Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/heimdal/lib/krb5/addr_families.c
34878 views
1
/*

2
 * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan

3
 * (Royal Institute of Technology, Stockholm, Sweden).

4
 * All rights reserved.

5
 *

6
 * Redistribution and use in source and binary forms, with or without

7
 * modification, are permitted provided that the following conditions

8
 * are met:

9
 *

10
 * 1. Redistributions of source code must retain the above copyright

11
 *    notice, this list of conditions and the following disclaimer.

12
 *

13
 * 2. Redistributions in binary form must reproduce the above copyright

14
 *    notice, this list of conditions and the following disclaimer in the

15
 *    documentation and/or other materials provided with the distribution.

16
 *

17
 * 3. Neither the name of the Institute nor the names of its contributors

18
 *    may be used to endorse or promote products derived from this software

19
 *    without specific prior written permission.

20
 *

21
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND

22
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

23
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

24
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE

25
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

26
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

27
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

28
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

29
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

30
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

31
 * SUCH DAMAGE.

32
 */

33


34
#include "krb5_locl.h"

35


36
struct addr_operations {

37
    int af;

38
    krb5_address_type atype;

39
    size_t max_sockaddr_size;

40
    krb5_error_code (*sockaddr2addr)(const struct sockaddr *, krb5_address *);

41
    krb5_error_code (*sockaddr2port)(const struct sockaddr *, int16_t *);

42
    void (*addr2sockaddr)(const krb5_address *, struct sockaddr *,

43
			  krb5_socklen_t *sa_size, int port);

44
    void (*h_addr2sockaddr)(const char *, struct sockaddr *, krb5_socklen_t *, int);

45
    krb5_error_code (*h_addr2addr)(const char *, krb5_address *);

46
    krb5_boolean (*uninteresting)(const struct sockaddr *);

47
    krb5_boolean (*is_loopback)(const struct sockaddr *);

48
    void (*anyaddr)(struct sockaddr *, krb5_socklen_t *, int);

49
    int (*print_addr)(const krb5_address *, char *, size_t);

50
    int (*parse_addr)(krb5_context, const char*, krb5_address *);

51
    int (*order_addr)(krb5_context, const krb5_address*, const krb5_address*);

52
    int (*free_addr)(krb5_context, krb5_address*);

53
    int (*copy_addr)(krb5_context, const krb5_address*, krb5_address*);

54
    int (*mask_boundary)(krb5_context, const krb5_address*, unsigned long,

55
			 krb5_address*, krb5_address*);

56
};

57


58
/*

59
 * AF_INET - aka IPv4 implementation

60
 */

61


62
static krb5_error_code

63
ipv4_sockaddr2addr (const struct sockaddr *sa, krb5_address *a)

64
{

65
    const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa;

66
    unsigned char buf[4];

67


68
    a->addr_type = KRB5_ADDRESS_INET;

69
    memcpy (buf, &sin4->sin_addr, 4);

70
    return krb5_data_copy(&a->address, buf, 4);

71
}

72


73
static krb5_error_code

74
ipv4_sockaddr2port (const struct sockaddr *sa, int16_t *port)

75
{

76
    const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa;

77


78
    *port = sin4->sin_port;

79
    return 0;

80
}

81


82
static void

83
ipv4_addr2sockaddr (const krb5_address *a,

84
		    struct sockaddr *sa,

85
		    krb5_socklen_t *sa_size,

86
		    int port)

87
{

88
    struct sockaddr_in tmp;

89


90
    memset (&tmp, 0, sizeof(tmp));

91
    tmp.sin_family = AF_INET;

92
    memcpy (&tmp.sin_addr, a->address.data, 4);

93
    tmp.sin_port = port;

94
    memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));

95
    *sa_size = sizeof(tmp);

96
}

97


98
static void

99
ipv4_h_addr2sockaddr(const char *addr,

100
		     struct sockaddr *sa,

101
		     krb5_socklen_t *sa_size,

102
		     int port)

103
{

104
    struct sockaddr_in tmp;

105


106
    memset (&tmp, 0, sizeof(tmp));

107
    tmp.sin_family = AF_INET;

108
    tmp.sin_port   = port;

109
    tmp.sin_addr   = *((const struct in_addr *)addr);

110
    memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));

111
    *sa_size = sizeof(tmp);

112
}

113


114
static krb5_error_code

115
ipv4_h_addr2addr (const char *addr,

116
		  krb5_address *a)

117
{

118
    unsigned char buf[4];

119


120
    a->addr_type = KRB5_ADDRESS_INET;

121
    memcpy(buf, addr, 4);

122
    return krb5_data_copy(&a->address, buf, 4);

123
}

124


125
/*

126
 * Are there any addresses that should be considered `uninteresting'?

127
 */

128


129
static krb5_boolean

130
ipv4_uninteresting (const struct sockaddr *sa)

131
{

132
    const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa;

133


134
    if (sin4->sin_addr.s_addr == INADDR_ANY)

135
	return TRUE;

136


137
    return FALSE;

138
}

139


140
static krb5_boolean

141
ipv4_is_loopback (const struct sockaddr *sa)

142
{

143
    const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa;

144


145
    if ((ntohl(sin4->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET)

146
	return TRUE;

147


148
    return FALSE;

149
}

150


151
static void

152
ipv4_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port)

153
{

154
    struct sockaddr_in tmp;

155


156
    memset (&tmp, 0, sizeof(tmp));

157
    tmp.sin_family = AF_INET;

158
    tmp.sin_port   = port;

159
    tmp.sin_addr.s_addr = INADDR_ANY;

160
    memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));

161
    *sa_size = sizeof(tmp);

162
}

163


164
static int

165
ipv4_print_addr (const krb5_address *addr, char *str, size_t len)

166
{

167
    struct in_addr ia;

168


169
    memcpy (&ia, addr->address.data, 4);

170


171
    return snprintf (str, len, "IPv4:%s", inet_ntoa(ia));

172
}

173


174
static int

175
ipv4_parse_addr (krb5_context context, const char *address, krb5_address *addr)

176
{

177
    const char *p;

178
    struct in_addr a;

179


180
    p = strchr(address, ':');

181
    if(p) {

182
	p++;

183
	if(strncasecmp(address, "ip:", p - address) != 0 &&

184
	   strncasecmp(address, "ip4:", p - address) != 0 &&

185
	   strncasecmp(address, "ipv4:", p - address) != 0 &&

186
	   strncasecmp(address, "inet:", p - address) != 0)

187
	    return -1;

188
    } else

189
	p = address;

190
    if(inet_aton(p, &a) == 0)

191
	return -1;

192
    addr->addr_type = KRB5_ADDRESS_INET;

