gsasl 0.1.0

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in gsasl.gemspec
+gemspec

data/README.md

@@ -0,0 +1,41 @@
+# GNU SASL for Ruby
+
+This libaray is a lib ffi based wrapper for the [GNU SASL](http://www.gnu.org/software/gsasl/) library. It supports a variaty of different authentication mechanisms. Those are the mechanisms supported for the current versions:
+
+* **EXTERNAL**: Authentication via out of band information.
+* **ANONYMOUS**: Mechanism for anonymous access to resources.
+* **PLAIN**: Clear text username and password.
+* **LOGIN**: Non-standard clear text username and password.
+* **CRAM-MD5**: Challenge-Response Authentication Mechanism.
+* **DIGEST-MD5**: Digest Authentication.
+* **SCRAM-SHA-1**: SCRAM-SHA-1 authentication.
+* **NTLM**: Microsoft NTLM authentication.
+* **SECURID**: Authentication using tokens.
+* **GSSAPI**: GSSAPI (Kerberos 5) authentication.
+* **GS2-KRB5**: Improved GSSAPI (Kerberos 5) authentication.
+* **KERBEROS\_V5**: Experimental KERBEROS\_V5 authentication.
+* **SAML20**: Experimental SAML20 authentication.
+* **OPENID20**: Experimental OPENID20 authentication.
+
+# Use in Ruby
+
+In the following example the server and the client are on the same machine. If the server is on the remote site, one has to implement a server that will return the next challenge on `server#read` and implements a `server#send` to send the challenge to the server. Also it is possible to not use the `#authenticate` function but to implement the processing individually.
+
+    session = Gsasl::Context.new
+    client = session.create_client("CRAM-MD5")
+    server = session.create_server("CRAM-MD5")
+    
+    server.set_callback do |property|
+      if property == Gsasl::GSASL_PASSWORD
+        if server[Gsasl::GSASL_AUTHID] == "joe"
+          server[Gsasl::GSASL_PASSWORD] = "secret"
+        end
+        Gsasl::GSASL_OK
+      end
+    end
+    
+    client[Gsasl::GSASL_AUTHID] = "joe"
+    client[Gsasl::GSASL_PASSWORD] = "secret"
+    
+    client.authenticate(server).should be_true
+  

data/Rakefile

@@ -0,0 +1,5 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec

data/gsasl.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "gsasl/version"
+
+Gem::Specification.new do |s|
+  s.name        = "gsasl"
+  s.version     = Gsasl::VERSION
+  s.authors     = ["Vincent Landgraf"]
+  s.email       = ["vilandgr@googlemail.com"]
+  s.homepage    = ""
+  s.summary     = %q{A lib ffi based wrapper for lib GNU SASL}
+  s.description = %q{A library for doing SASL based authentication mechanisms}
+
+  s.rubyforge_project = "gsasl"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "rake"
+  s.add_runtime_dependency "ffi"
+end

