activeldap 3.1.0 → 3.1.1

data/Gemfile

@@ -2,7 +2,7 @@
 
 source "http://rubygems.org"
 
-gem 'activemodel', '~> 3.1.0.rc4'
+gem 'activemodel', '~> 3.1.0'
 gem 'locale'
 gem 'fast_gettext'
 gem 'gettext_i18n_rails'

data/README.textile

@@ -7,8 +7,8 @@ A ruby library for object-oriented LDAP interface.
 
 h2. Description
 
-'ActiveLdap' is a ruby extension library which provides a
-clean objected oriented interface to LDAP library.  It was
+'ActiveLdap' is a ruby library which provides a clean
+objected oriented interface to LDAP library.  It was
 inspired by ActivRecord. This is not nearly as clean or as
 flexible as ActiveRecord, but it is still trivial to define
 new objects and manipulate them with minimal difficulty.
@@ -45,7 +45,7 @@ h2. Notes
 
 h2. Rails
 
-See "Rails":files.rails.html page for Rails integration.
+See "Rails":file.rails.html page for Rails integration.
 
 h2. Licence
 
@@ -135,3 +135,5 @@ list, please point out.
 * rbq: A bug report.
 * Narihiro Nakamura: Rails 3 support.
 * Hidetoshi Yoshimoto: Rails 3 support.
+* warden: A bug report.
+* bklier: A bug fix.

data/doc/text/development.textile

@@ -32,10 +32,9 @@ Here is design about Rails 3 support.
 
 h3. must
 
-* We target to Rails 3.1.0. (Yes, it's not released yet
-  but it will be released before we support Rails 3.x.)
-* We update the documentation and ensure that the procedure
-  for including ActiveLdap in a Rails 3 project is correct.
+* We add active_ldap/test_help.rb to support ActiveLdap fixture.
+We don't write same codes into test_helper.rb like
+http://ruby-activeldap.rubyforge.org/activeldap-fabrication/en/#Install
 
 h3. may
 
@@ -44,7 +43,12 @@ h3. may
 * We support OmniAuth. (instead of Warden)
 
 h3. DONE
+
 * We don't support Rails 3.0.x.
 * We provide active_ldap/railtie to initialize ActiveLdap.
 * We remove ActiveRecord dependency.
 * We depend on ActiveModel instead of ActiveRecord.
+* We target to Rails 3.1.0. (Yes, it's not released yet
+  but it will be released before we support Rails 3.x.)
+* We update the documentation and ensure that the procedure
+  for including ActiveLdap in a Rails 3 project is correct.

data/doc/text/news.textile

@@ -1,5 +1,19 @@
 h1. News
 
+h2(#3-1-1). 3.1.1: 2011-11-03
+
+* Supported Rails 3.1.1.
+* [GitHub:#9] Fixed a typo in document. [warden]
+* [GitHub:#11] Added persisted?. [bklier]
+* [GitHub:#16] Supported 4 or more bytes salt for SSHA and SMD5.
+  [Alex Tomlins]
+
+h3. Thanks
+
+* warden
+* bklier
+* Alex Tomlins
+
 h2(#3-1-0). 3.1.0: 2011-07-09
 
 * Supported Rails 3.1.0.rc4.

data/doc/text/tutorial.textile

@@ -49,6 +49,7 @@ h3. Installation
 Assuming all the requirements are installed, you can install by gem.
 
 <pre>
+!!!plain
 # gem install activeldap
 </pre>
 
@@ -154,6 +155,7 @@ As you can see, this method is used for defining how this class maps in to LDAP.
 my LDAP tree looks something like this:
 
 <pre>
+!!!plain
 * dc=dataspill,dc=org
 |- ou=People,dc=dataspill,dc=org
 |+ ou=Groups,dc=dataspill,dc=org
@@ -172,6 +174,7 @@ as the beginning of the distinguished name.
 Just for clarity, here's how the arguments map out:
 
 <pre>
+!!!plain
  cn=develop,ou=Groups,dc=dataspill,dc=org
  ^^         ^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^
 :dn_attribute |         |
@@ -213,6 +216,7 @@ tying objects together across the LDAP tree. Often, user objects will be
 members of, or belong_to, Group objects.
 
 <pre>
+!!!plain
 * dc=dataspill,dc=org
 |+ ou=People,dc=dataspill,dc=org
  \
@@ -589,7 +593,8 @@ h4. Setting up
 Create directory for scripts.
 
