Skip Navigation Links | |
Exit Print View | |
Developer's Guide to Oracle Solaris 11 Security Oracle Solaris 11.1 Information Library |
1. Oracle Solaris Security for Developers (Overview)
2. Developing Privileged Applications
3. Writing PAM Applications and Services
4. Writing Applications That Use GSS-API
7. Writing Applications That Use SASL
8. Introduction to the Oracle Solaris Cryptographic Framework
9. Writing User-Level Cryptographic Applications
10. Introduction to the Oracle Solaris Key Management Framework
A. Secure Coding Guidelines for Developers
B. Sample C-Based GSS-API Programs
The following code sample includes listings for miscellaneous SASL functions.
Note - The source code for this example is also available through the Oracle download center. See http://www.oracle.com/technetwork/indexes/downloads/sdlc-decommission-333274.html.
#pragma ident "@(#)common.c 1.1 03/03/28 SMI" /* $Id: common.c,v 1.3 2002/09/03 15:11:59 rjs3 Exp $ */ /* * Copyright (c) 2001 Carnegie Mellon University. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The name "Carnegie Mellon University" must not be used to * endorse or promote products derived from this software without * prior written permission. For permission or any other legal * details, please contact * Office of Technology Transfer * Carnegie Mellon University * 5000 Forbes Avenue * Pittsburgh, PA 15213-3890 * (412) 268-4387, fax: (412) 268-7395 * tech-transfer@andrew.cmu.edu * * 4. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by Computing Services * at Carnegie Mellon University (http://www.cmu.edu/computing/)." * * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include <config.h> #include <stdio.h> #include <ctype.h> #include <stdarg.h> #ifdef _SUN_SDK_ #include <sysexits.h> #endif /* _SUN_SDK_ */ #include <sasl.h> /* send/recv library for IMAP4 style literals. really not important; just one way of doing length coded strings */ int send_string(FILE *f, const char *s, int l) { int al; al = fprintf(f, "{%d}\r\n", l); fwrite(s, 1, l, f); fflush(f); printf("send: {%d}\n", l); while (l--) { if (isprint((unsigned char) *s)) { printf("%c", *s); } else { printf("[%X]", (unsigned char) *s); } s++; } printf("\n"); return al; } int recv_string(FILE *f, char *buf, int buflen) { int c; int len, l; char *s; c = fgetc(f); if (c != '{') return -1; /* read length */ len = 0; c = fgetc(f); while (isdigit(c)) { len = len * 10 + (c - '0'); c = fgetc(f); } if (c != '}') return -1; c = fgetc(f); if (c != '\r') return -1; c = fgetc(f); if (c != '\n') return -1; /* read string */ if (buflen <= len) { fread(buf, buflen - 1, 1, f); buf[buflen - 1] = '\0'; /* discard oversized string */ len -= buflen - 1; while (len--) (void)fgetc(f); len = buflen - 1; } else { fread(buf, len, 1, f); buf[len] = '\0'; } l = len; s = buf; printf("recv: {%d}\n", len); while (l--) { if (isprint((unsigned char) *s)) { printf("%c", *s); } else { printf("[%X]", (unsigned char) *s); } s++; } printf("\n"); return len; } int debuglevel = 0; int dprintf(int lvl, const char *fmt, ...) { va_list ap; int ret = 0; if (debuglevel >= lvl) { va_start(ap, fmt); ret = vfprintf(stdout, fmt, ap); va_end(ap); } return ret; } void saslerr(int why, const char *what) { fprintf(stderr, "%s: %s", what, sasl_errstring(why, NULL, NULL)); } void saslfail(int why, const char *what) { saslerr(why, what); exit(EX_TEMPFAIL); }