authdes_seccreate Subroutine

Purpose

Maps a UNIX credential into a data encryption standard (DES) credential .

Library

Network Services Library (libnsl.a)

Syntax

#include <rpc/rpc.h>

AUTH *authdes_seccreate(netname, time_window, time_host, deskey)
const char *netname;
const uint_t time_window;
const char *time_host;
const des_block *deskey;

Description

The authdes_seccreate subroutine, which belongs to the secure remote procedure call (RPC) category, implements the AUTH_DES authentication flavor. This subroutine is used on the client side to convert a UNIX credential to an operating-system-independent AUTH_DES credential. When the time difference between the client clock and the server clock exceeds the valid time period, the server rejects client credentials. In such case, you can consult with the host specified by the time_host parameter to resynchronize the client and server clocks. The time_host and deskey parameters are optional. When you set the time_host parameter to a null value, the local clock is always in sync with the clock on the specified host. When you set the deskey parameter to a null value, a random DES key is generated for encrypting client credentials.

Note: The AUTH_DES authentication mechanism works only when the keyserv daemon is running. Also, you must have run the keylogin command.

Parameters

Item	Description
netname	Specifies the network name of the owner of the server process.
time_window	Specifies the time period during which a client credential is valid.
time_host	Specifies the host that is consulted in the case of clock drift.
deskey	Specifies the DES key for encrypting client credentials.

Return Values

Item	Description
a valid authentication handle	successful
a null value	unsuccessful

Examples

In the following example, the authdes_seccreate subroutine creates and returns an authentication handle, so that the communication between the client and the server takes place using the AUTH_DES authentication.

#include <stdlib.h>
#include <rpc/rpc.h>

int main()
{
   char netname[255]; /* contains netname of owner of server process */
   char rhost[255]; /* Remote host netname on which server resides */ 
   rpcprog_t PROGNUM = 0x3fffffffL;
   rpcvers_t PROGVER = 0x1L;
   CLIENT *clnt;
   
   /* Obtain network netname of remote host */
   if (!host2netname(netname, rhost, NULL)) 
   {
      fprintf(stderr, "\nhost2netname() failed\n");
      exit(EXIT_FAILURE);
}

   /* Create a client handle for remote host rhost for PROGNUM & PROGVER on tcp transport */
   clnt = clnt_create(rhost, PROGNUM, PROGVER, "tcp");
   if (clnt == (CLIENT *) NULL) {
      fprintf(stderr,"client_create() error\n");
      exit(1);
   }

   clnt->cl_auth = authdes_seccreate(netname, 80, rhost, (des_block *)NULL);

   /* 
    * Make a call to clnt_call() subroutine 
    */

   /* Destroy the authentication handle */
   auth_destroy(clnt->cl_auth);
   
   /* Destroy the client handle in the end */
   clnt_destroy(clnt);

   return 0;
}