data/lib/gsasl/context.rb

@@ -0,0 +1,97 @@
+module Gsasl
+  class Context
+    # Access the peers of a given session. This is used to find peers for the
+    # global `Gsasl::CALLBACK`.
+    # @api private
+    attr_accessor :peers
+    
+    # Create a new gsasl authentication context.
+    def initialize
+      ctx = FFI::MemoryPointer.new :pointer
+      result = Gsasl.gsasl_init(ctx)
+      @context = ctx.get_pointer(0)
+      Gsasl.raise_error!(result)
+      @peers = {}
+      Gsasl.new_context @context.address, self
+      Gsasl.gsasl_callback_set(@context, CALLBACK)
+    end
+    
+    # Returns or checks agains the passed version of GNU SASL.
+    # @param [String] check the version string to check against.
+    # @return [String, nil] the version string if the check was successful, nil
+    #   otherwise
+    def version(check = nil)
+      Gsasl.gsasl_check_version check
+    end
+    
+    # Checks if the client peer supports the passed mechanism
+    # @param [String] mechanism_name the mechnism to check for
+    # @return [Boolean] true if it is supported false otherwise
+    def client_support_for?(mechanism_name)
+      Gsasl.gsasl_client_support_p(@context, mechanism_name) == 1
+    end
+    
+    # Checks if the server peer supports the passed mechanism
+    # @param [String] mechanism_name the mechnism to check for
+    # @return [Boolean] true if it is supported false otherwise
+    def server_support_for?(mechanism_name)
+      Gsasl.gsasl_server_support_p(@context, mechanism_name) == 1
+    end
+    
+    # Closes the sasl peer for the context. Should be called after authenication.
+    def close
+      Gsasl.gsasl_done(@context)
+    end
+    
+    # Returns a list of mechanisms for the server peer
+    # @return [Array<String>] the list of possible mechanisms
+    def server_mechanisms
+      mechanisms :server
+    end
+    
+    # Returns a list of mechanisms for the client peer
+    # @return [Array<String>] the list of possible mechanisms
+    def client_mechanisms
+      mechanisms :client
+    end
+    
+    # Creates the server peer based on the passed mechanism
+    # @param [String] mechanism_name the name of the mechanism
+    # @return [Gsasl::Peer] the server peer
+    # @example
+    #   peer = @session.create_server("CRAM-MD5")
+    def create_server(mechanism_name)
+      peer = Peer.new(@context, mechanism_name, :server)
+      @peers[peer.session.address] = peer
+      peer
+    end
+    
+    # Creates the client peer based on the passed mechanism
+    # @param [String] mechanism_name the name of the mechanism
+    # @return [Gsasl::Peer] the client peer
+    # @example
+    #   peer = @session.create_client("CRAM-MD5")
+    def create_client(mechanism_name)
+      peer = Peer.new(@context, mechanism_name, :client)
+      @peers[peer.session.address] = peer
+      peer
+    end
+  
+  private
+    
+    # Returns a list of mechanisms for the passed type (type can be :client or
+    # :server)
+    # @param [Symbol] type the type to check mechanisms for
+    # @return [Array<String>] the list of possible mechanisms
+    def mechanisms(type)
+      out = FFI::MemoryPointer.new :pointer
+      result = Gsasl.send("gsasl_#{type}_mechlist", @context, out)
+      Gsasl.raise_error!(result)
+      data = out.get_pointer(0)
+      list = data.read_string.split(/\s/)
+      list
+    ensure
+      Gsasl.gsasl_free(data)
+    end
+  end
+end

