rubyntlm 0.5.2 → 0.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 2103fa846f443b850a3fbdd0890e8b491b7acd10
-  data.tar.gz: 9bbe755137b115b92f9ca70ce6b62299a36df823
+SHA256:
+  metadata.gz: 9ef7e8c4a2e91abd9fac8aff17da320fc011a25b0a74b14e8f121332daa33ee6
+  data.tar.gz: 9158fdcca0c6121fbfc27731bae0865398aee7a410e0be463872cfe764924b61
 SHA512:
-  metadata.gz: fac19845cd742849e9771a8a90e7037c58d3c35255d8f5b30ceb217358a2f4a540b5f700ec181dcb2895a859799a326ee48cf85e30dd8c6d0783127b2f9e08b4
-  data.tar.gz: b294daa239f3652aa9903de8689e24b833adc30b18ba2a80cf20c968984bac61640af158a0801cccb3d541730d1e1fab7b1338dae9a8a72aa7defd1aaf2ab0ce
+  metadata.gz: f3150588419fc1a400aacc52cbbdd61df58212e77cead9cc7b90b71af31d9a9d0cae90285e9d555bb1a953b4085af47ddc82c350b89b2ce31475e70f6c909a49
+  data.tar.gz: 20f50357f7ae738617386d1504dfae5d759ecceb2f7adc501e1458be80d22ea2864dc1b216d4853cda568271e81134fcda182f520477f8fd8613386e168ceefc

data/.gitignore

@@ -1,3 +1,5 @@
+.bundle
 .yardoc
 /doc
 Gemfile.lock
+pkg

data/.travis.yml

@@ -1,10 +1,13 @@
 language: ruby
 rvm:
-  - 1.9.3
-  - 1.9.2
-  - 1.8.7
-  - 2.0.0
-  - rbx-19mode
-  - rbx-18mode
-  - jruby-19mode
+  - 2.1.9
+  - 2.6.6
+  - 2.7.1
+  - 3.0.0
+before_install:
+  - gem update bundler
 
+# This prevents testing branches that are created just for PRs
+branches:
+  only:
+  - master

data/CHANGELOG.md

@@ -1,6 +1,127 @@
-0.2.0 - Major changes to behavior!!!!
-  - Bug - Type 1 packets do not include a domain and workstation by defauly. Packet capture software will see this type of packet as malformed. All packets now include this information
-  - Bug - Type 3 packets do not include the calling workstation. This should be setup by default.
+# Change Log
 
