rkerberos 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fad6b2ef21cbb2b32b0e4e3f82bf721bc9f2657d
4
- data.tar.gz: f24b854f2280641f2637007142a94a765f95682a
3
+ metadata.gz: b3bb9284b0e33854b70e8b3bb81a363ef17d431d
4
+ data.tar.gz: 144e3ceffc05e362b6a1ca016ceae205771bca77
5
5
  SHA512:
6
- metadata.gz: e4c5d5c5e95e59d2916f2e0cdc77df87c6df0e23b0d6f0c4edf148cc62316f6d150665de63d61f7954c25b5b7f5802e4ff970a5865b82857607af126403f68c6
7
- data.tar.gz: b0c3e66a5d700d4426a05b801124309411bfe78bb60dce5d2cc90f92a3c399b31c4c5eb13892751a7085d23416049d90840a89a818bce1544799181139f768bf
6
+ metadata.gz: 1795e8628f251b6283e8290d7af9d9379682ee599d2f94521b3d90d7d34651fbea4d71f373acd9da87482ad8c40126e36d0799613be6a2f47aad2d07643a1c64
7
+ data.tar.gz: 6f876d9ec6e2fc8baade8be576a8247b5e6f8a5f0444af14c3618020d8fd51bffa377e5e1dff9d3de8a224e2f8b8a8ed9846a2551c4bd4faf4ce26f947a77adc
data/CHANGES CHANGED
@@ -1,3 +1,9 @@
1
+ = 0.1.4 - 14-Oct-2016
2
+ * Implement db_args functionality in kadmin (fixes #8)
3
+ * Fix a double-free error when setting the realm for a principal
4
+ * Fix an error in policy creation that would sometimes cause a communication failure
5
+ * Set C99 as the C Standard and fix all compiler warnings at this level
6
+
1
7
  = 0.1.3 - 07-Sep-2013
2
8
  * Add optional 'service' argument to get_init_creds_password (fixes #3)
3
9
  * Artistic License 2.0 text now included (fixes #2)
data/README.md CHANGED
@@ -4,13 +4,15 @@
4
4
  # Requirements
5
5
  Kerberos 1.7.0 or later, including admin header and library files.
6
6
 
7
- # OSX
7
+ # OS X (10.11)
8
8
  krb5 must be installed from source before installing the rkerberos gem:
9
9
  ```
10
- wget http://web.mit.edu/kerberos/dist/krb5/1.10/krb5-1.10.2-signed.tar
11
- tar -xf krb5-1.10.2-signed.tar
12
- tar -xf krb5-1.10.2-signed.tar.gz
13
- cd krb5-1.10.2
10
+ brew install openssl
11
+ curl -0 http://web.mit.edu/kerberos/dist/krb5/1.14/krb5-1.14.tar.gz
12
+ tar -xzf krb5-1.14.tar.gz
13
+ cd krb5-1.14/src
14
+ export CPPFLAGS='-I/usr/local/opt/openssl/include'
15
+ export LDFLAGS='-L/usr/local/opt/openssl/lib'
14
16
  ./configure
15
17
  make
16
18
  make install
@@ -60,6 +62,7 @@
60
62
  # Authors
61
63
  * Daniel Berger
62
64
  * Dominic Cleal (maintainer)
65
+ * Simon Levermann (maintainer)
63
66
 
64
67
  # License
65
68
  rkerberos is distributed under the Artistic 2.0 license.
data/Rakefile CHANGED
@@ -3,6 +3,7 @@ require 'rake/testtask'
3
3
  require 'rake/extensiontask'
4
4
  require 'rake/clean'
5
5
  require 'rbconfig'
6
+ require 'rubygems/package'
6
7
 
7
8
  Rake::ExtensionTask.new('rkerberos')
8
9
 
@@ -36,7 +37,7 @@ namespace :gem do
36
37
  desc 'Create the gem'
37
38
  task :create => [:clean] do
38
39
  spec = eval(IO.read('rkerberos.gemspec'))
39
- Gem::Builder.new(spec).build
40
+ Gem::Package.build(spec)
40
41
  end
41
42
 
42
43
  desc 'Install the gem'
@@ -56,7 +56,7 @@ static VALUE rkrb5_ccache_initialize(int argc, VALUE* argv, VALUE self){
56
56
 
57
57
  kerror = krb5_parse_name(
58
58
  ptr->ctx,
59
- StringValuePtr(v_principal),
59
+ StringValueCStr(v_principal),
60
60
  &ptr->principal
61
61
  );
62
62
 
@@ -79,7 +79,7 @@ static VALUE rkrb5_ccache_initialize(int argc, VALUE* argv, VALUE self){
79
79
  }
80
80
  else{
81
81
  Check_Type(v_name, T_STRING);
82
- kerror = krb5_cc_resolve(ptr->ctx, StringValuePtr(v_name), &ptr->ccache);
82
+ kerror = krb5_cc_resolve(ptr->ctx, StringValueCStr(v_name), &ptr->ccache);
83
83
 
84
84
  if(kerror)
85
85
  rb_raise(cKrb5Exception, "krb5_cc_resolve: %s", error_message(kerror));
@@ -163,11 +163,8 @@ static VALUE rkadm5_config_initialize(VALUE self){
163
163
  }
164
164
 
165
165
  static VALUE rkadm5_config_inspect(VALUE self){
166
- RUBY_KADM5_CONFIG* ptr;
167
166
  VALUE v_str;
168
167
 
169
- Data_Get_Struct(self, RUBY_KADM5_CONFIG, ptr);
170
-
171
168
  v_str = rb_str_new2("#<");
172
169
  rb_str_buf_cat2(v_str, rb_obj_classname(self));
173
170
  rb_str_buf_cat2(v_str, " ");
@@ -15,4 +15,11 @@ else
15
15
  raise "kadm5clnt library not found"
16
16
  end
17
17
 
18
+ if have_header('kdb.h')
19
+ have_library('libkdb5')
20
+ else
21
+ raise 'kdb5 library not found'
22
+ end
23
+
24
+ $CFLAGS << '-std=c99 -Wall -pedantic'
18
25
  create_makefile('rkerberos')
@@ -1,4 +1,5 @@
1
1
  #include <rkerberos.h>
2
+ #include <kdb.h>
2
3
 
3
4
  VALUE cKadm5;
4
5
  VALUE cKadm5Exception;
@@ -6,6 +7,10 @@ VALUE cKadm5PrincipalNotFoundException;
6
7
 
7
8
  // Prototype
8
9
  static VALUE rkadm5_close(VALUE);
10
+ char** parse_db_args(VALUE v_db_args);
11
+ void add_db_args(kadm5_principal_ent_rec*, char**);
12
+ void add_tl_data(krb5_int16 *, krb5_tl_data **,
13
+ krb5_int16, krb5_ui_2, krb5_octet *);
9
14
 
10
15
  // Free function for the Kerberos::Kadm5 class.
