Remove {GETSOCKNAME,GETPEERNAME}_ARG2_TYPE

We have had code since at least 1.6 in changepw.c and sendto_kdc.c which assumes that we can pass a struct sockaddr * as the second argument to getsockname() and getpeername(), so we can safely get rid of that configure logic. Also fix potential alignment issues in krb5_sendauth() by using a struct sockaddr_storage instead of a 1024-byte character buffer to hold the local and peer addresses. [ghudson@mit.edu: adjusted style of new code slightly; rewrote commit message]
krb5 · Apr 14, 2017 · 1b907e0 · 1b907e0
1 parent 8815ad9
commit 1b907e0
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 20 deletions.
diff --git a/src/aclocal.m4 b/src/aclocal.m4
@@ -1367,7 +1367,6 @@ dnl =============================================================
 dnl Internal function for testing for getpeername prototype
 dnl
 AC_DEFUN([KRB5_GETPEERNAME_ARGS],[
-AC_DEFINE([GETPEERNAME_ARG2_TYPE],GETSOCKNAME_ARG2_TYPE,[Type of getpeername second argument.])
 AC_DEFINE([GETPEERNAME_ARG3_TYPE],GETSOCKNAME_ARG3_TYPE,[Type of getpeername second argument.])
 ])
 dnl
@@ -1412,7 +1411,6 @@ if test "$sock_set" = no; then
 fi
 res1=`echo "$res1" | tr -d '*' | sed -e 's/ *$//'`
 res2=`echo "$res2" | tr -d '*' | sed -e 's/ *$//'`
-AC_DEFINE_UNQUOTED([GETSOCKNAME_ARG2_TYPE],$res1,[Type of pointer target for argument 2 to getsockname])
 AC_DEFINE_UNQUOTED([GETSOCKNAME_ARG3_TYPE],$res2,[Type of pointer target for argument 3 to getsockname])
 ])
 dnl

diff --git a/src/include/win-mac.h b/src/include/win-mac.h
@@ -225,9 +225,7 @@ typedef _W64 int         ssize_t;
 
 HINSTANCE get_lib_instance(void);
 
-#define GETSOCKNAME_ARG2_TYPE   struct sockaddr
 #define GETSOCKNAME_ARG3_TYPE   size_t
-#define GETPEERNAME_ARG2_TYPE   GETSOCKNAME_ARG2_TYPE
 #define GETPEERNAME_ARG3_TYPE   GETSOCKNAME_ARG3_TYPE
 
 #endif /* !RES_ONLY */

diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c
@@ -131,22 +131,21 @@ krb5_sendauth(krb5_context context, krb5_auth_context *auth_context,
            This isn't strong cryptographically; the point here is
            not to guarantee randomness, but to make it less likely
            that multiple sessions could pick the same subkey.  */
-        char rnd_data[1024];
+        struct sockaddr_storage rnd_data;
         GETPEERNAME_ARG3_TYPE len2;
-        krb5_data d;
-        d.length = sizeof (rnd_data);
-        d.data = rnd_data;
-        len2 = sizeof (rnd_data);
-        if (getpeername (*(int*)fd, (GETPEERNAME_ARG2_TYPE *) rnd_data,
-                         &len2) == 0) {
+        krb5_data d = make_data(&rnd_data, sizeof(rnd_data));
+
+        len2 = sizeof(rnd_data);
+        if (getpeername(*(int *)fd, ss2sa(&rnd_data), &len2) == 0) {
             d.length = len2;
-            (void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
+            (void)krb5_c_random_add_entropy(
+                context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
         }
-        len2 = sizeof (rnd_data);
-        if (getsockname (*(int*)fd, (GETSOCKNAME_ARG2_TYPE *) rnd_data,
-                         &len2) == 0) {
+        len2 = sizeof(rnd_data);
+        if (getsockname(*(int *)fd, ss2sa(&rnd_data), &len2) == 0) {
             d.length = len2;
-            (void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
+            (void)krb5_c_random_add_entropy(
+                context, KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL, &d);
         }
     }
 

diff --git a/src/lib/krb5/os/genaddrs.c b/src/lib/krb5/os/genaddrs.c
@@ -79,8 +79,8 @@ krb5_auth_con_genaddrs(krb5_context context, krb5_auth_context auth_context, int
     ssize = sizeof(struct sockaddr_storage);
     if ((flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) ||
         (flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR)) {
-        if ((retval = getsockname(fd, (GETSOCKNAME_ARG2_TYPE *) &lsaddr,
-                                  &ssize)))
+        retval = getsockname(fd, ss2sa(&lsaddr), &ssize);
+        if (retval)
             return retval;
 
         if (cvtaddr (&lsaddr, &laddrs)) {
@@ -99,8 +99,8 @@ krb5_auth_con_genaddrs(krb5_context context, krb5_auth_context auth_context, int
     ssize = sizeof(struct sockaddr_storage);
     if ((flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) ||
         (flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR)) {
-        if ((retval = getpeername(fd, (GETPEERNAME_ARG2_TYPE *) &rsaddr,
-                                  &ssize)))
+        retval = getpeername(fd, ss2sa(&rsaddr), &ssize);
+        if (retval)
             return errno;
 
         if (cvtaddr (&rsaddr, &raddrs)) {