net-ldap 0.14.0 → 0.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/History.rdoc +74 -0
- data/README.rdoc +18 -8
- data/lib/net/ber/ber_parser.rb +3 -3
- data/lib/net/ber/core_ext.rb +6 -6
- data/lib/net/ber.rb +5 -6
- data/lib/net/ldap/auth_adapter/gss_spnego.rb +2 -2
- data/lib/net/ldap/auth_adapter/sasl.rb +4 -2
- data/lib/net/ldap/auth_adapter/simple.rb +1 -1
- data/lib/net/ldap/connection.rb +63 -37
- data/lib/net/ldap/dataset.rb +1 -3
- data/lib/net/ldap/dn.rb +17 -26
- data/lib/net/ldap/entry.rb +15 -7
- data/lib/net/ldap/error.rb +2 -26
- data/lib/net/ldap/filter.rb +10 -3
- data/lib/net/ldap/instrumentation.rb +2 -2
- data/lib/net/ldap/password.rb +7 -5
- data/lib/net/ldap/pdu.rb +1 -1
- data/lib/net/ldap/version.rb +1 -1
- data/lib/net/ldap.rb +91 -58
- data/lib/net/snmp.rb +1 -1
- data/lib/net-ldap.rb +1 -1
- metadata +16 -101
- data/.gitignore +0 -9
- data/.rubocop.yml +0 -17
- data/.rubocop_todo.yml +0 -599
- data/.travis.yml +0 -33
- data/CONTRIBUTING.md +0 -54
- data/Gemfile +0 -2
- data/Rakefile +0 -23
- data/net-ldap.gemspec +0 -37
- data/script/changelog +0 -47
- data/script/install-openldap +0 -115
- data/script/package +0 -7
- data/script/release +0 -16
- data/test/ber/core_ext/test_array.rb +0 -22
- data/test/ber/core_ext/test_string.rb +0 -25
- data/test/ber/test_ber.rb +0 -153
- data/test/fixtures/cacert.pem +0 -20
- data/test/fixtures/openldap/memberof.ldif +0 -33
- data/test/fixtures/openldap/retcode.ldif +0 -76
- data/test/fixtures/openldap/slapd.conf.ldif +0 -67
- data/test/fixtures/seed.ldif +0 -374
- data/test/integration/test_add.rb +0 -28
- data/test/integration/test_ber.rb +0 -30
- data/test/integration/test_bind.rb +0 -42
- data/test/integration/test_delete.rb +0 -31
- data/test/integration/test_open.rb +0 -88
- data/test/integration/test_password_modify.rb +0 -80
- data/test/integration/test_return_codes.rb +0 -38
- data/test/integration/test_search.rb +0 -77
- data/test/support/vm/openldap/.gitignore +0 -1
- data/test/support/vm/openldap/README.md +0 -32
- data/test/support/vm/openldap/Vagrantfile +0 -33
- data/test/test_auth_adapter.rb +0 -15
- data/test/test_dn.rb +0 -44
- data/test/test_entry.rb +0 -65
- data/test/test_filter.rb +0 -223
- data/test/test_filter_parser.rb +0 -24
- data/test/test_helper.rb +0 -66
- data/test/test_ldap.rb +0 -114
- data/test/test_ldap_connection.rb +0 -493
- data/test/test_ldif.rb +0 -104
- data/test/test_password.rb +0 -10
- data/test/test_rename.rb +0 -77
- data/test/test_search.rb +0 -39
- data/test/test_snmp.rb +0 -119
- data/test/test_ssl_ber.rb +0 -40
- data/test/testdata.ldif +0 -101
- data/testserver/ldapserver.rb +0 -209
- data/testserver/testdata.ldif +0 -101
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: c8d5def02bd0ce6b44457f5c1c7983f8730131a1a7082b3765791b14a0ee576b
|
4
|
+
data.tar.gz: 41a50fda89f8c8e7a6a1c182e894181d910367a356c67f031dec8072e1544e3e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c5ae1310f3668a7f12f4817ede1cdd9310b8b262a40f41639d29e6cf0ba105f3bd6df8f6b892abed3924b03987c18f0e3f0c9bb2c848ed9d33a4662d53783f83
|
7
|
+
data.tar.gz: f2b4573b1af8db1dd16b9b31202a53edd08829d399fb94bd27cb400b8b1246929dca87744bd5156c4910a4fd53a4c4689a3917258d165e472135fbf50afceb7c