193
    if(krb5_data_alloc(&addr->address, 4) != 0)

194
	return -1;

195
    _krb5_put_int(addr->address.data, ntohl(a.s_addr), addr->address.length);

196
    return 0;

197
}

198


199
static int

200
ipv4_mask_boundary(krb5_context context, const krb5_address *inaddr,

201
		   unsigned long len, krb5_address *low, krb5_address *high)

202
{

203
    unsigned long ia;

204
    uint32_t l, h, m = 0xffffffff;

205


206
    if (len > 32) {

207
	krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP,

208
			       N_("IPv4 prefix too large (%ld)", "len"), len);

209
	return KRB5_PROG_ATYPE_NOSUPP;

210
    }

211
    m = m << (32 - len);

212


213
    _krb5_get_int(inaddr->address.data, &ia, inaddr->address.length);

214


215
    l = ia & m;

216
    h = l | ~m;

217


218
    low->addr_type = KRB5_ADDRESS_INET;

219
    if(krb5_data_alloc(&low->address, 4) != 0)

220
	return -1;

221
    _krb5_put_int(low->address.data, l, low->address.length);

222


223
    high->addr_type = KRB5_ADDRESS_INET;

224
    if(krb5_data_alloc(&high->address, 4) != 0) {

225
	krb5_free_address(context, low);

226
	return -1;

227
    }

228
    _krb5_put_int(high->address.data, h, high->address.length);

229


230
    return 0;

231
}

232


233


234
/*

235
 * AF_INET6 - aka IPv6 implementation

236
 */

237


238
#ifdef HAVE_IPV6

239


240
static krb5_error_code

241
ipv6_sockaddr2addr (const struct sockaddr *sa, krb5_address *a)

242
{

243
    const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;

244


245
    if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {

246
	unsigned char buf[4];

247


248
	a->addr_type      = KRB5_ADDRESS_INET;

249
#ifndef IN6_ADDR_V6_TO_V4

250
#ifdef IN6_EXTRACT_V4ADDR

251
#define IN6_ADDR_V6_TO_V4(x) (&IN6_EXTRACT_V4ADDR(x))

252
#else

253
#define IN6_ADDR_V6_TO_V4(x) ((const struct in_addr *)&(x)->s6_addr[12])

254
#endif

255
#endif

256
	memcpy (buf, IN6_ADDR_V6_TO_V4(&sin6->sin6_addr), 4);

257
	return krb5_data_copy(&a->address, buf, 4);

258
    } else {

259
	a->addr_type = KRB5_ADDRESS_INET6;

260
	return krb5_data_copy(&a->address,

261
			      &sin6->sin6_addr,

262
			      sizeof(sin6->sin6_addr));

263
    }

264
}

265


266
static krb5_error_code

267
ipv6_sockaddr2port (const struct sockaddr *sa, int16_t *port)

268
{

269
    const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;

270


271
    *port = sin6->sin6_port;

272
    return 0;

273
}

274


275
static void

276
ipv6_addr2sockaddr (const krb5_address *a,

277
		    struct sockaddr *sa,

278
		    krb5_socklen_t *sa_size,

279
		    int port)

280
{

281
    struct sockaddr_in6 tmp;

282


283
    memset (&tmp, 0, sizeof(tmp));

284
    tmp.sin6_family = AF_INET6;

285
    memcpy (&tmp.sin6_addr, a->address.data, sizeof(tmp.sin6_addr));

286
    tmp.sin6_port = port;

287
    memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));

288
    *sa_size = sizeof(tmp);

289
}

290


291
static void

292
ipv6_h_addr2sockaddr(const char *addr,

293
		     struct sockaddr *sa,

294
		     krb5_socklen_t *sa_size,

295
		     int port)

296
{

297
    struct sockaddr_in6 tmp;

298


299
    memset (&tmp, 0, sizeof(tmp));

300
    tmp.sin6_family = AF_INET6;

301
    tmp.sin6_port   = port;

302
    tmp.sin6_addr   = *((const struct in6_addr *)addr);

303
    memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));

304
    *sa_size = sizeof(tmp);

305
}

306


307
static krb5_error_code

308
ipv6_h_addr2addr (const char *addr,

309
		  krb5_address *a)

310
{

311
    a->addr_type = KRB5_ADDRESS_INET6;

312
    return krb5_data_copy(&a->address, addr, sizeof(struct in6_addr));

313
}

314


315
/*

316
 *

317
 */

318


319
static krb5_boolean

320
ipv6_uninteresting (const struct sockaddr *sa)

321
{

322
    const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;

323
    const struct in6_addr *in6 = (const struct in6_addr *)&sin6->sin6_addr;

324


325
    return IN6_IS_ADDR_LINKLOCAL(in6)

326
	|| IN6_IS_ADDR_V4COMPAT(in6);

327
}

328


329
static krb5_boolean

330
ipv6_is_loopback (const struct sockaddr *sa)

331
{

332
    const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;

333
    const struct in6_addr *in6 = (const struct in6_addr *)&sin6->sin6_addr;

334


335
    return (IN6_IS_ADDR_LOOPBACK(in6));

336
}

337


338
static void

339
ipv6_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port)

340
{

341
    struct sockaddr_in6 tmp;

342


343
    memset (&tmp, 0, sizeof(tmp));

344
    tmp.sin6_family = AF_INET6;

345
    tmp.sin6_port   = port;

346
    tmp.sin6_addr   = in6addr_any;

347
    *sa_size = sizeof(tmp);

348
}

349


350
static int

351
ipv6_print_addr (const krb5_address *addr, char *str, size_t len)

352
{

353
    char buf[128], buf2[3];

354
    if(inet_ntop(AF_INET6, addr->address.data, buf, sizeof(buf)) == NULL)

355
	{

356
	    /* XXX this is pretty ugly, but better than abort() */

357
	    size_t i;

358
	    unsigned char *p = addr->address.data;

359
	    buf[0] = '\0';

360
	    for(i = 0; i < addr->address.length; i++) {

361
		snprintf(buf2, sizeof(buf2), "%02x", p[i]);

362
		if(i > 0 && (i & 1) == 0)

363
		    strlcat(buf, ":", sizeof(buf));

364
		strlcat(buf, buf2, sizeof(buf));

365
	    }

366
	}

367
    return snprintf(str, len, "IPv6:%s", buf);

368
}

369


370
static int

371
ipv6_parse_addr (krb5_context context, const char *address, krb5_address *addr)

372
{

373
    int ret;

374
    struct in6_addr in6;

375
    const char *p;

376


377
    p = strchr(address, ':');

378
    if(p) {

379
	p++;

