net-ldap 0.16.0 → 0.17.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: d4f923e6ac7f10fc49fff6cfc20271a5eb318360
-  data.tar.gz: 1967da0f521b403b511ad50760baa18fa9cc6dd5
+SHA256:
+  metadata.gz: 02707fcb56d13184b4bbcc16c1555a0d417efb7e20c216a97ee8f28c9553ea84
+  data.tar.gz: 26a82f5021146fe6ec84d83e41722364964e155eb898102e3a8618facc020d9a
 SHA512:
-  metadata.gz: '09bbb19ba3dba954202b1cb94aad491eb64e30a9582cc2c99e2b7ee6cc4cb79da7117bf2cbfc33a0ec851913fe15e76ef91534f92cc87cfe973e28fb1d8c03e1'
-  data.tar.gz: d01aab8d40574cbe7ea738dd0698b092072894ac5c1af9238a9f527651f16dc786e787234d80af116b547137b033fd8966c9c9dc7a48b93c9646f8a274dec677
+  metadata.gz: d19e1bc7cdcaceff6263f2bca2e9326ef441e301ab74556c42313e01704800abb59231f760abec64a8f2d1e313c18324b97c57a64d2b2ee24943be9e4bd2c428
+  data.tar.gz: fa69d36265e7b11b7c83cf812caca680e30af3a0be31c145d70396835081fc06f6a2bf43262ec08f4d6fab1094823dc70de069441229a991f3c5b2eadeb7c4e5

data/History.rdoc

@@ -1,3 +1,50 @@
+=== Net::LDAP 0.17.0
+* Added private recursive_delete as alternative to DELETE_TREE #268
+* Test suite updates #373 #376 #377
+* Use Base64.strict_encode64 and SSHA256 #303
+* Remove deprecated ConnectionRefusedError #366
+* Added method to get a duplicate of the internal Hash #286
+* remove a circular require #380
+* fix LdapServerAsnSyntax compile #379
+* Implement '==' operator for entries #381
+* fix for undefined method for write exception #383
+
+=== Net::LDAP 0.16.3
+
+* Add Net::LDAP::InvalidDNError #371
+* Use require_relative instead of require #360
+* Address some warnings and fix JRuby test omissions #365
+* Bump rake dev dependency to 12.3 #359
+* Enable rubocop in ci #251
+* Enhance rubocop configuration and test syntax #344
+* CI: Drop rbx-2, uninstallable #364
+* Fix RuboCop warnings #312
+* Fix wrong error class #305
+* CONTRIBUTING.md: Repair link to Issues #309
+* Make the generate() method more idiomatic... #326
+* Make encode_sort_controls() more idiomatic... #327
+* Make the instrument() method more idiomatic... #328
+* Fix uninitialised Net::LDAP::LdapPduError #338
+* README.rdoc: Use SVG build badge #310
+* Update TravisCI config to inclue Ruby 2.7 #346
+* add explicit ** to silence Ruby 2.7 warning #342
+* Support parsing filters with attribute tags #345
+* Bump rubocop development dependency version #336
+* Add link to generated and hosted documentation on rubydoc #319
+* Fix 'uninitialized constant Net::LDAP::PDU::LdapPduError' error #317
+* simplify encoding logic: no more chomping required #362
+
+=== Net::LDAP 0.16.2
+
+* Net::LDAP#open does not cache bind result {#334}[https://github.com/ruby-ldap/ruby-net-ldap/pull/334]
+* Fix CI build {#333}[https://github.com/ruby-ldap/ruby-net-ldap/pull/333]
+* Fix to "undefined method 'result_code'" {#308}[https://github.com/ruby-ldap/ruby-net-ldap/pull/308]
+* Fixed Exception: incompatible character encodings: ASCII-8BIT and UTF-8 in filter.rb {#285}[https://github.com/ruby-ldap/ruby-net-ldap/pull/285]
+
+=== Net::LDAP 0.16.1
+
+* Send DN and newPassword with password_modify request {#271}[https://github.com/ruby-ldap/ruby-net-ldap/pull/271]
+
 === Net::LDAP 0.16.0
 
 * Sasl fix {#281}[https://github.com/ruby-ldap/ruby-net-ldap/pull/281]

data/README.rdoc

@@ -1,4 +1,6 @@
-= Net::LDAP for Ruby {<img src="https://travis-ci.org/ruby-ldap/ruby-net-ldap.png" />}[https://travis-ci.org/ruby-ldap/ruby-net-ldap]
+= Net::LDAP for Ruby 
+{<img src="https://badge.fury.io/rb/net-ldap.svg" alt="Gem Version" />}[https://badge.fury.io/rb/net-ldap]
+{<img src="https://travis-ci.org/ruby-ldap/ruby-net-ldap.svg" />}[https://travis-ci.org/ruby-ldap/ruby-net-ldap]
 
 == Description
 
@@ -21,7 +23,7 @@ the most recent LDAP RFCs (4510–4519, plus portions of 4520–4532).
 
