Replaced ruby-net-ldap with net-ldap 0.2.2 gem.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@8751 e93f8b46-1217-0410-a6f0-8f06a7374b81

19 files changed, 0 insertions, 3469 deletions

diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/COPYING b/vendor/plugins/ruby-net-ldap-0.0.4/COPYING
deleted file mode 100644
index 2ff629a20..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/COPYING
+++ /dev/null
@@ -1,272 +0,0 @@
-              GNU GENERAL PUBLIC LICENSE
-                Version 2, June 1991
-
-Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street,
-Fifth Floor, Boston, MA  02110-1301  USA Everyone is permitted to copy and
-distribute verbatim copies of this license document, but changing it is not
-allowed.
-
-               Preamble
-
-The licenses for most software are designed to take away your freedom to
-share and change it.  By contrast, the GNU General Public License is
-intended to guarantee your freedom to share and change free software--to
-make sure the software is free for all its users.  This General Public
-License applies to most of the Free Software Foundation's software and to
-any other program whose authors commit to using it.  (Some other Free
-Software Foundation software is covered by the GNU Lesser General Public
-License instead.)  You can apply it to your programs, too.
-
-When we speak of free software, we are referring to freedom, not price.  Our
-General Public Licenses are designed to make sure that you have the freedom
-to distribute copies of free software (and charge for this service if you
-wish), that you receive source code or can get it if you want it, that you
-can change the software or use pieces of it in new free programs; and that
-you know you can do these things.
-
-To protect your rights, we need to make restrictions that forbid anyone to
-deny you these rights or to ask you to surrender the rights. These
-restrictions translate to certain responsibilities for you if you distribute
-copies of the software, or if you modify it.
-
-For example, if you distribute copies of such a program, whether gratis or
-for a fee, you must give the recipients all the rights that you have.  You
-must make sure that they, too, receive or can get the source code.  And you
-must show them these terms so they know their rights.
-
-We protect your rights with two steps: (1) copyright the software, and (2)
-offer you this license which gives you legal permission to copy, distribute
-and/or modify the software.
-
-Also, for each author's protection and ours, we want to make certain that
-everyone understands that there is no warranty for this free software.  If
-the software is modified by someone else and passed on, we want its
-recipients to know that what they have is not the original, so that any
-problems introduced by others will not reflect on the original authors'
-reputations.
-
-Finally, any free program is threatened constantly by software patents.  We
-wish to avoid the danger that redistributors of a free program will
-individually obtain patent licenses, in effect making the program
-proprietary. To prevent this, we have made it clear that any patent must be
-licensed for everyone's free use or not licensed at all.
-
-The precise terms and conditions for copying, distribution and modification
-follow.
-
-           GNU GENERAL PUBLIC LICENSE
-  TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-0. This License applies to any program or other work which contains a notice
-   placed by the copyright holder saying it may be distributed under the
-   terms of this General Public License.  The "Program", below, refers to
-   any such program or work, and a "work based on the Program" means either
-   the Program or any derivative work under copyright law: that is to say, a
-   work containing the Program or a portion of it, either verbatim or with
-   modifications and/or translated into another language.  (Hereinafter,
-   translation is included without limitation in the term "modification".)
-   Each licensee is addressed as "you".
-
-   Activities other than copying, distribution and modification are not
-   covered by this License; they are outside its scope.  The act of running
-   the Program is not restricted, and the output from the Program is covered
-   only if its contents constitute a work based on the Program (independent
-   of having been made by running the Program). Whether that is true depends
-   on what the Program does.
-
-1. You may copy and distribute verbatim copies of the Program's source code
-   as you receive it, in any medium, provided that you conspicuously and
-   appropriately publish on each copy an appropriate copyright notice and
-   disclaimer of warranty; keep intact all the notices that refer to this
-   License and to the absence of any warranty; and give any other recipients
-   of the Program a copy of this License along with the Program.
-
-   You may charge a fee for the physical act of transferring a copy, and you
-   may at your option offer warranty protection in exchange for a fee.
-
-2. You may modify your copy or copies of the Program or any portion of it,
-   thus forming a work based on the Program, and copy and distribute such
-   modifications or work under the terms of Section 1 above, provided that
-   you also meet all of these conditions:
-
-   a) You must cause the modified files to carry prominent notices stating
-      that you changed the files and the date of any change.
-
-   b) You must cause any work that you distribute or publish, that in whole
-      or in part contains or is derived from the Program or any part
-      thereof, to be licensed as a whole at no charge to all third parties
-      under the terms of this License.
-
-   c) If the modified program normally reads commands interactively when
-      run, you must cause it, when started running for such interactive use
-      in the most ordinary way, to print or display an announcement
-      including an appropriate copyright notice and a notice that there is
-      no warranty (or else, saying that you provide a warranty) and that
-      users may redistribute the program under these conditions, and telling
-      the user how to view a copy of this License.  (Exception: if the
-      Program itself is interactive but does not normally print such an
-      announcement, your work based on the Program is not required to print
-      an announcement.)
-
-   These requirements apply to the modified work as a whole.  If
-   identifiable sections of that work are not derived from the Program, and
-   can be reasonably considered independent and separate works in
-   themselves, then this License, and its terms, do not apply to those
-   sections when you distribute them as separate works.  But when you
-   distribute the same sections as part of a whole which is a work based on
-   the Program, the distribution of the whole must be on the terms of this
-   License, whose permissions for other licensees extend to the entire
-   whole, and thus to each and every part regardless of who wrote it.
-
-   Thus, it is not the intent of this section to claim rights or contest
-   your rights to work written entirely by you; rather, the intent is to
-   exercise the right to control the distribution of derivative or
-   collective works based on the Program.
-
-   In addition, mere aggregation of another work not based on the Program
-   with the Program (or with a work based on the Program) on a volume of a
-   storage or distribution medium does not bring the other work under the
-   scope of this License.
-
-3. You may copy and distribute the Program (or a work based on it, under
-   Section 2) in object code or executable form under the terms of Sections
-   1 and 2 above provided that you also do one of the following:
-
-   a) Accompany it with the complete corresponding machine-readable source
-      code, which must be distributed under the terms of Sections 1 and 2
-      above on a medium customarily used for software interchange; or,
-
-   b) Accompany it with a written offer, valid for at least three years, to
-      give any third party, for a charge no more than your cost of
-      physically performing source distribution, a complete machine-readable
-      copy of the corresponding source code, to be distributed under the
-      terms of Sections 1 and 2 above on a medium customarily used for
-      software interchange; or,
-
-   c) Accompany it with the information you received as to the offer to
-      distribute corresponding source code.  (This alternative is allowed
-      only for noncommercial distribution and only if you received the
-      program in object code or executable form with such an offer, in
-      accord with Subsection b above.)
-
-   The source code for a work means the preferred form of the work for
-   making modifications to it.  For an executable work, complete source code
-   means all the source code for all modules it contains, plus any
-   associated interface definition files, plus the scripts used to control
-   compilation and installation of the executable.  However, as a special
-   exception, the source code distributed need not include anything that is
-   normally distributed (in either source or binary form) with the major
-   components (compiler, kernel, and so on) of the operating system on which
-   the executable runs, unless that component itself accompanies the
-   executable.
-
-   If distribution of executable or object code is made by offering access
-   to copy from a designated place, then offering equivalent access to copy
-   the source code from the same place counts as distribution of the source
-   code, even though third parties are not compelled to copy the source
-   along with the object code.
-
-4. You may not copy, modify, sublicense, or distribute the Program except as
-   expressly provided under this License.  Any attempt otherwise to copy,
-   modify, sublicense or distribute the Program is void, and will
-   automatically terminate your rights under this License. However, parties
-   who have received copies, or rights, from you under this License will not
-   have their licenses terminated so long as such parties remain in full
-   compliance.
-
-5. You are not required to accept this License, since you have not signed
-   it.  However, nothing else grants you permission to modify or distribute
-   the Program or its derivative works.  These actions are prohibited by law
-   if you do not accept this License.  Therefore, by modifying or
-   distributing the Program (or any work based on the Program), you indicate
-   your acceptance of this License to do so, and all its terms and
-   conditions for copying, distributing or modifying the Program or works
-   based on it.
-
-6. Each time you redistribute the Program (or any work based on the
-   Program), the recipient automatically receives a license from the
-   original licensor to copy, distribute or modify the Program subject to
-   these terms and conditions.  You may not impose any further restrictions
-   on the recipients' exercise of the rights granted herein. You are not
-   responsible for enforcing compliance by third parties to this License.
-
-7. If, as a consequence of a court judgment or allegation of patent
-   infringement or for any other reason (not limited to patent issues),
-   conditions are imposed on you (whether by court order, agreement or
-   otherwise) that contradict the conditions of this License, they do not
-   excuse you from the conditions of this License.  If you cannot distribute
-   so as to satisfy simultaneously your obligations under this License and
-   any other pertinent obligations, then as a consequence you may not
-   distribute the Program at all.  For example, if a patent license would
-   not permit royalty-free redistribution of the Program by all those who
-   receive copies directly or indirectly through you, then the only way you
-   could satisfy both it and this License would be to refrain entirely from
-   distribution of the Program.
-
-   If any portion of this section is held invalid or unenforceable under any
-   particular circumstance, the balance of the section is intended to apply
-   and the section as a whole is intended to apply in other circumstances.
-
-   It is not the purpose of this section to induce you to infringe any
-   patents or other property right claims or to contest validity of any such
-   claims; this section has the sole purpose of protecting the integrity of
-   the free software distribution system, which is implemented by public
-   license practices.  Many people have made generous contributions to the
-   wide range of software distributed through that system in reliance on
-   consistent application of that system; it is up to the author/donor to
-   decide if he or she is willing to distribute software through any other
-   system and a licensee cannot impose that choice.
-
-   This section is intended to make thoroughly clear what is believed to be
-   a consequence of the rest of this License.
-
-8. If the distribution and/or use of the Program is restricted in certain
-   countries either by patents or by copyrighted interfaces, the original
-   copyright holder who places the Program under this License may add an
-   explicit geographical distribution limitation excluding those countries,
-   so that distribution is permitted only in or among countries not thus
-   excluded. In such case, this License incorporates the limitation as if
-   written in the body of this License.
-
-9. The Free Software Foundation may publish revised and/or new versions of
-   the General Public License from time to time.  Such new versions will be
-   similar in spirit to the present version, but may differ in detail to
-   address new problems or concerns.
-
-   Each version is given a distinguishing version number.  If the Program
-   specifies a version number of this License which applies to it and "any
-   later version", you have the option of following the terms and conditions
-   either of that version or of any later version published by the Free
-   Software Foundation.  If the Program does not specify a version number of
-   this License, you may choose any version ever published by the Free
-   Software Foundation.
-
-10. If you wish to incorporate parts of the Program into other free programs
-    whose distribution conditions are different, write to the author to ask
-    for permission.  For software which is copyrighted by the Free Software
-    Foundation, write to the Free Software Foundation; we sometimes make
-    exceptions for this.  Our decision will be guided by the two goals of
-    preserving the free status of all derivatives of our free software and
-    of promoting the sharing and reuse of software generally.
-
-                     NO WARRANTY
-
-11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR
-    THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-    OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-    PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
-    EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-    WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE
-    ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH
-    YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL
-    NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-    WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-    REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR
-    DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL
-    DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM
-    (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED
-    INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF
-    THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR
-    OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/ChangeLog b/vendor/plugins/ruby-net-ldap-0.0.4/ChangeLog
deleted file mode 100644
index bd9b70e7d..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/ChangeLog
+++ /dev/null
@@ -1,58 +0,0 @@
-= Net::LDAP Changelog
-
-== Net::LDAP 0.0.4: August 15, 2006
-* Undeprecated Net::LDAP#modify. Thanks to Justin Forder for
-  providing the rationale for this.
-* Added a much-expanded set of special characters to the parser
-  for RFC-2254 filters. Thanks to Andre Nathan.
-* Changed Net::LDAP#search so you can pass it a filter in string form.
-  The conversion to a Net::LDAP::Filter now happens automatically.
-* Implemented Net::LDAP#bind_as (preliminary and subject to change).
-  Thanks for Simon Claret for valuable suggestions and for helping test.
-* Fixed bug in Net::LDAP#open that was preventing #open from being
-  called more than one on a given Net::LDAP object.
-
-== Net::LDAP 0.0.3: July 26, 2006
-* Added simple TLS encryption.
-  Thanks to Garett Shulman for suggestions and for helping test.
-
-== Net::LDAP 0.0.2: July 12, 2006
-* Fixed malformation in distro tarball and gem.
-* Improved documentation.
-* Supported "paged search control."
-* Added a range of API improvements.
-* Thanks to Andre Nathan, andre@digirati.com.br, for valuable
-  suggestions.
-* Added support for LE and GE search filters.
-* Added support for Search referrals.
-* Fixed a regression with openldap 2.2.x and higher caused
-  by the introduction of RFC-2696 controls. Thanks to Andre
-  Nathan for reporting the problem.
-* Added support for RFC-2254 filter syntax.
-
-== Net::LDAP 0.0.1: May 1, 2006
-* Initial release.
-* Client functionality is near-complete, although the APIs
-  are not guaranteed and may change depending on feedback
-  from the community.
-* We're internally working on a Ruby-based implementation
-  of a full-featured, production-quality LDAP server,
-  which will leverage the underlying LDAP and BER functionality
-  in Net::LDAP.
-* Please tell us if you would be interested in seeing a public
-  release of the LDAP server.
-* Grateful acknowledgement to Austin Ziegler, who reviewed
-  this code and provided the release framework, including
-  minitar.
-
-#--
-# Net::LDAP for Ruby.
-#   http://rubyforge.org/projects/net-ldap/
-#   Copyright (C) 2006 by Francis Cianfrocca
-#
-#   Available under the same terms as Ruby. See LICENCE in the main
-#   distribution for full licensing information.
-#
-# $Id: ChangeLog,v 1.17.2.4 2005/09/09 12:36:42 austin Exp $
-#++
-# vim: sts=2 sw=2 ts=4 et ai tw=77
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/LICENCE b/vendor/plugins/ruby-net-ldap-0.0.4/LICENCE
deleted file mode 100644
index 953ea0bb9..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/LICENCE
+++ /dev/null
@@ -1,55 +0,0 @@
-Net::LDAP is copyrighted free software by Francis Cianfrocca
-<garbagecat10@gmail.com>. You can redistribute it and/or modify it under either
-the terms of the GPL (see the file COPYING), or the conditions below:
-
-1. You may make and give away verbatim copies of the source form of the
-   software without restriction, provided that you duplicate all of the
-   original copyright notices and associated disclaimers.
-
-2. You may modify your copy of the software in any way, provided that you do
-   at least ONE of the following:
-
-   a) place your modifications in the Public Domain or otherwise make them
-      Freely Available, such as by posting said modifications to Usenet or
-      an equivalent medium, or by allowing the author to include your
-      modifications in the software.
