ruby-ldapserver 0.3.1 → 0.4.0

data/.gitignore

@@ -0,0 +1 @@
+Gemfile.lock

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ldap-server-primitive.gemspec
+gemspec

data/Rakefile

@@ -1,22 +1 @@
-require 'rubygems'
-require 'hoe'
-require File.join(File.dirname(__FILE__), 'lib', 'ldap', 'server', 'version')
-
-RDOC_OPTS = ['--quiet', '--title', "ruby-ldapserver",
-    "--opname", "index.html",
-    "--line-numbers", 
-    "--main", "README",
-    "--inline-source"]
-
-# Generate all the Rake tasks
-hoe = Hoe.new('ruby-ldapserver', ENV['VERSION'] || LDAP::Server::VERSION::STRING) do |p|
-  p.rubyforge_name = 'ruby-ldapserver'
-  p.summary = "A pure-Ruby framework for building LDAP servers"
-  p.description = "ruby-ldapserver is a lightweight, pure-Ruby skeleton for implementing LDAP
-  server applications."
-  p.author = 'Brian Candler'
-  p.email = 'B.Candler@pobox.com'
-  p.url = 'http://rubyforge.org/projects/ruby-ldapserver'
-  p.test_globs = ["test/**/*_test.rb"]
-  p.changes = p.paragraphs_of('ChangeLog', 0..1).join("\n\n")
-end
+require "bundler/gem_tasks"

data/lib/ldap/server/connection.rb

@@ -19,22 +19,30 @@ class Server
       @io = io
       @opt = opt
       @mutex = Mutex.new
-      @active_reqs = {}   # map message ID to thread object
+      @threadgroup = ThreadGroup.new
       @binddn = nil
       @version = 3
-      @logger = @opt[:logger] || $stderr
+      @logger = @opt[:logger]
       @ssl = false
 
       startssl if @opt[:ssl_on_connect]
     end
 
-    def log(msg)
-      @logger << "[#{@io.peeraddr[3]}]: #{msg}\n"
+    def log(msg, severity = Logger::INFO)
+      @logger.add(severity, msg, @io.peeraddr[3])
+    end
+    
+    def debug msg
+      log msg, Logger::DEBUG
+    end
+    
+    def log_exception(e)
+      log "#{e}: #{e.backtrace.join("\n\tfrom ")}", Logger::ERROR
     end
 
     def startssl # :yields:
       @mutex.synchronize do
-        raise LDAP::ResultError::OperationsError if @ssl or @active_reqs.size > 0
+        raise LDAP::ResultError::OperationsError if @ssl or @threadgroup.list.size > 0
         yield if block_given?
         @io = OpenSSL::SSL::SSLSocket.new(@io, @opt[:ssl_ctx])
         @io.sync_close = true
@@ -49,8 +57,11 @@ class Server
     def ber_read(io)
       blk = io.read(2)		# minimum: short tag, short length
       throw(:close) if blk.nil?
-      tag = blk[0] & 0x1f
-      len = blk[1]
+
+      codepoints = blk.respond_to?(:codepoints) ? blk.codepoints.to_a : blk
+
+      tag = codepoints[0] & 0x1f
+      len = codepoints[1]
 
       if tag == 0x1f		# long form
         tag = 0
@@ -116,78 +127,22 @@ class Server
               throw(:close)
 
             when 3 # SearchRequest
-              # Note: RFC 2251 4.4.4.1 says behaviour is undefined if
-              # client sends an overlapping request with same message ID,
-              # so we don't have to worry about the case where there is
-              # already a thread with this id in @active_reqs.
-              # However, to avoid a race we copy messageId/
-              # protocolOp/controls into thread-local variables, because
-              # they will change when the next request comes in.
-              #
-              # There is a theoretical race condition here: a client could
-              # send an abandon request before Thread.current is assigned to
-              # @active_reqs[thrm]. It's not a problem, because abandon isn't
-              # guaranteed to work anyway. Doing it this way ensures that
-              # @active_reqs does not leak memory on a long-lived connection.
-
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_search(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
+              start_op(messageId,protocolOp,controls,:do_search)
 
             when 6 # ModifyRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_modify(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
+              start_op(messageId,protocolOp,controls,:do_modify)
 
