Module: Net::SSH::Authentication::Pageant::Win

Extended by:

DL::Importable, DL::Importer, Fiddle::Importer

Includes:

DL::Win32Types, Fiddle::Win32Types

Defined in:

lib/net/ssh/authentication/pageant.rb

Overview

The definition of the Windows methods and data structures used in communicating with the pageant process.

Defined Under Namespace

Modules: LibC

Constant Summary

SIZEOF_DWORD =

Fiddle::SIZEOF_LONG

INVALID_HANDLE_VALUE =

From winbase.h, winnt.h

-1

NULL =

nil

PAGE_READWRITE =

0x0004

FILE_MAP_WRITE =

2

WM_COPYDATA =

74

SMTO_NORMAL =

From winuser.h

0

SUFFIX =

if RUBY_ENGINE == "jruby"
  "A"
else
  ""
end

TOKEN_QUERY =

Constants needed for security attribute retrieval. Specifies the access mask corresponding to the desired access rights.

0x8

TOKEN_USER_INFORMATION_CLASS =

The value of TOKEN_USER from the TOKEN_INFORMATION_CLASS enum.

1

REVISION =

The initial revision level assigned to the security descriptor.

1

TOKEN_USER =

Structs for security attribute functions. Holds the retrieved user access token.

struct ['void * SID', 'DWORD ATTRIBUTES']

SECURITY_ATTRIBUTES =

Contains the security descriptor, this gets passed to the function that constructs the shared memory map.

struct ['DWORD nLength',
'LPVOID lpSecurityDescriptor',
'BOOL bInheritHandle']

SECURITY_DESCRIPTOR =

The security descriptor holds security information.

struct ['UCHAR Revision', 'UCHAR Sbz1',
'USHORT Control', 'LPVOID Owner',
'LPVOID Group', 'LPVOID Sacl',
'LPVOID Dacl']

COPYDATASTRUCT =

The COPYDATASTRUCT is used to send WM_COPYDATA messages

if RUBY_ENGINE == "jruby"
  struct ['ULONG_PTR dwData', 'DWORD cbData', 'LPVOID lpData']
else
  struct ['uintptr_t dwData', 'DWORD cbData', 'LPVOID lpData']
end

Class Method Summary

• .get_cstr(str) ⇒ Object

  Get a null-terminated string given a string.

• .get_current_user ⇒ Object
• .get_ptr(data) ⇒ Object
• .get_security_attributes_for_user ⇒ Object
• .get_sid(user) ⇒ Object
• .get_sid_ptr(user) ⇒ Object
• .get_token_information(token_handle, token_information_class) ⇒ Object
• .malloc_ptr(size) ⇒ Object
• .open_process_token(process_handle, desired_access) ⇒ Object
• .ptr_to_dword(ptr) ⇒ Object
• .ptr_to_handle(phandle) ⇒ Object
• .ptr_to_s(ptr, size) ⇒ Object
• .raise_error_if_zero(result) ⇒ Object
• .set_ptr_data(ptr, data) ⇒ Object
• .to_struct_ptr(ptr) ⇒ Object
• .to_token_user(ptoken_information) ⇒ Object

Class Method Details

.get_cstr(str) ⇒ Object

Get a null-terminated string given a string.

# File 'lib/net/ssh/authentication/pageant.rb', line 383

def self.get_cstr(str)
  return str + "\000"
end

.get_current_user ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 331

def self.get_current_user
  token_handle = open_process_token(Win.GetCurrentProcess,
                                    Win::TOKEN_QUERY)
  token_user = get_token_information(token_handle,
                                     Win::TOKEN_USER_INFORMATION_CLASS)
  return token_user
end

.get_ptr(data) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 202

def self.get_ptr(data)
  return data.to_ptr
end

.get_security_attributes_for_user ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 247

def self.get_security_attributes_for_user
  user = get_current_user

  psd_information = malloc_ptr(Win::SECURITY_DESCRIPTOR.size)
  raise_error_if_zero(
    Win.InitializeSecurityDescriptor(psd_information,
                                     Win::REVISION)
  )
  raise_error_if_zero(
    Win.SetSecurityDescriptorOwner(psd_information, get_sid_ptr(user),
                                   0)
  )
  raise_error_if_zero(
    Win.IsValidSecurityDescriptor(psd_information)
  )

  sa = Win::SECURITY_ATTRIBUTES.new(to_struct_ptr(malloc_ptr(Win::SECURITY_ATTRIBUTES.size)))
  sa.nLength = Win::SECURITY_ATTRIBUTES.size
  sa.lpSecurityDescriptor = psd_information.to_i
  sa.bInheritHandle = 1

  return sa
end

.get_sid(user) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 298

def self.get_sid(user)
  ptr_to_s(user.to_ptr.ptr, Win::SIZEOF_DWORD).unpack('L')[0]
end

.get_sid_ptr(user) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 302

def self.get_sid_ptr(user)
  user.to_ptr.ptr
end

.get_token_information(token_handle, token_information_class) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 350

def self.get_token_information(token_handle,
                               token_information_class)
  # Hold the size of the information to be returned
  preturn_length = malloc_ptr(Win::SIZEOF_DWORD)

  # Going to throw an INSUFFICIENT_BUFFER_ERROR, but that is ok
  # here. This is retrieving the size of the information to be
  # returned.
  Win.GetTokenInformation(token_handle,
                          token_information_class,
                          Win::NULL, 0, preturn_length)
  ptoken_information = malloc_ptr(ptr_to_dword(preturn_length))

  # This call is going to write the requested information to
  # the memory location referenced by token_information.
  raise_error_if_zero(
    Win.GetTokenInformation(token_handle,
                            token_information_class,
                            ptoken_information,
                            ptoken_information.size,
                            preturn_length)
  )

  return to_token_user(ptoken_information)
end

.malloc_ptr(size) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 198

def self.malloc_ptr(size)
  return DL.malloc(size)
end

.open_process_token(process_handle, desired_access) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 339

def self.open_process_token(process_handle, desired_access)
  ptoken_handle = malloc_ptr(Win::SIZEOF_DWORD)

  raise_error_if_zero(
    Win.OpenProcessToken(process_handle, desired_access,
                         ptoken_handle)
  )
  token_handle = ptr_to_handle(ptoken_handle)
  return token_handle
end

.ptr_to_dword(ptr) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 282

def self.ptr_to_dword(ptr)
  first = ptr.ptr.to_i
  second = ptr_to_s(ptr, Win::SIZEOF_DWORD).unpack('L')[0]
  raise "Error" unless first == second

  first
end

.ptr_to_handle(phandle) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 278

def self.ptr_to_handle(phandle)
  phandle.ptr
end

.ptr_to_s(ptr, size) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 272

def self.ptr_to_s(ptr, size)
  ret = ptr.to_s(size)
  ret << "\x00" while ret.size < size
  ret
end

.raise_error_if_zero(result) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 376

def self.raise_error_if_zero(result)
  if result == 0
    raise "Windows error: #{Win.GetLastError}"
  end
end

.set_ptr_data(ptr, data) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 206

def self.set_ptr_data(ptr, data)
  ptr[0] = data
end

.to_struct_ptr(ptr) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 294

def self.to_struct_ptr(ptr)
  ptr.to_ptr
end

.to_token_user(ptoken_information) ⇒ Object

# File 'lib/net/ssh/authentication/pageant.rb', line 290

def self.to_token_user(ptoken_information)
  TOKEN_USER.new(ptoken_information.to_ptr)
end