Consistently name and constify address variables

In libkdb5, libapputils, the KDC, kadmind, and both KDB modules, use
the name "remote_addr" for the variable containing the remote address.
In schpw.c:process_chpw_request(), use the name "local_addr" for the
parameter containing the local address.  Make the remote_addr
parameter const in libkdb5 and the DAL.

[ghudson@mit.edu: combined commits and rewrote commit message]

src/include/kdb.h

@@ -695,9 +695,9 @@ krb5_error_code krb5_db_check_policy_tgs(krb5_context kcontext,
                                          krb5_pa_data ***e_data);
 
 void krb5_db_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
-                          krb5_address *from, krb5_db_entry *client,
-                          krb5_db_entry *server, krb5_timestamp authtime,
-                          krb5_error_code error_code);
+                          const krb5_address *remote_addr,
+                          krb5_db_entry *client, krb5_db_entry *server,
+                          krb5_timestamp authtime, krb5_error_code error_code);
 
 void krb5_db_refresh_config(krb5_context kcontext);
 
@@ -1357,9 +1357,9 @@ typedef struct _kdb_vftabl {
      * AS request.
      */
     void (*audit_as_req)(krb5_context kcontext, krb5_kdc_req *request,
-                         krb5_address *from, krb5_db_entry *client,
-                         krb5_db_entry *server, krb5_timestamp authtime,
-                         krb5_error_code error_code);
+                         const krb5_address *remote_addr,
+                         krb5_db_entry *client, krb5_db_entry *server,
+                         krb5_timestamp authtime, krb5_error_code error_code);
 
     /* Note: there is currently no method for auditing TGS requests. */
 

src/kadmin/server/schpw.c

@@ -18,8 +18,8 @@
 
 static krb5_error_code
 process_chpw_request(krb5_context context, void *server_handle, char *realm,
-                     krb5_keytab keytab, const krb5_fulladdr *local_faddr,
-                     const krb5_fulladdr *remote_faddr, krb5_data *req,
+                     krb5_keytab keytab, const krb5_fulladdr *local_addr,
+                     const krb5_fulladdr *remote_addr, krb5_data *req,
                      krb5_data *rep)
 {
     krb5_error_code ret;
@@ -42,7 +42,7 @@ process_chpw_request(krb5_context context, void *server_handle, char *realm,
     struct sockaddr_storage ss;
     socklen_t salen;
     char addrbuf[100];
-    krb5_address *addr = remote_faddr->address;
+    krb5_address *addr = remote_addr->address;
 
     *rep = empty_data();
 
@@ -237,7 +237,7 @@ process_chpw_request(krb5_context context, void *server_handle, char *realm,
 
         sin->sin_family = AF_INET;
         memcpy(&sin->sin_addr, addr->contents, addr->length);
-        sin->sin_port = htons(remote_faddr->port);
+        sin->sin_port = htons(remote_addr->port);
         salen = sizeof(*sin);
         break;
     }
@@ -246,7 +246,7 @@ process_chpw_request(krb5_context context, void *server_handle, char *realm,
 
         sin6->sin6_family = AF_INET6;
         memcpy(&sin6->sin6_addr, addr->contents, addr->length);
-        sin6->sin6_port = htons(remote_faddr->port);
+        sin6->sin6_port = htons(remote_addr->port);
         salen = sizeof(*sin6);
         break;
     }
@@ -326,7 +326,7 @@ process_chpw_request(krb5_context context, void *server_handle, char *realm,
 
     if (ap_rep.length) {
         ret = krb5_auth_con_setaddrs(context, auth_context,
-                                     local_faddr->address, NULL);
+                                     local_addr->address, NULL);
         if (ret) {
             numresult = KRB5_KPASSWD_HARDERROR;
             strlcpy(strresult,
@@ -437,7 +437,7 @@ process_chpw_request(krb5_context context, void *server_handle, char *realm,
 /* Dispatch routine for set/change password */
 void
 dispatch(void *handle, struct sockaddr *local_saddr,
-         const krb5_fulladdr *remote_faddr, krb5_data *request, int is_tcp,
+         const krb5_fulladdr *remote_addr, krb5_data *request, int is_tcp,
          verto_ctx *vctx, loop_respond_fn respond, void *arg)
 {
     krb5_error_code ret;
@@ -466,7 +466,7 @@ dispatch(void *handle, struct sockaddr *local_saddr,
                                server_handle->params.realm,
                                kt,
                                &local_faddr,
-                               remote_faddr,
+                               remote_addr,
                                request,
                                response);
 egress:

src/kdc/dispatch.c

@@ -120,7 +120,7 @@ reseed_random(krb5_context kdc_err_context)
 
 void
 dispatch(void *cb, struct sockaddr *local_saddr,
-         const krb5_fulladdr *from, krb5_data *pkt, int is_tcp,
+         const krb5_fulladdr *remote_addr, krb5_data *pkt, int is_tcp,
          verto_ctx *vctx, loop_respond_fn respond, void *arg)
 {
     krb5_error_code retval;
@@ -150,8 +150,8 @@ dispatch(void *cb, struct sockaddr *local_saddr,
         const char *name = 0;
         char buf[46];
 
