source: trunk/server/source3/libsmb/namequery.c@ 1068

Last change on this file since 1068 was 751, checked in by Silvan Scherrer, 13 years ago

Samba Server: updated trunk to 3.6.9

File size: 71.5 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 name query routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19*/
20
21#include "includes.h"
22#include "../lib/util/tevent_ntstatus.h"
23#include "libads/sitename_cache.h"
24#include "libads/dns.h"
25#include "../libcli/netlogon/netlogon.h"
26#include "lib/async_req/async_sock.h"
27#include "libsmb/nmblib.h"
28
29/* nmbd.c sets this to True. */
30bool global_in_nmbd = False;
31
32/****************************
33 * SERVER AFFINITY ROUTINES *
34 ****************************/
35
36 /* Server affinity is the concept of preferring the last domain
37 controller with whom you had a successful conversation */
38
39/****************************************************************************
40****************************************************************************/
41#define SAFKEY_FMT "SAF/DOMAIN/%s"
42#define SAF_TTL 900
43#define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
44#define SAFJOIN_TTL 3600
45
46static char *saf_key(const char *domain)
47{
48 char *keystr;
49
50 asprintf_strupper_m(&keystr, SAFKEY_FMT, domain);
51
52 return keystr;
53}
54
55static char *saf_join_key(const char *domain)
56{
57 char *keystr;
58
59 asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain);
60
61 return keystr;
62}
63
64/****************************************************************************
65****************************************************************************/
66
67bool saf_store( const char *domain, const char *servername )
68{
69 char *key;
70 time_t expire;
71 bool ret = False;
72
73 if ( !domain || !servername ) {
74 DEBUG(2,("saf_store: "
75 "Refusing to store empty domain or servername!\n"));
76 return False;
77 }
78
79 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
80 DEBUG(0,("saf_store: "
81 "refusing to store 0 length domain or servername!\n"));
82 return False;
83 }
84
85 key = saf_key( domain );
86 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
87
88 DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n",
89 domain, servername, (unsigned int)expire ));
90
91 ret = gencache_set( key, servername, expire );
92
93 SAFE_FREE( key );
94
95 return ret;
96}
97
98bool saf_join_store( const char *domain, const char *servername )
99{
100 char *key;
101 time_t expire;
102 bool ret = False;
103
104 if ( !domain || !servername ) {
105 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
106 return False;
107 }
108
109 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
110 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
111 return False;
112 }
113
114 key = saf_join_key( domain );
115 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
116
117 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
118 domain, servername, (unsigned int)expire ));
119
120 ret = gencache_set( key, servername, expire );
121
122 SAFE_FREE( key );
123
124 return ret;
125}
126
127bool saf_delete( const char *domain )
128{
129 char *key;
130 bool ret = False;
131
132 if ( !domain ) {
133 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
134 return False;
135 }
136
137 key = saf_join_key(domain);
138 ret = gencache_del(key);
139 SAFE_FREE(key);
140
141 if (ret) {
142 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
143 }
144
145 key = saf_key(domain);
146 ret = gencache_del(key);
147 SAFE_FREE(key);
148
149 if (ret) {
150 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
151 }
152
153 return ret;
154}
155
156/****************************************************************************
157****************************************************************************/
158
159char *saf_fetch( const char *domain )
160{
161 char *server = NULL;
162 time_t timeout;
163 bool ret = False;
164 char *key = NULL;
165
166 if ( !domain || strlen(domain) == 0) {
167 DEBUG(2,("saf_fetch: Empty domain name!\n"));
168 return NULL;
169 }
170
171 key = saf_join_key( domain );
172
173 ret = gencache_get( key, &server, &timeout );
174
175 SAFE_FREE( key );
176
177 if ( ret ) {
178 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
179 server, domain ));
180 return server;
181 }
182
183 key = saf_key( domain );
184
185 ret = gencache_get( key, &server, &timeout );
186
187 SAFE_FREE( key );
188
189 if ( !ret ) {
190 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
191 domain ));
192 } else {
193 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
194 server, domain ));
195 }
196
197 return server;
198}
199
200/****************************************************************************
201 Generate a random trn_id.
202****************************************************************************/
203
204static int generate_trn_id(void)
205{
206 uint16 id;
207
208 generate_random_buffer((uint8 *)&id, sizeof(id));
209
210 return id % (unsigned)0x7FFF;
211}
212
213/****************************************************************************
214 Parse a node status response into an array of structures.
215****************************************************************************/
216
217static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx, char *p,
218 int *num_names,
219 struct node_status_extra *extra)
220{
221 struct node_status *ret;
222 int i;
223
224 *num_names = CVAL(p,0);
225
226 if (*num_names == 0)
227 return NULL;
228
229 ret = TALLOC_ARRAY(mem_ctx, struct node_status,*num_names);
230 if (!ret)
231 return NULL;
232
233 p++;
234 for (i=0;i< *num_names;i++) {
235 StrnCpy(ret[i].name,p,15);
236 trim_char(ret[i].name,'\0',' ');
237 ret[i].type = CVAL(p,15);
238 ret[i].flags = p[16];
239 p += 18;
240 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
241 ret[i].type, ret[i].flags));
242 }
243 /*
244 * Also, pick up the MAC address ...
245 */
246 if (extra) {
247 memcpy(&extra->mac_addr, p, 6); /* Fill in the mac addr */
248 }
249 return ret;
250}
251
252struct sock_packet_read_state {
253 struct tevent_context *ev;
254 enum packet_type type;
255 int trn_id;
256
257 struct nb_packet_reader *reader;
258 struct tevent_req *reader_req;
259
260 int sock;
261 struct tevent_req *socket_req;
262 uint8_t buf[1024];
263 struct sockaddr_storage addr;
264 socklen_t addr_len;
265
266 bool (*validator)(struct packet_struct *p,
267 void *private_data);
268 void *private_data;
269
270 struct packet_struct *packet;
271};
272
273static int sock_packet_read_state_destructor(struct sock_packet_read_state *s);
274static void sock_packet_read_got_packet(struct tevent_req *subreq);
275static void sock_packet_read_got_socket(struct tevent_req *subreq);
276
277static struct tevent_req *sock_packet_read_send(
278 TALLOC_CTX *mem_ctx,
279 struct tevent_context *ev,
280 int sock, /* dgram socket */
281 struct nb_packet_reader *reader,
282 enum packet_type type,
283 int trn_id,
284 bool (*validator)(struct packet_struct *p, void *private_data),
285 void *private_data)
286{
287 struct tevent_req *req;
288 struct sock_packet_read_state *state;
289
290 req = tevent_req_create(mem_ctx, &state,
291 struct sock_packet_read_state);
292 if (req == NULL) {
293 return NULL;
294 }
295 talloc_set_destructor(state, sock_packet_read_state_destructor);
296 state->ev = ev;
297 state->reader = reader;
298 state->sock = sock;
299 state->type = type;
300 state->trn_id = trn_id;
301 state->validator = validator;
302 state->private_data = private_data;
303
304 if (reader != NULL) {
305 state->reader_req = nb_packet_read_send(state, ev, reader);
306 if (tevent_req_nomem(state->reader_req, req)) {
307 return tevent_req_post(req, ev);
308 }
309 tevent_req_set_callback(
310 state->reader_req, sock_packet_read_got_packet, req);
311 }
312
313 state->addr_len = sizeof(state->addr);
314 state->socket_req = recvfrom_send(state, ev, sock,
315 state->buf, sizeof(state->buf), 0,
316 &state->addr, &state->addr_len);
317 if (tevent_req_nomem(state->socket_req, req)) {
318 return tevent_req_post(req, ev);
319 }
320 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
321 req);
322
323 return req;
324}
325
326static int sock_packet_read_state_destructor(struct sock_packet_read_state *s)
327{
328 if (s->packet != NULL) {
329 free_packet(s->packet);
330 s->packet = NULL;
331 }
332 return 0;
333}
334
335static void sock_packet_read_got_packet(struct tevent_req *subreq)
336{
337 struct tevent_req *req = tevent_req_callback_data(
338 subreq, struct tevent_req);
339 struct sock_packet_read_state *state = tevent_req_data(
340 req, struct sock_packet_read_state);
341 NTSTATUS status;
342
343 status = nb_packet_read_recv(subreq, &state->packet);
344
345 TALLOC_FREE(state->reader_req);
346
347 if (!NT_STATUS_IS_OK(status)) {
348 if (state->socket_req != NULL) {
349 /*
350 * Still waiting for socket
351 */
352 return;
353 }
354 /*
355 * Both socket and packet reader failed
356 */
357 tevent_req_nterror(req, status);
358 return;
359 }
360
361 if ((state->validator != NULL) &&
362 !state->validator(state->packet, state->private_data)) {
363 DEBUG(10, ("validator failed\n"));
364
365 free_packet(state->packet);
366 state->packet = NULL;
367
368 state->reader_req = nb_packet_read_send(state, state->ev,
369 state->reader);
370 if (tevent_req_nomem(state->reader_req, req)) {
371 return;
372 }
373 tevent_req_set_callback(
374 state->reader_req, sock_packet_read_got_packet, req);
375 return;
376 }
377
378 TALLOC_FREE(state->socket_req);
379 tevent_req_done(req);
380}
381
382static void sock_packet_read_got_socket(struct tevent_req *subreq)
383{
384 struct tevent_req *req = tevent_req_callback_data(
385 subreq, struct tevent_req);
386 struct sock_packet_read_state *state = tevent_req_data(
387 req, struct sock_packet_read_state);
388 struct sockaddr_in *in_addr;
389 ssize_t received;
390 int err;
391
392 received = recvfrom_recv(subreq, &err);
393
394 TALLOC_FREE(state->socket_req);
395
396 if (received == -1) {
397 if (state->reader_req != NULL) {
398 /*
399 * Still waiting for reader
400 */
401 return;
402 }
403 /*
404 * Both socket and reader failed
405 */
406 tevent_req_nterror(req, map_nt_error_from_unix(err));
407 return;
408 }
409 if (state->addr.ss_family != AF_INET) {
410 goto retry;
411 }
412 in_addr = (struct sockaddr_in *)(void *)&state->addr;
413
414 state->packet = parse_packet((char *)state->buf, received, state->type,
415 in_addr->sin_addr, in_addr->sin_port);
416 if (state->packet == NULL) {
417 DEBUG(10, ("parse_packet failed\n"));
418 goto retry;
419 }
420 if ((state->trn_id != -1) &&
421 (state->trn_id != packet_trn_id(state->packet))) {
422 DEBUG(10, ("Expected transaction id %d, got %d\n",
423 state->trn_id, packet_trn_id(state->packet)));
424 goto retry;
425 }
426
427 if ((state->validator != NULL) &&
428 !state->validator(state->packet, state->private_data)) {
429 DEBUG(10, ("validator failed\n"));
430 goto retry;
431 }
432
433 tevent_req_done(req);
434 return;
435
436retry:
437 if (state->packet != NULL) {
438 free_packet(state->packet);
439 state->packet = NULL;
440 }
441 state->socket_req = recvfrom_send(state, state->ev, state->sock,
442 state->buf, sizeof(state->buf), 0,
443 &state->addr, &state->addr_len);
444 if (tevent_req_nomem(state->socket_req, req)) {
445 return;
446 }
447 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
448 req);
449}
450
451static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
452 struct packet_struct **ppacket)
453{
454 struct sock_packet_read_state *state = tevent_req_data(
455 req, struct sock_packet_read_state);
456 NTSTATUS status;
457