 == Synopsis
 
-See Net::LDAP for documentation and usage samples.
+See {Net::LDAP on rubydoc.info}[https://www.rubydoc.info/gems/net-ldap/Net/LDAP] for documentation and usage samples.
 
 == Requirements
 
@@ -53,16 +55,26 @@ This task will run the test suite and the
   rake rubotest
 
 CI takes too long? If your local box supports
-{Vagrant}[https://www.vagrantup.com/], you can run most of the tests
-in a VM on your local box. For more details and setup instructions, see
-{test/support/vm/openldap/README.md}[https://github.com/ruby-ldap/ruby-net-ldap/tree/master/test/support/vm/openldap/README.md]
+{Docker}[https://www.docker.com/], you can also run integration tests locally.
+Simply run:
+
+  script/ldap-docker
+  INTEGRATION=openldap rake test
+  
+Or, use {Docker Compose}[https://docs.docker.com/compose/]. See docker-compose.yml for available Ruby versions.
+
+    docker-compose run ci-2.7
+
+CAVEAT: you need to add the following line to /etc/hosts
+    127.0.0.1 ldap.example.org
+    127.0.0.1 cert.mismatch.example.org
 
 == Release
 
 This section is for gem maintainers to cut a new version of the gem.
 
 * Check out a new branch `release-VERSION`
-* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}(http://semver.org/).
+* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}[http://semver.org/].
 * Update `History.rdoc`. Get latest changes with `script/changelog`
 * Open a pull request with these changes for review
 * After merging, on the master branch, run `script/release`

data/lib/net/ber/core_ext.rb

@@ -1,5 +1,5 @@
 # -*- ruby encoding: utf-8 -*-
-require 'net/ber/ber_parser'
+require_relative 'ber_parser'
 # :stopdoc:
 class IO
   include Net::BER::BERParser
@@ -19,35 +19,35 @@ end
 module Net::BER::Extensions # :nodoc:
 end
 
-require 'net/ber/core_ext/string'
+require_relative 'core_ext/string'
 # :stopdoc:
 class String
   include Net::BER::BERParser
   include Net::BER::Extensions::String
 end
 
-require 'net/ber/core_ext/array'
+require_relative 'core_ext/array'
 # :stopdoc:
 class Array
   include Net::BER::Extensions::Array
 end
 # :startdoc:
 
-require 'net/ber/core_ext/integer'
+require_relative 'core_ext/integer'
 # :stopdoc:
 class Integer
   include Net::BER::Extensions::Integer
 end
 # :startdoc:
 
-require 'net/ber/core_ext/true_class'
+require_relative 'core_ext/true_class'
 # :stopdoc:
 class TrueClass
   include Net::BER::Extensions::TrueClass
 end
 # :startdoc:
 
-require 'net/ber/core_ext/false_class'
+require_relative 'core_ext/false_class'
 # :stopdoc:
 class FalseClass
   include Net::BER::Extensions::FalseClass

data/lib/net/ber.rb

@@ -1,5 +1,5 @@
 # -*- ruby encoding: utf-8 -*-
-require 'net/ldap/version'
+require_relative 'ldap/version'
 
 module Net # :nodoc:
   ##
@@ -349,4 +349,4 @@ module Net::BER
   Null = Net::BER::BerIdentifiedNull.new
 end
 