             when 8 # AddRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_add(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
+              start_op(messageId,protocolOp,controls,:do_add)
 
             when 10 # DelRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_del(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
+              start_op(messageId,protocolOp,controls,:do_del)
 
             when 12 # ModifyDNRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_modifydn(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
+              start_op(messageId,protocolOp,controls,:do_modifydn)
 
             when 14 # CompareRequest
-              Thread.new(messageId,protocolOp,controls) do |thrm,thrp,thrc|
-                begin
-                  @active_reqs[thrm] = Thread.current
-                  operationClass.new(self,thrm,*ocArgs).do_compare(thrp, thrc)
-                ensure
-                  @active_reqs.delete(thrm)
-                end
-              end
+              start_op(messageId,protocolOp,controls,:do_compare)
 
             when 16 # AbandonRequest
               abandon(protocolOp.value)
@@ -207,6 +162,31 @@ class Server
       abandon_all
     end
 
+    # Start an operation in a Thread. Add this to a ThreadGroup to allow
+    # the operation to be abandoned later.
+    #
+    # When the thread terminates, it automatically drops out of the group.
+    #
+    # Note: RFC 2251 4.4.4.1 says behaviour is undefined if
+    # client sends an overlapping request with same message ID,
+    # so we don't have to worry about the case where there is
+    # already a thread with this messageId in @threadgroup.
+
+    def start_op(messageId,protocolOp,controls,meth)
+      operationClass = @opt[:operation_class]
+      ocArgs = @opt[:operation_args] || []
+      thr = Thread.new do
+        begin
+          operationClass.new(self,messageId,*ocArgs).
+          send(meth,protocolOp,controls)
+        rescue Exception => e
+          log_exception e
+        end
+      end
+      thr[:messageId] = messageId
+      @threadgroup.add(thr)
+    end
+
     def write(data)
       @mutex.synchronize do
         @io.write(data)
@@ -223,18 +203,16 @@ class Server
 
     def abandon(messageID)
       @mutex.synchronize do
-        thread = @active_reqs.delete(messageID)
-        thread.raise LDAP::Abandon if thread and thread.alive?
+        thread = @threadgroup.list.find { |t| t[:messageId] == messageID }
+        thread.raise LDAP::Abandon if thread
       end
     end
 
     def abandon_all
-      return if @active_reqs.size == 0
       @mutex.synchronize do
-        @active_reqs.each do |id, thread|
-          thread.raise LDAP::Abandon if thread.alive?
+        @threadgroup.list.each do |thread|
+          thread.raise LDAP::Abandon
         end
-        @active_reqs = {}
       end
     end
 

data/lib/ldap/server/operation.rb

@@ -38,16 +38,14 @@ class Server
       @server = @connection.opt[:server]
     end
 
-    # Send a log message
-
-    def log(*args)
-      @connection.log(*args)
-    end
-
     # Send an exception report to the log
 
-    def log_exception(e)
-      @connection.log "#{e}: #{e.backtrace.join("\n\tfrom ")}"
+    def debug msg
+      @connection.debug msg
+    end
+    
+    def log_exception
+      @connection.log_exception msg
     end
 
     ##################################################
@@ -298,7 +296,7 @@ class Server
           attr = @schema.find_attrtype(attr).to_s
         end
         vals = seq.value[1].value[1].value.collect { |v| v.value }
-        case seq.value[0].value
+        case seq.value[0].value.to_i
         when 0
           modinfo[attr] = [:add] + vals
         when 1
@@ -436,7 +434,8 @@ class Server
     # care of, but you need to perform all authorisation checks yourself,
     # using @connection.binddn
 
-    def search(basedn, scope, deref, filter, attrs)
+    def search(basedn, scope, deref, filter)
+      debug "search(#{basedn}, #{scope}, #{deref}, #{filter})"
       raise LDAP::ResultError::UnwillingToPerform, "search not implemented"
     end
 

data/lib/ldap/server/preforkserver.rb

@@ -22,7 +22,6 @@ class Server
   #   :max_idle=>N				- seconds
 
   def self.preforkserver(opt, &blk)
-    logger = opt[:logger] || $stderr
     server = PreFork.new(opt[:bindaddr] || "0.0.0.0", opt[:port])
 