-        name = inet_ntop (ADDRTYPE2FAMILY (from->address->addrtype),
-                          from->address->contents, buf, sizeof (buf));
+        name = inet_ntop(ADDRTYPE2FAMILY(remote_addr->address->addrtype),
+                         remote_addr->address->contents, buf, sizeof(buf));
         if (name == 0)
             name = "[unknown address type]";
         if (response)
@@ -177,7 +177,7 @@ dispatch(void *cb, struct sockaddr *local_saddr,
     /* try TGS_REQ first; they are more common! */
 
     if (krb5_is_tgs_req(pkt)) {
-        retval = process_tgs_req(handle, pkt, from, &response);
+        retval = process_tgs_req(handle, pkt, remote_addr, &response);
     } else if (krb5_is_as_req(pkt)) {
         if (!(retval = decode_krb5_as_req(pkt, &as_req))) {
             /*
@@ -187,8 +187,8 @@ dispatch(void *cb, struct sockaddr *local_saddr,
              */
             state->active_realm = setup_server_realm(handle, as_req->server);
             if (state->active_realm != NULL) {
-                process_as_req(as_req, pkt, from, state->active_realm, vctx,
-                               finish_dispatch_cache, state);
+                process_as_req(as_req, pkt, remote_addr, state->active_realm,
+                               vctx, finish_dispatch_cache, state);
                 return;
             } else {
                 retval = KRB5KDC_ERR_WRONG_REALM;

src/kdc/do_as_req.c

@@ -160,7 +160,7 @@ struct as_req_state {
     struct kdc_request_state *rstate;
     char *sname, *cname;
     void *pa_context;
-    const krb5_fulladdr *from;
+    const krb5_fulladdr *remote_addr;
     krb5_data **auth_indicators;
 
     krb5_error_code preauth_err;
@@ -359,7 +359,7 @@ finish_process_as_req(struct as_req_state *state, krb5_error_code errcode)
            state->reply.enc_part.ciphertext.length);
     free(state->reply.enc_part.ciphertext.data);
 
-    log_as_req(kdc_context, state->from, state->request, &state->reply,
+    log_as_req(kdc_context, state->remote_addr, state->request, &state->reply,
                state->client, state->cname, state->server,
                state->sname, state->authtime, 0, 0, 0);
     did_log = 1;
@@ -381,10 +381,10 @@ finish_process_as_req(struct as_req_state *state, krb5_error_code errcode)
         emsg = krb5_get_error_message(kdc_context, errcode);
 
     if (state->status) {
-        log_as_req(kdc_context,
-                   state->from, state->request, &state->reply, state->client,
-                   state->cname, state->server, state->sname, state->authtime,
-                   state->status, errcode, emsg);
+        log_as_req(kdc_context, state->remote_addr, state->request,
+                   &state->reply, state->client, state->cname, state->server,
+                   state->sname, state->authtime, state->status, errcode,
+                   emsg);
         did_log = 1;
     }
     if (errcode) {
@@ -492,7 +492,7 @@ finish_preauth(void *arg, krb5_error_code code)
 /*ARGSUSED*/
 void
 process_as_req(krb5_kdc_req *request, krb5_data *req_pkt,
-               const krb5_fulladdr *from, kdc_realm_t *kdc_active_realm,
+               const krb5_fulladdr *remote_addr, kdc_realm_t *kdc_active_realm,
                verto_ctx *vctx, loop_respond_fn respond, void *arg)
 {
     krb5_error_code errcode;
@@ -511,7 +511,7 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt,
     state->arg = arg;
     state->request = request;
     state->req_pkt = req_pkt;
-    state->from = from;
+    state->remote_addr = remote_addr;
     state->active_realm = kdc_active_realm;
 
     errcode = kdc_make_rstate(kdc_active_realm, &state->rstate);
@@ -522,7 +522,8 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt,
     }
 
