ruby-ldap3 0.10.0

data/FAQ

@@ -0,0 +1,58 @@
+FAQ
+---
+
+Q. How do I add/modify binary data?
+
+A. Create a LDAP::Mod object with the flag LDAP::LDAP_MOD_BVALUES as follows:
+
+   entry = [
+     LDAP::mod(LDAP::LDAP_MOD_ADD|LDAP_MOD_BVALUES, 'jpegPhoto', [jpeg_img]),
+     LDAP::mod(LDAP::LDAP_MOD_ADD, 'cn', ['Takaaki Tateishi']) #, ...
+   ]
+   conn.add("dc=localhost, dc=localdomain", entry)
+
+
+
+Q. Is there shortcut method for adding/modifying entries?
+
+A. Yes, there is. You can directly give LDAP::Conn#add/modify hash data as
+   follows:
+
+   entry = {
+     'objectclass' => [ 'top', 'person' ] #, ...
+   }
+   conn.add( "cn=foobar, dc=localhost, dc=localdomain", entry )
+
+
+
+Q. Can I use SASL authentication?
+
+A. Yes, it works for me using Cyrus SASL and Kerberos V via GSSAPI.
+   Use LDAP::Conn#sasl_bind. Your mileage may vary.
+
+
+
+Q. Can I put a limit on the number of results returned by the server?
+
+A. Yes, as of version 0.9.4, you can. Set the size limit using
+   LDAP::Conn#set_option and then check for LDAP::Conn#search or
+   LDAP::Conn#search2 having exceeded this limit, by using LDAP::Conn#err:
+
+     conn = LDAP::Conn.new( 'localhost', 389 )
+
+     # Limit the results set to a maximum of 10.
+     conn.set_option( LDAP::LDAP_OPT_SIZELIMIT, 10 )
+
+     conn.search2( 'dc=localhost,dc=localdomain',
+                    LDAP::LDAP_SCOPE_SUBTREE, '(objectClass=*)' )
+
+     if conn.err == LDAP::LDAP_SIZELIMIT_EXCEEDED
+       # Results set was truncated by server.
+     end
+
+   Note that LDAP::LDAP_SIZELIMIT_EXCEEDED may occur even when you have not
+   put an explicit limit on the number of results to be returned. The server
+   will likely have its own maximum configured, so it can be important to
+   check for this condition on all of your calls to LDAP::Conn#search and
+   LDAP::Conn#search2.
+

data/LICENSE

@@ -0,0 +1,28 @@
+BSD 3-Clause License
+
+Copyright (c) 2025, Shane Curcuru
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/NOTES

