net-ldap 0.0.5

data/test/common.rb

@@ -0,0 +1,7 @@
+# Add 'lib' to load path.
+$LOAD_PATH.unshift "#{File.dirname(__FILE__)}/../lib"
+
+require 'rubygems'
+require 'test/unit'
+
+require 'net/ldap'

data/test/test_ber.rb

@@ -0,0 +1,100 @@
+# $Id: testber.rb 230 2006-12-19 18:27:57Z blackhedd $
+
+require 'common'
+
+class TestBer < Test::Unit::TestCase
+
+	def test_encode_boolean
+		assert_equal( "\x01\x01\x01", true.to_ber ) # should actually be: 01 01 ff
+		assert_equal( "\x01\x01\x00", false.to_ber )
+	end
+
+	#def test_encode_nil
+	#	assert_equal( "\x05\x00", nil.to_ber )
+	#end
+
+	def test_encode_integer
+
+		# Fixnum
+		#
+		#assert_equal( "\x02\x02\x96\x46", -27_066.to_ber )
+		#assert_equal( "\x02\x02\xFF\x7F", -129.to_ber )
+		#assert_equal( "\x02\x01\x80", -128.to_ber )
+		#assert_equal( "\x02\x01\xFF", -1.to_ber )
+
+		assert_equal( "\x02\x01\x00", 0.to_ber )
+		assert_equal( "\x02\x01\x01", 1.to_ber )
+		assert_equal( "\x02\x01\x7F", 127.to_ber )
+		assert_equal( "\x02\x02\x00\x80", 128.to_ber )
+		assert_equal( "\x02\x02\x00\xFF", 255.to_ber )
+
+		assert_equal( "\x02\x02\x01\x00", 256.to_ber )
+		assert_equal( "\x02\x03\x00\xFF\xFF", 65535.to_ber )
+
+		assert_equal( "\x02\x03\x01\x00\x00", 65536.to_ber )
+		assert_equal( "\x02\x04\x00\xFF\xFF\xFF", 16_777_215.to_ber )
+
+		assert_equal( "\x02\x04\x01\x00\x00\x00", 0x01000000.to_ber )
+		assert_equal( "\x02\x04\x3F\xFF\xFF\xFF", 0x3FFFFFFF.to_ber )
+
+		# Bignum
+		#
+		assert_equal( "\x02\x04\x4F\xFF\xFF\xFF", 0x4FFFFFFF.to_ber )
+		#assert_equal( "\x02\x05\x00\xFF\xFF\xFF\xFF", 0xFFFFFFFF.to_ber )
+	end
+
+	# TOD Add some much bigger numbers
+	# 5000000000 is a Bignum, which hits different code.
+	def test_ber_integers
+		assert_equal( "\002\001\005", 5.to_ber )
+		assert_equal( "\002\002\001\364", 500.to_ber )
+		assert_equal( "\002\003\0\303P", 50000.to_ber )
+		assert_equal( "\002\005\001*\005\362\000", 5000000000.to_ber )
+	end
+
+	def test_ber_bignums
+		# Some of these values are Fixnums and some are Bignums. Different BER code.
+		[
+			5,
+			50,
+			500,
+			5000,
+			50000,
+			500000,
+			5000000,
+			50000000,
+			500000000,
+			1000000000,
+			2000000000,
+			3000000000,
+			4000000000,
+			5000000000
+		].each {|val|
+			assert_equal( val, val.to_ber.read_ber )
+		}
+	end
+
+	def test_ber_parsing
+		assert_equal( 6, "\002\001\006".read_ber( Net::LDAP::AsnSyntax ))
+		assert_equal( "testing", "\004\007testing".read_ber( Net::LDAP::AsnSyntax ))
+	end
+
+	def test_ber_parser_on_ldap_bind_request
+		require 'stringio'
+
+		s = StringIO.new(
+			"0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus" )
+
+		assert_equal(
+			[1, [3, "Administrator", "ad_is_bogus"]],
+			s.read_ber( Net::LDAP::AsnSyntax ))
+	end
+
+	def test_oid
+		oid = Net::BER::BerIdentifiedOid.new( [1,3,6,1,2,1,1,1,0] )
+		assert_equal( "\006\b+\006\001\002\001\001\001\000", oid.to_ber )
+
+		oid = Net::BER::BerIdentifiedOid.new( "1.3.6.1.2.1.1.1.0" )
+		assert_equal( "\006\b+\006\001\002\001\001\001\000", oid.to_ber )
+	end
+end

