net-ldap 0.3.1 → 0.17.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 02707fcb56d13184b4bbcc16c1555a0d417efb7e20c216a97ee8f28c9553ea84
+  data.tar.gz: 26a82f5021146fe6ec84d83e41722364964e155eb898102e3a8618facc020d9a
+SHA512:
+  metadata.gz: d19e1bc7cdcaceff6263f2bca2e9326ef441e301ab74556c42313e01704800abb59231f760abec64a8f2d1e313c18324b97c57a64d2b2ee24943be9e4bd2c428
+  data.tar.gz: fa69d36265e7b11b7c83cf812caca680e30af3a0be31c145d70396835081fc06f6a2bf43262ec08f4d6fab1094823dc70de069441229a991f3c5b2eadeb7c4e5

data/Contributors.rdoc

@@ -19,3 +19,7 @@ Contributions since:
 * Derek Harmel (derekharmel)
 * Erik Hetzner (egh)
 * nowhereman
+* David J. Lee (DavidJLee)
+* Cody Cutrer (ccutrer)
+* WoodsBagotAndreMarquesLee
+* Rufus Post (mynameisrufus)

data/Hacking.rdoc

@@ -25,7 +25,7 @@ patches being accepted, we recommend that you follow the guidelines below:
 
 == Documentation
 
-* Documentation: {net-ldap}[http://net-ldap.rubyforge.org/]
+* Documentation: {net-ldap}[http://rubydoc.info/gems/net-ldap]
 
 It is very important that, if you add new methods or objects, your code is
 well-documented. The purpose of the changes should be clearly described so that
@@ -40,8 +40,8 @@ modification to +Contributors.rdoc+ to add yourself.
 
 == Tests
 
-The Net::LDAP team uses RSpec for unit testing; all changes must have rspec
-tests for any new or changed features.
+The Net::LDAP team uses [Minitest](http://docs.seattlerb.org/minitest/) for unit
+testing; all changes must have tests for any new or changed features.
 
 Your changes should have been tested against at least one real LDAP server; the
 current tests are not sufficient to find all possible bugs. It's unlikely that
@@ -55,14 +55,9 @@ us with a sample LDIF data file for importing into LDAP servers for testing.
 Net::LDAP uses several libraries during development, all of which can be
 installed using RubyGems.
 
-* *hoe*
-* *hoe-git*
-* *metaid*
-* *rspec*
 * *flexmock*
 
 == Participation
 
-* RubyForge: {net-ldap}[http://rubyforge.org/projects/net-ldap]
 * GitHub: {ruby-ldap/ruby-net-ldap}[https://github.com/ruby-ldap/ruby-net-ldap/]
 * Group: {ruby-ldap}[http://groups.google.com/group/ruby-ldap]

