ldaptic 0.2.0 → 0.2.1

data/lib/ldaptic/methods.rb

@@ -52,6 +52,7 @@ module Ldaptic
     def base=(dn)
       @base = Ldaptic::DN(dn, self)
     end
+    alias dn= base=
     # Access the base DN.
     def base
       @base ||= Ldaptic::DN(adapter.default_base_dn, self)
@@ -140,14 +141,14 @@ module Ldaptic
     private :search_options
 
     def find_one(dn, options)
-      objects = search(options.merge(:base => dn, :scope => :base, :limit => false))
-      unless objects.size == 1
+      object = search(options.merge(:base => dn, :scope => :base, :limit => true))
+      unless object
         # For a missing DN, the error will be raised automatically.  If the
         # DN does exist but is not returned (e.g., it doesn't match the given
         # filter), we'll simulate it instead.
         Ldaptic::Errors.raise(Ldaptic::Errors::NoSuchObject.new("record not found for #{dn}"))
       end
-      objects.first
+      object
     end
     private :find_one
 
@@ -248,19 +249,21 @@ module Ldaptic
 
     # Performs an LDAP add.
     def add(dn, attributes)
-      log_dispatch(:add, dn, attributes)
       attributes = normalize_attributes(attributes)
+      log_dispatch(:add, dn, attributes)
       adapter.add(dn, attributes)
     end
 
     # Performs an LDAP modify.
     def modify(dn, attributes)
-      log_dispatch(:modify, dn, attributes)
       if attributes.kind_of?(Hash)
         attributes = normalize_attributes(attributes)
       else
-        attributes = attributes.map {|(action, key, values)| [action, Ldaptic.encode(key), Array(values)]}
+        attributes = attributes.map do |(action, key, values)|
+          [action, Ldaptic.encode(key), values.respond_to?(:before_type_cast) ? values.before_type_cast : Array(values)]
+        end
       end
+      log_dispatch(:modify, dn, attributes)
       adapter.modify(dn, attributes) unless attributes.empty?
     end
 
@@ -272,7 +275,7 @@ module Ldaptic
 
     # Performs an LDAP modrdn.
     def rename(dn, new_rdn, delete_old, *args)
-      log_dispatch(:delete, dn, new_rdn, delete_old, *args)
+      log_dispatch(:rename, dn, new_rdn, delete_old, *args)
       adapter.rename(dn, new_rdn.to_str, delete_old, *args)
     end
 

data/lib/ldaptic/schema.rb

@@ -200,6 +200,11 @@ module Ldaptic
         Ldaptic::SYNTAXES[syntax_oid]
       end
       alias syntax syntax_object
+
+      def matchable(value)
+        Ldaptic::MatchingRules.for(equality).new.matchable(Ldaptic.encode(value))
+      end
+
     end
 
     class MatchingRule < NameDescObsoleteDefiniton
@@ -244,3 +249,4 @@ module Ldaptic
 end
 
 require 'ldaptic/syntaxes'
+require 'ldaptic/matching_rules'

data/test/ldaptic_adapters_test.rb

@@ -11,7 +11,7 @@ class LdapticAdaptersTest < Test::Unit::TestCase
 
   def test_should_parameterize_search_options
     assert_equal(
-      ["DC=org", 0, "(objectClass=*)", nil, false, 1, 10_000, "", nil],
+      ["DC=org", 0, "(objectClass=*)", nil, false, 1, 10_000],
       @ldap_conn.instance_eval { search_parameters(
         :base => "DC=org",
         :scope => 0,

data/test/ldaptic_attribute_set_test.rb

@@ -35,6 +35,7 @@ class LdapticAttributeSetTest < Test::Unit::TestCase
     assert_equal ["foo", "bar"], @description
     assert_same @description, @description.unshift([["baz"]])
     assert_equal ["baz", "foo", "bar"], @description
+    assert_equal 1, @description.index('foo')
     assert_equal "foo", @description.delete("foo")
     assert_nil   @description.delete("foo")
     @description.clear

data/test/ldaptic_dn_test.rb

@@ -107,4 +107,9 @@ class LdapticDNTest < Test::Unit::TestCase
     assert_raise(TypeError) { Ldaptic::RDN(Object.new => "whee") }
   end
 