11
16
  static void rkadm5_free(RUBY_KADM5* ptr){
@@ -18,6 +23,7 @@ static void rkadm5_free(RUBY_KADM5* ptr){
18
23
  if(ptr->ctx)
19
24
  krb5_free_context(ptr->ctx);
20
25
 
26
+ free(ptr->db_args);
21
27
  free(ptr);
22
28
  }
23
29
 
@@ -44,10 +50,15 @@ static VALUE rkadm5_allocate(VALUE klass){
44
50
  *
45
51
  * You may also pass the :service option to specify the service name. The
46
52
  * default is kadmin/admin.
53
+ *
54
+ * There is also a :db_args option, which is a single string or array of strings
55
+ * containing options usually passed to kadmin with the -x switch. For a list of
56
+ * available options, see the kadmin manpage
57
+ *
47
58
  */
48
59
  static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
49
60
  RUBY_KADM5* ptr;
50
- VALUE v_principal, v_password, v_keytab, v_service;
61
+ VALUE v_principal, v_password, v_keytab, v_service, v_db_args;
51
62
  char* user;
52
63
  char* pass = NULL;
53
64
  char* keytab = NULL;
@@ -64,7 +75,7 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
64
75
  rb_raise(rb_eArgError, "principal must be specified");
65
76
 
66
77
  Check_Type(v_principal, T_STRING);
67
- user = StringValuePtr(v_principal);
78
+ user = StringValueCStr(v_principal);
68
79
 
69
80
  v_password = rb_hash_aref2(v_opts, "password");
70
81
  v_keytab = rb_hash_aref2(v_opts, "keytab");
@@ -74,19 +85,22 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
74
85
 
75
86
  if(RTEST(v_password)){
76
87
  Check_Type(v_password, T_STRING);
77
- pass = StringValuePtr(v_password);
88
+ pass = StringValueCStr(v_password);
78
89
  }
79
90
 
80
91
  v_service = rb_hash_aref2(v_opts, "service");
81
92
 
82
93
  if(NIL_P(v_service)){
83
- service = "kadmin/admin";
94
+ service = (char *) "kadmin/admin";
84
95
  }
85
96
  else{
86
97
  Check_Type(v_service, T_STRING);
87
- service = StringValuePtr(v_service);
98
+ service = StringValueCStr(v_service);
88
99
  }
89
100
 
101
+ v_db_args = rb_hash_aref2(v_opts, "db_args");
102
+ ptr->db_args = parse_db_args(v_db_args);
103
+
90
104
  // Normally I would wait to initialize the context, but we might need it
91
105
  // to get the default keytab file name.
92
106
  kerror = krb5_init_context(&ptr->ctx);
@@ -108,7 +122,7 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
108
122
  }
109
123
  else{
110
124
  Check_Type(v_keytab, T_STRING);
111
- keytab = StringValuePtr(v_keytab);
125
+ keytab = StringValueCStr(v_keytab);
112
126
  }
113
127
  }
114
128
 
@@ -122,7 +136,7 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
122
136
  NULL,
123
137
  KADM5_STRUCT_VERSION,
124
138
  KADM5_API_VERSION_3,
125
- NULL,
139
+ ptr->db_args,
126
140
  &ptr->handle
127
141
  );
128
142
  #else
@@ -133,7 +147,7 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
133
147
  NULL,
134
148
  KADM5_STRUCT_VERSION,
135
149
  KADM5_API_VERSION_2,
136
- NULL,
150
+ ptr->db_args,
137
151
  &ptr->handle
138
152
  );
139
153
  #endif
@@ -151,7 +165,7 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
151
165
  NULL,
152
166
  KADM5_STRUCT_VERSION,
153
167
  KADM5_API_VERSION_3,
154
- NULL,
168
+ ptr->db_args,
155
169
  &ptr->handle
156
170
  );
157
171
  #else
@@ -162,7 +176,7 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
162
176
  NULL,
163
177
  KADM5_STRUCT_VERSION,
164
178
  KADM5_API_VERSION_2,
165
- NULL,
179
+ ptr->db_args,
166
180
  &ptr->handle
167
181
  );
168
182
  #endif
@@ -188,15 +202,17 @@ static VALUE rkadm5_initialize(VALUE self, VALUE v_opts){
188
202
  * Set the password for +user+ (i.e. the principal) to +password+.
189
203
  */
190
204
  static VALUE rkadm5_set_password(VALUE self, VALUE v_user, VALUE v_pass){
191
- Check_Type(v_user, T_STRING);
192
- Check_Type(v_pass, T_STRING);
193
-
194
205
  RUBY_KADM5* ptr;
195
- char* user = StringValuePtr(v_user);
196
- char* pass = StringValuePtr(v_pass);
197
206
  krb5_error_code kerror;
207
+ char *user;
208
+ char *pass;
209
+
210
+ Check_Type(v_user, T_STRING);
211
+ Check_Type(v_pass, T_STRING);
198
212
 
199
213
  Data_Get_Struct(self, RUBY_KADM5, ptr);
214
+ user = StringValueCStr(v_user);
215
+ pass = StringValueCStr(v_pass);
200
216
 
201
217
  if(!ptr->ctx)
202
218
  rb_raise(cKadm5Exception, "no context has been established");
@@ -216,31 +232,41 @@ static VALUE rkadm5_set_password(VALUE self, VALUE v_user, VALUE v_pass){
216
232
 
217
233
  /*
218
234
  * call-seq:
219
- * kadm5.create_principal(name, password)
235
+ * kadm5.create_principal(name, password, db_args=nil)
220
236
  * kadm5.create_principal(principal)
221
237
  *
222
238
  * Creates a new principal +name+ with an initial password of +password+.
239
+ * +db_args+ is an optional string or array of strings containing options that are usually
240
+ * passed to add_principal with the -x option. For a list of options, see the kadmin manpage,
241
+ * in the add_principal section.
223
242
  *--
224
243
  * TODO: Allow a Principal object to be passed in as an argument.
