fakeldap 0.0.0 → 0.0.1

data/vendor/ruby-ldapserver/doc/file_list.html

@@ -0,0 +1,38 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <head>
+    <meta name="Content-Type" content="text/html; charset=utf-8" />
+    <link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" charset="utf-8" />
+    <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
+    <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+    <script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
+    <base id="base_target" target="_parent" />
+  </head>
+  <body>
+    <script type="text/javascript" charset="utf-8">
+      if (window.top.frames.main) {
+        document.getElementById('base_target').target = 'main';
+        document.body.className = 'frames';
+      }
+    </script>
+    <div id="content">
+      <h1 id="full_list_header">File List</h1>
+      <div id="nav">
+        <a target="_self" href="class_list.html">Classes</a> | 
+        <a target="_self" href="method_list.html">Methods</a> |
+        <a target="_self" href="file_list.html">Files</a>
+      </div>
+      <div id="search">Search: <input type="text" /></div>
+
+      <ul id="full_list" class="files">
+        
+
+  <li class="r1"><a href="index.html" title="README">README</a></li>
+  
+
+      </ul>
+    </div>
+  </body>
+</html>
+

data/vendor/ruby-ldapserver/doc/frames.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
+	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+	<title>Documentation by YARD 0.6.0</title>
+</head>
+<frameset cols="20%,*">
+  <frame name="list" src="class_list.html" />
+  <frame name="main" src="index.html" />
+</frameset>
+</html>

data/vendor/ruby-ldapserver/doc/index.html

@@ -0,0 +1,399 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta name="Content-Type" content="text/html; charset=utf-8" />
+<title>Documentation by YARD 0.6.0</title>
+<link rel="stylesheet" href="css/style.css" type="text/css" media="screen" charset="utf-8" />
+<link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  relpath = '';
+  if (relpath != '') relpath += '/';
+</script>
+<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
+
+  </head>
+  <body>
+    <script type="text/javascript" charset="utf-8">
+      if (window.top.frames.main) document.body.className = 'frames';
+    </script>
+    
+    <div id="header">
+      <div id="menu">
+  
+    <a href="_index.html" title="Index">Index</a> &raquo; 
+    <span class="title">File: README</span>
+  
+  
+  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
+</div>
+
+      <div id="search">
+  <a id="class_list_link" href="#">Class List</a>
+  <a id="method_list_link" href="#">Method List</a>
+  <a id ="file_list_link" href="#">File List</a>
+</div>
+
+      <div class="clear"></div>
+    </div>
+    
+    <iframe id="search_frame"></iframe>
+    
+    <div id="content"><div id='filecontents'><p>
+CHANGES FROM VERSION 0.2 TO VERSION 0.3
+</p>
+<hr style="height: 10px"></hr><p>
+There have been substantial changes to ruby-ldapserver between version 0.2
+and version 0.3. If you have not been using 0.2, you can skip this section.
+</p>
+<p>
+Major API changes:
+</p>
+<ul>
+<li><p>
+I have renamed module LDAPServer to module LDAP::Server, This means e.g.
+</p>
+</li>
+</ul>
+<p>
+require &#8216;ldapserver/connection&#8217; becomes require
+&#8216;ldap/server/connection&#8217;
+</p>
+<ul>
+<li><p>
+I have moved the result exceptions to be subclasses of LDAP::ResultError,
+</p>
+</li>
+</ul>
+<p>
+for consistency with ruby-ldap, and named under LDAP::ResultError::<name>
+to group them together. Everything else remains under LDAP::Server.
+</p>
+<ul>
+<li><p>
+The format of the parsed &#8216;filter&#8217; parameter to Operation#search
+has
+</p>
+</li>
+</ul>
+<p>
+changed. See filter.rb. In particular, the format of a :substrings filter
+has been changed (simplified).