data/History.rdoc

@@ -1,3 +1,184 @@
+=== Net::LDAP 0.17.0
+* Added private recursive_delete as alternative to DELETE_TREE #268
+* Test suite updates #373 #376 #377
+* Use Base64.strict_encode64 and SSHA256 #303
+* Remove deprecated ConnectionRefusedError #366
+* Added method to get a duplicate of the internal Hash #286
+* remove a circular require #380
+* fix LdapServerAsnSyntax compile #379
+* Implement '==' operator for entries #381
+* fix for undefined method for write exception #383
+
+=== Net::LDAP 0.16.3
+
+* Add Net::LDAP::InvalidDNError #371
+* Use require_relative instead of require #360
+* Address some warnings and fix JRuby test omissions #365
+* Bump rake dev dependency to 12.3 #359
+* Enable rubocop in ci #251
+* Enhance rubocop configuration and test syntax #344
+* CI: Drop rbx-2, uninstallable #364
+* Fix RuboCop warnings #312
+* Fix wrong error class #305
+* CONTRIBUTING.md: Repair link to Issues #309
+* Make the generate() method more idiomatic... #326
+* Make encode_sort_controls() more idiomatic... #327
+* Make the instrument() method more idiomatic... #328
+* Fix uninitialised Net::LDAP::LdapPduError #338
+* README.rdoc: Use SVG build badge #310
+* Update TravisCI config to inclue Ruby 2.7 #346
+* add explicit ** to silence Ruby 2.7 warning #342
+* Support parsing filters with attribute tags #345
+* Bump rubocop development dependency version #336
+* Add link to generated and hosted documentation on rubydoc #319
+* Fix 'uninitialized constant Net::LDAP::PDU::LdapPduError' error #317
+* simplify encoding logic: no more chomping required #362
+
+=== Net::LDAP 0.16.2
+
+* Net::LDAP#open does not cache bind result {#334}[https://github.com/ruby-ldap/ruby-net-ldap/pull/334]
+* Fix CI build {#333}[https://github.com/ruby-ldap/ruby-net-ldap/pull/333]
+* Fix to "undefined method 'result_code'" {#308}[https://github.com/ruby-ldap/ruby-net-ldap/pull/308]
+* Fixed Exception: incompatible character encodings: ASCII-8BIT and UTF-8 in filter.rb {#285}[https://github.com/ruby-ldap/ruby-net-ldap/pull/285]
+
+=== Net::LDAP 0.16.1
+
+* Send DN and newPassword with password_modify request {#271}[https://github.com/ruby-ldap/ruby-net-ldap/pull/271]
+
+=== Net::LDAP 0.16.0
+
+* Sasl fix {#281}[https://github.com/ruby-ldap/ruby-net-ldap/pull/281]
+* enable TLS hostname validation {#279}[https://github.com/ruby-ldap/ruby-net-ldap/pull/279]
+* update rubocop to 0.42.0 {#278}[https://github.com/ruby-ldap/ruby-net-ldap/pull/278]
+
+=== Net::LDAP 0.15.0
+
+* Respect connect_timeout when establishing SSL connections {#273}[https://github.com/ruby-ldap/ruby-net-ldap/pull/273]
+
+=== Net::LDAP 0.14.0
+
+* Normalize the encryption parameter passed to the LDAP constructor {#264}[https://github.com/ruby-ldap/ruby-net-ldap/pull/264]
+* Update Docs: Net::LDAP now requires ruby >= 2 {#261}[https://github.com/ruby-ldap/ruby-net-ldap/pull/261]
+* fix symbol proc {#255}[https://github.com/ruby-ldap/ruby-net-ldap/pull/255]
+* fix trailing commas {#256}[https://github.com/ruby-ldap/ruby-net-ldap/pull/256]
+* fix deprecated hash methods {#254}[https://github.com/ruby-ldap/ruby-net-ldap/pull/254]
+* fix space after comma {#253}[https://github.com/ruby-ldap/ruby-net-ldap/pull/253]
+* fix space inside brackets {#252}[https://github.com/ruby-ldap/ruby-net-ldap/pull/252]
+* Rubocop style fixes {#249}[https://github.com/ruby-ldap/ruby-net-ldap/pull/249]
+* Lazy initialize Net::LDAP::Connection's internal socket {#235}[https://github.com/ruby-ldap/ruby-net-ldap/pull/235]
+* Support for rfc3062 Password Modify, closes #163 {#178}[https://github.com/ruby-ldap/ruby-net-ldap/pull/178]
+
+=== Net::LDAP 0.13.0
+
+Avoid this release for because of an backwards incompatibility in how encryption
+is initialized https://github.com/ruby-ldap/ruby-net-ldap/pull/264. We did not
+yank it because people have already worked around it.
+
+* Set a connect_timeout for the creation of a socket {#243}[https://github.com/ruby-ldap/ruby-net-ldap/pull/243]
+* Update bundler before installing gems with bundler {#245}[https://github.com/ruby-ldap/ruby-net-ldap/pull/245]
+* Net::LDAP#encryption accepts string {#239}[https://github.com/ruby-ldap/ruby-net-ldap/pull/239]
+* Adds correct UTF-8 encoding to Net::BER::BerIdentifiedString {#242}[https://github.com/ruby-ldap/ruby-net-ldap/pull/242]
+* Remove 2.3.0-preview since ruby-head already is included {#241}[https://github.com/ruby-ldap/ruby-net-ldap/pull/241]
+* Drop support for ruby 1.9.3 {#240}[https://github.com/ruby-ldap/ruby-net-ldap/pull/240]
+* Fixed capitalization of StartTLSError {#234}[https://github.com/ruby-ldap/ruby-net-ldap/pull/234]
+
+=== Net::LDAP 0.12.1
+
+* Whitespace formatting cleanup {#236}[https://github.com/ruby-ldap/ruby-net-ldap/pull/236]
