[krbdev.mit.edu #9155] git commit

Greg Hudson via RT rt at krbdev.mit.edu
Wed Dec 11 17:02:58 EST 2024 

<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9155 >


Add underpinnings of UNIX domain socket support

Add sa2sun() and ss2sun() helpers to socket-utils.h.  Add UNIX domain
socket support to sa_socklen() and print_addr().  Expand buffers for
printing addresses to 128 bytes to accomodate the maximum UNIX domain
socket path length.

Add loop_add_unix_socket() to net-server.c, primarily using the
existing TCP support (renamed to "stream").

As there is no standard Kerberos address type for UNIX domain sockets,
add basic directional address support.  Add a definition for
ADDRTYPE_DIRECTIONAL in krb5.h.  Add private constant krb5_address
objects to libkrb5 for initiator and acceptor directional addresses.
Use directional addresses for the KRB-SAFE/KRB-PRIV source address in
the kprop and password change protocols when the transport is not IPv4
or IPv6.

krb5_address objects are used for auditing purposes in the KDC audit
and KDB pluggable interfaces.  Add a local-use address type
ADDRTYPE_UNIXSOCK for use in these cases.  Add a flag to
k5_sockaddr_to_address() to indicate whether this address type can be
used.  Add UNIX domains socket conversion support to the test audit
plugin module.

[ghudson at mit.edu: combined several commits; used directional addresses
for KRB-SAFE/KRB-PRIV; reduced duplication in net-server.c support;
wrote commit message.  Also based on work by Alexander Bokovoy.]

https://github.com/krb5/krb5/commit/a575589ef525fb139cafa0de1a05382845f0afbd
Author: Andreas Schneider <asn at samba.org>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: a575589ef525fb139cafa0de1a05382845f0afbd
Branch: master
 doc/appdev/refs/macros/index.rst |   2 +
 src/include/k5-int.h             |  12 ++-
 src/include/krb5/krb5.hin        |   9 +++
 src/include/net-server.h         |   1 +
 src/include/port-sockets.h       |   1 +
 src/include/socket-utils.h       |  14 ++++
 src/kadmin/server/schpw.c        |   6 +-
 src/kdc/dispatch.c               |   2 +-
 src/kdc/kdc_audit.c              |   2 +-
 src/kdc/kdc_log.c                |   8 +-
 src/kdc/kdc_util.c               |   2 +-
 src/kprop/kprop.c                |   4 +-
 src/kprop/kpropd.c               |   4 +-
 src/lib/apputils/net-server.c    | 169 +++++++++++++++++++++++++++++----------
 src/lib/krb5/libkrb5.exports     |   2 +
 src/lib/krb5/os/addr.c           |  21 ++++-
 src/lib/krb5/os/changepw.c       |   6 ++
 src/plugins/audit/j_dict.h       |   1 +
 src/plugins/audit/kdc_j_encode.c |  11 +++
 19 files changed, 216 insertions(+), 61 deletions(-)

More information about the krb5-bugs mailing list