net-ldap 0.16.2 → 0.17.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/History.rdoc +46 -0
- data/README.rdoc +10 -3
- data/lib/net/ber/core_ext.rb +6 -6
- data/lib/net/ber.rb +2 -2
- data/lib/net/ldap/auth_adapter/gss_spnego.rb +2 -2
- data/lib/net/ldap/auth_adapter/sasl.rb +1 -1
- data/lib/net/ldap/auth_adapter/simple.rb +1 -1
- data/lib/net/ldap/connection.rb +7 -6
- data/lib/net/ldap/dataset.rb +1 -3
- data/lib/net/ldap/dn.rb +10 -10
- data/lib/net/ldap/entry.rb +11 -2
- data/lib/net/ldap/error.rb +2 -26
- data/lib/net/ldap/filter.rb +3 -3
- data/lib/net/ldap/instrumentation.rb +2 -2
- data/lib/net/ldap/password.rb +7 -5
- data/lib/net/ldap/pdu.rb +1 -1
- data/lib/net/ldap/version.rb +1 -1
- data/lib/net/ldap.rb +39 -16
- data/lib/net/snmp.rb +1 -1
- data/lib/net-ldap.rb +1 -1
- metadata +19 -95
- data/.gitignore +0 -10
- data/.rubocop.yml +0 -20
- data/.rubocop_todo.yml +0 -753
- data/.travis.yml +0 -55
- data/CONTRIBUTING.md +0 -54
- data/Gemfile +0 -2
- data/Rakefile +0 -23
- data/net-ldap.gemspec +0 -37
- data/script/changelog +0 -47
- data/script/ldap-docker +0 -12
- data/script/package +0 -7
- data/script/release +0 -16
- data/test/ber/core_ext/test_array.rb +0 -22
- data/test/ber/core_ext/test_string.rb +0 -25
- data/test/ber/test_ber.rb +0 -153
- data/test/fixtures/ca/docker-ca.pem +0 -18
- data/test/fixtures/ldif/06-retcode.ldif +0 -75
- data/test/fixtures/ldif/50-seed.ldif +0 -374
- data/test/integration/test_add.rb +0 -26
- data/test/integration/test_ber.rb +0 -30
- data/test/integration/test_bind.rb +0 -222
- data/test/integration/test_delete.rb +0 -29
- data/test/integration/test_open.rb +0 -87
- data/test/integration/test_password_modify.rb +0 -93
- data/test/integration/test_return_codes.rb +0 -46
- data/test/integration/test_search.rb +0 -77
- data/test/support/vm/openldap/.gitignore +0 -1
- data/test/test_auth_adapter.rb +0 -15
- data/test/test_dn.rb +0 -44
- data/test/test_entry.rb +0 -65
- data/test/test_filter.rb +0 -223
- data/test/test_filter_parser.rb +0 -24
- data/test/test_helper.rb +0 -73
- data/test/test_ldap.rb +0 -114
- data/test/test_ldap_connection.rb +0 -491
- data/test/test_ldif.rb +0 -104
- data/test/test_password.rb +0 -10
- data/test/test_rename.rb +0 -77
- data/test/test_search.rb +0 -39
- data/test/test_snmp.rb +0 -119
- data/test/test_ssl_ber.rb +0 -40
- data/test/testdata.ldif +0 -101
- data/testserver/ldapserver.rb +0 -209
- data/testserver/testdata.ldif +0 -101
data/test/test_helper.rb
DELETED
|
@@ -1,73 +0,0 @@
|
|
|
1
|
-
# Add 'lib' to load path.
|
|
2
|
-
require 'test/unit'
|
|
3
|
-
require 'net/ldap'
|
|
4
|
-
require 'flexmock/test_unit'
|
|
5
|
-
|
|
6
|
-
# Whether integration tests should be run.
|
|
7
|
-
INTEGRATION = ENV.fetch("INTEGRATION", "skip") != "skip"