+  def test_domain
+    assert_equal 'example.com', Ldaptic::DN('ou=Users,dc=example,dc=com').domain
+    assert_nil Ldaptic::DN('ou=Users').domain
+  end
+
 end

data/test/ldaptic_hierarchy_test.rb

@@ -11,6 +11,7 @@ class LdapticHierarchyTest < Test::Unit::TestCase
     assert_raise(NoMethodError) { Mock.new }
     assert_equal Mock::Top, Mock::Person.superclass
     assert Mock::Person.method_defined?(:sn)
+    assert Mock::Person.method_defined?(:surname)
     assert !Mock::Top.method_defined?(:sn)
     assert_equal [], Mock::Top.aux
     assert_equal %w(simpleSecurityObject), Mock::Person.aux

data/test/ldaptic_matching_rules_test.rb

@@ -0,0 +1,38 @@
+require File.join(File.dirname(File.expand_path(__FILE__)),'test_helper')
+require 'ldaptic/matching_rules'
+
+class LdapticMatchingRulesTest < Test::Unit::TestCase
+  include Ldaptic::MatchingRules
+
+  def test_for
+    assert_equal GeneralizedTimeMatch, Ldaptic::MatchingRules.for("generalizedTimeMatch")
+  end
+
+  def test_case_exact_match
+    assert  CaseExactMatch.new.match('  A bc', 'A  bc')
+    assert !CaseExactMatch.new.match('  A bc', 'a  bC')
+  end
+
+  def test_case_ignore_match
+    assert CaseIgnoreMatch.new.match('  A bc', 'a  bC')
+  end
+
+  def test_generalized_time_match
+    assert_equal Time.utc(2000,1,1,12,34,56), GeneralizedTimeMatch.new.matchable("20000101123456.0Z")
+  end
+
+  def test_numeric_string
+    assert  NumericStringMatch.new.match(' 123  4', '123 4')
+    assert !NumericStringMatch.new.match('1234', '1235')
+  end
+
+  def test_distinguished_name_match
+    assert  DistinguishedNameMatch.new.match('a=1+b=2', 'B=2+A=1')
+    assert !DistinguishedNameMatch.new.match('a=1,b=2', 'b=2,a=1')
+  end
+
+  def test_telephone_number_match
+    assert TelephoneNumberMatch.new.match("911", "9  1-1-")
+  end
+
+end

metadata

@@ -1,12 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: ldaptic
 version: !ruby/object:Gem::Version 
+  hash: 21
   prerelease: false
   segments: 
   - 0
   - 2
-  - 0
-  version: 0.2.0
+  - 1
+  version: 0.2.1
 platform: ruby
 authors: 
 - Tim Pope
@@ -14,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-25 00:00:00 -05:00
+date: 2011-01-30 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -25,6 +26,7 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
+        hash: 59
         segments: 
         - 0
         - 9
@@ -40,6 +42,7 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
+        hash: 27
         segments: 
         - 0
         - 1
@@ -55,6 +58,7 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
+        hash: 7
         segments: 
         - 3
         - 0
@@ -76,7 +80,6 @@ files:
 - LICENSE
 - lib/ldaptic/adapters.rb
 - lib/ldaptic/syntaxes.rb
-- lib/ldaptic/railtie.rb
 - lib/ldaptic/entry.rb
 - lib/ldaptic/filter.rb
 - lib/ldaptic/error_set.rb
@@ -92,8 +95,9 @@ files:
 - lib/ldaptic/adapters/active_directory_ext.rb
 - lib/ldaptic/adapters/net_ldap_adapter.rb
 - lib/ldaptic/adapters/ldap_conn_adapter.rb
-- lib/ldaptic/active_model.rb
+- lib/ldaptic/matching_rules.rb
 - lib/ldaptic.rb
+- test/ldaptic_matching_rules_test.rb
 - test/ldaptic_escape_test.rb
 - test/ldaptic_schema_test.rb
 - test/ldaptic_adapters_test.rb
@@ -104,11 +108,8 @@ files:
 - test/ldaptic_dn_test.rb
 - test/test_helper.rb
 - test/ldaptic_errors_test.rb
-- test/rbslapd1.rb
 - test/ldaptic_hierarchy_test.rb
 - test/ldaptic_attribute_set_test.rb
-- test/core.schema
-- test/rbslapd4.rb
 - test/ldaptic_syntaxes_test.rb
 has_rdoc: true
 homepage: http://github.com/tpope/ldaptic
@@ -124,6 +125,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
@@ -132,6 +134,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"