-0.1.2
- - Feature user can specify the target domain 
+## [0.6.3](https://github.com/WinRb/rubyntlm/tree/0.6.3) (2021-01-26)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.6.2...0.6.3)
+
+**Closed issues:**
+
+- Timeout issues with mailcatcher [\#18](https://github.com/WinRb/rubyntlm/issues/18)
+
+**Merged pull requests:**
+
+- Fix an error showing the key not being set on the DES cypher [\#41](https://github.com/WinRb/rubyntlm/pull/41) ([Castone22](https://github.com/Castone22))
+
+## [v0.6.2](https://github.com/WinRb/rubyntlm/tree/v0.6.2) (2017-04-24)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.6.1...v0.6.2)
+
+**Merged pull requests:**
+
+- preps 0.6.2 release and adds a changelog generator [\#35](https://github.com/WinRb/rubyntlm/pull/35) ([mwrock](https://github.com/mwrock))
+- Support Ruby 2.4 [\#34](https://github.com/WinRb/rubyntlm/pull/34) ([fwininger](https://github.com/fwininger))
+- ignore pkg directory in git [\#33](https://github.com/WinRb/rubyntlm/pull/33) ([mwrock](https://github.com/mwrock))
+
+## [v0.6.1](https://github.com/WinRb/rubyntlm/tree/v0.6.1) (2016-09-15)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.6.0...v0.6.1)
+
+**Merged pull requests:**
+
+- Release 0.6.1 [\#32](https://github.com/WinRb/rubyntlm/pull/32) ([mwrock](https://github.com/mwrock))
+- only test supported rubies and do not test twice [\#31](https://github.com/WinRb/rubyntlm/pull/31) ([mwrock](https://github.com/mwrock))
+
+## [v0.6.0](https://github.com/WinRb/rubyntlm/tree/v0.6.0) (2016-02-16)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.5.3...v0.6.0)
+
+**Closed issues:**
+
+- support Extended Protection for Authentication \(Channel Binding Tokens\) [\#27](https://github.com/WinRb/rubyntlm/issues/27)
+- RubyNTLM is not documented [\#20](https://github.com/WinRb/rubyntlm/issues/20)
+
+## [v0.5.3](https://github.com/WinRb/rubyntlm/tree/v0.5.3) (2016-01-22)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/0.5.3...v0.5.3)
+
+## [0.5.3](https://github.com/WinRb/rubyntlm/tree/0.5.3) (2016-01-22)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/0.5.2...0.5.3)
+
+**Merged pull requests:**
+
+- fix session.workstation when passing only domain [\#26](https://github.com/WinRb/rubyntlm/pull/26) ([mwrock](https://github.com/mwrock))
+
+## [0.5.2](https://github.com/WinRb/rubyntlm/tree/0.5.2) (2015-07-20)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/0.5.1...0.5.2)
+
+**Merged pull requests:**
+
+- Add Pass the Hash capability to the NTLM client [\#24](https://github.com/WinRb/rubyntlm/pull/24) ([thelightcosine](https://github.com/thelightcosine))
+
+## [0.5.1](https://github.com/WinRb/rubyntlm/tree/0.5.1) (2015-06-23)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/0.5.0...0.5.1)
+
+**Merged pull requests:**
+
+- fix NTLM1 auth - NTLM::lm\_response\(pwd, chal\) and NTLM::ntlm\_response… [\#23](https://github.com/WinRb/rubyntlm/pull/23) ([marek-veber](https://github.com/marek-veber))
+- Make the session key available to clients [\#21](https://github.com/WinRb/rubyntlm/pull/21) ([jlee-r7](https://github.com/jlee-r7))
+
+## [0.5.0](https://github.com/WinRb/rubyntlm/tree/0.5.0) (2015-02-22)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.4.0...0.5.0)
+
+**Closed issues:**
+
+- require 'net/ntlm/version' in spec/lib/net/ntlm/version\_spec.rb [\#12](https://github.com/WinRb/rubyntlm/issues/12)
+- License missing from gemspec [\#5](https://github.com/WinRb/rubyntlm/issues/5)
+
+**Merged pull requests:**
+
+- Protect against mutating frozen strings [\#30](https://github.com/WinRb/rubyntlm/pull/30) ([mwrock](https://github.com/mwrock))
+- Support Extended Protection for Authentication \(Channel binding\) [\#28](https://github.com/WinRb/rubyntlm/pull/28) ([mwrock](https://github.com/mwrock))
+- Encode client and domain in oem/unicode in `Client\#authenticate!` [\#19](https://github.com/WinRb/rubyntlm/pull/19) ([jlee-r7](https://github.com/jlee-r7))
+- require version to fix specs [\#17](https://github.com/WinRb/rubyntlm/pull/17) ([sneal](https://github.com/sneal))
+- Initial go at an NTLM Client that will do session signing/sealing [\#16](https://github.com/WinRb/rubyntlm/pull/16) ([zenchild](https://github.com/zenchild))
+- Verify passwords in Type3 messages [\#15](https://github.com/WinRb/rubyntlm/pull/15) ([jlee-r7](https://github.com/jlee-r7))
+- RSpect should =\> expect modernization [\#14](https://github.com/WinRb/rubyntlm/pull/14) ([zenchild](https://github.com/zenchild))
+- update http example with EncodeUtil class [\#11](https://github.com/WinRb/rubyntlm/pull/11) ([stensonb](https://github.com/stensonb))
+- update readme with how to use and the correct namespacing for using the gem [\#10](https://github.com/WinRb/rubyntlm/pull/10) ([stensonb](https://github.com/stensonb))
+
+## [v0.4.0](https://github.com/WinRb/rubyntlm/tree/v0.4.0) (2013-09-12)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.3.4...v0.4.0)
+
+**Closed issues:**
+
+- The domain should always be capitalized otherwise domain authentication fails [\#7](https://github.com/WinRb/rubyntlm/issues/7)
+
+**Merged pull requests:**
+
+- Add licensing information and clean up attributions to provide licensing... [\#9](https://github.com/WinRb/rubyntlm/pull/9) ([pmorton](https://github.com/pmorton))
+- Upcase the domain [\#8](https://github.com/WinRb/rubyntlm/pull/8) ([pmorton](https://github.com/pmorton))
+- Refactor/refactor classes [\#6](https://github.com/WinRb/rubyntlm/pull/6) ([thelightcosine](https://github.com/thelightcosine))
+
+## [v0.3.4](https://github.com/WinRb/rubyntlm/tree/v0.3.4) (2013-08-08)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.3.3...v0.3.4)
+
+## [v0.3.3](https://github.com/WinRb/rubyntlm/tree/v0.3.3) (2013-07-23)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.3.2...v0.3.3)
+
+**Merged pull requests:**
+
+- Typo in NTLM namespace calls [\#4](https://github.com/WinRb/rubyntlm/pull/4) ([thelightcosine](https://github.com/thelightcosine))
+
+## [v0.3.2](https://github.com/WinRb/rubyntlm/tree/v0.3.2) (2013-06-24)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.3.1...v0.3.2)
+
+**Closed issues:**
+
+- Gem is locked at 1.9.2 [\#1](https://github.com/WinRb/rubyntlm/issues/1)
+
+## [v0.3.1](https://github.com/WinRb/rubyntlm/tree/v0.3.1) (2013-03-29)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.3.0...v0.3.1)
+
+**Merged pull requests:**
+
+- Fix gemspec for the proper ruby version and bump the version [\#2](https://github.com/WinRb/rubyntlm/pull/2) ([pmorton](https://github.com/pmorton))
+
+## [v0.3.0](https://github.com/WinRb/rubyntlm/tree/v0.3.0) (2013-03-25)
+[Full Changelog](https://github.com/WinRb/rubyntlm/compare/v0.2.0...v0.3.0)
+
+## [v0.2.0](https://github.com/WinRb/rubyntlm/tree/v0.2.0) (2013-03-22)
+
+
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

