RubyGems - fakeldap - Versions diffs - 0.0.1 → 0.1 - Mend

fakeldap 0.0.1 → 0.1

Files changed (114) hide show

data/vendor/ruby-ldapserver/doc/top-level-namespace.html DELETED

@@ -1,88 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-  <head>
-    <meta name="Content-Type" content="text/html; charset=utf-8" />
-<title>Top Level Namespace</title>
-<link rel="stylesheet" href="css/style.css" type="text/css" media="screen" charset="utf-8" />
-<link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
-<script type="text/javascript" charset="utf-8">
-  relpath = '';
-  if (relpath != '') relpath += '/';
-</script>
-<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
-<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
-  </head>
-  <body>
-    <script type="text/javascript" charset="utf-8">
-      if (window.top.frames.main) document.body.className = 'frames';
-    </script>
-    <div id="header">
-      <div id="menu">
-    <a href="_index.html">Index</a> &raquo;
-    <span class="title">Top Level Namespace</span>
-  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
-</div>
-      <div id="search">
-  <a id="class_list_link" href="#">Class List</a>
-  <a id="method_list_link" href="#">Method List</a>
-  <a id ="file_list_link" href="#">File List</a>
-</div>
-      <div class="clear"></div>
-    </div>
-    <iframe id="search_frame"></iframe>
-    <div id="content"><h1>Top Level Namespace
-</h1>
-<dl class="box">
-</dl>
-<div class="clear"></div>
-<h2>Defined Under Namespace</h2>
-<p class="children">
-      <strong class="modules">Modules:</strong> <span class='object_link'><a href="LDAP.html" title="LDAP (module)">LDAP</a></span>
-</p>
-</div>
-    <div id="footer">
-  Generated on Mon Sep 13 13:27:18 2010 by
-  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.6.0 (ruby-1.9.2).
-</div>
-  </body>
-</html>

data/vendor/ruby-ldapserver/examples/README DELETED

@@ -1,89 +0,0 @@
-Using the example programs
-==========================
-These servers all listen on port 1389 by default, so that they don't have to
-be run as root.
-Example 1: trivial server using RAM hash
-----------------------------------------
-$ ruby rbslapd1.rb
-In another window:
-$ ldapadd -H ldap://127.0.0.1:1389/
-dn: dc=example,dc=com
-cn: Top object
-dn: cn=Fred Flintstone,dc=example,dc=com
-cn: Fred Flintstone
-sn: Flintstone
-mail: fred@bedrock.org
-mail: fred.flintstone@bedrock.org
-dn: cn=Wilma Flintstone,dc=example,dc=com
-cn: Wilma Flintstone
-mail: wilma@bedrock.org
-^D
-Try these queries:
-$ ldapsearch -H ldap://127.0.0.1:1389/ -b "" "(objectclass=*)"
-$ ldapsearch -H ldap://127.0.0.1:1389/ -b "dc=example,dc=com" -s base "(objectclass=*)"
-$ ldapsearch -H ldap://127.0.0.1:1389/ -b "dc=example,dc=com" "(mail=fred*)"
-If you terminate the server with Ctrl-C, its contents should be written
-to disk as a YAML file.
-A fairly complete set of the filter language is implemented. However, this
-simple server works by simply scanning the entire database and applying the
-filter to each entry, so it won't scale to large applications. No validation
-of DN or attributes against any sort of schema is done.
-Example 1a: with SSL
---------------------
-In rbslapd1.rb, uncomment
-	:ssl_key_file		=> "key.pem",
-	:ssl_cert_file		=> "cert.pem",
-	:ssl_on_connect		=> true,
-and run mkcert.rb. Since this is a self-signed certificate, you'll have to
-turn off certificate verification in the client too. For example:
-    $ env LDAPTLS_REQCERT="allow" ldapsearch -H ldaps://127.0.0.1:1389/
-Making your own CA and installing its certificate in the client, or
-generating a Certificate Signing Request and sending it to a known CA, is
-beyond the scope of this documentation.
-Example 2: simple LDAP to SQL mapping
--------------------------------------
-You will need to set up a MySQL database with a table conforming to the
-schema given within the code. Once done, LDAP gives a read-only view of the
-database with only the filter "(uid=<foo>)" supported.
-Example 3: preforking server and schema
----------------------------------------
-This functions in the same way as rbslapd1.rb. However, since each query is
-answered in a separate process, the YAML file on disk is used as the master
-repository. Update operations re-write this file each time.
-Also, the schema is read from file 'core.schema'. Attempting to insert the
-above entries will fail, due to schema violations. Insert a valid entry,
-e.g.
-dn: cn=Fred Flintstone,dc=example,dc=com
-objectClass: organizationalPerson
-cn: Fred Flintstone
-sn: Flintstone
-telephoneNumber: +1 555 1234
-telephoneNumber: +1 555 5432
-Schema validation takes place for the attribute values and that attributes
-are allowed/required by the objectclass(es); however, the DN itself is not
-validated, nor any checks made that the RDN is present as an attribute
-(since this is one of the more stupid parts of the LDAP/X500 data model)