     /* Initialize audit state. */
-    errcode = kau_init_kdc_req(kdc_context, state->request, from, &au_state);
+    errcode = kau_init_kdc_req(kdc_context, state->request, remote_addr,
+                               &au_state);
     if (errcode) {
         (*respond)(arg, errcode, NULL);
         kdc_free_rstate(state->rstate);

src/kdc/kdc_log.c

@@ -54,7 +54,7 @@
 /* Someday, pass local address/port as well.  */
 /* Currently no info about name canonicalization is logged.  */
 void
-log_as_req(krb5_context context, const krb5_fulladdr *from,
+log_as_req(krb5_context context, const krb5_fulladdr *remote_addr,
            krb5_kdc_req *request, krb5_kdc_rep *reply,
            krb5_db_entry *client, const char *cname,
            krb5_db_entry *server, const char *sname,
@@ -67,8 +67,8 @@ log_as_req(krb5_context context, const krb5_fulladdr *from,
     const char *cname2 = cname ? cname : "<unknown client>";
     const char *sname2 = sname ? sname : "<unknown server>";
 
-    fromstring = inet_ntop(ADDRTYPE2FAMILY (from->address->addrtype),
-                           from->address->contents,
+    fromstring = inet_ntop(ADDRTYPE2FAMILY(remote_addr->address->addrtype),
+                           remote_addr->address->contents,
                            fromstringbuf, sizeof(fromstringbuf));
     if (!fromstring)
         fromstring = "<unknown>";
@@ -89,14 +89,14 @@ log_as_req(krb5_context context, const krb5_fulladdr *from,
                          ktypestr, fromstring, status,
                          cname2, sname2, emsg ? ", " : "", emsg ? emsg : "");
     }
-    krb5_db_audit_as_req(context, request, from->address, client, server,
-                         authtime, errcode);
+    krb5_db_audit_as_req(context, request, remote_addr->address, client,
+                         server, authtime, errcode);
 #if 0
     /* Sun (OpenSolaris) version would probably something like this.
        The client and server names passed can be null, unlike in the
        logging routines used above.  Note that a struct in_addr is
        used, but the real address could be an IPv6 address.  */
-    audit_krb5kdc_as_req(some in_addr *, (in_port_t)from->port, 0,
+    audit_krb5kdc_as_req(some in_addr *, (in_port_t)remote_addr->port, 0,
                          cname, sname, errcode);
 #endif
 }

src/kdc/kdc_util.h

@@ -346,7 +346,7 @@ kdc_get_ticket_renewtime(kdc_realm_t *realm, krb5_kdc_req *request,
                          krb5_db_entry *server, krb5_enc_tkt_part *tkt);
 
 void
-log_as_req(krb5_context context, const krb5_fulladdr *from,
+log_as_req(krb5_context context, const krb5_fulladdr *remote_addr,
            krb5_kdc_req *request, krb5_kdc_rep *reply,
            krb5_db_entry *client, const char *cname,
            krb5_db_entry *server, const char *sname,

src/lib/apputils/net-server.c

@@ -131,8 +131,8 @@ struct connection {
     struct sockaddr_storage addr_s;
     socklen_t addrlen;
     char addrbuf[56];
-    krb5_fulladdr faddr;
-    krb5_address kaddr;
+    krb5_address remote_addr_buf;
+    krb5_fulladdr remote_addr;
 
     /* Incoming data (TCP) */
     size_t bufsiz;
@@ -951,8 +951,8 @@ struct udp_dispatch_state {
     void *handle;
     const char *prog;
     int port_fd;
-    krb5_address addr;
-    krb5_fulladdr faddr;
+    krb5_address remote_addr_buf;
+    krb5_fulladdr remote_addr;
     socklen_t saddr_len;
     socklen_t daddr_len;
     struct sockaddr_storage saddr;
@@ -1084,10 +1084,12 @@ process_packet(verto_ctx *ctx, verto_ev *ev)
 
     state->request.length = cc;
     state->request.data = state->pktbuf;
-    state->faddr.address = &state->addr;
-    init_addr(&state->faddr, ss2sa(&state->saddr));
+
+    state->remote_addr.address = &state->remote_addr_buf;
+    init_addr(&state->remote_addr, ss2sa(&state->saddr));
+
     /* This address is in net order. */
-    dispatch(state->handle, ss2sa(&state->daddr), &state->faddr,
+    dispatch(state->handle, ss2sa(&state->daddr), &state->remote_addr,
              &state->request, 0, ctx, process_packet_response, state);
 }
 
@@ -1201,8 +1203,8 @@ accept_tcp_connection(verto_ctx *ctx, verto_ev *ev)
         return;
     }
     newconn->offset = 0;
-    newconn->faddr.address = &newconn->kaddr;
-    init_addr(&newconn->faddr, ss2sa(&newconn->addr_s));
+    newconn->remote_addr.address = &newconn->remote_addr_buf;
+    init_addr(&newconn->remote_addr, ss2sa(&newconn->addr_s));
     SG_SET(&newconn->sgbuf[0], newconn->lenbuf, 4);
     SG_SET(&newconn->sgbuf[1], 0, 0);
 }
@@ -1356,8 +1358,9 @@ process_tcp_connection_read(verto_ctx *ctx, verto_ev *ev)
             goto kill_tcp_connection;
         }
 
