krb v0.16.0 · OCaml Package

type t = Async.Rpc.Connection.t

type ('client_identity, 'authorize, 'conn_state, 'r) krb_rpc_args :=
  ?on_kerberos_error:
    [ `Call of Async.Socket.Address.Inet.t -> exn -> unit | `Ignore | `Raise ] ->
  ?on_handshake_error:
    [ `Call of
        Handshake_error.Kind.t ->
        Async.Socket.Address.Inet.t ->
        exn ->
        unit
    | `Ignore
    | `Raise ] ->
  ?on_done_with_internal_buffer:[ `Do_nothing | `Zero ] ->
  authorize:'authorize ->
  implementations:'conn_state Async.Rpc.Implementations.t ->
  initial_connection_state:
    ('client_identity -> Async.Socket.Address.Inet.t -> t -> 'conn_state) ->
  'r

type ('client_identity, 'authorize, 'conn_state) server_args :=
  (?max_connections:int ->
    ?backlog:int ->
    ?drop_incoming_connections:bool ->
    ?buffer_age_limit:Async.Writer.buffer_age_limit ->
    ('client_identity,
      'authorize,
      'conn_state,
      where_to_listen:Async.Tcp.Where_to_listen.inet ->
      krb_mode:Mode.Server.t ->
      unit ->
      (Async.Socket.Address.Inet.t, int) Async.Tcp.Server.t
        Async.Deferred.Or_error.t)
      krb_rpc_args)
    async_rpc_args

val serve : 
  ?additional_magic_numbers:int list ->
  (Client_identity.t, Authorize.t, 'a) server_args

serve starts an RPC server that provides the given implementations

val serve_with_anon : 
  (Client_identity.t option, Authorize.Anon.t, 'a) server_args

serve_with_anon starts an RPC server that allows connections from both Krb.Rpc and Async.Rpc clients

NOTE: serve_with_anon is provided to ease the transition from unkerberized applications to kerberized ones. After upgrading all servers and clients to use Krb.Rpc rather than Async.Rpc, nearly all apps should switch their servers from serve_with_anon to serve.

This will fail to recognize sufficiently old kerberized RPC clients, so changing from serve to serve_with_anon can introduce problems, but such a change should rarely be necessary, if ever.

type ('client_identity, 'authorize, 'conn_state) create_client_handler :=
  ('client_identity,
    'authorize,
    'conn_state,
    Mode.Server.t ->
    (Async.Socket.Address.Inet.t ->
      Async.Reader.t ->
      Async.Writer.t ->
      unit Async.Deferred.t)
      Async.Deferred.Or_error.t)
    krb_rpc_args
    async_rpc_args

val create_handler : 
  (Client_identity.t, Authorize.t, 'conn_state) create_client_handler

create_handler is the same as serve, but it provides a handler that can be used with an externally created TCP server.

val create_handler_with_anon : 
  (Client_identity.t option, Authorize.Anon.t, 'conn_state)
    create_client_handler

create_handler_with_anon is like create_handler except that it can handle connections from both Krb.Rpc and Async.Rpc clients. See the doc for serve_with_anon for more details.

type ('a, 'conn_state) with_client_args :=
  (?implementations:
     (Server_principal.t ->
       'conn_state Async.Rpc.Connection.Client_implementations.t) ->
    ?description:Core.Info.t ->
    ?cred_cache:Cred_cache.t ->
    ?buffer_age_limit:[ `At_most of Core.Time_float.Span.t | `Unlimited ] ->
    ?on_credential_forwarding_request:
      (Server_principal.t -> On_credential_forwarding_request.t) ->
    ?on_done_with_internal_buffer:[ `Do_nothing | `Zero ] ->
    ?krb_mode:Mode.Client.t ->
    authorize:Authorize.t ->
    Async.Socket.Address.Inet.t Async.Tcp.Where_to_connect.t ->
    'a)
    async_rpc_args

val client : (t Async.Deferred.Or_error.t, _) with_client_args

client creates a Connection.t appropriate for dispatching RPC's to a kerberized server.

val with_client : 
  ((t -> 'a Async.Deferred.t) -> 'a Async.Deferred.Or_error.t, _)
    with_client_args

module Internal : sig ... end

Only used for internal testing of the library

package krb