|
|
8
|
-
|
|
9
|
-
# The CA file to verify certs against for tests.
|
|
10
|
-
# Override with CA_FILE env variable; otherwise checks for the VM-specific path
|
|
11
|
-
# and falls back to the test/fixtures/cacert.pem for local testing.
|
|
12
|
-
CA_FILE =
|
|
13
|
-
ENV.fetch("CA_FILE") do
|
|
14
|
-
if File.exist?("/etc/ssl/certs/cacert.pem")
|
|
15
|
-
"/etc/ssl/certs/cacert.pem"
|
|
16
|
-
else
|
|
17
|
-
File.expand_path("fixtures/ca/docker-ca.pem", File.dirname(__FILE__))
|
|
18
|
-
end
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
BIND_CREDS = {
|
|
22
|
-
method: :simple,
|
|
23
|
-
username: "cn=admin,dc=example,dc=org",
|
|
24
|
-
password: "admin",
|
|
25
|
-
}.freeze
|
|
26
|
-
|
|
27
|
-
TLS_OPTS = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge({}).freeze
|
|
28
|
-
|
|
29
|
-
if RUBY_VERSION < "2.0"
|
|
30
|
-
class String
|
|
31
|
-
def b
|
|
32
|
-
self
|
|
33
|
-
end
|
|
34
|
-
end
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
class MockInstrumentationService
|
|
38
|
-
def initialize
|
|
39
|
-
@events = {}
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
def instrument(event, payload)
|
|
43
|
-
result = yield(payload)
|
|
44
|
-
@events[event] ||= []
|
|
45
|
-
@events[event] << [payload, result]
|
|
46
|
-
result
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
def subscribe(event)
|
|
50
|
-
@events[event] ||= []
|
|
51
|
-
@events[event]
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
|
|
55
|
-
class LDAPIntegrationTestCase < Test::Unit::TestCase
|
|
56
|
-
# If integration tests aren't enabled, noop these tests.
|
|
57
|
-
if !INTEGRATION
|
|
58
|
-
def run(*)
|
|
59
|
-
self
|
|
60
|
-
end
|
|
61
|
-
end
|
|
62
|
-
|
|
63
|
-
def setup
|
|
64
|
-
@service = MockInstrumentationService.new
|
|
65
|
-
@ldap = Net::LDAP.new \
|
|
66
|
-
host: ENV.fetch('INTEGRATION_HOST', 'localhost'),
|
|
67
|
-
port: ENV.fetch('INTEGRATION_PORT', 389),
|
|
68
|
-
search_domains: %w(dc=example,dc=org),
|
|
69
|
-
uid: 'uid',
|
|
70
|
-
instrumentation_service: @service
|
|
71
|
-
@ldap.authenticate "cn=admin,dc=example,dc=org", "admin"
|
|
72
|
-
end
|
|
73
|
-
end
|
data/test/test_ldap.rb
DELETED
|
@@ -1,114 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class TestLDAPInstrumentation < Test::Unit::TestCase
|
|
4
|
-
# Fake Net::LDAP::Connection for testing
|
|
5
|
-
class FakeConnection
|
|
6
|
-
# It's difficult to instantiate Net::LDAP::PDU objects. Faking out what we
|
|
7
|
-
# need here until that object is brought under test and has it's constructor
|
|
8
|
-
# cleaned up.
|
|
9
|
-
class Result < Struct.new(:success?, :result_code); end
|
|
10
|
-
|
|
11
|
-
def initialize
|
|
12
|
-
@bind_success = Result.new(true, Net::LDAP::ResultCodeSuccess)
|
|
13
|
-
@search_success = Result.new(true, Net::LDAP::ResultCodeSizeLimitExceeded)
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def bind(args = {})
|
|
17
|
-
@bind_success
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def search(*args)
|
|
21
|
-
yield @search_success if block_given?
|
|
22
|
-
@search_success
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def setup
|
|
27
|
-
@connection = flexmock(:connection, :close => true)
|
|
28
|
-
flexmock(Net::LDAP::Connection).should_receive(:new).and_return(@connection)
|
|
29
|
-
|
|
30
|
-
@service = MockInstrumentationService.new
|
|
31
|
-
@subject = Net::LDAP.new \
|
|
32
|
-
:host => "test.mocked.com", :port => 636,
|
|
33
|
-
:force_no_page => true, # so server capabilities are not queried
|
|
34
|
-
:instrumentation_service => @service