225
244
  */
226
- static VALUE rkadm5_create_principal(VALUE self, VALUE v_user, VALUE v_pass){
245
+ static VALUE rkadm5_create_principal(int argc, VALUE* argv, VALUE self){
227
246
  RUBY_KADM5* ptr;
228
247
  char* user;
229
248
  char* pass;
249
+ char** db_args;
230
250
  int mask;
231
251
  kadm5_principal_ent_rec princ;
232
252
  krb5_error_code kerror;
253
+ VALUE v_user, v_pass, v_db_args;
233
254
 
234
255
  Data_Get_Struct(self, RUBY_KADM5, ptr);
235
256
 
257
+ rb_scan_args(argc, argv, "21", &v_user, &v_pass, &v_db_args);
236
258
  Check_Type(v_user, T_STRING);
237
259
  Check_Type(v_pass, T_STRING);
238
260
 
239
261
  memset(&princ, 0, sizeof(princ));
240
262
 
241
- mask = KADM5_PRINCIPAL;
242
- user = StringValuePtr(v_user);
243
- pass = StringValuePtr(v_pass);
263
+ mask = KADM5_PRINCIPAL | KADM5_TL_DATA;
264
+ user = StringValueCStr(v_user);
265
+ pass = StringValueCStr(v_pass);
266
+
267
+ db_args = parse_db_args(v_db_args);
268
+ add_db_args(&princ, db_args);
269
+ free(db_args);
244
270
 
245
271
  if(!ptr->ctx)
246
272
  rb_raise(cKadm5Exception, "no context has been established");
@@ -272,7 +298,7 @@ static VALUE rkadm5_delete_principal(VALUE self, VALUE v_user){
272
298
 
273
299
  Data_Get_Struct(self, RUBY_KADM5, ptr);
274
300
  Check_Type(v_user, T_STRING);
275
- user = StringValuePtr(v_user);
301
+ user = StringValueCStr(v_user);
276
302
 
277
303
  if(!ptr->ctx)
278
304
  rb_raise(cKadm5Exception, "no context has been established");
@@ -313,6 +339,9 @@ static VALUE rkadm5_close(VALUE self){
313
339
  if(ptr->handle)
314
340
  kadm5_destroy(ptr->handle);
315
341
 
342
+ free(ptr->db_args);
343
+
344
+ ptr->db_args = NULL;
316
345
  ptr->ctx = NULL;
317
346
  ptr->princ = NULL;
318
347
  ptr->handle = NULL;
@@ -394,7 +423,7 @@ static VALUE rkadm5_find_principal(VALUE self, VALUE v_user){
394
423
 
395
424
  Data_Get_Struct(self, RUBY_KADM5, ptr);
396
425
  Check_Type(v_user, T_STRING);
397
- user = StringValuePtr(v_user);
426
+ user = StringValueCStr(v_user);
398
427
 
399
428
  memset(&ent, 0, sizeof(ent));
400
429
 
@@ -450,7 +479,7 @@ static VALUE rkadm5_get_principal(VALUE self, VALUE v_user){
450
479
 
451
480
  Data_Get_Struct(self, RUBY_KADM5, ptr);
452
481
  Check_Type(v_user, T_STRING);
453
- user = StringValuePtr(v_user);
482
+ user = StringValueCStr(v_user);
454
483
 
455
484
  memset(&ent, 0, sizeof(ent));
456
485
 
@@ -521,7 +550,8 @@ static VALUE rkadm5_create_policy(VALUE self, VALUE v_policy){
521
550
  v_max_life = rb_iv_get(v_policy, "@max_life");
522
551
  v_history_num = rb_iv_get(v_policy, "@history_num");
523
552
 
524
- ent.policy = StringValuePtr(v_name);
553
+ memset(&ent, 0, sizeof(ent));
554
+ ent.policy = StringValueCStr(v_name);
525
555
 
526
556
  if(RTEST(v_min_classes)){
527
557
  mask |= KADM5_PW_MIN_CLASSES;
@@ -573,7 +603,7 @@ static VALUE rkadm5_delete_policy(VALUE self, VALUE v_policy){
573
603
 
574
604
  Data_Get_Struct(self, RUBY_KADM5, ptr);
575
605
 
576
- policy = StringValuePtr(v_policy);
606
+ policy = StringValueCStr(v_policy);
577
607
 
578
608
  kerror = kadm5_delete_policy(ptr->handle, policy);
579
609
 
@@ -606,7 +636,7 @@ static VALUE rkadm5_get_policy(VALUE self, VALUE v_name){
606
636
  if(!ptr->ctx)
607
637
  rb_raise(cKadm5Exception, "no context has been established");
608
638
 
609
- policy_name = StringValuePtr(v_name);
639
+ policy_name = StringValueCStr(v_name);
610
640
 
611
641
  kerror = kadm5_get_policy(ptr->handle, policy_name, &ent);
612
642
 
@@ -658,7 +688,7 @@ static VALUE rkadm5_find_policy(VALUE self, VALUE v_name){
658
688
  if(!ptr->ctx)
659
689
  rb_raise(cKadm5Exception, "no context has been established");
660
690
 
661
- policy_name = StringValuePtr(v_name);
691
+ policy_name = StringValueCStr(v_name);
662
692
 
663
693
  kerror = kadm5_get_policy(ptr->handle, policy_name, &ent);
664
694
 
@@ -762,7 +792,7 @@ static VALUE rkadm5_get_policies(int argc, VALUE* argv, VALUE self){
762
792
  if(NIL_P(v_expr))
763
793
  expr = NULL;
764
794
  else
765
- expr = StringValuePtr(v_expr);
795
+ expr = StringValueCStr(v_expr);
766
796
 
767
797
  kerror = kadm5_get_policies(ptr->handle, expr, &pols, &count);
768
798
 
@@ -810,7 +840,7 @@ static VALUE rkadm5_get_principals(int argc, VALUE* argv, VALUE self){
810
840
  if(NIL_P(v_expr))
811
841
  expr = NULL;
812
842
  else
813
- expr = StringValuePtr(v_expr);
843
+ expr = StringValueCStr(v_expr);
814
844
 
815
845
  kerror = kadm5_get_principals(ptr->handle, expr, &princs, &count);
816
846
 
@@ -848,7 +878,7 @@ static VALUE rkadm5_get_privs(int argc, VALUE* argv, VALUE self){
848
878
  VALUE v_return = Qnil;
849
879
  VALUE v_strings = Qfalse;
850
880
  kadm5_ret_t kerror;
851
- int i;
881
+ unsigned int i;
852
882
  long privs;
853
883
  int result = 0;
854
884
 
@@ -911,7 +941,7 @@ static VALUE rkadm5_randkey_principal(VALUE self, VALUE v_user){
911
941
 
912
942
  Data_Get_Struct(self, RUBY_KADM5, ptr);
913
943
 
914
- user = StringValuePtr(v_user);
944
+ user = StringValueCStr(v_user);
915
945
 
916
946
  if(!ptr->ctx)
917
947
  rb_raise(cKadm5Exception, "no context has been established");
@@ -934,6 +964,75 @@ static VALUE rkadm5_randkey_principal(VALUE self, VALUE v_user){
934
964
  return INT2NUM(n_keys);
935
965
  }
936
966
 
967
+ /**
968
+ * Parses an array or a single string containing database arguments for kerberos functions.
