xref: /freebsd/crypto/heimdal/lib/krb5/addr_families.c (revision 71fe318b852b8dfb3e799cb12ef184750f7f8eac)
1 /*
2  * Copyright (c) 1997-2002 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "krb5_locl.h"
35 
36 RCSID("$Id: addr_families.c,v 1.37 2002/08/19 13:51:37 joda Exp $");
37 
38 struct addr_operations {
39     int af;
40     krb5_address_type atype;
41     size_t max_sockaddr_size;
42     krb5_error_code (*sockaddr2addr)(const struct sockaddr *, krb5_address *);
43     krb5_error_code (*sockaddr2port)(const struct sockaddr *, int16_t *);
44     void (*addr2sockaddr)(const krb5_address *, struct sockaddr *,
45 			  krb5_socklen_t *sa_size, int port);
46     void (*h_addr2sockaddr)(const char *, struct sockaddr *, krb5_socklen_t *, int);
47     krb5_error_code (*h_addr2addr)(const char *, krb5_address *);
48     krb5_boolean (*uninteresting)(const struct sockaddr *);
49     void (*anyaddr)(struct sockaddr *, krb5_socklen_t *, int);
50     int (*print_addr)(const krb5_address *, char *, size_t);
51     int (*parse_addr)(krb5_context, const char*, krb5_address *);
52     int (*order_addr)(krb5_context, const krb5_address*, const krb5_address*);
53     int (*free_addr)(krb5_context, krb5_address*);
54     int (*copy_addr)(krb5_context, const krb5_address*, krb5_address*);
55 };
56 
57 /*
58  * AF_INET - aka IPv4 implementation
59  */
60 
61 static krb5_error_code
62 ipv4_sockaddr2addr (const struct sockaddr *sa, krb5_address *a)
63 {
64     const struct sockaddr_in *sin = (const struct sockaddr_in *)sa;
65     unsigned char buf[4];
66 
67     a->addr_type = KRB5_ADDRESS_INET;
68     memcpy (buf, &sin->sin_addr, 4);
69     return krb5_data_copy(&a->address, buf, 4);
70 }
71 
72 static krb5_error_code
73 ipv4_sockaddr2port (const struct sockaddr *sa, int16_t *port)
74 {
75     const struct sockaddr_in *sin = (const struct sockaddr_in *)sa;
76 
77     *port = sin->sin_port;
78     return 0;
79 }
80 
81 static void
82 ipv4_addr2sockaddr (const krb5_address *a,
83 		    struct sockaddr *sa,
84 		    krb5_socklen_t *sa_size,
85 		    int port)
86 {
87     struct sockaddr_in tmp;
88 
89     memset (&tmp, 0, sizeof(tmp));
90     tmp.sin_family = AF_INET;
91     memcpy (&tmp.sin_addr, a->address.data, 4);
92     tmp.sin_port = port;
93     memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));
94     *sa_size = sizeof(tmp);
95 }
96 
97 static void
98 ipv4_h_addr2sockaddr(const char *addr,
99 		     struct sockaddr *sa,
100 		     krb5_socklen_t *sa_size,
101 		     int port)
102 {
103     struct sockaddr_in tmp;
104 
105     memset (&tmp, 0, sizeof(tmp));
106     tmp.sin_family = AF_INET;
107     tmp.sin_port   = port;
108     tmp.sin_addr   = *((const struct in_addr *)addr);
109     memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));
110     *sa_size = sizeof(tmp);
111 }
112 
113 static krb5_error_code
114 ipv4_h_addr2addr (const char *addr,
115 		  krb5_address *a)
116 {
117     unsigned char buf[4];
118 
119     a->addr_type = KRB5_ADDRESS_INET;
120     memcpy(buf, addr, 4);
121     return krb5_data_copy(&a->address, buf, 4);
122 }
123 
124 /*
125  * Are there any addresses that should be considered `uninteresting'?
