diff options
author | Daniel Gollub <dgollub@brocade.com> | 2014-10-10 17:51:00 +0200 |
---|---|---|
committer | Daniel Gollub <dgollub@brocade.com> | 2014-10-10 18:02:30 +0200 |
commit | ec369a83dd65ea691d9159a5a4bdeb8c734c658c (patch) | |
tree | fa38db9ce3f20a58b47ce352d707accb7e616f59 /libtac/lib | |
parent | 21d14c56fe29a8fadac3a4291d96ed0247c1a766 (diff) | |
download | pam_tacplus-ec369a83dd65ea691d9159a5a4bdeb8c734c658c.tar.gz pam_tacplus-ec369a83dd65ea691d9159a5a4bdeb8c734c658c.zip |
Add source addr parameter for tac_connect_single
This allows to specify from which source address/interface the TACACS+
client connection gets initiated.
Bump SO-versioning due to API change.
Diffstat (limited to 'libtac/lib')
-rw-r--r-- | libtac/lib/connect.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/libtac/lib/connect.c b/libtac/lib/connect.c index 1226797..a186220 100644 --- a/libtac/lib/connect.c +++ b/libtac/lib/connect.c @@ -50,7 +50,7 @@ int tac_connect(struct addrinfo **server, char **key, int servers) { TACSYSLOG((LOG_ERR, "%s: no TACACS+ servers defined", __FUNCTION__)) } else { for ( tries = 0; tries < servers; tries++ ) { - if((fd=tac_connect_single(server[tries], key[tries])) >= 0 ) { + if((fd=tac_connect_single(server[tries], key[tries], NULL)) >= 0 ) { /* tac_secret was set in tac_connect_single on success */ break; } @@ -67,7 +67,7 @@ int tac_connect(struct addrinfo **server, char **key, int servers) { * >= 0 : valid fd * < 0 : error status code, see LIBTAC_STATUS_... */ -int tac_connect_single(struct addrinfo *server, const char *key) { +int tac_connect_single(struct addrinfo *server, const char *key, struct addrinfo *srcaddr) { int retval = LIBTAC_STATUS_CONN_ERR; /* default retval */ int fd = -1; int flags, rc; @@ -100,6 +100,15 @@ int tac_connect_single(struct addrinfo *server, const char *key) { return LIBTAC_STATUS_CONN_ERR; } + /* bind if source address got explicity defined */ + if (srcaddr) { + if (bind(fd, srcaddr->ai_addr, srcaddr->ai_addrlen) < 0) { + TACSYSLOG((LOG_ERR, "%s: Failed to bind source address: %s", + __FUNCTION__, strerror(errno))) + return LIBTAC_STATUS_CONN_ERR; + } + } + rc = connect(fd, server->ai_addr, server->ai_addrlen); /* FIX this..for some reason errno = 0 on AIX... */ if((rc == -1) && (errno != EINPROGRESS) && (errno != 0)) { |