net-ldap 0.12.0 → 0.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Contributors.rdoc +1 -0
- data/History.rdoc +112 -0
- data/README.rdoc +19 -9
- data/lib/net/ber/ber_parser.rb +4 -4
- data/lib/net/ber/core_ext/array.rb +1 -1
- data/lib/net/ber/core_ext/integer.rb +1 -1
- data/lib/net/ber/core_ext/string.rb +1 -1
- data/lib/net/ber/core_ext.rb +6 -6
- data/lib/net/ber.rb +39 -9
- data/lib/net/ldap/auth_adapter/gss_spnego.rb +9 -8
- data/lib/net/ldap/auth_adapter/sasl.rb +6 -4
- data/lib/net/ldap/auth_adapter/simple.rb +1 -1
- data/lib/net/ldap/connection.rb +173 -52
- data/lib/net/ldap/dataset.rb +3 -5
- data/lib/net/ldap/dn.rb +21 -30
- data/lib/net/ldap/entry.rb +15 -7
- data/lib/net/ldap/error.rb +2 -25
- data/lib/net/ldap/filter.rb +15 -8
- data/lib/net/ldap/instrumentation.rb +2 -2
- data/lib/net/ldap/password.rb +7 -5
- data/lib/net/ldap/pdu.rb +27 -3
- data/lib/net/ldap/version.rb +1 -1
- data/lib/net/ldap.rb +212 -91
- data/lib/net/snmp.rb +19 -19
- data/lib/net-ldap.rb +1 -1
- metadata +27 -96
- data/.gitignore +0 -9
- data/.rubocop.yml +0 -5
- data/.rubocop_todo.yml +0 -462
- data/.travis.yml +0 -31
- data/CONTRIBUTING.md +0 -54
- data/Gemfile +0 -2
- data/Rakefile +0 -23
- data/net-ldap.gemspec +0 -36
- data/script/changelog +0 -47
- data/script/install-openldap +0 -112
- data/script/package +0 -7
- data/script/release +0 -16
- data/test/ber/core_ext/test_array.rb +0 -22
- data/test/ber/core_ext/test_string.rb +0 -25
- data/test/ber/test_ber.rb +0 -145
- data/test/fixtures/cacert.pem +0 -20
- data/test/fixtures/openldap/memberof.ldif +0 -33
- data/test/fixtures/openldap/retcode.ldif +0 -76
- data/test/fixtures/openldap/slapd.conf.ldif +0 -67
- data/test/fixtures/seed.ldif +0 -374
- data/test/integration/test_add.rb +0 -28
- data/test/integration/test_ber.rb +0 -30
- data/test/integration/test_bind.rb +0 -34
- data/test/integration/test_delete.rb +0 -31
- data/test/integration/test_open.rb +0 -88
- data/test/integration/test_return_codes.rb +0 -38
- data/test/integration/test_search.rb +0 -77
- data/test/support/vm/openldap/.gitignore +0 -1
- data/test/support/vm/openldap/README.md +0 -32
- data/test/support/vm/openldap/Vagrantfile +0 -33
- data/test/test_auth_adapter.rb +0 -11
- data/test/test_dn.rb +0 -44
- data/test/test_entry.rb +0 -65
- data/test/test_filter.rb +0 -223
- data/test/test_filter_parser.rb +0 -24
- data/test/test_helper.rb +0 -66
- data/test/test_ldap.rb +0 -67
- data/test/test_ldap_connection.rb +0 -460
- data/test/test_ldif.rb +0 -104
- data/test/test_password.rb +0 -10
- data/test/test_rename.rb +0 -77
- data/test/test_search.rb +0 -39
- data/test/test_snmp.rb +0 -119
- data/test/test_ssl_ber.rb +0 -40
- data/test/testdata.ldif +0 -101
- data/testserver/ldapserver.rb +0 -210
- data/testserver/testdata.ldif +0 -101
@@ -1 +0,0 @@
|
|
1
|
-
/.vagrant
|
@@ -1,32 +0,0 @@
|
|
1
|
-
# Local OpenLDAP Integration Testing
|
2
|
-
|
3
|
-
Set up a [Vagrant](http://www.vagrantup.com/) VM to run integration tests against OpenLDAP locally.
