prathe-net-ldap 0.2.20110317223538

data/test/testdata.ldif

@@ -0,0 +1,101 @@
+# $Id: testdata.ldif 50 2006-04-17 17:57:33Z blackhedd $
+#
+# This is test-data for an LDAP server in LDIF format.
+#
+dn: dc=bayshorenetworks,dc=com
+objectClass: dcObject
+objectClass: organization
+o: Bayshore Networks LLC
+dc: bayshorenetworks
+
+dn: cn=Manager,dc=bayshorenetworks,dc=com
+objectClass: organizationalrole
+cn: Manager
+
+dn: ou=people,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: people
+
+dn: ou=privileges,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: privileges
+
+dn: ou=roles,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: roles
+
+dn: ou=office,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: office
+
+dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Bob Fosse
+mail: nogoodnik@steamheat.net
+sn: Fosse
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
+hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
+
+dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Gwen Verdon
+mail: elephant@steamheat.net
+sn: Verdon
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+
+dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineering
+ou: privileges
+objectClass: accessPrivilege
+
+dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineer
+ou: roles
+objectClass: accessRole
+hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
+
+dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapadmin
+ou: roles
+objectClass: accessRole
+
+dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapsuperadmin
+ou: roles
+objectClass: accessRole
+
+dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Sid Sorokin
+mail: catperson@steamheat.net
+sn: Sorokin
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+