-
-   b) use the modified software only within your corporation or
-      organization.
-
-   c) rename any non-standard executables so the names do not conflict with
-      standard executables, which must also be provided.
-
-   d) make other distribution arrangements with the author.
-
-3. You may distribute the software in object code or executable form,
-   provided that you do at least ONE of the following:
-
-   a) distribute the executables and library files of the software, together
-      with instructions (in the manual page or equivalent) on where to get
-      the original distribution.
-
-   b) accompany the distribution with the machine-readable source of the
-      software.
-
-   c) give non-standard executables non-standard names, with instructions on
-      where to get the original software distribution.
-
-   d) make other distribution arrangements with the author.
-
-4. You may modify and include the part of the software into any other
-   software (possibly commercial).  But some files in the distribution are
-   not written by the author, so that they are not under this terms.
-
-   They are gc.c(partly), utils.c(partly), regex.[ch], st.[ch] and some
-   files under the ./missing directory.  See each file for the copying
-   condition.
-
-5. The scripts and library files supplied as input to or produced as output
-   from the software do not automatically fall under the copyright of the
-   software, but belong to whomever generated them, and may be sold
-   commercially, and may be aggregated with this software.
-
-6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
-   WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
-   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/README b/vendor/plugins/ruby-net-ldap-0.0.4/README
deleted file mode 100644
index f61a7ff15..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/README
+++ /dev/null
@@ -1,32 +0,0 @@
-= Net::LDAP for Ruby
-Net::LDAP is an LDAP support library written in pure Ruby. It supports all
-LDAP client features, and a subset of server features as well.
-
-Homepage::  http://rubyforge.org/projects/net-ldap/
-Copyright:: (C) 2006 by Francis Cianfrocca
-
-Original developer: Francis Cianfrocca
-Contributions by Austin Ziegler gratefully acknowledged.
-
-== LICENCE NOTES
-Please read the file LICENCE for licensing restrictions on this library. In
-the simplest terms, this library is available under the same terms as Ruby
-itself.
-
-== Requirements
-Net::LDAP requires Ruby 1.8.2 or better.
-
-== Documentation
-See Net::LDAP for documentation and usage samples.
-
-#--
-# Net::LDAP for Ruby.
-#   http://rubyforge.org/projects/net-ldap/
-#   Copyright (C) 2006 by Francis Cianfrocca
-#
-#   Available under the same terms as Ruby. See LICENCE in the main
-#   distribution for full licensing information.
-#
-# $Id: README 141 2006-07-12 10:37:37Z blackhedd $
-#++
-# vim: sts=2 sw=2 ts=4 et ai tw=77
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ber.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ber.rb
deleted file mode 100644
index 6589415dc..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ber.rb
+++ /dev/null
@@ -1,294 +0,0 @@
-# $Id: ber.rb 142 2006-07-26 12:20:33Z blackhedd $
-#
-# NET::BER
-# Mixes ASN.1/BER convenience methods into several standard classes.
-# Also provides BER parsing functionality.
-#
-#----------------------------------------------------------------------------
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Gmail: garbagecat10
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-#---------------------------------------------------------------------------
-#
-#
-
-
-
-
-module Net
-
-  module BER
-
-  class BerError < Exception; end
-
-
-  # This module is for mixing into IO and IO-like objects.
-  module BERParser
-
-    # The order of these follows the class-codes in BER.
-    # Maybe this should have been a hash.
-    TagClasses = [:universal, :application, :context_specific, :private]
-
-    BuiltinSyntax = {
-      :universal => {
-        :primitive => {
-          1 => :boolean,
-          2 => :integer,
-          4 => :string,
-          10 => :integer,
-        },
-        :constructed => {
-          16 => :array,
-          17 => :array
-        }
-      }
-    }
-
-    #
-    # read_ber
-    # TODO: clean this up so it works properly with partial
-    # packets coming from streams that don't block when
-    # we ask for more data (like StringIOs). At it is,
-    # this can throw TypeErrors and other nasties.
-    #
-    def read_ber syntax=nil
-      return nil if (StringIO == self.class) and  eof?
-
-      id = getc  # don't trash this value, we'll use it later
-      tag = id & 31
-      tag < 31 or raise BerError.new( "unsupported tag encoding: #{id}" )
-      tagclass = TagClasses[ id >> 6 ]
-      encoding = (id & 0x20 != 0) ? :constructed : :primitive
-
-      n = getc
-      lengthlength,contentlength = if n <= 127
-        [1,n]
-      else
-        j = (0...(n & 127)).inject(0) {|mem,x| mem = (mem << 8) + getc}
-        [1 + (n & 127), j]
-      end
-
-      newobj = read contentlength
-
-      objtype = nil
-      [syntax, BuiltinSyntax].each {|syn|
-        if syn && (ot = syn[tagclass]) && (ot = ot[encoding]) && ot[tag]
-          objtype = ot[tag]
-          break
-        end
-      }
-      
-      obj = case objtype
-      when :boolean
-        newobj != "\000"
-      when :string
-        (newobj || "").dup
-      when :integer
-        j = 0
-        newobj.each_byte {|b| j = (j << 8) + b}
-        j
-      when :array
-        seq = []
-        sio = StringIO.new( newobj || "" )
-        # Interpret the subobject, but note how the loop
-        # is built: nil ends the loop, but false (a valid
-        # BER value) does not!
-        while (e = sio.read_ber(syntax)) != nil
-          seq << e
-        end
-        seq
-      else
-        raise BerError.new( "unsupported object type: class=#{tagclass}, encoding=#{encoding}, tag=#{tag}" )
-      end
-
-      # Add the identifier bits into the object if it's a String or an Array.
-      # We can't add extra stuff to Fixnums and booleans, not that it makes much sense anyway.
-      obj and ([String,Array].include? obj.class) and obj.instance_eval "def ber_identifier; #{id}; end"
-      obj
-
-    end
-
-  end # module BERParser
-  end # module BER
-
-end # module Net
-
-
-class IO
-  include Net::BER::BERParser
-end
-
-require "stringio"
-class StringIO
-  include Net::BER::BERParser
-end
-
-begin
-  require 'openssl'
-  class OpenSSL::SSL::SSLSocket
-    include Net::BER::BERParser
-  end
-rescue LoadError
-# Ignore LoadError.
-# DON'T ignore NameError, which means the SSLSocket class
-# is somehow unavailable on this implementation of Ruby's openssl.
-# This may be WRONG, however, because we don't yet know how Ruby's
-# openssl behaves on machines with no OpenSSL library. I suppose
-# it's possible they do not fail to require 'openssl' but do not
-# create the classes. So this code is provisional.
-# Also, you might think that OpenSSL::SSL::SSLSocket inherits from
-# IO so we'd pick it up above. But you'd be wrong.
-end
-
-class String
-  def read_ber syntax=nil
-    StringIO.new(self).read_ber(syntax)
-  end
-end
-
-
-
-#----------------------------------------------
-
-
-class FalseClass
-  #
-  # to_ber
-  #
-  def to_ber
-    "\001\001\000"
-  end
-end
-
-
-class TrueClass
-  #
-  # to_ber
-  #
-  def to_ber
-    "\001\001\001"
-  end
-end
-
-
-
-class Fixnum
-  #
-  # to_ber
-  #
-  def to_ber
-    i = [self].pack('w')
-    [2, i.length].pack("CC") + i
-  end
-
-  #
-  # to_ber_enumerated
-  #
-  def to_ber_enumerated
-    i = [self].pack('w')
-    [10, i.length].pack("CC") + i
-  end
-
-  #
-  # to_ber_length_encoding
-  #
-  def to_ber_length_encoding
-    if self <= 127
-      [self].pack('C')
-    else
-      i = [self].pack('N').sub(/^[\0]+/,"")
-      [0x80 + i.length].pack('C') + i
-    end
-  end
-
-end # class Fixnum
-
-
-class Bignum
-
-  def to_ber
-    i = [self].pack('w')
-    i.length > 126 and raise Net::BER::BerError.new( "range error in bignum" )
-    [2, i.length].pack("CC") + i
-  end
-
-end
-
-
-
-class String
-  #
-  # to_ber
-  # A universal octet-string is tag number 4,
-  # but others are possible depending on the context, so we
-  # let the caller give us one.
-  # The preferred way to do this in user code is via to_ber_application_sring
-  # and to_ber_contextspecific.
-  #
-  def to_ber code = 4
-    [code].pack('C') + length.to_ber_length_encoding + self
-  end
-
-  #
-  # to_ber_application_string
-  #
-  def to_ber_application_string code
-    to_ber( 0x40 + code )
-  end
-
-  #
-  # to_ber_contextspecific
-  #
-  def to_ber_contextspecific code
-    to_ber( 0x80 + code )
-  end
-
-end # class String
-
-
-
-class Array
-  #
-  # to_ber_appsequence
-  # An application-specific sequence usually gets assigned
-  # a tag that is meaningful to the particular protocol being used.
-  # This is different from the universal sequence, which usually
-  # gets a tag value of 16.
-  # Now here's an interesting thing: We're adding the X.690
-  # "application constructed" code at the top of the tag byte (0x60),
-  # but some clients, notably ldapsearch, send "context-specific
-  # constructed" (0xA0). The latter would appear to violate RFC-1777,
-  # but what do I know? We may need to change this.
-  #
-
-  def to_ber                 id = 0; to_ber_seq_internal( 0x30 + id ); end
-  def to_ber_set             id = 0; to_ber_seq_internal( 0x31 + id ); end
-  def to_ber_sequence        id = 0; to_ber_seq_internal( 0x30 + id ); end
-  def to_ber_appsequence     id = 0; to_ber_seq_internal( 0x60 + id ); end
-  def to_ber_contextspecific id = 0; to_ber_seq_internal( 0xA0 + id ); end
-
-  private
-  def to_ber_seq_internal code
-    s = self.to_s
-    [code].pack('C') + s.length.to_ber_length_encoding + s
-  end
-
-end # class Array
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb
deleted file mode 100644
index d741e722b..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb
+++ /dev/null
@@ -1,1311 +0,0 @@
-# $Id: ldap.rb 154 2006-08-15 09:35:43Z blackhedd $
-#
-# Net::LDAP for Ruby
-#
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Written and maintained by Francis Cianfrocca, gmail: garbagecat10.
-#
-# This program is free software.
-# You may re-distribute and/or modify this program under the same terms
-# as Ruby itself: Ruby Distribution License or GNU General Public License.
-#
-#
-# See Net::LDAP for documentation and usage samples.
-#
-
-
-require 'socket'
-require 'ostruct'
-
-begin
-  require 'openssl'
-  $net_ldap_openssl_available = true
-rescue LoadError
-end
-
-require 'net/ber'
-require 'net/ldap/pdu'
-require 'net/ldap/filter'
-require 'net/ldap/dataset'
-require 'net/ldap/psw'
-require 'net/ldap/entry'
-
-
-module Net
-
-
-  # == Net::LDAP
-  #
-  # This library provides a pure-Ruby implementation of the
-  # LDAP client protocol, per RFC-2251.
-  # It can be used to access any server which implements the
-  # LDAP protocol.
-  #
-  # Net::LDAP is intended to provide full LDAP functionality
-  # while hiding the more arcane aspects
-  # the LDAP protocol itself, and thus presenting as Ruby-like
-  # a programming interface as possible.
-  # 
-  # == Quick-start for the Impatient
-  # === Quick Example of a user-authentication against an LDAP directory:
-  #
-  #  require 'rubygems'
-  #  require 'net/ldap'
-  #  
-  #  ldap = Net::LDAP.new
-  #  ldap.host = your_server_ip_address
-  #  ldap.port = 389
-  #  ldap.auth "joe_user", "opensesame"
-  #  if ldap.bind
-  #    # authentication succeeded
-  #  else
-  #    # authentication failed
-  #  end
-  #
-  #
-  # === Quick Example of a search against an LDAP directory:
-  #
-  #  require 'rubygems'
-  #  require 'net/ldap'
-  #  
-  #  ldap = Net::LDAP.new :host => server_ip_address,
-  #       :port => 389,
-  #       :auth => {
-  #             :method => :simple,
-  #             :username => "cn=manager,dc=example,dc=com",
-  #             :password => "opensesame"
-  #       }
-  #
-  #  filter = Net::LDAP::Filter.eq( "cn", "George*" )
-  #  treebase = "dc=example,dc=com"
-  #  
-  #  ldap.search( :base => treebase, :filter => filter ) do |entry|
-  #    puts "DN: #{entry.dn}"
-  #    entry.each do |attribute, values|
-  #      puts "   #{attribute}:"
-  #      values.each do |value|
-  #        puts "      --->#{value}"
-  #      end
-  #    end
-  #  end
-  #  
-  #  p ldap.get_operation_result
-  #  
-  #
-  # == A Brief Introduction to LDAP
-  #
-  # We're going to provide a quick, informal introduction to LDAP
-  # terminology and
-  # typical operations. If you're comfortable with this material, skip
-  # ahead to "How to use Net::LDAP." If you want a more rigorous treatment
-  # of this material, we recommend you start with the various IETF and ITU
-  # standards that relate to LDAP.
-  #
-  # === Entities
-  # LDAP is an Internet-standard protocol used to access directory servers.
-  # The basic search unit is the <i>entity,</i> which corresponds to
-  # a person or other domain-specific object.
-  # A directory service which supports the LDAP protocol typically
-  # stores information about a number of entities.
-  #
-  # === Principals
-  # LDAP servers are typically used to access information about people,
-  # but also very often about such items as printers, computers, and other
-  # resources. To reflect this, LDAP uses the term <i>entity,</i> or less
-  # commonly, <i>principal,</i> to denote its basic data-storage unit.
-  # 
-  #
-  # === Distinguished Names
-  # In LDAP's view of the world,
-  # an entity is uniquely identified by a globally-unique text string
-  # called a <i>Distinguished Name,</i> originally defined in the X.400
-  # standards from which LDAP is ultimately derived.
-  # Much like a DNS hostname, a DN is a "flattened" text representation
-  # of a string of tree nodes. Also like DNS (and unlike Java package
-  # names), a DN expresses a chain of tree-nodes written from left to right
-  # in order from the most-resolved node to the most-general one.
-  #
-  # If you know the DN of a person or other entity, then you can query
-  # an LDAP-enabled directory for information (attributes) about the entity.
-  # Alternatively, you can query the directory for a list of DNs matching
-  # a set of criteria that you supply.
-  #
-  # === Attributes
-  #
-  # In the LDAP view of the world, a DN uniquely identifies an entity.
-  # Information about the entity is stored as a set of <i>Attributes.</i>
-  # An attribute is a text string which is associated with zero or more
-  # values. Most LDAP-enabled directories store a well-standardized
-  # range of attributes, and constrain their values according to standard
-  # rules.