data/vendor/ruby-ldapserver/examples/mkcert.rb DELETED

@@ -1,31 +0,0 @@
-require 'openssl'
-# Taken directly from echo_svr.rb in the Ruby openssl examples
-key = OpenSSL::PKey::RSA.new(1024){ print "."; $stdout.flush }
-puts
-cert = OpenSSL::X509::Certificate.new
-cert.version = 2
-cert.serial = 0
-name = OpenSSL::X509::Name.new([["C","JP"],["O","TEST"],["CN","localhost"]])
-cert.subject = name
-cert.issuer = name
-cert.not_before = Time.now
-cert.not_after = Time.now + 3600
-cert.public_key = key.public_key
-ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
-cert.extensions = [
-  ef.create_extension("basicConstraints","CA:FALSE"),
-  ef.create_extension("subjectKeyIdentifier","hash"),
-  ef.create_extension("extendedKeyUsage","serverAuth"),
-  ef.create_extension("keyUsage",
-                      "keyEncipherment,dataEncipherment,digitalSignature")
-]
-ef.issuer_certificate = cert
-cert.add_extension ef.create_extension("authorityKeyIdentifier",
-                                       "keyid:always,issuer:always")
-cert.sign(key, OpenSSL::Digest::SHA1.new)
-# Write to disk
-File.open("key.pem","w",0600) { |f| f << key.to_pem }
-File.open("cert.pem","w",0644) { |f| f << cert.to_pem }

