Module: GSSAPI::LibGSSAPI

Extended by:: FFI::Library

Included in:: GssApiError

Defined in:: lib/gssapi.rb,
lib/gssapi/heimdal.rb,
lib/gssapi/lib_gssapi.rb,
lib/gssapi/lib_gssapi_loader.rb

Defined Under Namespace

Modules: GssBufferDescLayout Classes: GssChannelBindingsStruct, GssCredIdT, GssCtxIdT, GssIOVBufferDesc, GssMStruct, GssNameT, GssOID, GssPointer, GssUMStruct, ManagedGssBufferDesc, UnManagedGssBufferDesc

Constant Summary collapse

GSSAPI_LIB_TYPE =

:heimdal

GSS_C_DELEG_FLAG = Flag bits for context-level services.

GSS_C_MUTUAL_FLAG =

GSS_C_REPLAY_FLAG =

GSS_C_SEQUENCE_FLAG =

GSS_C_CONF_FLAG =

GSS_C_INTEG_FLAG =

GSS_C_ANON_FLAG =

GSS_C_PROT_READY_FLAG =

GSS_C_TRANS_FLAG =

GSS_C_DELEG_POLICY_FLAG =

GSS_C_BOTH = Credential usage options

GSS_C_INITIATE =

GSS_C_ACCEPT =

GSS_C_INDEFINITE = Misc Constants

0xffffffff

GSS_C_CALLING_ERROR_OFFSET = Message Offsets

GSS_C_ROUTINE_ERROR_OFFSET =

GSS_C_SUPPLEMENTARY_OFFSET =

GSS_C_QOP_DEFAULT = QOP (Quality of Protection)

GSS_S_COMPLETE = GSSAPI Status & Error Codes

GSS_C_GSS_CODE =

GSS_C_MECH_CODE =

GSS_C_CALLING_ERRORS =

{
  (1 << GSS_C_CALLING_ERROR_OFFSET) => "GSS_S_CALL_INACCESSIBLE_READ",
  (2 << GSS_C_CALLING_ERROR_OFFSET) => "GSS_S_CALL_INACCESSIBLE_WRITE",
  (3 << GSS_C_CALLING_ERROR_OFFSET) => "GSS_S_CALL_BAD_STRUCTURE"
}

GSS_C_SUPPLEMENTARY_CODES =

{
  (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) => "GSS_S_CONTINUE_NEEDED",
  (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) => "GSS_S_DUPLICATE_TOKEN",
  (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) => "GSS_S_OLD_TOKEN",
  (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) => "GSS_S_UNSEQ_TOKEN",
  (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) => "GSS_S_GAP_TOKEN"
}

GSS_C_ROUTINE_ERRORS =

{
  (1 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_BAD_MECH",
  (2 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_BAD_NAME",
  (3 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_BAD_NAMETYPE",
  (4 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_BAD_BINDINGS",
  (5 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_BAD_STATUS",
  (6 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_BAD_SIG",
  (7 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_NO_CRED",
  (8 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_NO_CONTEXT",
  (9 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_DEFECTIVE_TOKEN",
  (10 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_DEFECTIVE_CREDENTIAL",
  (11 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_CREDENTIALS_EXPIRED",
  (12 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_CONTEXT_EXPIRED",
  (13 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_FAILURE",
  (14 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_BAD_QOP",
  (15 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_UNAUTHORIZED",
  (16 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_UNAVAILABLE",
  (17 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_DUPLICATE_ELEMENT",
  (18 << GSS_C_ROUTINE_ERROR_OFFSET) => "GSS_S_NAME_NOT_MN"
}

GSS_IOV_BUFFER_TYPE_EMPTY = IOV Buffer Types (gssapi_ext.h)

GSS_IOV_BUFFER_TYPE_DATA = Packet data

GSS_IOV_BUFFER_TYPE_HEADER = Mechanism header

GSS_IOV_BUFFER_TYPE_MECH_PARAMS = Mechanism specific parameters

GSS_IOV_BUFFER_TYPE_TRAILER = Mechanism trailer

GSS_IOV_BUFFER_TYPE_PADDING = Padding

GSS_IOV_BUFFER_TYPE_STREAM = Complete wrap token

GSS_IOV_BUFFER_TYPE_SIGN_ONLY = Sign only packet data

GSS_IOV_BUFFER_FLAG_MASK = Flags

0xFFFF0000

GSS_IOV_BUFFER_FLAG_ALLOCATE = indicates GSS should allocate

0x00010000

GSS_IOV_BUFFER_FLAG_ALLOCATED = indicates caller should free

0x00020000

GSS_C_NO_NAME = Various Null values. (gssapi.h)

