Have the ipropd-master listen on an IPv6 socket in addition to an IPv4

socket to allow propagation of changes to a Heimdal Kerberos database
from the KDC master to the slave(s) work on IPv6 as well.

Update the stats logging to also handle IPv6 addresses.

Reported by:		peter (found on FreeBSD cluster)
X-to-be-tested-by:	peter
MFC after:		3 weeks
This commit is contained in:
Bjoern A. Zeeb 2013-05-18 18:01:21 +00:00
parent 5d2063044a
commit 9c91c227c7

View File

@ -119,9 +119,56 @@ make_listen_socket (krb5_context context, const char *port_str)
return fd;
}
static krb5_socket_t
make_listen6_socket (krb5_context context, const char *port_str)
{
krb5_socket_t fd;
int one = 1;
struct sockaddr_in6 addr;
fd = socket (AF_INET6, SOCK_STREAM, 0);
if (rk_IS_BAD_SOCKET(fd))
krb5_err (context, 1, rk_SOCK_ERRNO, "socket AF_INET6");
setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one));
memset (&addr, 0, sizeof(addr));
addr.sin6_family = AF_INET6;
if (port_str) {
addr.sin6_port = krb5_getportbyname (context,
port_str, "tcp",
0);
if (addr.sin6_port == 0) {
char *ptr;
long port;
port = strtol (port_str, &ptr, 10);
if (port == 0 && ptr == port_str)
krb5_errx (context, 1, "bad port `%s'", port_str);
addr.sin6_port = htons(port);
}
} else {
addr.sin6_port = krb5_getportbyname (context, IPROP_SERVICE,
"tcp", IPROP_PORT);
}
if(bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
krb5_err (context, 1, errno, "bind6");
if (listen(fd, SOMAXCONN) < 0)
krb5_err (context, 1, errno, "listen6");
return fd;
}
#ifndef _SOCKADDR_UNION
#define _SOCKADDR_UNION
union sockaddr_union {
struct sockaddr sa;
struct sockaddr_in sin;
struct sockaddr_in6 sin6;
};
#endif /* _SOCKADDR_UNION */
struct slave {
krb5_socket_t fd;
struct sockaddr_in addr;
union sockaddr_union addr;
char *name;
krb5_auth_context ac;
uint32_t version;
@ -244,8 +291,8 @@ add_slave (krb5_context context, krb5_keytab keytab, slave **root,
s->name = NULL;
s->ac = NULL;
addr_len = sizeof(s->addr);
s->fd = accept (fd, (struct sockaddr *)&s->addr, &addr_len);
addr_len = sizeof(s->addr.sin6);
s->fd = accept (fd, (struct sockaddr *)&s->addr.sa, &addr_len);
if (rk_IS_BAD_SOCKET(s->fd)) {
krb5_warn (context, rk_SOCK_ERRNO, "accept");
goto error;
@ -691,7 +738,7 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version)
krb5_error_code ret;
rtbl_add_column_entry(tbl, SLAVE_NAME, slaves->name);
ret = krb5_sockaddr2address (context,
(struct sockaddr*)&slaves->addr, &addr);
(struct sockaddr*)&slaves->addr.sa, &addr);
if(ret == 0) {
krb5_print_address(&addr, str, sizeof(str), NULL);
krb5_free_address(context, &addr);
@ -765,7 +812,7 @@ main(int argc, char **argv)
void *kadm_handle;
kadm5_server_context *server_context;
kadm5_config_params conf;
krb5_socket_t signal_fd, listen_fd;
krb5_socket_t signal_fd, listen_fd, listen6_fd;
int log_fd;
slave *slaves = NULL;
uint32_t current_version = 0, old_version = 0;
@ -845,6 +892,7 @@ main(int argc, char **argv)
signal_fd = make_signal_socket (context);
listen_fd = make_listen_socket (context, port_str);
listen6_fd = make_listen6_socket (context, port_str);
kadm5_log_get_version_fd (log_fd, &current_version);
@ -859,7 +907,8 @@ main(int argc, char **argv)
uint32_t vers;
#ifndef NO_LIMIT_FD_SETSIZE
if (signal_fd >= FD_SETSIZE || listen_fd >= FD_SETSIZE)
if (signal_fd >= FD_SETSIZE || listen_fd >= FD_SETSIZE ||
listen6_fd >= FD_SETSIZE)
krb5_errx (context, 1, "fd too large");
#endif
@ -868,6 +917,8 @@ main(int argc, char **argv)
max_fd = max(max_fd, signal_fd);
FD_SET(listen_fd, &readset);
max_fd = max(max_fd, listen_fd);
FD_SET(listen6_fd, &readset);
max_fd = max(max_fd, listen6_fd);
for (p = slaves; p != NULL; p = p->next) {
if (p->flags & SLAVE_F_DEAD)
@ -950,6 +1001,11 @@ main(int argc, char **argv)
send_are_you_there (context, p);
}
if (ret && FD_ISSET(listen6_fd, &readset)) {
add_slave (context, keytab, &slaves, listen6_fd);
--ret;
assert(ret >= 0);
}
if (ret && FD_ISSET(listen_fd, &readset)) {
add_slave (context, keytab, &slaves, listen_fd);
--ret;