deac/ruby-net-ldap
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

! Fixes that last ssl topic

Browse source
This commit is contained in:
Kaspar Schiess 2010-02-12 15:08:56 +01:00
parent 1509aa8ef6
commit b849681f5f
3 changed files with 456 additions and 446 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
lib/net/ldap.rb
View file

@ -1129,8 +1129,6 @@ module Net
end # class LDAP end # class LDAP
class LDAP class LDAP
# This is a private class used internally by the library. It should not be called by user code. # This is a private class used internally by the library. It should not be called by user code.
class Connection # :nodoc: class Connection # :nodoc:
@ -1156,6 +1154,21 @@ module Net
yield self if block_given? yield self if block_given?
end end
module GetbyteForSSLSocket
def getbyte
getc.ord
end
end
def self.wrap_with_ssl(io)
ctx = OpenSSL::SSL::SSLContext.new
conn = OpenSSL::SSL::SSLSocket.new(io, ctx)
conn.connect
conn.sync_close = true
conn.extend(GetbyteForSSLSocket) unless conn.respond_to?(:getbyte)
conn
end
#-- #--
# Helper method called only from new, and only after we have a successfully-opened # Helper method called only from new, and only after we have a successfully-opened
@ -1186,10 +1199,7 @@ module Net
def setup_encryption args def setup_encryption args
case args[:method] case args[:method]
when :simple_tls when :simple_tls
ctx = OpenSSL::SSL::SSLContext.new @conn = self.class.wrap_with_ssl(@conn)
@conn = OpenSSL::SSL::SSLSocket.new(@conn, ctx)
@conn.connect
@conn.sync_close = true
# additional branches requiring server validation and peer certs, etc. go here. # additional branches requiring server validation and peer certs, etc. go here.
when :start_tls when :start_tls
msgid = next_msgid.to_ber msgid = next_msgid.to_ber
@ -1201,10 +1211,7 @@ module Net
pdu = Net::LdapPdu.new(be) pdu = Net::LdapPdu.new(be)
raise LdapError.new("no start_tls result") if pdu.nil? raise LdapError.new("no start_tls result") if pdu.nil?
if pdu.result_code.zero? if pdu.result_code.zero?
ctx = OpenSSL::SSL::SSLContext.new @conn = self.class.wrap_with_ssl(@conn)
@conn = OpenSSL::SSL::SSLSocket.new(@conn, ctx)
@conn.connect
@conn.sync_close = true
else else
raise LdapError.new("start_tls failed: #{pdu.result_code}") raise LdapError.new("start_tls failed: #{pdu.result_code}")
end end
@ -1578,8 +1585,6 @@ module Net
end # class Connection end # class Connection
end # class LDAP end # class LDAP
end # module Net end # module Net

7
spec/integration/ssl_ber_spec.rb
View file

@ -19,8 +19,11 @@ describe "BER serialisation (SSL)" do
before(:each) do before(:each) do
@from, @to = IO.pipe @from, @to = IO.pipe
@to = Net::LDAP::SSLSocket.wrap(to) flexmock(OpenSSL::SSL::SSLSocket).
@from = Net::LDAP::SSLSocket.wrap(from) new_instances.should_receive(:connect => nil)
@to = Net::LDAP::Connection.wrap_with_ssl(to)
@from = Net::LDAP::Connection.wrap_with_ssl(from)
end end
it "should transmit strings" do it "should transmit strings" do

4
spec/spec_helper.rb
View file

@ -1 +1,3 @@
Spec::Runner.configure do |config|
config.mock_with :flexmock
end