Gets the principal name of a known entity at the server end.
Network Services Library (libnsl.a)
#include <rpc/rpcsec_gss.h>bool_t rpc_gss_get_principal_name(s_principal,mech,name_u,node,secdomain)
rpc_gss_principal_t *s_principal;
char *mech;
char *name_u;
char *node;
char *secdomain;Sometimes, a server wants to compare principal name that it has received with that of a known entity. The rpc_gss_get_principal_name subroutine provides the principal name of a known entity. This subroutine has various parameters that uniquely identify the known entity on the network and creates principal name of the rpc_gss_principal_t type.
| Item | Description |
|---|---|
| s_principal | Represents the principal name of a client. This is an output parameter. |
| mech | Represents the supported security mechanism that is used (for example, kerberosv5). |
| name_u | Specifies the UNIX login name. |
| node | Represents the machine name. |
| secdomain | Represents the security domain. |
Parameter values are dependent on security mechanism. For those parameters that are not applicable for a particular security mechanism, you can specify NULL.
| Item | Description |
|---|---|
| TRUE | successful |
| FALSE | unsuccessful |
You can use the rpc_gss_get_error subroutine to retrieve the error number.
In the following example, the principal name is constructed for users with the myuser UNIX-login name, the mynode node, the mydomain domain, and the kerberosv5 security mechanism.
#include <stdlib.h>
#include <rpc/rpc.h>
#include <rpc/rpcsec_gss.h>
#define PROGNUM 0x3fffffffL
#define VERSNUM 0x1L
static void sample_dispatch(struct svc_req *, SVCXPRT *);
main()
{
/* Create RPC service handle and register with RPCBIND service */
/* Set the principal name */
svc_run();
return 1;
}
/* following is the sample dispatch routine*/
static void sample_dispatch(struct svc_req *request, SVCXPRT *xprt)
{
char *myuser,*mynode,*mydomain;
rpc_gss_principal_t princ;
myuser = "test01";
mynode = "localhost";
mydomain = "ibm.com";
if (!rpc_gss_get_principal_name(&princ,"kerberosv5",myuser,mynode,mydomain))
{
fprintf(stderr,"Error in getting principal name\n");
exit(1);
}
/* Compare retrieved principal name in 'princ' with received principal name */
/* Send reply back to caller */
}