source: heimdal/trunk/kdc/announce.c@ 5

Last change on this file since 5 was 1, checked in by Paul Smedley, 10 years ago

Initial commit of Heimdal 1.5.3
File size: 12.5 KB
Line 
1/*
2 * Copyright (c) 2008 Apple Inc. All Rights Reserved.
3 *
4 * Export of this software from the United States of America may require
5 * a specific license from the United States Government. It is the
6 * responsibility of any person or organization contemplating export to
7 * obtain such a license before exporting.
8 *
9 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
10 * distribute this software and its documentation for any purpose and
11 * without fee is hereby granted, provided that the above copyright
12 * notice appear in all copies and that both that copyright notice and
13 * this permission notice appear in supporting documentation, and that
14 * the name of Apple Inc. not be used in advertising or publicity pertaining
15 * to distribution of the software without specific, written prior
16 * permission. Apple Inc. makes no representations about the suitability of
17 * this software for any purpose. It is provided "as is" without express
18 * or implied warranty.
19 *
20 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
21 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
22 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
23 *
24 */
25
26#include "kdc_locl.h"
27
28#if defined(__APPLE__) && defined(HAVE_GCD)
29
30#include <CoreFoundation/CoreFoundation.h>
31#include <SystemConfiguration/SCDynamicStore.h>
32#include <SystemConfiguration/SCDynamicStoreCopySpecific.h>
33#include <SystemConfiguration/SCDynamicStoreKey.h>
34
35#include <dispatch/dispatch.h>
36
37#include <asl.h>
38#include <resolv.h>
39
40#include <dns_sd.h>
41#include <err.h>
42
43static krb5_kdc_configuration *announce_config;
44static krb5_context announce_context;
45
46struct entry {
47 DNSRecordRef recordRef;
48 char *domain;
49 char *realm;
50#define F_EXISTS 1
51#define F_PUSH 2
52 int flags;
53 struct entry *next;
54};
55
56/* #define REGISTER_SRV_RR */
57
58static struct entry *g_entries = NULL;
59static CFStringRef g_hostname = NULL;
60static DNSServiceRef g_dnsRef = NULL;
61static SCDynamicStoreRef g_store = NULL;
62static dispatch_queue_t g_queue = NULL;
63
64#define LOG(...) asl_log(NULL, NULL, ASL_LEVEL_INFO, __VA_ARGS__)
65
66static void create_dns_sd(void);
67static void destroy_dns_sd(void);
68static void update_all(SCDynamicStoreRef, CFArrayRef, void *);
69
70
71/* parameters */
72static CFStringRef NetworkChangedKey_BackToMyMac = CFSTR("Setup:/Network/BackToMyMac");
73
74
75static char *
76CFString2utf8(CFStringRef string)
77{
78 size_t size;
79 char *str;
80
81 size = 1 + CFStringGetMaximumSizeForEncoding(CFStringGetLength(string), kCFStringEncodingUTF8);
82 str = malloc(size);
83 if (str == NULL)
84 return NULL;
85
86 if (CFStringGetCString(string, str, size, kCFStringEncodingUTF8) == false) {
87 free(str);
88 return NULL;
89 }
90 return str;
91}
92
93/*
94 *
95 */
96
97static void
98retry_timer(void)
99{
100 dispatch_source_t s;
101 dispatch_time_t t;
102
103 s = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER,
104 0, 0, g_queue);
105 t = dispatch_time(DISPATCH_TIME_NOW, 5ull * NSEC_PER_SEC);
106 dispatch_source_set_timer(s, t, 0, NSEC_PER_SEC);
107 dispatch_source_set_event_handler(s, ^{
108 create_dns_sd();
109 dispatch_release(s);
110 });
111 dispatch_resume(s);
112}