data/Rakefile

@@ -1,5 +1,5 @@
 require "bundler/gem_tasks"
-
+require 'github_changelog_generator/task'
 
 require 'rspec/core/rake_task'
 RSpec::Core::RakeTask.new(:spec)
@@ -20,3 +20,6 @@ task :console do
   Pry.start
 end
 
+GitHubChangelogGenerator::RakeTask.new :changelog do |config|
+  config.future_release = Net::NTLM::VERSION::STRING
+end

data/lib/net/ntlm.rb

@@ -42,6 +42,7 @@ require 'openssl/digest'
 require 'socket'
 
 # Load Order is important here
+require 'net/ntlm/exceptions'
 require 'net/ntlm/field'
 require 'net/ntlm/int16_le'
 require 'net/ntlm/int32_le'
@@ -60,6 +61,8 @@ require 'net/ntlm/message/type3'
 require 'net/ntlm/encode_util'
 
 require 'net/ntlm/client'
+require 'net/ntlm/channel_binding'
+require 'net/ntlm/target_info'
 
 module Net
   module NTLM
@@ -120,11 +123,11 @@ module Net
       end
 
       def apply_des(plain, keys)
-        dec = OpenSSL::Cipher::Cipher.new("des-cbc")
+        dec = OpenSSL::Cipher.new("des-cbc").encrypt
         dec.padding = 0
         keys.map {|k|
           dec.key = k
-          dec.encrypt.update(plain) + dec.final
+          dec.update(plain) + dec.final
         }
       end
 