     # Drop privileges if requested
@@ -60,7 +59,7 @@ class Server
           # This exception can be raised to shut the server down
           server.stop
         rescue Exception => e
-          logger << "[#{s.peeraddr[3]}]: #{e}: #{e.backtrace[0]}\n"
+          opt[:logger].error(s.peeraddr[3]) { "#{e}: #{e.backtrace[0]}" }
         ensure
           s.close
         end

data/lib/ldap/server/server.rb

@@ -1,6 +1,7 @@
 require 'ldap/server/connection'
 require 'ldap/server/operation'
 require 'openssl'
+require 'logger'
 
 module LDAP
 class Server
@@ -20,12 +21,19 @@ class Server
   #   :ssl_ca_path=>directory			- verify peer certificates
   #   :schema=>Schema				- Schema object
   #   :namingContexts=>[dn, ...]		- base DN(s) we answer
+  
+  attr_reader :logger
 
   def initialize(opt = DEFAULT_OPT)
     @opt = opt
     @opt[:server] = self
     @opt[:operation_class] ||= LDAP::Server::Operation
     @opt[:operation_args] ||= []
+    unless @opt[:logger]
+       @opt[:logger] ||= Logger.new($stderr)
+       @opt[:logger].level = Logger::INFO
+    end
+    @logger = @opt[:logger]
     LDAP::Server.ssl_prepare(@opt)
     @schema = opt[:schema]	# may be nil
     @root_dse = Hash.new { |h,k| h[k] = [] }.merge({
@@ -47,12 +55,19 @@ class Server
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.key = OpenSSL::PKey::RSA.new(File::read(opt[:ssl_key_file]))
       ctx.cert = OpenSSL::X509::Certificate.new(File::read(opt[:ssl_cert_file]))
+      if opt[:ssl_dhparams]
+        ctx.tmp_dh_callback = proc { |*args|
+            OpenSSL::PKey::DH.new(
+              File.read(opt[:ssl_dhparams])
+            )
+        }
+      end
       if opt[:ssl_ca_path]
         ctx.ca_path = opt[:ssl_ca_path]
-        ctx.verify_mode = 
+        ctx.verify_mode = opt[:ssl_verify_mode] ||
           OpenSSL::SSL::VERIFY_PEER|OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
-      else
-        $stderr.puts "Warning: SSL peer certificate won't be verified"
+      elsif opt[:ssl_verify_mode] != 0
+        $stderr.puts "Warning: No ssl_ca_path, peer certificate won't be verified"
       end
       opt[:ssl_ctx] = ctx
     end

data/lib/ldap/server/tcpserver.rb

@@ -22,7 +22,6 @@ class Server
   #   :nodelay=>true				- set TCP_NODELAY option
 
   def self.tcpserver(opt, &blk)
-    logger = opt[:logger] || $stderr
     server = TCPServer.new(opt[:bindaddr] || "0.0.0.0", opt[:port])
 
     # Drop privileges if requested
@@ -51,8 +50,7 @@ class Server
             begin
               s.instance_eval(&blk)
             rescue Exception => e
-              logger << "[#{s.peeraddr[3]}]: #{e}: #{e.backtrace[0]}\n"
-              #logger << "[#{s.peeraddr[3]}]: #{e}: #{e.backtrace.join("\n\tfrom ")}\n"
+              opt[:logger].error(s.peeraddr[3]) {"#{e}: #{e.backtrace[0]}"}
             ensure
               s.close
             end

data/lib/ldap/server/version.rb

@@ -1,11 +1,5 @@
 module LDAP #:nodoc:
   class Server #:nodoc:
-    class VERSION #:nodoc:
-      MAJOR = 0
-      MINOR = 3
-      TINY  = 1
-    
-      STRING = [MAJOR, MINOR, TINY].join('.')
-    end
+    VERSION = '0.4.0'
   end
 end