|
data/History.rdoc
CHANGED
@@ -1,3 +1,77 @@
|
|
1
|
+
=== Net::LDAP 0.18.0
|
2
|
+
* Fix escaping of # and space in attrs #408
|
3
|
+
* Add support to use SNI #406
|
4
|
+
* Drop Ruby 2.5 and JRuby 9.2 from CI tests
|
5
|
+
* Bump rubocop to 1.48.1
|
6
|
+
* Update CI for TruffleRuby 22
|
7
|
+
|
8
|
+
=== Net::LDAP 0.17.1
|
9
|
+
* Fixed shebang of bash #385
|
10
|
+
* Omit some tests for now until we update our CA cert #386
|
11
|
+
* Add Ruby 3.0 support #388
|
12
|
+
* Add TruffleRuby 21.0.0 to CI #389
|
13
|
+
* Correct a typo in an error message #391
|
14
|
+
* Enable bundler caching for travis #390
|
15
|
+
* Fix circular require while loading lib/net/ldap/entry.rb and lib/net/ldap/dataset.rb #392
|
16
|
+
* Handle nil value in GetbyteForSSLSocket::getbyte #306
|
17
|
+
|
18
|
+
=== Net::LDAP 0.17.0
|
19
|
+
* Added private recursive_delete as alternative to DELETE_TREE #268
|
20
|
+
* Test suite updates #373 #376 #377
|
21
|
+
* Use Base64.strict_encode64 and SSHA256 #303
|
22
|
+
* Remove deprecated ConnectionRefusedError #366
|
23
|
+
* Added method to get a duplicate of the internal Hash #286
|
24
|
+
* remove a circular require #380
|
25
|
+
* fix LdapServerAsnSyntax compile #379
|
26
|
+
* Implement '==' operator for entries #381
|
27
|
+
* fix for undefined method for write exception #383
|
28
|
+
|
29
|
+
=== Net::LDAP 0.16.3
|
30
|
+
|
31
|
+
* Add Net::LDAP::InvalidDNError #371
|
32
|
+
* Use require_relative instead of require #360
|
33
|
+
* Address some warnings and fix JRuby test omissions #365
|
34
|
+
* Bump rake dev dependency to 12.3 #359
|
35
|
+
* Enable rubocop in ci #251
|
36
|
+
* Enhance rubocop configuration and test syntax #344
|
37
|
+
* CI: Drop rbx-2, uninstallable #364
|
38
|
+
* Fix RuboCop warnings #312
|
39
|
+
* Fix wrong error class #305
|
40
|
+
* CONTRIBUTING.md: Repair link to Issues #309
|
41
|
+
* Make the generate() method more idiomatic... #326
|
42
|
+
* Make encode_sort_controls() more idiomatic... #327
|
43
|
+
* Make the instrument() method more idiomatic... #328
|
44
|
+
* Fix uninitialised Net::LDAP::LdapPduError #338
|
45
|
+
* README.rdoc: Use SVG build badge #310
|
46
|
+
* Update TravisCI config to inclue Ruby 2.7 #346
|
47
|
+
* add explicit ** to silence Ruby 2.7 warning #342
|
48
|
+
* Support parsing filters with attribute tags #345
|
49
|
+
* Bump rubocop development dependency version #336
|
50
|
+
* Add link to generated and hosted documentation on rubydoc #319
|
51
|
+
* Fix 'uninitialized constant Net::LDAP::PDU::LdapPduError' error #317
|
52
|
+
* simplify encoding logic: no more chomping required #362
|
53
|
+
|
54
|
+
=== Net::LDAP 0.16.2
|
55
|
+
|
56
|
+
* Net::LDAP#open does not cache bind result {#334}[https://github.com/ruby-ldap/ruby-net-ldap/pull/334]
|
57
|
+
* Fix CI build {#333}[https://github.com/ruby-ldap/ruby-net-ldap/pull/333]
|
58
|
+
* Fix to "undefined method 'result_code'" {#308}[https://github.com/ruby-ldap/ruby-net-ldap/pull/308]
|
59
|
+
* Fixed Exception: incompatible character encodings: ASCII-8BIT and UTF-8 in filter.rb {#285}[https://github.com/ruby-ldap/ruby-net-ldap/pull/285]
|
60
|
+
|
61
|
+
=== Net::LDAP 0.16.1
|
62
|
+
|
63
|
+