126  */
127 
128 static krb5_boolean
129 ipv4_uninteresting (const struct sockaddr *sa)
130 {
131     const struct sockaddr_in *sin = (const struct sockaddr_in *)sa;
132 
133     if (sin->sin_addr.s_addr == INADDR_ANY)
134 	return TRUE;
135 
136     return FALSE;
137 }
138 
139 static void
140 ipv4_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port)
141 {
142     struct sockaddr_in tmp;
143 
144     memset (&tmp, 0, sizeof(tmp));
145     tmp.sin_family = AF_INET;
146     tmp.sin_port   = port;
147     tmp.sin_addr.s_addr = INADDR_ANY;
148     memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));
149     *sa_size = sizeof(tmp);
150 }
151 
152 static int
153 ipv4_print_addr (const krb5_address *addr, char *str, size_t len)
154 {
155     struct in_addr ia;
156 
157     memcpy (&ia, addr->address.data, 4);
158 
159     return snprintf (str, len, "IPv4:%s", inet_ntoa(ia));
160 }
161 
162 static int
163 ipv4_parse_addr (krb5_context context, const char *address, krb5_address *addr)
164 {
165     const char *p;
166     struct in_addr a;
167 
168     p = strchr(address, ':');
169     if(p) {
170 	p++;
171 	if(strncasecmp(address, "ip:", p - address) != 0 &&
172 	   strncasecmp(address, "ip4:", p - address) != 0 &&
173 	   strncasecmp(address, "ipv4:", p - address) != 0 &&
174 	   strncasecmp(address, "inet:", p - address) != 0)
175 	    return -1;
176     } else
177 	p = address;
178 #ifdef HAVE_INET_ATON
179     if(inet_aton(p, &a) == 0)
180 	return -1;
181 #elif defined(HAVE_INET_ADDR)
182     a.s_addr = inet_addr(p);
183     if(a.s_addr == INADDR_NONE)
184 	return -1;
185 #else
186     return -1;
187 #endif
188     addr->addr_type = KRB5_ADDRESS_INET;
189     if(krb5_data_alloc(&addr->address, 4) != 0)
190 	return -1;
191     _krb5_put_int(addr->address.data, ntohl(a.s_addr), addr->address.length);
192     return 0;
193 }
194 
195 /*
196  * AF_INET6 - aka IPv6 implementation
197  */
198 
199 #ifdef HAVE_IPV6
200 
201 static krb5_error_code
202 ipv6_sockaddr2addr (const struct sockaddr *sa, krb5_address *a)
203 {
204     const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;
205 
206     if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
207 	unsigned char buf[4];
208 
209 	a->addr_type      = KRB5_ADDRESS_INET;
210 #ifndef IN6_ADDR_V6_TO_V4
211 #ifdef IN6_EXTRACT_V4ADDR
212 #define IN6_ADDR_V6_TO_V4(x) (&IN6_EXTRACT_V4ADDR(x))
213 #else
214 #define IN6_ADDR_V6_TO_V4(x) ((const struct in_addr *)&(x)->s6_addr[12])
215 #endif
216 #endif
217 	memcpy (buf, IN6_ADDR_V6_TO_V4(&sin6->sin6_addr), 4);
218 	return krb5_data_copy(&a->address, buf, 4);
219     } else {
220 	a->addr_type = KRB5_ADDRESS_INET6;
221 	return krb5_data_copy(&a->address,
222 			      &sin6->sin6_addr,
223 			      sizeof(sin6->sin6_addr));
224     }
225 }
226 
227 static krb5_error_code
228 ipv6_sockaddr2port (const struct sockaddr *sa, int16_t *port)
229 {
230     const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;
231 
232     *port = sin6->sin6_port;
233     return 0;
234 }
235 
236 static void
237 ipv6_addr2sockaddr (const krb5_address *a,
238 		    struct sockaddr *sa,
239 		    krb5_socklen_t *sa_size,
240 		    int port)
241 {
242     struct sockaddr_in6 tmp;
243 
244     memset (&tmp, 0, sizeof(tmp));
245     tmp.sin6_family = AF_INET6;