-  #
-  # A good example of an attribute is <tt>sn,</tt> which stands for "Surname."
-  # This attribute is generally used to store a person's surname, or last name.
-  # Most directories enforce the standard convention that
-  # an entity's <tt>sn</tt> attribute have <i>exactly one</i> value. In LDAP
-  # jargon, that means that <tt>sn</tt> must be <i>present</i> and
-  # <i>single-valued.</i>
-  #
-  # Another attribute is <tt>mail,</tt> which is used to store email addresses.
-  # (No, there is no attribute called "email," perhaps because X.400 terminology
-  # predates the invention of the term <i>email.</i>) <tt>mail</tt> differs
-  # from <tt>sn</tt> in that most directories permit any number of values for the
-  # <tt>mail</tt> attribute, including zero.
-  #
-  #
-  # === Tree-Base
-  # We said above that X.400 Distinguished Names are <i>globally unique.</i>
-  # In a manner reminiscent of DNS, LDAP supposes that each directory server
-  # contains authoritative attribute data for a set of DNs corresponding
-  # to a specific sub-tree of the (notional) global directory tree.
-  # This subtree is generally configured into a directory server when it is
-  # created. It matters for this discussion because most servers will not
-  # allow you to query them unless you specify a correct tree-base.
-  #
-  # Let's say you work for the engineering department of Big Company, Inc.,
-  # whose internet domain is bigcompany.com. You may find that your departmental
-  # directory is stored in a server with a defined tree-base of
-  #  ou=engineering,dc=bigcompany,dc=com
-  # You will need to supply this string as the <i>tree-base</i> when querying this
-  # directory. (Ou is a very old X.400 term meaning "organizational unit."
-  # Dc is a more recent term meaning "domain component.")
-  #
-  # === LDAP Versions
-  # (stub, discuss v2 and v3)
-  #
-  # === LDAP Operations
-  # The essential operations are: #bind, #search, #add, #modify, #delete, and #rename.
-  # ==== Bind
-  # #bind supplies a user's authentication credentials to a server, which in turn verifies
-  # or rejects them. There is a range of possibilities for credentials, but most directories
-  # support a simple username and password authentication.
-  #
-  # Taken by itself, #bind can be used to authenticate a user against information
-  # stored in a directory, for example to permit or deny access to some other resource.
-  # In terms of the other LDAP operations, most directories require a successful #bind to
-  # be performed before the other operations will be permitted. Some servers permit certain
-  # operations to be performed with an "anonymous" binding, meaning that no credentials are
-  # presented by the user. (We're glossing over a lot of platform-specific detail here.)
-  #
-  # ==== Search
-  # Calling #search against the directory involves specifying a treebase, a set of <i>search filters,</i>
-  # and a list of attribute values.
-  # The filters specify ranges of possible values for particular attributes. Multiple
-  # filters can be joined together with AND, OR, and NOT operators.
-  # A server will respond to a #search by returning a list of matching DNs together with a
-  # set of attribute values for each entity, depending on what attributes the search requested.
-  # 
-  # ==== Add
-  # #add specifies a new DN and an initial set of attribute values. If the operation
-  # succeeds, a new entity with the corresponding DN and attributes is added to the directory.
-  #
-  # ==== Modify
-  # #modify specifies an entity DN, and a list of attribute operations. #modify is used to change
-  # the attribute values stored in the directory for a particular entity.
-  # #modify may add or delete attributes (which are lists of values) or it change attributes by
-  # adding to or deleting from their values.
-  # Net::LDAP provides three easier methods to modify an entry's attribute values:
-  # #add_attribute, #replace_attribute, and #delete_attribute.
-  #
-  # ==== Delete
-  # #delete specifies an entity DN. If it succeeds, the entity and all its attributes
-  # is removed from the directory.
-  #
-  # ==== Rename (or Modify RDN)
-  # #rename (or #modify_rdn) is an operation added to version 3 of the LDAP protocol. It responds to
-  # the often-arising need to change the DN of an entity without discarding its attribute values.
-  # In earlier LDAP versions, the only way to do this was to delete the whole entity and add it
-  # again with a different DN.
-  #
-  # #rename works by taking an "old" DN (the one to change) and a "new RDN," which is the left-most
-  # part of the DN string. If successful, #rename changes the entity DN so that its left-most
-  # node corresponds to the new RDN given in the request. (RDN, or "relative distinguished name,"
-  # denotes a single tree-node as expressed in a DN, which is a chain of tree nodes.)
-  #
-  # == How to use Net::LDAP
-  #
-  # To access Net::LDAP functionality in your Ruby programs, start by requiring
-  # the library:
-  #
-  #  require 'net/ldap'
-  #
-  # If you installed the Gem version of Net::LDAP, and depending on your version of
-  # Ruby and rubygems, you _may_ also need to require rubygems explicitly:
-  #
-  #  require 'rubygems'
-  #  require 'net/ldap'
-  #
-  # Most operations with Net::LDAP start by instantiating a Net::LDAP object.
-  # The constructor for this object takes arguments specifying the network location
-  # (address and port) of the LDAP server, and also the binding (authentication)
-  # credentials, typically a username and password.
-  # Given an object of class Net:LDAP, you can then perform LDAP operations by calling
-  # instance methods on the object. These are documented with usage examples below.
-  #
-  # The Net::LDAP library is designed to be very disciplined about how it makes network
-  # connections to servers. This is different from many of the standard native-code
-  # libraries that are provided on most platforms, which share bloodlines with the
-  # original Netscape/Michigan LDAP client implementations. These libraries sought to
-  # insulate user code from the workings of the network. This is a good idea of course,
-  # but the practical effect has been confusing and many difficult bugs have been caused
-  # by the opacity of the native libraries, and their variable behavior across platforms.
-  #
-  # In general, Net::LDAP instance methods which invoke server operations make a connection
-  # to the server when the method is called. They execute the operation (typically binding first)
-  # and then disconnect from the server. The exception is Net::LDAP#open, which makes a connection
-  # to the server and then keeps it open while it executes a user-supplied block. Net::LDAP#open
-  # closes the connection on completion of the block.
-  #
-
-  class LDAP
-
-    class LdapError < Exception; end
-
-    VERSION = "0.0.4"
-
-
-    SearchScope_BaseObject = 0
-    SearchScope_SingleLevel = 1
-    SearchScope_WholeSubtree = 2
-    SearchScopes = [SearchScope_BaseObject, SearchScope_SingleLevel, SearchScope_WholeSubtree]
-
-    AsnSyntax = {
-      :application => {
-        :constructed => {
-          0 => :array,              # BindRequest
-          1 => :array,              # BindResponse
-          2 => :array,              # UnbindRequest
-          3 => :array,              # SearchRequest
-          4 => :array,              # SearchData
-          5 => :array,              # SearchResult
-          6 => :array,              # ModifyRequest
-          7 => :array,              # ModifyResponse
-          8 => :array,              # AddRequest
-          9 => :array,              # AddResponse
-          10 => :array,             # DelRequest
-          11 => :array,             # DelResponse
-          12 => :array,             # ModifyRdnRequest
-          13 => :array,             # ModifyRdnResponse
-          14 => :array,             # CompareRequest
-          15 => :array,             # CompareResponse
-          16 => :array,             # AbandonRequest
-          19 => :array,             # SearchResultReferral
-          24 => :array,             # Unsolicited Notification
-        }
-      },
-      :context_specific => {
-        :primitive => {
-          0 => :string,             # password
-          1 => :string,             # Kerberos v4
-          2 => :string,             # Kerberos v5
-        },
-        :constructed => {
-          0 => :array,              # RFC-2251 Control
-          3 => :array,              # Seach referral
-        }
-      }
-    }
-
-    DefaultHost = "127.0.0.1"
-    DefaultPort = 389
-    DefaultAuth = {:method => :anonymous}
-    DefaultTreebase = "dc=com"
-
-
-    ResultStrings = {
-      0 => "Success",
-      1 => "Operations Error",
-      2 => "Protocol Error",
-      3 => "Time Limit Exceeded",
-      4 => "Size Limit Exceeded",
-      12 => "Unavailable crtical extension",
-      16 => "No Such Attribute",
-      17 => "Undefined Attribute Type",
-      20 => "Attribute or Value Exists",
-      32 => "No Such Object",
-      34 => "Invalid DN Syntax",
-      48 => "Invalid DN Syntax",
-      48 => "Inappropriate Authentication",
-      49 => "Invalid Credentials",
-      50 => "Insufficient Access Rights",
-      51 => "Busy",
-      52 => "Unavailable",
-      53 => "Unwilling to perform",
-      65 => "Object Class Violation",
-      68 => "Entry Already Exists"
-    }
-
-
-    module LdapControls
-      PagedResults = "1.2.840.113556.1.4.319" # Microsoft evil from RFC 2696
-    end
-
-
-    #
-    # LDAP::result2string
-    #
-    def LDAP::result2string code # :nodoc:
-      ResultStrings[code] || "unknown result (#{code})"
-    end 
-
-
-    attr_accessor :host, :port, :base
-
-
-    # Instantiate an object of type Net::LDAP to perform directory operations.
-    # This constructor takes a Hash containing arguments, all of which are either optional or may be specified later with other methods as described below. The following arguments
-    # are supported:
-    # * :host => the LDAP server's IP-address (default 127.0.0.1)
-    # * :port => the LDAP server's TCP port (default 389)
-    # * :auth => a Hash containing authorization parameters. Currently supported values include:
-    #   {:method => :anonymous} and
-    #   {:method => :simple, :username => your_user_name, :password => your_password }
-    #   The password parameter may be a Proc that returns a String.
-    # * :base => a default treebase parameter for searches performed against the LDAP server. If you don't give this value, then each call to #search must specify a treebase parameter. If you do give this value, then it will be used in subsequent calls to #search that do not specify a treebase. If you give a treebase value in any particular call to #search, that value will override any treebase value you give here.
-    # * :encryption => specifies the encryption to be used in communicating with the LDAP server. The value is either a Hash containing additional parameters, or the Symbol :simple_tls, which is equivalent to specifying the Hash {:method => :simple_tls}. There is a fairly large range of potential values that may be given for this parameter. See #encryption for details.
-    #
-    # Instantiating a Net::LDAP object does <i>not</i> result in network traffic to
-    # the LDAP server. It simply stores the connection and binding parameters in the
-    # object.
-    #
-    def initialize args = {}
-      @host = args[:host] || DefaultHost
-      @port = args[:port] || DefaultPort
-      @verbose = false # Make this configurable with a switch on the class.
-      @auth = args[:auth] || DefaultAuth
-      @base = args[:base] || DefaultTreebase
-      encryption args[:encryption] # may be nil
-
-      if pr = @auth[:password] and pr.respond_to?(:call)
-        @auth[:password] = pr.call
-      end
-
-      # This variable is only set when we are created with LDAP::open.
-      # All of our internal methods will connect using it, or else
-      # they will create their own.
-      @open_connection = nil
-    end
-
-    # Convenience method to specify authentication credentials to the LDAP
-    # server. Currently supports simple authentication requiring
-    # a username and password.
-    #
-    # Observe that on most LDAP servers,
-    # the username is a complete DN. However, with A/D, it's often possible
-    # to give only a user-name rather than a complete DN. In the latter
-    # case, beware that many A/D servers are configured to permit anonymous
-    # (uncredentialled) binding, and will silently accept your binding
-    # as anonymous if you give an unrecognized username. This is not usually
-    # what you want. (See #get_operation_result.)
-    #
-    # <b>Important:</b> The password argument may be a Proc that returns a string.
-    # This makes it possible for you to write client programs that solicit
-    # passwords from users or from other data sources without showing them
-    # in your code or on command lines.
-    #
-    #  require 'net/ldap'
-    #  
-    #  ldap = Net::LDAP.new
-    #  ldap.host = server_ip_address
-    #  ldap.authenticate "cn=Your Username,cn=Users,dc=example,dc=com", "your_psw"
-    #
-    # Alternatively (with a password block):
-    #
-    #  require 'net/ldap'
-    #  
-    #  ldap = Net::LDAP.new
-    #  ldap.host = server_ip_address
-    #  psw = proc { your_psw_function }
-    #  ldap.authenticate "cn=Your Username,cn=Users,dc=example,dc=com", psw
-    #
-    def authenticate username, password
-      password = password.call if password.respond_to?(:call)
-      @auth = {:method => :simple, :username => username, :password => password}
-    end
-
-    alias_method :auth, :authenticate
-
-    # Convenience method to specify encryption characteristics for connections
-    # to LDAP servers. Called implicitly by #new and #open, but may also be called
-    # by user code if desired.
-    # The single argument is generally a Hash (but see below for convenience alternatives).
-    # This implementation is currently a stub, supporting only a few encryption
-    # alternatives. As additional capabilities are added, more configuration values
-    # will be added here.
-    #
-    # Currently, the only supported argument is {:method => :simple_tls}.
-    # (Equivalently, you may pass the symbol :simple_tls all by itself, without
-    # enclosing it in a Hash.)
-    #
-    # The :simple_tls encryption method encrypts <i>all</i> communications with the LDAP
-    # server.
-    # It completely establishes SSL/TLS encryption with the LDAP server 
-    # before any LDAP-protocol data is exchanged.
-    # There is no plaintext negotiation and no special encryption-request controls
-    # are sent to the server. 
-    # <i>The :simple_tls option is the simplest, easiest way to encrypt communications
-    # between Net::LDAP and LDAP servers.</i>
-    # It's intended for cases where you have an implicit level of trust in the authenticity
-    # of the LDAP server. No validation of the LDAP server's SSL certificate is
-    # performed. This means that :simple_tls will not produce errors if the LDAP
-    # server's encryption certificate is not signed by a well-known Certification
-    # Authority.
-    # If you get communications or protocol errors when using this option, check
-    # with your LDAP server administrator. Pay particular attention to the TCP port
-    # you are connecting to. It's impossible for an LDAP server to support plaintext
-    # LDAP communications and <i>simple TLS</i> connections on the same port.
-    # The standard TCP port for unencrypted LDAP connections is 389, but the standard
-    # port for simple-TLS encrypted connections is 636. Be sure you are using the
-    # correct port.
-    #
-    # <i>[Note: a future version of Net::LDAP will support the STARTTLS LDAP control,
-    # which will enable encrypted communications on the same TCP port used for
-    # unencrypted connections.]</i>
-    #
-    def encryption args
-      if args == :simple_tls
-        args = {:method => :simple_tls}
-      end
-      @encryption = args
-    end
-
-
-    # #open takes the same parameters as #new. #open makes a network connection to the
-    # LDAP server and then passes a newly-created Net::LDAP object to the caller-supplied block.