* Send DN and newPassword with password_modify request {#271}[https://github.com/ruby-ldap/ruby-net-ldap/pull/271]
|
64
|
+
|
65
|
+
=== Net::LDAP 0.16.0
|
66
|
+
|
67
|
+
* Sasl fix {#281}[https://github.com/ruby-ldap/ruby-net-ldap/pull/281]
|
68
|
+
* enable TLS hostname validation {#279}[https://github.com/ruby-ldap/ruby-net-ldap/pull/279]
|
69
|
+
* update rubocop to 0.42.0 {#278}[https://github.com/ruby-ldap/ruby-net-ldap/pull/278]
|
70
|
+
|
71
|
+
=== Net::LDAP 0.15.0
|
72
|
+
|
73
|
+
* Respect connect_timeout when establishing SSL connections {#273}[https://github.com/ruby-ldap/ruby-net-ldap/pull/273]
|
74
|
+
|
1
75
|
=== Net::LDAP 0.14.0
|
2
76
|
|
3
77
|
* Normalize the encryption parameter passed to the LDAP constructor {#264}[https://github.com/ruby-ldap/ruby-net-ldap/pull/264]
|
data/README.rdoc
CHANGED
@@ -1,4 +1,6 @@
|
|
1
|
-
= Net::LDAP for Ruby
|
1
|
+
= Net::LDAP for Ruby
|
2
|
+
{<img src="https://badge.fury.io/rb/net-ldap.svg" alt="Gem Version" />}[https://badge.fury.io/rb/net-ldap]
|
3
|
+
{<img src="https://travis-ci.org/ruby-ldap/ruby-net-ldap.svg" />}[https://travis-ci.org/ruby-ldap/ruby-net-ldap]
|
2
4
|
|
3
5
|
== Description
|
4
6
|
|
@@ -21,7 +23,7 @@ the most recent LDAP RFCs (4510–4519, plus portions of 4520–4532).
|
|
21
23
|
|
22
24
|
== Synopsis
|
23
25
|
|
24
|
-
See Net::LDAP for documentation and usage samples.
|
26
|
+
See {Net::LDAP on rubydoc.info}[https://www.rubydoc.info/github/ruby-ldap/ruby-net-ldap] for documentation and usage samples.
|
25
27
|
|
26
28
|
== Requirements
|
27
29
|
|
@@ -52,19 +54,27 @@ This task will run the test suite and the
|
|
52
54
|
|
53
55
|
rake rubotest
|
54
56
|
|
55
|
-
|
57
|
+
CI takes too long? If your local box supports
|
58
|
+
{Docker}[https://www.docker.com/], you can also run integration tests locally.
|
59
|
+
Simply run:
|
56
60
|
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
+
script/ldap-docker
|
62
|
+
INTEGRATION=openldap rake test
|
63
|
+
|
64
|
+
Or, use {Docker Compose}[https://docs.docker.com/compose/]. See docker-compose.yml for available Ruby versions.
|
65
|
+
|
66
|
+
docker-compose run ci-2.7
|
67
|
+
|
68
|
+
CAVEAT: you need to add the following line to /etc/hosts
|
69
|
+
127.0.0.1 ldap.example.org
|
70
|
+
127.0.0.1 cert.mismatch.example.org
|
61
71
|
|
62
72
|
== Release
|
63
73
|
|
64
74
|
This section is for gem maintainers to cut a new version of the gem.
|
65
75
|
|
66
76
|
* Check out a new branch `release-VERSION`
|
67
|
-
* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}
|
77
|
+
* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}[http://semver.org/].
|
68
78
|
* Update `History.rdoc`. Get latest changes with `script/changelog`
|
69
79
|
* Open a pull request with these changes for review
|
70
80
|
* After merging, on the master branch, run `script/release`
|
data/lib/net/ber/ber_parser.rb
CHANGED
@@ -172,10 +172,10 @@ module Net::BER::BERParser
|
|
172
172
|
yield id, content_length if block_given?
|
173
173
|
|
174
174
|
if -1 == content_length
|
175
|
-
raise Net::BER::BerError,
|
176
|
-
|
177
|
-
data = read(content_length)
|
175
|
+
raise Net::BER::BerError,
|
176
|
+
"Indeterminite BER content length not implemented."
