net-ldap 0.16.1 → 0.16.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: cd6f9335c52e3019675ba1733ce49135ffe54da7
-  data.tar.gz: 6fbe8f791d39bf5934125393bf9eb9ae66351e06
+SHA256:
+  metadata.gz: bb65f1bdb6d23c483e83e52762a8873b1a872a798e229320243262a1328cc8d8
+  data.tar.gz: 18ab54a1cea6eae374327f6933be93d7b4db83081c65db1f38a0c2600e044b34
 SHA512:
-  metadata.gz: ecd3d8ce429ece15a44b9034e7626ddae80112539311b3992c424ac2c26d440d38d829b3d61eb6cc5d425ab5457231863895f32781cd30cb5f346e3c5bedb87d
-  data.tar.gz: 19300497d3d524dbe8a7658f2e21c92c92380143bc06cf4d5a0928724828b55bbc9515333c9f291459d9a62b95e6049e8e8ca8412538023340c8c3f98e9e8ffe
+  metadata.gz: 0d6a96984d362d97954e112a4ebea4b594429a9e26781be7b34f7247f134401a99733d84d84b71aee193d169f1f8ea7fe0ce7b3264c8891d7bfe610198dfae01
+  data.tar.gz: 36feb9633daaf4c19a347c039d5abad063fb19f1a3dbb52320f2d8cc2ec56b86137f5f79e5700ba8dc364f1450be56bbcc5aca552e4f642a31f9c149451dfa88

data/.gitignore

@@ -7,3 +7,4 @@ publish/
 Gemfile.lock
 .bundle
 bin/
+.idea

data/.travis.yml

@@ -3,12 +3,23 @@ rvm:
   - 2.0.0
   - 2.1
   - 2.2
+  - 2.3
+  - 2.4
+  - 2.5
+  - 2.6
   # optional
   - ruby-head
   - jruby-19mode
   - jruby-head
   - rbx-2
 
+addons:
+  hosts:
+    - ldap.example.org # needed for TLS verification
+
+services:
+  - docker
+
 env:
   - INTEGRATION=openldap
 
@@ -16,7 +27,18 @@ before_install:
   - gem update bundler
 
 install:
-  - if [ "$INTEGRATION" = "openldap" ]; then sudo script/install-openldap; fi
+  - >
+    docker run \
+      --hostname ldap.example.org \
+      --env LDAP_TLS_VERIFY_CLIENT=try \
+      -p 389:389 \
+      -p 636:636 \
+      -v "$(pwd)"/test/fixtures/ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom \
+      --name openldap \
+      --detach \
+      osixia/openldap:1.3.0 \
+        --copy-service \
+        --loglevel debug \
   - bundle install
 
 script: bundle exec rake ci

data/History.rdoc

@@ -1,3 +1,10 @@
+=== Net::LDAP 0.16.2
+
+* Net::LDAP#open does not cache bind result {#334}[https://github.com/ruby-ldap/ruby-net-ldap/pull/334]
+* Fix CI build {#333}[https://github.com/ruby-ldap/ruby-net-ldap/pull/333]
+* Fix to "undefined method 'result_code'" {#308}[https://github.com/ruby-ldap/ruby-net-ldap/pull/308]
+* Fixed Exception: incompatible character encodings: ASCII-8BIT and UTF-8 in filter.rb {#285}[https://github.com/ruby-ldap/ruby-net-ldap/pull/285]
+
 === Net::LDAP 0.16.1
 
 * Send DN and newPassword with password_modify request {#271}[https://github.com/ruby-ldap/ruby-net-ldap/pull/271]

data/README.rdoc

@@ -53,9 +53,14 @@ This task will run the test suite and the
   rake rubotest
 
 CI takes too long? If your local box supports
-{Vagrant}[https://www.vagrantup.com/], you can run most of the tests
-in a VM on your local box. For more details and setup instructions, see
-{test/support/vm/openldap/README.md}[https://github.com/ruby-ldap/ruby-net-ldap/tree/master/test/support/vm/openldap/README.md]
+{Docker}[https://www.docker.com/], you can also run integration tests locally.
+Simply run:
+
+  script/ldap-docker
+  INTEGRATION=openldap rake test
+
+CAVEAT: you need to add the following line to /etc/hosts
+    127.0.0.1 ldap.example.org
 
