Defer hostname lookups in krb5_sendto_kdc

Restructure the locate_kdc and sendto_kdc code to defer getaddrinfo
calls until we need the answer.  This requires many changes:

* struct addrlist is now called struct serverlist, and is declared in
  os-proto.h instead of k5-int.h.  It contains an array of struct
  server_entry structures which can hold either a name or an address.
  (Address entries are used for locate_kdc module results.)

* The connection state list is now a linked list, and holds address
  information directly instead of using a struct addrinfo (this
  simplifies memory management).  Each connection entry contains a
  callback buffer (previously stored in a separate array) and an index
  into the server list.

* The {addrstate} trace formatting primitive is no longer needed, and
  has been replaced by {connstate}.  There is also a new tracing event
  for resolving hostnames.

* locate_server, locate_kdc, free_serverlist, and sendto get their
  prefixes changed from krb5int_ to k5_ as their prototypes were being
  adjusted anyway.  The family argument is gone from the locate
  functions as it was never productively used.  k5_sendto now receives
  the socket types of interest.

* krb5_sendto_kdc will now pass a 0 socktype to k5_locate_kdc if both
  socket types are wanted.  There were some allowances for this in
  locate but this was never previously done.  In order to be
  conservative when invoking locate modules, we always pass an
  explicit socktype, thus calling lookup twice (as we did before,
  albeit with a separate init/fini cycle) in the common case.  When
  creating hostname entries in serverlist from profile configuration,
  we preserve the 0 value of socktype, and later create both TCP and
  UDP addresses from the getaddrinfo results when the host is
  resolved.

* Some accessor functions previously used by libkrb4 have been removed
  as they impinged upon this work.

ticket: 6868

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24635 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 38 insertions, 80 deletions

diff --git a/src/include/cm.h b/src/include/cm.h
index cf5ff222b..2bb5ca980 100644
--- a/src/include/cm.h
+++ b/src/include/cm.h
@@ -62,7 +62,10 @@ struct conn_state {
     unsigned int is_udp : 1;
     int (*service)(krb5_context context, struct conn_state *,
                    struct select_state *, int);
-    struct addrinfo *addr;
+    int socktype;
+    int family;
+    size_t addrlen;
+    struct sockaddr_storage addr;
     struct {
         struct {
             sg_buf sgbuf[2];
@@ -72,6 +75,9 @@ struct conn_state {
         } out;
         struct incoming_krb5_message in;
     } x;
+    krb5_data callback_buffer;
+    size_t server_index;
+    struct conn_state *next;
 };
 
 struct sendto_callback_info {
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 92ff1f043..adcc97eb2 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -590,7 +590,6 @@ extern char *strdup (const char *);
 
 #include "k5-gmt_mktime.h"
 
-struct addrlist;
 struct sendto_callback_info;
 
 /* libos.spec */
@@ -621,33 +620,6 @@ krb5_os_hostaddr(krb5_context, const char *, krb5_address ***);
 krb5_error_code
 krb5int_get_domain_realm_mapping(krb5_context , const char *, char ***);
 
-/* N.B.: You need to include fake-addrinfo.h *before* k5-int.h if you're
-   going to use this structure.  */
-struct addrlist {
-    struct {
-#ifdef FAI_DEFINED
-        struct addrinfo *ai;
-#else
-        struct undefined_addrinfo *ai;
-#endif
-        void (*freefn)(void *);
-        void *data;
-    } *addrs;
-    size_t naddrs;
-    size_t space;
-};
-#define ADDRLIST_INIT { 0, 0, 0 }
-extern void krb5int_free_addrlist(struct addrlist *);
-extern int krb5int_grow_addrlist(struct addrlist *, int);
-extern int krb5int_add_host_to_list(struct addrlist *, const char *,
-                                    int, int, int, int);
-
-#include <krb5/locate_plugin.h>
-krb5_error_code
-krb5int_locate_server(krb5_context, const krb5_data *realm,
-                      struct addrlist *, enum locate_service_type svc,
-                      int sockettype, int family);
-
 struct derived_key {
     krb5_data constant;
     krb5_key dkey;
@@ -2289,7 +2261,7 @@ void krb5int_free_srv_dns_data(struct srv_dns_entry *);
 /* To keep happy libraries which are (for now) accessing internal stuff */
 
 /* Make sure to increment by one when changing the struct */
-#define KRB5INT_ACCESS_STRUCT_VERSION 16
+#define KRB5INT_ACCESS_STRUCT_VERSION 17
 
 #ifndef ANAME_SZ
 struct ktext;                   /* from krb.h, for krb524 support */
@@ -2305,29 +2277,7 @@ typedef struct _krb5int_access {
     krb5_error_code (*auth_con_get_subkey_enctype)(krb5_context,
                                                    krb5_auth_context,
                                                    krb5_enctype *);
-    /* service location and communication */
-    krb5_error_code (*sendto_udp)(krb5_context, const krb5_data *msg,
-                                  const struct addrlist *,
-                                  struct sendto_callback_info *,
-                                  krb5_data *reply, struct sockaddr *,
-                                  socklen_t *, struct sockaddr *,
-                                  socklen_t *, int *,
-                                  int (*msg_handler)(krb5_context,
-                                                     const krb5_data *,
-                                                     void *),
-                                  void *msg_handler_data);
-    krb5_error_code (*add_host_to_list)(struct addrlist *lp,
-                                        const char *hostname,
-                                        int port, int secport,
-                                        int socktype, int family);
-    void (*free_addrlist)(struct addrlist *);
-
-    krb5_error_code (*make_srv_query_realm)(const krb5_data *realm,
-                                            const char *service,
-                                            const char *protocol,
-                                            struct srv_dns_entry **answers);
-    void (*free_srv_dns_data)(struct srv_dns_entry *);
-    int (*use_dns_kdc)(krb5_context);
+
     krb5_error_code (*clean_hostname)(krb5_context, const char *, char *,
                                       size_t);
 
