krb5-auth 0.5

Sign up to get free protection for your applications and to get access to all the features.
data/COPYING ADDED
@@ -0,0 +1,510 @@
1
+
2
+ GNU LESSER GENERAL PUBLIC LICENSE
3
+ Version 2.1, February 1999
4
+
5
+ Copyright (C) 1991, 1999 Free Software Foundation, Inc.
6
+ 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
7
+ Everyone is permitted to copy and distribute verbatim copies
8
+ of this license document, but changing it is not allowed.
9
+
10
+ [This is the first released version of the Lesser GPL. It also counts
11
+ as the successor of the GNU Library Public License, version 2, hence
12
+ the version number 2.1.]
13
+
14
+ Preamble
15
+
16
+ The licenses for most software are designed to take away your
17
+ freedom to share and change it. By contrast, the GNU General Public
18
+ Licenses are intended to guarantee your freedom to share and change
19
+ free software--to make sure the software is free for all its users.
20
+
21
+ This license, the Lesser General Public License, applies to some
22
+ specially designated software packages--typically libraries--of the
23
+ Free Software Foundation and other authors who decide to use it. You
24
+ can use it too, but we suggest you first think carefully about whether
25
+ this license or the ordinary General Public License is the better
26
+ strategy to use in any particular case, based on the explanations
27
+ below.
28
+
29
+ When we speak of free software, we are referring to freedom of use,
30
+ not price. Our General Public Licenses are designed to make sure that
31
+ you have the freedom to distribute copies of free software (and charge
32
+ for this service if you wish); that you receive source code or can get
33
+ it if you want it; that you can change the software and use pieces of
34
+ it in new free programs; and that you are informed that you can do
35
+ these things.
36
+
37
+ To protect your rights, we need to make restrictions that forbid
38
+ distributors to deny you these rights or to ask you to surrender these
39
+ rights. These restrictions translate to certain responsibilities for
40
+ you if you distribute copies of the library or if you modify it.
41
+
42
+ For example, if you distribute copies of the library, whether gratis
43
+ or for a fee, you must give the recipients all the rights that we gave
44
+ you. You must make sure that they, too, receive or can get the source
45
+ code. If you link other code with the library, you must provide
46
+ complete object files to the recipients, so that they can relink them
47
+ with the library after making changes to the library and recompiling
48
+ it. And you must show them these terms so they know their rights.
49
+
50
+ We protect your rights with a two-step method: (1) we copyright the
51
+ library, and (2) we offer you this license, which gives you legal
52
+ permission to copy, distribute and/or modify the library.
53
+
54
+ To protect each distributor, we want to make it very clear that
55
+ there is no warranty for the free library. Also, if the library is
56
+ modified by someone else and passed on, the recipients should know
57
+ that what they have is not the original version, so that the original
58
+ author's reputation will not be affected by problems that might be
59
+ introduced by others.
60
+ ^L
61
+ Finally, software patents pose a constant threat to the existence of
62
+ any free program. We wish to make sure that a company cannot
63
+ effectively restrict the users of a free program by obtaining a
64
+ restrictive license from a patent holder. Therefore, we insist that
65
+ any patent license obtained for a version of the library must be
66
+ consistent with the full freedom of use specified in this license.
67
+
68
+ Most GNU software, including some libraries, is covered by the
69
+ ordinary GNU General Public License. This license, the GNU Lesser
70
+ General Public License, applies to certain designated libraries, and
71
+ is quite different from the ordinary General Public License. We use
72
+ this license for certain libraries in order to permit linking those
73
+ libraries into non-free programs.
74
+
75
+ When a program is linked with a library, whether statically or using
76
+ a shared library, the combination of the two is legally speaking a
77
+ combined work, a derivative of the original library. The ordinary
78
+ General Public License therefore permits such linking only if the
79
+ entire combination fits its criteria of freedom. The Lesser General
80
+ Public License permits more lax criteria for linking other code with
81
+ the library.
82
+
83
+ We call this license the "Lesser" General Public License because it
84
+ does Less to protect the user's freedom than the ordinary General
85
+ Public License. It also provides other free software developers Less
86
+ of an advantage over competing non-free programs. These disadvantages
87
+ are the reason we use the ordinary General Public License for many
88
+ libraries. However, the Lesser license provides advantages in certain
89
+ special circumstances.
90
+
91
+ For example, on rare occasions, there may be a special need to
92
+ encourage the widest possible use of a certain library, so that it
93
+ becomes a de-facto standard. To achieve this, non-free programs must
94
+ be allowed to use the library. A more frequent case is that a free
95
+ library does the same job as widely used non-free libraries. In this
96
+ case, there is little to gain by limiting the free library to free
97
+ software only, so we use the Lesser General Public License.
98
+
99
+ In other cases, permission to use a particular library in non-free
100
+ programs enables a greater number of people to use a large body of
101
+ free software. For example, permission to use the GNU C Library in
102
+ non-free programs enables many more people to use the whole GNU
103
+ operating system, as well as its variant, the GNU/Linux operating
104
+ system.
105
+
106
+ Although the Lesser General Public License is Less protective of the
107
+ users' freedom, it does ensure that the user of a program that is
108
+ linked with the Library has the freedom and the wherewithal to run
109
+ that program using a modified version of the Library.
110
+
111
+ The precise terms and conditions for copying, distribution and
112
+ modification follow. Pay close attention to the difference between a
113
+ "work based on the library" and a "work that uses the library". The
114
+ former contains code derived from the library, whereas the latter must
115
+ be combined with the library in order to run.
