krb5 commit: Pass full local address to dispatch functions
Greg Hudson
ghudson at mit.edu
Mon Jun 5 12:32:18 EDT 2017
https://github.com/krb5/krb5/commit/73f8d597aad9f5c88c10b891387a8962f83e0080
commit 73f8d597aad9f5c88c10b891387a8962f83e0080
Author: Andreas Schneider <asn at samba.org>
Date: Fri May 19 10:51:34 2017 +0200
Pass full local address to dispatch functions
In net-server.c, pass a krb5_fulladdr representation of the local
address to dispatch. This representation is more convenient for
kadmind, and will make it more convenient for the KDC to pass the
local address to the DAL audit_as_req.
[ghudson at mit.edu: rewrote commit message]
src/include/net-server.h | 2 +-
src/kadmin/server/schpw.c | 9 ++-------
src/kdc/dispatch.c | 2 +-
src/kdc/kdc_util.h | 2 +-
src/lib/apputils/net-server.c | 17 ++++++++++++-----
5 files changed, 17 insertions(+), 15 deletions(-)
diff --git a/src/include/net-server.h b/src/include/net-server.h
index 37721e7..e5edcc4 100644
--- a/src/include/net-server.h
+++ b/src/include/net-server.h
@@ -86,7 +86,7 @@ void loop_free(verto_ctx *ctx);
*/
typedef void (*loop_respond_fn)(void *arg, krb5_error_code code,
krb5_data *response);
-void dispatch(void *handle, struct sockaddr *local_addr,
+void dispatch(void *handle, const krb5_fulladdr *local_addr,
const krb5_fulladdr *remote_addr, krb5_data *request,
int is_tcp, verto_ctx *vctx, loop_respond_fn respond, void *arg);
krb5_error_code make_toolong_error (void *handle, krb5_data **);
diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c
index 101be9c..d462616 100644
--- a/src/kadmin/server/schpw.c
+++ b/src/kadmin/server/schpw.c
@@ -436,20 +436,15 @@ bailout:
/* Dispatch routine for set/change password */
void
-dispatch(void *handle, struct sockaddr *local_saddr,
+dispatch(void *handle, const krb5_fulladdr *local_addr,
const krb5_fulladdr *remote_addr, krb5_data *request, int is_tcp,
verto_ctx *vctx, loop_respond_fn respond, void *arg)
{
krb5_error_code ret;
krb5_keytab kt = NULL;
kadm5_server_handle_t server_handle = (kadm5_server_handle_t)handle;
- krb5_fulladdr local_faddr;
- krb5_address local_kaddr_buf;
krb5_data *response = NULL;
- local_faddr.address = &local_kaddr_buf;
- init_addr(&local_faddr, local_saddr);
-
ret = krb5_kt_resolve(server_handle->context, "KDB:", &kt);
if (ret != 0) {
krb5_klog_syslog(LOG_ERR, _("chpw: Couldn't open admin keytab %s"),
@@ -465,7 +460,7 @@ dispatch(void *handle, struct sockaddr *local_saddr,
handle,
server_handle->params.realm,
kt,
- &local_faddr,
+ local_addr,
remote_addr,
request,
response);
diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c
index b501fb8..57f0865 100644
--- a/src/kdc/dispatch.c
+++ b/src/kdc/dispatch.c
@@ -119,7 +119,7 @@ reseed_random(krb5_context kdc_err_context)
}
void
-dispatch(void *cb, struct sockaddr *local_saddr,
+dispatch(void *cb, const krb5_fulladdr *local_addr,
const krb5_fulladdr *remote_addr, krb5_data *pkt, int is_tcp,
verto_ctx *vctx, loop_respond_fn respond, void *arg)
{
diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h
index 2f08ca1..1c183de 100644
--- a/src/kdc/kdc_util.h
+++ b/src/kdc/kdc_util.h
@@ -151,7 +151,7 @@ process_tgs_req (struct server_handle *, krb5_data *,
/* dispatch.c */
void
dispatch (void *,
- struct sockaddr *,
+ const krb5_fulladdr *,
const krb5_fulladdr *,
krb5_data *,
int,
diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c
index 227b4d5..a40da92 100644
--- a/src/lib/apputils/net-server.c
+++ b/src/lib/apputils/net-server.c
@@ -953,6 +953,8 @@ struct udp_dispatch_state {
int port_fd;
krb5_address remote_addr_buf;
krb5_fulladdr remote_addr;
+ krb5_address local_addr_buf;
+ krb5_fulladdr local_addr;
socklen_t saddr_len;
socklen_t daddr_len;
struct sockaddr_storage saddr;
@@ -1088,8 +1090,11 @@ process_packet(verto_ctx *ctx, verto_ev *ev)
state->remote_addr.address = &state->remote_addr_buf;
init_addr(&state->remote_addr, ss2sa(&state->saddr));
+ state->local_addr.address = &state->local_addr_buf;
+ init_addr(&state->local_addr, ss2sa(&state->daddr));
+
/* This address is in net order. */
- dispatch(state->handle, ss2sa(&state->daddr), &state->remote_addr,
+ dispatch(state->handle, &state->local_addr, &state->remote_addr,
&state->request, 0, ctx, process_packet_response, state);
}
@@ -1211,6 +1216,8 @@ accept_tcp_connection(verto_ctx *ctx, verto_ev *ev)
struct tcp_dispatch_state {
struct sockaddr_storage local_saddr;
+ krb5_address local_addr_buf;
+ krb5_fulladdr local_addr;
struct connection *conn;
krb5_data request;
verto_ctx *ctx;
@@ -1357,10 +1364,10 @@ process_tcp_connection_read(verto_ctx *ctx, verto_ev *ev)
error_message(errno));
goto kill_tcp_connection;
}
-
- dispatch(state->conn->handle, ss2sa(&state->local_saddr),
- &conn->remote_addr, &state->request, 1, ctx,
- process_tcp_response, state);
+ state->local_addr.address = &state->local_addr_buf;
+ init_addr(&state->local_addr, ss2sa(&state->local_saddr));
+ dispatch(state->conn->handle, &state->local_addr, &conn->remote_addr,
+ &state->request, 1, ctx, process_tcp_response, state);
}
return;
More information about the cvs-krb5
mailing list