summaryrefslogtreecommitdiffstats
path: root/src/kdc/network.c
Commit message (Collapse)AuthorAgeFilesLines
* Merge users/raeburn/branches/network-mergeKen Raeburn2010-03-171-1764/+0
| | | | | | | | | | Re-integrates the forked versions of network.c in kdc and kadmin/server. Server-specific initialization and SIGHUP-reset code is moved into other source files; the more generic network-servicing code is merged and moved into apputils library already used by both programs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23811 dc483132-0cff-0310-8789-dd5450dbe970
* Ignore some routing messages indicating changes that don't affect ourKen Raeburn2010-01-031-0/+24
| | | | | | set of local addresses. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23570 dc483132-0cff-0310-8789-dd5450dbe970
* Reformat new commentsKen Raeburn2009-12-031-14/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23441 dc483132-0cff-0310-8789-dd5450dbe970
* fix slow behavior on Mac OS X with link-local addressesKen Raeburn2009-12-031-10/+48
| | | | | | | | | | | | | | | | | | | | | | | | | When using my previous patch, if a local hostname like "foobar.local" is looked up, you may get back a link-local IPv6 address. However, the KDC seems to be unable to respond from that address, resulting in a ~1s delay for each KDC exchange while waiting for the client to fail over to another address (in my case, another IPv6 address). Create a new object for holding whatever auxiliary information might be needed to properly transmit the response to the client. Currently, that only means the interface index number under IPv6. Fill it in on receipt, always; copy it back to the pktinfo structure when transmitting, ONLY if the local source address is link-local. If an error occurs while transmitting the reply, print both the remote destination address and the local source address. Use getnameinfo instead of inet_ntop. Apply the same changes to kadmind, to keep the versions of network.c more or less in sync. ticket: 6591 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23440 dc483132-0cff-0310-8789-dd5450dbe970
* Use "unsigned short" instead of "u_short" in argument to SET macro;Ken Raeburn2009-11-041-3/+8
| | | | | | | | | the Emacs cc-mode indentation code seems to get confused by the one-word case. Reindent. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23129 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-311-753/+754
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Report verbose error messages from KDCGreg Hudson2009-03-111-62/+48
| | | | | | | | | | | | | | | | We were losing verbose error messages when logging from the KDC because the context passed to krb5_klog_init did not match the realm-specific context used for most library function calls. Introduce a wrapper function kdc_err which copies the error state from the call context to the log context. The wrapper function also knows the program name, which removes the need to pass argv[0] around everywhere or make up program names. ticket: 6408 target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22079 dc483132-0cff-0310-8789-dd5450dbe970
* Be less verbose about routing-socket messagesKen Raeburn2009-02-131-4/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22005 dc483132-0cff-0310-8789-dd5450dbe970
* Add some output parameter initializations n order to eliminate someGreg Hudson2009-01-231-0/+1
| | | | | | spurious Coverity defects. (Far from a comprehensive pass.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21782 dc483132-0cff-0310-8789-dd5450dbe970
* If recv_from_to is passed a buffer for the local endpoint address,Ken Raeburn2009-01-141-1/+9
| | | | | | | clobber it before doing anything else, just in case we can't retrieve the address and the caller blindly uses the buffer anyways. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21747 dc483132-0cff-0310-8789-dd5450dbe970
* Merge some very simple points of divergence in the two copies of network.c ↵Ken Raeburn2009-01-141-18/+10
| | | | | | | | -- enum ordering, whitespace, duplicate macro definitions, unused code, 0 vs NULL... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21746 dc483132-0cff-0310-8789-dd5450dbe970
* Merge mskrb-integ onto trunkSam Hartman2009-01-031-11/+61
| | | | | | | | | | | | | | | | | | | | | | | | The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
* Use strlcpy instead of strcpy in many placesGreg Hudson2008-10-241-6/+6
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
* error in socket number range check in kdcKen Raeburn2008-08-051-3/+9