246     memcpy (&tmp.sin6_addr, a->address.data, sizeof(tmp.sin6_addr));
247     tmp.sin6_port = port;
248     memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));
249     *sa_size = sizeof(tmp);
250 }
251 
252 static void
253 ipv6_h_addr2sockaddr(const char *addr,
254 		     struct sockaddr *sa,
255 		     krb5_socklen_t *sa_size,
256 		     int port)
257 {
258     struct sockaddr_in6 tmp;
259 
260     memset (&tmp, 0, sizeof(tmp));
261     tmp.sin6_family = AF_INET6;
262     tmp.sin6_port   = port;
263     tmp.sin6_addr   = *((const struct in6_addr *)addr);
264     memcpy(sa, &tmp, min(sizeof(tmp), *sa_size));
265     *sa_size = sizeof(tmp);
266 }
267 
268 static krb5_error_code
269 ipv6_h_addr2addr (const char *addr,
270 		  krb5_address *a)
271 {
272     a->addr_type = KRB5_ADDRESS_INET6;
273     return krb5_data_copy(&a->address, addr, sizeof(struct in6_addr));
274 }
275 
276 /*
277  *
278  */
279 
280 static krb5_boolean
281 ipv6_uninteresting (const struct sockaddr *sa)
282 {
283     const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;
284     const struct in6_addr *in6 = (const struct in6_addr *)&sin6->sin6_addr;
285 
286     return
287 	IN6_IS_ADDR_LINKLOCAL(in6)
288 	|| IN6_IS_ADDR_V4COMPAT(in6);
289 }
290 
291 static void
292 ipv6_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port)
293 {
294     struct sockaddr_in6 tmp;
295 
296     memset (&tmp, 0, sizeof(tmp));
297     tmp.sin6_family = AF_INET6;
298     tmp.sin6_port   = port;
299     tmp.sin6_addr   = in6addr_any;
300     *sa_size = sizeof(tmp);
301 }
302 
303 static int
304 ipv6_print_addr (const krb5_address *addr, char *str, size_t len)
305 {
306     char buf[128], buf2[3];
307 #ifdef HAVE_INET_NTOP
308     if(inet_ntop(AF_INET6, addr->address.data, buf, sizeof(buf)) == NULL)
309 #endif
310 	{
311 	    /* XXX this is pretty ugly, but better than abort() */
312 	    int i;
313 	    unsigned char *p = addr->address.data;
314 	    buf[0] = '\0';
315 	    for(i = 0; i < addr->address.length; i++) {
316 		snprintf(buf2, sizeof(buf2), "%02x", p[i]);
317 		if(i > 0 && (i & 1) == 0)
318 		    strlcat(buf, ":", sizeof(buf));
319 		strlcat(buf, buf2, sizeof(buf));
320 	    }
321 	}
322     return snprintf(str, len, "IPv6:%s", buf);
323 }
324 
325 static int
326 ipv6_parse_addr (krb5_context context, const char *address, krb5_address *addr)
327 {
328     int ret;
329     struct in6_addr in6;
330     const char *p;
331 
332     p = strchr(address, ':');
333     if(p) {
334 	p++;
335 	if(strncasecmp(address, "ip6:", p - address) == 0 ||
336 	   strncasecmp(address, "ipv6:", p - address) == 0 ||
337 	   strncasecmp(address, "inet6:", p - address) == 0)
338 	    address = p;
339     }
340 
341     ret = inet_pton(AF_INET6, address, &in6.s6_addr);
342     if(ret == 1) {
343 	addr->addr_type = KRB5_ADDRESS_INET6;
344 	ret = krb5_data_alloc(&addr->address, sizeof(in6.s6_addr));
345 	if (ret)
346 	    return -1;
347 	memcpy(addr->address.data, in6.s6_addr, sizeof(in6.s6_addr));
348 	return 0;
349     }
350     return -1;
351 }
352 
353 #endif /* IPv6 */
354 
355 /*
356  * table
357  */
358 
359 #define KRB5_ADDRESS_ARANGE	(-100)
360 
361 struct arange {
362     krb5_address low;
363     krb5_address high;
364 };
365 
366 static int
367 arange_parse_addr (krb5_context context,
368 		   const char *address, krb5_address *addr)
369 {