380
	if(strncasecmp(address, "ip6:", p - address) == 0 ||

381
	   strncasecmp(address, "ipv6:", p - address) == 0 ||

382
	   strncasecmp(address, "inet6:", p - address) == 0)

383
	    address = p;

384
    }

385


386
    ret = inet_pton(AF_INET6, address, &in6.s6_addr);

387
    if(ret == 1) {

388
	addr->addr_type = KRB5_ADDRESS_INET6;

389
	ret = krb5_data_alloc(&addr->address, sizeof(in6.s6_addr));

390
	if (ret)

391
	    return -1;

392
	memcpy(addr->address.data, in6.s6_addr, sizeof(in6.s6_addr));

393
	return 0;

394
    }

395
    return -1;

396
}

397


398
static int

399
ipv6_mask_boundary(krb5_context context, const krb5_address *inaddr,

400
		   unsigned long len, krb5_address *low, krb5_address *high)

401
{

402
    struct in6_addr addr, laddr, haddr;

403
    uint32_t m;

404
    int i, sub_len;

405


406
    if (len > 128) {

407
	krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP,

408
			       N_("IPv6 prefix too large (%ld)", "length"), len);

409
	return KRB5_PROG_ATYPE_NOSUPP;

410
    }

411


412
    if (inaddr->address.length != sizeof(addr)) {

413
	krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP,

414
			       N_("IPv6 addr bad length", ""));

415
	return KRB5_PROG_ATYPE_NOSUPP;

416
    }

417


418
    memcpy(&addr, inaddr->address.data, inaddr->address.length);

419


420
    for (i = 0; i < 16; i++) {

421
	sub_len = min(8, len);

422


423
	m = 0xff << (8 - sub_len);

424


425
	laddr.s6_addr[i] = addr.s6_addr[i] & m;

426
	haddr.s6_addr[i] = (addr.s6_addr[i] & m) | ~m;

427


428
	if (len > 8)

429
	    len -= 8;

430
	else

431
	    len = 0;

432
    }

433


434
    low->addr_type = KRB5_ADDRESS_INET6;

435
    if (krb5_data_alloc(&low->address, sizeof(laddr.s6_addr)) != 0)

436
	return -1;

437
    memcpy(low->address.data, laddr.s6_addr, sizeof(laddr.s6_addr));

438


439
    high->addr_type = KRB5_ADDRESS_INET6;

440
    if (krb5_data_alloc(&high->address, sizeof(haddr.s6_addr)) != 0) {

441
	krb5_free_address(context, low);

442
	return -1;

443
    }

444
    memcpy(high->address.data, haddr.s6_addr, sizeof(haddr.s6_addr));

445


446
    return 0;

447
}

448


449
#endif /* IPv6 */

450


451
#ifndef HEIMDAL_SMALLER

452


453
/*

454
 * table

455
 */

456


457
#define KRB5_ADDRESS_ARANGE	(-100)

458


459
struct arange {

460
    krb5_address low;

461
    krb5_address high;

462
};

463


464
static int

465
arange_parse_addr (krb5_context context,

466
		   const char *address, krb5_address *addr)

467
{

468
    char buf[1024], *p;

469
    krb5_address low0, high0;

470
    struct arange *a;

471
    krb5_error_code ret;

472


473
    if(strncasecmp(address, "RANGE:", 6) != 0)

474
	return -1;

475


476
    address += 6;

477


478
    p = strrchr(address, '/');

479
    if (p) {

480
	krb5_addresses addrmask;

481
	char *q;

482
	long num;

483


484
	if (strlcpy(buf, address, sizeof(buf)) > sizeof(buf))

485
	    return -1;

486
	buf[p - address] = '\0';

487
	ret = krb5_parse_address(context, buf, &addrmask);

488
	if (ret)

489
	    return ret;

490
	if(addrmask.len != 1) {

491
	    krb5_free_addresses(context, &addrmask);

492
	    return -1;

493
	}

494


495
	address += p - address + 1;

496


497
	num = strtol(address, &q, 10);

498
	if (q == address || *q != '\0' || num < 0) {

499
	    krb5_free_addresses(context, &addrmask);

500
	    return -1;

501
	}

502


503
	ret = krb5_address_prefixlen_boundary(context, &addrmask.val[0], num,

504
					      &low0, &high0);

505
	krb5_free_addresses(context, &addrmask);

506
	if (ret)

507
	    return ret;

508


509
    } else {

510
	krb5_addresses low, high;

511


512
	strsep_copy(&address, "-", buf, sizeof(buf));

513
	ret = krb5_parse_address(context, buf, &low);

514
	if(ret)

515
	    return ret;

516
	if(low.len != 1) {

517
	    krb5_free_addresses(context, &low);

518
	    return -1;

519
	}

520


521
	strsep_copy(&address, "-", buf, sizeof(buf));

522
	ret = krb5_parse_address(context, buf, &high);

523
	if(ret) {

524
	    krb5_free_addresses(context, &low);

525
	    return ret;

526
	}

527


528
	if(high.len != 1 || high.val[0].addr_type != low.val[0].addr_type) {

529
	    krb5_free_addresses(context, &low);

530
	    krb5_free_addresses(context, &high);

531
	    return -1;

532
	}

533


534
	ret = krb5_copy_address(context, &high.val[0], &high0);

535
	if (ret == 0) {

536
	    ret = krb5_copy_address(context, &low.val[0], &low0);

537
	    if (ret)

538
		krb5_free_address(context, &high0);

539
	}

540
	krb5_free_addresses(context, &low);

541
	krb5_free_addresses(context, &high);

542
	if (ret)

543
	    return ret;

544
    }

545


546
    krb5_data_alloc(&addr->address, sizeof(*a));

547
    addr->addr_type = KRB5_ADDRESS_ARANGE;

548
    a = addr->address.data;

549


550
    if(krb5_address_order(context, &low0, &high0) < 0) {

551
	a->low = low0;

552
	a->high = high0;

553
    } else {

554
	a->low = high0;

555
	a->high = low0;

556
    }

557
    return 0;

558
}

559


560
static int

561
arange_free (krb5_context context, krb5_address *addr)

562
{

563
    struct arange *a;

564
    a = addr->address.data;

565
    krb5_free_address(context, &a->low);

566
    krb5_free_address(context, &a->high);

567
    krb5_data_free(&addr->address);

568
    return 0;

569
}

570


571


572
static int

573
arange_copy (krb5_context context, const krb5_address *inaddr,

574
	     krb5_address *outaddr)

575
{

576
    krb5_error_code ret;

577
    struct arange *i, *o;

578


579
    outaddr->addr_type = KRB5_ADDRESS_ARANGE;