FFI::Pointer.new(:pointer, 0)

GSS_C_NO_BUFFER = ((gss_buffer_t) 0)

FFI::Pointer.new(:pointer, 0)

GSS_C_NO_OID = ((gss_OID) 0)

FFI::Pointer.new(:pointer, 0)

GSS_C_NO_OID_SET = ((gss_OID_set) 0)

FFI::Pointer.new(:pointer, 0)

GSS_C_NO_CONTEXT = ((gss_ctx_id_t) 0)

FFI::Pointer.new(:pointer, 0)

GSS_C_NO_CREDENTIAL = ((gss_cred_id_t) 0)

FFI::Pointer.new(:pointer, 0)

GSS_C_NO_CHANNEL_BINDINGS = ((gss_channel_bindings_t) 0)

FFI::Pointer.new(:pointer, 0)

GSS_C_EMPTY_BUFFER =

ManagedGssBufferDesc.new

Class Method Summary collapse

Class Method Details

.load_heimdal ⇒ `Object`

# File 'lib/gssapi/lib_gssapi_loader.rb', line 42

def self.load_heimdal
  case RUBY_PLATFORM
  when /linux/
    gssapi_lib = 'libgssapi.so.3'
  when /darwin/
    # use Heimdal Kerberos since Mac MIT Kerberos is OLD. Do a "require 'gssapi/heimdal'" first
    gssapi_lib = '/usr/heimdal/lib/libgssapi.dylib'
  else
    raise LoadError, "This platform (#{RUBY_PLATFORM}) is not supported by ruby gssapi and the Heimdal libraries."
  end
  ffi_lib gssapi_lib, FFI::Library::LIBC

  # ------------------ Heimdal Specifics ------------------ 
  attach_variable :__gss_c_nt_hostbased_service_oid_desc, GssOID
  attach_variable :__gss_c_nt_export_name_oid_desc, GssOID
  LibGSSAPI.const_set("GSS_C_NT_HOSTBASED_SERVICE", FFI::Pointer.new(__gss_c_nt_hostbased_service_oid_desc.to_ptr))
  LibGSSAPI.const_set("GSS_C_NT_EXPORT_NAME", FFI::Pointer.new(__gss_c_nt_export_name_oid_desc.to_ptr))
end

.load_mit ⇒ `Object`

# File 'lib/gssapi/lib_gssapi_loader.rb', line 19

def self.load_mit
  case RUBY_PLATFORM
  when /linux/
    gssapi_lib = 'libgssapi_krb5.so.2'
  when /darwin/
    gssapi_lib = '/usr/lib/libgssapi_krb5.dylib'
  when /mswin|mingw32|windows/
    # Pull the gssapi32 path from the environment if it exist, otherwise use the default in Program Files
    gssapi32_path = ENV['gssapi32'] ? ENV['gssapi32'] : 'C:\Program Files (x86)\MIT\Kerberos\bin\gssapi32.dll'
    ffi_lib gssapi32_path, FFI::Library::LIBC  # Required the MIT Kerberos libraries to be installed
    ffi_convention :stdcall
  else
    raise LoadError, "This platform (#{RUBY_PLATFORM}) is not supported by ruby gssapi and the MIT libraries."
  end
  ffi_lib gssapi_lib, FFI::Library::LIBC

  # -------------------- MIT Specifics -------------------- 
  attach_variable :__GSS_C_NT_HOSTBASED_SERVICE, :GSS_C_NT_HOSTBASED_SERVICE, :pointer # type gss_OID
  attach_variable :__GSS_C_NT_EXPORT_NAME, :GSS_C_NT_EXPORT_NAME, :pointer # type gss_OID
  LibGSSAPI.const_set("GSS_C_NT_HOSTBASED_SERVICE", __GSS_C_NT_HOSTBASED_SERVICE)
  LibGSSAPI.const_set("GSS_C_NT_EXPORT_NAME", __GSS_C_NT_EXPORT_NAME)
end