458 if (tevent_req_is_nterror(req, &status)) {
459 return status;
460 }
461 *ppacket = state->packet;
462 state->packet = NULL;
463 return NT_STATUS_OK;
464}
465
466struct nb_trans_state {
467 struct tevent_context *ev;
468 int sock;
469 struct nb_packet_reader *reader;
470
471 const struct sockaddr_storage *dst_addr;
472 uint8_t *buf;
473 size_t buflen;
474 enum packet_type type;
475 int trn_id;
476
477 bool (*validator)(struct packet_struct *p,
478 void *private_data);
479 void *private_data;
480
481 struct packet_struct *packet;
482};
483
484static int nb_trans_state_destructor(struct nb_trans_state *s);
485static void nb_trans_got_reader(struct tevent_req *subreq);
486static void nb_trans_done(struct tevent_req *subreq);
487static void nb_trans_sent(struct tevent_req *subreq);
488static void nb_trans_send_next(struct tevent_req *subreq);
489
490static struct tevent_req *nb_trans_send(
491 TALLOC_CTX *mem_ctx,
492 struct tevent_context *ev,
493 const struct sockaddr_storage *my_addr,
494 const struct sockaddr_storage *dst_addr,
495 bool bcast,
496 uint8_t *buf, size_t buflen,
497 enum packet_type type, int trn_id,
498 bool (*validator)(struct packet_struct *p,
499 void *private_data),
500 void *private_data)
501{
502 struct tevent_req *req, *subreq;
503 struct nb_trans_state *state;
504
505 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
506 if (req == NULL) {
507 return NULL;
508 }
509 talloc_set_destructor(state, nb_trans_state_destructor);
510 state->ev = ev;
511 state->dst_addr = dst_addr;
512 state->buf = buf;
513 state->buflen = buflen;
514 state->type = type;
515 state->trn_id = trn_id;
516 state->validator = validator;
517 state->private_data = private_data;
518
519 state->sock = open_socket_in(SOCK_DGRAM, 0, 3, my_addr, True);
520 if (state->sock == -1) {
521 tevent_req_nterror(req, map_nt_error_from_unix(errno));
522 DEBUG(10, ("open_socket_in failed: %s\n", strerror(errno)));
523 return tevent_req_post(req, ev);
524 }
525
526 if (bcast) {
527 set_socket_options(state->sock,"SO_BROADCAST");
528 }
529
530 subreq = nb_packet_reader_send(state, ev, type, state->trn_id, NULL);
531 if (tevent_req_nomem(subreq, req)) {
532 return tevent_req_post(req, ev);
533 }
534 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
535 return req;
536}
537
538static int nb_trans_state_destructor(struct nb_trans_state *s)
539{
540 if (s->sock != -1) {
541 close(s->sock);
542 s->sock = -1;
543 }
544 if (s->packet != NULL) {
545 free_packet(s->packet);
546 s->packet = NULL;
547 }
548 return 0;
549}
550
551static void nb_trans_got_reader(struct tevent_req *subreq)
552{
553 struct tevent_req *req = tevent_req_callback_data(
554 subreq, struct tevent_req);
555 struct nb_trans_state *state = tevent_req_data(
556 req, struct nb_trans_state);
557 NTSTATUS status;
558
559 status = nb_packet_reader_recv(subreq, state, &state->reader);
560 TALLOC_FREE(subreq);
561
562 if (!NT_STATUS_IS_OK(status)) {
563 DEBUG(10, ("nmbd not around\n"));
564 state->reader = NULL;
565 }
566
567 subreq = sock_packet_read_send(
568 state, state->ev, state->sock,
569 state->reader, state->type, state->trn_id,
570 state->validator, state->private_data);
571 if (tevent_req_nomem(subreq, req)) {
572 return;
573 }
574 tevent_req_set_callback(subreq, nb_trans_done, req);
575
576 subreq = sendto_send(state, state->ev, state->sock,
577 state->buf, state->buflen, 0, state->dst_addr);
578 if (tevent_req_nomem(subreq, req)) {
579 return;
580 }
581 tevent_req_set_callback(subreq, nb_trans_sent, req);
582}
583
584static void nb_trans_sent(struct tevent_req *subreq)
585{
586 struct tevent_req *req = tevent_req_callback_data(
587 subreq, struct tevent_req);
588 struct nb_trans_state *state = tevent_req_data(
589 req, struct nb_trans_state);
590 ssize_t sent;
591 int err;
592
593 sent = sendto_recv(subreq, &err);
594 TALLOC_FREE(subreq);
595 if (sent == -1) {
596 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
597 tevent_req_nterror(req, map_nt_error_from_unix(err));
598 return;
599 }
600 subreq = tevent_wakeup_send(state, state->ev,
601 timeval_current_ofs(1, 0));
602 if (tevent_req_nomem(subreq, req)) {
603 return;
604 }
605 tevent_req_set_callback(subreq, nb_trans_send_next, req);
606}
607
608static void nb_trans_send_next(struct tevent_req *subreq)
609{
610 struct tevent_req *req = tevent_req_callback_data(
611 subreq, struct tevent_req);
612 struct nb_trans_state *state = tevent_req_data(
613 req, struct nb_trans_state);
614 bool ret;
615
616 ret = tevent_wakeup_recv(subreq);
617 TALLOC_FREE(subreq);
618 if (!ret) {
619 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
620 return;
621 }
622 subreq = sendto_send(state, state->ev, state->sock,
623 state->buf, state->buflen, 0, state->dst_addr);
624 if (tevent_req_nomem(subreq, req)) {
625 return;
626 }
627 tevent_req_set_callback(subreq, nb_trans_sent, req);
628}
629
630static void nb_trans_done(struct tevent_req *subreq)
631{
632 struct tevent_req *req = tevent_req_callback_data(
633 subreq, struct tevent_req);
634 struct nb_trans_state *state = tevent_req_data(
635 req, struct nb_trans_state);
636 NTSTATUS status;
637
638 status = sock_packet_read_recv(subreq, &state->packet);
639 TALLOC_FREE(subreq);
640 if (tevent_req_nterror(req, status)) {
641 return;
642 }
643 tevent_req_done(req);
644}
645
646static NTSTATUS nb_trans_recv(struct tevent_req *req,
647 struct packet_struct **ppacket)
648{
649 struct nb_trans_state *state = tevent_req_data(
650 req, struct nb_trans_state);
651 NTSTATUS status;
652
653 if (tevent_req_is_nterror(req, &status)) {
654 return status;
655 }
656 *ppacket = state->packet;
657 state->packet = NULL;
658 return NT_STATUS_OK;
659}
660
661/****************************************************************************
662 Do a NBT node status query on an open socket and return an array of
663 structures holding the returned names or NULL if the query failed.
664**************************************************************************/
665
666struct node_status_query_state {
667 struct sockaddr_storage my_addr;
668 struct sockaddr_storage addr;
669 uint8_t buf[1024];
670 ssize_t buflen;
671 struct packet_struct *packet;
672};
673
674static int node_status_query_state_destructor(
675 struct node_status_query_state *s);
676static bool node_status_query_validator(struct packet_struct *p,
677 void *private_data);
678static void node_status_query_done(struct tevent_req *subreq);
679
680struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
681 struct tevent_context *ev,
682 struct nmb_name *name,
683 const struct sockaddr_storage *addr)
684{
685 struct tevent_req *req, *subreq;
686 struct node_status_query_state *state;
687 struct packet_struct p;
688 struct nmb_packet *nmb = &p.packet.nmb;
689 struct sockaddr_in *in_addr;
690
691 req = tevent_req_create(mem_ctx, &state,
692 struct node_status_query_state);
693 if (req == NULL) {
694 return NULL;
695 }
696 talloc_set_destructor(state, node_status_query_state_destructor);
697
698 if (addr->ss_family != AF_INET) {
699 /* Can't do node status to IPv6 */
700 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
701 return tevent_req_post(req, ev);
702 }
703
704 state->addr = *addr;
705 in_addr = (struct sockaddr_in *)(void *)&state->addr;
706 in_addr->sin_port = htons(NMB_PORT);
707
708 if (!interpret_string_addr(&state->my_addr, lp_socket_address(),
709 AI_NUMERICHOST|AI_PASSIVE)) {
710 zero_sockaddr(&state->my_addr);
711 }
712
713 ZERO_STRUCT(p);
714 nmb->header.name_trn_id = generate_trn_id();
715 nmb->header.opcode = 0;
716 nmb->header.response = false;
717 nmb->header.nm_flags.bcast = false;
718 nmb->header.nm_flags.recursion_available = false;
719 nmb->header.nm_flags.recursion_desired = false;
720 nmb->header.nm_flags.trunc = false;
721 nmb->header.nm_flags.authoritative = false;
722 nmb->header.rcode = 0;
723 nmb->header.qdcount = 1;
724 nmb->header.ancount = 0;
725 nmb->header.nscount = 0;
726 nmb->header.arcount = 0;
727 nmb->question.question_name = *name;
728 nmb->question.question_type = 0x21;
729 nmb->question.question_class = 0x1;
730
731 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
732 &p);
733 if (state->buflen == 0) {
734 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
735 DEBUG(10, ("build_packet failed\n"));
736 return tevent_req_post(req, ev);
737 }
738
739 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, false,
740 state->buf, state->buflen,
741 NMB_PACKET, nmb->header.name_trn_id,
742 node_status_query_validator, NULL);
743 if (tevent_req_nomem(subreq, req)) {
744 DEBUG(10, ("nb_trans_send failed\n"));
745 return tevent_req_post(req, ev);
746 }
747 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
748 return tevent_req_post(req, ev);
749 }
750 tevent_req_set_callback(subreq, node_status_query_done, req);
751 return req;
752}
753
754static bool node_status_query_validator(struct packet_struct *p,
755 void *private_data)
756{
757 struct nmb_packet *nmb = &p->packet.nmb;
758 debug_nmb_packet(p);
759
760 if (nmb->header.opcode != 0 ||
761 nmb->header.nm_flags.bcast ||
762 nmb->header.rcode ||
763 !nmb->header.ancount ||
764 nmb->answers->rr_type != 0x21) {
765 /*
766 * XXXX what do we do with this? could be a redirect,
767 * but we'll discard it for the moment
768 */
769 return false;
770 }
771 return true;
772}
773
774static int node_status_query_state_destructor(
775 struct node_status_query_state *s)
776{
777 if (s->packet != NULL) {
778 free_packet(s->packet);
779 s->packet = NULL;
780 }
781 return 0;
782}
783
784static void node_status_query_done(struct tevent_req *subreq)
785{
786 struct tevent_req *req = tevent_req_callback_data(
787 subreq, struct tevent_req);
788 struct node_status_query_state *state = tevent_req_data(
789 req, struct node_status_query_state);
790 NTSTATUS status;
791
792 status = nb_trans_recv(subreq, &state->packet);
793 TALLOC_FREE(subreq);
794 if (tevent_req_nterror(req, status)) {
795 return;
796 }
797 tevent_req_done(req);
798}
799
800NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
801 struct node_status **pnode_status,
802 int *pnum_names,
803 struct node_status_extra *extra)
804{
805 struct node_status_query_state *state = tevent_req_data(
806 req, struct node_status_query_state);
807 struct node_status *node_status;
808 int num_names;
809 NTSTATUS status;
810
811 if (tevent_req_is_nterror(req, &status)) {
812 return status;
813 }
814 node_status = parse_node_status(
815 mem_ctx, &state->packet->packet.nmb.answers->rdata[0],
816 &num_names, extra);
817 if (node_status == NULL) {
818 return NT_STATUS_NO_MEMORY;
819 }
820 *pnode_status = node_status;
821 *pnum_names = num_names;
822 return NT_STATUS_OK;
823}
824
825NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
826 const struct sockaddr_storage *addr,
827 struct node_status **pnode_status,
828 int *pnum_names,
829 struct node_status_extra *extra)
830{
831 TALLOC_CTX *frame = talloc_stackframe();
832 struct tevent_context *ev;
833 struct tevent_req *req;
834 NTSTATUS status = NT_STATUS_NO_MEMORY;
835
836 ev = tevent_context_init(frame);
837 if (ev == NULL) {
838 goto fail;
839 }
840 req = node_status_query_send(ev, ev, name, addr);
841 if (req == NULL) {
842 goto fail;
843 }
844 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
845 goto fail;
846 }
847 status = node_status_query_recv(req, mem_ctx, pnode_status,
848 pnum_names, extra);
849 fail:
850 TALLOC_FREE(frame);
851 return status;
852}
853
854/****************************************************************************
855 Find the first type XX name in a node status reply - used for finding
856 a servers name given its IP. Return the matched name in *name.