+</p>
+<ul>
+<li><p>
+The format of the &#8216;modinfo&#8217; parameter to Operation#modify has
+changed. See
+</p>
+</li>
+</ul>
+<p>
+the comment above &#8216;def modify&#8217; in operation.rb
+</p>
+<ul>
+<li><p>
+Attribute names are no longer automatically downcased. If you are running
+</p>
+</li>
+</ul>
+<p>
+with a schema, however, then they will be converted into their preferred
+forms. That is, &#8220;OBJECTCLASS&#8221; will become
+&#8220;objectClass&#8221;, &#8220;CommonName&#8221; will become
+&#8220;cn&#8221;, and so on.
+</p>
+<p>
+Improvements include:
+</p>
+<ul>
+<li><p>
+There is now an explicit object representing a server instance:
+</p>
+</li>
+</ul>
+<p>
+&#8220;LDAP::Server&#8221;. This bundles together the root DSE, the schema
+(if used), the subclass of Operation which you wish to use, and various
+other parameters such as ssl certificate data. It has methods run_tcpserver
+and run_prefork, making it straightforward to start a server. Both support
+SSL on connect. You can do require &#8216;ldap/server&#8217; to get all the
+essential libraries for a server.
+</p>
+<ul>
+<li><p>
+LDAP::Server :user and :group settings let you drop privileges after
+</p>
+</li>
+</ul>
+<p>
+binding to port 389.
+</p>
+<ul>
+<li><p>
+Schema support. Can load schemas in OpenLDAP format, publish them via
+</p>
+</li>
+</ul>
+<p>
+LDAP, validate add/modify operations, use them to map attribute names to
+their &#8216;standard&#8217; versions (e.g. &#8220;commonname&#8221;
+becomes &#8220;cn&#8221;), and perform case-insensitive comparisons where
+the schema mandates this. See classes LDAP::Server::Schema,
+LDAP::Server::ObjectClass, LDAP::Server::AttributeType,
+LDAP::Server::Syntax, LDAP::Server::MatchingRule, and examples/rbslapd3.rb.
+</p>
+<p>
+What is it?
+</p>
+<hr style="height: 9px"></hr><p>
+ruby-ldapserver is a lightweight, pure Ruby skeleton for implementing LDAP
+server applications. It is intended primarily for when you wish to build a
+gateway from LDAP queries into some other protocol or database; it does not
+attempt to be a full implementation of the standard LDAP data model itself
+(although you could build one using this as a frontend)
+</p>
+<p>
+The Connection class handles incoming connections, decodes ASN1-formatted
+LDAP requests, and creates an Operation object for each request. The
+Operation object further parses the ASN1 request and invokes methods which
+you override to perform useful work. Responses and exceptions are converted
+back into ASN1 and returned to the client. Optionally, a collection of
+objects can be used to implement a Schema (e.g. normalize attribute names,
+validate add and modify operations, perform appropriate matching
+operations)
+</p>
+<p>
+Since it&#8217;s written entirely in Ruby, it benefits from Ruby&#8217;s
+threading engine.
+</p>
+<p>
+Target audience
+</p>
+<hr style="height: 10px"></hr><p>
+Technically-savvy Ruby applications developers; the sort of people who are
+happy to read RFCs and read code to work out what it does :-)
+</p>
+<p>
+The examples/ directory contains a few minimal LDAP servers which you can
+use as a starting point.
+</p>
+<p>
+Status
+</p>
+<hr style="height: 4px"></hr><p>
+This is an early release. It works for me as an LDAP protocol convertor;
+the Schema stuff has not been heavily tested by me.
+</p>
+<p>
+Libraries
+</p>
+<hr style="height: 7px"></hr><p>
+ASN1 encoding and decoding is done using the &#8216;openssl&#8217;
+extension, which is standard in the Ruby 1.8.2 base distribution. To check
+you have it, you should be able to run `ruby -ropenssl -e puts` with no
+error.