370     char buf[1024];
371     krb5_addresses low, high;
372     struct arange *a;
373     krb5_error_code ret;
374 
375     if(strncasecmp(address, "RANGE:", 6) != 0)
376 	return -1;
377 
378     address += 6;
379 
380     /* should handle netmasks */
381     strsep_copy(&address, "-", buf, sizeof(buf));
382     ret = krb5_parse_address(context, buf, &low);
383     if(ret)
384 	return ret;
385     if(low.len != 1) {
386 	krb5_free_addresses(context, &low);
387 	return -1;
388     }
389 
390     strsep_copy(&address, "-", buf, sizeof(buf));
391     ret = krb5_parse_address(context, buf, &high);
392     if(ret) {
393 	krb5_free_addresses(context, &low);
394 	return ret;
395     }
396 
397     if(high.len != 1 || high.val[0].addr_type != low.val[0].addr_type) {
398 	krb5_free_addresses(context, &low);
399 	krb5_free_addresses(context, &high);
400 	return -1;
401     }
402 
403     krb5_data_alloc(&addr->address, sizeof(*a));
404     addr->addr_type = KRB5_ADDRESS_ARANGE;
405     a = addr->address.data;
406 
407     if(krb5_address_order(context, &low.val[0], &high.val[0]) < 0) {
408 	a->low = low.val[0];
409 	a->high = high.val[0];
410     } else {
411 	a->low = high.val[0];
412 	a->high = low.val[0];
413     }
414     return 0;
415 }
416 
417 static int
418 arange_free (krb5_context context, krb5_address *addr)
419 {
420     struct arange *a;
421     a = addr->address.data;
422     krb5_free_address(context, &a->low);
423     krb5_free_address(context, &a->high);
424     return 0;
425 }
426 
427 
428 static int
429 arange_copy (krb5_context context, const krb5_address *inaddr,
430 	     krb5_address *outaddr)
431 {
432     krb5_error_code ret;
433     struct arange *i, *o;
434 
435     outaddr->addr_type = KRB5_ADDRESS_ARANGE;
436     ret = krb5_data_alloc(&outaddr->address, sizeof(*o));
437     if(ret)
438 	return ret;
439     i = inaddr->address.data;
440     o = outaddr->address.data;
441     ret = krb5_copy_address(context, &i->low, &o->low);
442     if(ret) {
443 	krb5_data_free(&outaddr->address);
444 	return ret;
445     }
446     ret = krb5_copy_address(context, &i->high, &o->high);
447     if(ret) {
448 	krb5_free_address(context, &o->low);
449 	krb5_data_free(&outaddr->address);
450 	return ret;
451     }
452     return 0;
453 }
454 
455 static int
456 arange_print_addr (const krb5_address *addr, char *str, size_t len)
457 {
458     struct arange *a;
459     krb5_error_code ret;
460     size_t l, ret_len = 0;
461 
462     a = addr->address.data;
463 
464     l = strlcpy(str, "RANGE:", len);
465     ret_len += l;
466 
467     ret = krb5_print_address (&a->low, str + ret_len, len - ret_len, &l);
468     ret_len += l;
469 
470     l = strlcat(str, "-", len);
471     ret_len += l;
472 
473     ret = krb5_print_address (&a->high, str + ret_len, len - ret_len, &l);
474     ret_len += l;
475 
476     return ret_len;
477 }
478 
479 static int
480 arange_order_addr(krb5_context context,
481 		  const krb5_address *addr1,
482 		  const krb5_address *addr2)
483 {
484     int tmp1, tmp2, sign;
485     struct arange *a;
486     const krb5_address *a2;
487 
488     if(addr1->addr_type == KRB5_ADDRESS_ARANGE) {
489 	a = addr1->address.data;
490 	a2 = addr2;
491 	sign = 1;
492     } else if(addr2->addr_type == KRB5_ADDRESS_ARANGE) {
493 	a = addr2->address.data;
494 	a2 = addr1;