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def test_instrument_bind
|
|
38
|
-
events = @service.subscribe "bind.net_ldap"
|
|
39
|
-
|
|
40
|
-
fake_connection = FakeConnection.new
|
|
41
|
-
@subject.connection = fake_connection
|
|
42
|
-
bind_result = fake_connection.bind
|
|
43
|
-
|
|
44
|
-
assert @subject.bind
|
|
45
|
-
|
|
46
|
-
payload, result = events.pop
|
|
47
|
-
assert result
|
|
48
|
-
assert_equal bind_result, payload[:bind]
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def test_instrument_search
|
|
52
|
-
events = @service.subscribe "search.net_ldap"
|
|
53
|
-
|
|
54
|
-
fake_connection = FakeConnection.new
|
|
55
|
-
@subject.connection = fake_connection
|
|
56
|
-
entry = fake_connection.search
|
|
57
|
-
|
|
58
|
-
refute_nil @subject.search(:filter => "(uid=user1)")
|
|
59
|
-
|
|
60
|
-
payload, result = events.pop
|
|
61
|
-
assert_equal [entry], result
|
|
62
|
-
assert_equal [entry], payload[:result]
|
|
63
|
-
assert_equal "(uid=user1)", payload[:filter]
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
def test_instrument_search_with_size
|
|
67
|
-
events = @service.subscribe "search.net_ldap"
|
|
68
|
-
|
|
69
|
-
fake_connection = FakeConnection.new
|
|
70
|
-
@subject.connection = fake_connection
|
|
71
|
-
entry = fake_connection.search
|
|
72
|
-
|
|
73
|
-
refute_nil @subject.search(:filter => "(uid=user1)", :size => 1)
|
|
74
|
-
|
|
75
|
-
payload, result = events.pop
|
|
76
|
-
assert_equal [entry], result
|
|
77
|
-
assert_equal [entry], payload[:result]
|
|
78
|
-
assert_equal "(uid=user1)", payload[:filter]
|
|
79
|
-
assert_equal result.size, payload[:size]
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
def test_obscure_auth
|
|
83
|
-
password = "opensesame"
|
|
84
|
-
assert_include(@subject.inspect, "anonymous")
|
|
85
|
-
@subject.auth "joe_user", password
|
|
86
|
-
assert_not_include(@subject.inspect, password)
|
|
87
|
-
end
|
|
88
|
-
|
|
89
|
-
def test_encryption
|
|
90
|
-
enc = @subject.encryption('start_tls')
|
|
91
|
-
|
|
92
|
-
assert_equal enc[:method], :start_tls
|
|
93
|
-
end
|
|
94
|
-
|
|
95
|
-
def test_normalize_encryption_symbol
|
|
96
|
-
enc = @subject.send(:normalize_encryption, :start_tls)
|
|
97
|
-
assert_equal enc, {:method => :start_tls, :tls_options => {}}
|
|
98
|
-
end
|
|
99
|
-
|
|
100
|
-
def test_normalize_encryption_nil
|
|
101
|
-
enc = @subject.send(:normalize_encryption, nil)
|
|
102
|
-
assert_equal enc, nil
|
|
103
|
-
end
|
|
104
|
-
|
|
105
|
-
def test_normalize_encryption_string
|
|
106
|
-
enc = @subject.send(:normalize_encryption, 'start_tls')
|
|
107
|
-
assert_equal enc, {:method => :start_tls, :tls_options => {}}
|
|
108
|
-
end
|
|
109
|
-
|
|
110
|
-
def test_normalize_encryption_hash
|
|
111
|
-
enc = @subject.send(:normalize_encryption, {:method => :start_tls, :tls_options => {:foo => :bar}})
|
|
112
|
-
assert_equal enc, {:method => :start_tls, :tls_options => {:foo => :bar}}
|
|
113
|
-
end
|
|
114
|
-
end
|
|
@@ -1,491 +0,0 @@
|
|
|
1
|
-
require_relative 'test_helper'
|
|
2
|
-
|
|
3
|
-
class TestLDAPConnection < Test::Unit::TestCase
|
|
4
|
-
def capture_stderr
|
|
5
|
-
stderr, $stderr = $stderr, StringIO.new
|
|
6
|
-
yield
|
|
7
|
-
$stderr.string
|
|
8
|
-
ensure
|
|
9
|
-
$stderr = stderr
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
# Fake socket for testing
|
|
13
|
-
#
|
|
14
|
-
# FakeTCPSocket.new("success", 636)
|
|
15
|
-
# FakeTCPSocket.new("fail.SocketError", 636) # raises SocketError
|
|
16
|
-
class FakeTCPSocket
|
|
17
|
-
def initialize(host, port, socket_opts = {})
|
|
18
|
-
status, error = host.split(".")
