pub struct ServerCtx(/* private fields */);Expand description
A Kerberos server context
Implementations§
Source§impl ServerCtx
impl ServerCtx
Sourcepub fn new(
flags: AcceptFlags,
principal: Option<&str>,
channel_bindings: Option<&[u8]>,
) -> Result<PendingServerCtx>
pub fn new( flags: AcceptFlags, principal: Option<&str>, channel_bindings: Option<&[u8]>, ) -> Result<PendingServerCtx>
Create a new server context for principal, which should be
the service principal name assigned to the service the client
will be requesting. If it is left as None it will use the
user running the current process. The returned pending context
must be initiaized by exchanging one or more tokens with the
client before it can be used.
If present, channel_bindings must match the bindings the client
supplied to ClientCtx::new; the mechanism rejects the context
otherwise. Note that with a None acceptor binding the mechanism
generally accepts whatever the client sent, so to actually enforce
channel binding the server must pass its own expected bindings here.
Examples found in repository?
examples/auth.rs (line 22)
21fn server(spn: String, input: mpsc::Receiver<Msg>, output: mpsc::Sender<Msg>) {
22 let mut server = ServerCtx::new(AcceptFlags::empty(), Some(&spn), None).expect("new");
23 let mut server = loop {
24 let token = match input.recv().expect("expected data") {
25 Msg::Msg(_) => panic!("server not finished initializing"),
26 Msg::Token(t) => t,
27 };
28 match server.step(&*token).expect("step") {
29 Step::Finished((ctx, token)) => {
30 if let Some(token) = token {
31 output
32 .send(Msg::Token(Bytes::copy_from_slice(&*token)))
33 .expect("send");
34 }
35 break ctx;
36 }
37 Step::Continue((ctx, token)) => {
38 output.send(Msg::Token(Bytes::copy_from_slice(&*token))).expect("send");
39 server = ctx;
40 }
41 }
42 };
43 match input.recv().expect("expected data msg") {
44 Msg::Token(_) => panic!("unexpected extra token"),
45 Msg::Msg(secret_msg) => println!(
46 "{}",
47 String::from_utf8_lossy(&server.unwrap(&*secret_msg).expect("unwrap"))
48 ),
49 }
50}pub fn new_with_cred( flags: AcceptFlags, cred: Cred, channel_bindings: Option<&[u8]>, ) -> Result<PendingServerCtx>
Trait Implementations§
Source§impl K5Ctx for ServerCtx
impl K5Ctx for ServerCtx
type Buffer = <ServerCtx as K5Ctx>::Buffer
type IOVBuffer = <ServerCtx as K5Ctx>::IOVBuffer
Source§fn wrap(&mut self, encrypt: bool, msg: &[u8]) -> Result<Self::Buffer>
fn wrap(&mut self, encrypt: bool, msg: &[u8]) -> Result<Self::Buffer>
Wrap the specified message for sending to the other side. If
encrypt is true then the contents will be encrypted. Even if
encrypt is false the integrity of the contents are
protected, if the message is altered in transit the other side
will know.Source§fn wrap_iov(&mut self, encrypt: bool, msg: BytesMut) -> Result<Self::IOVBuffer>
fn wrap_iov(&mut self, encrypt: bool, msg: BytesMut) -> Result<Self::IOVBuffer>
Wrap data in place using the underlying wrap_iov facility. If
encrypt is true then the contents of data will be
encrypted in place. The returned buffer is NOT contiguous, and
as such you must use some kind of writev implementation to
properly send it. You can use tokio’s write_buf directly, or
you can extract the iovecs for a direct call to writev using
bytes::Buf::chunks_vectored. Read moreSource§fn unwrap(&mut self, msg: &[u8]) -> Result<Self::Buffer>
fn unwrap(&mut self, msg: &[u8]) -> Result<Self::Buffer>
Unwrap the specified message returning it’s decrypted and
verified contents
Auto Trait Implementations§
impl Freeze for ServerCtx
impl RefUnwindSafe for ServerCtx
impl Send for ServerCtx
impl !Sync for ServerCtx
impl Unpin for ServerCtx
impl UnsafeUnpin for ServerCtx
impl UnwindSafe for ServerCtx
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more