I thought I wanted to use GSS-API, but now am not so sure, since I'm having a hard time finding good sample code for a trivial client/server pair. Sun has documentation including sample code, but it's written specifically for their GSS API implementation, using a few proprietary functions not in e.g. the GNU GSS-API (and for which it's not immediately clear to me how to re-implement them against the GNU implementation). Plus, it's written in pre-ANSI C, with K&R function declarations and so on (I had no problem converting the declarations, but it did make me think the Sun example code may be so old as to be irrelevant).
Have you used the GSS-API in an application in, say, the last decade? Do you know of some self-contained tutorial with example programs that's worth reading?
Alternatively, maybe I'm on the wrong track and should try SASL instead. The GNU GSS-API author himself suggests as much.
For what it's worth, I'm using GCC on Linux, and have Kerberos set up already for other purposes.
Yes, you should absolutely be using SASL instead of GSSAPI. It is a much better supported protocol, and the libraries are pretty good. At the very least, you can think of it as a sanity-improving wrapper over GSSAPI, since that is one of the typical plugins implemented for SASL. The only reason you should consider using GSSAPI directly is to implement a SASL library. But don't do that. :)
SASL also has wide use. It is specified as part of IMAP and XMPP.
Are you implementing some custom protocol over TCP?
Sun uses the GSSAPI in their Java code. You can find a bit more information about it here:
Equivalent of 'gss_import_name' and 'gss_init_sec_context' methods in java?
Also you may want to look at the code implementation done by the folks at OpenJDK:
http://www.docjar.org/docs/api/sun/security/jgss/GSSContextImpl.html
They have published a full working example of GSSAPI written in Java.
Grant
Related
I'm working on a project, implementing everything in C language. As a part of the project, we need to be able to control and configure firewalld, firewall of the current system.
firewalld is implemented in Python and an interface is available. However, we don't want to make Python calls from C or vice versa.
There are command line tools to configure firewalld (e.g. firewall-cmd) but we don't want to make such calls from C either.
I recently started working on firewalld, I don't know much about its internals. I've read that it uses D-Bus, I also don't know much about D-Bus.
There is a C library developed by Thomas Woerner: libfirewall.
However, it's been more than a year and a half since the last commit so it's not maintained. Other than libfirewall, I don't know any firewalld interface in C.
I gave libfirewall a shot. It got me some problems when both compiling and running the examples and I still have problems to resolve. Is it worth to continue with libfirewall? Should I use it?
Is there any other interface that I'm not aware of?
Possibly naive question due to lack of understanding of D-Bus: I thought, maybe, with a D-Bus interface, I can issue commands to firewalld. Can it be done? (i.e. Does D-Bus work like that?) Can we write a program that mimics, say firewall-cmd, and interacts with D-Bus in the same way and at the end allows us to control firewalld?
If this is possible, how to do it and what to use? libdbus and GDBus have relatively good documentation although libdbus requires good deal of effort. They even said "If you use this low-level API directly, you're signing up for some pain." in the documentation. In any case I'll be in need of examples or any kind of text demonstrating their usage.
How should I approach this problem?
Yes, you can issue commands to firewalld via D-Bus. I haven't checked but expect that firewall-cmd is itself implemented as a D-Bus client.
The D-Bus API is extensively documented: https://firewalld.org/documentation/man-pages/firewalld.dbus.html. The documentation should give you a rough idea what can be accomplished through the API. You could try the D-Bus debugger d-feet to interact with firewalld without any code.
GDBus is definitely the easiest way use D-Bus from C but it's still not trivial and firewalld is a fairly complex API: Using it may require some expertise (completely depending on what you need to do).
I have an existing library in C, which I want to be able to allow remote access to (either from Linux or Windows).
I looked at the usual RPC suspects like Thrift and Protobuf, but neither of these deal cleanly with C-style function calls (things like pass-by-ref, char* instead of string, * instead of List<> etc).
In short, to use either of these it looks like I would need to write a complete IDL from scratch, and add a lot of boilerplate code to transfer C-style function calls into these environments.
Are there any RPC libraries around that
can deal directly with C header files (or have tools to auto
generate the initial IDL from C definitions)?
are cross-platform Linux/Windows compatible?
require the absolute minimum of boilerplate code?
support sockets
are relatively high performance (XML-RPC i'm looking at you)?
Well, there's protobuf-c, an implementation of protobuf in C.
And then there's the classical XDR, found on most/(all?) unix-like systems, versions exist for windows as well. See also the Linux xdr(3) man page which contains an overview of the API.
Note that both protobuf and XDR are serialization libraries, they don't provide RPC. The "companion RPC library" to XDR is called, well, RPC, but I don't think anyone writes new code with that, and AFAICS it's unix-specific (portmap doesn't run on windows, does it? And it's generally a bad idea anyway.). Then there's protobuf-c-rpc which is the C version of the protobuf RPC library; probably a better bet than classic RPC.
gcc (GCC) 4.7.2
PJ SIP 2.1
Hello,
I am developing an application that will use the PJSIP API.
Just looking at the API documentation and I see some functions that seem to be just wrappers for the standard C library. i.e. pj_memset, pj_strncpy, pj_strlen, etc.
I can see some alternatives that might be worth considering pj_strncpy_with_null() which will always NULL terminate a string. A another advantage could be is that the pjsip uses a pj_str_t structure to store the string and the size. Which could be better than using a normal C string.
And is there any point using pj_size_t over size_t which is portable anyway?