-    # Within the block, you can call any of the instance methods of Net::LDAP to
-    # perform operations against the LDAP directory. #open will perform all the
-    # operations in the user-supplied block on the same network connection, which
-    # will be closed automatically when the block finishes.
-    #
-    #  # (PSEUDOCODE)
-    #  auth = {:method => :simple, :username => username, :password => password}
-    #  Net::LDAP.open( :host => ipaddress, :port => 389, :auth => auth ) do |ldap|
-    #    ldap.search( ... )
-    #    ldap.add( ... )
-    #    ldap.modify( ... )
-    #  end
-    #
-    def LDAP::open args
-      ldap1 = LDAP.new args
-      ldap1.open {|ldap| yield ldap }
-    end
-
-    # Returns a meaningful result any time after
-    # a protocol operation (#bind, #search, #add, #modify, #rename, #delete)
-    # has completed.
-    # It returns an #OpenStruct containing an LDAP result code (0 means success),
-    # and a human-readable string.
-    #  unless ldap.bind
-    #    puts "Result: #{ldap.get_operation_result.code}"
-    #    puts "Message: #{ldap.get_operation_result.message}"
-    #  end
-    #
-    def get_operation_result
-      os = OpenStruct.new
-      if @result
-        os.code = @result
-      else
-        os.code = 0
-      end
-      os.message = LDAP.result2string( os.code )
-      os
-    end
-
-
-    # Opens a network connection to the server and then
-    # passes <tt>self</tt> to the caller-supplied block. The connection is
-    # closed when the block completes. Used for executing multiple
-    # LDAP operations without requiring a separate network connection
-    # (and authentication) for each one.
-    # <i>Note:</i> You do not need to log-in or "bind" to the server. This will
-    # be done for you automatically.
-    # For an even simpler approach, see the class method Net::LDAP#open.
-    #
-    #  # (PSEUDOCODE)
-    #  auth = {:method => :simple, :username => username, :password => password}
-    #  ldap = Net::LDAP.new( :host => ipaddress, :port => 389, :auth => auth )
-    #  ldap.open do |ldap|
-    #    ldap.search( ... )
-    #    ldap.add( ... )
-    #    ldap.modify( ... )
-    #  end
-    #--
-    # First we make a connection and then a binding, but we don't
-    # do anything with the bind results.
-    # We then pass self to the caller's block, where he will execute
-    # his LDAP operations. Of course they will all generate auth failures
-    # if the bind was unsuccessful.
-    def open
-      raise LdapError.new( "open already in progress" ) if @open_connection
-      @open_connection = Connection.new( :host => @host, :port => @port, :encryption => @encryption )
-      @open_connection.bind @auth
-      yield self
-      @open_connection.close
-      @open_connection = nil
-    end
-
-
-    # Searches the LDAP directory for directory entries.
-    # Takes a hash argument with parameters. Supported parameters include:
-    # * :base (a string specifying the tree-base for the search);
-    # * :filter (an object of type Net::LDAP::Filter, defaults to objectclass=*);
-    # * :attributes (a string or array of strings specifying the LDAP attributes to return from the server);
-    # * :return_result (a boolean specifying whether to return a result set).
-    # * :attributes_only (a boolean flag, defaults false)
-    # * :scope (one of: Net::LDAP::SearchScope_BaseObject, Net::LDAP::SearchScope_SingleLevel, Net::LDAP::SearchScope_WholeSubtree. Default is WholeSubtree.)
-    #
-    # #search queries the LDAP server and passes <i>each entry</i> to the
-    # caller-supplied block, as an object of type Net::LDAP::Entry.
-    # If the search returns 1000 entries, the block will
-    # be called 1000 times. If the search returns no entries, the block will
-    # not be called.
-    #
-    #--
-    # ORIGINAL TEXT, replaced 04May06.
-    # #search returns either a result-set or a boolean, depending on the
-    # value of the <tt>:return_result</tt> argument. The default behavior is to return
-    # a result set, which is a hash. Each key in the hash is a string specifying
-    # the DN of an entry. The corresponding value for each key is a Net::LDAP::Entry object.
-    # If you request a result set and #search fails with an error, it will return nil.
-    # Call #get_operation_result to get the error information returned by
-    # the LDAP server.
-    #++
-    # #search returns either a result-set or a boolean, depending on the
-    # value of the <tt>:return_result</tt> argument. The default behavior is to return
-    # a result set, which is an Array of objects of class Net::LDAP::Entry.
-    # If you request a result set and #search fails with an error, it will return nil.
-    # Call #get_operation_result to get the error information returned by
-    # the LDAP server.
-    #
-    # When <tt>:return_result => false,</tt> #search will
-    # return only a Boolean, to indicate whether the operation succeeded. This can improve performance
-    # with very large result sets, because the library can discard each entry from memory after
-    # your block processes it.
-    #
-    #
-    #  treebase = "dc=example,dc=com"
-    #  filter = Net::LDAP::Filter.eq( "mail", "a*.com" )
-    #  attrs = ["mail", "cn", "sn", "objectclass"]
-    #  ldap.search( :base => treebase, :filter => filter, :attributes => attrs, :return_result => false ) do |entry|
-    #    puts "DN: #{entry.dn}"
-    #    entry.each do |attr, values|
-    #      puts ".......#{attr}:"
-    #      values.each do |value|
-    #        puts "          #{value}"
-    #      end
-    #    end
-    #  end
-    #
-    #--
-    # This is a re-implementation of search that replaces the
-    # original one (now renamed searchx and possibly destined to go away).
-    # The difference is that we return a dataset (or nil) from the
-    # call, and pass _each entry_ as it is received from the server
-    # to the caller-supplied block. This will probably make things
-    # far faster as we can do useful work during the network latency
-    # of the search. The downside is that we have no access to the
-    # whole set while processing the blocks, so we can't do stuff
-    # like sort the DNs until after the call completes.
-    # It's also possible that this interacts badly with server timeouts.
-    # We'll have to ensure that something reasonable happens if
-    # the caller has processed half a result set when we throw a timeout
-    # error.
-    # Another important difference is that we return a result set from
-    # this method rather than a T/F indication.
-    # Since this can be very heavy-weight, we define an argument flag
-    # that the caller can set to suppress the return of a result set,
-    # if he's planning to process every entry as it comes from the server.
-    #
-    # REINTERPRETED the result set, 04May06. Originally this was a hash
-    # of entries keyed by DNs. But let's get away from making users
-    # handle DNs. Change it to a plain array. Eventually we may
-    # want to return a Dataset object that delegates to an internal
-    # array, so we can provide sort methods and what-not.
-    #
-    def search args = {}
-      args[:base] ||= @base
-      result_set = (args and args[:return_result] == false) ? nil : []
-
-      if @open_connection
-        @result = @open_connection.search( args ) {|entry|
-          result_set << entry if result_set
-          yield( entry ) if block_given?
-        }
-      else
-        @result = 0
-        conn = Connection.new( :host => @host, :port => @port, :encryption => @encryption )
-        if (@result = conn.bind( args[:auth] || @auth )) == 0
-          @result = conn.search( args ) {|entry|
-            result_set << entry if result_set
-            yield( entry ) if block_given?
-          }
-        end
-        conn.close
-      end
-
-      @result == 0 and result_set
-    end
-
-    # #bind connects to an LDAP server and requests authentication
-    # based on the <tt>:auth</tt> parameter passed to #open or #new.
-    # It takes no parameters.
-    #
-    # User code does not need to call #bind directly. It will be called
-    # implicitly by the library whenever you invoke an LDAP operation,
-    # such as #search or #add.
-    #
-    # It is useful, however, to call #bind in your own code when the
-    # only operation you intend to perform against the directory is
-    # to validate a login credential. #bind returns true or false
-    # to indicate whether the binding was successful. Reasons for
-    # failure include malformed or unrecognized usernames and
-    # incorrect passwords. Use #get_operation_result to find out
-    # what happened in case of failure.
-    #
-    # Here's a typical example using #bind to authenticate a
-    # credential which was (perhaps) solicited from the user of a
-    # web site:
-    #
-    #  require 'net/ldap'
-    #  ldap = Net::LDAP.new
-    #  ldap.host = your_server_ip_address
-    #  ldap.port = 389
-    #  ldap.auth your_user_name, your_user_password
-    #  if ldap.bind
-    #    # authentication succeeded
-    #  else
-    #    # authentication failed
-    #    p ldap.get_operation_result
-    #  end
-    #
-    # You don't have to create a new instance of Net::LDAP every time
-    # you perform a binding in this way. If you prefer, you can cache the Net::LDAP object
-    # and re-use it to perform subsequent bindings, <i>provided</i> you call
-    # #auth to specify a new credential before calling #bind. Otherwise, you'll
-    # just re-authenticate the previous user! (You don't need to re-set
-    # the values of #host and #port.) As noted in the documentation for #auth,
-    # the password parameter can be a Ruby Proc instead of a String.
-    #
-    #--
-    # If there is an @open_connection, then perform the bind
-    # on it. Otherwise, connect, bind, and disconnect.
-    # The latter operation is obviously useful only as an auth check.
-    #
-    def bind auth=@auth
-      if @open_connection
-        @result = @open_connection.bind auth
-      else
-        conn = Connection.new( :host => @host, :port => @port , :encryption => @encryption)
-        @result = conn.bind @auth
-        conn.close
-      end
-
-      @result == 0
-    end
-
-    #
-    # #bind_as is for testing authentication credentials.
-    #
-    # As described under #bind, most LDAP servers require that you supply a complete DN
-    # as a binding-credential, along with an authenticator such as a password.
-    # But for many applications (such as authenticating users to a Rails application),
-    # you often don't have a full DN to identify the user. You usually get a simple
-    # identifier like a username or an email address, along with a password.
-    # #bind_as allows you to authenticate these user-identifiers.
-    #
-    # #bind_as is a combination of a search and an LDAP binding. First, it connects and
-    # binds to the directory as normal. Then it searches the directory for an entry
-    # corresponding to the email address, username, or other string that you supply.
-    # If the entry exists, then #bind_as will <b>re-bind</b> as that user with the
-    # password (or other authenticator) that you supply.
-    #
-    # #bind_as takes the same parameters as #search, <i>with the addition of an
-    # authenticator.</i> Currently, this authenticator must be <tt>:password</tt>.
-    # Its value may be either a String, or a +proc+ that returns a String.
-    # #bind_as returns +false+ on failure. On success, it returns a result set,
-    # just as #search does. This result set is an Array of objects of
-    # type Net::LDAP::Entry. It contains the directory attributes corresponding to
-    # the user. (Just test whether the return value is logically true, if you don't
-    # need this additional information.)
-    #
-    # Here's how you would use #bind_as to authenticate an email address and password:
-    #
-    #  require 'net/ldap'
-    #  
-    #  user,psw = "joe_user@yourcompany.com", "joes_psw"
-    #  
-    #  ldap = Net::LDAP.new
-    #  ldap.host = "192.168.0.100"
-    #  ldap.port = 389
-    #  ldap.auth "cn=manager,dc=yourcompany,dc=com", "topsecret"
-    #  
-    #  result = ldap.bind_as(
-    #    :base => "dc=yourcompany,dc=com",
-    #    :filter => "(mail=#{user})",
-    #    :password => psw
-    #  )
-    #  if result
-    #    puts "Authenticated #{result.first.dn}"
-    #  else
-    #    puts "Authentication FAILED."
-    #  end
-    def bind_as args={}
-      result = false
-      open {|me|
-        rs = search args
-        if rs and rs.first and dn = rs.first.dn
-          password = args[:password]
-          password = password.call if password.respond_to?(:call)
-          result = rs if bind :method => :simple, :username => dn, :password => password
-        end
-      }
-      result
-    end
-
-
-    # Adds a new entry to the remote LDAP server.
-    # Supported arguments:
-    # :dn :: Full DN of the new entry
-    # :attributes :: Attributes of the new entry.
-    #
-    # The attributes argument is supplied as a Hash keyed by Strings or Symbols
-    # giving the attribute name, and mapping to Strings or Arrays of Strings
-    # giving the actual attribute values. Observe that most LDAP directories
-    # enforce schema constraints on the attributes contained in entries.
-    # #add will fail with a server-generated error if your attributes violate
-    # the server-specific constraints.
-    # Here's an example:
-    #
-    #  dn = "cn=George Smith,ou=people,dc=example,dc=com"
-    #  attr = {
-    #    :cn => "George Smith",
-    #    :objectclass => ["top", "inetorgperson"],
-    #    :sn => "Smith",
-    #    :mail => "gsmith@example.com"
-    #  }
-    #  Net::LDAP.open (:host => host) do |ldap|
-    #    ldap.add( :dn => dn, :attributes => attr )
-    #  end
-    #
-    def add args
-      if @open_connection
-          @result = @open_connection.add( args )
-      else
-        @result = 0
-        conn = Connection.new( :host => @host, :port => @port, :encryption => @encryption)
-        if (@result = conn.bind( args[:auth] || @auth )) == 0
-          @result = conn.add( args )
-        end
-        conn.close
-      end
-      @result == 0
-    end
-
-
-    # Modifies the attribute values of a particular entry on the LDAP directory.
-    # Takes a hash with arguments. Supported arguments are:
-    # :dn :: (the full DN of the entry whose attributes are to be modified)
-    # :operations :: (the modifications to be performed, detailed next)
-    #
-    # This method returns True or False to indicate whether the operation
-    # succeeded or failed, with extended information available by calling
-    # #get_operation_result.
-    #
-    # Also see #add_attribute, #replace_attribute, or #delete_attribute, which
-    # provide simpler interfaces to this functionality.
-    #
-    # The LDAP protocol provides a full and well thought-out set of operations
-    # for changing the values of attributes, but they are necessarily somewhat complex
-    # and not always intuitive. If these instructions are confusing or incomplete,
-    # please send us email or create a bug report on rubyforge.
-    #
-    # The :operations parameter to #modify takes an array of operation-descriptors.
-    # Each individual operation is specified in one element of the array, and
-    # most LDAP servers will attempt to perform the operations in order.
-    #
-    # Each of the operations appearing in the Array must itself be an Array
-    # with exactly three elements:
-    # an operator:: must be :add, :replace, or :delete
-    # an attribute name:: the attribute name (string or symbol) to modify
-    # a value:: either a string or an array of strings.
-    #
-    # The :add operator will, unsurprisingly, add the specified values to
-    # the specified attribute. If the attribute does not already exist,
-    # :add will create it. Most LDAP servers will generate an error if you
-    # try to add a value that already exists.
-    #
-    # :replace will erase the current value(s) for the specified attribute,
-    # if there are any, and replace them with the specified value(s).
-    #
-    # :delete will remove the specified value(s) from the specified attribute.
-    # If you pass nil, an empty string, or an empty array as the value parameter
-    # to a :delete operation, the _entire_ _attribute_ will be deleted, along
-    # with all of its values.
