net-ldap 0.9.0 → 0.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f9fc3d7a463a0f673de926b440e144eae66937a4
-  data.tar.gz: 2d921f1be37ff33c20100650642f1123fcd2c161
+  metadata.gz: 570b21d340b31538c59bb0082891227b4b048398
+  data.tar.gz: 3101e8927d74913355235198f91b2907b308b712
 SHA512:
-  metadata.gz: 803d644ca0fe9b7314df587e68a0ecc7f01f34316d30fd4a926a09dfc4e3ab7e73b388854f9f4eecc78c9b07817d21a0b342e893422d21b8a682c35dcf4a8fb1
-  data.tar.gz: e5143361c56f7c60cfe7272c054860403ec53812660730e141688be9fb56adf32b0121ae1d5e27c4a076a963b07b509db96e7a8cc43fa0eec7d5cf0b1e92dcdd
+  metadata.gz: c9f13490870b0aba267a7de18150eaf40aabf0fb1ace4f0476456b78305873ceb6417448685f3727e737759ae8c4e3db05743cf3b38ba5a64ddf4f6559b11302
+  data.tar.gz: ba4770abb3b87844dc138d21f94cc4c783d0addae63f525b119d99656b9b1ac32d36a6dc28ea017b74504828737b90b757d878337db1ada66edf9ccfe3d3d451

data/.gitignore

@@ -5,3 +5,5 @@ pkg/
 doc/
 publish/
 Gemfile.lock
+.bundle
+bin/

data/Hacking.rdoc

@@ -55,8 +55,6 @@ us with a sample LDIF data file for importing into LDAP servers for testing.
 Net::LDAP uses several libraries during development, all of which can be
 installed using RubyGems.
 
-* *hoe*
-* *hoe-git*
 * *flexmock*
 
 == Participation

data/History.rdoc

@@ -1,3 +1,15 @@
+=== Net::LDAP 0.10.0
+* Major enhancements:
+  * Accept SimpleTLS/StartTLS encryption options (compatible with `OpenSSL::SSL::SSLContext#set_params`)
+* Bug fixes:
+  * Parse filter strings with square and curly braces (`[]` and `{}`)
+  * Handle connection timeout errors (`Errno::ETIMEDOUT` raised as `Net::LDAP::LdapError`)
+* Testing changes:
+  * Add integration tests for StartTLS connections to OpenLDAP
+* Meta changes:
+  * Update Gem release tooling (remove Hoe, use Rake)
+  * Fix Gem release date
+
 === Net::LDAP 0.9.0
 * Major changes:
   * Dropped support for ruby 1.8.7, ruby >= 1.9.3 now required

data/README.rdoc

@@ -1,4 +1,4 @@
-= Net::LDAP for Ruby {<img src="https://travis-ci.org/github/ruby-net-ldap.png" />}[https://travis-ci.org/github/ruby-net-ldap]
+= Net::LDAP for Ruby {<img src="https://travis-ci.org/ruby-ldap/ruby-net-ldap.png" />}[https://travis-ci.org/github/ruby-net-ldap]
 
 == Description
 
@@ -41,8 +41,8 @@ Simply require either 'net-ldap' or 'net/ldap'.
 
 This section is for gem maintainers to cut a new version of the gem.
 
-* Update lib/html/pipeline/version.rb to next version number X.X.X following {semver}(http://semver.org/).
-* Update CHANGELOG.md. Get latest changes with `git log --oneline vLAST_RELEASE..HEAD | grep Merge`
+* Update lib/net/ldap/version.rb to next version number X.X.X following {semver}(http://semver.org/).
+* Update `History.rdoc`. Get latest changes with `git log --oneline vLAST_RELEASE..HEAD | grep Merge`
 * On the master branch, run `script/release`
 
 :include: Contributors.rdoc

data/Rakefile

@@ -1,74 +1,13 @@
+#!/usr/bin/env rake
 # -*- ruby encoding: utf-8 -*-
+# vim: syntax=ruby
 
