net-ldap 0.12.0 → 0.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Contributors.rdoc +1 -0
- data/History.rdoc +112 -0
- data/README.rdoc +19 -9
- data/lib/net/ber/ber_parser.rb +4 -4
- data/lib/net/ber/core_ext/array.rb +1 -1
- data/lib/net/ber/core_ext/integer.rb +1 -1
- data/lib/net/ber/core_ext/string.rb +1 -1
- data/lib/net/ber/core_ext.rb +6 -6
- data/lib/net/ber.rb +39 -9
- data/lib/net/ldap/auth_adapter/gss_spnego.rb +9 -8
- data/lib/net/ldap/auth_adapter/sasl.rb +6 -4
- data/lib/net/ldap/auth_adapter/simple.rb +1 -1
- data/lib/net/ldap/connection.rb +173 -52
- data/lib/net/ldap/dataset.rb +3 -5
- data/lib/net/ldap/dn.rb +21 -30
- data/lib/net/ldap/entry.rb +15 -7
- data/lib/net/ldap/error.rb +2 -25
- data/lib/net/ldap/filter.rb +15 -8
- data/lib/net/ldap/instrumentation.rb +2 -2
- data/lib/net/ldap/password.rb +7 -5
- data/lib/net/ldap/pdu.rb +27 -3
- data/lib/net/ldap/version.rb +1 -1
- data/lib/net/ldap.rb +212 -91
- data/lib/net/snmp.rb +19 -19
- data/lib/net-ldap.rb +1 -1
- metadata +27 -96
- data/.gitignore +0 -9
- data/.rubocop.yml +0 -5
- data/.rubocop_todo.yml +0 -462
- data/.travis.yml +0 -31
- data/CONTRIBUTING.md +0 -54
- data/Gemfile +0 -2
- data/Rakefile +0 -23
- data/net-ldap.gemspec +0 -36
- data/script/changelog +0 -47
- data/script/install-openldap +0 -112
- data/script/package +0 -7
- data/script/release +0 -16
- data/test/ber/core_ext/test_array.rb +0 -22
- data/test/ber/core_ext/test_string.rb +0 -25
- data/test/ber/test_ber.rb +0 -145
- data/test/fixtures/cacert.pem +0 -20
- data/test/fixtures/openldap/memberof.ldif +0 -33
- data/test/fixtures/openldap/retcode.ldif +0 -76
- data/test/fixtures/openldap/slapd.conf.ldif +0 -67
- data/test/fixtures/seed.ldif +0 -374
- data/test/integration/test_add.rb +0 -28
- data/test/integration/test_ber.rb +0 -30
- data/test/integration/test_bind.rb +0 -34
- data/test/integration/test_delete.rb +0 -31
- data/test/integration/test_open.rb +0 -88
- data/test/integration/test_return_codes.rb +0 -38
- data/test/integration/test_search.rb +0 -77
- data/test/support/vm/openldap/.gitignore +0 -1
- data/test/support/vm/openldap/README.md +0 -32
- data/test/support/vm/openldap/Vagrantfile +0 -33
- data/test/test_auth_adapter.rb +0 -11
- data/test/test_dn.rb +0 -44
- data/test/test_entry.rb +0 -65
- data/test/test_filter.rb +0 -223
- data/test/test_filter_parser.rb +0 -24
- data/test/test_helper.rb +0 -66
- data/test/test_ldap.rb +0 -67
- data/test/test_ldap_connection.rb +0 -460
- data/test/test_ldif.rb +0 -104
- data/test/test_password.rb +0 -10
- data/test/test_rename.rb +0 -77
- data/test/test_search.rb +0 -39
- data/test/test_snmp.rb +0 -119
- data/test/test_ssl_ber.rb +0 -40
- data/test/testdata.ldif +0 -101
- data/testserver/ldapserver.rb +0 -210
- data/testserver/testdata.ldif +0 -101
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 1fdcc1a3fefe3fb2bf1dbb91ec9e00734252fdda634ae0e2344b9dd6e6b86cd2
|
4
|
+