-require 'net/ber/core_ext'
+require_relative 'ber/core_ext'

data/lib/net/ldap/auth_adapter/gss_spnego.rb

@@ -1,5 +1,5 @@
-require 'net/ldap/auth_adapter'
-require 'net/ldap/auth_adapter/sasl'
+require_relative '../auth_adapter'
+require_relative 'sasl'
 
 module Net
   class LDAP

data/lib/net/ldap/auth_adapter/sasl.rb

@@ -1,4 +1,4 @@
-require 'net/ldap/auth_adapter'
+require_relative '../auth_adapter'
 
 module Net
   class LDAP

data/lib/net/ldap/auth_adapter/simple.rb

@@ -1,4 +1,4 @@
-require 'net/ldap/auth_adapter'
+require_relative '../auth_adapter'
 
 module Net
   class LDAP

data/lib/net/ldap/connection.rb

@@ -181,7 +181,7 @@ class Net::LDAP::Connection #:nodoc:
   # have to call it, but perhaps it will come in handy someday.
   #++
   def close
-    return if @conn.nil?
+    return if !defined?(@conn) || @conn.nil?
     @conn.close
     @conn = nil
   end
@@ -300,7 +300,7 @@ class Net::LDAP::Connection #:nodoc:
       control[2] = (control[2] == true).to_ber
       control.to_ber_sequence
     end
-    sort_control = [
+    [
       Net::LDAP::LDAPControls::SORT_REQUEST.to_ber,
       false.to_ber,
       sort_control_values.to_ber_sequence.to_s.to_ber,
@@ -467,6 +467,10 @@ class Net::LDAP::Connection #:nodoc:
           end
         end
 
+        if result_pdu.nil?
+          raise Net::LDAP::ResponseMissingOrInvalidError, "response missing"
+        end
+
         # count number of pages of results
         payload[:page_count] ||= 0
         payload[:page_count]  += 1
@@ -592,11 +596,11 @@ class Net::LDAP::Connection #:nodoc:
 
     ext_seq = [Net::LDAP::PasswdModifyOid.to_ber_contextspecific(0)]
 
-    unless args[:old_password].nil?
-      pwd_seq = [args[:old_password].to_ber(0x81)]
-      pwd_seq << args[:new_password].to_ber(0x82) unless args[:new_password].nil?
-      ext_seq << pwd_seq.to_ber_sequence.to_ber(0x81)
-    end
+    pwd_seq = []
+    pwd_seq << dn.to_ber(0x80)
+    pwd_seq << args[:old_password].to_ber(0x81) unless args[:old_password].nil?
+    pwd_seq << args[:new_password].to_ber(0x82) unless args[:new_password].nil?
+    ext_seq << pwd_seq.to_ber_sequence.to_ber(0x81)
 
     request = ext_seq.to_ber_appsequence(Net::LDAP::PDU::ExtendedRequest)
 
@@ -606,7 +610,7 @@ class Net::LDAP::Connection #:nodoc:
     pdu = queued_read(message_id)
 
     if !pdu || pdu.app_tag != Net::LDAP::PDU::ExtendedResponse
-      raise Net::LDAP::ResponseMissingError, "response missing or invalid"
+      raise Net::LDAP::ResponseMissingOrInvalidError, "response missing or invalid"
     end
 
     pdu
@@ -686,7 +690,7 @@ class Net::LDAP::Connection #:nodoc:
   #
   # Typically a TCPSocket, but can be a OpenSSL::SSL::SSLSocket
   def socket
-    return @conn if defined? @conn
+    return @conn if defined?(@conn) && !@conn.nil?
 
     # First refactoring uses the existing methods open_connection and
     # prepare_socket to set @conn. Next cleanup would centralize connection
@@ -706,7 +710,7 @@ class Net::LDAP::Connection #:nodoc:
   # Wrap around Socket.tcp to normalize with other Socket initializers
   class DefaultSocket
     def self.new(host, port, socket_opts = {})
-      Socket.tcp(host, port, socket_opts)
+      Socket.tcp(host, port, **socket_opts)
     end
   end
 end # class Connection

data/lib/net/ldap/dataset.rb

@@ -1,3 +1,5 @@
+require_relative 'entry'
+
 # -*- ruby encoding: utf-8 -*-
 ##
 # An LDAP Dataset. Used primarily as an intermediate format for converting
@@ -103,7 +105,7 @@ class Net::LDAP::Dataset < Hash
     # with the conversion of
     def from_entry(entry)
       dataset = Net::LDAP::Dataset.new
-      hash = { }
+      hash = {}
       entry.each_attribute do |attribute, value|
         next if attribute == :dn
         hash[attribute] = value
@@ -164,5 +166,3 @@ class Net::LDAP::Dataset < Hash
     end
   end
 end
-
-require 'net/ldap/entry' unless defined? Net::LDAP::Entry

