fakeldap 0.0.1 → 0.1

data/vendor/ruby-ldapserver/examples/rbslapd3.rb

@@ -1,172 +0,0 @@
-#!/usr/local/bin/ruby -w
-
-# This is similar to rbslapd1.rb but here we use TOMITA Masahiro's prefork
-# library: <http://raa.ruby-lang.org/project/prefork/>
-# Advantages over Ruby threading:
-# - each client connection is handled in its own process; don't need
-#   to worry about Ruby thread blocking (except if one client issues
-#   overlapping LDAP operations down the same connection, which is uncommon)
-# - better scalability on multi-processor systems
-# - better scalability on single-processor systems (e.g. shouldn't hit
-#   max FDs per process limit)
-# Disadvantages:
-# - client connections can't share state in RAM. So our shared directory
-#   now has to be read from disk, and flushed to disk after every update.
-#
-# Additionally, I have added schema support. An LDAP v3 client can
-# query the schema remotely, and adds/modifies have data validated.
-
-$:.unshift('../lib')
-
-require 'ldap/server'
-require 'ldap/server/schema'
-require 'yaml'
-
-$debug = nil # $stderr
-
-# An object to keep our in-RAM database and synchronise it to disk
-# when necessary
-
-class Directory
-  attr_reader :data
-
-  def initialize(filename)
-    @filename = filename
-    @stat = nil
-    update
-  end
-
-  # synchronise with directory on disk (re-read if it has changed)
-
-  def update
-    begin
-      tmp = {}
-      sb = File.stat(@filename)
-      return if @stat and @stat.ino == sb.ino and @stat.mtime == sb.mtime
-      File.open(@filename) do |f|
-        tmp = YAML::load(f.read)
-        @stat = f.stat
-      end
-    rescue Errno::ENOENT
-    end
-    @data = tmp
-  end
-
-  # write back to disk
-
-  def write
-    File.open(@filename+".new","w") { |f| f.write(YAML::dump(@data)) }
-    File.rename(@filename+".new",@filename)
-    @stat = File.stat(@filename)
-  end
-
-  # run a block while holding a lock on the database
-
-  def lock
-    File.open(@filename+".lock","w") do |f|
-      f.flock(File::LOCK_EX)  # will block here until lock available
-      yield
-    end
-  end
-end
-
-# We subclass the Operation class, overriding the methods to do what we need
-
-class DirOperation < LDAP::Server::Operation
-  def initialize(connection, messageID, dir)
-    super(connection, messageID)
-    @dir = dir
-  end
-
-  def search(basedn, scope, deref, filter)
-    $debug << "Search: basedn=#{basedn.inspect}, scope=#{scope.inspect}, deref=#{deref.inspect}, filter=#{filter.inspect}\n" if $debug
-    basedn.downcase!
-
-    case scope
-    when LDAP::Server::BaseObject
-      # client asked for single object by DN
-      @dir.update
-      obj = @dir.data[basedn]
-      raise LDAP::ResultError::NoSuchObject unless obj
-      ok = LDAP::Server::Filter.run(filter, obj)
-      $debug << "Match=#{ok.inspect}: #{obj.inspect}\n" if $debug
-      send_SearchResultEntry(basedn, obj) if ok
-
-    when LDAP::Server::WholeSubtree
-      @dir.update
-      @dir.data.each do |dn, av|
-        $debug << "Considering #{dn}\n" if $debug
-        next unless dn.index(basedn, -basedn.length)    # under basedn?
-        next unless LDAP::Server::Filter.run(filter, av)  # attribute filter?
-        $debug << "Sending: #{av.inspect}\n" if $debug
-        send_SearchResultEntry(dn, av)
-      end
-
-    else
-      raise LDAP::ResultError::UnwillingToPerform, "OneLevel not implemented"
-
-    end
-  end
-
-  def add(dn, entry)
-    entry = @schema.validate(entry)
-    entry['createTimestamp'] = [Time.now.gmtime.strftime("%Y%m%d%H%MZ")]
-    entry['creatorsName'] = [@connection.binddn.to_s]
-    # FIXME: normalize the DN and check it's below our root DN
-    # FIXME: validate that a superior object exists
-    # FIXME: validate that entry contains the RDN attribute (yuk)
-    dn.downcase!
-    @dir.lock do
-      @dir.update
-      raise LDAP::ResultError::EntryAlreadyExists if @dir.data[dn]
-      @dir.data[dn] = entry
-      @dir.write
-    end
-  end
-
-  def del(dn)
-    dn.downcase!
-    @dir.lock do
-      @dir.update
-      raise LDAP::ResultError::NoSuchObject unless @dir.data.has_key?(dn)
-      @dir.data.delete(dn)
-      @dir.write
-    end
-  end
-
-  def modify(dn, ops)
-    dn.downcase!
-    @dir.lock do
-      @dir.update
-      entry = @dir.data[dn]
-      raise LDAP::ResultError::NoSuchObject unless entry
-      entry = @schema.validate(ops, entry)  # also does the update
-      entry['modifyTimestamp'] = [Time.now.gmtime.strftime("%Y%m%d%H%MZ")]
-      entry['modifiersName'] = [@connection.binddn.to_s]
-      @dir.data[dn] = entry
-      @dir.write
-    end
-  end
-end
-
-directory = Directory.new("ldapdb.yaml")
-
-schema = LDAP::Server::Schema.new
-schema.load_system
-schema.load_file("../test/core.schema")
-schema.resolve_oids
-
-s = LDAP::Server.new(
-	:port			=> 1389,
-	:nodelay		=> true,
-	:listen			=> 10,
-#	:ssl_key_file		=> "key.pem",
-#	:ssl_cert_file		=> "cert.pem",
-#	:ssl_on_connect		=> true,
-	:operation_class	=> DirOperation,
-	:operation_args		=> [directory],
-	:schema			=> schema,
-	:namingContexts		=> ['dc=example,dc=com']
-)
-s.run_prefork
-s.join