857**************************************************************************/
858
859bool name_status_find(const char *q_name,
860 int q_type,
861 int type,
862 const struct sockaddr_storage *to_ss,
863 fstring name)
864{
865 char addr[INET6_ADDRSTRLEN];
866 struct sockaddr_storage ss;
867 struct node_status *addrs = NULL;
868 struct nmb_name nname;
869 int count, i;
870 bool result = false;
871 NTSTATUS status;
872
873 if (lp_disable_netbios()) {
874 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
875 q_name, q_type));
876 return False;
877 }
878
879 print_sockaddr(addr, sizeof(addr), to_ss);
880
881 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
882 q_type, addr));
883
884 /* Check the cache first. */
885
886 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
887 return True;
888 }
889
890 if (to_ss->ss_family != AF_INET) {
891 /* Can't do node status to IPv6 */
892 return false;
893 }
894
895 if (!interpret_string_addr(&ss, lp_socket_address(),
896 AI_NUMERICHOST|AI_PASSIVE)) {
897 zero_sockaddr(&ss);
898 }
899
900 /* W2K PDC's seem not to respond to '*'#0. JRA */
901 make_nmb_name(&nname, q_name, q_type);
902 status = node_status_query(talloc_tos(), &nname, to_ss,
903 &addrs, &count, NULL);
904 if (!NT_STATUS_IS_OK(status)) {
905 goto done;
906 }
907
908 for (i=0;i<count;i++) {
909 /* Find first one of the requested type that's not a GROUP. */
910 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
911 break;
912 }
913 if (i == count)
914 goto done;
915
916 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
917
918 /* Store the result in the cache. */
919 /* but don't store an entry for 0x1c names here. Here we have
920 a single host and DOMAIN<0x1c> names should be a list of hosts */
921
922 if ( q_type != 0x1c ) {
923 namecache_status_store(q_name, q_type, type, to_ss, name);
924 }
925
926 result = true;
927
928 done:
929 TALLOC_FREE(addrs);
930
931 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
932
933 if (result)
934 DEBUGADD(10, (", name %s ip address is %s", name, addr));
935
936 DEBUG(10, ("\n"));
937
938 return result;
939}
940
941/*
942 comparison function used by sort_addr_list
943*/
944
945static int addr_compare(const struct sockaddr_storage *ss1,
946 const struct sockaddr_storage *ss2)
947{
948 int max_bits1=0, max_bits2=0;
949 int num_interfaces = iface_count();
950 int i;
951
952 /* Sort IPv4 addresses first. */
953 if (ss1->ss_family != ss2->ss_family) {
954 if (ss2->ss_family == AF_INET) {
955 return 1;
956 } else {
957 return -1;
958 }
959 }
960
961 /* Here we know both addresses are of the same
962 * family. */
963
964 for (i=0;i<num_interfaces;i++) {
965 const struct sockaddr_storage *pss = iface_n_bcast(i);
966 unsigned char *p_ss1 = NULL;
967 unsigned char *p_ss2 = NULL;
968 unsigned char *p_if = NULL;
969 size_t len = 0;
970 int bits1, bits2;
971
972 if (pss->ss_family != ss1->ss_family) {
973 /* Ignore interfaces of the wrong type. */
974 continue;
975 }
976 if (pss->ss_family == AF_INET) {
977 p_if = (unsigned char *)
978 &((const struct sockaddr_in *)pss)->sin_addr;
979 p_ss1 = (unsigned char *)
980 &((const struct sockaddr_in *)ss1)->sin_addr;
981 p_ss2 = (unsigned char *)
982 &((const struct sockaddr_in *)ss2)->sin_addr;
983 len = 4;
984 }
985#if defined(HAVE_IPV6)
986 if (pss->ss_family == AF_INET6) {
987 p_if = (unsigned char *)
988 &((const struct sockaddr_in6 *)pss)->sin6_addr;
989 p_ss1 = (unsigned char *)
990 &((const struct sockaddr_in6 *)ss1)->sin6_addr;
991 p_ss2 = (unsigned char *)
992 &((const struct sockaddr_in6 *)ss2)->sin6_addr;
993 len = 16;
994 }
995#endif
996 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
997 continue;
998 }
999 bits1 = matching_len_bits(p_ss1, p_if, len);
1000 bits2 = matching_len_bits(p_ss2, p_if, len);
1001 max_bits1 = MAX(bits1, max_bits1);
1002 max_bits2 = MAX(bits2, max_bits2);
1003 }
1004
1005 /* Bias towards directly reachable IPs */
1006 if (iface_local((struct sockaddr *)ss1)) {
1007 if (ss1->ss_family == AF_INET) {
1008 max_bits1 += 32;
1009 } else {
1010 max_bits1 += 128;
1011 }
1012 }
1013 if (iface_local((struct sockaddr *)ss2)) {
1014 if (ss2->ss_family == AF_INET) {
1015 max_bits2 += 32;
1016 } else {
1017 max_bits2 += 128;
1018 }
1019 }
1020 return max_bits2 - max_bits1;
1021}
1022
1023/*******************************************************************
1024 compare 2 ldap IPs by nearness to our interfaces - used in qsort
1025*******************************************************************/
1026
1027int ip_service_compare(struct ip_service *ss1, struct ip_service *ss2)
1028{
1029 int result;
1030
1031 if ((result = addr_compare(&ss1->ss, &ss2->ss)) != 0) {
1032 return result;
1033 }
1034
1035 if (ss1->port > ss2->port) {
1036 return 1;
1037 }
1038
1039 if (ss1->port < ss2->port) {
1040 return -1;
1041 }
1042
1043 return 0;
1044}
1045
1046/*
1047 sort an IP list so that names that are close to one of our interfaces
1048 are at the top. This prevents the problem where a WINS server returns an IP
1049 that is not reachable from our subnet as the first match
1050*/
1051
1052static void sort_addr_list(struct sockaddr_storage *sslist, int count)
1053{
1054 if (count <= 1) {
1055 return;
1056 }
1057
1058 TYPESAFE_QSORT(sslist, count, addr_compare);
1059}
1060
1061static void sort_service_list(struct ip_service *servlist, int count)
1062{
1063 if (count <= 1) {
1064 return;
1065 }
1066
1067 TYPESAFE_QSORT(servlist, count, ip_service_compare);
1068}
1069
1070/**********************************************************************
1071 Remove any duplicate address/port pairs in the list
1072 *********************************************************************/
1073
1074static int remove_duplicate_addrs2(struct ip_service *iplist, int count )
1075{
1076 int i, j;
1077
1078 DEBUG(10,("remove_duplicate_addrs2: "
1079 "looking for duplicate address/port pairs\n"));
1080
1081 /* One loop to set duplicates to a zero addr. */
1082 for ( i=0; i<count; i++ ) {
1083 if ( is_zero_addr(&iplist[i].ss)) {
1084 continue;
1085 }
1086
1087 for ( j=i+1; j<count; j++ ) {
1088 if (sockaddr_equal((struct sockaddr *)&iplist[i].ss, (struct sockaddr *)&iplist[j].ss) &&
1089 iplist[i].port == iplist[j].port) {
1090 zero_sockaddr(&iplist[j].ss);
1091 }
1092 }
1093 }
1094
1095 /* Now remove any addresses set to zero above. */
1096 for (i = 0; i < count; i++) {
1097 while (i < count &&
1098 is_zero_addr(&iplist[i].ss)) {
1099 if (count-i-1>0) {
1100 memmove(&iplist[i],
1101 &iplist[i+1],
1102 (count-i-1)*sizeof(struct ip_service));
1103 }
1104 count--;
1105 }
1106 }
1107
1108 return count;
1109}
1110
1111static bool prioritize_ipv4_list(struct ip_service *iplist, int count)
1112{
1113 TALLOC_CTX *frame = talloc_stackframe();
1114 struct ip_service *iplist_new = TALLOC_ARRAY(frame, struct ip_service, count);
1115 int i, j;
1116
1117 if (iplist_new == NULL) {
1118 TALLOC_FREE(frame);
1119 return false;
1120 }
1121
1122 j = 0;
1123
1124 /* Copy IPv4 first. */
1125 for (i = 0; i < count; i++) {
1126 if (iplist[i].ss.ss_family == AF_INET) {
1127 iplist_new[j++] = iplist[i];
1128 }
1129 }
1130
1131 /* Copy IPv6. */
1132 for (i = 0; i < count; i++) {
1133 if (iplist[i].ss.ss_family != AF_INET) {
1134 iplist_new[j++] = iplist[i];
1135 }
1136 }
1137
1138 memcpy(iplist, iplist_new, sizeof(struct ip_service)*count);
1139 TALLOC_FREE(frame);
1140 return true;
1141}
1142
1143/****************************************************************************
1144 Do a netbios name query to find someones IP.
1145 Returns an array of IP addresses or NULL if none.
1146 *count will be set to the number of addresses returned.