data/test/test_entry.rb

@@ -0,0 +1,7 @@
+require 'common'
+
+class TestEntry < Test::Unit::TestCase
+	def test_entry
+		# FIX
+	end
+end

data/test/test_filter.rb

@@ -0,0 +1,83 @@
+# $Id: testfilter.rb 245 2007-05-05 02:44:32Z blackhedd $
+
+require 'common'
+
+class TestFilter < Test::Unit::TestCase
+
+	# Note that the RFC doesn't define either less-than or greater-than.
+	def test_rfc_2254
+		Net::LDAP::Filter.from_rfc2254( " ( uid=george*   ) " )
+		Net::LDAP::Filter.from_rfc2254( "uid!=george*" )
+		Net::LDAP::Filter.from_rfc2254( "uid <= george*" )
+		Net::LDAP::Filter.from_rfc2254( "uid>=george*" )
+		Net::LDAP::Filter.from_rfc2254( "uid!=george*" )
+
+		Net::LDAP::Filter.from_rfc2254( "(& (uid!=george* ) (mail=*))" )
+		Net::LDAP::Filter.from_rfc2254( "(| (uid!=george* ) (mail=*))" )
+		Net::LDAP::Filter.from_rfc2254( "(! (mail=*))" )
+	end
+
+	def test_filters_from_ber
+		[
+			Net::LDAP::Filter.eq( "objectclass", "*" ),
+			Net::LDAP::Filter.pres( "objectclass" ),
+			Net::LDAP::Filter.eq( "objectclass", "ou" ),
+			Net::LDAP::Filter.ge( "uid", "500" ),
+			Net::LDAP::Filter.le( "uid", "500" ),
+			(~ Net::LDAP::Filter.pres( "objectclass" )),
+			(Net::LDAP::Filter.pres( "objectclass" ) & Net::LDAP::Filter.pres( "ou" )),
+			(Net::LDAP::Filter.pres( "objectclass" ) & Net::LDAP::Filter.pres( "ou" ) & Net::LDAP::Filter.pres("sn")),
+			(Net::LDAP::Filter.pres( "objectclass" ) | Net::LDAP::Filter.pres( "ou" ) | Net::LDAP::Filter.pres("sn")),
+
+			Net::LDAP::Filter.eq( "objectclass", "*aaa" ),
+			Net::LDAP::Filter.eq( "objectclass", "*aaa*bbb" ),
+			Net::LDAP::Filter.eq( "objectclass", "*aaa*bbb*ccc" ),
+			Net::LDAP::Filter.eq( "objectclass", "aaa*bbb" ),
+			Net::LDAP::Filter.eq( "objectclass", "aaa*bbb*ccc" ),
+			Net::LDAP::Filter.eq( "objectclass", "abc*def*1111*22*g" ),
+			Net::LDAP::Filter.eq( "objectclass", "*aaa*" ),
+			Net::LDAP::Filter.eq( "objectclass", "*aaa*bbb*" ),
+			Net::LDAP::Filter.eq( "objectclass", "*aaa*bbb*ccc*" ),
+			Net::LDAP::Filter.eq( "objectclass", "aaa*" ),
+			Net::LDAP::Filter.eq( "objectclass", "aaa*bbb*" ),
+			Net::LDAP::Filter.eq( "objectclass", "aaa*bbb*ccc*" ),
+		].each {|ber|
+			f = Net::LDAP::Filter.parse_ber( ber.to_ber.read_ber( Net::LDAP::AsnSyntax) )
+			assert( f == ber )
+			assert_equal( f.to_ber, ber.to_ber )
+		}
+
+	end
+
+	def test_ber_from_rfc2254_filter
+		[
+			Net::LDAP::Filter.construct( "objectclass=*" ),
+			Net::LDAP::Filter.construct("objectclass=ou" ),
+			Net::LDAP::Filter.construct("uid >= 500" ),
+			Net::LDAP::Filter.construct("uid <= 500" ),
+			Net::LDAP::Filter.construct("(!(uid=*))" ),
+			Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*))" ),
+			Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*)(sn=*))" ),
+			Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*))" ),
+			Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*)(sn=*))" ),
+
+			Net::LDAP::Filter.construct("objectclass=*aaa"),
+			Net::LDAP::Filter.construct("objectclass=*aaa*bbb"),
+			Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc"),
+			Net::LDAP::Filter.construct("objectclass=aaa*bbb"),
+			Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc"),
+			Net::LDAP::Filter.construct("objectclass=abc*def*1111*22*g"),
+			Net::LDAP::Filter.construct("objectclass=*aaa*"),
+			Net::LDAP::Filter.construct("objectclass=*aaa*bbb*"),
+			Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc*"),
+			Net::LDAP::Filter.construct("objectclass=aaa*"),
+			Net::LDAP::Filter.construct("objectclass=aaa*bbb*"),
+			Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc*"),
+		].each {|ber|
+			f = Net::LDAP::Filter.parse_ber( ber.to_ber.read_ber( Net::LDAP::AsnSyntax) )
+			assert( f == ber )
+			assert_equal( f.to_ber, ber.to_ber )
+		}
+	end
+
+end

