winrm 2.1.1 → 2.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/changelog.md +3 -0
  3. data/lib/winrm/http/transport.rb +59 -56
  4. data/lib/winrm/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 640699847b134916407b0e18c09c14cc323f0951
4
- data.tar.gz: 0129263b31ef9e042dbb7e404e71b56ebcad7f34
3
+ metadata.gz: 9f7008164689e6ff66359218a1c3d35aa83690f0
4
+ data.tar.gz: 61301e63b59b0080c7e97c1a24cd9fe8feff58a2
5
5
  SHA512:
6
- metadata.gz: 71b28f0853aca2274064f14e867f1638a83927ea649df320701c171c58425c1149cc6b0ca36fe11dd34c9df5756117ba92ada06fe4716b5e0f7d9fac8f6ce38e
7
- data.tar.gz: e22fa02527fa907bc668fbdead7d0a40f6ad6eeeb1d965064e6266270a173a52a1bd16a8ab9d7e664689f17bbe33c43f5abeee1ab0a4f611a731c59436b10f39
6
+ metadata.gz: 3947c9f5095f99380485cc7df15d9cc999ca57216882d56c8e32e8b0ae744e8fd2b2bbd4a03db012cbcf2dc66de041259d0fbdfdcbc5e4c2e9b3a60c912e8a7d
7
+ data.tar.gz: a451b042529eec914cb0cfcb72d4c59b76453e49fb371b3f35ae8b0abf362d2a9b307807fc8cce582adcafd3e32dfe29b7aa7485afcf713db59db37ef8506a4b
data/changelog.md CHANGED
@@ -1,5 +1,8 @@
1
1
  # WinRM Gem Changelog
2
2
 
3
+ # 2.1.2
4
+ - Fix kerberos transport
5
+
3
6
  # 2.1.1
4
7
  - Fix rendering of powershell output with non ascii UTF-8 characters emitted from executables
5
8
 
data/lib/winrm/http/transport.rb CHANGED
@@ -269,6 +269,7 @@ module WinRM
269
269
  no_sspi_auth!
270
270
  service ||= 'HTTP'
271
271
  @service = "#{service}/#{@endpoint.host}@#{realm}"
272
+ no_ssl_peer_verification! if opts[:no_ssl_peer_verification]
272
273
  init_krb
273
274
  end
274
275
 
@@ -336,89 +337,91 @@ module WinRM
336
337
  @gsscli.init_context(itok)
337
338
  end
338
339
 
340
+ # rubocop:disable Metrics/MethodLength
341
+ # rubocop:disable Metrics/AbcSize
342
+
339
343
  # @return [String] the encrypted request string
340
344
  def winrm_encrypt(str)
341
345
  @logger.debug "Encrypting SOAP message:\n#{str}"
342
- iov = iov_pointer
346
+ iov_cnt = 3
347
+ iov = FFI::MemoryPointer.new(GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * iov_cnt)
343
348
 
344
- iov0 = create_iov(iov.address, 0, :header)[:buffer]
345
- iov1 = create_iov(iov.address, 1, :data, str)[:buffer]
346
- iov2 = create_iov(iov.address, 2, :padding)[:buffer]
349
+ iov0 = GSSAPI::LibGSSAPI::GssIOVBufferDesc.new(FFI::Pointer.new(iov.address))
350
+ iov0[:type] = (GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_HEADER | \
351
+ GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_FLAG_ALLOCATE)
347
352
 
348
- gss_wrap(iov)
353
+ iov1 = GSSAPI::LibGSSAPI::GssIOVBufferDesc.new(
354
+ FFI::Pointer.new(iov.address + (GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * 1)))
355
+ iov1[:type] = GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_DATA
356
+ iov1[:buffer].value = str
357
+
358
+ iov2 = GSSAPI::LibGSSAPI::GssIOVBufferDesc.new(
359
+ FFI::Pointer.new(iov.address + (GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * 2)))
360
+ iov2[:type] = (GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_PADDING | \
361
+ GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_FLAG_ALLOCATE)
349
362
 
350
- token = [iov0.length].pack('L')
351
- token += iov0.value
352
- token += iov1.value
353
- pad_len = iov2.length
354
- token += iov2.value if pad_len > 0
363
+ conf_state = FFI::MemoryPointer.new :uint32
364
+ min_stat = FFI::MemoryPointer.new :uint32
365
+
366
+ GSSAPI::LibGSSAPI.gss_wrap_iov(
367
+ min_stat,
368
+ @gsscli.context,
369
+ 1,
370
+ GSSAPI::LibGSSAPI::GSS_C_QOP_DEFAULT,
371
+ conf_state,
372
+ iov,
373
+ iov_cnt)
374
+
375
+ token = [iov0[:buffer].length].pack('L')
376
+ token += iov0[:buffer].value
377
+ token += iov1[:buffer].value
378
+ pad_len = iov2[:buffer].length
379
+ token += iov2[:buffer].value if pad_len > 0
355
380
  [pad_len, token]
356
381
  end
357
382
 