data/vendor/ruby-ldapserver/examples/speedtest.rb

@@ -1,37 +0,0 @@
-#!/usr/local/bin/ruby
-
-require 'ldap'
-
-CHILDREN = 10
-CONNECTS = 1	# per child
-SEARCHES = 100	# per connection
-
-pids = []
-CHILDREN.times do
-  pids << fork do
-    CONNECTS.times do
-      conn = LDAP::Conn.new("localhost",1389)
-      conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
-      conn.bind
-      SEARCHES.times do
-        res = conn.search("cn=Fred Flintstone,dc=example,dc=com", LDAP::LDAP_SCOPE_BASE,
-                          "(objectclass=*)") do |e|
-          #puts "#{$$} #{e.dn.inspect}"
-        end
-      end
-      conn.unbind
-    end
-  end
-end
-okcount = 0
-badcount = 0
-pids.each do |p|
-  Process.wait(p)
-  if $?.exitstatus == 0
-    okcount += 1
-  else
-    badcount += 1
-  end
-end
-puts "Children finished: #{okcount} ok, #{badcount} failed"
-exit badcount > 0 ? 1 : 0

data/vendor/ruby-ldapserver/lib/ldap/server.rb

@@ -1,4 +0,0 @@
-require 'ldap/server/result'
-require 'ldap/server/connection'
-require 'ldap/server/operation'
-require 'ldap/server/server'

