12 changed files with 91 additions and 392 deletions
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@ -20,12 +20,10 @@ jobs:

    services:
      openldap:
-        image: ghcr.io/ldapjs/docker-test-openldap/openldap:2023-10-30
+        image: ghcr.io/ldapjs/docker-test-openldap/openldap:latest
        ports:
          - 389:389
          - 636:636
-        options: >
-          --health-cmd "ldapsearch -Y EXTERNAL -Q -H ldapi:// -b ou=people,dc=planetexpress,dc=com -LLL '(cn=Turanga Leela)' cn"

    steps:
      - uses: actions/checkout@v3
--- a/README.md
+++ b/README.md
@ -1,34 +1,71 @@
-# Project Decomissioned
+# LDAPjs

-This project has been decomissioned. I, James Sumners, took it on when it was
-languishing without any maintenance as it filled a need in the ecosystem and
-I had built things at a prior organization that depended upon this project.
-I spent a lot of time triaging issues and reworking things toward a path
-that could be more easily maintained by a community of volunteers. But I have
-not had the time to dedicate to this project in quite a while. There are
-outstanding issues that would take me at least a week of dedicated development
-time to solve, and I cannot afford to take time off of work to do that.
-Particularly considering that the aforementioned organization was two
-jobs ago, and it is extremely unlikely that I will transition to a role again
-that will need this project.
+[![Build Status](https://github.com/ldapjs/node-ldapjs/workflows/Lint%20And%20Test/badge.svg)](https://github.com/ldapjs/node-ldapjs/actions)
+[![Coverage Status](https://coveralls.io/repos/github/ldapjs/node-ldapjs/badge.svg)](https://coveralls.io/github/ldapjs/node-ldapjs/)

-So, why am I just now deciding to decomission this project? Because today,
-2024-05-14, I received the following email:
+LDAPjs makes the LDAP protocol a first class citizen in Node.js.

-![Abusive email](dt.png)
+## Usage

-I will not tolerate abuse, and I especially will not tolerate tacit death
-threats, over a hobby. You can thank the author of that email for the
-decomissioning on this project.
+For full docs, head on over to <http://ldapjs.org>.

-My recommendation to you in regard to LDAP operations: write a gateway in a
-language that is more suited to these types of operations. I'd suggest
-[Go](https://go.dev).
+```javascript
+var ldap = require('ldapjs');

-👋
+var server = ldap.createServer();

-P.S.: if I ever do need this project again, I might revive it. But I'd fight
-hard for my suggestion above. Also, I will consider turning it over to an
-interested party, but I will require at least one recommendation from a
-Node.js core contributor that I can vet with the people that I know on that
-team.
+server.search('dc=example', function(req, res, next) {
+  var obj = {
+    dn: req.dn.toString(),
+    attributes: {
+      objectclass: ['organization', 'top'],
+      o: 'example'
+    }
+  };
+
+  if (req.filter.matches(obj.attributes))
+  res.send(obj);
+
+  res.end();
+});
+
+server.listen(1389, function() {
+  console.log('ldapjs listening at ' + server.url);
+});
+```
+
+To run that, assuming you've got the [OpenLDAP](http://www.openldap.org/)
+client on your system:
+
+    ldapsearch -H ldap://localhost:1389 -x -b dc=example objectclass=*
+
+## Installation
+
+    npm install ldapjs
+
+## Node.js Version Support
+
+As of `ldapjs@3` we only support the active Node.js LTS releases.
+See [https://github.com/nodejs/release#release-schedule][schedule] for the LTS
+release schedule.
+
+For a definitive list of Node.js version we support, see the version matrix
+we test against in our [CI configuration][ci-config].
+
+Note: given the release date of `ldapjs@3`, and the short window of time that
+Node.js v14 had remaining on its LTS window, we opted to not support Node.js
+v14 with `ldapjs@3` (we released late February 2023 and v14 goes into
+maintenance in late April 2023). Also, Node.js v14 will be end-of-life (EOL) on
+September 11, 2023; this is a very shortened EOL timeline and makes it even
+more reasonable to not support it at this point.
+
+[schedule]: https://github.com/nodejs/release#release-schedule
+[ci-config]: https://github.com/ldapjs/node-ldapjs/blob/master/.github/workflows/main.yml
+
+## License
+
+MIT.
+
+## Bugs
+
+See <https://github.com/ldapjs/node-ldapjs/issues>.
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,10 +1,8 @@
+version: '3'
+
 services:
  openldap:
-    image: ghcr.io/ldapjs/docker-test-openldap/openldap:2023-10-30
+    image: ghcr.io/ldapjs/docker-test-openldap/openldap:latest
    ports:
      - 389:389
      - 636:636
-    healthcheck:
-      start_period: 3s
-      test: >
-        /usr/bin/ldapsearch -Y EXTERNAL -Q -H ldapi:// -b ou=people,dc=planetexpress,dc=com -LLL '(cn=Turanga Leela)' cn 1>/dev/null
--- a/dt.png
+++ b/dt.png
--- a/lib/server.js
+++ b/lib/server.js
@ -854,11 +854,11 @@ Server.prototype._getHandlerChain = function _getHandlerChain (req) {
  }

