PERFORCE change 92809 for review
Robert Watson
rwatson at FreeBSD.org
Sun Mar 5 11:55:41 PST 2006
http://perforce.freebsd.org/chv.cgi?CH=92809
Change 92809 by rwatson at rwatson_peppercorn on 2006/03/05 19:54:48
When decoding the following token types, assume that the consumer
wants network byte order IP addresses and port numbers, and in
some cases other multi-byte IP header fields:
- AUT_IN_ADDR
- AUT_IP
- AUT_IPORT
- AUT_SOCKINET32
- AUT_SOCKET
- AUT_SOCKET32_EX
When printing these fields, convert from network byte order.
When encoding the following token types, assume the consumer
provides IP addresses and port numbers in network byte order:
- AUT_IN_ADDR
- AUT_IN_ADDR_EX
- AUT_SOCKINET32
- AUT_SOCKINET128
In general, prefer to hard-code the size of fields in terms of
the sizes they are defined in in the BSM spec. It's not clear
whether this is really better or worse than defining it in
terms of local data types, since we will break nastily either
way.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#37 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#47 edit
Differences ...
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#37 (text+ko) ====
@@ -31,7 +31,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#36 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#37 $
*/
#include <sys/types.h>
@@ -1356,7 +1356,8 @@
{
int err = 0;
- READ_TOKEN_U_INT32(buf, len, tok->tt.inaddr.addr, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.inaddr.addr, sizeof(uint32_t),
+ tok->len, err);
if (err)
return (-1);
@@ -1430,15 +1431,18 @@
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.ip.len, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.ip.len, sizeof(uint16_t),
+ tok->len, err);
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.ip.id, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.ip.id, sizeof(uint16_t),
+ tok->len, err);
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.ip.offset, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.ip.offset, sizeof(uint16_t),
+ tok->len, err);
if (err)
return (-1);
@@ -1450,7 +1454,8 @@
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.ip.chksm, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.ip.chksm, sizeof(uint16_t),
+ tok->len, err);
if (err)
return (-1);
@@ -1478,17 +1483,17 @@
print_delim(fp, del);
print_mem(fp, (u_char *)(&tok->tt.ip.tos), sizeof(u_char));
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.ip.len, "%u");
+ print_2_bytes(fp, ntohs(tok->tt.ip.len), "%u");
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.ip.id, "%u");
+ print_2_bytes(fp, ntohs(tok->tt.ip.id), "%u");
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.ip.offset, "%u");
+ print_2_bytes(fp, ntohs(tok->tt.ip.offset), "%u");
print_delim(fp, del);
print_mem(fp, (u_char *)(&tok->tt.ip.ttl), sizeof(u_char));
print_delim(fp, del);
print_mem(fp, (u_char *)(&tok->tt.ip.prot), sizeof(u_char));
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.ip.chksm, "%u");
+ print_2_bytes(fp, ntohs(tok->tt.ip.chksm), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.ip.src);
print_delim(fp, del);
@@ -1602,7 +1607,8 @@
{
int err = 0;
- READ_TOKEN_U_INT16(buf, len, tok->tt.iport.port, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.iport.port, sizeof(uint16_t),
+ tok->len, err);
if (err)
return (-1);
@@ -1616,7 +1622,7 @@
print_tok_type(fp, tok->id, "ip port", raw);
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.iport.port, "%#x");
+ print_2_bytes(fp, ntohs(tok->tt.iport.port), "%#x");
}
/*
@@ -1952,7 +1958,8 @@
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.sockinet32.port, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet32.port,
+ sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
@@ -1973,7 +1980,7 @@
print_delim(fp, del);
print_2_bytes(fp, tok->tt.sockinet32.family, "%u");
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.sockinet32.port, "%u");
+ print_2_bytes(fp, ntohs(tok->tt.sockinet32.port), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.sockinet32.addr);
}
@@ -1982,7 +1989,8 @@
* socket family 2 bytes
* path 104 bytes
*/
-static int fetch_sock_unix_tok(tokenstr_t *tok, char *buf, int len)
+static int
+fetch_sock_unix_tok(tokenstr_t *tok, char *buf, int len)
{
int err = 0;
@@ -2018,7 +2026,8 @@
* remote port 2 bytes
* remote address 4 bytes
*/
-static int fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
+static int
+fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
{
int err = 0;
@@ -2026,7 +2035,8 @@
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.socket.l_port, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.socket.l_port, sizeof(uint16_t),
+ tok->len, err);
if (err)
return (-1);
@@ -2035,7 +2045,8 @@
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.socket.r_port, tok->len, err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.socket.r_port, sizeof(uint16_t),
+ tok->len, err);
if (err)
return (-1);
@@ -2056,11 +2067,11 @@
print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket.type, "%u");
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.socket.l_port, "%u");
+ print_2_bytes(fp, ntohs(tok->tt.socket.l_port), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket.l_addr);
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.socket.r_port, "%u");
+ print_2_bytes(fp, ntohs(tok->tt.socket.r_port), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket.r_addr);
}
@@ -2380,8 +2391,8 @@
if (err)
return (-1);
- READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.l_port, tok->len,
- err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.l_port,
+ sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
@@ -2395,8 +2406,8 @@
if (err)
return (-1);
- READ_TOKEN_U_INT32(buf, len, tok->tt.socket_ex32.r_port, tok->len,
- err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.r_port,
+ sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
@@ -2422,11 +2433,11 @@
print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x");
print_delim(fp, del);
- print_2_bytes(fp, tok->tt.socket_ex32.l_port, "%#x");
+ print_2_bytes(fp, ntohs(tok->tt.socket_ex32.l_port), "%#x");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket_ex32.l_addr);
print_delim(fp, del);
- print_4_bytes(fp, tok->tt.socket_ex32.r_port, "%#x");
+ print_4_bytes(fp, ntohs(tok->tt.socket_ex32.r_port), "%#x");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket_ex32.r_addr);
}
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#47 (text+ko) ====
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#46 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#47 $
*/
#include <sys/types.h>
@@ -347,12 +347,12 @@
token_t *t;
u_char *dptr = NULL;
- GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t));
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(uint32_t));
if (t == NULL)
return (NULL);
ADD_U_CHAR(dptr, AUT_IN_ADDR);
- ADD_U_INT32(dptr, internet_addr->s_addr);
+ ADD_MEM(dptr, &internet_addr->s_addr, sizeof(uint32_t));
return (t);
}
@@ -369,13 +369,13 @@
u_char *dptr = NULL;
u_int32_t type = AF_INET6;
- GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(u_int32_t));
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(uint32_t));
if (t == NULL)
return (NULL);
ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
ADD_U_INT32(dptr, type);
- ADD_MEM(dptr, internet_addr, sizeof(*internet_addr));
+ ADD_MEM(dptr, internet_addr, 5 * sizeof(uint32_t));
return (t);
}
@@ -832,21 +832,28 @@
{
token_t *t;
u_char *dptr = NULL;
+ uint16_t family;
- GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) +
- sizeof(u_int32_t));
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(uint16_t) +
+ sizeof(uint32_t));
if (t == NULL)
return (NULL);
ADD_U_CHAR(dptr, AUT_SOCKINET32);
/*
- * In Darwin, sin_family is one octet, but BSM defines the token
- * to store two. So we copy in a 0 first.
+ * BSM defines the family field as 16 bits, but many operating
+ * systems have an 8-bit sin_family field. Extend to 16 bits before
+ * writing into the token. Assume that both the port and the address
+ * in the sockaddr_in are already in network byte order, but family
+ * is in local byte order.
+ *
+ * XXXRW: Should a name space conversion be taking place on the value
+ * of sin_family?
*/
- ADD_U_CHAR(dptr, 0);
- ADD_U_CHAR(dptr, so->sin_family);
- ADD_U_INT16(dptr, so->sin_port);
- ADD_U_INT32(dptr, so->sin_addr.s_addr);
+ family = so->sin_family;
+ ADD_U_INT16(dptr, family);
+ ADD_MEM(dptr, &so->sin_port, sizeof(uint16_t));
+ ADD_MEM(dptr, &so->sin_addr.s_addr, sizeof(uint32_t));
return (t);
@@ -872,7 +879,7 @@
ADD_U_CHAR(dptr, so->sin6_family);
ADD_U_INT16(dptr, so->sin6_port);
- ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr));
+ ADD_MEM(dptr, &so->sin6_addr, 4 * sizeof(uint32_t));
return (t);
More information about the trustedbsd-cvs
mailing list