Full Generic System V ABI

More documents

Recommendations

Info

⎜⎜c h a r * a u p _ m a c h n a m e ; ⎜u i d _ t a u p _ u i d ; ⎜g i d _ t a u p _ g i d ; ⎜s t r u c t a u t h s y s _ p a r m s {u _ l o n g a u p _ t i m e ;} ;u _ i n t a u p _ l e n ; ⎜g i d _ t * a u p _ g i d s ;⎜The a u p _ m a c h n a m e is the name of the caller’s machine (like ‘‘krypton’’). Thea u p _ u i d is the caller’s effective user ID. The a u p _ g i d is the caller’s effectivegroup ID. The a u p _ g i d s is a counted array of groups which contain the caller as amember. The verifier accompanying the credentials should be of A U T H _ N U L L(defined above).The value of the discriminant of the response verifier received in the reply messagefrom the server may be A U T H _ N U L L.DES AuthenticationBasic authentication for UNIX systems suffers from two major problems:1 . The naming is oriented for UNIX systems.2 . There is no verifier, so credentials can easily be faked.DES authentication attempts to fix these two problems.NamingThe first problem is handled by addressing the caller by a simple string of charactersinstead of by an operating system specific integer. This string of characters isknown as the ‘‘netname’’ or network name of the caller. The server is not allowedto interpret the contents of the caller’s name in any other way except to identifythe caller. Thus, netnames should be unique for every caller in the namingdomain.It is up to each operating system’s implementation of DES authentication to generatenetnames for its users that insure this uniqueness when they call uponremote servers. Operating systems already know how to distinguish users local totheir systems. It is usually a simple matter to extend this mechanism to the network.For example, a user with a user ID of 515 might be assigned the followingnetname: ‘‘unix.515@sun.com’’. This netname contains three items that serve toinsure it is unique. Going backwards, there is only one naming domain called‘‘sun.com’’ in the internet. Within this domain, there is only one user with user ID515. However, there may be another user on another operating system within thesame naming domain that, by coincidence, happens to have the same user ID. ToFormats and Protocols for Networking 7-31
insure that these two users can be distinguished we add the operating systemname. So one user is ‘‘unix.515@sun.com’’ and the other could be‘‘vms.515@sun.com’’.The first field is actually a naming method rather than an operating system name.It just happens that today there is almost a one-to-one correspondence betweennaming methods and operating systems. If the world could agree on a namingstandard, the first field could be the name of that standard, instead of an operatingsystem name.DES Authentication VerifiersUnlike authentication for UNIX systems, DES authentication does have a verifierso the server can validate the client’s credential (and vice-versa). The contents ofthis verifier is primarily an encrypted timestamp. The server can decrypt thistimestamp, and if it is close to what the real time is, then the client must haveencrypted it correctly. The only way the client could encrypt it correctly is toknow the ‘‘conversation key’’ of the RPC session. And if the client knows theconversation key, then it must be the real client.The conversation key is a DES key which the client generates and notifies theserver of in its first RPC call. The conversation key is encrypted using a public keyscheme in this first transaction. The particular public key scheme used in DESauthentication is Diffie-Hellman with 192-bit keys. The details of this encryptionmethod are described later.The client and the server need the same notion of the current time in order for allof this to work. If network time