580
    ret = krb5_data_alloc(&outaddr->address, sizeof(*o));

581
    if(ret)

582
	return ret;

583
    i = inaddr->address.data;

584
    o = outaddr->address.data;

585
    ret = krb5_copy_address(context, &i->low, &o->low);

586
    if(ret) {

587
	krb5_data_free(&outaddr->address);

588
	return ret;

589
    }

590
    ret = krb5_copy_address(context, &i->high, &o->high);

591
    if(ret) {

592
	krb5_free_address(context, &o->low);

593
	krb5_data_free(&outaddr->address);

594
	return ret;

595
    }

596
    return 0;

597
}

598


599
static int

600
arange_print_addr (const krb5_address *addr, char *str, size_t len)

601
{

602
    struct arange *a;

603
    krb5_error_code ret;

604
    size_t l, size, ret_len;

605


606
    a = addr->address.data;

607


608
    l = strlcpy(str, "RANGE:", len);

609
    ret_len = l;

610
    if (l > len)

611
	l = len;

612
    size = l;

613


614
    ret = krb5_print_address (&a->low, str + size, len - size, &l);

615
    if (ret)

616
	return ret;

617
    ret_len += l;

618
    if (len - size > l)

619
	size += l;

620
    else

621
	size = len;

622


623
    l = strlcat(str + size, "-", len - size);

624
    ret_len += l;

625
    if (len - size > l)

626
	size += l;

627
    else

628
	size = len;

629


630
    ret = krb5_print_address (&a->high, str + size, len - size, &l);

631
    if (ret)

632
	return ret;

633
    ret_len += l;

634


635
    return ret_len;

636
}

637


638
static int

639
arange_order_addr(krb5_context context,

640
		  const krb5_address *addr1,

641
		  const krb5_address *addr2)

642
{

643
    int tmp1, tmp2, sign;

644
    struct arange *a;

645
    const krb5_address *a2;

646


647
    if(addr1->addr_type == KRB5_ADDRESS_ARANGE) {

648
	a = addr1->address.data;

649
	a2 = addr2;

650
	sign = 1;

651
    } else if(addr2->addr_type == KRB5_ADDRESS_ARANGE) {

652
	a = addr2->address.data;

653
	a2 = addr1;

654
	sign = -1;

655
    } else {

656
	abort();

657
        UNREACHABLE(return 0);

658
    }

659


660
    if(a2->addr_type == KRB5_ADDRESS_ARANGE) {

661
	struct arange *b = a2->address.data;

662
	tmp1 = krb5_address_order(context, &a->low, &b->low);

663
	if(tmp1 != 0)

664
	    return sign * tmp1;

665
	return sign * krb5_address_order(context, &a->high, &b->high);

666
    } else if(a2->addr_type == a->low.addr_type) {

667
	tmp1 = krb5_address_order(context, &a->low, a2);

668
	if(tmp1 > 0)

669
	    return sign;

670
	tmp2 = krb5_address_order(context, &a->high, a2);

671
	if(tmp2 < 0)

672
	    return -sign;

673
	return 0;

674
    } else {

675
	return sign * (addr1->addr_type - addr2->addr_type);

676
    }

677
}

678


679
#endif /* HEIMDAL_SMALLER */

680


681
static int

682
addrport_print_addr (const krb5_address *addr, char *str, size_t len)

683
{

684
    krb5_error_code ret;

685
    krb5_address addr1, addr2;

686
    uint16_t port = 0;

687
    size_t ret_len = 0, l, size = 0;

688
    krb5_storage *sp;

689


690
    sp = krb5_storage_from_data((krb5_data*)rk_UNCONST(&addr->address));

691
    if (sp == NULL)

692
        return ENOMEM;

693


694
    /* for totally obscure reasons, these are not in network byteorder */

695
    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);

696


697
    krb5_storage_seek(sp, 2, SEEK_CUR); /* skip first two bytes */

698
    krb5_ret_address(sp, &addr1);

699


700
    krb5_storage_seek(sp, 2, SEEK_CUR); /* skip two bytes */

701
    krb5_ret_address(sp, &addr2);

702
    krb5_storage_free(sp);

703
    if(addr2.addr_type == KRB5_ADDRESS_IPPORT && addr2.address.length == 2) {

704
	unsigned long value;

705
	_krb5_get_int(addr2.address.data, &value, 2);

706
	port = value;

707
    }

708
    l = strlcpy(str, "ADDRPORT:", len);

709
    ret_len += l;

710
    if (len > l)

711
	size += l;

712
    else

713
	size = len;

714


715
    ret = krb5_print_address(&addr1, str + size, len - size, &l);

716
    if (ret)

717
	return ret;

718
    ret_len += l;

719
    if (len - size > l)

720
	size += l;

721
    else

722
	size = len;

723


724
    ret = snprintf(str + size, len - size, ",PORT=%u", port);

725
    if (ret < 0)

726
	return EINVAL;

727
    ret_len += ret;

728
    return ret_len;

729
}

730


731
static struct addr_operations at[] = {

732
    {

733
	AF_INET,	KRB5_ADDRESS_INET, sizeof(struct sockaddr_in),

734
	ipv4_sockaddr2addr,

735
	ipv4_sockaddr2port,

736
	ipv4_addr2sockaddr,

737
	ipv4_h_addr2sockaddr,

738
	ipv4_h_addr2addr,

739
	ipv4_uninteresting,

740
	ipv4_is_loopback,

741
	ipv4_anyaddr,

742
	ipv4_print_addr,

743
	ipv4_parse_addr,

744
	NULL,

745
	NULL,

746
	NULL,

747
     ipv4_mask_boundary

748
    },

749
#ifdef HAVE_IPV6

750
    {

751
	AF_INET6,	KRB5_ADDRESS_INET6, sizeof(struct sockaddr_in6),

752
	ipv6_sockaddr2addr,

753
	ipv6_sockaddr2port,

754
	ipv6_addr2sockaddr,

755
	ipv6_h_addr2sockaddr,

756
	ipv6_h_addr2addr,

757
	ipv6_uninteresting,

758
	ipv6_is_loopback,

759
	ipv6_anyaddr,

760
	ipv6_print_addr,

761
	ipv6_parse_addr,

762
	NULL,

763
	NULL,

764
	NULL,

765
	ipv6_mask_boundary

766
    } ,

767
#endif

768
#ifndef HEIMDAL_SMALLER

769
    /* fake address type */

770
    {

771
	KRB5_ADDRESS_ARANGE, KRB5_ADDRESS_ARANGE, sizeof(struct arange),

772
	NULL,

773
	NULL,

774
	NULL,

775
	NULL,

776
	NULL,

777
	NULL,

778
	NULL,

779
	NULL,

780
	arange_print_addr,

781
	arange_parse_addr,

782
	arange_order_addr,

783
	arange_free,

784
	arange_copy,

785
	NULL

786
    },

787
#endif

788
    {

789
	KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_ADDRPORT, 0,

790
	NULL,

791
	NULL,

792
	NULL,

793
	NULL,

794
	NULL,

795
	NULL,

796
	NULL,

797
	NULL,

798
	addrport_print_addr,

799
	NULL,

800
	NULL,

801
	NULL,

802
	NULL

803
    }

804
};