495 	sign = -1;
496     } else
497 	abort();
498 
499     if(a2->addr_type == KRB5_ADDRESS_ARANGE) {
500 	struct arange *b = a2->address.data;
501 	tmp1 = krb5_address_order(context, &a->low, &b->low);
502 	if(tmp1 != 0)
503 	    return sign * tmp1;
504 	return sign * krb5_address_order(context, &a->high, &b->high);
505     } else if(a2->addr_type == a->low.addr_type) {
506 	tmp1 = krb5_address_order(context, &a->low, a2);
507 	if(tmp1 > 0)
508 	    return sign;
509 	tmp2 = krb5_address_order(context, &a->high, a2);
510 	if(tmp2 < 0)
511 	    return -sign;
512 	return 0;
513     } else {
514 	return sign * (addr1->addr_type - addr2->addr_type);
515     }
516 }
517 
518 static struct addr_operations at[] = {
519     {AF_INET,	KRB5_ADDRESS_INET, sizeof(struct sockaddr_in),
520      ipv4_sockaddr2addr,
521      ipv4_sockaddr2port,
522      ipv4_addr2sockaddr,
523      ipv4_h_addr2sockaddr,
524      ipv4_h_addr2addr,
525      ipv4_uninteresting, ipv4_anyaddr, ipv4_print_addr, ipv4_parse_addr},
526 #ifdef HAVE_IPV6
527     {AF_INET6,	KRB5_ADDRESS_INET6, sizeof(struct sockaddr_in6),
528      ipv6_sockaddr2addr,
529      ipv6_sockaddr2port,
530      ipv6_addr2sockaddr,
531      ipv6_h_addr2sockaddr,
532      ipv6_h_addr2addr,
533      ipv6_uninteresting, ipv6_anyaddr, ipv6_print_addr, ipv6_parse_addr} ,
534 #endif
535     {KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_ADDRPORT, 0,
536      NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL },
537     /* fake address type */
538     {KRB5_ADDRESS_ARANGE, KRB5_ADDRESS_ARANGE, sizeof(struct arange),
539      NULL, NULL, NULL, NULL, NULL, NULL, NULL,
540      arange_print_addr, arange_parse_addr,
541      arange_order_addr, arange_free, arange_copy }
542 };
543 
544 static int num_addrs = sizeof(at) / sizeof(at[0]);
545 
546 static size_t max_sockaddr_size = 0;
547 
548 /*
549  * generic functions
550  */
551 
552 static struct addr_operations *
553 find_af(int af)
554 {
555     struct addr_operations *a;
556 
557     for (a = at; a < at + num_addrs; ++a)
558 	if (af == a->af)
559 	    return a;
560     return NULL;
561 }
562 
563 static struct addr_operations *
564 find_atype(int atype)
565 {
566     struct addr_operations *a;
567 
568     for (a = at; a < at + num_addrs; ++a)
569 	if (atype == a->atype)
570 	    return a;
571     return NULL;
572 }
573 
574 krb5_error_code
575 krb5_sockaddr2address (krb5_context context,
576 		       const struct sockaddr *sa, krb5_address *addr)
577 {
578     struct addr_operations *a = find_af(sa->sa_family);
579     if (a == NULL) {
580 	krb5_set_error_string (context, "Address family %d not supported",
581 			       sa->sa_family);
582 	return KRB5_PROG_ATYPE_NOSUPP;
583     }
584     return (*a->sockaddr2addr)(sa, addr);
585 }
586 
587 krb5_error_code
588 krb5_sockaddr2port (krb5_context context,
589 		    const struct sockaddr *sa, int16_t *port)
590 {
591     struct addr_operations *a = find_af(sa->sa_family);
592     if (a == NULL) {
593 	krb5_set_error_string (context, "Address family %d not supported",
594 			       sa->sa_family);
595 	return KRB5_PROG_ATYPE_NOSUPP;
596     }
597     return (*a->sockaddr2port)(sa, port);
598 }
599 
600 krb5_error_code
601 krb5_addr2sockaddr (krb5_context context,
602 		    const krb5_address *addr,
603 		    struct sockaddr *sa,