|
|
19
|
-
raise Object.const_get(error) if status == "fail"
|
|
20
|
-
end
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def test_list_of_hosts_with_first_host_successful
|
|
24
|
-
hosts = [
|
|
25
|
-
["success.host", 636],
|
|
26
|
-
["fail.SocketError", 636],
|
|
27
|
-
["fail.SocketError", 636],
|
|
28
|
-
]
|
|
29
|
-
|
|
30
|
-
connection = Net::LDAP::Connection.new(:hosts => hosts, :socket_class => FakeTCPSocket)
|
|
31
|
-
connection.socket
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
def test_list_of_hosts_with_first_host_failure
|
|
35
|
-
hosts = [
|
|
36
|
-
["fail.SocketError", 636],
|
|
37
|
-
["success.host", 636],
|
|
38
|
-
["fail.SocketError", 636],
|
|
39
|
-
]
|
|
40
|
-
|
|
41
|
-
connection = Net::LDAP::Connection.new(:hosts => hosts, :socket_class => FakeTCPSocket)
|
|
42
|
-
connection.socket
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
def test_list_of_hosts_with_all_hosts_failure
|
|
46
|
-
hosts = [
|
|
47
|
-
["fail.SocketError", 636],
|
|
48
|
-
["fail.SocketError", 636],
|
|
49
|
-
["fail.SocketError", 636],
|
|
50
|
-
]
|
|
51
|
-
|
|
52
|
-
connection = Net::LDAP::Connection.new(:hosts => hosts, :socket_class => FakeTCPSocket)
|
|
53
|
-
assert_raise Net::LDAP::ConnectionError do
|
|
54
|
-
connection.socket
|
|
55
|
-
end
|
|
56
|
-
end
|
|
57
|
-
|
|
58
|
-
# This belongs in test_ldap, not test_ldap_connection
|
|
59
|
-
def test_result_for_connection_failed_is_set
|
|
60
|
-
flexmock(Socket).should_receive(:tcp).and_raise(Errno::ECONNREFUSED)
|
|
61
|
-
|
|
62
|
-
ldap_client = Net::LDAP.new(host: '127.0.0.1', port: 12345)
|
|
63
|
-
|
|
64
|
-
assert_raise Net::LDAP::ConnectionRefusedError do
|
|
65
|
-
ldap_client.bind(method: :simple, username: 'asdf', password: 'asdf')
|
|
66
|
-
end
|
|
67
|
-
|
|
68
|
-
assert_equal(ldap_client.get_operation_result.code, 52)
|
|
69
|
-
assert_equal(ldap_client.get_operation_result.message, 'Unavailable')
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
def test_unresponsive_host
|
|
73
|
-
connection = Net::LDAP::Connection.new(:host => "fail.Errno::ETIMEDOUT", :port => 636, :socket_class => FakeTCPSocket)
|
|
74
|
-
assert_raise Net::LDAP::Error do
|
|
75
|
-
connection.socket
|
|
76
|
-
end
|
|
77
|
-
end
|
|
78
|
-
|
|
79
|
-
def test_blocked_port
|
|
80
|
-
connection = Net::LDAP::Connection.new(:host => "fail.SocketError", :port => 636, :socket_class => FakeTCPSocket)
|
|
81
|
-
assert_raise Net::LDAP::Error do
|
|
82
|
-
connection.socket
|
|
83
|
-
end
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
def test_connection_refused
|
|
87
|
-
connection = Net::LDAP::Connection.new(:host => "fail.Errno::ECONNREFUSED", :port => 636, :socket_class => FakeTCPSocket)
|
|
88
|
-
stderr = capture_stderr do
|
|
89
|
-
assert_raise Net::LDAP::ConnectionRefusedError do
|
|
90
|
-
connection.socket
|
|
91
|
-
end
|
|
92
|
-
end
|
|
93
|
-
assert_equal("Deprecation warning: Net::LDAP::ConnectionRefused will be deprecated. Use Errno::ECONNREFUSED instead.\n", stderr)
|
|
94
|
-
end
|
|
95
|
-
|
|
96
|
-
def test_connection_timeout
|
|
97
|
-
connection = Net::LDAP::Connection.new(:host => "fail.Errno::ETIMEDOUT", :port => 636, :socket_class => FakeTCPSocket)
|
|
98
|
-
stderr = capture_stderr do
|
|
99
|
-
assert_raise Net::LDAP::Error do
|
|
100
|
-
connection.socket
|
|
101
|
-
end
|
|
102
|
-
end
|
|
103
|
-
end
|
|
104
|
-
|
|
105
|
-
def test_raises_unknown_exceptions
|
|
106
|
-
connection = Net::LDAP::Connection.new(:host => "fail.StandardError", :port => 636, :socket_class => FakeTCPSocket)
|
|
107
|
-
assert_raise StandardError do
|
|
108
|
-
connection.socket
|
|
109
|
-
end
|
|
110
|
-
end
|
|
111
|
-
|
|
112
|
-
def test_modify_ops_delete
|
|
113
|
-
args = { :operations => [[:delete, "mail"]] }
|
|
114
|
-
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
|
115
|
-
expected = ["0\r\n\x01\x010\b\x04\x04mail1\x00"]
|
|
116
|
-
assert_equal(expected, result)
|
|
117
|
-
end
|
|
118
|
-
|
|
119
|
-
def test_modify_ops_add
|
|
120
|
-
args = { :operations => [[:add, "mail", "testuser@example.com"]] }
|
|
121
|
-
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
|
122
|
-
expected = ["0#\n\x01\x000\x1E\x04\x04mail1\x16\x04\x14testuser@example.com"]