|
4
|
-
|
5
|
-
To run integration tests locally:
|
6
|
-
|
7
|
-
``` bash
|
8
|
-
# start VM (from the correct directory)
|
9
|
-
$ cd test/support/vm/openldap/
|
10
|
-
$ vagrant up
|
11
|
-
|
12
|
-
# get the IP address of the VM
|
13
|
-
$ ip=$(vagrant ssh -- "ifconfig eth1 | grep -o -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | head -n1")
|
14
|
-
|
15
|
-
# change back to root project directory
|
16
|
-
$ cd ../../../..
|
17
|
-
|
18
|
-
# run all tests, including integration tests
|
19
|
-
$ time INTEGRATION=openldap INTEGRATION_HOST=$ip bundle exec rake
|
20
|
-
|
21
|
-
# run a specific integration test file
|
22
|
-
$ time INTEGRATION=openldap INTEGRATION_HOST=$ip bundle exec ruby test/integration/test_search.rb
|
23
|
-
|
24
|
-
# run integration tests by default
|
25
|
-
$ export INTEGRATION=openldap
|
26
|
-
$ export INTEGRATION_HOST=$ip
|
27
|
-
|
28
|
-
# now run tests without having to set ENV variables
|
29
|
-
$ time bundle exec rake
|
30
|
-
```
|
31
|
-
|
32
|
-
You may need to `gem install vagrant` first in order to provision the VM.
|
@@ -1,33 +0,0 @@
|
|
1
|
-
# -*- mode: ruby -*-
|
2
|
-
# vi: set ft=ruby :
|
3
|
-
|
4
|
-
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
|
5
|
-
VAGRANTFILE_API_VERSION = "2"
|
6
|
-
|
7
|
-
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
8
|
-
config.vm.hostname = "rubyldap.com"
|
9
|
-
|
10
|
-
config.vm.box = "hashicorp/precise64"
|
11
|
-
|
12
|
-
config.vm.network "private_network", type: :dhcp
|
13
|
-
|
14
|
-
config.ssh.forward_agent = true
|
15
|
-
|
16
|
-
config.vm.provision "shell", inline: "apt-get update; exec env /vagrant_data/script/install-openldap"
|
17
|
-
|
18
|
-
config.vm.synced_folder "../../../..", "/vagrant_data"
|
19
|
-
|
20
|
-
config.vm.provider "vmware_fusion" do |vb, override|
|
21
|
-
override.vm.box = "hashicorp/precise64"
|
22
|
-
vb.memory = 4596
|
23
|
-
vb.vmx["displayname"] = "integration tests vm"
|
24
|
-
vb.vmx["numvcpus"] = "2"
|
25
|
-
end
|
26
|
-
|
27
|
-
config.vm.provider "virtualbox" do |vb, override|
|
28
|
-
vb.memory = 4096
|
29
|
-
vb.customize ["modifyvm", :id, "--nicpromisc2", "allow-all"]
|
30
|
-
vb.customize ["modifyvm", :id, "--chipset", "ich9"]
|
31
|
-
vb.customize ["modifyvm", :id, "--vram", "16"]
|
32
|
-
end
|
33
|
-
end
|
data/test/test_auth_adapter.rb
DELETED
@@ -1,11 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class TestAuthAdapter < Test::Unit::TestCase
|
4
|
-
def test_undefined_auth_adapter
|
5
|
-
flexmock(TCPSocket).should_receive(:new).ordered.with('ldap.example.com', 379).once.and_return(nil)
|
6
|
-
conn = Net::LDAP::Connection.new(host: 'ldap.example.com', port: 379)
|
7
|
-
assert_raise Net::LDAP::AuthMethodUnsupportedError, "Unsupported auth method (foo)" do
|
8
|
-
conn.bind(method: :foo)
|
9
|
-
end
|
10
|
-
end
|
11
|
-
end
|
data/test/test_dn.rb
DELETED
@@ -1,44 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
require 'net/ldap/dn'
|
3
|
-
|
4
|
-
class TestDN < Test::Unit::TestCase
|
5
|
-
def test_escape
|
6
|
-
assert_equal '\\,\\+\\"\\\\\\<\\>\\;', Net::LDAP::DN.escape(',+"\\<>;')
|
7
|
-
end
|
8
|
-
|
9
|
-
def test_escape_on_initialize
|
10
|
-
dn = Net::LDAP::DN.new('cn', ',+"\\<>;', 'ou=company')
|
11
|
-
assert_equal 'cn=\\,\\+\\"\\\\\\<\\>\\;,ou=company', dn.to_s
|
12
|
-
end
|
13
|
-
|
