host address and comments

crypto/aes/aes.go

@@ -1,3 +1,4 @@
+// AES Kerberos Encryption Types.
 package aes
 
 import (

crypto/des3/des3-cbc-sha1-kd.go

@@ -1,3 +1,4 @@
+// DES3 Kerberos Encryption Types.
 package des3
 
 import (

crypto/engine/engine.go

@@ -1,3 +1,4 @@
+// Cryptography methods for Kerberos.
 package engine
 
 import (

crypto/etype/etype.go

@@ -1,3 +1,4 @@
+// Kerberos EType interface.
 package etype
 
 import "hash"

service/http.go

@@ -15,7 +15,6 @@ import (
 	"net/http"
 	"strings"
 	"time"
-	"net"
 )
 
 const (
@@ -107,30 +106,11 @@ func validateAPREQ(a types.Authenticator, APReq messages.APReq, r *http.Request)
 		//address of the client.  If no match is found or the server insists on
 		//ticket addresses but none are present in the ticket, the
 		//KRB_AP_ERR_BADADDR error is returned.
-		cAddr, _, err := net.SplitHostPort(r.RemoteAddr)
+		h, err := types.GetHostAddress(r.RemoteAddr)
 		if err != nil {
-			err := messages.NewKRBError(APReq.Ticket.SName, APReq.Ticket.Realm, errorcode.KRB_AP_ERR_BADADDR, "Invalid format of client address.")
+			err := messages.NewKRBError(APReq.Ticket.SName, APReq.Ticket.Realm, errorcode.KRB_AP_ERR_BADADDR, err.Error())
 			return false, err
 		}
-		ip := net.ParseIP(cAddr)
-		hb, err := ip.MarshalText()
-		if err != nil {
-			err := messages.NewKRBError(APReq.Ticket.SName, APReq.Ticket.Realm, errorcode.KRB_AP_ERR_BADADDR, "Could not marshal client's address into bytes.")
-			return false, err
-		}
-		var ht int
-		if ip.To4() != nil {
-			ht = types.AddrType_IPv4
-		} else if ip.To16() != nil {
-			ht = types.AddrType_IPv6
-		} else {
-			err := messages.NewKRBError(APReq.Ticket.SName, APReq.Ticket.Realm, errorcode.KRB_AP_ERR_BADADDR, "Could not determine client's address type.")
-			return false, err
-		}
-		h := types.HostAddress{
-			AddrType: ht,
-			Address: hb,
-		}
 		if !types.HostAddressesContains(APReq.Ticket.DecryptedEncPart.CAddr, h) {
 			err := messages.NewKRBError(APReq.Ticket.SName, APReq.Ticket.Realm, errorcode.KRB_AP_ERR_BADADDR, "Client address not within the list contained in the service ticket")
 			return false, err

types/HostAddress.go

@@ -6,6 +6,8 @@ package types
 import (
 	"bytes"
 	"github.com/jcmturner/asn1"
+	"net"
+	"fmt"
 )
 
 /*
@@ -51,6 +53,32 @@ type HostAddress struct {
 	Address  []byte `asn1:"explicit,tag:1"`
 }
 
+func GetHostAddress(s string) (HostAddress, error) {
+	var h HostAddress
+	cAddr, _, err := net.SplitHostPort(s)
+	if err != nil {
+		return h, fmt.Errorf("Invalid format of client address: %v", err)
+	}
+	ip := net.ParseIP(cAddr)
+	hb, err := ip.MarshalText()
+	if err != nil {
+		return h, fmt.Errorf("Could not marshal client's address into bytes: %v", err)
+	}
+	var ht int
+	if ip.To4() != nil {
+		ht = AddrType_IPv4
+	} else if ip.To16() != nil {
+		ht = AddrType_IPv6
+	} else {
+		return h, fmt.Errorf("Could not determine client's address types: %v", err)
+	}
+	h = HostAddress{
+		AddrType: ht,
+		Address: hb,
+	}
+	return h, nil
+}
+
 func (h *HostAddress) GetAddress() (string, error) {
 	var b []byte
 	_, err := asn1.Unmarshal(h.Address, &b)