604 		    krb5_socklen_t *sa_size,
605 		    int port)
606 {
607     struct addr_operations *a = find_atype(addr->addr_type);
608 
609     if (a == NULL) {
610 	krb5_set_error_string (context, "Address type %d not supported",
611 			       addr->addr_type);
612 	return KRB5_PROG_ATYPE_NOSUPP;
613     }
614     if (a->addr2sockaddr == NULL) {
615 	krb5_set_error_string (context, "Can't convert address type %d to sockaddr",
616 			       addr->addr_type);
617 	return KRB5_PROG_ATYPE_NOSUPP;
618     }
619     (*a->addr2sockaddr)(addr, sa, sa_size, port);
620     return 0;
621 }
622 
623 size_t
624 krb5_max_sockaddr_size (void)
625 {
626     if (max_sockaddr_size == 0) {
627 	struct addr_operations *a;
628 
629 	for(a = at; a < at + num_addrs; ++a)
630 	    max_sockaddr_size = max(max_sockaddr_size, a->max_sockaddr_size);
631     }
632     return max_sockaddr_size;
633 }
634 
635 krb5_boolean
636 krb5_sockaddr_uninteresting(const struct sockaddr *sa)
637 {
638     struct addr_operations *a = find_af(sa->sa_family);
639     if (a == NULL || a->uninteresting == NULL)
640 	return TRUE;
641     return (*a->uninteresting)(sa);
642 }
643 
644 krb5_error_code
645 krb5_h_addr2sockaddr (krb5_context context,
646 		      int af,
647 		      const char *addr, struct sockaddr *sa,
648 		      krb5_socklen_t *sa_size,
649 		      int port)
650 {
651     struct addr_operations *a = find_af(af);
652     if (a == NULL) {
653 	krb5_set_error_string (context, "Address family %d not supported", af);
654 	return KRB5_PROG_ATYPE_NOSUPP;
655     }
656     (*a->h_addr2sockaddr)(addr, sa, sa_size, port);
657     return 0;
658 }
659 
660 krb5_error_code
661 krb5_h_addr2addr (krb5_context context,
662 		  int af,
663 		  const char *haddr, krb5_address *addr)
664 {
665     struct addr_operations *a = find_af(af);
666     if (a == NULL) {
667 	krb5_set_error_string (context, "Address family %d not supported", af);
668 	return KRB5_PROG_ATYPE_NOSUPP;
669     }
670     return (*a->h_addr2addr)(haddr, addr);
671 }
672 
673 krb5_error_code
674 krb5_anyaddr (krb5_context context,
675 	      int af,
676 	      struct sockaddr *sa,
677 	      krb5_socklen_t *sa_size,
678 	      int port)
679 {
680     struct addr_operations *a = find_af (af);
681 
682     if (a == NULL) {
683 	krb5_set_error_string (context, "Address family %d not supported", af);
684 	return KRB5_PROG_ATYPE_NOSUPP;
685     }
686 
687     (*a->anyaddr)(sa, sa_size, port);
688     return 0;
689 }
690 
691 krb5_error_code
692 krb5_print_address (const krb5_address *addr,
693 		    char *str, size_t len, size_t *ret_len)
694 {
695     size_t ret;
696     struct addr_operations *a = find_atype(addr->addr_type);
697 
698     if (a == NULL) {
699 	char *s;
700 	int l;
701 	int i;
702 
703 	s = str;
704 	l = snprintf(s, len, "TYPE_%d:", addr->addr_type);
705 	if (l < 0)
706 	    return EINVAL;
707 	s += l;
708 	len -= l;
709 	for(i = 0; i < addr->address.length; i++) {
710 	    l = snprintf(s, len, "%02x", ((char*)addr->address.data)[i]);
711 	    if (l < 0)
712 		return EINVAL;
713 	    len -= l;
714 	    s += l;
715 	}
716 	if(ret_len != NULL)
717 	    *ret_len = s - str;
718 	return 0;
719     }
720     ret = (*a->print_addr)(addr, str, len);
721     if(ret_len != NULL)
722 	*ret_len = ret;
723     return 0;
724 }
725 
726 krb5_error_code