14
|
-
def test_to_a
|
15
|
-
dn = Net::LDAP::DN.new('cn=James, ou=Company\\,\\20LLC')
|
16
|
-
assert_equal ['cn','James','ou','Company, LLC'], dn.to_a
|
17
|
-
end
|
18
|
-
|
19
|
-
def test_to_a_parenthesis
|
20
|
-
dn = Net::LDAP::DN.new('cn = \ James , ou = "Comp\28ny" ')
|
21
|
-
assert_equal ['cn',' James','ou','Comp(ny'], dn.to_a
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_to_a_hash_symbol
|
25
|
-
dn = Net::LDAP::DN.new('1.23.4= #A3B4D5 ,ou=Company')
|
26
|
-
assert_equal ['1.23.4','#A3B4D5','ou','Company'], dn.to_a
|
27
|
-
end
|
28
|
-
|
29
|
-
# TODO: raise a more specific exception than RuntimeError
|
30
|
-
def test_bad_input_raises_error
|
31
|
-
[
|
32
|
-
'cn=James,',
|
33
|
-
'cn=#aa aa',
|
34
|
-
'cn="James',
|
35
|
-
'cn=J\ames',
|
36
|
-
'cn=\\',
|
37
|
-
'1.2.d=Value',
|
38
|
-
'd1.2=Value',
|
39
|
-
].each do |input|
|
40
|
-
dn = Net::LDAP::DN.new(input)
|
41
|
-
assert_raises(RuntimeError) { dn.to_a }
|
42
|
-
end
|
43
|
-
end
|
44
|
-
end
|
data/test/test_entry.rb
DELETED
@@ -1,65 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
class TestEntry < Test::Unit::TestCase
|
4
|
-
def setup
|
5
|
-
@entry = Net::LDAP::Entry.new 'cn=Barbara,o=corp'
|
6
|
-
end
|
7
|
-
|
8
|
-
def test_dn
|
9
|
-
assert_equal 'cn=Barbara,o=corp', @entry.dn
|
10
|
-
end
|
11
|
-
|
12
|
-
def test_empty_array_when_accessing_nonexistent_attribute
|
13
|
-
assert_equal [], @entry['sn']
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_attribute_assignment
|
17
|
-
@entry['sn'] = 'Jensen'
|
18
|
-
assert_equal ['Jensen'], @entry['sn']
|
19
|
-
assert_equal ['Jensen'], @entry.sn
|
20
|
-
assert_equal ['Jensen'], @entry[:sn]
|
21
|
-
|
22
|
-
@entry[:sn] = 'Jensen'
|
23
|
-
assert_equal ['Jensen'], @entry['sn']
|
24
|
-
assert_equal ['Jensen'], @entry.sn
|
25
|
-
assert_equal ['Jensen'], @entry[:sn]
|
26
|
-
|
27
|
-
@entry.sn = 'Jensen'
|
28
|
-
assert_equal ['Jensen'], @entry['sn']
|
29
|
-
assert_equal ['Jensen'], @entry.sn
|
30
|
-
assert_equal ['Jensen'], @entry[:sn]
|
31
|
-
end
|
32
|
-
|
33
|
-
def test_case_insensitive_attribute_names
|
34
|
-
@entry['sn'] = 'Jensen'
|
35
|
-
assert_equal ['Jensen'], @entry.sn
|
36
|
-
assert_equal ['Jensen'], @entry.Sn
|
37
|
-
assert_equal ['Jensen'], @entry.SN
|
38
|
-
assert_equal ['Jensen'], @entry['sn']
|
39
|
-
assert_equal ['Jensen'], @entry['Sn']
|
40
|
-
assert_equal ['Jensen'], @entry['SN']
|
41
|
-
end
|
42
|
-
end
|
43
|
-
|
44
|
-
class TestEntryLDIF < Test::Unit::TestCase
|
45
|
-
def setup
|
46
|
-
@entry = Net::LDAP::Entry.from_single_ldif_string(
|
47
|
-
%Q{dn: something
|
48
|
-
foo: foo
|
49
|
-
barAttribute: bar
|
50
|
-
})
|
51
|
-
end
|
52
|
-
|
53
|
-
def test_attribute
|
54
|
-
assert_equal ['foo'], @entry.foo
|
55
|
-
assert_equal ['foo'], @entry.Foo
|
56
|
-
end
|
57
|
-
|
58
|
-
def test_modify_attribute
|
59
|
-
@entry.foo = 'bar'
|
60
|
-
assert_equal ['bar'], @entry.foo
|
61
|
-
|
62
|
-
@entry.fOo= 'baz'
|
63
|
-
assert_equal ['baz'], @entry.foo
|
64
|
-
end
|
65
|
-
end
|
data/test/test_filter.rb
DELETED
@@ -1,223 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
class TestFilter < Test::Unit::TestCase
|
4
|
-
Filter = Net::LDAP::Filter
|
5
|
-
|
6
|
-
def test_bug_7534_rfc2254
|
7
|
-
assert_equal("(cn=Tim Wizard)",
|
8
|
-
Filter.from_rfc2254("(cn=Tim Wizard)").to_rfc2254)
