[Return to Library] [Contents] [Previous Chapter] [Next Section] [Next Chapter] [Index] [Help]

D    Coding Examples

The examples in this appendix illustrate how to use some of the routines in the trusted Digital UNIX system.

[Return to Library] [Contents] [Previous Chapter] [Next Section] [Next Chapter] [Index] [Help]

D.1    Source Code for sia-reauth.c

Example D-1 is a program that performs password checking.

Example D-1: Reauthentication Program 

#include <sia.h>
#include <siad.h>

 

#ifndef NOUID
#define	NOUID	((uid_t) -1)
#endif

 

main (argc, argv)
int argc;
char **argv;
{
        int i;
	SIAENTITY *entity = NULL;
	int (*sia_collect)() = sia_collect_trm;
	char uname[32];
	struct passwd *pw;
	uid_t myuid;

 

	myuid = getluid();
	if (myuid == NOUID)
		myuid = getuid(); /* get ruid */
	pw = getpwuid(myuid);
	if (!pw || !pw->pw_name || !*pw->pw_name) {
		sleep(3);	/* slow down attacks */
		(void) fprintf(stderr, "sorry");
		return 1;
	}
	(void) strcpy(uname, pw->pw_name);
	i = sia_ses_init(&entity, argc, argv, NULL, uname, \
                                              NULL, TRUE, NULL);
	if (i != SIASUCCESS) {
		sleep(3);	/* slow down attacks */
		(void) fprintf(stderr, "sorry");
		return 1;
	}
	i = sia_ses_reauthent(sia_collect, entity);
	if (i != SIASUCCESS) {
		(void) sia_ses_release(&entity);
		sleep(3);	/* slow down attacks */
		(void) fprintf(stderr, "sorry");
		return 1;
	}
	i = sia_ses_release(&entity);
	if (i != SIASUCCESS) {
		sleep(3);	/* slow down attacks */
		(void) fprintf(stderr, "sorry");
		return 1;
	}

 

	(void) fprintf(stderr, "Ok");

 

	return 0;
}

[Return to Library] [Contents] [Previous Chapter] [Previous Section] [Next Chapter] [Index] [Help]

D.2    Source Code for sia-suauth.c

Example D-2 is a program that allows root to become a user to run daemons (such as crontab or sendmail) for the user.

Example D-2: Superuser Authentication Program 

#include <sia.h>
#include <siad.h>

 

main (argc, argv)
int argc;
char **argv;
{
        int i;

 

        i = sia_auth(getuid());
        printf("result is %d", i);

 

}

 

int  sia_auth(uid)
int uid;
{

 

        char	uname[32];
        static	SIAENTITY *entity=NULL;
        static	int oargc = 1;
        static	char *oargv[1] = { "siatest" };
        static	int (*sia_collect)()=sia_collect_trm;
	struct	passwd *pw;

 

	pw = getpwuid(uid);
	if (!pw) {
	    printf("getpwuid failure");
	    return 8;
	}
	(void) strcpy(uname, pw->pw_name);
        printf("SIA authentication for uid: %d, uname: %s ", \
                                                         uid, uname);
        if (sia_ses_init(&entity,oargc,oargv,NULL,uname,NULL, \
                                        FALSE, NULL) == SIASUCCESS) {
                printf( "sia_ses_init successful");
                entity->authtype = SIA_A_SUAUTH;
		if (sia_make_entity_pwd(pw, entity) == SIASUCCESS) {
		    printf("sia_make_entity_pwd successful");
		}
		else {
		    printf("sia_make_entity_pwd un-successful");
		}
                if ((sia_ses_launch(NULL, entity)) == SIASUCCESS) {
                        printf( "sia_ses_launch successful");
                }
                else {
                        printf( "sia_ses_launch un-successful");
			entity = NULL;
                }
                if ((sia_ses_release(&entity)) == SIASUCCESS) {
                        printf( "sia_ses_release successful");
                }
                else {
                        printf( "sia_ses_release un-successful");
                        return(4);
                }

 

        }
        else {
                printf( "sia_ses_init un-successful");
                return(5);
        }
        printf( "sia  **** successful");
        return(6);
}