source: trunk/server/source3/libsmb/namequery.c@ 745

Last change on this file since 745 was 745, checked in by Silvan Scherrer, 13 years ago

Samba Server: updated trunk to 3.6.0
File size: 69.7 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 name query routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19*/
20
21#include "includes.h"
22#include "../lib/util/tevent_ntstatus.h"
23#include "libads/sitename_cache.h"
24#include "libads/dns.h"
25#include "../libcli/netlogon/netlogon.h"
26#include "lib/async_req/async_sock.h"
27#include "libsmb/nmblib.h"
28
29/* nmbd.c sets this to True. */
30bool global_in_nmbd = False;
31
32/****************************
33 * SERVER AFFINITY ROUTINES *
34 ****************************/
35
36 /* Server affinity is the concept of preferring the last domain
37 controller with whom you had a successful conversation */
38
39/****************************************************************************
40****************************************************************************/
41#define SAFKEY_FMT "SAF/DOMAIN/%s"
42#define SAF_TTL 900
43#define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
44#define SAFJOIN_TTL 3600
45
46static char *saf_key(const char *domain)
47{
48 char *keystr;
49
50 asprintf_strupper_m(&keystr, SAFKEY_FMT, domain);
51
52 return keystr;
53}
54
55static char *saf_join_key(const char *domain)
56{
57 char *keystr;
58
59 asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain);
60
61 return keystr;
62}
63
64/****************************************************************************
65****************************************************************************/
66
67bool saf_store( const char *domain, const char *servername )
68{
69 char *key;
70 time_t expire;
71 bool ret = False;
72
73 if ( !domain || !servername ) {
74 DEBUG(2,("saf_store: "
75 "Refusing to store empty domain or servername!\n"));
76 return False;
77 }
78
79 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
80 DEBUG(0,("saf_store: "
81 "refusing to store 0 length domain or servername!\n"));
82 return False;
83 }
84
85 key = saf_key( domain );
86 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
87
88 DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n",
89 domain, servername, (unsigned int)expire ));
90
91 ret = gencache_set( key, servername, expire );
92
93 SAFE_FREE( key );
94
95 return ret;
96}
97
98bool saf_join_store( const char *domain, const char *servername )
99{
100 char *key;
101 time_t expire;
102 bool ret = False;
103
104 if ( !domain || !servername ) {
105 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
106 return False;
107 }
108
109 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
110 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
111 return False;
112 }
113
114 key = saf_join_key( domain );
115 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
116
117 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
118 domain, servername, (unsigned int)expire ));
119
120 ret = gencache_set( key, servername, expire );
121
122 SAFE_FREE( key );
123
124 return ret;
125}
126
127bool saf_delete( const char *domain )
128{
129 char *key;
130 bool ret = False;
131
132 if ( !domain ) {
133 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
134 return False;
135 }
136
137 key = saf_join_key(domain);
138 ret = gencache_del(key);
139 SAFE_FREE(key);
140
141 if (ret) {
142 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
143 }
144
145 key = saf_key(domain);
146 ret = gencache_del(key);
147 SAFE_FREE(key);
148
149 if (ret) {
150 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
151 }
152
153 return ret;
154}
155
156/****************************************************************************
157****************************************************************************/
158
159char *saf_fetch( const char *domain )
160{
161 char *server = NULL;
162 time_t timeout;
163 bool ret = False;
164 char *key = NULL;
165
166 if ( !domain || strlen(domain) == 0) {
167 DEBUG(2,("saf_fetch: Empty domain name!\n"));
168 return NULL;
169 }
170
171 key = saf_join_key( domain );
172
173 ret = gencache_get( key, &server, &timeout );
174
175 SAFE_FREE( key );
176
177 if ( ret ) {
178 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
179 server, domain ));
180 return server;
181 }
182
183 key = saf_key( domain );
184
185 ret = gencache_get( key, &server, &timeout );
186
187 SAFE_FREE( key );
188
189 if ( !ret ) {
190 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
191 domain ));
192 } else {
193 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
194 server, domain ));
195 }
196
197 return server;
198}
199
200/****************************************************************************
201 Generate a random trn_id.
202****************************************************************************/
203
204static int generate_trn_id(void)
205{
206 uint16 id;
207
208 generate_random_buffer((uint8 *)&id, sizeof(id));
209
210 return id % (unsigned)0x7FFF;
211}
212
213/****************************************************************************
214 Parse a node status response into an array of structures.
215****************************************************************************/
216
217static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx, char *p,
218 int *num_names,
219 struct node_status_extra *extra)
220{
221 struct node_status *ret;
222 int i;
223
224 *num_names = CVAL(p,0);
225
226 if (*num_names == 0)
227 return NULL;
228
229 ret = TALLOC_ARRAY(mem_ctx, struct node_status,*num_names);
230 if (!ret)
231 return NULL;
232
233 p++;
234 for (i=0;i< *num_names;i++) {
235 StrnCpy(ret[i].name,p,15);
236 trim_char(ret[i].name,'\0',' ');
237 ret[i].type = CVAL(p,15);
238 ret[i].flags = p[16];
239 p += 18;
240 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
241 ret[i].type, ret[i].flags));
242 }
243 /*
244 * Also, pick up the MAC address ...
245 */
246 if (extra) {
247 memcpy(&extra->mac_addr, p, 6); /* Fill in the mac addr */
248 }
249 return ret;
250}
251
252struct sock_packet_read_state {
253 struct tevent_context *ev;
254 enum packet_type type;
255 int trn_id;
256
257 struct nb_packet_reader *reader;
258 struct tevent_req *reader_req;
259
260 int sock;
261 struct tevent_req *socket_req;
262 uint8_t buf[1024];
263 struct sockaddr_storage addr;
264 socklen_t addr_len;
265
266 bool (*validator)(struct packet_struct *p,
267 void *private_data);
268 void *private_data;
269
270 struct packet_struct *packet;
271};
272
273static int sock_packet_read_state_destructor(struct sock_packet_read_state *s);
274static void sock_packet_read_got_packet(struct tevent_req *subreq);
275static void sock_packet_read_got_socket(struct tevent_req *subreq);
276
277static struct tevent_req *sock_packet_read_send(
278 TALLOC_CTX *mem_ctx,
279 struct tevent_context *ev,
280 int sock, /* dgram socket */
281 struct nb_packet_reader *reader,
282 enum packet_type type,
283 int trn_id,
284 bool (*validator)(struct packet_struct *p, void *private_data),
285 void *private_data)
286{
287 struct tevent_req *req;
288 struct sock_packet_read_state *state;
289
290 req = tevent_req_create(mem_ctx, &state,
291 struct sock_packet_read_state);
292 if (req == NULL) {
293 return NULL;
294 }
295 talloc_set_destructor(state, sock_packet_read_state_destructor);
296 state->ev = ev;
297 state->reader = reader;
298 state->sock = sock;
299 state->type = type;
300 state->trn_id = trn_id;
301 state->validator = validator;
302 state->private_data = private_data;
303
304 if (reader != NULL) {
305 state->reader_req = nb_packet_read_send(state, ev, reader);
306 if (tevent_req_nomem(state->reader_req, req)) {
307 return tevent_req_post(req, ev);
308 }
309 tevent_req_set_callback(
310 state->reader_req, sock_packet_read_got_packet, req);
311 }
312
313 state->addr_len = sizeof(state->addr);
314 state->socket_req = recvfrom_send(state, ev, sock,
315 state->buf, sizeof(state->buf), 0,
316 &state->addr, &state->addr_len);
317 if (tevent_req_nomem(state->socket_req, req)) {
318 return tevent_req_post(req, ev);
319 }
320 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
321 req);
322
323 return req;
324}
325
326static int sock_packet_read_state_destructor(struct sock_packet_read_state *s)
327{
328 if (s->packet != NULL) {
329 free_packet(s->packet);
330 s->packet = NULL;
331 }
332 return 0;
333}
334
335static void sock_packet_read_got_packet(struct tevent_req *subreq)
336{
337 struct tevent_req *req = tevent_req_callback_data(
338 subreq, struct tevent_req);
339 struct sock_packet_read_state *state = tevent_req_data(
340 req, struct sock_packet_read_state);
341 NTSTATUS status;
342
343 status = nb_packet_read_recv(subreq, &state->packet);
344
345 TALLOC_FREE(state->reader_req);
346