@@ -0,0 +1,193 @@
+0.10.0
+-----
+* Project forked, renamed to ruby-ldap3, porting to Ruby 3.x with previous PRs
+
+0.9.20
+-----
+* Added support of LDAP_OPT_X_TLS_NEWCTX.
+  Thanks to Kouhei Sutou.
+
+
+0.9.19
+-----
+* Fixed parsing of LDIF with CR LF line separators (GH-38).
+  Thanks to doppelreim.
+
+
+0.9.18
+-----
+* backout issue32 to compile for ruby-1.8.x.
+  Thanks to SUENAGA Hiroki.
+
+
+0.9.17
+-----
+
+* Use ruby object to keep LDAP search result instead of libldap's data structure.
+* Use macro Check_LDAPENTRY for assertion inside native extension codes.
+* Remove assertion code from macro GET_LDAPENTRY_DATA (GH-31).
+  Thanks to SUENAGA Hiroki.
+
+
+0.9.16
+-----
+
+* Fixed undefined method 'each' in LDAP::LDIF.mods_to_ldif (GH-26).
+  Thanks to Francesco Malvezzi.
+
+
+0.9.15
+-----
+
+* Accept nil for new_parent_dn for rename. Thanks to Kouhei Sutou.
+
+
+0.9.14
+-----
+
+* Fixed option parsing bug for LDAP::Conn.sasl_bind. Thanks to Brian Leake.
+* Added possibility to use :nocanon option in rb_ldap_conn_sasl_bind.
+  See ldap_set_option(3) for more information. Thanks to Brian Leake.
+* Added function conn.rename(dn, new_rdn, new_parent_dn, delete_old_rdn, sctrls, cctrls)  => self
+  Modify the RDN of the entry with DN, dn, giving it the new RDN in parent new_parent_dn,
+  new_rdn. If delete_old_rdn is true, the old RDN value will be deleted from the entry.
+  Thanks to Marek Veber.
+* Added option LDAP_OPT_NETWORK_TIMEOUT for openLDAP. Thanks to David Campbell.
+* Fixed build error with GCC 4.8.1. Thanks to Kouhei Sutou.
+* Add missing ldap_raname_s() function availability check. Thanks to Kouhei Sutou.
+
+
+0.9.13
+-----
+
+* Prevent SyntaxError raised under Ruby 2.0.0 by line 107 regex
+  (invalid multibyte escape)
+
+
+0.9.12
+-----
+
+* On windows, the default ldap library became wldap32;
+* Fixed compile with ruby 1.9.2.
+
+Thank to Hiroki Najima!
+
+* Fixed many memory leaks;
+* Added functions:
+    LDAP::Conn.open_uri(uri);
+    LDAP::explode_dn(dn, notypes);
+    LDAP::explode_rdn(rdn, notypes).
+
+Thanks to Marek Veber and Antonio Terceiro!
+
+* Fixed bug in ldap/ldif.rb (GH-6).
+
+Thanks to bbense.
+
+* Fixed LDAP::Mod data corruption.
+
+Thanks to Aprotim Sanyal!
+
+* Enable client certificate authentication for mozilla ldap 6.0 only.
+
+Thanks to Yuri Arabadji!
+
+
+0.9.11
+-----
+
+Allow passing SASL interaction options
+    
+This adds a hash parameter "options" to LDAP::Conn.sasl_bind, which
+can take :authzid, :authcid, and :realm (and corresponding strings),
+for SASL authentication.
+    
+Also, refactored the rb_scan_args inside rb_ldap_conn_sasl_bind to use
+C's case fallthrough, leading to less code repetition.
+
+Tnahks to Anthony M. Martinez.
+
+
+0.9.10
+-----
+
+Added controls and referral extraction to #search_ext and #search_ext2.
+Thanks to Michael Granger.
+
+
+0.9.9
+-----
+
+Supported OpenLDAP 2.4.15 and higher. Thanks to Milos Jakubicek.
+Gem Packaging Support. Thanks to S. Potter [mbbx6spp].
+
+
+0.9.8
+-----
+
+Supported Ruby 1.9.x.
+
+
+0.9.7
+-----
+
+LDAP_MOD_DELETE and LDAP_MOD_REPLACE were reversed in win/winldap.h, so
+deletion and replacement operations did not work on Win32 systems.
+
+
+0.9.6
+-----
+
+A segfault on FreeBSD when using AMD64 was fixed for this release.
+
+The only other changes are minor clarifications of the documentation.
+
+
+0.9.5
+-----
+
+The Windows build is now believed to work out of the box. It has been tested
+on Windows XP SP2, using SVC C++ 6.0 to build the software. Thanks to Chris
+Scharf <scharfie@gmail.com> for his work in this area and willingness to work
+with me on fixing the problems.
+
+
+0.9.4
+-----
+
+LDAP::Conn#search, LDAP::Conn#search2, LDAP::Conn#search_ext and
+LDAP::Conn#search_ext2 have been modified to treat LDAP_SIZELIMIT_EXCEEDED as
+success.
+
+After using any of these four methods, the user should use LDAP::Conn#err to
+check whether the error status of the Conn object is
+LDAP::LDAP_SIZELIMIT_EXCEEDED. If true, the results set has been truncated by
+the server.
+
+Previously, LDAP_SIZELIMIT_EXCEEDED would raise an exception and no results
+would be returned, which is not the correct behaviour if the user has
+deliberately put a limit on the number of results to be returned, as might be
+done in order to spare the server.
+
+
+0.9.3
+-----
+
+The usability of the library on Windows platforms is currently a case of 'suck
+it and see'. Some people report the code working, others report immediate
+segfaults; yet others say that it worked after they made some minor
+alterations to the code in order to get it to build.
+
+Differences in Windows platform used, chosen compiler and version, plus the
+variety of servers with which the code is used, conspire to result in the
+exact facts of the matter not yet having been ascertained.
+
+Most people seemed to experience some difficulty in getting the code to build
+on Windows, so some effort has gone into making this better for the 0.9.3
+release. This work is difficult, since I do not have a Windows build
+environment at my disposal.
+
+If you are a Windows user and you found that the code did not work in its
+original form, but you managed to get it to work after some alterations, I
+would be very grateful if you wrote to me to let me know what changes were
+needed. Please include precise details of your build platform.

