net-ldap 0.14.0 → 0.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/History.rdoc +74 -0
- data/README.rdoc +18 -8
- data/lib/net/ber/ber_parser.rb +3 -3
- data/lib/net/ber/core_ext.rb +6 -6
- data/lib/net/ber.rb +5 -6
- data/lib/net/ldap/auth_adapter/gss_spnego.rb +2 -2
- data/lib/net/ldap/auth_adapter/sasl.rb +4 -2
- data/lib/net/ldap/auth_adapter/simple.rb +1 -1
- data/lib/net/ldap/connection.rb +63 -37
- data/lib/net/ldap/dataset.rb +1 -3
- data/lib/net/ldap/dn.rb +17 -26
- data/lib/net/ldap/entry.rb +15 -7
- data/lib/net/ldap/error.rb +2 -26
- data/lib/net/ldap/filter.rb +10 -3
- data/lib/net/ldap/instrumentation.rb +2 -2
- data/lib/net/ldap/password.rb +7 -5
- data/lib/net/ldap/pdu.rb +1 -1
- data/lib/net/ldap/version.rb +1 -1
- data/lib/net/ldap.rb +91 -58
- data/lib/net/snmp.rb +1 -1
- data/lib/net-ldap.rb +1 -1
- metadata +16 -101
- data/.gitignore +0 -9
- data/.rubocop.yml +0 -17
- data/.rubocop_todo.yml +0 -599
- data/.travis.yml +0 -33
- data/CONTRIBUTING.md +0 -54
- data/Gemfile +0 -2
- data/Rakefile +0 -23
- data/net-ldap.gemspec +0 -37
- data/script/changelog +0 -47
- data/script/install-openldap +0 -115
- data/script/package +0 -7
- data/script/release +0 -16
- data/test/ber/core_ext/test_array.rb +0 -22
- data/test/ber/core_ext/test_string.rb +0 -25
- data/test/ber/test_ber.rb +0 -153
- data/test/fixtures/cacert.pem +0 -20
- data/test/fixtures/openldap/memberof.ldif +0 -33
- data/test/fixtures/openldap/retcode.ldif +0 -76
- data/test/fixtures/openldap/slapd.conf.ldif +0 -67
- data/test/fixtures/seed.ldif +0 -374
- data/test/integration/test_add.rb +0 -28
- data/test/integration/test_ber.rb +0 -30
- data/test/integration/test_bind.rb +0 -42
- data/test/integration/test_delete.rb +0 -31
- data/test/integration/test_open.rb +0 -88
- data/test/integration/test_password_modify.rb +0 -80
- data/test/integration/test_return_codes.rb +0 -38
- data/test/integration/test_search.rb +0 -77
- data/test/support/vm/openldap/.gitignore +0 -1
- data/test/support/vm/openldap/README.md +0 -32
- data/test/support/vm/openldap/Vagrantfile +0 -33
- data/test/test_auth_adapter.rb +0 -15
- data/test/test_dn.rb +0 -44
- data/test/test_entry.rb +0 -65
- data/test/test_filter.rb +0 -223
- data/test/test_filter_parser.rb +0 -24
- data/test/test_helper.rb +0 -66
- data/test/test_ldap.rb +0 -114
- data/test/test_ldap_connection.rb +0 -493
- data/test/test_ldif.rb +0 -104
- data/test/test_password.rb +0 -10
- data/test/test_rename.rb +0 -77
- data/test/test_search.rb +0 -39
- data/test/test_snmp.rb +0 -119
- data/test/test_ssl_ber.rb +0 -40
- data/test/testdata.ldif +0 -101
- data/testserver/ldapserver.rb +0 -209
- data/testserver/testdata.ldif +0 -101
data/test/test_ldap.rb
DELETED
@@ -1,114 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class TestLDAPInstrumentation < Test::Unit::TestCase
|
4
|
-
# Fake Net::LDAP::Connection for testing
|
5
|
-
class FakeConnection
|
6
|
-
# It's difficult to instantiate Net::LDAP::PDU objects. Faking out what we
|
7
|
-
# need here until that object is brought under test and has it's constructor
|
8
|
-
# cleaned up.
|
9
|
-
class Result < Struct.new(:success?, :result_code); end
|
10
|
-
|
11
|
-
def initialize
|
12
|
-
@bind_success = Result.new(true, Net::LDAP::ResultCodeSuccess)
|
13
|
-
@search_success = Result.new(true, Net::LDAP::ResultCodeSizeLimitExceeded)
|
14
|
-
end
|
15
|
-
|
16
|
-
def bind(args = {})
|
17
|
-
@bind_success
|
18
|
-
end
|
19
|
-
|
20
|
-
def search(*args)
|
21
|
-
yield @search_success if block_given?