data/ruby-ldapserver.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'ldap/server/version'
+
+Gem::Specification.new do |s|
+  s.name = %q{ruby-ldapserver}
+  s.version = LDAP::Server::VERSION
+
+  s.authors = ["Brian Candler"]
+  s.description = %q{ruby-ldapserver is a lightweight, pure-Ruby skeleton for implementing LDAP server applications.}
+  s.email = %q{B.Candler@pobox.com}
+  s.files = `git ls-files`.split($/)
+  s.homepage = %q{https://github.com/inscitiv/ruby-ldapserver}
+  s.rdoc_options = ["--main", "README.txt"]
+  s.require_paths = ["lib"]
+  s.summary = %q{A pure-Ruby framework for building LDAP servers}
+  s.test_files = s.files.grep(%r{^(test|spec|features)/})
+
+  s.add_development_dependency 'bundler', '~> 1.3'
+  s.add_development_dependency 'rake', '~> 10.0'
+end

metadata

@@ -1,38 +1,59 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: ruby-ldapserver
-version: !ruby/object:Gem::Version 
-  version: 0.3.1
+version: !ruby/object:Gem::Version
+  version: 0.4.0
+  prerelease: 
 platform: ruby
-authors: 
+authors:
 - Brian Candler
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2008-01-16 00:00:00 -05:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
-  name: hoe
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        version: 1.4.0
-    version: 
-description: ruby-ldapserver is a lightweight, pure-Ruby skeleton for implementing LDAP server applications.
+date: 2013-03-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: ruby-ldapserver is a lightweight, pure-Ruby skeleton for implementing
+  LDAP server applications.
 email: B.Candler@pobox.com
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
-- Manifest.txt
-files: 
+extra_rdoc_files: []
+files:
+- .gitignore
 - COPYING
 - ChangeLog
-- Manifest.txt
+- Gemfile
 - README
 - Rakefile
 - examples/README
@@ -54,6 +75,7 @@ files:
 - lib/ldap/server/tcpserver.rb
 - lib/ldap/server/util.rb
 - lib/ldap/server/version.rb
+- ruby-ldapserver.gemspec
 - test/core.schema
 - test/encoding_test.rb
 - test/filter_test.rb
@@ -62,37 +84,44 @@ files:
 - test/syntax_test.rb
 - test/test_helper.rb
 - test/util_test.rb
-has_rdoc: true
-homepage: http://rubyforge.org/projects/ruby-ldapserver
+homepage: https://github.com/inscitiv/ruby-ldapserver
+licenses: []
 post_install_message: 
-rdoc_options: 
+rdoc_options:
 - --main
 - README.txt
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      version: "0"
-  version: 
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      version: "0"
-  version: 
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: 2115768966675035117
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: 2115768966675035117
 requirements: []
-
-rubyforge_project: ruby-ldapserver
-rubygems_version: 1.0.1
+rubyforge_project: 
+rubygems_version: 1.8.25
 signing_key: 
-specification_version: 2
+specification_version: 3
 summary: A pure-Ruby framework for building LDAP servers
-test_files: 
+test_files:
+- test/core.schema
 - test/encoding_test.rb
 - test/filter_test.rb
 - test/match_test.rb
 - test/schema_test.rb
 - test/syntax_test.rb
+- test/test_helper.rb
 - test/util_test.rb

data/Manifest.txt

@@ -1,32 +0,0 @@
-COPYING
-ChangeLog
-Manifest.txt
-README
-Rakefile
-examples/README
-examples/mkcert.rb
-examples/rbslapd1.rb
-examples/rbslapd2.rb
-examples/rbslapd3.rb
-examples/speedtest.rb
-lib/ldap/server.rb
-lib/ldap/server/connection.rb
-lib/ldap/server/filter.rb
-lib/ldap/server/match.rb
-lib/ldap/server/operation.rb
-lib/ldap/server/preforkserver.rb
-lib/ldap/server/result.rb
-lib/ldap/server/schema.rb
-lib/ldap/server/server.rb
-lib/ldap/server/syntax.rb
-lib/ldap/server/tcpserver.rb
-lib/ldap/server/util.rb
-lib/ldap/server/version.rb
-test/core.schema
-test/encoding_test.rb
-test/filter_test.rb
-test/match_test.rb
-test/schema_test.rb
-test/syntax_test.rb
-test/test_helper.rb
-test/util_test.rb