put address comparison in separate function

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15085 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-04 12:25:04 +00:00
parent 7f6414c62f
commit 82fa25b5c4
1 changed files with 33 additions and 30 deletions
--- a/lib/krb5/rd_cred.c
+++ b/lib/krb5/rd_cred.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska H<>gskolan
 * (Royal Institute of Technology, Stockholm, Sweden). 
 * All rights reserved. 
 *
@@ -35,6 +35,24 @@

 RCSID("$Id$");

+static krb5_error_code
+compare_addrs(krb5_context context,
+	      krb5_address *a,
+	      krb5_address *b,
+	      const char *message)
+{
+    char a_str[64], b_str[64];
+    size_t len;
+
+    if(krb5_address_compare (context, a, b))
+	return 0;
+
+    krb5_print_address (a, a_str, sizeof(a_str), &len);
+    krb5_print_address (b, b_str, sizeof(b_str), &len);
+    krb5_set_error_string(context, "%s: %s != %s", message, b_str, a_str);
+    return KRB5KRB_AP_ERR_BADADDR;
+}
+
 krb5_error_code KRB5_LIB_FUNCTION
 krb5_rd_cred(krb5_context context,
 	     krb5_auth_context auth_context,
@@ -115,7 +133,6 @@ krb5_rd_cred(krb5_context context,
 	&& auth_context->remote_address
 	&& auth_context->remote_port) {
 	krb5_address *a;
-	int cmp;

 	ret = krb5_make_addrport (context, &a,
 				  auth_context->remote_address,
@@ -124,18 +141,12 @@ krb5_rd_cred(krb5_context context,
 	    goto out;


-	cmp = krb5_address_compare (context,
-				    a,
-				    enc_krb_cred_part.s_address);
-
-	krb5_free_address (context, a);
-	free (a);
-
-	if (cmp == 0) {
-	    krb5_clear_error_string (context);
-	    ret = KRB5KRB_AP_ERR_BADADDR;
+	ret = compare_addrs(context, a, enc_krb_cred_part.s_address, 
+			    "sender address is wrong in received creds");
+	krb5_free_address(context, a);
+	free(a);
+	if(ret)
 	    goto out;
-	}
    }

    /* check receiver address */
@@ -145,32 +156,24 @@ krb5_rd_cred(krb5_context context,
 	if(auth_context->local_port &&
 	   enc_krb_cred_part.r_address->addr_type == KRB5_ADDRESS_ADDRPORT) {
 	    krb5_address *a;
-	    int cmp;
 	    ret = krb5_make_addrport (context, &a,
 				      auth_context->local_address,
 				      auth_context->local_port);
 	    if (ret)
 		goto out;
 	    
-	    cmp = krb5_address_compare (context,
-					a,
-					enc_krb_cred_part.r_address);
-	    krb5_free_address (context, a);
-	    free (a);
-	    
-	    if (cmp == 0) {
-		krb5_clear_error_string (context);
-		ret = KRB5KRB_AP_ERR_BADADDR;
+	    ret = compare_addrs(context, a, enc_krb_cred_part.r_address, 
+				"receiver address is wrong in received creds");
+	    krb5_free_address(context, a);
+	    free(a);
+	    if(ret)
 		goto out;
-	    }
 	} else {
-	    if(!krb5_address_compare (context,
-				      auth_context->local_address,
-				      enc_krb_cred_part.r_address)) {
-		krb5_clear_error_string (context);
-		ret = KRB5KRB_AP_ERR_BADADDR;
+	    ret = compare_addrs(context, auth_context->local_address,
+				enc_krb_cred_part.r_address,
+				"receiver address is wrong in received creds");
+	    if(ret)
 		goto out;
-	    }		
 	}
    }