package krb

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type
type ('client_identity, 'authorize, 'conn_state, 'r) krb_rpc_args := ?on_kerberos_error: [ `Call of Async.Socket.Address.Inet.t -> exn -> unit | `Ignore | `Raise ] -> ?on_handshake_error: [ `Call of Async.Socket.Address.Inet.t -> exn -> unit | `Ignore | `Raise ] -> ?on_done_with_internal_buffer:[ `Do_nothing | `Zero ] -> authorize:'authorize -> implementations:'conn_state Async.Rpc.Implementations.t -> initial_connection_state: ('client_identity -> Async.Socket.Address.Inet.t -> t -> 'conn_state) -> 'r
type ('client_identity, 'authorize, 'conn_state) server_args := (?max_connections:int -> ?backlog:int -> ?drop_incoming_connections:bool -> ?buffer_age_limit:Async.Writer.buffer_age_limit -> ('client_identity, 'authorize, 'conn_state, where_to_listen:Async.Tcp.Where_to_listen.inet -> krb_mode:Mode.Server.t -> unit -> (Async.Socket.Address.Inet.t, int) Async.Tcp.Server.t Async.Deferred.Or_error.t) krb_rpc_args) async_rpc_args

serve starts an RPC server that provides the given implementations

val serve_with_anon : (Client_identity.t option, Authorize.Anon.t, 'a) server_args

serve_with_anon starts an RPC server that allows connections from both Krb.Rpc and Async.Rpc clients

NOTE: serve_with_anon is provided to ease the transition from unkerberized applications to kerberized ones. After upgrading all servers and clients to use Krb.Rpc rather than Async.Rpc, nearly all apps should switch their servers from serve_with_anon to serve.

This will fail to recognize sufficiently old kerberized RPC clients, so changing from serve to serve_with_anon can introduce problems, but such a change should rarely be necessary, if ever.

create_handler is the same as serve, but it provides a handler that can be used with an externally created TCP server.

type ('a, 'conn_state) with_client_args := (?implementations: (Server_principal.t -> 'conn_state Async.Rpc.Connection.Client_implementations.t) -> ?description:Core.Info.t -> ?cred_cache:Cred_cache.t -> ?buffer_age_limit:[ `At_most of Core.Time.Span.t | `Unlimited ] -> ?on_credential_forwarding_request: (Server_principal.t -> On_credential_forwarding_request.t) -> ?on_done_with_internal_buffer:[ `Do_nothing | `Zero ] -> ?krb_mode:Mode.Client.t -> authorize:Authorize.t -> Async.Socket.Address.Inet.t Async.Tcp.Where_to_connect.t -> 'a) async_rpc_args

client creates a Connection.t appropriate for dispatching RPC's to a kerberized server.

val with_client : ((t -> 'a Async.Deferred.t) -> 'a Async.Deferred.Or_error.t, _) with_client_args
module Internal : sig ... end

Only used for internal testing of the library

OCaml

Innovation. Community. Security.