969
+ * Returns NULL if v_db_args is nil, otherwise returns a NULL-Terminated array of NULL-Terminated strings
970
+ */
971
+ char** parse_db_args(VALUE v_db_args){
972
+ long array_length;
973
+ char** db_args;
974
+ switch(TYPE(v_db_args)){
975
+ case T_STRING:
976
+ db_args = (char **) malloc(2 * sizeof(char *));
977
+ db_args[0] = StringValueCStr(v_db_args);
978
+ db_args[1] = NULL;
979
+ break;
980
+ case T_ARRAY:
981
+ // Multiple arguments
982
+ array_length = RARRAY_LEN(v_db_args);
983
+ db_args = (char **) malloc(array_length * sizeof(char *) + 1);
984
+ for(long i = 0; i < array_length; ++i){
985
+ VALUE elem = rb_ary_entry(v_db_args, i);
986
+ Check_Type(elem, T_STRING);
987
+ db_args[i] = StringValueCStr(elem);
988
+ }
989
+ db_args[array_length] = NULL;
990
+ break;
991
+ case T_NIL:
992
+ db_args = NULL;
993
+ break;
994
+ default:
995
+ rb_raise(rb_eTypeError, "Need Single String or Array of Strings for db_args");
996
+ }
997
+ return db_args;
998
+ }
999
+
1000
+ /**
1001
+ * Add parsed db-args to principal entry
1002
+ */
1003
+ void add_db_args(kadm5_principal_ent_rec* entry, char** db_args){
1004
+ if (db_args){
1005
+ int i;
1006
+ for(i = 0; db_args[i] != NULL; i++){
1007
+ add_tl_data(&entry->n_tl_data, &entry->tl_data, KRB5_TL_DB_ARGS, strlen(db_args[i]) + 1, (krb5_octet*)db_args[i]);
1008
+ }
1009
+ }
1010
+ }
1011
+
1012
+ /**
1013
+ * Source code taken from kadmin source code at https://github.com/krb5/krb5/blob/master/src/kadmin/cli/kadmin.c
1014
+ */
1015
+ void add_tl_data(krb5_int16 *n_tl_datap, krb5_tl_data **tl_datap,
1016
+ krb5_int16 tl_type, krb5_ui_2 len, krb5_octet *contents){
1017
+ krb5_tl_data* tl_data;
1018
+ krb5_octet* copy;
1019
+
1020
+ copy = malloc(len);
1021
+ tl_data = calloc(1, sizeof(*tl_data));
1022
+ memcpy(copy, contents, len);
1023
+
1024
+ tl_data->tl_data_type = tl_type;
1025
+ tl_data->tl_data_length = len;
1026
+ tl_data->tl_data_contents = copy;
1027
+ tl_data->tl_data_next = NULL;
1028
+
1029
+ // Forward to end of tl_data
1030
+ for(; *tl_datap != NULL; tl_datap = &(*tl_datap)->tl_data_next);
1031
+
1032
+ *tl_datap = tl_data;
1033
+ (*n_tl_datap)++;
1034
+ }
1035
+
937
1036
  void Init_kadm5(){
938
1037
  /* The Kadm5 class encapsulates administrative Kerberos functions. */
939
1038
  cKadm5 = rb_define_class_under(mKerberos, "Kadm5", rb_cObject);
@@ -958,7 +1057,7 @@ void Init_kadm5(){
958
1057
 
959
1058
  rb_define_method(cKadm5, "close", rkadm5_close, 0);
960
1059
  rb_define_method(cKadm5, "create_policy", rkadm5_create_policy, 1);
961
- rb_define_method(cKadm5, "create_principal", rkadm5_create_principal, 2);
1060
+ rb_define_method(cKadm5, "create_principal", rkadm5_create_principal, -1);
962
1061
  rb_define_method(cKadm5, "delete_policy", rkadm5_delete_policy, 1);
963
1062
  rb_define_method(cKadm5, "delete_principal", rkadm5_delete_principal, 1);
964
1063
  rb_define_method(cKadm5, "find_principal", rkadm5_find_principal, 1);
@@ -143,7 +143,7 @@ static VALUE rkrb5_keytab_remove_entry(int argc, VALUE* argv, VALUE self){
143
143
 
144
144
  Check_Type(v_name, T_STRING);
145
145
 
146
- name = StringValuePtr(v_name);
146
+ name = StringValueCStr(v_name);
147
147
 
148
148
  if(!ptr->ctx)
149
149
  rb_raise(cKrb5Exception, "no context has been established");
@@ -190,7 +190,7 @@ static VALUE rkrb5_keytab_add_entry(int argc, VALUE* argv, VALUE self){
190
190
 
191
191
  Check_Type(v_name, T_STRING);
192
192
 
193
- name = StringValuePtr(v_name);
193
+ name = StringValueCStr(v_name);
194
194
 
195
195
  if(!ptr->ctx)
196
196
  rb_raise(cKrb5Exception, "no context has been established");
@@ -252,7 +252,7 @@ static VALUE rkrb5_keytab_get_entry(int argc, VALUE* argv, VALUE self){
252
252
  rb_scan_args(argc, argv, "12", &v_principal, &v_vno, &v_enctype);
253
253
 
254
254
  Check_Type(v_principal, T_STRING);
255
- name = StringValuePtr(v_principal);
255
+ name = StringValueCStr(v_principal);
256
256
 
257
257
  kerror = krb5_parse_name(ptr->ctx, name, &principal);
258
258
 
@@ -331,7 +331,7 @@ static VALUE rkrb5_keytab_initialize(int argc, VALUE* argv, VALUE self){
331
331
  }
332
332
  else{
333
333
  Check_Type(v_keytab_name, T_STRING);
334
- strncpy(keytab_name, StringValuePtr(v_keytab_name), MAX_KEYTAB_NAME_LEN);
334
+ strncpy(keytab_name, StringValueCStr(v_keytab_name), MAX_KEYTAB_NAME_LEN);
335
335
  rb_iv_set(self, "@name", v_keytab_name);
336
336
  }
337
337
 
@@ -391,7 +391,7 @@ static VALUE rkrb5_s_keytab_foreach(int argc, VALUE* argv, VALUE klass){
391
391
  }
392
392
  else{
393
393
  Check_Type(v_keytab_name, T_STRING);
394
- strncpy(keytab_name, StringValuePtr(v_keytab_name), MAX_KEYTAB_NAME_LEN);
394
+ strncpy(keytab_name, StringValueCStr(v_keytab_name), MAX_KEYTAB_NAME_LEN);
395
395
  }
396
396
 
397
397
  kerror = krb5_kt_resolve(
@@ -27,8 +27,6 @@ static VALUE rkrb5_kt_entry_allocate(VALUE klass){
27
27
  * methods.
28
28
  */
29
29
  static VALUE rkrb5_kt_entry_initialize(VALUE self){
30
- RUBY_KRB5_KT_ENTRY* ptr;
31
- Data_Get_Struct(self, RUBY_KRB5_KT_ENTRY, ptr);
32
30
  return self;
33
31
  }
34
32
 
@@ -36,8 +34,6 @@ static VALUE rkrb5_kt_entry_initialize(VALUE self){
36
34
  * A custom inspect method for nicer output.
37
35
  */
38
36
  static VALUE rkrb5_kt_entry_inspect(VALUE self){
39
- RUBY_KRB5_KT_ENTRY* ptr;
40
- Data_Get_Struct(self, RUBY_KRB5_KT_ENTRY, ptr);
41
37
  VALUE v_str;
42
38
 
43
39
  v_str = rb_str_new2("#<");
@@ -63,7 +63,7 @@ static VALUE rkadm5_policy_init(VALUE self, VALUE v_options){
63
63
  rb_raise(rb_eArgError, "name policy option is mandatory");
64
64
  }
65
65
  else{
66
- ptr->policy.policy = StringValuePtr(v_name);
66
+ ptr->policy.policy = StringValueCStr(v_name);
67
67
  rb_iv_set(self, "@policy", v_name);
68
68
  }
69
69
 
@@ -117,11 +117,8 @@ static VALUE rkadm5_policy_init(VALUE self, VALUE v_options){
117
117
  * A custom inspect method for Policy objects.