 == Release
 

data/lib/net/ldap.rb

@@ -712,7 +712,7 @@ class Net::LDAP
       begin
         @open_connection = new_connection
         payload[:connection] = @open_connection
-        payload[:bind]       = @open_connection.bind(@auth)
+        payload[:bind]       = @result = @open_connection.bind(@auth)
         yield self
       ensure
         @open_connection.close if @open_connection

data/lib/net/ldap/connection.rb

@@ -467,6 +467,10 @@ class Net::LDAP::Connection #:nodoc:
           end
         end
 
+        if result_pdu.nil?
+          raise Net::LDAP::ResponseMissingOrInvalidError, "response missing"
+        end
+
         # count number of pages of results
         payload[:page_count] ||= 0
         payload[:page_count]  += 1

data/lib/net/ldap/filter.rb

@@ -645,8 +645,15 @@ class Net::LDAP::Filter
 
   ##
   # Converts escaped characters (e.g., "\\28") to unescaped characters
+  # @note slawson20170317: Don't attempt to unescape 16 byte binary data which we assume are objectGUIDs
+  # The binary form of 5936AE79-664F-44EA-BCCB-5C39399514C6 triggers a BINARY -> UTF-8 conversion error        
   def unescape(right)
-    right.to_s.gsub(/\\([a-fA-F\d]{2})/) { [$1.hex].pack("U") }
+    right = right.to_s
+    if right.length == 16 && right.encoding == Encoding::BINARY
+      right
+    else
+      right.to_s.gsub(/\\([a-fA-F\d]{2})/) { [$1.hex].pack("U") }
+    end
   end
   private :unescape
 

data/lib/net/ldap/version.rb

@@ -1,5 +1,5 @@
 module Net
   class LDAP
-    VERSION = "0.16.1"
+    VERSION = "0.16.2"
   end
 end

data/script/ldap-docker

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+# Usage: script/ldap-docker
+#
+# Starts a openldap docker container ready for integration tests
+
+docker run --rm -ti \
+  --hostname ldap.example.org \
+  --env LDAP_TLS_VERIFY_CLIENT=try \
+  -p 389:389 -p 636:636 \
+  -v "$(pwd)"/test/fixtures/ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom \
+  --name my-openldap-container \
+  osixia/openldap:1.3.0 --copy-service --loglevel debug

data/test/fixtures/ca/docker-ca.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC0zCCAlmgAwIBAgIUCfQ+m0pgZ/BjYAJvxrn/bdGNZokwCgYIKoZIzj0EAwMw
+gZYxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxBMUEgQ2FyIFdhc2gxJDAiBgNVBAsT
+G0luZm9ybWF0aW9uIFRlY2hub2xvZ3kgRGVwLjEUMBIGA1UEBxMLQWxidXF1ZXJx
+dWUxEzARBgNVBAgTCk5ldyBNZXhpY28xHzAdBgNVBAMTFmRvY2tlci1saWdodC1i
+YXNlaW1hZ2UwHhcNMTUxMjIzMTM1MzAwWhcNMjAxMjIxMTM1MzAwWjCBljELMAkG
+A1UEBhMCVVMxFTATBgNVBAoTDEExQSBDYXIgV2FzaDEkMCIGA1UECxMbSW5mb3Jt
+YXRpb24gVGVjaG5vbG9neSBEZXAuMRQwEgYDVQQHEwtBbGJ1cXVlcnF1ZTETMBEG
+A1UECBMKTmV3IE1leGljbzEfMB0GA1UEAxMWZG9ja2VyLWxpZ2h0LWJhc2VpbWFn
+ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMZf/12pupAgl8Sm+j8GmjNeNbSFAZWW
+oTmIvf2Mu4LWPHy4bTldkQgHUbBpT3xWz8f0lB/ru7596CHsGoL2A28hxuclq5hb
+Ux1yrIt3bJIY3TuiX25HGTe6kGCJPB1aLaNmMGQwDgYDVR0PAQH/BAQDAgEGMBIG
+A1UdEwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFE+l6XolXDAYnGLTl4W6ULKHrm74
+MB8GA1UdIwQYMBaAFE+l6XolXDAYnGLTl4W6ULKHrm74MAoGCCqGSM49BAMDA2gA
+MGUCMQCXLZj8okyxW6UTL7hribUUbu63PbjuwIXnwi420DdNsvA9A7fcQEXScWFL
+XAGC8rkCMGcqwXZPSRfwuI9r+R11gTrP92hnaVxs9sjRikctpkQpOyNlIXFPopFK
+8FdfWPypvA==
+-----END CERTIFICATE-----

