rbmk 0.1.0.a → 0.1.0.b
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/examples/rbmk.rb +7 -11
- data/lib/rbmk/operation.rb +53 -21
- data/lib/rbmk/transform.rb +33 -0
- data/lib/rbmk/version.rb +2 -2
- metadata +3 -3
- data/lib/rbmk.rb +0 -26
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e1099ee731e3c1c408f0489dd03bc02e6a5256e3
|
|
4
|
+
data.tar.gz: a9e3cec5e9f6899f7883d20e790f61b953d90ddc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 23278488b01fdbb876067fd2dd64e14038aafb6657d13769f22d9392f1cdc4e9ba9a0f20d905fb8adc6c61b19ee7d248ecfdf0f030d48ee660dc10f4a3b38813
|
|
7
|
+
data.tar.gz: 2a3b4d58d04c4635fdcc575b839a22eb77831978472a4c52ab85817125e99b2594f24076ac083ce9d2917c9ce3eb58002c47c3bd0d77bba0aa72dea7ac4283cd
|
data/examples/rbmk.rb
CHANGED
|
@@ -18,26 +18,22 @@ module RBMK::Logger
|
|
|
18
18
|
def self.level; ::Logger::DEBUG end
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
# The magic! You can transform the
|
|
21
|
+
# The magic! You can transform the LDAP operations
|
|
22
22
|
#
|
|
23
|
-
module RBMK
|
|
23
|
+
module RBMK::Transform
|
|
24
|
+
|
|
24
25
|
# For example, we can add a fooBar attribute to any resulting object
|
|
25
26
|
#
|
|
26
|
-
def self.
|
|
27
|
+
def self.entries entries
|
|
27
28
|
entries.map do |entry|
|
|
28
29
|
entry.merge 'fooBar' => 'baz'
|
|
29
30
|
end
|
|
30
31
|
end
|
|
31
32
|
|
|
32
|
-
# In this example we
|
|
33
|
+
# In this example we override atrributes in the request so that all of them are requested all the time
|
|
33
34
|
#
|
|
34
|
-
def self.
|
|
35
|
-
|
|
36
|
-
case op
|
|
37
|
-
when :true, :false, :undef then [op]
|
|
38
|
-
when :not, :and, :or then [op] + filter.map { |sf| hack_filter sf }.compact
|
|
39
|
-
else (filter.first =~ /\Afoobar\z/i) ? nil : [op] + filter
|
|
40
|
-
end
|
|
35
|
+
def self.search opts
|
|
36
|
+
opts.merge attrs: ['*', '+']
|
|
41
37
|
end
|
|
42
38
|
|
|
43
39
|
end
|
data/lib/rbmk/operation.rb
CHANGED
|
@@ -18,19 +18,20 @@ end
|
|
|
18
18
|
|
|
19
19
|
|
|
20
20
|
class LDAP::Server::Filter
|
|
21
|
-
def self.to_rfc
|
|
22
|
-
raise ArgumentError, 'Array expected' unless
|
|
23
|
-
raise ArgumentError, 'Filter is empty' if
|
|
21
|
+
def self.to_rfc preserved_filter
|
|
22
|
+
raise ArgumentError, 'Array expected' unless preserved_filter.is_a? Array
|
|
23
|
+
raise ArgumentError, 'Filter is empty' if preserved_filter.empty?
|
|
24
|
+
filter = preserved_filter.clone
|
|
24
25
|
op = filter.shift
|
|
25
26
|
res = case op
|
|
26
27
|
when :not then
|
|
27
|
-
raise 'Empty subfilter' if (sf =
|
|
28
|
+
raise 'Empty subfilter' if (sf = send(__method__, filter)).empty?
|
|
28
29
|
'!%s' % sf
|
|
29
30
|
when :and then
|
|
30
|
-
raise 'Empty subfilter' if (sf = filter.map { |f|
|
|
31
|
+
raise 'Empty subfilter' if (sf = filter.map { |f| send(__method__, f) }.join).empty?
|
|
31
32
|
'&%s' % sf
|
|
32
33
|
when :or
|
|
33
|
-
raise 'Empty subfilter' if (sf = filter.map { |f|
|
|
34
|
+
raise 'Empty subfilter' if (sf = filter.map { |f| send(__method__, f) }.join).empty?
