Plasma GitLab Archive
Projects Blog Knowledge

Class type Netgssapi.gss_api


class type gss_api = object .. end

method provider : string
A string name identifying the provider
method no_credential : credential
A substitute credential for GSS_C_NO_CREDENTIAL
method no_name : name
A substitute name for GSS_C_NO_NAME
method accept_sec_context : 'a.
context:context option ->
acceptor_cred:credential ->
input_token:token ->
chan_bindings:channel_bindings option ->
out:(src_name:name ->
mech_type:oid ->
output_context:context option ->
output_token:token ->
ret_flags:ret_flag list ->
time_rec:[ `Indefinite | `This of float ] ->
delegated_cred:credential ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'a) ->
unit -> 'a
On the first call, pass ~context:None. If successful, the function outputs a non-None ~output_context which should be passed as new ~context in follow-up calls.

If the output_token is non-empty, it must be transmitted to the peer - independent of the major_status.

method acquire_cred : 'b.
desired_name:name ->
time_req:[ `Indefinite | `None | `This of float ] ->
desired_mechs:oid_set ->
cred_usage:cred_usage ->
out:(cred:credential ->
actual_mechs:oid_set ->
time_rec:[ `Indefinite | `This of float ] ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'b) ->
unit -> 'b
method add_cred : 'c.
input_cred:credential ->
desired_name:name ->
desired_mech:oid ->
cred_usage:cred_usage ->
initiator_time_req:[ `Indefinite | `None | `This of float ] ->
acceptor_time_req:[ `Indefinite | `None | `This of float ] ->
out:(output_cred:credential ->
actual_mechs:oid_set ->
initiator_time_rec:[ `Indefinite | `This of float ] ->
acceptor_time_rec:[ `Indefinite | `This of float ] ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'c) ->
unit -> 'c
method canonicalize_name : 'd.
input_name:name ->
mech_type:oid ->
out:(output_name:name ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'd) ->
unit -> 'd
method compare_name : 'e.
name1:name ->
name2:name ->
out:(name_equal:bool ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'e) ->
unit -> 'e
method context_time : 'f.
context:context ->
out:(time_rec:[ `Indefinite | `This of float ] ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'f) ->
unit -> 'f
method delete_sec_context : 'g.
context:context ->
out:(minor_status:minor_status ->
major_status:major_status -> unit -> 'g) ->
unit -> 'g
Output tokens are not supported (this is a deprecated feature of GSSAPI)
method display_name : 'h.
input_name:name ->
out:(output_name:string ->
output_name_type:oid ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'h) ->
unit -> 'h
method display_minor_status : 'i.
minor_status:minor_status ->
mech_type:oid ->
out:(status_strings:string list ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'i) ->
unit -> 'i
Note that display_minor_status decodes all status value parts in one step and returns the result as string list. Also, this method is restricted to decoding minor statuses
method export_name : 'j.
name:name ->
out:(exported_name:string ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'j) ->
unit -> 'j
method export_sec_context : 'k.
context:context ->
out:(interprocess_token:interprocess_token ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'k) ->
unit -> 'k
method get_mic : 'l.
context:context ->
qop_req:qop option ->
message:message ->
out:(msg_token:token ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'l) ->
unit -> 'l
method import_name : 'm.
input_name:string ->
input_name_type:oid ->
out:(output_name:name ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'm) ->
unit -> 'm
method import_sec_context : 'n.
interprocess_token:interprocess_token ->
out:(context:context option ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'n) ->
unit -> 'n
method indicate_mechs : 'o.
out:(mech_set:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'o) ->
unit -> 'o
method init_sec_context : 'p.
initiator_cred:credential ->
context:context option ->
target_name:name ->
mech_type:oid ->
req_flags:req_flag list ->
time_rec:float option ->
chan_bindings:channel_bindings option ->
input_token:token option ->
out:(actual_mech_type:oid ->
output_context:context option ->
output_token:token ->
ret_flags:ret_flag list ->
time_rec:[ `Indefinite | `This of float ] ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'p) ->
unit -> 'p
On the first call, pass ~context:None. If successful, the function outputs a non-None ~output_context which should be passed as new ~context in follow-up calls.

If the output_token is non-empty, it must be transmitted to the peer - independent of the major_status.

method inquire_context : 'q.
context:context ->
out:(src_name:name ->
targ_name:name ->
lifetime_req:[ `Indefinite | `This of float ] ->
mech_type:oid ->
ctx_flags:ret_flag list ->
locally_initiated:bool ->
is_open:bool ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'q) ->
unit -> 'q
method inquire_cred : 'r.
cred:credential ->
out:(name:name ->
lifetime:[ `Indefinite | `This of float ] ->
cred_usage:cred_usage ->
mechanisms:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'r) ->
unit -> 'r
method inquire_cred_by_mech : 's.
cred:credential ->
mech_type:oid ->
out:(name:name ->
initiator_lifetime:[ `Indefinite | `This of float ] ->
acceptor_lifetime:[ `Indefinite | `This of float ] ->
cred_usage:cred_usage ->
minor_status:minor_status ->
major_status:major_status -> unit -> 's) ->
unit -> 's
method inquire_mechs_for_name : 't.
name:name ->
out:(mech_types:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method inquire_names_for_mech : 'u.
mechanism:oid ->
out:(name_types:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'u) ->
unit -> 'u
method process_context_token : 'v.
context:context ->
token:token ->
out:(minor_status:minor_status ->
major_status:major_status -> unit -> 'v) ->
unit -> 'v
method unwrap : 'w.
context:context ->
input_message:message ->
output_message_preferred_type:[ `Memory | `String ] ->
out:(output_message:message ->
conf_state:bool ->
qop_state:qop ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'w) ->
unit -> 'w
Note that the output_message can be a buffer of different type (string vs. bigarray) than input_message. In output_message_preferred_type the called may wish a certain representation. It is, however, not ensured that the wish is granted.
method verify_mic : 'x.
context:context ->
message:message ->
token:token ->
out:(qop_state:qop ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'x) ->
unit -> 'x
method wrap : 'y.
context:context ->
conf_req:bool ->
qop_req:qop option ->
input_message:message ->
output_message_preferred_type:[ `Memory | `String ] ->
out:(conf_state:bool ->
output_message:message ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'y) ->
unit -> 'y
output_message_preferred_type: see unwrap
method wrap_size_limit : 'z.
context:context ->
conf_req:bool ->
qop_req:qop option ->
req_output_size:int ->
out:(max_input_size:int ->
minor_status:minor_status ->
major_status:major_status -> unit -> 'z) ->
unit -> 'z
This web site is published by Informatikbüro Gerd Stolpmann
Powered by Caml