Module: KerberosAuthenticator::Krb5

Extended by:: FFI::Library

Defined in:: lib/kerberos_authenticator/krb5.rb,
lib/kerberos_authenticator/krb5/data.rb,
lib/kerberos_authenticator/krb5/creds.rb,
lib/kerberos_authenticator/krb5/error.rb,
lib/kerberos_authenticator/krb5/keytab.rb,
lib/kerberos_authenticator/krb5/context.rb,
lib/kerberos_authenticator/krb5/principal.rb,
lib/kerberos_authenticator/krb5/attach_function.rb

Overview

An FFI wrapper around the Kerberos 5 library. Use the environmental variable FFI_KRB5_LIBRARY_NAME to override the library loaded.

Defined Under Namespace

Classes: Context, Creds, Data, Error, Keytab, LibCallError, Principal, SetPassError

Constant Summary collapse

PREFERRED_VERSIONS = Version suffixes of the library to search for, in order: .3: MIT as of Debian 8, RHEL 7 .26: Heimdal as of Debian 8, RHEL 7 and then no suffix (which should pickup OS X Kerberos).

['.3', '.26', ''].freeze

Class Attribute Summary collapse

.use_secure_context ⇒ Boolean

If Context.context should ignore environmental variables when returning a library context.

Class Method Summary collapse

.attach_function(c_name, params, returns, options = {}) ⇒ Object private

Attaches a Kerberos library function to Krb5.

Class Attribute Details

.use_secure_context ⇒ `Boolean`

Returns if Context.context should ignore environmental variables when returning a library context.

Returns:

(Boolean) —

if Context.context should ignore environmental variables when returning a library context

# File 'lib/kerberos_authenticator/krb5.rb', line 21

Class Method Details

.attach_function(c_name, params, returns, options = {}) ⇒ `Object`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Attaches a Kerberos library function to Krb5. Extends FFI’s built-in method to:

drop the krb5_ prefix from function names
wrap any call returning a krb5_error_code with Krb5::LibCallError.raise_if_error

See Also:

FFI::Library#attach_function

# File 'lib/kerberos_authenticator/krb5/attach_function.rb', line 9

def self.attach_function(c_name, params, returns, options = {})
  ruby_name = c_name.to_s.gsub(/^krb5_/, '').to_sym

  super(ruby_name, c_name, params, returns, options)

  if returns == :krb5_error_code
    no_check_name = "#{ruby_name}_without_catching_error"

    alias_method(no_check_name, ruby_name)

    if params.first == :krb5_context
      define_method(ruby_name) do |*args, &block|
        Krb5::LibCallError.raise_if_error(args.first) { public_send(no_check_name, *args, &block) }
      end
    else
      define_method(ruby_name) do |*args, &block|
        Krb5::LibCallError.raise_if_error(nil) { public_send(no_check_name, *args, &block) }
      end
    end

    module_function no_check_name
  end

  module_function ruby_name
end