-    #
-    # For example:
-    #
-    #  dn = "mail=modifyme@example.com,ou=people,dc=example,dc=com"
-    #  ops = [
-    #    [:add, :mail, "aliasaddress@example.com"],
-    #    [:replace, :mail, ["newaddress@example.com", "newalias@example.com"]],
-    #    [:delete, :sn, nil]
-    #  ]
-    #  ldap.modify :dn => dn, :operations => ops
-    #
-    # <i>(This example is contrived since you probably wouldn't add a mail
-    # value right before replacing the whole attribute, but it shows that order
-    # of execution matters. Also, many LDAP servers won't let you delete SN
-    # because that would be a schema violation.)</i>
-    #
-    # It's essential to keep in mind that if you specify more than one operation in
-    # a call to #modify, most LDAP servers will attempt to perform all of the operations
-    # in the order you gave them.
-    # This matters because you may specify operations on the
-    # same attribute which must be performed in a certain order.
-    #
-    # Most LDAP servers will _stop_ processing your modifications if one of them
-    # causes an error on the server (such as a schema-constraint violation).
-    # If this happens, you will probably get a result code from the server that
-    # reflects only the operation that failed, and you may or may not get extended
-    # information that will tell you which one failed. #modify has no notion
-    # of an atomic transaction. If you specify a chain of modifications in one
-    # call to #modify, and one of them fails, the preceding ones will usually
-    # not be "rolled back," resulting in a partial update. This is a limitation
-    # of the LDAP protocol, not of Net::LDAP.
-    #
-    # The lack of transactional atomicity in LDAP means that you're usually
-    # better off using the convenience methods #add_attribute, #replace_attribute,
-    # and #delete_attribute, which are are wrappers over #modify. However, certain
-    # LDAP servers may provide concurrency semantics, in which the several operations
-    # contained in a single #modify call are not interleaved with other
-    # modification-requests received simultaneously by the server.
-    # It bears repeating that this concurrency does _not_ imply transactional
-    # atomicity, which LDAP does not provide.
-    #
-    def modify args
-      if @open_connection
-          @result = @open_connection.modify( args )
-      else
-        @result = 0
-        conn = Connection.new( :host => @host, :port => @port, :encryption => @encryption )
-        if (@result = conn.bind( args[:auth] || @auth )) == 0
-          @result = conn.modify( args )
-        end
-        conn.close
-      end
-      @result == 0
-    end
-
-
-    # Add a value to an attribute.
-    # Takes the full DN of the entry to modify,
-    # the name (Symbol or String) of the attribute, and the value (String or
-    # Array). If the attribute does not exist (and there are no schema violations),
-    # #add_attribute will create it with the caller-specified values.
-    # If the attribute already exists (and there are no schema violations), the
-    # caller-specified values will be _added_ to the values already present.
-    #
-    # Returns True or False to indicate whether the operation
-    # succeeded or failed, with extended information available by calling
-    # #get_operation_result. See also #replace_attribute and #delete_attribute.
-    #
-    #  dn = "cn=modifyme,dc=example,dc=com"
-    #  ldap.add_attribute dn, :mail, "newmailaddress@example.com"
-    #
-    def add_attribute dn, attribute, value
-      modify :dn => dn, :operations => [[:add, attribute, value]]
-    end
-
-    # Replace the value of an attribute.
-    # #replace_attribute can be thought of as equivalent to calling #delete_attribute
-    # followed by #add_attribute. It takes the full DN of the entry to modify,
-    # the name (Symbol or String) of the attribute, and the value (String or
-    # Array). If the attribute does not exist, it will be created with the
-    # caller-specified value(s). If the attribute does exist, its values will be
-    # _discarded_ and replaced with the caller-specified values.
-    #
-    # Returns True or False to indicate whether the operation
-    # succeeded or failed, with extended information available by calling
-    # #get_operation_result. See also #add_attribute and #delete_attribute.
-    #
-    #  dn = "cn=modifyme,dc=example,dc=com"
-    #  ldap.replace_attribute dn, :mail, "newmailaddress@example.com"
-    #
-    def replace_attribute dn, attribute, value
-      modify :dn => dn, :operations => [[:replace, attribute, value]]
-    end
-
-    # Delete an attribute and all its values.
-    # Takes the full DN of the entry to modify, and the
-    # name (Symbol or String) of the attribute to delete.
-    #
-    # Returns True or False to indicate whether the operation
-    # succeeded or failed, with extended information available by calling
-    # #get_operation_result. See also #add_attribute and #replace_attribute.
-    #
-    #  dn = "cn=modifyme,dc=example,dc=com"
-    #  ldap.delete_attribute dn, :mail
-    #
-    def delete_attribute dn, attribute
-      modify :dn => dn, :operations => [[:delete, attribute, nil]]
-    end
-
-
-    # Rename an entry on the remote DIS by changing the last RDN of its DN.
-    # _Documentation_ _stub_
-    #
-    def rename args
-      if @open_connection
-          @result = @open_connection.rename( args )
-      else
-        @result = 0
-        conn = Connection.new( :host => @host, :port => @port, :encryption => @encryption )
-        if (@result = conn.bind( args[:auth] || @auth )) == 0
-          @result = conn.rename( args )
-        end
-        conn.close
-      end
-      @result == 0
-    end
-
-    # modify_rdn is an alias for #rename.
-    def modify_rdn args
-      rename args
-    end
-
-    # Delete an entry from the LDAP directory.
-    # Takes a hash of arguments.
-    # The only supported argument is :dn, which must
-    # give the complete DN of the entry to be deleted.
-    # Returns True or False to indicate whether the delete
-    # succeeded. Extended status information is available by
-    # calling #get_operation_result.
-    #
-    #  dn = "mail=deleteme@example.com,ou=people,dc=example,dc=com"
-    #  ldap.delete :dn => dn
-    #
-    def delete args
-      if @open_connection
-          @result = @open_connection.delete( args )
-      else
-        @result = 0
-        conn = Connection.new( :host => @host, :port => @port, :encryption => @encryption )
-        if (@result = conn.bind( args[:auth] || @auth )) == 0
-          @result = conn.delete( args )
-        end
-        conn.close
-      end
-      @result == 0
-    end
-
-  end # class LDAP
-
-
-
-  class LDAP
-  # This is a private class used internally by the library. It should not be called by user code.
-  class Connection # :nodoc:
-
-    LdapVersion = 3
-
-
-    #--
-    # initialize
-    #
-    def initialize server
-      begin
-        @conn = TCPsocket.new( server[:host], server[:port] )
-      rescue
-        raise LdapError.new( "no connection to server" )
-      end
-
-      if server[:encryption]
-        setup_encryption server[:encryption]
-      end
-
-      yield self if block_given?
-    end
-
-
-    #--
-    # Helper method called only from new, and only after we have a successfully-opened
-    # @conn instance variable, which is a TCP connection.
-    # Depending on the received arguments, we establish SSL, potentially replacing
-    # the value of @conn accordingly.
-    # Don't generate any errors here if no encryption is requested.
-    # DO raise LdapError objects if encryption is requested and we have trouble setting
-    # it up. That includes if OpenSSL is not set up on the machine. (Question:
-    # how does the Ruby OpenSSL wrapper react in that case?)
-    # DO NOT filter exceptions raised by the OpenSSL library. Let them pass back
-    # to the user. That should make it easier for us to debug the problem reports.
-    # Presumably (hopefully?) that will also produce recognizable errors if someone
-    # tries to use this on a machine without OpenSSL.
-    #
-    # The simple_tls method is intended as the simplest, stupidest, easiest solution
-    # for people who want nothing more than encrypted comms with the LDAP server.
-    # It doesn't do any server-cert validation and requires nothing in the way
-    # of key files and root-cert files, etc etc.
-    # OBSERVE: WE REPLACE the value of @conn, which is presumed to be a connected
-    # TCPsocket object.
-    #
-    def setup_encryption args
-      case args[:method]
-      when :simple_tls
-        raise LdapError.new("openssl unavailable") unless $net_ldap_openssl_available
-        ctx = OpenSSL::SSL::SSLContext.new
-        @conn = OpenSSL::SSL::SSLSocket.new(@conn, ctx)
-        @conn.connect
-        @conn.sync_close = true
-      # additional branches requiring server validation and peer certs, etc. go here.
-      else
-        raise LdapError.new( "unsupported encryption method #{args[:method]}" )
-      end
-    end
-
-    #--
-    # close
-    # This is provided as a convenience method to make
-    # sure a connection object gets closed without waiting
-    # for a GC to happen. Clients shouldn't have to call it,
-    # but perhaps it will come in handy someday.
-    def close
-      @conn.close
-      @conn = nil
-    end
-
-    #--
-    # next_msgid
-    #
-    def next_msgid
-      @msgid ||= 0
-      @msgid += 1
-    end
-
-
-    #--
-    # bind
-    #
-    def bind auth
-      user,psw = case auth[:method]
-      when :anonymous
-        ["",""]
-      when :simple
-        [auth[:username] || auth[:dn], auth[:password]]
-      end
-      raise LdapError.new( "invalid binding information" ) unless (user && psw)
-
-      msgid = next_msgid.to_ber
-      request = [LdapVersion.to_ber, user.to_ber, psw.to_ber_contextspecific(0)].to_ber_appsequence(0)
-      request_pkt = [msgid, request].to_ber_sequence
-      @conn.write request_pkt
-
-      (be = @conn.read_ber(AsnSyntax) and pdu = Net::LdapPdu.new( be )) or raise LdapError.new( "no bind result" )
-      pdu.result_code
-    end
-
-    #--
-    # search
-    # Alternate implementation, this yields each search entry to the caller
-    # as it are received.
-    # TODO, certain search parameters are hardcoded.
-    # TODO, if we mis-parse the server results or the results are wrong, we can block
-    # forever. That's because we keep reading results until we get a type-5 packet,
-    # which might never come. We need to support the time-limit in the protocol.
-    #--
-    # WARNING: this code substantially recapitulates the searchx method.
-    #
-    # 02May06: Well, I added support for RFC-2696-style paged searches.
-    # This is used on all queries because the extension is marked non-critical.
-    # As far as I know, only A/D uses this, but it's required for A/D. Otherwise
-    # you won't get more than 1000 results back from a query.
-    # This implementation is kindof clunky and should probably be refactored.
-    # Also, is it my imagination, or are A/Ds the slowest directory servers ever???
-    #
-    def search args = {}
-      search_filter = (args && args[:filter]) || Filter.eq( "objectclass", "*" )
-      search_filter = Filter.construct(search_filter) if search_filter.is_a?(String)
-      search_base = (args && args[:base]) || "dc=example,dc=com"
-      search_attributes = ((args && args[:attributes]) || []).map {|attr| attr.to_s.to_ber}
-      return_referrals = args && args[:return_referrals] == true
-
-      attributes_only = (args and args[:attributes_only] == true)
-      scope = args[:scope] || Net::LDAP::SearchScope_WholeSubtree
-      raise LdapError.new( "invalid search scope" ) unless SearchScopes.include?(scope)
-
-      # An interesting value for the size limit would be close to A/D's built-in
-      # page limit of 1000 records, but openLDAP newer than version 2.2.0 chokes
-      # on anything bigger than 126. You get a silent error that is easily visible
-      # by running slapd in debug mode. Go figure.
-      rfc2696_cookie = [126, ""]
-      result_code = 0
-
-      loop {
-        # should collect this into a private helper to clarify the structure
-
-        request = [
-          search_base.to_ber,
-          scope.to_ber_enumerated,
-          0.to_ber_enumerated,
-          0.to_ber,
-          0.to_ber,
-          attributes_only.to_ber,
-          search_filter.to_ber,
-          search_attributes.to_ber_sequence
-        ].to_ber_appsequence(3)
-  
-        controls = [
-          [
-          LdapControls::PagedResults.to_ber,
-          false.to_ber, # criticality MUST be false to interoperate with normal LDAPs.
-          rfc2696_cookie.map{|v| v.to_ber}.to_ber_sequence.to_s.to_ber
-          ].to_ber_sequence
-        ].to_ber_contextspecific(0)
-
-        pkt = [next_msgid.to_ber, request, controls].to_ber_sequence
-        @conn.write pkt
-
-        result_code = 0
-        controls = []
-
-        while (be = @conn.read_ber(AsnSyntax)) && (pdu = LdapPdu.new( be ))
-          case pdu.app_tag
-          when 4 # search-data
-            yield( pdu.search_entry ) if block_given?
-          when 19 # search-referral
-            if return_referrals
-              if block_given?
-                se = Net::LDAP::Entry.new
-                se[:search_referrals] = (pdu.search_referrals || [])
-                yield se
-              end
-            end
-            #p pdu.referrals
-          when 5 # search-result
-            result_code = pdu.result_code
-            controls = pdu.result_controls
-            break
-          else
-            raise LdapError.new( "invalid response-type in search: #{pdu.app_tag}" )
-          end
-        end
-
-        # When we get here, we have seen a type-5 response.
-        # If there is no error AND there is an RFC-2696 cookie,
-        # then query again for the next page of results.
-        # If not, we're done.
-        # Don't screw this up or we'll break every search we do.
-        more_pages = false
-        if result_code == 0 and controls
-          controls.each do |c|
-            if c.oid == LdapControls::PagedResults
-              more_pages = false # just in case some bogus server sends us >1 of these.
-              if c.value and c.value.length > 0
-                cookie = c.value.read_ber[1]
-                if cookie and cookie.length > 0
-                  rfc2696_cookie[1] = cookie
-                  more_pages = true
-                end
-              end
-            end
-          end
-        end
-
-        break unless more_pages
-      } # loop
-
-      result_code
-    end
-
-
-
-
-    #--
-    # modify
-    # TODO, need to support a time limit, in case the server fails to respond.
-    # TODO!!! We're throwing an exception here on empty DN.
-    # Should return a proper error instead, probaby from farther up the chain.
-    # TODO!!! If the user specifies a bogus opcode, we'll throw a
-    # confusing error here ("to_ber_enumerated is not defined on nil").
-    #
-    def modify args
-      modify_dn = args[:dn] or raise "Unable to modify empty DN"
-      modify_ops = []
-      a = args[:operations] and a.each {|op, attr, values|
-        # TODO, fix the following line, which gives a bogus error
-        # if the opcode is invalid.
-        op_1 = {:add => 0, :delete => 1, :replace => 2} [op.to_sym].to_ber_enumerated
-        modify_ops << [op_1, [attr.to_s.to_ber, values.to_a.map {|v| v.to_ber}.to_ber_set].to_ber_sequence].to_ber_sequence
-      }
-
-      request = [modify_dn.to_ber, modify_ops.to_ber_sequence].to_ber_appsequence(6)
-      pkt = [next_msgid.to_ber, request].to_ber_sequence
-      @conn.write pkt
-
-      (be = @conn.read_ber(AsnSyntax)) && (pdu = LdapPdu.new( be )) && (pdu.app_tag == 7) or raise LdapError.new( "response missing or invalid" )
-      pdu.result_code
-    end
-
-
-    #--
-    # add
-    # TODO, need to support a time limit, in case the server fails to respond.
