don't directly use sockaddr_storage, since we can't always know what

it looks like


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12055 ec53bebd-3082-4978-b11e-865c3cabbd6b

appl/kx/common.c

@@ -405,11 +405,9 @@ create_and_write_cookie (char *xauthfile,
      int fd;
      FILE *f;
      char hostname[MaxHostNameLen];
-     struct in_addr loopback;
      int saved_errno;
 
      gethostname (hostname, sizeof(hostname));
-     loopback.s_addr = htonl(INADDR_LOOPBACK);
      
      auth.family = FamilyLocal;
      auth.address = hostname;
@@ -455,11 +453,6 @@ create_and_write_cookie (char *xauthfile,
      auth.family  = FamilyWild;
      auth.address_length = 0;
 
-#if 0 /* XXX */
-     auth.address = (char *)&loopback;
-     auth.address_length = sizeof(loopback);
-#endif
-
      if (XauWriteAuth(f, &auth) == 0) {
 	 saved_errno = errno;
 	 fclose (f);
@@ -754,12 +747,12 @@ replace_cookie(int xserver, int fd, char *filename, int cookiesp) /* XXX */
  */
 
 int
-suspicious_address (int sock, struct sockaddr_storage *addr)
+suspicious_address (int sock, struct sockaddr *addr)
 {
     char data[40];
     socklen_t len = sizeof(data);
 
-    switch (addr->ss_family) {
+    switch (addr->sa_family) {
     case AF_INET:
 	return ((struct sockaddr_in *)addr)->sin_addr.s_addr != 
 	    htonl(INADDR_LOOPBACK)

appl/kx/context.c

@@ -43,6 +43,8 @@ void
 context_set (kx_context *kc, const char *host, const char *user, int port,
 	     int debug_flag, int keepalive_flag, int tcp_flag)
 {
+    kc->thisaddr        = (struct sockaddr*)&kc->__ss_this;
+    kc->thataddr        = (struct sockaddr*)&kc->__ss_that;
     kc->host		= host;
     kc->user		= user;
     kc->port		= port;

appl/kx/krb4.c

@@ -71,7 +71,7 @@ krb4_authenticate (kx_context *kc, int s)
     krb4_kx_context *c = (krb4_kx_context *)kc->data;
     const char *host = kc->host;
 
-    if (kc->thisaddr.ss_family != AF_INET) {
+    if (kc->thisaddr->sa_family != AF_INET) {
 	warnx ("%s: used Kerberos v4 authentiocation on on non-IP4 address", 
 	       host);
 	return -1;
@@ -84,15 +84,15 @@ krb4_authenticate (kx_context *kc, int s)
 	if (krb_get_our_ip_for_realm(krb_realmofhost(kc->host),
 				     &natAddr) == KSUCCESS
 	    || krb_get_our_ip_for_realm (NULL, &natAddr) == KSUCCESS)
-	    ((struct sockaddr_in *)&kc->thisaddr)->sin_addr = natAddr;
+	    ((struct sockaddr_in *)kc->thisaddr)->sin_addr = natAddr;
     }
 #endif
 
     status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd",
 			   (char *)host, krb_realmofhost (host),
 			   getpid(), &msg, &cred, c->schedule,
-			   (struct sockaddr_in *)&kc->thisaddr,
-			   (struct sockaddr_in *)&kc->thataddr, KX_VERSION);
+			   (struct sockaddr_in *)kc->thisaddr,
+			   (struct sockaddr_in *)kc->thataddr, KX_VERSION);
     if (status != KSUCCESS) {
 	warnx ("%s: %s", host, krb_get_err_text(status));
 	return -1;
@@ -128,8 +128,8 @@ krb4_read (kx_context *kc,
     if (krb_net_read (fd, buf, l) != l)
 	return -1;
     status = krb_rd_priv (buf, l, c->schedule, &c->key,
-			  (struct sockaddr_in *)&kc->thataddr,
-			  (struct sockaddr_in *)&kc->thisaddr, &msg);
+			  (struct sockaddr_in *)kc->thataddr,
+			  (struct sockaddr_in *)kc->thisaddr, &msg);
     if (status != RD_AP_OK) {
 	warnx ("krb4_read: %s", krb_get_err_text(status));
 	return -1;
@@ -156,8 +156,8 @@ krb4_write(kx_context *kc,
     if (outbuf == NULL)
 	return -1;
     outlen = krb_mk_priv ((void *)buf, outbuf, len, c->schedule, &c->key,
-			  (struct sockaddr_in *)&kc->thisaddr,
-			  (struct sockaddr_in *)&kc->thataddr);
+			  (struct sockaddr_in *)kc->thisaddr,
+			  (struct sockaddr_in *)kc->thataddr);
     if (outlen < 0) {
 	free (outbuf);
 	return -1;
@@ -312,7 +312,7 @@ recv_v4_auth (kx_context *kc, int sock, u_char *buf)
     AUTH_DAT auth;
     des_key_schedule schedule;
 