| | | | | | | | | | | | Fix off-by-one error in checking that socket file descriptor numbers are in range suitable for an fd_set. Also, don't do the check if we should someday happen to get compiled on Windows. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20606 dc483132-0cff-0310-8789-dd5450dbe970
* When reading from the routing socket, only provide enough space forKen Raeburn2008-07-211-30/+22
| | | | | | | the header and ignore the rest of the message. Don't complain about message size as long as we got the bits of the header we care about. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20552 dc483132-0cff-0310-8789-dd5450dbe970
* Set non-blocking mode on incoming TCP connections.Ken Raeburn2008-07-181-3/+12
| | | | | | | Don't log EINTR error in select loop. Log when shutdown signal has been received and acted on. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20541 dc483132-0cff-0310-8789-dd5450dbe970
* On systems with struct rt_msghdr, open a routing socket and wait forKen Raeburn2008-07-181-4/+169
| | | | | | | | | | | | | | | | | | | | | | | messages; when they come in, if the types suggest a possibility of network interface reconfiguration, shut down the KDC's networking and bring it back up again, rescanning the interfaces in the process. Leaving the ticket open because it should be improved: * It should only close down sockets on addresses we no longer have, and bring up sockets only on new addresses. * If we have IPV6_PKTINFO support, it should only listen for IPv4 routing changes. * If we also have IP_PKTINFO support, it shouldn't be used at all. * If we build a KDC on a system with neither struct rt_msghdr nor IP_PKTINFO (do we have any such?), we'll need another solution. Thanks to Nico Williams for the routing socket suggestion, and Apple for the initial (signal-driven) reconfiguration code. ticket: 6019 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20540 dc483132-0cff-0310-8789-dd5450dbe970
* Use RFC 3542's IPV6_RECVPKTINFO if available. (And IP_RECVPKTINFO too.)Ken Raeburn2008-07-141-2/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20515 dc483132-0cff-0310-8789-dd5450dbe970
* In FREE_SET_DATA, reset the current count as wellKen Raeburn2008-07-121-1/+1
| | | | | | | ticket: 6019 state: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20514 dc483132-0cff-0310-8789-dd5450dbe970
* kdc does not compile with glibc 2.8 Ezra Peisach2008-07-061-2/+2
| | | | | | | | | | | | | | | | | | | On Fedora 9, glibc 2.8 is used. The kdc code conditionalizes IPV6_PKTINFO and HAVE_STRUCT_IN6_PKTINFO in a number of places = but misses two for the struct one. /usr/include/netinet/in.h conditionalizes struct in6_pktinfo on __USE_GNU - which I believe implies a gnu libc extension. People on the net have defined GNU_SOURCE for various things to compile, etc. I do note that /usr/include/linux/ipv6.h exists with the same definition. I believe that ipv6 support in the kdc will not work with these changes - but the tree compiles. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20498 dc483132-0cff-0310-8789-dd5450dbe970
* use-after-free bugsKen Raeburn2008-06-271-2/+0
| | | | | | | | | | | Fix some bugs with storage being used immediately after being freed. None look like anything an attacker can really manipulate AFAICT. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20485 dc483132-0cff-0310-8789-dd5450dbe970
* (more) After malloc/realloc/calloc/strdup/asprintf failures, useKen Raeburn2008-04-301-5/+5
| | | | | | | | ENOMEM explicitly instead of reading it from errno. This may make static analysis tools less confused about when we return zero vs nonzero values. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20313 dc483132-0cff-0310-8789-dd5450dbe970
* Fix MITKRB5-SA-2008-001 on trunk. Patch differs from the released oneKen Raeburn2008-03-181-0/+2
| | | | | | | | for 1.6 because of code divergence. ticket: 5919 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20280 dc483132-0cff-0310-8789-dd5450dbe970
* Set close-on-exec flag in most places where file descriptors areKen Raeburn2007-10-221-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | opened in our libraries (in case another application thread spawns a new process) and in the KDC programs (in case a plugin library spawns a new process). Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup dup2 pipe. In: util lib plugins kdc kadmin/server krb524. The various programs are less critical than the libraries, as any well-written plugin that spawns a new process should close all file descriptors it doesn't need to communicate with the new process. This approach also isn't bulletproof, as the call to set the close-on-exec flag is necessarily a separate call from creating the file descriptor, and the fork call could happen in between them. So plugins should be careful regardless of this patch; it will only reduce the window of potential lossage should a plugin be poorly written. (AFAIK there are currently no plugins that spawn processes where this would be a problem.) Update dependencies. ticket: 5561 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970
* Reject socket fds > FD_SETSIZEKen Raeburn2007-10-181-0/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20127 dc483132-0cff-0310-8789-dd5450dbe970
* Log port number with IPV6_V6ONLY socket option status.Ken Raeburn2007-10-091-4/+12
| | | | | | Recognize and ignore Appletalk address type. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20108 dc483132-0cff-0310-8789-dd5450dbe970
* Move the code for queueing an outgoing response on a TCP stream into a separateKen Raeburn2007-04-271-13/+13
| | | | | | function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19535 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use sendmsg/recvmsg paths if CMSG_SPACE isn't definedKen Raeburn2007-04-201-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19510 dc483132-0cff-0310-8789-dd5450dbe970
* update copyrightKen Raeburn2007-04-131-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19459 dc483132-0cff-0310-8789-dd5450dbe970
* use IP(V6)_PKTINFO in KDC for UDP socketsKen Raeburn2007-04-071-42/+343
| | | | | | | | | | | | | | | | | | | | | | | | | As Denis Vlasenko pointed out in ticket 3306, using IP(V6)_PKTINFO to get or set the local address in UDP communications instead of allocating one socket for each address seen at startup will behave better in environments where the addresses may change while the KDC is running, or in certain unusual network configurations. The patch from Denis was specific to Linux (didn't do IPV6_PKTINFO if IP_PKTINFO wasn't defined). I've reworked it a fair amount, and tested the results briefly on Mac OS X (which has IPV6_PKTINFO but not IP_PKTINFO) and Linux (which has both). With this change, on systems like Linux supporting both socket options, the KDC should be able to use just two UDP sockets, one for IPv4 and one for IPv6. (And if we turned off IPV6_V6ONLY, we might do with one.) Filed as a separate ticket, because Denis's complaint and patch in 3306 cover the RPC code as well. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19408 dc483132-0cff-0310-8789-dd5450dbe970
* kdc: make_toolong_error does not initialize all fields for krb5_mk_errorEzra Peisach2006-10-011-0/+2
| | | | | | | | | | | network.c: make_too_long_error() fails to set the ctime and cusec elements of the krb5_error structure. Valgrind detects errors in the asn.1 encoding handlers in reading an unitialized value. Initialize to 0. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18635 dc483132-0cff-0310-8789-dd5450dbe970
* Revise comment on when we should switch from writing back to readingKen Raeburn2006-06-271-1/+4
| | | | | | | on a TCP stream. (We don't currently, ever, and we probably should eventually, but sometimes closing the connection is required.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18234 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc/network.c (make_toolong_error): New function.Ken Raeburn2006-06-261-1/+40
| | | | | | | | | | | | | (process_tcp_connection): If the specified length exceeds the internal limit, stop reading and send back a FIELD_TOOLONG error. * tests/dejagnu/krb-standalone/standalone.exp (doit): When testing TCP mode, connect to the KDC and send a length of -1, and check that it sends back a non-empty message. ticket: 3923 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18233 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (listen_and_process): Make local variable 'sout' staticKen Raeburn2005-11-291-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17513 dc483132-0cff-0310-8789-dd5450dbe970
* fix MITKRB5-SA-2005-002 KDC double-free and heap overflowTom Yu2005-07-121-0/+1
| | | | | | | | | | | | | | | Fix for MITKRB5-SA-2005-002 * KDC double-free [CAN-2005-1174, VU#259798] * krb5_unparse_name heap overflow [CAN-2005-1175, VU#885830] Thanks to Daniel Wachdorf. ticket: new flags: pullup target_version: 1.4.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17298 dc483132-0cff-0310-8789-dd5450dbe970
* Delete definitions of unused macros NEED_SOCKETS and NEED_LOWLEVEL_IOKen Raeburn2005-04-131-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17177 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (closedown_network): Free each connection data structure whileKen Raeburn2004-09-241-0/+5