data/lib/net/ntlm/channel_binding.rb

@@ -0,0 +1,65 @@
+module Net
+  module NTLM
+    class ChannelBinding
+
+      # Creates a ChannelBinding used for Extended Protection Authentication
+      # @see http://blogs.msdn.com/b/openspecification/archive/2013/03/26/ntlm-and-channel-binding-hash-aka-exteneded-protection-for-authentication.aspx
+      #
+      # @param outer_channel [OpenSSL::X509::Certificate] Server certificate securing
+      #   the outer TLS channel
+      # @return [NTLM::ChannelBinding] A ChannelBinding holding a token that can be
+      #   embedded in a {Type3} message
+      def self.create(outer_channel)
+        new(outer_channel)
+      end
+
+      # @param outer_channel [OpenSSL::X509::Certificate] Server certificate securing
+      #   the outer TLS channel
+      def initialize(outer_channel)
+        @channel = outer_channel
+        @unique_prefix = 'tls-server-end-point'
+        @initiator_addtype = 0
+        @initiator_address_length = 0
+        @acceptor_addrtype = 0
+        @acceptor_address_length = 0
+      end
+
+      attr_reader :channel, :unique_prefix, :initiator_addtype
+      attr_reader :initiator_address_length, :acceptor_addrtype
+      attr_reader :acceptor_address_length
+
+      # Returns a channel binding hash acceptable for use as a AV_PAIR MsvAvChannelBindings
+      #   field value as specified in the NTLM protocol
+      #
+      # @return [String] MD5 hash of gss_channel_bindings_struct
+      def channel_binding_token
+        @channel_binding_token ||= OpenSSL::Digest::MD5.new(gss_channel_bindings_struct).digest
+      end
+
+      def gss_channel_bindings_struct
+        @gss_channel_bindings_struct ||= begin
+          token = [initiator_addtype].pack('I')
+          token << [initiator_address_length].pack('I')
+          token << [acceptor_addrtype].pack('I')
+          token << [acceptor_address_length].pack('I')
+          token << [application_data.length].pack('I')
+          token << application_data
+          token
+        end
+      end
+
+      def channel_hash
+        @channel_hash ||= OpenSSL::Digest::SHA256.new(channel.to_der)
+      end
+
+      def application_data
+        @application_data ||= begin
+          data = unique_prefix
+          data << ':'
+          data << channel_hash.digest
+          data
+        end
+      end
+    end
+  end
+end

data/lib/net/ntlm/client.rb

@@ -27,12 +27,12 @@ module Net
       end
 
       # @return [NTLM::Message]
-      def init_context(resp = nil)
+      def init_context(resp = nil, channel_binding = nil)
         if resp.nil?
           @session = nil
           type1_message
         else
-          @session = Client::Session.new(self, Net::NTLM::Message.decode64(resp))
+          @session = Client::Session.new(self, Net::NTLM::Message.decode64(resp), channel_binding)
           @session.authenticate!
         end
       end

data/lib/net/ntlm/client/session.rb

@@ -10,13 +10,14 @@ module Net
       CLIENT_TO_SERVER_SEALING = "session key to client-to-server sealing key magic constant\0"
       SERVER_TO_CLIENT_SEALING = "session key to server-to-client sealing key magic constant\0"
 
-      attr_reader :client, :challenge_message
+      attr_reader :client, :challenge_message, :channel_binding
 
       # @param client [Net::NTLM::Client] the client instance
       # @param challenge_message [Net::NTLM::Message::Type2] server message
-      def initialize(client, challenge_message)
+      def initialize(client, challenge_message, channel_binding = nil)
         @client = client
         @challenge_message = challenge_message
+        @channel_binding = channel_binding
       end
 
       # Generate an NTLMv2 AUTHENTICATE_MESSAGE
@@ -35,7 +36,7 @@ module Net
         t3 = Message::Type3.create type3_opts
         if negotiate_key_exchange?
           t3.enable(:session_key)
-          rc4 = OpenSSL::Cipher::Cipher.new("rc4")
+          rc4 = OpenSSL::Cipher.new("rc4")
           rc4.encrypt
           rc4.key = user_session_key
           sk = rc4.update exported_session_key
@@ -124,7 +125,7 @@ module Net
       def client_cipher
         @client_cipher ||=
           begin
-            rc4 = OpenSSL::Cipher::Cipher.new("rc4")
+            rc4 = OpenSSL::Cipher.new("rc4")
             rc4.encrypt
             rc4.key = client_seal_key
             rc4
@@ -134,7 +135,7 @@ module Net
       def server_cipher
         @server_cipher ||=
           begin
-            rc4 = OpenSSL::Cipher::Cipher.new("rc4")
+            rc4 = OpenSSL::Cipher.new("rc4")
             rc4.decrypt
             rc4.key = server_seal_key
             rc4
@@ -172,7 +173,7 @@ module Net
       end
 
       def workstation
-        (client.domain ? oem_or_unicode_str(client.workstation) : "")
+        (client.workstation ? oem_or_unicode_str(client.workstation) : "")
       end
 
       def domain
@@ -213,11 +214,24 @@ module Net
             b = Blob.new
             b.timestamp = timestamp
             b.challenge = client_challenge
-            b.target_info = challenge_message.target_info
+            b.target_info = target_info
             b.serialize
           end
       end
 