data/lib/gsasl/native.rb

@@ -0,0 +1,177 @@
+require 'ffi'
+
+module Gsasl
+  extend FFI::Library
+  ffi_lib "libgsasl"
+  
+  # RFC 2222: SASL mechanisms are named by strings, from 1 to 20
+  # characters in length, consisting of upper-case letters, digits,
+  # hyphens, and/or underscores.  SASL mechanism names must be
+  # registered with the IANA.
+  GSASL_MIN_MECHANISM_SIZE = 1,
+  GSASL_MAX_MECHANISM_SIZE = 20
+    
+  # Error codes for library functions.
+  GSASL_OK = 0
+  GSASL_NEEDS_MORE = 1
+  GSASL_UNKNOWN_MECHANISM = 2
+  GSASL_MECHANISM_CALLED_TOO_MANY_TIMES = 3
+  GSASL_MALLOC_ERROR = 7
+  GSASL_BASE64_ERROR = 8
+  GSASL_CRYPTO_ERROR = 9
+  GSASL_SASLPREP_ERROR = 29
+  GSASL_MECHANISM_PARSE_ERROR = 30
+  GSASL_AUTHENTICATION_ERROR = 31
+  GSASL_INTEGRITY_ERROR = 33
+  GSASL_NO_CLIENT_CODE = 35
+  GSASL_NO_SERVER_CODE = 36
+  GSASL_NO_CALLBACK = 51
+  GSASL_NO_ANONYMOUS_TOKEN = 52
+  GSASL_NO_AUTHID = 53
+  GSASL_NO_AUTHZID = 54
+  GSASL_NO_PASSWORD = 55
+  GSASL_NO_PASSCODE = 56
+  GSASL_NO_PIN = 57
+  GSASL_NO_SERVICE = 58
+  GSASL_NO_HOSTNAME = 59
+  GSASL_NO_CB_TLS_UNIQUE = 65
+  GSASL_NO_SAML20_IDP_IDENTIFIER = 66
+  GSASL_NO_SAML20_REDIRECT_URL = 67
+  GSASL_NO_OPENID20_AUTH_IDENTIFIER = 68
+  
+  # Mechanism specific errors.
+  GSASL_GSSAPI_RELEASE_BUFFER_ERROR = 37
+  GSASL_GSSAPI_IMPORT_NAME_ERROR = 38
+  GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR = 39
+  GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR = 40
+  GSASL_GSSAPI_UNWRAP_ERROR = 41
+  GSASL_GSSAPI_WRAP_ERROR = 42
+  GSASL_GSSAPI_ACQUIRE_CRED_ERROR = 43
+  GSASL_GSSAPI_DISPLAY_NAME_ERROR = 44
+  GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR = 45
+  GSASL_KERBEROS_V5_INIT_ERROR = 46
+  GSASL_KERBEROS_V5_INTERNAL_ERROR = 47
+  GSASL_SHISHI_ERROR = GSASL_KERBEROS_V5_INTERNAL_ERROR
+  GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE = 48
+  GSASL_SECURID_SERVER_NEED_NEW_PIN = 49
+  GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR = 60
+  GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR = 61
+  GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR = 62
+  GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR = 63
+  GSASL_GSSAPI_RELEASE_OID_SET_ERROR = 64
+  
+  # Information properties, e.g., username.
+  GSASL_AUTHID = 1
+  GSASL_AUTHZID = 2
+  GSASL_PASSWORD = 3
+  GSASL_ANONYMOUS_TOKEN = 4
+  GSASL_SERVICE = 5
+  GSASL_HOSTNAME = 6
+  GSASL_GSSAPI_DISPLAY_NAME = 7
+  GSASL_PASSCODE = 8
+  GSASL_SUGGESTED_PIN = 9
+  GSASL_PIN = 10
+  GSASL_REALM = 11
+  GSASL_DIGEST_MD5_HASHED_PASSWORD = 12
+  GSASL_QOPS = 13
+  GSASL_QOP = 14
+  GSASL_SCRAM_ITER = 15
+  GSASL_SCRAM_SALT = 16
+  GSASL_SCRAM_SALTED_PASSWORD = 17
+  GSASL_CB_TLS_UNIQUE = 18
+  GSASL_SAML20_IDP_IDENTIFIER = 19
+  GSASL_SAML20_REDIRECT_URL = 20
+  GSASL_OPENID20_AUTH_IDENTIFIER = 21
+  
+  # Client callbacks.
+  GSASL_SAML20_AUTHENTICATE_IN_BROWSER = 250
+  
+  # Server validation callback properties.
+  GSASL_VALIDATE_SIMPLE = 500
+  GSASL_VALIDATE_EXTERNAL = 501
+  GSASL_VALIDATE_ANONYMOUS = 502
+  GSASL_VALIDATE_GSSAPI = 503
+  GSASL_VALIDATE_SECURID = 504
+  GSASL_VALIDATE_SAML20 = 505
+  
+  # Gsasl_cipher
+  GSASL_CIPHER_DES = 1
+  GSASL_CIPHER_3DES = 2
+  GSASL_CIPHER_RC4 = 4
+  GSASL_CIPHER_RC4_40 = 8
