LDAP C SDK - c

I need to write a simple LDAP client in C. The only binary distributions I found are old and also lack SSL tools needed to implement an SLDAP connection. A complete and up to date distribution that I found is that of Mozilla however it is in source code format and I have not been able to compile it into binary form for windows.
I used the instructions described here: https://wiki.mozilla.org/LDAP_C_SDK. I got up to the step where apparently I now need to use nsinstall but I don't know how this is done. Does anyone know how nsinstall is to be used.? Alternatively, does anyone know of an existing binary distribution of the LDAP C sdk for windows? I also need the ssl libraries and associated tool for configuring the keystore.
thanks,
Mike

I used The Google a bit and ended up with this site that has Windows distributions of OpenLDAP: http://www.symas.net/portal/
OpenLDAP is heavily used on *NIX platforms, less commonly on Win32, but these folks seem to have done the heavy lifting for you. Good luck!
Oh, and for docs and API reference, hit http://www.openldap.org

Related

Small portable digital signing and verification library

I'm looking for a library that allows me to authenticate data sent to embedded modules. Due to the hardware constraints, it needs to be of small footprint (both code and memory wise) and yet have security comparable to RSA-1024.
The requirements are as follows
Verification on embedded modules (custom CPUs, with only a C89 compiler available)
Signing and verification in Windows (C/C++ code)
Signing in Java (some data needs to be generated via a webpage, so Java would be a big perk)
I would very much like to not have to implement a PKCS #1 v1.5/PSS-like system myself, but I haven't been able to find any good libraries that match the above requirements. Open source would be nice, but commercial solutions are of equal interest. Note that I need access to the C-code, since it has to be recompiled for the custom CPUs.
NaCl looks promising, but it seems to be in development still.
I've had a look at OpenSSL, but it does a lot more than digital signatures and stripping out just the signature verification code was non-trivial.
Am I looking at it the wrong way?
I tried implementing SHA+RSA first, but I wasn't sure if the padding step was correct (which means that it probably wasn't secure), so I decided to post here instead for help.
EDIT: Clarification, only the verification part have the tough constraints on it. Signature and key generation will run on normal PCs.
Take a look at mbed TLS (formerly known as PolarSSL):
mbed TLS (formerly known as PolarSSL) makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, facilitating this functionality with a minimal coding footprint.
How can implement such a kind of solution is related to CPU and memory architecture that we have available, therefore would have to tell me more about your system. The first way would be to develop this on the cloud. Another alternative would be SCL. Also, you can found some answers on Small RSA or DSA lib without dependencies

libudev advice needed

I am embarking on a programming project that will need to confirm device identity of removable media (e.g. usb thumb drives) before it will go on to do a bunch of other cool stuff.
Some friends of mine pointed me towards using the Serial Number, and preliminary testing using the udevadm command indicates that this should work. I did some additional checking and it appears that if I can get the software working with libudev then it should (minimally) compile on ubuntu, slackware and gentoo, which would be a really nice benefit.
So I used bing to find a tutorial and got the Signal 11 site (http://www.signal11.us/oss/udev/) it's a very well-written tutorial. It actually seems to have everything I need. I download the code. Fix a couple of platform-specific bugs and then compile. BOOM! Gcc compiles without errors. So far so good.
But when I try to run it, it kicks up a couple of bugs, and I realize that I need to read some more tutorials so that I can understand libudev well enough to fix the bugs, and to turn out working software. Problem is that there really ISN'T any other tutorials (that I can find) and the kernel.org site that is the (only known?) site of the library documentation is down after a recent server compromise.
I considered just issuing udevadm directives to system() and then parsing results, but that's a really hackish way to put software together, and I am planning on releasing this to the community when I'm finished writing.
So how best for me to learn libudev??
libudev is quite simple library. After reading library you've mentioned and using API documentation (site should be soon up) I was able to get what I wanted. udevadm is great help, after issuing # udevadm info --query=all --name=/path/to/dev you'll get all information that udev has about this device and what's more important, these are parameters used in property functions (e.g. udev_device_get_property_value(device, "ID_VENDOR")). So best way to learn libudev is to start using it with help of signal11 tutorial, API documentation and udevadm informations.
EDIT: libudev is currently part of systemd - documentation is available as manual pages - https://www.freedesktop.org/software/systemd/man/libudev.html#
For those looking in 2023...
As Maciej pointed out, libudev is now a part of systemd.
According to:
https://www.freedesktop.org/software/systemd/man/libudev.html#
...this library is supported, but should not be used in new projects.
Please see sd-device(3) for an equivalent replacement with a more
modern API.
Documentation for sd-device:
https://www.freedesktop.org/software/systemd/man/sd-device.html#

