A new authentic method in dpcl.config:
method = keyfuncs
Both client and SD need to agree on the same security
method. If not, program exit with
Both client and SD check if /usr/lib/spkeyfuncs.o (or
/usr/lib/spkeyfuncs.o64 for 64 bits) exist. If not
program exit with ASC_library_load_failed.
/usr/lib/spkeyfuncs.o is a system adm. supplied object.
It contains two functions:
int spgetkey(char ** buff, int * length);
int spchkkey(char * buff, uid_t uid, int length);
client calls spgetkey() to get a malloc'd buff, pass this
buff to the SD. SD uses spchkkey() to verify the client's
ID. Program exit with ASC_authorization_failed if failed
Note, the client needs to free() this malloc'd buff
See lib/include/spkeyFunc.h for further information.
Log in to post a comment.