-    if (kc->thisaddr.ss_family != AF_INET)
+    if (kc->thisaddr->sa_family != AF_INET)
 	return -1;
 
     if (memcmp (buf, KRB_SENDAUTH_VERS, 4) != 0)
@@ -333,8 +333,8 @@ recv_v4_auth (kx_context *kc, int sock, u_char *buf)
 			   &ticket,
 			   "rcmd",
 			   instance,
-			   (struct sockaddr_in *)&kc->thataddr,
-			   (struct sockaddr_in *)&kc->thisaddr,
+			   (struct sockaddr_in *)kc->thataddr,
+			   (struct sockaddr_in *)kc->thisaddr,
 			   &auth,
 			   "",
 			   schedule,

appl/kx/kx.c

@@ -136,9 +136,9 @@ connect_host (kx_context *kc)
     if (getsockname (s, thisaddr, &addrlen) < 0 ||
 	addrlen != a->ai_addrlen)
 	err(1, "getsockname(%s)", kc->host);
-    memcpy (&kc->thisaddr, thisaddr, sizeof(kc->thisaddr));
+    memcpy (&kc->__ss_this, thisaddr, sizeof(kc->__ss_this));
     kc->thisaddr_len = addrlen;
-    memcpy (&kc->thataddr, a->ai_addr, sizeof(kc->thataddr));
+    memcpy (&kc->__ss_that, a->ai_addr, sizeof(kc->__ss_that));
     kc->thataddr_len = a->ai_addrlen;
     freeaddrinfo (ai);
     if ((*kc->authenticate)(kc, s))

appl/kx/kx.h

@@ -166,7 +166,7 @@ int create_and_write_cookie (char *xauthfile,
 int verify_and_remove_cookies (int fd, int sock, int cookiesp);
 int replace_cookie(int xserver, int fd, char *filename, int cookiesp);
 
-int suspicious_address (int sock, struct sockaddr_storage *addr);
+int suspicious_address (int sock, struct sockaddr *addr);
 
 #define KX_PORT 2111
 
@@ -197,7 +197,10 @@ struct kx_context {
     int debug_flag;
     int keepalive_flag;
     int tcp_flag;
-    struct sockaddr_storage thisaddr, thataddr;
+    struct sockaddr_storage __ss_this;
+    struct sockaddr_storage __ss_that;
+    struct sockaddr *thisaddr;
+    struct sockaddr *thataddr;
     socklen_t thisaddr_len, thataddr_len;
     void *data;
 };

appl/kx/kxd.c

@@ -121,20 +121,22 @@ recv_conn (int sock, kx_context *kc,
      int len;
      u_int32_t tmp32;
 
-     addrlen = sizeof(kc->thisaddr);
-     if (getsockname (sock, (struct sockaddr *)&kc->thisaddr, &addrlen) < 0) {
+     addrlen = sizeof(kc->__ss_this);
+     kc->thisaddr = (struct sockaddr*)&kc->__ss_this;
+     if (getsockname (sock, kc->thisaddr, &addrlen) < 0) {
 	 syslog (LOG_ERR, "getsockname: %m");
 	 exit (1);
      }
      kc->thisaddr_len = addrlen;
      addrlen = sizeof(kc->thataddr);
-     if (getpeername (sock, (struct sockaddr *)&kc->thataddr, &addrlen) < 0) {
+     kc->thataddr = (struct sockaddr*)&kc->__ss_that;
+     if (getpeername (sock, kc->thataddr, &addrlen) < 0) {
 	 syslog (LOG_ERR, "getpeername: %m");
 	 exit (1);
      }
      kc->thataddr_len = addrlen;
 