  // Otherwise, match via DN rules
+  assert.ok(req.dn)
  const keys = this._sortedRouteKeys()
  let fallbackHandler = [noSuffixHandler]
  // invalid DNs in non-strict mode are routed to the default handler
  const testDN = (typeof (req.dn) === 'string') ? DN.fromString(req.dn) : req.dn
-  assert.ok(testDN)

  for (let i = 0; i < keys.length; i++) {
    const suffix = keys[i]
--- a/package.json
+++ b/package.json
@ -3,7 +3,7 @@
  "name": "ldapjs",
  "homepage": "http://ldapjs.org",
  "description": "LDAP client and server APIs",
-  "version": "3.0.7",
+  "version": "3.0.4",
  "license": "MIT",
  "repository": {
    "type": "git",
@ -11,13 +11,13 @@
  },
  "main": "lib/index.js",
  "dependencies": {
-    "@ldapjs/asn1": "^2.0.0",
-    "@ldapjs/attribute": "^1.0.0",
-    "@ldapjs/change": "^1.0.0",
-    "@ldapjs/controls": "^2.1.0",
-    "@ldapjs/dn": "^1.1.0",
-    "@ldapjs/filter": "^2.1.1",
-    "@ldapjs/messages": "^1.3.0",
+    "@ldapjs/asn1": "2.0.0",
+    "@ldapjs/attribute": "1.0.0",
+    "@ldapjs/change": "1.0.0",
+    "@ldapjs/controls": "2.0.0",
+    "@ldapjs/dn": "1.1.0",
+    "@ldapjs/filter": "2.1.0",
+    "@ldapjs/messages": "^1.2.0",
    "@ldapjs/protocol": "^1.2.1",
    "abstract-logging": "^2.0.1",
    "assert-plus": "^1.0.0",
@ -47,7 +47,7 @@
    "test:cov:html": "tap --coverage-report=html -R terse",
    "test:watch": "tap -n -w --no-coverage-report -R terse",
    "test:integration": "tap --no-cov -R terse 'test-integration/**/*.test.js'",
-    "test:integration:local": "docker-compose up -d --wait && npm run test:integration ; docker-compose down",
+    "test:integration:local": "docker-compose up -d && npm run test:integration && docker-compose down",
    "lint": "eslint . --fix",
    "lint:ci": "eslint .",
    "docs": "node scripts/build-docs.js"
--- a/test-integration/client/issue-860.test.js
+++ b/test-integration/client/issue-860.test.js
@ -11,33 +11,20 @@ const baseURL = `${SCHEME}://${HOST}:${PORT}`

 const client = ldapjs.createClient({ url: baseURL })

-tap.before(() => {
-  return new Promise((resolve, reject) => {
-    client.bind('cn=admin,dc=planetexpress,dc=com', 'GoodNewsEveryone', (err) => {
-      if (err) {
-        return reject(err)
-      }
-      resolve()
-    })
-  })
-})
+const opts = {
+  filter: '(&(objectClass=person))',
+  scope: 'sub',
+  paged: true,
+  sizeLimit: 100,
+  attributes: ['cn', 'employeeID']
+}