data/test/fixtures/{openldap/retcode.ldif → ldif/06-retcode.ldif}

@@ -1,19 +1,18 @@
-dn: cn=module,cn=config
-cn: module
-objectClass: olcModuleList
-objectClass: top
-olcModulePath: /usr/lib/ldap
-olcModuleLoad: retcode.la
+dn: cn=module{0},cn=config
+changetype: modify
+add: olcModuleLoad
+olcModuleLoad: retcode
 
 # source: http://www.opensource.apple.com/source/OpenLDAP/OpenLDAP-186/OpenLDAP/tests/data/retcode.conf?txt
 
-dn: olcOverlay={2}retcode,olcDatabase={1}hdb,cn=config
+dn: olcOverlay={2}retcode,olcDatabase={1}{{ LDAP_BACKEND }},cn=config
+changetype: add
 objectClass: olcConfig
 objectClass: olcRetcodeConfig
 objectClass: olcOverlayConfig
 objectClass: top
 olcOverlay: retcode
-olcRetcodeParent: ou=Retcodes,dc=rubyldap,dc=com
+olcRetcodeParent: ou=Retcodes,dc=example,dc=org
 olcRetcodeInDir: TRUE
 olcRetcodeSleep: 0
 olcRetcodeItem: "cn=success" 0x00