727 krb5_parse_address(krb5_context context,
728 		   const char *string,
729 		   krb5_addresses *addresses)
730 {
731     int i, n;
732     struct addrinfo *ai, *a;
733     int error;
734     int save_errno;
735 
736     for(i = 0; i < num_addrs; i++) {
737 	if(at[i].parse_addr) {
738 	    krb5_address addr;
739 	    if((*at[i].parse_addr)(context, string, &addr) == 0) {
740 		ALLOC_SEQ(addresses, 1);
741 		addresses->val[0] = addr;
742 		return 0;
743 	    }
744 	}
745     }
746 
747     error = getaddrinfo (string, NULL, NULL, &ai);
748     if (error) {
749 	save_errno = errno;
750 	krb5_set_error_string (context, "%s: %s", string, gai_strerror(error));
751 	return krb5_eai_to_heim_errno(error, save_errno);
752     }
753 
754     n = 0;
755     for (a = ai; a != NULL; a = a->ai_next)
756 	++n;
757 
758     ALLOC_SEQ(addresses, n);
759 
760     for (a = ai, i = 0; a != NULL; a = a->ai_next) {
761 	if(krb5_sockaddr2address (context, ai->ai_addr,
762 				  &addresses->val[i]) == 0)
763 	    i++;
764     }
765     freeaddrinfo (ai);
766     return 0;
767 }
768 
769 int
770 krb5_address_order(krb5_context context,
771 		   const krb5_address *addr1,
772 		   const krb5_address *addr2)
773 {
774     /* this sucks; what if both addresses have order functions, which
775        should we call? this works for now, though */
776     struct addr_operations *a;
777     a = find_atype(addr1->addr_type);
778     if(a == NULL) {
779 	krb5_set_error_string (context, "Address family %d not supported",
780 			       addr1->addr_type);
781 	return KRB5_PROG_ATYPE_NOSUPP;
782     }
783     if(a->order_addr != NULL)
784 	return (*a->order_addr)(context, addr1, addr2);
785     a = find_atype(addr2->addr_type);
786     if(a == NULL) {
787 	krb5_set_error_string (context, "Address family %d not supported",
788 			       addr2->addr_type);
789 	return KRB5_PROG_ATYPE_NOSUPP;
790     }
791     if(a->order_addr != NULL)
792 	return (*a->order_addr)(context, addr1, addr2);
793 
794     if(addr1->addr_type != addr2->addr_type)
795 	return addr1->addr_type - addr2->addr_type;
796     if(addr1->address.length != addr2->address.length)
797 	return addr1->address.length - addr2->address.length;
798     return memcmp (addr1->address.data,
799 		   addr2->address.data,
800 		   addr1->address.length);
801 }
802 
803 krb5_boolean
804 krb5_address_compare(krb5_context context,
805 		     const krb5_address *addr1,
806 		     const krb5_address *addr2)
807 {
808     return krb5_address_order (context, addr1, addr2) == 0;
809 }
810 
811 krb5_boolean
812 krb5_address_search(krb5_context context,
813 		    const krb5_address *addr,
814 		    const krb5_addresses *addrlist)
815 {
816     int i;
817 
818     for (i = 0; i < addrlist->len; ++i)
819 	if (krb5_address_compare (context, addr, &addrlist->val[i]))
820 	    return TRUE;
821     return FALSE;
822 }
823 
824 krb5_error_code
825 krb5_free_address(krb5_context context,
826 		  krb5_address *address)
827 {
828     struct addr_operations *a = find_af (address->addr_type);
829     if(a != NULL && a->free_addr != NULL)
830 	return (*a->free_addr)(context, address);
831     krb5_data_free (&address->address);
832     return 0;
833 }
834 
835 krb5_error_code
836 krb5_free_addresses(krb5_context context,
837 		    krb5_addresses *addresses)
838 {
839     int i;