118
118
  */
119
119
  static VALUE rkadm5_policy_inspect(VALUE self){
120
- RUBY_KADM5_POLICY* ptr;
121
120
  VALUE v_str;
122
121
 
123
- Data_Get_Struct(self, RUBY_KADM5_POLICY, ptr);
124
-
125
122
  v_str = rb_str_new2("#<");
126
123
  rb_str_buf_cat2(v_str, rb_obj_classname(self));
127
124
  rb_str_buf_cat2(v_str, " ");
@@ -55,7 +55,7 @@ static VALUE rkrb5_princ_initialize(VALUE self, VALUE v_name){
55
55
  else{
56
56
  char* name;
57
57
  Check_Type(v_name, T_STRING);
58
- name = StringValuePtr(v_name);
58
+ name = StringValueCStr(v_name);
59
59
  kerror = krb5_parse_name(ptr->ctx, name, &ptr->principal);
60
60
 
61
61
  if(kerror)
@@ -106,15 +106,12 @@ static VALUE rkrb5_princ_get_realm(VALUE self){
106
106
  */
107
107
  static VALUE rkrb5_princ_set_realm(VALUE self, VALUE v_realm){
108
108
  RUBY_KRB5_PRINC* ptr;
109
- krb5_data kdata;
110
109
 
111
- memset(&kdata, 0, sizeof(kdata));
112
110
  Data_Get_Struct(self, RUBY_KRB5_PRINC, ptr);
113
111
 
114
112
  Check_Type(v_realm, T_STRING);
115
- kdata.data = StringValuePtr(v_realm);
116
113
 
117
- krb5_princ_set_realm(ptr->ctx, ptr->principal, &kdata);
114
+ krb5_set_principal_realm(ptr->ctx, ptr->principal, StringValueCStr(v_realm));
118
115
 
119
116
  return v_realm;
120
117
  }
@@ -146,11 +143,8 @@ static VALUE rkrb5_princ_equal(VALUE self, VALUE v_other){
146
143
  * A custom inspect method for the Principal object.
147
144
  */
148
145
  static VALUE rkrb5_princ_inspect(VALUE self){
149
- RUBY_KRB5_PRINC* ptr;
150
146
  VALUE v_str;
151
147
 
152
- Data_Get_Struct(self, RUBY_KRB5_PRINC, ptr);
153
-
154
148
  v_str = rb_str_new2("#<");
155
149
  rb_str_buf_cat2(v_str, rb_obj_classname(self));
156
150
  rb_str_buf_cat2(v_str, " ");
@@ -7,7 +7,7 @@ VALUE cKrb5Exception;
7
7
  // Function prototypes
8
8
  static VALUE rkrb5_close(VALUE);
9
9
 
10
- VALUE rb_hash_aref2(VALUE v_hash, char* key){
10
+ VALUE rb_hash_aref2(VALUE v_hash, const char* key){
11
11
  VALUE v_key, v_val;
12
12
 
13
13
  v_key = rb_str_new2(key);
@@ -115,7 +115,7 @@ static VALUE rkrb5_set_default_realm(int argc, VALUE* argv, VALUE self){
115
115
  }
116
116
  else{
117
117
  Check_Type(v_realm, T_STRING);
118
- realm = StringValuePtr(v_realm);
118
+ realm = StringValueCStr(v_realm);
119
119
  }
120
120
 
121
121
  kerror = krb5_set_default_realm(ptr->ctx, realm);
@@ -167,7 +167,7 @@ static VALUE rkrb5_get_init_creds_keytab(int argc, VALUE* argv, VALUE self){
167
167
  }
168
168
  else{
169
169
  Check_Type(v_service, T_STRING);
170
- service = StringValuePtr(v_service);
170
+ service = StringValueCStr(v_service);
171
171
  }
172
172
 
173
173
  // Convert the name (or service name) to a kerberos principal.
@@ -187,7 +187,7 @@ static VALUE rkrb5_get_init_creds_keytab(int argc, VALUE* argv, VALUE self){
187
187
  }
188
188
  else{
189
189
  Check_Type(v_user, T_STRING);
190
- user = StringValuePtr(v_user);
190
+ user = StringValueCStr(v_user);
191
191
 
192
192
  kerror = krb5_parse_name(ptr->ctx, user, &ptr->princ);
193
193
 
@@ -208,7 +208,7 @@ static VALUE rkrb5_get_init_creds_keytab(int argc, VALUE* argv, VALUE self){
208
208
  }
209
209
  else{
210
210
  Check_Type(v_keytab_name, T_STRING);
211
- strncpy(keytab_name, StringValuePtr(v_keytab_name), MAX_KEYTAB_NAME_LEN);
211
+ strncpy(keytab_name, StringValueCStr(v_keytab_name), MAX_KEYTAB_NAME_LEN);
212
212
  }
213
213
 
214
214
  kerror = krb5_kt_resolve(
@@ -270,17 +270,21 @@ static VALUE rkrb5_get_init_creds_keytab(int argc, VALUE* argv, VALUE self){
270
270
  * krb5.change_password('XXXXXX', 'YYYYYY') # Change password for 'foo'
271
271
  */
272
272
  static VALUE rkrb5_change_password(VALUE self, VALUE v_old, VALUE v_new){
273
- Check_Type(v_old, T_STRING);
274
- Check_Type(v_new, T_STRING);
275
273
 
276
274
  RUBY_KRB5* ptr;
277
275
  krb5_data result_string;
278
276
  krb5_data pw_result_string;
279
277
  krb5_error_code kerror;
278
+ char *old_passwd;
279
+ char *new_passwd;
280
280
 
281
281
  int pw_result;
282
- char* old_passwd = StringValuePtr(v_old);
283
- char* new_passwd = StringValuePtr(v_new);
282
+
283
+ Check_Type(v_old, T_STRING);
284
+ Check_Type(v_new, T_STRING);
285
+
286
+ old_passwd = StringValueCStr(v_old);
287
+ new_passwd = StringValueCStr(v_new);
284
288
 
285
289
  Data_Get_Struct(self, RUBY_KRB5, ptr);
286
290
 
@@ -345,15 +349,15 @@ static VALUE rkrb5_get_init_creds_passwd(int argc, VALUE* argv, VALUE self){
345
349
 
346
350
  Check_Type(v_user, T_STRING);
347
351
  Check_Type(v_pass, T_STRING);
348
- user = StringValuePtr(v_user);
349
- pass = StringValuePtr(v_pass);
352
+ user = StringValueCStr(v_user);
353
+ pass = StringValueCStr(v_pass);
350
354
 
351
355
  if(NIL_P(v_service)){
352
356
  service = NULL;
353
357
  }
354
358
  else{
355
359
  Check_Type(v_service, T_STRING);
356
- service = StringValuePtr(v_service);
360
+ service = StringValueCStr(v_service);
357
361
  }
358
362
 
359
363
  kerror = krb5_parse_name(ptr->ctx, user, &ptr->princ);
@@ -20,7 +20,7 @@ void Init_keytab_entry();
20
20
  void Init_ccache();
21
21
 
22
22
  // Defined in rkerberos.c
23
- VALUE rb_hash_aref2(VALUE, char*);
23
+ VALUE rb_hash_aref2(VALUE, const char*);
24
24
 
25
25
  // Variable declarations
26
26
  extern VALUE mKerberos;