|
9
|
-
end
|
10
|
-
|
11
|
-
def test_invalid_filter_string
|
12
|
-
assert_raises(Net::LDAP::FilterSyntaxInvalidError) { Filter.from_rfc2254("") }
|
13
|
-
end
|
14
|
-
|
15
|
-
def test_invalid_filter
|
16
|
-
assert_raises(Net::LDAP::OperatorError) {
|
17
|
-
# This test exists to prove that our constructor blocks unknown filter
|
18
|
-
# types. All filters must be constructed using helpers.
|
19
|
-
Filter.__send__(:new, :xx, nil, nil)
|
20
|
-
}
|
21
|
-
end
|
22
|
-
|
23
|
-
def test_to_s
|
24
|
-
assert_equal("(uid=george *)", Filter.eq("uid", "george *").to_s)
|
25
|
-
end
|
26
|
-
|
27
|
-
def test_convenience_filters
|
28
|
-
assert_equal("(uid=\\2A)", Filter.equals("uid", "*").to_s)
|
29
|
-
assert_equal("(uid=\\28*)", Filter.begins("uid", "(").to_s)
|
30
|
-
assert_equal("(uid=*\\29)", Filter.ends("uid", ")").to_s)
|
31
|
-
assert_equal("(uid=*\\5C*)", Filter.contains("uid", "\\").to_s)
|
32
|
-
end
|
33
|
-
|
34
|
-
def test_c2
|
35
|
-
assert_equal("(uid=george *)",
|
36
|
-
Filter.from_rfc2254("uid=george *").to_rfc2254)
|
37
|
-
assert_equal("(uid:=george *)",
|
38
|
-
Filter.from_rfc2254("uid:=george *").to_rfc2254)
|
39
|
-
assert_equal("(uid=george*)",
|
40
|
-
Filter.from_rfc2254(" ( uid = george* ) ").to_rfc2254)
|
41
|
-
assert_equal("(!(uid=george*))",
|
42
|
-
Filter.from_rfc2254("uid!=george*").to_rfc2254)
|
43
|
-
assert_equal("(uid<=george*)",
|
44
|
-
Filter.from_rfc2254("uid <= george*").to_rfc2254)
|
45
|
-
assert_equal("(uid>=george*)",
|
46
|
-
Filter.from_rfc2254("uid>=george*").to_rfc2254)
|
47
|
-
assert_equal("(&(uid=george*)(mail=*))",
|
48
|
-
Filter.from_rfc2254("(& (uid=george* ) (mail=*))").to_rfc2254)
|
49
|
-
assert_equal("(|(uid=george*)(mail=*))",
|
50
|
-
Filter.from_rfc2254("(| (uid=george* ) (mail=*))").to_rfc2254)
|
51
|
-
assert_equal("(!(mail=*))",
|
52
|
-
Filter.from_rfc2254("(! (mail=*))").to_rfc2254)
|
53
|
-
end
|
54
|
-
|
55
|
-
def test_filter_with_single_clause
|
56
|
-
assert_equal("(cn=name)", Net::LDAP::Filter.construct("(&(cn=name))").to_s)
|
57
|
-
end
|
58
|
-
|
59
|
-
def test_filters_from_ber
|
60
|
-
[
|
61
|
-
Net::LDAP::Filter.eq("objectclass", "*"),
|
62
|
-
Net::LDAP::Filter.pres("objectclass"),
|
63
|
-
Net::LDAP::Filter.eq("objectclass", "ou"),
|
64
|
-
Net::LDAP::Filter.ge("uid", "500"),
|
65
|
-
Net::LDAP::Filter.le("uid", "500"),
|
66
|
-
(~ Net::LDAP::Filter.pres("objectclass")),
|
67
|
-
(Net::LDAP::Filter.pres("objectclass") & Net::LDAP::Filter.pres("ou")),
|
68
|
-
(Net::LDAP::Filter.pres("objectclass") & Net::LDAP::Filter.pres("ou") & Net::LDAP::Filter.pres("sn")),
|
69
|
-
(Net::LDAP::Filter.pres("objectclass") | Net::LDAP::Filter.pres("ou") | Net::LDAP::Filter.pres("sn")),
|
70
|
-
|
71
|
-
Net::LDAP::Filter.eq("objectclass", "*aaa"),
|
72
|
-
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb"),
|
73
|
-
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*ccc"),