|
|
123
|
-
assert_equal(expected, result)
|
|
124
|
-
end
|
|
125
|
-
|
|
126
|
-
def test_modify_ops_replace
|
|
127
|
-
args = { :operations =>[[:replace, "mail", "testuser@example.com"]] }
|
|
128
|
-
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
|
129
|
-
expected = ["0#\n\x01\x020\x1E\x04\x04mail1\x16\x04\x14testuser@example.com"]
|
|
130
|
-
assert_equal(expected, result)
|
|
131
|
-
end
|
|
132
|
-
|
|
133
|
-
def test_write
|
|
134
|
-
mock = flexmock("socket")
|
|
135
|
-
mock.should_receive(:write).with([1.to_ber, "request"].to_ber_sequence).and_return(true)
|
|
136
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
137
|
-
conn.send(:write, "request")
|
|
138
|
-
end
|
|
139
|
-
|
|
140
|
-
def test_write_with_controls
|
|
141
|
-
mock = flexmock("socket")
|
|
142
|
-
mock.should_receive(:write).with([1.to_ber, "request", "controls"].to_ber_sequence).and_return(true)
|
|
143
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
144
|
-
conn.send(:write, "request", "controls")
|
|
145
|
-
end
|
|
146
|
-
|
|
147
|
-
def test_write_increments_msgid
|
|
148
|
-
mock = flexmock("socket")
|
|
149
|
-
mock.should_receive(:write).with([1.to_ber, "request1"].to_ber_sequence).and_return(true)
|
|
150
|
-
mock.should_receive(:write).with([2.to_ber, "request2"].to_ber_sequence).and_return(true)
|
|
151
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
152
|
-
conn.send(:write, "request1")
|
|
153
|
-
conn.send(:write, "request2")
|
|
154
|
-
end
|
|
155
|
-
end
|
|
156
|
-
|
|
157
|
-
class TestLDAPConnectionSocketReads < Test::Unit::TestCase
|
|
158
|
-
def make_message(message_id, options = {})
|
|
159
|
-
options = {
|
|
160
|
-
app_tag: Net::LDAP::PDU::SearchResult,
|
|
161
|
-
code: Net::LDAP::ResultCodeSuccess,
|
|
162
|
-
matched_dn: "",
|
|
163
|
-
error_message: "",
|
|
164
|
-
}.merge(options)
|
|
165
|
-
result = Net::BER::BerIdentifiedArray.new([options[:code], options[:matched_dn], options[:error_message]])
|
|
166
|
-
result.ber_identifier = options[:app_tag]
|
|
167
|
-
[message_id, result]
|
|
168
|
-
end
|
|
169
|
-
|
|
170
|
-
def test_queued_read_drains_queue_before_read
|
|
171
|
-
result1a = make_message(1, error_message: "one")
|
|
172
|
-
result1b = make_message(1, error_message: "two")
|
|
173
|
-
|
|
174
|
-
mock = flexmock("socket")
|
|
175
|
-
mock.should_receive(:read_ber).and_return(result1b)
|
|
176
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
177
|
-
|
|
178
|
-
conn.message_queue[1].push Net::LDAP::PDU.new(result1a)
|
|
179
|
-
|
|
180
|
-
assert msg1 = conn.queued_read(1)
|
|
181
|
-
assert msg2 = conn.queued_read(1)
|
|
182
|
-
|
|
183
|
-
assert_equal 1, msg1.message_id
|
|
184
|
-
assert_equal "one", msg1.error_message
|
|
185
|
-
assert_equal 1, msg2.message_id
|
|
186
|
-
assert_equal "two", msg2.error_message
|
|
187
|
-
end
|
|
188
|
-
|
|
189
|
-
def test_queued_read_reads_until_message_id_match
|
|
190
|
-
result1 = make_message(1)
|
|
191
|
-
result2 = make_message(2)
|
|
192
|
-
|
|
193
|
-
mock = flexmock("socket")
|
|
194
|
-
mock.should_receive(:read_ber).
|
|
195
|
-
and_return(result1).
|
|
196
|
-
and_return(result2)
|
|
197
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
198
|
-
|
|
199
|
-
assert result = conn.queued_read(2)
|
|
200
|
-
assert_equal 2, result.message_id
|
|
201
|
-
assert_equal 1, conn.queued_read(1).message_id
|
|
202
|
-
end
|
|
203
|
-
|
|
204
|
-
def test_queued_read_modify
|
|
205
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
|
206
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::ModifyResponse)
|
|
207
|
-
|
|
208
|
-
mock = flexmock("socket")
|
|
209
|
-
mock.should_receive(:read_ber).
|
|
210
|
-
and_return(result1).
|
|
211
|
-
and_return(result2)
|
|
212
|
-
mock.should_receive(:write)
|
|
213
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
214
|
-
|
|
215
|
-
conn.next_msgid # simulates ongoing query
|
|
216
|
-
|
|
217
|
-
conn.instance_variable_get("@msgid")
|
|
218
|
-
|
|
219
|
-
assert result = conn.modify(dn: "uid=modified-user1,ou=People,dc=rubyldap,dc=com",
|
|
220
|
-
operations: [[:add, :mail, "modified-user1@example.com"]])
|
|
221
|
-
assert result.success?