 <pre>
-mkdir -p ldapadmin/objects
+!!!plain
+% mkdir -p ldapadmin/objects
 </pre>
 
 In ldapadmin/objects/ create the file user.rb:

data/lib/active_ldap.rb

@@ -3,7 +3,7 @@ require "active_model"
 require "active_support/core_ext"
 
 module ActiveLdap
-  VERSION = "3.1.0"
+  VERSION = "3.1.1"
   autoload :Command, "active_ldap/command"
 end
 

data/lib/active_ldap/base.rb

@@ -755,13 +755,6 @@ module ActiveLdap
     end
     alias_method(:exists?, :exist?)
 
-    # new_entry?
-    #
-    # Return whether the entry is new entry in LDAP or not
-    def new_entry?
-      @new_entry
-    end
-
     # dn
     #
     # Return the authoritative dn

data/lib/active_ldap/persistence.rb

@@ -1,5 +1,16 @@
 module ActiveLdap
   module Persistence
+    # new_entry?
+    #
+    # Return whether the entry is new entry in LDAP or not
+    def new_entry?
+      @new_entry
+    end
+
+    # Return whether the entry is saved entry or not.
+    def persisted?
+      not new_entry?
+    end
 
     # destroy
     #

data/lib/active_ldap/user_password.rb

@@ -8,7 +8,8 @@ module ActiveLdap
     module_function
     def valid?(password, hashed_password)
       unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password
-        raise ArgumentError, _("Invalid hashed password: %s") % hashed_password
+        # Plain text password
+        return hashed_password == password
       end
       type = $1
       hashed_password_without_type = $POSTMATCH
@@ -48,8 +49,8 @@ module ActiveLdap
     end
 
     def smd5(password, salt=nil)
-      if salt and salt.size != 4
-        raise ArgumentError, _("salt size must be == 4: %s") % salt.inspect
+      if salt and salt.size < 4
+        raise ArgumentError, _("salt size must be >= 4: %s") % salt.inspect
       end
       salt ||= Salt.generate(4)
       md5_hash_with_salt = "#{Digest::MD5.digest(password + salt)}#{salt}"
@@ -57,7 +58,7 @@ module ActiveLdap
     end
 
     def extract_salt_for_smd5(smd5ed_password)
-      Base64.decode64(smd5ed_password)[-4, 4]
+      extract_salt_at_pos(smd5ed_password, 16)
     end
 
     def sha(password)
@@ -65,8 +66,8 @@ module ActiveLdap
     end
 
     def ssha(password, salt=nil)
-      if salt and salt.size != 4
-        raise ArgumentError, _("salt size must be == 4: %s") % salt.inspect
+      if salt and salt.size < 4
+        raise ArgumentError, _("salt size must be >= 4: %s") % salt.inspect
       end
       salt ||= Salt.generate(4)
       sha1_hash_with_salt = "#{Digest::SHA1.digest(password + salt)}#{salt}"
@@ -74,7 +75,12 @@ module ActiveLdap
     end
 
     def extract_salt_for_ssha(sshaed_password)
-      extract_salt_for_smd5(sshaed_password)
+      extract_salt_at_pos(sshaed_password, 20)
+    end
+
+    def extract_salt_at_pos(hashed_password, position)
+      salt = Base64.decode64(hashed_password)[position..-1]
+      salt == '' ? nil : salt
     end
 
     module Salt

data/test/test_user_password.rb

@@ -5,11 +5,20 @@ class TestUserPassword < Test::Unit::TestCase
 
   priority :normal
   def test_valid?
-    plain_password = "password"
-    %w(crypt md5 smd5 sha ssha).each do |type|
-      hashed_password = ActiveLdap::UserPassword.send(type, plain_password)
+    {
+      "{CRYPT}.yNLaKqtwQbnY" => 'wibble', #CRYPT
+      "{MD5}DRB9CfW75Ayt495ccenptw==" => 'letmein', #MD5
+      "{SMD5}8L2iXJuazftLVHrAf7ptPFQIDaw=" => 'letmein', #SMD5 as generated by slappasswd (4 bytes of salt)
+      "{SMD5}kXibTNG+O98gaQtkugYcmSTiE+M2Z5TA" => 'letmein', #SMD5 as generated by Apache Directory Studio (8 bytes of salt)
+      "{SHA}t6h1/B6iKLkGEEG3zsS9PFKrPOM=" => 'letmein', #SHA
+      "{SSHA}YA87hc9/L/cCGR1HValcJb7a8AYxZXY4" => 'wibble', # SSHA as generated by slappasswd (4 bytes of salt)
+      "{SSHA}6J6Ios3l1panY9sm0+g9l3/jFz2kwOPrVA4+OA==" => 'letmein', # SSHA as generated by Apache Directory Studio (8 bytes of salt)
+      "letmein" => 'letmein', #Cleartext password
+    }.each do |hash, plain|
       assert_send([ActiveLdap::UserPassword, :valid?,
-                   plain_password, hashed_password])
+                   plain, hash])
+      assert_not_send([ActiveLdap::UserPassword, :valid?,
+                   "not#{plain}", hash])
     end
   end
 