+  GSASL_CIPHER_RC4_56 = 16
+  GSASL_CIPHER_AES = 32
+  
+  # Quality of Protection types (DIGEST-MD5 and GSSAPI).  The
+  # integrity and confidentiality values is about application data
+  # wrapping.  We recommend that you use @GSASL_QOP_AUTH with TLS as
+  # that combination is generally more secure and have better chance
+  # of working than the integrity/confidentiality layers of SASL.
+  GSASL_QOP_AUTH = 1,
+  GSASL_QOP_AUTH_INT = 2,
+  GSASL_QOP_AUTH_CONF = 4
+  
+  # the callback signature for the global callback
+  callback :gsasl_callback, [ :pointer, :pointer, :int], :int
+  
+  # lib ffi mapped functions
+  attach_function :gsasl_init, [ :pointer ], :int
+  attach_function :gsasl_done, [ :pointer ], :void
+  attach_function :gsasl_check_version, [ :string ], :string
+  attach_function :gsasl_strerror, [ :int ], :string
+  attach_function :gsasl_client_support_p, [ :pointer, :string ], :int
+  attach_function :gsasl_server_support_p, [ :pointer, :string ], :int
+  attach_function :gsasl_server_start, [ :pointer, :string, :pointer ], :int
+  attach_function :gsasl_client_start, [ :pointer, :string, :pointer ], :int
+  attach_function :gsasl_finish, [ :pointer ], :void
+  attach_function :gsasl_client_mechlist, [ :pointer, :pointer ], :int
+  attach_function :gsasl_server_mechlist, [ :pointer, :pointer ], :int
+  attach_function :gsasl_free, [ :pointer ], :void
+  attach_function :gsasl_property_set, [ :pointer, :int , :string ], :void
+  attach_function :gsasl_property_get, [ :pointer, :int ], :string
+  attach_function :gsasl_callback_set, [ :pointer, :gsasl_callback ], :void
+  attach_function :gsasl_step64, [ :pointer, :string, :pointer], :int
+  
+  # Raises an error if the passed result is not GSASL_OK
+  # @param [Fixnum] result that should be checked
+  # @raises [GsaslError] if a different result occured
+  def self.raise_error!(result)
+    if result != GSASL_OK
+      raise GsaslError, Gsasl.gsasl_strerror(result)
+    end
+  end
+  
+  # Handles at a global level all callbacks that are made by the gsasl library.
+  # The context and session (or peer) will be used to proxy the events to the
+  # corresponding object.
+  CALLBACK = Proc.new do |context, peer, property|
+    # find the object...
+    if context = find_by_context(context.address)
+      if peer = context.peers[peer.address]
+        # ...and call the callback with the property
+        result = peer.call(property)
+      end
+    end
+    
+    # if there is no callback handler (nil) return that information
+    result || Gsasl::GSASL_NO_CALLBACK
+  end
+  
+  # Helper to find an context (or session) by the passed id. Used by `CALLBACK`.
+  # @api private
+  # @param [Fixnum] id the id of the sesseion (pointer to context struct)
+  # @return [Gsasl::Context, nil] the session or nil if nothing was found
+  def self.find_by_context(id)
+    @contexts ||= {}
+    @contexts[id]
+  end
+
+  # Registers the context and the session for later use in the global callback.
+  # @api private
+  # @param [Fixnum] id the id of the sesseion (pointer to context struct)
+  # @param [Gsasl::Context] context the session to save for later use
+  def self.new_context(id, context)
+    @contexts ||= {}
+    @contexts[id] = context
+  end
+end