The link for quick reference is here:
http://www.pjsip.org/pjlib/docs/html/group__PJ__PSTR.htm
It there any real advantage using PJSIP over the standard C library?
Many thanks for any suggestions,
Short answer: Use the PJSIP API (all of it).
Long answer: It depends.
If you were programming an application for standard Desktops, that is, x86/x64 Windows/Mac/Linux, then no, it wouldn't really matter too much if you used the standard C library or wrappers like the PJSIP functions. Practically, of course, there might be functions that take (as you pointed out) the pj_str_t struct instead of a char *; it would be easier then to use the PJSIP API just to simplify and remove the need for conversions.
The reason for wrappers, I'm assuming, is to make it easier to develop on embedded devices. I don't mean just ARM or other non-x86 processors—though it could apply there as well; I mean custom embedded devices: things that have a very specific purpose and change infrequently. These embedded devices have very limited capabilities and sometimes even lack an OS. Without an OS, these processors might not have a malloc function or the like. Frequently, the libraries associated with the devices, since they are customized so much, are not entirely "standard" and differ in some small way. By having wrappers for everything, PJSIP can avoid most issues and even provide implementations across the board for things such as strcpy or malloc such that all devices run the "same" code.
Wrappers also provide the means for "hooks." Hooks enable better error messaging (and possibly handling). It's unclear whether PJSIP is doing this (I have never used PJSIP—I am talking from experience using other frameworks), but I am pointing it out just to show why a framework might bother wrapping everything.
In the end, it boils down to your purpose: if you chose to use PJSIP in the first place, then I would go all out and use all of its API. If you are only using it in a few places (for whatever reason) then it probably doesn't matter. Again, it appears that PJSIP is targeting embedded devices (it lists Nokia and even RTOS systems), where it is fairly common to provide wrappers for even "standard" functions. If this is the case, and you are using it in this way, definitely use the entire API.
Will you be sticking with pjsip?
PJSIP source code ("The Software") is licensed under both General
Public License (GPL) version 2 or later and a proprietary license that
can be arranged...
If you think the GPL may be too restrictive for future expansion (such as Android's no-GPL-in-userspace policy) and their proprietary license is not acceptable, you may benefit from using your own portable code/wrappers that you could use with a less restrictive BSD stlye library like Baresip
There are plenty of other methods to provide needed functionality where the standard C library does not support it, many of which will be better tested (I hate to mention autotools, but... it does support most platforms - some would say too many) Or you could include implementations/adaptations from musl-libc
Another thing to consider is the C api is based on standards and fairly set in stone while the wrappers in a given project are much more free to break API compatibility from version to version (just ask a glib/gtk programmer)
I am looking for a NIO type of library for C. I want to implement a multi threaded UDP network server that will have a lot of clients connecting to it.
Instead of attempting to code my own program to handle packets and 'connections'. I thought I would have a look if there is not already an existing library that has been tested and build for scalability and high performance.
I have found a few for Java but none for C. such as Apache Mina.
I am hoping that some one out there knows of a good one that may assist me.
Thaks
It sounds like you want something to abstract select(), poll(), or whatever the most efficient mechanism is for your platform.
Have you looked at libevent and libev? There is a nice writeup here.
First of all, C has no classes. Secondly, C provides you with everything you need to implement a scalable and high performance solution. It's more low level than java's NIO, but there are good tutorials out there in google.
And if you want a library - try boosts' asio. It is C++, but perhaps you can use it.
If you are using Linux I strongly recommend you to use the POSIX API. It gives you resources for multithreading and networking acrosss any Linux box.
GNU C library
I'm attempting to utilize the socket.h functions within Windows. Essentially, I'm currently looking at the sample code at https://beej.us/guide/bgnet/html/multi/clientserver.html#datagram. I understand that socket.h is a Unix function -- is there anyway I can easily emulate that environment while compiling this sample code? Does a different IDE / compiler change anything?
Otherwise, I imagine that I need to utilize a virtualized Linux environment, which may be best anyways as the code will most likely be running in a UNIX environment.
Thanks.
You have two options:
Use Cygwin (Unix emulation library).
Port to Winsock (Windows standard library).
Cygwin: lets you compile your Unix sources mostly untouched, but ties you to the Cygwin emulation library. This have two implications: general performance -no only network- will probably be less than optimal; and the target environment must have (at run time) the Cygwin DLL installed.
Winsock: this requires you to replace sys/socket.h (BSD sockets library, UNIX standard for the TCP/IP stack) with winsock2.h, and rewrite some parts of the code - not much, but some.
Some related questions with valuable info:
Differences between winsock and BSD socket implementations
Some Issues About Cygwin[Linux in Windows] (socket,thread,other programming and shell issues)
Examples for Winsock?
I think you are looking for Winsock library.
Writing cross platform network applications is not easy with what the BSD standard provides you. Sure it will work but you'll have to make some replacements like replacing ioctl (if needed) with ioctlsocket (on windows). More differences here.
My advice is to use a library that hides these ugly differences and provides a unified way of communicating. I personally use ACE. You have plenty of examples that show you how to create a server and a client. Copy from the samples and see how they do it there. Their mailing lists are of great help also (don't forget to use the PRF - see the source tree for the Problem-Report-Form). You can borrow the books for more information. Important note: by using ace you can use ACE wrapper functions like socket, setsockopt, ioctl etc. without worry that they will not work. Unfortunately this adds a library dependency which is not always an option. But ACE has more powerfull features which I'm sure you'll like once you discover them. Hints: Reactor, Proactor.