+* Set operation result if LDAP server is not accessible {#232}[https://github.com/ruby-ldap/ruby-net-ldap/pull/232]
+
+=== Net::LDAP 0.12.0
+
+* DRY up connection handling logic {#224}[https://github.com/ruby-ldap/ruby-net-ldap/pull/224]
+* Define auth adapters {#226}[https://github.com/ruby-ldap/ruby-net-ldap/pull/226]
+* add slash to attribute value filter {#225}[https://github.com/ruby-ldap/ruby-net-ldap/pull/225]
+* Add the ability to provide a list of hosts for a connection {#223}[https://github.com/ruby-ldap/ruby-net-ldap/pull/223]
+* Specify the port of LDAP server by giving INTEGRATION_PORT {#221}[https://github.com/ruby-ldap/ruby-net-ldap/pull/221]
+* Correctly set BerIdentifiedString values to UTF-8  {#212}[https://github.com/ruby-ldap/ruby-net-ldap/pull/212]
+* Raise Net::LDAP::ConnectionRefusedError when new connection is refused. {#213}[https://github.com/ruby-ldap/ruby-net-ldap/pull/213]
+* obscure auth password upon #inspect, added test, closes #216 {#217}[https://github.com/ruby-ldap/ruby-net-ldap/pull/217]
+* Fixing incorrect error class name {#207}[https://github.com/ruby-ldap/ruby-net-ldap/pull/207]
+* Travis update {#205}[https://github.com/ruby-ldap/ruby-net-ldap/pull/205]
+* Remove obsolete rbx-19mode from Travis {#204}[https://github.com/ruby-ldap/ruby-net-ldap/pull/204]
+* mv "sudo" from script/install-openldap to .travis.yml {#199}[https://github.com/ruby-ldap/ruby-net-ldap/pull/199]
+* Remove meaningless shebang {#200}[https://github.com/ruby-ldap/ruby-net-ldap/pull/200]
+* Fix Travis CI build {#202}[https://github.com/ruby-ldap/ruby-net-ldap/pull/202]
+* README.rdoc: fix travis link {#195}[https://github.com/ruby-ldap/ruby-net-ldap/pull/195]
+
+=== Net::LDAP 0.11
+* Major enhancements:
+  * #183 Specific errors subclassing Net::LDAP::Error
+* Bug fixes:
+  * #176 Fix nil tls options
+  * #184 Search guards against nil queued reads. Connection#unescape handles numerics
+* Code clean-up:
+  * #180 Refactor connection establishment
+
+=== Net::LDAP 0.10.1
+* Bug fixes:
+  * Fix Integer BER encoding of signed values
+
+=== Net::LDAP 0.10.0
+* Major enhancements:
+  * Accept SimpleTLS/StartTLS encryption options (compatible with `OpenSSL::SSL::SSLContext#set_params`)
+* Bug fixes:
+  * Parse filter strings with square and curly braces (`[]` and `{}`)
+  * Handle connection timeout errors (`Errno::ETIMEDOUT` raised as `Net::LDAP::LdapError`)
+* Testing changes:
+  * Add integration tests for StartTLS connections to OpenLDAP
+* Meta changes:
+  * Update Gem release tooling (remove Hoe, use Rake)
+  * Fix Gem release date
+
+=== Net::LDAP 0.9.0
+* Major changes:
+  * Dropped support for ruby 1.8.7, ruby >= 1.9.3 now required
+* Major enhancements:
+  * Add support for search time limit parameter
+  * Instrument received messages, PDU parsing
+* Minor enhancments:
+  * Add support for querying ActiveDirectory capabilities from root dse
+* Bug fixes:
+  * Fix reads for multiple concurrent requests with shared, open connections mixing up the results
+  * Fix search size option
+  * Fix BER encoding bug
+* Code clean-up:
+  * Added integration test suite
+  * Switch to minitest
+
+* Details
+  * #150 Support querying ActiveDirectory capabilities when searching root dse
+  * #142 Encode true as xFF
+  * #124, #145, #146, #152 Cleanup gemspec
+  * #138, #144 Track response messages by message id
+  * #141 Magic number/constant cleanup
+  * #119, #129, #130, #132, #133, #137 Integration tests
+  * #115 Search timeout support
+  * #140 Fix search size option
+  * #139 Cleanup and inline documentation for Net::LDAP::Connection#search
+  * #131 Instrumentation
+  * #116 Refactor Connection#write
+  * #126 Update gitignore
+  * #128 Fix whitespace
+  * #113, #121 Switch to minitest
+  * #123 Base64 encoded dn
+  * #114 Separate file for Net::LDAP::Connection
+  * #104 Parse version spec in LDIF datasets
+  * #106 ldap.modify doc fixes
+  * #111 Fix test deprecations
+
+=== Net::LDAP 0.5.0 / 2013-07-22
+* Major changes:
+  * Required Ruby version is >=1.9.3
+* Major enhancements:
+  * Added alias dereferencing (@ngwilson)
+  * BER now unescapes characters that are already escaped in the source string (@jzinn)
+  * BerIdentifiedString will now fall back to ASCII-8 encoding if the source Ruby object cannot be encoded in UTF-8 (@lfu)
+* Bug fixes:
+  * Fixed nil variable error when following a reference response (@cmdrclueless)
+  * Fixed FilterParser unable to parse multibyte strings (@satoryu)
+  * Return ConverterNotFound when dealing with a potentially corrupt data response (@jamuc)
+
 === Net::LDAP 0.3.1 / 2012-02-15
 * Bug Fixes:
   * Bundler should now work again

