[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-test-1443-gf2aa921
Jeremy Allison
jra at samba.org
Wed Jan 16 21:22:17 GMT 2008
The branch, v3-2-test has been updated
via f2aa921505e49f894bfed4e5e2f9fc01918b1bb0 (commit)
from 5838a9f556f151dc7c1773dcdc598b8ba79fca44 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit f2aa921505e49f894bfed4e5e2f9fc01918b1bb0
Author: Jeremy Allison <jra at samba.org>
Date: Wed Jan 16 13:21:46 2008 -0800
Fix IPv6 bug #5204, which caused krb5 DNS lookups
for a name '[<ipv6 addr>'.
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source/lib/util_sock.c | 27 ++++++++++++++++-
source/libads/kerberos.c | 69 +++++++++++++++++++++++++++++++++++++--------
2 files changed, 81 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c
index 945506e..1042811 100644
--- a/source/lib/util_sock.c
+++ b/source/lib/util_sock.c
@@ -476,6 +476,29 @@ bool is_address_any(const struct sockaddr_storage *psa)
}
/****************************************************************************
+ Get a port number in host byte order from a sockaddr_storage.
+****************************************************************************/
+
+uint16_t get_sockaddr_port(const struct sockaddr_storage *pss)
+{
+ uint16_t port = 0;
+
+ if (pss->ss_family != AF_INET) {
+#if defined(HAVE_IPV6)
+ /* IPv6 */
+ const struct sockaddr_in6 *sa6 =
+ (const struct sockaddr_in6 *)pss;
+ port = ntohs(sa6->sin6_port);
+#endif
+ } else {
+ const struct sockaddr_in *sa =
+ (const struct sockaddr_in *)pss;
+ port = ntohs(sa->sin_port);
+ }
+ return port;
+}
+
+/****************************************************************************
Print out an IPv4 or IPv6 address from a struct sockaddr_storage.
****************************************************************************/
@@ -518,7 +541,7 @@ char *print_canonical_sockaddr(TALLOC_CTX *ctx,
char *dest = NULL;
int ret;
- ret = getnameinfo((const struct sockaddr *)pss,
+ ret = sys_getnameinfo((const struct sockaddr *)pss,
sizeof(struct sockaddr_storage),
addr, sizeof(addr),
NULL, 0,
@@ -1847,7 +1870,7 @@ const char *get_peer_name(int fd, bool force_lookup)
}
/* Look up the remote host name. */
- ret = getnameinfo((struct sockaddr *)&ss,
+ ret = sys_getnameinfo((struct sockaddr *)&ss,
length,
name_buf,
sizeof(name_buf),
diff --git a/source/libads/kerberos.c b/source/libads/kerberos.c
index e9222e8..f7e947b 100644
--- a/source/libads/kerberos.c
+++ b/source/libads/kerberos.c
@@ -25,6 +25,8 @@
#ifdef HAVE_KRB5
+#define DEFAULT_KRB5_PORT 88
+
#define LIBADS_CCACHE_NAME "MEMORY:libads"
/*
@@ -666,6 +668,51 @@ int kerberos_kinit_password(const char *principal,
}
/************************************************************************
+************************************************************************/
+
+static char *print_kdc_line(char *mem_ctx,
+ const char *prev_line,
+ const struct sockaddr_storage *pss)
+{
+ char *kdc_str = NULL;
+
+ if (pss->ss_family == AF_INET) {
+ kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
+ prev_line,
+ print_canonical_sockaddr(mem_ctx, pss));
+ } else {
+ char addr[INET6_ADDRSTRLEN];
+ uint16_t port = get_sockaddr_port(pss);
+
+ if (port != 0 && port != DEFAULT_KRB5_PORT) {
+ /* Currently for IPv6 we can't specify a non-default
+ krb5 port with an address, as this requires a ':'.
+ Resolve to a name. */
+ char hostname[MAX_DNS_NAME_LENGTH];
+ if (sys_getnameinfo((const struct sockaddr *)pss,
+ sizeof(*pss),
+ hostname, sizeof(hostname),
+ NULL, 0,
+ NI_NAMEREQD) == 0) {
+ /* Success, use host:port */
+ kdc_str = talloc_asprintf(mem_ctx,
+ "%s\tkdc = %s:%u\n",
+ prev_line,
+ hostname,
+ (unsigned int)port);
+ return kdc_str;
+ }
+ }
+ kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
+ prev_line,
+ print_sockaddr(addr,
+ sizeof(addr),
+ pss));
+ }
+ return kdc_str;
+}
+
+/************************************************************************
Create a string list of available kdc's, possibly searching by sitename.
Does DNS queries.
************************************************************************/
@@ -677,12 +724,10 @@ static char *get_kdc_ip_string(char *mem_ctx,
{
int i;
struct ip_service *ip_srv_site = NULL;
- struct ip_service *ip_srv_nonsite;
+ struct ip_service *ip_srv_nonsite = NULL;
int count_site = 0;
int count_nonsite;
- char *kdc_str = talloc_asprintf(mem_ctx, "\tkdc = %s\n",
- print_canonical_sockaddr(mem_ctx,
- pss));
+ char *kdc_str = print_kdc_line(mem_ctx, "", pss);
if (kdc_str == NULL) {
return NULL;
@@ -700,10 +745,9 @@ static char *get_kdc_ip_string(char *mem_ctx,
}
/* Append to the string - inefficient
* but not done often. */
- kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
- kdc_str,
- print_canonical_sockaddr(mem_ctx,
- &ip_srv_site[i].ss));
+ kdc_str = print_kdc_line(mem_ctx,
+ kdc_str,
+ &ip_srv_site[i].ss);
if (!kdc_str) {
SAFE_FREE(ip_srv_site);
return NULL;
@@ -738,10 +782,9 @@ static char *get_kdc_ip_string(char *mem_ctx,
}
/* Append to the string - inefficient but not done often. */
- kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
+ kdc_str = print_kdc_line(mem_ctx,
kdc_str,
- print_canonical_sockaddr(mem_ctx,
- &ip_srv_nonsite[i].ss));
+ &ip_srv_nonsite[i].ss);
if (!kdc_str) {
SAFE_FREE(ip_srv_site);
SAFE_FREE(ip_srv_nonsite);
@@ -873,8 +916,8 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
}
DEBUG(5,("create_local_private_krb5_conf_for_domain: wrote "
- "file %s with realm %s KDC = %s\n",
- fname, realm_upper, print_canonical_sockaddr(dname, pss) ));
+ "file %s with realm %s KDC list = %s\n",
+ fname, realm_upper, kdc_ip_string));
/* Set the environment variable to this file. */
setenv("KRB5_CONFIG", fname, 1);
--
Samba Shared Repository
More information about the samba-cvs
mailing list