data/vendor/ruby-ldapserver/lib/ldap/server/connection.rb

@@ -1,276 +0,0 @@
-require 'thread'
-require 'openssl'
-require 'ldap/server/result'
-
-module LDAP
-class Server
-
-  # An object which handles an LDAP connection. Note that LDAP allows
-  # requests and responses to be exchanged asynchronously: e.g. a client
-  # can send three requests, and the three responses can come back in
-  # any order. For that reason, we start a new thread for each request,
-  # and we need a mutex on the io object so that multiple responses don't
-  # interfere with each other.
-
-  class Connection
-    attr_reader :binddn, :version, :opt
-
-    def initialize(io, opt={})
-      @io = io
-      @opt = opt
-      @mutex = Mutex.new
-      @active_reqs = {}   # map message ID to thread object
-      @binddn = nil
-      @version = 3
-      @logger = @opt[:logger] || $stderr
-      @ssl = false
-
-      startssl if @opt[:ssl_on_connect]
-    end
-
-    def log(msg)
-      @logger << "[#{@io.peeraddr[3]}]: #{msg}\n"
-    end
-
-    def startssl # :yields:
-      @mutex.synchronize do
-        raise LDAP::ResultError::OperationsError if @ssl or @active_reqs.size > 0
-        yield if block_given?
-        @io = OpenSSL::SSL::SSLSocket.new(@io, @opt[:ssl_ctx])
-        @io.sync_close = true
-        @io.accept
-        @ssl = true
-      end
-    end
-
-    # Read one ASN1 element from the given stream.
-    # Return String containing the raw element.
-
-    def ber_read(io)
-      blk = io.read(2)		# minimum: short tag, short length
-      throw(:close) if blk.nil?
-
-      codepoints = blk.respond_to?(:codepoints) ? blk.codepoints.to_a : blk
-
-      tag = codepoints[0] & 0x1f
-      len = codepoints[1]
-
-      if tag == 0x1f		# long form
-        tag = 0
-        while true
-          ch = io.getc
-          blk << ch
-          tag = (tag << 7) | (ch & 0x7f)
-          break if (ch & 0x80) == 0
-        end
-        len = io.getc
-        blk << len
-      end
-
-      if (len & 0x80) != 0	# long form
-        len = len & 0x7f
-        raise LDAP::ResultError::ProtocolError, "Indefinite length encoding not supported" if len == 0
-        offset = blk.length
-        blk << io.read(len)
-        # is there a more efficient way of doing this?
-        len = 0
-        blk[offset..-1].each_byte { |b| len = (len << 8) | b }
-      end
-
-      offset = blk.length
-      blk << io.read(len)
-      return blk
-      # or if we wanted to keep the partial decoding we've done:
-      # return blk, [blk[0] >> 6, tag], offset
-    end
-
-    def handle_requests
-      operationClass = @opt[:operation_class]
-      ocArgs = @opt[:operation_args] || []
-      catch(:close) do
-        while true
-          begin
-            blk = ber_read(@io)
-            asn1 = OpenSSL::ASN1::decode(blk)
-            # Debugging:
-            # puts "Request: #{blk.unpack("H*")}\n#{asn1.inspect}" if $debug
-
-            raise LDAP::ResultError::ProtocolError, "LDAPMessage must be SEQUENCE" unless asn1.is_a?(OpenSSL::ASN1::Sequence)
-            raise LDAP::ResultError::ProtocolError, "Bad Message ID" unless asn1.value[0].is_a?(OpenSSL::ASN1::Integer)
-            messageId = asn1.value[0].value
-
-            protocolOp = asn1.value[1]
-            raise LDAP::ResultError::ProtocolError, "Bad protocolOp" unless protocolOp.is_a?(OpenSSL::ASN1::ASN1Data)
-            raise LDAP::ResultError::ProtocolError, "Bad protocolOp tag class" unless protocolOp.tag_class == :APPLICATION
-
-            # controls are not properly implemented
-            c = asn1.value[2]
-            if c.is_a?(OpenSSL::ASN1::ASN1Data) and c.tag_class == :APPLICATION and c.tag == 0
-              controls = c.value
-            end
-
-            case protocolOp.tag
-            when 0 # BindRequest
-              abandon_all
-              @binddn, @version = operationClass.new(self,messageId,*ocArgs).
-                                  do_bind(protocolOp, controls)
-
-            when 2 # UnbindRequest
-              throw(:close)
-
-            when 3 # SearchRequest
-              # Note: RFC 2251 4.4.4.1 says behaviour is undefined if