-    #
-    def add args
-      add_dn = args[:dn] or raise LdapError.new("Unable to add empty DN")
-      add_attrs = []
-      a = args[:attributes] and a.each {|k,v|
-        add_attrs << [ k.to_s.to_ber, v.to_a.map {|m| m.to_ber}.to_ber_set ].to_ber_sequence
-      }
-
-      request = [add_dn.to_ber, add_attrs.to_ber_sequence].to_ber_appsequence(8)
-      pkt = [next_msgid.to_ber, request].to_ber_sequence
-      @conn.write pkt
-
-      (be = @conn.read_ber(AsnSyntax)) && (pdu = LdapPdu.new( be )) && (pdu.app_tag == 9) or raise LdapError.new( "response missing or invalid" )
-      pdu.result_code
-    end
-
-
-    #--
-    # rename
-    # TODO, need to support a time limit, in case the server fails to respond.
-    #
-    def rename args
-      old_dn = args[:olddn] or raise "Unable to rename empty DN"
-      new_rdn = args[:newrdn] or raise "Unable to rename to empty RDN"
-      delete_attrs = args[:delete_attributes] ? true : false
-
-      request = [old_dn.to_ber, new_rdn.to_ber, delete_attrs.to_ber].to_ber_appsequence(12)
-      pkt = [next_msgid.to_ber, request].to_ber_sequence
-      @conn.write pkt
-
-      (be = @conn.read_ber(AsnSyntax)) && (pdu = LdapPdu.new( be )) && (pdu.app_tag == 13) or raise LdapError.new( "response missing or invalid" )
-      pdu.result_code
-    end
-
-
-    #--
-    # delete
-    # TODO, need to support a time limit, in case the server fails to respond.
-    #
-    def delete args
-      dn = args[:dn] or raise "Unable to delete empty DN"
-
-      request = dn.to_s.to_ber_application_string(10)
-      pkt = [next_msgid.to_ber, request].to_ber_sequence
-      @conn.write pkt
-
-      (be = @conn.read_ber(AsnSyntax)) && (pdu = LdapPdu.new( be )) && (pdu.app_tag == 11) or raise LdapError.new( "response missing or invalid" )
-      pdu.result_code
-    end
-
-
-  end # class Connection
-  end # class LDAP
-
-
-end # module Net
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/dataset.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/dataset.rb
deleted file mode 100644
index 1480a8f84..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/dataset.rb
+++ /dev/null
@@ -1,108 +0,0 @@
-# $Id: dataset.rb 78 2006-04-26 02:57:34Z blackhedd $
-#
-#
-#----------------------------------------------------------------------------
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Gmail: garbagecat10
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-#---------------------------------------------------------------------------
-#
-#
-
-
-
-
-module Net
-class LDAP
-
-class Dataset < Hash
-
-  attr_reader :comments
-
-
-  def Dataset::read_ldif io
-    ds = Dataset.new
-
-    line = io.gets && chomp
-    dn = nil
-
-    while line
-      io.gets and chomp
-      if $_ =~ /^[\s]+/
-        line << " " << $'
-      else
-        nextline = $_
-
-        if line =~ /^\#/
-          ds.comments << line
-        elsif line =~ /^dn:[\s]*/i
-          dn = $'
-          ds[dn] = Hash.new {|k,v| k[v] = []}
-        elsif line.length == 0
-          dn = nil
-        elsif line =~ /^([^:]+):([\:]?)[\s]*/
-          # $1 is the attribute name
-          # $2 is a colon iff the attr-value is base-64 encoded
-          # $' is the attr-value
-          # Avoid the Base64 class because not all Ruby versions have it.
-          attrvalue = ($2 == ":") ? $'.unpack('m').shift : $'
-          ds[dn][$1.downcase.intern] << attrvalue
-        end
-
-        line = nextline
-      end
-    end
-  
-    ds
-  end
-
-
-  def initialize
-    @comments = []
-  end
-
-
-  def to_ldif
-    ary = []
-    ary += (@comments || [])
-
-    keys.sort.each {|dn|
-      ary << "dn: #{dn}"
-
-      self[dn].keys.map {|sym| sym.to_s}.sort.each {|attr|
-        self[dn][attr.intern].each {|val|
-          ary << "#{attr}: #{val}"
-        }
-      }
-
-      ary << ""
-    }
-
-    block_given? and ary.each {|line| yield line}
-
-    ary
-  end
-
-
-end # Dataset
-
-end # LDAP
-end # Net
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/entry.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/entry.rb
deleted file mode 100644
index 8978545ee..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/entry.rb
+++ /dev/null
@@ -1,165 +0,0 @@
-# $Id: entry.rb 123 2006-05-18 03:52:38Z blackhedd $
-#
-# LDAP Entry (search-result) support classes
-#
-#
-#----------------------------------------------------------------------------
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Gmail: garbagecat10
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-#---------------------------------------------------------------------------
-#
-
-
-
-
-module Net
-class LDAP
-
-
-  # Objects of this class represent individual entries in an LDAP
-  # directory. User code generally does not instantiate this class.
-  # Net::LDAP#search provides objects of this class to user code,
-  # either as block parameters or as return values.
-  #
-  # In LDAP-land, an "entry" is a collection of attributes that are
-  # uniquely and globally identified by a DN ("Distinguished Name").
-  # Attributes are identified by short, descriptive words or phrases.
-  # Although a directory is
-  # free to implement any attribute name, most of them follow rigorous
-  # standards so that the range of commonly-encountered attribute
-  # names is not large.
-  #
-  # An attribute name is case-insensitive. Most directories also
-  # restrict the range of characters allowed in attribute names.
-  # To simplify handling attribute names, Net::LDAP::Entry
-  # internally converts them to a standard format. Therefore, the
-  # methods which take attribute names can take Strings or Symbols,
-  # and work correctly regardless of case or capitalization.
-  #
-  # An attribute consists of zero or more data items called
-  # <i>values.</i> An entry is the combination of a unique DN, a set of attribute
-  # names, and a (possibly-empty) array of values for each attribute.
-  #
-  # Class Net::LDAP::Entry provides convenience methods for dealing
-  # with LDAP entries.
-  # In addition to the methods documented below, you may access individual
-  # attributes of an entry simply by giving the attribute name as
-  # the name of a method call. For example:
-  #  ldap.search( ... ) do |entry|
-  #    puts "Common name: #{entry.cn}"
-  #    puts "Email addresses:"
-  #      entry.mail.each {|ma| puts ma}
-  #  end
-  # If you use this technique to access an attribute that is not present
-  # in a particular Entry object, a NoMethodError exception will be raised.
-  #
-  #--
-  # Ugly problem to fix someday: We key off the internal hash with
-  # a canonical form of the attribute name: convert to a string,
-  # downcase, then take the symbol. Unfortunately we do this in
-  # at least three places. Should do it in ONE place.
-  class Entry
-
-    # This constructor is not generally called by user code.
-    def initialize dn = nil # :nodoc:
-      @myhash = Hash.new {|k,v| k[v] = [] }
-      @myhash[:dn] = [dn]
-    end
-
-
-    def []= name, value # :nodoc:
-      sym = name.to_s.downcase.intern
-      @myhash[sym] = value
-    end
-
-
-    #--
-    # We have to deal with this one as we do with []=
-    # because this one and not the other one gets called
-    # in formulations like entry["CN"] << cn.
-    #
-    def [] name # :nodoc:
-      name = name.to_s.downcase.intern unless name.is_a?(Symbol)
-      @myhash[name]
-    end
-
-    # Returns the dn of the Entry as a String.
-    def dn
-      self[:dn][0]
-    end
-
-    # Returns an array of the attribute names present in the Entry.
-    def attribute_names
-      @myhash.keys
-    end
-
-    # Accesses each of the attributes present in the Entry.
-    # Calls a user-supplied block with each attribute in turn,
-    # passing two arguments to the block: a Symbol giving
-    # the name of the attribute, and a (possibly empty)
-    # Array of data values.
-    #
-    def each
-      if block_given?
-        attribute_names.each {|a|
-          attr_name,values = a,self[a]
-          yield attr_name, values
-        }
-      end
-    end
-
-    alias_method :each_attribute, :each
-
-
-    #--
-    # Convenience method to convert unknown method names
-    # to attribute references. Of course the method name
-    # comes to us as a symbol, so let's save a little time
-    # and not bother with the to_s.downcase two-step.
-    # Of course that means that a method name like mAIL
-    # won't work, but we shouldn't be encouraging that
-    # kind of bad behavior in the first place.
-    # Maybe we should thow something if the caller sends
-    # arguments or a block...
-    #
-    def method_missing *args, &block # :nodoc:
-      s = args[0].to_s.downcase.intern
-      if attribute_names.include?(s)
-        self[s]
-      elsif s.to_s[-1] == 61 and s.to_s.length > 1
-        value = args[1] or raise RuntimeError.new( "unable to set value" )
-        value = [value] unless value.is_a?(Array)
-        name = s.to_s[0..-2].intern
-        self[name] = value
-      else
-        raise NoMethodError.new( "undefined method '#{s}'" )
-      end
-    end
-
-    def write
-    end
-
-  end # class Entry
-
-
-end # class LDAP
-end # module Net
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/filter.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/filter.rb
deleted file mode 100644
index 4d06c26f3..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/filter.rb
+++ /dev/null
@@ -1,387 +0,0 @@
-# $Id: filter.rb 151 2006-08-15 08:34:53Z blackhedd $
-#
-#
-#----------------------------------------------------------------------------
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Gmail: garbagecat10
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-#---------------------------------------------------------------------------
-#
-#
-
-
-module Net
-class LDAP
-
-
-# Class Net::LDAP::Filter is used to constrain
-# LDAP searches. An object of this class is
-# passed to Net::LDAP#search in the parameter :filter.
-#
-# Net::LDAP::Filter supports the complete set of search filters
-# available in LDAP, including conjunction, disjunction and negation
-# (AND, OR, and NOT). This class supplants the (infamous) RFC-2254
-# standard notation for specifying LDAP search filters.
-#
-# Here's how to code the familiar "objectclass is present" filter:
-#  f = Net::LDAP::Filter.pres( "objectclass" )
-# The object returned by this code can be passed directly to
-# the <tt>:filter</tt> parameter of Net::LDAP#search.
-#
-# See the individual class and instance methods below for more examples.
-#
-class Filter
-
-  def initialize op, a, b
-    @op = op
-    @left = a
-    @right = b
-  end
-
-  # #eq creates a filter object indicating that the value of
-  # a paticular attribute must be either <i>present</i> or must
-  # match a particular string.
-  #
-  # To specify that an attribute is "present" means that only
-  # directory entries which contain a value for the particular
-  # attribute will be selected by the filter. This is useful
-  # in case of optional attributes such as <tt>mail.</tt>
-  # Presence is indicated by giving the value "*" in the second
-  # parameter to #eq. This example selects only entries that have
-  # one or more values for <tt>sAMAccountName:</tt>
-  #  f = Net::LDAP::Filter.eq( "sAMAccountName", "*" )
-  #
-  # To match a particular range of values, pass a string as the
-  # second parameter to #eq. The string may contain one or more
-  # "*" characters as wildcards: these match zero or more occurrences
-  # of any character. Full regular-expressions are <i>not</i> supported
-  # due to limitations in the underlying LDAP protocol.
-  # This example selects any entry with a <tt>mail</tt> value containing
-  # the substring "anderson":
-  #  f = Net::LDAP::Filter.eq( "mail", "*anderson*" )
-  #--
-  # Removed gt and lt. They ain't in the standard!
-  #
-  def Filter::eq attribute, value; Filter.new :eq, attribute, value; end
-  def Filter::ne attribute, value; Filter.new :ne, attribute, value; end
-  #def Filter::gt attribute, value; Filter.new :gt, attribute, value; end
-  #def Filter::lt attribute, value; Filter.new :lt, attribute, value; end
-  def Filter::ge attribute, value; Filter.new :ge, attribute, value; end
-  def Filter::le attribute, value; Filter.new :le, attribute, value; end
-
-  # #pres( attribute ) is a synonym for #eq( attribute, "*" )
-  #
-  def Filter::pres attribute; Filter.eq attribute, "*"; end
-
-  # operator & ("AND") is used to conjoin two or more filters.
-  # This expression will select only entries that have an <tt>objectclass</tt>
-  # attribute AND have a <tt>mail</tt> attribute that begins with "George":
-  #  f = Net::LDAP::Filter.pres( "objectclass" ) & Net::LDAP::Filter.eq( "mail", "George*" )
-  #
-  def & filter; Filter.new :and, self, filter; end
-
-  # operator | ("OR") is used to disjoin two or more filters.
-  # This expression will select entries that have either an <tt>objectclass</tt>
-  # attribute OR a <tt>mail</tt> attribute that begins with "George":
-  #  f = Net::LDAP::Filter.pres( "objectclass" ) | Net::LDAP::Filter.eq( "mail", "George*" )
-  #
-  def | filter; Filter.new :or, self, filter; end
-
-
-  #
-  # operator ~ ("NOT") is used to negate a filter.
-  # This expression will select only entries that <i>do not</i> have an <tt>objectclass</tt>
-  # attribute:
-  #  f = ~ Net::LDAP::Filter.pres( "objectclass" )
-  #
-  #--
-  # This operator can't be !, evidently. Try it.
-  # Removed GT and LT. They're not in the RFC.
-  def ~@; Filter.new :not, self, nil; end
-
-
-  def to_s
-    case @op
-    when :ne
-      "(!(#{@left}=#{@right}))"
-    when :eq
-      "(#{@left}=#{@right})"
-    #when :gt
-     # "#{@left}>#{@right}"
-    #when :lt
-     # "#{@left}<#{@right}"
-    when :ge
-      "#{@left}>=#{@right}"
-    when :le
-      "#{@left}<=#{@right}"
-    when :and
-      "(&(#{@left})(#{@right}))"
-    when :or
-      "(|(#{@left})(#{@right}))"
-    when :not
-      "(!(#{@left}))"
-    else
-      raise "invalid or unsupported operator in LDAP Filter"
-    end
-  end
-
-
-  #--
-  # to_ber
-  # Filter ::=
-  #     CHOICE {
-  #         and            [0] SET OF Filter,
-  #         or             [1] SET OF Filter,
-  #         not            [2] Filter,
-  #         equalityMatch  [3] AttributeValueAssertion,
-  #         substrings     [4] SubstringFilter,
-  #         greaterOrEqual [5] AttributeValueAssertion,
-  #         lessOrEqual    [6] AttributeValueAssertion,
-  #         present        [7] AttributeType,
-  #         approxMatch    [8] AttributeValueAssertion
-  #     }
-  #
-  # SubstringFilter
-  #     SEQUENCE {
-  #         type               AttributeType,
-  #         SEQUENCE OF CHOICE {
-  #             initial        [0] LDAPString,
-  #             any            [1] LDAPString,
-  #             final          [2] LDAPString
-  #         }
-  #     }
-  #
-  # Parsing substrings is a little tricky.