data/test/fixtures/ldif/50-seed.ldif

@@ -0,0 +1,374 @@
+dn: ou=People,dc=example,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: People
+
+dn: ou=Groups,dc=example,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: Groups
+
+# Directory Superuser
+dn: uid=admin,dc=example,dc=org
+uid: admin
+cn: system administrator
+sn: administrator
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+displayName: Directory Superuser
+userPassword: passworD1
+
+# Users 1-10
+
+dn: uid=user1,ou=People,dc=example,dc=org
+uid: user1
+cn: user1
+sn: user1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user1@rubyldap.com
+
+dn: uid=user2,ou=People,dc=example,dc=org
+uid: user2
+cn: user2
+sn: user2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user2@rubyldap.com
+
+dn: uid=user3,ou=People,dc=example,dc=org
+uid: user3
+cn: user3
+sn: user3
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user3@rubyldap.com
+
+dn: uid=user4,ou=People,dc=example,dc=org
+uid: user4
+cn: user4
+sn: user4
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user4@rubyldap.com
+
+dn: uid=user5,ou=People,dc=example,dc=org
+uid: user5
+cn: user5
+sn: user5
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user5@rubyldap.com
+
+dn: uid=user6,ou=People,dc=example,dc=org
+uid: user6
+cn: user6
+sn: user6
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user6@rubyldap.com
+
+dn: uid=user7,ou=People,dc=example,dc=org
+uid: user7
+cn: user7
+sn: user7
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user7@rubyldap.com
+
+dn: uid=user8,ou=People,dc=example,dc=org
+uid: user8
+cn: user8
+sn: user8
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user8@rubyldap.com
+
+dn: uid=user9,ou=People,dc=example,dc=org
+uid: user9
+cn: user9
+sn: user9
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user9@rubyldap.com
+
+dn: uid=user10,ou=People,dc=example,dc=org
+uid: user10
+cn: user10
+sn: user10
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: user10@rubyldap.com
+
+# Emailless User
+
+dn: uid=emailless-user1,ou=People,dc=example,dc=org
+uid: emailless-user1
+cn: emailless-user1
+sn: emailless-user1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+
+# Groupless User
+
+dn: uid=groupless-user1,ou=People,dc=example,dc=org
+uid: groupless-user1
+cn: groupless-user1
+sn: groupless-user1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+
+# Admin User
+
+dn: uid=admin1,ou=People,dc=example,dc=org
+uid: admin1
+cn: admin1
+sn: admin1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+userPassword: passworD1
+mail: admin1@rubyldap.com
+
+# Groups
+
+dn: cn=ghe-users,ou=Groups,dc=example,dc=org
+cn: ghe-users
+objectClass: groupOfNames
+member: uid=user1,ou=People,dc=example,dc=org
+member: uid=emailless-user1,ou=People,dc=example,dc=org
+
+dn: cn=all-users,ou=Groups,dc=example,dc=org
+cn: all-users
+objectClass: groupOfNames
+member: cn=ghe-users,ou=Groups,dc=example,dc=org
+member: uid=user1,ou=People,dc=example,dc=org
+member: uid=user2,ou=People,dc=example,dc=org
+member: uid=user3,ou=People,dc=example,dc=org
+member: uid=user4,ou=People,dc=example,dc=org
+member: uid=user5,ou=People,dc=example,dc=org
+member: uid=user6,ou=People,dc=example,dc=org
+member: uid=user7,ou=People,dc=example,dc=org
+member: uid=user8,ou=People,dc=example,dc=org
+member: uid=user9,ou=People,dc=example,dc=org
+member: uid=user10,ou=People,dc=example,dc=org
+member: uid=emailless-user1,ou=People,dc=example,dc=org
+
+dn: cn=ghe-admins,ou=Groups,dc=example,dc=org
+cn: ghe-admins
+objectClass: groupOfNames
+member: uid=admin1,ou=People,dc=example,dc=org
+
+dn: cn=all-admins,ou=Groups,dc=example,dc=org
+cn: all-admins
+objectClass: groupOfNames
+member: cn=ghe-admins,ou=Groups,dc=example,dc=org
+member: uid=admin1,ou=People,dc=example,dc=org
+
+dn: cn=n-member-group10,ou=Groups,dc=example,dc=org
+cn: n-member-group10
+objectClass: groupOfNames
+member: uid=user1,ou=People,dc=example,dc=org
+member: uid=user2,ou=People,dc=example,dc=org
+member: uid=user3,ou=People,dc=example,dc=org
+member: uid=user4,ou=People,dc=example,dc=org
+member: uid=user5,ou=People,dc=example,dc=org
+member: uid=user6,ou=People,dc=example,dc=org
+member: uid=user7,ou=People,dc=example,dc=org
+member: uid=user8,ou=People,dc=example,dc=org
+member: uid=user9,ou=People,dc=example,dc=org
+member: uid=user10,ou=People,dc=example,dc=org
+
+dn: cn=nested-group1,ou=Groups,dc=example,dc=org
+cn: nested-group1
+objectClass: groupOfNames
+member: uid=user1,ou=People,dc=example,dc=org
+member: uid=user2,ou=People,dc=example,dc=org
+member: uid=user3,ou=People,dc=example,dc=org
+member: uid=user4,ou=People,dc=example,dc=org
+member: uid=user5,ou=People,dc=example,dc=org
+
+dn: cn=nested-group2,ou=Groups,dc=example,dc=org
+cn: nested-group2
+objectClass: groupOfNames
+member: uid=user6,ou=People,dc=example,dc=org
+member: uid=user7,ou=People,dc=example,dc=org