|
22
|
-
@search_success
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
def setup
|
27
|
-
@connection = flexmock(:connection, :close => true)
|
28
|
-
flexmock(Net::LDAP::Connection).should_receive(:new).and_return(@connection)
|
29
|
-
|
30
|
-
@service = MockInstrumentationService.new
|
31
|
-
@subject = Net::LDAP.new \
|
32
|
-
:host => "test.mocked.com", :port => 636,
|
33
|
-
:force_no_page => true, # so server capabilities are not queried
|
34
|
-
:instrumentation_service => @service
|
35
|
-
end
|
36
|
-
|
37
|
-
def test_instrument_bind
|
38
|
-
events = @service.subscribe "bind.net_ldap"
|
39
|
-
|
40
|
-
fake_connection = FakeConnection.new
|
41
|
-
@subject.connection = fake_connection
|
42
|
-
bind_result = fake_connection.bind
|
43
|
-
|
44
|
-
assert @subject.bind
|
45
|
-
|
46
|
-
payload, result = events.pop
|
47
|
-
assert result
|
48
|
-
assert_equal bind_result, payload[:bind]
|
49
|
-
end
|
50
|
-
|
51
|
-
def test_instrument_search
|
52
|
-
events = @service.subscribe "search.net_ldap"
|
53
|
-
|
54
|
-
fake_connection = FakeConnection.new
|
55
|
-
@subject.connection = fake_connection
|
56
|
-
entry = fake_connection.search
|
57
|
-
|
58
|
-
refute_nil @subject.search(:filter => "(uid=user1)")
|
59
|
-
|
60
|
-
payload, result = events.pop
|
61
|
-
assert_equal [entry], result
|
62
|
-
assert_equal [entry], payload[:result]
|
63
|
-
assert_equal "(uid=user1)", payload[:filter]
|
64
|
-
end
|
65
|
-
|
66
|
-
def test_instrument_search_with_size
|
67
|
-
events = @service.subscribe "search.net_ldap"
|
68
|
-
|
69
|
-
fake_connection = FakeConnection.new
|
70
|
-
@subject.connection = fake_connection
|
71
|
-
entry = fake_connection.search
|
72
|
-
|
73
|
-
refute_nil @subject.search(:filter => "(uid=user1)", :size => 1)
|
74
|
-
|
75
|
-
payload, result = events.pop
|
76
|
-
assert_equal [entry], result
|
77
|
-
assert_equal [entry], payload[:result]
|
78
|
-
assert_equal "(uid=user1)", payload[:filter]
|
79
|
-
assert_equal result.size, payload[:size]
|
80
|
-
end
|
81
|
-
|
82
|
-
def test_obscure_auth
|
83
|
-
password = "opensesame"
|
84
|
-
assert_include(@subject.inspect, "anonymous")
|
85
|
-
@subject.auth "joe_user", password
|
86
|
-
assert_not_include(@subject.inspect, password)
|
87
|
-
end
|
88
|
-
|
89
|
-
def test_encryption
|
90
|
-
enc = @subject.encryption('start_tls')
|
91
|
-
|
92
|
-
assert_equal enc[:method], :start_tls
|
93
|
-
end
|
94
|
-
|
95
|
-
def test_normalize_encryption_symbol
|
96
|
-
enc = @subject.send(:normalize_encryption, :start_tls)
|
97
|
-
assert_equal enc, {:method => :start_tls, :tls_options => {}}
|
98
|
-
end
|
99
|
-
|
100
|
-
def test_normalize_encryption_nil
|
101
|
-
enc = @subject.send(:normalize_encryption, nil)
|
102
|
-
assert_equal enc, nil
|
103
|
-
end
|
104
|
-
|
105
|
-
def test_normalize_encryption_string
|
106
|
-
enc = @subject.send(:normalize_encryption, 'start_tls')
|
107
|
-
assert_equal enc, {:method => :start_tls, :tls_options => {}}
|
108
|
-
end
|
109
|
-
|
110
|
-
def test_normalize_encryption_hash
|
111
|
-
enc = @subject.send(:normalize_encryption, {:method => :start_tls, :tls_options => {:foo => :bar}})
|
112
|
-
assert_equal enc, {:method => :start_tls, :tls_options => {:foo => :bar}}
|
113
|
-
end
|
114
|
-
end
|
@@ -1,493 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
class TestLDAPConnection < Test::Unit::TestCase
|
4
|
-
def capture_stderr
|
5
|
-
stderr, $stderr = $stderr, StringIO.new
|
6
|
-
yield
|
7
|
-
$stderr.string
|
8
|
-
ensure
|
9
|
-
$stderr = stderr
|
10
|
-
end
|
11
|
-
|
12
|
-
# Fake socket for testing
|
13
|
-
#
|
14
|
-
# FakeTCPSocket.new("success", 636)
|
15
|
-
# FakeTCPSocket.new("fail.SocketError", 636) # raises SocketError
|
16
|
-
class FakeTCPSocket
|
17
|
-
def initialize(host, port, socket_opts = {})
|
18
|
-
status, error = host.split(".")
