munge

Documentation
Login

Documentation

MUNGE API

This CHICKEN module exposes MUNGE Uid 'N' Gid Emporium functionality to Scheme. 

  (import munge)

Core Functionality

  (munge-encode [PAYLOAD] [CONTEXT])

Create a packaged MUNGE credential, optionally including the given binary payload. 

  (munge-decode CREDENTIAL [CONTEXT])

Extract a packaged MUNGE credential, returning the user id, group id, and optional binary payload.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly.

Additional information concerning the last decode operation can be retrieved using munge-address, munge-encode-seconds, and munge-decode-seconds.

MUNGE Contexts

  (munge-context? X)

Check whether the given object is a valid MUNGE context. 

  (current-munge-context [CONTEXT])

Parameter holding the default MUNGE context. 

  (make-munge-context [TEMPLATE])

Create a new MUNGE context, optionally copying options from the given template.

The procedure returns the new context, but also stores it in the current-munge-context parameter.

Configuration Options

  (munge-cipher-types)

Determine all supported cipher types. 

  (munge-cipher-type [CONTEXT])
  (munge-cipher-type-set! [CONTEXT] CIPHER)

Get or set the cipher type for the given or current context.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly. 

  (munge-mac-types)

Determine all supported MAC types. 

  (munge-mac-type [CONTEXT])
  (munge-mac-type-set! [CONTEXT] MAC)

Get or set the MAC type for the given or current context.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly. 

  (munge-zip-types)

Determine all supported compression types. 

  (munge-zip-type [CONTEXT])
  (munge-zip-type-set! [CONTEXT] ZIP)

Get or set the compression type for the given or current context.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly. 

  (munge-ttl [CONTEXT])
  (munge-ttl-set! [CONTEXT] TTL)

Get or set the credential time to live for the given or current context.

TTL can be a natural number of seconds, or one of the symbols default, maximum, or max.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly. 

  (munge-uid-restriction [CONTEXT])
  (munge-uid-restriction-set! [CONTEXT] UID)

Get or set the user allowed to decode credentials for the given or current context.

UID can be an integer, or #f to remove any restriction.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly. 

  (munge-gid-restriction [CONTEXT])
  (munge-gid-restriction-set! [CONTEXT] GID)

Get or set the group allowed to decode credentials for the given or current context.

GID can be an integer, or #f to remove any restriction.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly. 

  (munge-socket [CONTEXT])
  (munge-socket-set! [CONTEXT] PATH)

Get or set the local socket path used to communicate with the MUNGE daemon for the given or current context.

If no context is given and current-munge-context returns #f, make-munge-context is called implicitly.

Read-Only Options

  (munge-address [CONTEXT])

Get the address of the host where the last credential decoded in the given or current context was created. 

  (munge-encode-seconds [CONTEXT])

Get the time in epoch seconds when the last credential decoded in the given or current context was created. 

  (munge-decode-seconds [CONTEXT])

Get the time in epoch seconds when the last credential was decoded in the given or current context.