From 8f06415a58f0ef1c2302395d12865fec83f50796 Mon Sep 17 00:00:00 2001 From: Johan Danielsson Date: Wed, 16 Apr 2003 16:45:43 +0000 Subject: [PATCH] don't directly use sockaddr_storage, since we can't always know what it looks like git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12055 ec53bebd-3082-4978-b11e-865c3cabbd6b --- appl/kx/common.c | 11 ++-------- appl/kx/context.c | 2 ++ appl/kx/krb4.c | 22 +++++++++---------- appl/kx/kx.c | 4 ++-- appl/kx/kx.h | 7 ++++-- appl/kx/kxd.c | 55 ++++++++++++++++++++++++++--------------------- 6 files changed, 52 insertions(+), 49 deletions(-) diff --git a/appl/kx/common.c b/appl/kx/common.c index 8c603a034..b1ef850b0 100644 --- a/appl/kx/common.c +++ b/appl/kx/common.c @@ -405,11 +405,9 @@ create_and_write_cookie (char *xauthfile, int fd; FILE *f; char hostname[MaxHostNameLen]; - struct in_addr loopback; int saved_errno; gethostname (hostname, sizeof(hostname)); - loopback.s_addr = htonl(INADDR_LOOPBACK); auth.family = FamilyLocal; auth.address = hostname; @@ -455,11 +453,6 @@ create_and_write_cookie (char *xauthfile, auth.family = FamilyWild; auth.address_length = 0; -#if 0 /* XXX */ - auth.address = (char *)&loopback; - auth.address_length = sizeof(loopback); -#endif - if (XauWriteAuth(f, &auth) == 0) { saved_errno = errno; fclose (f); @@ -754,12 +747,12 @@ replace_cookie(int xserver, int fd, char *filename, int cookiesp) /* XXX */ */ int -suspicious_address (int sock, struct sockaddr_storage *addr) +suspicious_address (int sock, struct sockaddr *addr) { char data[40]; socklen_t len = sizeof(data); - switch (addr->ss_family) { + switch (addr->sa_family) { case AF_INET: return ((struct sockaddr_in *)addr)->sin_addr.s_addr != htonl(INADDR_LOOPBACK) diff --git a/appl/kx/context.c b/appl/kx/context.c index 55d1d7606..508a59e8a 100644 --- a/appl/kx/context.c +++ b/appl/kx/context.c @@ -43,6 +43,8 @@ void context_set (kx_context *kc, const char *host, const char *user, int port, int debug_flag, int keepalive_flag, int tcp_flag) { + kc->thisaddr = (struct sockaddr*)&kc->__ss_this; + kc->thataddr = (struct sockaddr*)&kc->__ss_that; kc->host = host; kc->user = user; kc->port = port; diff --git a/appl/kx/krb4.c b/appl/kx/krb4.c index e2a5d6d35..119d79e09 100644 --- a/appl/kx/krb4.c +++ b/appl/kx/krb4.c @@ -71,7 +71,7 @@ krb4_authenticate (kx_context *kc, int s) krb4_kx_context *c = (krb4_kx_context *)kc->data; const char *host = kc->host; - if (kc->thisaddr.ss_family != AF_INET) { + if (kc->thisaddr->sa_family != AF_INET) { warnx ("%s: used Kerberos v4 authentiocation on on non-IP4 address", host); return -1; @@ -84,15 +84,15 @@ krb4_authenticate (kx_context *kc, int s) if (krb_get_our_ip_for_realm(krb_realmofhost(kc->host), &natAddr) == KSUCCESS || krb_get_our_ip_for_realm (NULL, &natAddr) == KSUCCESS) - ((struct sockaddr_in *)&kc->thisaddr)->sin_addr = natAddr; + ((struct sockaddr_in *)kc->thisaddr)->sin_addr = natAddr; } #endif status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd", (char *)host, krb_realmofhost (host), getpid(), &msg, &cred, c->schedule, - (struct sockaddr_in *)&kc->thisaddr, - (struct sockaddr_in *)&kc->thataddr, KX_VERSION); + (struct sockaddr_in *)kc->thisaddr, + (struct sockaddr_in *)kc->thataddr, KX_VERSION); if (status != KSUCCESS) { warnx ("%s: %s", host, krb_get_err_text(status)); return -1; @@ -128,8 +128,8 @@ krb4_read (kx_context *kc, if (krb_net_read (fd, buf, l) != l) return -1; status = krb_rd_priv (buf, l, c->schedule, &c->key, - (struct sockaddr_in *)&kc->thataddr, - (struct sockaddr_in *)&kc->thisaddr, &msg); + (struct sockaddr_in *)kc->thataddr, + (struct sockaddr_in *)kc->thisaddr, &msg); if (status != RD_AP_OK) { warnx ("krb4_read: %s", krb_get_err_text(status)); return -1; @@ -156,8 +156,8 @@ krb4_write(kx_context *kc, if (outbuf == NULL) return -1; outlen = krb_mk_priv ((void *)buf, outbuf, len, c->schedule, &c->key, - (struct sockaddr_in *)&kc->thisaddr, - (struct sockaddr_in *)&kc->thataddr); + (struct sockaddr_in *)kc->thisaddr, + (struct sockaddr_in *)kc->thataddr); if (outlen < 0) { free (outbuf); return -1; @@ -312,7 +312,7 @@ recv_v4_auth (kx_context *kc, int sock, u_char *buf) AUTH_DAT auth; des_key_schedule schedule; - if (kc->thisaddr.ss_family != AF_INET) + if (kc->thisaddr->sa_family != AF_INET) return -1; if (memcmp (buf, KRB_SENDAUTH_VERS, 4) != 0) @@ -333,8 +333,8 @@ recv_v4_auth (kx_context *kc, int sock, u_char *buf) &ticket, "rcmd", instance, - (struct sockaddr_in *)&kc->thataddr, - (struct sockaddr_in *)&kc->thisaddr, + (struct sockaddr_in *)kc->thataddr, + (struct sockaddr_in *)kc->thisaddr, &auth, "", schedule, diff --git a/appl/kx/kx.c b/appl/kx/kx.c index c8f08b448..e1886b82c 100644 --- a/appl/kx/kx.c +++ b/appl/kx/kx.c @@ -136,9 +136,9 @@ connect_host (kx_context *kc) if (getsockname (s, thisaddr, &addrlen) < 0 || addrlen != a->ai_addrlen) err(1, "getsockname(%s)", kc->host); - memcpy (&kc->thisaddr, thisaddr, sizeof(kc->thisaddr)); + memcpy (&kc->__ss_this, thisaddr, sizeof(kc->__ss_this)); kc->thisaddr_len = addrlen; - memcpy (&kc->thataddr, a->ai_addr, sizeof(kc->thataddr)); + memcpy (&kc->__ss_that, a->ai_addr, sizeof(kc->__ss_that)); kc->thataddr_len = a->ai_addrlen; freeaddrinfo (ai); if ((*kc->authenticate)(kc, s)) diff --git a/appl/kx/kx.h b/appl/kx/kx.h index 5451ba71c..a805ce1cf 100644 --- a/appl/kx/kx.h +++ b/appl/kx/kx.h @@ -166,7 +166,7 @@ int create_and_write_cookie (char *xauthfile, int verify_and_remove_cookies (int fd, int sock, int cookiesp); int replace_cookie(int xserver, int fd, char *filename, int cookiesp); -int suspicious_address (int sock, struct sockaddr_storage *addr); +int suspicious_address (int sock, struct sockaddr *addr); #define KX_PORT 2111 @@ -197,7 +197,10 @@ struct kx_context { int debug_flag; int keepalive_flag; int tcp_flag; - struct sockaddr_storage thisaddr, thataddr; + struct sockaddr_storage __ss_this; + struct sockaddr_storage __ss_that; + struct sockaddr *thisaddr; + struct sockaddr *thataddr; socklen_t thisaddr_len, thataddr_len; void *data; }; diff --git a/appl/kx/kxd.c b/appl/kx/kxd.c index 1e652d44e..59dbce9c4 100644 --- a/appl/kx/kxd.c +++ b/appl/kx/kxd.c @@ -121,20 +121,22 @@ recv_conn (int sock, kx_context *kc, int len; u_int32_t tmp32; - addrlen = sizeof(kc->thisaddr); - if (getsockname (sock, (struct sockaddr *)&kc->thisaddr, &addrlen) < 0) { + addrlen = sizeof(kc->__ss_this); + kc->thisaddr = (struct sockaddr*)&kc->__ss_this; + if (getsockname (sock, kc->thisaddr, &addrlen) < 0) { syslog (LOG_ERR, "getsockname: %m"); exit (1); } kc->thisaddr_len = addrlen; addrlen = sizeof(kc->thataddr); - if (getpeername (sock, (struct sockaddr *)&kc->thataddr, &addrlen) < 0) { + kc->thataddr = (struct sockaddr*)&kc->__ss_that; + if (getpeername (sock, kc->thataddr, &addrlen) < 0) { syslog (LOG_ERR, "getpeername: %m"); exit (1); } kc->thataddr_len = addrlen; - getnameinfo_verified ((struct sockaddr *)&kc->thataddr, + getnameinfo_verified (kc->thataddr, kc->thataddr_len, remotehost, sizeof(remotehost), NULL, 0, 0); @@ -294,12 +296,14 @@ doit_conn (kx_context *kc, int fd, int meta_sock, int flags, int cookiesp) { int sock, sock2, port; - struct sockaddr_storage addr; - struct sockaddr_storage thisaddr; + struct sockaddr_storage __ss_addr; + struct sockaddr *addr = (struct sockaddr*)&__ss_addr; + struct sockaddr_storage __ss_thisaddr; + struct sockaddr *thisaddr = (struct sockaddr*)&__ss_thisaddr; socklen_t addrlen; u_char msg[1024], *p; - sock = socket (kc->thisaddr.ss_family, SOCK_STREAM, 0); + sock = socket (kc->thisaddr->sa_family, SOCK_STREAM, 0); if (sock < 0) { syslog (LOG_ERR, "socket: %m"); return 1; @@ -311,25 +315,25 @@ doit_conn (kx_context *kc, } #endif #if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - if (flags & KEEP_ALIVE) { - int one = 1; + if (flags & KEEP_ALIVE) { + int one = 1; - setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, - sizeof(one)); - } + setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, + sizeof(one)); + } #endif - memset (&addr, 0, sizeof(addr)); - addr.ss_family = kc->thisaddr.ss_family; - if (kc->thisaddr_len > sizeof(addr)) { + memset (&__ss_addr, 0, sizeof(__ss_addr)); + addr->sa_family = kc->thisaddr->sa_family; + if (kc->thisaddr_len > sizeof(__ss_addr)) { syslog(LOG_ERR, "error in af"); return 1; } - if (bind (sock, (struct sockaddr *)&addr, kc->thisaddr_len) < 0) { + if (bind (sock, addr, kc->thisaddr_len) < 0) { syslog (LOG_ERR, "bind: %m"); return 1; } - addrlen = sizeof(addr); - if (getsockname (sock, (struct sockaddr *)&addr, &addrlen) < 0) { + addrlen = sizeof(__ss_addr); + if (getsockname (sock, addr, &addrlen) < 0) { syslog (LOG_ERR, "getsockname: %m"); return 1; } @@ -337,7 +341,7 @@ doit_conn (kx_context *kc, syslog (LOG_ERR, "listen: %m"); return 1; } - port = socket_get_port((struct sockaddr *)&addr); + port = socket_get_port(addr); p = msg; *p++ = NEW_CONN; @@ -348,8 +352,8 @@ doit_conn (kx_context *kc, return 1; } - addrlen = sizeof(thisaddr); - sock2 = accept (sock, (struct sockaddr *)&thisaddr, &addrlen); + addrlen = sizeof(__ss_thisaddr); + sock2 = accept (sock, thisaddr, &addrlen); if (sock2 < 0) { syslog (LOG_ERR, "accept: %m"); return 1; @@ -527,17 +531,18 @@ doit_passive (kx_context *kc, for (i = 0; i < nsockets; ++i) { if (FD_ISSET(sockets[i].fd, &fds)) { if (sockets[i].flags == TCP) { - struct sockaddr_storage peer; - socklen_t len = sizeof(peer); + struct sockaddr_storage __ss_peer; + struct sockaddr *peer = (struct sockaddr*)&__ss_peer; + socklen_t len = sizeof(__ss_peer); fd = accept (sockets[i].fd, - (struct sockaddr *)&peer, + peer, &len); if (fd < 0 && errno != EINTR) syslog (LOG_ERR, "accept: %m"); /* XXX */ - if (fd >= 0 && suspicious_address (fd, &peer)) { + if (fd >= 0 && suspicious_address (fd, peer)) { close (fd); fd = -1; errno = EINTR;