data/lib/net/ldap/dn.rb

@@ -57,19 +57,19 @@ class Net::LDAP::DN
           state = :key_oid
           key << char
         when ' ' then state = :key
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
       when :key_normal then
         case char
         when '=' then state = :value
         when 'a'..'z', 'A'..'Z', '0'..'9', '-', ' ' then key << char
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
       when :key_oid then
         case char
         when '=' then state = :value
         when '0'..'9', '.', ' ' then key << char
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
       when :value then
         case char
@@ -110,7 +110,7 @@ class Net::LDAP::DN
         when '0'..'9', 'a'..'f', 'A'..'F' then
           state = :value_normal
           value << "#{hex_buffer}#{char}".to_i(16).chr
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
       when :value_quoted then
         case char
@@ -132,7 +132,7 @@ class Net::LDAP::DN
         when '0'..'9', 'a'..'f', 'A'..'F' then
           state = :value_quoted
           value << "#{hex_buffer}#{char}".to_i(16).chr
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
       when :value_hexstring then
         case char
@@ -145,14 +145,14 @@ class Net::LDAP::DN
           yield key.string.strip, value.string.rstrip
           key = StringIO.new
           value = StringIO.new;
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
       when :value_hexstring_hex then
         case char
         when '0'..'9', 'a'..'f', 'A'..'F' then
           state = :value_hexstring
           value << char
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
       when :value_end then
         case char
@@ -162,14 +162,14 @@ class Net::LDAP::DN
           yield key.string.strip, value.string.rstrip
           key = StringIO.new
           value = StringIO.new;
-        else raise "DN badly formed"
+        else raise Net::LDAP::InvalidDNError, "DN badly formed"
         end
-      else raise "Fell out of state machine"
+      else raise Net::LDAP::InvalidDNError, "Fell out of state machine"
       end
     end
 
     # Last pair
-    raise "DN badly formed" unless
+    raise Net::LDAP::InvalidDNError, "DN badly formed" unless
       [:value, :value_normal, :value_hexstring, :value_end].include? state
 
     yield key.string.strip, value.string.rstrip

data/lib/net/ldap/entry.rb

@@ -1,3 +1,5 @@
+require_relative 'dataset'
+
 # -*- ruby encoding: utf-8 -*-
 ##
 # Objects of this class represent individual entries in an LDAP directory.
@@ -133,6 +135,13 @@ class Net::LDAP::Entry
     @myhash.keys
   end
 
+  ##
+  # Creates a duplicate of the internal Hash containing the attributes
+  # of the entry.
+  def to_h
+    @myhash.dup
+  end
+
   ##
   # Accesses each of the attributes present in the Entry.
   #
@@ -187,6 +196,8 @@ class Net::LDAP::Entry
     sym.to_s[-1] == ?=
   end
   private :setter?
-end # class Entry
 
-require 'net/ldap/dataset' unless defined? Net::LDAP::Dataset
+  def ==(other)
+    other.instance_of?(self.class) && @myhash == other.to_h
+  end
+end # class Entry

data/lib/net/ldap/error.rb

@@ -1,38 +1,13 @@
 class Net::LDAP
-  class LdapError < StandardError
-    def message
-      "Deprecation warning: Net::LDAP::LdapError is no longer used. Use Net::LDAP::Error or rescue one of it's subclasses. \n" + super
-    end
-  end
-
   class Error < StandardError; end
 
   class AlreadyOpenedError < Error; end
   class SocketError < Error; end
-  class ConnectionRefusedError < Error;
-    def initialize(*args)
-      warn_deprecation_message
-      super
-    end
-
-    def message
-      warn_deprecation_message
-      super
-    end
-
-    private
-
-    def warn_deprecation_message
-      warn "Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead."
-    end
-  end
   class ConnectionError < Error
     def self.new(errors)
       error = errors.first.first
       if errors.size == 1
-        if error.kind_of? Errno::ECONNREFUSED
-          return Net::LDAP::ConnectionRefusedError.new(error.message)
-        end
+        return error if error.is_a? Errno::ECONNREFUSED
 
         return Net::LDAP::Error.new(error.message)
       end
@@ -60,6 +35,7 @@ class Net::LDAP
   class ResponseTypeInvalidError < Error; end
   class ResponseMissingOrInvalidError < Error; end
   class EmptyDNError < Error; end
+  class InvalidDNError < Error; end
   class HashTypeUnsupportedError < Error; end
   class OperatorError < Error; end
   class SubstringFilterError < Error; end

data/lib/net/ldap/filter.rb

@@ -490,7 +490,7 @@ class Net::LDAP::Filter
     when :eq
       if @right == "*" # presence test
         @left.to_s.to_ber_contextspecific(7)
-      elsif @right =~ /[*]/ # substring
+      elsif @right.to_s =~ /[*]/ # substring
         # Parsing substrings is a little tricky. We use String#split to
         # break a string into substrings delimited by the * (star)
         # character. But we also need to know whether there is a star at the
@@ -645,8 +645,15 @@ class Net::LDAP::Filter
 