-require "rubygems"
-require 'hoe'
-
-Hoe.plugin :doofus
-Hoe.plugin :git
-Hoe.plugin :gemspec
-
-Hoe.spec 'net-ldap' do |spec|
-  # spec.rubyforge_name = spec.name
-
-  spec.developer("Francis Cianfrocca", "blackhedd@rubyforge.org")
-  spec.developer("Emiel van de Laar", "gemiel@gmail.com")
-  spec.developer("Rory O'Connell", "rory.ocon@gmail.com")
-  spec.developer("Kaspar Schiess", "kaspar.schiess@absurd.li")
-  spec.developer("Austin Ziegler", "austin@rubyforge.org")
-  spec.developer("Michael Schaarschmidt", "michael@schaaryworks.com")
-
-  spec.remote_rdoc_dir = ''
-  spec.rsync_args << ' --exclude=statsvn/'
-
-  spec.urls = %w(http://rubyldap.com/' 'https://github.com/ruby-ldap/ruby-net-ldap)
-  spec.licenses = ['MIT']
-
-  spec.history_file = 'History.rdoc'
-  spec.readme_file = 'README.rdoc'
-
-  spec.extra_rdoc_files = FileList["*.rdoc"].to_a
-
-  spec.extra_dev_deps << [ "hoe-git", "~> 1" ]
-  spec.extra_dev_deps << [ "hoe-gemspec", "~> 1" ]
-  spec.extra_dev_deps << [ "flexmock", ">= 1.3.0" ]
-
-  spec.clean_globs << "coverage"
-
-  spec.spec_extras[:required_ruby_version] = ">= 1.8.7"
-  spec.multiruby_skip << "1.8.6"
-  spec.multiruby_skip << "1_8_6"
-
-  spec.need_tar = true
-end
-
-# I'm not quite ready to get rid of this, but I think "rake git:manifest" is
-# sufficient.
-namespace :old do
-  desc "Build the manifest file from the current set of files."
-  task :build_manifest do |t|
-    require 'find'
-
-    paths = []
-    Find.find(".") do |path|
-      next if File.directory?(path)
-      next if path =~ /\.svn/
-        next if path =~ /\.git/
-        next if path =~ /\.hoerc/
-        next if path =~ /\.swp$/
-        next if path =~ %r{coverage/}
-      next if path =~ /~$/
-        paths << path.sub(%r{^\./}, '')
-    end
-
-    File.open("Manifest.txt", "w") do |f|
-      f.puts paths.sort.join("\n")
-    end
+require 'rake/testtask'
 
-    puts paths.sort.join("\n")
-  end
+Rake::TestTask.new do |t|
+  t.libs << "test"
+  t.test_files = FileList['test/**/test_*.rb']
+  t.verbose = true
 end
 
-desc "Run a full set of integration and unit tests"
-task :cruise => [:test, :spec]
-
-# vim: syntax=ruby
+task :default => :test

data/lib/net/ldap.rb

@@ -537,10 +537,6 @@ class Net::LDAP
   # additional capabilities are added, more configuration values will be
   # added here.
   #
-  # Currently, the only supported argument is { :method => :simple_tls }.
-  # (Equivalently, you may pass the symbol :simple_tls all by itself,
-  # without enclosing it in a Hash.)
-  #
   # The :simple_tls encryption method encrypts <i>all</i> communications
   # with the LDAP server. It completely establishes SSL/TLS encryption with
   # the LDAP server before any LDAP-protocol data is exchanged. There is no
@@ -563,10 +559,30 @@ class Net::LDAP
   # The :start_tls like the :simple_tls encryption method also encrypts all
   # communcations with the LDAP server. With the exception that it operates
   # over the standard TCP port.
+  #
+  # In order to verify certificates and enable other TLS options, the
+  # :tls_options hash can be passed alongside :simple_tls or :start_tls.
+  # This hash contains any options that can be passed to
+  # OpenSSL::SSL::SSLContext#set_params(). The most common options passed
+  # should be OpenSSL::SSL::SSLContext::DEFAULT_PARAMS, or the :ca_file option,
+  # which contains a path to a Certificate Authority file (PEM-encoded).
+  #
+  # Example for a default setup without custom settings:
+  #   {
+  #     :method => :simple_tls,
+  #     :tls_options => OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
+  #   }
+  #
+  # Example for specifying a CA-File and only allowing TLSv1.1 connections:
+  #
+  #   {
+  #     :method => :start_tls,
+  #     :tls_options => { :ca_file => "/etc/cafile.pem", :ssl_version => "TLSv1_1" }
+  #   }
   def encryption(args)
     case args
     when :simple_tls, :start_tls
-      args = { :method => args }
+      args = { :method => args, :tls_options => {} }
     end
     @encryption = args
   end

data/lib/net/ldap/connection.rb

@@ -17,6 +17,8 @@ class Net::LDAP::Connection #:nodoc:
       raise Net::LDAP::LdapError, "Server #{server[:host]} refused connection on port #{server[:port]}."
     rescue Errno::EHOSTUNREACH => error
       raise Net::LDAP::LdapError, "Host #{server[:host]} was unreachable (#{error.message})"
+    rescue Errno::ETIMEDOUT
+      raise Net::LDAP::LdapError, "Connection to #{server[:host]} timed out."
     end
 
     if server[:encryption]
@@ -39,9 +41,15 @@ class Net::LDAP::Connection #:nodoc:
     end
   end
 
