[krbdev.mit.edu #3140] kerberos client unable to parse ipv6 addresses from krb5.conf
Public Submitter via RT
rt-comment at krbdev.mit.edu
Mon Aug 8 06:40:11 EDT 2005
While testing the kerberos release with a ipv6 configuration, we found
that kerberos client is not able to parse v6 addresses from the krb5.conf
configuration file.
Proposed fix:
<krb path>/lib/krb5/os/locate_kdc.c has been modified and the fix was
tested to correctly parse the ipv6 addresses.
The unified diffs is enclosed below
**************************************************************************
***************
*** 382,393 ****
cp = strchr(host, '\t');
if (cp)
*cp = 0;
! cp = strchr(host, ':');
! if (cp)
! *cp = 0;
}
}
} else {
krb5_xfree(host);
}
--- 382,423 ----
cp = strchr(host, '\t');
if (cp)
*cp = 0;
! if ( host[0] == '[' ) {
! if (cp = strchr(host,']')) { /* [ipv6]:port */
! char * tmp_host ;
! int host_len ;
! struct in6_addr in6 ;
!
! host_len = cp - host - 1 ; /* here (cp > host) */
! tmp_host = (char*) malloc(host_len+1) ;
! if (tmp_host) {
! strncpy(tmp_host, host+1 , host_len );
! tmp_host[host_len] = '\0' ;
! } else {
! profile_free_list(hostlist);
! krb5_xfree(masterlist);
! return ENOMEM ;
}
+ /* Only if the addr b/w '[' and ']' is IPV6 addr */
+ if ( inet_pton(AF_INET6, tmp_host, &in6 ) > 0 )
+ {
+ host++;/* Move to v6 addr location from '['*/
+ port = strchr(cp, ':');
+ *cp = 0 ; /* The ipv6 address ends
before ']' */
}
+
+ krb5_xfree(tmp_host);
+ } /* hostname:port or only hostname */
} else {
+ struct in6_addr in6 ;
+ if ( inet_pton(AF_INET6, host, &in6) <= 0 ) {
+ /* Its not ipv6 address */
+ port = strchr(host, ':');
+ }
+ }
+ }
+ }
+ } else {
krb5_xfree(host);
}
***************
*** 416,422 ****
--- 446,484 ----
cp = strchr(host, '\t');
if (cp)
*cp = 0;
+ if ( host[0] == '[' ) {
+ if (cp = strchr(host,']')) { /* [ipv6]:port */
+ char * tmp_host ;
+ int host_len ;
+ struct in6_addr in6 ;
+
+ host_len = cp - host - 1 ; /* here (cp > host) */
+ tmp_host = (char*) malloc(host_len+1) ;
+ if (tmp_host) {
+ strncpy(tmp_host, host+1 , host_len );
+ tmp_host[host_len] = '\0' ;
+ } else {
+ profile_free_list(hostlist);
+ krb5_xfree(masterlist);
+ return ENOMEM ;
+ }
+ /* Only if the addr b/w '[' and ']' is IPV6 addr */
+ if ( inet_pton(AF_INET6, tmp_host, &in6 ) > 0 )
+ {
+ host++;/* Move to v6 addr location from '['*/
+ port = strchr(cp, ':');
+ *cp = 0 ; /* The ipv6 address ends
before ']' */
+ }
+
+ krb5_xfree(tmp_host);
+ } /* hostname:port or only hostname */
+ } else {
+ struct in6_addr in6 ;
+ if ( inet_pton(AF_INET6, host, &in6) <= 0 ) {
+ /* Its not ipv6 address */
port = strchr(host, ':');
+ }
+ }
if (port) {
*port = 0;
port++;
***************
*** 453,467 ****
p1 = udpport;
p2 = sec_udpport;
}
-
if (socktype != 0)
! code = add_host_to_list (addrlist, hostlist[i], p1, p2,
socktype, family);
else {
! code = add_host_to_list (addrlist, hostlist[i], p1, p2,
SOCK_DGRAM, family);
if (code == 0)
! code = add_host_to_list (addrlist, hostlist[i], p1, p2,
SOCK_STREAM, family);
}
if (code) {
--- 515,528 ----
p1 = udpport;
p2 = sec_udpport;
}
if (socktype != 0)
! code = add_host_to_list (addrlist, host, p1, p2,
socktype, family);
else {
! code = add_host_to_list (addrlist, host, p1, p2,
SOCK_DGRAM, family);
if (code == 0)
! code = add_host_to_list (addrlist, host, p1, p2,
SOCK_STREAM, family);
}
if (code) {
***************
*** 481,486 ****
--- 542,548 ----
if (masterlist)
profile_free_list(masterlist);
+
return 0;
}
***************
if (code) {
--- 515,528 ----
p1 = udpport;
p2 = sec_udpport;
}
if (socktype != 0)
! code = add_host_to_list (addrlist, host, p1, p2,
socktype, family);
else {
! code = add_host_to_list (addrlist, host, p1, p2,
SOCK_DGRAM, family);
if (code == 0)
! code = add_host_to_list (addrlist, host, p1, p2,
SOCK_STREAM, family);
}
if (code) {
***************
*** 481,486 ****
--- 542,548 ----
if (masterlist)
profile_free_list(masterlist);
+
return 0;
}
***************
*** 587,593 ****
code = krb5_locate_srv_conf_1(context, realm, profname, &al,
get_masters,
socktype, dflport1, dflport2, family);
-
#ifdef KRB5_DNS_LOOKUP
if (code && dnsname != 0) {
int use_dns = _krb5_use_dns_kdc(context);
--- 649,654 ----
More information about the krb5-bugs
mailing list