1147 *timed_out is set if we failed by timing out
1148****************************************************************************/
1149
1150struct name_query_state {
1151 struct sockaddr_storage my_addr;
1152 struct sockaddr_storage addr;
1153 bool bcast;
1154
1155
1156 uint8_t buf[1024];
1157 ssize_t buflen;
1158
1159 NTSTATUS validate_error;
1160 uint8_t flags;
1161
1162 struct sockaddr_storage *addrs;
1163 int num_addrs;
1164};
1165
1166static bool name_query_validator(struct packet_struct *p, void *private_data);
1167static void name_query_done(struct tevent_req *subreq);
1168
1169struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1170 struct tevent_context *ev,
1171 const char *name, int name_type,
1172 bool bcast, bool recurse,
1173 const struct sockaddr_storage *addr)
1174{
1175 struct tevent_req *req, *subreq;
1176 struct name_query_state *state;
1177 struct packet_struct p;
1178 struct nmb_packet *nmb = &p.packet.nmb;
1179 struct sockaddr_in *in_addr;
1180
1181 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1182 if (req == NULL) {
1183 return NULL;
1184 }
1185 state->bcast = bcast;
1186
1187 if (addr->ss_family != AF_INET) {
1188 /* Can't do node status to IPv6 */
1189 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1190 return tevent_req_post(req, ev);
1191 }
1192
1193 if (lp_disable_netbios()) {
1194 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1195 name, name_type));
1196 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1197 return tevent_req_post(req, ev);
1198 }
1199
1200 state->addr = *addr;
1201 in_addr = (struct sockaddr_in *)(void *)&state->addr;
1202 in_addr->sin_port = htons(NMB_PORT);
1203
1204 if (!interpret_string_addr(&state->my_addr, lp_socket_address(),
1205 AI_NUMERICHOST|AI_PASSIVE)) {
1206 zero_sockaddr(&state->my_addr);
1207 }
1208
1209 ZERO_STRUCT(p);
1210 nmb->header.name_trn_id = generate_trn_id();
1211 nmb->header.opcode = 0;
1212 nmb->header.response = false;
1213 nmb->header.nm_flags.bcast = bcast;
1214 nmb->header.nm_flags.recursion_available = false;
1215 nmb->header.nm_flags.recursion_desired = recurse;
1216 nmb->header.nm_flags.trunc = false;
1217 nmb->header.nm_flags.authoritative = false;
1218 nmb->header.rcode = 0;
1219 nmb->header.qdcount = 1;
1220 nmb->header.ancount = 0;
1221 nmb->header.nscount = 0;
1222 nmb->header.arcount = 0;
1223
1224 make_nmb_name(&nmb->question.question_name,name,name_type);
1225
1226 nmb->question.question_type = 0x20;
1227 nmb->question.question_class = 0x1;
1228
1229 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1230 &p);
1231 if (state->buflen == 0) {
1232 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1233 DEBUG(10, ("build_packet failed\n"));
1234 return tevent_req_post(req, ev);
1235 }
1236
1237 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, bcast,
1238 state->buf, state->buflen,
1239 NMB_PACKET, nmb->header.name_trn_id,
1240 name_query_validator, state);
1241 if (tevent_req_nomem(subreq, req)) {
1242 DEBUG(10, ("nb_trans_send failed\n"));
1243 return tevent_req_post(req, ev);
1244 }
1245 tevent_req_set_callback(subreq, name_query_done, req);
1246 return req;
1247}
1248
1249static bool name_query_validator(struct packet_struct *p, void *private_data)
1250{
1251 struct name_query_state *state = talloc_get_type_abort(
1252 private_data, struct name_query_state);
1253 struct nmb_packet *nmb = &p->packet.nmb;
1254 struct sockaddr_storage *tmp_addrs;
1255 bool got_unique_netbios_name = false;
1256 int i;
1257
1258 debug_nmb_packet(p);
1259
1260 /*
1261 * If we get a Negative Name Query Response from a WINS
1262 * server, we should report it and give up.
1263 */
1264 if( 0 == nmb->header.opcode /* A query response */
1265 && !state->bcast /* from a WINS server */
1266 && nmb->header.rcode /* Error returned */
1267 ) {
1268
1269 if( DEBUGLVL( 3 ) ) {
1270 /* Only executed if DEBUGLEVEL >= 3 */
1271 dbgtext( "Negative name query "
1272 "response, rcode 0x%02x: ",
1273 nmb->header.rcode );
1274 switch( nmb->header.rcode ) {
1275 case 0x01:
1276 dbgtext("Request was invalidly formatted.\n");
1277 break;
1278 case 0x02:
1279 dbgtext("Problem with NBNS, cannot process "
1280 "name.\n");
1281 break;
1282 case 0x03:
1283 dbgtext("The name requested does not "
1284 "exist.\n");
1285 break;
1286 case 0x04:
1287 dbgtext("Unsupported request error.\n");
1288 break;
1289 case 0x05:
1290 dbgtext("Query refused error.\n");
1291 break;
1292 default:
1293 dbgtext("Unrecognized error code.\n" );
1294 break;
1295 }
1296 }
1297
1298 /*
1299 * We accept this packet as valid, but tell the upper
1300 * layers that it's a negative response.
1301 */
1302 state->validate_error = NT_STATUS_NOT_FOUND;
1303 return true;
1304 }
1305
1306 if (nmb->header.opcode != 0 ||
1307 nmb->header.nm_flags.bcast ||
1308 nmb->header.rcode ||
1309 !nmb->header.ancount) {
1310 /*
1311 * XXXX what do we do with this? Could be a redirect,
1312 * but we'll discard it for the moment.
1313 */
1314 return false;
1315 }
1316
1317 tmp_addrs = TALLOC_REALLOC_ARRAY(
1318 state, state->addrs, struct sockaddr_storage,
1319 state->num_addrs + nmb->answers->rdlength/6);
1320 if (tmp_addrs == NULL) {
1321 state->validate_error = NT_STATUS_NO_MEMORY;
1322 return true;
1323 }
1324 state->addrs = tmp_addrs;
1325
1326 DEBUG(2,("Got a positive name query response "
1327 "from %s ( ", inet_ntoa(p->ip)));
1328
1329 for (i=0; i<nmb->answers->rdlength/6; i++) {
1330 uint16_t flags;
1331 struct in_addr ip;
1332 struct sockaddr_storage addr;
1333 int j;
1334
1335 flags = RSVAL(&nmb->answers->rdata[i*6], 0);
1336 got_unique_netbios_name |= ((flags & 0x8000) == 0);
1337
1338 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1339 in_addr_to_sockaddr_storage(&addr, ip);
1340
1341 if (is_zero_addr(&addr)) {
1342 continue;
1343 }
1344
1345 for (j=0; j<state->num_addrs; j++) {
1346 if (sockaddr_equal(
1347 (struct sockaddr *)&addr,
1348 (struct sockaddr *)&state->addrs[j])) {
1349 break;
1350 }
1351 }
1352 if (j < state->num_addrs) {
1353 /* Already got it */
1354 continue;
1355 }
1356
1357 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1358
1359 state->addrs[state->num_addrs] = addr;
1360 state->num_addrs += 1;
1361 }
1362 DEBUGADD(2,(")\n"));
1363
1364 /* We add the flags back ... */
1365 if (nmb->header.response)
1366 state->flags |= NM_FLAGS_RS;
1367 if (nmb->header.nm_flags.authoritative)
1368 state->flags |= NM_FLAGS_AA;
1369 if (nmb->header.nm_flags.trunc)
1370 state->flags |= NM_FLAGS_TC;
1371 if (nmb->header.nm_flags.recursion_desired)
1372 state->flags |= NM_FLAGS_RD;
1373 if (nmb->header.nm_flags.recursion_available)
1374 state->flags |= NM_FLAGS_RA;
1375 if (nmb->header.nm_flags.bcast)
1376 state->flags |= NM_FLAGS_B;
1377
1378 if (state->bcast) {
1379 /*
1380 * We have to collect all entries coming in from broadcast
1381 * queries. If we got a unique name, we're done.
1382 */
1383 return got_unique_netbios_name;
1384 }
1385 /*
1386 * WINS responses are accepted when they are received
1387 */
1388 return true;
1389}
1390
1391static void name_query_done(struct tevent_req *subreq)
1392{
1393 struct tevent_req *req = tevent_req_callback_data(
1394 subreq, struct tevent_req);
1395 struct name_query_state *state = tevent_req_data(
1396 req, struct name_query_state);
1397 NTSTATUS status;
1398 struct packet_struct *p = NULL;
1399
1400 status = nb_trans_recv(subreq, &p);
1401 TALLOC_FREE(subreq);
1402 if (tevent_req_nterror(req, status)) {
1403 return;
1404 }
1405 if (!NT_STATUS_IS_OK(state->validate_error)) {
1406 tevent_req_nterror(req, state->validate_error);
1407 return;
1408 }
1409 if (p != NULL) {
1410 /*
1411 * Free the packet here, we've collected the response in the
1412 * validator
1413 */
1414 free_packet(p);
1415 }
1416 tevent_req_done(req);
1417}
1418
1419NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1420 struct sockaddr_storage **addrs, int *num_addrs,
1421 uint8_t *flags)
1422{
1423 struct name_query_state *state = tevent_req_data(
1424 req, struct name_query_state);
1425 NTSTATUS status;
1426
1427 if (tevent_req_is_nterror(req, &status)
1428 && !NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1429 return status;
1430 }
1431 if (state->num_addrs == 0) {
1432 return NT_STATUS_NOT_FOUND;
1433 }
1434 *addrs = talloc_move(mem_ctx, &state->addrs);
1435 sort_addr_list(*addrs, state->num_addrs);
1436 *num_addrs = state->num_addrs;
1437 if (flags != NULL) {
1438 *flags = state->flags;
1439 }
1440 return NT_STATUS_OK;
1441}
1442
1443NTSTATUS name_query(const char *name, int name_type,
1444 bool bcast, bool recurse,
1445 const struct sockaddr_storage *to_ss,
1446 TALLOC_CTX *mem_ctx,
1447 struct sockaddr_storage **addrs,
1448 int *num_addrs, uint8_t *flags)
1449{
1450 TALLOC_CTX *frame = talloc_stackframe();
1451 struct tevent_context *ev;
1452 struct tevent_req *req;
1453 struct timeval timeout;
1454 NTSTATUS status = NT_STATUS_NO_MEMORY;
1455
1456 ev = tevent_context_init(frame);
1457 if (ev == NULL) {
1458 goto fail;
1459 }
1460 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1461 if (req == NULL) {
1462 goto fail;
1463 }
1464 if (bcast) {
1465 timeout = timeval_current_ofs(0, 250000);
1466 } else {
1467 timeout = timeval_current_ofs(2, 0);
1468 }
1469 if (!tevent_req_set_endtime(req, ev, timeout)) {
1470 goto fail;
1471 }
1472 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1473 goto fail;
1474 }
1475 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1476 fail:
1477 TALLOC_FREE(frame);
1478 return status;
1479}
1480
1481/********************************************************
1482 Convert an array if struct sockaddr_storage to struct ip_service
1483 return false on failure. Port is set to PORT_NONE;
1484 pcount is [in/out] - it is the length of ss_list on input,
1485 and the length of return_iplist on output as we remove any
1486 zero addresses from ss_list.
1487*********************************************************/
1488
1489static bool convert_ss2service(struct ip_service **return_iplist,
1490 const struct sockaddr_storage *ss_list,
1491 int *pcount)
1492{
1493 int i;
1494 int orig_count = *pcount;
1495 int real_count = 0;
1496
1497 if (orig_count==0 || !ss_list )
1498 return False;
1499
1500 /* Filter out zero addrs. */
1501 for ( i=0; i<orig_count; i++ ) {
1502 if (is_zero_addr(&ss_list[i])) {
1503 continue;
1504 }
1505 real_count++;
1506 }
1507 if (real_count==0) {
1508 return false;
1509 }
1510
1511 /* copy the ip address; port will be PORT_NONE */
1512 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, real_count)) ==
1513 NULL) {
1514 DEBUG(0,("convert_ip2service: malloc failed "
1515 "for %d enetries!\n", real_count ));
1516 return False;
1517 }
1518
1519 for ( i=0, real_count = 0; i<orig_count; i++ ) {
1520 if (is_zero_addr(&ss_list[i])) {
1521 continue;
1522 }
1523 (*return_iplist)[real_count].ss = ss_list[i];
1524 (*return_iplist)[real_count].port = PORT_NONE;
1525 real_count++;
1526 }
1527
1528 *pcount = real_count;
1529 return true;
1530}
1531
1532/********************************************************
1533 Resolve via "bcast" method.
1534*********************************************************/
1535
1536NTSTATUS name_resolve_bcast(const char *name,
1537 int name_type,
1538 TALLOC_CTX *mem_ctx,
1539 struct sockaddr_storage **return_iplist,
1540 int *return_count)
1541{
1542 int i;
1543 int num_interfaces = iface_count();
1544 struct sockaddr_storage *ss_list;
1545 NTSTATUS status = NT_STATUS_NOT_FOUND;
1546
1547 if (lp_disable_netbios()) {
1548 DEBUG(5,("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1549 name, name_type));
1550 return NT_STATUS_INVALID_PARAMETER;
1551 }
1552
1553 *return_iplist = NULL;
1554 *return_count = 0;
1555
1556 /*
1557 * "bcast" means do a broadcast lookup on all the local interfaces.
1558 */
1559
1560 DEBUG(3,("name_resolve_bcast: Attempting broadcast lookup "
1561 "for name %s<0x%x>\n", name, name_type));
1562
1563 /*
1564 * Lookup the name on all the interfaces, return on
1565 * the first successful match.
1566 */
1567 for( i = num_interfaces-1; i >= 0; i--) {
1568 const struct sockaddr_storage *pss = iface_n_bcast(i);
1569
1570 /* Done this way to fix compiler error on IRIX 5.x */
1571 if (!pss) {
1572 continue;
1573 }
1574 status = name_query(name, name_type, true, true, pss,
1575 talloc_tos(), &ss_list, return_count,
1576 NULL);
1577 if (NT_STATUS_IS_OK(status)) {
1578 goto success;
1579 }
1580 }
1581
1582 /* failed - no response */
1583
1584 return status;
1585
1586success:
1587 *return_iplist = ss_list;
1588 return status;
1589}
1590
1591/********************************************************
1592 Resolve via "wins" method.
1593*********************************************************/
1594
1595NTSTATUS resolve_wins(const char *name,
1596 int name_type,
1597 struct ip_service **return_iplist,
1598 int *return_count)
1599{
1600 int t, i;
1601 char **wins_tags;
1602 struct sockaddr_storage src_ss, *ss_list = NULL;
1603 struct in_addr src_ip;
1604 NTSTATUS status;
1605
1606 if (lp_disable_netbios()) {
1607 DEBUG(5,("resolve_wins(%s#%02x): netbios is disabled\n",
1608 name, name_type));
1609 return NT_STATUS_INVALID_PARAMETER;
1610 }
1611
1612 *return_iplist = NULL;
1613 *return_count = 0;
1614
1615 DEBUG(3,("resolve_wins: Attempting wins lookup for name %s<0x%x>\n",
1616 name, name_type));
1617
1618 if (wins_srv_count() < 1) {
1619 DEBUG(3,("resolve_wins: WINS server resolution selected "
1620 "and no WINS servers listed.\n"));
1621 return NT_STATUS_INVALID_PARAMETER;
1622 }
1623
1624 /* we try a lookup on each of the WINS tags in turn */
1625 wins_tags = wins_srv_tags();
1626
1627 if (!wins_tags) {
1628 /* huh? no tags?? give up in disgust */
1629 return NT_STATUS_INVALID_PARAMETER;
1630 }
1631
1632 /* the address we will be sending from */
1633 if (!interpret_string_addr(&src_ss, lp_socket_address(),
1634 AI_NUMERICHOST|AI_PASSIVE)) {
1635 zero_sockaddr(&src_ss);
1636 }
1637
1638 if (src_ss.ss_family != AF_INET) {
1639 char addr[INET6_ADDRSTRLEN];
1640 print_sockaddr(addr, sizeof(addr), &src_ss);
1641 DEBUG(3,("resolve_wins: cannot receive WINS replies "
1642 "on IPv6 address %s\n",
1643 addr));
1644 wins_srv_tags_free(wins_tags);
1645 return NT_STATUS_INVALID_PARAMETER;
1646 }
1647
1648 src_ip = ((struct sockaddr_in *)&src_ss)->sin_addr;
1649
1650 /* in the worst case we will try every wins server with every
1651 tag! */
1652 for (t=0; wins_tags && wins_tags[t]; t++) {
1653 int srv_count = wins_srv_count_tag(wins_tags[t]);
1654 for (i=0; i<srv_count; i++) {
1655 struct sockaddr_storage wins_ss;
1656 struct in_addr wins_ip;
1657
1658 wins_ip = wins_srv_ip_tag(wins_tags[t], src_ip);
1659
1660 if (global_in_nmbd && ismyip_v4(wins_ip)) {
1661 /* yikes! we'll loop forever */
1662 continue;
1663 }
1664
1665 /* skip any that have been unresponsive lately */
1666 if (wins_srv_is_dead(wins_ip, src_ip)) {
1667 continue;
1668 }
1669
1670 DEBUG(3,("resolve_wins: using WINS server %s "
1671 "and tag '%s'\n",
1672 inet_ntoa(wins_ip), wins_tags[t]));
1673
1674 in_addr_to_sockaddr_storage(&wins_ss, wins_ip);
1675 status = name_query(name,
1676 name_type,
1677 false,
1678 true,
1679 &wins_ss,
1680 talloc_tos(),
1681 &ss_list,
1682 return_count,
1683 NULL);
1684
1685 /* exit loop if we got a list of addresses */
1686
1687 if (NT_STATUS_IS_OK(status)) {
1688 goto success;
1689 }
1690
1691 if (NT_STATUS_EQUAL(status,
1692 NT_STATUS_IO_TIMEOUT)) {
1693 /* Timed out waiting for WINS server to
1694 * respond.
1695 * Mark it dead. */
1696 wins_srv_died(wins_ip, src_ip);
1697 } else {
1698 /* The name definitely isn't in this
1699 group of WINS servers.
1700 goto the next group */
1701 break;
1702 }
1703 }
1704 }
1705
1706 wins_srv_tags_free(wins_tags);
1707 return NT_STATUS_NO_LOGON_SERVERS;
1708
1709success:
1710
1711 status = NT_STATUS_OK;
1712 if (!convert_ss2service(return_iplist, ss_list, return_count))
1713 status = NT_STATUS_INVALID_PARAMETER;
1714
1715 TALLOC_FREE(ss_list);
1716 wins_srv_tags_free(wins_tags);
1717
1718 return status;
1719}
1720
1721/********************************************************
1722 Resolve via "lmhosts" method.
1723*********************************************************/
1724
1725static NTSTATUS resolve_lmhosts(const char *name, int name_type,
1726 struct ip_service **return_iplist,
1727 int *return_count)
1728{
1729 /*
1730 * "lmhosts" means parse the local lmhosts file.
1731 */
1732 struct sockaddr_storage *ss_list;
1733 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1734 TALLOC_CTX *ctx = NULL;
1735
1736 *return_iplist = NULL;
1737 *return_count = 0;
1738
1739 DEBUG(3,("resolve_lmhosts: "
1740 "Attempting lmhosts lookup for name %s<0x%x>\n",
1741 name, name_type));
1742
1743 ctx = talloc_init("resolve_lmhosts");
1744 if (!ctx) {
1745 return NT_STATUS_NO_MEMORY;
1746 }
1747
1748 status = resolve_lmhosts_file_as_sockaddr(get_dyn_LMHOSTSFILE(),
1749 name, name_type,
1750 ctx,
1751 &ss_list,
1752 return_count);
1753 if (NT_STATUS_IS_OK(status)) {
1754 if (convert_ss2service(return_iplist,
1755 ss_list,
1756 return_count)) {
1757 talloc_free(ctx);
1758 return NT_STATUS_OK;
1759 } else {
1760 talloc_free(ctx);
1761 return NT_STATUS_NO_MEMORY;
1762 }
1763 }
1764 talloc_free(ctx);
1765 return status;
1766}
1767
1768
1769/********************************************************
1770 Resolve via "hosts" method.
1771*********************************************************/
1772
1773static NTSTATUS resolve_hosts(const char *name, int name_type,
1774 struct ip_service **return_iplist,
1775 int *return_count)
1776{
1777 /*
1778 * "host" means do a localhost, or dns lookup.