-  def self.wrap_with_ssl(io)
+  def self.wrap_with_ssl(io, tls_options = {})
     raise Net::LDAP::LdapError, "OpenSSL is unavailable" unless Net::LDAP::HasOpenSSL
+
     ctx = OpenSSL::SSL::SSLContext.new
+
+    # By default, we do not verify certificates. For a 1.0 release, this should probably be changed at some point.
+    # See discussion in https://github.com/ruby-ldap/ruby-net-ldap/pull/161
+    ctx.set_params(tls_options) unless tls_options.empty?
+
     conn = OpenSSL::SSL::SSLSocket.new(io, ctx)
     conn.connect
 
@@ -83,7 +91,7 @@ class Net::LDAP::Connection #:nodoc:
   def setup_encryption(args)
     case args[:method]
     when :simple_tls
-      @conn = self.class.wrap_with_ssl(@conn)
+      @conn = self.class.wrap_with_ssl(@conn, args[:tls_options])
       # additional branches requiring server validation and peer certs, etc.
       # go here.
     when :start_tls
@@ -100,7 +108,7 @@ class Net::LDAP::Connection #:nodoc:
       end
 
       if pdu.result_code.zero?
-        @conn = self.class.wrap_with_ssl(@conn)
+        @conn = self.class.wrap_with_ssl(@conn, args[:tls_options])
       else
         raise Net::LDAP::LdapError, "start_tls failed: #{pdu.result_code}"
       end

data/lib/net/ldap/filter.rb

@@ -753,7 +753,7 @@ class Net::LDAP::Filter
         scanner.scan(/\s*/)
         if op = scanner.scan(/<=|>=|!=|:=|=/)
           scanner.scan(/\s*/)
-          if value = scanner.scan(/(?:[-\w*.+:@=,#\$%&!'\s\xC3\x80-\xCA\xAF]|[^\x00-\x7F]|\\[a-fA-F\d]{2})+/u)
+          if value = scanner.scan(/(?:[-\[\]{}\w*.+:@=,#\$%&!'^~\s\xC3\x80-\xCA\xAF]|[^\x00-\x7F]|\\[a-fA-F\d]{2})+/u)
             # 20100313 AZ: Assumes that "(uid=george*)" is the same as
             # "(uid=george* )". The standard doesn't specify, but I can find
             # no examples that suggest otherwise.

data/lib/net/ldap/version.rb

@@ -1,5 +1,5 @@
 module Net
   class LDAP
-    VERSION = "0.9.0"
+    VERSION = "0.10.0"
   end
 end

data/net-ldap.gemspec

@@ -8,7 +8,6 @@ Gem::Specification.new do |s|
   s.version = Net::LDAP::VERSION
   s.license = "MIT"
   s.authors = ["Francis Cianfrocca", "Emiel van de Laar", "Rory O'Connell", "Kaspar Schiess", "Austin Ziegler", "Michael Schaarschmidt"]
-  s.date = %q{2012-02-28}
   s.description = %q{Net::LDAP for Ruby (also called net-ldap) implements client access for the
 Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for
 accessing distributed directory services. Net::LDAP is written completely in
@@ -21,7 +20,7 @@ earlier versions of the IETF LDAP RFCs (2251-2256, 2829-2830, 3377, and 3771).
 Our roadmap for Net::LDAP 1.0 is to gain full <em>client</em> compliance with
 the most recent LDAP RFCs (4510-4519, plutions of 4520-4532).}
   s.email = ["blackhedd@rubyforge.org", "gemiel@gmail.com", "rory.ocon@gmail.com", "kaspar.schiess@absurd.li", "austin@rubyforge.org"]
-  s.extra_rdoc_files = ["Manifest.txt", "Contributors.rdoc", "Hacking.rdoc", "History.rdoc", "License.rdoc", "README.rdoc"]
+  s.extra_rdoc_files = ["Contributors.rdoc", "Hacking.rdoc", "History.rdoc", "License.rdoc", "README.rdoc"]
   s.files = `git ls-files`.split $/
   s.test_files = s.files.grep(%r{^test})
   s.homepage = %q{http://github.com/ruby-ldap/ruby-net-ldap}
@@ -30,8 +29,6 @@ the most recent LDAP RFCs (4510-4519, plutions of 4520-4532).}
   s.required_ruby_version = ">= 1.9.3"
   s.summary = %q{Net::LDAP for Ruby (also called net-ldap) implements client access for the Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for accessing distributed directory services}
 