805


806
static int num_addrs = sizeof(at) / sizeof(at[0]);

807


808
static size_t max_sockaddr_size = 0;

809


810
/*

811
 * generic functions

812
 */

813


814
static struct addr_operations *

815
find_af(int af)

816
{

817
    struct addr_operations *a;

818


819
    for (a = at; a < at + num_addrs; ++a)

820
	if (af == a->af)

821
	    return a;

822
    return NULL;

823
}

824


825
static struct addr_operations *

826
find_atype(krb5_address_type atype)

827
{

828
    struct addr_operations *a;

829


830
    for (a = at; a < at + num_addrs; ++a)

831
	if (atype == a->atype)

832
	    return a;

833
    return NULL;

834
}

835


836
/**

837
 * krb5_sockaddr2address stores a address a "struct sockaddr" sa in

838
 * the krb5_address addr.

839
 *

840
 * @param context a Keberos context

841
 * @param sa a struct sockaddr to extract the address from

842
 * @param addr an Kerberos 5 address to store the address in.

843
 *

844
 * @return Return an error code or 0.

845
 *

846
 * @ingroup krb5_address

847
 */

848


849
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

850
krb5_sockaddr2address (krb5_context context,

851
		       const struct sockaddr *sa, krb5_address *addr)

852
{

853
    struct addr_operations *a = find_af(sa->sa_family);

854
    if (a == NULL) {

855
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

856
				N_("Address family %d not supported", ""),

857
				sa->sa_family);

858
	return KRB5_PROG_ATYPE_NOSUPP;

859
    }

860
    return (*a->sockaddr2addr)(sa, addr);

861
}

862


863
/**

864
 * krb5_sockaddr2port extracts a port (if possible) from a "struct

865
 * sockaddr.

866
 *

867
 * @param context a Keberos context

868
 * @param sa a struct sockaddr to extract the port from

869
 * @param port a pointer to an int16_t store the port in.

870
 *

871
 * @return Return an error code or 0. Will return

872
 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.

873
 *

874
 * @ingroup krb5_address

875
 */

876


877
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

878
krb5_sockaddr2port (krb5_context context,

879
		    const struct sockaddr *sa, int16_t *port)

880
{

881
    struct addr_operations *a = find_af(sa->sa_family);

882
    if (a == NULL) {

883
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

884
				N_("Address family %d not supported", ""),

885
				sa->sa_family);

886
	return KRB5_PROG_ATYPE_NOSUPP;

887
    }

888
    return (*a->sockaddr2port)(sa, port);

889
}

890


891
/**

892
 * krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr

893
 * and port. The argument sa_size should initially contain the size of

894
 * the sa and after the call, it will contain the actual length of the

895
 * address. In case of the sa is too small to fit the whole address,

896
 * the up to *sa_size will be stored, and then *sa_size will be set to

897
 * the required length.

898
 *

899
 * @param context a Keberos context

900
 * @param addr the address to copy the from

901
 * @param sa the struct sockaddr that will be filled in

902
 * @param sa_size pointer to length of sa, and after the call, it will

903
 * contain the actual length of the address.

904
 * @param port set port in sa.

905
 *

906
 * @return Return an error code or 0. Will return

907
 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.

908
 *

909
 * @ingroup krb5_address

910
 */

911


912
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

913
krb5_addr2sockaddr (krb5_context context,

914
		    const krb5_address *addr,

915
		    struct sockaddr *sa,

916
		    krb5_socklen_t *sa_size,

917
		    int port)

918
{

919
    struct addr_operations *a = find_atype(addr->addr_type);

920


921
    if (a == NULL) {

922
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

923
				N_("Address type %d not supported",

924
				   "krb5_address type"),

925
				addr->addr_type);

926
	return KRB5_PROG_ATYPE_NOSUPP;

927
    }

928
    if (a->addr2sockaddr == NULL) {

929
	krb5_set_error_message (context,

930
				KRB5_PROG_ATYPE_NOSUPP,

931
				N_("Can't convert address type %d to sockaddr", ""),

932
				addr->addr_type);

933
	return KRB5_PROG_ATYPE_NOSUPP;

934
    }

935
    (*a->addr2sockaddr)(addr, sa, sa_size, port);

936
    return 0;

937
}

938


939
/**

940
 * krb5_max_sockaddr_size returns the max size of the .Li struct

941
 * sockaddr that the Kerberos library will return.

942
 *

943
 * @return Return an size_t of the maximum struct sockaddr.

944
 *

945
 * @ingroup krb5_address

946
 */

947


948
KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL

949
krb5_max_sockaddr_size (void)

950
{

951
    if (max_sockaddr_size == 0) {

952
	struct addr_operations *a;

953


954
	for(a = at; a < at + num_addrs; ++a)

955
	    max_sockaddr_size = max(max_sockaddr_size, a->max_sockaddr_size);

956
    }

957
    return max_sockaddr_size;

958
}

959


960
/**

961
 * krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the

962
 * kerberos library thinks are uninteresting.  One example are link

963
 * local addresses.

964
 *

965
 * @param sa pointer to struct sockaddr that might be interesting.

966
 *

967
 * @return Return a non zero for uninteresting addresses.

968
 *

969
 * @ingroup krb5_address

970
 */

971


972
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL

973
krb5_sockaddr_uninteresting(const struct sockaddr *sa)

974
{

975
    struct addr_operations *a = find_af(sa->sa_family);

976
    if (a == NULL || a->uninteresting == NULL)

977
	return TRUE;

978
    return (*a->uninteresting)(sa);

979
}

980


981
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL

982
krb5_sockaddr_is_loopback(const struct sockaddr *sa)

983
{

984
    struct addr_operations *a = find_af(sa->sa_family);

985
    if (a == NULL || a->is_loopback == NULL)

986
	return TRUE;

987
    return (*a->is_loopback)(sa);

988
}

989


990
/**

991
 * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and

992
 * the "struct hostent" (see gethostbyname(3) ) h_addr_list

993
 * component. The argument sa_size should initially contain the size

994
 * of the sa, and after the call, it will contain the actual length of

995
 * the address.