|
74
|
-
Net::LDAP::Filter.eq("objectclass", "aaa*bbb"),
|
75
|
-
Net::LDAP::Filter.eq("objectclass", "aaa*bbb*ccc"),
|
76
|
-
Net::LDAP::Filter.eq("objectclass", "abc*def*1111*22*g"),
|
77
|
-
Net::LDAP::Filter.eq("objectclass", "*aaa*"),
|
78
|
-
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*"),
|
79
|
-
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*ccc*"),
|
80
|
-
Net::LDAP::Filter.eq("objectclass", "aaa*"),
|
81
|
-
Net::LDAP::Filter.eq("objectclass", "aaa*bbb*"),
|
82
|
-
Net::LDAP::Filter.eq("objectclass", "aaa*bbb*ccc*"),
|
83
|
-
].each do |ber|
|
84
|
-
f = Net::LDAP::Filter.parse_ber(ber.to_ber.read_ber(Net::LDAP::AsnSyntax))
|
85
|
-
assert(f == ber)
|
86
|
-
assert_equal(f.to_ber, ber.to_ber)
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
90
|
-
def test_ber_from_rfc2254_filter
|
91
|
-
[
|
92
|
-
Net::LDAP::Filter.construct("objectclass=*"),
|
93
|
-
Net::LDAP::Filter.construct("objectclass=ou"),
|
94
|
-
Net::LDAP::Filter.construct("uid >= 500"),
|
95
|
-
Net::LDAP::Filter.construct("uid <= 500"),
|
96
|
-
Net::LDAP::Filter.construct("(!(uid=*))"),
|
97
|
-
Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*))"),
|
98
|
-
Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*)(sn=*))"),
|
99
|
-
Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*))"),
|
100
|
-
Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*)(sn=*))"),
|
101
|
-
|
102
|
-
Net::LDAP::Filter.construct("objectclass=*aaa"),
|
103
|
-
Net::LDAP::Filter.construct("objectclass=*aaa*bbb"),
|
104
|
-
Net::LDAP::Filter.construct("objectclass=*aaa bbb"),
|
105
|
-
Net::LDAP::Filter.construct("objectclass=*aaa bbb"),
|
106
|
-
Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc"),
|
107
|
-
Net::LDAP::Filter.construct("objectclass=aaa*bbb"),
|
108
|
-
Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc"),
|
109
|
-
Net::LDAP::Filter.construct("objectclass=abc*def*1111*22*g"),
|
110
|
-
Net::LDAP::Filter.construct("objectclass=*aaa*"),
|
111
|
-
Net::LDAP::Filter.construct("objectclass=*aaa*bbb*"),
|
112
|
-
Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc*"),
|
113
|
-
Net::LDAP::Filter.construct("objectclass=aaa*"),
|
114
|
-
Net::LDAP::Filter.construct("objectclass=aaa*bbb*"),
|
115
|
-
Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc*"),
|
116
|
-
].each do |ber|
|
117
|
-
f = Net::LDAP::Filter.parse_ber(ber.to_ber.read_ber(Net::LDAP::AsnSyntax))
|
118
|
-
assert(f == ber)
|
119
|
-
assert_equal(f.to_ber, ber.to_ber)
|
120
|
-
end
|
121
|
-
end
|
122
|
-
end
|
123
|
-
|
124
|
-
# tests ported over from rspec. Not sure if these overlap with the above
|
125
|
-
# https://github.com/ruby-ldap/ruby-net-ldap/pull/121
|
126
|
-
class TestFilterRSpec < Test::Unit::TestCase
|
127
|
-
def test_ex_convert
|
128
|
-
assert_equal '(foo:=bar)', Net::LDAP::Filter.ex('foo', 'bar').to_s
|
129
|
-
end
|
130
|
-