116
+ ^L
117
+ GNU LESSER GENERAL PUBLIC LICENSE
118
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
119
+
120
+ 0. This License Agreement applies to any software library or other
121
+ program which contains a notice placed by the copyright holder or
122
+ other authorized party saying it may be distributed under the terms of
123
+ this Lesser General Public License (also called "this License").
124
+ Each licensee is addressed as "you".
125
+
126
+ A "library" means a collection of software functions and/or data
127
+ prepared so as to be conveniently linked with application programs
128
+ (which use some of those functions and data) to form executables.
129
+
130
+ The "Library", below, refers to any such software library or work
131
+ which has been distributed under these terms. A "work based on the
132
+ Library" means either the Library or any derivative work under
133
+ copyright law: that is to say, a work containing the Library or a
134
+ portion of it, either verbatim or with modifications and/or translated
135
+ straightforwardly into another language. (Hereinafter, translation is
136
+ included without limitation in the term "modification".)
137
+
138
+ "Source code" for a work means the preferred form of the work for
139
+ making modifications to it. For a library, complete source code means
140
+ all the source code for all modules it contains, plus any associated
141
+ interface definition files, plus the scripts used to control
142
+ compilation and installation of the library.
143
+
144
+ Activities other than copying, distribution and modification are not
145
+ covered by this License; they are outside its scope. The act of
146
+ running a program using the Library is not restricted, and output from
147
+ such a program is covered only if its contents constitute a work based
148
+ on the Library (independent of the use of the Library in a tool for
149
+ writing it). Whether that is true depends on what the Library does
150
+ and what the program that uses the Library does.
151
+
152
+ 1. You may copy and distribute verbatim copies of the Library's
153
+ complete source code as you receive it, in any medium, provided that
154
+ you conspicuously and appropriately publish on each copy an
155
+ appropriate copyright notice and disclaimer of warranty; keep intact
156
+ all the notices that refer to this License and to the absence of any
157
+ warranty; and distribute a copy of this License along with the
158
+ Library.
159
+
160
+ You may charge a fee for the physical act of transferring a copy,
161
+ and you may at your option offer warranty protection in exchange for a
162
+ fee.
163
+
164
+ 2. You may modify your copy or copies of the Library or any portion
165
+ of it, thus forming a work based on the Library, and copy and
166
+ distribute such modifications or work under the terms of Section 1
167
+ above, provided that you also meet all of these conditions:
168
+
169
+ a) The modified work must itself be a software library.
170
+
171
+ b) You must cause the files modified to carry prominent notices
172
+ stating that you changed the files and the date of any change.
173
+
174
+ c) You must cause the whole of the work to be licensed at no
175
+ charge to all third parties under the terms of this License.
176
+
177
+ d) If a facility in the modified Library refers to a function or a
178
+ table of data to be supplied by an application program that uses
179
+ the facility, other than as an argument passed when the facility
180
+ is invoked, then you must make a good faith effort to ensure that,
181
+ in the event an application does not supply such function or
182
+ table, the facility still operates, and performs whatever part of
183
+ its purpose remains meaningful.
184
+
185
+ (For example, a function in a library to compute square roots has
186
+ a purpose that is entirely well-defined independent of the
187
+ application. Therefore, Subsection 2d requires that any
188
+ application-supplied function or table used by this function must
189
+ be optional: if the application does not supply it, the square
190
+ root function must still compute square roots.)
191
+
192
+ These requirements apply to the modified work as a whole. If
193
+ identifiable sections of that work are not derived from the Library,
194
+ and can be reasonably considered independent and separate works in
195
+ themselves, then this License, and its terms, do not apply to those
196
+ sections when you distribute them as separate works. But when you
197
+ distribute the same sections as part of a whole which is a work based
198
+ on the Library, the distribution of the whole must be on the terms of
199
+ this License, whose permissions for other licensees extend to the
200
+ entire whole, and thus to each and every part regardless of who wrote
201
+ it.
202
+
203
+ Thus, it is not the intent of this section to claim rights or contest
204
+ your rights to work written entirely by you; rather, the intent is to
205
+ exercise the right to control the distribution of derivative or
206
+ collective works based on the Library.
207
+
208
+ In addition, mere aggregation of another work not based on the Library
209
+ with the Library (or with a work based on the Library) on a volume of
210
+ a storage or distribution medium does not bring the other work under
211
+ the scope of this License.
212
+
213
+ 3. You may opt to apply the terms of the ordinary GNU General Public
214
+ License instead of this License to a given copy of the Library. To do
215
+ this, you must alter all the notices that refer to this License, so
216
+ that they refer to the ordinary GNU General Public License, version 2,
217
+ instead of to this License. (If a newer version than version 2 of the
218
+ ordinary GNU General Public License has appeared, then you can specify
219
+ that version instead if you wish.) Do not make any other change in
220
+ these notices.
221
+ ^L
222
+ Once this change is made in a given copy, it is irreversible for
223
+ that copy, so the ordinary GNU General Public License applies to all
224
+ subsequent copies and derivative works made from that copy.
225
+
226
+ This option is useful when you wish to copy part of the code of
227
+ the Library into a program that is not a library.
228
+
229
+ 4. You may copy and distribute the Library (or a portion or
230
+ derivative of it, under Section 2) in object code or executable form
231
+ under the terms of Sections 1 and 2 above provided that you accompany
232
+ it with the complete corresponding machine-readable source code, which
233
+ must be distributed under the terms of Sections 1 and 2 above on a
234
+ medium customarily used for software interchange.