data/testserver/ldapserver.rb

@@ -0,0 +1,210 @@
+# $Id$
+#
+# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
+# Gmail account: garbagecat10.
+#
+# This is an LDAP server intended for unit testing of Net::LDAP.
+# It implements as much of the protocol as we have the stomach
+# to implement but serves static data. Use ldapsearch to test
+# this server!
+#
+# To make this easier to write, we use the Ruby/EventMachine
+# reactor library.
+#
+
+#------------------------------------------------
+
+module LdapServer
+
+  LdapServerAsnSyntax = {
+    :application => {
+      :constructed => {
+        0 => :array,               # LDAP BindRequest
+        3 => :array                # LDAP SearchRequest
+      },
+      :primitive => {
+        2 => :string,              # ldapsearch sends this to unbind
+      }
+    },
+    :context_specific => {
+      :primitive => {
+        0 => :string,              # simple auth (password)
+        7 => :string               # present filter
+      },
+      :constructed => {
+        3 => :array                # equality filter
+      },
+    }
+  }
+
+  def post_init
+    $logger.info "Accepted LDAP connection"
+    @authenticated = false
+  end
+
+  def receive_data data
+    @data ||= ""; @data << data
+    while pdu = @data.read_ber!(LdapServerAsnSyntax)
+      begin
+      handle_ldap_pdu pdu
+      rescue
+        $logger.error "closing connection due to error #{$!}"
+        close_connection
+      end
+    end
+  end
+
+  def handle_ldap_pdu pdu
+    tag_id = pdu[1].ber_identifier
+    case tag_id
+    when 0x60
+      handle_bind_request pdu
+    when 0x63
+      handle_search_request pdu
+    when 0x42
+      # bizarre thing, it's a null object (primitive application-2)
+      # sent by ldapsearch to request an unbind (or a kiss-off, not sure which)
+      close_connection_after_writing
+    else
+      $logger.error "received unknown packet-type #{tag_id}"
+      close_connection_after_writing
+    end
+  end
+
+  def handle_bind_request pdu
+    # TODO, return a proper LDAP error instead of blowing up on version error
+    if pdu[1][0] != 3
+      send_ldap_response 1, pdu[0].to_i, 2, "", "We only support version 3"
+    elsif pdu[1][1] != "cn=bigshot,dc=bayshorenetworks,dc=com"
+      send_ldap_response 1, pdu[0].to_i, 48, "", "Who are you?"
+    elsif pdu[1][2].ber_identifier != 0x80
+      send_ldap_response 1, pdu[0].to_i, 7, "", "Keep it simple, man"
+    elsif pdu[1][2] != "opensesame"
+      send_ldap_response 1, pdu[0].to_i, 49, "", "Make my day"
+    else
+      @authenticated = true
+      send_ldap_response 1, pdu[0].to_i, 0, pdu[1][1], "I'll take it"
+    end
+  end
+
+
+
+  #--
+  # Search Response ::=
+  #       CHOICE {
+  #            entry          [APPLICATION 4] SEQUENCE {
+  #                                objectName     LDAPDN,
+  #                                attributes     SEQUENCE OF SEQUENCE {
+  #                                                    AttributeType,
+  #                                                    SET OF AttributeValue
+  #                                               }
+  #                           },
+  #            resultCode     [APPLICATION 5] LDAPResult
+  #        }
+  def handle_search_request pdu
+    unless @authenticated
+      # NOTE, early exit.
+      send_ldap_response 5, pdu[0].to_i, 50, "", "Who did you say you were?"
+      return
+    end
+
+    treebase = pdu[1][0]
+    if treebase != "dc=bayshorenetworks,dc=com"
+      send_ldap_response 5, pdu[0].to_i, 32, "", "unknown treebase"
+      return
+    end
+
+    msgid = pdu[0].to_i.to_ber
+
+    # pdu[1][7] is the list of requested attributes.
+    # If it's an empty array, that means that *all* attributes were requested.
+    requested_attrs = if pdu[1][7].length > 0
+      pdu[1][7].map {|a| a.downcase}
+    else
+      :all
+    end
+
+    filters = pdu[1][6]
+    if filters.length == 0
+      # NOTE, early exit.
+      send_ldap_response 5, pdu[0].to_i, 53, "", "No filter specified"
+    end
+
+    # TODO, what if this returns nil?
+    filter = Net::LDAP::Filter.parse_ldap_filter( filters )
+
+    $ldif.each {|dn, entry|
+      if filter.match( entry )
+        attrs = []
+        entry.each {|k, v|
+          if requested_attrs == :all or requested_attrs.include?(k.downcase)
+            attrvals = v.map {|v1| v1.to_ber}.to_ber_set
+            attrs << [k.to_ber, attrvals].to_ber_sequence
+          end
+        }
+
+        appseq = [dn.to_ber, attrs.to_ber_sequence].to_ber_appsequence(4)
+        pkt = [msgid.to_ber, appseq].to_ber_sequence
+        send_data pkt
+      end
+    }
+
+
+    send_ldap_response 5, pdu[0].to_i, 0, "", "Was that what you wanted?"
+  end
+
+
+
+  def send_ldap_response pkt_tag, msgid, code, dn, text
+    send_data( [msgid.to_ber, [code.to_ber, dn.to_ber, text.to_ber].to_ber_appsequence(pkt_tag) ].to_ber )
+  end
+
+end
+
+
+#------------------------------------------------
+
+# Rather bogus, a global method, which reads a HARDCODED filename
+# parses out LDIF data. It will be used to serve LDAP queries out of this server.
+#
+def load_test_data
+  ary = File.readlines( "./testdata.ldif" )
+  hash = {}
+  while line = ary.shift and line.chomp!
+    if line =~ /^dn:[\s]*/i
+      dn = $'
+      hash[dn] = {}
+      while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/
+        hash[dn][$1.downcase] ||= []
+        hash[dn][$1.downcase] << $'
+      end
+    end
+  end
+  hash
+end
+
+
+#------------------------------------------------
+
+if __FILE__ == $0
+
+  require 'rubygems'
+  require 'eventmachine'
+
+  require 'logger'
+  $logger = Logger.new $stderr
+
+  $logger.info "adding ../lib to loadpath, to pick up dev version of Net::LDAP."
+  $:.unshift "../lib"
+
+  $ldif = load_test_data
+
+  require 'net/ldap'
+
+  EventMachine.run {
+    $logger.info "starting LDAP server on 127.0.0.1 port 3890"
+    EventMachine.start_server "127.0.0.1", 3890, LdapServer
+    EventMachine.add_periodic_timer 60, proc {$logger.info "heartbeat"}
+  }
+end
+

data/testserver/testdata.ldif

@@ -0,0 +1,101 @@
+# $Id$
+#
+# This is test-data for an LDAP server in LDIF format.
+#
+dn: dc=bayshorenetworks,dc=com
+objectClass: dcObject
+objectClass: organization
+o: Bayshore Networks LLC
+dc: bayshorenetworks
+
+dn: cn=Manager,dc=bayshorenetworks,dc=com
+objectClass: organizationalrole
+cn: Manager
+
+dn: ou=people,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: people
+
+dn: ou=privileges,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: privileges
+
+dn: ou=roles,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: roles
+
+dn: ou=office,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: office
+
+dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Bob Fosse
+mail: nogoodnik@steamheat.net
+sn: Fosse
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
+hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
+
+dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Gwen Verdon
+mail: elephant@steamheat.net
+sn: Verdon
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+
+dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineering
+ou: privileges
+objectClass: accessPrivilege
+
+dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineer
+ou: roles
+objectClass: accessRole
+hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
+
+dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapadmin
+ou: roles
+objectClass: accessRole
+
+dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapsuperadmin
+ou: roles
+objectClass: accessRole
+
+dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Sid Sorokin
+mail: catperson@steamheat.net
+sn: Sorokin
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+