@@ -55,6 +55,7 @@ typedef struct {
55
55
  krb5_context ctx;
56
56
  krb5_principal princ;
57
57
  void* handle;
58
+ char** db_args;
58
59
  } RUBY_KADM5;
59
60
 
60
61
  // Kerberos::Krb5::Keytab::Entry
@@ -2,23 +2,24 @@ require 'rubygems'
2
2
 
3
3
  Gem::Specification.new do |spec|
4
4
  spec.name = 'rkerberos'
5
- spec.version = '0.1.3'
6
- spec.authors = ['Daniel Berger', 'Dominic Cleal']
5
+ spec.version = '0.1.4'
6
+ spec.authors = ['Daniel Berger', 'Dominic Cleal', 'Simon Levermann']
7
7
  spec.license = 'Artistic 2.0'
8
- spec.email = ['djberg96@gmail.com', 'dcleal@redhat.com']
8
+ spec.email = ['djberg96@gmail.com', 'dcleal@redhat.com', 'simon-rubygems@slevermann.de']
9
9
  spec.homepage = 'http://github.com/domcleal/rkerberos'
10
10
  spec.summary = 'A Ruby interface for the the Kerberos library'
11
11
  spec.test_files = Dir['test/test*']
12
12
  spec.extensions = ['ext/rkerberos/extconf.rb']
13
13
  spec.files = `git ls-files`.split("\n").reject { |f| f.include?('git') }
14
-
14
+
15
15
  spec.extra_rdoc_files = ['README.md', 'CHANGES', 'MANIFEST', 'LICENSE'] + Dir['ext/rkerberos/*.c']
16
16
 
17
17
  spec.add_dependency('rake-compiler')
18
-
18
+
19
19
  spec.add_development_dependency('test-unit', '>= 2.1.0')
20
20
  spec.add_development_dependency('dbi-dbrc', '>= 1.1.6')
21
-
21
+ spec.add_development_dependency('net-ldap')
22
+
22
23
  spec.description = <<-EOF
23
24
  The rkerberos library is an interface for the Kerberos 5 network
24
25
  authentication protocol. It wraps the Kerberos C API.
@@ -39,13 +39,13 @@ class TC_Krb5_Credentials_Cache < Test::Unit::TestCase
39
39
 
40
40
  test "calling constructor with no arguments does not create a cache" do
41
41
  assert_nothing_raised{ @ccache = Kerberos::Krb5::CredentialsCache.new }
42
- assert_false(File.exists?(@cfile))
42
+ assert_false(File.exist?(@cfile))
43
43
  assert_false(cache_found)
44
44
  end
45
45
 
46
46
  test "calling constructor with a principal argument creates a credentials cache" do
47
47
  assert_nothing_raised{ @ccache = Kerberos::Krb5::CredentialsCache.new(@princ) }
48
- assert_true(File.exists?(@cfile))
48
+ assert_true(File.exist?(@cfile))
49
49
  assert_true(cache_found)
50
50
  end
51
51
 
@@ -23,6 +23,11 @@ class TC_Kerberos_Kadm5 < Test::Unit::TestCase
23
23
  @@server = Kerberos::Kadm5::Config.new.admin_server
24
24
  @@info = DBI::DBRC.new('local-kerberos')
25
25
  @@host = Socket.gethostname
26
+ begin
27
+ @@ldap_info = DBI::DBRC.new('kerberos-ldap')
28
+ rescue DBI::DBRC::Error
29
+ @@ldap_info = nil
30
+ end
26
31
 
27
32
  # For local testing the FQDN may or may not be available, so let's assume
28
33
  # that hosts with the same name are on the same domain.
@@ -42,9 +47,26 @@ class TC_Kerberos_Kadm5 < Test::Unit::TestCase
42
47
  @test_princ = "zztop"
43
48
  @test_policy = "test_policy"
44
49
 
50
+ if @@ldap_info
51
+ gem 'net-ldap'
52
+ require 'net/ldap'
53
+
54
+ username = @@ldap_info.user.split('@')
55
+ @bind_dn = username[0]
56
+ @ldap_host = username[1]
57
+ @ldap_password = @@ldap_info.password
58
+ driver = @@ldap_info.driver.split(':')
59
+ @subtree_dn = driver[0]
60
+ @existing_ldap = driver[1]
61
+ @userprefix = driver[2]
62
+ @ldap_test_princ = 'martymcfly'
63
+
64
+ @ldap = Net::LDAP.new(host: @ldap_host)
65
+ @ldap.authenticate(@bind_dn, @ldap_password)
66
+ end
45
67
  @keytab = Kerberos::Krb5::Keytab.new.default_name.split(':').last
46
68
 
47
- unless File.exists?(@keytab)
69
+ unless File.exist?(@keytab)
48
70
  @keytab = '/etc/krb5.keytab'
49
71
  end
50
72
  end
@@ -71,7 +93,7 @@ class TC_Kerberos_Kadm5 < Test::Unit::TestCase
71
93
 
72
94
  test "constructor with valid user and default keytab works as expected" do
73
95
  omit_unless(@@host == @@server, "keytab on different host, skipping")
74
- omit_unless(File.exists?(@keytab), "default keytab file '#{@keytab}' not found")
96
+ omit_unless(File.exist?(@keytab), "default keytab file '#{@keytab}' not found")
75
97
 
76
98
  assert_nothing_raised{
77
99
  @kadm = Kerberos::Kadm5.new(:principal => @user, :keytab => true)
@@ -80,7 +102,7 @@ class TC_Kerberos_Kadm5 < Test::Unit::TestCase
80
102
 
81
103
  test "constructor with valid user and explicit keytab works as expected" do
82
104
  omit_unless(@@host == @@server, "keytab on different host, skipping")
83
- omit_unless(File.exists?(@keytab), "keytab file '#{@keytab}' not found")
105
+ omit_unless(File.exist?(@keytab), "keytab file '#{@keytab}' not found")
84
106
 
85
107
  assert_nothing_raised{
86
108
  @kadm = Kerberos::Kadm5.new(:principal => @user, :keytab => @keytab)
@@ -247,11 +269,51 @@ class TC_Kerberos_Kadm5 < Test::Unit::TestCase
247
269
  assert_nothing_raised{ @kadm.create_principal(@test_princ, "changeme") }
248
270
  end
249
271
 
250
- test "create_principal requires two arguments" do
272
+ ##
273
+ # The following two tests are skipped if there is no .dbrc entry for 'kerberos-ldap'
274
+ # The expected format for the entries is as follows
275
+ # username: <bind_dn>@<ldap.hostname>
276
+ # password: <ldap_bind_password>
277
+ # driver: <krbSubtreeDn>:<user>:<userprefix>
278
+ # Username must be an LDAP user that has access to read attributes of objects under krbSubtreeDn,
279
+ # so possibly an administrative user.