data.tar.gz: 8526bd506b632e74193c80119280fd4b333731b1e3d75791427a12e62cab775a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e2f9e53240eeedd964463c6bc719cc86e57e5a66c5a769371e16d97005f9b63933797f33384e0192b6e128cc4fec1de46e3cca2886fce963439d86b4b3c0665f
|
7
|
+
data.tar.gz: e4af635dce612600ba48a110ebae1d3c30c00f9c5adcfeba1b6eca1d4d760646674d399cac256f96490bcad6d884146cb891ac14d57f8734556ed7e331baac90
|
data/Contributors.rdoc
CHANGED
data/History.rdoc
CHANGED
@@ -1,3 +1,115 @@
|
|
1
|
+
=== Net::LDAP 0.19.0
|
2
|
+
* Net::LDAP::DN - Retain trailing spaces in RDN values in DNs #412
|
3
|
+
* Add in ability for users to specify LDAP controls when conducting searches #411
|
4
|
+
* Document connect_timeout in Constructor Details #415
|
5
|
+
* Fix openssl error when using multiple hosts #417
|
6
|
+
|
7
|
+
=== Net::LDAP 0.18.0
|
8
|
+
* Fix escaping of # and space in attrs #408
|
9
|
+
* Add support to use SNI #406
|
10
|
+
* Drop Ruby 2.5 and JRuby 9.2 from CI tests
|
11
|
+
* Bump rubocop to 1.48.1
|
12
|
+
* Update CI for TruffleRuby 22
|
13
|
+
|
14
|
+
=== Net::LDAP 0.17.1
|
15
|
+
* Fixed shebang of bash #385
|
16
|
+
* Omit some tests for now until we update our CA cert #386
|
17
|
+
* Add Ruby 3.0 support #388
|
18
|
+
* Add TruffleRuby 21.0.0 to CI #389
|
19
|
+
* Correct a typo in an error message #391
|
20
|
+
* Enable bundler caching for travis #390
|
21
|
+
* Fix circular require while loading lib/net/ldap/entry.rb and lib/net/ldap/dataset.rb #392
|
22
|
+
* Handle nil value in GetbyteForSSLSocket::getbyte #306
|
23
|
+
|
24
|
+
=== Net::LDAP 0.17.0
|
25
|
+
* Added private recursive_delete as alternative to DELETE_TREE #268
|
26
|
+
* Test suite updates #373 #376 #377
|
27
|
+
* Use Base64.strict_encode64 and SSHA256 #303
|
28
|
+
* Remove deprecated ConnectionRefusedError #366
|
29
|
+
* Added method to get a duplicate of the internal Hash #286
|
30
|
+
* remove a circular require #380
|
31
|
+
* fix LdapServerAsnSyntax compile #379
|
32
|
+
* Implement '==' operator for entries #381
|
33
|
+
* fix for undefined method for write exception #383
|
34
|
+
|
35
|
+
=== Net::LDAP 0.16.3
|
36
|
+
|
37
|
+
* Add Net::LDAP::InvalidDNError #371
|
38
|
+
* Use require_relative instead of require #360
|
39
|
+
* Address some warnings and fix JRuby test omissions #365
|
40
|
+
* Bump rake dev dependency to 12.3 #359
|
41
|
+
* Enable rubocop in ci #251
|
42
|
+
* Enhance rubocop configuration and test syntax #344
|
43
|
+
* CI: Drop rbx-2, uninstallable #364
|
44
|
+
* Fix RuboCop warnings #312
|
45
|
+
* Fix wrong error class #305
|
46
|
+
* CONTRIBUTING.md: Repair link to Issues #309
|
47
|
+
* Make the generate() method more idiomatic... #326
|
48
|
+
* Make encode_sort_controls() more idiomatic... #327
|
49
|
+
* Make the instrument() method more idiomatic... #328
|
50
|
+
* Fix uninitialised Net::LDAP::LdapPduError #338
|
51
|
+
* README.rdoc: Use SVG build badge #310
|
52
|
+
* Update TravisCI config to inclue Ruby 2.7 #346
|
53
|
+