|
131
|
-
def test_ex_rfc2254_roundtrip
|
132
|
-
filter = Net::LDAP::Filter.ex('foo', 'bar')
|
133
|
-
assert_equal filter, Net::LDAP::Filter.from_rfc2254(filter.to_s)
|
134
|
-
end
|
135
|
-
|
136
|
-
def test_ber_conversion
|
137
|
-
filter = Net::LDAP::Filter.ex('foo', 'bar')
|
138
|
-
ber = filter.to_ber
|
139
|
-
assert_equal filter, Net::LDAP::Filter.parse_ber(ber.read_ber(Net::LDAP::AsnSyntax))
|
140
|
-
end
|
141
|
-
|
142
|
-
[
|
143
|
-
'(o:dn:=Ace Industry)',
|
144
|
-
'(:dn:2.4.8.10:=Dino)',
|
145
|
-
'(cn:dn:1.2.3.4.5:=John Smith)',
|
146
|
-
'(sn:dn:2.4.6.8.10:=Barbara Jones)',
|
147
|
-
'(&(sn:dn:2.4.6.8.10:=Barbara Jones))'
|
148
|
-
].each_with_index do |filter_str, index|
|
149
|
-
define_method "test_decode_filter_#{index}" do
|
150
|
-
filter = Net::LDAP::Filter.from_rfc2254(filter_str)
|
151
|
-
assert_kind_of Net::LDAP::Filter, filter
|
152
|
-
end
|
153
|
-
|
154
|
-
define_method "test_ber_conversion_#{index}" do
|
155
|
-
filter = Net::LDAP::Filter.from_rfc2254(filter_str)
|
156
|
-
ber = Net::LDAP::Filter.from_rfc2254(filter_str).to_ber
|
157
|
-
assert_equal filter, Net::LDAP::Filter.parse_ber(ber.read_ber(Net::LDAP::AsnSyntax))
|
158
|
-
end
|
159
|
-
end
|
160
|
-
|
161
|
-
def test_apostrophes
|
162
|
-
assert_equal "(uid=O'Keefe)", Net::LDAP::Filter.construct("uid=O'Keefe").to_rfc2254
|
163
|
-
end
|
164
|
-
|
165
|
-
def test_equals
|
166
|
-
assert_equal Net::LDAP::Filter.eq('dn', 'f\2Aoo'), Net::LDAP::Filter.equals('dn', 'f*oo')
|
167
|
-
end
|
168
|
-
|
169
|
-
def test_begins
|
170
|
-
assert_equal Net::LDAP::Filter.eq('dn', 'f\2Aoo*'), Net::LDAP::Filter.begins('dn', 'f*oo')
|
171
|
-
end
|
172
|
-
|
173
|
-
def test_ends
|
174
|
-
assert_equal Net::LDAP::Filter.eq('dn', '*f\2Aoo'), Net::LDAP::Filter.ends('dn', 'f*oo')
|
175
|
-
end
|
176
|
-
|
177
|
-
def test_contains
|
178
|
-
assert_equal Net::LDAP::Filter.eq('dn', '*f\2Aoo*'), Net::LDAP::Filter.contains('dn', 'f*oo')
|
179
|
-
end
|
180
|
-
|
181
|
-
def test_escape
|
182
|
-
# escapes nul, *, (, ) and \\
|
183
|
-
assert_equal "\\00\\2A\\28\\29\\5C", Net::LDAP::Filter.escape("\0*()\\")
|
184
|
-
end
|
185
|
-
|
186
|
-
def test_well_known_ber_string
|
187
|
-
ber = "\xa4\x2d" \
|
188
|
-
"\x04\x0b" "objectclass" \
|
189
|
-
"\x30\x1e" \
|
190
|
-
"\x80\x08" "foo" "*\\" "bar" \
|
191
|
-
"\x81\x08" "foo" "*\\" "bar" \
|
192
|
-
"\x82\x08" "foo" "*\\" "bar".b
|
193
|
-
|
194
|
-
[
|
195
|
-
"foo" "\\2A\\5C" "bar",
|
196
|
-
"foo" "\\2a\\5c" "bar",
|
197
|
-
"foo" "\\2A\\5c" "bar",
|
198
|
-
"foo" "\\2a\\5C" "bar"
|
199
|
-
].each do |escaped|
|
200
|
-
# unescapes escaped characters
|
201
|
-
filter = Net::LDAP::Filter.eq("objectclass", "#{escaped}*#{escaped}*#{escaped}")
|
202
|
-
assert_equal ber, filter.to_ber
|
203
|
-
end
|
204
|
-
end
|
205
|
-
|
206
|
-
def test_parse_ber_escapes_characters
|
207
|
-
ber = "\xa4\x2d" \
|
208
|
-