   ##
   # Converts escaped characters (e.g., "\\28") to unescaped characters
+  # @note slawson20170317: Don't attempt to unescape 16 byte binary data which we assume are objectGUIDs
+  # The binary form of 5936AE79-664F-44EA-BCCB-5C39399514C6 triggers a BINARY -> UTF-8 conversion error
   def unescape(right)
-    right.to_s.gsub(/\\([a-fA-F\d]{2})/) { [$1.hex].pack("U") }
+    right = right.to_s
+    if right.length == 16 && right.encoding == Encoding::BINARY
+      right
+    else
+      right.to_s.gsub(/\\([a-fA-F\d]{2})/) { [$1.hex].pack("U") }
+    end
   end
   private :unescape
 
@@ -748,7 +755,7 @@ class Net::LDAP::Filter
     # This parses a given expression inside of parentheses.
     def parse_filter_branch(scanner)
       scanner.scan(/\s*/)
-      if token = scanner.scan(/[-\w:.]*[\w]/)
+      if token = scanner.scan(/[-\w:.;]*[\w]/)
         scanner.scan(/\s*/)
         if op = scanner.scan(/<=|>=|!=|:=|=/)
           scanner.scan(/\s*/)

data/lib/net/ldap/instrumentation.rb

@@ -12,8 +12,8 @@ module Net::LDAP::Instrumentation
   def instrument(event, payload = {})
     payload = (payload || {}).dup
     if instrumentation_service
-      instrumentation_service.instrument(event, payload) do |payload|
-        payload[:result] = yield(payload) if block_given?
+      instrumentation_service.instrument(event, payload) do |instr_payload|
+        instr_payload[:result] = yield(instr_payload) if block_given?
       end
     else
       yield(payload) if block_given?

data/lib/net/ldap/password.rb

@@ -1,5 +1,6 @@
 # -*- ruby encoding: utf-8 -*-
 require 'digest/sha1'
+require 'digest/sha2'
 require 'digest/md5'
 require 'base64'
 require 'securerandom'
@@ -19,20 +20,21 @@ class Net::LDAP::Password
     # * Should we provide sha1 as a synonym for sha1? I vote no because then
     #   should you also provide ssha1 for symmetry?
     #
-    attribute_value = ""
     def generate(type, str)
       case type
       when :md5
-         attribute_value = '{MD5}' + Base64.encode64(Digest::MD5.digest(str)).chomp!
+         '{MD5}' + Base64.strict_encode64(Digest::MD5.digest(str))
       when :sha
-         attribute_value = '{SHA}' + Base64.encode64(Digest::SHA1.digest(str)).chomp!
+         '{SHA}' + Base64.strict_encode64(Digest::SHA1.digest(str))
       when :ssha
          salt = SecureRandom.random_bytes(16)
-         attribute_value = '{SSHA}' + Base64.encode64(Digest::SHA1.digest(str + salt) + salt).chomp!
+         '{SSHA}' + Base64.strict_encode64(Digest::SHA1.digest(str + salt) + salt)
+      when :ssha256
+        salt = SecureRandom.random_bytes(16)
+        '{SSHA256}' + Base64.strict_encode64(Digest::SHA256.digest(str + salt) + salt)
       else
          raise Net::LDAP::HashTypeUnsupportedError, "Unsupported password-hash type (#{type})"
       end
-      return attribute_value
     end
   end
 end

data/lib/net/ldap/pdu.rb

@@ -123,7 +123,7 @@ class Net::LDAP::PDU
     when ExtendedResponse
       parse_extended_response(ber_object[1])
     else
-      raise LdapPduError.new("unknown pdu-type: #{@app_tag}")
+      raise Error.new("unknown pdu-type: #{@app_tag}")
     end
 
     parse_controls(ber_object[2]) if ber_object[2]

data/lib/net/ldap/version.rb

@@ -1,5 +1,5 @@
 module Net
   class LDAP
-    VERSION = "0.16.0"
+    VERSION = "0.17.0"
   end
 end

data/lib/net/ldap.rb

@@ -17,19 +17,19 @@ module Net # :nodoc:
 end
 require 'socket'
 