235
+
236
+ If distribution of object code is made by offering access to copy
237
+ from a designated place, then offering equivalent access to copy the
238
+ source code from the same place satisfies the requirement to
239
+ distribute the source code, even though third parties are not
240
+ compelled to copy the source along with the object code.
241
+
242
+ 5. A program that contains no derivative of any portion of the
243
+ Library, but is designed to work with the Library by being compiled or
244
+ linked with it, is called a "work that uses the Library". Such a
245
+ work, in isolation, is not a derivative work of the Library, and
246
+ therefore falls outside the scope of this License.
247
+
248
+ However, linking a "work that uses the Library" with the Library
249
+ creates an executable that is a derivative of the Library (because it
250
+ contains portions of the Library), rather than a "work that uses the
251
+ library". The executable is therefore covered by this License.
252
+ Section 6 states terms for distribution of such executables.
253
+
254
+ When a "work that uses the Library" uses material from a header file
255
+ that is part of the Library, the object code for the work may be a
256
+ derivative work of the Library even though the source code is not.
257
+ Whether this is true is especially significant if the work can be
258
+ linked without the Library, or if the work is itself a library. The
259
+ threshold for this to be true is not precisely defined by law.
260
+
261
+ If such an object file uses only numerical parameters, data
262
+ structure layouts and accessors, and small macros and small inline
263
+ functions (ten lines or less in length), then the use of the object
264
+ file is unrestricted, regardless of whether it is legally a derivative
265
+ work. (Executables containing this object code plus portions of the
266
+ Library will still fall under Section 6.)
267
+
268
+ Otherwise, if the work is a derivative of the Library, you may
269
+ distribute the object code for the work under the terms of Section 6.
270
+ Any executables containing that work also fall under Section 6,
271
+ whether or not they are linked directly with the Library itself.
272
+ ^L
273
+ 6. As an exception to the Sections above, you may also combine or
274
+ link a "work that uses the Library" with the Library to produce a
275
+ work containing portions of the Library, and distribute that work
276
+ under terms of your choice, provided that the terms permit
277
+ modification of the work for the customer's own use and reverse
278
+ engineering for debugging such modifications.
279
+
280
+ You must give prominent notice with each copy of the work that the
281
+ Library is used in it and that the Library and its use are covered by
282
+ this License. You must supply a copy of this License. If the work
283
+ during execution displays copyright notices, you must include the
284
+ copyright notice for the Library among them, as well as a reference
285
+ directing the user to the copy of this License. Also, you must do one
286
+ of these things:
287
+
288
+ a) Accompany the work with the complete corresponding
289
+ machine-readable source code for the Library including whatever
290
+ changes were used in the work (which must be distributed under
291
+ Sections 1 and 2 above); and, if the work is an executable linked
292
+ with the Library, with the complete machine-readable "work that
293
+ uses the Library", as object code and/or source code, so that the
294
+ user can modify the Library and then relink to produce a modified
295
+ executable containing the modified Library. (It is understood
296
+ that the user who changes the contents of definitions files in the
297
+ Library will not necessarily be able to recompile the application
298
+ to use the modified definitions.)
299
+
300
+ b) Use a suitable shared library mechanism for linking with the
301
+ Library. A suitable mechanism is one that (1) uses at run time a
302
+ copy of the library already present on the user's computer system,
303
+ rather than copying library functions into the executable, and (2)
304
+ will operate properly with a modified version of the library, if
305
+ the user installs one, as long as the modified version is
306
+ interface-compatible with the version that the work was made with.
307
+
308
+ c) Accompany the work with a written offer, valid for at least
309
+ three years, to give the same user the materials specified in
310
+ Subsection 6a, above, for a charge no more than the cost of
311
+ performing this distribution.
312
+
313
+ d) If distribution of the work is made by offering access to copy
314
+ from a designated place, offer equivalent access to copy the above
315
+ specified materials from the same place.
316
+
317
+ e) Verify that the user has already received a copy of these
318
+ materials or that you have already sent this user a copy.
319
+
320
+ For an executable, the required form of the "work that uses the
321
+ Library" must include any data and utility programs needed for
322
+ reproducing the executable from it. However, as a special exception,
323
+ the materials to be distributed need not include anything that is
324
+ normally distributed (in either source or binary form) with the major
325
+ components (compiler, kernel, and so on) of the operating system on
326
+ which the executable runs, unless that component itself accompanies
327
+ the executable.
328
+
329
+ It may happen that this requirement contradicts the license
330
+ restrictions of other proprietary libraries that do not normally
331
+ accompany the operating system. Such a contradiction means you cannot
332
+ use both them and the Library together in an executable that you
333
+ distribute.
334
+ ^L
335
+ 7. You may place library facilities that are a work based on the
336
+ Library side-by-side in a single library together with other library
337
+ facilities not covered by this License, and distribute such a combined
338
+ library, provided that the separate distribution of the work based on
339
+ the Library and of the other library facilities is otherwise
340
+ permitted, and provided that you do these two things:
341
+
342
+ a) Accompany the combined library with a copy of the same work
343
+ based on the Library, uncombined with any other library
344
+ facilities. This must be distributed under the terms of the
345
+ Sections above.
346
+
347
+ b) Give prominent notice with the combined library of the fact
348
+ that part of it is a work based on the Library, and explaining
349
+ where to find the accompanying uncombined form of the same work.
350
+
351
+ 8. You may not copy, modify, sublicense, link with, or distribute
352
+ the Library except as expressly provided under this License. Any
353
+ attempt otherwise to copy, modify, sublicense, link with, or
354
+ distribute the Library is void, and will automatically terminate your
355
+ rights under this License. However, parties who have received copies,
356
+ or rights, from you under this License will not have their licenses
357
+ terminated so long as such parties remain in full compliance.