996
 *

997
 * @param context a Keberos context

998
 * @param af addresses

999
 * @param addr address

1000
 * @param sa returned struct sockaddr

1001
 * @param sa_size size of sa

1002
 * @param port port to set in sa.

1003
 *

1004
 * @return Return an error code or 0.

1005
 *

1006
 * @ingroup krb5_address

1007
 */

1008


1009
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1010
krb5_h_addr2sockaddr (krb5_context context,

1011
		      int af,

1012
		      const char *addr, struct sockaddr *sa,

1013
		      krb5_socklen_t *sa_size,

1014
		      int port)

1015
{

1016
    struct addr_operations *a = find_af(af);

1017
    if (a == NULL) {

1018
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

1019
				"Address family %d not supported", af);

1020
	return KRB5_PROG_ATYPE_NOSUPP;

1021
    }

1022
    (*a->h_addr2sockaddr)(addr, sa, sa_size, port);

1023
    return 0;

1024
}

1025


1026
/**

1027
 * krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception

1028
 * that it operates on a krb5_address instead of a struct sockaddr.

1029
 *

1030
 * @param context a Keberos context

1031
 * @param af address family

1032
 * @param haddr host address from struct hostent.

1033
 * @param addr returned krb5_address.

1034
 *

1035
 * @return Return an error code or 0.

1036
 *

1037
 * @ingroup krb5_address

1038
 */

1039


1040
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1041
krb5_h_addr2addr (krb5_context context,

1042
		  int af,

1043
		  const char *haddr, krb5_address *addr)

1044
{

1045
    struct addr_operations *a = find_af(af);

1046
    if (a == NULL) {

1047
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

1048
				N_("Address family %d not supported", ""), af);

1049
	return KRB5_PROG_ATYPE_NOSUPP;

1050
    }

1051
    return (*a->h_addr2addr)(haddr, addr);

1052
}

1053


1054
/**

1055
 * krb5_anyaddr fills in a "struct sockaddr sa" that can be used to

1056
 * bind(2) to.  The argument sa_size should initially contain the size

1057
 * of the sa, and after the call, it will contain the actual length

1058
 * of the address.

1059
 *

1060
 * @param context a Keberos context

1061
 * @param af address family

1062
 * @param sa sockaddr

1063
 * @param sa_size lenght of sa.

1064
 * @param port for to fill into sa.

1065
 *

1066
 * @return Return an error code or 0.

1067
 *

1068
 * @ingroup krb5_address

1069
 */

1070


1071
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1072
krb5_anyaddr (krb5_context context,

1073
	      int af,

1074
	      struct sockaddr *sa,

1075
	      krb5_socklen_t *sa_size,

1076
	      int port)

1077
{

1078
    struct addr_operations *a = find_af (af);

1079


1080
    if (a == NULL) {

1081
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

1082
				N_("Address family %d not supported", ""), af);

1083
	return KRB5_PROG_ATYPE_NOSUPP;

1084
    }

1085


1086
    (*a->anyaddr)(sa, sa_size, port);

1087
    return 0;

1088
}

1089


1090
/**

1091
 * krb5_print_address prints the address in addr to the string string

1092
 * that have the length len. If ret_len is not NULL, it will be filled

1093
 * with the length of the string if size were unlimited (not including

1094
 * the final NUL) .

1095
 *

1096
 * @param addr address to be printed

1097
 * @param str pointer string to print the address into

1098
 * @param len length that will fit into area pointed to by "str".

1099
 * @param ret_len return length the str.

1100
 *

1101
 * @return Return an error code or 0.

1102
 *

1103
 * @ingroup krb5_address

1104
 */

1105


1106
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1107
krb5_print_address (const krb5_address *addr,

1108
		    char *str, size_t len, size_t *ret_len)

1109
{

1110
    struct addr_operations *a = find_atype(addr->addr_type);

1111
    int ret;

1112


1113
    if (a == NULL || a->print_addr == NULL) {

1114
	char *s;

1115
	int l;

1116
	size_t i;

1117


1118
	s = str;

1119
	l = snprintf(s, len, "TYPE_%d:", addr->addr_type);

1120
	if (l < 0 || (size_t)l >= len)

1121
	    return EINVAL;

1122
	s += l;

1123
	len -= l;

1124
	for(i = 0; i < addr->address.length; i++) {

1125
	    l = snprintf(s, len, "%02x", ((char*)addr->address.data)[i]);

1126
	    if (l < 0 || (size_t)l >= len)

1127
		return EINVAL;

1128
	    len -= l;

1129
	    s += l;

1130
	}

1131
	if(ret_len != NULL)

1132
	    *ret_len = s - str;

1133
	return 0;

1134
    }

1135
    ret = (*a->print_addr)(addr, str, len);

1136
    if (ret < 0)

1137
	return EINVAL;

1138
    if(ret_len != NULL)

1139
	*ret_len = ret;

1140
    return 0;

1141
}

1142


1143
/**

1144
 * krb5_parse_address returns the resolved hostname in string to the

1145
 * krb5_addresses addresses .

1146
 *

1147
 * @param context a Keberos context

1148
 * @param string

1149
 * @param addresses

1150
 *

1151
 * @return Return an error code or 0.

1152
 *

1153
 * @ingroup krb5_address

1154
 */

1155


1156
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1157
krb5_parse_address(krb5_context context,

1158
		   const char *string,

1159
		   krb5_addresses *addresses)

1160
{

1161
    int i, n;

1162
    struct addrinfo *ai, *a;

1163
    int error;

1164
    int save_errno;

1165


1166
    addresses->len = 0;

1167
    addresses->val = NULL;

1168


1169
    for(i = 0; i < num_addrs; i++) {

1170
	if(at[i].parse_addr) {

1171
	    krb5_address addr;

1172
	    if((*at[i].parse_addr)(context, string, &addr) == 0) {

1173
		ALLOC_SEQ(addresses, 1);

1174
		if (addresses->val == NULL) {

1175
		    krb5_set_error_message(context, ENOMEM,

1176
					   N_("malloc: out of memory", ""));

1177
		    return ENOMEM;

1178
		}

1179
		addresses->val[0] = addr;

1180
		return 0;

1181
	    }

1182
	}

1183
    }

1184


1185
    error = getaddrinfo (string, NULL, NULL, &ai);

1186
    if (error) {

1187
	krb5_error_code ret2;

1188
	save_errno = errno;

1189
	ret2 = krb5_eai_to_heim_errno(error, save_errno);

1190
	krb5_set_error_message (context, ret2, "%s: %s",

1191
				string, gai_strerror(error));

1192
	return ret2;