data/README.rdoc

@@ -1,4 +1,6 @@
-= Net::LDAP for Ruby
+= Net::LDAP for Ruby 
+{<img src="https://badge.fury.io/rb/net-ldap.svg" alt="Gem Version" />}[https://badge.fury.io/rb/net-ldap]
+{<img src="https://travis-ci.org/ruby-ldap/ruby-net-ldap.svg" />}[https://travis-ci.org/ruby-ldap/ruby-net-ldap]
 
 == Description
 
@@ -16,21 +18,16 @@ the most recent LDAP RFCs (4510–4519, plus portions of 4520–4532).
 
 == Where
 
-* {RubyForge}[http://rubyforge.org/projects/net-ldap]
 * {GitHub}[https://github.com/ruby-ldap/ruby-net-ldap]
 * {ruby-ldap@googlegroups.com}[http://groups.google.com/group/ruby-ldap]
-* {Documentation}[http://net-ldap.rubyforge.org/]
-
-The Net::LDAP for Ruby documentation, project description, and main downloads
-can currently be found on {RubyForge}[http://rubyforge.org/projects/net-ldap].
 
 == Synopsis
 
-See Net::LDAP for documentation and usage samples.
+See {Net::LDAP on rubydoc.info}[https://www.rubydoc.info/gems/net-ldap/Net/LDAP] for documentation and usage samples.
 
 == Requirements
 
-Net::LDAP requires a Ruby 1.8.7 interpreter or better.
+Net::LDAP requires a Ruby 2.0.0 compatible interpreter or better.
 
 == Install
 
@@ -42,10 +39,45 @@ sources.
 