358
+
359
+ 9. You are not required to accept this License, since you have not
360
+ signed it. However, nothing else grants you permission to modify or
361
+ distribute the Library or its derivative works. These actions are
362
+ prohibited by law if you do not accept this License. Therefore, by
363
+ modifying or distributing the Library (or any work based on the
364
+ Library), you indicate your acceptance of this License to do so, and
365
+ all its terms and conditions for copying, distributing or modifying
366
+ the Library or works based on it.
367
+
368
+ 10. Each time you redistribute the Library (or any work based on the
369
+ Library), the recipient automatically receives a license from the
370
+ original licensor to copy, distribute, link with or modify the Library
371
+ subject to these terms and conditions. You may not impose any further
372
+ restrictions on the recipients' exercise of the rights granted herein.
373
+ You are not responsible for enforcing compliance by third parties with
374
+ this License.
375
+ ^L
376
+ 11. If, as a consequence of a court judgment or allegation of patent
377
+ infringement or for any other reason (not limited to patent issues),
378
+ conditions are imposed on you (whether by court order, agreement or
379
+ otherwise) that contradict the conditions of this License, they do not
380
+ excuse you from the conditions of this License. If you cannot
381
+ distribute so as to satisfy simultaneously your obligations under this
382
+ License and any other pertinent obligations, then as a consequence you
383
+ may not distribute the Library at all. For example, if a patent
384
+ license would not permit royalty-free redistribution of the Library by
385
+ all those who receive copies directly or indirectly through you, then
386
+ the only way you could satisfy both it and this License would be to
387
+ refrain entirely from distribution of the Library.
388
+
389
+ If any portion of this section is held invalid or unenforceable under
390
+ any particular circumstance, the balance of the section is intended to
391
+ apply, and the section as a whole is intended to apply in other
392
+ circumstances.
393
+
394
+ It is not the purpose of this section to induce you to infringe any
395
+ patents or other property right claims or to contest validity of any
396
+ such claims; this section has the sole purpose of protecting the
397
+ integrity of the free software distribution system which is
398
+ implemented by public license practices. Many people have made
399
+ generous contributions to the wide range of software distributed
400
+ through that system in reliance on consistent application of that
401
+ system; it is up to the author/donor to decide if he or she is willing
402
+ to distribute software through any other system and a licensee cannot
403
+ impose that choice.
404
+
405
+ This section is intended to make thoroughly clear what is believed to
406
+ be a consequence of the rest of this License.
407
+
408
+ 12. If the distribution and/or use of the Library is restricted in
409
+ certain countries either by patents or by copyrighted interfaces, the
410
+ original copyright holder who places the Library under this License
411
+ may add an explicit geographical distribution limitation excluding those
412
+ countries, so that distribution is permitted only in or among
413
+ countries not thus excluded. In such case, this License incorporates
414
+ the limitation as if written in the body of this License.
415
+
416
+ 13. The Free Software Foundation may publish revised and/or new
417
+ versions of the Lesser General Public License from time to time.
418
+ Such new versions will be similar in spirit to the present version,
419
+ but may differ in detail to address new problems or concerns.
420
+
421
+ Each version is given a distinguishing version number. If the Library
422
+ specifies a version number of this License which applies to it and
423
+ "any later version", you have the option of following the terms and
424
+ conditions either of that version or of any later version published by
425
+ the Free Software Foundation. If the Library does not specify a
426
+ license version number, you may choose any version ever published by
427
+ the Free Software Foundation.
428
+ ^L
429
+ 14. If you wish to incorporate parts of the Library into other free
430
+ programs whose distribution conditions are incompatible with these,
431
+ write to the author to ask for permission. For software which is
432
+ copyrighted by the Free Software Foundation, write to the Free
433
+ Software Foundation; we sometimes make exceptions for this. Our
434
+ decision will be guided by the two goals of preserving the free status
435
+ of all derivatives of our free software and of promoting the sharing
436
+ and reuse of software generally.
437
+
438
+ NO WARRANTY
439
+
440
+ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
441
+ WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
442
+ EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
443
+ OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
444
+ KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
445
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
446
+ PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
447
+ LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
448
+ THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
449
+
450
+ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
451
+ WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
452
+ AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
453
+ FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
454
+ CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
455
+ LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
456
+ RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
457
+ FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
458
+ SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
459
+ DAMAGES.
460
+
461
+ END OF TERMS AND CONDITIONS
462
+ ^L
463
+ How to Apply These Terms to Your New Libraries
464
+
465
+ If you develop a new library, and you want it to be of the greatest
466
+ possible use to the public, we recommend making it free software that
467
+ everyone can redistribute and change. You can do so by permitting
468
+ redistribution under these terms (or, alternatively, under the terms
469
+ of the ordinary General Public License).
470
+
471
+ To apply these terms, attach the following notices to the library.
472
+ It is safest to attach them to the start of each source file to most
473
+ effectively convey the exclusion of warranty; and each file should
474
+ have at least the "copyright" line and a pointer to where the full
475
+ notice is found.
476
+
477
+
478
+ <one line to give the library's name and a brief idea of what it does.>
479
+ Copyright (C) <year> <name of author>
480
+
481
+ This library is free software; you can redistribute it and/or
482
+ modify it under the terms of the GNU Lesser General Public
483
+ License as published by the Free Software Foundation; either
484
+ version 2.1 of the License, or (at your option) any later version.
