Skip to main content

ServerCtx

Struct ServerCtx 

Source
pub struct ServerCtx(/* private fields */);
Expand description

A Kerberos server context

Implementations§

Source§

impl ServerCtx

Source

pub fn new( flags: AcceptFlags, principal: Option<&str>, channel_bindings: Option<&[u8]>, ) -> Result<PendingServerCtx>

Create a new server context for principal, which should be the service principal name assigned to the service the client will be requesting. If it is left as None it will use the user running the current process. The returned pending context must be initiaized by exchanging one or more tokens with the client before it can be used.

If present, channel_bindings must match the bindings the client supplied to ClientCtx::new; the mechanism rejects the context otherwise. Note that with a None acceptor binding the mechanism generally accepts whatever the client sent, so to actually enforce channel binding the server must pass its own expected bindings here.

Examples found in repository?
examples/auth.rs (line 22)
21fn server(spn: String, input: mpsc::Receiver<Msg>, output: mpsc::Sender<Msg>) {
22    let mut server = ServerCtx::new(AcceptFlags::empty(), Some(&spn), None).expect("new");
23    let mut server = loop {
24        let token = match input.recv().expect("expected data") {
25            Msg::Msg(_) => panic!("server not finished initializing"),
26            Msg::Token(t) => t,
27        };
28        match server.step(&*token).expect("step") {
29            Step::Finished((ctx, token)) => {
30                if let Some(token) = token {
31                    output
32                        .send(Msg::Token(Bytes::copy_from_slice(&*token)))
33                        .expect("send");
34                }
35                break ctx;
36            }
37            Step::Continue((ctx, token)) => {
38                output.send(Msg::Token(Bytes::copy_from_slice(&*token))).expect("send");
39                server = ctx;
40            }
41        }
42    };
43    match input.recv().expect("expected data msg") {
44        Msg::Token(_) => panic!("unexpected extra token"),
45        Msg::Msg(secret_msg) => println!(
46            "{}",
47            String::from_utf8_lossy(&server.unwrap(&*secret_msg).expect("unwrap"))
48        ),
49    }
50}
Source

pub fn new_with_cred( flags: AcceptFlags, cred: Cred, channel_bindings: Option<&[u8]>, ) -> Result<PendingServerCtx>

Trait Implementations§

Source§

impl Debug for ServerCtx

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl K5Ctx for ServerCtx

Source§

type Buffer = <ServerCtx as K5Ctx>::Buffer

Source§

type IOVBuffer = <ServerCtx as K5Ctx>::IOVBuffer

Source§

fn wrap(&mut self, encrypt: bool, msg: &[u8]) -> Result<Self::Buffer>

Wrap the specified message for sending to the other side. If encrypt is true then the contents will be encrypted. Even if encrypt is false the integrity of the contents are protected, if the message is altered in transit the other side will know.
Source§

fn wrap_iov(&mut self, encrypt: bool, msg: BytesMut) -> Result<Self::IOVBuffer>

Wrap data in place using the underlying wrap_iov facility. If encrypt is true then the contents of data will be encrypted in place. The returned buffer is NOT contiguous, and as such you must use some kind of writev implementation to properly send it. You can use tokio’s write_buf directly, or you can extract the iovecs for a direct call to writev using bytes::Buf::chunks_vectored. Read more
Source§

fn unwrap(&mut self, msg: &[u8]) -> Result<Self::Buffer>

Unwrap the specified message returning it’s decrypted and verified contents
Source§

fn unwrap_iov(&mut self, len: usize, msg: &mut BytesMut) -> Result<BytesMut>

Unwrap in place the message at the beginning of the specified BytesMut and then split it off and return it. This won’t copy or allocate, it just looks that way because the bytes crate is awesome.
Source§

fn ttl(&mut self) -> Result<Duration>

Return the remaining time this session has to live
Source§

impl K5ServerCtx for ServerCtx

Source§

fn client(&mut self) -> Result<String>

Return the user principal name of the client context associated with this server context. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.