gssftp channel bindingg with ipv6
Markus Moeller
huaraz at moeller.plus.com
Mon Aug 27 11:25:37 EDT 2012
What is the right way to do channel binding for ipv6 ?
I see heimdal uses GSS_C_AF_INET6 whereas Solaris/MIT seem to use only
GSS_C_AF_INET.
Heimdal:
sockaddr_to_gss_address (struct sockaddr *sa,
OM_uint32 *addr_type,
gss_buffer_desc *gss_addr)
{
switch (sa->sa_family) {
#ifdef HAVE_IPV6
case AF_INET6 : {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa;
gss_addr->length = 16;
gss_addr->value = &sin6->sin6_addr;
*addr_type = GSS_C_AF_INET6;
break;
}
#endif
case AF_INET : {
struct sockaddr_in *sin4 = (struct sockaddr_in *)sa;
gss_addr->length = 4;
gss_addr->value = &sin4->sin_addr;
*addr_type = GSS_C_AF_INET;
break;
}
default :
errx (1, "unknown address family %d", sa->sa_family);
}
}
Solaris:
get_inet_addr_info(&myctladdr, &temp_buf);
chan.initiator_addrtype = GSS_C_AF_INET; /* OM_uint32 */
chan.initiator_address.length = temp_buf.length;
chan.initiator_address.value = malloc(temp_buf.length);
memcpy(chan.initiator_address.value, temp_buf.value,
temp_buf.length);
get_inet_addr_info(&remctladdr, &temp_buf);
chan.acceptor_addrtype = GSS_C_AF_INET; /* OM_uint32 */
chan.acceptor_address.length = temp_buf.length;
chan.acceptor_address.value = malloc(temp_buf.length);
memcpy(chan.acceptor_address.value, temp_buf.value,
temp_buf.length);
MIT:
struct gss_channel_bindings_struct chan;
chan.initiator_addrtype = GSS_C_AF_INET; /* OM_uint32 */
chan.initiator_address.length = 4;
chan.initiator_address.value = &myctladdr.sin_addr.s_addr;
chan.acceptor_addrtype = GSS_C_AF_INET; /* OM_uint32 */
chan.acceptor_address.length = 4;
chan.acceptor_address.value = &hisctladdr.sin_addr.s_addr;
chan.application_data.length = 0;
chan.application_data.value = 0;
More information about the Kerberos
mailing list