Standards / Extensions | C or C++ | Dependencies |
---|---|---|
z/OS UNIX |
both | z/OS® V1R5 |
#define _OPEN_SYS
#include <sys/socket.h>
int __poe(__poecb_t *poecbp);
The __poe() function allows the application to specify what port of entry (POE) information the system should use in determining various levels of permission checking. The attributes for the port of entry are used by services that perform user ID security authorization (examples are: setuid(), __login(), __passwd()).
Argument poecbp is the address of a __poecb_t structure which is used to control the port of entry operation. The __poecb_t structure is defined in <sys/socket.h>. For proper behavior the user should ensure that this structure has been initialized to zeros before it is populated. The elements of the __poecb_t structure are as follows:
Port of entry options. There are scope and action options. The combination defines the behavior of the function.
_POE_SCOPE_THREAD
_POE_SCOPE_PROCESS
_POE_SCOPE_SOCKET
Scope options _POE_SCOPE_THREAD, _POE_SCOPE_PROCESS, and _POE_SCOPE_SOCKET are mutually exclusive. One must be specified.
_POE_ACTION_READ
_POE_ACTION_WRITE
_POE_ACTION_SETGET
Action options _POE_ACTION_READ, _POE_ACTION_WRITE, and _POE_ACTION_SETGET are mutually exclusive. These are optional.
Port of entry type. The types are:
Port of entry length. The lengths are:
The following table summarizes the port of entry operation according to scope and action:
Options | POE Data | Description | ||
---|---|---|---|---|
Scope | Action | Source | Destination | |
Socket | Read | Socket or file descriptor | POE data in struct __poecb_s | POE data is extracted from the file/socket descriptor supplied by the caller and returned to the caller via the struct __poecb_s. |
Write | n/a | n/a | Request fails with EINVAL | |
SetGet | n/a | n/a | Request fails with EINVAL | |
None | n/a | n/a | Request fails with EINVAL | |
Process | Read | Process level (OAPB) | POE data in struct __poecb_s | Process level POE data is copied from the OAPB and is returned to the caller via the struct __poecb_s. |
Write | POE data in struct __poecb_s | Process level (OAPB) | POE data received from the caller via the struct __poecb_s is copied to the process level POE data in the OAPB. | |
SetGet | Socket or file descriptor | Process level (OAPB) and POE data in struct __poecb_s | POE data is extracted form the file/socket descriptor supplied by the caller. The data is copied to the process level POE data in the OAPB and returned to the caller via the struct __poecb_s. | |
None | Socket or file descriptor | Process level (OAPB) | POE data is extracted from the file/socket descriptor supplied by the caller and copied to the process level POE data in the OAPB. | |
Thread | Read | Thread level (OTCB) | POE data in struct __poecb_s | Thread level POE data copied from the OTCB is returned to the caller via the struct __poecb_s. |
Write | POE data in struct __poecb_s | Thread level (OTCB) | POE data received from the caller via the struct __poecb_s is copied to the thread level POE data in the OTCB. | |
SetGet | Socket or file descriptor | Thread level (OTCB) and POE data in struct __poecb_s | POE data is extracted form the file/socket descriptor supplied by the caller. The data is copied to the thread level POE data in the OTCB and returned to the caller via the struct __poecb_s. | |
None | Socket or file descriptor | Thread level (OTCB) | POE data is extracted from the file/socket descriptor supplied by the caller and copied to the thread level POE data in the OTCB. |
The ability to register port of entry is a privileged operation. An installation has two ways of allowing an application to use this service:
For more detailed information on the usage of this function see z/OS Planning for Multilevel Security and the Common Criteria and z/OS UNIX System Services Programming: Assembler Callable Services Reference.
If successful, __poe() returns 0.