create_a_socket()
This is a no-frills function for creating a transport connection with the client.
Example A-14 create_a_socket()
/*
* Function: create_socket
*
* Purpose: Opens a listening TCP socket.
*
* Arguments:
*
* port (r) the port number on which to listen
*
* Returns: the listening socket file descriptor, or -1 on failure
*
* Effects:
*
* A listening socket on the specified port and created and returned.
* On error, an error message is displayed and -1 is returned.
*/
int create_socket(port)
u_short port;
{
struct sockaddr_in saddr;
int s;
int on = 1;
saddr.sin_family = AF_INET;
saddr.sin_port = htons(port);
saddr.sin_addr.s_addr = INADDR_ANY;
if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("creating socket");
return -1;
}
/* Let the socket be reused right away */
(void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&on,
sizeof(on));
if (bind(s, (struct sockaddr *) &saddr, sizeof(saddr)) < 0)
{
perror("binding socket");
(void) close(s);
return -1;
}
if (listen(s, 5) < 0) {
perror("listening on socket");
(void) close(s);
return -1;
}
return s;
}
|
test_import_export_context()
Finally, this is a small function to show how gss_export_sec_context() and gss_import_sec_context() work. Of limited practicality, this function is here mostly to indicate how these GSS-API functions can be used.
Example A-15 test_import_export_context()
int test_import_export_context(context)
gss_ctx_id_t *context;
{
OM_uint32 min_stat, maj_stat;
gss_buffer_desc context_token, copied_token;
struct timeval tm1, tm2;
/*
* Attempt to save and then restore the context.
*/
gettimeofday(&tm1, (struct timezone *)0);
maj_stat = gss_export_sec_context(&min_stat, context, &context_token);
if (maj_stat != GSS_S_COMPLETE) {
display_status("exporting context", maj_stat, min_stat);
return 1;
}
gettimeofday(&tm2, (struct timezone *)0);
if (verbose && log)
fprintf(log, "Exported context: %d bytes, %7.4f seconds\n",
context_token.length, timeval_subtract(&tm2, &tm1));
copied_token.length = context_token.length;
copied_token.value = malloc(context_token.length);
if (copied_token.value == 0) {
fprintf(log, "Couldn't allocate memory to copy context token.\n");
return 1;
}
memcpy(copied_token.value, context_token.value, copied_token.length);
maj_stat = gss_import_sec_context(&min_stat, &copied_token, context);
if (maj_stat != GSS_S_COMPLETE) {
display_status("importing context", maj_stat, min_stat);
return 1;
}
gettimeofday(&tm1, (struct timezone *)0);
if (verbose && log)
fprintf(log, "Importing context: %7.4f seconds\n",
timeval_subtract(&tm1, &tm2));
(void) gss_release_buffer(&min_stat, &context_token);
return 0;
}
|
timeval_subtract()
This is a convenience function used by test_import_export_context().
Example A-16 timeval_subtract()
static float timeval_subtract(tv1, tv2)
struct timeval *tv1, *tv2;
{
return ((tv1->tv_sec - tv2->tv_sec) +
((float) (tv1->tv_usec - tv2->tv_usec)) / 1000000);
}
|
Ancillary Functions
To make the client and server programs work as shown, a number of other functions are required. These are mostly for displaying values, and are not necessary to the basic functioning of the programs. They are shown here for completeness.
Two functions, however, are significant: send_token() and recv_token(), which do the actual transfer of context tokens and messages. They are actually plain "vanilla" functions that open up a file descriptor and read to or write from it. Although
ordinary, and not directly related to the GSS-API, they are sufficiently important to call out separately.