net-ssh-kerberos 0.2.6 → 0.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION.yml +1 -1
- data/example/sspi.rb +5 -11
- data/lib/net/ssh/kerberos/context.rb +1 -1
- data/lib/net/ssh/kerberos/drivers/sspi.rb +5 -5
- data/net-ssh-kerberos.gemspec +2 -2
- data/test/sspi_test.rb +2 -2
- metadata +4 -4
data/VERSION.yml
CHANGED
data/example/sspi.rb
CHANGED
|
@@ -21,7 +21,7 @@ if result.ok?
|
|
|
21
21
|
pkg_info = API._args_[1]
|
|
22
22
|
$stderr.puts "querySecurityPackageInfo: (#{result}) #{pkg_info.comment} (max_token=#{pkg_info.max_token})"
|
|
23
23
|
@max_token = pkg_info.max_token
|
|
24
|
-
result = API.freeContextBuffer pkg_info
|
|
24
|
+
result = API.freeContextBuffer pkg_info.to_ptr
|
|
25
25
|
$stderr.puts "freeContextBuffer: (#{result})"
|
|
26
26
|
else
|
|
27
27
|
$stderr.puts "querySecurityPackageInfo: (#{result})"
|
|
@@ -39,21 +39,15 @@ if result.ok?
|
|
|
39
39
|
result = API.freeContextBuffer names
|
|
40
40
|
$stderr.puts "freeContextBuffer: (#{result})"
|
|
41
41
|
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
output = API::SecBufferDesc.malloc
|
|
47
|
-
output.version = 0
|
|
48
|
-
output.count = 1
|
|
49
|
-
output.buffers = token.to_ptr
|
|
42
|
+
output = API::SecBufferDesc.create @max_token
|
|
43
|
+
if $DEBUG
|
|
44
|
+
$stderr.puts "SecBufferDesc.create: #{output.inspect} => #{output.buffer(0).inspect} => #{output.buffer(0).data.inspect}"
|
|
45
|
+
end
|
|
50
46
|
result = API.initializeSecurityContext creds, nil, 'host/'+Socket.gethostbyname('localhost')[0],
|
|
51
47
|
ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | ISC_REQ_INTEGRITY, 0, SECURITY_NATIVE_DREP,
|
|
52
48
|
nil, 0, ctx=API::SecHandle.malloc, output, 0, ts=API::TimeStamp.malloc
|
|
53
49
|
if result.ok?
|
|
54
50
|
$stderr.puts "initializeSecurityContext: (#{result}) ctx=#{! ctx.nil?} token.length=#{output.buffer(0).length}"
|
|
55
|
-
result = API.freeContextBuffer token.data
|
|
56
|
-
$stderr.puts "freeContextBuffer: (#{result})"
|
|
57
51
|
result = API.deleteSecurityContext ctx
|
|
58
52
|
$stderr.puts "deleteSecurityContext: (#{result})"
|
|
59
53
|
else
|
|
@@ -57,7 +57,7 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
57
57
|
SecPkgInfo = struct [ "ULONG capabilities", "USHORT version", "USHORT rpcid",
|
|
58
58
|
"ULONG max_token", "SEC_CHAR *name", "SEC_CHAR *comment" ]
|
|
59
59
|
typealias "PSecPkgInfo", "p", PTR_REF_ENC, PTR_REF_DEC(SecPkgInfo)
|
|
60
|
-
SecHandle = struct2([ "
|
|
60
|
+
SecHandle = struct2([ "S lower", "S upper" ]) do def nil?; lower.nil? && upper.nil? end end
|
|
61
61
|
typealias "PSecHandle", "P"
|
|
62
62
|
typealias "PCredHandle", "PSecHandle"
|
|
63
63
|
typealias "PCtxtHandle", "PSecHandle"
|
|
@@ -69,7 +69,7 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
69
69
|
def buffer(n) SecBuffer.new(@ptr[:buffers] + SecBuffer.size * n) end
|
|
70
70
|
end
|
|
71
71
|
typealias "PSecBufferDesc", "P"
|
|
72
|
-
TimeStamp =
|
|
72
|
+
TimeStamp = struct2([ "ULONG lower", "ULONG upper" ]) do def nil?; lower.zero? && upper.zero? end end
|
|
73
73
|
typealias "PTimeStamp", "P"
|
|
74
74
|
SecPkgSizes = struct [ "ULONG max_token", "ULONG max_signature",
|
|
75
75
|
"ULONG block_size", "ULONG security_trailer" ]
|
|
@@ -147,7 +147,7 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
147
147
|
result = API.querySecurityPackageInfo "Kerberos", nil
|
|
148
148
|
if result.ok? and ! (pkg_info = API._args_[1]).nil?
