diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index c1d8b87a..ed69b335 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -277,7 +277,7 @@ Lint/UselessAssignment:
# Offense count: 38
# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
Metrics/AbcSize:
- Max: 120
+ Max: 124
# Offense count: 3
# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
@@ -298,12 +298,12 @@ Metrics/ClassLength:
# Offense count: 20
# Configuration parameters: AllowedMethods, AllowedPatterns.
Metrics/CyclomaticComplexity:
- Max: 44
+ Max: 45
# Offense count: 74
# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
Metrics/MethodLength:
- Max: 128
+ Max: 130
# Offense count: 1
# Configuration parameters: CountComments, CountAsOne.
@@ -313,7 +313,7 @@ Metrics/ModuleLength:
# Offense count: 12
# Configuration parameters: AllowedMethods, AllowedPatterns.
Metrics/PerceivedComplexity:
- Max: 44
+ Max: 46
# Offense count: 1
Naming/AccessorMethodName:
diff --git a/History.rdoc b/History.rdoc
index db63cbf6..3f6248ee 100644
--- a/History.rdoc
+++ b/History.rdoc
@@ -1,3 +1,9 @@
+=== Net::LDAP 0.19.0
+* Net::LDAP::DN - Retain trailing spaces in RDN values in DNs #412
+* Add in ability for users to specify LDAP controls when conducting searches #411
+* Document connect_timeout in Constructor Details #415
+* Fix openssl error when using multiple hosts #417
+
=== Net::LDAP 0.18.0
* Fix escaping of # and space in attrs #408
* Add support to use SNI #406
diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb
index 1547597f..af01dd1d 100644
--- a/lib/net/ldap.rb
+++ b/lib/net/ldap.rb
@@ -480,6 +480,8 @@ def self.result2string(code) #:nodoc:
# server says it supports them. This is a fix for MS Active Directory
# * :instrumentation_service => An object responsible for instrumenting
# operations, compatible with ActiveSupport::Notifications' public API.
+ # * :connect_timeout => The TCP socket timeout (in seconds) to use when
+ # connecting to the LDAP server (default 5 seconds).
# * :encryption => specifies the encryption to be used in communicating
# with the LDAP server. The value must be a Hash containing additional
# parameters, which consists of two keys:
diff --git a/lib/net/ldap/connection.rb b/lib/net/ldap/connection.rb
index be0db04b..f51b7b7e 100644
--- a/lib/net/ldap/connection.rb
+++ b/lib/net/ldap/connection.rb
@@ -30,10 +30,9 @@ def socket_class=(socket_class)
@socket_class = socket_class
end
- def prepare_socket(server, timeout=nil)
+ def prepare_socket(server, timeout=nil, hostname='127.0.0.1')
socket = server[:socket]
encryption = server[:encryption]
- hostname = server[:host]
@conn = socket
setup_encryption(encryption, timeout, hostname) if encryption
@@ -51,7 +50,7 @@ def open_connection(server)
errors = []
hosts.each do |host, port|
begin
- prepare_socket(server.merge(socket: @socket_class.new(host, port, socket_opts)), timeout)
+ prepare_socket(server.merge(socket: @socket_class.new(host, port, socket_opts)), timeout, host)
if encryption
if encryption[:tls_options] &&
encryption[:tls_options][:verify_mode] &&
@@ -425,6 +424,7 @@ def search(args = nil)
# this breaks when calling to_ber. (Can't force binary data to UTF-8)
# we have to disable paging (even though server supports it) to get around this...
+ user_controls = args.fetch(:controls, [])
controls = []
controls <<
[
@@ -434,7 +434,12 @@ def search(args = nil)
rfc2696_cookie.map(&:to_ber).to_ber_sequence.to_s.to_ber,
].to_ber_sequence if paged
controls << ber_sort if ber_sort
- controls = controls.empty? ? nil : controls.to_ber_contextspecific(0)
+ if controls.empty? && user_controls.empty?