|
19
|
-
if status == "fail"
|
20
|
-
raise Object.const_get(error)
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def test_list_of_hosts_with_first_host_successful
|
26
|
-
hosts = [
|
27
|
-
["success.host", 636],
|
28
|
-
["fail.SocketError", 636],
|
29
|
-
["fail.SocketError", 636],
|
30
|
-
]
|
31
|
-
|
32
|
-
connection = Net::LDAP::Connection.new(:hosts => hosts, :socket_class => FakeTCPSocket)
|
33
|
-
connection.socket
|
34
|
-
end
|
35
|
-
|
36
|
-
def test_list_of_hosts_with_first_host_failure
|
37
|
-
hosts = [
|
38
|
-
["fail.SocketError", 636],
|
39
|
-
["success.host", 636],
|
40
|
-
["fail.SocketError", 636],
|
41
|
-
]
|
42
|
-
|
43
|
-
connection = Net::LDAP::Connection.new(:hosts => hosts, :socket_class => FakeTCPSocket)
|
44
|
-
connection.socket
|
45
|
-
end
|
46
|
-
|
47
|
-
def test_list_of_hosts_with_all_hosts_failure
|
48
|
-
hosts = [
|
49
|
-
["fail.SocketError", 636],
|
50
|
-
["fail.SocketError", 636],
|
51
|
-
["fail.SocketError", 636],
|
52
|
-
]
|
53
|
-
|
54
|
-
connection = Net::LDAP::Connection.new(:hosts => hosts, :socket_class => FakeTCPSocket)
|
55
|
-
assert_raise Net::LDAP::ConnectionError do
|
56
|
-
connection.socket
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
# This belongs in test_ldap, not test_ldap_connection
|
61
|
-
def test_result_for_connection_failed_is_set
|
62
|
-
flexmock(Socket).should_receive(:tcp).and_raise(Errno::ECONNREFUSED)
|
63
|
-
|
64
|
-
ldap_client = Net::LDAP.new(host: '127.0.0.1', port: 12345)
|
65
|
-
|
66
|
-
assert_raise Net::LDAP::ConnectionRefusedError do
|
67
|
-
ldap_client.bind(method: :simple, username: 'asdf', password: 'asdf')
|
68
|
-
end
|
69
|
-
|
70
|
-
assert_equal(ldap_client.get_operation_result.code, 52)
|
71
|
-
assert_equal(ldap_client.get_operation_result.message, 'Unavailable')
|
72
|
-
end
|
73
|
-
|
74
|
-
def test_unresponsive_host
|
75
|
-
connection = Net::LDAP::Connection.new(:host => "fail.Errno::ETIMEDOUT", :port => 636, :socket_class => FakeTCPSocket)
|
76
|
-
assert_raise Net::LDAP::Error do
|
77
|
-
connection.socket
|
78
|
-
end
|
79
|
-
end
|
80
|
-
|
81
|
-
def test_blocked_port
|
82
|
-
connection = Net::LDAP::Connection.new(:host => "fail.SocketError", :port => 636, :socket_class => FakeTCPSocket)
|
83
|
-
assert_raise Net::LDAP::Error do
|
84
|
-
connection.socket
|
85
|
-
end
|
86
|
-
end
|
87
|
-
|
88
|
-
def test_connection_refused
|
89
|
-
connection = Net::LDAP::Connection.new(:host => "fail.Errno::ECONNREFUSED", :port => 636, :socket_class => FakeTCPSocket)
|
90
|
-
stderr = capture_stderr do
|
91
|
-
assert_raise Net::LDAP::ConnectionRefusedError do
|
92
|
-
connection.socket
|
93
|
-
end
|
94
|
-
end
|
95
|
-
assert_equal("Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.\n", stderr)
|
96
|
-
end
|
97
|
-
|
98
|
-
def test_connection_timeout
|
99
|
-
connection = Net::LDAP::Connection.new(:host => "fail.Errno::ETIMEDOUT", :port => 636, :socket_class => FakeTCPSocket)
|
100
|
-
stderr = capture_stderr do
|
101
|
-
assert_raise Net::LDAP::Error do
|
102
|
-
connection.socket
|
103
|
-
end
|
104
|
-
end
|
105
|
-
end
|
106
|
-
|
107
|
-
def test_raises_unknown_exceptions
|
108
|
-
connection = Net::LDAP::Connection.new(:host => "fail.StandardError", :port => 636, :socket_class => FakeTCPSocket)
|
109
|
-
assert_raise StandardError do
|
110
|
-
connection.socket
|
111
|
-
end
|
112
|
-
end
|
113
|
-
|
114
|
-
def test_modify_ops_delete
|
115
|
-
args = { :operations => [[:delete, "mail"]] }
|
116
|
-
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
117
|
-
expected = ["0\r\n\x01\x010\b\x04\x04mail1\x00"]
|
118
|
-
assert_equal(expected, result)
|
119
|
-
end
|
120
|
-
|
121
|
-
def test_modify_ops_add
|
122
|
-
args = { :operations => [[:add, "mail", "testuser@example.com"]] }
|
123
|
-
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
124
|
-
expected = ["0#\n\x01\x000\x1E\x04\x04mail1\x16\x04\x14testuser@example.com"]
|
125
|
-
assert_equal(expected, result)
|
126
|
-
end
|
127
|
-
|
128
|
-
def test_modify_ops_replace
|
129
|
-
args = { :operations =>[[:replace, "mail", "testuser@example.com"]] }
|
130
|
-
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
131
|
-
expected = ["0#\n\x01\x020\x1E\x04\x04mail1\x16\x04\x14testuser@example.com"]
|
132
|
-
assert_equal(expected, result)
|
133
|
-
end
|
134
|
-
|
135
|
-
def test_write
|
136
|
-
mock = flexmock("socket")
|
137
|
-
mock.should_receive(:write).with([1.to_ber, "request"].to_ber_sequence).and_return(true)
|
138
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
139
|
-
conn.send(:write, "request")
|
140
|
-
end
|
141
|
-
|
142
|
-
def test_write_with_controls
|
143
|
-
mock = flexmock("socket")
|
144
|
-
mock.should_receive(:write).with([1.to_ber, "request", "controls"].to_ber_sequence).and_return(true)
|
145
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
146
|
-
conn.send(:write, "request", "controls")
|
147
|
-
end
|
148
|
-
|
149
|
-
def test_write_increments_msgid
|
150
|
-
mock = flexmock("socket")
|
151
|
-
mock.should_receive(:write).with([1.to_ber, "request1"].to_ber_sequence).and_return(true)
|
152
|
-
mock.should_receive(:write).with([2.to_ber, "request2"].to_ber_sequence).and_return(true)
|
153
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
154
|
-
conn.send(:write, "request1")
|
155
|
-
conn.send(:write, "request2")
|
156
|
-
end
|
157
|
-
end
|
158
|
-
|
159
|
-
class TestLDAPConnectionSocketReads < Test::Unit::TestCase
|
160
|
-
def make_message(message_id, options = {})
|
161
|
-
options = {
|
162
|
-
app_tag: Net::LDAP::PDU::SearchResult,
|
163
|
-
code: Net::LDAP::ResultCodeSuccess,
|
164
|
-
matched_dn: "",
|
165
|
-
error_message: "",
|
166
|
-
}.merge(options)
|
167
|
-
result = Net::BER::BerIdentifiedArray.new([options[:code], options[:matched_dn], options[:error_message]])
|
168
|
-
result.ber_identifier = options[:app_tag]
|
169
|
-
[message_id, result]
|
170
|
-
end
|
171
|
-
|
172
|
-
def test_queued_read_drains_queue_before_read
|
173
|
-
result1a = make_message(1, error_message: "one")
|
174
|
-
result1b = make_message(1, error_message: "two")
|
175
|
-
|
176
|
-
mock = flexmock("socket")
|
177
|
-
mock.should_receive(:read_ber).and_return(result1b)
|
178
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
179
|
-
|
180
|
-
conn.message_queue[1].push Net::LDAP::PDU.new(result1a)
|
181
|
-
|
182
|
-
assert msg1 = conn.queued_read(1)
|
183
|
-
assert msg2 = conn.queued_read(1)
|
184
|
-
|
185
|
-
assert_equal 1, msg1.message_id
|
186
|
-
assert_equal "one", msg1.error_message
|
187
|
-
assert_equal 1, msg2.message_id
|
188
|
-
assert_equal "two", msg2.error_message
|
189
|
-
end
|
190
|
-
|
191
|
-
def test_queued_read_reads_until_message_id_match
|
192
|
-
result1 = make_message(1)
|
193
|
-
result2 = make_message(2)
|
194
|
-
|
195
|
-
mock = flexmock("socket")
|
196
|
-
mock.should_receive(:read_ber).
|
197
|
-
and_return(result1).
|
198
|
-
and_return(result2)
|
199
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
200
|
-
|
201
|
-
assert result = conn.queued_read(2)
|
202
|
-
assert_equal 2, result.message_id
|
203
|
-
assert_equal 1, conn.queued_read(1).message_id
|
204
|
-
end
|
205
|
-
|
206
|
-
def test_queued_read_modify
|
207
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
208
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::ModifyResponse)
|
209
|
-
|
210
|
-
mock = flexmock("socket")
|
211
|
-
mock.should_receive(:read_ber).
