rbmk 0.1.0.e → 0.1.0.f

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b34d42c2d4d978cd76745a1b0b6bc5184ea5aa9f
-  data.tar.gz: a738a1fd9e9cd2169aff876c7f4f311ef6c8144f
+  metadata.gz: 4a9fe23cdd871dc29c2b27b382447760405f9cfd
+  data.tar.gz: 67ace7b3fb768cdbdd5f94c88d12c3a41701589b
 SHA512:
-  metadata.gz: 58b9db953f0e4205beb825a9f48a9898b19282dad5352d9db46d51e89cfc0a08aa73b9932708dbe43ec244c1979f5805908aa1d9f285b0b1956a7f6b20971ae8
-  data.tar.gz: f55b7e5c2c8211bb984846a7234ae78b4891c8888cfdf0c9be5688b8ff6ad71233e34dcf2ca0fb22ce1072cabf3039c0599b2075e6bdc2097fa6f95081cb5b4b
+  metadata.gz: dc2e38454e716b8fb019432ae234b6bcd2f9f539b048f8c20f56eb5d7d9adfea75e758a104b7516a105638051ac03f0ec6b4e8488f90d1f3ae4d95e27d0dda97
+  data.tar.gz: 4b2c8c96bd9122f75860826f872450eb12b338688d096e2e45b38197b1e8236d79c4aea0e48bad090c75057afb08ac6b175092aeffce30846f3e9c83965b6e10

data/README.md

@@ -9,8 +9,8 @@ LDAP is very rigid and static in its nature and although OpenLDAP provides some
 very helpful overlays, it is far from enough.
 [//]: # (DESCRIPTION STOP)
 
-CAUTION
--------
+☢ CAUTION ☢
+-----------
 Like its name suggests, `rbmk` is somewhat powerful, but is not very stable.
 Expect random meltdowns! Please, **NEVER** run it as superuser. LDAP gems
 that it uses are surprisingly feature-rich, but are not quite polished yet.
@@ -22,7 +22,10 @@ LIMITATIONS
 -----------
 * This proxy is read-only, by design.
 * This script does not detach from its terminal, again by design.
+* Only simple binds, at least until I actually need SASL myself.
+* No TLS for now, but maybe someday.
 * Only tested with MRI 2.2, but will likely work with anything 1.9+.
+* Well, maybe not anything, as it uses [ruby-ldap](https://github.com/bearded/ruby-ldap) (a C extension).
 
 INSTALL
 -------
@@ -32,8 +35,8 @@ RUN
 ---
 As this script is not a daemon, you have two easy options besides anything
 you may invent yourself:
-1. use any supervisor that are plenty nowadays: `supervisord`, `bluepill` etc.
-1. or just run it inside a `tmux` session and leave it there.
+* use any supervisor that are plenty nowadays: `supervisord`, `bluepill` etc.
+* or just run it inside a `tmux` session and leave it there.
 
 USAGE
 -----
@@ -42,5 +45,5 @@ USAGE
 CONFIGURATION
 -------------
 Upon its invocation `rbmk` evals its first argument and thus is configured
-by your Ruby code inside that file. Please refer to `examples/rbmk.rb` for an example
-configuration file.
+by your Ruby code inside that file. Please refer to `examples/rbmk.rb` for
+an example configuration file.

data/lib/rbmk/operation.rb

@@ -58,7 +58,6 @@ end
 
 
 
-require 'rbmk/transform'
 module RBMK
 class Operation < LDAP::Server::Operation
 
@@ -148,10 +147,11 @@ class Operation < LDAP::Server::Operation
 	# Okay, now the actual code
 	#
 	attr_reader :server, :orig, :transformed
-	def initialize conn, mid
+	def initialize conn, mid, worker
 		super conn, mid
 		@orig = {}
 		@transformed = {}
+		@worker = worker
 	end
 
 	def simple_bind version, dn, password
@@ -205,11 +205,39 @@ protected
 
 	def transformed type, object
 		@orig[type] = object
-		@transformed[type] = RBMK::Transform.send type, object, self
+		@transformed[type] = send 'transformed_%s' % type, object
 	rescue
 		$!.log
 		object
 	end
 
