From 1b907e0d755b3e4a6b3ba6d31accda6551e84875 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 11 Apr 2017 22:30:25 -0400
Subject: [PATCH] Remove {GETSOCKNAME,GETPEERNAME}_ARG2_TYPE

We have had code since at least 1.6 in changepw.c and sendto_kdc.c
which assumes that we can pass a struct sockaddr * as the second
argument to getsockname() and getpeername(), so we can safely get rid
of that configure logic.  Also fix potential alignment issues in
krb5_sendauth() by using a struct sockaddr_storage instead of a
1024-byte character buffer to hold the local and peer addresses.

[ghudson@mit.edu: adjusted style of new code slightly; rewrote commit
message]
---
 src/aclocal.m4              |  2 --
 src/include/win-mac.h       |  2 --
 src/lib/krb5/krb/sendauth.c | 23 +++++++++++------------
 src/lib/krb5/os/genaddrs.c  |  8 ++++----
 4 files changed, 15 insertions(+), 20 deletions(-)

diff --git a/src/aclocal.m4 b/src/aclocal.m4
index 0a2df0e016..2c92c80022 100644
--- a/src/aclocal.m4
+++ b/src/aclocal.m4
@@ -1367,7 +1367,6 @@ dnl =============================================================
 dnl Internal function for testing for getpeername prototype
 dnl
 AC_DEFUN([KRB5_GETPEERNAME_ARGS],[
-AC_DEFINE([GETPEERNAME_ARG2_TYPE],GETSOCKNAME_ARG2_TYPE,[Type of getpeername second argument.])
 AC_DEFINE([GETPEERNAME_ARG3_TYPE],GETSOCKNAME_ARG3_TYPE,[Type of getpeername second argument.])
 ])
 dnl
@@ -1412,7 +1411,6 @@ if test "$sock_set" = no; then
 fi
 res1=`echo "$res1" | tr -d '*' | sed -e 's/ *$//'`
 res2=`echo "$res2" | tr -d '*' | sed -e 's/ *$//'`
-AC_DEFINE_UNQUOTED([GETSOCKNAME_ARG2_TYPE],$res1,[Type of pointer target for argument 2 to getsockname])
 AC_DEFINE_UNQUOTED([GETSOCKNAME_ARG3_TYPE],$res2,[Type of pointer target for argument 3 to getsockname])
 ])
 dnl
diff --git a/src/include/win-mac.h b/src/include/win-mac.h
index 1994388b71..c3744ed14e 100644
--- a/src/include/win-mac.h
+++ b/src/include/win-mac.h
@@ -225,9 +225,7 @@ typedef _W64 int         ssize_t;
 
 HINSTANCE get_lib_instance(void);
 
-#define GETSOCKNAME_ARG2_TYPE   struct sockaddr
 #define GETSOCKNAME_ARG3_TYPE   size_t
-#define GETPEERNAME_ARG2_TYPE   GETSOCKNAME_ARG2_TYPE
 #define GETPEERNAME_ARG3_TYPE   GETSOCKNAME_ARG3_TYPE
 
 #endif /* !RES_ONLY */
diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c
index f7e6777411..149e25dd73 100644
--- a/src/lib/krb5/krb/sendauth.c
+++ b/src/lib/krb5/krb/sendauth.c
@@ -131,22 +131,21 @@ krb5_sendauth(krb5_context context, krb5_auth_context *auth_context,
            This isn't strong cryptographically; the point here is
            not to guarantee randomness, but to make it less likely
            that multiple sessions could pick the same subkey.  */
-        char rnd_data[1024];
+        struct sockaddr_storage rnd_data;
         GETPEERNAME_ARG3_TYPE len2;
-        krb5_data d;
-        d.length = sizeof (rnd_data);
-        d.data = rnd_data;
-        len2 = sizeof (rnd_data);
-        if (getpeername (*(int*)fd, (GETPEERNAME_ARG2_TYPE *) rnd_data,
-                         &len2) == 0) {
+        krb5_data d = make_data(&rnd_data, sizeof(rnd_data));
+
+        len2 = sizeof(rnd_data);
+        if (getpeername(*(int *)fd, ss2sa(&rnd_data), &len2) == 0) {
             d.length = len2;
-            (void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
+            (void)krb5_c_random_add_entropy(
+                context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
         }
-        len2 = sizeof (rnd_data);
-        if (getsockname (*(int*)fd, (GETSOCKNAME_ARG2_TYPE *) rnd_data,
-                         &len2) == 0) {
+        len2 = sizeof(rnd_data);
+        if (getsockname(*(int *)fd, ss2sa(&rnd_data), &len2) == 0) {
             d.length = len2;
-            (void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
+            (void)krb5_c_random_add_entropy(
+                context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
         }
     }
 
diff --git a/src/lib/krb5/os/genaddrs.c b/src/lib/krb5/os/genaddrs.c
index 5ef7af5a33..c818fdb6d7 100644
--- a/src/lib/krb5/os/genaddrs.c
+++ b/src/lib/krb5/os/genaddrs.c
@@ -79,8 +79,8 @@ krb5_auth_con_genaddrs(krb5_context context, krb5_auth_context auth_context, int
     ssize = sizeof(struct sockaddr_storage);
     if ((flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) ||
         (flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR)) {
-        if ((retval = getsockname(fd, (GETSOCKNAME_ARG2_TYPE *) &lsaddr,
-                                  &ssize)))
+        retval = getsockname(fd, ss2sa(&lsaddr), &ssize);
+        if (retval)
             return retval;
 
         if (cvtaddr (&lsaddr, &laddrs)) {
@@ -99,8 +99,8 @@ krb5_auth_con_genaddrs(krb5_context context, krb5_auth_context auth_context, int
     ssize = sizeof(struct sockaddr_storage);
     if ((flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) ||
         (flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR)) {
-        if ((retval = getpeername(fd, (GETPEERNAME_ARG2_TYPE *) &rsaddr,
-                                  &ssize)))
+        retval = getpeername(fd, ss2sa(&rsaddr), &ssize);
+        if (retval)
             return errno;
 
         if (cvtaddr (&rsaddr, &raddrs)) {
-- 
2.47.2