|
212
|
-
and_return(result1).
|
213
|
-
and_return(result2)
|
214
|
-
mock.should_receive(:write)
|
215
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
216
|
-
|
217
|
-
conn.next_msgid # simulates ongoing query
|
218
|
-
|
219
|
-
conn.instance_variable_get("@msgid")
|
220
|
-
|
221
|
-
assert result = conn.modify(dn: "uid=modified-user1,ou=People,dc=rubyldap,dc=com",
|
222
|
-
operations: [[:add, :mail, "modified-user1@example.com"]])
|
223
|
-
assert result.success?
|
224
|
-
assert_equal 2, result.message_id
|
225
|
-
end
|
226
|
-
|
227
|
-
def test_queued_read_add
|
228
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
229
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::AddResponse)
|
230
|
-
|
231
|
-
mock = flexmock("socket")
|
232
|
-
mock.should_receive(:read_ber).
|
233
|
-
and_return(result1).
|
234
|
-
and_return(result2)
|
235
|
-
mock.should_receive(:write)
|
236
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
237
|
-
|
238
|
-
conn.next_msgid # simulates ongoing query
|
239
|
-
|
240
|
-
assert result = conn.add(dn: "uid=added-user1,ou=People,dc=rubyldap,dc=com")
|
241
|
-
assert result.success?
|
242
|
-
assert_equal 2, result.message_id
|
243
|
-
end
|
244
|
-
|
245
|
-
def test_queued_read_rename
|
246
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
247
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::ModifyRDNResponse)
|
248
|
-
|
249
|
-
mock = flexmock("socket")
|
250
|
-
mock.should_receive(:read_ber).
|
251
|
-
and_return(result1).
|
252
|
-
and_return(result2)
|
253
|
-
mock.should_receive(:write)
|
254
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
255
|
-
|
256
|
-
conn.next_msgid # simulates ongoing query
|
257
|
-
|
258
|
-
assert result = conn.rename(
|
259
|
-
olddn: "uid=renamable-user1,ou=People,dc=rubyldap,dc=com",
|
260
|
-
newrdn: "uid=renamed-user1",
|
261
|
-
)
|
262
|
-
assert result.success?
|
263
|
-
assert_equal 2, result.message_id
|
264
|
-
end
|
265
|
-
|
266
|
-
def test_queued_read_delete
|
267
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
268
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::DeleteResponse)
|
269
|
-
|
270
|
-
mock = flexmock("socket")
|
271
|
-
mock.should_receive(:read_ber).
|
272
|
-
and_return(result1).
|
273
|
-
and_return(result2)
|
274
|
-
mock.should_receive(:write)
|
275
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
276
|
-
|
277
|
-
conn.next_msgid # simulates ongoing query
|
278
|
-
|
279
|
-
assert result = conn.delete(dn: "uid=deletable-user1,ou=People,dc=rubyldap,dc=com")
|
280
|
-
assert result.success?
|
281
|
-
assert_equal 2, result.message_id
|
282
|
-
end
|
283
|
-
|
284
|
-
def test_queued_read_setup_encryption_with_start_tls
|
285
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
286
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::ExtendedResponse)
|
287
|
-
|
288
|
-
mock = flexmock("socket")
|
289
|
-
mock.should_receive(:read_ber).
|
290
|
-
and_return(result1).
|
291
|
-
and_return(result2)
|
292
|
-
mock.should_receive(:write)
|
293
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
294
|
-
flexmock(Net::LDAP::Connection).should_receive(:wrap_with_ssl).with(mock, {}).
|
295
|
-
and_return(mock)
|
296
|
-
|
297
|
-
conn.next_msgid # simulates ongoing query
|
298
|
-
|
299
|
-
assert result = conn.setup_encryption(method: :start_tls)
|
300
|
-
assert_equal mock, result
|
301
|
-
end
|
302
|
-
|
303
|
-
def test_queued_read_bind_simple
|
304
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
305
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::BindResult)
|
306
|
-
|
307
|
-
mock = flexmock("socket")
|
308
|
-
mock.should_receive(:read_ber).
|
309
|
-
and_return(result1).
|
310
|
-
and_return(result2)
|
311
|
-
mock.should_receive(:write)
|
312
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
313
|
-
|
314
|
-
conn.next_msgid # simulates ongoing query
|
315
|
-
|
316
|
-
assert result = conn.bind(
|
317
|
-
method: :simple,
|
318
|
-
username: "uid=user1,ou=People,dc=rubyldap,dc=com",
|
319
|
-
password: "passworD1")
|
320
|
-
assert result.success?
|
321
|
-
assert_equal 2, result.message_id
|
322
|
-
end
|
323
|
-
|
324
|
-
def test_queued_read_bind_sasl
|
325
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
326
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::BindResult)
|
327
|
-
|
328
|
-
mock = flexmock("socket")
|
329
|
-
mock.should_receive(:read_ber).