+	# Patch this method to transform incoming bind data.
+	# Expect a hash with these keys:
+	# :version              LDAP protocol version; should probably be 3
+	# :dn                   Bind DN; like a "username"
+	# :password             Cleartext! Verrrry sensitive!
+	def transformed_simple_bind opts
+		opts
+	end
+
+	# Patch this method to transform incoming search parameters.
+	# Expect a hash with these keys:
+	# :base                 Search base DN
+	# :scope                0 is base, 1 is onelevel, 2 is subtree
+	# :deref                whether to follow aliases (no time to explain, read more otherwhere)
+	# :filter_array         IMPORTANT: this is a parsed filter from Ldap::Server as an array-tree
+	# :attrs                Attributes to be included in resulting objects
+	# :vals                 Whether to include values at all
+	# :limit                Search will not return more than this amount of objects
+	def transformed_search opts
+		opts
+	end
+
+	# Patch this method to transform outbound found entries.
+	# Expect an array of hashes, each of which MUST have a 'dn' key
+	def transformed_entries entries
+		entries
+	end
+
 end
 end

data/lib/rbmk/upstream.rb

@@ -55,6 +55,14 @@ class Upstream
 		handle_ldap_error
 	end
 
+	def unbind
+		@ldap.unbind
+	end
+
+	def search opts, &block
+		self.class.send __method__, @ldap, opts, &block
+	end
+
 	def handle_ldap_error
 		stderr = from_stderr { @ldap.perror 'LDAP' }                        # WHY U NO?
 		message = stderr.match(/additional info:(.*)$/)[1].strip rescue nil # Seriously, how hard can it be to expose a server's message?

data/lib/rbmk/version.rb

@@ -1,4 +1,4 @@
 module RBMK
-	VERSION = '0.1.0.e'
-	CODENAME = 'never again'
+	VERSION = '0.1.0.f'
+	CODENAME = 'post rock party'
 end

data/lib/rbmk/worker.rb

@@ -6,14 +6,17 @@ class Worker
 	def self.hire peer, upstream; new(peer, upstream).serve end
 
 	def initialize peer, upstream
-		upstream.mktemp
+		@upstream = upstream
+		@upstream.mktemp
 		@peer = peer
 		@conn = LDAP::Server::Connection.new @peer.socket,
-			server: upstream,
+			server: @upstream,
 			logger: $log,
 			operation_class: RBMK::Operation,
-			schema: upstream.schema,
-			namingContexts: upstream.root_dse['namingContexts']
+			operation_args: [self],
+			schema: @upstream.schema,
+			namingContexts: @upstream.root_dse['namingContexts']
+		user_init
 	end
 
 	def serve
@@ -22,5 +25,10 @@ class Worker
 		@peer.close
 	end
 
+protected
+
+	# Patch this method to implement your additional worker init actions
+	def user_init; end
+
 end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rbmk
 version: !ruby/object:Gem::Version
-  version: 0.1.0.e
+  version: 0.1.0.f
 platform: ruby
 authors:
 - stronny red
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-27 00:00:00.000000000 Z
+date: 2015-11-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby-ldap
@@ -60,7 +60,6 @@ files:
 - lib/rbmk/operation.rb
 - lib/rbmk/peer.rb
 - lib/rbmk/server.rb
-- lib/rbmk/transform.rb
 - lib/rbmk/upstream.rb
 - lib/rbmk/version.rb
 - lib/rbmk/worker.rb

data/lib/rbmk/transform.rb

@@ -1,33 +0,0 @@
-module RBMK
-module Transform
-
-	# Patch this method to transform incoming bind data.
-	# Expect a hash with these keys:
-	# :version              LDAP protocol version; should probably be 3
-	# :dn                   Bind DN; like a "username"
-	# :password             Cleartext! Verrrry sensitive!
-	def self.simple_bind opts, op
-		opts
-	end
-
-	# Patch this method to transform incoming search parameters.
-	# Expect a hash with these keys:
-	# :base                 Search base DN
-	# :scope                0 is base, 1 is onelevel, 2 is subtree
-	# :deref                whether to follow aliases (no time to explain, read more otherwhere)
-	# :filter_array         IMPORTANT: this is a parsed filter from Ldap::Server as an array-tree
-	# :attrs                Attributes to be included in resulting objects
-	# :vals                 Whether to include values at all
-	# :limit                Search will not return more than this amount of objects
-	def self.search opts, op
-		opts
-	end
-
-	# Patch this method to transform outbound found entries.
-	# Expect an array of hashes, each of which MUST have a 'dn' key
-	def self.found entries, op
-		entries
-	end
-
-end
-end