addr_families.c

samba最新软件

	ret = krb5_address_prefixlen_boundary(context, &addrmask.val[0], num,
					      &low0, &high0);
	krb5_free_addresses(context, &addrmask);
	if (ret)
	    return ret;

    } else {
	krb5_addresses low, high;
	
	strsep_copy(&address, "-", buf, sizeof(buf));
	ret = krb5_parse_address(context, buf, &low);
	if(ret)
	    return ret;
	if(low.len != 1) {
	    krb5_free_addresses(context, &low);
	    return -1;
	}
	
	strsep_copy(&address, "-", buf, sizeof(buf));
	ret = krb5_parse_address(context, buf, &high);
	if(ret) {
	    krb5_free_addresses(context, &low);
	    return ret;
	}
	
	if(high.len != 1 && high.val[0].addr_type != low.val[0].addr_type) {
	    krb5_free_addresses(context, &low);
	    krb5_free_addresses(context, &high);
	    return -1;
	}

	ret = krb5_copy_address(context, &high.val[0], &high0);
	if (ret == 0) {
	    ret = krb5_copy_address(context, &low.val[0], &low0);
	    if (ret)
		krb5_free_address(context, &high0);
	}
	krb5_free_addresses(context, &low);
	krb5_free_addresses(context, &high);
	if (ret)
	    return ret;
    }

    krb5_data_alloc(&addr->address, sizeof(*a));
    addr->addr_type = KRB5_ADDRESS_ARANGE;
    a = addr->address.data;

    if(krb5_address_order(context, &low0, &high0) < 0) {
	a->low = low0;
	a->high = high0;
    } else {
	a->low = high0;
	a->high = low0;
    }
    return 0;
}

static int
arange_free (krb5_context context, krb5_address *addr)
{
    struct arange *a;
    a = addr->address.data;
    krb5_free_address(context, &a->low);
    krb5_free_address(context, &a->high);
    krb5_data_free(&addr->address);
    return 0;
}


static int
arange_copy (krb5_context context, const krb5_address *inaddr, 
	     krb5_address *outaddr)
{
    krb5_error_code ret;
    struct arange *i, *o;

    outaddr->addr_type = KRB5_ADDRESS_ARANGE;
    ret = krb5_data_alloc(&outaddr->address, sizeof(*o));
    if(ret)
	return ret;
    i = inaddr->address.data;
    o = outaddr->address.data;
    ret = krb5_copy_address(context, &i->low, &o->low);
    if(ret) {
	krb5_data_free(&outaddr->address);
	return ret;
    }
    ret = krb5_copy_address(context, &i->high, &o->high);
    if(ret) {
	krb5_free_address(context, &o->low);
	krb5_data_free(&outaddr->address);
	return ret;
    }
    return 0;
}

static int
arange_print_addr (const krb5_address *addr, char *str, size_t len)
{
    struct arange *a;
    krb5_error_code ret;
    size_t l, size, ret_len;

    a = addr->address.data;

    l = strlcpy(str, "RANGE:", len);
    ret_len = l;
    if (l > len)
	l = len;
    size = l;
	
    ret = krb5_print_address (&a->low, str + size, len - size, &l);
    if (ret)
	return ret;
    ret_len += l;
    if (len - size > l)
	size += l;
    else
	size = len;

    l = strlcat(str + size, "-", len - size);
    ret_len += l;
    if (len - size > l)
	size += l;
    else
	size = len;

    ret = krb5_print_address (&a->high, str + size, len - size, &l);
    if (ret)
	return ret;
    ret_len += l;

    return ret_len;
}

static int
arange_order_addr(krb5_context context, 
		  const krb5_address *addr1, 
		  const krb5_address *addr2)
{
    int tmp1, tmp2, sign;
    struct arange *a;
    const krb5_address *a2;

    if(addr1->addr_type == KRB5_ADDRESS_ARANGE) {
	a = addr1->address.data;
	a2 = addr2;
	sign = 1;
    } else if(addr2->addr_type == KRB5_ADDRESS_ARANGE) {
	a = addr2->address.data;
	a2 = addr1;
	sign = -1;
    } else
	abort();
	
    if(a2->addr_type == KRB5_ADDRESS_ARANGE) {
	struct arange *b = a2->address.data;
	tmp1 = krb5_address_order(context, &a->low, &b->low);
	if(tmp1 != 0)
	    return sign * tmp1;
	return sign * krb5_address_order(context, &a->high, &b->high);
    } else if(a2->addr_type == a->low.addr_type) {
	tmp1 = krb5_address_order(context, &a->low, a2);
	if(tmp1 > 0)
	    return sign;
	tmp2 = krb5_address_order(context, &a->high, a2);
	if(tmp2 < 0)
	    return -sign;
	return 0;
    } else {
	return sign * (addr1->addr_type - addr2->addr_type);
    }
}