113
114/*
115 *
116 */
117
118static void
119create_dns_sd(void)
120{
121 DNSServiceErrorType error;
122 dispatch_source_t s;
123
124 error = DNSServiceCreateConnection(&g_dnsRef);
125 if (error) {
126 retry_timer();
127 return;
128 }
129
130 dispatch_suspend(g_queue);
131
132 s = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ,
133 DNSServiceRefSockFD(g_dnsRef),
134 0, g_queue);
135
136 dispatch_source_set_event_handler(s, ^{
137 DNSServiceErrorType ret = DNSServiceProcessResult(g_dnsRef);
138 /* on error tear down and set timer to recreate */
139 if (ret != kDNSServiceErr_NoError && ret != kDNSServiceErr_Transient) {
140 dispatch_source_cancel(s);
141 }
142 });
143
144 dispatch_source_set_cancel_handler(s, ^{
145 destroy_dns_sd();
146 retry_timer();
147 dispatch_release(s);
148 });
149
150 dispatch_resume(s);
151
152 /* Do the first update ourself */
153 update_all(g_store, NULL, NULL);
154 dispatch_resume(g_queue);
155}
156
157static void
158domain_add(const char *domain, const char *realm, int flag)
159{
160 struct entry *e;
161
162 for (e = g_entries; e != NULL; e = e->next) {
163 if (strcmp(domain, e->domain) == 0 && strcmp(realm, e->realm) == 0) {
164 e->flags |= flag;
165 return;
166 }
167 }
168
169 LOG("Adding realm %s to domain %s", realm, domain);
170
171 e = calloc(1, sizeof(*e));
172 if (e == NULL)
173 return;
174 e->domain = strdup(domain);
175 e->realm = strdup(realm);
176 if (e->domain == NULL || e->realm == NULL) {
177 free(e->domain);
178 free(e->realm);
179 free(e);
180 return;
181 }
182 e->flags = flag | F_PUSH; /* if we allocate, we push */
183 e->next = g_entries;
184 g_entries = e;
185}
186
187struct addctx {
188 int flags;
189 const char *realm;
190};
191
192static void
193domains_add(const void *key, const void *value, void *context)
194{
195 char *str = CFString2utf8((CFStringRef)value);
196 struct addctx *ctx = context;
197
198 if (str == NULL)
199 return;
200 if (str[0] != '\0')
201 domain_add(str, ctx->realm, F_EXISTS | ctx->flags);
202 free(str);
203}
204
205
206static void
207dnsCallback(DNSServiceRef sdRef __attribute__((unused)),
208 DNSRecordRef RecordRef __attribute__((unused)),
209 DNSServiceFlags flags __attribute__((unused)),
210 DNSServiceErrorType errorCode __attribute__((unused)),
211 void *context __attribute__((unused)))
212{
213}
214
215#ifdef REGISTER_SRV_RR
216
217/*
218 * Register DNS SRV rr for the realm.
219 */
220
221static const char *register_names[2] = {
222 "_kerberos._tcp",
223 "_kerberos._udp"
224};
225
226static struct {
227 DNSRecordRef *val;
228 size_t len;
229} srvRefs = { NULL, 0 };
230
231static void
232register_srv(const char *realm, const char *hostname, int port)
233{
234 unsigned char target[1024];
235 int i;
236 int size;
237
238 /* skip registering LKDC realms */
239 if (strncmp(realm, "LKDC:", 5) == 0)
240 return;
241
242 /* encode SRV-RR */
243 target[0] = 0; /* priority */
244 target[1] = 0; /* priority */
245 target[2] = 0; /* weight */
246 target[3] = 0; /* weigth */
247 target[4] = (port >> 8) & 0xff; /* port */
248 target[5] = (port >> 0) & 0xff; /* port */
249
250 size = dn_comp(hostname, target + 6, sizeof(target) - 6, NULL, NULL);
251 if (size < 0)
252 return;
253
254 size += 6;
255
256 LOG("register SRV rr for realm %s hostname %s:%d", realm, hostname, port);
257
258 for (i = 0; i < sizeof(register_names)/sizeof(register_names[0]); i++) {
259 char name[kDNSServiceMaxDomainName];