347 if (!NT_STATUS_IS_OK(status)) {
348 if (state->socket_req != NULL) {
349 /*
350 * Still waiting for socket
351 */
352 return;
353 }
354 /*
355 * Both socket and packet reader failed
356 */
357 tevent_req_nterror(req, status);
358 return;
359 }
360
361 if ((state->validator != NULL) &&
362 !state->validator(state->packet, state->private_data)) {
363 DEBUG(10, ("validator failed\n"));
364
365 free_packet(state->packet);
366 state->packet = NULL;
367
368 state->reader_req = nb_packet_read_send(state, state->ev,
369 state->reader);
370 if (tevent_req_nomem(state->reader_req, req)) {
371 return;
372 }
373 tevent_req_set_callback(
374 state->reader_req, sock_packet_read_got_packet, req);
375 return;
376 }
377
378 TALLOC_FREE(state->socket_req);
379 tevent_req_done(req);
380}
381
382static void sock_packet_read_got_socket(struct tevent_req *subreq)
383{
384 struct tevent_req *req = tevent_req_callback_data(
385 subreq, struct tevent_req);
386 struct sock_packet_read_state *state = tevent_req_data(
387 req, struct sock_packet_read_state);
388 struct sockaddr_in *in_addr;
389 ssize_t received;
390 int err;
391
392 received = recvfrom_recv(subreq, &err);
393
394 TALLOC_FREE(state->socket_req);
395
396 if (received == -1) {
397 if (state->reader_req != NULL) {
398 /*
399 * Still waiting for reader
400 */
401 return;
402 }
403 /*
404 * Both socket and reader failed
405 */
406 tevent_req_nterror(req, map_nt_error_from_unix(err));
407 return;
408 }
409 if (state->addr.ss_family != AF_INET) {
410 goto retry;
411 }
412 in_addr = (struct sockaddr_in *)(void *)&state->addr;
413
414 state->packet = parse_packet((char *)state->buf, received, state->type,
415 in_addr->sin_addr, in_addr->sin_port);
416 if (state->packet == NULL) {
417 DEBUG(10, ("parse_packet failed\n"));
418 goto retry;
419 }
420 if ((state->trn_id != -1) &&
421 (state->trn_id != packet_trn_id(state->packet))) {
422 DEBUG(10, ("Expected transaction id %d, got %d\n",
423 state->trn_id, packet_trn_id(state->packet)));
424 goto retry;
425 }
426
427 if ((state->validator != NULL) &&
428 !state->validator(state->packet, state->private_data)) {
429 DEBUG(10, ("validator failed\n"));
430 goto retry;
431 }
432
433 tevent_req_done(req);
434 return;
435
436retry:
437 if (state->packet != NULL) {
438 free_packet(state->packet);
439 state->packet = NULL;
440 }
441 state->socket_req = recvfrom_send(state, state->ev, state->sock,
442 state->buf, sizeof(state->buf), 0,
443 &state->addr, &state->addr_len);
444 if (tevent_req_nomem(state->socket_req, req)) {
445 return;
446 }
447 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
448 req);
449}
450
451static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
452 struct packet_struct **ppacket)
453{
454 struct sock_packet_read_state *state = tevent_req_data(
455 req, struct sock_packet_read_state);
456 NTSTATUS status;
457
458 if (tevent_req_is_nterror(req, &status)) {
459 return status;
460 }
461 *ppacket = state->packet;
462 state->packet = NULL;
463 return NT_STATUS_OK;
464}
465
466struct nb_trans_state {
467 struct tevent_context *ev;
468 int sock;
469 struct nb_packet_reader *reader;
470
471 const struct sockaddr_storage *dst_addr;
472 uint8_t *buf;
473 size_t buflen;
474 enum packet_type type;
475 int trn_id;
476
477 bool (*validator)(struct packet_struct *p,
478 void *private_data);
479 void *private_data;
480
481 struct packet_struct *packet;
482};
483
484static int nb_trans_state_destructor(struct nb_trans_state *s);
485static void nb_trans_got_reader(struct tevent_req *subreq);
486static void nb_trans_done(struct tevent_req *subreq);
487static void nb_trans_sent(struct tevent_req *subreq);
488static void nb_trans_send_next(struct tevent_req *subreq);
489
490static struct tevent_req *nb_trans_send(
491 TALLOC_CTX *mem_ctx,
492 struct tevent_context *ev,
493 const struct sockaddr_storage *my_addr,
494 const struct sockaddr_storage *dst_addr,
495 bool bcast,
496 uint8_t *buf, size_t buflen,
497 enum packet_type type, int trn_id,
498 bool (*validator)(struct packet_struct *p,
499 void *private_data),
500 void *private_data)
501{
502 struct tevent_req *req, *subreq;
503 struct nb_trans_state *state;
504
505 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
506 if (req == NULL) {
507 return NULL;
508 }
509 talloc_set_destructor(state, nb_trans_state_destructor);
510 state->ev = ev;
511 state->dst_addr = dst_addr;
512 state->buf = buf;
513 state->buflen = buflen;
514 state->type = type;
515 state->trn_id = trn_id;
516 state->validator = validator;
517 state->private_data = private_data;
518
519 state->sock = open_socket_in(SOCK_DGRAM, 0, 3, my_addr, True);
520 if (state->sock == -1) {
521 tevent_req_nterror(req, map_nt_error_from_unix(errno));
522 DEBUG(10, ("open_socket_in failed: %s\n", strerror(errno)));
523 return tevent_req_post(req, ev);
524 }
525
526 if (bcast) {
527 set_socket_options(state->sock,"SO_BROADCAST");
528 }
529
530 subreq = nb_packet_reader_send(state, ev, type, state->trn_id, NULL);
531 if (tevent_req_nomem(subreq, req)) {
532 return tevent_req_post(req, ev);
533 }
534 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
535 return req;
536}
537
538static int nb_trans_state_destructor(struct nb_trans_state *s)
539{
540 if (s->sock != -1) {
541 close(s->sock);
542 s->sock = -1;
543 }
544 if (s->packet != NULL) {
545 free_packet(s->packet);
546 s->packet = NULL;
547 }
548 return 0;
549}
550
551static void nb_trans_got_reader(struct tevent_req *subreq)
552{
553 struct tevent_req *req = tevent_req_callback_data(
554 subreq, struct tevent_req);
555 struct nb_trans_state *state = tevent_req_data(
556 req, struct nb_trans_state);
557 NTSTATUS status;
558
559 status = nb_packet_reader_recv(subreq, state, &state->reader);
560 TALLOC_FREE(subreq);
561
562 if (!NT_STATUS_IS_OK(status)) {
563 DEBUG(10, ("nmbd not around\n"));
564 state->reader = NULL;
565 }
566
567 subreq = sock_packet_read_send(
568 state, state->ev, state->sock,
569 state->reader, state->type, state->trn_id,
570 state->validator, state->private_data);
571 if (tevent_req_nomem(subreq, req)) {
572 return;
573 }
574 tevent_req_set_callback(subreq, nb_trans_done, req);
575
576 subreq = sendto_send(state, state->ev, state->sock,
577 state->buf, state->buflen, 0, state->dst_addr);
578 if (tevent_req_nomem(subreq, req)) {
579 return;
580 }
581 tevent_req_set_callback(subreq, nb_trans_sent, req);
582}
583
584static void nb_trans_sent(struct tevent_req *subreq)
585{
586 struct tevent_req *req = tevent_req_callback_data(
587 subreq, struct tevent_req);
588 struct nb_trans_state *state = tevent_req_data(
589 req, struct nb_trans_state);
590 ssize_t sent;
591 int err;
592
593 sent = sendto_recv(subreq, &err);
594 TALLOC_FREE(subreq);
595 if (sent == -1) {
596 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
597 tevent_req_nterror(req, map_nt_error_from_unix(err));
598 return;
599 }
600 subreq = tevent_wakeup_send(state, state->ev,
601 timeval_current_ofs(1, 0));
602 if (tevent_req_nomem(subreq, req)) {
603 return;
604 }
605 tevent_req_set_callback(subreq, nb_trans_send_next, req);
606}
607
608static void nb_trans_send_next(struct tevent_req *subreq)
609{
610 struct tevent_req *req = tevent_req_callback_data(
611 subreq, struct tevent_req);
612 struct nb_trans_state *state = tevent_req_data(
613 req, struct nb_trans_state);
614 bool ret;
615
616 ret = tevent_wakeup_recv(subreq);
617 TALLOC_FREE(subreq);
618 if (!ret) {
619 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
620 return;
621 }
622 subreq = sendto_send(state, state->ev, state->sock,
623 state->buf, state->buflen, 0, state->dst_addr);
624 if (tevent_req_nomem(subreq, req)) {
625 return;
626 }
627 tevent_req_set_callback(subreq, nb_trans_sent, req);
628}
629
630static void nb_trans_done(struct tevent_req *subreq)
631{
632 struct tevent_req *req = tevent_req_callback_data(
633 subreq, struct tevent_req);
634 struct nb_trans_state *state = tevent_req_data(
635 req, struct nb_trans_state);
636 NTSTATUS status;
637
638 status = sock_packet_read_recv(subreq, &state->packet);
639 TALLOC_FREE(subreq);
640 if (tevent_req_nterror(req, status)) {
641 return;
642 }
643 tevent_req_done(req);
644}
645
646static NTSTATUS nb_trans_recv(struct tevent_req *req,
647 struct packet_struct **ppacket)
648{
649 struct nb_trans_state *state = tevent_req_data(
650 req, struct nb_trans_state);
651 NTSTATUS status;
652
653 if (tevent_req_is_nterror(req, &status)) {
654 return status;
655 }
656 *ppacket = state->packet;
657 state->packet = NULL;
658 return NT_STATUS_OK;
659}
660
661/****************************************************************************
662 Do a NBT node status query on an open socket and return an array of
663 structures holding the returned names or NULL if the query failed.