+</p>
+<p>
+However, I&#8217;ve found in the past that Linux machines don&#8217;t
+always build the openssl extension when compiling Ruby from source. With
+Red Hat 9, the solution for me was, when building Ruby itself:
+</p>
+<pre class="code">
+    <span class='comment'># export CPPFLAGS=&quot;-I/usr/kerberos/include&quot;
+</span>    <span class='comment'># export LDFLAGS=&quot;-L/usr/kerberos/lib&quot;
+</span>    <span class='comment'># ./configure ...etc
+</span></pre>
+<p>
+If you want to run the test suite then you&#8217;ll need to install the
+ruby-ldap client library, and if you want to run examples/rbslapd3.rb then
+you&#8217;ll need the prefork library. Both are available from <<a
+href="http://raa.ruby-lang.org">raa.ruby-lang.org</a>/>.
+</p>
+<p>
+Protocol implementation
+</p>
+<hr style="height: 10px"></hr><p>
+ruby-ldapserver tries to be a reasonably complete implementation of the
+message decoding and encoding components of LDAP. However, it does not
+synthesise or directly enforce the LDAP data model. It will advertise a
+schema in the root DSE if you configure one, and it provides helper
+functions which allow you to validate add and modify operations against a
+schema; but it&#8217;s up to you to use them, if you wish. If you&#8217;re
+just using LDAP as a convenient query interface into some other database,
+you probably don&#8217;t care about schemas.
+</p>
+<p>
+If your clients permit it, you can violate the LDAP specification further,
+eliminating some of the gross design flaws of LDAP. For example, you can
+ditch the LDAP idea that a Distinguished Name must consist of
+attr=val,attr=val,attr=val&#8230; and use whatever is convenient as a
+primary key (e.g. &#8220;val1,val2,val3&#8221; or
+&#8220;id,table_name&#8221;). The &#8216;add&#8217; operation could
+allocate DNs automatically from a sequence. There&#8217;s no need for the
+data duplication where an LDAP entry must contain the same attr=val pair
+which is also the entry&#8217;s RDN. Violations of the LDAP spec in this
+way are at your own risk.
+</p>
+<p>
+Threading issues
+</p>
+<hr style="height: 10px"></hr><p>
+The core of this library is the LDAP::Server::Connection object which
+handles communication with a single client, and the LDAP::Server::Operation
+object which handles a single request. Because the LDAP protocol allows a
+client to send multiple overlapping requests down the same TCP connection,
+I start a new Ruby thread for each Operation.
+</p>
+<p>
+If your Operation object deals with any global shared data, then it needs
+to do so in a thread-safe way. If this is new to you then see <<a
+href="http://www.rubycentral.com/book/tut_threads.html">www.rubycentral.com/book/tut_threads.html</a>>
+<<a
+href="http://www.rubygarden.org/ruby?MultiThreading">www.rubygarden.org/ruby?MultiThreading</a>>
+</p>
+<p>
+For incoming client connections, I have supplied a simple tcpserver method
+which starts a new Ruby thread for each client. This works fine, but in a
+multi-CPU system, all LDAP server operations will be processed on one CPU;
+also with a very large number of concurrent client connections, you may
+find you hit the a max-filedescriptors-per-process limit.
+</p>
+<p>
+I have also provided a preforking server; see examples/rbslapd3.rb. In this
+case, your connections are handled in separate processes so they cannot
+share data directly in RAM.
+</p>
+<p>
+If you are using the default threading tcpserver, then beware that a number
+of Ruby extension libraries block the threading interpreter. In particular,
+the client library &#8220;ruby-ldap&#8221; blocks when waiting for a
+response from a remote server, since it&#8217;s a wrapper around a C
+library which is unaware of Ruby&#8217;s threading engine. This can cause
+your application to &#8216;freeze&#8217; periodically. Either choose client
+libraries which play well with threading, or make sure each client is
+handled in a different process.