|
|
34
35
|
'!%s' % sf
|
|
35
36
|
|
|
36
37
|
when :true then 'objectClass=*'
|
|
@@ -57,7 +58,7 @@ end
|
|
|
57
58
|
|
|
58
59
|
|
|
59
60
|
|
|
60
|
-
require 'rbmk'
|
|
61
|
+
require 'rbmk/transform'
|
|
61
62
|
module RBMK
|
|
62
63
|
class Operation < LDAP::Server::Operation
|
|
63
64
|
|
|
@@ -143,27 +144,43 @@ class Operation < LDAP::Server::Operation
|
|
|
143
144
|
end
|
|
144
145
|
|
|
145
146
|
|
|
146
|
-
|
|
147
|
+
# --------------------------------------------------------------------------
|
|
147
148
|
# Okay, now the actual code
|
|
148
149
|
#
|
|
150
|
+
def initialize conn, mid
|
|
151
|
+
super conn, mid
|
|
152
|
+
@orig = {}
|
|
153
|
+
@transformed = {}
|
|
154
|
+
end
|
|
155
|
+
|
|
149
156
|
def simple_bind version, dn, password
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
157
|
+
orig = {version: version, dn: dn, password: password}
|
|
158
|
+
opts = transformed __method__ => orig.clone
|
|
159
|
+
$log.info sprintf('Bind version: %s, dn: %s',
|
|
160
|
+
log_chunk(orig, opts, '%i', :version),
|
|
161
|
+
log_chunk(orig, opts, '%p', :dn)
|
|
162
|
+
)
|
|
163
|
+
@server.bind *opts.values_at(:version, :dn, :password)
|
|
155
164
|
rescue LDAP::ResultError
|
|
156
165
|
$!.log_debug
|
|
157
166
|
raise $!
|
|
158
167
|
end
|
|
159
168
|
|
|
160
|
-
def search
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
169
|
+
def search base, scope, deref, filter
|
|
170
|
+
orig = {filter_array: filter, base: base, scope: scope, deref: deref, attrs: @attributes, vals: (not @typesOnly), limit: (@sizelimit.to_i rescue 0)}
|
|
171
|
+
opts = transformed __method__ => orig.clone
|
|
172
|
+
orig[:filter_string] = LDAP::Server::Filter.to_rfc orig[:filter_array]
|
|
173
|
+
opts[:filter_string] = LDAP::Server::Filter.to_rfc opts[:filter_array]
|
|
174
|
+
$log.info sprintf('Search %s from %s, scope: %s, deref: %s, attrs: %s, vals: %s, limit: %s',
|
|
175
|
+
log_chunk(orig, opts, '%p', :filter_string),
|
|
176
|
+
log_chunk(orig, opts, '%p', :base),
|
|
177
|
+
log_chunk(orig, opts, '%i', :scope),
|
|
178
|
+
log_chunk(orig, opts, '%i', :deref),
|
|
179
|
+
log_chunk(orig, opts, '%p', :attrs),
|
|
180
|
+
log_chunk(orig, opts, '%s', :vals),
|
|
181
|
+
log_chunk(orig, opts, '%i', :limit),
|
|
182
|
+
)
|
|
183
|
+
entries = @server.ldap.search_ext2(*opts.values_at(:base, :scope, :filter_string, :attrs), (not opts[:vals]), nil, nil, 0, 0, opts[:limit])
|
|
167
184
|
transformed(entries: entries).each { |entry| send_SearchResultEntry entry.delete('dn').first, entry }
|
|
168
185
|
rescue LDAP::ResultError
|
|
169
186
|
@server.handle_ldap_error
|
|
@@ -171,9 +188,24 @@ class Operation < LDAP::Server::Operation
|
|
|
171
188
|
|
|
172
189
|
protected
|
|
173
190
|
|
|
191
|
+
def log_chunk orig, transformed, format, key
|
|
192
|
+
if orig[key] === transformed[key] then
|
|
193
|
+
format % orig[key]
|
|
194
|
+
else
|
|
195
|
+
sprintf "(#{format} -> #{format})", orig[key], transformed[key]
|
|
196
|
+
end
|
|
197
|
+
rescue
|
|
198
|
+
p orig, transformed, format, key
|
|
199
|
+
raise $!