data/vendor/ruby-ldapserver/examples/rbslapd1.rb DELETED

@@ -1,111 +0,0 @@
-#!/usr/local/bin/ruby -w
-# This is a trivial LDAP server which just stores directory entries in RAM.
-# It does no validation or authentication. This is intended just to
-# demonstrate the API, it's not for real-world use!!
-$:.unshift('../lib')
-$debug = true
-require 'ldap/server'
-# We subclass the Operation class, overriding the methods to do what we need
-class HashOperation < LDAP::Server::Operation
-  def initialize(connection, messageID, hash)
-    super(connection, messageID)
-    @hash = hash   # an object reference to our directory data
-  end
-  def search(basedn, scope, deref, filter)
-    basedn.downcase!
-    case scope
-    when LDAP::Server::BaseObject
-      # client asked for single object by DN
-      obj = @hash[basedn]
-      raise LDAP::ResultError::NoSuchObject unless obj
-      send_SearchResultEntry(basedn, obj) if LDAP::Server::Filter.run(filter, obj)
-    when LDAP::Server::WholeSubtree
-      @hash.each do |dn, av|
-        next unless dn.index(basedn, -basedn.length)    # under basedn?
-        next unless LDAP::Server::Filter.run(filter, av)  # attribute filter?
-        send_SearchResultEntry(dn, av)
-      end
-    else
-      raise LDAP::ResultError::UnwillingToPerform, "OneLevel not implemented"
-    end
-  end
-  def add(dn, av)
-    dn.downcase!
-    raise LDAP::ResultError::EntryAlreadyExists if @hash[dn]
-    @hash[dn] = av
-  end
-  def del(dn)
-    dn.downcase!
-    raise LDAP::ResultError::NoSuchObject unless @hash.has_key?(dn)
-    @hash.delete(dn)
-  end
-  def modify(dn, ops)
-    entry = @hash[dn]
-    raise LDAP::ResultError::NoSuchObject unless entry
-    ops.each do |attr, vals|
-      op = vals.shift
-      case op
-      when :add
-        entry[attr] ||= []
-        entry[attr] += vals
-        entry[attr].uniq!
-      when :delete
-        if vals == []
-          entry.delete(attr)
-        else
-          vals.each { |v| entry[attr].delete(v) }
-        end
-      when :replace
-        entry[attr] = vals
-      end
-      entry.delete(attr) if entry[attr] == []
-    end
-  end
-end
-# This is the shared object which carries our actual directory entries.
-# It's just a hash of {dn=>entry}, where each entry is {attr=>[val,val,...]}
-directory = {}
-# Let's put some backing store on it
-require 'yaml'
-begin
-  File.open("ldapdb.yaml") { |f| directory = YAML::load(f.read) }
-rescue Errno::ENOENT
-end
-at_exit do
-  File.open("ldapdb.new","w") { |f| f.write(YAML::dump(directory)) }
-  File.rename("ldapdb.new","ldapdb.yaml")
-end
-# Listen for incoming LDAP connections. For each one, create a Connection
-# object, which will invoke a HashOperation object for each request.
-s = LDAP::Server.new(
-	:port			=> 1389,
-	:nodelay		=> true,
-	:listen			=> 10,
-#	:ssl_key_file		=> "key.pem",
-#	:ssl_cert_file		=> "cert.pem",
-#	:ssl_on_connect		=> true,
-	:operation_class	=> HashOperation,
-	:operation_args		=> [directory]
-)
-s.run_tcpserver
-s.join