* add explicit ** to silence Ruby 2.7 warning #342
|
54
|
+
* Support parsing filters with attribute tags #345
|
55
|
+
* Bump rubocop development dependency version #336
|
56
|
+
* Add link to generated and hosted documentation on rubydoc #319
|
57
|
+
* Fix 'uninitialized constant Net::LDAP::PDU::LdapPduError' error #317
|
58
|
+
* simplify encoding logic: no more chomping required #362
|
59
|
+
|
60
|
+
=== Net::LDAP 0.16.2
|
61
|
+
|
62
|
+
* Net::LDAP#open does not cache bind result {#334}[https://github.com/ruby-ldap/ruby-net-ldap/pull/334]
|
63
|
+
* Fix CI build {#333}[https://github.com/ruby-ldap/ruby-net-ldap/pull/333]
|
64
|
+
* Fix to "undefined method 'result_code'" {#308}[https://github.com/ruby-ldap/ruby-net-ldap/pull/308]
|
65
|
+
* Fixed Exception: incompatible character encodings: ASCII-8BIT and UTF-8 in filter.rb {#285}[https://github.com/ruby-ldap/ruby-net-ldap/pull/285]
|
66
|
+
|
67
|
+
=== Net::LDAP 0.16.1
|
68
|
+
|
69
|
+
* Send DN and newPassword with password_modify request {#271}[https://github.com/ruby-ldap/ruby-net-ldap/pull/271]
|
70
|
+
|
71
|
+
=== Net::LDAP 0.16.0
|
72
|
+
|
73
|
+
* Sasl fix {#281}[https://github.com/ruby-ldap/ruby-net-ldap/pull/281]
|
74
|
+
* enable TLS hostname validation {#279}[https://github.com/ruby-ldap/ruby-net-ldap/pull/279]
|
75
|
+
* update rubocop to 0.42.0 {#278}[https://github.com/ruby-ldap/ruby-net-ldap/pull/278]
|
76
|
+
|
77
|
+
=== Net::LDAP 0.15.0
|
78
|
+
|
79
|
+
* Respect connect_timeout when establishing SSL connections {#273}[https://github.com/ruby-ldap/ruby-net-ldap/pull/273]
|
80
|
+
|
81
|
+
=== Net::LDAP 0.14.0
|
82
|
+
|
83
|
+
* Normalize the encryption parameter passed to the LDAP constructor {#264}[https://github.com/ruby-ldap/ruby-net-ldap/pull/264]
|
84
|
+
* Update Docs: Net::LDAP now requires ruby >= 2 {#261}[https://github.com/ruby-ldap/ruby-net-ldap/pull/261]
|
85
|
+
* fix symbol proc {#255}[https://github.com/ruby-ldap/ruby-net-ldap/pull/255]
|
86
|
+
* fix trailing commas {#256}[https://github.com/ruby-ldap/ruby-net-ldap/pull/256]
|
87
|
+
* fix deprecated hash methods {#254}[https://github.com/ruby-ldap/ruby-net-ldap/pull/254]
|
88
|
+
* fix space after comma {#253}[https://github.com/ruby-ldap/ruby-net-ldap/pull/253]
|
89
|
+
* fix space inside brackets {#252}[https://github.com/ruby-ldap/ruby-net-ldap/pull/252]
|
90
|
+
* Rubocop style fixes {#249}[https://github.com/ruby-ldap/ruby-net-ldap/pull/249]
|
91
|
+
* Lazy initialize Net::LDAP::Connection's internal socket {#235}[https://github.com/ruby-ldap/ruby-net-ldap/pull/235]
|
92
|
+
* Support for rfc3062 Password Modify, closes #163 {#178}[https://github.com/ruby-ldap/ruby-net-ldap/pull/178]
|
93
|
+
|
94
|
+
=== Net::LDAP 0.13.0
|
95
|
+
|
96
|
+
Avoid this release for because of an backwards incompatibility in how encryption
|
97
|
+
is initialized https://github.com/ruby-ldap/ruby-net-ldap/pull/264. We did not
|
98
|
+
yank it because people have already worked around it.
