.setFilter(filterExpr);
        searchRequest.setScope(searchScopeValue);
    searchResult = connection.search(searchRequest);
} catch (LdapNoPermissionException e){
    System.out.println("No permission exception");
} catch (LdapException e){
    System.out.println("LDAP Exception: " + e.getMessage());
}
}
}

The above code is able to send the request, but the message ID is still sent as non zero, even though the following has been done:

searchRequest.setMessageId(0);

Answer 1

You're clearly going to have to use a different library, or modify this one, or go to a lower level. It isn't at all surprising that this library prevents you from shooting yourself in the foot.

Answer 2

Had some solution in python's pyasn1-modules. The following seems to work well:

from pyasn1.type import univ, namedval, namedtype, tag
from pyasn1.codec.ber import encoder
                                                                                           import socket
from pyasn1_modules.rfc2251 import *

ldap_bind_request = BindRequest()
ldap_bind_request.setComponentByName('version', 3)
ldap_bind_request.setComponentByName('name', 'cn=admin,o=org')

ldap_auth = AuthenticationChoice()
ldap_auth.setComponentByName('simple', 'mypwd')

ldap_bind_request.setComponentByName('authentication', ldap_auth)

ldap_message = LDAPMessage()

ldap_message.setComponentByName('messageID', 0)
ldap_message.setComponentByName('protocolOp', ldap_bind_request)

print(ldap_bind_request.prettyPrint())

print(dir(ldap_bind_request))

encoded_request = encoder.encode(ldap_message)
print(encoded_request)

asock = socket.socket()

asock.connect(('127.0.0.1', 389))
asock.send(encoded_request)

There is something named JAVA ASN.1 Compiler (JAC). Trying to see if they provide something similar, with less of object oriented complexity which is common in java :)