664**************************************************************************/
665
666struct node_status_query_state {
667 struct sockaddr_storage my_addr;
668 struct sockaddr_storage addr;
669 uint8_t buf[1024];
670 ssize_t buflen;
671 struct packet_struct *packet;
672};
673
674static int node_status_query_state_destructor(
675 struct node_status_query_state *s);
676static bool node_status_query_validator(struct packet_struct *p,
677 void *private_data);
678static void node_status_query_done(struct tevent_req *subreq);
679
680struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
681 struct tevent_context *ev,
682 struct nmb_name *name,
683 const struct sockaddr_storage *addr)
684{
685 struct tevent_req *req, *subreq;
686 struct node_status_query_state *state;
687 struct packet_struct p;
688 struct nmb_packet *nmb = &p.packet.nmb;
689 struct sockaddr_in *in_addr;
690
691 req = tevent_req_create(mem_ctx, &state,
692 struct node_status_query_state);
693 if (req == NULL) {
694 return NULL;
695 }
696 talloc_set_destructor(state, node_status_query_state_destructor);
697
698 if (addr->ss_family != AF_INET) {
699 /* Can't do node status to IPv6 */
700 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
701 return tevent_req_post(req, ev);
702 }
703
704 state->addr = *addr;
705 in_addr = (struct sockaddr_in *)(void *)&state->addr;
706 in_addr->sin_port = htons(NMB_PORT);
707
708 if (!interpret_string_addr(&state->my_addr, lp_socket_address(),
709 AI_NUMERICHOST|AI_PASSIVE)) {
710 zero_sockaddr(&state->my_addr);
711 }
712
713 ZERO_STRUCT(p);
714 nmb->header.name_trn_id = generate_trn_id();
715 nmb->header.opcode = 0;
716 nmb->header.response = false;
717 nmb->header.nm_flags.bcast = false;
718 nmb->header.nm_flags.recursion_available = false;
719 nmb->header.nm_flags.recursion_desired = false;
720 nmb->header.nm_flags.trunc = false;
721 nmb->header.nm_flags.authoritative = false;
722 nmb->header.rcode = 0;
723 nmb->header.qdcount = 1;
724 nmb->header.ancount = 0;
725 nmb->header.nscount = 0;
726 nmb->header.arcount = 0;
727 nmb->question.question_name = *name;
728 nmb->question.question_type = 0x21;
729 nmb->question.question_class = 0x1;
730
731 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
732 &p);
733 if (state->buflen == 0) {
734 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
735 DEBUG(10, ("build_packet failed\n"));
736 return tevent_req_post(req, ev);
737 }
738
739 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, false,
740 state->buf, state->buflen,
741 NMB_PACKET, nmb->header.name_trn_id,
742 node_status_query_validator, NULL);
743 if (tevent_req_nomem(subreq, req)) {
744 DEBUG(10, ("nb_trans_send failed\n"));
745 return tevent_req_post(req, ev);
746 }
747 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
748 return tevent_req_post(req, ev);
749 }
750 tevent_req_set_callback(subreq, node_status_query_done, req);
751 return req;
752}
753
754static bool node_status_query_validator(struct packet_struct *p,
755 void *private_data)
756{
757 struct nmb_packet *nmb = &p->packet.nmb;
758 debug_nmb_packet(p);
759
760 if (nmb->header.opcode != 0 ||
761 nmb->header.nm_flags.bcast ||
762 nmb->header.rcode ||
763 !nmb->header.ancount ||
764 nmb->answers->rr_type != 0x21) {
765 /*
766 * XXXX what do we do with this? could be a redirect,
767 * but we'll discard it for the moment
768 */
769 return false;
770 }
771 return true;
772}
773
774static int node_status_query_state_destructor(
775 struct node_status_query_state *s)
776{
777 if (s->packet != NULL) {
778 free_packet(s->packet);
779 s->packet = NULL;
780 }
781 return 0;
782}
783
784static void node_status_query_done(struct tevent_req *subreq)
785{
786 struct tevent_req *req = tevent_req_callback_data(
787 subreq, struct tevent_req);
788 struct node_status_query_state *state = tevent_req_data(
789 req, struct node_status_query_state);
790 NTSTATUS status;
791
792 status = nb_trans_recv(subreq, &state->packet);
793 TALLOC_FREE(subreq);
794 if (tevent_req_nterror(req, status)) {
795 return;
796 }
797 tevent_req_done(req);
798}
799
800NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
801 struct node_status **pnode_status,
802 int *pnum_names,
803 struct node_status_extra *extra)
804{
805 struct node_status_query_state *state = tevent_req_data(
806 req, struct node_status_query_state);
807 struct node_status *node_status;
808 int num_names;
809 NTSTATUS status;
810
811 if (tevent_req_is_nterror(req, &status)) {
812 return status;
813 }
814 node_status = parse_node_status(
815 mem_ctx, &state->packet->packet.nmb.answers->rdata[0],
816 &num_names, extra);
817 if (node_status == NULL) {
818 return NT_STATUS_NO_MEMORY;
819 }
820 *pnode_status = node_status;
821 *pnum_names = num_names;
822 return NT_STATUS_OK;
823}
824
825NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
826 const struct sockaddr_storage *addr,
827 struct node_status **pnode_status,
828 int *pnum_names,
829 struct node_status_extra *extra)
830{
831 TALLOC_CTX *frame = talloc_stackframe();
832 struct tevent_context *ev;
833 struct tevent_req *req;
834 NTSTATUS status = NT_STATUS_NO_MEMORY;
835
836 ev = tevent_context_init(frame);
837 if (ev == NULL) {
838 goto fail;
839 }
840 req = node_status_query_send(ev, ev, name, addr);
841 if (req == NULL) {
842 goto fail;
843 }
844 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
845 goto fail;
846 }
847 status = node_status_query_recv(req, mem_ctx, pnode_status,
848 pnum_names, extra);
849 fail:
850 TALLOC_FREE(frame);
851 return status;
852}
853
854/****************************************************************************
855 Find the first type XX name in a node status reply - used for finding
856 a servers name given its IP. Return the matched name in *name.