synchronization cannot be guaranteed, then clientcan synchronize with the server before beginning the conversation.The way a server determines if a client timestamp is valid is somewhat complicated.For any other transaction but the first, the server just checks for two things:1 . The timestamp is greater than the one previously seen from the same client.2 . The timestamp has not expired.A timestamp is expired if the server’s time is later than the sum of the client’stimestamp plus what is known as the client’s "window". The ‘‘window’’ is anumber the client passes (encrypted) to the server in its first transaction. It can bethought of as a lifetime for the credential.This explains everything but the first transaction. In the first transaction, theserver checks only that the timestamp has not expired. If this was all that wasdone though, then it would be quite easy for the client to send random data inplace of the timestamp with a fairly good chance of succeeding. As an addedcheck, the client sends an encrypted item in the first transaction known as the‘‘window verifier’’ which must be equal to the window minus 1, or the server willreject the credential.7-32 FORMATS AND PROTOCOLS
Page 1 and 2:
SYSTEM VAPPLICATION BINARY INTERFAC
Page 3 and 4:
LOW-LEVEL SYSTEM INFORMATION3Introd
Page 5:
INIndexIndexIN-1ivTable of Contents
Page 8 and 9:
1 INTRODUCTIONSystem V Application
Page 10 and 11:
Foundations and Structure of the AB
Page 12 and 13:
How to Use the System V ABIThe comp
Page 14 and 15:
6 . The system’s compilation syst
Page 16 and 17:
Definitions of TermsThe following t
Page 18 and 19:
2SOFTWARE INSTALLATIONSoftware Inst
Page 20 and 21:
Software Structure of the Physical
Page 22 and 23:
Figure 2-2: Data Stream File Layout
Page 24 and 25:
A special new-line terminated chara
Page 26 and 27:
P S T A M P: Production stamp, limi
Page 28 and 29:
major: The major device number, app
Page 30 and 31:
NOTESince substantive differences e
Page 32 and 33:
1: fatal error2: warning3: interrup
Page 34 and 35:
Commands That Install, Remove and A
Page 36 and 37:
IntroductionThis chapter defines lo
Page 38 and 39:
Machine Interface (Processor-Specif
Page 40 and 41:
Operating System Interface (Process
Page 42 and 43:
4OBJECT FILESIntroduction 4-1File F
Page 44 and 45:
Figure 4-1: Object File Format_____
Page 46 and 47:
ELF HeaderSome object file control
Page 48 and 49:
e _ v e r s i o ne _ e n t r ye _ p
Page 50 and 51:
E I _ C L A S SE I _ D A T AThe nex
Page 52 and 53:
SectionsAn object file’s section
Page 54 and 55:
Figure 4-8: Section Headert y p e d
Page 56 and 57:
S H T _ N U L LThis value marks the
Page 58 and 59:
A section header’s s h _ f l a g
Page 60 and 61:
Figure 4-13: Special Sections (cont
Page 62 and 63:
. s h s t r t a b This section hold
Page 64 and 65:
Symbol TableAn object file’s symb
Page 66 and 67:
S T B _ W E A K Weak symbols resemb
Page 68 and 69:
As mentioned above, the symbol tabl
Page 70 and 71:
# d e f i n e E L F 32 _ R _ S Y M
Page 72 and 73:
5PROGRAM LOADING ANDDYNAMIC LINKING
Page 74 and 75:
Program HeaderAn executable or shar
Page 76 and 77:
P T _ D Y N A M I CP T _ I N T E R
Page 78 and 79:
Figure 5-3: Segment Flag Bits, p _
Page 80 and 81:
depending on the processor. See ‘
Page 82 and 83:
NOTENote information is optional. T
Page 84 and 85:
Dynamic LinkingProgram InterpreterA
Page 86 and 87:
Because every ABI-conforming progra
Page 88 and 89:
Figure 5-10: Dynamic Array Tags, d
Page 90 and 91:
D T _ R P A T HD T _ S Y M B O L I
Page 92 and 93:
If a shared object name has one or
Page 94 and 95:
oth the symbol table and the chain
Page 96 and 97:
6 LIBRARIESIntroduction 6-1Shared L
Page 98 and 99:
IntroductionEvery ABI-conforming sy
Page 100 and 101:
Dependencies Among LibrariesInter-l
Page 102 and 103:
