| Skip Navigation Links | |
| Exit Print View | |
|
Developer's Guide to Oracle Solaris 11 Security Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Developer's Guide to Oracle Solaris 11 Security Oracle Solaris 11.1 Information Library |
1. Oracle Solaris Security for Developers (Overview)
2. Developing Privileged Applications
3. Writing PAM Applications and Services
4. Writing Applications That Use GSS-API
GSSAPI Client Example Overview
GSSAPI Client Example Structure
Running the GSSAPI Client Example
Opening a Connection With the Server
Establishing a Security Context With the Server
Translating a Service Name into GSS-API Format
Establishing a Security Context for GSS-API
Miscellaneous GSSAPI Context Operations on the Client Side
Wrapping and Sending a Message
Reading and Verifying a Signature Block From a GSS-API Client
7. Writing Applications That Use SASL
8. Introduction to the Oracle Solaris Cryptographic Framework
9. Writing User-Level Cryptographic Applications
10. Introduction to the Oracle Solaris Key Management Framework
A. Secure Coding Guidelines for Developers
B. Sample C-Based GSS-API Programs
As with all C programs, the outer shell of the program is contained in the entry-point function, main(). main() performs four functions:
Parses command-line arguments and assigns the arguments to variables.
Calls parse_oid() to create a GSS-API OID, object identifier, if a mechanism other than the default is to be used. The object identifier comes from the name of the security mechanism, provided that a mechanism name has been supplied.
Calls call_server(), which does the actual work of creating a context and sending data.
Releases the storage space for the OID if necessary, after the data is sent.
The source code for the main() routine is shown in the following example.
Note - The source code for this example is also available through the Oracle download center. See http://www.oracle.com/technetwork/indexes/downloads/sdlc-decommission-333274.html.
Example 5-1 gss-client Example: main()
int main(argc, argv)
int argc;
char **argv;
{
char *msg;
char service_name[128];
char hostname[128];
char *mechanism = 0;
u_short port = 4444;
int use_file = 0;
OM_uint32 deleg_flag = 0, min_stat;
display_file = stdout;
/* Parse command-line arguments. */
argc--; argv++;
while (argc) {
if (strcmp(*argv, "-port") == 0) {
argc--; argv++;
if (!argc) usage();
port = atoi(*argv);
} else if (strcmp(*argv, "-mech") == 0) {
argc--; argv++;
if (!argc) usage();
mechanism = *argv;
} else if (strcmp(*argv, "-d") == 0) {
deleg_flag = GSS_C_DELEG_FLAG;
} else if (strcmp(*argv, "-f") == 0) {
use_file = 1;
} else
break;
argc--; argv++;
}
if (argc != 3)
usage();
if (argc > 1) {
strcpy(hostname, argv[0]);
} else if (gethostname(hostname, sizeof(hostname)) == -1) {
perror("gethostname");
exit(1);
}
if (argc > 2) {
strcpy(service_name, argv[1]);
strcat(service_name, "@");
strcat(service_name, hostname);
}
msg = argv[2];
/* Create GSSAPI object ID. */
if (mechanism)
parse_oid(mechanism, &g_mechOid);
/* Call server to create context and send data. */
if (call_server(hostname, port, g_mechOid, service_name,
deleg_flag, msg, use_file) < 0)
exit(1);
/* Release storage space for OID, if still allocated */
if (g_mechOid != GSS_C_NULL_OID)
(void) gss_release_oid(&min_stat, &gmechOid);
return 0;
}
|