-  # We use the split method to break a string into substrings
-  # delimited by the * (star) character. But we also need
-  # to know whether there is a star at the head and tail
-  # of the string. A Ruby particularity comes into play here:
-  # if you split on * and the first character of the string is
-  # a star, then split will return an array whose first element
-  # is an _empty_ string. But if the _last_ character of the
-  # string is star, then split will return an array that does
-  # _not_ add an empty string at the end. So we have to deal
-  # with all that specifically.
-  #
-  def to_ber
-    case @op
-    when :eq
-      if @right == "*"          # present
-        @left.to_s.to_ber_contextspecific 7
-      elsif @right =~ /[\*]/    #substring
-        ary = @right.split( /[\*]+/ )
-        final_star = @right =~ /[\*]$/
-        initial_star = ary.first == "" and ary.shift
-
-        seq = []
-        unless initial_star
-          seq << ary.shift.to_ber_contextspecific(0)
-        end
-        n_any_strings = ary.length - (final_star ? 0 : 1)
-        #p n_any_strings
-        n_any_strings.times {
-          seq << ary.shift.to_ber_contextspecific(1)
-        }
-        unless final_star
-          seq << ary.shift.to_ber_contextspecific(2)
-        end
-        [@left.to_s.to_ber, seq.to_ber].to_ber_contextspecific 4
-      else                      #equality
-        [@left.to_s.to_ber, @right.to_ber].to_ber_contextspecific 3
-      end
-    when :ge
-      [@left.to_s.to_ber, @right.to_ber].to_ber_contextspecific 5
-    when :le
-      [@left.to_s.to_ber, @right.to_ber].to_ber_contextspecific 6
-    when :and
-      ary = [@left.coalesce(:and), @right.coalesce(:and)].flatten
-      ary.map {|a| a.to_ber}.to_ber_contextspecific( 0 )
-    when :or
-      ary = [@left.coalesce(:or), @right.coalesce(:or)].flatten
-      ary.map {|a| a.to_ber}.to_ber_contextspecific( 1 )
-    when :not
-        [@left.to_ber].to_ber_contextspecific 2
-    else
-      # ERROR, we'll return objectclass=* to keep things from blowing up,
-      # but that ain't a good answer and we need to kick out an error of some kind.
-      raise "unimplemented search filter"
-    end
-  end
-
-  #--
-  # coalesce
-  # This is a private helper method for dealing with chains of ANDs and ORs
-  # that are longer than two. If BOTH of our branches are of the specified
-  # type of joining operator, then return both of them as an array (calling
-  # coalesce recursively). If they're not, then return an array consisting
-  # only of self.
-  #
-  def coalesce operator
-    if @op == operator
-      [@left.coalesce( operator ), @right.coalesce( operator )]
-    else
-      [self]
-    end
-  end
-
-
-
-  #--
-  # We get a Ruby object which comes from parsing an RFC-1777 "Filter"
-  # object. Convert it to a Net::LDAP::Filter.
-  # TODO, we're hardcoding the RFC-1777 BER-encodings of the various
-  # filter types. Could pull them out into a constant.
-  #
-  def Filter::parse_ldap_filter obj
-    case obj.ber_identifier
-    when 0x87         # present. context-specific primitive 7.
-      Filter.eq( obj.to_s, "*" )
-    when 0xa3         # equalityMatch. context-specific constructed 3.
-      Filter.eq( obj[0], obj[1] )
-    else
-      raise LdapError.new( "unknown ldap search-filter type: #{obj.ber_identifier}" )
-    end
-  end
-
-
-  #--
-  # We got a hash of attribute values.
-  # Do we match the attributes?
-  # Return T/F, and call match recursively as necessary.
-  def match entry
-    case @op
-    when :eq
-      if @right == "*"
-        l = entry[@left] and l.length > 0
-      else
-        l = entry[@left] and l = l.to_a and l.index(@right)
-      end
-    else
-      raise LdapError.new( "unknown filter type in match: #{@op}" )
-    end
-  end
-
-  # Converts an LDAP filter-string (in the prefix syntax specified in RFC-2254)
-  # to a Net::LDAP::Filter.
-  def self.construct ldap_filter_string
-    FilterParser.new(ldap_filter_string).filter
-  end
-
-  # Synonym for #construct.
-  # to a Net::LDAP::Filter.
-  def self.from_rfc2254 ldap_filter_string
-    construct ldap_filter_string
-  end
-
-end # class Net::LDAP::Filter
-
-
-
-class FilterParser #:nodoc:
-
-  attr_reader :filter
-
-  def initialize str
-    require 'strscan'
-    @filter = parse( StringScanner.new( str )) or raise Net::LDAP::LdapError.new( "invalid filter syntax" )
-  end
-
-  def parse scanner
-    parse_filter_branch(scanner) or parse_paren_expression(scanner)
-  end
-
-  def parse_paren_expression scanner
-    if scanner.scan(/\s*\(\s*/)
-      b = if scanner.scan(/\s*\&\s*/)
-        a = nil
-        branches = []
-        while br = parse_paren_expression(scanner)
-          branches << br
-        end
-        if branches.length >= 2
-          a = branches.shift
-          while branches.length > 0
-            a = a & branches.shift
-          end
-          a
-        end
-      elsif scanner.scan(/\s*\|\s*/)
-        # TODO: DRY!
-        a = nil
-        branches = []
-        while br = parse_paren_expression(scanner)
-          branches << br
-        end
-        if branches.length >= 2
-          a = branches.shift
-          while branches.length > 0
-            a = a | branches.shift
-          end
-          a
-        end
-      elsif scanner.scan(/\s*\!\s*/)
-        br = parse_paren_expression(scanner)
-        if br
-          ~ br
-        end
-      else
-        parse_filter_branch( scanner )
-      end
-
-      if b and scanner.scan( /\s*\)\s*/ )
-        b
-      end
-    end
-  end
-
-  # Added a greatly-augmented filter contributed by Andre Nathan
-  # for detecting special characters in values. (15Aug06)
-  def parse_filter_branch scanner
-    scanner.scan(/\s*/)
-    if token = scanner.scan( /[\w\-_]+/ )
-      scanner.scan(/\s*/)
-      if op = scanner.scan( /\=|\<\=|\<|\>\=|\>|\!\=/ )
-        scanner.scan(/\s*/)
-        #if value = scanner.scan( /[\w\*\.]+/ ) (ORG)
-        if value = scanner.scan( /[\w\*\.\+\-@=#\$%&!]+/ )
-          case op
-          when "="
-            Filter.eq( token, value )
-          when "!="
-            Filter.ne( token, value )
-          when "<"
-            Filter.lt( token, value )
-          when "<="
-            Filter.le( token, value )
-          when ">"
-            Filter.gt( token, value )
-          when ">="
-            Filter.ge( token, value )
-          end
-        end
-      end
-    end
-  end
-
-end # class Net::LDAP::FilterParser
-
-end # class Net::LDAP
-end # module Net
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/pdu.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/pdu.rb
deleted file mode 100644
index dbc0d6f10..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/pdu.rb
+++ /dev/null
@@ -1,205 +0,0 @@
-# $Id: pdu.rb 126 2006-05-31 15:55:16Z blackhedd $
-#
-# LDAP PDU support classes
-#
-#
-#----------------------------------------------------------------------------
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Gmail: garbagecat10
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-#---------------------------------------------------------------------------
-#
-
-
-
-module Net
-
-
-class LdapPduError < Exception; end
-
-
-class LdapPdu
-
-  BindResult = 1
-  SearchReturnedData = 4
-  SearchResult = 5
-  ModifyResponse = 7
-  AddResponse = 9
-  DeleteResponse = 11
-  ModifyRDNResponse = 13
-  SearchResultReferral = 19
-
-  attr_reader :msg_id, :app_tag
-  attr_reader :search_dn, :search_attributes, :search_entry
-  attr_reader :search_referrals
-
-  #
-  # initialize
-  # An LDAP PDU always looks like a BerSequence with
-  # at least two elements: an integer (message-id number), and
-  # an application-specific sequence.
-  # Some LDAPv3 packets also include an optional
-  # third element, which is a sequence of "controls"
-  # (See RFC 2251, section 4.1.12).
-  # The application-specific tag in the sequence tells
-  # us what kind of packet it is, and each kind has its
-  # own format, defined in RFC-1777.
-  # Observe that many clients (such as ldapsearch)
-  # do not necessarily enforce the expected application
-  # tags on received protocol packets. This implementation
-  # does interpret the RFC strictly in this regard, and
-  # it remains to be seen whether there are servers out
-  # there that will not work well with our approach.
-  #
-  # Added a controls-processor to SearchResult.
-  # Didn't add it everywhere because it just _feels_
-  # like it will need to be refactored.
-  #
-  def initialize ber_object
-    begin
-      @msg_id = ber_object[0].to_i
-      @app_tag = ber_object[1].ber_identifier - 0x60
-    rescue
-      # any error becomes a data-format error
-      raise LdapPduError.new( "ldap-pdu format error" )
-    end
-
-    case @app_tag
-    when BindResult
-      parse_ldap_result ber_object[1]
-    when SearchReturnedData
-      parse_search_return ber_object[1]
-    when SearchResultReferral
-      parse_search_referral ber_object[1]
-    when SearchResult
-      parse_ldap_result ber_object[1]
-      parse_controls(ber_object[2]) if ber_object[2]
-    when ModifyResponse
-      parse_ldap_result ber_object[1]
-    when AddResponse
-      parse_ldap_result ber_object[1]
-    when DeleteResponse
-      parse_ldap_result ber_object[1]
-    when ModifyRDNResponse
-      parse_ldap_result ber_object[1]
-    else
-      raise LdapPduError.new( "unknown pdu-type: #{@app_tag}" )
-    end
-  end
-
-  #
-  # result_code
-  # This returns an LDAP result code taken from the PDU,
-  # but it will be nil if there wasn't a result code.
-  # That can easily happen depending on the type of packet.
-  #
-  def result_code code = :resultCode
-    @ldap_result and @ldap_result[code]
-  end
-
-  # Return RFC-2251 Controls if any.
-  # Messy. Does this functionality belong somewhere else?
-  def result_controls
-    @ldap_controls || []
-  end
-
-
-  #
-  # parse_ldap_result
-  #
-  def parse_ldap_result sequence
-    sequence.length >= 3 or raise LdapPduError
-    @ldap_result = {:resultCode => sequence[0], :matchedDN => sequence[1], :errorMessage => sequence[2]}
-  end
-  private :parse_ldap_result
-
-  #
-  # parse_search_return
-  # Definition from RFC 1777 (we're handling application-4 here)
-  #
-  # Search Response ::=
-  #    CHOICE {
-  #         entry          [APPLICATION 4] SEQUENCE {
-  #                             objectName     LDAPDN,
-  #                             attributes     SEQUENCE OF SEQUENCE {
-  #                                                 AttributeType,
-  #                                                 SET OF AttributeValue
-  #                                            }
-  #                        },
-  #         resultCode     [APPLICATION 5] LDAPResult
-  #     }
-  #
-  # We concoct a search response that is a hash of the returned attribute values.
-  # NOW OBSERVE CAREFULLY: WE ARE DOWNCASING THE RETURNED ATTRIBUTE NAMES.
-  # This is to make them more predictable for user programs, but it
-  # may not be a good idea. Maybe this should be configurable.
-  # ALTERNATE IMPLEMENTATION: In addition to @search_dn and @search_attributes,
-  # we also return @search_entry, which is an LDAP::Entry object.
-  # If that works out well, then we'll remove the first two.
-  #
-  # Provisionally removed obsolete search_attributes and search_dn, 04May06.
-  #
-  def parse_search_return sequence
-    sequence.length >= 2 or raise LdapPduError
-    @search_entry = LDAP::Entry.new( sequence[0] )
-    #@search_dn = sequence[0]
-    #@search_attributes = {}
-    sequence[1].each {|seq|
-      @search_entry[seq[0]] = seq[1]
-      #@search_attributes[seq[0].downcase.intern] = seq[1]
-    }
-  end
-
-  #
-  # A search referral is a sequence of one or more LDAP URIs.
-  # Any number of search-referral replies can be returned by the server, interspersed
-  # with normal replies in any order.
-  # Until I can think of a better way to do this, we'll return the referrals as an array.
-  # It'll be up to higher-level handlers to expose something reasonable to the client.
-  def parse_search_referral uris
-    @search_referrals = uris
-  end
-
-
-  # Per RFC 2251, an LDAP "control" is a sequence of tuples, each consisting
-  # of an OID, a boolean criticality flag defaulting FALSE, and an OPTIONAL
-  # Octet String. If only two fields are given, the second one may be
-  # either criticality or data, since criticality has a default value.
-  # Someday we may want to come back here and add support for some of
-  # more-widely used controls. RFC-2696 is a good example.
-  #
-  def parse_controls sequence
-    @ldap_controls = sequence.map do |control|
-      o = OpenStruct.new
-      o.oid,o.criticality,o.value = control[0],control[1],control[2]
-      if o.criticality and o.criticality.is_a?(String)
-        o.value = o.criticality
-        o.criticality = false
-      end
-      o
-    end
-  end
-  private :parse_controls
-
-
-end
-
-
-end # module Net
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/psw.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/psw.rb
deleted file mode 100644
index 89d1ffdf2..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/psw.rb
+++ /dev/null
@@ -1,64 +0,0 @@
-# $Id: psw.rb 73 2006-04-24 21:59:35Z blackhedd $
-#
-#
-#----------------------------------------------------------------------------
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Gmail: garbagecat10
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-#---------------------------------------------------------------------------
-#
-#
-
-
-module Net
-class LDAP
-
-
-class Password
-  class << self
-
-  # Generate a password-hash suitable for inclusion in an LDAP attribute.
-  # Pass a hash type (currently supported: :md5 and :sha) and a plaintext
-  # password. This function will return a hashed representation.
-  # STUB: This is here to fulfill the requirements of an RFC, which one?
-  # TODO, gotta do salted-sha and (maybe) salted-md5.
-  # Should we provide sha1 as a synonym for sha1? I vote no because then
-  # should you also provide ssha1 for symmetry?