"\x04\x0b" "objectclass" \
|
209
|
-
"\x30\x1e" \
|
210
|
-
"\x80\x08" "foo" "*\\" "bar" \
|
211
|
-
"\x81\x08" "foo" "*\\" "bar" \
|
212
|
-
"\x82\x08" "foo" "*\\" "bar".b
|
213
|
-
|
214
|
-
escaped = Net::LDAP::Filter.escape("foo" "*\\" "bar")
|
215
|
-
filter = Net::LDAP::Filter.parse_ber(ber.read_ber(Net::LDAP::AsnSyntax))
|
216
|
-
assert_equal "(objectclass=#{escaped}*#{escaped}*#{escaped})", filter.to_s
|
217
|
-
end
|
218
|
-
|
219
|
-
def test_unescape_fixnums
|
220
|
-
filter = Net::LDAP::Filter.eq("objectclass", 3)
|
221
|
-
assert_equal "\xA3\x10\x04\vobjectclass\x04\x013".b, filter.to_ber
|
222
|
-
end
|
223
|
-
end
|
data/test/test_filter_parser.rb
DELETED
@@ -1,24 +0,0 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
require_relative 'test_helper'
|
3
|
-
|
4
|
-
class TestFilterParser < Test::Unit::TestCase
|
5
|
-
def test_ascii
|
6
|
-
assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(cn=name)")
|
7
|
-
end
|
8
|
-
|
9
|
-
def test_multibyte_characters
|
10
|
-
assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(cn=名前)")
|
11
|
-
end
|
12
|
-
|
13
|
-
def test_brackets
|
14
|
-
assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(cn=[{something}])")
|
15
|
-
end
|
16
|
-
|
17
|
-
def test_slash
|
18
|
-
assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(departmentNumber=FOO//BAR/FOO)")
|
19
|
-
end
|
20
|
-
|
21
|
-
def test_colons
|
22
|
-
assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(ismemberof=cn=edu:berkeley:app:calmessages:deans,ou=campus groups,dc=berkeley,dc=edu)")
|
23
|
-
end
|
24
|
-
end
|
data/test/test_helper.rb
DELETED
@@ -1,66 +0,0 @@
|
|
1
|
-
# Add 'lib' to load path.
|
2
|
-
require 'test/unit'
|
3
|
-
require 'net/ldap'
|
4
|
-
require 'flexmock/test_unit'
|
5
|
-
|
6
|
-
# Whether integration tests should be run.
|
7
|
-
INTEGRATION = ENV.fetch("INTEGRATION", "skip") != "skip"
|
8
|
-
|
9
|
-
# The CA file to verify certs against for tests.
|
10
|
-
# Override with CA_FILE env variable; otherwise checks for the VM-specific path
|
11
|
-
# and falls back to the test/fixtures/cacert.pem for local testing.
|
12
|
-
CA_FILE =
|
13
|
-
ENV.fetch("CA_FILE") do
|
14
|
-
if File.exist?("/etc/ssl/certs/cacert.pem")
|
15
|
-
"/etc/ssl/certs/cacert.pem"
|
16
|
-
else
|
17
|
-
File.expand_path("fixtures/cacert.pem", File.dirname(__FILE__))
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
if RUBY_VERSION < "2.0"
|
22
|
-
class String
|
23
|
-
def b
|
24
|
-
self
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
class MockInstrumentationService
|
30
|
-
def initialize
|
31
|
-
@events = {}
|
32
|
-
end
|
33
|
-
|
34
|
-
def instrument(event, payload)
|
35
|
-
result = yield(payload)
|
36
|
-
@events[event] ||= []
|
37
|
-
@events[event] << [payload, result]
|
38
|
-
result
|
39
|
-
end
|
40
|
-
|
41
|
-
def subscribe(event)
|
42
|
-
@events[event] ||= []
|
43
|
-
@events[event]