485
+
486
+ This library is distributed in the hope that it will be useful,
487
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
488
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
489
+ Lesser General Public License for more details.
490
+
491
+ You should have received a copy of the GNU Lesser General Public
492
+ License along with this library; if not, write to the Free Software
493
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
494
+
495
+ Also add information on how to contact you by electronic and paper mail.
496
+
497
+ You should also get your employer (if you work as a programmer) or
498
+ your school, if any, to sign a "copyright disclaimer" for the library,
499
+ if necessary. Here is a sample; alter the names:
500
+
501
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the
502
+ library `Frob' (a library for tweaking knobs) written by James
503
+ Random Hacker.
504
+
505
+ <signature of Ty Coon>, 1 April 1990
506
+ Ty Coon, President of Vice
507
+
508
+ That's all there is to it!
509
+
510
+
data/README ADDED
@@ -0,0 +1,21 @@
1
+ Ruby bindings for the Kerberos library
2
+
3
+ This is an implementation of Ruby bindings for the Kerberos library.
4
+
5
+ To build a gem, you'll want to:
6
+
7
+ $ gem build krb5-auth.gemspec
8
+ # gem install krb5-auth-{VERSION}.gem
9
+
10
+ To build an RPM, you'll want to:
11
+
12
+ $ gem build krb5-auth.gemspec
13
+ $ gem2rpm -s -t rubygem-krb5-auth.spec krb5-auth-{VERSION}.gem
14
+ $ rpmbuild --rebuild rubygem-krb5-auth-{VERSION}-{RELEASE}.fc8.src.rpm
15
+
16
+ and then install the resulting RPM.
17
+
18
+ To build it just for development, you'll want to:
19
+ $ cd ext
20
+ $ ruby extconf.rb
21
+ $ make
data/TODO ADDED
@@ -0,0 +1,4 @@
1
+ TODO items:
2
+ 1. Implement cached principal listing (similar to klist)
3
+ 2. Finer-grained error reporting
4
+ 3. Documentation on how to use the API
@@ -0,0 +1,37 @@
1
+ require 'rubygems'
2
+ require 'krb5_auth'
3
+ include Krb5Auth
4
+
5
+ krb5 = Krb5.new
6
+
7
+ # get the default realm
8
+ default_realm = krb5.get_default_realm
9
+ puts "Default realm is: " + default_realm
10
+
11
+ # try to cache non-existant data (this should fail and throw an exception)
12
+ begin
13
+ krb5.cache
14
+ rescue Krb5Auth::Krb5::Exception
15
+ puts "Failed caching credentials before obtaining them. Continuing..."
16
+ end
17
+
18
+ # Get initial credentials for the default principal and default keytab
19
+ krb5.get_init_creds_keytab
20
+
21
+ # cache those credentials in the default cache location
22
+ krb5.cache
23
+
24
+ puts "Principal: " + krb5.get_default_principal
25
+
26
+ # destroy those same credentials from the default cache location
27
+ krb5.destroy
28
+
29
+ # close the object (releases all memory)
30
+ krb5.close
31
+
32
+ # now try to use the object again; this should fail and throw an exception
33
+ begin
34
+ krb5.cache
35
+ rescue Krb5Auth::Krb5::Exception
36
+ puts "Tried to reuse closed object; continuing..."
37
+ end
@@ -0,0 +1,7 @@
1
+ require 'mkmf'
2
+
3
+ extension_name = 'krb5_auth'
4
+ dir_config(extension_name)
5
+ have_library("c", "main")
6
+ have_library("krb5","krb5_init_context")
7
+ create_makefile('krb5_auth')
@@ -0,0 +1,444 @@
1
+ /*
2
+ * ruby_krb5_auth.c: Ruby bindings for Kerberos authentication
3
+ *
4
+ * Copyright (C) 2008 Red Hat Inc.
5
+ *
6
+ * This library is free software; you can redistribute it and/or
7
+ * modify it under the terms of the GNU Lesser General Public
8
+ * License as published by the Free Software Foundation; either
9
+ * version 2.1 of the License, or (at your option) any later version.
10
+ *
11
+ * This library is distributed in the hope that it will be useful,
12
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
13
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
+ * Lesser General Public License for more details.
