net-ssh-kerberos 0.2.6 → 0.2.7
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION.yml +1 -1
- data/example/sspi.rb +5 -11
- data/lib/net/ssh/kerberos/context.rb +1 -1
- data/lib/net/ssh/kerberos/drivers/sspi.rb +5 -5
- data/net-ssh-kerberos.gemspec +2 -2
- data/test/sspi_test.rb +2 -2
- metadata +4 -4
data/VERSION.yml
CHANGED
data/example/sspi.rb
CHANGED
|
@@ -21,7 +21,7 @@ if result.ok?
|
|
|
21
21
|
pkg_info = API._args_[1]
|
|
22
22
|
$stderr.puts "querySecurityPackageInfo: (#{result}) #{pkg_info.comment} (max_token=#{pkg_info.max_token})"
|
|
23
23
|
@max_token = pkg_info.max_token
|
|
24
|
-
result = API.freeContextBuffer pkg_info
|
|
24
|
+
result = API.freeContextBuffer pkg_info.to_ptr
|
|
25
25
|
$stderr.puts "freeContextBuffer: (#{result})"
|
|
26
26
|
else
|
|
27
27
|
$stderr.puts "querySecurityPackageInfo: (#{result})"
|
|
@@ -39,21 +39,15 @@ if result.ok?
|
|
|
39
39
|
result = API.freeContextBuffer names
|
|
40
40
|
$stderr.puts "freeContextBuffer: (#{result})"
|
|
41
41
|
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
output = API::SecBufferDesc.malloc
|
|
47
|
-
output.version = 0
|
|
48
|
-
output.count = 1
|
|
49
|
-
output.buffers = token.to_ptr
|
|
42
|
+
output = API::SecBufferDesc.create @max_token
|
|
43
|
+
if $DEBUG
|
|
44
|
+
$stderr.puts "SecBufferDesc.create: #{output.inspect} => #{output.buffer(0).inspect} => #{output.buffer(0).data.inspect}"
|
|
45
|
+
end
|
|
50
46
|
result = API.initializeSecurityContext creds, nil, 'host/'+Socket.gethostbyname('localhost')[0],
|
|
51
47
|
ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | ISC_REQ_INTEGRITY, 0, SECURITY_NATIVE_DREP,
|
|
52
48
|
nil, 0, ctx=API::SecHandle.malloc, output, 0, ts=API::TimeStamp.malloc
|
|
53
49
|
if result.ok?
|
|
54
50
|
$stderr.puts "initializeSecurityContext: (#{result}) ctx=#{! ctx.nil?} token.length=#{output.buffer(0).length}"
|
|
55
|
-
result = API.freeContextBuffer token.data
|
|
56
|
-
$stderr.puts "freeContextBuffer: (#{result})"
|
|
57
51
|
result = API.deleteSecurityContext ctx
|
|
58
52
|
$stderr.puts "deleteSecurityContext: (#{result})"
|
|
59
53
|
else
|
|
@@ -57,7 +57,7 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
57
57
|
SecPkgInfo = struct [ "ULONG capabilities", "USHORT version", "USHORT rpcid",
|
|
58
58
|
"ULONG max_token", "SEC_CHAR *name", "SEC_CHAR *comment" ]
|
|
59
59
|
typealias "PSecPkgInfo", "p", PTR_REF_ENC, PTR_REF_DEC(SecPkgInfo)
|
|
60
|
-
SecHandle = struct2([ "
|
|
60
|
+
SecHandle = struct2([ "S lower", "S upper" ]) do def nil?; lower.nil? && upper.nil? end end
|
|
61
61
|
typealias "PSecHandle", "P"
|
|
62
62
|
typealias "PCredHandle", "PSecHandle"
|
|
63
63
|
typealias "PCtxtHandle", "PSecHandle"
|
|
@@ -69,7 +69,7 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
69
69
|
def buffer(n) SecBuffer.new(@ptr[:buffers] + SecBuffer.size * n) end
|
|
70
70
|
end
|
|
71
71
|
typealias "PSecBufferDesc", "P"
|
|
72
|
-
TimeStamp =
|
|
72
|
+
TimeStamp = struct2([ "ULONG lower", "ULONG upper" ]) do def nil?; lower.zero? && upper.zero? end end
|
|
73
73
|
typealias "PTimeStamp", "P"
|
|
74
74
|
SecPkgSizes = struct [ "ULONG max_token", "ULONG max_signature",
|
|
75
75
|
"ULONG block_size", "ULONG security_trailer" ]
|
|
@@ -147,7 +147,7 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
147
147
|
result = API.querySecurityPackageInfo "Kerberos", nil
|
|
148
148
|
if result.ok? and ! (pkg_info = API._args_[1]).nil?