857**************************************************************************/
858
859bool name_status_find(const char *q_name,
860 int q_type,
861 int type,
862 const struct sockaddr_storage *to_ss,
863 fstring name)
864{
865 char addr[INET6_ADDRSTRLEN];
866 struct sockaddr_storage ss;
867 struct node_status *addrs = NULL;
868 struct nmb_name nname;
869 int count, i;
870 bool result = false;
871 NTSTATUS status;
872
873 if (lp_disable_netbios()) {
874 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
875 q_name, q_type));
876 return False;
877 }
878
879 print_sockaddr(addr, sizeof(addr), to_ss);
880
881 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
882 q_type, addr));
883
884 /* Check the cache first. */
885
886 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
887 return True;
888 }
889
890 if (to_ss->ss_family != AF_INET) {
891 /* Can't do node status to IPv6 */
892 return false;
893 }
894
895 if (!interpret_string_addr(&ss, lp_socket_address(),
896 AI_NUMERICHOST|AI_PASSIVE)) {
897 zero_sockaddr(&ss);
898 }
899
900 /* W2K PDC's seem not to respond to '*'#0. JRA */
901 make_nmb_name(&nname, q_name, q_type);
902 status = node_status_query(talloc_tos(), &nname, to_ss,
903 &addrs, &count, NULL);
904 if (!NT_STATUS_IS_OK(status)) {
905 goto done;
906 }
907
908 for (i=0;i<count;i++) {
909 /* Find first one of the requested type that's not a GROUP. */
910 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
911 break;
912 }
913 if (i == count)
914 goto done;
915
916 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
917
918 /* Store the result in the cache. */
919 /* but don't store an entry for 0x1c names here. Here we have
920 a single host and DOMAIN<0x1c> names should be a list of hosts */
921
922 if ( q_type != 0x1c ) {
923 namecache_status_store(q_name, q_type, type, to_ss, name);
924 }
925
926 result = true;
927
928 done:
929 TALLOC_FREE(addrs);
930
931 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
932
933 if (result)
934 DEBUGADD(10, (", name %s ip address is %s", name, addr));
935
936 DEBUG(10, ("\n"));
937
938 return result;
939}
940
941/*
942 comparison function used by sort_addr_list
943*/
944
945static int addr_compare(const struct sockaddr_storage *ss1,
946 const struct sockaddr_storage *ss2)
947{
948 int max_bits1=0, max_bits2=0;
949 int num_interfaces = iface_count();
950 int i;
951
952 /* Sort IPv4 addresses first. */
953 if (ss1->ss_family != ss2->ss_family) {
954 if (ss2->ss_family == AF_INET) {
955 return 1;
956 } else {
957 return -1;
958 }
959 }
960
961 /* Here we know both addresses are of the same
962 * family. */
963
964 for (i=0;i<num_interfaces;i++) {
965 const struct sockaddr_storage *pss = iface_n_bcast(i);
966 unsigned char *p_ss1 = NULL;
967 unsigned char *p_ss2 = NULL;
968 unsigned char *p_if = NULL;
969 size_t len = 0;
970 int bits1, bits2;
971
972 if (pss->ss_family != ss1->ss_family) {
973 /* Ignore interfaces of the wrong type. */
974 continue;
975 }
976 if (pss->ss_family == AF_INET) {
977 p_if = (unsigned char *)
978 &((const struct sockaddr_in *)pss)->sin_addr;
979 p_ss1 = (unsigned char *)
980 &((const struct sockaddr_in *)ss1)->sin_addr;
981 p_ss2 = (unsigned char *)
982 &((const struct sockaddr_in *)ss2)->sin_addr;
983 len = 4;
984 }
985#if defined(HAVE_IPV6)
986 if (pss->ss_family == AF_INET6) {
987 p_if = (unsigned char *)
988 &((const struct sockaddr_in6 *)pss)->sin6_addr;
989 p_ss1 = (unsigned char *)
990 &((const struct sockaddr_in6 *)ss1)->sin6_addr;
991 p_ss2 = (unsigned char *)
992 &((const struct sockaddr_in6 *)ss2)->sin6_addr;
993 len = 16;
994 }
995#endif
996 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
997 continue;
998 }
999 bits1 = matching_len_bits(p_ss1, p_if, len);
1000 bits2 = matching_len_bits(p_ss2, p_if, len);
1001 max_bits1 = MAX(bits1, max_bits1);
1002 max_bits2 = MAX(bits2, max_bits2);
1003 }
1004
1005 /* Bias towards directly reachable IPs */
1006 if (iface_local((struct sockaddr *)ss1)) {
1007 if (ss1->ss_family == AF_INET) {
1008 max_bits1 += 32;
1009 } else {
1010 max_bits1 += 128;
1011 }
1012 }
1013 if (iface_local((struct sockaddr *)ss2)) {
1014 if (ss2->ss_family == AF_INET) {
1015 max_bits2 += 32;
1016 } else {
1017 max_bits2 += 128;
1018 }
1019 }
1020 return max_bits2 - max_bits1;
1021}
1022
1023/*******************************************************************
1024 compare 2 ldap IPs by nearness to our interfaces - used in qsort
1025*******************************************************************/
1026
1027int ip_service_compare(struct ip_service *ss1, struct ip_service *ss2)
1028{
1029 int result;
1030
1031 if ((result = addr_compare(&ss1->ss, &ss2->ss)) != 0) {
1032 return result;
1033 }
1034
1035 if (ss1->port > ss2->port) {
1036 return 1;
1037 }
1038
1039 if (ss1->port < ss2->port) {
1040 return -1;
1041 }
1042
1043 return 0;
1044}
1045
1046/*
1047 sort an IP list so that names that are close to one of our interfaces
1048 are at the top. This prevents the problem where a WINS server returns an IP
1049 that is not reachable from our subnet as the first match
1050*/
1051
1052static void sort_addr_list(struct sockaddr_storage *sslist, int count)
1053{
1054 if (count <= 1) {
1055 return;
1056 }
1057
1058 TYPESAFE_QSORT(sslist, count, addr_compare);
1059}
1060
1061static void sort_service_list(struct ip_service *servlist, int count)
1062{
1063 if (count <= 1) {
1064 return;
1065 }
1066
1067 TYPESAFE_QSORT(servlist, count, ip_service_compare);
1068}
1069
1070/**********************************************************************
1071 Remove any duplicate address/port pairs in the list
1072 *********************************************************************/
1073
1074static int remove_duplicate_addrs2(struct ip_service *iplist, int count )
1075{
1076 int i, j;
1077
1078 DEBUG(10,("remove_duplicate_addrs2: "
1079 "looking for duplicate address/port pairs\n"));
1080
1081 /* one loop to remove duplicates */
1082 for ( i=0; i<count; i++ ) {
1083 if ( is_zero_addr(&iplist[i].ss)) {
1084 continue;
1085 }
1086
1087 for ( j=i+1; j<count; j++ ) {
1088 if (sockaddr_equal((struct sockaddr *)&iplist[i].ss, (struct sockaddr *)&iplist[j].ss) &&
1089 iplist[i].port == iplist[j].port) {
1090 zero_sockaddr(&iplist[j].ss);
1091 }
1092 }
1093 }
1094
1095 /* one loop to clean up any holes we left */
1096 /* first ip should never be a zero_ip() */
1097 for (i = 0; i<count; ) {
1098 if (is_zero_addr(&iplist[i].ss) ) {
1099 if (i != count-1) {
1100 memmove(&iplist[i], &iplist[i+1],
1101 (count - i - 1)*sizeof(iplist[i]));
1102 }
1103 count--;
1104 continue;
1105 }
1106 i++;
1107 }
1108
1109 return count;
1110}
1111
1112static bool prioritize_ipv4_list(struct ip_service *iplist, int count)
1113{
1114 TALLOC_CTX *frame = talloc_stackframe();
1115 struct ip_service *iplist_new = TALLOC_ARRAY(frame, struct ip_service, count);
1116 int i, j;
1117
1118 if (iplist_new == NULL) {
1119 TALLOC_FREE(frame);
1120 return false;
1121 }
1122
1123 j = 0;
1124
1125 /* Copy IPv4 first. */
1126 for (i = 0; i < count; i++) {
1127 if (iplist[i].ss.ss_family == AF_INET) {
1128 iplist_new[j++] = iplist[i];
1129 }
1130 }
1131
1132 /* Copy IPv6. */
1133 for (i = 0; i < count; i++) {
1134 if (iplist[i].ss.ss_family != AF_INET) {
1135 iplist_new[j++] = iplist[i];
1136 }
1137 }
1138
1139 memcpy(iplist, iplist_new, sizeof(struct ip_service)*count);
1140 TALLOC_FREE(frame);
1141 return true;
1142}
1143
1144/****************************************************************************
1145 Do a netbios name query to find someones IP.
1146 Returns an array of IP addresses or NULL if none.
1147 *count will be set to the number of addresses returned.
