Plasma GitLab Archive
Projects Blog Knowledge

Class type Netsys_gssapi.poly_gss_api

class type [['credential, 'name, 'context]] poly_gss_api = object .. end

method provider : string

A string name identifying the provider

method no_credential : 'credential

A substitute credential for GSS_C_NO_CREDENTIAL

method no_name : 'name

A substitute name for GSS_C_NO_NAME

method is_no_credential : 'credential -> bool

A test for GSS_C_NO_CREDENTIAL

method is_no_name : 'name -> bool

A test for GSS_C_NO_NAME

method accept_sec_context : 't.
context:'context option ->
acceptor_cred:'credential ->
input_token:token ->
chan_bindings:channel_bindings option ->
out:(src_name:'name ->
mech_type:oid ->
output_context:'context option ->
output_token:token ->
ret_flags:ret_flag list ->
time_rec:time ->
delegated_cred:'credential ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't

On the first call, pass ~context:None. If successful, the function outputs a non-None ~output_context which should be passed as new ~context in follow-up calls.

If the output_token is non-empty, it must be transmitted to the peer - independent of the major_status.

method acquire_cred : 't.
desired_name:'name ->
time_req:time ->
desired_mechs:oid_set ->
cred_usage:cred_usage ->
out:(cred:'credential ->
actual_mechs:oid_set ->
time_rec:time ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method add_cred : 't.
input_cred:'credential ->
desired_name:'name ->
desired_mech:oid ->
cred_usage:cred_usage ->
initiator_time_req:time ->
acceptor_time_req:time ->
out:(output_cred:'credential ->
actual_mechs:oid_set ->
initiator_time_rec:time ->
acceptor_time_rec:time ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method canonicalize_name : 't.
input_name:'name ->
mech_type:oid ->
out:(output_name:'name ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method compare_name : 't.
name1:'name ->
name2:'name ->
out:(name_equal:bool ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method context_time : 't.
context:'context ->
out:(time_rec:time ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method delete_sec_context : 't.
context:'context ->
out:(minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't

Output tokens are not supported (this is a deprecated feature of GSSAPI)

method display_name : 't.
input_name:'name ->
out:(output_name:string ->
output_name_type:oid ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method display_minor_status : 't.
status_value:minor_status ->
mech_type:oid ->
out:(status_strings:string list ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't

Note that display_minor_status decodes all status value parts in one step and returns the result as string list. Also, this method is restricted to decoding minor statuses

method duplicate_name : 't.
name:'name ->
out:(dest_name:'name ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method export_name : 't.
name:'name ->
out:(exported_name:string ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method export_sec_context : 't.
context:'context ->
out:(interprocess_token:interprocess_token ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method get_mic : 't.
context:'context ->
qop_req:qop ->
message:message ->
out:(msg_token:token ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method import_name : 't.
input_name:string ->
input_name_type:oid ->
out:(output_name:'name ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method import_sec_context : 't.
interprocess_token:interprocess_token ->
out:(context:'context option ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method indicate_mechs : 't.
out:(mech_set:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method init_sec_context : 't.
initiator_cred:'credential ->
context:'context option ->
target_name:'name ->
mech_type:oid ->
req_flags:req_flag list ->
time_req:float option ->
chan_bindings:channel_bindings option ->
input_token:token option ->
out:(actual_mech_type:oid ->
output_context:'context option ->
output_token:token ->
ret_flags:ret_flag list ->
time_rec:time ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't

On the first call, pass ~context:None. If successful, the function outputs a non-None ~output_context which should be passed as new ~context in follow-up calls.

If the output_token is non-empty, it must be transmitted to the peer - independent of the major_status.

method inquire_context : 't.
context:'context ->
out:(src_name:'name ->
targ_name:'name ->
lifetime_req:time ->
mech_type:oid ->
ctx_flags:ret_flag list ->
locally_initiated:bool ->
is_open:bool ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method inquire_cred : 't.
cred:'credential ->
out:(name:'name ->
lifetime:time ->
cred_usage:cred_usage ->
mechanisms:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method inquire_cred_by_mech : 't.
cred:'credential ->
mech_type:oid ->
out:(name:'name ->
initiator_lifetime:time ->
acceptor_lifetime:time ->
cred_usage:cred_usage ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method inquire_mechs_for_name : 't.
name:'name ->
out:(mech_types:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method inquire_names_for_mech : 't.
mechanism:oid ->
out:(name_types:oid_set ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method process_context_token : 't.
context:'context ->
token:token ->
out:(minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method unwrap : 't.
context:'context ->
input_message:message ->
output_message_preferred_type:[ `Bytes | `Memory ] ->
out:(output_message:message ->
conf_state:bool ->
qop_state:qop ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't

Note that the output_message can be a buffer of different type (string vs. bigarray) than input_message. In output_message_preferred_type the called may wish a certain representation. It is, however, not ensured that the wish is granted.

method verify_mic : 't.
context:'context ->
message:message ->
token:token ->
out:(qop_state:qop ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
method wrap : 't.
context:'context ->
conf_req:bool ->
qop_req:qop ->
input_message:message ->
output_message_preferred_type:[ `Bytes | `Memory ] ->
out:(conf_state:bool ->
output_message:message ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't

output_message_preferred_type: see unwrap

method wrap_size_limit : 't.
context:'context ->
conf_req:bool ->
qop_req:qop ->
req_output_size:int ->
out:(max_input_size:int ->
minor_status:minor_status ->
major_status:major_status -> unit -> 't) ->
unit -> 't
This web site is published by Informatikbüro Gerd Stolpmann
Powered by Caml