data/lib/ldaptic/active_model.rb

@@ -1,37 +0,0 @@
-require 'active_model'
-require 'ldaptic'
-
-ActiveModel::EachValidator.class_eval do
-  def validate(record)
-    attributes.each do |attribute|
-      values = record.read_attribute_for_validation(attribute)
-      values = [values] unless values.respond_to?(:before_type_cast)
-      values.each do |value|
-        next if (value.nil? && options[:allow_nil]) || (value.blank? && options[:allow_blank])
-        validate_each(record, attribute, value)
-      end
-    end
-  end
-end
-
-class Ldaptic::Entry
-  include ActiveModel::Validations
-  include ActiveModel::Serializers::Xml
-  include ActiveModel::Serializers::JSON
-  include ActiveModel::Dirty
-  include ActiveModel::Callbacks
-
-  def read_attribute_for_validation(attribute)
-    read_attribute(attribute.to_sym, true)
-  end
-
-  # define_model_callbacks(:save, :destroy)
-
-  validate do
-    @attributes.keys.each do |key|
-      self[key].errors.each do |error|
-        errors.add(key, error)
-      end
-    end
-  end if respond_to?(:validate)
-end

data/lib/ldaptic/railtie.rb

@@ -1,9 +0,0 @@
-require 'ldaptic'
-require 'ldaptic/before_type_cast'
-
-class Ldaptic::Entry
-  include Ldaptic::BeforeTypeCast
-  if defined?(ActiveModel)
-    extend ActiveModel::Naming
-  end
-end