data/test/test_ldif.rb

@@ -0,0 +1,59 @@
+# $Id: testldif.rb 61 2006-04-18 20:55:55Z blackhedd $
+
+require 'common'
+
+require 'net/ldif'
+require 'digest/sha1'
+require 'base64'
+
+class TestLdif < Test::Unit::TestCase
+
+  TestLdifFilename = "#{File.dirname(__FILE__)}/testdata.ldif"
+
+  def test_empty_ldif
+    ds = Net::LDAP::Dataset::read_ldif( StringIO.new )
+    assert_equal( true, ds.empty? )
+  end
+
+  def test_ldif_with_comments
+    str = ["# Hello from LDIF-land", "# This is an unterminated comment"]
+    io = StringIO.new( str[0] + "\r\n" + str[1] )
+    ds = Net::LDAP::Dataset::read_ldif( io )
+    assert_equal( str, ds.comments )
+  end
+
+  def test_ldif_with_password
+    psw = "goldbricks"
+    hashed_psw = "{SHA}" + Base64::encode64(Digest::SHA1.digest(psw)).chomp
+
+    ldif_encoded = Base64::encode64( hashed_psw ).chomp
+    ds = Net::LDAP::Dataset::read_ldif( StringIO.new( "dn: Goldbrick\r\nuserPassword:: #{ldif_encoded}\r\n\r\n" ))
+    recovered_psw = ds["Goldbrick"][:userpassword].shift
+    assert_equal( hashed_psw, recovered_psw )
+  end
+
+  def test_ldif_with_continuation_lines
+    ds = Net::LDAP::Dataset::read_ldif( StringIO.new( "dn: abcdefg\r\n   hijklmn\r\n\r\n" ))
+    assert_equal( true, ds.has_key?( "abcdefg hijklmn" ))
+  end
+
+  # TODO, INADEQUATE. We need some more tests
+  # to verify the content.
+  def test_ldif
+    File.open( TestLdifFilename, "r" ) {|f|
+      ds = Net::LDAP::Dataset::read_ldif( f )
+      assert_equal( 13, ds.length )
+    }
+  end
+
+  # TODO, need some tests.
+  # Must test folded lines and base64-encoded lines as well as normal ones.
+  #def test_to_ldif
+  #  File.open( TestLdifFilename, "r" ) {|f|
+  #    ds = Net::LDAP::Dataset::read_ldif( f )
+  #    ds.to_ldif
+  #    assert_equal( true, false ) # REMOVE WHEN WE HAVE SOME TESTS HERE.
+  #  }
+  #end
+
+end