260 DNSServiceErrorType error;
261 void *ptr;
262
263 ptr = realloc(srvRefs.val, sizeof(srvRefs.val[0]) * (srvRefs.len + 1));
264 if (ptr == NULL)
265 errx(1, "malloc: out of memory");
266 srvRefs.val = ptr;
267
268 DNSServiceConstructFullName(name, NULL, register_names[i], realm);
269
270 error = DNSServiceRegisterRecord(g_dnsRef,
271 &srvRefs.val[srvRefs.len],
272 kDNSServiceFlagsUnique | kDNSServiceFlagsShareConnection,
273 0,
274 name,
275 kDNSServiceType_SRV,
276 kDNSServiceClass_IN,
277 size,
278 target,
279 0,
280 dnsCallback,
281 NULL);
282 if (error) {
283 LOG("Failed to register SRV rr for realm %s: %d", realm, error);
284 } else
285 srvRefs.len++;
286 }
287}
288
289static void
290unregister_srv_realms(void)
291{
292 if (g_dnsRef) {
293 for (i = 0; i < srvRefs.len; i++)
294 DNSServiceRemoveRecord(g_dnsRef, srvRefs.val[i], 0);
295 }
296 free(srvRefs.val);
297 srvRefs.len = 0;
298 srvRefs.val = NULL;
299}
300
301static void
302register_srv_realms(CFStringRef host)
303{
304 krb5_error_code ret;
305 char *hostname;
306 size_t i;
307
308 /* first unregister old names */
309
310 hostname = CFString2utf8(host);
311 if (hostname == NULL)
312 return;
313
314 for(i = 0; i < announce_config->num_db; i++) {
315 char **realms, **r;
316
317 if (announce_config->db[i]->hdb_get_realms == NULL)
318 continue;
319
320 ret = (announce_config->db[i]->hdb_get_realms)(announce_context, &realms);
321 if (ret == 0) {
322 for (r = realms; r && *r; r++)
323 register_srv(*r, hostname, 88);
324 krb5_free_host_realm(announce_context, realms);
325 }
326 }
327
328 free(hostname);
329}
330#endif /* REGISTER_SRV_RR */
331
332static void
333update_dns(void)
334{
335 DNSServiceErrorType error;
336 struct entry **e = &g_entries;
337 char *hostname;
338
339 hostname = CFString2utf8(g_hostname);
340 if (hostname == NULL)
341 return;
342
343 while (*e != NULL) {
344 /* remove if this wasn't updated */
345 if (((*e)->flags & F_EXISTS) == 0) {
346 struct entry *drop = *e;
347 *e = (*e)->next;
348
349 LOG("Deleting realm %s from domain %s",
350 drop->realm, drop->domain);
351
352 if (drop->recordRef && g_dnsRef)
353 DNSServiceRemoveRecord(g_dnsRef, drop->recordRef, 0);
354 free(drop->domain);
355 free(drop->realm);
356 free(drop);
357 continue;
358 }
359 if ((*e)->flags & F_PUSH) {
360 struct entry *update = *e;
361 char *dnsdata, *name;
362 size_t len;
363
364 len = strlen(update->realm);
365 asprintf(&dnsdata, "%c%s", (int)len, update->realm);
366 if (dnsdata == NULL)
367 errx(1, "malloc");
368
369 asprintf(&name, "_kerberos.%s.%s", hostname, update->domain);
370 if (name == NULL)
371 errx(1, "malloc");
372
373 if (update->recordRef)
374 DNSServiceRemoveRecord(g_dnsRef, update->recordRef, 0);
375
376 error = DNSServiceRegisterRecord(g_dnsRef,
377 &update->recordRef,
378 kDNSServiceFlagsShared | kDNSServiceFlagsAllowRemoteQuery,
379 0,
380 name,
381 kDNSServiceType_TXT,
382 kDNSServiceClass_IN,
383 len+1,
384 dnsdata,
385 0,
386 dnsCallback,
387 NULL);
388 free(name);
389 free(dnsdata);
390 if (error)
391 errx(1, "failure to update entry for %s/%s",
392 update->domain, update->realm);
393 }
394 e = &(*e)->next;
395 }
396 free(hostname);
397}
398
399static void
400update_entries(SCDynamicStoreRef store, const char *realm, int flags)
401{
402 CFDictionaryRef btmm;
403
404 /* we always announce in the local domain */
405 domain_add("local", realm, F_EXISTS | flags);
406
407 /* announce btmm */