+      def target_info
+        @target_info ||= begin
+          if channel_binding
+            t = Net::NTLM::TargetInfo.new(challenge_message.target_info)
+            av_id = Net::NTLM::TargetInfo::MSV_AV_CHANNEL_BINDINGS
+            t.av_pairs[av_id] = channel_binding.channel_binding_token
+            t.to_s
+          else
+            challenge_message.target_info
+          end
+        end
+      end
+
     end
   end
 end

data/lib/net/ntlm/encode_util.rb

@@ -27,7 +27,7 @@ module NTLM
       # Decode a UTF16 string to a ASCII string
       # @param [String] str The string to convert
       def self.decode_utf16le(str)
-        str.force_encoding(Encoding::UTF_16LE)
+        str = str.dup.force_encoding(Encoding::UTF_16LE)
         str.encode(Encoding::UTF_8, Encoding::UTF_16LE).force_encoding('UTF-8')
       end
 
@@ -39,7 +39,6 @@ module NTLM
       #   the function will convert the string bytes to UTF-16LE and note the encoding as UTF-8 so that byte
       #   concatination works seamlessly.
       def self.encode_utf16le(str)
-        str = str.force_encoding('UTF-8') if [::Encoding::ASCII_8BIT,::Encoding::US_ASCII].include?(str.encoding)
         str.dup.force_encoding('UTF-8').encode(Encoding::UTF_16LE, Encoding::UTF_8).force_encoding('UTF-8')
       end
     end

data/lib/net/ntlm/exceptions.rb

@@ -0,0 +1,14 @@
+module Net
+  module NTLM
+    class NtlmError < StandardError; end
+
+    class InvalidTargetDataError < NtlmError
+      attr_reader :data
+
+      def initialize(msg, data)
+        @data = data
+        super(msg)
+      end
+    end
+  end
+end

data/lib/net/ntlm/target_info.rb

@@ -0,0 +1,89 @@
+module Net
+  module NTLM
+
+    # Represents a list of AV_PAIR structures
+    # @see https://msdn.microsoft.com/en-us/library/cc236646.aspx
+    class TargetInfo
+
+      # Allowed AvId values for an AV_PAIR
+      MSV_AV_EOL               = "\x00\x00".freeze
+      MSV_AV_NB_COMPUTER_NAME  = "\x01\x00".freeze
+      MSV_AV_NB_DOMAIN_NAME    = "\x02\x00".freeze
+      MSV_AV_DNS_COMPUTER_NAME = "\x03\x00".freeze
+      MSV_AV_DNS_DOMAIN_NAME   = "\x04\x00".freeze
+      MSV_AV_DNS_TREE_NAME     = "\x05\x00".freeze
+      MSV_AV_FLAGS             = "\x06\x00".freeze
+      MSV_AV_TIMESTAMP         = "\x07\x00".freeze
+      MSV_AV_SINGLE_HOST       = "\x08\x00".freeze
+      MSV_AV_TARGET_NAME       = "\x09\x00".freeze
+      MSV_AV_CHANNEL_BINDINGS  = "\x0A\x00".freeze
+
+      # @param av_pair_sequence [String] AV_PAIR list from challenge message
+      def initialize(av_pair_sequence)
+        @av_pairs = read_pairs(av_pair_sequence)
+      end
+
+      attr_reader :av_pairs
+
+      def to_s
+        result = ''
+        av_pairs.each do |k,v|
+          result << k
+          result << [v.length].pack('S')
+          result << v
+        end
+        result << Net::NTLM::TargetInfo::MSV_AV_EOL
+        result << [0].pack('S')
+        result.force_encoding(Encoding::ASCII_8BIT)
+      end
+
+      private
+
+      VALID_PAIR_ID = [
+          MSV_AV_EOL,
+          MSV_AV_NB_COMPUTER_NAME,
+          MSV_AV_NB_DOMAIN_NAME,
+          MSV_AV_DNS_COMPUTER_NAME,
+          MSV_AV_DNS_DOMAIN_NAME,
+          MSV_AV_DNS_TREE_NAME,
+          MSV_AV_FLAGS,
+          MSV_AV_TIMESTAMP,
+          MSV_AV_SINGLE_HOST,
+          MSV_AV_TARGET_NAME,
+          MSV_AV_CHANNEL_BINDINGS
+      ].freeze
+
+      def read_pairs(av_pair_sequence)
+        offset = 0
+        result = {}
+        return result if av_pair_sequence.nil?
+
+        until offset >= av_pair_sequence.length
+          id = av_pair_sequence[offset..offset+1]
+
+          unless VALID_PAIR_ID.include?(id)
+            raise Net::NTLM::InvalidTargetDataError.new( 
+              "Invalid AvId #{to_hex(id)} in AV_PAIR structure",
+              av_pair_sequence
+            )
+          end
+
+          length = av_pair_sequence[offset+2..offset+3].unpack('S')[0].to_i
+          if length > 0
+            value = av_pair_sequence[offset+4..offset+4+length-1]
+            result[id] = value
+          end
+
+          offset += 4 + length
+        end
+
+        result
+      end
+
+      def to_hex(str)
+        return nil if str.nil?
+        str.bytes.map {|b| '0x' + b.to_s(16).rjust(2,'0').upcase}.join('-')
+      end
+    end
+  end
+end

