Method: GSSAPI::Simple#accept_context

Defined in:

lib/gssapi/simple.rb

#accept_context(in_token) ⇒ String, true

Accept a security context that was initiated by a remote peer.

Parameters:

• in_token (String) —

  The token sent by the remote client to initiate the context

Returns:

• (String, true) —

  If this is part of a continuation it will return a token to be passed back to the remote otherwise it will simply return true.

Raises:

• (GssApiError)

# File 'lib/gssapi/simple.rb', line 104

def accept_context(in_token)
  raise GssApiError, "No credentials yet acquired. Call #{self.class.name}#acquire_credentials first" if @scred.nil?

  min_stat = FFI::MemoryPointer.new :OM_uint32
  ctx = (@context.nil? ? LibGSSAPI::GssCtxIdT.gss_c_no_context.address_of : @context.address_of)
  no_chn_bind = LibGSSAPI::GSS_C_NO_CHANNEL_BINDINGS
  client = FFI::MemoryPointer.new :pointer  # Will hold the initiating client name after the call
  mech = FFI::MemoryPointer.new :pointer  # Will hold the mech being used after the call
  in_tok = GSSAPI::LibGSSAPI::UnManagedGssBufferDesc.new
  in_tok.value = in_token
  out_tok = GSSAPI::LibGSSAPI::ManagedGssBufferDesc.new
  ret_flags = FFI::MemoryPointer.new :OM_uint32

  maj_stat = LibGSSAPI.gss_accept_sec_context(min_stat,
                                              ctx,
                                              @scred,
                                              in_tok.pointer,
                                              no_chn_bind,
                                              client,
                                              mech,
                                              out_tok.pointer,
                                              ret_flags,
                                              nil, nil)

  raise GssApiError.new(maj_stat, min_stat), "gss_accept_sec_context did not return GSS_S_COMPLETE" if maj_stat > 1

  @context = LibGSSAPI::GssCtxIdT.new(ctx.get_pointer(0))
  out_tok.length > 0 ? out_tok.value : true
end