|
99
|
+
|
100
|
+
* Set a connect_timeout for the creation of a socket {#243}[https://github.com/ruby-ldap/ruby-net-ldap/pull/243]
|
101
|
+
* Update bundler before installing gems with bundler {#245}[https://github.com/ruby-ldap/ruby-net-ldap/pull/245]
|
102
|
+
* Net::LDAP#encryption accepts string {#239}[https://github.com/ruby-ldap/ruby-net-ldap/pull/239]
|
103
|
+
* Adds correct UTF-8 encoding to Net::BER::BerIdentifiedString {#242}[https://github.com/ruby-ldap/ruby-net-ldap/pull/242]
|
104
|
+
* Remove 2.3.0-preview since ruby-head already is included {#241}[https://github.com/ruby-ldap/ruby-net-ldap/pull/241]
|
105
|
+
* Drop support for ruby 1.9.3 {#240}[https://github.com/ruby-ldap/ruby-net-ldap/pull/240]
|
106
|
+
* Fixed capitalization of StartTLSError {#234}[https://github.com/ruby-ldap/ruby-net-ldap/pull/234]
|
107
|
+
|
108
|
+
=== Net::LDAP 0.12.1
|
109
|
+
|
110
|
+
* Whitespace formatting cleanup {#236}[https://github.com/ruby-ldap/ruby-net-ldap/pull/236]
|
111
|
+
* Set operation result if LDAP server is not accessible {#232}[https://github.com/ruby-ldap/ruby-net-ldap/pull/232]
|
112
|
+
|
1
113
|
=== Net::LDAP 0.12.0
|
2
114
|
|
3
115
|
* DRY up connection handling logic {#224}[https://github.com/ruby-ldap/ruby-net-ldap/pull/224]
|
data/README.rdoc
CHANGED
@@ -1,4 +1,6 @@
|
|
1
|
-
= Net::LDAP for Ruby
|
1
|
+
= Net::LDAP for Ruby
|
2
|
+
{<img src="https://badge.fury.io/rb/net-ldap.svg" alt="Gem Version" />}[https://badge.fury.io/rb/net-ldap]
|
3
|
+
{<img src="https://travis-ci.org/ruby-ldap/ruby-net-ldap.svg" />}[https://travis-ci.org/ruby-ldap/ruby-net-ldap]
|
2
4
|
|
3
5
|
== Description
|
4
6
|
|
@@ -21,11 +23,11 @@ the most recent LDAP RFCs (4510–4519, plus portions of 4520–4532).
|
|
21
23
|
|
22
24
|
== Synopsis
|
23
25
|
|
24
|
-
See Net::LDAP for documentation and usage samples.
|
26
|
+
See {Net::LDAP on rubydoc.info}[https://www.rubydoc.info/github/ruby-ldap/ruby-net-ldap] for documentation and usage samples.
|
25
27
|
|
26
28
|
== Requirements
|
27
29
|
|
28
|
-
Net::LDAP requires a Ruby
|
30
|
+
Net::LDAP requires a Ruby 2.0.0 compatible interpreter or better.
|
29
31
|
|
30
32
|
== Install
|
31
33
|
|
@@ -52,19 +54,27 @@ This task will run the test suite and the
|
|
52
54
|
|
53
55
|
rake rubotest
|
54
56
|
|
55
|
-
|
57
|
+
CI takes too long? If your local box supports
|
58
|
+
{Docker}[https://www.docker.com/], you can also run integration tests locally.
|
59
|
+
Simply run:
|
56
60
|
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
+
script/ldap-docker
|
62
|
+
INTEGRATION=openldap rake test
|
63
|
+
|
64
|
+
Or, use {Docker Compose}[https://docs.docker.com/compose/]. See docker-compose.yml for available Ruby versions.
|
65
|
+
|
66
|
+
docker-compose run ci-2.7
|
67
|
+
|
68
|
+
CAVEAT: you need to add the following line to /etc/hosts
|
69
|
+
127.0.0.1 ldap.example.org
|
70
|
+
127.0.0.1 cert.mismatch.example.org
|
61
71
|
|
62
72
|
== Release
|
63
73
|
|
64
74
|
This section is for gem maintainers to cut a new version of the gem.