|
|
222
|
-
assert_equal 2, result.message_id
|
|
223
|
-
end
|
|
224
|
-
|
|
225
|
-
def test_queued_read_add
|
|
226
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
|
227
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::AddResponse)
|
|
228
|
-
|
|
229
|
-
mock = flexmock("socket")
|
|
230
|
-
mock.should_receive(:read_ber).
|
|
231
|
-
and_return(result1).
|
|
232
|
-
and_return(result2)
|
|
233
|
-
mock.should_receive(:write)
|
|
234
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
235
|
-
|
|
236
|
-
conn.next_msgid # simulates ongoing query
|
|
237
|
-
|
|
238
|
-
assert result = conn.add(dn: "uid=added-user1,ou=People,dc=rubyldap,dc=com")
|
|
239
|
-
assert result.success?
|
|
240
|
-
assert_equal 2, result.message_id
|
|
241
|
-
end
|
|
242
|
-
|
|
243
|
-
def test_queued_read_rename
|
|
244
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
|
245
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::ModifyRDNResponse)
|
|
246
|
-
|
|
247
|
-
mock = flexmock("socket")
|
|
248
|
-
mock.should_receive(:read_ber).
|
|
249
|
-
and_return(result1).
|
|
250
|
-
and_return(result2)
|
|
251
|
-
mock.should_receive(:write)
|
|
252
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
253
|
-
|
|
254
|
-
conn.next_msgid # simulates ongoing query
|
|
255
|
-
|
|
256
|
-
assert result = conn.rename(
|
|
257
|
-
olddn: "uid=renamable-user1,ou=People,dc=rubyldap,dc=com",
|
|
258
|
-
newrdn: "uid=renamed-user1",
|
|
259
|
-
)
|
|
260
|
-
assert result.success?
|
|
261
|
-
assert_equal 2, result.message_id
|
|
262
|
-
end
|
|
263
|
-
|
|
264
|
-
def test_queued_read_delete
|
|
265
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
|
266
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::DeleteResponse)
|
|
267
|
-
|
|
268
|
-
mock = flexmock("socket")
|
|
269
|
-
mock.should_receive(:read_ber).
|
|
270
|
-
and_return(result1).
|
|
271
|
-
and_return(result2)
|
|
272
|
-
mock.should_receive(:write)
|
|
273
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
274
|
-
|
|
275
|
-
conn.next_msgid # simulates ongoing query
|
|
276
|
-
|
|
277
|
-
assert result = conn.delete(dn: "uid=deletable-user1,ou=People,dc=rubyldap,dc=com")
|
|
278
|
-
assert result.success?
|
|
279
|
-
assert_equal 2, result.message_id
|
|
280
|
-
end
|
|
281
|
-
|
|
282
|
-
def test_queued_read_setup_encryption_with_start_tls
|
|
283
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
|
284
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::ExtendedResponse)
|
|
285
|
-
|
|
286
|
-
mock = flexmock("socket")
|
|
287
|
-
mock.should_receive(:read_ber).
|
|
288
|
-
and_return(result1).
|
|
289
|
-
and_return(result2)
|
|
290
|
-
mock.should_receive(:write)
|
|
291
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
292
|
-
flexmock(Net::LDAP::Connection).should_receive(:wrap_with_ssl).with(mock, {}, nil).
|
|
293
|
-
and_return(mock)
|
|
294
|
-
|
|
295
|
-
conn.next_msgid # simulates ongoing query
|
|
296
|
-
|
|
297
|
-
assert result = conn.setup_encryption(method: :start_tls)
|
|
298
|
-
assert_equal mock, result
|
|
299
|
-
end
|
|
300
|
-
|
|
301
|
-
def test_queued_read_bind_simple
|
|
302
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
|
303
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::BindResult)
|
|
304
|
-
|
|
305
|
-
mock = flexmock("socket")
|
|
306
|
-
mock.should_receive(:read_ber).
|
|
307
|
-
and_return(result1).
|
|
308
|
-
and_return(result2)
|
|
309
|
-
mock.should_receive(:write)
|
|
310
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
311
|
-
|
|
312
|
-
conn.next_msgid # simulates ongoing query
|
|
313
|
-
|
|
314
|
-
assert result = conn.bind(
|
|
315
|
-
method: :simple,
|
|
316
|
-
username: "uid=user1,ou=People,dc=rubyldap,dc=com",
|
|
317
|
-
password: "passworD1")
|
|
318
|
-
assert result.success?