1193
    }

1194


1195
    n = 0;

1196
    for (a = ai; a != NULL; a = a->ai_next)

1197
	++n;

1198


1199
    ALLOC_SEQ(addresses, n);

1200
    if (addresses->val == NULL) {

1201
	krb5_set_error_message(context, ENOMEM,

1202
			       N_("malloc: out of memory", ""));

1203
	freeaddrinfo(ai);

1204
	return ENOMEM;

1205
    }

1206


1207
    addresses->len = 0;

1208
    for (a = ai, i = 0; a != NULL; a = a->ai_next) {

1209
	if (krb5_sockaddr2address (context, ai->ai_addr, &addresses->val[i]))

1210
	    continue;

1211
	if(krb5_address_search(context, &addresses->val[i], addresses)) {

1212
	    krb5_free_address(context, &addresses->val[i]);

1213
	    continue;

1214
	}

1215
	i++;

1216
	addresses->len = i;

1217
    }

1218
    freeaddrinfo (ai);

1219
    return 0;

1220
}

1221


1222
/**

1223
 * krb5_address_order compares the addresses addr1 and addr2 so that

1224
 * it can be used for sorting addresses. If the addresses are the same

1225
 * address krb5_address_order will return 0. Behavies like memcmp(2).

1226
 *

1227
 * @param context a Keberos context

1228
 * @param addr1 krb5_address to compare

1229
 * @param addr2 krb5_address to compare

1230
 *

1231
 * @return < 0 if address addr1 in "less" then addr2. 0 if addr1 and

1232
 * addr2 is the same address, > 0 if addr2 is "less" then addr1.

1233
 *

1234
 * @ingroup krb5_address

1235
 */

1236


1237
KRB5_LIB_FUNCTION int KRB5_LIB_CALL

1238
krb5_address_order(krb5_context context,

1239
		   const krb5_address *addr1,

1240
		   const krb5_address *addr2)

1241
{

1242
    /* this sucks; what if both addresses have order functions, which

1243
       should we call? this works for now, though */

1244
    struct addr_operations *a;

1245
    a = find_atype(addr1->addr_type);

1246
    if(a == NULL) {

1247
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

1248
				N_("Address family %d not supported", ""),

1249
				addr1->addr_type);

1250
	return KRB5_PROG_ATYPE_NOSUPP;

1251
    }

1252
    if(a->order_addr != NULL)

1253
	return (*a->order_addr)(context, addr1, addr2);

1254
    a = find_atype(addr2->addr_type);

1255
    if(a == NULL) {

1256
	krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP,

1257
				N_("Address family %d not supported", ""),

1258
				addr2->addr_type);

1259
	return KRB5_PROG_ATYPE_NOSUPP;

1260
    }

1261
    if(a->order_addr != NULL)

1262
	return (*a->order_addr)(context, addr1, addr2);

1263


1264
    if(addr1->addr_type != addr2->addr_type)

1265
	return addr1->addr_type - addr2->addr_type;

1266
    if(addr1->address.length != addr2->address.length)

1267
	return addr1->address.length - addr2->address.length;

1268
    return memcmp (addr1->address.data,

1269
		   addr2->address.data,

1270
		   addr1->address.length);

1271
}

1272


1273
/**

1274
 * krb5_address_compare compares the addresses  addr1 and addr2.

1275
 * Returns TRUE if the two addresses are the same.

1276
 *

1277
 * @param context a Keberos context

1278
 * @param addr1 address to compare

1279
 * @param addr2 address to compare

1280
 *

1281
 * @return Return an TRUE is the address are the same FALSE if not

1282
 *

1283
 * @ingroup krb5_address

1284
 */

1285


1286
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL

1287
krb5_address_compare(krb5_context context,

1288
		     const krb5_address *addr1,

1289
		     const krb5_address *addr2)

1290
{

1291
    return krb5_address_order (context, addr1, addr2) == 0;

1292
}

1293


1294
/**

1295
 * krb5_address_search checks if the address addr is a member of the

1296
 * address set list addrlist .

1297
 *

1298
 * @param context a Keberos context.

1299
 * @param addr address to search for.

1300
 * @param addrlist list of addresses to look in for addr.

1301
 *

1302
 * @return Return an error code or 0.

1303
 *

1304
 * @ingroup krb5_address

1305
 */

1306


1307
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL

1308
krb5_address_search(krb5_context context,

1309
		    const krb5_address *addr,

1310
		    const krb5_addresses *addrlist)

1311
{

1312
    size_t i;

1313


1314
    for (i = 0; i < addrlist->len; ++i)

1315
	if (krb5_address_compare (context, addr, &addrlist->val[i]))

1316
	    return TRUE;

1317
    return FALSE;

1318
}

1319


1320
/**

1321
 * krb5_free_address frees the data stored in the address that is

1322
 * alloced with any of the krb5_address functions.

1323
 *

1324
 * @param context a Keberos context

1325
 * @param address addresss to be freed.

1326
 *

1327
 * @return Return an error code or 0.

1328
 *

1329
 * @ingroup krb5_address

1330
 */

1331


1332
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1333
krb5_free_address(krb5_context context,

1334
		  krb5_address *address)

1335
{

1336
    struct addr_operations *a = find_atype (address->addr_type);

1337
    if(a != NULL && a->free_addr != NULL)

1338
	return (*a->free_addr)(context, address);

1339
    krb5_data_free (&address->address);

1340
    memset(address, 0, sizeof(*address));

1341
    return 0;

1342
}

1343


1344
/**

1345
 * krb5_free_addresses frees the data stored in the address that is

1346
 * alloced with any of the krb5_address functions.

1347
 *

1348
 * @param context a Keberos context

1349
 * @param addresses addressses to be freed.

1350
 *

1351
 * @return Return an error code or 0.

1352
 *

1353
 * @ingroup krb5_address

1354
 */

1355


1356
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1357
krb5_free_addresses(krb5_context context,

1358
		    krb5_addresses *addresses)

1359
{

1360
    size_t i;

1361
    for(i = 0; i < addresses->len; i++)

1362
	krb5_free_address(context, &addresses->val[i]);

1363
    free(addresses->val);

1364
    addresses->len = 0;

1365
    addresses->val = NULL;

1366
    return 0;

1367
}

1368


1369
/**

1370
 * krb5_copy_address copies the content of address

1371
 * inaddr to outaddr.

1372
 *

1373
 * @param context a Keberos context

1374
 * @param inaddr pointer to source address

1375
 * @param outaddr pointer to destination address

1376
 *

1377
 * @return Return an error code or 0.