15
+ *
16
+ * You should have received a copy of the GNU Lesser General Public
17
+ * License along with this library; if not, write to the Free Software
18
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19
+ *
20
+ * Author: Chris Lalancette <clalance@redhat.com>
21
+ */
22
+
23
+ #include "ruby.h"
24
+ #include "krb5.h"
25
+ #include <stdio.h>
26
+ #include <strings.h>
27
+
28
+ static VALUE mKerberos;
29
+ static VALUE cKrb5;
30
+ static VALUE cKrb5_Exception;
31
+
32
+ struct ruby_krb5 {
33
+ krb5_context ctx;
34
+ krb5_creds creds;
35
+ krb5_principal princ;
36
+ };
37
+
38
+ #define OOM_EXCEPT() rb_raise(cKrb5_Exception, "%s", "Error mallocing memory");
39
+ #define NOSTRUCT_EXCEPT() rb_raise(cKrb5_Exception, "%s", "Class not initialized properly (try 'new')");
40
+
41
+ void Krb5_register_error(int error)
42
+ {
43
+ rb_raise(cKrb5_Exception, "%s", error_message(error));
44
+ }
45
+
46
+ static void kerb_free(void *p)
47
+ {
48
+ struct ruby_krb5 *kerb;
49
+
50
+ if (!p)
51
+ return;
52
+
53
+ kerb = (struct ruby_krb5 *)p;
54
+
55
+ // kerb->creds is not a pointer, so we can't check for NULL; however, the
56
+ // implementation of krb5_free_cred_contents does do NULL checking, so it is
57
+ // safe (at least in the MIT version) to call it unconditionally
58
+ krb5_free_cred_contents(kerb->ctx, &kerb->creds);
59
+ if (kerb->princ)
60
+ krb5_free_principal(kerb->ctx, kerb->princ);
61
+ if (kerb->ctx)
62
+ krb5_free_context(kerb->ctx);
63
+ memset(kerb, 0, sizeof(struct ruby_krb5));
64
+ free(kerb);
65
+ }
66
+
67
+ static VALUE Krb5_new(VALUE self)
68
+ {
69
+ struct ruby_krb5 *kerb;
70
+ krb5_error_code krbret;
71
+
72
+ kerb = (struct ruby_krb5 *)malloc(sizeof(struct ruby_krb5));
73
+ if (kerb == NULL) {
74
+ OOM_EXCEPT();
75
+ return Qnil;
76
+ }
77
+
78
+ memset(kerb, 0, sizeof(struct ruby_krb5));
79
+
80
+ krbret = krb5_init_context(&kerb->ctx);
81
+ if (krbret) {
82
+ Krb5_register_error(krbret);
83
+ return Qnil;
84
+ }
85
+
86
+ return Data_Wrap_Struct(cKrb5, NULL, kerb_free, kerb);
87
+ }
88
+
89
+ static VALUE Krb5_get_default_realm(VALUE self)
90
+ {
91
+ struct ruby_krb5 *kerb;
92
+ char *realm;
93
+ VALUE result;
94
+ krb5_error_code krbret;
95
+
96
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
97
+ if (!kerb) {
98
+ NOSTRUCT_EXCEPT();
99
+ return Qfalse;
100
+ }
101
+
102
+ krbret = krb5_get_default_realm(kerb->ctx, &realm);
103
+ if (krbret) {
104
+ Krb5_register_error(krbret);
105
+ return Qnil;
106
+ }
107
+
108
+ result = rb_str_new2(realm);
109
+
110
+ free(realm);
111
+
112
+ return result;
113
+ }
114
+
115
+ static VALUE Krb5_get_default_principal(VALUE self)
116
+ {
117
+ struct ruby_krb5 *kerb;
118
+ char *princ_name;
119
+ VALUE result;
120
+ krb5_error_code krbret;
121
+ krb5_ccache cc;
122
+
123
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
124
+ if (!kerb) {
125
+ NOSTRUCT_EXCEPT();
126
+ return Qfalse;
127
+ }
128
+
129
+ krbret = krb5_cc_default(kerb->ctx, &cc);
130
+ if (krbret) {
131
+ Krb5_register_error(krbret);
132
+ return Qfalse;
133
+ }
134
+
135
+ krbret = krb5_cc_get_principal(kerb->ctx, cc, &kerb->princ);
136
+ if (krbret) {
137
+ krb5_cc_close(kerb->ctx, cc);
138
+ Krb5_register_error(krbret);
139
+ return Qnil;
140
+ }
141
+
142
+ krb5_cc_close(kerb->ctx, cc);
143
+
144
+ krbret = krb5_unparse_name(kerb->ctx, kerb->princ, &princ_name);
145
+ if (krbret) {
146
+ Krb5_register_error(krbret);
147
+ return Qnil;
148
+ }
149
+
150
+ result = rb_str_new2(princ_name);
151
+
152
+ free(princ_name);
153
+
154
+ return result;
155
+ }
156
+
157
+ static VALUE Krb5_get_init_creds_password(VALUE self, VALUE _user, VALUE _pass)
158
+ {
159
+ Check_Type(_user,T_STRING);
160
+ Check_Type(_pass,T_STRING);
161
+ char *user = STR2CSTR(_user);
162
+ char *pass = STR2CSTR(_pass);
163
+
164
+ struct ruby_krb5 *kerb;
165
+ krb5_error_code krbret;
166
+
167
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
168
+ if (!kerb) {
169
+ NOSTRUCT_EXCEPT();
170
+ return Qfalse;
171
+ }
172
+
173
+ krbret = krb5_parse_name(kerb->ctx, user, &kerb->princ);
174
+ if (krbret) {
175
+ goto failed_pass;
176
+ }
177
+
178
+ krbret = krb5_get_init_creds_password(kerb->ctx, &kerb->creds, kerb->princ,
179
+ pass, 0, NULL, 0,NULL, NULL);
180
+ if (krbret) {
181
+ goto failed_pass;
182
+ }
183
+
184
+ return Qtrue;
185
+
186
+ failed_pass:
187