|
|
149
149
|
@@max_token = pkg_info.max_token
|
|
150
|
-
API.freeContextBuffer pkg_info
|
|
150
|
+
API.freeContextBuffer pkg_info.to_ptr
|
|
151
151
|
else
|
|
152
152
|
raise "SSPI reports no support for Kerberos authentication"
|
|
153
153
|
end
|
|
@@ -157,14 +157,14 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
157
157
|
prev = @state.handle if @state && ! @state.handle.nil?
|
|
158
158
|
ctx = prev || API::SecHandle.malloc
|
|
159
159
|
input = API::SecBufferDesc.create(token) if token
|
|
160
|
-
output = API::SecBufferDesc.create(12288)
|
|
160
|
+
output = API::SecBufferDesc.create(SSPI.max_token || 12288)
|
|
161
161
|
result = API.initializeSecurityContext @credentials, prev, @target,
|
|
162
162
|
ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | ISC_REQ_INTEGRITY, 0,
|
|
163
163
|
SECURITY_NATIVE_DREP, input, 0, ctx, output, 0, ts=API::TimeStamp.malloc
|
|
164
164
|
result.failure? and raise GeneralError, "Error initializing security context: #{result}"
|
|
165
165
|
result = API.completeAuthToken ctx, output if result.incomplete?
|
|
166
166
|
result.failure? and raise GeneralError, "Error initializing security context: #{result}"
|
|
167
|
-
bdata = output.buffer(0).to_s if output.
|
|
167
|
+
bdata = output.buffer(0).to_s if output.count > 0 and output.buffers and output.buffer(0)
|
|
168
168
|
@state = State.new(ctx, result, bdata, ts)
|
|
169
169
|
if result.complete?
|
|
170
170
|
result = API.queryContextAttributes @state.handle, SECPKG_ATTR_SIZES, @sizes=API::SecPkgSizes.malloc
|
data/net-ssh-kerberos.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{net-ssh-kerberos}
|
|
8
|
-
s.version = "0.2.
|
|
8
|
+
s.version = "0.2.7"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["Joe Khoobyar"]
|
|
12
|
-
s.date = %q{2011-04-
|
|
12
|
+
s.date = %q{2011-04-28}
|
|
13
13
|
s.description = %q{Extends Net::SSH by adding Kerberos authentication capability for password-less logins on multiple platforms.
|
|
14
14
|
}
|
|
15
15
|
s.email = %q{joe@ankhcraft.com}
|
data/test/sspi_test.rb
CHANGED
|
@@ -14,7 +14,7 @@ if Net::SSH::Kerberos::Drivers.available.include? 'SSPI'
|
|
|
14
14
|
assert_equal pkg_info.name.to_s, "Kerberos"
|
|
15
15
|
assert pkg_info.max_token >= 128, "The maximum token size is assumed to be greater than 127 bytes"
|
|
16
16
|
assert pkg_info.max_token <= 12288, "The maximum token size is assumed to be less than 12289 bytes"
|
|
17
|
-
result = API.freeContextBuffer pkg_info
|
|
17
|
+
result = API.freeContextBuffer pkg_info.to_ptr
|
|
18
18
|
assert result.ok?, "freeContextBuffer failed: #{result}"
|
|
19
19
|
end
|
|
20
20
|
|
|
@@ -40,7 +40,7 @@ if Net::SSH::Kerberos::Drivers.available.include? 'SSPI'
|
|
|
40
40
|
begin
|
|
41
41
|
assert ! ctx.nil?, "Should initialize a context handle"
|
|
42
42
|
assert ! output.buffer(0).data.nil?, "Should output a token into the buffer"
|
|
43
|
-
assert output.buffer(0).length
|
|
43
|
+
assert output.buffer(0).length <= 12288, "Should output a token into the buffer"
|
|
44
44
|
ensure
|
|
45
45
|
ctx = nil if (result = API.deleteSecurityContext(ctx)).ok?
|
|
46
46
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: net-ssh-kerberos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 25
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 2
|
|
9
|
-
-
|
|
10
|
-
version: 0.2.
|
|
9
|
+
- 7
|
|
10
|
+
version: 0.2.7
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Joe Khoobyar
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-04-
|
|
18
|
+
date: 2011-04-28 00:00:00 Z
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|
|
21
21
|
name: net-ssh
|