|
|
319
|
-
assert_equal 2, result.message_id
|
|
320
|
-
end
|
|
321
|
-
|
|
322
|
-
def test_queued_read_bind_sasl
|
|
323
|
-
result1 = make_message(1, app_tag: Net::LDAP::PDU::SearchResult)
|
|
324
|
-
result2 = make_message(2, app_tag: Net::LDAP::PDU::BindResult)
|
|
325
|
-
|
|
326
|
-
mock = flexmock("socket")
|
|
327
|
-
mock.should_receive(:read_ber).
|
|
328
|
-
and_return(result1).
|
|
329
|
-
and_return(result2)
|
|
330
|
-
mock.should_receive(:write)
|
|
331
|
-
conn = Net::LDAP::Connection.new(:socket => mock)
|
|
332
|
-
|
|
333
|
-
conn.next_msgid # simulates ongoing query
|
|
334
|
-
|
|
335
|
-
assert result = conn.bind(
|
|
336
|
-
method: :sasl,
|
|
337
|
-
mechanism: "fake",
|
|
338
|
-
initial_credential: "passworD1",
|
|
339
|
-
challenge_response: flexmock("challenge proc"))
|
|
340
|
-
assert result.success?
|
|
341
|
-
assert_equal 2, result.message_id
|
|
342
|
-
end
|
|
343
|
-
end
|
|
344
|
-
|
|
345
|
-
class TestLDAPConnectionErrors < Test::Unit::TestCase
|
|
346
|
-
def setup
|
|
347
|
-
@tcp_socket = flexmock(:connection)
|
|
348
|
-
@tcp_socket.should_receive(:write)
|
|
349
|
-
flexmock(Socket).should_receive(:tcp).and_return(@tcp_socket)
|
|
350
|
-
@connection = Net::LDAP::Connection.new(:host => 'test.mocked.com', :port => 636)
|
|
351
|
-
end
|
|
352
|
-
|
|
353
|
-
def test_error_failed_operation
|
|
354
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeUnwillingToPerform, "", "The provided password value was rejected by a password validator: The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'. The minimum number of characters from that set that must be present in user passwords is 1"])
|
|
355
|
-
ber.ber_identifier = Net::LDAP::PDU::ModifyResponse
|
|
356
|
-
@tcp_socket.should_receive(:read_ber).and_return([1, ber])
|
|
357
|
-
|
|
358
|
-
result = @connection.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
|
|
359
|
-
assert result.failure?, "should be failure"
|
|
360
|
-
assert_equal "The provided password value was rejected by a password validator: The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'. The minimum number of characters from that set that must be present in user passwords is 1", result.error_message
|
|
361
|
-
end
|
|
362
|
-
|
|
363
|
-
def test_no_error_on_success
|
|
364
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
|
365
|
-
ber.ber_identifier = Net::LDAP::PDU::ModifyResponse
|
|
366
|
-
@tcp_socket.should_receive(:read_ber).and_return([1, ber])
|
|
367
|
-
|
|
368
|
-
result = @connection.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
|
|
369
|
-
assert result.success?, "should be success"
|
|
370
|
-
assert_equal "", result.error_message
|
|
371
|
-
end
|
|
372
|
-
end
|
|
373
|
-
|
|
374
|
-
class TestLDAPConnectionInstrumentation < Test::Unit::TestCase
|
|
375
|
-
def setup
|
|
376
|
-
@tcp_socket = flexmock(:connection)
|
|
377
|
-
@tcp_socket.should_receive(:write)
|
|
378
|
-
flexmock(Socket).should_receive(:tcp).and_return(@tcp_socket)
|
|
379
|
-
|
|
380
|
-
@service = MockInstrumentationService.new
|
|
381
|
-
@connection = Net::LDAP::Connection.new \
|
|
382
|
-
:host => 'test.mocked.com',
|
|
383
|
-
:port => 636,
|
|
384
|
-
:instrumentation_service => @service
|
|
385
|
-
end
|
|
386
|
-
|
|
387
|
-
def test_write_net_ldap_connection_event
|
|
388
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
|
389
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
|
390
|
-
read_result = [1, ber]
|
|
391
|
-
@tcp_socket.should_receive(:read_ber).and_return(read_result)
|
|
392
|
-
|
|
393
|
-
events = @service.subscribe "write.net_ldap_connection"
|
|
394
|
-
|
|
395
|
-
result = @connection.bind(method: :anon)
|
|
396
|
-
assert result.success?, "should be success"
|
|
397
|
-
|
|
398
|
-
# a write event
|
|
399
|
-
payload, result = events.pop
|
|
400
|
-
assert payload.key?(:result)
|
|
401
