Trusted Solaris Developer's Guide

Programming Interface Declarations

These network library routines handle security attributes on messages sent to and received from a Trusted Solaris host.

Get Attribute Masks

These routines create an attribute mask of system supported security attributes, attributes of the space allocated in the attribute structure, and attributes present in an attribute structure. You can use these routines instead of assigning t6mask_t enumerated values to a mask variable.

t6mask_t t6supported_attrs(void);
t6mask_t t6allocated_attrs(t6attr_t t6ctl);
t6mask_t t6present_attrs(t6attr_t t6ctl);

Allocate and Free Space

The t6alloc_blk(3NSL) routine creates a security attribute structure with enough space allocated for the security attributes specified in new_attrs. The t6free_blk(3NSL) routine frees the space allocated for the security attribute structure t6ctl.

t6attr_t t6alloc_blk(t6mask_t mask);
void t6free_blk(t6attr_t t6ctl);

Send and Receive Data

The t6sendto(3NSL) routine sends security attributes with a message. The t6recvfrom(3NSL) routine receives a message and its security attributes. When t6new_attr(3NSL) is on, t6recvfrom(3NSL) receives security attributes only when the attributes in new_attrs have changed.


Note -

These routines are specific to sockets. For Transport Layer Interface (TLI), use t6last_attr(3NSL) in place of t6recvfrom(3NSL) and t6new_attr(3NSL); and t6set_endpt_default(3NSL) in place of t6sendto(3NSL).


ssize_t t6sendto(int sock,
	const char *msg,
	size_t len,
	int flags,
	const struct sockaddr *name,
	socklen_t namelen,
	const t6attr_t handle);

ssize_t t6recvfrom(int sock,
	void *buffer,
	size_t len,
	int flags,
	struct sockaddr *name,
	Psocklen_t namelenp,
	t6attr_t handle,
	t6mask_t *new_mask);

int t6new_attr(int fd, t6cmd_t cmd);

Get and Set Security Attributes

The t6get_attr(3NSL) routine gets the attribute in attr_type from the security attribute structure t6ctl. The return value should be cast to the correct type as described in "Attribute Enumerations".

The t6set_attr(3NSL) routine sets the attribute in attr_type with the value specified in attr in the security attribute structure t6ctl.

void *t6get_attr(t6attr_id_t attr_type,
	const t6attr_t t6ctl);

int t6set_attr(t6attr_id_t attr_type,
	const void *attr,
	t6attr_t t6ctl);

Examine Security Attributes

The t6peek_attr(3NSL) routine examines the security attributes in attr_ptr on the next byte of data to be received, and the t6last_attr(3NSL) routine examines the security attributes on the last byte of data received.

int t6peek_attr(int fd, t6attr_t attr_ptr, t6mask_t *new_attrs);

int t6last_attr(int fd, t6attr_t attr_ptr, t6mask_t *new_attrs);

Get the Size of One Security Attribute

The t6size_attr(3NSL) routine gets the size in bytes of the value for the security attribute specified in attr_type in the security attribute structure t6ctl.

size_t t6size_attr(t6attr_id_t attr_type, const t6attr_t t6ctl);

Copy and Duplicate Security Attributes

These routines make a copy of attr_src. Refer to the t6copy_blk(3NSL) and t6dup_blk(3NSL) man pages.

int t6copy_blk(const t6attr_t attr_src, t6attr_t attr_dest);
t6attr_t t6dup_blk(const t6attr_t attr_src);

Compare Security Attributes

This routine compares one security attribute structure to another. Refer to the t6cmp_blk(3NSL) man page.

int t6cmp_blk(t6attr_t t6ctl1, t6attr_t t6ctl2);

Clear Security Attributes

This routine clears the attributes specified in mask from t6ctl. Refer to the t6clear_blk(3NSL) man page.

void t6clear_blk(t6mask_t mask, t6attr_t t6ctl);

Get and Set Endpoint Attributes

The t6set_endpt_default(3NSL) routine sets the security attribute values in attr indicated by mask on the communication endpoint. The t6get_endpt_mask(3NSL) routine sets the endpoint mask only.

The t6get_endpt_default(3NSL) routine gets the security attribute values in attr indicated by mask from the communication endpoint. The t6get_endpt_mask(3NSL) routine gets the endpoint mask only.

int t6get_endpt_default(int fd,
	t6mask_t *mask,
	t6attr_t attr);

int t6set_endpt_mask(int fd,
	t6mask_t mask);

int t6set_endpt_default(int fd,
	t6mask_t mask,
	const t6attr_t attr_ptr);

int t6get_endpt_mask(int fd,
	t6mask_t *mask);

Turn Extended Security Operations On and Off

This routine turns the extended security operations on and off for compatibility with other vendors. The operations are on by default. When off, messages can be sent and received as long as the communications are with the mandatory and discretionary access controls of the system. Refer to the t6ext_attr(3NSL) man page.

int t6ext_attr(int fd, t6cmd_t cmd);