@@ -51,12 +60,11 @@ class TestUserPassword < Test::Unit::TestCase
   end
 
   def test_extract_salt_for_smd5
-    assert_extract_salt(:smd5, nil, encode64(""))
-    assert_extract_salt(:smd5, nil, encode64("1"))
-    assert_extract_salt(:smd5, nil, encode64("12"))
-    assert_extract_salt(:smd5, nil, encode64("123"))
-    assert_extract_salt(:smd5, "ABCD", encode64("ABCD"))
-    assert_extract_salt(:smd5, "BCDE", encode64("ABCDE"))
+    assert_extract_salt(:smd5, 'this', encode64("1234567890123456this"))
+    assert_extract_salt(:smd5, 'this is the salt', encode64("1234567890123456this is the salt"))
+    assert_extract_salt(:smd5, nil, encode64("123456789"))
+    assert_extract_salt(:smd5, nil, encode64("123456789012345"))
+    assert_extract_salt(:smd5, nil, encode64("1234567890123456"))
   end
 
   def test_sha
@@ -76,12 +84,11 @@ class TestUserPassword < Test::Unit::TestCase
   end
 
   def test_extract_salt_for_ssha
-    assert_extract_salt(:ssha, nil, encode64(""))
-    assert_extract_salt(:ssha, nil, encode64("1"))
-    assert_extract_salt(:ssha, nil, encode64("12"))
-    assert_extract_salt(:ssha, nil, encode64("123"))
-    assert_extract_salt(:ssha, "ABCD", encode64("ABCD"))
-    assert_extract_salt(:ssha, "BCDE", encode64("ABCDE"))
+    assert_extract_salt(:ssha, 'this', encode64("12345678901234567890this"))
+    assert_extract_salt(:ssha, 'this is the salt', encode64("12345678901234567890this is the salt"))
+    assert_extract_salt(:ssha, nil, encode64("12345678901234"))
+    assert_extract_salt(:ssha, nil, encode64("1234567890123456789"))
+    assert_extract_salt(:ssha, nil, encode64("12345678901234567890"))
   end
 
   private

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: activeldap
 version: !ruby/object:Gem::Version 
-  hash: 3
+  hash: 1
   prerelease: 
   segments: 
   - 3
   - 1
-  - 0
-  version: 3.1.0
+  - 1
+  version: 3.1.1
 platform: ruby
 authors: 
 - Will Drewry
@@ -16,7 +16,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-07-09 00:00:00 Z
+date: 2011-11-03 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   version_requirements: &id001 !ruby/object:Gem::Requirement 
@@ -24,14 +24,12 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 15424109
+        hash: 3
         segments: 
         - 3
         - 1
         - 0
-        - rc
-        - 4
-        version: 3.1.0.rc4
+        version: 3.1.0
   name: activemodel
   prerelease: false
   type: :runtime
@@ -176,7 +174,7 @@ dependencies:
   prerelease: false
   type: :development
   requirement: *id011
-description: "    'ActiveLdap' is a ruby extension library which provides a clean\n    objected oriented interface to the Ruby/LDAP library.  It was inspired\n    by ActiveRecord. This is not nearly as clean or as flexible as\n    ActiveRecord, but it is still trivial to define new objects and manipulate\n    them with minimal difficulty.\n"
+description: "    'ActiveLdap' is a ruby library which provides a clean\n    objected oriented interface to the Ruby/LDAP library.  It was inspired\n    by ActiveRecord. This is not nearly as clean or as flexible as\n    ActiveRecord, but it is still trivial to define new objects and manipulate\n    them with minimal difficulty.\n"
 email: 
 - redpig@dataspill.org
 - kou@cozmixng.org
@@ -345,7 +343,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: ruby-activeldap
-rubygems_version: 1.7.2
+rubygems_version: 1.8.10
 signing_key: 
 specification_version: 3
 summary: ActiveLdap is a object-oriented API to LDAP