data/lib/net/ntlm/version.rb

@@ -3,8 +3,8 @@ module Net
     # @private
     module VERSION
       MAJOR = 0
-      MINOR = 5
-      TINY  = 2
+      MINOR = 6
+      TINY  = 3
       STRING = [MAJOR, MINOR, TINY].join('.')
     end
   end

data/rubyntlm.gemspec

@@ -21,6 +21,7 @@ Gem::Specification.new do |s|
 
   s.license = 'MIT'
 
+  s.add_development_dependency 'github_changelog_generator', '1.14.3'
   s.add_development_dependency "pry"
   s.add_development_dependency "rake"
   s.add_development_dependency "rspec", ">= 2.11"

data/spec/lib/net/ntlm/channel_binding_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe Net::NTLM::ChannelBinding do
+  let(:certificates_path) { 'spec/support/certificates' }
+  let(:sha_256_path) { File.join(certificates_path, 'sha_256_hash.pem') }
+  let(:sha_256_cert) { OpenSSL::X509::Certificate.new(File.read(sha_256_path)) }  
+  let(:cert_hash) { "\x04\x0E\x56\x28\xEC\x4A\x98\x29\x91\x70\x73\x62\x03\x7B\xB2\x3C".force_encoding(Encoding::ASCII_8BIT) }
+
+  subject { Net::NTLM::ChannelBinding.create(sha_256_cert) }
+
+  describe '#channel_binding_token' do
+
+    it 'returns the correct hash' do
+      expect(subject.channel_binding_token).to eq cert_hash
+    end
+  end
+end

data/spec/lib/net/ntlm/client_spec.rb

@@ -55,7 +55,7 @@ describe Net::NTLM::Client do
       t2_challenge = "TlRMTVNTUAACAAAADAAMADgAAAA1goriAAyk1DmJUnUAAAAAAAAAAFAAUABEAAAABgLwIwAAAA9TAEUAUgBWAEUAUgACAAwAUwBFAFIAVgBFAFIAAQAMAFMARQBSAFYARQBSAAQADABzAGUAcgB2AGUAcgADAAwAcwBlAHIAdgBlAHIABwAIADd7mrNaB9ABAAAAAA=="
       session = double("session")
       expect(session).to receive(:authenticate!)
-      expect(Net::NTLM::Client::Session).to receive(:new).with(inst, instance_of(Net::NTLM::Message::Type2)).and_return(session)
+      expect(Net::NTLM::Client::Session).to receive(:new).with(inst, instance_of(Net::NTLM::Message::Type2), nil).and_return(session)
       inst.init_context t2_challenge
     end
 

data/spec/lib/net/ntlm/encode_util_spec.rb

@@ -4,13 +4,13 @@ describe Net::NTLM::EncodeUtil do
 
   context '#encode_utf16le' do
     it 'should convert an ASCII string to UTF' do
-      expect(Net::NTLM::EncodeUtil.encode_utf16le('Test')).to eq("T\x00e\x00s\x00t\x00")
+      expect(Net::NTLM::EncodeUtil.encode_utf16le('Test'.encode(::Encoding::ASCII_8BIT).freeze)).to eq("T\x00e\x00s\x00t\x00")
     end
   end
 
   context '#decode_utf16le' do
     it 'should convert a UTF string to ASCII' do
-      expect(Net::NTLM::EncodeUtil.decode_utf16le("T\x00e\x00s\x00t\x00")).to eq('Test')
+      expect(Net::NTLM::EncodeUtil.decode_utf16le("T\x00e\x00s\x00t\x00".freeze)).to eq('Test')
     end
   end
 end

