diff options
| -rw-r--r-- | source4/kdc/kdc.c | 69 | ||||
| -rw-r--r-- | source4/kdc/kdc.h | 6 | ||||
| -rw-r--r-- | source4/kdc/kpasswdd.c | 23 |
3 files changed, 80 insertions, 18 deletions
diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c index 92dd5b6924..6a9df0bf02 100644 --- a/source4/kdc/kdc.c +++ b/source4/kdc/kdc.c @@ -28,6 +28,7 @@ #include "smbd/process_model.h" #include "lib/events/events.h" #include "lib/socket/socket.h" +#include "lib/tsocket/tsocket.h" #include "system/network.h" #include "../lib/util/dlinklist.h" #include "lib/messaging/irpc.h" @@ -58,8 +59,8 @@ typedef bool (*kdc_process_fn_t)(struct kdc_server *kdc, TALLOC_CTX *mem_ctx, DATA_BLOB *input, DATA_BLOB *reply, - struct socket_address *peer_addr, - struct socket_address *my_addr, + struct tsocket_address *peer_addr, + struct tsocket_address *my_addr, int datagram); /* hold information about one kdc socket */ @@ -130,6 +131,8 @@ static void kdc_recv_handler(struct kdc_socket *kdc_socket) size_t nread, dsize; struct socket_address *src; struct socket_address *my_addr; + struct tsocket_address *tsrcaddr; + struct tsocket_address *tmyaddr; int ret; status = socket_pending(kdc_socket->sock, &dsize); @@ -162,13 +165,27 @@ static void kdc_recv_handler(struct kdc_socket *kdc_socket) return; } + ret = tsocket_address_bsd_from_sockaddr(tmp_ctx, src->sockaddr, + src->sockaddrlen, &tsrcaddr); + if (ret < 0) { + talloc_free(tmp_ctx); + return; + } + + ret = tsocket_address_bsd_from_sockaddr(tmp_ctx, my_addr->sockaddr, + my_addr->sockaddrlen, &tmyaddr); + if (ret < 0) { + talloc_free(tmp_ctx); + return; + } /* Call krb5 */ ret = kdc_socket->process(kdc_socket->kdc, tmp_ctx, &blob, &reply, - src, my_addr, + tsrcaddr, + tmyaddr, 1 /* Datagram */); if (!ret) { talloc_free(tmp_ctx); @@ -229,6 +246,8 @@ static NTSTATUS kdc_tcp_recv(void *private_data, DATA_BLOB blob) DATA_BLOB input, reply; struct socket_address *src_addr; struct socket_address *my_addr; + struct tsocket_address *tsrcaddr; + struct tsocket_address *tmyaddr; talloc_steal(tmp_ctx, blob.data); @@ -244,6 +263,20 @@ static NTSTATUS kdc_tcp_recv(void *private_data, DATA_BLOB blob) return NT_STATUS_NO_MEMORY; } + ret = tsocket_address_bsd_from_sockaddr(tmp_ctx, src_addr->sockaddr, + src_addr->sockaddrlen, &tsrcaddr); + if (ret < 0) { + talloc_free(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + + ret = tsocket_address_bsd_from_sockaddr(tmp_ctx, my_addr->sockaddr, + my_addr->sockaddrlen, &tmyaddr); + if (ret < 0) { + talloc_free(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + /* Call krb5 */ input = data_blob_const(blob.data + 4, blob.length - 4); @@ -251,8 +284,8 @@ static NTSTATUS kdc_tcp_recv(void *private_data, DATA_BLOB blob) tmp_ctx, &input, &reply, - src_addr, - my_addr, + tsrcaddr, + tmyaddr, 0 /* Not datagram */); if (!ret) { talloc_free(tmp_ctx); @@ -319,25 +352,37 @@ static bool kdc_process(struct kdc_server *kdc, TALLOC_CTX *mem_ctx, DATA_BLOB *input, DATA_BLOB *reply, - struct socket_address *peer_addr, - struct socket_address *my_addr, + struct tsocket_address *peer_addr, + struct