-tap.teardown(() => {
-  client.unbind()
-})
+const baseDN = parseDN('ou=テスト,dc=planetexpress,dc=com')

 tap.test('can search OUs with Japanese characters', t => {
-  t.plan(2)
-
-  const opts = {
-    filter: '(&(objectClass=person))',
-    scope: 'sub',
-    paged: true,
-    sizeLimit: 100,
-    attributes: ['cn', 'employeeID']
-  }
-
-  const baseDN = parseDN('ou=テスト,dc=planetexpress,dc=com')
+  client.bind('cn=admin,dc=planetexpress,dc=com', 'GoodNewsEveryone', (err) => {
+    t.error(err, 'bind error')
+  })

  client.search(baseDN.toString(), opts, (err, res) => {
    t.error(err, 'search error')
@ -55,41 +42,7 @@ tap.test('can search OUs with Japanese characters', t => {
      t.error(err, 'search entry error')
    })
    res.on('end', () => {
-      t.end()
-    })
-  })
-})
-
-tap.test('can search with non-ascii chars in filter', t => {
-  t.plan(3)
-
-  const opts = {
-    filter: '(&(sn=Rodríguez))',
-    scope: 'sub',
-    attributes: ['dn', 'sn', 'cn'],
-    type: 'user'
-  }
-
-  let searchEntryCount = 0
-  client.search('dc=planetexpress,dc=com', opts, (err, res) => {
-    t.error(err, 'search error')
-    res.on('searchEntry', (entry) => {
-      searchEntryCount += 1
-      t.match(entry.pojo, {
-        type: 'SearchResultEntry',
-        objectName: 'cn=Bender Bending Rodr\\c3\\adguez,ou=people,dc=planetexpress,dc=com',
-        attributes: [{
-          type: 'cn',
-          values: ['Bender Bending Rodríguez']
-        }]
-      })
-    })
-    res.on('error', (err) => {
-      t.error(err, 'search entry error')
-    })
-    res.on('end', () => {
-      t.equal(searchEntryCount, 1, 'should have found 1 entry')
-      t.end()
+      client.unbind(t.end)
    })
  })
 })
--- a/test-integration/client/issue-923.test.js
+++ b/test-integration/client/issue-923.test.js
@ -1,91 +0,0 @@
-'use strict'
-
-const tap = require('tap')
-const ldapjs = require('../../lib')
-const { DN } = require('@ldapjs/dn')
-const Change = require('@ldapjs/change')
-
-const SCHEME = process.env.SCHEME || 'ldap'
-const HOST = process.env.HOST || '127.0.0.1'
-const PORT = process.env.PORT || 389
-const baseURL = `${SCHEME}://${HOST}:${PORT}`
-
-const client = ldapjs.createClient({ url: baseURL })
-
-tap.teardown(() => {
-  client.unbind()
-})
-
-tap.test('modifies entry specified by dn string', t => {
-  t.plan(4)
-
-  client.bind('cn=admin,dc=planetexpress,dc=com', 'GoodNewsEveryone', (err) => {
-    t.error(err, 'bind error')
-  })
-
-  const dn = 'cn=large10,ou=large_ou,dc=planetexpress,dc=com'
-  const change = new Change({
-    operation: 'replace',
-    modification: {
-      type: 'givenName',
-      values: ['test']
-    }
-  })
-
-  client.modify(dn, change, (err) => {
-    t.error(err, 'modify error')
-    validateChange({ t, expected: 'test', client })
-  })
-})
-
-tap.test('modifies entry specified by dn object', t => {
-  t.plan(4)
-
-  client.bind('cn=admin,dc=planetexpress,dc=com', 'GoodNewsEveryone', (err) => {
-    t.error(err, 'bind error')
-  })
-
-  const dn = DN.fromString('cn=large10,ou=large_ou,dc=planetexpress,dc=com')
-  const change = new Change({
-    operation: 'replace',
-    modification: {
-      type: 'givenName',
-      values: ['test2']
-    }
-  })
-
-  client.modify(dn, change, (err) => {
-    t.error(err, 'modify error')
-    validateChange({ t, expected: 'test2', client })
-  })
-})
-
-function validateChange ({ t, expected, client }) {
-  const searchBase = 'ou=large_ou,dc=planetexpress,dc=com'
-  const searchOpts = {
-    filter: '(cn=large10)',
-    scope: 'subtree',
-    attributes: ['givenName'],
-    sizeLimit: 10,
-    timeLimit: 0
-  }
-
-  client.search(searchBase, searchOpts, (err, res) => {
-    t.error(err, 'search error')
-
-    res.on('searchEntry', entry => {
-      t.equal(
-        entry.attributes.filter(a => a.type === 'givenName').pop().values.pop(),
-        expected
-      )
-    })
-
-    res.on('error', err => {
-      t.error(err, 'search entry error')
-    })
-
-    res.on('end', () => {
-      t.end()
-    })
-  })
-}
--- a/test-integration/client/issue-940.test.js
+++ b/test-integration/client/issue-940.test.js
@ -1,81 +0,0 @@
-'use strict'
-
-const tap = require('tap')
-const ldapjs = require('../../lib')
-const Change = require('@ldapjs/change')
-
-const SCHEME = process.env.SCHEME || 'ldap'
-const HOST = process.env.HOST || '127.0.0.1'
-const PORT = process.env.PORT || 389
-const baseURL = `${SCHEME}://${HOST}:${PORT}`
-
-const client = ldapjs.createClient({ url: baseURL })
-
-tap.before(() => {
-  return new Promise((resolve, reject) => {