 Simply require either 'net-ldap' or 'net/ldap'.
 
-For non-RubyGems installations of Net::LDAP, you can use Minero Aoki's
-{setup.rb}[http://i.loveruby.net/en/projects/setup/] as the layout of
-Net::LDAP is compliant. The setup installer is not included in the
-Net::LDAP repository.
+== Extensions
+
+This library focuses on the core LDAP RFCs referenced in the description.
+However, we recognize there are commonly used extensions to the spec that are
+useful. If there is another library which handles it, we list it here.
+
+* {resolv-srv}[https://rubygems.org/gems/resolv-srv]: Support RFC2782 SRV record lookup and failover
+
+== Develop
+
+This task will run the test suite and the
+{RuboCop}[https://github.com/bbatsov/rubocop] static code analyzer.
+
+  rake rubotest
+
+CI takes too long? If your local box supports
+{Docker}[https://www.docker.com/], you can also run integration tests locally.
+Simply run:
+
+  script/ldap-docker
+  INTEGRATION=openldap rake test
+  
+Or, use {Docker Compose}[https://docs.docker.com/compose/]. See docker-compose.yml for available Ruby versions.
+
+    docker-compose run ci-2.7
+
+CAVEAT: you need to add the following line to /etc/hosts
+    127.0.0.1 ldap.example.org
+    127.0.0.1 cert.mismatch.example.org
+
+== Release
+
+This section is for gem maintainers to cut a new version of the gem.
+
+* Check out a new branch `release-VERSION`
+* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}[http://semver.org/].
+* Update `History.rdoc`. Get latest changes with `script/changelog`
+* Open a pull request with these changes for review
+* After merging, on the master branch, run `script/release`
 
 :include: Contributors.rdoc
 

data/lib/net-ldap.rb

@@ -1,2 +1,2 @@
 # -*- ruby encoding: utf-8 -*-
-require 'net/ldap'
+require_relative 'net/ldap'

data/lib/net/ber.rb

@@ -1,4 +1,6 @@
 # -*- ruby encoding: utf-8 -*-
+require_relative 'ldap/version'
+
 module Net # :nodoc:
   ##
   # == Basic Encoding Rules (BER) Support Module
@@ -104,9 +106,10 @@ module Net # :nodoc:
   # <tr><th>CHARACTER STRING</th><th>C</th><td>29: 61 (0x3d, 0b00111101)</td></tr>
   # <tr><th>BMPString</th><th>P</th><td>30: 30 (0x1e, 0b00011110)</td></tr>
   # <tr><th>BMPString</th><th>C</th><td>30: 62 (0x3e, 0b00111110)</td></tr>
+  # <tr><th>ExtendedResponse</th><th>C</th><td>107: 139 (0x8b, 0b010001011)</td></tr>
   # </table>
   module BER
-    VERSION = '0.3.1'
+    VERSION = Net::LDAP::VERSION
 
     ##
     # Used for BER-encoding the length and content bytes of a Fixnum integer
@@ -232,7 +235,7 @@ module Net # :nodoc:
       # TODO 20100327 AZ: Should we be allocating an array of 256 values
       # that will either be +nil+ or an object type symbol, or should we
       # allocate an empty Hash since unknown values return +nil+ anyway?
-      out = [ nil ] * 256
+      out = [nil] * 256
       syntax.each do |tag_class_id, encodings|
         tag_class = TAG_CLASS[tag_class_id]
         encodings.each do |encoding_id, classes|
@@ -267,7 +270,7 @@ class Net::BER::BerIdentifiedOid
 
   def initialize(oid)
     if oid.is_a?(String)
-      oid = oid.split(/\./).map {|s| s.to_i }
+      oid = oid.split(/\./).map(&:to_i)
     end
     @value = oid
   end
@@ -291,12 +294,43 @@ end
 
