The following code fragments show in skeletal form how an application's remote serviceability routines should be implemented. The pseudo-code references to "access tests" are calls to the application's ACL manager to assess the caller's authorization. For information on implementing an ACL manager, see the security topics of the OSF DCE Application Development Guide - Introduction and Style Guide and the OSF DCE Administration Guide - Core Components.
#include <dce/dce.h>
#include <dce/dce_msg.h>
#include <dce/dcesvcmsg.h>
#include <dce/svcremote.h>
struct serviceability_v1_0_epv_t dce_svc_epv;
/*****
*
* hel_svc_set_route -- remote call-in to set routing.
*
*****/
static void
hel_svc_set_route(
handle_t h,
idl_byte where[],
error_status_t *st
)
if (!your_test_write_access(h))
*st = no_authorization_error;
else
dce_svc_routing(where, st);
}
/*****
*
* hel_svc_set_dbg_route -- remote call-in to set debug routing.
*
*****/
static void
hel_svc_set_dbg_route(
handle_t h,
idl_byte where[],
error_status_t *st
)
{
if (!your_test_write_access(h))
*st = no_authorization_error;
else
dce_svc_debug_routing(where, st);
}
<. . .>
/*****
*
* hel_svc_inq_stats -- remote request for operating statistics.
*
*****/
static void
hel_svc_inq_stats(
handle_t h,
dce_svc_stats_t *stats,
error_status_t *st
)
if (!your_test_access(h))
*st = no_authorization_error;
else
/* operation is currently not implemented in library ... */
*st = svc_s_no_stats;
}
/* */
/* The table of slots is created by IDL from the service.idl */
/* file, src/dce/utils/svc/service.idl, the output of which */
/* is service.h. It's then the job of the application that */
/* wishes to offer the remote operations to fill in the table */
/* with the implementations' entry points. That's what's being */
/* done below. Typically the application simply interposes an */
/* appropriate ACL check between the entry into an implementation */
/* and the subsequent call to the "real" operation as implemented */
/* in the serviceability library. */
/* */
serviceability_v1_0_epv_t dce_svc_epv = {
hel_svc_set_route,
hel_svc_set_dbg_route,
hel_svc_set_dbg_levels,
hel_svc_inq_components,
hel_svc_inq_table,
hel_svc_inq_routings,
hel_svc_filter_ctl,
hel_svc_inq_stats
};