package krb

  1. Overview
  2. Docs
A library for using Kerberos for both Rpc and Tcp communication

Install 

dune-project
 Dependency

github.com MIT License Edit opam file Versions (2)

Authors

  1. J
    Jane Street Group, LLC

Maintainers

  1. J
    Jane Street developers

Sources

krb-v0.16.0.tar.gz
sha256=353675621e4c5a888f2483dc1bb7281bd17ce4ed7dfd2f40142257f98db7c77d

doc/krb.public/Krb_public/Tcp/Internal/Server/index.html

Module Internal.ServerSource

type 'connection handle_client := Async.Socket.Address.Inet.t -> 'connection -> unit Async.Deferred.t
type ('authorize, 'r) krb_args := ?on_kerberos_error: [ `Call of Async.Socket.Address.Inet.t -> exn -> unit | `Ignore | `Raise ] -> ?on_handshake_error: [ `Call of Handshake_error.Kind.t -> Async.Socket.Address.Inet.t -> exn -> unit | `Ignore | `Raise ] -> ?on_handler_error: [ `Call of Async.Socket.Address.Inet.t -> exn -> unit | `Ignore | `Raise ] -> ?override_supported_versions:int list -> authorize:'authorize -> krb_mode:Mode.Server.t -> 'r
type ('authorize, 'connection) serve := ('authorize, Async.Tcp.Where_to_listen.inet -> 'connection handle_client -> (Async.Socket.Address.Inet.t, int) Server.t Async.Deferred.Or_error.t) krb_args async_tcp_server_args
type ('authorize, 'connection) create_handler := ('authorize, 'connection handle_client -> (Async.Socket.Address.Inet.t -> Async.Reader.t -> Async.Writer.t -> unit Async.Deferred.t) Async.Deferred.Or_error.t) krb_args

additional_magic_numbers adds additional magic numbers to be advertised by the server during protocol negotiation, usually in the context of reporting metadata about the server. If override_supported_versions is also specified, these numbers are still going to be advertised.

These two arguments are ignored when using Test_with_principal as Krb mode.

Sourceval create_handler : ?additional_magic_numbers:int list -> (Authorize.t, Async_protocol.Connection.t) create_handler
Sourceval create : ?additional_magic_numbers:int list -> (Authorize.t, Async_protocol.Connection.t) serve
Sourcemodule Krb_or_anon_conn : sig ... end
Sourceval create_handler_with_anon : (Authorize.Anon.t, Krb_or_anon_conn.t) create_handler

This is a bit misleading because it doesn't work with an unkerberized tcp client. It is in an Internal module because it is useful for implementing kerberized rpc create_handler_with_anon.

The create_handler_with_anon server peeks the first few bytes to check if the client is sending a kerberos protocol header. If the unkerberized tcp client is expecting the server to send some initial bytes, it will be waiting until something presumably times out because the server is waiting for the client to send bytes also.

Similar to create_handler_with_anon, but creates a tcp server, rather than just the client handler.