tsocket_address *my_addr, int datagram_reply) { - int ret; + int ret; + char *pa; + struct sockaddr_storage ss; krb5_data k5_reply; krb5_data_zero(&k5_reply); krb5_kdc_update_time(NULL); - DEBUG(10,("Received KDC packet of length %lu from %s:%d\n", - (long)input->length - 4, peer_addr->addr, peer_addr->port)); + ret = tsocket_address_bsd_sockaddr(peer_addr, (struct sockaddr *) &ss, + sizeof(struct sockaddr_storage)); + if (ret < 0) { + return false; + } + pa = tsocket_address_string(peer_addr, mem_ctx); + if (pa == NULL) { + return false; + } + + DEBUG(10,("Received KDC packet of length %lu from %s\n", + (long)input->length - 4, pa)); ret = krb5_kdc_process_krb5_request(kdc->smb_krb5_context->krb5_context, kdc->config, input->data, input->length, &k5_reply, - peer_addr->addr, - peer_addr->sockaddr, + pa, + (struct sockaddr *) &ss, datagram_reply); if (ret == -1) { *reply = data_blob(NULL, 0); diff --git a/source4/kdc/kdc.h b/source4/kdc/kdc.h index fb70f95392..4a715fd498 100644 --- a/source4/kdc/kdc.h +++ b/source4/kdc/kdc.h @@ -29,15 +29,15 @@ #include "kdc/hdb-samba4.h" struct kdc_server; -struct socket_address; +struct tsocket_address; bool kpasswdd_process(struct kdc_server *kdc, TALLOC_CTX *mem_ctx, DATA_BLOB *input, DATA_BLOB *reply, - struct socket_address *peer_addr, - struct socket_address *my_addr, + struct tsocket_address *peer_addr, + struct tsocket_address *my_addr, int datagram_reply); /* diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c index d396591290..18adf0a248 100644 --- a/source4/kdc/kpasswdd.c +++ b/source4/kdc/kpasswdd.c @@ -24,6 +24,7 @@ #include "smbd/service_task.h" #include "lib/events/events.h" #include "lib/socket/socket.h" +#include "lib/tsocket/tsocket.h" #include "system/network.h" #include "../lib/util/dlinklist.h" #include "lib/ldb/include/ldb.h" @@ -418,8 +419,8 @@ bool kpasswdd_process(struct kdc_server *kdc, TALLOC_CTX *mem_ctx, DATA_BLOB *input, DATA_BLOB *reply, - struct socket_address *peer_addr, - struct socket_address *my_addr, + struct tsocket_address *peer_addr, + struct tsocket_address *my_addr, int datagram_reply) { bool ret; @@ -435,6 +436,9 @@ bool kpasswdd_process(struct kdc_server *kdc, DATA_BLOB kpasswd_req, kpasswd_rep; struct cli_credentials *server_credentials; struct gensec_security *gensec_security; + struct sockaddr_storage ss; + ssize_t socklen; + struct socket_address *socket_address; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); char *keytab_name; @@ -530,7 +534,20 @@ bool kpasswdd_process(struct kdc_server *kdc, } #endif - nt_status = gensec_set_my_addr(gensec_security, my_addr); + socklen = tsocket_address_bsd_sockaddr(my_addr, (struct sockaddr *) &ss, + sizeof(struct sockaddr_storage)); + if (socklen < 0) { + talloc_free(tmp_ctx); + return false; + } + socket_address = socket_address_from_sockaddr(tmp_ctx, + (struct sockaddr *) &ss, socklen); + if (socket_address == NULL) { + talloc_free(tmp_ctx); + return false; + } + + nt_status = gensec_set_my_addr(gensec_security, socket_address); if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(tmp_ctx); return false; |