data/README

@@ -0,0 +1,279 @@
+# Ruby/LDAP3 -- A Ruby extension library for LDAP
+
+## FORKED from bearded/ruby-ldap v0.9.20 to support Ruby 3.x
+
+## IMPORTANT: This software may not be actively maintained!
+
+Copyright (C) 2000-2004 Takaaki Tateishi <ttate@users.sourceforge.net>
+Copyright (C) 2005-2006 Ian Macdonald <ian@caliban.org>
+Copyright (C) 2009 Alexey Chebotar <alexey.chebotar@gmail.com>
+-------------------------------------------------------------------------------
+
+DESCRIPTION
+
+Ruby/LDAP is a Ruby extension library that provides an interface to the LDAP
+API as described in RFC1823.
+-------------------------------------------------------------------------------
+
+REQUIREMENT
+
+  * Ruby 3.x
+  * OpenLDAP, Netscape SDK, Windows 2003 or Windows XP
+-------------------------------------------------------------------------------
+
+PORTS
+
+  * FreeBSD ("Akinori -Aki- MUSHA" <knu@idaemons.org>)
+  * Debian (Akira Yamada <akira@ruby-lang.org>)
+-------------------------------------------------------------------------------
+
+BUILDING
+
+extconf.rb will try to use the OpenLDAP 2 or Netscape SDK libraries and guess
+paths to some header files and libraries from the position of ldap.h. If you'd
+like to see the available options for extconf.rb, run it with '--help' option.
+
+    $ ruby extconf.rb [--with-openldap1|--with-openldap2|--with-netscape|--with-wldap32]
+    $ make
+
+This will create ldap.so, which you can either manually copy into place or
+install with:
+
+    $ make install
+
+If you're building the software on Windows, you may need to use nmake instead
+of make.
+-------------------------------------------------------------------------------
+
+LICENSE
+
+See COPYING.
+-------------------------------------------------------------------------------
+
+AVAILABLE CLASSES and METHODS
+
+     LDAP::LDAP_VERSION
+     LDAP::LDAP_MAX_VERSION
+     LDAP::VERSION
+     LDAP::MAJOR_VERSION
+     LDAP::MINOR_VERSION
+     LDAP::LDAP_PORT
+     LDAP::LDAPS_PORT
+     LDAP::LDAP_API_INFO_VERSION
+     LDAP::LDAP_VENDOR_NAME
+     LDAP::LDAP_VENDOR_VERSION
+     LDAP::LDAP_API_VERSION
+     LDAP.err2string(errcode)
+     LDAP.dn2ufn(dn)
+     LDAP.mod(mod_op, mod_type, mod_vals) (= LDAP::Mod.new)
+     LDAP.hash2mods(mod_op, hash)
+     LDAP.entry2hash(entry) (= entry.to_hash)
+     LDAP::Conn.new(host = "localhost", port = LDAP::LDAP_PORT)
+                    : conn (raise LDAP::Error)
+     LDAP::Conn.open(host = "localhost", port = LDAP::LDAP_PORT)
+                    : conn (raise LDAP::Error)
+     LDAP::Conn#simple_bind(dn = nil, password = nil) { ... }
+                    : conn (raise LDAP::ResultError)
+     LDAP::Conn#bind(dn = nil, password = nil,
+                     method = LDAP::LDAP_AUTH_SIMPLE) {|conn| ... }
+                     (raise LDAP::ResultError)
+     LDAP::Conn#bind(dn = nil, password = nil,
+                     method = LDAP::LDAP_AUTH_SIMPLE) : conn
+                     (raise LDAP::ResultError)
+     LDAP::Conn#sasl_bind(dn = nil, mech = nil, cred = nil,
+			  sctrls=nil, cctrls=nil) {|conn| ... }
+			  (raise LDAP::ResultError)
+     LDAP::Conn#sasl_bind(dn = nil, mech = nil, cred = nil,
+			  sctrls=nil, cctrls=nil) : conn
+			  (raise LDAP::ResultError)
+     LDAP::Conn#bound? : true || false
+     LDAP::Conn#unbind() (raise LDAP::ResultError)
+     LDAP::Conn#start_tls
+     LDAP::Conn#perror(str)
+     LDAP::Conn#result2error(ldap_msg) : errcode
+     LDAP::Conn#err2string(errcode) : errmsg
+     LDAP::Conn#get_errno : errcode [if available]
+     LDAP::Conn#search(basedn, scope, filter, attrs = nil, attrsonly = false,
+                       sec = 0, usec = 0,
+		       s_attr = nil, s_proc = nil) {|entry| ... }
+                       : conn (raise LDAP::ResultError)