|
65
75
|
|
66
76
|
* Check out a new branch `release-VERSION`
|
67
|
-
* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}
|
77
|
+
* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}[http://semver.org/].
|
68
78
|
* Update `History.rdoc`. Get latest changes with `script/changelog`
|
69
79
|
* Open a pull request with these changes for review
|
70
80
|
* After merging, on the master branch, run `script/release`
|
data/lib/net/ber/ber_parser.rb
CHANGED
@@ -14,7 +14,7 @@ module Net::BER::BERParser
|
|
14
14
|
}
|
15
15
|
constructed = {
|
16
16
|
16 => :array,
|
17
|
-
17 => :array
|
17
|
+
17 => :array,
|
18
18
|
}
|
19
19
|
universal = { :primitive => primitive, :constructed => constructed }
|
20
20
|
|
@@ -172,10 +172,10 @@ module Net::BER::BERParser
|
|
172
172
|
yield id, content_length if block_given?
|
173
173
|
|
174
174
|
if -1 == content_length
|
175
|
-
raise Net::BER::BerError,
|
176
|
-
|
177
|
-
data = read(content_length)
|
175
|
+
raise Net::BER::BerError,
|
176
|
+
"Indeterminite BER content length not implemented."
|
178
177
|
end
|
178
|
+
data = read(content_length)
|
179
179
|
|
180
180
|
parse_ber_object(syntax, id, data)
|
181
181
|
end
|
@@ -89,7 +89,7 @@ module Net::BER::Extensions::Array
|
|
89
89
|
#if our array does not contain at least one array then wrap it in an array before going forward
|
90
90
|
ary = self[0].kind_of?(Array) ? self : [self]
|
91
91
|
ary = ary.collect do |control_sequence|
|
92
|
-
control_sequence.collect
|
92
|
+
control_sequence.collect(&:to_ber).to_ber_sequence.reject_empty_ber_arrays
|
93
93
|
end
|
94
94
|
ary.to_ber_sequence.reject_empty_ber_arrays
|
95
95
|
end
|
data/lib/net/ber/core_ext.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -*- ruby encoding: utf-8 -*-
|
2
|
-
|
2
|
+
require_relative 'ber_parser'
|
3
3
|
# :stopdoc:
|
4
4
|
class IO
|
5
5
|
include Net::BER::BERParser
|
@@ -19,35 +19,35 @@ end
|
|
19
19
|
module Net::BER::Extensions # :nodoc:
|
20
20
|
end
|
21
21
|
|
22
|
-
|
22
|
+
require_relative 'core_ext/string'
|
23
23
|
# :stopdoc:
|
24
24
|
class String
|
25
25
|
include Net::BER::BERParser
|
26
26
|
include Net::BER::Extensions::String
|
27
27
|
end
|
28
28
|
|
29
|
-
|
29
|
+
require_relative 'core_ext/array'
|
30
30
|
# :stopdoc:
|
31
31
|
class Array
|
32
32
|
include Net::BER::Extensions::Array
|
33
33
|
end
|
34
34
|
# :startdoc:
|
35
35
|
|
36
|
-
|
36
|
+
require_relative 'core_ext/integer'
|
37
37
|
# :stopdoc:
|
38
38
|
class Integer
|
39
39
|
include Net::BER::Extensions::Integer
|
40
40
|
end
|
41
41
|
# :startdoc:
|
42
42
|
|
43
|
-
|
43
|
+
require_relative 'core_ext/true_class'
|
44
44
|
# :stopdoc:
|
45
45
|
class TrueClass
|
46
46
|
include Net::BER::Extensions::TrueClass
|
47
47
|
end
|
48
48
|
# :startdoc:
|
49
49
|
|
50
|
-
|
50
|
+
require_relative 'core_ext/false_class'
|
51
51
|
# :stopdoc:
|
52
52
|
class FalseClass
|
53
53
|
include Net::BER::Extensions::FalseClass
|
data/lib/net/ber.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -*- ruby encoding: utf-8 -*-
|
2
|
-
|
2
|
+
require_relative 'ldap/version'
|
3
3
|
|
4
4
|
module Net # :nodoc:
|
5
5
|
##
|
@@ -106,6 +106,7 @@ module Net # :nodoc:
|
|
106
106
|
# <tr><th>CHARACTER STRING</th><th>C</th><td>29: 61 (0x3d, 0b00111101)</td></tr>
|
