From 8ba3f95e983c42a7328d73de19fde570fb517f05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vi=CC=81ctor=20Rolda=CC=81n=20Betancort?=
 <vroldanbet@github.com>
Date: Tue, 12 Nov 2019 21:17:04 +0100
Subject: [PATCH 1/6] demonstrates Net::LDAP#open does not expose bind results

we identified that clients cannot safely rely on
Net::LDAP#get_operation_result when using Net::LDAP#open
because @result is not set.

As a consequence,clients calling
Net::LDAP#get_operation_result would get the previous
last cached result @result.
---
 test/integration/test_return_codes.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/test/integration/test_return_codes.rb b/test/integration/test_return_codes.rb
index 13cb594a..58189f92 100644
--- a/test/integration/test_return_codes.rb
+++ b/test/integration/test_return_codes.rb
@@ -4,6 +4,14 @@
 # See: section 12.12 http://www.openldap.org/doc/admin24/overlays.html
 
 class TestReturnCodeIntegration < LDAPIntegrationTestCase
+  def test_open_error
+    @ldap.authenticate "fake", "creds"
+    @ldap.open do
+      result = @ldap.get_operation_result
+      assert_equal Net::LDAP::ResultCodeInvalidCredentials, result.code
+    end
+  end
+
   def test_operations_error
     refute @ldap.search(filter: "cn=operationsError", base: "ou=Retcodes,dc=example,dc=org")
     assert result = @ldap.get_operation_result

From c8bd9857ff605b6288a1c68d858427a70669c36e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vi=CC=81ctor=20Rolda=CC=81n=20Betancort?=
 <vroldanbet@github.com>
Date: Tue, 12 Nov 2019 22:15:25 +0100
Subject: [PATCH 2/6] caches bind result

aligns implementation of open with other methods, so the result
becomes accessible via get_operation_result
---
 lib/net/ldap.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb
index f7a98ef5..9c13a97d 100644
--- a/lib/net/ldap.rb
+++ b/lib/net/ldap.rb
@@ -712,7 +712,7 @@ def open
       begin
         @open_connection = new_connection
         payload[:connection] = @open_connection
-        payload[:bind]       = @open_connection.bind(@auth)
+        payload[:bind]       = @result = @open_connection.bind(@auth)
         yield self
       ensure
         @open_connection.close if @open_connection

From 3455b3021fd966cee9af67a6a456f7a5ad6373fb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vi=CC=81ctor=20Rolda=CC=81n=20Betancort?=
 <vroldanbet@github.com>
Date: Fri, 15 Nov 2019 13:46:17 +0100
Subject: [PATCH 3/6] Revert "caches bind result", to see if failing in CI

This reverts commit c8bd9857
---
 lib/net/ldap.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb
index 9c13a97d..f7a98ef5 100644
--- a/lib/net/ldap.rb
+++ b/lib/net/ldap.rb
@@ -712,7 +712,7 @@ def open
       begin
         @open_connection = new_connection
         payload[:connection] = @open_connection
-        payload[:bind]       = @result = @open_connection.bind(@auth)
+        payload[:bind]       = @open_connection.bind(@auth)
         yield self
       ensure
         @open_connection.close if @open_connection

From ab18e5b11ca38ad93eb8fdf64f01e2ed8334adc8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vi=CC=81ctor=20Rolda=CC=81n=20Betancort?=
 <vroldanbet@github.com>
Date: Tue, 12 Nov 2019 22:21:04 +0100
Subject: [PATCH 4/6] the test environment expects a valid DNS as username

---
 test/integration/test_return_codes.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/integration/test_return_codes.rb b/test/integration/test_return_codes.rb
index 58189f92..30057a2a 100644
--- a/test/integration/test_return_codes.rb
+++ b/test/integration/test_return_codes.rb
@@ -5,7 +5,7 @@
 
 class TestReturnCodeIntegration < LDAPIntegrationTestCase
   def test_open_error
-    @ldap.authenticate "fake", "creds"
+    @ldap.authenticate "cn=fake", "creds"
     @ldap.open do
       result = @ldap.get_operation_result
       assert_equal Net::LDAP::ResultCodeInvalidCredentials, result.code

From 92be7104d3a33b860f6f688bb3360ecefbf51339 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vi=CC=81ctor=20Rolda=CC=81n=20Betancort?=
 <vroldanbet@github.com>
Date: Fri, 15 Nov 2019 14:00:39 +0100
Subject: [PATCH 5/6] Revert "Revert "caches bind result", to see if failing in
 CI"

This reverts commit 3455b302
---
 lib/net/ldap.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb
index f7a98ef5..9c13a97d 100644
--- a/lib/net/ldap.rb
+++ b/lib/net/ldap.rb
@@ -712,7 +712,7 @@ def open
       begin
         @open_connection = new_connection
         payload[:connection] = @open_connection
-        payload[:bind]       = @open_connection.bind(@auth)
+        payload[:bind]       = @result = @open_connection.bind(@auth)
         yield self
       ensure
         @open_connection.close if @open_connection

From dc99286d2445ca942aa4f5975b1b73e919a3af3a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vi=CC=81ctor=20Rolda=CC=81n=20Betancort?=
 <vroldanbet@github.com>
Date: Fri, 15 Nov 2019 14:08:02 +0100
Subject: [PATCH 6/6] bump gem version, assuming semver

---
 lib/net/ldap/version.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/net/ldap/version.rb b/lib/net/ldap/version.rb
index 0a57d621..d0c61424 100644
--- a/lib/net/ldap/version.rb
+++ b/lib/net/ldap/version.rb
@@ -1,5 +1,5 @@
 module Net
   class LDAP
-    VERSION = "0.16.1"
+    VERSION = "0.16.2"
   end
 end