-        dispatch(state->conn->handle, ss2sa(&state->local_saddr), &conn->faddr,
-                 &state->request, 1, ctx, process_tcp_response, state);
+        dispatch(state->conn->handle, ss2sa(&state->local_saddr),
+                 &conn->remote_addr, &state->request, 1, ctx,
+                 process_tcp_response, state);
     }
 
     return;
@@ -1505,8 +1508,8 @@ accept_rpc_connection(verto_ctx *ctx, verto_ev *ev)
         if (++tcp_or_rpc_data_counter > max_tcp_or_rpc_data_connections)
             kill_lru_tcp_or_rpc_connection(newconn->handle, newev);
 
-        newconn->faddr.address = &newconn->kaddr;
-        init_addr(&newconn->faddr, ss2sa(&newconn->addr_s));
+        newconn->remote_addr.address = &newconn->remote_addr_buf;
+        init_addr(&newconn->remote_addr, ss2sa(&newconn->addr_s));
     }
 }
 

src/lib/kdb/kdb5.c

@@ -2672,7 +2672,7 @@ krb5_db_check_policy_tgs(krb5_context kcontext, krb5_kdc_req *request,
 
 void
 krb5_db_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
-                     krb5_address *from, krb5_db_entry *client,
+                     const krb5_address *remote_addr, krb5_db_entry *client,
                      krb5_db_entry *server, krb5_timestamp authtime,
                      krb5_error_code error_code)
 {
@@ -2682,7 +2682,7 @@ krb5_db_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
     status = get_vftabl(kcontext, &v);
     if (status || v->audit_as_req == NULL)
         return;
-    v->audit_as_req(kcontext, request, from, client, server, authtime,
+    v->audit_as_req(kcontext, request, remote_addr, client, server, authtime,
                     error_code);
 }
 

src/plugins/kdb/db2/db2_exp.c

@@ -166,10 +166,12 @@ WRAP_K (krb5_db2_check_policy_as,
         (kcontext, request, client, server, kdc_time, status, e_data));
 
 WRAP_VOID (krb5_db2_audit_as_req,
-           (krb5_context kcontext, krb5_kdc_req *request, krb5_address *from,
+           (krb5_context kcontext, krb5_kdc_req *request,
+            const krb5_address *remote_addr,
             krb5_db_entry *client, krb5_db_entry *server,
             krb5_timestamp authtime, krb5_error_code error_code),
-           (kcontext, request, from, client, server, authtime, error_code));
+           (kcontext, request, remote_addr, client, server,
+            authtime, error_code));
 
 static krb5_error_code
 hack_init (void)

src/plugins/kdb/db2/kdb_db2.c

@@ -1551,7 +1551,7 @@ krb5_db2_check_policy_as(krb5_context kcontext, krb5_kdc_req *request,
 
 void
 krb5_db2_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
-                      krb5_address *from, krb5_db_entry *client,
+                      const krb5_address *remote_addr, krb5_db_entry *client,
                       krb5_db_entry *server, krb5_timestamp authtime,
                       krb5_error_code error_code)
 {

src/plugins/kdb/db2/kdb_db2.h

@@ -134,8 +134,9 @@ krb5_db2_check_policy_as(krb5_context kcontext, krb5_kdc_req *request,
 
 void
 krb5_db2_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
-                      krb5_address *from, krb5_db_entry *client,
-                      krb5_db_entry *server, krb5_timestamp authtime,
+                      const krb5_address *remote_addr,
+                      krb5_db_entry *client, krb5_db_entry *server,
+                      krb5_timestamp authtime,
                       krb5_error_code error_code);
 
 #endif /* KRB5_KDB_DB2_H */

src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c

@@ -277,7 +277,7 @@ krb5_ldap_check_policy_as(krb5_context kcontext, krb5_kdc_req *request,
 
 void
 krb5_ldap_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
-                       krb5_address *from, krb5_db_entry *client,
+                       const krb5_address *remote_addr, krb5_db_entry *client,
                        krb5_db_entry *server, krb5_timestamp authtime,
                        krb5_error_code error_code)
 {

src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h

@@ -282,7 +282,7 @@ krb5_ldap_check_policy_as(krb5_context kcontext, krb5_kdc_req *request,
 
 void
 krb5_ldap_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
-                       krb5_address *from, krb5_db_entry *client,
+                       const krb5_address *remote_addr, krb5_db_entry *client,
                        krb5_db_entry *server, krb5_timestamp authtime,
                        krb5_error_code error_code);