+ controls = nil
+ else
+ controls += user_controls
+ controls = controls.to_ber_contextspecific(0)
+ end
write(request, controls, message_id)
diff --git a/lib/net/ldap/dn.rb b/lib/net/ldap/dn.rb
index 866efde7..9098cdb9 100644
--- a/lib/net/ldap/dn.rb
+++ b/lib/net/ldap/dn.rb
@@ -81,7 +81,7 @@ def each_pair
value << char
when ',' then
state = :key
- yield key.string.strip, value.string.rstrip
+ yield key.string.strip, value.string
key = StringIO.new
value = StringIO.new;
else
@@ -93,7 +93,7 @@ def each_pair
when '\\' then state = :value_normal_escape
when ',' then
state = :key
- yield key.string.strip, value.string.rstrip
+ yield key.string.strip, value.string
key = StringIO.new
value = StringIO.new;
else value << char
@@ -142,7 +142,7 @@ def each_pair
when ' ' then state = :value_end
when ',' then
state = :key
- yield key.string.strip, value.string.rstrip
+ yield key.string.strip, value.string
key = StringIO.new
value = StringIO.new;
else raise Net::LDAP::InvalidDNError, "DN badly formed"
@@ -159,7 +159,7 @@ def each_pair
when ' ' then state = :value_end
when ',' then
state = :key
- yield key.string.strip, value.string.rstrip
+ yield key.string.strip, value.string
key = StringIO.new
value = StringIO.new;
else raise Net::LDAP::InvalidDNError, "DN badly formed"
@@ -172,7 +172,7 @@ def each_pair
raise Net::LDAP::InvalidDNError, "DN badly formed" unless
[:value, :value_normal, :value_hexstring, :value_end].include? state
- yield key.string.strip, value.string.rstrip
+ yield key.string.strip, value.string
end
##
diff --git a/lib/net/ldap/version.rb b/lib/net/ldap/version.rb
index 6ca72fca..536b2f89 100644
--- a/lib/net/ldap/version.rb
+++ b/lib/net/ldap/version.rb
@@ -1,5 +1,5 @@
module Net
class LDAP
- VERSION = "0.18.0"
+ VERSION = "0.19.0"
end
end
diff --git a/test/test_dn.rb b/test/test_dn.rb
index fa2266f7..52e87bd7 100644
--- a/test/test_dn.rb
+++ b/test/test_dn.rb
@@ -14,6 +14,12 @@ def test_escape_space
assert_equal '\\ before_after\\ ', Net::LDAP::DN.escape(' before_after ')
end
+ def test_retain_spaces
+ dn = Net::LDAP::DN.new('CN=Foo.bar.baz, OU=Foo \ ,OU=\ Bar, O=Baz')
+ assert_equal "CN=Foo.bar.baz, OU=Foo \\ ,OU=\\ Bar, O=Baz", dn.to_s
+ assert_equal ["CN", "Foo.bar.baz", "OU", "Foo ", "OU", " Bar", "O", "Baz"], dn.to_a
+ end
+
def test_escape_on_initialize
dn = Net::LDAP::DN.new('cn', ',+"\\<>;', 'ou=company')
assert_equal 'cn=\\,\\+\\"\\\\\\<\\>\\;,ou=company', dn.to_s
@@ -26,7 +32,7 @@ def test_to_a
def test_to_a_parenthesis
dn = Net::LDAP::DN.new('cn = \ James , ou = "Comp\28ny" ')
- assert_equal ['cn', ' James', 'ou', 'Comp(ny'], dn.to_a
+ assert_equal ['cn', ' James ', 'ou', 'Comp(ny'], dn.to_a
end
def test_to_a_hash_symbol
diff --git a/test/test_ldap_connection.rb b/test/test_ldap_connection.rb
index dcb4ce72..74de115c 100644
--- a/test/test_ldap_connection.rb
+++ b/test/test_ldap_connection.rb
@@ -501,4 +501,43 @@ def test_search_net_ldap_connection_event
# ensure no unread
assert unread.empty?, "should not have any leftover unread messages"
end
+
+ def test_search_with_controls
+ # search data
+ search_data_ber = Net::BER::BerIdentifiedArray.new([1, [
+ "uid=user1,ou=People,dc=rubyldap,dc=com",
+ [["uid", ["user1"]]],
+ ]])
+ search_data_ber.ber_identifier = Net::LDAP::PDU::SearchReturnedData
+ search_data = [1, search_data_ber]
+ # search result (end of results)
+ search_result_ber = Net::BER::BerIdentifiedArray.new([Net::LDAP::ResultCodeSuccess, "", ""])
+ search_result_ber.ber_identifier = Net::LDAP::PDU::SearchResult
+ search_result = [1, search_result_ber]
+ @tcp_socket.should_receive(:read_ber).and_return(search_data)
+ .and_return(search_result)
+
+ events = @service.subscribe "search.net_ldap_connection"
+ unread = @service.subscribe "search_messages_unread.net_ldap_connection"
+
+ all_but_sacl_flag = 0x1 | 0x2 | 0x4 # OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION
+ control_values = [all_but_sacl_flag].map(&:to_ber).to_ber_sequence.to_s.to_ber
+ controls = []
+ # LDAP_SERVER_SD_FLAGS constant definition, taken from https://ldapwiki.com/wiki/LDAP_SERVER_SD_FLAGS_OID
+ ldap_server_sd_flags = '1.2.840.113556.1.4.801'.freeze
+ controls << [ldap_server_sd_flags.to_ber, true.to_ber, control_values].to_ber_sequence
+
+ result = @connection.search(filter: "(uid=user1)", base: "ou=People,dc=rubyldap,dc=com", controls: controls)
+ assert result.success?, "should be success"
+
+ # a search event
+ payload, result = events.pop
+ assert payload.key?(:result)
+ assert payload.key?(:filter)
+ assert_equal "(uid=user1)", payload[:filter].to_s
+ assert result
+
+ # ensure no unread
+ assert unread.empty?, "should not have any leftover unread messages"
+ end
end
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy