[14486] in Kerberos
Re: Patch for making Kerberos work through Firewalls and NATs
daemon@ATHENA.MIT.EDU (Michael Bischof)
Sun May 27 20:27:11 2001
Message-ID: <001201c0e70c$753671a0$96f1fea9@uunetd9tatypo8>
From: "Michael Bischof" <mb@byteworks.ch>
To: "meeroh" <macdev@meeroh.org>, <kerberos@MIT.EDU>
Date: Mon, 28 May 2001 02:23:45 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
diff -ruN krb5-1.2.2.orig/src/lib/krb5/os/localaddr.c
krb5-1.2.2/src/lib/krb5/os/localaddr.c
--- krb5-1.2.2.orig/src/lib/krb5/os/localaddr.c Wed Feb 28 23:07:54 2001
+++ krb5-1.2.2/src/lib/krb5/os/localaddr.c Mon May 14 15:15:54 2001
@@ -464,7 +464,7 @@
KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
-krb5_os_localaddr(context, addr)
+_krb5_os_localaddr(context, addr)
krb5_context context;
krb5_address FAR * FAR * FAR *addr;
{
@@ -637,3 +637,129 @@
return(err);
}
#endif
+
+
+KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
+krb5_os_localaddr(context, addr)
+ krb5_context context;
+ krb5_address FAR * FAR * FAR *addr;
+{
+ int i;
+ int j;
+ int n = 0;
+ int retval;
+ int naddrs = 0;
+ int nproxies = 0;
+
+ const char *proxy_names[3];
+ char **proxy_list;
+ krb5_address **local_addrs;
+ krb5_address ***proxy_addrs;
+
+
+ /*
+ * We need to add the IP addresses of any proxies given in the
+ * Kerberos configuration file to the "local" IP address. First,
+ * let's see if we have any in the configuration file.
+ */
+
+ proxy_names[0] = "libdefaults";
+ proxy_names[1] = "proxy_gateway";
+ proxy_names[2] = NULL;
+
+ if (profile_get_values(context->profile, proxy_names, &proxy_list)) {
+ return _krb5_os_localaddr(context, addr);
+ }
+
+ /*
+ * We've got some proxy hosts in the config file. First, let's figure
+ * out how many we're talking about and total them all up.
+ */
+
+ if ((retval = _krb5_os_localaddr(context, &local_addrs))) {
+ for (i = 0; proxy_list[i]; i++)
+ free(proxy_list[i]);
+
+ free(proxy_list);
+ return retval;
+ }
+
+ /* Count number of local addresses */
+ while (local_addrs[naddrs])
+ naddrs++;
+
+ /* Count number of proxy addresses */
+ while (proxy_list[nproxies])
+ nproxies++;
+
+ proxy_addrs = (krb5_address **) malloc(sizeof(proxy_addrs) * nproxies);
+ if (!proxy_addrs) {
+ krb5_free_addresses(context, local_addrs);
+
+ for (i = 0; proxy_list[i]; i++)
+ free(proxy_list[i]);
+
+ free((char *) proxy_list);
+ return ENOMEM;
+ }
+
+ /*
+ * Get all of the addresses for all of the proxy hosts. Just total
+ * them all up for now; we need the total number to construct the
+ * address array.
+ */
+
+ for (i = 0; i < nproxies; i++) {
+ if (krb5_os_hostaddr(context, proxy_list[i], &proxy_addrs[i])) {
+ proxy_addrs[i] = NULL;
+ continue;
+ }
+
+ for (j = 0; proxy_addrs[i][j]; j++)
+ naddrs++;
+
+ free(proxy_list[i]);
+ }
+ free((char *) proxy_list);
+
+ /*
+ * Build the final addresses array, using all of the addresses that
+ * we have.
+ */
+
+ *addr = (krb5_address **) malloc(sizeof(krb5_address *) * (naddrs +
1));
+
+ if (!*addr) {
+ krb5_free_addresses(context, local_addrs);
+
+ for (i = 0; i < nproxies; i++) {
+ if (proxy_addrs[i])
+ krb5_free_addresses(context, proxy_addrs[i]);
+ }
+
+ free((char *) proxy_addrs);
+ return ENOMEM;
+ }
+
+ /* Local addresses */
+ for (i = 0; local_addrs[i]; i++)
+ (*addr)[n++] = local_addrs[i];
+
+ free((char *) local_addrs);
+
+ /* Proxy addresses */
+ for (i = 0; i < nproxies; i++) {
+ if (proxy_addrs[i]) {
+ for (j = 0; proxy_addrs[i][j]; j++)
+ (*addr)[n++] = proxy_addrs[i][j];
+ free((char *) proxy_addrs[i]);
+ }
+ }
+
+ free((char *) proxy_addrs);
+
+ /* NULL terminate the array */
+ (*addr)[n] = NULL;
+
+ return 0;
+}