-              # client sends an overlapping request with same message ID,
-              # so we don't have to worry about the case where there is
-              # already a thread with this id in @active_reqs.
-              # However, to avoid a race we copy messageId/
-              # protocolOp/controls into thread-local variables, because
-              # they will change when the next request comes in.
-              #
-              # There is a theoretical race condition here: a client could
-              # send an abandon request before Thread.current is assigned to
-              # @active_reqs[thrm]. It's not a problem, because abandon isn't
-              # guaranteed to work anyway. Doing it this way ensures that
-              # @active_reqs does not leak memory on a long-lived connection.
-
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_search(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
-
-            when 6 # ModifyRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_modify(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
-
-            when 8 # AddRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_add(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
-
-            when 10 # DelRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_del(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
-
-            when 12 # ModifyDNRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_modifydn(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
-
-            when 14 # CompareRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_compare(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
-
-            when 16 # AbandonRequest
-              abandon(protocolOp.value)
-
-            else
-              raise LDAP::ResultError::ProtocolError, "Unrecognised protocolOp tag #{protocolOp.tag}"
-            end
-
-          rescue LDAP::ResultError::ProtocolError, OpenSSL::ASN1::ASN1Error => e
-            send_notice_of_disconnection(LDAP::ResultError::ProtocolError.new.to_i, e.message)
-            throw(:close)
-
-          # all other exceptions propagate up and are caught by tcpserver
-          end
-        end
-      end
-      abandon_all
-    end
-
-    def write(data)
-      @mutex.synchronize do
-        @io.write(data)
-        @io.flush
-      end
-    end
-
-    def writelock
-      @mutex.synchronize do
-        yield @io
-        @io.flush
-      end
-    end
-
-    def abandon(messageID)
-      @mutex.synchronize do
-        thread = @active_reqs.delete(messageID)
-        thread.raise LDAP::Abandon if thread and thread.alive?
-      end
-    end
-
-    def abandon_all
-      return if @active_reqs.size == 0
-      @mutex.synchronize do
-        @active_reqs.each do |id, thread|
-          thread.raise LDAP::Abandon if thread.alive?
-        end
-        @active_reqs = {}
-      end
-    end
-
-    def send_unsolicited_notification(resultCode, opt={})
-      protocolOp = [
-        OpenSSL::ASN1::Enumerated(resultCode),
-        OpenSSL::ASN1::OctetString(opt[:matchedDN] || ""),
-        OpenSSL::ASN1::OctetString(opt[:errorMessage] || ""),
-      ]
-      if opt[:referral]
-        rs = opt[:referral].collect { |r| OpenSSL::ASN1::OctetString(r) }
-        protocolOp << OpenSSL::ASN1::Sequence(rs, 3, :IMPLICIT, :APPLICATION)
-      end
-      if opt[:responseName]
-        protocolOp << OpenSSL::ASN1::OctetString(opt[:responseName], 10, :IMPLICIT, :APPLICATION)
-      end
-      if opt[:response]
-        protocolOp << OpenSSL::ASN1::OctetString(opt[:response], 11, :IMPLICIT, :APPLICATION)
-      end
-      message = [
-        OpenSSL::ASN1::Integer(0),
-        OpenSSL::ASN1::Sequence(protocolOp, 24, :IMPLICIT, :APPLICATION),
-      ]
-      message << opt[:controls] if opt[:controls]
-      write(OpenSSL::ASN1::Sequence(message).to_der)
-    end
-
-    def send_notice_of_disconnection(resultCode, errorMessage="")
-      send_unsolicited_notification(resultCode,
-        :errorMessage=>errorMessage,
-        :responseName=>"1.3.6.1.4.1.1466.20036"
-      )
-    end
-  end
-end # class Server
-end # module LDAP