Figure 6-2: l i b s y s Contents, N
Page 104 and 105:
NOTEBecause the ABI specifies neith
Page 106 and 107:
_nameThis gives a system service na
Page 108 and 109:
Figure 6-7: l i b c Contents from X
Page 110 and 111:
i n t _ _ f l s b u f ( i n t x , F
Page 112 and 113:
Network Services LibraryThe Network
Page 114 and 115: Figure 6-14: l i b n s l Contents,
Page 116 and 117: Curses LibraryThe curses library, l
Page 118 and 119: Figure 6-19: l i b c u r s e s Cont
Page 120 and 121: X Window System LibraryThe X Window
Page 122 and 123: Figure 6-21: l i b X Contents (cont
Page 124 and 125: Figure 6-21: l i b X Contents (cont
Page 126 and 127: X Toolkit Intrinsics LibraryGThe X
Page 128 and 129: Figure 6-23: l i b X t Contents (co
Page 130 and 131: System Data InterfacesStandard head
Page 132 and 133: 7FORMATS AND PROTOCOLSIntroduction
Page 134 and 135: IntroductionThis chapter describes
Page 136 and 137: a r _ d a t ea r _ u i da r _ g i d
Page 138 and 139: As an example, the following symbol
Page 140 and 141: Terminfo Data BaseEach terminal’s
Page 142 and 143: 37 | t t y 37 | A T & T m o d e l 3
Page 144 and 145: XDR Data TypesEach of the sections
Page 146 and 147: Single-Precision Floating-Point+ --
Page 148 and 149: Byte m of the sequence always prece
Page 150 and 151: Variable-length ArrayCounted arrays
Page 152 and 153: VoidAn XDR void is a 0-byte quantit
Page 154 and 155: Optional-data is not so interesting
Page 156 and 157: Because of transport independence,
Page 158 and 159: 5 . The parameters to the remote pr
Page 160 and 161: The RPC Message ProtocolThis sectio
Page 162 and 163: ** Body of a reply to an RPC reques
Page 166 and 167: The client too must check the verif
Page 168 and 169: * a d v _ w i n v e r f ; -- one ha
Page 170 and 171: pcbind MechanismAn r p c b i n d me
Page 172 and 173: The parameters and the argument poi
Page 174 and 175: Commands for Application ProgramsPr
Page 176 and 177: 9EXECUTION ENVIRONMENTApplication E
Page 178 and 179: Per-process environment information
Page 180 and 181: The root directory of the file syst
Page 182 and 183: u s r / X / l i b / a p p - d e f a
Page 184 and 185: The System V Window SystemNOTEThis
Page 186 and 187: System V Window System ComponentsTh
Page 188 and 189: 11DEVELOPMENT ENVIRONMENTSFOR AN AB
Page 190 and 191: a sSVID ___________________________
Page 192 and 193: Static ArchivesFrequently applicati
Page 194 and 195: t_rcv 12-12t_rcvconnect 12-12t_rcvu
Page 196 and 197: Required STREAMS Devices and Module
Page 198 and 199: Required Transport Layer SupportA t
Page 200 and 201: Figure 12-9: XTI values for t_info
Page 202 and 203: Optional Internet Transport Support
Page 204 and 205: t_optmgmtTLIUnder TLI the following
Page 206 and 207: Figure 12-14: IP OptionsX__________
Page 208 and 209: IN IndexIndexIN-1Table of Contentsi
Page 210 and 211: a u t h d e s _ f u l l n a m e 7:
Page 212 and 213: d e l _ c u r t e r m 6: 22d e l e
Page 214 and 215:
f t o k 6: 5f t r u n c a t e 6: 12
Page 216 and 217:
installation mediafile formats 2: 1
Page 218 and 219:
m k s t e m p 6: 12m k t e m p 6: 1
Page 220 and 221:
format 4: 1hash table 5: 13, 17, 21
Page 222 and 223:
e p l y _ s t a t 7: 27required siz
Page 224 and 225:
s i g s e n d 6: 5s i g s e n d s e
Page 226 and 227:
T _ C O N N E C T 1 12: 5T _ C O N
Page 228 and 229:
u n a m e 6: 6, 9: 1u n c t r l 6:
Page 230 and 231:
w r i t e 6: 5, 18w r i t e v 6: 5w
Page 232 and 233:
X D e f a u l t V i s u a l 6: 27X
Page 234 and 235:
X G e t G e o m e t r y 6: 27X G e
Page 236 and 237:
X r m P u t L i n e R e s o u r c e
Page 238 and 239:
X t C v t I n t T o P i x e l 6: 31
Page 240:
X t S t r i n g s 6: 32X t S u p e
show all

Full Generic System V ABI

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?