+member: uid=user8,ou=People,dc=example,dc=org
+member: uid=user9,ou=People,dc=example,dc=org
+member: uid=user10,ou=People,dc=example,dc=org
+
+dn: cn=nested-groups,ou=Groups,dc=example,dc=org
+cn: nested-groups
+objectClass: groupOfNames
+member: cn=nested-group1,ou=Groups,dc=example,dc=org
+member: cn=nested-group2,ou=Groups,dc=example,dc=org
+
+dn: cn=n-member-nested-group1,ou=Groups,dc=example,dc=org
+cn: n-member-nested-group1
+objectClass: groupOfNames
+member: cn=nested-group1,ou=Groups,dc=example,dc=org
+
+dn: cn=deeply-nested-group0.0.0,ou=Groups,dc=example,dc=org
+cn: deeply-nested-group0.0.0
+objectClass: groupOfNames
+member: uid=user1,ou=People,dc=example,dc=org
+member: uid=user2,ou=People,dc=example,dc=org
+member: uid=user3,ou=People,dc=example,dc=org
+member: uid=user4,ou=People,dc=example,dc=org
+member: uid=user5,ou=People,dc=example,dc=org
+
+dn: cn=deeply-nested-group0.0.1,ou=Groups,dc=example,dc=org
+cn: deeply-nested-group0.0.1
+objectClass: groupOfNames
+member: uid=user6,ou=People,dc=example,dc=org
+member: uid=user7,ou=People,dc=example,dc=org
+member: uid=user8,ou=People,dc=example,dc=org
+member: uid=user9,ou=People,dc=example,dc=org
+member: uid=user10,ou=People,dc=example,dc=org
+
+dn: cn=deeply-nested-group0.0,ou=Groups,dc=example,dc=org
+cn: deeply-nested-group0.0
+objectClass: groupOfNames
+member: cn=deeply-nested-group0.0.0,ou=Groups,dc=example,dc=org
+member: cn=deeply-nested-group0.0.1,ou=Groups,dc=example,dc=org
+
+dn: cn=deeply-nested-group0,ou=Groups,dc=example,dc=org
+cn: deeply-nested-group0
+objectClass: groupOfNames
+member: cn=deeply-nested-group0.0,ou=Groups,dc=example,dc=org
+
+dn: cn=deeply-nested-groups,ou=Groups,dc=example,dc=org
+cn: deeply-nested-groups
+objectClass: groupOfNames
+member: cn=deeply-nested-group0,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group1,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group1
+objectClass: groupOfNames
+member: cn=nested-group1,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group2,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group2
+objectClass: groupOfNames
+member: cn=n-depth-nested-group1,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group3,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group3
+objectClass: groupOfNames
+member: cn=n-depth-nested-group2,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group4,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group4
+objectClass: groupOfNames
+member: cn=n-depth-nested-group3,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group5,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group5
+objectClass: groupOfNames
+member: cn=n-depth-nested-group4,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group6,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group6
+objectClass: groupOfNames
+member: cn=n-depth-nested-group5,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group7,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group7
+objectClass: groupOfNames
+member: cn=n-depth-nested-group6,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group8,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group8
+objectClass: groupOfNames
+member: cn=n-depth-nested-group7,ou=Groups,dc=example,dc=org
+
+dn: cn=n-depth-nested-group9,ou=Groups,dc=example,dc=org
+cn: n-depth-nested-group9
+objectClass: groupOfNames
+member: cn=n-depth-nested-group8,ou=Groups,dc=example,dc=org
+
+dn: cn=head-group,ou=Groups,dc=example,dc=org
+cn: head-group
+objectClass: groupOfNames
+member: cn=tail-group,ou=Groups,dc=example,dc=org
+member: uid=user1,ou=People,dc=example,dc=org
+member: uid=user2,ou=People,dc=example,dc=org
+member: uid=user3,ou=People,dc=example,dc=org
+member: uid=user4,ou=People,dc=example,dc=org
+member: uid=user5,ou=People,dc=example,dc=org
+
+dn: cn=tail-group,ou=Groups,dc=example,dc=org
+cn: tail-group
+objectClass: groupOfNames
+member: cn=head-group,ou=Groups,dc=example,dc=org
+member: uid=user6,ou=People,dc=example,dc=org
+member: uid=user7,ou=People,dc=example,dc=org
+member: uid=user8,ou=People,dc=example,dc=org
+member: uid=user9,ou=People,dc=example,dc=org
+member: uid=user10,ou=People,dc=example,dc=org
+
+dn: cn=recursively-nested-groups,ou=Groups,dc=example,dc=org
+cn: recursively-nested-groups
+objectClass: groupOfNames
+member: cn=head-group,ou=Groups,dc=example,dc=org
+member: cn=tail-group,ou=Groups,dc=example,dc=org
+
+# posixGroup
+
+dn: cn=posix-group1,ou=Groups,dc=example,dc=org
+cn: posix-group1
+objectClass: posixGroup
+gidNumber: 1001
+memberUid: user1
+memberUid: user2
+memberUid: user3
+memberUid: user4
+memberUid: user5
+
+# missing members
+
+dn: cn=missing-users,ou=Groups,dc=example,dc=org
+cn: missing-users
+objectClass: groupOfNames
+member: uid=user1,ou=People,dc=example,dc=org
+member: uid=user2,ou=People,dc=example,dc=org
+member: uid=nonexistent-user,ou=People,dc=example,dc=org