|
178
177
|
end
|
178
|
+
data = read(content_length)
|
179
179
|
|
180
180
|
parse_ber_object(syntax, id, data)
|
181
181
|
end
|
data/lib/net/ber/core_ext.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -*- ruby encoding: utf-8 -*-
|
2
|
-
|
2
|
+
require_relative 'ber_parser'
|
3
3
|
# :stopdoc:
|
4
4
|
class IO
|
5
5
|
include Net::BER::BERParser
|
@@ -19,35 +19,35 @@ end
|
|
19
19
|
module Net::BER::Extensions # :nodoc:
|
20
20
|
end
|
21
21
|
|
22
|
-
|
22
|
+
require_relative 'core_ext/string'
|
23
23
|
# :stopdoc:
|
24
24
|
class String
|
25
25
|
include Net::BER::BERParser
|
26
26
|
include Net::BER::Extensions::String
|
27
27
|
end
|
28
28
|
|
29
|
-
|
29
|
+
require_relative 'core_ext/array'
|
30
30
|
# :stopdoc:
|
31
31
|
class Array
|
32
32
|
include Net::BER::Extensions::Array
|
33
33
|
end
|
34
34
|
# :startdoc:
|
35
35
|
|
36
|
-
|
36
|
+
require_relative 'core_ext/integer'
|
37
37
|
# :stopdoc:
|
38
38
|
class Integer
|
39
39
|
include Net::BER::Extensions::Integer
|
40
40
|
end
|
41
41
|
# :startdoc:
|
42
42
|
|
43
|
-
|
43
|
+
require_relative 'core_ext/true_class'
|
44
44
|
# :stopdoc:
|
45
45
|
class TrueClass
|
46
46
|
include Net::BER::Extensions::TrueClass
|
47
47
|
end
|
48
48
|
# :startdoc:
|
49
49
|
|
50
|
-
|
50
|
+
require_relative 'core_ext/false_class'
|
51
51
|
# :stopdoc:
|
52
52
|
class FalseClass
|
53
53
|
include Net::BER::Extensions::FalseClass
|
data/lib/net/ber.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -*- ruby encoding: utf-8 -*-
|
2
|
-
|
2
|
+
require_relative 'ldap/version'
|
3
3
|
|
4
4
|
module Net # :nodoc:
|
5
5
|
##
|
@@ -327,11 +327,10 @@ class Net::BER::BerIdentifiedString < String
|
|
327
327
|
# Check the encoding of the newly created String and set the encoding
|
328
328
|
# to 'UTF-8' (NOTE: we do NOT change the bytes, but only set the
|
329
329
|
# encoding to 'UTF-8').
|
330
|
+
return unless encoding == Encoding::BINARY
|
330
331
|
current_encoding = encoding
|
331
|
-
|
332
|
-
|
333
|
-
force_encoding(current_encoding) unless valid_encoding?
|
334
|
-
end
|
332
|
+
force_encoding('UTF-8')
|
333
|
+
force_encoding(current_encoding) unless valid_encoding?
|
335
334
|
end
|
336
335
|
end
|
337
336
|
|
@@ -350,4 +349,4 @@ module Net::BER
|
|
350
349
|
Null = Net::BER::BerIdentifiedNull.new
|
351
350
|
end
|
352
351
|
|
353
|
-
|
352
|
+
require_relative 'ber/core_ext'
|
@@ -1,9 +1,11 @@
|
|
1
|
-
|
1
|
+
require_relative '../auth_adapter'
|
2
2
|
|
3
3
|
module Net
|
4
4
|
class LDAP
|
5
5
|
class AuthAdapter
|
6
6
|
class Sasl < Net::LDAP::AuthAdapter
|
7
|
+
MAX_SASL_CHALLENGES = 10
|
8
|
+
|
7
9
|
#--
|
8
10
|
# Required parameters: :mechanism, :initial_credential and
|
9
11
|
# :challenge_response
|
@@ -47,7 +49,7 @@ module Net
|
|
47
49
|
end
|
48
50
|
|
49
51
|
return pdu unless pdu.result_code == Net::LDAP::ResultCodeSaslBindInProgress
|
50
|
-
raise Net::LDAP::SASLChallengeOverflowError, "sasl-challenge overflow" if ((n += 1) >
|
52
|
+
raise Net::LDAP::SASLChallengeOverflowError, "sasl-challenge overflow" if ((n += 1) > MAX_SASL_CHALLENGES)
|
51
53
|
|
52
54
|
cred = chall.call(pdu.result_server_sasl_creds)
|
53
55
|
end
|
data/lib/net/ldap/connection.rb
CHANGED
@@ -7,7 +7,6 @@ class Net::LDAP::Connection #:nodoc:
|
|
7
7
|
DefaultConnectTimeout = 5
|
8
8
|
|
9
9
|
LdapVersion = 3
|
10
|
-
MaxSaslChallenges = 10
|
11
10
|
|
12
11
|
# Initialize a connection to an LDAP server
|
13
12
|
#
|
@@ -31,26 +30,37 @@ class Net::LDAP::Connection #:nodoc:
|
|
31
30
|
@socket_class = socket_class
|
32
31
|
end
|
33
32
|
|
34
|
-
def prepare_socket(server)
|
33
|
+
def prepare_socket(server, timeout=nil)
|
35
34
|
socket = server[:socket]
|
36
35
|
encryption = server[:encryption]
|
36
|
+
hostname = server[:host]