107
107
|
# <tr><th>BMPString</th><th>P</th><td>30: 30 (0x1e, 0b00011110)</td></tr>
|
108
108
|
# <tr><th>BMPString</th><th>C</th><td>30: 62 (0x3e, 0b00111110)</td></tr>
|
109
|
+
# <tr><th>ExtendedResponse</th><th>C</th><td>107: 139 (0x8b, 0b010001011)</td></tr>
|
109
110
|
# </table>
|
110
111
|
module BER
|
111
112
|
VERSION = Net::LDAP::VERSION
|
@@ -234,7 +235,7 @@ module Net # :nodoc:
|
|
234
235
|
# TODO 20100327 AZ: Should we be allocating an array of 256 values
|
235
236
|
# that will either be +nil+ or an object type symbol, or should we
|
236
237
|
# allocate an empty Hash since unknown values return +nil+ anyway?
|
237
|
-
out = [
|
238
|
+
out = [nil] * 256
|
238
239
|
syntax.each do |tag_class_id, encodings|
|
239
240
|
tag_class = TAG_CLASS[tag_class_id]
|
240
241
|
encodings.each do |encoding_id, classes|
|
@@ -269,7 +270,7 @@ class Net::BER::BerIdentifiedOid
|
|
269
270
|
|
270
271
|
def initialize(oid)
|
271
272
|
if oid.is_a?(String)
|
272
|
-
oid = oid.split(/\./).map
|
273
|
+
oid = oid.split(/\./).map(&:to_i)
|
273
274
|
end
|
274
275
|
@value = oid
|
275
276
|
end
|
@@ -293,14 +294,43 @@ end
|
|
293
294
|
|
294
295
|
##
|
295
296
|
# A String object with a BER identifier attached.
|
297
|
+
#
|
296
298
|
class Net::BER::BerIdentifiedString < String
|
297
299
|
attr_accessor :ber_identifier
|
300
|
+
|
301
|
+
# The binary data provided when parsing the result of the LDAP search
|
302
|
+
# has the encoding 'ASCII-8BIT' (which is basically 'BINARY', or 'unknown').
|
303
|
+
#
|
304
|
+
# This is the kind of a backtrace showing how the binary `data` comes to
|
305
|
+
# BerIdentifiedString.new(data):
|
306
|
+
#
|
307
|
+
# @conn.read_ber(syntax)
|
308
|
+
# -> StringIO.new(self).read_ber(syntax), i.e. included from module
|
309
|
+
# -> Net::BER::BERParser.read_ber(syntax)
|
310
|
+
# -> (private)Net::BER::BERParser.parse_ber_object(syntax, id, data)
|
311
|
+
#
|
312
|
+
# In the `#parse_ber_object` method `data`, according to its OID, is being
|
313
|
+
# 'casted' to one of the Net::BER:BerIdentifiedXXX classes.
|
314
|
+
#
|
315
|
+
# As we are using LDAP v3 we can safely assume that the data is encoded
|
316
|
+
# in UTF-8 and therefore the only thing to be done when instantiating is to
|
317
|
+
# switch the encoding from 'ASCII-8BIT' to 'UTF-8'.
|
318
|
+
#
|
319
|
+
# Unfortunately, there are some ActiveDirectory specific attributes
|
320
|
+
# (like `objectguid`) that should remain binary (do they really?).
|
321
|
+
# Using the `#valid_encoding?` we can trap this cases. Special cases like
|
322
|
+
# Japanese, Korean, etc. encodings might also profit from this. However
|
323
|
+
# I have no clue how this encodings function.
|
298
324
|
def initialize args
|
299
|
-
super
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
325
|
+
super
|
326
|
+
#
|
327
|
+
# Check the encoding of the newly created String and set the encoding
|
328
|
+
# to 'UTF-8' (NOTE: we do NOT change the bytes, but only set the
|
329
|
+
# encoding to 'UTF-8').
|
330
|
+
return unless encoding == Encoding::BINARY
|
331
|
+
current_encoding = encoding
|
332
|
+
force_encoding('UTF-8')
|
333
|
+
force_encoding(current_encoding) unless valid_encoding?
