From b0bf5511520edb7a27874967bdd499e00dba89cb Mon Sep 17 00:00:00 2001
From: Alex Stockwell <astockwell@gmail.com>
Date: Wed, 16 Sep 2015 19:12:45 -0700
Subject: [PATCH 1/2] obscure auth password upon #inspect, added test, closes
 #216

---
 lib/net/ldap.rb   | 5 +++++
 test/test_ldap.rb | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb
index 75b463fb..35c9c54d 100644
--- a/lib/net/ldap.rb
+++ b/lib/net/ldap.rb
@@ -1195,6 +1195,11 @@ def paged_searches_supported?
     @server_caps[:supportedcontrol].include?(Net::LDAP::LDAPControls::PAGED_RESULTS)
   end
 
+  # Mask auth password
+  def inspect
+    super.gsub @auth[:password], "*******" if @auth[:password]
+  end
+
   private
 
   # Yields an open connection if there is one, otherwise establishes a new
diff --git a/test/test_ldap.rb b/test/test_ldap.rb
index 9704b346..6122b8df 100644
--- a/test/test_ldap.rb
+++ b/test/test_ldap.rb
@@ -57,4 +57,10 @@ def test_instrument_search_with_size
     assert_equal "(uid=user1)", payload[:filter]
     assert_equal result.size, payload[:size]
   end
+
+  def test_obscure_auth
+    password = "opensesame"
+    @subject.auth "joe_user", password
+    assert_not_include(@subject.inspect, password)
+  end
 end

From 02ec36edbb862d510ab4c6ecc7782b1bd1099f3b Mon Sep 17 00:00:00 2001
From: Alex Stockwell <astockwell@gmail.com>
Date: Wed, 16 Sep 2015 19:28:09 -0700
Subject: [PATCH 2/2] fixed oversight bug where inspecting Net::LDAP with
 anonymous auth returned nil

---
 lib/net/ldap.rb   | 4 +++-
 test/test_ldap.rb | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb
index 35c9c54d..635aa97d 100644
--- a/lib/net/ldap.rb
+++ b/lib/net/ldap.rb
@@ -1197,7 +1197,9 @@ def paged_searches_supported?
 
   # Mask auth password
   def inspect
-    super.gsub @auth[:password], "*******" if @auth[:password]
+    inspected = super
+    inspected.gsub! @auth[:password], "*******" if @auth[:password]
+    inspected
   end
 
   private
diff --git a/test/test_ldap.rb b/test/test_ldap.rb
index 6122b8df..f30416b2 100644
--- a/test/test_ldap.rb
+++ b/test/test_ldap.rb
@@ -60,6 +60,7 @@ def test_instrument_search_with_size
 
   def test_obscure_auth
     password = "opensesame"
+    assert_include(@subject.inspect, "anonymous")
     @subject.auth "joe_user", password
     assert_not_include(@subject.inspect, password)
   end