-  s.add_development_dependency("hoe-git", "~> 1.0")
-  s.add_development_dependency("hoe-gemspec", "~> 1.0")
   s.add_development_dependency("flexmock", "~> 1.3")
-  s.add_development_dependency("hoe", "~> 2.9")
+  s.add_development_dependency("rake", "~> 10.0")
 end

data/script/install-openldap

@@ -5,8 +5,8 @@ set -x
 BASE_PATH="$( cd `dirname $0`/../test/fixtures/openldap && pwd )"
 SEED_PATH="$( cd `dirname $0`/../test/fixtures          && pwd )"
 
-dpkg -s slapd time ldap-utils ||\
-  DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils
+dpkg -s slapd time ldap-utils gnutls-bin ssl-cert > /dev/null ||\
+  DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils gnutls-bin ssl-cert
 
 sudo /etc/init.d/slapd stop
 
@@ -45,3 +45,67 @@ sudo /etc/init.d/slapd start
              -f $SEED_PATH/seed.ldif
 
 sudo rm -rf $TMPDIR
+
+# SSL
+
+sudo sh -c "certtool --generate-privkey > /etc/ssl/private/cakey.pem"
+
+sudo sh -c "cat > /etc/ssl/ca.info <<EOF
+cn = rubyldap
+ca
+cert_signing_key
+EOF"
+
+# Create the self-signed CA certificate:
+sudo certtool --generate-self-signed \
+--load-privkey /etc/ssl/private/cakey.pem \
+--template /etc/ssl/ca.info \
+--outfile /etc/ssl/certs/cacert.pem
+
+# Make a private key for the server:
+sudo certtool --generate-privkey \
+--bits 1024 \
+--outfile /etc/ssl/private/ldap01_slapd_key.pem
+
+sudo sh -c "cat > /etc/ssl/ldap01.info <<EOF
+organization = Example Company
+cn = ldap01.example.com
+tls_www_server
+encryption_key
+signing_key
+expiration_days = 3650
+EOF"
+
+# Create the server certificate
+sudo certtool --generate-certificate \
+  --load-privkey /etc/ssl/private/ldap01_slapd_key.pem \
+  --load-ca-certificate /etc/ssl/certs/cacert.pem \
+  --load-ca-privkey /etc/ssl/private/cakey.pem \
+  --template /etc/ssl/ldap01.info \
+  --outfile /etc/ssl/certs/ldap01_slapd_cert.pem
+
+sudo ldapmodify -Y EXTERNAL -H ldapi:/// <<EOF | true
+dn: cn=config
+add: olcTLSCACertificateFile
+olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem
+-
+add: olcTLSCertificateFile
+olcTLSCertificateFile: /etc/ssl/certs/ldap01_slapd_cert.pem
+-
+add: olcTLSCertificateKeyFile
+olcTLSCertificateKeyFile: /etc/ssl/private/ldap01_slapd_key.pem
+EOF
+
+# LDAP over TLS/SSL (ldaps://) is deprecated in favour of StartTLS. The latter
+# refers to an existing LDAP session (listening on TCP port 389) becoming
+# protected by TLS/SSL whereas LDAPS, like HTTPS, is a distinct
+# encrypted-from-the-start protocol that operates over TCP port 636. But we
+# enable it for testing here.
+sudo sed -i -e 's|^SLAPD_SERVICES="\(.*\)"|SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///"|' /etc/default/slapd
+
+sudo adduser openldap ssl-cert
+sudo chgrp ssl-cert /etc/ssl/private/ldap01_slapd_key.pem
+sudo chmod g+r /etc/ssl/private/ldap01_slapd_key.pem
+sudo chmod o-r /etc/ssl/private/ldap01_slapd_key.pem
+
+sudo service slapd restart