|
304
334
|
end
|
305
335
|
end
|
306
336
|
|
@@ -319,4 +349,4 @@ module Net::BER
|
|
319
349
|
Null = Net::BER::BerIdentifiedNull.new
|
320
350
|
end
|
321
351
|
|
322
|
-
|
352
|
+
require_relative 'ber/core_ext'
|
@@ -1,5 +1,5 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
require_relative '../auth_adapter'
|
2
|
+
require_relative 'sasl'
|
3
3
|
|
4
4
|
module Net
|
5
5
|
class LDAP
|
@@ -22,17 +22,18 @@ module Net
|
|
22
22
|
user, psw = [auth[:username] || auth[:dn], auth[:password]]
|
23
23
|
raise Net::LDAP::BindingInformationInvalidError, "Invalid binding information" unless (user && psw)
|
24
24
|
|
25
|
-
nego = proc
|
25
|
+
nego = proc do |challenge|
|
26
26
|
t2_msg = NTLM::Message.parse(challenge)
|
27
27
|
t3_msg = t2_msg.response({ :user => user, :password => psw },
|
28
28
|
{ :ntlmv2 => true })
|
29
29
|
t3_msg.serialize
|
30
|
-
|
30
|
+
end
|
31
31
|
|
32
|
-
Net::LDAP::AuthAdapter::Sasl.new(@connection).
|
33
|
-
|
34
|
-
|
35
|
-
|
32
|
+
Net::LDAP::AuthAdapter::Sasl.new(@connection).bind \
|
33
|
+
:method => :sasl,
|
34
|
+
:mechanism => "GSS-SPNEGO",
|
35
|
+
:initial_credential => NTLM::Message::Type1.new.serialize,
|
36
|
+
:challenge_response => nego
|
36
37
|
end
|
37
38
|
end
|
38
39
|
end
|
@@ -1,9 +1,11 @@
|
|
1
|
-
|
1
|
+
require_relative '../auth_adapter'
|
2
2
|
|
3
3
|
module Net
|
4
4
|
class LDAP
|
5
5
|
class AuthAdapter
|
6
6
|
class Sasl < Net::LDAP::AuthAdapter
|
7
|
+
MAX_SASL_CHALLENGES = 10
|
8
|
+
|
7
9
|
#--
|
8
10
|
# Required parameters: :mechanism, :initial_credential and
|
9
11
|
# :challenge_response
|
@@ -33,7 +35,7 @@ module Net
|
|
33
35
|
message_id = @connection.next_msgid
|
34
36
|
|
35
37
|
n = 0
|
36
|
-
loop
|
38
|
+
loop do
|
37
39
|
sasl = [mech.to_ber, cred.to_ber].to_ber_contextspecific(3)
|
38
40
|
request = [
|
39
41
|
Net::LDAP::Connection::LdapVersion.to_ber, "".to_ber, sasl
|
@@ -47,10 +49,10 @@ module Net
|
|
47
49
|
end
|
48
50
|
|
49
51
|
return pdu unless pdu.result_code == Net::LDAP::ResultCodeSaslBindInProgress
|
50
|
-
raise Net::LDAP::SASLChallengeOverflowError, "sasl-challenge overflow" if ((n += 1) >
|
52
|
+
raise Net::LDAP::SASLChallengeOverflowError, "sasl-challenge overflow" if ((n += 1) > MAX_SASL_CHALLENGES)
|
51
53
|
|
52
54
|
cred = chall.call(pdu.result_server_sasl_creds)
|
53
|
-
|
55
|
+
end
|
54
56
|
|
55
57
|
raise Net::LDAP::SASLChallengeOverflowError, "why are we here?"
|
56
58
|
end
|