From: Andreas Schneider <asn@samba.org>
Date: Fri, 19 May 2017 08:51:34 +0000 (+0200)
Subject: Pass full local address to dispatch functions
X-Git-Tag: krb5-1.16-beta1~53
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=73f8d597aad9f5c88c10b891387a8962f83e0080;p=thirdparty%2Fkrb5.git

Pass full local address to dispatch functions

In net-server.c, pass a krb5_fulladdr representation of the local
address to dispatch.  This representation is more convenient for
kadmind, and will make it more convenient for the KDC to pass the
local address to the DAL audit_as_req.

[ghudson@mit.edu: rewrote commit message]
---

diff --git a/src/include/net-server.h b/src/include/net-server.h
index 37721e7f17..e5edcc49d5 100644
--- a/src/include/net-server.h
+++ b/src/include/net-server.h
@@ -86,7 +86,7 @@ void loop_free(verto_ctx *ctx);
  */
 typedef void (*loop_respond_fn)(void *arg, krb5_error_code code,
                                 krb5_data *response);
-void dispatch(void *handle, struct sockaddr *local_addr,
+void dispatch(void *handle, const krb5_fulladdr *local_addr,
               const krb5_fulladdr *remote_addr, krb5_data *request,
               int is_tcp, verto_ctx *vctx, loop_respond_fn respond, void *arg);
 krb5_error_code make_toolong_error (void *handle, krb5_data **);
diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c
index 101be9c9e6..d46261620a 100644
--- a/src/kadmin/server/schpw.c
+++ b/src/kadmin/server/schpw.c
@@ -436,20 +436,15 @@ bailout:
 
 /* Dispatch routine for set/change password */
 void
-dispatch(void *handle, struct sockaddr *local_saddr,
+dispatch(void *handle, const krb5_fulladdr *local_addr,
          const krb5_fulladdr *remote_addr, krb5_data *request, int is_tcp,
          verto_ctx *vctx, loop_respond_fn respond, void *arg)
 {
     krb5_error_code ret;
     krb5_keytab kt = NULL;
     kadm5_server_handle_t server_handle = (kadm5_server_handle_t)handle;
-    krb5_fulladdr local_faddr;
-    krb5_address local_kaddr_buf;
     krb5_data *response = NULL;
 
-    local_faddr.address = &local_kaddr_buf;
-    init_addr(&local_faddr, local_saddr);
-
     ret = krb5_kt_resolve(server_handle->context, "KDB:", &kt);
     if (ret != 0) {
         krb5_klog_syslog(LOG_ERR, _("chpw: Couldn't open admin keytab %s"),
@@ -465,7 +460,7 @@ dispatch(void *handle, struct sockaddr *local_saddr,
                                handle,
                                server_handle->params.realm,
                                kt,
-                               &local_faddr,
+                               local_addr,
                                remote_addr,
                                request,
                                response);
diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c
index b501fb869d..57f0865ac8 100644
--- a/src/kdc/dispatch.c
+++ b/src/kdc/dispatch.c
@@ -119,7 +119,7 @@ reseed_random(krb5_context kdc_err_context)
 }
 
 void
-dispatch(void *cb, struct sockaddr *local_saddr,
+dispatch(void *cb, const krb5_fulladdr *local_addr,
          const krb5_fulladdr *remote_addr, krb5_data *pkt, int is_tcp,
          verto_ctx *vctx, loop_respond_fn respond, void *arg)
 {
diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h
index 2f08ca1416..1c183de85c 100644
--- a/src/kdc/kdc_util.h
+++ b/src/kdc/kdc_util.h
@@ -151,7 +151,7 @@ process_tgs_req (struct server_handle *, krb5_data *,
 /* dispatch.c */
 void
 dispatch (void *,
-          struct sockaddr *,
+          const krb5_fulladdr *,
           const krb5_fulladdr *,
           krb5_data *,
           int,
diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c
index 227b4d51e5..a40da927ef 100644
--- a/src/lib/apputils/net-server.c
+++ b/src/lib/apputils/net-server.c
@@ -953,6 +953,8 @@ struct udp_dispatch_state {
     int port_fd;
     krb5_address remote_addr_buf;
     krb5_fulladdr remote_addr;
+    krb5_address local_addr_buf;
+    krb5_fulladdr local_addr;
     socklen_t saddr_len;
     socklen_t daddr_len;
     struct sockaddr_storage saddr;
@@ -1088,8 +1090,11 @@ process_packet(verto_ctx *ctx, verto_ev *ev)
     state->remote_addr.address = &state->remote_addr_buf;
     init_addr(&state->remote_addr, ss2sa(&state->saddr));
 
+    state->local_addr.address = &state->local_addr_buf;
+    init_addr(&state->local_addr, ss2sa(&state->daddr));
+
     /* This address is in net order. */
-    dispatch(state->handle, ss2sa(&state->daddr), &state->remote_addr,
+    dispatch(state->handle, &state->local_addr, &state->remote_addr,
              &state->request, 0, ctx, process_packet_response, state);
 }
 
@@ -1211,6 +1216,8 @@ accept_tcp_connection(verto_ctx *ctx, verto_ev *ev)
 
 struct tcp_dispatch_state {
     struct sockaddr_storage local_saddr;
+    krb5_address local_addr_buf;
+    krb5_fulladdr local_addr;
     struct connection *conn;
     krb5_data request;
     verto_ctx *ctx;
@@ -1357,10 +1364,10 @@ process_tcp_connection_read(verto_ctx *ctx, verto_ev *ev)
                              error_message(errno));
             goto kill_tcp_connection;
         }
-
-        dispatch(state->conn->handle, ss2sa(&state->local_saddr),
-                 &conn->remote_addr, &state->request, 1, ctx,
-                 process_tcp_response, state);
+        state->local_addr.address = &state->local_addr_buf;
+        init_addr(&state->local_addr, ss2sa(&state->local_saddr));
+        dispatch(state->conn->handle, &state->local_addr, &conn->remote_addr,
+                 &state->request, 1, ctx, process_tcp_response, state);
     }
 
     return;