data/spec/lib/net/ntlm/target_info_spec.rb

@@ -0,0 +1,76 @@
+require 'spec_helper'
+
+describe Net::NTLM::TargetInfo do
+  let(:key1) { Net::NTLM::TargetInfo::MSV_AV_NB_COMPUTER_NAME }
+  let(:value1) { 'some data' }
+  let(:key2) { Net::NTLM::TargetInfo::MSV_AV_NB_DOMAIN_NAME }
+  let(:value2) { 'some other data' }  
+  let(:data) do
+    dt = key1.dup
+    dt << [value1.length].pack('S')
+    dt << value1
+    dt << key2.dup
+    dt << [value2.length].pack('S')
+    dt << value2
+    dt << Net::NTLM::TargetInfo::MSV_AV_EOL
+    dt << [0].pack('S')
+    dt.force_encoding(Encoding::ASCII_8BIT)
+  end
+
+  subject { Net::NTLM::TargetInfo.new(data) }
+
+  describe 'invalid data' do
+
+    context 'invalid pair id' do
+      let(:data) { "\xFF\x00" }
+
+      it 'returns an error' do
+        expect{subject}.to raise_error Net::NTLM::InvalidTargetDataError
+      end    
+    end
+  end
+
+  describe '#av_pairs' do
+
+    it 'returns the pair values with the given keys' do
+      expect(subject.av_pairs[key1]).to eq value1
+      expect(subject.av_pairs[key2]).to eq value2
+    end
+
+    context "target data is nil" do
+      subject { Net::NTLM::TargetInfo.new(nil) }
+
+      it 'returns the pair values with the given keys' do
+        expect(subject.av_pairs).to be_empty
+      end
+    end
+  end
+
+  describe '#to_s' do
+    let(:data) do
+      dt = key1.dup
+      dt << [value1.length].pack('S')
+      dt << value1
+      dt << key2.dup
+      dt << [value2.length].pack('S')
+      dt << value2
+      dt.force_encoding(Encoding::ASCII_8BIT)
+    end
+    let(:new_key) { Net::NTLM::TargetInfo::MSV_AV_CHANNEL_BINDINGS }
+    let(:new_value) { 'bindings' }
+    let(:new_data) do
+      dt = data
+      dt << new_key
+      dt << [new_value.length].pack('S')
+      dt << new_value
+      dt << Net::NTLM::TargetInfo::MSV_AV_EOL
+      dt << [0].pack('S')
+      dt.force_encoding(Encoding::ASCII_8BIT)
+    end
+
+    it 'returns bytes with any new data added' do
+      subject.av_pairs[new_key] = new_value
+      expect(subject.to_s).to eq new_data
+    end
+  end
+end

data/spec/support/certificates/sha_256_hash.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDKjCCAhKgAwIBAgIQV0qwsk2MCoxI2Do7IQ6eQzANBgkqhkiG9w0BAQsFADAa
+MRgwFgYDVQQDDA8xOTIuMTY4LjEzNy4xNjEwHhcNMTYwMTI3MjIyMzA5WhcNMTcw
+MTI3MjI0MzA5WjAaMRgwFgYDVQQDDA8xOTIuMTY4LjEzNy4xNjEwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+bGWZQFYjF+bV1WJ1L/MGVNmJR89aJ44Z
+rKI/IXKFdbn5wjQPWng/DcaHR6xtMXQkc22boe58GK/uzl84ofbRa6qtboa5djdZ
+9CGsd4Yf6CnVz4mhKSi+BnLi80ydhIRByxoX5bGcCSW6dixR5XiNMaMKzhCjQ+of
+TU+PBNt7doXB7p0mO4AZz42v4rorRiPNasETj6wlKhFKCMvPLePTwphCgCQsLvgG
+NQKtFD7TXvrZwplPSeCPhnzd1vHoZMisMn8ZVQ5dAfSEGGkPkOLO0htbUbdaNMoU
+DPyo7Bu62Q/dqqo1MNbMYM5Ilw8mxe4drOs9UupH0eMovFhVMO0LAgMBAAGjbDBq
+MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
+GgYDVR0RBBMwEYIPMTkyLjE2OC4xMzcuMTYxMB0GA1UdDgQWBBSLuqyHonSmdm8m
+9R+z2obO/X3/+TANBgkqhkiG9w0BAQsFAAOCAQEAH4pDGBclTHrwF+Bkbfj81ibK
+E2SJSHbdhSx6YCsR28jXUOESfaik5ZPPMXscJqVc1FPpsU9clPFnGiAf0Kt48gsR
+twfrRSGgJRv1ZgQyJ4dEQkXbQf2+8uY25Rv4kkFDSvPrE6E9o9Jf9bjqefUYski1
+YoYdWzgrh/2qoNhnM34wizZgE1bWYbWA9MlUuWH9q/OBEx9uP/K53SXOR7DRzYcY
+Kg1Z7hV86nvc0WutjEadgdtvJ7eUlg8vAWZqWo5SIdp69l0OEWUlHiaRsPImS5Hd
+pX3W8n0wHCxBSntDww7U3SHg6DrYf72taBIQW7xFf63S37yLP4CNss68GqPdyQ==
+-----END CERTIFICATE-----