1779 */
1780 struct addrinfo hints;
1781 struct addrinfo *ailist = NULL;
1782 struct addrinfo *res = NULL;
1783 int ret = -1;
1784 int i = 0;
1785
1786 if ( name_type != 0x20 && name_type != 0x0) {
1787 DEBUG(5, ("resolve_hosts: not appropriate "
1788 "for name type <0x%x>\n",
1789 name_type));
1790 return NT_STATUS_INVALID_PARAMETER;
1791 }
1792
1793 *return_iplist = NULL;
1794 *return_count = 0;
1795
1796 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
1797 name, name_type));
1798
1799 ZERO_STRUCT(hints);
1800 /* By default make sure it supports TCP. */
1801 hints.ai_socktype = SOCK_STREAM;
1802 hints.ai_flags = AI_ADDRCONFIG;
1803
1804#if !defined(HAVE_IPV6)
1805 /* Unless we have IPv6, we really only want IPv4 addresses back. */
1806 hints.ai_family = AF_INET;
1807#endif
1808
1809 ret = getaddrinfo(name,
1810 NULL,
1811 &hints,
1812 &ailist);
1813 if (ret) {
1814 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
1815 name,
1816 gai_strerror(ret) ));
1817 }
1818
1819 for (res = ailist; res; res = res->ai_next) {
1820 struct sockaddr_storage ss;
1821
1822 if (!res->ai_addr || res->ai_addrlen == 0) {
1823 continue;
1824 }
1825
1826 ZERO_STRUCT(ss);
1827 memcpy(&ss, res->ai_addr, res->ai_addrlen);
1828
1829 if (is_zero_addr(&ss)) {
1830 continue;
1831 }
1832
1833 *return_count += 1;
1834
1835 *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
1836 struct ip_service,
1837 *return_count);
1838 if (!*return_iplist) {
1839 DEBUG(3,("resolve_hosts: malloc fail !\n"));
1840 freeaddrinfo(ailist);
1841 return NT_STATUS_NO_MEMORY;
1842 }
1843 (*return_iplist)[i].ss = ss;
1844 (*return_iplist)[i].port = PORT_NONE;
1845 i++;
1846 }
1847 if (ailist) {
1848 freeaddrinfo(ailist);
1849 }
1850 if (*return_count) {
1851 return NT_STATUS_OK;
1852 }
1853 return NT_STATUS_UNSUCCESSFUL;
1854}
1855
1856/********************************************************
1857 Resolve via "ADS" method.
1858*********************************************************/
1859
1860/* Special name type used to cause a _kerberos DNS lookup. */
1861#define KDC_NAME_TYPE 0xDCDC
1862
1863static NTSTATUS resolve_ads(const char *name,
1864 int name_type,
1865 const char *sitename,
1866 struct ip_service **return_iplist,
1867 int *return_count)
1868{
1869 int i;
1870 NTSTATUS status;
1871 TALLOC_CTX *ctx;
1872 struct dns_rr_srv *dcs = NULL;
1873 int numdcs = 0;
1874 int numaddrs = 0;
1875
1876 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
1877 (name_type != 0x1b)) {
1878 return NT_STATUS_INVALID_PARAMETER;
1879 }
1880
1881 if ( (ctx = talloc_init("resolve_ads")) == NULL ) {
1882 DEBUG(0,("resolve_ads: talloc_init() failed!\n"));
1883 return NT_STATUS_NO_MEMORY;
1884 }
1885
1886 /* The DNS code needs fixing to find IPv6 addresses... JRA. */
1887
1888 switch (name_type) {
1889 case 0x1b:
1890 DEBUG(5,("resolve_ads: Attempting to resolve "
1891 "PDC for %s using DNS\n", name));
1892 status = ads_dns_query_pdc(ctx, name, &dcs, &numdcs);
1893 break;
1894
1895 case 0x1c:
1896 DEBUG(5,("resolve_ads: Attempting to resolve "
1897 "DCs for %s using DNS\n", name));
1898 status = ads_dns_query_dcs(ctx, name, sitename, &dcs,
1899 &numdcs);
1900 break;
1901 case KDC_NAME_TYPE:
1902 DEBUG(5,("resolve_ads: Attempting to resolve "
1903 "KDCs for %s using DNS\n", name));
1904 status = ads_dns_query_kdcs(ctx, name, sitename, &dcs,
1905 &numdcs);
1906 break;
1907 default:
1908 status = NT_STATUS_INVALID_PARAMETER;
1909 break;
1910 }
1911
1912 if ( !NT_STATUS_IS_OK( status ) ) {
1913 talloc_destroy(ctx);
1914 return status;
1915 }
1916
1917 for (i=0;i<numdcs;i++) {
1918 if (!dcs[i].ss_s) {
1919 numaddrs += 1;
1920 } else {
1921 numaddrs += dcs[i].num_ips;
1922 }
1923 }
1924
1925 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, numaddrs)) ==
1926 NULL ) {
1927 DEBUG(0,("resolve_ads: malloc failed for %d entries\n",
1928 numaddrs ));
1929 talloc_destroy(ctx);
1930 return NT_STATUS_NO_MEMORY;
1931 }
1932
1933 /* now unroll the list of IP addresses */
1934
1935 *return_count = 0;
1936
1937 for (i = 0; i < numdcs && (*return_count<numaddrs); i++ ) {
1938 /* If we don't have an IP list for a name, lookup it up */
1939 if (!dcs[i].ss_s) {
1940 /* We need to get all IP addresses here. */
1941 struct addrinfo *res = NULL;
1942 struct addrinfo *p;
1943 int extra_addrs = 0;
1944
1945 if (!interpret_string_addr_internal(&res,
1946 dcs[i].hostname,
1947 0)) {
1948 continue;
1949 }
1950 /* Add in every IP from the lookup. How
1951 many is that ? */
1952 for (p = res; p; p = p->ai_next) {
1953 struct sockaddr_storage ss;
1954 memcpy(&ss, p->ai_addr, p->ai_addrlen);
1955 if (is_zero_addr(&ss)) {
1956 continue;
1957 }
1958 extra_addrs++;
1959 }
1960 if (extra_addrs > 1) {
1961 /* We need to expand the return_iplist array
1962 as we only budgeted for one address. */
1963 numaddrs += (extra_addrs-1);
1964 *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
1965 struct ip_service,
1966 numaddrs);
1967 if (*return_iplist == NULL) {
1968 if (res) {
1969 freeaddrinfo(res);
1970 }
1971 talloc_destroy(ctx);
1972 return NT_STATUS_NO_MEMORY;
1973 }
1974 }
1975 for (p = res; p; p = p->ai_next) {
1976 (*return_iplist)[*return_count].port = dcs[i].port;
1977 memcpy(&(*return_iplist)[*return_count].ss,
1978 p->ai_addr,
1979 p->ai_addrlen);
1980 if (is_zero_addr(&(*return_iplist)[*return_count].ss)) {
1981 continue;
1982 }
1983 (*return_count)++;
1984 /* Should never happen, but still... */
1985 if (*return_count>=numaddrs) {
1986 break;
1987 }
1988 }
1989 if (res) {
1990 freeaddrinfo(res);
1991 }
1992 } else {
1993 /* use all the IP addresses from the SRV sresponse */
1994 int j;
1995 for (j = 0; j < dcs[i].num_ips; j++) {
1996 (*return_iplist)[*return_count].port = dcs[i].port;
1997 (*return_iplist)[*return_count].ss = dcs[i].ss_s[j];
1998 if (is_zero_addr(&(*return_iplist)[*return_count].ss)) {
1999 continue;
2000 }
2001 (*return_count)++;
2002 /* Should never happen, but still... */
2003 if (*return_count>=numaddrs) {
2004 break;
2005 }
2006 }
2007 }
2008 }
2009
2010 talloc_destroy(ctx);
2011 return NT_STATUS_OK;
2012}
2013
2014/*******************************************************************
2015 Internal interface to resolve a name into an IP address.
2016 Use this function if the string is either an IP address, DNS
2017 or host name or NetBIOS name. This uses the name switch in the
2018 smb.conf to determine the order of name resolution.
2019
2020 Added support for ip addr/port to support ADS ldap servers.
2021 the only place we currently care about the port is in the
2022 resolve_hosts() when looking up DC's via SRV RR entries in DNS
2023**********************************************************************/
2024
2025NTSTATUS internal_resolve_name(const char *name,
2026 int name_type,
2027 const char *sitename,
2028 struct ip_service **return_iplist,
2029 int *return_count,
2030 const char *resolve_order)
2031{
2032 char *tok;
2033 const char *ptr;
2034 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
2035 int i;
2036 TALLOC_CTX *frame = NULL;
2037
2038 *return_iplist = NULL;
2039 *return_count = 0;
2040
2041 DEBUG(10, ("internal_resolve_name: looking up %s#%x (sitename %s)\n",
2042 name, name_type, sitename ? sitename : "(null)"));
2043
2044 if (is_ipaddress(name)) {
2045 if ((*return_iplist = SMB_MALLOC_P(struct ip_service)) ==
2046 NULL) {
2047 DEBUG(0,("internal_resolve_name: malloc fail !\n"));
2048 return NT_STATUS_NO_MEMORY;
2049 }
2050
2051 /* ignore the port here */
2052 (*return_iplist)->port = PORT_NONE;
2053
2054 /* if it's in the form of an IP address then get the lib to interpret it */
2055 if (!interpret_string_addr(&(*return_iplist)->ss,
2056 name, AI_NUMERICHOST)) {
2057 DEBUG(1,("internal_resolve_name: interpret_string_addr "
2058 "failed on %s\n",
2059 name));
2060 SAFE_FREE(*return_iplist);
2061 return NT_STATUS_INVALID_PARAMETER;
2062 }
2063 if (is_zero_addr(&(*return_iplist)->ss)) {
2064 SAFE_FREE(*return_iplist);
2065 return NT_STATUS_UNSUCCESSFUL;
2066 }
2067 *return_count = 1;
2068 return NT_STATUS_OK;
2069 }
2070
2071 /* Check name cache */
2072
2073 if (namecache_fetch(name, name_type, return_iplist, return_count)) {
2074 *return_count = remove_duplicate_addrs2(*return_iplist,
2075 *return_count );
2076 /* This could be a negative response */
2077 if (*return_count > 0) {
2078 return NT_STATUS_OK;
2079 } else {
2080 return NT_STATUS_UNSUCCESSFUL;
2081 }
2082 }
2083
2084 /* set the name resolution order */
2085
2086 if (strcmp( resolve_order, "NULL") == 0) {
2087 DEBUG(8,("internal_resolve_name: all lookups disabled\n"));
2088 return NT_STATUS_INVALID_PARAMETER;
2089 }
2090
2091 if (!resolve_order[0]) {
2092 ptr = "host";
2093 } else {
2094 ptr = resolve_order;
2095 }
2096
2097 /* iterate through the name resolution backends */
2098
2099 frame = talloc_stackframe();
2100 while (next_token_talloc(frame, &ptr, &tok, LIST_SEP)) {
2101 if((strequal(tok, "host") || strequal(tok, "hosts"))) {
2102 status = resolve_hosts(name, name_type, return_iplist,
2103 return_count);
2104 if (NT_STATUS_IS_OK(status)) {
2105 goto done;
2106 }
2107 } else if(strequal( tok, "kdc")) {
2108 /* deal with KDC_NAME_TYPE names here.
2109 * This will result in a SRV record lookup */
2110 status = resolve_ads(name, KDC_NAME_TYPE, sitename,
2111 return_iplist, return_count);
2112 if (NT_STATUS_IS_OK(status)) {
2113 /* Ensure we don't namecache
2114 * this with the KDC port. */
2115 name_type = KDC_NAME_TYPE;
2116 goto done;
2117 }
2118 } else if(strequal( tok, "ads")) {
2119 /* deal with 0x1c and 0x1b names here.