|
37
37
|
|
38
38
|
@conn = socket
|
39
|
-
setup_encryption
|
39
|
+
setup_encryption(encryption, timeout, hostname) if encryption
|
40
40
|
end
|
41
41
|
|
42
42
|
def open_connection(server)
|
43
43
|
hosts = server[:hosts]
|
44
44
|
encryption = server[:encryption]
|
45
45
|
|
46
|
+
timeout = server[:connect_timeout] || DefaultConnectTimeout
|
46
47
|
socket_opts = {
|
47
|
-
connect_timeout:
|
48
|
+
connect_timeout: timeout,
|
48
49
|
}
|
49
50
|
|
50
51
|
errors = []
|
51
52
|
hosts.each do |host, port|
|
52
53
|
begin
|
53
|
-
prepare_socket(server.merge(socket: @socket_class.new(host, port, socket_opts)))
|
54
|
+
prepare_socket(server.merge(socket: @socket_class.new(host, port, socket_opts)), timeout)
|
55
|
+
if encryption
|
56
|
+
if encryption[:tls_options] &&
|
57
|
+
encryption[:tls_options][:verify_mode] &&
|
58
|
+
encryption[:tls_options][:verify_mode] == OpenSSL::SSL::VERIFY_NONE
|
59
|
+
warn "not verifying SSL hostname of LDAPS server '#{host}:#{port}'"
|
60
|
+
else
|
61
|
+
@conn.post_connection_check(host)
|
62
|
+
end
|
63
|
+
end
|
54
64
|
return
|
55
65
|
rescue Net::LDAP::Error, SocketError, SystemCallError,
|
56
66
|
OpenSSL::SSL::SSLError => e
|
@@ -65,7 +75,8 @@ class Net::LDAP::Connection #:nodoc:
|
|
65
75
|
|
66
76
|
module GetbyteForSSLSocket
|
67
77
|
def getbyte
|
68
|
-
getc
|
78
|
+
c = getc
|
79
|
+
c && c.ord
|
69
80
|
end
|
70
81
|
end
|
71
82
|
|
@@ -76,7 +87,7 @@ class Net::LDAP::Connection #:nodoc:
|
|
76
87
|
end
|
77
88
|
end
|
78
89
|
|
79
|
-
def self.wrap_with_ssl(io, tls_options = {})
|
90
|
+
def self.wrap_with_ssl(io, tls_options = {}, timeout=nil, hostname=nil)
|
80
91
|
raise Net::LDAP::NoOpenSSLError, "OpenSSL is unavailable" unless Net::LDAP::HasOpenSSL
|
81
92
|
|
82
93
|
ctx = OpenSSL::SSL::SSLContext.new
|
@@ -86,7 +97,23 @@ class Net::LDAP::Connection #:nodoc:
|
|
86
97
|
ctx.set_params(tls_options) unless tls_options.empty?
|
87
98
|
|
88
99
|
conn = OpenSSL::SSL::SSLSocket.new(io, ctx)
|
89
|
-
conn.
|
100
|
+
conn.hostname = hostname
|
101
|
+
|
102
|
+
begin
|
103
|
+
if timeout
|
104
|
+
conn.connect_nonblock
|
105
|
+
else
|
106
|
+
conn.connect
|
107
|
+
end
|
108
|
+
rescue IO::WaitReadable
|
109
|
+
raise Errno::ETIMEDOUT, "OpenSSL connection read timeout" unless
|
110
|
+
IO.select([conn], nil, nil, timeout)
|
111
|
+
retry
|
112
|
+
rescue IO::WaitWritable
|
113
|
+
raise Errno::ETIMEDOUT, "OpenSSL connection write timeout" unless
|
114
|
+
IO.select(nil, [conn], nil, timeout)
|
115
|
+
retry
|
116
|
+
end
|
90
117
|
|
91
118
|
# Doesn't work:
|
92
119
|
# conn.sync_close = true
|
@@ -123,11 +150,11 @@ class Net::LDAP::Connection #:nodoc:
|
|
123
150
|
# communications, as with simple_tls. Thanks for Kouhei Sutou for
|
124
151
|
# generously contributing the :start_tls path.
|
125
152
|
#++
|
126
|
-
def setup_encryption(args)
|
153
|
+
def setup_encryption(args, timeout=nil, hostname=nil)
|
127
154
|
args[:tls_options] ||= {}
|
128
155
|
case args[:method]
|
129
156
|
when :simple_tls
|
130
|
-
@conn = self.class.wrap_with_ssl(@conn, args[:tls_options])
|
157
|
+
@conn = self.class.wrap_with_ssl(@conn, args[:tls_options], timeout, hostname)
|
131
158
|
# additional branches requiring server validation and peer certs, etc.
|
132
159
|
# go here.
|
133
160
|
when :start_tls
|
@@ -143,11 +170,9 @@ class Net::LDAP::Connection #:nodoc:
|
|
143
170
|
raise Net::LDAP::NoStartTLSResultError, "no start_tls result"
|
144
171
|
end
|
145
172
|
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
raise Net::LDAP::StartTLSError, "start_tls failed: #{pdu.result_code}"
|
150
|
-
end
|
173
|
+
raise Net::LDAP::StartTLSError,
|
174
|
+
"start_tls failed: #{pdu.result_code}" unless pdu.result_code.zero?