 ##
 # A String object with a BER identifier attached.
+#
 class Net::BER::BerIdentifiedString < String
   attr_accessor :ber_identifier
+
+  # The binary data provided when parsing the result of the LDAP search
+  # has the encoding 'ASCII-8BIT' (which is basically 'BINARY', or 'unknown').
+  #
+  # This is the kind of a backtrace showing how the binary `data` comes to
+  # BerIdentifiedString.new(data):
+  #
+  #  @conn.read_ber(syntax)
+  #     -> StringIO.new(self).read_ber(syntax), i.e. included from module
+  #     -> Net::BER::BERParser.read_ber(syntax)
+  #        -> (private)Net::BER::BERParser.parse_ber_object(syntax, id, data)
+  #
+  # In the `#parse_ber_object` method `data`, according to its OID, is being
+  # 'casted' to one of the Net::BER:BerIdentifiedXXX classes.
+  #
+  # As we are using LDAP v3 we can safely assume that the data is encoded
+  # in UTF-8 and therefore the only thing to be done when instantiating is to
+  # switch the encoding from 'ASCII-8BIT' to 'UTF-8'.
+  #
+  # Unfortunately, there are some ActiveDirectory specific attributes
+  # (like `objectguid`) that should remain binary (do they really?).
+  # Using the `#valid_encoding?` we can trap this cases. Special cases like
+  # Japanese, Korean, etc. encodings might also profit from this. However
+  # I have no clue how this encodings function.
   def initialize args
-    super args
-    # LDAP uses UTF-8 encoded strings
-    force_encoding('UTF-8') if respond_to?(:encoding)
+    super
+    #
+    # Check the encoding of the newly created String and set the encoding
+    # to 'UTF-8' (NOTE: we do NOT change the bytes, but only set the
+    # encoding to 'UTF-8').
+    return unless encoding == Encoding::BINARY
+    current_encoding = encoding
+    force_encoding('UTF-8')
+    force_encoding(current_encoding) unless valid_encoding?
   end
 end
 
@@ -315,4 +349,4 @@ module Net::BER
   Null = Net::BER::BerIdentifiedNull.new
 end
 
-require 'net/ber/core_ext'
+require_relative 'ber/core_ext'

data/lib/net/ber/ber_parser.rb

@@ -14,7 +14,7 @@ module Net::BER::BERParser
   }
   constructed = {
     16 => :array,
-    17 => :array
+    17 => :array,
   }
   universal = { :primitive => primitive, :constructed => constructed }
 
@@ -41,9 +41,18 @@ module Net::BER::BERParser
       s.ber_identifier = id
       s
     elsif object_type == :integer
-      j = 0
-      data.each_byte { |b| j = (j << 8) + b }
-      j
+      neg = !(data.unpack("C").first & 0x80).zero?
+      int = 0
+
+      data.each_byte do |b|
+        int = (int << 8) + (neg ? 255 - b : b)
+      end
+
+      if neg
+        (int + 1) * -1
+      else
+        int
+      end
     elsif object_type == :oid
       # See X.690 pgh 8.19 for an explanation of this algorithm.
       # This is potentially not good enough. We may need a
@@ -148,6 +157,9 @@ module Net::BER::BERParser
   # implemented on the including object and that it returns a Fixnum value.
   # Also requires #read(bytes) to work.
   #
+  # Yields the object type `id` and the data `content_length` if a block is
+  # given. This is namely to support instrumentation.
+  #
   # This does not work with non-blocking I/O.
   def read_ber(syntax = nil)
     # TODO: clean this up so it works properly with partial packets coming
@@ -157,11 +169,13 @@ module Net::BER::BERParser
     id = getbyte or return nil  # don't trash this value, we'll use it later
     content_length = read_ber_length
 
+    yield id, content_length if block_given?
+
     if -1 == content_length
-      raise Net::BER::BerError, "Indeterminite BER content length not implemented."
-    else
-      data = read(content_length)
+      raise Net::BER::BerError,
+            "Indeterminite BER content length not implemented."
     end
+    data = read(content_length)
 
     parse_ber_object(syntax, id, data)
   end