Use port-sockets.h macros in cc_kcm, sendto_kdc

Use SOCKET_CONNECT in cc_kcm.c and sendto_kdc.c to prevent SIGPIPE on
BSD-like systems.  Use other port-sockets.h macros in cc_kcm.c in case
it is ever used on Windows.

ticket: 8753

2 files changed, 20 insertions, 17 deletions

diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
index a777f27..b260cd8 100644
--- a/src/lib/krb5/ccache/cc_kcm.c
+++ b/src/lib/krb5/ccache/cc_kcm.c
@@ -42,6 +42,7 @@
 #include "k5-input.h"
 #include "cc-int.h"
 #include "kcm.h"
+#include "../os/os-proto.h"
 #include <sys/socket.h>
 #include <sys/un.h>
 #ifdef __APPLE__
@@ -61,7 +62,7 @@ struct uuid_list {
 };
 
 struct kcmio {
-    int fd;
+    SOCKET fd;
 #ifdef __APPLE__
     mach_port_t mport;
 #endif
@@ -252,7 +253,7 @@ static krb5_error_code
 kcmio_unix_socket_connect(krb5_context context, struct kcmio *io)
 {
     krb5_error_code ret;
-    int fd = -1;
+    SOCKET fd = INVALID_SOCKET;
     struct sockaddr_un addr;
     char *path = NULL;
 
@@ -267,25 +268,25 @@ kcmio_unix_socket_connect(krb5_context context, struct kcmio *io)
     }
 
     fd = socket(AF_UNIX, SOCK_STREAM, 0);
-    if (fd == -1) {
-        ret = errno;
+    if (fd == INVALID_SOCKET) {
+        ret = SOCKET_ERRNO;
         goto cleanup;
     }
 
     memset(&addr, 0, sizeof(addr));
     addr.sun_family = AF_UNIX;
     strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
-    if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) {
-        ret = (errno == ENOENT) ? KRB5_KCM_NO_SERVER : errno;
+    if (SOCKET_CONNECT(fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) {
+        ret = (SOCKET_ERRNO == ENOENT) ? KRB5_KCM_NO_SERVER : SOCKET_ERRNO;
         goto cleanup;
     }
 
     io->fd = fd;
-    fd = -1;
+    fd = INVALID_SOCKET;
 
 cleanup:
-    if (fd != -1)
-        close(fd);
+    if (fd != INVALID_SOCKET)
+        closesocket(fd);
     profile_release_string(path);
     return ret;
 }
@@ -297,11 +298,12 @@ kcmio_unix_socket_write(krb5_context context, struct kcmio *io, void *request,
                         size_t len)
 {
     char lenbytes[4];
+    sg_buf sg[2];
 
+    SG_SET(&sg[0], lenbytes, sizeof(lenbytes));
+    SG_SET(&sg[1], request, len);
     store_32_be(len, lenbytes);
-    if (krb5_net_write(context, io->fd, lenbytes, 4) < 0)
-        return errno;
-    if (krb5_net_write(context, io->fd, request, len) < 0)
+    if (krb5int_net_writev(context, io->fd, sg, 2) < 0)
         return errno;
     return 0;
 }
@@ -358,7 +360,7 @@ kcmio_connect(krb5_context context, struct kcmio **io_out)
     io = calloc(1, sizeof(*io));
     if (io == NULL)
         return ENOMEM;
-    io->fd = -1;
+    io->fd = INVALID_SOCKET;
 
     /* Try Mach RPC (macOS only), then fall back to Unix domain sockets */
     ret = kcmio_mach_connect(context, io);
@@ -384,7 +386,7 @@ kcmio_call(krb5_context context, struct kcmio *io, struct kcmreq *req)
     if (k5_buf_status(&req->reqbuf) != 0)
         return ENOMEM;
 
-    if (io->fd != -1) {
+    if (io->fd != INVALID_SOCKET) {
         ret = kcmio_unix_socket_write(context, io, req->reqbuf.data,
                                       req->reqbuf.len);
         if (ret)
@@ -411,8 +413,8 @@ kcmio_close(struct kcmio *io)
 {
     if (io != NULL) {
         kcmio_mach_close(io);
-        if (io->fd != -1)
-            close(io->fd);
+        if (io->fd != INVALID_SOCKET)
+            closesocket(io->fd);
         free(io);
     }
 }
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 80c08f6..82523c5 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -884,7 +884,8 @@ start_connection(krb5_context context, struct conn_state *state,
     }
 
     /* Start connecting to KDC.  */
-    e = connect(fd, (struct sockaddr *)&state->addr.saddr, state->addr.len);
+    e = SOCKET_CONNECT(fd, (struct sockaddr *)&state->addr.saddr,
+                       state->addr.len);
     if (e != 0) {
         /*
          * This is the path that should be followed for non-blocking