+ Krb5_register_error(krbret);
188
+
189
+ // we will never reach here, since Krb5_register_error will rb_raise(). just
190
+ // leave it to shut the compiler up
191
+ return Qfalse;
192
+ }
193
+
194
+ static VALUE Krb5_get_init_creds_keytab(int argc, VALUE *argv, VALUE self)
195
+ {
196
+ char *princ;
197
+ char *keytab_name;
198
+ struct ruby_krb5 *kerb;
199
+ krb5_error_code krbret;
200
+ krb5_keytab keytab;
201
+
202
+ keytab = NULL;
203
+
204
+ if (argc == 0) {
205
+ keytab_name = NULL;
206
+ princ = NULL;
207
+ }
208
+ else if (argc == 1) {
209
+ Check_Type(argv[0], T_STRING);
210
+ princ = STR2CSTR(argv[0]);
211
+ keytab_name = NULL;
212
+ }
213
+ else if (argc == 2) {
214
+ Check_Type(argv[0], T_STRING);
215
+ Check_Type(argv[1], T_STRING);
216
+ princ = STR2CSTR(argv[0]);
217
+ keytab_name = STR2CSTR(argv[1]);
218
+ }
219
+ else {
220
+ rb_raise(rb_eRuntimeError, "Invalid arguments");
221
+ }
222
+
223
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
224
+ if (!kerb) {
225
+ NOSTRUCT_EXCEPT();
226
+ return Qfalse;
227
+ }
228
+
229
+ if (keytab_name != NULL) {
230
+ krbret = krb5_kt_resolve(kerb->ctx, keytab_name, &keytab);
231
+ if (krbret) {
232
+ goto failed_keytab;
233
+ }
234
+ }
235
+ // implicit else: if we weren't passed a keytab name, just leave keytab as
236
+ // NULL to use the default
237
+
238
+ if (princ != NULL) {
239
+ krbret = krb5_parse_name(kerb->ctx, princ, &kerb->princ);
240
+ }
241
+ else {
242
+ // if we weren't passed a principal, we just get the default principal
243
+ // (which is generally the hostname)
244
+ krbret = krb5_sname_to_principal(kerb->ctx, NULL, NULL, KRB5_NT_SRV_HST,
245
+ &kerb->princ);
246
+ }
247
+ if (krbret) {
248
+ goto failed_keytab;
249
+ }
250
+
251
+ krbret = krb5_get_init_creds_keytab(kerb->ctx, &kerb->creds, kerb->princ,
252
+ keytab, 0, NULL, NULL);
253
+ if (krbret) {
254
+ goto failed_keytab;
255
+ }
256
+
257
+ if (keytab)
258
+ krb5_kt_close(kerb->ctx, keytab);
259
+
260
+ return Qtrue;
261
+
262
+ failed_keytab:
263
+ if (keytab)
264
+ krb5_kt_close(kerb->ctx, keytab);
265
+
266
+ Krb5_register_error(krbret);
267
+
268
+ // we will never reach here, since Krb5_register_error will rb_raise(). just
269
+ // leave it to shut the compiler up
270
+ return Qfalse;
271
+ }
272
+
273
+ static VALUE Krb5_change_password(VALUE self, VALUE _newpass)
274
+ {
275
+ Check_Type(_newpass,T_STRING);
276
+ char *newpass = STR2CSTR(_newpass);
277
+
278
+ struct ruby_krb5 *kerb;
279
+ krb5_error_code krbret;
280
+ int pw_result;
281
+ krb5_data pw_res_string, res_string;
282
+
283
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
284
+ if (!kerb) {
285
+ NOSTRUCT_EXCEPT();
286
+ return Qfalse;
287
+ }
288
+
289
+ krbret = krb5_set_password(kerb->ctx, &kerb->creds, newpass, NULL,
290
+ &pw_result, &pw_res_string, &res_string );
291
+ if (krbret) {
292
+ Krb5_register_error(krbret);
293
+ return Qfalse;
294
+ }
295
+
296
+ return Qtrue;
297
+ }
298
+
299
+ static VALUE Krb5_cache_creds(int argc, VALUE *argv, VALUE self)
300
+ {
301
+ struct ruby_krb5 *kerb;
302
+ krb5_error_code krbret;
303
+ char *cache_name;
304
+ krb5_ccache cc;
305
+
306
+ if (argc == 0) {
307
+ cache_name = NULL;
308
+ }
309
+ else if (argc == 1) {
310
+ Check_Type(argv[0], T_STRING);
311
+ cache_name = STR2CSTR(argv[0]);
312
+ }
313
+ else {
314
+ rb_raise(rb_eRuntimeError, "Invalid arguments");
315
+ }
316
+
317
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
318
+ if (!kerb) {
319
+ NOSTRUCT_EXCEPT();
320
+ return Qfalse;
321
+ }
322
+
323
+ if (!kerb->princ) {
324
+ // OK, it looks like they are trying to cache credentials that they don't
325
+ // yet have; just throw an exception so we don't segfault later
326
+ rb_raise(cKrb5_Exception, "%s", "Attempting to cache before obtaining credentials");
327
+ return Qfalse;
328
+ }
329
+
330
+ if (cache_name == NULL) {
331
+ krbret = krb5_cc_default(kerb->ctx, &cc);
332
+ }
333
+ else {
334
+ krbret = krb5_cc_resolve(kerb->ctx, cache_name, &cc);
335
+ }
336
+
337
+ if (krbret) {
338
+ goto fail_cache;
339
+ }
340
+
341
+ krbret = krb5_cc_initialize(kerb->ctx, cc, kerb->princ);
342
+ if (krbret) {
343
+ goto fail_free_cc;
344
+ }
345
+
346
+ krbret = krb5_cc_store_cred(kerb->ctx, cc, &kerb->creds);
347
+ if (krbret) {
348
+ goto fail_free_cc;
349
+ }
350
+
351
+ krb5_cc_close(kerb->ctx, cc);
352
+
353