-require 'net/ber'
-require 'net/ldap/pdu'
-require 'net/ldap/filter'
-require 'net/ldap/dataset'
-require 'net/ldap/password'
-require 'net/ldap/entry'
-require 'net/ldap/instrumentation'
-require 'net/ldap/connection'
-require 'net/ldap/version'
-require 'net/ldap/error'
-require 'net/ldap/auth_adapter'
-require 'net/ldap/auth_adapter/simple'
-require 'net/ldap/auth_adapter/sasl'
+require_relative 'ber'
+require_relative 'ldap/pdu'
+require_relative 'ldap/filter'
+require_relative 'ldap/dataset'
+require_relative 'ldap/password'
+require_relative 'ldap/entry'
+require_relative 'ldap/instrumentation'
+require_relative 'ldap/connection'
+require_relative 'ldap/version'
+require_relative 'ldap/error'
+require_relative 'ldap/auth_adapter'
+require_relative 'ldap/auth_adapter/simple'
+require_relative 'ldap/auth_adapter/sasl'
 
 Net::LDAP::AuthAdapter.register([:simple, :anon, :anonymous], Net::LDAP::AuthAdapter::Simple)
 Net::LDAP::AuthAdapter.register(:sasl, Net::LDAP::AuthAdapter::Sasl)
@@ -712,7 +712,7 @@ class Net::LDAP
       begin
         @open_connection = new_connection
         payload[:connection] = @open_connection
-        payload[:bind]       = @open_connection.bind(@auth)
+        payload[:bind]       = @result = @open_connection.bind(@auth)
         yield self
       ensure
         @open_connection.close if @open_connection
@@ -1182,14 +1182,22 @@ class Net::LDAP
   # entries. This method sends an extra control code to tell the LDAP server
   # to do a tree delete. ('1.2.840.113556.1.4.805')
   #
+  # If the LDAP server does not support the DELETE_TREE control code, subordinate
+  # entries are deleted recursively instead.
+  #
   # Returns True or False to indicate whether the delete succeeded. Extended
   # status information is available by calling #get_operation_result.
   #
   #  dn = "mail=deleteme@example.com, ou=people, dc=example, dc=com"
   #  ldap.delete_tree :dn => dn
   def delete_tree(args)
-    delete(args.merge(:control_codes => [[Net::LDAP::LDAPControls::DELETE_TREE, true]]))
+    if search_root_dse[:supportedcontrol].include? Net::LDAP::LDAPControls::DELETE_TREE
+      delete(args.merge(:control_codes => [[Net::LDAP::LDAPControls::DELETE_TREE, true]]))
+    else
+      recursive_delete(args)
+    end
   end
+
   # This method is experimental and subject to change. Return the rootDSE
   # record from the LDAP server as a Net::LDAP::Entry, or an empty Entry if
   # the server doesn't return the record.
@@ -1320,7 +1328,7 @@ class Net::LDAP
     # Force connect to see if there's a connection error
     connection.socket
     connection
-  rescue Errno::ECONNREFUSED, Errno::ETIMEDOUT, Net::LDAP::ConnectionRefusedError => e
+  rescue Errno::ECONNREFUSED, Errno::ETIMEDOUT => e
     @result = {
       :resultCode   => 52,
       :errorMessage => ResultStrings[ResultCodeUnavailable],
@@ -1340,4 +1348,19 @@ class Net::LDAP
     end
   end
 
+  # Recursively delete a dn and it's subordinate children.
+  # This is useful when a server does not support the DELETE_TREE control code.
+  def recursive_delete(args)
+    raise EmptyDNError unless args.is_a?(Hash) && args.key?(:dn)
+    # Delete Children
+    search(base: args[:dn], scope: Net::LDAP::SearchScope_SingleLevel) do |entry|
+      recursive_delete(dn: entry.dn)
+    end
+    # Delete Self
+    unless delete(dn: args[:dn])
+      raise Net::LDAP::Error, get_operation_result[:error_message].to_s
+    end
+    true
+  end
+
 end # class LDAP

data/lib/net/snmp.rb

@@ -1,5 +1,5 @@
 # -*- ruby encoding: utf-8 -*-
-require 'net/ldap/version'
+require_relative 'ldap/version'
 
 # :stopdoc:
 module Net

data/lib/net-ldap.rb

@@ -1,2 +1,2 @@
 # -*- ruby encoding: utf-8 -*-
-require 'net/ldap'
+require_relative 'net/ldap'