+</p>
+<p>
+For example, when talking to a MySQL database, you might want to choose
+&#8220;ruby-mysql&#8221; (which is a pure Ruby implementation of the MySQL
+protocol) rather than &#8220;mysql-ruby&#8221; (which is a wrapper around
+the C API, and blocks while waiting for responses from the server)
+</p>
+<p>
+Even with something like ruby-mysql, beware DNS lookups: resolver libraries
+can block too. There is a pure Ruby resolver replacement in the standard
+library: if you do
+</p>
+<pre class="code">
+    <span class='id require'>require</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>resolv-replace</span><span class='tstring_end'>'</span></span>
+</pre>
+<p>
+this changes TCPSocket and friends to use it instead of the default C
+resolver. Or you could just hard-code IP addresses, or put entries in
+/etc/hosts for the machines you want to contact.
+</p>
+<p>
+Another threading issue to think about is abandoned and timed-out LDAP
+operations. The Connection object handles these by raising an
+LDAP::Server::Abandon or LDAP::Server::TimeLimitExceeded exception in the
+Operation thread, which you can either ignore or rescue. However, if in
+rescuing it you end up putting (say) a SQL connection back into a pool, you
+should beware that the SQL connection may still be mid-query, so it&#8217;s
+probably better to discard it and use a fresh one next time.
+</p>
+<p>
+Performance
+</p>
+<hr style="height: 9px"></hr><p>
+examples/speedtest.rb is a simple client which forks N processes, and in
+each process opens an LDAP connection, binds, and sends M search requests
+down it.
+</p>
+<p>
+Using speedtest.rb and rbslapd1.rb, running on the <b>same</b> machine
+(single-processor AMD Athlon 2500+) I achieve around 800 searches per
+second with N=1,M=1000 and 300-400 searches per second with N=10,M=100.
+</p>
+<p>
+To-do list
+</p>
+<hr style="height: 8px"></hr><ul>
+<li><p>
+handle and test generation of LDAP referrals properly
+</p>
+</li>
+<li><p>
+more cases in test suite: abandon, concurrency, performance tests, error
+handling
+</p>
+</li>
+<li><p>
+extensible match filters
+</p>
+</li>
+<li><p>
+extended operations RFC 2830 - Start TLS RFC 3062 - password modify RFC
+2839 - whoami RFC 3909 - cancel
+</p>
+</li>
+</ul>
+<p>
+References
+</p>
+<hr style="height: 8px"></hr><ul>
+<li><p>
+<a
+href="ftp://ftp.isi.edu/in-notes/rfc2251.txt">ftp.isi.edu/in-notes/rfc2251.txt</a>
+(base protocol)
+</p>
+</li>
+<li><p>
+<a
+href="ftp://ftp.isi.edu/in-notes/rfc2252.txt">ftp.isi.edu/in-notes/rfc2252.txt</a>
+(schema)
+</p>
+</li>
+<li><p>
+<a
+href="ftp://ftp.isi.edu/in-notes/rfc2253.txt">ftp.isi.edu/in-notes/rfc2253.txt</a>
+(DN encoding)
+</p>
+</li>
+<li><p>
+<a
+href="http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf">www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf</a>
+</p>
+</li>
+<li><p>
+<a
+href="http://www.itu.int/ITU-T/studygroups/com10/languages/X.690_1297.pdf">www.itu.int/ITU-T/studygroups/com10/languages/X.690_1297.pdf</a>
+</p>
+</li>
+</ul>
+<p>
+Contact
+</p>
+<hr style="height: 5px"></hr><p>
+You are very welcome to E-mail me with bug reports, patches, comments and
+suggestions for this software. However, please DON&#8217;T send me any
+general questions about LDAP, how LDAP works, how to apply LDAP in your
+particular situation, or questions about any other LDAP software. The
+`ldap@umich.edu` mailing list is probably the correct place to ask such
+questions. See: <<a
+href="http://listserver.itd.umich.edu/cgi-bin/lyris.pl?enter=ldap">listserver.itd.umich.edu/cgi-bin/lyris.pl?enter=ldap</a>>
+</p>
+<p>
+Brian Candler <B.Candler@pobox.com>
+</p>
+</div></div>
+    
+    <div id="footer">
+  Generated on Mon Sep 13 13:27:15 2010 by 
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.6.0 (ruby-1.9.2).
+</div>
+
+  </body>
+</html>