+     LDAP::Conn#search2(basedn, scope, filter, attrs = nil, attrsonly = false,
+                        sec = 0, usec = 0,
+			s_attr = nil, s_proc = nil) {|entry_as_hash| ... }
+                        : conn (if a block is given) /
+		          Array of Hash (if no block is given)
+                          (raise LDAP::ResultError)
+     LDAP::Conn#search_ext(basedn, scope, filter, attrs = nil,
+			   attrsonly = false, serverctrls, clientctrls,
+			   sec = 0, usec = 0,
+			   s_attr = nil, s_proc = nil) {|entry| ... }
+                           : conn (raise LDAP::ResultError)
+     LDAP::Conn#search_ext2(basedn, scope, filter, attrs = nil,
+			    attrsonly = false,
+                            serverctrls, clientctrls, sec = 0, usec = 0,
+                            s_attr = nil, s_proc = nil) {|entry_as_hash| ... }
+                            : conn (if a block is given) /
+			      Array of Hash (if no block is given)
+                              (raise LDAP::ResultError)
+     LDAP::Conn#add(dn, ldap_mods) : self (raise LDAP::ResultError)
+     LDAP::Conn#add_ext(dn, ldap_mods, serverctrls, clientctrls)
+                        : self (raise LDAP::ResultError)
+     LDAP::Conn#modify(dn, ldap_mods) : self (raise LDAP::ResultError)
+     LDAP::Conn#modify_ext(dn, ldap_mods, serverctrls, clientctrls)
+                           : self (raise LDAP::ResultError)
+     LDAP::Conn#modrdn(olddn, newdn, delete) : self (raise LDAP::ResultError)
+     LDAP::Conn#delete(dn) : self (raise LDAP::ResultError)
+     LDAP::Conn#delete(dn, serverctrls, clientctrls) : self
+		       (raise LDAP::ResultError)
+     LDAP::Conn#compare(dn, attr, val) : self
+     LDAP::Conn#compare_ext(dn, attr, val, serverctrls, clientctrls) : self
+     LDAP::Conn#set_option(opt, data) : self (raise LDAP::ResultError)
+     LDAP::Conn#get_option(opt) : data (raise LDAP::ResultError)
+     LDAP::Conn#schema(base = nil, attrs = nil,
+		       sec = 0, usec = 0) : LDAP::Schema
+     LDAP::Conn#root_dse(attrs = nil, sec = 0, usec = 0) : Array of Hash
+     LDAP::SSLConn.new(host = 'localhost', port = LDAP_PORT,
+		       start_tls = false, sctrls=nil, cctrls=nil)
+		       : conn (raise LDAP::Error)
+     LDAP::Mod.new(mod_op, mod_type, mod_vals) : ldap_mod
+     LDAP::Mod#inspect : String
+     LDAP::Mod#mod_op : mod_op
+     LDAP::Mod#mod_type : mod_type
+     LDAP::Mod#mod_vals : mod_vals
+     LDAP::Mod#mod_op=(mod_op)
+     LDAP::Mod#mod_type=(mod_type)
+     LDAP::Mod#mod_vals=(mod_vals)
+     LDAP::Entry#get_dn : dn
+     LDAP::Entry#get_values : vals
+     LDAP::Entry#get_attributes : attrs
+     LDAP::Entry#dn (= get_dn)
+     LDAP::Entry#vals (= get_values)
+     LDAP::Entry#[] (= get_values)
+     LDAP::Entry#attrs (= get_attributes)
+     LDAP::Entry#to_hash : Hash
+     LDAP::Entry#inspect : String
+     LDAP::Control.new : LDAP::Control
+     LDAP::Control#oid : String
+     LDAP::Control#oid=(oid) : oid
+     LDAP::Control#critical : true || false
+     LDAP::Control#critical? : true || false
+     LDAP::Control#critical=(crit) : crit
+     LDAP::Control#value : String
+     LDAP::Control#value=(val) : val
+     LDAP::Control#inspect : String
+
+SSLConn is a subclass of Conn, so its objects have access to the same methods
+as Conn objects.
+
+In ldap/schema.rb:
+
+     LDAP::Conn#schema(attrs = nil, sec = 0, usec = 0) : schema
+     LDAP::Schema#must(oc) : attributes
+     LDAP::Schema#may(oc)  : attributes
+     LDAP::Schema#names(attr) : names
+     LDAP::Schema#sup(oc)  : object class
+
+In ldap/control.rb:
+
+     LDAP::Control.encode(array) : String
+     LDAP::Control#decode : Array
+
+In ldap/ldif.rb:
+
+     LDAP::Entry#to_ldif : LDAP::LDIF::Entry
+     LDAP::Entry#to_s : Alias of LDAP::Entry#to_ldif