-    client.bind('cn=admin,dc=planetexpress,dc=com', 'GoodNewsEveryone', (err) => {
-      if (err) {
-        return reject(err)
-      }
-      resolve()
-    })
-  })
-})
-
-tap.teardown(() => {
-  client.unbind()
-})
-
-tap.test('can modify entries with non-ascii chars in RDN', t => {
-  t.plan(6)
-
-  const dn = 'cn=Mendonça,ou=people,dc=planetexpress,dc=com'
-  const entry = {
-    objectclass: 'person',
-    sn: 'change me'
-  }
-
-  client.add(dn, entry, error => {
-    t.error(error, 'add should not error')
-    doSearch('change me', doModify)
-  })
-
-  function doModify () {
-    const change = new Change({
-      operation: 'replace',
-      modification: {
-        type: 'sn',
-        values: ['changed']
-      }
-    })
-
-    client.modify(dn, change, (error) => {
-      t.error(error, 'modify should not error')
-      doSearch('changed', t.end.bind(t))
-    })
-  }
-
-  function doSearch (expected, callback) {
-    const searchOpts = {
-      filter: '(&(objectclass=person)(cn=Mendonça))',
-      scope: 'subtree',
-      attributes: ['sn']
-    }
-    client.search('ou=people,dc=planetexpress,dc=com', searchOpts, (error, res) => {
-      t.error(error, 'search should not error')
-
-      res.on('searchEntry', entry => {
-        const found = entry.attributes.filter(a => a.type === 'sn').pop().values.pop()
-        t.equal(found, expected, `expected '${expected}' and got '${found}'`)
-      })
-
-      res.on('error', error => {
-        t.error(error, 'search result processing should not error')
-      })
-
-      res.on('end', () => {
-        callback()
-      })
-    })
-  }
-})
--- a/test-integration/client/issue-946.test.js
+++ b/test-integration/client/issue-946.test.js
@ -1,87 +0,0 @@
-'use strict'
-
-const tap = require('tap')
-const ldapjs = require('../../lib')
-
-const SCHEME = process.env.SCHEME || 'ldap'
-const HOST = process.env.HOST || '127.0.0.1'
-const PORT = process.env.PORT || 389
-const baseURL = `${SCHEME}://${HOST}:${PORT}`
-
-tap.test('can use password policy response', t => {
-  const client = ldapjs.createClient({ url: baseURL })
-  const targetDN = 'cn=Bender Bending Rodríguez,ou=people,dc=planetexpress,dc=com'
-
-  client.bind('cn=admin,dc=planetexpress,dc=com', 'GoodNewsEveryone', (err, res) => {
-    t.error(err)
-    t.ok(res)
-    t.equal(res.status, 0)
-
-    const newPassword = 'bender2'
-    changePassword(client, newPassword, () => {
-      client.unbind()
-      bindNewClient(newPassword, { error: 2 }, (client) => {
-        const newPassword = 'bender'
-        changePassword(client, newPassword, () => {
-          client.unbind()
-          bindNewClient(newPassword, { timeBeforeExpiration: 1000 }, (client) => {
-            client.unbind(t.end)
-          })
-        })
-      })
-    })
-  })
-
-  function bindNewClient (pwd, expected, callback) {
-    const client = ldapjs.createClient({ url: baseURL })
-    const control = new ldapjs.PasswordPolicyControl()
-
-    client.bind(targetDN, pwd, control, (err, res) => {
-      t.error(err)
-      t.ok(res)
-      t.equal(res.status, 0)
-
-      let error = null
-      let timeBeforeExpiration = null
-      let graceAuthNsRemaining = null
-
-      res.controls.forEach(control => {
-        if (control.type === ldapjs.PasswordPolicyControl.OID) {
-          error = control.value.error ?? error
-          timeBeforeExpiration = control.value.timeBeforeExpiration ?? timeBeforeExpiration
-          graceAuthNsRemaining = control.value.graceAuthNsRemaining ?? graceAuthNsRemaining
-        }
-      })
-
-      if (expected.error !== undefined) {
-        t.equal(error, expected.error)
-      }
-      if (expected.timeBeforeExpiration !== undefined) {
-        t.equal(timeBeforeExpiration, expected.timeBeforeExpiration)
-      }
-      if (expected.graceAuthNsRemaining !== undefined) {
-        t.equal(graceAuthNsRemaining, expected.graceAuthNsRemaining)
-      }
-
-      callback(client)
-    })
-  }
-
-  function changePassword (client, newPwd, callback) {
-    const change = new ldapjs.Change({
-      operation: 'replace',
-      modification: new ldapjs.Attribute({
-        type: 'userPassword',
-        values: newPwd
-      })
-    })
-
-    client.modify(targetDN, change, (err, res) => {
-      t.error(err)
-      t.ok(res)
-      t.equal(res.status, 0)
-
-      callback()
-    })
-  }
-})
--- a/test-integration/client/issues.test.js
+++ b/test-integration/client/issues.test.js
@ -10,14 +10,7 @@ const PORT = process.env.PORT || 389
 const baseURL = `${SCHEME}://${HOST}:${PORT}`