data/test/fixtures/cacert.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRzCCAf+gAwIBAgIEVHpbmjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDEwhy
+dWJ5bGRhcDAeFw0xNDExMjkyMzQ5NDZaFw0xNTExMjkyMzQ5NDZaMBMxETAPBgNV
+BAMTCHJ1YnlsZGFwMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEA4pKe
+cDCNuL53fkpO/WSAS+gmMTsOs+oOK71kZlk2QT/MBz8TxC6m358qCADjnXcMVVxa
+ySQbQlVKZMkIvLNciZbiLDgC5II0NbHACNa8rqenoKRjS4J9W3OhA8EmnXn/Me+8
+uMCI9tfnKNRZYdkQZlra4I+Idn+xYfl/5q5b/7ZjPS2zY/585hFEYE+5vfOZVBSU
+3HMNSeuJvTehLv7dD7aQfXNM4cRgHXequkJQ/HLLFAO4AgJ+LJrFWpj7GWz3crgr
+9G5px4T78wJH3NQiOsG6UBXPw8c4T+Z6GAWX2l1zs1gZsaiCVbAraqK3404lL7yp
++ThbsW3ifzgNPhmjScXBLdbEDrrAKosW7kkTOGzxiMCBmNlj2SKhcztoduAtfF1f
+Fs2Jk8MRTHwO8ThD7wIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB
+/wQFAwMHBAAwHQYDVR0OBBYEFJDm67ekyFu4/Z7VcO6Vk/5pinGcMA0GCSqGSIb3
+DQEBCwUAA4IBMQDHeEPzfYRtjynpUKyrtxx/6ZVOfCLuz4eHkBZggz/pJacDCv/a
+I//W03XCk8RWq/fWVVUzvxXgPwnYcw992PLM7XW81zp6ruRUDWooYnjHZZz3bRhe
+kC4QvM2mZhcsMVmhmWWKZn81qXgVdUY1XNRhk87cuXjF/UTpEieFvWAsCUkFZkqB
+AmySCuI/FuPaauT1YAltkIlYAEIGNJGZDMf2BTVUQpXhTXeS9/AZWLNDBwiq+fwo
+YYnsr9MnBXCEmg1gVSR/Ay2AZmbYfiYtb5kU8uq2lSWAUb4LX6HZl82wo3OilrJ2
+WXl6Qf+Fcy4qqkRt4AKHjtzizpEDCOVYuuG0Zoy+QnxNXRsEzpb8ymnJFrcgYfk/
+6Lv2gWAFl5FqCZp7gBWg55eL2coT4C+mbNTF
+-----END CERTIFICATE-----

data/test/integration/test_bind.rb

@@ -19,4 +19,16 @@ class TestBindIntegration < LDAPIntegrationTestCase
   def test_bind_fail
     refute @ldap.bind(method: :simple, username: "uid=user1,ou=People,dc=rubyldap,dc=com", password: "not my password"), @ldap.get_operation_result.inspect
   end
+
+  def test_bind_tls_with_cafile
+    tls_options = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(:ca_file => CA_FILE)
+    @ldap.encryption(method: :start_tls, tls_options: tls_options)
+    assert @ldap.bind(method: :simple, username: "uid=user1,ou=People,dc=rubyldap,dc=com", password: "passworD1"), @ldap.get_operation_result.inspect
+  end
+
+  def test_bind_tls_with_verify_none
+    tls_options = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(:verify_mode => OpenSSL::SSL::VERIFY_NONE)
+    @ldap.encryption(method: :start_tls, tls_options: tls_options)
+    assert @ldap.bind(method: :simple, username: "uid=user1,ou=People,dc=rubyldap,dc=com", password: "passworD1"), @ldap.get_operation_result.inspect
+  end
 end

data/test/test_filter_parser.rb

@@ -10,6 +10,10 @@ class TestFilterParser < Test::Unit::TestCase
     assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(cn=名前)")
   end
 
+  def test_brackets
+    assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(cn=[{something}])")
+  end
+
   def test_colons
     assert_kind_of Net::LDAP::Filter, Net::LDAP::Filter::FilterParser.parse("(ismemberof=cn=edu:berkeley:app:calmessages:deans,ou=campus groups,dc=berkeley,dc=edu)")
   end

data/test/test_helper.rb

@@ -6,6 +6,18 @@ require 'flexmock/test_unit'
 # Whether integration tests should be run.
 INTEGRATION = ENV.fetch("INTEGRATION", "skip") != "skip"
 
