Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   31559 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

authuser(3)					      authuser(3)

NAME
       authuser	 -  library  to	 get  information  from	 a remote
       Authentication Server

SYNTAX
       #include <authuser.h>

       unsigned short auth_tcpport;

       char *auth_xline(user,fd,&in);

       int auth_fd(fd,&in,&local,&remote);

       char *auth_tcpuser(in,local,remote);

       char *user;
       int fd;
       unsigned long in;
       unsigned short local;
       unsigned short remote;

DESCRIPTION
       The authuser library provides a simple interface for find
       ing  out	 the  remote identity of a connection through the
       Authentication Server as specified by RFC  931.	 Use  the
       -lauthuser  loader  option  to compile a program with this
       library.

       auth_xline(user,fd,&in) returns a line of the form X-Auth-
       User:  user or X-Forgery-By: username, depending upon what
       the host on the other side of fd thinks of the user.  This
       is particularly appropriate for mail and news headers.

       If  the	remote host reports that user owns the connection
       on that side, auth_xline will  return  X-Auth-User:  user.
       If  the remote host reports that a different username owns
       the connection, auth_xline will return X-Forgery-By: user
       name.   If  user is NULL, it returns X-Auth-User: username
       with the username reported by the remote host.  If  fd  is
       not  a  TCP  connection	or  authentication is impossible,
       auth_xline returns NULL, setting errno appropriately.

       The line is not cr-lf  terminated.   It	is  stored  in	a
       static	area   which  is  overwritten  on  each	 call  to
       auth_xline.  auth_xline places the Internet address of the
       other host into in.

       auth_fd(fd,&in,&local,&remote)  retrieves address informa
       tion from the connection in  socket  fd.	  It  places  the
       Internet address of the host on other side into in and the
       local and remote TCP ports into local and remote.  auth_fd
       returns -1 upon error, setting errno appropriately.

       auth_tcpuser(in,local,remote) returns the name of the user

								1

authuser(3)					      authuser(3)

       on the other end of the TCP connection  between	remote@in
       and  local.  If authentication is impossible, auth_tcpuser
       returns NULL, setting errno appropriately.  The user  name
       is  stored  in  a static area which is overwritten on each
       call to auth_tcpuser and auth_xline.

       The authentication routines check with the remote  Authen
       tication	 Server	 on  port auth_tcpport, which defaults to
       113 as specified by RFC 931.  You can set auth_tcpport  to
       other values for nonstandard implementations.

RESTRICTIONS
       authuser	 does no backslash interpretation upon the remote
       user name.  Hopefully the next revision of  RFC	931  will
       make clear exactly what backslash interpretation should be
       going on.

       authuser does not use the operating system  type	 informa
       tion provided by the Authentication Server.

VERSION
       authuser version 3.1, May 6, 1991.

AUTHOR
       Placed into the public domain by Daniel J. Bernstein.

REFERENCES
       The authentication server is more secure than passwords in
       some ways, but less secure than passwords  in  many  ways.
       (It's certainly better than no password at all---e.g., for
       mail or news.)  It is not  the  final  solution.	  For  an
       excellent  discussion  of  security  problems  within  the
       TCP/IP  protocol	 suite,	 see  Steve  Bellovin's	  article
       ``Security Problems in the TCP/IP Protocol Suite.''

SEE ALSO
       authtcp(1), attachport(1), getpeername(3), getsockname(3),
       tcp(4), authd(8)

								2

Vote for polarhome