2120 * This will result in a SRV record lookup */
2121 status = resolve_ads(name, name_type, sitename,
2122 return_iplist, return_count);
2123 if (NT_STATUS_IS_OK(status)) {
2124 goto done;
2125 }
2126 } else if(strequal( tok, "lmhosts")) {
2127 status = resolve_lmhosts(name, name_type,
2128 return_iplist, return_count);
2129 if (NT_STATUS_IS_OK(status)) {
2130 goto done;
2131 }
2132 } else if(strequal( tok, "wins")) {
2133 /* don't resolve 1D via WINS */
2134 if (name_type != 0x1D) {
2135 status = resolve_wins(name, name_type,
2136 return_iplist,
2137 return_count);
2138 if (NT_STATUS_IS_OK(status)) {
2139 goto done;
2140 }
2141 }
2142 } else if(strequal( tok, "bcast")) {
2143 struct sockaddr_storage *ss_list;
2144 status = name_resolve_bcast(
2145 name, name_type, talloc_tos(),
2146 &ss_list, return_count);
2147 if (NT_STATUS_IS_OK(status)) {
2148 if (!convert_ss2service(return_iplist,
2149 ss_list,
2150 return_count)) {
2151 status = NT_STATUS_NO_MEMORY;
2152 }
2153 goto done;
2154 }
2155 } else {
2156 DEBUG(0,("resolve_name: unknown name switch type %s\n",
2157 tok));
2158 }
2159 }
2160
2161 /* All of the resolve_* functions above have returned false. */
2162
2163 TALLOC_FREE(frame);
2164 SAFE_FREE(*return_iplist);
2165 *return_count = 0;
2166
2167 return NT_STATUS_UNSUCCESSFUL;
2168
2169 done:
2170
2171 /* Remove duplicate entries. Some queries, notably #1c (domain
2172 controllers) return the PDC in iplist[0] and then all domain
2173 controllers including the PDC in iplist[1..n]. Iterating over
2174 the iplist when the PDC is down will cause two sets of timeouts. */
2175
2176 *return_count = remove_duplicate_addrs2(*return_iplist, *return_count );
2177
2178 /* Save in name cache */
2179 if ( DEBUGLEVEL >= 100 ) {
2180 for (i = 0; i < *return_count && DEBUGLEVEL == 100; i++) {
2181 char addr[INET6_ADDRSTRLEN];
2182 print_sockaddr(addr, sizeof(addr),
2183 &(*return_iplist)[i].ss);
2184 DEBUG(100, ("Storing name %s of type %d (%s:%d)\n",
2185 name,
2186 name_type,
2187 addr,
2188 (*return_iplist)[i].port));
2189 }
2190 }
2191
2192 if (*return_count) {
2193 namecache_store(name, name_type, *return_count, *return_iplist);
2194 }
2195
2196 /* Display some debugging info */
2197
2198 if ( DEBUGLEVEL >= 10 ) {
2199 DEBUG(10, ("internal_resolve_name: returning %d addresses: ",
2200 *return_count));
2201
2202 for (i = 0; i < *return_count; i++) {
2203 char addr[INET6_ADDRSTRLEN];
2204 print_sockaddr(addr, sizeof(addr),
2205 &(*return_iplist)[i].ss);
2206 DEBUGADD(10, ("%s:%d ",
2207 addr,
2208 (*return_iplist)[i].port));
2209 }
2210 DEBUG(10, ("\n"));
2211 }
2212
2213 TALLOC_FREE(frame);
2214 return status;
2215}
2216
2217/********************************************************
2218 Internal interface to resolve a name into one IP address.
2219 Use this function if the string is either an IP address, DNS
2220 or host name or NetBIOS name. This uses the name switch in the
2221 smb.conf to determine the order of name resolution.
2222*********************************************************/
2223
2224bool resolve_name(const char *name,
2225 struct sockaddr_storage *return_ss,
2226 int name_type,
2227 bool prefer_ipv4)
2228{
2229 struct ip_service *ss_list = NULL;
2230 char *sitename = NULL;
2231 int count = 0;
2232
2233 if (is_ipaddress(name)) {
2234 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2235 }
2236
2237 sitename = sitename_fetch(lp_realm()); /* wild guess */
2238
2239 if (NT_STATUS_IS_OK(internal_resolve_name(name, name_type, sitename,
2240 &ss_list, &count,
2241 lp_name_resolve_order()))) {
2242 int i;
2243
2244 if (prefer_ipv4) {
2245 for (i=0; i<count; i++) {
2246 if (!is_zero_addr(&ss_list[i].ss) &&
2247 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss) &&
2248 (ss_list[i].ss.ss_family == AF_INET)) {
2249 *return_ss = ss_list[i].ss;
2250 SAFE_FREE(ss_list);
2251 SAFE_FREE(sitename);
2252 return True;
2253 }
2254 }
2255 }
2256
2257 /* only return valid addresses for TCP connections */
2258 for (i=0; i<count; i++) {
2259 if (!is_zero_addr(&ss_list[i].ss) &&
2260 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2261 *return_ss = ss_list[i].ss;
2262 SAFE_FREE(ss_list);
2263 SAFE_FREE(sitename);
2264 return True;
2265 }
2266 }
2267 }
2268
2269 SAFE_FREE(ss_list);
2270 SAFE_FREE(sitename);
2271 return False;
2272}
2273
2274/********************************************************
2275 Internal interface to resolve a name into a list of IP addresses.
2276 Use this function if the string is either an IP address, DNS
2277 or host name or NetBIOS name. This uses the name switch in the
2278 smb.conf to determine the order of name resolution.
2279*********************************************************/
2280
2281NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
2282 const char *name,
2283 int name_type,
2284 struct sockaddr_storage **return_ss_arr,
2285 unsigned int *p_num_entries)
2286{
2287 struct ip_service *ss_list = NULL;
2288 char *sitename = NULL;
2289 int count = 0;
2290 int i;
2291 unsigned int num_entries;
2292 NTSTATUS status;
2293
2294 *p_num_entries = 0;
2295 *return_ss_arr = NULL;
2296
2297 if (is_ipaddress(name)) {
2298 *return_ss_arr = TALLOC_P(ctx, struct sockaddr_storage);
2299 if (!*return_ss_arr) {
2300 return NT_STATUS_NO_MEMORY;
2301 }
2302 if (!interpret_string_addr(*return_ss_arr, name, AI_NUMERICHOST)) {
2303 TALLOC_FREE(*return_ss_arr);
2304 return NT_STATUS_BAD_NETWORK_NAME;
2305 }
2306 *p_num_entries = 1;
2307 return NT_STATUS_OK;
2308 }
2309
2310 sitename = sitename_fetch(lp_realm()); /* wild guess */
2311
2312 status = internal_resolve_name(name, name_type, sitename,
2313 &ss_list, &count,
2314 lp_name_resolve_order());
2315 SAFE_FREE(sitename);
2316
2317 if (!NT_STATUS_IS_OK(status)) {
2318 return status;
2319 }
2320
2321 /* only return valid addresses for TCP connections */
2322 for (i=0, num_entries = 0; i<count; i++) {
2323 if (!is_zero_addr(&ss_list[i].ss) &&
2324 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2325 num_entries++;
2326 }
2327 }
2328 if (num_entries == 0) {
2329 SAFE_FREE(ss_list);
2330 return NT_STATUS_BAD_NETWORK_NAME;
2331 }
2332
2333 *return_ss_arr = TALLOC_ARRAY(ctx,
2334 struct sockaddr_storage,
2335 num_entries);
2336 if (!(*return_ss_arr)) {
2337 SAFE_FREE(ss_list);
2338 return NT_STATUS_NO_MEMORY;
2339 }
2340
2341 for (i=0, num_entries = 0; i<count; i++) {
2342 if (!is_zero_addr(&ss_list[i].ss) &&
2343 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2344 (*return_ss_arr)[num_entries++] = ss_list[i].ss;
2345 }
2346 }
2347
2348 status = NT_STATUS_OK;
2349 *p_num_entries = num_entries;
2350
2351 SAFE_FREE(ss_list);
2352 return NT_STATUS_OK;
2353}
2354
2355/********************************************************
2356 Find the IP address of the master browser or DMB for a workgroup.
2357*********************************************************/
2358
2359bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
2360{
2361 struct ip_service *ip_list = NULL;
2362 int count = 0;
2363 NTSTATUS status;
2364
2365 if (lp_disable_netbios()) {
2366 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
2367 return false;
2368 }
2369
2370 status = internal_resolve_name(group, 0x1D, NULL, &ip_list, &count,
2371 lp_name_resolve_order());
2372 if (NT_STATUS_IS_OK(status)) {
2373 *master_ss = ip_list[0].ss;
2374 SAFE_FREE(ip_list);
2375 return true;
2376 }
2377
2378 status = internal_resolve_name(group, 0x1B, NULL, &ip_list, &count,
2379 lp_name_resolve_order());
2380 if (NT_STATUS_IS_OK(status)) {
2381 *master_ss = ip_list[0].ss;
2382 SAFE_FREE(ip_list);
2383 return true;
2384 }
2385
2386 SAFE_FREE(ip_list);
2387 return false;
2388}
2389
2390/********************************************************
2391 Get the IP address list of the primary domain controller
2392 for a domain.
2393*********************************************************/
2394
2395bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
2396{
2397 struct ip_service *ip_list = NULL;
2398 int count = 0;
2399 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
2400
2401 /* Look up #1B name */
2402
2403 if (lp_security() == SEC_ADS) {
2404 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2405 &count, "ads");
2406 }
2407
2408 if (!NT_STATUS_IS_OK(status) || count == 0) {
2409 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2410 &count,
2411 lp_name_resolve_order());
2412 if (!NT_STATUS_IS_OK(status)) {
2413 return false;
2414 }
2415 }
2416
2417 /* if we get more than 1 IP back we have to assume it is a
2418 multi-homed PDC and not a mess up */
2419
2420 if ( count > 1 ) {
2421 DEBUG(6,("get_pdc_ip: PDC has %d IP addresses!\n", count));
2422 sort_service_list(ip_list, count);
2423 }
2424
2425 *pss = ip_list[0].ss;
2426 SAFE_FREE(ip_list);
2427 return true;
2428}
2429
2430/* Private enum type for lookups. */
2431
2432enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
2433
2434/********************************************************
2435 Get the IP address list of the domain controllers for
2436 a domain.
