From 7b9ea4f7834eff53ff5606cbea75fe1c39d6c146 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Mon, 8 Jul 2002 19:49:39 +0000 Subject: [PATCH] * localaddr.c (get_localaddrs): Split out main body of krb5_os_localaddr, add an argument to indicate whether addresses listed in the profile should be included. (krb5_os_localaddr): Call it. (krb5int_local_addresses): Call get_localaddrs but skip profile-listed addresses. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14616 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/os/ChangeLog | 7 ++++ src/lib/krb5/os/Makefile.in | 2 +- src/lib/krb5/os/localaddr.c | 18 ++++++++-- src/lib/krb5/os/sn2princ.c | 66 ++++++++++++++++++++++++++++--------- 4 files changed, 75 insertions(+), 18 deletions(-) diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index 5407c97f4..3cbe50c13 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,5 +1,12 @@ 2002-07-08 Ken Raeburn + * localaddr.c (get_localaddrs): Split out main body of + krb5_os_localaddr, add an argument to indicate whether addresses + listed in the profile should be included. + (krb5_os_localaddr): Call it. + (krb5int_local_addresses): Call get_localaddrs but skip + profile-listed addresses. + * sendto_kdc.c (krb5int_sendto_udp): Accept new args for optional location to store local address used to contact server. (krb5_sendto_kdc): Update call to pass 0. diff --git a/src/lib/krb5/os/Makefile.in b/src/lib/krb5/os/Makefile.in index a5ff02bf0..c9f529cee 100644 --- a/src/lib/krb5/os/Makefile.in +++ b/src/lib/krb5/os/Makefile.in @@ -393,7 +393,7 @@ sn2princ.so sn2princ.po $(OUTPRE)sn2princ.$(OBJEXT): sn2princ.c $(SRCTOP)/includ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/port-sockets.h \ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ - $(BUILDTOP)/include/profile.h + $(BUILDTOP)/include/profile.h $(SRCTOP)/include/fake-addrinfo.h timeofday.so timeofday.po $(OUTPRE)timeofday.$(OBJEXT): timeofday.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5/kdb.h \ diff --git a/src/lib/krb5/os/localaddr.c b/src/lib/krb5/os/localaddr.c index 43e4c35e9..f16125555 100644 --- a/src/lib/krb5/os/localaddr.c +++ b/src/lib/krb5/os/localaddr.c @@ -309,13 +309,27 @@ krb5_error_code KRB5_CALLCONV krb5_os_localaddr(context, addr) krb5_context context; krb5_address ***addr; +{ + return get_localaddrs(context, addr, 1); +} + +krb5_error_code +krb5int_local_addresses(krb5_context context, krb5_address ***addr) +{ + return get_localaddrs(context, addr, 0); +} + +static krb5_error_code +get_localaddrs (krb5_context context, krb5_address ***addr, int use_profile) { struct localaddr_data data = { 0 }; int r; krb5_error_code err; - err = krb5_os_localaddr_profile (context, &data); - /* ignore err for now */ + if (use_profile) { + err = krb5_os_localaddr_profile (context, &data); + /* ignore err for now */ + } r = foreach_localaddr (&data, count_addrs, allocate, add_addr); if (r != 0) { diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c index ba32c0a23..0a3141c64 100644 --- a/src/lib/krb5/os/sn2princ.c +++ b/src/lib/krb5/os/sn2princ.c @@ -1,7 +1,7 @@ /* * lib/krb5/os/sn2princ.c * - * Copyright 1991 by the Massachusetts Institute of Technology. + * Copyright 1991,2002 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -30,6 +30,7 @@ #define NEED_SOCKETS #include "k5-int.h" +#include "fake-addrinfo.h" #include #ifdef HAVE_SYS_PARAM_H #include @@ -43,7 +44,6 @@ krb5_sname_to_principal(context, hostname, sname, type, ret_princ) krb5_int32 type; krb5_principal * ret_princ; { - struct hostent *hp; char **hrealms, *realm, *remote_host; krb5_error_code retval; register char *cp; @@ -67,27 +67,63 @@ krb5_sname_to_principal(context, hostname, sname, type, ret_princ) /* copy the hostname into non-volatile storage */ if (type == KRB5_NT_SRV_HST) { - char *addr; - - if (!(hp = gethostbyname(hostname))) + struct addrinfo *ai, hints; + int err; + char hnamebuf[NI_MAXHOST]; + + if (strspn(hostname, "01234567890.") == strlen(hostname)) { + /* All numbers and dots... if it's three dots, it's an + IP address, and we reject it. But "12345" could be + a local hostname, couldn't it? We'll just assume + that a name with three dots is not meant to be an + all-numeric hostname three all-numeric domains down + from the current domain. */ + int ndots = 0; + const char *p; + for (p = hostname; *p; p++) + if (*p == '.') + ndots++; + if (ndots == 3) + return KRB5_ERR_BAD_HOSTNAME; + } + if (strchr(hostname, ':')) + /* IPv6 numeric address form? Bye bye. */ + return KRB5_ERR_BAD_HOSTNAME; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_INET; + try_getaddrinfo_again: + err = getaddrinfo(hostname, 0, &hints, &ai); + if (err) { + if (hints.ai_family == AF_INET) { + /* Just in case it's an IPv6-only name. */ + hints.ai_family = 0; + goto try_getaddrinfo_again; + } return KRB5_ERR_BAD_HOSTNAME; - remote_host = strdup(hp->h_name); - if (!remote_host) + } + remote_host = strdup(ai->ai_canonname ? ai->ai_canonname : hostname); + if (!remote_host) { + freeaddrinfo(ai); return ENOMEM; + } /* * Do a reverse resolution to get the full name, just in * case there's some funny business going on. If there * isn't an in-addr record, give up. */ - addr = malloc(hp->h_length); - if (!addr) - return ENOMEM; - memcpy(addr, hp->h_addr, hp->h_length); - hp = gethostbyaddr(addr, hp->h_length, hp->h_addrtype); - free(addr); - if (hp) { + /* XXX: This is *so* bogus. There are several cases where + this won't get us the canonical name of the host, but + this is what we've trained people to expect. We'll + probably fix it at some point, but let's try to + preserve the current behavior and only shake things up + once when it comes time to fix this lossage. */ + err = getnameinfo(ai->ai_addr, ai->ai_addrlen, + hnamebuf, sizeof(hnamebuf), 0, 0, NI_NAMEREQD); + freeaddrinfo(ai); + if (err == 0) { free(remote_host); - remote_host = strdup(hp->h_name); + remote_host = strdup(hnamebuf); if (!remote_host) return ENOMEM; } -- 2.26.2