280
+ # Password must be the LDAP bind password for that user
281
+ # krbSubtreeDn must be configured in kerberos as a subtree that contains kerberos principals
282
+ # user must be an existing ldap user that does not yet have kerberos information attached to them
283
+ # user must be accessible in LDAP as <userprefix>=<user>,<krbSubtreeDn>, so if userprefix is uid,
284
+ # user is foobar, and krbSubtreeDn is ou=People,dc=example,dc=com, the driver variable should read
285
+ # ou=People,dc=example.com:foobar:uid
286
+ # The user in the driver must not be the same as the user that is used to connect to kerberos, as it
287
+ # is deleted after each test.
288
+ # If the entry is present, but the format is not matched (or LDAP is misconfigured), theses tests fail.
289
+ ##
290
+ test "create_principal with db_princ_args creates a user under the expected subtree" do
291
+ omit_unless(@@ldap_info, "No LDAP info specified, skipping db_args tests")
292
+ assert_nothing_raised { @kadm = Kerberos::Kadm5.new(:principal => @user, :password => @pass) }
293
+ assert_nothing_raised { @kadm.create_principal(@ldap_test_princ, "changeme", "containerdn=#{@subtree_dn}") }
294
+ @ldap.open do |ldap|
295
+ filter = Net::LDAP::Filter.eq(:krbPrincipalName, "#{@ldap_test_princ}@*")
296
+ base = @subtree_dn
297
+ assert_not_empty(ldap.search(:base => base, :filter => filter, :return_result => true))
298
+ end
299
+ end
300
+
301
+ test "create_principal with a dn db_princ_args correctly adds kerberos information to existing user" do
302
+ omit_unless(@@ldap_info, "No LDAP info specified, skipping db_princ_args tests")
303
+ assert_nothing_raised { @kadm = Kerberos::Kadm5.new(:principal => @user, :password => @pass) }
304
+ assert_nothing_raised { @kadm.create_principal(@existing_ldap, "changeme", "dn=#{@userprefix}=#{@existing_ldap},#{@subtree_dn}") }
305
+ @ldap.open do |ldap|
306
+ filter = Net::LDAP::Filter.eq(:uid, @existing_ldap) & Net::LDAP::Filter.eq(:objectclass, 'krbPrincipalAux')
307
+ base = @subtree_dn
308
+ assert_not_empty(ldap.search(:base => base, :filter => filter, :return_result => true))
309
+ end
310
+ end
311
+
312
+ test "create_principal requires two or three arguments" do
251
313
  assert_nothing_raised{ @kadm = Kerberos::Kadm5.new(:principal => @user, :password => @pass) }
252
314
  assert_raise(ArgumentError){ @kadm.create_principal }
253
315
  assert_raise(ArgumentError){ @kadm.create_principal(@user) }
254
- assert_raise(ArgumentError){ @kadm.create_principal(@user, @pass, @pass) }
316
+ assert_raise(ArgumentError){ @kadm.create_principal(@user, @pass, @pass, @pass) }
255
317
  end
256
318
 
257
319
  test "attempting to create a principal that already exists raises an error" do
@@ -406,6 +468,10 @@ class TC_Kerberos_Kadm5 < Test::Unit::TestCase
406
468
  if @kadm
407
469
  @kadm.delete_principal(@test_princ) rescue nil
408
470
  @kadm.delete_policy(@test_policy) rescue nil
471
+ if @@ldap_info
472
+ @kadm.delete_principal(@ldap_test_princ) rescue nil
473
+ @kadm.delete_principal(@existing_ldap) rescue nil
474
+ end
409
475
  @kadm.close
410
476
  end
411
477
 
@@ -21,7 +21,7 @@ class TC_Krb5 < Test::Unit::TestCase
21
21
  end
22
22
 
23
23
  @@krb5_conf = ENV['KRB5_CONFIG'] || '/etc/krb5.conf'
24
- @@realm = IO.read(@@krb5_conf).grep(/default_realm/).first.split('=').last.lstrip.chomp
24
+ @@realm = IO.read(@@krb5_conf).split("\n").grep(/default_realm/).first.split('=').last.lstrip.chomp
25
25
  end
26
26
 
27
27
  def setup
@@ -111,33 +111,33 @@ class TC_Krb5 < Test::Unit::TestCase
111
111
  end
112
112
 
113
113
  test "get_init_creds_keytab uses a default keytab if no keytab file is specified" do
114
- omit_unless(File.exists?(@keytab), "keytab file not found, skipping")
114
+ omit_unless(File.exist?(@keytab), "keytab file not found, skipping")
115
115
  assert_nothing_raised{ @krb5.get_init_creds_keytab(@user) }
116
116
  end
117
117
 
118
118
  test "get_init_creds_keytab accepts a keytab" do
119
- omit_unless(File.exists?(@keytab), "keytab file not found, skipping")
119
+ omit_unless(File.exist?(@keytab), "keytab file not found, skipping")
120
120
  assert_nothing_raised{ @krb5.get_init_creds_keytab(@user, @keytab) }
121
121
  end
122
122
 