1148 *timed_out is set if we failed by timing out
1149****************************************************************************/
1150
1151struct name_query_state {
1152 struct sockaddr_storage my_addr;
1153 struct sockaddr_storage addr;
1154 bool bcast;
1155
1156
1157 uint8_t buf[1024];
1158 ssize_t buflen;
1159
1160 NTSTATUS validate_error;
1161 uint8_t flags;
1162
1163 struct sockaddr_storage *addrs;
1164 int num_addrs;
1165};
1166
1167static bool name_query_validator(struct packet_struct *p, void *private_data);
1168static void name_query_done(struct tevent_req *subreq);
1169
1170struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1171 struct tevent_context *ev,
1172 const char *name, int name_type,
1173 bool bcast, bool recurse,
1174 const struct sockaddr_storage *addr)
1175{
1176 struct tevent_req *req, *subreq;
1177 struct name_query_state *state;
1178 struct packet_struct p;
1179 struct nmb_packet *nmb = &p.packet.nmb;
1180 struct sockaddr_in *in_addr;
1181
1182 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1183 if (req == NULL) {
1184 return NULL;
1185 }
1186 state->bcast = bcast;
1187
1188 if (addr->ss_family != AF_INET) {
1189 /* Can't do node status to IPv6 */
1190 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1191 return tevent_req_post(req, ev);
1192 }
1193
1194 if (lp_disable_netbios()) {
1195 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1196 name, name_type));
1197 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1198 return tevent_req_post(req, ev);
1199 }
1200
1201 state->addr = *addr;
1202 in_addr = (struct sockaddr_in *)(void *)&state->addr;
1203 in_addr->sin_port = htons(NMB_PORT);
1204
1205 if (!interpret_string_addr(&state->my_addr, lp_socket_address(),
1206 AI_NUMERICHOST|AI_PASSIVE)) {
1207 zero_sockaddr(&state->my_addr);
1208 }
1209
1210 ZERO_STRUCT(p);
1211 nmb->header.name_trn_id = generate_trn_id();
1212 nmb->header.opcode = 0;
1213 nmb->header.response = false;
1214 nmb->header.nm_flags.bcast = bcast;
1215 nmb->header.nm_flags.recursion_available = false;
1216 nmb->header.nm_flags.recursion_desired = recurse;
1217 nmb->header.nm_flags.trunc = false;
1218 nmb->header.nm_flags.authoritative = false;
1219 nmb->header.rcode = 0;
1220 nmb->header.qdcount = 1;
1221 nmb->header.ancount = 0;
1222 nmb->header.nscount = 0;
1223 nmb->header.arcount = 0;
1224
1225 make_nmb_name(&nmb->question.question_name,name,name_type);
1226
1227 nmb->question.question_type = 0x20;
1228 nmb->question.question_class = 0x1;
1229
1230 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1231 &p);
1232 if (state->buflen == 0) {
1233 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1234 DEBUG(10, ("build_packet failed\n"));
1235 return tevent_req_post(req, ev);
1236 }
1237
1238 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, bcast,
1239 state->buf, state->buflen,
1240 NMB_PACKET, nmb->header.name_trn_id,
1241 name_query_validator, state);
1242 if (tevent_req_nomem(subreq, req)) {
1243 DEBUG(10, ("nb_trans_send failed\n"));
1244 return tevent_req_post(req, ev);
1245 }
1246 tevent_req_set_callback(subreq, name_query_done, req);
1247 return req;
1248}
1249
1250static bool name_query_validator(struct packet_struct *p, void *private_data)
1251{
1252 struct name_query_state *state = talloc_get_type_abort(
1253 private_data, struct name_query_state);
1254 struct nmb_packet *nmb = &p->packet.nmb;
1255 struct sockaddr_storage *tmp_addrs;
1256 bool got_unique_netbios_name = false;
1257 int i;
1258
1259 debug_nmb_packet(p);
1260
1261 /*
1262 * If we get a Negative Name Query Response from a WINS
1263 * server, we should report it and give up.
1264 */
1265 if( 0 == nmb->header.opcode /* A query response */
1266 && !state->bcast /* from a WINS server */
1267 && nmb->header.rcode /* Error returned */
1268 ) {
1269
1270 if( DEBUGLVL( 3 ) ) {
1271 /* Only executed if DEBUGLEVEL >= 3 */
1272 dbgtext( "Negative name query "
1273 "response, rcode 0x%02x: ",
1274 nmb->header.rcode );
1275 switch( nmb->header.rcode ) {
1276 case 0x01:
1277 dbgtext("Request was invalidly formatted.\n");
1278 break;
1279 case 0x02:
1280 dbgtext("Problem with NBNS, cannot process "
1281 "name.\n");
1282 break;
1283 case 0x03:
1284 dbgtext("The name requested does not "
1285 "exist.\n");
1286 break;
1287 case 0x04:
1288 dbgtext("Unsupported request error.\n");
1289 break;
1290 case 0x05:
1291 dbgtext("Query refused error.\n");
1292 break;
1293 default:
1294 dbgtext("Unrecognized error code.\n" );
1295 break;
1296 }
1297 }
1298
1299 /*
1300 * We accept this packet as valid, but tell the upper
1301 * layers that it's a negative response.
1302 */
1303 state->validate_error = NT_STATUS_NOT_FOUND;
1304 return true;
1305 }
1306
1307 if (nmb->header.opcode != 0 ||
1308 nmb->header.nm_flags.bcast ||
1309 nmb->header.rcode ||
1310 !nmb->header.ancount) {
1311 /*
1312 * XXXX what do we do with this? Could be a redirect,
1313 * but we'll discard it for the moment.
1314 */
1315 return false;
1316 }
1317
1318 tmp_addrs = TALLOC_REALLOC_ARRAY(
1319 state, state->addrs, struct sockaddr_storage,
1320 state->num_addrs + nmb->answers->rdlength/6);
1321 if (tmp_addrs == NULL) {
1322 state->validate_error = NT_STATUS_NO_MEMORY;
1323 return true;
1324 }
1325 state->addrs = tmp_addrs;
1326
1327 DEBUG(2,("Got a positive name query response "
1328 "from %s ( ", inet_ntoa(p->ip)));
1329
1330 for (i=0; i<nmb->answers->rdlength/6; i++) {
1331 uint16_t flags;
1332 struct in_addr ip;
1333 struct sockaddr_storage addr;
1334 int j;
1335
1336 flags = RSVAL(&nmb->answers->rdata[i*6], 0);
1337 got_unique_netbios_name |= ((flags & 0x8000) == 0);
1338
1339 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1340 in_addr_to_sockaddr_storage(&addr, ip);
1341
1342 for (j=0; j<state->num_addrs; j++) {
1343 if (sockaddr_equal(
1344 (struct sockaddr *)&addr,
1345 (struct sockaddr *)&state->addrs[j])) {
1346 break;
1347 }
1348 }
1349 if (j < state->num_addrs) {
1350 /* Already got it */
1351 continue;
1352 }
1353
1354 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1355
1356 state->addrs[state->num_addrs] = addr;
1357 state->num_addrs += 1;
1358 }
1359 DEBUGADD(2,(")\n"));
1360
1361 /* We add the flags back ... */
1362 if (nmb->header.response)
1363 state->flags |= NM_FLAGS_RS;
1364 if (nmb->header.nm_flags.authoritative)
1365 state->flags |= NM_FLAGS_AA;
1366 if (nmb->header.nm_flags.trunc)
1367 state->flags |= NM_FLAGS_TC;
1368 if (nmb->header.nm_flags.recursion_desired)
1369 state->flags |= NM_FLAGS_RD;
1370 if (nmb->header.nm_flags.recursion_available)
1371 state->flags |= NM_FLAGS_RA;
1372 if (nmb->header.nm_flags.bcast)
1373 state->flags |= NM_FLAGS_B;
1374
1375 if (state->bcast) {
1376 /*
1377 * We have to collect all entries coming in from broadcast
1378 * queries. If we got a unique name, we're done.
1379 */
1380 return got_unique_netbios_name;
1381 }
1382 /*
1383 * WINS responses are accepted when they are received
1384 */
1385 return true;
1386}
1387
1388static void name_query_done(struct tevent_req *subreq)
1389{
1390 struct tevent_req *req = tevent_req_callback_data(
1391 subreq, struct tevent_req);
1392 struct name_query_state *state = tevent_req_data(
1393 req, struct name_query_state);
1394 NTSTATUS status;
1395 struct packet_struct *p = NULL;
1396
1397 status = nb_trans_recv(subreq, &p);
1398 TALLOC_FREE(subreq);
1399 if (tevent_req_nterror(req, status)) {
1400 return;
1401 }
1402 if (!NT_STATUS_IS_OK(state->validate_error)) {
1403 tevent_req_nterror(req, state->validate_error);
1404 return;
1405 }
1406 if (p != NULL) {
1407 /*
1408 * Free the packet here, we've collected the response in the
1409 * validator
1410 */
1411 free_packet(p);
1412 }
1413 tevent_req_done(req);
1414}
1415
1416NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1417 struct sockaddr_storage **addrs, int *num_addrs,
1418 uint8_t *flags)
1419{
1420 struct name_query_state *state = tevent_req_data(
1421 req, struct name_query_state);
1422 NTSTATUS status;
1423
1424 if (tevent_req_is_nterror(req, &status)
1425 && !NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1426 return status;
1427 }
1428 if (state->num_addrs == 0) {
1429 return NT_STATUS_NOT_FOUND;
1430 }
1431 *addrs = talloc_move(mem_ctx, &state->addrs);
1432 sort_addr_list(*addrs, state->num_addrs);
1433 *num_addrs = state->num_addrs;
1434 if (flags != NULL) {
1435 *flags = state->flags;
1436 }
1437 return NT_STATUS_OK;
1438}
1439
1440NTSTATUS name_query(const char *name, int name_type,
1441 bool bcast, bool recurse,
1442 const struct sockaddr_storage *to_ss,
1443 TALLOC_CTX *mem_ctx,
1444 struct sockaddr_storage **addrs,
1445 int *num_addrs, uint8_t *flags)
1446{
1447 TALLOC_CTX *frame = talloc_stackframe();
1448 struct tevent_context *ev;
1449 struct tevent_req *req;
1450 struct timeval timeout;
1451 NTSTATUS status = NT_STATUS_NO_MEMORY;
1452
1453 ev = tevent_context_init(frame);
1454 if (ev == NULL) {
1455 goto fail;
1456 }
1457 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1458 if (req == NULL) {
1459 goto fail;
1460 }
1461 if (bcast) {
1462 timeout = timeval_current_ofs(0, 250000);
1463 } else {
1464 timeout = timeval_current_ofs(2, 0);
1465 }
1466 if (!tevent_req_set_endtime(req, ev, timeout)) {
1467 goto fail;
1468 }
1469 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1470 goto fail;
1471 }
1472 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1473 fail:
1474 TALLOC_FREE(frame);
1475 return status;
1476}
1477
1478/********************************************************
1479 convert an array if struct sockaddr_storage to struct ip_service
1480 return false on failure. Port is set to PORT_NONE;
1481*********************************************************/
1482
1483static bool convert_ss2service(struct ip_service **return_iplist,
1484 const struct sockaddr_storage *ss_list,
1485 int count)
1486{
1487 int i;
1488
1489 if ( count==0 || !ss_list )
1490 return False;
1491
1492 /* copy the ip address; port will be PORT_NONE */
1493 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, count)) ==
1494 NULL) {
1495 DEBUG(0,("convert_ip2service: malloc failed "
1496 "for %d enetries!\n", count ));
1497 return False;
1498 }
1499
1500 for ( i=0; i<count; i++ ) {
1501 (*return_iplist)[i].ss = ss_list[i];
1502 (*return_iplist)[i].port = PORT_NONE;
1503 }
1504
1505 return true;