static int
addrport_print_addr (const krb5_address *addr, char *str, size_t len)
{
    krb5_error_code ret;
    krb5_address addr1, addr2;
    uint16_t port = 0;
    size_t ret_len = 0, l, size = 0;
    krb5_storage *sp;

    sp = krb5_storage_from_data((krb5_data*)rk_UNCONST(&addr->address));
    /* for totally obscure reasons, these are not in network byteorder */
    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);

    krb5_storage_seek(sp, 2, SEEK_CUR); /* skip first two bytes */
    krb5_ret_address(sp, &addr1);

    krb5_storage_seek(sp, 2, SEEK_CUR); /* skip two bytes */
    krb5_ret_address(sp, &addr2);
    krb5_storage_free(sp);
    if(addr2.addr_type == KRB5_ADDRESS_IPPORT && addr2.address.length == 2) {
	unsigned long value;
	_krb5_get_int(addr2.address.data, &value, 2);
	port = value;
    }
    l = strlcpy(str, "ADDRPORT:", len);
    ret_len += l;
    if (len > l)
	size += l;
    else
	size = len;

    ret = krb5_print_address(&addr1, str + size, len - size, &l);
    if (ret)
	return ret;
    ret_len += l;
    if (len - size > l)
	size += l;
    else
	size = len;

    ret = snprintf(str + size, len - size, ",PORT=%u", port);
    if (ret < 0)
	return EINVAL;
    ret_len += ret;
    return ret_len;
}

static struct addr_operations at[] = {
    {AF_INET,	KRB5_ADDRESS_INET, sizeof(struct sockaddr_in),
     ipv4_sockaddr2addr, 
     ipv4_sockaddr2port,
     ipv4_addr2sockaddr,
     ipv4_h_addr2sockaddr,
     ipv4_h_addr2addr,
     ipv4_uninteresting, ipv4_anyaddr, ipv4_print_addr, ipv4_parse_addr,
     NULL, NULL, NULL, ipv4_mask_boundary },
#ifdef HAVE_IPV6
    {AF_INET6,	KRB5_ADDRESS_INET6, sizeof(struct sockaddr_in6),
     ipv6_sockaddr2addr, 
     ipv6_sockaddr2port,
     ipv6_addr2sockaddr,
     ipv6_h_addr2sockaddr,
     ipv6_h_addr2addr,
     ipv6_uninteresting, ipv6_anyaddr, ipv6_print_addr, ipv6_parse_addr,
     NULL, NULL, NULL, ipv6_mask_boundary } ,
#endif
    {KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_ADDRPORT, 0,
     NULL, NULL, NULL, NULL, NULL, 
     NULL, NULL, addrport_print_addr, NULL, NULL, NULL, NULL },
    /* fake address type */
    {KRB5_ADDRESS_ARANGE, KRB5_ADDRESS_ARANGE, sizeof(struct arange),
     NULL, NULL, NULL, NULL, NULL, NULL, NULL,
     arange_print_addr, arange_parse_addr, 
     arange_order_addr, arange_free, arange_copy }
};

static int num_addrs = sizeof(at) / sizeof(at[0]);

static size_t max_sockaddr_size = 0;

/*
 * generic functions
 */

static struct addr_operations *
find_af(int af)
{
    struct addr_operations *a;

    for (a = at; a < at + num_addrs; ++a)
	if (af == a->af)
	    return a;
    return NULL;
}

static struct addr_operations *
find_atype(int atype)
{
    struct addr_operations *a;

    for (a = at; a < at + num_addrs; ++a)
	if (atype == a->atype)
	    return a;
    return NULL;
}

/**
 * krb5_sockaddr2address stores a address a "struct sockaddr" sa in
 * the krb5_address addr. 
 *
 * @param context a Keberos context
 * @param sa a struct sockaddr to extract the address from
 * @param addr an Kerberos 5 address to store the address in.
 *
 * @return Return an error code or 0.
 *
 * @ingroup krb5_address
 */

krb5_error_code KRB5_LIB_FUNCTION
krb5_sockaddr2address (krb5_context context,
		       const struct sockaddr *sa, krb5_address *addr)
{
    struct addr_operations *a = find_af(sa->sa_family);
    if (a == NULL) {
	krb5_set_error_string (context, "Address family %d not supported",
			       sa->sa_family);
	return KRB5_PROG_ATYPE_NOSUPP;
    }
    return (*a->sockaddr2addr)(sa, addr);
}

/**
 * krb5_sockaddr2port extracts a port (if possible) from a "struct
 * sockaddr.
 *
 * @param context a Keberos context
 * @param sa a struct sockaddr to extract the port from
 * @param port a pointer to an int16_t store the port in.
 *
 * @return Return an error code or 0. Will return
 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.
 *
 * @ingroup krb5_address
 */

krb5_error_code KRB5_LIB_FUNCTION
krb5_sockaddr2port (krb5_context context,
		    const struct sockaddr *sa, int16_t *port)
{
    struct addr_operations *a = find_af(sa->sa_family);
    if (a == NULL) {
	krb5_set_error_string (context, "Address family %d not supported",
			       sa->sa_family);
	return KRB5_PROG_ATYPE_NOSUPP;
    }
    return (*a->sockaddr2port)(sa, port);
}