123
123
  # This test will probably fail (since it defaults to "host") so I've commented it out for now.
124
124
  #test "get_init_creds_keytab uses default service principal if no arguments are provided" do
125
- # omit_unless(File.exists?(@keytab), "keytab file not found, skipping")
125
+ # omit_unless(File.exist?(@keytab), "keytab file not found, skipping")
126
126
  # assert_nothing_raised{ @krb5.get_init_creds_keytab }
127
127
  #end
128
128
 
129
129
  test "get_init_creds_keytab accepts a service name" do
130
- omit_unless(File.exists?(@keytab), "keytab file not found, skipping")
130
+ omit_unless(File.exist?(@keytab), "keytab file not found, skipping")
131
131
  assert_nothing_raised{ @krb5.get_init_creds_keytab(@user, @keytab, @service) }
132
132
  end
133
133
 
134
134
  test "get_init_creds_keytab accepts a credential cache" do
135
- omit_unless(File.exists?(@keytab), "keytab file not found, skipping")
135
+ omit_unless(File.exist?(@keytab), "keytab file not found, skipping")
136
136
  assert_nothing_raised{ @krb5.get_init_creds_keytab(@user, @keytab, @service, @ccache) }
137
137
  end
138
138
 
139
139
  test "get_init_creds_keytab stores credentials in the credential cache" do
140
- omit_unless(File.exists?(@keytab), "keytab file not found, skipping")
140
+ omit_unless(File.exist?(@keytab), "keytab file not found, skipping")
141
141
  ccache = Kerberos::Krb5::CredentialsCache.new
142
142
  assert_nothing_raised{ @krb5.get_init_creds_keytab(@user, @keytab, @service, @ccache) }
143
143
  assert_equal @user, ccache.primary_principal
@@ -23,16 +23,24 @@ class TC_Krb5_Keytab < Test::Unit::TestCase
23
23
 
24
24
  @@key_file = "FILE:" + file
25
25
  @@home_dir = ENV['HOME'] || ENV['USER_PROFILE']
26
+ realm = Kerberos::Kadm5::Config.new.realm
26
27
 
27
- PTY.spawn('kadmin.local') do |reader, writer, pid|
28
- reader.gets
29
- reader.expect(/local:\s+/)
28
+ PTY.spawn('ktutil') do |reader, writer, pid|
29
+ reader.expect(/ktutil:\s+/)
30
+ writer.puts("add_entry -password -p testuser1@#{realm} -k 1 -e aes128-cts-hmac-sha1-96")
31
+ reader.expect(/Password for testuser1@#{Regexp.quote(realm)}:\s+/)
32
+ writer.puts("asdfasdfasdf")
30
33
 
31
- writer.puts("ktadd -k #{file} testuser1")
32
- reader.expect(/local:\s+/)
34
+ reader.expect(/ktutil:\s+/)
33
35
 
34
- writer.puts("ktadd -k #{file} testuser2")
35
- reader.expect(/local:\s+/)
36
+ writer.puts("add_entry -password -p testuser2@#{realm} -k 1 -e aes128-cts-hmac-sha1-96")
37
+ reader.expect(/Password for testuser2@#{Regexp.quote(realm)}:\s+/)
38
+ writer.puts("asdfasdfasdf")
39
+
40
+ reader.expect(/ktutil:\s+/)
41
+
42
+ writer.puts("wkt #{file}")
43
+ reader.expect(/ktutil:\s+/)
36
44
  end
37
45
  end
38
46
 
@@ -287,7 +295,7 @@ class TC_Krb5_Keytab < Test::Unit::TestCase
287
295
  end
288
296
 
289
297
  def self.shutdown
290
- File.delete(@@key_file) if File.exists?(@@key_file)
298
+ File.delete(@@key_file) if File.exist?(@@key_file)
291
299
  @@key_file = nil
292
300
  @@home_dir = nil
293
301
  end
metadata CHANGED
@@ -1,64 +1,80 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rkerberos
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Berger
8
8
  - Dominic Cleal
9
+ - Simon Levermann
9
10
  autorequire:
10
11
  bindir: bin
11
12
  cert_chain: []
12
- date: 2013-09-07 00:00:00.000000000 Z
13
+ date: 2016-10-14 00:00:00.000000000 Z
13
14
  dependencies:
14
15
  - !ruby/object:Gem::Dependency
15
16
  name: rake-compiler
16
17
  requirement: !ruby/object:Gem::Requirement
17
18
  requirements:
18
- - - '>='
19
+ - - ">="
19
20
  - !ruby/object:Gem::Version
20
21
  version: '0'
21
22
  type: :runtime
22
23
  prerelease: false
23
24
  version_requirements: !ruby/object:Gem::Requirement
24
25
  requirements:
25
- - - '>='
26
+ - - ">="
26
27
  - !ruby/object:Gem::Version
27
28
  version: '0'
28
29
  - !ruby/object:Gem::Dependency
29
30
  name: test-unit
30
31
  requirement: !ruby/object:Gem::Requirement
31
32
  requirements:
32
- - - '>='
33
+ - - ">="
33
34
  - !ruby/object:Gem::Version
34
35
  version: 2.1.0
35
36
  type: :development
36
37
  prerelease: false
37
38
  version_requirements: !ruby/object:Gem::Requirement
38
39
  requirements:
39
- - - '>='
40
+ - - ">="
40
41
  - !ruby/object:Gem::Version
41
42
  version: 2.1.0
42
43
  - !ruby/object:Gem::Dependency
43
44
  name: dbi-dbrc
44
45
  requirement: !ruby/object:Gem::Requirement
45
46
  requirements:
46
- - - '>='
47
+ - - ">="
47
48
  - !ruby/object:Gem::Version
48
49
  version: 1.1.6
49
50
  type: :development
50
51
  prerelease: false
51
52
  version_requirements: !ruby/object:Gem::Requirement
52
53
  requirements:
53
- - - '>='
54
+ - - ">="
54
55
  - !ruby/object:Gem::Version
55
56
  version: 1.1.6
57
+ - !ruby/object:Gem::Dependency
58
+ name: net-ldap
59
+ requirement: !ruby/object:Gem::Requirement
60
+ requirements:
61
+ - - ">="
62
+ - !ruby/object:Gem::Version
63
+ version: '0'
64
+ type: :development
65
+ prerelease: false
66
+ version_requirements: !ruby/object:Gem::Requirement
67
+ requirements:
68
+ - - ">="
69
+ - !ruby/object:Gem::Version
70
+ version: '0'
56
71
  description: |2
57
72
  The rkerberos library is an interface for the Kerberos 5 network
58
73
  authentication protocol. It wraps the Kerberos C API.
59
74
  email:
60
75
  - djberg96@gmail.com
61
76
  - dcleal@redhat.com
77
+ - simon-rubygems@slevermann.de
62
78
  executables: []
63
79
  extensions:
64
80
  - ext/rkerberos/extconf.rb
@@ -67,15 +83,15 @@ extra_rdoc_files:
67
83
  - CHANGES
68
84
  - MANIFEST
69
85
  - LICENSE
70
- - ext/rkerberos/ccache.c
71
- - ext/rkerberos/context.c
72
- - ext/rkerberos/rkerberos.c
73
86
  - ext/rkerberos/config.c
87
+ - ext/rkerberos/rkerberos.c
88
+ - ext/rkerberos/keytab.c
89
+ - ext/rkerberos/keytab_entry.c
74
90
  - ext/rkerberos/principal.c
91
+ - ext/rkerberos/ccache.c
75
92
  - ext/rkerberos/kadm5.c
76
93
  - ext/rkerberos/policy.c
77
- - ext/rkerberos/keytab.c
78
- - ext/rkerberos/keytab_entry.c
94
+ - ext/rkerberos/context.c
79
95
  files:
80
96
  - CHANGES
81
97
  - Gemfile
@@ -114,27 +130,27 @@ require_paths:
114
130
  - lib
115
131
  required_ruby_version: !ruby/object:Gem::Requirement
116
132
  requirements:
117
- - - '>='
133
+ - - ">="
118
134
  - !ruby/object:Gem::Version
119
135
  version: '0'
120
136
  required_rubygems_version: !ruby/object:Gem::Requirement
121
137
  requirements:
122
- - - '>='
138
+ - - ">="
123
139
  - !ruby/object:Gem::Version
124
140
  version: '0'
125
141
  requirements: []
126
142
  rubyforge_project:
127
- rubygems_version: 2.0.5
143
+ rubygems_version: 2.5.1
128
144
  signing_key:
129
145
  specification_version: 4
130
146
  summary: A Ruby interface for the the Kerberos library
131
147
  test_files:
132
- - test/test_policy.rb
133
- - test/test_keytab_entry.rb
134
- - test/test_context.rb
148
+ - test/test_krb5.rb
135
149
  - test/test_kadm5.rb
136
- - test/test_principal.rb
150
+ - test/test_krb5_keytab.rb
137
151
  - test/test_credentials_cache.rb
152
+ - test/test_policy.rb
138
153
  - test/test_config.rb
139
- - test/test_krb5.rb
140
- - test/test_krb5_keytab.rb
154
+ - test/test_principal.rb
155
+ - test/test_context.rb
156
+ - test/test_keytab_entry.rb