data/test/core.schema

@@ -1,582 +0,0 @@
-# OpenLDAP Core schema
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.68.2.6 2005/01/20 17:01:18 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2005 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-## Portions Copyright (C) The Internet Society (1997-2003).
-## All Rights Reserved.
-##
-## This document and translations of it may be copied and furnished to
-## others, and derivative works that comment on or otherwise explain it
-## or assist in its implementation may be prepared, copied, published
-## and distributed, in whole or in part, without restriction of any
-## kind, provided that the above copyright notice and this paragraph are
-## included on all such copies and derivative works.  However, this
-## document itself may not be modified in any way, such as by removing
-## the copyright notice or references to the Internet Society or other
-## Internet organizations, except as needed for the purpose of
-## developing Internet standards in which case the procedures for
-## copyrights defined in the Internet Standards process must be         
-## followed, or as required to translate it into languages other than
-## English.
-##                                                                      
-## The limited permissions granted above are perpetual and will not be  
-## revoked by the Internet Society or its successors or assigns.        
-## 
-## This document and the information contained herein is provided on an 
-## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
-## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
-## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
-## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
-## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-#
-#
-# Includes LDAPv3 schema items from:
-#	RFC 2252/2256 (LDAPv3)
-#
-# Select standard track schema items:
-#	RFC 1274 (uid/dc)
-#	RFC 2079 (URI)
-#	RFC 2247 (dc/dcObject)
-#	RFC 2587 (PKI)
-#	RFC 2589 (Dynamic Directory Services)
-#
-# Select informational schema items:
-#	RFC 2377 (uidObject)
-
-#
-# Standard attribute types from RFC 2256
-#
-
-# system schema
-#attributetype ( 2.5.4.0 NAME 'objectClass'
-#	DESC 'RFC2256: object classes of the entity'
-#	EQUALITY objectIdentifierMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
-
-# system schema
-#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
-#	DESC 'RFC2256: name of aliased object'
-#	EQUALITY distinguishedNameMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
-
-attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
-	DESC 'RFC2256: knowledge information'
-	EQUALITY caseIgnoreMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-
-# system schema
-#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' )
-#	DESC 'RFC2256: common name(s) for which the entity is known by'
-#	SUP name )
-
-attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' )
-	DESC 'RFC2256: last (family) name(s) for which the entity is known by'
-	SUP name )
-
-attributetype ( 2.5.4.5 NAME 'serialNumber'
-	DESC 'RFC2256: serial number of the entity'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
-
-attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
-	DESC 'RFC2256: ISO-3166 country 2-letter code'
-	EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
-	SINGLE-VALUE )
-
-attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
-	DESC 'RFC2256: locality which this object resides in'
-	SUP name )
-
-attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
-	DESC 'RFC2256: state or province which this object resides in'
-	SUP name )
-
-attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
-	DESC 'RFC2256: street address of this object'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-
-attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' )
-	DESC 'RFC2256: organization this object belongs to'
-	SUP name )
-
-attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
-	DESC 'RFC2256: organizational unit this object belongs to'
-	SUP name )
-
-attributetype ( 2.5.4.12 NAME 'title'
-	DESC 'RFC2256: title associated with the entity'
-	SUP name )
-
-attributetype ( 2.5.4.13 NAME 'description'
-	DESC 'RFC2256: descriptive information'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
-
-# Obsoleted by enhancedSearchGuide
-attributetype ( 2.5.4.14 NAME 'searchGuide'
-	DESC 'RFC2256: search guide, obsoleted by enhancedSearchGuide'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
-
-attributetype ( 2.5.4.15 NAME 'businessCategory'
-	DESC 'RFC2256: business category'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-
-attributetype ( 2.5.4.16 NAME 'postalAddress'
-	DESC 'RFC2256: postal address'
-	EQUALITY caseIgnoreListMatch
-	SUBSTR caseIgnoreListSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
-
-attributetype ( 2.5.4.17 NAME 'postalCode'
-	DESC 'RFC2256: postal code'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
-
-attributetype ( 2.5.4.18 NAME 'postOfficeBox'
-	DESC 'RFC2256: Post Office Box'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
-
-attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
-	DESC 'RFC2256: Physical Delivery Office Name'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-
-attributetype ( 2.5.4.20 NAME 'telephoneNumber'
-	DESC 'RFC2256: Telephone Number'
-	EQUALITY telephoneNumberMatch
-	SUBSTR telephoneNumberSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
-
-attributetype ( 2.5.4.21 NAME 'telexNumber'
-	DESC 'RFC2256: Telex Number'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
-
-attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
-	DESC 'RFC2256: Teletex Terminal Identifier'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
-
-attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
-	DESC 'RFC2256: Facsimile (Fax) Telephone Number'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
-
-attributetype ( 2.5.4.24 NAME 'x121Address'