data/lib/gsasl/peer.rb

@@ -0,0 +1,115 @@
+module Gsasl
+  # A peer is a client or server side that processes data to do an
+  # authentication.
+  class Peer
+    # give access to the session object (ffi) that is used by the peer
+    # @api private
+    attr_accessor :session
+    
+    # Initalize a peer for authentication (either a client or server)
+    # @param [FFI::MemoryPointer] context the pointer to the context used
+    # @param [String] mechanism_name the name of the mechanism to use
+    # @param [Symbol] type either (:server or :client)
+    def initialize(context, mechanism_name, type = :server)
+      @context = context
+      peer = FFI::MemoryPointer.new :pointer
+      result = nil
+      case type
+        when :client
+          result = Gsasl.gsasl_client_start @context, mechanism_name, peer
+        else
+          result = Gsasl.gsasl_server_start @context, mechanism_name, peer
+      end
+      Gsasl.raise_error!(result)
+    ensure
+      @session = peer.get_pointer(0)
+    end
+    
+    # Sets a property for this peer.
+    # @param [Fixnum] property on of the Gsasl API Keys
+    # @param [String] value the value tho set for the api key
+    # @example
+    #   peer[Gsasl::GSASL_PASSWORD] = "secret"
+    def []=(property, value)
+      Gsasl.gsasl_property_set(@session, property, value)
+    end
+    
+    # Reads a property from the peer.
+    # @param [Fixnum] property on of the Gsasl API Keys
+    # @return [String, nil] The value if there is one or nil
+    # @example
+    #   peer[Gsasl::GSASL_AUTHID] #=> "joe"
+    def [](property)
+      Gsasl.gsasl_property_get(@session, property)
+    end
+    
+    # Registers a callback for the peer. In case a variable is not provided.
+    # @yield [property] The callback that will be calles during the processing.
+    # @yieldparam [Fixnum] property a property for the 
+    # @yieldreturn [Fixnum, nil] The return code for the callback or nil
+    def callback(&block)
+      @callback = block
+    end
+    
+    # Used as a server hook in the local test environment.
+    # @return [Array<Fixnum, String>] Result code and base64 encoded challenge
+    def read #b64_str
+      process
+    end
+    
+    # Used as a server hook in the local test environment.
+    # @param [String] b64_str Base64 encoded challenge
+    # @return [Array<Fixnum, String>] Result code and base64 encoded challenge
+    def send(b64_str)
+      process b64_str
+    end
+    
+    # Authenticates against a server that implemennts read and send.
+    # @param [Gsasl::Peer] server a server peer object
+    # @return [Boolean] true if the authentication was successfull, 
+    #   false otherwise
+    def authenticate(server)
+      result = -1
+      
+      begin
+        result, input = server.read
+        result, output = process input
+        
+        if (result == GSASL_NEEDS_MORE || result == GSASL_OK)
+          result, output = server.send(output)
+        end
+      end while result == GSASL_NEEDS_MORE
+      
+      Gsasl.raise_error!(result) unless Gsasl::GSASL_AUTHENTICATION_ERROR
+      result == Gsasl::GSASL_OK
+    end
+    
+    # Close the authentication peer. This should be done after one
+    # authenticaion.
+    def close
+      Gsasl.gsasl_finish(@session)
+    end
+    
+    # Process a challenge on the peer. There might be no input at the start.
+    # @param [String] input the inital challenge.
+    # @return [Array<Fixnum, String>] Result code and base64 encoded challenge
+    def process(input = nil)
+      output_ptr = FFI::MemoryPointer.new :pointer
+      result = Gsasl.gsasl_step64(@session, input, output_ptr)
+      if result == GSASL_NEEDS_MORE || result == GSASL_OK
+        output = output_ptr.get_pointer(0)
+        [result, output.read_string.to_s]
+      else
+        [result, nil]
+      end
+    ensure  
+      Gsasl.gsasl_free(output)
+    end
+    
+    # Call the callback of the peer.
+    # @param [Fixnum] property the api key.
+    def call(property)
+      @callback.call(property) if @callback
+    end
+  end
+end

data/lib/gsasl/version.rb

@@ -0,0 +1,3 @@
+module Gsasl
+  VERSION = "0.1.0"
+end

data/lib/gsasl.rb

@@ -0,0 +1,8 @@
+require "gsasl/version"
+require "gsasl/native"
+require "gsasl/context"
+require "gsasl/peer"
+
+module Gsasl
+  class GsaslError < StandardError; end
+end

data/spec/authentication_spec.rb

@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+describe "Authentications" do
+  before(:each) do
+    @session = Gsasl::Context.new
+  end
+  
+  describe "CRAM-MD5" do
+    before(:each) do
+      @client = @session.create_client("CRAM-MD5")
+      @server = @session.create_server("CRAM-MD5")
+    end
+    
+    it "should be able to authenticate correctly" do
+      @server.callback do |property|
+        if property == Gsasl::GSASL_PASSWORD
+          if @server[Gsasl::GSASL_AUTHID] == "joe"
+            @server[Gsasl::GSASL_PASSWORD] = "secret"
+          end
+          Gsasl::GSASL_OK
+        end
+      end
+      
+      @client[Gsasl::GSASL_AUTHID] = "joe"
+      @client[Gsasl::GSASL_PASSWORD] = "secret"
+      
+      @client.authenticate(@server).should be_true
+    end
+    
+    it "should be possible to not authenticate correctly" do
+      @server.callback do |property|
+        if property == Gsasl::GSASL_PASSWORD
+          if @server[Gsasl::GSASL_AUTHID] == "joe"
+            @server[Gsasl::GSASL_PASSWORD] = "test"
+          end
+          Gsasl::GSASL_OK
+        end
+      end
+      
+      @client[Gsasl::GSASL_AUTHID] = "joe"
+      @client[Gsasl::GSASL_PASSWORD] = "secret"
+      
+      @client.authenticate(@server).should be_false
+    end    
+    
+    after(:each) do
+      @client.close
+      @server.close
+    end
+  end  
+  
+  after(:each) do
+    @session.close
+  end
+end