|
|
200
|
+
end
|
|
201
|
+
|
|
174
202
|
def transformed spec
|
|
175
203
|
raise ArgumentError.new('Please provide a hash with exactly one key.') unless (spec.is_a? Hash) and (1 == spec.count)
|
|
176
|
-
spec.each
|
|
204
|
+
spec.each do |type, object|
|
|
205
|
+
@orig[type] = object
|
|
206
|
+
transformed = RBMK::Transform.send type, object
|
|
207
|
+
return @transformed[type] = transformed
|
|
208
|
+
end
|
|
177
209
|
rescue
|
|
178
210
|
$!.log
|
|
179
211
|
object
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
module RBMK
|
|
2
|
+
module Transform
|
|
3
|
+
|
|
4
|
+
# Patch this method to transform incoming bind data.
|
|
5
|
+
# Expect a hash with these keys:
|
|
6
|
+
# :version LDAP protocol version; should probably be 3
|
|
7
|
+
# :dn Bind DN; like a "username"
|
|
8
|
+
# :password Cleartext! Verrrry sensitive!
|
|
9
|
+
def self.simple_bind opts
|
|
10
|
+
opts
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
# Patch this method to transform incoming search parameters.
|
|
14
|
+
# Expect a hash with these keys:
|
|
15
|
+
# :base Search base DN
|
|
16
|
+
# :scope 0 is base, 1 is onelevel, 2 is subtree
|
|
17
|
+
# :deref whether to follow aliases (no time to explain, read more otherwhere)
|
|
18
|
+
# :filter_array IMPORTANT: this is a parsed filter from Ldap::Server as an array-tree
|
|
19
|
+
# :attrs Attributes to be included in resulting objects
|
|
20
|
+
# :vals Whether to include values at all
|
|
21
|
+
# :limit Search will not return more than this amount of objects
|
|
22
|
+
def self.search opts
|
|
23
|
+
opts
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
# Patch this method to transform outbound found entries.
|
|
27
|
+
# Expect an array of hashes, each of which MUST have a 'dn' key
|
|
28
|
+
def self.found entries
|
|
29
|
+
entries
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
end
|
|
33
|
+
end
|
data/lib/rbmk/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rbmk
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.0.
|
|
4
|
+
version: 0.1.0.b
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- stronny red
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-11-
|
|
11
|
+
date: 2015-11-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ruby-ldap
|
|
@@ -55,13 +55,13 @@ files:
|
|
|
55
55
|
- README.md
|
|
56
56
|
- bin/rbmk
|
|
57
57
|
- examples/rbmk.rb
|
|
58
|
-
- lib/rbmk.rb
|
|
59
58
|
- lib/rbmk/exception.rb
|
|
60
59
|
- lib/rbmk/logger.rb
|
|
61
60
|
- lib/rbmk/operation.rb
|
|
62
61
|
- lib/rbmk/peer.rb
|
|
63
62
|
- lib/rbmk/server.rb
|
|
64
63
|
- lib/rbmk/signal.rb
|
|
64
|
+
- lib/rbmk/transform.rb
|
|
65
65
|
- lib/rbmk/upstream.rb
|
|
66
66
|
- lib/rbmk/version.rb
|
|
67
67
|
- lib/rbmk/worker.rb
|
data/lib/rbmk.rb
DELETED
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
module RBMK
|
|
2
|
-
|
|
3
|
-
def self.context
|
|
4
|
-
@context ||= {}
|
|
5
|
-
end
|
|
6
|
-
|
|
7
|
-
# Patch this method to hack incoming bind data
|
|
8
|
-
#
|
|
9
|
-
def self.hack_simple_bind data
|
|
10
|
-
# version, dn, password = data
|
|
11
|
-
data
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
# Patch this method to hack incoming search filters
|
|
15
|
-
#
|
|
16
|
-
def self.hack_filter filter
|
|
17
|
-
filter
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
# Patch this method to hack outbound found entries
|
|
21
|
-
#
|
|
22
|
-
def self.hack_entries entries
|
|
23
|
-
entries
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
end
|