metadata

@@ -0,0 +1,206 @@
+--- !ruby/object:Gem::Specification
+name: prathe-net-ldap
+version: !ruby/object:Gem::Version
+  version: 0.2.20110317223538
+  prerelease: 
+platform: ruby
+authors:
+- Francis Cianfrocca
+- Emiel van de Laar
+- Rory O'Connell
+- Kaspar Schiess
+- Austin Ziegler
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-03-17 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: hoe-git
+  requirement: &70298028616040 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: *70298028616040
+- !ruby/object:Gem::Dependency
+  name: hoe-gemspec
+  requirement: &70298028610220 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: *70298028610220
+- !ruby/object:Gem::Dependency
+  name: metaid
+  requirement: &70298028602300 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: *70298028602300
+- !ruby/object:Gem::Dependency
+  name: flexmock
+  requirement: &70298028427820 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.9.0
+  type: :development
+  prerelease: false
+  version_requirements: *70298028427820
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70298028415200 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: *70298028415200
+- !ruby/object:Gem::Dependency
+  name: hoe
+  requirement: &70298028406000 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.9.1
+  type: :development
+  prerelease: false
+  version_requirements: *70298028406000
+description: ! 'Net::LDAP for Ruby (also called net-ldap) implements client access
+  for the
+
+  Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for
+
+  accessing distributed directory services. Net::LDAP is written completely in
+
+  Ruby with no external dependencies. It supports most LDAP client features and a
+
+  subset of server features as well.
+
+
+  Net::LDAP has been tested against modern popular LDAP servers including
+
+  OpenLDAP and Active Directory. The current release is mostly compliant with
+
+  earlier versions of the IETF LDAP RFCs (2251–2256, 2829–2830, 3377, and 3771).
+
+  Our roadmap for Net::LDAP 1.0 is to gain full <em>client</em> compliance with
+
+  the most recent LDAP RFCs (4510–4519, plutions of 4520–4532).'
+email:
+- blackhedd@rubyforge.org
+- gemiel@gmail.com
+- rory.ocon@gmail.com
+- kaspar.schiess@absurd.li
+- austin@rubyforge.org
+executables: []
+extensions: []
+extra_rdoc_files:
+- Manifest.txt
+- Contributors.rdoc
+- Hacking.rdoc
+- History.rdoc
+- License.rdoc
+- README.rdoc
+files:
+- .autotest
+- .rspec
+- Contributors.rdoc
+- Hacking.rdoc
+- History.rdoc
+- License.rdoc
+- Manifest.txt
+- README.rdoc
+- Rakefile
+- autotest/discover.rb
+- lib/net-ldap.rb
+- lib/net/ber.rb
+- lib/net/ber/ber_parser.rb
+- lib/net/ber/core_ext.rb
+- lib/net/ber/core_ext/array.rb
+- lib/net/ber/core_ext/bignum.rb
+- lib/net/ber/core_ext/false_class.rb
+- lib/net/ber/core_ext/fixnum.rb
+- lib/net/ber/core_ext/string.rb
+- lib/net/ber/core_ext/true_class.rb
+- lib/net/ldap.rb
+- lib/net/ldap/dataset.rb
+- lib/net/ldap/dn.rb
+- lib/net/ldap/entry.rb
+- lib/net/ldap/filter.rb
+- lib/net/ldap/password.rb
+- lib/net/ldap/pdu.rb
+- lib/net/snmp.rb
+- net-ldap.gemspec
+- spec/integration/ssl_ber_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+- spec/unit/ber/ber_spec.rb
+- spec/unit/ber/core_ext/string_spec.rb
+- spec/unit/ldap/dn_spec.rb
+- spec/unit/ldap/entry_spec.rb
+- spec/unit/ldap/filter_spec.rb
+- spec/unit/ldap_spec.rb
+- test/common.rb
+- test/test_entry.rb
+- test/test_filter.rb
+- test/test_ldap_connection.rb
+- test/test_ldif.rb
+- test/test_password.rb
+- test/test_rename.rb
+- test/test_snmp.rb
+- test/testdata.ldif
+- testserver/ldapserver.rb
+- testserver/testdata.ldif
+- .gemtest
+homepage: http://net-ldap.rubyforge.org/
+licenses: []
+post_install_message: 
+rdoc_options:
+- --main
+- README.rdoc
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.8.7
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: prathe-net-ldap
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Net::LDAP for Ruby (also called net-ldap) implements client access for the
+  Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for accessing
+  distributed directory services
+test_files:
+- test/test_entry.rb
+- test/test_filter.rb
+- test/test_ldap_connection.rb
+- test/test_ldif.rb
+- test/test_password.rb
+- test/test_rename.rb
+- test/test_snmp.rb