|
330
|
-
and_return(result1).
|
331
|
-
and_return(result2)
|
332
|
-
mock.should_receive(:write)
|
333
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
334
|
-
|
335
|
-
conn.next_msgid # simulates ongoing query
|
336
|
-
|
337
|
-
assert result = conn.bind(
|
338
|
-
method: :sasl,
|
339
|
-
mechanism: "fake",
|
340
|
-
initial_credential: "passworD1",
|
341
|
-
challenge_response: flexmock("challenge proc"))
|
342
|
-
assert result.success?
|
343
|
-
assert_equal 2, result.message_id
|
344
|
-
end
|
345
|
-
end
|
346
|
-
|
347
|
-
class TestLDAPConnectionErrors < Test::Unit::TestCase
|
348
|
-
def setup
|
349
|
-
@tcp_socket = flexmock(:connection)
|
350
|
-
@tcp_socket.should_receive(:write)
|
351
|
-
flexmock(Socket).should_receive(:tcp).and_return(@tcp_socket)
|
352
|
-
@connection = Net::LDAP::Connection.new(:host => 'test.mocked.com', :port => 636)
|
353
|
-
end
|
354
|
-
|
355
|
-
def test_error_failed_operation
|
356
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeUnwillingToPerform, "", "The provided password value was rejected by a password validator: The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'. The minimum number of characters from that set that must be present in user passwords is 1"])
|
357
|
-
ber.ber_identifier = Net::LDAP::PDU::ModifyResponse
|
358
|
-
@tcp_socket.should_receive(:read_ber).and_return([1, ber])
|
359
|
-
|
360
|
-
result = @connection.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
|
361
|
-
assert result.failure?, "should be failure"
|
362
|
-
assert_equal "The provided password value was rejected by a password validator: The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'. The minimum number of characters from that set that must be present in user passwords is 1", result.error_message
|
363
|
-
end
|
364
|
-
|
365
|
-
def test_no_error_on_success
|
366
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
367
|
-
ber.ber_identifier = Net::LDAP::PDU::ModifyResponse
|
368
|
-
@tcp_socket.should_receive(:read_ber).and_return([1, ber])
|
369
|
-
|
370
|
-
result = @connection.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
|
371
|
-
assert result.success?, "should be success"
|
372
|
-
assert_equal "", result.error_message
|
373
|
-
end
|
374
|
-
end
|
375
|
-
|
376
|
-
class TestLDAPConnectionInstrumentation < Test::Unit::TestCase
|
377
|
-
def setup
|
378
|
-
@tcp_socket = flexmock(:connection)
|
379
|
-
@tcp_socket.should_receive(:write)
|
380
|
-
flexmock(Socket).should_receive(:tcp).and_return(@tcp_socket)
|
381
|
-
|
382
|
-
@service = MockInstrumentationService.new
|
383
|
-
@connection = Net::LDAP::Connection.new \
|
384
|
-
:host => 'test.mocked.com',
|
385
|
-
:port => 636,
|
386
|
-
:instrumentation_service => @service
|
387
|
-
end
|
388
|
-
|
389
|
-
def test_write_net_ldap_connection_event
|
390
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
391
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
392
|
-
read_result = [1, ber]
|
393
|
-
@tcp_socket.should_receive(:read_ber).and_return(read_result)
|
394
|
-
|
395
|
-
events = @service.subscribe "write.net_ldap_connection"
|
396
|
-
|
397
|
-
result = @connection.bind(method: :anon)
|
398
|
-
assert result.success?, "should be success"
|
399
|
-
|
400
|
-
# a write event
|
401
|
-
payload, result = events.pop
|
402
|
-
assert payload.key?(:result)
|
403
|
-
assert payload.key?(:content_length)
|
404
|
-
end
|
405
|
-
|
406
|
-
def test_read_net_ldap_connection_event
|
407
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
408
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
409
|
-
read_result = [1, ber]
|
410
|
-
@tcp_socket.should_receive(:read_ber).and_return(read_result)
|
411
|
-
|
412
|
-
events = @service.subscribe "read.net_ldap_connection"