data/test/test_password.rb

@@ -0,0 +1,17 @@
+# $Id: testpsw.rb 72 2006-04-24 21:58:14Z blackhedd $
+
+require 'common'
+
+class TestPassword < Test::Unit::TestCase
+
+  def test_psw
+    assert_equal(
+	"{MD5}xq8jwrcfibi0sZdZYNkSng==",
+	Net::LDAP::Password.generate( :md5, "cashflow" ))
+
+    assert_equal(
+	"{SHA}YE4eGkN4BvwNN1f5R7CZz0kFn14=",
+	Net::LDAP::Password.generate( :sha, "cashflow" ))
+  end
+
+end

data/test/test_snmp.rb

@@ -0,0 +1,130 @@
+# $Id: testsnmp.rb 231 2006-12-21 15:09:29Z blackhedd $
+
+require 'common'
+require 'net/snmp'
+
+class TestSnmp < Test::Unit::TestCase
+
+  SnmpGetRequest = "0'\002\001\000\004\006public\240\032\002\002?*\002\001\000\002\001\0000\0160\f\006\b+\006\001\002\001\001\001\000\005\000"
+  SnmpGetResponse = "0+\002\001\000\004\006public\242\036\002\002'\017\002\001\000\002\001\0000\0220\020\006\b+\006\001\002\001\001\001\000\004\004test"
+
+  SnmpGetRequestXXX = "0'\002\001\000\004\006xxxxxx\240\032\002\002?*\002\001\000\002\001\0000\0160\f\006\b+\006\001\002\001\001\001\000\005\000"
+
+
+  def setup
+  end
+
+  def teardown
+  end
+
+  def test_invalid_packet
+      data = "xxxx"
+      assert_raise( Net::BER::BerError ) {
+	ary = data.read_ber(Net::SNMP::AsnSyntax)
+      }
+
+  end
+
+  # The method String#read_ber! added by Net::BER consumes a well-formed BER object
+  # from the head of a string. If it doesn't find a complete, well-formed BER object,
+  # it returns nil and leaves the string unchanged. If it finds an object, it returns
+  # the object and removes it from the head of the string. This is good for handling
+  # partially-received data streams, such as from network connections.
+  def test_consume_string
+      data = "xxx"
+      assert_equal( nil, data.read_ber! )
+      assert_equal( "xxx", data )
+
+      data = SnmpGetRequest + "!!!"
+      ary = data.read_ber!( Net::SNMP::AsnSyntax )
+      assert_equal( "!!!", data )
+      assert ary.is_a?(Array)
+      assert ary.is_a?(Net::BER::BerIdentifiedArray)
+  end
+
+  def test_weird_packet
+      assert_raise( Net::SnmpPdu::Error ) {
+	Net::SnmpPdu.parse("aaaaaaaaaaaaaa")
+      }
+  end
+
+  def test_get_request
+      data = SnmpGetRequest.dup
+      pkt = data.read_ber(Net::SNMP::AsnSyntax)
+      assert pkt.is_a?(Net::BER::BerIdentifiedArray)
+      assert_equal( 48, pkt.ber_identifier) # Constructed [0], signifies GetRequest
+
+      pdu = Net::SnmpPdu.parse(pkt)
+      assert_equal(:get_request, pdu.pdu_type )
+      assert_equal(16170, pdu.request_id ) # whatever was in the test data. 16170 is not magic.
+      assert_equal( [[[1,3,6,1,2,1,1,1,0],nil]], pdu.variables )
+
+      assert_equal( pdu.to_ber_string, SnmpGetRequest )
+  end
+
+  def test_empty_pdu
+      pdu = Net::SnmpPdu.new
+      assert_raise( Net::SnmpPdu::Error ) {
+	pdu.to_ber_string
+      }
+  end
+
+  def test_malformations
+      pdu = Net::SnmpPdu.new
+	pdu.version = 0
+	pdu.version = 2
+      assert_raise( Net::SnmpPdu::Error ) {
+	pdu.version = 100
+      }
+
+      pdu.pdu_type = :get_request
+      pdu.pdu_type = :get_next_request
+      pdu.pdu_type = :get_response
+      pdu.pdu_type = :set_request
+      pdu.pdu_type = :trap
+      assert_raise( Net::SnmpPdu::Error ) {
+	pdu.pdu_type = :something_else
+      }
+  end
+
+  def test_make_response
+      pdu = Net::SnmpPdu.new
+      pdu.version = 0
+      pdu.community = "public"
+      pdu.pdu_type = :get_response
+      pdu.request_id = 9999
+      pdu.error_status = 0
+      pdu.error_index = 0
+      pdu.add_variable_binding [1,3,6,1,2,1,1,1,0], "test"
+
+      assert_equal( SnmpGetResponse,  pdu.to_ber_string )
+  end
+
+  def test_make_bad_response
+      pdu = Net::SnmpPdu.new
+      assert_raise(Net::SnmpPdu::Error) {pdu.to_ber_string}
+      pdu.pdu_type = :get_response
+      pdu.request_id = 999
+      pdu.to_ber_string
+      # Not specifying variables doesn't create an error. (Maybe it should?)
+  end
+
+  def test_snmp_integers
+      c32 = Net::SNMP::Counter32.new(100)
+      assert_equal( "A\001d", c32.to_ber )
+      g32 = Net::SNMP::Gauge32.new(100)
+      assert_equal( "B\001d", g32.to_ber )
+      t32 = Net::SNMP::TimeTicks32.new(100)
+      assert_equal( "C\001d", t32.to_ber )
+  end
+
+  def test_community
+      data = SnmpGetRequestXXX.dup
+      ary = data.read_ber(Net::SNMP::AsnSyntax)
+      pdu = Net::SnmpPdu.parse( ary )
+      assert_equal( "xxxxxx", pdu.community )
+  end
+
+end
+
+