358
383
  # @return [String] the unencrypted response string
359
384
  def winrm_decrypt(str)
360
385
  @logger.debug "Decrypting SOAP message:\n#{str}"
386
+ iov_cnt = 3
387
+ iov = FFI::MemoryPointer.new(GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * iov_cnt)
361
388
 
362
- str.force_encoding('BINARY')
363
- str.sub!(%r{^.*Content-Type: application\/octet-stream\r\n(.*)--Encrypted.*$}m, '\1')
364
- iov_data = str.unpack("LA#{str.unpack('L').first}A*")
365
-
366
- iov = iov_pointer
367
-
368
- create_iov(iov.address, 0, :header, iov_data[1])
369
- ret = create_iov(iov.address, 1, :data, iov_data[2])[:buffer].value
370
- create_iov(iov.address, 2, :data)
389
+ iov0 = GSSAPI::LibGSSAPI::GssIOVBufferDesc.new(FFI::Pointer.new(iov.address))
390
+ iov0[:type] = (GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_HEADER | \
391
+ GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_FLAG_ALLOCATE)
371
392
 
372
- maj_stat = gss_unwrap(iov)
393
+ iov1 = GSSAPI::LibGSSAPI::GssIOVBufferDesc.new(
394
+ FFI::Pointer.new(iov.address + (GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * 1)))
395
+ iov1[:type] = GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_DATA
373
396
 
374
- @logger.debug "SOAP message decrypted (MAJ: #{maj_stat}, " \
375
- "MIN: #{min_stat.read_int}):\n#{ret}"
397
+ iov2 = GSSAPI::LibGSSAPI::GssIOVBufferDesc.new(
398
+ FFI::Pointer.new(iov.address + (GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * 2)))
399
+ iov2[:type] = GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_DATA
376
400
 
377
- ret
378
- end
401
+ str.force_encoding('BINARY')
402
+ str.sub!(%r{^.*Content-Type: application\/octet-stream\r\n(.*)--Encrypted.*$}m, '\1')
379
403
 
380
- def iov_pointer
381
- FFI::MemoryPointer.new(GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * 3)
382
- end
404
+ len = str.unpack('L').first
405
+ iov_data = str.unpack("LA#{len}A*")
406
+ iov0[:buffer].value = iov_data[1]
407
+ iov1[:buffer].value = iov_data[2]
383
408
 
384
- def gss_unwrap(iov)
385
409
  min_stat = FFI::MemoryPointer.new :uint32
386
410
  conf_state = FFI::MemoryPointer.new :uint32
387
411
  conf_state.write_int(1)
388
412
  qop_state = FFI::MemoryPointer.new :uint32
389
413
  qop_state.write_int(0)
390
414
 
391
- GSSAPI::LibGSSAPI.gss_unwrap_iov(
392
- min_stat, @gsscli.context, conf_state, qop_state, iov, 3)
393
- end
415
+ maj_stat = GSSAPI::LibGSSAPI.gss_unwrap_iov(
416
+ min_stat, @gsscli.context, conf_state, qop_state, iov, iov_cnt)
394
417
 
395
- def gss_wrap(iov)
396
- GSSAPI::LibGSSAPI.gss_wrap_iov(
397
- FFI::MemoryPointer.new(:uint32),
398
- @gsscli.context,
399
- 1,
400
- GSSAPI::LibGSSAPI::GSS_C_QOP_DEFAULT,
401
- FFI::MemoryPointer.new(:uint32),
402
- iov,
403
- 3)
404
- end
418
+ @logger.debug "SOAP message decrypted (MAJ: #{maj_stat}, " \
419
+ "MIN: #{min_stat.read_int}):\n#{iov1[:buffer].value}"
405
420
 
406
- def create_iov(address, offset, type, buffer = nil)
407
- iov = GSSAPI::LibGSSAPI::GssIOVBufferDesc.new(
408
- FFI::Pointer.new(address + (GSSAPI::LibGSSAPI::GssIOVBufferDesc.size * offset)))
409
- case type
410
- when :data
411
- iov[:type] = GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_DATA
412
- when :header
413
- iov[:type] = (GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_HEADER | \
414
- GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_FLAG_ALLOCATE)
415
- when :padding
416
- iov[:type] = (GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_TYPE_PADDING | \
417
- GSSAPI::LibGSSAPI::GSS_IOV_BUFFER_FLAG_ALLOCATE)
418
- end
419
- iov[:buffer].value = buffer if buffer
420
- iov
421
+ iov1[:buffer].value
421
422
  end
423
+ # rubocop:enable Metrics/MethodLength
424
+ # rubocop:enable Metrics/AbcSize
422
425
  end
423
426
  end
424
427
  end # WinRM
data/lib/winrm/version.rb CHANGED
@@ -3,5 +3,5 @@
3
3
  # WinRM module
4
4
  module WinRM
5
5
  # The version of the WinRM library
6
- VERSION = '2.1.1'.freeze
6
+ VERSION = '2.1.2'.freeze
7
7
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: winrm
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.1
4
+ version: 2.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dan Wanek
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2016-12-19 00:00:00.000000000 Z
14
+ date: 2017-01-12 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: gssapi