-	DESC 'RFC2256: X.121 Address'
-	EQUALITY numericStringMatch
-	SUBSTR numericStringSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
-
-attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
-	DESC 'RFC2256: international ISDN number'
-	EQUALITY numericStringMatch
-	SUBSTR numericStringSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
-
-attributetype ( 2.5.4.26 NAME 'registeredAddress'
-	DESC 'RFC2256: registered postal address'
-	SUP postalAddress
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
-
-attributetype ( 2.5.4.27 NAME 'destinationIndicator'
-	DESC 'RFC2256: destination indicator'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
-
-attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
-	DESC 'RFC2256: preferred delivery method'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
-	SINGLE-VALUE )
-
-attributetype ( 2.5.4.29 NAME 'presentationAddress'
-	DESC 'RFC2256: presentation address'
-	EQUALITY presentationAddressMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
-	SINGLE-VALUE )
-
-attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
-	DESC 'RFC2256: supported application context'
-	EQUALITY objectIdentifierMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
-
-attributetype ( 2.5.4.31 NAME 'member'
-	DESC 'RFC2256: member of a group'
-	SUP distinguishedName )
-
-attributetype ( 2.5.4.32 NAME 'owner'
-	DESC 'RFC2256: owner (of the object)'
-	SUP distinguishedName )
-
-attributetype ( 2.5.4.33 NAME 'roleOccupant'
-	DESC 'RFC2256: occupant of role'
-	SUP distinguishedName )
-
-attributetype ( 2.5.4.34 NAME 'seeAlso'
-	DESC 'RFC2256: DN of related object'
-	SUP distinguishedName )
-
-# system schema
-#attributetype ( 2.5.4.35 NAME 'userPassword'
-#	DESC 'RFC2256/2307: password of user'
-#	EQUALITY octetStringMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
-
-# Must be transferred using ;binary
-# with certificateExactMatch rule (per X.509)
-attributetype ( 2.5.4.36 NAME 'userCertificate'
-	DESC 'RFC2256: X.509 user certificate, use ;binary'
-	EQUALITY certificateExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
-
-# Must be transferred using ;binary
-# with certificateExactMatch rule (per X.509)
-attributetype ( 2.5.4.37 NAME 'cACertificate'
-	DESC 'RFC2256: X.509 CA certificate, use ;binary'
-	EQUALITY certificateExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
-	DESC 'RFC2256: X.509 authority revocation list, use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
-	DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-
-# Must be stored and requested in the binary form
-attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
-	DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
-
-# 2.5.4.41 is defined above as it's used for subtyping
-#attributetype ( 2.5.4.41 NAME 'name'
-#	EQUALITY caseIgnoreMatch
-#	SUBSTR caseIgnoreSubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-
-attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
-	DESC 'RFC2256: first name(s) for which the entity is known by'
-	SUP name )
-
-attributetype ( 2.5.4.43 NAME 'initials'
-	DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
-	SUP name )
-
-attributetype ( 2.5.4.44 NAME 'generationQualifier'
-	DESC 'RFC2256: name qualifier indicating a generation'
-	SUP name )
-
-attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
-	DESC 'RFC2256: X.500 unique identifier'
-	EQUALITY bitStringMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
-
-attributetype ( 2.5.4.46 NAME 'dnQualifier'
-	DESC 'RFC2256: DN qualifier'
-	EQUALITY caseIgnoreMatch
-	ORDERING caseIgnoreOrderingMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
-
-attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
-	DESC 'RFC2256: enhanced search guide'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
-
-attributetype ( 2.5.4.48 NAME 'protocolInformation'
-	DESC 'RFC2256: protocol information'
-	EQUALITY protocolInformationMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
-
-# 2.5.4.49 is defined above as it's used for subtyping
-#attributetype ( 2.5.4.49 NAME 'distinguishedName'
-#	EQUALITY distinguishedNameMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-
-attributetype ( 2.5.4.50 NAME 'uniqueMember'
-	DESC 'RFC2256: unique member of a group'
-	EQUALITY uniqueMemberMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
-
-attributetype ( 2.5.4.51 NAME 'houseIdentifier'
-	DESC 'RFC2256: house identifier'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
-	DESC 'RFC2256: supported algorithms'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
-	DESC 'RFC2256: delta revocation list; use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-
-attributetype ( 2.5.4.54 NAME 'dmdName'
-	DESC 'RFC2256: name of DMD'
-	SUP name )
-
-
-# Standard object classes from RFC2256
-
-# system schema
-#objectclass ( 2.5.6.1 NAME 'alias'
-#	DESC 'RFC2256: an alias'
-#	SUP top STRUCTURAL
-#	MUST aliasedObjectName )
-
-objectclass ( 2.5.6.2 NAME 'country'
-	DESC 'RFC2256: a country'
-	SUP top STRUCTURAL
-	MUST c
-	MAY ( searchGuide $ description ) )
-
-objectclass ( 2.5.6.3 NAME 'locality'
-	DESC 'RFC2256: a locality'
-	SUP top STRUCTURAL
-	MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
-
-objectclass ( 2.5.6.4 NAME 'organization'
-	DESC 'RFC2256: an organization'
-	SUP top STRUCTURAL
-	MUST o
-	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-		x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $
-		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-		postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
-
-objectclass ( 2.5.6.5 NAME 'organizationalUnit'
-	DESC 'RFC2256: an organizational unit'
-	SUP top STRUCTURAL
-	MUST ou
-	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-		x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $
-		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-		postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