|
413
|
-
|
414
|
-
result = @connection.bind(method: :anon)
|
415
|
-
assert result.success?, "should be success"
|
416
|
-
|
417
|
-
# a read event
|
418
|
-
payload, result = events.pop
|
419
|
-
assert payload.key?(:result)
|
420
|
-
assert_equal read_result, result
|
421
|
-
end
|
422
|
-
|
423
|
-
def test_parse_pdu_net_ldap_connection_event
|
424
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
425
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
426
|
-
read_result = [1, ber]
|
427
|
-
@tcp_socket.should_receive(:read_ber).and_return(read_result)
|
428
|
-
|
429
|
-
events = @service.subscribe "parse_pdu.net_ldap_connection"
|
430
|
-
|
431
|
-
result = @connection.bind(method: :anon)
|
432
|
-
assert result.success?, "should be success"
|
433
|
-
|
434
|
-
# a parse_pdu event
|
435
|
-
payload, result = events.pop
|
436
|
-
assert payload.key?(:pdu)
|
437
|
-
assert payload.key?(:app_tag)
|
438
|
-
assert payload.key?(:message_id)
|
439
|
-
assert_equal Net::LDAP::PDU::BindResult, payload[:app_tag]
|
440
|
-
assert_equal 1, payload[:message_id]
|
441
|
-
pdu = payload[:pdu]
|
442
|
-
assert_equal Net::LDAP::ResultCodeSuccess, pdu.result_code
|
443
|
-
end
|
444
|
-
|
445
|
-
def test_bind_net_ldap_connection_event
|
446
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
447
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
448
|
-
bind_result = [1, ber]
|
449
|
-
@tcp_socket.should_receive(:read_ber).and_return(bind_result)
|
450
|
-
|
451
|
-
events = @service.subscribe "bind.net_ldap_connection"
|
452
|
-
|
453
|
-
result = @connection.bind(method: :anon)
|
454
|
-
assert result.success?, "should be success"
|
455
|
-
|
456
|
-
# a read event
|
457
|
-
payload, result = events.pop
|
458
|
-
assert payload.key?(:result)
|
459
|
-
assert result.success?, "should be success"
|
460
|
-
end
|
461
|
-
|
462
|
-
def test_search_net_ldap_connection_event
|
463
|
-
# search data
|
464
|
-
search_data_ber = Net::BER::BerIdentifiedArray.new([1, [
|
465
|
-
"uid=user1,ou=People,dc=rubyldap,dc=com",
|
466
|
-
[["uid", ["user1"]]],
|
467
|
-
]])
|
468
|
-
search_data_ber.ber_identifier = Net::LDAP::PDU::SearchReturnedData
|
469
|
-
search_data = [1, search_data_ber]
|
470
|
-
# search result (end of results)
|
471
|
-
search_result_ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
472
|
-
search_result_ber.ber_identifier = Net::LDAP::PDU::SearchResult
|
473
|
-
search_result = [1, search_result_ber]
|
474
|
-
@tcp_socket.should_receive(:read_ber).and_return(search_data).
|
475
|
-
and_return(search_result)
|
476
|
-
|
477
|
-
events = @service.subscribe "search.net_ldap_connection"
|
478
|
-
unread = @service.subscribe "search_messages_unread.net_ldap_connection"
|
479
|
-
|
480
|
-
result = @connection.search(filter: "(uid=user1)", base: "ou=People,dc=rubyldap,dc=com")
|
481
|
-
assert result.success?, "should be success"
|
482
|
-
|
483
|
-
# a search event
|
484
|
-
payload, result = events.pop
|
485
|
-
assert payload.key?(:result)
|
486
|
-
assert payload.key?(:filter)
|
487
|
-
assert_equal "(uid=user1)", payload[:filter].to_s
|
488
|
-
assert result
|
489
|
-
|
490
|
-
# ensure no unread
|
491
|
-
assert unread.empty?, "should not have any leftover unread messages"
|
492
|
-
end
|
493
|
-
end
|
data/test/test_ldif.rb
DELETED
@@ -1,104 +0,0 @@
|
|
1
|
-
# $Id: testldif.rb 61 2006-04-18 20:55:55Z blackhedd $
|
2
|
-
|
3
|
-
require_relative 'test_helper'
|
4
|
-
|
5
|
-
require 'digest/sha1'
|
6
|
-
require 'base64'
|
7
|
-
|
8
|
-
class TestLdif < Test::Unit::TestCase
|
9
|
-
TestLdifFilename = "#{File.dirname(__FILE__)}/testdata.ldif"
|
10
|
-
|
11
|
-
def test_empty_ldif
|
12
|
-
ds = Net::LDAP::Dataset.read_ldif(StringIO.new)
|
13
|
-
assert_equal(true, ds.empty?)
