Struct libgssapi::context::ClientCtx

pub struct ClientCtx { /* private fields */ }

The client side of a security context

Implementations

impl ClientCtx

pub fn new( cred: Option<Cred>, target: Name, flags: CtxFlags, mech: Option<&'static Oid> ) -> ClientCtx

Create a new uninitialized client security context using the specified credentials, targeting the service named by target, and optionally using a specific mechanism (otherwise gssapi will pick a default for you). To finish initializing the context you must call step.

pub fn step( &mut self, tok: Option<&[u8]>, channel_bindings: Option<&[u8]> ) -> Result<Option<Buf>, Error>

Perform 1 step in the initialization of the specfied security context. Since the client initiates context creation, the token will initially be None. If the connection uses channel bindings, they are passed as the second argument.

As a result this step, GSSAPI will give you a token to send to the server. The server may send back a token, which you must feed to this function, and possibly get another token to send to the server. This will go on a mechanism specifiec number of times until step returns Ok(None). At that point the context is fully initialized.

Trait Implementations

impl Debug for ClientCtx

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Drop for ClientCtx

fn drop(&mut self)

Executes the destructor for this type.

impl SecurityContext for ClientCtx

fn wrap(&mut self, encrypt: bool, msg: &[u8]) -> Result<Buf, Error>

Wrap a message with optional encryption. If encrypt is true then only the other side of the context can read the message. In any case the other side can always verify message integrity.

fn wrap_iov( &mut self, encrypt: bool, msg: &mut [GssIov<'_>] ) -> Result<(), Error>

From the MIT kerberos documentation,

fn wrap_iov_length( &mut self, encrypt: bool, msg: &mut [GssIovFake] ) -> Result<(), Error>

This will set the required length of all the buffers except the data buffer, which must be provided as it will be to wrap_iov. The value of the encrypt flag must match what you pass to wrap_iov.

fn unwrap(&mut self, msg: &[u8]) -> Result<Buf, Error>

Unwrap a wrapped message, checking it’s integrity and decrypting it if necessary.

fn unwrap_iov(&mut self, msg: &mut [GssIov<'_>]) -> Result<(), Error>

From the MIT Kerberos documentation,

fn info(&mut self) -> Result<CtxInfo, Error>

Get all information about a security context in one call

fn source_name(&mut self) -> Result<Name, Error>

Get the source name of the security context

fn target_name(&mut self) -> Result<Name, Error>

Get the target name of the security context

fn lifetime(&mut self) -> Result<Duration, Error>

Get the lifetime of the security context

fn mechanism(&mut self) -> Result<&'static Oid, Error>

Get the mechanism of the security context

fn flags(&mut self) -> Result<CtxFlags, Error>

Get the flags of the security context

fn local(&mut self) -> Result<bool, Error>

Return true if the security context was locally initiated

fn open(&mut self) -> Result<bool, Error>

Return true if the security context is open

fn is_complete(&self) -> bool

Return true if the security context is fully initialized

impl Send for ClientCtx

impl Sync for ClientCtx