-     getnameinfo_verified ((struct sockaddr *)&kc->thataddr, 
+     getnameinfo_verified (kc->thataddr, 
 			   kc->thataddr_len,
 			   remotehost, sizeof(remotehost),
 			   NULL, 0, 0);
@@ -294,12 +296,14 @@ doit_conn (kx_context *kc,
 	   int fd, int meta_sock, int flags, int cookiesp)
 {
     int sock, sock2, port;
-    struct sockaddr_storage addr;
-    struct sockaddr_storage thisaddr;
+    struct sockaddr_storage __ss_addr;
+    struct sockaddr *addr = (struct sockaddr*)&__ss_addr;
+    struct sockaddr_storage __ss_thisaddr;
+    struct sockaddr *thisaddr = (struct sockaddr*)&__ss_thisaddr;
     socklen_t addrlen;
     u_char msg[1024], *p;
 
-    sock = socket (kc->thisaddr.ss_family, SOCK_STREAM, 0);
+    sock = socket (kc->thisaddr->sa_family, SOCK_STREAM, 0);
     if (sock < 0) {
 	syslog (LOG_ERR, "socket: %m");
 	return 1;
@@ -311,25 +315,25 @@ doit_conn (kx_context *kc,
     }
 #endif
 #if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT)
-     if (flags & KEEP_ALIVE) {
-	 int one = 1;
+    if (flags & KEEP_ALIVE) {
+	int one = 1;
 
-	 setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one,
-		     sizeof(one));
-     }
+	setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one,
+		    sizeof(one));
+    }
 #endif
-    memset (&addr, 0, sizeof(addr));
-    addr.ss_family = kc->thisaddr.ss_family;
-    if (kc->thisaddr_len > sizeof(addr)) {
+    memset (&__ss_addr, 0, sizeof(__ss_addr));
+    addr->sa_family = kc->thisaddr->sa_family;
+    if (kc->thisaddr_len > sizeof(__ss_addr)) {
 	syslog(LOG_ERR, "error in af");
 	return 1;
     }
-    if (bind (sock, (struct sockaddr *)&addr, kc->thisaddr_len) < 0) {
+    if (bind (sock, addr, kc->thisaddr_len) < 0) {
 	syslog (LOG_ERR, "bind: %m");
 	return 1;
     }
-    addrlen = sizeof(addr);
-    if (getsockname (sock, (struct sockaddr *)&addr, &addrlen) < 0) {
+    addrlen = sizeof(__ss_addr);
+    if (getsockname (sock, addr, &addrlen) < 0) {
 	syslog (LOG_ERR, "getsockname: %m");
 	return 1;
     }
@@ -337,7 +341,7 @@ doit_conn (kx_context *kc,
 	syslog (LOG_ERR, "listen: %m");
 	return 1;
     }
-    port = socket_get_port((struct sockaddr *)&addr);
+    port = socket_get_port(addr);
 
     p = msg;
     *p++ = NEW_CONN;
@@ -348,8 +352,8 @@ doit_conn (kx_context *kc,
 	return 1;
     }
 
-    addrlen = sizeof(thisaddr);
-    sock2 = accept (sock, (struct sockaddr *)&thisaddr, &addrlen);
+    addrlen = sizeof(__ss_thisaddr);
+    sock2 = accept (sock, thisaddr, &addrlen);
     if (sock2 < 0) {
 	syslog (LOG_ERR, "accept: %m");
 	return 1;
@@ -527,17 +531,18 @@ doit_passive (kx_context *kc,
 	    for (i = 0; i < nsockets; ++i) {
 		if (FD_ISSET(sockets[i].fd, &fds)) {
 		    if (sockets[i].flags == TCP) {
-			struct sockaddr_storage peer;
-			socklen_t len = sizeof(peer);
+			struct sockaddr_storage __ss_peer;
+			struct sockaddr *peer = (struct sockaddr*)&__ss_peer;
+			socklen_t len = sizeof(__ss_peer);
 
 			fd = accept (sockets[i].fd,
-				     (struct sockaddr *)&peer,
+				     peer,
 				     &len);
 			if (fd < 0 && errno != EINTR)
 			    syslog (LOG_ERR, "accept: %m");
 
 			/* XXX */
-			if (fd >= 0 && suspicious_address (fd, &peer)) {
+			if (fd >= 0 && suspicious_address (fd, peer)) {
 			    close (fd);
 			    fd = -1;
 			    errno = EINTR;