[CI] Add integration tests for Net::LDAP#open behavior

[mtodd]

I'm working through some ill-defined behavior (discussed here) with Net::LDAP#open and wanted to reproduce the problematic behavior in the most minimal way possible.

This PR just starts by adding some basic integration tests for Net::LDAP#open behavior (and not even good integration tests, at that).

I'll be following up with a reproduction of the bad behavior (hopefully).

cc @jch

[mtodd]

By using the changes in #131, I was able to get a dump of the PDUs sent from the server in response to the failing test case's queries:
https://gist.github.com/mtodd/fe1c784c26848e507908

Nothing out of the norm, meaning it looks like it's related to our handling, as I described in f16a4ff.

There are multiple considerations here: what the client side should allow the user to do, what the client side should handle from the server, what the server does in this situation, and possibly others I've not considered.

We could easily add logic to raise an error if someone tries to search while a search is still in progress, but should we? @jch mentioned queueing nested searches, connection pooling, or other methods which all sound reasonable but are far more complex. Do servers properly handle serving multiple queries at the same time over the same connection?

One thing I noticed is that the message_id was reliably matched up with the right results that I expected, so perhaps we should look at pairing the execution context to the result: the nested block's search having message_id 4 needing results that match that ID, but the parent gets results for message_id 3.

@jch @schaary @ruby-ldap/ruby-ldap-admins could use your thoughts on this. Still working through the problem, and need to go with a solution that balances flexibility for the user with spec adherence along with practical application.

Speaking of practical: let's be honest, it's not really practical for someone to perform a subquery for every entry found: this is inviting O(n+1) or O(n*m) performance characteristics. We can't prevent our users from shooting themselves in the foot, but we can prevent the gun from firing accidentally in the wrong direction.

Thoughts?

[jch]

I don't think we should raise an exception because I saw nothing in the RFC to suggest that it isn't supported. I think the key to is map Message IDs between requests and responses. I'll look at your dumps and failing test more closely.

[jch]

I looked at how the Apache LDAP API handles multiple requests over the same socket. Download link.

I didn't run the code, but tracing through the documentation and method calls shows that the library does support execute multiple requests (LdapNetworkConnection.java:1699 #search). It accomplishes this by tracking scheduled requests by messageId (LdapNetworkConnection.java:1679 #searchAsync) in a futureMap (#addToFutureMap). Rather than blocking and returning the search results, the SearchFuture is wrapped in a SearchCursor and returned.

I'm not proposing we follow this implementation, but it is interesting to see that multiple requests are supported elsewhere.

[mtodd]

@jch OK, #138 was merged in here, want to give this a full review before I merge into master?

[jch]

To double check I understand this. This clears PDU's we've queue_read from the socket for this particular search keyed by message_id that weren't consumed. I think this is good cleanup, but when do we hit this scenario? Is this an exceptional case?

[mtodd]

Yup, you understand it perfectly. It shouldn't happen, it would be an exceptional case. Didn't feel right to blow up, though.

[jch]

A contrived failure would be if we didn't follow spec and reused a message_id before that request was finished. Maybe some additional comments indicating this case shouldn't be reached?

[mtodd]

@jch added a brief comment.

[jch]

🚢