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_ldif_with_version
|
17
|
-
io = StringIO.new("version: 1")
|
18
|
-
ds = Net::LDAP::Dataset.read_ldif(io)
|
19
|
-
assert_equal "1", ds.version
|
20
|
-
end
|
21
|
-
|
22
|
-
def test_ldif_with_comments
|
23
|
-
str = ["# Hello from LDIF-land", "# This is an unterminated comment"]
|
24
|
-
io = StringIO.new(str[0] + "\r\n" + str[1])
|
25
|
-
ds = Net::LDAP::Dataset::read_ldif(io)
|
26
|
-
assert_equal(str, ds.comments)
|
27
|
-
end
|
28
|
-
|
29
|
-
def test_ldif_with_password
|
30
|
-
psw = "goldbricks"
|
31
|
-
hashed_psw = "{SHA}" + Base64::encode64(Digest::SHA1.digest(psw)).chomp
|
32
|
-
|
33
|
-
ldif_encoded = Base64::encode64(hashed_psw).chomp
|
34
|
-
ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: Goldbrick\r\nuserPassword:: #{ldif_encoded}\r\n\r\n"))
|
35
|
-
recovered_psw = ds["Goldbrick"][:userpassword].shift
|
36
|
-
assert_equal(hashed_psw, recovered_psw)
|
37
|
-
end
|
38
|
-
|
39
|
-
def test_ldif_with_continuation_lines
|
40
|
-
ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hijklmn\r\n\r\n"))
|
41
|
-
assert_equal(true, ds.key?("abcdefghijklmn"))
|
42
|
-
end
|
43
|
-
|
44
|
-
def test_ldif_with_continuation_lines_and_extra_whitespace
|
45
|
-
ds1 = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hijklmn\r\n\r\n"))
|
46
|
-
assert_equal(true, ds1.key?("abcdefg hijklmn"))
|
47
|
-
ds2 = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hij klmn\r\n\r\n"))
|
48
|
-
assert_equal(true, ds2.key?("abcdefghij klmn"))
|
49
|
-
end
|
50
|
-
|
51
|
-
def test_ldif_tab_is_not_continuation
|
52
|
-
ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: key\r\n\tnotcontinued\r\n\r\n"))
|
53
|
-
assert_equal(true, ds.key?("key"))
|
54
|
-
end
|
55
|
-
|
56
|
-
def test_ldif_with_base64_dn
|
57
|
-
str = "dn:: Q049QmFzZTY0IGRuIHRlc3QsT1U9VGVzdCxPVT1Vbml0cyxEQz1leGFtcGxlLERDPWNvbQ==\r\n\r\n"
|
58
|
-
ds = Net::LDAP::Dataset::read_ldif(StringIO.new(str))
|
59
|
-
assert_equal(true, ds.key?("CN=Base64 dn test,OU=Test,OU=Units,DC=example,DC=com"))
|
60
|
-
end
|
61
|
-
|
62
|
-
def test_ldif_with_base64_dn_and_continuation_lines
|
63
|
-
str = "dn:: Q049QmFzZTY0IGRuIHRlc3Qgd2l0aCBjb250aW51YXRpb24gbGluZSxPVT1UZXN0LE9VPVVua\r\n XRzLERDPWV4YW1wbGUsREM9Y29t\r\n\r\n"
|
64
|
-
ds = Net::LDAP::Dataset::read_ldif(StringIO.new(str))
|
65
|
-
assert_equal(true, ds.key?("CN=Base64 dn test with continuation line,OU=Test,OU=Units,DC=example,DC=com"))
|
66
|
-
end
|
67
|
-
|
68
|
-
# TODO, INADEQUATE. We need some more tests
|
69
|
-
# to verify the content.
|
70
|
-
def test_ldif
|
71
|
-
File.open(TestLdifFilename, "r") do |f|
|
72
|
-
ds = Net::LDAP::Dataset::read_ldif(f)
|
73
|
-
assert_equal(13, ds.length)
|
74
|
-
end
|
75
|
-
end
|
76
|
-
|
77
|
-
# Must test folded lines and base64-encoded lines as well as normal ones.
|
78
|
-
def test_to_ldif
|
79
|
-
data = File.open(TestLdifFilename, "rb") { |f| f.read }
|
80
|
-
io = StringIO.new(data)
|
81
|
-
|
82
|
-
# added .lines to turn to array because 1.9 doesn't have
|
83
|
-
# .grep on basic strings
|
84
|
-
entries = data.lines.grep(/^dn:\s*/) { $'.chomp }
|
85
|
-
dn_entries = entries.dup
|
86
|
-
|
87
|
-
ds = Net::LDAP::Dataset::read_ldif(io) do |type, value|
|
88
|
-
case type
|
89
|
-
when :dn
|
90
|
-
assert_equal(dn_entries.first, value)
|
91
|
-
dn_entries.shift
|
92
|
-
end
|
93
|
-
end
|
94
|
-
assert_equal(entries.size, ds.size)
|
95
|
-
assert_equal(entries.sort, ds.to_ldif.grep(/^dn:\s*/) { $'.chomp })
|
96
|
-
end
|
97
|
-
|
98
|
-
def test_to_ldif_with_version
|
99
|
-
ds = Net::LDAP::Dataset.new
|
100
|
-
ds.version = "1"
|
101
|
-
|
102
|
-
assert_equal "version: 1", ds.to_ldif_string.chomp
|
103
|
-
end
|
104
|
-
end
|