2437*********************************************************/
2438
2439static NTSTATUS get_dc_list(const char *domain,
2440 const char *sitename,
2441 struct ip_service **ip_list,
2442 int *count,
2443 enum dc_lookup_type lookup_type,
2444 bool *ordered)
2445{
2446 char *resolve_order = NULL;
2447 char *saf_servername = NULL;
2448 char *pserver = NULL;
2449 const char *p;
2450 char *port_str = NULL;
2451 int port;
2452 char *name;
2453 int num_addresses = 0;
2454 int local_count, i, j;
2455 struct ip_service *return_iplist = NULL;
2456 struct ip_service *auto_ip_list = NULL;
2457 bool done_auto_lookup = false;
2458 int auto_count = 0;
2459 NTSTATUS status;
2460 TALLOC_CTX *ctx = talloc_init("get_dc_list");
2461
2462 *ip_list = NULL;
2463 *count = 0;
2464
2465 if (!ctx) {
2466 return NT_STATUS_NO_MEMORY;
2467 }
2468
2469 *ordered = False;
2470
2471 /* if we are restricted to solely using DNS for looking
2472 up a domain controller, make sure that host lookups
2473 are enabled for the 'name resolve order'. If host lookups
2474 are disabled and ads_only is True, then set the string to
2475 NULL. */
2476
2477 resolve_order = talloc_strdup(ctx, lp_name_resolve_order());
2478 if (!resolve_order) {
2479 status = NT_STATUS_NO_MEMORY;
2480 goto out;
2481 }
2482 strlower_m(resolve_order);
2483 if (lookup_type == DC_ADS_ONLY) {
2484 if (strstr( resolve_order, "host")) {
2485 resolve_order = talloc_strdup(ctx, "ads");
2486
2487 /* DNS SRV lookups used by the ads resolver
2488 are already sorted by priority and weight */
2489 *ordered = true;
2490 } else {
2491 resolve_order = talloc_strdup(ctx, "NULL");
2492 }
2493 } else if (lookup_type == DC_KDC_ONLY) {
2494 /* DNS SRV lookups used by the ads/kdc resolver
2495 are already sorted by priority and weight */
2496 *ordered = true;
2497 resolve_order = talloc_strdup(ctx, "kdc");
2498 }
2499 if (!resolve_order) {
2500 status = NT_STATUS_NO_MEMORY;
2501 goto out;
2502 }
2503
2504 /* fetch the server we have affinity for. Add the
2505 'password server' list to a search for our domain controllers */
2506
2507 saf_servername = saf_fetch( domain);
2508
2509 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
2510 pserver = talloc_asprintf(ctx, "%s, %s",
2511 saf_servername ? saf_servername : "",
2512 lp_passwordserver());
2513 } else {
2514 pserver = talloc_asprintf(ctx, "%s, *",
2515 saf_servername ? saf_servername : "");
2516 }
2517
2518 SAFE_FREE(saf_servername);
2519 if (!pserver) {
2520 status = NT_STATUS_NO_MEMORY;
2521 goto out;
2522 }
2523
2524 /* if we are starting from scratch, just lookup DOMAIN<0x1c> */
2525
2526 if (!*pserver ) {
2527 DEBUG(10,("get_dc_list: no preferred domain controllers.\n"));
2528 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2529 count, resolve_order);
2530 goto out;
2531 }
2532
2533 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
2534
2535 /*
2536 * if '*' appears in the "password server" list then add
2537 * an auto lookup to the list of manually configured
2538 * DC's. If any DC is listed by name, then the list should be
2539 * considered to be ordered
2540 */
2541
2542 p = pserver;
2543 while (next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2544 if (!done_auto_lookup && strequal(name, "*")) {
2545 status = internal_resolve_name(domain, 0x1C, sitename,
2546 &auto_ip_list,
2547 &auto_count,
2548 resolve_order);
2549 if (NT_STATUS_IS_OK(status)) {
2550 num_addresses += auto_count;
2551 }
2552 done_auto_lookup = true;
2553 DEBUG(8,("Adding %d DC's from auto lookup\n",
2554 auto_count));
2555 } else {
2556 num_addresses++;
2557 }
2558 }
2559
2560 /* if we have no addresses and haven't done the auto lookup, then
2561 just return the list of DC's. Or maybe we just failed. */
2562
2563 if ((num_addresses == 0)) {
2564 if (done_auto_lookup) {
2565 DEBUG(4,("get_dc_list: no servers found\n"));
2566 status = NT_STATUS_NO_LOGON_SERVERS;
2567 goto out;
2568 }
2569 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2570 count, resolve_order);
2571 goto out;
2572 }
2573
2574 if ((return_iplist = SMB_MALLOC_ARRAY(struct ip_service,
2575 num_addresses)) == NULL) {
2576 DEBUG(3,("get_dc_list: malloc fail !\n"));
2577 status = NT_STATUS_NO_MEMORY;
2578 goto out;
2579 }
2580
2581 p = pserver;
2582 local_count = 0;
2583
2584 /* fill in the return list now with real IP's */
2585
2586 while ((local_count<num_addresses) &&
2587 next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2588 struct sockaddr_storage name_ss;
2589
2590 /* copy any addersses from the auto lookup */
2591
2592 if (strequal(name, "*")) {
2593 for (j=0; j<auto_count; j++) {
2594 char addr[INET6_ADDRSTRLEN];
2595 print_sockaddr(addr,
2596 sizeof(addr),
2597 &auto_ip_list[j].ss);
2598 /* Check for and don't copy any
2599 * known bad DC IP's. */
2600 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
2601 domain,
2602 addr))) {
2603 DEBUG(5,("get_dc_list: "
2604 "negative entry %s removed "
2605 "from DC list\n",
2606 addr));
2607 continue;
2608 }
2609 return_iplist[local_count].ss =
2610 auto_ip_list[j].ss;
2611 return_iplist[local_count].port =
2612 auto_ip_list[j].port;
2613 local_count++;
2614 }
2615 continue;
2616 }
2617
2618 /* added support for address:port syntax for ads
2619 * (not that I think anyone will ever run the LDAP
2620 * server in an AD domain on something other than
2621 * port 389 */
2622
2623 port = (lp_security() == SEC_ADS) ? LDAP_PORT : PORT_NONE;
2624 if ((port_str=strchr(name, ':')) != NULL) {
2625 *port_str = '\0';
2626 port_str++;
2627 port = atoi(port_str);
2628 }
2629
2630 /* explicit lookup; resolve_name() will
2631 * handle names & IP addresses */
2632 if (resolve_name( name, &name_ss, 0x20, true )) {
2633 char addr[INET6_ADDRSTRLEN];
2634 print_sockaddr(addr,
2635 sizeof(addr),
2636 &name_ss);
2637
2638 /* Check for and don't copy any known bad DC IP's. */
2639 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
2640 addr)) ) {
2641 DEBUG(5,("get_dc_list: negative entry %s "
2642 "removed from DC list\n",
2643 name ));
2644 continue;
2645 }
2646
2647 return_iplist[local_count].ss = name_ss;
2648 return_iplist[local_count].port = port;
2649 local_count++;
2650 *ordered = true;
2651 }
2652 }
2653
2654 /* need to remove duplicates in the list if we have any
2655 explicit password servers */
2656
2657 local_count = remove_duplicate_addrs2(return_iplist, local_count );
2658
2659 /* For DC's we always prioritize IPv4 due to W2K3 not
2660 * supporting LDAP, KRB5 or CLDAP over IPv6. */
2661
2662 if (local_count && return_iplist) {
2663 prioritize_ipv4_list(return_iplist, local_count);
2664 }
2665
2666 if ( DEBUGLEVEL >= 4 ) {
2667 DEBUG(4,("get_dc_list: returning %d ip addresses "
2668 "in an %sordered list\n",
2669 local_count,
2670 *ordered ? "":"un"));
2671 DEBUG(4,("get_dc_list: "));
2672 for ( i=0; i<local_count; i++ ) {
2673 char addr[INET6_ADDRSTRLEN];
2674 print_sockaddr(addr,
2675 sizeof(addr),
2676 &return_iplist[i].ss);
2677 DEBUGADD(4,("%s:%d ", addr, return_iplist[i].port ));
2678 }
2679 DEBUGADD(4,("\n"));
2680 }
2681
2682 *ip_list = return_iplist;
2683 *count = local_count;
2684
2685 status = ( *count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS );
2686
2687 out:
2688
2689 if (!NT_STATUS_IS_OK(status)) {
2690 SAFE_FREE(return_iplist);
2691 *ip_list = NULL;
2692 *count = 0;
2693 }
2694
2695 SAFE_FREE(auto_ip_list);
2696 TALLOC_FREE(ctx);
2697 return status;
2698}
2699
2700/*********************************************************************
2701 Small wrapper function to get the DC list and sort it if neccessary.
2702*********************************************************************/
2703
2704NTSTATUS get_sorted_dc_list( const char *domain,
2705 const char *sitename,
2706 struct ip_service **ip_list,
2707 int *count,
2708 bool ads_only )
2709{
2710 bool ordered = false;
2711 NTSTATUS status;
2712 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
2713
2714 *ip_list = NULL;
2715 *count = 0;
2716
2717 DEBUG(8,("get_sorted_dc_list: attempting lookup "
2718 "for name %s (sitename %s) using [%s]\n",
2719 domain,
2720 sitename ? sitename : "NULL",
2721 (ads_only ? "ads" : lp_name_resolve_order())));
2722
2723 if (ads_only) {
2724 lookup_type = DC_ADS_ONLY;
2725 }
2726
2727 status = get_dc_list(domain, sitename, ip_list,
2728 count, lookup_type, &ordered);
2729 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
2730 && sitename) {
2731 DEBUG(3,("get_sorted_dc_list: no server for name %s available"
2732 " in site %s, fallback to all servers\n",
2733 domain, sitename));
2734 status = get_dc_list(domain, NULL, ip_list,
2735 count, lookup_type, &ordered);
2736 }
2737
2738 if (!NT_STATUS_IS_OK(status)) {
2739 SAFE_FREE(*ip_list);
2740 *count = 0;
2741 return status;
2742 }
2743
2744 /* only sort if we don't already have an ordered list */
2745 if (!ordered) {
2746 sort_service_list(*ip_list, *count);
2747 }
2748
2749 return NT_STATUS_OK;
2750}
2751
2752/*********************************************************************
2753 Get the KDC list - re-use all the logic in get_dc_list.
2754*********************************************************************/
2755
2756NTSTATUS get_kdc_list( const char *realm,
2757 const char *sitename,
2758 struct ip_service **ip_list,
2759 int *count)
2760{
2761 bool ordered;
2762 NTSTATUS status;
2763
2764 *count = 0;
2765 *ip_list = NULL;
2766
2767 status = get_dc_list(realm, sitename, ip_list,
2768 count, DC_KDC_ONLY, &ordered);
2769
2770 if (!NT_STATUS_IS_OK(status)) {
2771 SAFE_FREE(*ip_list);
2772 *count = 0;
2773 return status;
2774 }
2775
2776 /* only sort if we don't already have an ordered list */
2777 if ( !ordered ) {
2778 sort_service_list(*ip_list, *count);
2779 }
2780
2781 return NT_STATUS_OK;
2782}
Note: See TracBrowser for help on using the repository browser.