/ 
GSSAPI-0.15
River stage one • 3 direct dependents • 7 total dependents
/ GSSAPI

NAME

GSSAPI - Perl extension providing access to the GSSAPIv2 library

SYNOPSIS

use GSSAPI;

my $targethostname = 'HTTP@moerbsen.grolmsnet.lan';
my $status;


TRY: {
   my $target;
   $status = GSSAPI::Name->import( $target,
                                   $targethostname,
                                   GSSAPI::OID::gss_nt_hostbased_service);
   last if($status->major != GSS_S_COMPLETE );
   my $tname;
   $status = $target->display($tname);
   last if($status->major != GSS_S_COMPLETE );
   print "\n using Name $tname";


   my $ctx = GSSAPI::Context->new();
   my $imech = GSSAPI::OID::gss_mech_krb5;
   my $iflags = 0 ;
   my $bindings = GSS_C_NO_CHANNEL_BINDINGS;
   my $creds = GSS_C_NO_CREDENTIAL;
   my $itime = 0;
   my $itoken = '';
   my ($omech, $otoken, $oflags, $otime);

   $status = $ctx->init($creds,$target,$imech,$iflags,$itime,$bindings,$itoken,
                        $omech,$otoken,$oflags,$otime);
}

unless ($status->major == GSS_S_COMPLETE ) {
   print "\nErrors:\n";
   print $status->generic_message(), "\n", $status->specific_message();
} else {
   print "\n seems everything is fine, type klist to see the ticket\n";
}

DESCRIPTION

This module gives access to the routines of the GSSAPI library, as described in rfc2743 and rfc2744 and implemented by the Kerberos-1.2 distribution from MIT.

Since 0.14 it also compiles and works with Heimdal. Lacks of Heimdal support are gss_release_oid(), gss_str_to_oid() and fail of some tests. Have a look test.pl file too see what tests fail on Heimdal (test.pl is just skipping them at the moment)

The API presented by this module is a mildly object oriented reinterpretation of the C API, where opaque C structures are Perl objects, but the style of function call has been left mostly untouched. As a result, most routines modify one or more of the parameters passed to them, reflecting the C call-by-reference (or call-by-value-return) semantics.

All users of this module are therefore strongly advised to localize all usage of these routines to minimize pain if and when the API changes.

EXPORT

GSS_C_ACCEPT
GSS_C_AF_APPLETALK
GSS_C_AF_BSC
GSS_C_AF_CCITT
GSS_C_AF_CHAOS
GSS_C_AF_DATAKIT
GSS_C_AF_DECnet
GSS_C_AF_DLI
GSS_C_AF_DSS
GSS_C_AF_ECMA
GSS_C_AF_HYLINK
GSS_C_AF_IMPLINK
GSS_C_AF_INET
GSS_C_AF_LAT
GSS_C_AF_LOCAL
GSS_C_AF_NBS
GSS_C_AF_NS
GSS_C_AF_NULLADDR
GSS_C_AF_OSI
GSS_C_AF_PUP
GSS_C_AF_SNA
GSS_C_AF_UNSPEC
GSS_C_AF_X25
GSS_C_ANON_FLAG
GSS_C_BOTH
GSS_C_CALLING_ERROR_MASK
GSS_C_CALLING_ERROR_OFFSET
GSS_C_CONF_FLAG
GSS_C_DELEG_FLAG
GSS_C_EMPTY_BUFFER
GSS_C_GSS_CODE
GSS_C_INDEFINITE
GSS_C_INITIATE
GSS_C_INTEG_FLAG
GSS_C_MECH_CODE
GSS_C_MUTUAL_FLAG
GSS_C_NO_BUFFER
GSS_C_NO_CHANNEL_BINDINGS
GSS_C_NO_CONTEXT
GSS_C_NO_CREDENTIAL
GSS_C_NO_NAME
GSS_C_NO_OID
GSS_C_NO_OID_SET
GSS_C_PROT_READY_FLAG
GSS_C_QOP_DEFAULT
GSS_C_REPLAY_FLAG
GSS_C_ROUTINE_ERROR_MASK
GSS_C_ROUTINE_ERROR_OFFSET
GSS_C_SEQUENCE_FLAG
GSS_C_SUPPLEMENTARY_MASK
GSS_C_SUPPLEMENTARY_OFFSET
GSS_C_TRANS_FLAG
GSS_S_BAD_BINDINGS
GSS_S_BAD_MECH
GSS_S_BAD_NAME
GSS_S_BAD_NAMETYPE
GSS_S_BAD_QOP
GSS_S_BAD_SIG
GSS_S_BAD_STATUS
GSS_S_CALL_BAD_STRUCTURE
GSS_S_CALL_INACCESSIBLE_READ
GSS_S_CALL_INACCESSIBLE_WRITE
GSS_S_COMPLETE
GSS_S_CONTEXT_EXPIRED
GSS_S_CONTINUE_NEEDED
GSS_S_CREDENTIALS_EXPIRED
GSS_S_CRED_UNAVAIL
GSS_S_DEFECTIVE_CREDENTIAL
GSS_S_DEFECTIVE_TOKEN
GSS_S_DUPLICATE_ELEMENT
GSS_S_DUPLICATE_TOKEN
GSS_S_FAILURE
GSS_S_GAP_TOKEN
GSS_S_NAME_NOT_MN
GSS_S_NO_CONTEXT
GSS_S_NO_CRED
GSS_S_OLD_TOKEN
GSS_S_UNAUTHORIZED
GSS_S_UNAVAILABLE
GSS_S_UNSEQ_TOKEN

Exportable functions

$status = indicate_mechs($oidset)

# Constant OIDs provided:
$oid = gss_nt_user_name;
$oid = gss_nt_machine_uid_name;
$oid = gss_nt_string_uid_name;
$oid = gss_nt_service_name;
$oid = gss_nt_exported_name;
$oid = gss_nt_service_name_v2;
$oid = gss_nt_krb5_name;
$oid = gss_nt_krb5_principal;
$oid = gss_mech_krb5;
$oid = gss_mech_krb5_old;
$oid = gss_mech_krb5_v2;

# Constant OID sets provided:
$oidset = gss_mech_set_krb5;
$oidset = gss_mech_set_krb5_old;
$oidset = gss_mech_set_krb5_both;
$oidset = gss_mech_set_krb5_v2;
$oidset = gss_mech_set_krb5_v1v2;

All other functions are class or instance methods.

SEE ALSO

RFC2743 RFC2744 GSSAPI::Status(3p) GSSAPI::OID(3p) GSSAPI::OID::Set(3p) perl(1) LWP::Authen::Negotiate

SUPPORT

See our project home at <http://perlgssapi.sourceforge.net/>

Mailinglist perlgssapi-users@lists.sourceforge.net

AUTHOR

The module ist maintained by Achim Grolms <perl@grolmsnet.de>

originally written by Philip Guenther <pguen@cpan.org>

THANKS TO

Philip Guenther
Leif Johansson
Merijn Broeren
Harald Joerg
Christopher Odenbach
Dax Kelson

COPYRIGHT

Copyright (c) 2006 Achim Grolms All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Copyright (c) 2000,2001,2005 Philip Guenther. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.