Manual Page Search Parameters
CAP_NETDB(3) Library Functions Manual CAP_NETDB(3)

cap_getprotobyname, — library for getting network proto entry in capability mode

library “libcap_netdb”

#include <sys/nv.h>
#include <libcasper.h>
#include <casper/cap_netdb.h>

struct protoent *
cap_getprotobyname(const cap_channel_t *chan, const char *name);

The function () is equivalent to getprotobyname(3) except that the connection to the system.netdb service needs to be provided. It is reentrant but not thread-safe. That is, it may be called from separate threads only with different cap_channel_t arguments or with synchronization.

The following example first opens a capability to casper and then uses this capability to create the system.netdb casper service and uses it to look up a protocol by name.

cap_channel_t *capcas, *capnetdb;
struct protoent *ent;

/* Open capability to Casper. */
capcas = cap_init();
if (capcas == NULL)
	err(1, "Unable to contact Casper");

/* Enter capability mode sandbox. */
if (caph_enter() < 0)
	err(1, "Unable to enter capability mode");

/* Use Casper capability to create capability to the system.netdb service. */
capnetdb = cap_service_open(capcas, "system.netdb");
if (capnetdb == NULL)
	err(1, "Unable to open system.netdb service");

/* Close Casper capability, we don't need it anymore. */
cap_close(capcas);

ent = cap_getprotobyname(capnetdb, "http");
if (ent == NULL)
       errx(1, "cap_getprotobyname failed to find http proto");

cap_enter(2), caph_enter(3), err(3), getprotobyname(3), capsicum(4), nv(9)

The cap_netdb service was implemented by Ryan Moeller <freqlabs@FreeBSD.org>.

December 6, 2023 dev