1506}
1507
1508/********************************************************
1509 Resolve via "bcast" method.
1510*********************************************************/
1511
1512NTSTATUS name_resolve_bcast(const char *name,
1513 int name_type,
1514 TALLOC_CTX *mem_ctx,
1515 struct sockaddr_storage **return_iplist,
1516 int *return_count)
1517{
1518 int i;
1519 int num_interfaces = iface_count();
1520 struct sockaddr_storage *ss_list;
1521 NTSTATUS status = NT_STATUS_NOT_FOUND;
1522
1523 if (lp_disable_netbios()) {
1524 DEBUG(5,("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1525 name, name_type));
1526 return NT_STATUS_INVALID_PARAMETER;
1527 }
1528
1529 *return_iplist = NULL;
1530 *return_count = 0;
1531
1532 /*
1533 * "bcast" means do a broadcast lookup on all the local interfaces.
1534 */
1535
1536 DEBUG(3,("name_resolve_bcast: Attempting broadcast lookup "
1537 "for name %s<0x%x>\n", name, name_type));
1538
1539 /*
1540 * Lookup the name on all the interfaces, return on
1541 * the first successful match.
1542 */
1543 for( i = num_interfaces-1; i >= 0; i--) {
1544 const struct sockaddr_storage *pss = iface_n_bcast(i);
1545
1546 /* Done this way to fix compiler error on IRIX 5.x */
1547 if (!pss) {
1548 continue;
1549 }
1550 status = name_query(name, name_type, true, true, pss,
1551 talloc_tos(), &ss_list, return_count,
1552 NULL);
1553 if (NT_STATUS_IS_OK(status)) {
1554 goto success;
1555 }
1556 }
1557
1558 /* failed - no response */
1559
1560 return status;
1561
1562success:
1563 *return_iplist = ss_list;
1564 return status;
1565}
1566
1567/********************************************************
1568 Resolve via "wins" method.
1569*********************************************************/
1570
1571NTSTATUS resolve_wins(const char *name,
1572 int name_type,
1573 struct ip_service **return_iplist,
1574 int *return_count)
1575{
1576 int t, i;
1577 char **wins_tags;
1578 struct sockaddr_storage src_ss, *ss_list = NULL;
1579 struct in_addr src_ip;
1580 NTSTATUS status;
1581
1582 if (lp_disable_netbios()) {
1583 DEBUG(5,("resolve_wins(%s#%02x): netbios is disabled\n",
1584 name, name_type));
1585 return NT_STATUS_INVALID_PARAMETER;
1586 }
1587
1588 *return_iplist = NULL;
1589 *return_count = 0;
1590
1591 DEBUG(3,("resolve_wins: Attempting wins lookup for name %s<0x%x>\n",
1592 name, name_type));
1593
1594 if (wins_srv_count() < 1) {
1595 DEBUG(3,("resolve_wins: WINS server resolution selected "
1596 "and no WINS servers listed.\n"));
1597 return NT_STATUS_INVALID_PARAMETER;
1598 }
1599
1600 /* we try a lookup on each of the WINS tags in turn */
1601 wins_tags = wins_srv_tags();
1602
1603 if (!wins_tags) {
1604 /* huh? no tags?? give up in disgust */
1605 return NT_STATUS_INVALID_PARAMETER;
1606 }
1607
1608 /* the address we will be sending from */
1609 if (!interpret_string_addr(&src_ss, lp_socket_address(),
1610 AI_NUMERICHOST|AI_PASSIVE)) {
1611 zero_sockaddr(&src_ss);
1612 }
1613
1614 if (src_ss.ss_family != AF_INET) {
1615 char addr[INET6_ADDRSTRLEN];
1616 print_sockaddr(addr, sizeof(addr), &src_ss);
1617 DEBUG(3,("resolve_wins: cannot receive WINS replies "
1618 "on IPv6 address %s\n",
1619 addr));
1620 wins_srv_tags_free(wins_tags);
1621 return NT_STATUS_INVALID_PARAMETER;
1622 }
1623
1624 src_ip = ((struct sockaddr_in *)&src_ss)->sin_addr;
1625
1626 /* in the worst case we will try every wins server with every
1627 tag! */
1628 for (t=0; wins_tags && wins_tags[t]; t++) {
1629 int srv_count = wins_srv_count_tag(wins_tags[t]);
1630 for (i=0; i<srv_count; i++) {
1631 struct sockaddr_storage wins_ss;
1632 struct in_addr wins_ip;
1633
1634 wins_ip = wins_srv_ip_tag(wins_tags[t], src_ip);
1635
1636 if (global_in_nmbd && ismyip_v4(wins_ip)) {
1637 /* yikes! we'll loop forever */
1638 continue;
1639 }
1640
1641 /* skip any that have been unresponsive lately */
1642 if (wins_srv_is_dead(wins_ip, src_ip)) {
1643 continue;
1644 }
1645
1646 DEBUG(3,("resolve_wins: using WINS server %s "
1647 "and tag '%s'\n",
1648 inet_ntoa(wins_ip), wins_tags[t]));
1649
1650 in_addr_to_sockaddr_storage(&wins_ss, wins_ip);
1651 status = name_query(name,
1652 name_type,
1653 false,
1654 true,
1655 &wins_ss,
1656 talloc_tos(),
1657 &ss_list,
1658 return_count,
1659 NULL);
1660
1661 /* exit loop if we got a list of addresses */
1662
1663 if (NT_STATUS_IS_OK(status)) {
1664 goto success;
1665 }
1666
1667 if (NT_STATUS_EQUAL(status,
1668 NT_STATUS_IO_TIMEOUT)) {
1669 /* Timed out waiting for WINS server to
1670 * respond.
1671 * Mark it dead. */
1672 wins_srv_died(wins_ip, src_ip);
1673 } else {
1674 /* The name definitely isn't in this
1675 group of WINS servers.
1676 goto the next group */
1677 break;
1678 }
1679 }
1680 }
1681
1682 wins_srv_tags_free(wins_tags);
1683 return NT_STATUS_NO_LOGON_SERVERS;
1684
1685success:
1686
1687 status = NT_STATUS_OK;
1688 if (!convert_ss2service(return_iplist, ss_list, *return_count))
1689 status = NT_STATUS_INVALID_PARAMETER;
1690
1691 TALLOC_FREE(ss_list);
1692 wins_srv_tags_free(wins_tags);
1693
1694 return status;
1695}
1696
1697/********************************************************
1698 Resolve via "lmhosts" method.
1699*********************************************************/
1700
1701static NTSTATUS resolve_lmhosts(const char *name, int name_type,
1702 struct ip_service **return_iplist,
1703 int *return_count)
1704{
1705 /*
1706 * "lmhosts" means parse the local lmhosts file.