|
-
assert payload.key?(:content_length)
|
|
402
|
-
end
|
|
403
|
-
|
|
404
|
-
def test_read_net_ldap_connection_event
|
|
405
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
|
406
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
|
407
|
-
read_result = [1, ber]
|
|
408
|
-
@tcp_socket.should_receive(:read_ber).and_return(read_result)
|
|
409
|
-
|
|
410
|
-
events = @service.subscribe "read.net_ldap_connection"
|
|
411
|
-
|
|
412
|
-
result = @connection.bind(method: :anon)
|
|
413
|
-
assert result.success?, "should be success"
|
|
414
|
-
|
|
415
|
-
# a read event
|
|
416
|
-
payload, result = events.pop
|
|
417
|
-
assert payload.key?(:result)
|
|
418
|
-
assert_equal read_result, result
|
|
419
|
-
end
|
|
420
|
-
|
|
421
|
-
def test_parse_pdu_net_ldap_connection_event
|
|
422
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
|
423
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
|
424
|
-
read_result = [1, ber]
|
|
425
|
-
@tcp_socket.should_receive(:read_ber).and_return(read_result)
|
|
426
|
-
|
|
427
|
-
events = @service.subscribe "parse_pdu.net_ldap_connection"
|
|
428
|
-
|
|
429
|
-
result = @connection.bind(method: :anon)
|
|
430
|
-
assert result.success?, "should be success"
|
|
431
|
-
|
|
432
|
-
# a parse_pdu event
|
|
433
|
-
payload, result = events.pop
|
|
434
|
-
assert payload.key?(:pdu)
|
|
435
|
-
assert payload.key?(:app_tag)
|
|
436
|
-
assert payload.key?(:message_id)
|
|
437
|
-
assert_equal Net::LDAP::PDU::BindResult, payload[:app_tag]
|
|
438
|
-
assert_equal 1, payload[:message_id]
|
|
439
|
-
pdu = payload[:pdu]
|
|
440
|
-
assert_equal Net::LDAP::ResultCodeSuccess, pdu.result_code
|
|
441
|
-
end
|
|
442
|
-
|
|
443
|
-
def test_bind_net_ldap_connection_event
|
|
444
|
-
ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
|
445
|
-
ber.ber_identifier = Net::LDAP::PDU::BindResult
|
|
446
|
-
bind_result = [1, ber]
|
|
447
|
-
@tcp_socket.should_receive(:read_ber).and_return(bind_result)
|
|
448
|
-
|
|
449
|
-
events = @service.subscribe "bind.net_ldap_connection"
|
|
450
|
-
|
|
451
|
-
result = @connection.bind(method: :anon)
|
|
452
|
-
assert result.success?, "should be success"
|
|
453
|
-
|
|
454
|
-
# a read event
|
|
455
|
-
payload, result = events.pop
|
|
456
|
-
assert payload.key?(:result)
|
|
457
|
-
assert result.success?, "should be success"
|
|
458
|
-
end
|
|
459
|
-
|
|
460
|
-
def test_search_net_ldap_connection_event
|
|
461
|
-
# search data
|
|
462
|
-
search_data_ber = Net::BER::BerIdentifiedArray.new([1, [
|
|
463
|
-
"uid=user1,ou=People,dc=rubyldap,dc=com",
|
|
464
|
-
[["uid", ["user1"]]],
|
|
465
|
-
]])
|
|
466
|
-
search_data_ber.ber_identifier = Net::LDAP::PDU::SearchReturnedData
|
|
467
|
-
search_data = [1, search_data_ber]
|
|
468
|
-
# search result (end of results)
|
|
469
|
-
search_result_ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
|
|
470
|
-
search_result_ber.ber_identifier = Net::LDAP::PDU::SearchResult
|
|
471
|
-
search_result = [1, search_result_ber]
|
|
472
|
-
@tcp_socket.should_receive(:read_ber).and_return(search_data).
|
|
473
|
-
and_return(search_result)
|
|
474
|
-
|
|
475
|
-
events = @service.subscribe "search.net_ldap_connection"
|
|
476
|
-
unread = @service.subscribe "search_messages_unread.net_ldap_connection"
|
|
477
|
-
|
|
478
|
-
result = @connection.search(filter: "(uid=user1)", base: "ou=People,dc=rubyldap,dc=com")
|
|
479
|
-
assert result.success?, "should be success"
|
|
480
|
-
|
|
481
|
-
# a search event
|
|
482
|
-
payload, result = events.pop
|
|
483
|
-
assert payload.key?(:result)
|
|
484
|
-
assert payload.key?(:filter)
|
|
485
|
-
assert_equal "(uid=user1)", payload[:filter].to_s
|
|
486
|
-
assert result
|
|
487
|
-
|
|
488
|
-
# ensure no unread
|
|
489
|
-
assert unread.empty?, "should not have any leftover unread messages"
|
|
490
|
-
end
|
|
491
|
-
end
|