|
|
149
149
|
@@max_token = pkg_info.max_token
|
|
150
|
-
API.freeContextBuffer pkg_info
|
|
150
|
+
API.freeContextBuffer pkg_info.to_ptr
|
|
151
151
|
else
|
|
152
152
|
raise "SSPI reports no support for Kerberos authentication"
|
|
153
153
|
end
|
|
@@ -157,14 +157,14 @@ module Net; module SSH; module Kerberos; module Drivers
|
|
|
157
157
|
prev = @state.handle if @state && ! @state.handle.nil?
|
|
158
158
|
ctx = prev || API::SecHandle.malloc
|
|
159
159
|
input = API::SecBufferDesc.create(token) if token
|
|
160
|
-
output = API::SecBufferDesc.create(12288)
|
|
160
|
+
output = API::SecBufferDesc.create(SSPI.max_token || 12288)
|
|
161
161
|
result = API.initializeSecurityContext @credentials, prev, @target,
|
|
162
162
|
ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | ISC_REQ_INTEGRITY, 0,
|
|
163
163
|
SECURITY_NATIVE_DREP, input, 0, ctx, output, 0, ts=API::TimeStamp.malloc
|
|
164
164
|
result.failure? and raise GeneralError, "Error initializing security context: #{result}"
|
|
165
165
|
result = API.completeAuthToken ctx, output if result.incomplete?
|
|
166
166
|
result.failure? and raise GeneralError, "Error initializing security context: #{result}"
|
|
167
|
-
bdata = output.buffer(0).to_s if output.
|
|
167
|
+
bdata = output.buffer(0).to_s if output.count > 0 and output.buffers and output.buffer(0)
|
|
168
168
|
@state = State.new(ctx, result, bdata, ts)
|
|
169
169
|
if result.complete?
|
|
170
170
|
result = API.queryContextAttributes @state.handle, SECPKG_ATTR_SIZES, @sizes=API::SecPkgSizes.malloc
|
data/net-ssh-kerberos.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{net-ssh-kerberos}
|
|
8
|
-
s.version = "0.2.
|
|
8
|
+
s.version = "0.2.7"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["Joe Khoobyar"]
|
|
12
|
-
s.date = %q{2011-04-
|
|
12
|
+
s.date = %q{2011-04-28}
|
|
13
13
|
s.description = %q{Extends Net::SSH by adding Kerberos authentication capability for password-less logins on multiple platforms.
|
|
14
14
|
}
|
|
15
15
|
s.email = %q{joe@ankhcraft.com}
|
data/test/sspi_test.rb
CHANGED
|
@@ -14,7 +14,7 @@ if Net::SSH::Kerberos::Drivers.available.include? 'SSPI'
|
|
|
14
14
|
assert_equal pkg_info.name.to_s, "Kerberos"
|
|
15
15
|
assert pkg_info.max_token >= 128, "The maximum token size is assumed to be greater than 127 bytes"
|
|
16
16
|
assert pkg_info.max_token <= 12288, "The maximum token size is assumed to be less than 12289 bytes"
|
|
17
|
-
result = API.freeContextBuffer pkg_info
|
|
17
|
+
result = API.freeContextBuffer pkg_info.to_ptr
|
|
18
18
|
assert result.ok?, "freeContextBuffer failed: #{result}"
|
|
19
19
|
end
|
|
20
20
|
|
|
@@ -40,7 +40,7 @@ if Net::SSH::Kerberos::Drivers.available.include? 'SSPI'
|
|
|
40
40
|
begin
|
|
41
41
|
assert ! ctx.nil?, "Should initialize a context handle"
|
|
42
42
|
assert ! output.buffer(0).data.nil?, "Should output a token into the buffer"
|
|
43
|
-
assert output.buffer(0).length
|
|
43
|
+
assert output.buffer(0).length <= 12288, "Should output a token into the buffer"
|
|
44
44
|
ensure
|
|
45
45
|
ctx = nil if (result = API.deleteSecurityContext(ctx)).ok?
|
|
46
46
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: net-ssh-kerberos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 25
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 2
|
|
9
|
-
-
|
|
10
|
-
version: 0.2.
|
|
9
|
+
- 7
|
|
10
|
+
version: 0.2.7
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Joe Khoobyar
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-04-
|
|
18
|
+
date: 2011-04-28 00:00:00 Z
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|
|
21
21
|
name: net-ssh
|