1707 */
1708 struct sockaddr_storage *ss_list;
1709 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1710 TALLOC_CTX *ctx = NULL;
1711
1712 *return_iplist = NULL;
1713 *return_count = 0;
1714
1715 DEBUG(3,("resolve_lmhosts: "
1716 "Attempting lmhosts lookup for name %s<0x%x>\n",
1717 name, name_type));
1718
1719 ctx = talloc_init("resolve_lmhosts");
1720 if (!ctx) {
1721 return NT_STATUS_NO_MEMORY;
1722 }
1723
1724 status = resolve_lmhosts_file_as_sockaddr(get_dyn_LMHOSTSFILE(),
1725 name, name_type,
1726 ctx,
1727 &ss_list,
1728 return_count);
1729 if (NT_STATUS_IS_OK(status)) {
1730 if (convert_ss2service(return_iplist,
1731 ss_list,
1732 *return_count)) {
1733 talloc_free(ctx);
1734 return NT_STATUS_OK;
1735 } else {
1736 talloc_free(ctx);
1737 return NT_STATUS_NO_MEMORY;
1738 }
1739 }
1740 talloc_free(ctx);
1741 return status;
1742}
1743
1744
1745/********************************************************
1746 Resolve via "hosts" method.
1747*********************************************************/
1748
1749static NTSTATUS resolve_hosts(const char *name, int name_type,
1750 struct ip_service **return_iplist,
1751 int *return_count)
1752{
1753 /*
1754 * "host" means do a localhost, or dns lookup.
1755 */
1756 struct addrinfo hints;
1757 struct addrinfo *ailist = NULL;
1758 struct addrinfo *res = NULL;
1759 int ret = -1;
1760 int i = 0;
1761
1762 if ( name_type != 0x20 && name_type != 0x0) {
1763 DEBUG(5, ("resolve_hosts: not appropriate "
1764 "for name type <0x%x>\n",
1765 name_type));
1766 return NT_STATUS_INVALID_PARAMETER;
1767 }
1768
1769 *return_iplist = NULL;
1770 *return_count = 0;
1771
1772 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
1773 name, name_type));
1774
1775 ZERO_STRUCT(hints);
1776 /* By default make sure it supports TCP. */
1777 hints.ai_socktype = SOCK_STREAM;
1778 hints.ai_flags = AI_ADDRCONFIG;
1779
1780#if !defined(HAVE_IPV6)
1781 /* Unless we have IPv6, we really only want IPv4 addresses back. */
1782 hints.ai_family = AF_INET;
1783#endif
1784
1785 ret = getaddrinfo(name,
1786 NULL,
1787 &hints,
1788 &ailist);
1789 if (ret) {
1790 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
1791 name,
1792 gai_strerror(ret) ));
1793 }
1794
1795 for (res = ailist; res; res = res->ai_next) {
1796 struct sockaddr_storage ss;
1797
1798 if (!res->ai_addr || res->ai_addrlen == 0) {
1799 continue;
1800 }
1801
1802 ZERO_STRUCT(ss);
1803 memcpy(&ss, res->ai_addr, res->ai_addrlen);
1804
1805 *return_count += 1;
1806
1807 *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
1808 struct ip_service,
1809 *return_count);
1810 if (!*return_iplist) {
1811 DEBUG(3,("resolve_hosts: malloc fail !\n"));
1812 freeaddrinfo(ailist);
1813 return NT_STATUS_NO_MEMORY;
1814 }
1815 (*return_iplist)[i].ss = ss;
1816 (*return_iplist)[i].port = PORT_NONE;
1817 i++;
1818 }
1819 if (ailist) {
1820 freeaddrinfo(ailist);
1821 }
1822 if (*return_count) {
1823 return NT_STATUS_OK;
1824 }
1825 return NT_STATUS_UNSUCCESSFUL;
1826}
1827
1828/********************************************************
1829 Resolve via "ADS" method.
1830*********************************************************/
1831
1832/* Special name type used to cause a _kerberos DNS lookup. */
1833#define KDC_NAME_TYPE 0xDCDC
1834
1835static NTSTATUS resolve_ads(const char *name,
1836 int name_type,
1837 const char *sitename,
1838 struct ip_service **return_iplist,
1839 int *return_count)
1840{
1841 int i, j;
1842 NTSTATUS status;
1843 TALLOC_CTX *ctx;
1844 struct dns_rr_srv *dcs = NULL;
1845 int numdcs = 0;
1846 int numaddrs = 0;
1847
1848 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
1849 (name_type != 0x1b)) {
1850 return NT_STATUS_INVALID_PARAMETER;
1851 }
1852
1853 if ( (ctx = talloc_init("resolve_ads")) == NULL ) {
1854 DEBUG(0,("resolve_ads: talloc_init() failed!\n"));
1855 return NT_STATUS_NO_MEMORY;
1856 }
1857
1858 /* The DNS code needs fixing to find IPv6 addresses... JRA. */
1859
1860 switch (name_type) {
1861 case 0x1b:
1862 DEBUG(5,("resolve_ads: Attempting to resolve "
1863 "PDC for %s using DNS\n", name));
1864 status = ads_dns_query_pdc(ctx, name, &dcs, &numdcs);
1865 break;
1866
1867 case 0x1c:
1868 DEBUG(5,("resolve_ads: Attempting to resolve "
1869 "DCs for %s using DNS\n", name));
1870 status = ads_dns_query_dcs(ctx, name, sitename, &dcs,
1871 &numdcs);
1872 break;
1873 case KDC_NAME_TYPE:
1874 DEBUG(5,("resolve_ads: Attempting to resolve "
1875 "KDCs for %s using DNS\n", name));
1876 status = ads_dns_query_kdcs(ctx, name, sitename, &dcs,
1877 &numdcs);
1878 break;
1879 default:
1880 status = NT_STATUS_INVALID_PARAMETER;
1881 break;
1882 }
1883
1884 if ( !NT_STATUS_IS_OK( status ) ) {
1885 talloc_destroy(ctx);
1886 return status;
1887 }
1888
1889 for (i=0;i<numdcs;i++) {
1890 numaddrs += MAX(dcs[i].num_ips,1);
1891 }
1892
1893 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, numaddrs)) ==
1894 NULL ) {
1895 DEBUG(0,("resolve_ads: malloc failed for %d entries\n",
1896 numaddrs ));
1897 talloc_destroy(ctx);
1898 return NT_STATUS_NO_MEMORY;
1899 }
1900
1901 /* now unroll the list of IP addresses */
1902
1903 *return_count = 0;
1904 i = 0;
1905 j = 0;
1906 while ( i < numdcs && (*return_count<numaddrs) ) {
1907 struct ip_service *r = &(*return_iplist)[*return_count];
1908
1909 r->port = dcs[i].port;
1910
1911 /* If we don't have an IP list for a name, lookup it up */
1912
1913 if (!dcs[i].ss_s) {
1914 interpret_string_addr(&r->ss, dcs[i].hostname, 0);
1915 i++;
1916 j = 0;
1917 } else {
1918 /* use the IP addresses from the SRV sresponse */
1919
1920 if ( j >= dcs[i].num_ips ) {
1921 i++;
1922 j = 0;
1923 continue;
1924 }
1925
1926 r->ss = dcs[i].ss_s[j];
1927 j++;
1928 }
1929
1930 /* make sure it is a valid IP. I considered checking the
1931 * negative connection cache, but this is the wrong place
1932 * for it. Maybe only as a hack. After think about it, if
1933 * all of the IP addresses returned from DNS are dead, what
1934 * hope does a netbios name lookup have ? The standard reason
1935 * for falling back to netbios lookups is that our DNS server
1936 * doesn't know anything about the DC's -- jerry */
1937
1938 if (!is_zero_addr(&r->ss)) {
1939 (*return_count)++;
1940 }
1941 }
1942
1943 talloc_destroy(ctx);
1944 return NT_STATUS_OK;
1945}
1946
1947/*******************************************************************
1948 Internal interface to resolve a name into an IP address.
1949 Use this function if the string is either an IP address, DNS
1950 or host name or NetBIOS name. This uses the name switch in the
1951 smb.conf to determine the order of name resolution.