408 btmm = SCDynamicStoreCopyValue(store, NetworkChangedKey_BackToMyMac);
409 if (btmm) {
410 struct addctx addctx;
411
412 addctx.flags = flags;
413 addctx.realm = realm;
414
415 CFDictionaryApplyFunction(btmm, domains_add, &addctx);
416 CFRelease(btmm);
417 }
418}
419
420static void
421update_all(SCDynamicStoreRef store, CFArrayRef changedKeys, void *info)
422{
423 struct entry *e;
424 CFStringRef host;
425 int i, flags = 0;
426
427 LOG("something changed, running update");
428
429 host = SCDynamicStoreCopyLocalHostName(store);
430 if (host == NULL)
431 return;
432
433 if (g_hostname == NULL || CFStringCompare(host, g_hostname, 0) != kCFCompareEqualTo) {
434 if (g_hostname)
435 CFRelease(g_hostname);
436 g_hostname = CFRetain(host);
437 flags = F_PUSH; /* if hostname has changed, force push */
438
439#ifdef REGISTER_SRV_RR
440 register_srv_realms(g_hostname);
441#endif
442 }
443
444 for (e = g_entries; e != NULL; e = e->next)
445 e->flags &= ~(F_EXISTS|F_PUSH);
446
447 for(i = 0; i < announce_config->num_db; i++) {
448 krb5_error_code ret;
449 char **realms, **r;
450
451 if (announce_config->db[i]->hdb_get_realms == NULL)
452 continue;
453
454 ret = (announce_config->db[i]->hdb_get_realms)(announce_context, announce_config->db[i], &realms);
455 if (ret == 0) {
456 for (r = realms; r && *r; r++)
457 update_entries(store, *r, flags);
458 krb5_free_host_realm(announce_context, realms);
459 }
460 }
461
462 update_dns();
463
464 CFRelease(host);
465}
466
467static void
468delete_all(void)
469{
470 struct entry *e;
471
472 for (e = g_entries; e != NULL; e = e->next)
473 e->flags &= ~(F_EXISTS|F_PUSH);
474
475 update_dns();
476 if (g_entries != NULL)
477 errx(1, "Failed to remove all bonjour entries");
478}
479
480static void
481destroy_dns_sd(void)
482{
483 if (g_dnsRef == NULL)
484 return;
485
486 delete_all();
487#ifdef REGISTER_SRV_RR
488 unregister_srv_realms();
489#endif
490
491 DNSServiceRefDeallocate(g_dnsRef);
492 g_dnsRef = NULL;
493}
494
495
496static SCDynamicStoreRef
497register_notification(void)
498{
499 SCDynamicStoreRef store;
500 CFStringRef computerNameKey;
501 CFMutableArrayRef keys;
502
503 computerNameKey = SCDynamicStoreKeyCreateHostNames(kCFAllocatorDefault);
504
505 store = SCDynamicStoreCreate(kCFAllocatorDefault, CFSTR("Network watcher"),
506 update_all, NULL);
507 if (store == NULL)
508 errx(1, "SCDynamicStoreCreate");
509
510 keys = CFArrayCreateMutable(kCFAllocatorDefault, 2, &kCFTypeArrayCallBacks);
511 if (keys == NULL)
512 errx(1, "CFArrayCreateMutable");
513
514 CFArrayAppendValue(keys, computerNameKey);
515 CFArrayAppendValue(keys, NetworkChangedKey_BackToMyMac);
516
517 if (SCDynamicStoreSetNotificationKeys(store, keys, NULL) == false)
518 errx(1, "SCDynamicStoreSetNotificationKeys");
519
520 CFRelease(computerNameKey);
521 CFRelease(keys);
522
523 if (!SCDynamicStoreSetDispatchQueue(store, g_queue))
524 errx(1, "SCDynamicStoreSetDispatchQueue");
525
526 return store;
527}
528#endif
529
530void
531bonjour_announce(krb5_context context, krb5_kdc_configuration *config)
532{
533#if defined(__APPLE__) && defined(HAVE_GCD)
534 g_queue = dispatch_queue_create("com.apple.kdc_announce", NULL);
535 if (!g_queue)
536 errx(1, "dispatch_queue_create");
537
538 g_store = register_notification();
539 announce_config = config;
540 announce_context = context;
541
542 create_dns_sd();
543#endif
544}
Note: See TracBrowser for help on using the repository browser.