Porting C library to Java for Blackberry application

I need to port a C library to Java so it can run on the Blackberry platform (mobile, native application). The options I am considering are:
bytecode conversion (cibyl, etc)
Complete port
Wrap C code around Java using JNA (would this even work for Blackberry?)
Please let me know which option is best. thanks
Aha. Some quick googling says "No, JNI does not work for blackberry" source:
http://supportforums.blackberry.com/t5/Java-Development/Can-we-use-JNI-Java-Native-Interface-approach-in-Blackberry/m-p/365362
http://supportforums.blackberry.com/t5/Java-Development/JNI/m-p/41140.
So you're stuck with bytecode conversion and complete port. Since I have no idea what bytecode conversion is, I'd go with a complete port, so long as you are familiar with both languages. If you can define bytecode conversion for me, I might be able to give you a better answer.
We also have an in-house developed C library for core functionality of our iOS and Android apps.
I asked about using cibyl to run this on BlackBerry in the form of a .jar and the good news is that it's possible: https://twitter.com/#!/simonkagstrom/status/114581622833152000 [backup of the tweet: "Sure, that's how #waze on the blackberry works."]
You can also try MoSync: http://twitter.com/#!/MoSync/status/115088826430533632 [backup of this one: "Yup, you can use MoSync for BB. There's "experimental" Blackberry support in MoSync 2.6, already used in live apps!"]
And David A Roberts, developer of LLJVM sent me this: "I'm not familiar with BlackBerry development, but I see no obvious reason why LLJVM wouldn't work, so long as the library doesn't rely too much on things like the C POSIX library (e.g. dirent.h, etc) - I
never got around to implementing this fully. Otherwise LLJVM would need to be updated suitably..."
Side note: BlackBerry's new Tablet OS and planned BBX phones actually have a native SDK but this QNX based stuff is quite unpopular. We just need to wait if BBX is going to become a success since Java based solutions are just too much risks.

sip parses and libraries?

gcc 4.4.4 c89
Does any one know any sdp parses. That I can link to my application. Currently we are developing a SIP project. However, we need to parse the SDP for incoming/answering.
However, we don't have much time to implement. So just wondering if there are some simple ones out there they are easy and quick to work with.
Our application is written in c.
Many thanks for any advice,
Check out FreeSDP. But it is distributed under GPL
My company, RADVISION, offers a full commercial SIP stack written in C that includes an SDP parser. It might not be exactly what you're looking for, but it might reduce your development effort even further: http://www.radvision.com/Products/Developer/VoIP-Developer-Tools/SIP-Developer-Suite/
I haven't looked into open source stacks, but I would suspect that most SIP stacks would include an SDP parser. They are pretty closely tied together.

What programs use GSS-API? Any decent sample programs?

I thought I wanted to use GSS-API, but now am not so sure, since I'm having a hard time finding good sample code for a trivial client/server pair. Sun has documentation including sample code, but it's written specifically for their GSS API implementation, using a few proprietary functions not in e.g. the GNU GSS-API (and for which it's not immediately clear to me how to re-implement them against the GNU implementation). Plus, it's written in pre-ANSI C, with K&R function declarations and so on (I had no problem converting the declarations, but it did make me think the Sun example code may be so old as to be irrelevant).
Have you used the GSS-API in an application in, say, the last decade? Do you know of some self-contained tutorial with example programs that's worth reading?
Alternatively, maybe I'm on the wrong track and should try SASL instead. The GNU GSS-API author himself suggests as much.
For what it's worth, I'm using GCC on Linux, and have Kerberos set up already for other purposes.
Yes, you should absolutely be using SASL instead of GSSAPI. It is a much better supported protocol, and the libraries are pretty good. At the very least, you can think of it as a sanity-improving wrapper over GSSAPI, since that is one of the typical plugins implemented for SASL. The only reason you should consider using GSSAPI directly is to implement a SASL library. But don't do that. :)
SASL also has wide use. It is specified as part of IMAP and XMPP.
Are you implementing some custom protocol over TCP?
Sun uses the GSSAPI in their Java code. You can find a bit more information about it here:
Equivalent of 'gss_import_name' and 'gss_init_sec_context' methods in java?
Also you may want to look at the code implementation done by the folks at OpenJDK:
http://www.docjar.org/docs/api/sun/security/jgss/GSSContextImpl.html
They have published a full working example of GSSAPI written in Java.
Grant

Resources