 tap.test('modifyDN with long name (issue #480)', t => {
-  // 2023-08-15: disabling this 265 character string until a bug can be
-  // fixed in OpenLDAP. See https://github.com/ldapjs/docker-test-openldap/blob/d48bc2fb001b4ed9a152715ced4a2cb120439ec4/bootstrap/slapd-init.sh#L19-L31.
-  // const longStr = 'a292979f2c86d513d48bbb9786b564b3c5228146e5ba46f404724e322544a7304a2b1049168803a5485e2d57a544c6a0d860af91330acb77e5907a9e601ad1227e80e0dc50abe963b47a004f2c90f570450d0e920d15436fdc771e3bdac0487a9735473ed3a79361d1778d7e53a7fb0e5f01f97a75ef05837d1d5496fc86968ff47fcb64'
-
-  // 2023-08-15: this 140 character string satisfies the original issue
-  // (https://github.com/ldapjs/node-ldapjs/issues/480) and avoids a bug
-  // in OpenLDAP 2.5.
-  const longStr = '292979f2c86d513d48bbb9786b564b3c5228146e5ba46f404724e322544a7304a2b1049168803a5485e2d57a544c6a0d860af91330acb77e5907a9e601ad1227e80e0dc50ab'
+  const longStr = 'a292979f2c86d513d48bbb9786b564b3c5228146e5ba46f404724e322544a7304a2b1049168803a5485e2d57a544c6a0d860af91330acb77e5907a9e601ad1227e80e0dc50abe963b47a004f2c90f570450d0e920d15436fdc771e3bdac0487a9735473ed3a79361d1778d7e53a7fb0e5f01f97a75ef05837d1d5496fc86968ff47fcb64'
  const targetDN = 'cn=Turanga Leela,ou=people,dc=planetexpress,dc=com'
  const client = ldapjs.createClient({ url: baseURL })
  client.bind('cn=admin,dc=planetexpress,dc=com', 'GoodNewsEveryone', bindHandler)
--- a/test/server.test.js
+++ b/test/server.test.js
@ -257,27 +257,6 @@ tap.test('bind/unbind identity anonymous', function (t) {
  })
 })

-tap.test('does not crash on empty DN values', function (t) {
-  const server = ldap.createServer({
-    connectionRouter: function (c) {
-      server.newConnection(c)
-      server.emit('testconnection', c)
-    }
-  })
-
-  server.listen(t.context.sock, function () {
-    const client = ldap.createClient({ socketPath: t.context.sock })
-    server.once('testconnection', () => {
-      client.bind('', 'pw', function (err) {
-        t.ok(err, 'blank bind dn throws error')
-        client.unbind(function () {
-          server.close(() => t.end())
-        })
-      })
-    })
-  })
-})
-
 tap.test('bind/unbind identity user', function (t) {
  const server = ldap.createServer({
    connectionRouter: function (c) {