Skip Navigation Links | |
Exit Print View | |
Developer's Guide to Oracle Solaris Security Oracle Solaris 10 8/11 Information Library |
1. Oracle Solaris Security for Developers (Overview)
2. Developing Privileged Applications
3. Writing PAM Applications and Services
4. Writing Applications That Use GSS-API
GSSAPI Server Example Overview
GSSAPI Server Example Structure
Running the GSSAPI Server Example
Signing and Returning the Message
Using the test_import_export_context() Function
Cleanup in the GSSAPI Server Example
7. Writing Applications That Use SASL
8. Introduction to the Oracle Solaris Cryptographic Framework
9. Writing User-Level Cryptographic Applications and Providers
10. Using the Smart Card Framework
A. Sample C-Based GSS-API Programs
D. Source Code for SASL Example
The gss-server main() function performs the following tasks:
Parses command-line arguments and assigns the arguments to variables
Acquires the credentials for the service corresponding to the mechanism
Calls the sign_server() function, which performs the work involved with signing and returning the message
Releases the credentials that have been acquired
Releases the mechanism OID namespace
Closes the connection if the connection is still open
Note - The source code for this example is also available through the download center. See https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_SMI-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=Security_code-Dev1.1-G-F@CDS-CDS_SMI.
Example 6-1 gss-server Example: main()
int main(argc, argv) int argc; char **argv; { char *service_name; gss_cred_id_t server_creds; OM_uint32 min_stat; u_short port = 4444; int s; int once = 0; int do_inetd = 0; log = stdout; display_file = stdout; /* Parse command-line arguments. */ argc--; argv++; while (argc) { if (strcmp(*argv, "-port") == 0) { argc--; argv++; if (!argc) usage(); port = atoi(*argv); } else if (strcmp(*argv, "-verbose") == 0) { verbose = 1; } else if (strcmp(*argv, "-once") == 0) { once = 1; } else if (strcmp(*argv, "-inetd") == 0) { do_inetd = 1; } else if (strcmp(*argv, "-logfile") == 0) { argc--; argv++; if (!argc) usage(); log = fopen(*argv, "a"); display_file = log; if (!log) { perror(*argv); exit(1); } } else break; argc--; argv++; } if (argc != 1) usage(); if ((*argv)[0] == '-') usage(); service_name = *argv; /* Acquire service credentials. */ if (server_acquire_creds(service_name, &server_creds) < 0) return -1; if (do_inetd) { close(1); close(2); /* Sign and return message. */ sign_server(0, server_creds); close(0); } else { int stmp; if ((stmp = create_socket(port)) >= 0) { do { /* Accept a TCP connection */ if ((s = accept(stmp, NULL, 0)) < 0) { perror("accepting connection"); continue; } /* This return value is not checked, because there is not really anything to do if it fails. */ sign_server(s, server_creds); close(s); } while (!once); close(stmp); } } /* Close down and clean up. */ (void) gss_release_cred(&min_stat, &server_creds); /*NOTREACHED*/ (void) close(s); return 0; }