data/spec/context_spec.rb

@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe Gsasl::Context do
+  before(:each) do
+    @session = Gsasl::Context.new
+  end
+  
+  it "should be possible to get the version number of gsasl" do
+    @session.version.should =~ /\d.\d.\d/
+  end
+  
+  it "should be possible to check the version" do
+    @session.version("1.7.0").should == nil
+  end
+  
+  it "should be possible to check the support for client authentications" do
+    @session.client_support_for?("CRAM-MD5").should be_true
+    @session.client_support_for?("NONE").should be_false
+  end
+  
+  it "should be possible to check the support for server authentications" do
+    @session.server_support_for?("CRAM-MD5").should be_true
+    @session.server_support_for?("NONE").should be_false
+  end
+  
+  it "should return the supported server mechanisms as list" do
+    @session.server_mechanisms.should include("CRAM-MD5")
+    @session.server_mechanisms.should include("DIGEST-MD5")
+    @session.server_mechanisms.should include("PLAIN")
+  end
+  
+  it "should return the supported client mechanisms as list" do
+    @session.client_mechanisms.should include("CRAM-MD5")
+    @session.client_mechanisms.should include("DIGEST-MD5")
+    @session.client_mechanisms.should include("PLAIN")
+  end
+  
+  after(:each) do
+    @session.close
+  end
+end

data/spec/peer_spec.rb

@@ -0,0 +1,45 @@
+require 'spec_helper'
+
+describe Gsasl::Context do
+  before(:each) do
+    @session = Gsasl::Context.new
+  end
+
+  it "should be possible to create a client peer" do
+    @session.create_client("CRAM-MD5")
+  end
+  
+  context "with peer" do
+    before(:each) do
+      @peer = @session.create_client("CRAM-MD5")
+    end
+    
+    it "should return nil on no values" do
+      @peer[Gsasl::GSASL_AUTHID].should be_nil
+      @peer[Gsasl::GSASL_PASSWORD].should be_nil
+    end
+    
+    it "should be possible to set parameter" do
+      @peer[Gsasl::GSASL_AUTHID] = "joe"
+      @peer[Gsasl::GSASL_PASSWORD] = "secret"
+    end
+    
+    it "should be possible to read set parameter" do
+      @peer[Gsasl::GSASL_AUTHID] = "joe"
+      @peer[Gsasl::GSASL_PASSWORD] = "secret"
+      @peer[Gsasl::GSASL_AUTHID].should == "joe"
+      @peer[Gsasl::GSASL_PASSWORD].should == "secret"
+    end
+    
+    it "should be possible to call a set callback" do
+      test_property = 0
+      @peer.callback { |property| test_property = property }
+      @peer.call(10)
+      test_property.should == 10
+    end
+  end
+
+  after(:each) do
+    @session.close
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,14 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper.rb"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+$:.unshift File.expand_path("../../lib", __FILE__)
+require "gsasl"
+ 
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+end

metadata

@@ -0,0 +1,112 @@
+--- !ruby/object:Gem::Specification
+name: gsasl
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Vincent Landgraf
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-03-25 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ffi
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A library for doing SASL based authentication mechanisms
+email:
+- vilandgr@googlemail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- README.md
+- Rakefile
+- gsasl.gemspec
+- lib/gsasl.rb
+- lib/gsasl/context.rb
+- lib/gsasl/native.rb
+- lib/gsasl/peer.rb
+- lib/gsasl/version.rb
+- spec/authentication_spec.rb
+- spec/context_spec.rb
+- spec/peer_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: gsasl
+rubygems_version: 1.8.19
+signing_key: 
+specification_version: 3
+summary: A lib ffi based wrapper for lib GNU SASL
+test_files:
+- spec/authentication_spec.rb
+- spec/context_spec.rb
+- spec/peer_spec.rb
+- spec/spec_helper.rb