git: 82ea0132c8b1 - main - gssd: Add support for the new upcall required by commit 428879dc9110
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 23 Oct 2023 21:42:24 UTC
The branch main has been updated by rmacklem:
URL: https://cgit.FreeBSD.org/src/commit/?id=82ea0132c8b17a7a6067c8a36c6434e587ede6de
commit 82ea0132c8b17a7a6067c8a36c6434e587ede6de
Author: Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-10-23 21:41:26 +0000
Commit: Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-10-23 21:41:26 +0000
gssd: Add support for the new upcall required by commit 428879dc9110
Commit 428879dc9110 adds a requirement for a new upcall for the
gssd(8). This patch adds that upcall.
Unfortunately, the old gssd.c would not build against the new
patched gssd.x.
This patch will fix the build.
MFC after: 1 month
---
usr.sbin/gssd/gssd.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 68 insertions(+)
diff --git a/usr.sbin/gssd/gssd.c b/usr.sbin/gssd/gssd.c
index 59e0fc057f84..a22891f3bebf 100644
--- a/usr.sbin/gssd/gssd.c
+++ b/usr.sbin/gssd/gssd.c
@@ -33,6 +33,7 @@
#include <sys/linker.h>
#include <sys/module.h>
#include <sys/queue.h>
+#include <sys/socket.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <ctype.h>
@@ -42,6 +43,7 @@
#ifndef WITHOUT_KERBEROS
#include <krb5.h>
#endif
+#include <netdb.h>
#include <pwd.h>
#include <signal.h>
#include <stdarg.h>
@@ -49,6 +51,8 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
#include <gssapi/gssapi.h>
#include <rpc/rpc.h>
#include <rpc/rpc_com.h>
@@ -624,6 +628,51 @@ gssd_import_name_1_svc(import_name_args *argp, import_name_res *result, struct s
return (TRUE);
}
+/*
+ * If the name is a numeric IP host address, do a DNS lookup on it and
+ * return the DNS name in a malloc'd string.
+ */
+static char *
+gssd_conv_ip_to_dns(int len, char *name)
+{
+ struct sockaddr_in sin;
+ struct sockaddr_in6 sin6;
+ char *retcp;
+
+ retcp = NULL;
+ if (len > 0) {
+ retcp = mem_alloc(NI_MAXHOST);
+ memcpy(retcp, name, len);
+ retcp[len] = '\0';
+ if (inet_pton(AF_INET, retcp, &sin.sin_addr) != 0) {
+ sin.sin_family = AF_INET;
+ sin.sin_len = sizeof(sin);
+ sin.sin_port = 0;
+ if (getnameinfo((struct sockaddr *)&sin,
+ sizeof(sin), retcp, NI_MAXHOST,
+ NULL, 0, NI_NAMEREQD) != 0) {
+ mem_free(retcp, NI_MAXHOST);
+ return (NULL);
+ }
+ } else if (inet_pton(AF_INET6, retcp, &sin6.sin6_addr) != 0) {
+ sin6.sin6_family = AF_INET6;
+ sin6.sin6_len = sizeof(sin6);
+ sin6.sin6_port = 0;
+ if (getnameinfo((struct sockaddr *)&sin6,
+ sizeof(sin6), retcp, NI_MAXHOST,
+ NULL, 0, NI_NAMEREQD) != 0) {
+ mem_free(retcp, NI_MAXHOST);
+ return (NULL);
+ }
+ } else {
+ mem_free(retcp, NI_MAXHOST);
+ return (NULL);
+ }
+ gssd_verbose_out("gssd_conv_ip_to_dns: %s\n", retcp);
+ }
+ return (retcp);
+}
+
bool_t
gssd_canonicalize_name_1_svc(canonicalize_name_args *argp, canonicalize_name_res *result, struct svc_req *rqstp)
{
@@ -933,6 +982,25 @@ gssd_display_status_1_svc(display_status_args *argp, display_status_res *result,
return (TRUE);
}
+bool_t
+gssd_ip_to_dns_1_svc(ip_to_dns_args *argp, ip_to_dns_res *result, struct svc_req *rqstp)
+{
+ char *host;
+
+ memset(result, 0, sizeof(*result));
+ /* Check to see if the name is actually an IP address. */
+ host = gssd_conv_ip_to_dns(argp->ip_addr.ip_addr_len,
+ argp->ip_addr.ip_addr_val);
+ if (host != NULL) {
+ result->major_status = GSS_S_COMPLETE;
+ result->dns_name.dns_name_len = strlen(host);
+ result->dns_name.dns_name_val = host;
+ return (TRUE);
+ }
+ result->major_status = GSS_S_FAILURE;
+ return (TRUE);
+}
+
int
gssd_1_freeresult(SVCXPRT *transp, xdrproc_t xdr_result, caddr_t result)
{