SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from PCLinuxOS lib64tirpc-devel-1.0.1-1pclos2017.x86_64.rpm

RPC

Section: C Library Functions (3)
Index
BSD mandoc
 

NAME

rpc_secure - library routines for secure remote procedure calls 

SYNOPSIS

In rpc/rpc.hFt AUTH *Fo authdes_createFa char *nameFa unsigned windowFa struct sockaddr *addrFa des_block *ckeyFc Ft AUTH *Fo authdes_pk_createFa char *nameFa unsigned windowFa struct sockaddr *addrFa des_block *ckeyFc Ft intFn authdes_getucred struct authdes_cred *adc uid_t *uid gid_t *gid int *grouplen gid_t *groupsFt intFn getnetname char *nameFt intFn host2netname char *name const char *host const char *domainFt intFn key_decryptsession const char *remotename des_block *deskeyFt intFn key_encryptsession const char *remotename des_block *deskeyFt intFn key_gendes des_block *deskeyFt intFn key_setsecret const char *keyFt intFn netname2host char *name char *host int hostlenFt intFn netname2user char *name uid_t *uidp gid_t *gidp int *gidlenp gid_t *gidlistFt intFn user2netname char *name const uid_t uid const char *domain 

DESCRIPTION

These routines are part of theRPClibrary. They implementDESAuthentication. Seerpc(3)for further details aboutRPC

TheFn authdes_createis the first of two routines which interface to theRPCsecure authentication system, known asDESauthentication.The second isFn authdes_getucred ,below.

Note: the keyserver daemonkeyserv(8)must be running for theDESauthentication system to work.

TheFn authdes_createfunction,used on the client side, returns an authentication handle thatwill enable the use of the secure authentication system.The first argumentFa nameis the network name, orFa netname ,of the owner of the server process.This field usuallyrepresents aFa hostnamederived from the utility routineFn host2netname ,but could also represent a user name usingFn user2netname .The second field is window on the validity ofthe client credential, given in seconds. A smallwindow is more secure than a large one, but choosingtoo small of a window will increase the frequency ofresynchronizations because of clock drift.The thirdargumentFa addris optional. If it isNULL then the authentication system will assumethat the local clock is always in sync with the server'sclock, and will not attempt resynchronizations.If an addressis supplied, however, then the system will use the addressfor consulting the remote time service wheneverresynchronizationis required.This argument is usually theaddress of theRPCserver itself.The final argumentFa ckeyis also optional. If it isNULL then the authentication system willgenerate a randomDESkey to be used for the encryption of credentials.If it is supplied, however, then it will be used instead.

TheFn authdes_pk_createfunction is identical toFn authdes_create ,except that the public key needs to be provided at calling time andwill not looked up by this function itself.

TheFn authdes_getucredfunction,the second of the twoDESauthentication routines,is used on the server side for converting aDEScredential, which isoperating system independent, into aUNIXcredential.This routine differs from utility routineFn netname2userin thatFn authdes_getucredpulls its information from a cache, and does not have to do aYellow Pages lookup every time it is called to get its information.

TheFn getnetnamefunctioninstalls the unique, operating-system independent netname ofthecaller in the fixed-length arrayFa name .ReturnsTRUEif it succeeds andFALSEif it fails.

TheFn host2netnamefunctionconverts from a domain-specific hostname to anoperating-system independent netname.ReturnsTRUEif it succeeds andFALSEif it fails.Inverse ofFn netname2host .

TheFn key_decryptsessionfunctionis an interface to the keyserver daemon, which is associatedwithRPC 'ssecure authentication system( DESauthentication).User programs rarely need to call it, or its associated routinesFn key_encryptsession ,Fn key_gendesandFn key_setsecret .System commands such aslogin(1)and theRPClibrary are the main clients of these four routines.

TheFn key_decryptsessionfunctiontakes a server netname and aDESkey, and decrypts the key byusing the public key of the server and the secret keyassociated with the effective uid of the calling process. Itis the inverse ofFn key_encryptsession .

TheFn key_encryptsessionfunctionis a keyserver interface routine.Ittakes a server netname and a des key, and encryptsit using the public key of the server and the secret keyassociated with the effective uid of the calling process. Itis the inverse ofFn key_decryptsession .

TheFn key_gendesfunctionis a keyserver interface routine.Itis used to ask the keyserver for a secure conversation key.Choosing oneQq randomis usually not good enough,becausethe common ways of choosing random numbers, such as using thecurrent time, are very easy to guess.

TheFn key_setsecretfunctionis a keyserver interface routine.It is used to set the key forthe effectiveFa uidof the calling process.

TheFn netname2hostfunctionconverts from an operating-system independent netname to adomain-specific hostname.ReturnsTRUEif it succeeds andFALSEif it fails. Inverse ofFn host2netname .

TheFn netname2userfunctionconverts from an operating-system independent netname to adomain-specific user ID.ReturnsTRUEif it succeeds andFALSEif it fails.Inverse ofFn user2netname .

TheFn user2netnamefunctionconverts from a domain-specific username to an operating-systemindependent netname.ReturnsTRUEif it succeeds andFALSEif it fails.Inverse ofFn netname2user . 

AVAILABILITY

These functions are part of libtirpc. 

SEE ALSO

rpc(3),xdr(3)

The following manuals:

Remote Procedure Calls: Protocol Specification
Remote Procedure Call Programming Guide
Rpcgen Programming Guide
RPC: Remote Procedure Call Protocol SpecificationRFC1050, Sun Microsystems Inc., USC-ISI


 

Index

NAME
SYNOPSIS
DESCRIPTION
AVAILABILITY
SEE ALSO

This document was created byman2html,using the manual pages.