+     LDAP::Mod#to_ldif(dn) : LDAP::LDIF::Mod
+     LDAP::Mod#to_s(dn) : Alias of LDAP::Mod#to_ldif
+     LDAP::Record.new(dn, change_type, attrs, mods=nil, ctrls=nil)
+     LDAP::Record#send(conn) : self
+     LDAP::Record#clean : self
+     LDAP::LDIF.mods_to_ldif( dn, *mods )
+     LDAP::LDIF.parse_entry(lines) : LDAP::Record (raise LDAP::LDIFError)
+     LDAP::LDIF.parse_file(file, sort=false)
+			   : self (if a block is given) /
+			     Array (if no block is given)
+
+See also test/*.rb for examples.
+-------------------------------------------------------------------------------
+
+REFERENCES
+
+  * T. Howes, M. Smith (University of Michigan): RFC1823, The LDAP Application
+    Program Interface, August 1995
+  * T. Howes (University of Michigan): RFC1960, A String Representation of LDAP
+    Search Filters, June 1996
+  * M. Wahl, Critical Angle Inc, T. Hows, Netscape Communications Gorp., S.
+    Kille, Isode Limited: Lightweight Directory Access Protocol (v3), December
+    1997
+  * M. Wahl, Critical Angle Inc., A. Coulbeck, Isode Inc., T. Howes, Netscape
+    Communications Corp., S. Kille, Isode Limited: December 1997
+  * M .Wahl, Critical Angle Inc., S. Kille, Isode Ltd., T. Howes, Netscape
+    Communications Corp.: Lightweight Directory Access Protocol (v3): UTF-8
+    String Representation of Distinguished Names, December 1997
+  * T. Howes, Netscape Communications Gorp.: The String Representation of LDAP
+    Search Filters, December 1997
+  * F. Yergeau (Alis Technologies): RFC2279, UTF-8, a transformation format of
+    ISO 10646, October 1998
+  * Netscape Communications Corp.: Netscape Directory SDK
+  * C. Weider, A. Herron, A. Anantha, T. Howes: RFC2696, LDAP Control
+    Extension for Simple Paged Results Manipulation, September 1999
+  * Luiz Ernesto Pinheiro Malere: LDAP Linux HOWTO, February 2000
+  * G. Good: RFC2849, The LDAP Data Interchange Format (LDIF) - Technical
+    Specification, June 2000.
+  * Tim Howes, Mark Smith: Understanding and Deploying LDAP Directory Servers
+  * The OpenLDAP Project: OpenLDAP 2.2 Administrator's Guide, February 2004
+
+Here are some URLs that contain useful information about LDAP:
+
+  * University of Michigan
+    http://www.umich.edu/~dirsvcs/ldap/
+  * OpenLDAP Project
+    http://www.openldap.org/
+  * Netscape Communications
+    http://developer.netscape.com/docs/manuals/communicator/ldap45.htm
+  * Netscape Directory SDK
+    https://wiki.mozilla.org/Directory
+  * Active Directory Service Interfaces Overview
+    http://www.microsoft.com/windows2000/techinfo/howitworks/activedirectory/
+    adsilinks.asp
+  * LDAP schema repository
+    http://www.hklc.com/ldapschema/
+    http://ldap.hklc.com/
+  * Object Identifiers Registry
+    http://www.alvestrand.no/harald/objectid/
+-------------------------------------------------------------------------------
+
+THANKS
+
+This list maybe not correct. If you notice mistakes of this list, please point out.
+
+* Adam Doligalski
+* Akinori MUSHA
+* Akira Yamada
+* Andrew Broman
+* Anthony M. Martinez
+* Antonio Terceiro
+* Aprotim Sanyal
+* Brian Leake
+* Chris Scharf
+* David Campbell
+* Francesco Malvezzi
+* Hadmut Danisch
+* Hiroki Najima
+* Jan Mikkelsen
+* Kouhei Sutou
+* Marek Veber
+* Mark Kittisopikul
+* Michael Granger
+* Milos Jakubicek
+* Pirmin Kalberer
+* Radek Hnilica
+* S. Potter
+* SUENAGA Hiroki
+* Tilo Sloboda
+* Usa Nakamura
+* Yuri Arabadji
+* Yuuzou Gotou
+* atsu@@metallic.co.jp
+* bbense
+* bidon

data/TODO

@@ -0,0 +1,15 @@
+							-*- text -*-
+
+To-do list
+----------
+
+- Support for more LDAPv3 controls and extensions.
+
+- DSML support.
+
+- (?) adding ldap_url_search_s(), ldap_url_search_st() and
+  ldap_is_ldap_url()
+
+- Asynchronous functions.
+
+- Correctly implement SASL functions.