840     for(i = 0; i < addresses->len; i++)
841 	krb5_free_address(context, &addresses->val[i]);
842     free(addresses->val);
843     return 0;
844 }
845 
846 krb5_error_code
847 krb5_copy_address(krb5_context context,
848 		  const krb5_address *inaddr,
849 		  krb5_address *outaddr)
850 {
851     struct addr_operations *a = find_af (inaddr->addr_type);
852     if(a != NULL && a->copy_addr != NULL)
853 	return (*a->copy_addr)(context, inaddr, outaddr);
854     return copy_HostAddress(inaddr, outaddr);
855 }
856 
857 krb5_error_code
858 krb5_copy_addresses(krb5_context context,
859 		    const krb5_addresses *inaddr,
860 		    krb5_addresses *outaddr)
861 {
862     int i;
863     ALLOC_SEQ(outaddr, inaddr->len);
864     if(inaddr->len > 0 && outaddr->val == NULL)
865 	return ENOMEM;
866     for(i = 0; i < inaddr->len; i++)
867 	krb5_copy_address(context, &inaddr->val[i], &outaddr->val[i]);
868     return 0;
869 }
870 
871 krb5_error_code
872 krb5_append_addresses(krb5_context context,
873 		      krb5_addresses *dest,
874 		      const krb5_addresses *source)
875 {
876     krb5_address *tmp;
877     krb5_error_code ret;
878     int i;
879     if(source->len > 0) {
880 	tmp = realloc(dest->val, (dest->len + source->len) * sizeof(*tmp));
881 	if(tmp == NULL) {
882 	    krb5_set_error_string(context, "realloc: out of memory");
883 	    return ENOMEM;
884 	}
885 	dest->val = tmp;
886 	for(i = 0; i < source->len; i++) {
887 	    /* skip duplicates */
888 	    if(krb5_address_search(context, &source->val[i], dest))
889 		continue;
890 	    ret = krb5_copy_address(context,
891 				    &source->val[i],
892 				    &dest->val[dest->len]);
893 	    if(ret)
894 		return ret;
895 	    dest->len++;
896 	}
897     }
898     return 0;
899 }
900 
901 /*
902  * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port)
903  */
904 
905 krb5_error_code
906 krb5_make_addrport (krb5_context context,
907 		    krb5_address **res, const krb5_address *addr, int16_t port)
908 {
909     krb5_error_code ret;
910     size_t len = addr->address.length + 2 + 4 * 4;
911     u_char *p;
912 
913     *res = malloc (sizeof(**res));
914     if (*res == NULL) {
915 	krb5_set_error_string(context, "malloc: out of memory");
916 	return ENOMEM;
917     }
918     (*res)->addr_type = KRB5_ADDRESS_ADDRPORT;
919     ret = krb5_data_alloc (&(*res)->address, len);
920     if (ret) {
921 	krb5_set_error_string(context, "malloc: out of memory");
922 	free (*res);
923 	return ret;
924     }
925     p = (*res)->address.data;
926     *p++ = 0;
927     *p++ = 0;
928     *p++ = (addr->addr_type     ) & 0xFF;
929     *p++ = (addr->addr_type >> 8) & 0xFF;
930 
931     *p++ = (addr->address.length      ) & 0xFF;
932     *p++ = (addr->address.length >>  8) & 0xFF;
933     *p++ = (addr->address.length >> 16) & 0xFF;
934     *p++ = (addr->address.length >> 24) & 0xFF;
935 
936     memcpy (p, addr->address.data, addr->address.length);
937     p += addr->address.length;
938 
939     *p++ = 0;
940     *p++ = 0;
941     *p++ = (KRB5_ADDRESS_IPPORT     ) & 0xFF;
942     *p++ = (KRB5_ADDRESS_IPPORT >> 8) & 0xFF;
943 
944     *p++ = (2      ) & 0xFF;
945     *p++ = (2 >>  8) & 0xFF;
946     *p++ = (2 >> 16) & 0xFF;
947     *p++ = (2 >> 24) & 0xFF;
948 
949     memcpy (p, &port, 2);
950     p += 2;
951 
952     return 0;
953 }
954