/**
 * krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr
 * and port. The argument sa_size should initially contain the size of
 * the sa and after the call, it will contain the actual length of the
 * address. In case of the sa is too small to fit the whole address,
 * the up to *sa_size will be stored, and then *sa_size will be set to
 * the required length.
 *
 * @param context a Keberos context
 * @param addr the address to copy the from
 * @param sa the struct sockaddr that will be filled in
 * @param sa_size pointer to length of sa, and after the call, it will
 * contain the actual length of the address.
 * @param port set port in sa.
 *
 * @return Return an error code or 0. Will return
 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.
 *
 * @ingroup krb5_address
 */

krb5_error_code KRB5_LIB_FUNCTION
krb5_addr2sockaddr (krb5_context context,
		    const krb5_address *addr,
		    struct sockaddr *sa,
		    krb5_socklen_t *sa_size,
		    int port)
{
    struct addr_operations *a = find_atype(addr->addr_type);

    if (a == NULL) {
	krb5_set_error_string (context, "Address type %d not supported",
			       addr->addr_type);
	return KRB5_PROG_ATYPE_NOSUPP;
    }
    if (a->addr2sockaddr == NULL) {
	krb5_set_error_string (context,
			       "Can't convert address type %d to sockaddr",
			       addr->addr_type);
	return KRB5_PROG_ATYPE_NOSUPP;
    }
    (*a->addr2sockaddr)(addr, sa, sa_size, port);
    return 0;
}

/**
 * krb5_max_sockaddr_size returns the max size of the .Li struct
 * sockaddr that the Kerberos library will return.
 *
 * @return Return an size_t of the maximum struct sockaddr.
 *
 * @ingroup krb5_address
 */

size_t KRB5_LIB_FUNCTION
krb5_max_sockaddr_size (void)
{
    if (max_sockaddr_size == 0) {
	struct addr_operations *a;

	for(a = at; a < at + num_addrs; ++a)
	    max_sockaddr_size = max(max_sockaddr_size, a->max_sockaddr_size);
    }
    return max_sockaddr_size;
}

/**
 * krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the
 * kerberos library thinks are uninteresting.  One example are link
 * local addresses.
 *
 * @param sa pointer to struct sockaddr that might be interesting.
 *
 * @return Return a non zero for uninteresting addresses.
 *
 * @ingroup krb5_address
 */

krb5_boolean KRB5_LIB_FUNCTION
krb5_sockaddr_uninteresting(const struct sockaddr *sa)
{
    struct addr_operations *a = find_af(sa->sa_family);
    if (a == NULL || a->uninteresting == NULL)
	return TRUE;
    return (*a->uninteresting)(sa);
}

/**
 * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and
 * the "struct hostent" (see gethostbyname(3) ) h_addr_list
 * component. The argument sa_size should initially contain the size
 * of the sa, and after the call, it will contain the actual length of
 * the address.
 *
 * @param context a Keberos context
 * @param af addresses
 * @param addr address
 * @param sa returned struct sockaddr
 * @param sa_size size of sa
 * @param port port to set in sa.
 *
 * @return Return an error code or 0.
 *
 * @ingroup krb5_address
 */

krb5_error_code KRB5_LIB_FUNCTION
krb5_h_addr2sockaddr (krb5_context context,
		      int af,
		      const char *addr, struct sockaddr *sa,
		      krb5_socklen_t *sa_size,
		      int port)
{
    struct addr_operations *a = find_af(af);
    if (a == NULL) {
	krb5_set_error_string (context, "Address family %d not supported", af);
	return KRB5_PROG_ATYPE_NOSUPP;
    }
    (*a->h_addr2sockaddr)(addr, sa, sa_size, port);
    return 0;
}

/**
 * krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception
 * that it operates on a krb5_address instead of a struct sockaddr.
 *
 * @param context a Keberos context
 * @param af address family
 * @param haddr host address from struct hostent.
 * @param addr returned krb5_address.
 *
 * @return Return an error code or 0.
 *
 * @ingroup krb5_address
 */

krb5_error_code KRB5_LIB_FUNCTION
krb5_h_addr2addr (krb5_context context,
		  int af,
		  const char *haddr, krb5_address *addr)
{
    struct addr_operations *a = find_af(af);
    if (a == NULL) {
	krb5_set_error_string (context, "Address family %d not supported", af);
	return KRB5_PROG_ATYPE_NOSUPP;
    }
    return (*a->h_addr2addr)(haddr, addr);
}

/**
 * krb5_anyaddr fills in a "struct sockaddr sa" that can be used to
 * bind(2) to.  The argument sa_size should initially contain the size
 * of the sa, and after the call, it will contain the actual length
 * of the address.