| | | | | | | | closing file descriptors. ticket: 1210 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16789 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (paddr): Use unsigned int for length.Ezra Peisach2004-06-071-5/+5
| | | | | | | | | | (kdc_conn_type): Declare CONN_ enumerated types in connection as distinct type. (add_fd): Declare as taking enum type instead of simply integer. Prevents assignment of interger to an enum. (process_tcp_connection): Remove variable assigned to but never used. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16416 dc483132-0cff-0310-8789-dd5450dbe970
* Rename header file foreachaddr.c to foreachaddr.h, now that it isn'tKen Raeburn2004-05-051-1/+1
| | | | | | mostly static functions to be compiled in. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16314 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (setup_a_tcp_listener): Try to turn the IPV6_V6ONLY socket optionKen Raeburn2004-04-031-8/+16
| | | | | | | | on, not off, and do it before calling bind. (setup_tcp_listener_ports): Don't do it here any more. (setup_udp_port): Ignore AF_DLI addresses. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16234 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (delete_fd): Free pointed-to data after removing it from theKen Raeburn2004-03-221-2/+4
| | | | | | | | | | | | connection set. (kill_tcp_connection): Move delete_fd call to the end. (accept_tcp_connection): Decrement connection counter again if we drop the incoming connection for lack of buffer space. ticket: 2384 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16201 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (setup_a_tcp_listener): Call setreuseaddr before calling bind.Ken Raeburn2004-02-261-8/+11
| | | | | | | | | | (setup_tcp_listener_ports): Don't call setreuseaddr. Log info about socket option IPV6_V6ONLY in unsupported and success cases. ticket: 2285 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16124 dc483132-0cff-0310-8789-dd5450dbe970
* * main.c: On exit, free more allocated memory, including:Ezra Peisach2003-01-031-1/+2
| | | | | | | | | | | | | | realm_tcp_ports data, kdc_realmlist, close the replay cache, and free the lookaside cache. * network.c (FREE_SET_DATA): Do not free a NULL pointer. * replay.c, kdc_util.h: Add kdc_free_lookaside() to clear the lookaside cache on shutdown - to search for memory leaks. * rtest.c (main): Do not allocate or free a NULL pointer. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15080 dc483132-0cff-0310-8789-dd5450dbe970
* Limit the number of TCP connections that will be handled at one time.Ken Raeburn2002-09-271-55/+69
| | | | | | | | | | | | | | | | | Remove some debugging calls. * network.c (struct connection): New field start_time. (tcp_data_counter, max_tcp_data_connections): New variables. (kill_tcp_connection): New function. (process_tcp_connection): Use it. Log reason for rejecting connection if the requested buffer size is too large. (accept_tcp_connection): If there are too many TCP connections already, shut down the oldest one. (setup_network, listen_and_process, process_tcp_connection, service_conn): Delete debugging code. (process_packet): Use socklen_t where appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14903 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c: Include sys/filio.h if availableKen Raeburn2002-09-191-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14888 dc483132-0cff-0310-8789-dd5450dbe970
* Add TCP support to the KDC, turned off by default, and using separateKen Raeburn2002-09-191-123/+779
| | | | | | | | | | config file entries to indicate port numbers. Checkpointing a working version; debug code needs cleanup, doc needs writing. ticket: 1175 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14885 dc483132-0cff-0310-8789-dd5450dbe970
* protoizeKen Raeburn2002-09-111-13/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14841 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (process_packet): Call inet_ntop directly.Ken Raeburn2002-09-101-4/+6
| | | | | | | * sock2p.c: Deleted. * Makefile.in (SRCS, OBJS): Drop it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14834 dc483132-0cff-0310-8789-dd5450dbe970
* * network.c (setup_port): Ignore AF_LINK addresses. Log address family numberKen Raeburn2002-08-081-1/+6
| | | | | | if unrecognized. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14687 dc483132-0cff-0310-8789-dd5450dbe970
* network.c (setup_port): Enable ipv6Ken Raeburn2002-07-061-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14611 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-09 09:37:03 +0000