|
44
|
-
end
|
45
|
-
end
|
46
|
-
|
47
|
-
class LDAPIntegrationTestCase < Test::Unit::TestCase
|
48
|
-
# If integration tests aren't enabled, noop these tests.
|
49
|
-
if !INTEGRATION
|
50
|
-
def run(*)
|
51
|
-
self
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
55
|
-
def setup
|
56
|
-
@service = MockInstrumentationService.new
|
57
|
-
@ldap = Net::LDAP.new \
|
58
|
-
host: ENV.fetch('INTEGRATION_HOST', 'localhost'),
|
59
|
-
port: ENV.fetch('INTEGRATION_PORT', 389),
|
60
|
-
admin_user: 'uid=admin,dc=rubyldap,dc=com',
|
61
|
-
admin_password: 'passworD1',
|
62
|
-
search_domains: %w(dc=rubyldap,dc=com),
|
63
|
-
uid: 'uid',
|
64
|
-
instrumentation_service: @service
|
65
|
-
end
|
66
|
-
end
|
data/test/test_ldap.rb
DELETED
@@ -1,67 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class TestLDAPInstrumentation < Test::Unit::TestCase
|
4
|
-
def setup
|
5
|
-
@connection = flexmock(:connection, :close => true)
|
6
|
-
flexmock(Net::LDAP::Connection).should_receive(:new).and_return(@connection)
|
7
|
-
|
8
|
-
@service = MockInstrumentationService.new
|
9
|
-
@subject = Net::LDAP.new \
|
10
|
-
:host => "test.mocked.com", :port => 636,
|
11
|
-
:force_no_page => true, # so server capabilities are not queried
|
12
|
-
:instrumentation_service => @service
|
13
|
-
end
|
14
|
-
|
15
|
-
def test_instrument_bind
|
16
|
-
events = @service.subscribe "bind.net_ldap"
|
17
|
-
|
18
|
-
bind_result = flexmock(:bind_result, :success? => true)
|
19
|
-
flexmock(@connection).should_receive(:bind).with(Hash).and_return(bind_result)
|
20
|
-
|
21
|
-
assert @subject.bind
|
22
|
-
|
23
|
-
payload, result = events.pop
|
24
|
-
assert result
|
25
|
-
assert_equal bind_result, payload[:bind]
|
26
|
-
end
|
27
|
-
|
28
|
-
def test_instrument_search
|
29
|
-
events = @service.subscribe "search.net_ldap"
|
30
|
-
|
31
|
-
flexmock(@connection).should_receive(:bind).and_return(flexmock(:bind_result, :result_code => Net::LDAP::ResultCodeSuccess))
|
32
|
-
flexmock(@connection).should_receive(:search).with(Hash, Proc).
|
33
|
-
yields(entry = Net::LDAP::Entry.new("uid=user1,ou=users,dc=example,dc=com")).
|
34
|
-
and_return(flexmock(:search_result, :success? => true, :result_code => Net::LDAP::ResultCodeSuccess))
|
35
|
-
|
36
|
-
refute_nil @subject.search(:filter => "(uid=user1)")
|
37
|
-
|
38
|
-
payload, result = events.pop
|
39
|
-
assert_equal [entry], result
|
40
|
-
assert_equal [entry], payload[:result]
|
41
|
-
assert_equal "(uid=user1)", payload[:filter]
|
42
|
-
end
|
43
|
-
|
44
|
-
def test_instrument_search_with_size
|
45
|
-
events = @service.subscribe "search.net_ldap"
|
46
|
-
|
47
|
-
flexmock(@connection).should_receive(:bind).and_return(flexmock(:bind_result, :result_code => Net::LDAP::ResultCodeSuccess))
|
48
|
-
flexmock(@connection).should_receive(:search).with(Hash, Proc).
|
49
|
-
yields(entry = Net::LDAP::Entry.new("uid=user1,ou=users,dc=example,dc=com")).
|
50
|
-
and_return(flexmock(:search_result, :success? => true, :result_code => Net::LDAP::ResultCodeSizeLimitExceeded))
|
51
|
-
|
52
|
-
refute_nil @subject.search(:filter => "(uid=user1)", :size => 1)
|
53
|
-
|
54
|
-
payload, result = events.pop
|
55
|
-
assert_equal [entry], result
|
56
|
-
assert_equal [entry], payload[:result]
|
57
|
-
assert_equal "(uid=user1)", payload[:filter]
|
58
|
-
assert_equal result.size, payload[:size]
|
59
|
-
end
|
60
|
-
|
61
|
-
def test_obscure_auth
|
62
|
-
password = "opensesame"
|
63
|
-
assert_include(@subject.inspect, "anonymous")
|
64
|
-
@subject.auth "joe_user", password
|
65
|
-
assert_not_include(@subject.inspect, password)
|
66
|
-
end
|
67
|
-
end
|