+ return Qtrue;
354
+
355
+ fail_free_cc:
356
+ krb5_cc_close(kerb->ctx, cc);
357
+
358
+ fail_cache:
359
+ Krb5_register_error(krbret);
360
+
361
+ // we will never reach here, since Krb5_register_error will rb_raise(). just
362
+ // leave it to shut the compiler up
363
+ return Qfalse;
364
+ }
365
+
366
+ static VALUE Krb5_destroy_creds(int argc, VALUE *argv, VALUE self)
367
+ {
368
+ struct ruby_krb5 *kerb;
369
+ krb5_error_code krbret;
370
+ char *cache_name;
371
+ krb5_ccache cc;
372
+
373
+ if (argc == 0) {
374
+ cache_name = NULL;
375
+ }
376
+ else if (argc == 1) {
377
+ Check_Type(argv[0], T_STRING);
378
+ cache_name = STR2CSTR(argv[0]);
379
+ }
380
+ else {
381
+ rb_raise(rb_eRuntimeError, "Invalid arguments");
382
+ }
383
+
384
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
385
+ if (!kerb) {
386
+ NOSTRUCT_EXCEPT();
387
+ return Qfalse;
388
+ }
389
+
390
+ if (cache_name == NULL) {
391
+ krbret = krb5_cc_default(kerb->ctx, &cc);
392
+ }
393
+ else {
394
+ krbret = krb5_cc_resolve(kerb->ctx, cache_name, &cc);
395
+ }
396
+
397
+ if (krbret) {
398
+ Krb5_register_error(krbret);
399
+ return Qfalse;
400
+ }
401
+
402
+ krbret = krb5_cc_destroy(kerb->ctx, cc);
403
+ if (krbret) {
404
+ Krb5_register_error(krbret);
405
+ return Qfalse;
406
+ }
407
+
408
+ // NOTE: we don't need to call krb5_cc_close here since it is freed
409
+ // automatically by krb5_cc_destroy()
410
+
411
+ return Qtrue;
412
+ }
413
+
414
+ static VALUE Krb5_close(VALUE self)
415
+ {
416
+ struct ruby_krb5 *kerb;
417
+
418
+ Data_Get_Struct(self, struct ruby_krb5, kerb);
419
+ if (kerb) {
420
+ kerb_free(kerb);
421
+ DATA_PTR(self) = NULL;
422
+ }
423
+
424
+ return Qnil;
425
+ }
426
+
427
+ void Init_krb5_auth()
428
+ {
429
+ mKerberos = rb_define_module("Krb5Auth");
430
+
431
+ cKrb5 = rb_define_class_under(mKerberos,"Krb5", rb_cObject);
432
+
433
+ cKrb5_Exception = rb_define_class_under(cKrb5, "Exception", rb_eStandardError);
434
+
435
+ rb_define_singleton_method(cKrb5, "new", Krb5_new, 0);
436
+ rb_define_method(cKrb5, "get_init_creds_password", Krb5_get_init_creds_password, 2);
437
+ rb_define_method(cKrb5, "get_init_creds_keytab", Krb5_get_init_creds_keytab, -1);
438
+ rb_define_method(cKrb5, "get_default_realm", Krb5_get_default_realm, 0);
439
+ rb_define_method(cKrb5, "get_default_principal", Krb5_get_default_principal, 0);
440
+ rb_define_method(cKrb5, "change_password", Krb5_change_password, 1);
441
+ rb_define_method(cKrb5, "cache", Krb5_cache_creds, -1);
442
+ rb_define_method(cKrb5, "destroy", Krb5_destroy_creds, -1);
443
+ rb_define_method(cKrb5, "close", Krb5_close, 0);
444
+ }
@@ -0,0 +1,23 @@
1
+ #
2
+ # krb5-auth.rb: main module for the ruby-krb5-auth bindings
3
+ #
4
+ # Copyright (C) 2008 Red Hat, Inc.
5
+ #
6
+ # Distributed under the GNU Lesser General Public License v2.1 or later.
7
+ # See COPYING for details
8
+ #
9
+ # Chris Lalancette <clalance@redhat.com>
10
+
11
+ require 'krb5_auth'
12
+
13
+ # Ruby C extension for basic Kerberos functions. Tested on Linux with
14
+ # Kerberos 5-1.6.1
15
+ module Krb5Auth
16
+
17
+ # Krb5 contains the kerberos end user functionality, such as user
18
+ # authentication and password changes.
19
+ class Krb5
20
+
21
+ end
22
+
23
+ end
metadata ADDED
@@ -0,0 +1,52 @@
1
+ --- !ruby/object:Gem::Specification
2
+ rubygems_version: 0.9.4
3
+ specification_version: 1
4
+ name: krb5-auth
5
+ version: !ruby/object:Gem::Version
6
+ version: "0.5"
7
+ date: 2008-05-21 00:00:00 +02:00
8
+ summary: Kerberos binding for Ruby
9
+ require_paths:
10
+ - lib
11
+ email: clalance@redhat.com
12
+ homepage:
13
+ rubyforge_project:
14
+ description:
15
+ autorequire: Krb5Auth
16
+ default_executable:
17
+ bindir: bin
18
+ has_rdoc: true
19
+ required_ruby_version: !ruby/object:Gem::Version::Requirement
20
+ requirements:
21
+ - - ">"
22
+ - !ruby/object:Gem::Version
23
+ version: 0.0.0
24
+ version:
25
+ platform: ruby
26
+ signing_key:
27
+ cert_chain:
28
+ post_install_message:
29
+ authors:
30
+ - Chris Lalancette
31
+ files:
32
+ - README
33
+ - lib/krb5-auth.rb
34
+ - bin/example.rb
35
+ - ext/extconf.rb
36
+ - ext/ruby_krb5_auth.c
37
+ - COPYING
38
+ - TODO
39
+ test_files: []
40
+
41
+ rdoc_options: []
42
+
43
+ extra_rdoc_files: []
44
+
45
+ executables: []
46
+
47
+ extensions:
48
+ - ext/extconf.rb
49
+ requirements: []
50
+
51
+ dependencies: []
52
+