+# The CA file to verify certs against for tests.
+# Override with CA_FILE env variable; otherwise checks for the VM-specific path
+# and falls back to the test/fixtures/cacert.pem for local testing.
+CA_FILE =
+  ENV.fetch("CA_FILE") do
+    if File.exist?("/etc/ssl/certs/cacert.pem")
+      "/etc/ssl/certs/cacert.pem"
+    else
+      File.expand_path("fixtures/cacert.pem", File.dirname(__FILE__))
+    end
+  end
+
 if RUBY_VERSION < "2.0"
   class String
     def b

data/test/test_ldap_connection.rb

@@ -202,7 +202,7 @@ class TestLDAPConnectionSocketReads < Test::Unit::TestCase
       and_return(result2)
     mock.should_receive(:write)
     conn = Net::LDAP::Connection.new(:socket => mock)
-    flexmock(Net::LDAP::Connection).should_receive(:wrap_with_ssl).with(mock).
+    flexmock(Net::LDAP::Connection).should_receive(:wrap_with_ssl).with(mock, nil).
       and_return(mock)
 
     conn.next_msgid # simulates ongoing query

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: net-ldap
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.10.0
 platform: ruby
 authors:
 - Francis Cianfrocca
@@ -13,36 +13,8 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-02-28 00:00:00.000000000 Z
+date: 2014-12-10 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: hoe-git
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: hoe-gemspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: flexmock
   requirement: !ruby/object:Gem::Requirement
@@ -58,19 +30,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.3'
 - !ruby/object:Gem::Dependency
-  name: hoe
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '10.0'
 description: |-
   Net::LDAP for Ruby (also called net-ldap) implements client access for the
   Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for
@@ -92,7 +64,6 @@ email:
 executables: []
 extensions: []
 extra_rdoc_files:
-- Manifest.txt
 - Contributors.rdoc
 - Hacking.rdoc
 - History.rdoc
@@ -107,7 +78,6 @@ files:
 - Hacking.rdoc
 - History.rdoc
 - License.rdoc
-- Manifest.txt
 - README.rdoc
 - Rakefile
 - lib/net-ldap.rb
@@ -138,6 +108,7 @@ files:
 - test/ber/core_ext/test_array.rb
 - test/ber/core_ext/test_string.rb
 - test/ber/test_ber.rb
+- test/fixtures/cacert.pem
 - test/fixtures/openldap/memberof.ldif
 - test/fixtures/openldap/retcode.ldif
 - test/fixtures/openldap/slapd.conf.ldif
@@ -200,6 +171,7 @@ test_files:
 - test/ber/core_ext/test_array.rb
 - test/ber/core_ext/test_string.rb
 - test/ber/test_ber.rb
+- test/fixtures/cacert.pem
 - test/fixtures/openldap/memberof.ldif
 - test/fixtures/openldap/retcode.ldif
 - test/fixtures/openldap/slapd.conf.ldif

data/Manifest.txt

@@ -1,52 +0,0 @@
-.travis.yml
-Contributors.rdoc
-Gemfile
-Hacking.rdoc
-History.rdoc
-License.rdoc
-Manifest.txt
-README.rdoc
-Rakefile
-lib/net-ldap.rb
-lib/net/ber.rb
-lib/net/ber/ber_parser.rb
-lib/net/ber/core_ext.rb
-lib/net/ber/core_ext/array.rb
-lib/net/ber/core_ext/bignum.rb
-lib/net/ber/core_ext/false_class.rb
-lib/net/ber/core_ext/fixnum.rb
-lib/net/ber/core_ext/string.rb
-lib/net/ber/core_ext/true_class.rb
-lib/net/ldap.rb
-lib/net/ldap/dataset.rb
-lib/net/ldap/dn.rb
-lib/net/ldap/entry.rb
-lib/net/ldap/filter.rb
-lib/net/ldap/instrumentation.rb
-lib/net/ldap/password.rb
-lib/net/ldap/pdu.rb
-lib/net/ldap/version.rb
-lib/net/snmp.rb
-net-ldap.gemspec
-spec/integration/ssl_ber_spec.rb
-spec/spec_helper.rb
-spec/unit/ber/ber_spec.rb
-spec/unit/ber/core_ext/array_spec.rb
-spec/unit/ber/core_ext/string_spec.rb
-spec/unit/ldap/dn_spec.rb
-spec/unit/ldap/entry_spec.rb
-spec/unit/ldap/filter_parser_spec.rb
-spec/unit/ldap/filter_spec.rb
-spec/unit/ldap/search_spec.rb
-spec/unit/ldap_spec.rb
-test/common.rb
-test/test_entry.rb
-test/test_filter.rb
-test/test_ldap_connection.rb
-test/test_ldif.rb
-test/test_password.rb
-test/test_rename.rb
-test/test_snmp.rb
-test/testdata.ldif
-testserver/ldapserver.rb
-testserver/testdata.ldif