-  def generate( type, str )
-    case type
-    when :md5
-      require 'md5'
-      "{MD5}#{ [MD5.new( str.to_s ).digest].pack("m").chomp }"
-    when :sha
-      require 'sha1'
-      "{SHA}#{ [SHA1.new( str.to_s ).digest].pack("m").chomp }"
-    # when ssha
-    else
-      raise Net::LDAP::LdapError.new( "unsupported password-hash type (#{type})" )
-    end
-  end
-
-  end
-end
-
-
-end # class LDAP
-end # module Net
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldif.rb b/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldif.rb
deleted file mode 100644
index 1641bda4b..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldif.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-# $Id: ldif.rb 78 2006-04-26 02:57:34Z blackhedd $
-#
-# Net::LDIF for Ruby
-#
-#
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-#
-# Gmail: garbagecat10
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-#
-
-# THIS FILE IS A STUB.
-
-module Net
-
-  class LDIF
-
-
-  end # class LDIF
-
-
-end # module Net
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testber.rb b/vendor/plugins/ruby-net-ldap-0.0.4/tests/testber.rb
deleted file mode 100644
index 4fe2e3071..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testber.rb
+++ /dev/null
@@ -1,42 +0,0 @@
-# $Id: testber.rb 57 2006-04-18 00:18:48Z blackhedd $
-#
-#
-
-
-$:.unshift "lib"
-
-require 'net/ldap'
-require 'stringio'
-
-
-class TestBer < Test::Unit::TestCase
-
-  def setup
-  end
-
-  # TODO: Add some much bigger numbers
-  # 5000000000 is a Bignum, which hits different code.
-  def test_ber_integers
-    assert_equal( "\002\001\005", 5.to_ber )
-    assert_equal( "\002\002\203t", 500.to_ber )
-    assert_equal( "\002\003\203\206P", 50000.to_ber )
-    assert_equal( "\002\005\222\320\227\344\000", 5000000000.to_ber )
-  end
-
-  def test_ber_parsing
-    assert_equal( 6, "\002\001\006".read_ber( Net::LDAP::AsnSyntax ))
-    assert_equal( "testing", "\004\007testing".read_ber( Net::LDAP::AsnSyntax ))
-  end
-
-
-  def test_ber_parser_on_ldap_bind_request
-    s = StringIO.new "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus"
-    assert_equal( [1, [3, "Administrator", "ad_is_bogus"]], s.read_ber( Net::LDAP::AsnSyntax ))
-  end
-
-
-
-
-end
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testdata.ldif b/vendor/plugins/ruby-net-ldap-0.0.4/tests/testdata.ldif
deleted file mode 100644
index eb5610d5f..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testdata.ldif
+++ /dev/null
@@ -1,101 +0,0 @@
-# $Id: testdata.ldif 50 2006-04-17 17:57:33Z blackhedd $
-#
-# This is test-data for an LDAP server in LDIF format.
-#
-dn: dc=bayshorenetworks,dc=com
-objectClass: dcObject
-objectClass: organization
-o: Bayshore Networks LLC
-dc: bayshorenetworks
-
-dn: cn=Manager,dc=bayshorenetworks,dc=com
-objectClass: organizationalrole
-cn: Manager
-
-dn: ou=people,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: people
-
-dn: ou=privileges,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: privileges
-
-dn: ou=roles,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: roles
-
-dn: ou=office,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: office
-
-dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Bob Fosse
-mail: nogoodnik@steamheat.net
-sn: Fosse
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
-hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
-hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
-hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
-hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
-hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
-
-dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Gwen Verdon
-mail: elephant@steamheat.net
-sn: Verdon
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
-
-dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
-uniqueIdentifier: engineering
-ou: privileges
-objectClass: accessPrivilege
-
-dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: engineer
-ou: roles
-objectClass: accessRole
-hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
-
-dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: ldapadmin
-ou: roles
-objectClass: accessRole
-
-dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: ldapsuperadmin
-ou: roles
-objectClass: accessRole
-
-dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Sid Sorokin
-mail: catperson@steamheat.net
-sn: Sorokin
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
-hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testem.rb b/vendor/plugins/ruby-net-ldap-0.0.4/tests/testem.rb
deleted file mode 100644
index 46b4909cb..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testem.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-# $Id: testem.rb 121 2006-05-15 18:36:24Z blackhedd $
-#
-#
-
-require 'test/unit'
-require 'tests/testber'
-require 'tests/testldif'
-require 'tests/testldap'
-require 'tests/testpsw'
-require 'tests/testfilter'
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testfilter.rb b/vendor/plugins/ruby-net-ldap-0.0.4/tests/testfilter.rb
deleted file mode 100644
index b8fb40996..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testfilter.rb
+++ /dev/null
@@ -1,37 +0,0 @@
-# $Id: testfilter.rb 122 2006-05-15 20:03:56Z blackhedd $
-#
-#
-
-require 'test/unit'
-
-$:.unshift "lib"
-
-require 'net/ldap'
-
-
-class TestFilter < Test::Unit::TestCase
-
-  def setup
-  end
-
-
-  def teardown
-  end
-
-  def test_rfc_2254
-    p Net::LDAP::Filter.from_rfc2254( " ( uid=george*   ) " )
-    p Net::LDAP::Filter.from_rfc2254( "uid!=george*" )
-    p Net::LDAP::Filter.from_rfc2254( "uid<george*" )
-    p Net::LDAP::Filter.from_rfc2254( "uid <= george*" )
-    p Net::LDAP::Filter.from_rfc2254( "uid>george*" )
-    p Net::LDAP::Filter.from_rfc2254( "uid>=george*" )
-    p Net::LDAP::Filter.from_rfc2254( "uid!=george*" )
-
-    p Net::LDAP::Filter.from_rfc2254( "(& (uid!=george* ) (mail=*))" )
-    p Net::LDAP::Filter.from_rfc2254( "(| (uid!=george* ) (mail=*))" )
-    p Net::LDAP::Filter.from_rfc2254( "(! (mail=*))" )
-  end
-
-
-end
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testldap.rb b/vendor/plugins/ruby-net-ldap-0.0.4/tests/testldap.rb
deleted file mode 100644
index bb70a0b20..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testldap.rb
+++ /dev/null
@@ -1,190 +0,0 @@
-# $Id: testldap.rb 65 2006-04-23 01:17:49Z blackhedd $
-#
-#
-
-
-$:.unshift "lib"
-
-require 'test/unit'
-
-require 'net/ldap'
-require 'stringio'
-
-
-class TestLdapClient < Test::Unit::TestCase
-
-  # TODO: these tests crash and burn if the associated
-  # LDAP testserver isn't up and running.
-  # We rely on being able to read a file with test data
-  # in LDIF format.
-  # TODO, WARNING: for the moment, this data is in a file
-  # whose name and location are HARDCODED into the
-  # instance method load_test_data.
-
-  def setup
-    @host = "127.0.0.1"
-    @port = 3890
-    @auth = {
-      :method => :simple,
-      :username => "cn=bigshot,dc=bayshorenetworks,dc=com",
-      :password => "opensesame"
-    }
-
-    @ldif = load_test_data
-  end
-
-
-
-  # Get some test data which will be used to validate
-  # the responses from the test LDAP server we will
-  # connect to.
-  # TODO, Bogus: we are HARDCODING the location of the file for now.
-  #
-  def load_test_data
-    ary = File.readlines( "tests/testdata.ldif" )
-    hash = {}
-    while line = ary.shift and line.chomp!
-      if line =~ /^dn:[\s]*/i
-        dn = $'
-        hash[dn] = {}
-        while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/
-          hash[dn][$1.downcase.intern] ||= []
-          hash[dn][$1.downcase.intern] << $'
-        end
-      end
-    end
-    hash
-  end
-
-
-
-  # Binding tests.
-  # Need tests for all kinds of network failures and incorrect auth.
-  # TODO: Implement a class-level timeout for operations like bind.
-  # Search has a timeout defined at the protocol level, other ops do not.
-  # TODO, use constants for the LDAP result codes, rather than hardcoding them.
-  def test_bind
-    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
-    assert_equal( true, ldap.bind )
-    assert_equal( 0, ldap.get_operation_result.code )
-    assert_equal( "Success", ldap.get_operation_result.message )
-
-    bad_username = @auth.merge( {:username => "cn=badguy,dc=imposters,dc=com"} )
-    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_username
-    assert_equal( false, ldap.bind )
-    assert_equal( 48, ldap.get_operation_result.code )
-    assert_equal( "Inappropriate Authentication", ldap.get_operation_result.message )
-
-    bad_password = @auth.merge( {:password => "cornhusk"} )
-    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_password
-    assert_equal( false, ldap.bind )
-    assert_equal( 49, ldap.get_operation_result.code )
-    assert_equal( "Invalid Credentials", ldap.get_operation_result.message )
-  end
-
-
-
-  def test_search
-    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
-
-    search = {:base => "dc=smalldomain,dc=com"}
-    assert_equal( false, ldap.search( search ))
-    assert_equal( 32, ldap.get_operation_result.code )
-    
-    search = {:base => "dc=bayshorenetworks,dc=com"}
-    assert_equal( true, ldap.search( search ))
-    assert_equal( 0, ldap.get_operation_result.code )
-    
-    ldap.search( search ) {|res|
-      assert_equal( res, @ldif )
-    }
-  end
-    
-
-
-
-  # This is a helper routine for test_search_attributes.
-  def internal_test_search_attributes attrs_to_search
-    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
-    assert( ldap.bind )
-
-    search = {
-      :base => "dc=bayshorenetworks,dc=com",
-      :attributes => attrs_to_search
-    }
-
-    ldif = @ldif
-    ldif.each {|dn,entry|
-      entry.delete_if {|attr,value|
-        ! attrs_to_search.include?(attr)
-      }
-    }
-  
-    assert_equal( true, ldap.search( search ))
-    ldap.search( search ) {|res|
-      res_keys = res.keys.sort
-      ldif_keys = ldif.keys.sort
-      assert( res_keys, ldif_keys )
-      res.keys.each {|rk|
-        assert( res[rk], ldif[rk] )
-      }
-    }
-  end
-
-
-  def test_search_attributes
-    internal_test_search_attributes [:mail]
-    internal_test_search_attributes [:cn]
-    internal_test_search_attributes [:ou]
-    internal_test_search_attributes [:hasaccessprivilege]
-    internal_test_search_attributes ["mail"]
-    internal_test_search_attributes ["cn"]
-    internal_test_search_attributes ["ou"]
-    internal_test_search_attributes ["hasaccessrole"]
-
-    internal_test_search_attributes [:mail, :cn, :ou, :hasaccessrole]
-    internal_test_search_attributes [:mail, "cn", :ou, "hasaccessrole"]
-  end
-
-
-  def test_search_filters
-    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
-    search = {
-      :base => "dc=bayshorenetworks,dc=com",
-      :filter => Net::LDAP::Filter.eq( "sn", "Fosse" )
-    }
-
-    ldap.search( search ) {|res|
-      p res
-    }
-  end
-
-
-
-  def test_open
-    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
-    ldap.open {|ldap|
-      10.times {
-        rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" )
-        assert_equal( true, rc )
-      }
-    }
-  end
-
-
-  def test_ldap_open
-    Net::LDAP.open( :host => @host, :port => @port, :auth => @auth ) {|ldap|
-      10.times {
-        rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" )
-        assert_equal( true, rc )
-      }
-    }
-  end
-
-
-
-
-
-end
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testldif.rb b/vendor/plugins/ruby-net-ldap-0.0.4/tests/testldif.rb
deleted file mode 100644
index 73eca746f..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testldif.rb
+++ /dev/null
@@ -1,69 +0,0 @@
-# $Id: testldif.rb 61 2006-04-18 20:55:55Z blackhedd $
-#
-#
-
-
-$:.unshift "lib"
-
-require 'test/unit'
-
-require 'net/ldap'
-require 'net/ldif'
-
-require 'sha1'
-require 'base64'
-
-class TestLdif < Test::Unit::TestCase
-
-  TestLdifFilename = "tests/testdata.ldif"
-
-  def test_empty_ldif
-    ds = Net::LDAP::Dataset::read_ldif( StringIO.new )
-    assert_equal( true, ds.empty? )
-  end
-
-  def test_ldif_with_comments
-    str = ["# Hello from LDIF-land", "# This is an unterminated comment"]
-    io = StringIO.new( str[0] + "\r\n" + str[1] )
-    ds = Net::LDAP::Dataset::read_ldif( io )
-    assert_equal( str, ds.comments )
-  end
-
-  def test_ldif_with_password
-    psw = "goldbricks"
-    hashed_psw = "{SHA}" + Base64::encode64( SHA1.new(psw).digest ).chomp
-
-    ldif_encoded = Base64::encode64( hashed_psw ).chomp
-    ds = Net::LDAP::Dataset::read_ldif( StringIO.new( "dn: Goldbrick\r\nuserPassword:: #{ldif_encoded}\r\n\r\n" ))
-    recovered_psw = ds["Goldbrick"][:userpassword].shift
-    assert_equal( hashed_psw, recovered_psw )
-  end
-
-  def test_ldif_with_continuation_lines
-    ds = Net::LDAP::Dataset::read_ldif( StringIO.new( "dn: abcdefg\r\n   hijklmn\r\n\r\n" ))
-    assert_equal( true, ds.has_key?( "abcdefg hijklmn" ))
-  end
-
-  # TODO, INADEQUATE. We need some more tests
-  # to verify the content.
-  def test_ldif
-    File.open( TestLdifFilename, "r" ) {|f|
-      ds = Net::LDAP::Dataset::read_ldif( f )
-      assert_equal( 13, ds.length )
-    }
-  end
-
-  # TODO, need some tests.
-  # Must test folded lines and base64-encoded lines as well as normal ones.
-  def test_to_ldif
-    File.open( TestLdifFilename, "r" ) {|f|
-      ds = Net::LDAP::Dataset::read_ldif( f )
-      ds.to_ldif
-      assert_equal( true, false ) # REMOVE WHEN WE HAVE SOME TESTS HERE.
-    }
-  end
-
-
-end
-
-
diff --git a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testpsw.rb b/vendor/plugins/ruby-net-ldap-0.0.4/tests/testpsw.rb
deleted file mode 100644
index 6b1aa08be..000000000
--- a/vendor/plugins/ruby-net-ldap-0.0.4/tests/testpsw.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-# $Id: testpsw.rb 72 2006-04-24 21:58:14Z blackhedd $
-#
-#
-
-
-$:.unshift "lib"
-
-require 'net/ldap'
-require 'stringio'
-
-
-class TestPassword < Test::Unit::TestCase
-
-  def setup
-  end
-
-
-  def test_psw
-    assert_equal( "{MD5}xq8jwrcfibi0sZdZYNkSng==", Net::LDAP::Password.generate( :md5, "cashflow" ))
-    assert_equal( "{SHA}YE4eGkN4BvwNN1f5R7CZz0kFn14=", Net::LDAP::Password.generate( :sha, "cashflow" ))
-  end
-
-
-
-
-end
-
-