-
-objectclass ( 2.5.6.6 NAME 'person'
-	DESC 'RFC2256: a person'
-	SUP top STRUCTURAL
-	MUST ( sn $ cn )
-	MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
-
-objectclass ( 2.5.6.7 NAME 'organizationalPerson'
-	DESC 'RFC2256: an organizational person'
-	SUP person STRUCTURAL
-	MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $
-		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-		postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
-
-objectclass ( 2.5.6.8 NAME 'organizationalRole'
-	DESC 'RFC2256: an organizational role'
-	SUP top STRUCTURAL
-	MUST cn
-	MAY ( x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
-		seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
-		postOfficeBox $ postalCode $ postalAddress $
-		physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
-
-objectclass ( 2.5.6.9 NAME 'groupOfNames'
-	DESC 'RFC2256: a group of names (DNs)'
-	SUP top STRUCTURAL
-	MUST ( member $ cn )
-	MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
-
-objectclass ( 2.5.6.10 NAME 'residentialPerson'
-	DESC 'RFC2256: an residential person'
-	SUP person STRUCTURAL
-	MUST l
-	MAY ( businessCategory $ x121Address $ registeredAddress $
-		destinationIndicator $ preferredDeliveryMethod $ telexNumber $
-		teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
-		facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
-		postOfficeBox $ postalCode $ postalAddress $
-		physicalDeliveryOfficeName $ st $ l ) )
-
-objectclass ( 2.5.6.11 NAME 'applicationProcess'
-	DESC 'RFC2256: an application process'
-	SUP top STRUCTURAL
-	MUST cn
-	MAY ( seeAlso $ ou $ l $ description ) )
-
-objectclass ( 2.5.6.12 NAME 'applicationEntity'
-	DESC 'RFC2256: an application entity'
-	SUP top STRUCTURAL
-	MUST ( presentationAddress $ cn )
-	MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
-	description ) )
-
-objectclass ( 2.5.6.13 NAME 'dSA'
-	DESC 'RFC2256: a directory system agent (a server)'
-	SUP applicationEntity STRUCTURAL
-	MAY knowledgeInformation )
-
-objectclass ( 2.5.6.14 NAME 'device'
-	DESC 'RFC2256: a device'
-	SUP top STRUCTURAL
-	MUST cn
-	MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
-
-objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser'
-	DESC 'RFC2256: a strong authentication user'
-	SUP top AUXILIARY
-	MUST userCertificate )
-
-objectclass ( 2.5.6.16 NAME 'certificationAuthority'
-	DESC 'RFC2256: a certificate authority'
-	SUP top AUXILIARY
-	MUST ( authorityRevocationList $ certificateRevocationList $
-		cACertificate ) MAY crossCertificatePair )
-
-objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
-	DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
-	SUP top STRUCTURAL
-	MUST ( uniqueMember $ cn )
-	MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
-
-objectclass ( 2.5.6.18 NAME 'userSecurityInformation'
-	DESC 'RFC2256: a user security information'
-	SUP top AUXILIARY
-	MAY ( supportedAlgorithms ) )
-
-objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
-	SUP certificationAuthority
-	AUXILIARY MAY ( deltaRevocationList ) )
-
-objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint'
-	SUP top STRUCTURAL
-	MUST ( cn )
-	MAY ( certificateRevocationList $ authorityRevocationList $
-		deltaRevocationList ) )
-
-objectclass ( 2.5.6.20 NAME 'dmd'
-	SUP top STRUCTURAL
-	MUST ( dmdName )
-	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-		x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
-		street $ postOfficeBox $ postalCode $ postalAddress $
-		physicalDeliveryOfficeName $ st $ l $ description ) )
-
-#
-# Object Classes from RFC 2587
-#
-objectclass ( 2.5.6.21 NAME 'pkiUser'
-	DESC 'RFC2587: a PKI user'
-	SUP top AUXILIARY
-	MAY userCertificate )
-
-objectclass ( 2.5.6.22 NAME 'pkiCA'
-	DESC 'RFC2587: PKI certificate authority'
-	SUP top AUXILIARY
-	MAY ( authorityRevocationList $ certificateRevocationList $
-		cACertificate $ crossCertificatePair ) )
-
-objectclass ( 2.5.6.23 NAME 'deltaCRL'
-	DESC 'RFC2587: PKI user'
-	SUP top AUXILIARY
-	MAY deltaRevocationList )
-
-#
-# Standard Track URI label schema from RFC 2079
-# system schema
-#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
-#	DESC 'RFC2079: Uniform Resource Identifier with optional label'
-#	EQUALITY caseExactMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
-objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
-	DESC 'RFC2079: object that contains the URI attribute type'
-	SUP top AUXILIARY
-	MAY labeledURI )
-
-#
-# Derived from RFC 1274, but with new "short names"
-#
-attributetype ( 0.9.2342.19200300.100.1.1
-	NAME ( 'uid' 'userid' )
-	DESC 'RFC1274: user identifier'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-attributetype ( 0.9.2342.19200300.100.1.3
-	NAME ( 'mail' 'rfc822Mailbox' )
-	DESC 'RFC1274: RFC822 Mailbox'
-    EQUALITY caseIgnoreIA5Match
-    SUBSTR caseIgnoreIA5SubstringsMatch
-    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-
-objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
-	DESC 'RFC1274: simple security object'
-	SUP top AUXILIARY
-	MUST userPassword )
-
-# RFC 1274 + RFC 2247
-attributetype ( 0.9.2342.19200300.100.1.25
-	NAME ( 'dc' 'domainComponent' )
-	DESC 'RFC1274/2247: domain component'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-
-# RFC 2247
-objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
-	DESC 'RFC2247: domain component object'
-	SUP top AUXILIARY MUST dc )
-
-# RFC 2377
-objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
-	DESC 'RFC2377: uid object'
-	SUP top AUXILIARY MUST uid )
-
-# From COSINE Pilot
-attributetype ( 0.9.2342.19200300.100.1.37
-	NAME 'associatedDomain'
-	DESC 'RFC1274: domain associated with object'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema)
-attributetype ( 1.2.840.113549.1.9.1
-	NAME ( 'email' 'emailAddress' 'pkcs9email' )
-	DESC 'RFC2459: legacy attribute for email addresses in DNs'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
-