diff --git a/src/include/k5-trace.h b/src/include/k5-trace.h
index a4a0b83de..0df77fc19 100644
--- a/src/include/k5-trace.h
+++ b/src/include/k5-trace.h
@@ -60,7 +60,7 @@
  *   {lenstr}      size_t and const char *, as a counted string
  *   {hexlenstr}   size_t and const char *, as hex bytes
  *   {hashlenstr}  size_t and const char *, as four-character hex hash
- *   {addrinfo}    struct addrinfo *, show socket type, address, port
+ *   {connstate}   struct conn_state *, show socket type, address, port
  *   {data}        krb5_data *, display as counted string
  *   {hexdata}     krb5_data *, display as hex bytes
  *   {errno}       int, display as number/errorstring
@@ -264,32 +264,34 @@
               rlm, (master) ? " (master)" : "", (tcp) ? " (tcp only)" : ""))
 #define TRACE_SENDTO_KDC_MASTER(c, master) \
     TRACE(c, (c, "Response was{str} from master KDC", (master) ? "" : " not"))
-#define TRACE_SENDTO_KDC_RESPONSE(c, addr) \
-    TRACE(c, (c, "Received answer from {addrinfo}", addr))
-#define TRACE_SENDTO_KDC_TCP_CONNECT(c, addr) \
-    TRACE(c, (c, "Initiating TCP connection to {addrinfo}", addr))
-#define TRACE_SENDTO_KDC_TCP_DISCONNECT(c, addr) \
-    TRACE(c, (c, "Terminating TCP connection to {addrinfo}", addr))
-#define TRACE_SENDTO_KDC_TCP_ERROR_CONNECT(c, addr, err) \
-    TRACE(c, (c, "TCP error connecting to {addrinfo}: {errno}", addr, err))
-#define TRACE_SENDTO_KDC_TCP_ERROR_RECV(c, addr, err) \
-    TRACE(c, (c, "TCP error receiving from {addrinfo}: {errno}", addr, err))
-#define TRACE_SENDTO_KDC_TCP_ERROR_RECV_LEN(c, addr, err) \
-    TRACE(c, (c, "TCP error receiving from {addrinfo}: {errno}", addr, err))
-#define TRACE_SENDTO_KDC_TCP_ERROR_SEND(c, addr, err) \
-    TRACE(c, (c, "TCP error sending to {addrinfo}: {errno}", addr, err))
-#define TRACE_SENDTO_KDC_TCP_SEND(c, addr) \
-    TRACE(c, (c, "Sending TCP request to {addrinfo}", addr))
-#define TRACE_SENDTO_KDC_UDP_ERROR_RECV(c, addr, err) \
-    TRACE(c, (c, "UDP error receiving from {addrinfo}: {errno}", addr, err))
-#define TRACE_SENDTO_KDC_UDP_ERROR_SEND_INITIAL(c, addr, err) \
-    TRACE(c, (c, "UDP error sending to {addrinfo}: {errno}", addr, err))
-#define TRACE_SENDTO_KDC_UDP_ERROR_SEND_RETRY(c, addr, err) \
-    TRACE(c, (c, "UDP error sending to {addrinfo}: {errno}", addr, err))
-#define TRACE_SENDTO_KDC_UDP_SEND_INITIAL(c, addr) \
-    TRACE(c, (c, "Sending initial UDP request to {addrinfo}", addr))
-#define TRACE_SENDTO_KDC_UDP_SEND_RETRY(c, addr) \
-    TRACE(c, (c, "Sending retry UDP request to {addrinfo}", addr))
+#define TRACE_SENDTO_KDC_RESOLVING(c, hostname) \
+    TRACE(c, (c, "Resolving hostname {str}", hostname))
+#define TRACE_SENDTO_KDC_RESPONSE(c, conn) \
+    TRACE(c, (c, "Received answer from {connstate}", conn))
+#define TRACE_SENDTO_KDC_TCP_CONNECT(c, conn) \
+    TRACE(c, (c, "Initiating TCP connection to {connstate}", conn))
+#define TRACE_SENDTO_KDC_TCP_DISCONNECT(c, conn) \
+    TRACE(c, (c, "Terminating TCP connection to {connstate}", conn))
+#define TRACE_SENDTO_KDC_TCP_ERROR_CONNECT(c, conn, err) \
+    TRACE(c, (c, "TCP error connecting to {connstate}: {errno}", conn, err))
+#define TRACE_SENDTO_KDC_TCP_ERROR_RECV(c, conn, err) \
+    TRACE(c, (c, "TCP error receiving from {connstate}: {errno}", conn, err))
+#define TRACE_SENDTO_KDC_TCP_ERROR_RECV_LEN(c, conn, err) \
+    TRACE(c, (c, "TCP error receiving from {connstate}: {errno}", conn, err))
+#define TRACE_SENDTO_KDC_TCP_ERROR_SEND(c, conn, err) \
+    TRACE(c, (c, "TCP error sending to {connstate}: {errno}", conn, err))
+#define TRACE_SENDTO_KDC_TCP_SEND(c, conn) \
+    TRACE(c, (c, "Sending TCP request to {connstate}", conn))
+#define TRACE_SENDTO_KDC_UDP_ERROR_RECV(c, conn, err) \
+    TRACE(c, (c, "UDP error receiving from {connstate}: {errno}", conn, err))
+#define TRACE_SENDTO_KDC_UDP_ERROR_SEND_INITIAL(c, conn, err) \
+    TRACE(c, (c, "UDP error sending to {connstate}: {errno}", conn, err))
+#define TRACE_SENDTO_KDC_UDP_ERROR_SEND_RETRY(c, conn, err) \
+    TRACE(c, (c, "UDP error sending to {connstate}: {errno}", conn, err))
+#define TRACE_SENDTO_KDC_UDP_SEND_INITIAL(c, conn) \
+    TRACE(c, (c, "Sending initial UDP request to {connstate}", conn))
+#define TRACE_SENDTO_KDC_UDP_SEND_RETRY(c, conn) \
+    TRACE(c, (c, "Sending retry UDP request to {connstate}", conn))
 
 #define TRACE_SEND_TGS_ETYPES(c, etypes) \
     TRACE(c, (c, "etypes requested in TGS request: {etypes}", etypes))