Skip to content

Add support for ldapwhoami (RFC4532) #396

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 4 commits into from
Closed

Add support for ldapwhoami (RFC4532) #396

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a7b8e5e
Add support for ldapwhoami (RFC4532)
Jun 11, 2021
82ff8e6
Do not break Net::LDAP#modify_password
Jun 13, 2021
d8b3fd8
Increase ClassLength-limit to make rubocop pass
Jun 13, 2021
2e52c70
Merge branch 'master' into rfc4532
HarlemSquirrel Apr 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .rubocop_todo.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ Metrics/BlockNesting:
# Offense count: 11
# Configuration parameters: CountComments.
Metrics/ClassLength:
Max: 445
Max: 451

# Offense count: 23
Metrics/CyclomaticComplexity:
Expand Down
18 changes: 18 additions & 0 deletions lib/net/ldap.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -341,6 +341,7 @@ class Net::LDAP

StartTlsOid = '1.3.6.1.4.1.1466.20037'
PasswdModifyOid = '1.3.6.1.4.1.4203.1.11.1'
WhoamiOid = '1.3.6.1.4.1.4203.1.11.3'

# https://tools.ietf.org/html/rfc4511#section-4.1.9
# https://tools.ietf.org/html/rfc4511#appendix-A
Expand Down Expand Up @@ -1198,6 +1199,23 @@ def delete_tree(args)
end
end

# Return the authorization identity of the client that issues the
# ldapwhoami request. The method does not support any arguments.
#
# Returns True or False to indicate whether the request was successfull.
# The result is available in the extended status information when calling
# #get_operation_result.
#
# ldap.ldapwhoami
# puts ldap.get_operation_result.extended_response
def ldapwhoami(args = {})
instrument "ldapwhoami.net_ldap", args do |payload|
@result = use_connection(args, &:ldapwhoami)
@result.success?
end
end
alias_method :whoami, :ldapwhoami

# This method is experimental and subject to change. Return the rootDSE
# record from the LDAP server as a Net::LDAP::Entry, or an empty Entry if
# the server doesn't return the record.
Expand Down
18 changes: 18 additions & 0 deletions lib/net/ldap/connection.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -685,6 +685,24 @@ def delete(args)
pdu
end

def ldapwhoami
Net::LDAP::AsnSyntax[139] = :string
ext_seq = [Net::LDAP::WhoamiOid.to_ber_contextspecific(0)]
request = ext_seq.to_ber_appsequence(Net::LDAP::PDU::ExtendedRequest)

message_id = next_msgid

write(request, nil, message_id)
pdu = queued_read(message_id)

if !pdu || pdu.app_tag != Net::LDAP::PDU::ExtendedResponse
raise Net::LDAP::ResponseMissingOrInvalidError, "response missing or invalid"
end

Net::LDAP::AsnSyntax[139] = nil
pdu
end

# Internal: Returns a Socket like object used internally to communicate with
# LDAP server.
#
Expand Down