|
175
|
+
@conn = self.class.wrap_with_ssl(@conn, args[:tls_options], timeout, hostname)
|
151
176
|
else
|
152
177
|
raise Net::LDAP::EncMethodUnsupportedError, "unsupported encryption method #{args[:method]}"
|
153
178
|
end
|
@@ -159,7 +184,7 @@ class Net::LDAP::Connection #:nodoc:
|
|
159
184
|
# have to call it, but perhaps it will come in handy someday.
|
160
185
|
#++
|
161
186
|
def close
|
162
|
-
return if @conn.nil?
|
187
|
+
return if !defined?(@conn) || @conn.nil?
|
163
188
|
@conn.close
|
164
189
|
@conn = nil
|
165
190
|
end
|
@@ -177,12 +202,10 @@ class Net::LDAP::Connection #:nodoc:
|
|
177
202
|
|
178
203
|
# read messages until we have a match for the given message_id
|
179
204
|
while pdu = read
|
180
|
-
if pdu.message_id == message_id
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
next
|
185
|
-
end
|
205
|
+
return pdu if pdu.message_id == message_id
|
206
|
+
|
207
|
+
message_queue[pdu.message_id].push pdu
|
208
|
+
next
|
186
209
|
end
|
187
210
|
|
188
211
|
pdu
|
@@ -280,7 +303,7 @@ class Net::LDAP::Connection #:nodoc:
|
|
280
303
|
control[2] = (control[2] == true).to_ber
|
281
304
|
control.to_ber_sequence
|
282
305
|
end
|
283
|
-
|
306
|
+
[
|
284
307
|
Net::LDAP::LDAPControls::SORT_REQUEST.to_ber,
|
285
308
|
false.to_ber,
|
286
309
|
sort_control_values.to_ber_sequence.to_s.to_ber,
|
@@ -380,12 +403,11 @@ class Net::LDAP::Connection #:nodoc:
|
|
380
403
|
# should collect this into a private helper to clarify the structure
|
381
404
|
query_limit = 0
|
382
405
|
if size > 0
|
383
|
-
if paged
|
384
|
-
|
385
|
-
|
386
|
-
|
387
|
-
|
388
|
-
end
|
406
|
+
query_limit = if paged
|
407
|
+
(((size - n_results) < 126) ? (size - n_results) : 0)
|
408
|
+
else
|
409
|
+
size
|
410
|
+
end
|
389
411
|
end
|
390
412
|
|
391
413
|
request = [
|
@@ -448,6 +470,10 @@ class Net::LDAP::Connection #:nodoc:
|
|
448
470
|
end
|
449
471
|
end
|
450
472
|
|
473
|
+
if result_pdu.nil?
|
474
|
+
raise Net::LDAP::ResponseMissingOrInvalidError, "response missing"
|
475
|
+
end
|
476
|
+
|
451
477
|
# count number of pages of results
|
452
478
|
payload[:page_count] ||= 0
|
453
479
|
payload[:page_count] += 1
|
@@ -573,11 +599,11 @@ class Net::LDAP::Connection #:nodoc:
|
|
573
599
|
|
574
600
|
ext_seq = [Net::LDAP::PasswdModifyOid.to_ber_contextspecific(0)]
|
575
601
|
|
576
|
-
|
577
|
-
|
578
|
-
|
579
|
-
|
580
|
-
|
602
|
+
pwd_seq = []
|
603
|
+
pwd_seq << dn.to_ber(0x80)
|
604
|
+
pwd_seq << args[:old_password].to_ber(0x81) unless args[:old_password].nil?
|
605
|
+
pwd_seq << args[:new_password].to_ber(0x82) unless args[:new_password].nil?
|
606
|
+
ext_seq << pwd_seq.to_ber_sequence.to_ber(0x81)
|
581
607
|
|
582
608
|
request = ext_seq.to_ber_appsequence(Net::LDAP::PDU::ExtendedRequest)
|
583
609
|
|
@@ -587,7 +613,7 @@ class Net::LDAP::Connection #:nodoc:
|
|
587
613
|
pdu = queued_read(message_id)
|
588
614
|
|
589
615
|
if !pdu || pdu.app_tag != Net::LDAP::PDU::ExtendedResponse
|
590
|
-
raise Net::LDAP::
|
616
|
+
raise Net::LDAP::ResponseMissingOrInvalidError, "response missing or invalid"
|
591
617
|
end
|
592
618
|
|
593
619
|
pdu
|
@@ -667,7 +693,7 @@ class Net::LDAP::Connection #:nodoc:
|
|
667
693
|
#
|
668
694
|
# Typically a TCPSocket, but can be a OpenSSL::SSL::SSLSocket
|
669
695
|
def socket
|
670
|
-
return @conn if defined?
|
696
|
+
return @conn if defined?(@conn) && !@conn.nil?
|
671
697
|
|
672
698
|
# First refactoring uses the existing methods open_connection and
|
673
699
|
# prepare_socket to set @conn. Next cleanup would centralize connection
|
@@ -687,7 +713,7 @@ class Net::LDAP::Connection #:nodoc:
|
|
687
713
|
# Wrap around Socket.tcp to normalize with other Socket initializers
|
688
714
|
class DefaultSocket
|
689
715
|
def self.new(host, port, socket_opts = {})
|
690
|
-
Socket.tcp(host, port, socket_opts)
|
716
|
+
Socket.tcp(host, port, **socket_opts)
|
691
717
|
end
|
692
718
|
end
|
693
719
|
end # class Connection
|
data/lib/net/ldap/dataset.rb
CHANGED
@@ -103,7 +103,7 @@ class Net::LDAP::Dataset < Hash
|
|
103
103
|
# with the conversion of
|
104
104
|
def from_entry(entry)
|
105
105
|
dataset = Net::LDAP::Dataset.new
|
106
|
-
hash = {
|
106
|
+
hash = {}
|
107
107
|
entry.each_attribute do |attribute, value|
|
108
108
|
next if attribute == :dn
|
109
109
|
hash[attribute] = value
|
@@ -164,5 +164,3 @@ class Net::LDAP::Dataset < Hash
|
|
164
164
|
end
|
165
165
|
end
|
166
166
|
end
|
167
|
-
|
168
|
-
require 'net/ldap/entry' unless defined? Net::LDAP::Entry
|
data/lib/net/ldap/dn.rb
CHANGED
@@ -57,19 +57,19 @@ class Net::LDAP::DN
|
|
57
57
|
state = :key_oid
|
58
58
|
key << char
|
59
59
|
when ' ' then state = :key
|
60
|
-
else raise "DN badly formed"
|
60
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
61
61
|
end
|
62
62
|
when :key_normal then
|
63
63
|
case char
|
64
64
|
when '=' then state = :value
|
65
65
|
when 'a'..'z', 'A'..'Z', '0'..'9', '-', ' ' then key << char
|
66
|
-
else raise "DN badly formed"
|
66
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
67
67
|
end
|
68
68
|
when :key_oid then
|
69
69
|
case char
|
70
70
|
when '=' then state = :value
|
71
71
|
when '0'..'9', '.', ' ' then key << char
|
72
|
-
else raise "DN badly formed"
|
72
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
73
73
|
end
|
74
74
|
when :value then
|
75
75
|
case char
|
@@ -110,7 +110,7 @@ class Net::LDAP::DN
|
|
110
110
|
when '0'..'9', 'a'..'f', 'A'..'F' then
|
111
111
|
state = :value_normal
|
112
112
|
value << "#{hex_buffer}#{char}".to_i(16).chr
|
113
|
-
else raise "DN badly formed"
|
113
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
114
114
|
end
|
115
115
|
when :value_quoted then
|
116
116
|
case char
|
@@ -132,7 +132,7 @@ class Net::LDAP::DN
|
|
132
132
|
when '0'..'9', 'a'..'f', 'A'..'F' then
|
133
133
|
state = :value_quoted
|
134
134
|
value << "#{hex_buffer}#{char}".to_i(16).chr
|
135
|
-
else raise "DN badly formed"
|
135
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
136
136
|
end
|
137
137
|
when :value_hexstring then
|
138
138
|
case char
|
@@ -145,14 +145,14 @@ class Net::LDAP::DN
|
|
145
145
|
yield key.string.strip, value.string.rstrip
|
146
146
|
key = StringIO.new
|
147
147
|
value = StringIO.new;
|
148
|
-
else raise "DN badly formed"