data/vendor/ruby-ldapserver/examples/rbslapd2.rb DELETED

@@ -1,161 +0,0 @@
-#!/usr/local/bin/ruby -w
-$:.unshift('../lib')
-require 'ldap/server'
-require 'mysql'                 # <http://www.tmtm.org/en/ruby/mysql/>
-require 'thread'
-require 'resolv-replace'	# ruby threading DNS client
-# An example of an LDAP to SQL gateway. We have a MySQL table which
-# contains (login_id,login,passwd) combinations, e.g.
-#
-#   +----------+----------+--------+
-#   | login_id | login    | passwd |
-#   +----------+----------+--------+
-#   |    1     | brian    | foobar |
-#   |    2     | caroline | boing  |
-#   +----------+----------+--------+
-#
-# We support LDAP searches for (uid=login), returning a synthesised DN and
-# Maildir attribute, and we support LDAP binds to validate passwords. We
-# keep a cache of recent lookups so that a bind to validate a password
-# doesn't cause a second SQL query. Since we're multi-threaded, this should
-# work even if the bind occurs on a different client connection to the search.
-#
-# To test:
-#    ldapsearch -H ldap://127.0.0.1:1389/ -b "dc=example,dc=com" "(uid=brian)"
-#
-#    ldapsearch -H ldap://127.0.0.1:1389/ -b "dc=example,dc=com" \
-#       -D "id=1,dc=example,dc=com" -W "(uid=brian)"
-$debug = true
-SQL_CONNECT = ["1.2.3.4", "myuser", "mypass", "mydb"]
-TABLE = "logins"
-SQL_POOL_SIZE = 5
-PW_CACHE_SIZE = 100
-BASEDN = "dc=example,dc=com"
-LDAP_PORT = 1389
-# A thread-safe pool of persistent MySQL connections
-class SQLPool
-  def initialize(n, *args)
-    @args = args
-    @pool = Queue.new		# this is a thread-safe queue
-    n.times { @pool.push nil }	# create connections on demand
-  end
-  def borrow
-    conn = @pool.pop || Mysql::new(*@args)
-    yield conn
-  rescue Exception
-    conn = nil			# put 'nil' back into the pool
-    raise
-  ensure
-    @pool.push conn
-  end
-end
-# An simple LRU cache of username->password. It's linearly searched
-# so don't make it too big.
-class LRUCache
-  def initialize(size)
-    @size = size
-    @cache = []   # [[key,val],[key,val],...]
-    @mutex = Mutex.new
-  end
-  def add(id,data)
-    @mutex.synchronize do
-      @cache.delete_if { |k,v| k == id }
-      @cache.unshift [id,data]
-      @cache.pop while @cache.size > @size
-    end
-  end
-  def find(id)
-    @mutex.synchronize do
-      index = entry = nil
-      @cache.each_with_index do |e, i|
-        if e[0] == id
-          entry = e
-          index = i
-          break
-        end
-      end
-      return nil unless index
-      @cache.delete_at(index)
-      @cache.unshift entry
-      return entry[1]
-    end
-  end
-end
-class SQLOperation < LDAP::Server::Operation
-  def self.setcache(cache,pool)
-    @@cache = cache
-    @@pool = pool
-  end
-  # Handle searches of the form "(uid=<foo>)" using SQL backend
-  # (uid=foo) => [:eq, "uid", matchobj, "foo"]
-  def search(basedn, scope, deref, filter)
-    raise LDAP::ResultError::UnwillingToPerform, "Bad base DN" unless basedn == BASEDN
-    raise LDAP::ResultError::UnwillingToPerform, "Bad filter" unless filter[0..1] == [:eq, "uid"]
-    uid = filter[3]
-    @@pool.borrow do |sql|
-      q = "select login_id,passwd from #{TABLE} where login='#{sql.quote(uid)}'"
-      puts "SQL Query #{sql.object_id}: #{q}" if $debug
-      res = sql.query(q)
-      res.each do |login_id,passwd|
-        @@cache.add(login_id, passwd)
-        send_SearchResultEntry("id=#{login_id},#{BASEDN}", {
-          "maildir"=>["/netapp/#{uid}/"],
-        })
-      end
-    end
-  end
-  # Validate passwords
-  def simple_bind(version, dn, password)
-    return if dn.nil?   # accept anonymous
-    raise LDAP::ResultError::UnwillingToPerform unless dn =~ /\Aid=(\d+),#{BASEDN}\z/
-    login_id = $1
-    dbpw = @@cache.find(login_id)
-    unless dbpw
-      @@pool.borrow do |sql|
-        q = "select passwd from #{TABLE} where login_id=#{login_id}"
-        puts "SQL Query #{sql.object_id}: #{q}" if $debug
-        res = sql.query(q)
-        if res.num_rows == 1
-          dbpw = res.fetch_row[0]
-          @@cache.add(login_id, dbpw)
-        end
-      end
-    end
-    raise LDAP::ResultError::InvalidCredentials unless dbpw and dbpw != "" and dbpw == password
-  end
-end
-# Build the objects we need
-cache = LRUCache.new(PW_CACHE_SIZE)
-pool = SQLPool.new(SQL_POOL_SIZE, *SQL_CONNECT)
-SQLOperation.setcache(cache,pool)
-s = LDAP::Server.new(
-	:port			=> LDAP_PORT,
-	:nodelay		=> true,
-	:listen			=> 10,
-#	:ssl_key_file		=> "key.pem",
-#	:ssl_cert_file		=> "cert.pem",
-#	:ssl_on_connect		=> true,
-	:operation_class	=> SQLOperation
-)
-s.run_tcpserver
-s.join