Class: Krb5Gssapi

Inherits:
Object
  • Object
show all
Defined in:
lib/krb5-gssapi.rb

Defined Under Namespace

Classes: Error, NoDelegation

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (Krb5Gssapi) initialize(fqdn, keytab)

Returns a new instance of Krb5Gssapi



13
14
15
16
 
# File 'lib/krb5-gssapi.rb', line 13

def initialize(fqdn, keytab)
  @srv = GSSAPI::Simple.new(fqdn, "HTTP", keytab)
  @cachename = "MEMORY:#{ UUID.generator.generate }"
end

Instance Attribute Details

- (Object) ok

Returns the value of attribute ok



11
12
13
 
# File 'lib/krb5-gssapi.rb', line 11

def ok
  @ok
end

- (Object) return_token

Returns the value of attribute return_token



11
12
13
 
# File 'lib/krb5-gssapi.rb', line 11

def return_token
  @return_token
end

Instance Method Details

- (Object) clean_up 



52
53
54
 
# File 'lib/krb5-gssapi.rb', line 52

def clean_up
  ENV.delete('KRB5CCNAME')
end

- (Object) copy_ticket(input_token) 



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'lib/krb5-gssapi.rb', line 22

def copy_ticket(input_token)
  @srv.acquire_credentials

  # TODO: https://github.com/zenchild/gssapi/blob/master/lib/gssapi/simple.rb#L102-L103
  otok = @srv.accept_context(input_token)
  if otok && otok != true
    @return_token = otok
  end

  if @srv.delegated_credentials.nil?
    raise NoDelegation
  end

  context = FFI::MemoryPointer.new :pointer # krb5_context
  principal = FFI::MemoryPointer.new :pointer # krb5_principal
  ccache = FFI::MemoryPointer.new :pointer   # krb5_ccache
  minor = FFI::MemoryPointer.new :OM_uint32

  KRB5::assert_call :krb5_init_context, context
  KRB5::assert_call :krb5_parse_name, context.get_pointer(0), display_name, principal
  KRB5::assert_call :krb5_cc_resolve, context.get_pointer(0), @cachename, ccache
  KRB5::assert_call :krb5_cc_initialize, context.get_pointer(0), ccache.get_pointer(0), principal.get_pointer(0)
  KRB5::assert_call :krb5_free_principal, context.get_pointer(0), principal.get_pointer(0)

  res = GSSAPI::LibGSSAPI::gss_krb5_copy_ccache(minor, @srv.delegated_credentials, ccache.get_pointer(0))

  ENV['KRB5CCNAME'] = @cachename
  @ok = true
end

- (Object) display_name 



18
19
20
 
# File 'lib/krb5-gssapi.rb', line 18

def display_name
  @srv.display_name
end