|
148
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
149
149
|
end
|
150
150
|
when :value_hexstring_hex then
|
151
151
|
case char
|
152
152
|
when '0'..'9', 'a'..'f', 'A'..'F' then
|
153
153
|
state = :value_hexstring
|
154
154
|
value << char
|
155
|
-
else raise "DN badly formed"
|
155
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
156
156
|
end
|
157
157
|
when :value_end then
|
158
158
|
case char
|
@@ -162,18 +162,17 @@ class Net::LDAP::DN
|
|
162
162
|
yield key.string.strip, value.string.rstrip
|
163
163
|
key = StringIO.new
|
164
164
|
value = StringIO.new;
|
165
|
-
else raise "DN badly formed"
|
165
|
+
else raise Net::LDAP::InvalidDNError, "DN badly formed"
|
166
166
|
end
|
167
|
-
else raise "Fell out of state machine"
|
167
|
+
else raise Net::LDAP::InvalidDNError, "Fell out of state machine"
|
168
168
|
end
|
169
169
|
end
|
170
170
|
|
171
171
|
# Last pair
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
end
|
172
|
+
raise Net::LDAP::InvalidDNError, "DN badly formed" unless
|
173
|
+
[:value, :value_normal, :value_hexstring, :value_end].include? state
|
174
|
+
|
175
|
+
yield key.string.strip, value.string.rstrip
|
177
176
|
end
|
178
177
|
|
179
178
|
##
|
@@ -193,27 +192,19 @@ class Net::LDAP::DN
|
|
193
192
|
# http://tools.ietf.org/html/rfc2253 section 2.4 lists these exceptions
|
194
193
|
# for dn values. All of the following must be escaped in any normal string
|
195
194
|
# using a single backslash ('\') as escape.
|
196
|
-
ESCAPES =
|
197
|
-
',' => ',',
|
198
|
-
'+' => '+',
|
199
|
-
'"' => '"',
|
200
|
-
'\\' => '\\',
|
201
|
-
'<' => '<',
|
202
|
-
'>' => '>',
|
203
|
-
';' => ';',
|
204
|
-
}
|
195
|
+
ESCAPES = %w[, + " \\ < > ;]
|
205
196
|
|
206
|
-
# Compiled character class regexp using the
|
197
|
+
# Compiled character class regexp using the values from the above list, and
|
207
198
|
# checking for a space or # at the start, or space at the end, of the
|
208
199
|
# string.
|
209
200
|
ESCAPE_RE = Regexp.new("(^ |^#| $|[" +
|
210
|
-
ESCAPES.
|
201
|
+
ESCAPES.map { |e| Regexp.escape(e) }.join +
|
211
202
|
"])")
|
212
203
|
|
213
204
|
##
|
214
205
|
# Escape a string for use in a DN value
|
215
206
|
def self.escape(string)
|
216
|
-
string.gsub(ESCAPE_RE) { |char| "\\" +
|
207
|
+
string.gsub(ESCAPE_RE) { |char| "\\" + char }
|
217
208
|
end
|
218
209
|
|
219
210
|
##
|
data/lib/net/ldap/entry.rb
CHANGED
@@ -133,6 +133,13 @@ class Net::LDAP::Entry
|
|
133
133
|
@myhash.keys
|
134
134
|
end
|
135
135
|
|
136
|
+
##
|
137
|
+
# Creates a duplicate of the internal Hash containing the attributes
|
138
|
+
# of the entry.
|
139
|
+
def to_h
|
140
|
+
@myhash.dup
|
141
|
+
end
|
142
|
+
|
136
143
|
##
|
137
144
|
# Accesses each of the attributes present in the Entry.
|
138
145
|
#
|
@@ -140,11 +147,10 @@ class Net::LDAP::Entry
|
|
140
147
|
# arguments to the block: a Symbol giving the name of the attribute, and a
|
141
148
|
# (possibly empty) \Array of data values.
|
142
149
|
def each # :yields: attribute-name, data-values-array
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
end
|
150
|
+
return unless block_given?
|
151
|
+
attribute_names.each do|a|
|
152
|
+
attr_name, values = a, self[a]
|
153
|
+
yield attr_name, values
|
148
154
|
end
|
149
155
|
end
|
150
156
|
alias_method :each_attribute, :each
|
@@ -188,6 +194,8 @@ class Net::LDAP::Entry
|
|
188
194
|
sym.to_s[-1] == ?=
|
189
195
|
end
|
190
196
|
private :setter?
|
191
|
-
end # class Entry
|
192
197
|
|
193
|
-
|
198
|
+
def ==(other)
|
199
|
+
other.instance_of?(self.class) && @myhash == other.to_h
|
200
|
+
end
|
201
|
+
end # class Entry
|