1378
 *

1379
 * @ingroup krb5_address

1380
 */

1381


1382
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1383
krb5_copy_address(krb5_context context,

1384
		  const krb5_address *inaddr,

1385
		  krb5_address *outaddr)

1386
{

1387
    struct addr_operations *a = find_af (inaddr->addr_type);

1388
    if(a != NULL && a->copy_addr != NULL)

1389
	return (*a->copy_addr)(context, inaddr, outaddr);

1390
    return copy_HostAddress(inaddr, outaddr);

1391
}

1392


1393
/**

1394
 * krb5_copy_addresses copies the content of addresses

1395
 * inaddr to outaddr.

1396
 *

1397
 * @param context a Keberos context

1398
 * @param inaddr pointer to source addresses

1399
 * @param outaddr pointer to destination addresses

1400
 *

1401
 * @return Return an error code or 0.

1402
 *

1403
 * @ingroup krb5_address

1404
 */

1405


1406
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1407
krb5_copy_addresses(krb5_context context,

1408
		    const krb5_addresses *inaddr,

1409
		    krb5_addresses *outaddr)

1410
{

1411
    size_t i;

1412
    ALLOC_SEQ(outaddr, inaddr->len);

1413
    if(inaddr->len > 0 && outaddr->val == NULL)

1414
	return ENOMEM;

1415
    for(i = 0; i < inaddr->len; i++)

1416
	krb5_copy_address(context, &inaddr->val[i], &outaddr->val[i]);

1417
    return 0;

1418
}

1419


1420
/**

1421
 * krb5_append_addresses adds the set of addresses in source to

1422
 * dest. While copying the addresses, duplicates are also sorted out.

1423
 *

1424
 * @param context a Keberos context

1425
 * @param dest destination of copy operation

1426
 * @param source adresses that are going to be added to dest

1427
 *

1428
 * @return Return an error code or 0.

1429
 *

1430
 * @ingroup krb5_address

1431
 */

1432


1433
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1434
krb5_append_addresses(krb5_context context,

1435
		      krb5_addresses *dest,

1436
		      const krb5_addresses *source)

1437
{

1438
    krb5_address *tmp;

1439
    krb5_error_code ret;

1440
    size_t i;

1441
    if(source->len > 0) {

1442
	tmp = realloc(dest->val, (dest->len + source->len) * sizeof(*tmp));

1443
	if(tmp == NULL) {

1444
	    krb5_set_error_message (context, ENOMEM,

1445
				    N_("malloc: out of memory", ""));

1446
	    return ENOMEM;

1447
	}

1448
	dest->val = tmp;

1449
	for(i = 0; i < source->len; i++) {

1450
	    /* skip duplicates */

1451
	    if(krb5_address_search(context, &source->val[i], dest))

1452
		continue;

1453
	    ret = krb5_copy_address(context,

1454
				    &source->val[i],

1455
				    &dest->val[dest->len]);

1456
	    if(ret)

1457
		return ret;

1458
	    dest->len++;

1459
	}

1460
    }

1461
    return 0;

1462
}

1463


1464
/**

1465
 * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port)

1466
 *

1467
 * @param context a Keberos context

1468
 * @param res built address from addr/port

1469
 * @param addr address to use

1470
 * @param port port to use

1471
 *

1472
 * @return Return an error code or 0.

1473
 *

1474
 * @ingroup krb5_address

1475
 */

1476


1477
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1478
krb5_make_addrport (krb5_context context,

1479
		    krb5_address **res, const krb5_address *addr, int16_t port)

1480
{

1481
    krb5_error_code ret;

1482
    size_t len = addr->address.length + 2 + 4 * 4;

1483
    u_char *p;

1484


1485
    *res = malloc (sizeof(**res));

1486
    if (*res == NULL) {

1487
	krb5_set_error_message (context, ENOMEM,

1488
				N_("malloc: out of memory", ""));

1489
	return ENOMEM;

1490
    }

1491
    (*res)->addr_type = KRB5_ADDRESS_ADDRPORT;

1492
    ret = krb5_data_alloc (&(*res)->address, len);

1493
    if (ret) {

1494
	krb5_set_error_message (context, ret,

1495
				N_("malloc: out of memory", ""));

1496
	free (*res);

1497
	*res = NULL;

1498
	return ret;

1499
    }

1500
    p = (*res)->address.data;

1501
    *p++ = 0;

1502
    *p++ = 0;

1503
    *p++ = (addr->addr_type     ) & 0xFF;

1504
    *p++ = (addr->addr_type >> 8) & 0xFF;

1505


1506
    *p++ = (addr->address.length      ) & 0xFF;

1507
    *p++ = (addr->address.length >>  8) & 0xFF;

1508
    *p++ = (addr->address.length >> 16) & 0xFF;

1509
    *p++ = (addr->address.length >> 24) & 0xFF;

1510


1511
    memcpy (p, addr->address.data, addr->address.length);

1512
    p += addr->address.length;

1513


1514
    *p++ = 0;

1515
    *p++ = 0;

1516
    *p++ = (KRB5_ADDRESS_IPPORT     ) & 0xFF;

1517
    *p++ = (KRB5_ADDRESS_IPPORT >> 8) & 0xFF;

1518


1519
    *p++ = (2      ) & 0xFF;

1520
    *p++ = (2 >>  8) & 0xFF;

1521
    *p++ = (2 >> 16) & 0xFF;

1522
    *p++ = (2 >> 24) & 0xFF;

1523


1524
    memcpy (p, &port, 2);

1525


1526
    return 0;

1527
}

1528


1529
/**

1530
 * Calculate the boundary addresses of `inaddr'/`prefixlen' and store

1531
 * them in `low' and `high'.

1532
 *

1533
 * @param context a Keberos context

1534
 * @param inaddr address in prefixlen that the bondery searched

1535
 * @param prefixlen width of boundery

1536
 * @param low lowest address

1537
 * @param high highest address

1538
 *

1539
 * @return Return an error code or 0.

1540
 *

1541
 * @ingroup krb5_address

1542
 */

1543


1544
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL

1545
krb5_address_prefixlen_boundary(krb5_context context,

1546
				const krb5_address *inaddr,

1547
				unsigned long prefixlen,

1548
				krb5_address *low,

1549
				krb5_address *high)

1550
{

1551
    struct addr_operations *a = find_atype (inaddr->addr_type);

1552
    if(a != NULL && a->mask_boundary != NULL)

1553
	return (*a->mask_boundary)(context, inaddr, prefixlen, low, high);

1554
    krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP,

1555
			   N_("Address family %d doesn't support "

1556
			      "address mask operation", ""),

1557
			   inaddr->addr_type);

1558
    return KRB5_PROG_ATYPE_NOSUPP;

1559
}

1560


1561