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubyntlm
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.6.3
 platform: ruby
 authors:
 - Kohei Kajimoto
@@ -9,8 +9,22 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-07-20 00:00:00.000000000 Z
+date: 2021-01-27 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: github_changelog_generator
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.14.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.14.3
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -88,9 +102,11 @@ files:
 - examples/smtp.rb
 - lib/net/ntlm.rb
 - lib/net/ntlm/blob.rb
+- lib/net/ntlm/channel_binding.rb
 - lib/net/ntlm/client.rb
 - lib/net/ntlm/client/session.rb
 - lib/net/ntlm/encode_util.rb
+- lib/net/ntlm/exceptions.rb
 - lib/net/ntlm/field.rb
 - lib/net/ntlm/field_set.rb
 - lib/net/ntlm/int16_le.rb
@@ -103,10 +119,12 @@ files:
 - lib/net/ntlm/message/type3.rb
 - lib/net/ntlm/security_buffer.rb
 - lib/net/ntlm/string.rb
+- lib/net/ntlm/target_info.rb
 - lib/net/ntlm/version.rb
 - lib/rubyntlm.rb
 - rubyntlm.gemspec
 - spec/lib/net/ntlm/blob_spec.rb
+- spec/lib/net/ntlm/channel_binding_spec.rb
 - spec/lib/net/ntlm/client/session_spec.rb
 - spec/lib/net/ntlm/client_spec.rb
 - spec/lib/net/ntlm/encode_util_spec.rb
@@ -122,9 +140,11 @@ files:
 - spec/lib/net/ntlm/message_spec.rb
 - spec/lib/net/ntlm/security_buffer_spec.rb
 - spec/lib/net/ntlm/string_spec.rb
+- spec/lib/net/ntlm/target_info_spec.rb
 - spec/lib/net/ntlm/version_spec.rb
 - spec/lib/net/ntlm_spec.rb
 - spec/spec_helper.rb
+- spec/support/certificates/sha_256_hash.pem
 - spec/support/shared/examples/net/ntlm/field_shared.rb
 - spec/support/shared/examples/net/ntlm/fieldset_shared.rb
 - spec/support/shared/examples/net/ntlm/int_shared.rb
@@ -148,13 +168,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.7
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: Ruby/NTLM library.
 test_files:
 - spec/lib/net/ntlm/blob_spec.rb
+- spec/lib/net/ntlm/channel_binding_spec.rb
 - spec/lib/net/ntlm/client/session_spec.rb
 - spec/lib/net/ntlm/client_spec.rb
 - spec/lib/net/ntlm/encode_util_spec.rb
@@ -170,9 +190,11 @@ test_files:
 - spec/lib/net/ntlm/message_spec.rb
 - spec/lib/net/ntlm/security_buffer_spec.rb
 - spec/lib/net/ntlm/string_spec.rb
+- spec/lib/net/ntlm/target_info_spec.rb
 - spec/lib/net/ntlm/version_spec.rb
 - spec/lib/net/ntlm_spec.rb
 - spec/spec_helper.rb
+- spec/support/certificates/sha_256_hash.pem
 - spec/support/shared/examples/net/ntlm/field_shared.rb
 - spec/support/shared/examples/net/ntlm/fieldset_shared.rb
 - spec/support/shared/examples/net/ntlm/int_shared.rb