data/test/testdata.ldif

@@ -0,0 +1,101 @@
+# $Id: testdata.ldif 50 2006-04-17 17:57:33Z blackhedd $
+#
+# This is test-data for an LDAP server in LDIF format.
+#
+dn: dc=bayshorenetworks,dc=com
+objectClass: dcObject
+objectClass: organization
+o: Bayshore Networks LLC
+dc: bayshorenetworks
+
+dn: cn=Manager,dc=bayshorenetworks,dc=com
+objectClass: organizationalrole
+cn: Manager
+
+dn: ou=people,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: people
+
+dn: ou=privileges,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: privileges
+
+dn: ou=roles,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: roles
+
+dn: ou=office,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: office
+
+dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Bob Fosse
+mail: nogoodnik@steamheat.net
+sn: Fosse
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
+hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
+
+dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Gwen Verdon
+mail: elephant@steamheat.net
+sn: Verdon
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+
+dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineering
+ou: privileges
+objectClass: accessPrivilege
+
+dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineer
+ou: roles
+objectClass: accessRole
+hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
+
+dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapadmin
+ou: roles
+objectClass: accessRole
+
+dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapsuperadmin
+ou: roles
+objectClass: accessRole
+
+dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Sid Sorokin
+mail: catperson@steamheat.net
+sn: Sorokin
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+