1952
1953 Added support for ip addr/port to support ADS ldap servers.
1954 the only place we currently care about the port is in the
1955 resolve_hosts() when looking up DC's via SRV RR entries in DNS
1956**********************************************************************/
1957
1958NTSTATUS internal_resolve_name(const char *name,
1959 int name_type,
1960 const char *sitename,
1961 struct ip_service **return_iplist,
1962 int *return_count,
1963 const char *resolve_order)
1964{
1965 char *tok;
1966 const char *ptr;
1967 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
1968 int i;
1969 TALLOC_CTX *frame = NULL;
1970
1971 *return_iplist = NULL;
1972 *return_count = 0;
1973
1974 DEBUG(10, ("internal_resolve_name: looking up %s#%x (sitename %s)\n",
1975 name, name_type, sitename ? sitename : "(null)"));
1976
1977 if (is_ipaddress(name)) {
1978 if ((*return_iplist = SMB_MALLOC_P(struct ip_service)) ==
1979 NULL) {
1980 DEBUG(0,("internal_resolve_name: malloc fail !\n"));
1981 return NT_STATUS_NO_MEMORY;
1982 }
1983
1984 /* ignore the port here */
1985 (*return_iplist)->port = PORT_NONE;
1986
1987 /* if it's in the form of an IP address then get the lib to interpret it */
1988 if (!interpret_string_addr(&(*return_iplist)->ss,
1989 name, AI_NUMERICHOST)) {
1990 DEBUG(1,("internal_resolve_name: interpret_string_addr "
1991 "failed on %s\n",
1992 name));
1993 SAFE_FREE(*return_iplist);
1994 return NT_STATUS_INVALID_PARAMETER;
1995 }
1996 *return_count = 1;
1997 return NT_STATUS_OK;
1998 }
1999
2000 /* Check name cache */
2001
2002 if (namecache_fetch(name, name_type, return_iplist, return_count)) {
2003 /* This could be a negative response */
2004 if (*return_count > 0) {
2005 return NT_STATUS_OK;
2006 } else {
2007 return NT_STATUS_UNSUCCESSFUL;
2008 }
2009 }
2010
2011 /* set the name resolution order */
2012
2013 if (strcmp( resolve_order, "NULL") == 0) {
2014 DEBUG(8,("internal_resolve_name: all lookups disabled\n"));
2015 return NT_STATUS_INVALID_PARAMETER;
2016 }
2017
2018 if (!resolve_order[0]) {
2019 ptr = "host";
2020 } else {
2021 ptr = resolve_order;
2022 }
2023
2024 /* iterate through the name resolution backends */
2025
2026 frame = talloc_stackframe();
2027 while (next_token_talloc(frame, &ptr, &tok, LIST_SEP)) {
2028 if((strequal(tok, "host") || strequal(tok, "hosts"))) {
2029 status = resolve_hosts(name, name_type, return_iplist,
2030 return_count);
2031 if (NT_STATUS_IS_OK(status)) {
2032 goto done;
2033 }
2034 } else if(strequal( tok, "kdc")) {
2035 /* deal with KDC_NAME_TYPE names here.
2036 * This will result in a SRV record lookup */
2037 status = resolve_ads(name, KDC_NAME_TYPE, sitename,
2038 return_iplist, return_count);
2039 if (NT_STATUS_IS_OK(status)) {
2040 /* Ensure we don't namecache
2041 * this with the KDC port. */
2042 name_type = KDC_NAME_TYPE;
2043 goto done;
2044 }
2045 } else if(strequal( tok, "ads")) {
2046 /* deal with 0x1c and 0x1b names here.
2047 * This will result in a SRV record lookup */
2048 status = resolve_ads(name, name_type, sitename,
2049 return_iplist, return_count);
2050 if (NT_STATUS_IS_OK(status)) {
2051 goto done;
2052 }
2053 } else if(strequal( tok, "lmhosts")) {
2054 status = resolve_lmhosts(name, name_type,
2055 return_iplist, return_count);
2056 if (NT_STATUS_IS_OK(status)) {
2057 goto done;
2058 }
2059 } else if(strequal( tok, "wins")) {
2060 /* don't resolve 1D via WINS */
2061 if (name_type != 0x1D) {
2062 status = resolve_wins(name, name_type,
2063 return_iplist,
2064 return_count);
2065 if (NT_STATUS_IS_OK(status)) {
2066 goto done;
2067 }
2068 }
2069 } else if(strequal( tok, "bcast")) {
2070 struct sockaddr_storage *ss_list;
2071 status = name_resolve_bcast(
2072 name, name_type, talloc_tos(),
2073 &ss_list, return_count);
2074 if (NT_STATUS_IS_OK(status)) {
2075 if (!convert_ss2service(return_iplist,
2076 ss_list,
2077 *return_count)) {
2078 status = NT_STATUS_NO_MEMORY;
2079 }
2080 goto done;
2081 }
2082 } else {
2083 DEBUG(0,("resolve_name: unknown name switch type %s\n",
2084 tok));
2085 }
2086 }
2087
2088 /* All of the resolve_* functions above have returned false. */
2089
2090 TALLOC_FREE(frame);
2091 SAFE_FREE(*return_iplist);
2092 *return_count = 0;
2093
2094 return NT_STATUS_UNSUCCESSFUL;
2095
2096 done:
2097
2098 /* Remove duplicate entries. Some queries, notably #1c (domain
2099 controllers) return the PDC in iplist[0] and then all domain
2100 controllers including the PDC in iplist[1..n]. Iterating over
2101 the iplist when the PDC is down will cause two sets of timeouts. */
2102
2103 if ( *return_count ) {
2104 *return_count = remove_duplicate_addrs2(*return_iplist,
2105 *return_count );
2106 }
2107
2108 /* Save in name cache */
2109 if ( DEBUGLEVEL >= 100 ) {
2110 for (i = 0; i < *return_count && DEBUGLEVEL == 100; i++) {
2111 char addr[INET6_ADDRSTRLEN];
2112 print_sockaddr(addr, sizeof(addr),
2113 &(*return_iplist)[i].ss);
2114 DEBUG(100, ("Storing name %s of type %d (%s:%d)\n",
2115 name,
2116 name_type,
2117 addr,
2118 (*return_iplist)[i].port));
2119 }
2120 }
2121
2122 namecache_store(name, name_type, *return_count, *return_iplist);
2123
2124 /* Display some debugging info */
2125
2126 if ( DEBUGLEVEL >= 10 ) {
2127 DEBUG(10, ("internal_resolve_name: returning %d addresses: ",
2128 *return_count));
2129
2130 for (i = 0; i < *return_count; i++) {
2131 char addr[INET6_ADDRSTRLEN];
2132 print_sockaddr(addr, sizeof(addr),
2133 &(*return_iplist)[i].ss);
2134 DEBUGADD(10, ("%s:%d ",
2135 addr,
2136 (*return_iplist)[i].port));
2137 }
2138 DEBUG(10, ("\n"));
2139 }
2140
2141 TALLOC_FREE(frame);
2142 return status;
2143}
2144
2145/********************************************************
2146 Internal interface to resolve a name into one IP address.
2147 Use this function if the string is either an IP address, DNS
2148 or host name or NetBIOS name. This uses the name switch in the
2149 smb.conf to determine the order of name resolution.
2150*********************************************************/
2151
2152bool resolve_name(const char *name,
2153 struct sockaddr_storage *return_ss,
2154 int name_type,
2155 bool prefer_ipv4)
2156{
2157 struct ip_service *ss_list = NULL;
2158 char *sitename = NULL;
2159 int count = 0;
2160
2161 if (is_ipaddress(name)) {
2162 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2163 }
2164
2165 sitename = sitename_fetch(lp_realm()); /* wild guess */
2166
2167 if (NT_STATUS_IS_OK(internal_resolve_name(name, name_type, sitename,
2168 &ss_list, &count,
2169 lp_name_resolve_order()))) {
2170 int i;
2171
2172 if (prefer_ipv4) {
2173 for (i=0; i<count; i++) {
2174 if (!is_zero_addr(&ss_list[i].ss) &&
2175 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss) &&
2176 (ss_list[i].ss.ss_family == AF_INET)) {
2177 *return_ss = ss_list[i].ss;
2178 SAFE_FREE(ss_list);
2179 SAFE_FREE(sitename);
2180 return True;
2181 }
2182 }
2183 }
2184
2185 /* only return valid addresses for TCP connections */
2186 for (i=0; i<count; i++) {
2187 if (!is_zero_addr(&ss_list[i].ss) &&
2188 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2189 *return_ss = ss_list[i].ss;
2190 SAFE_FREE(ss_list);
2191 SAFE_FREE(sitename);
2192 return True;
2193 }
2194 }
2195 }
2196
2197 SAFE_FREE(ss_list);
2198 SAFE_FREE(sitename);
2199 return False;
2200}
2201
2202/********************************************************
2203 Internal interface to resolve a name into a list of IP addresses.
2204 Use this function if the string is either an IP address, DNS
2205 or host name or NetBIOS name. This uses the name switch in the
2206 smb.conf to determine the order of name resolution.
2207*********************************************************/
2208
2209NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
2210 const char *name,
2211 int name_type,
2212 struct sockaddr_storage **return_ss_arr,
2213 unsigned int *p_num_entries)
2214{
2215 struct ip_service *ss_list = NULL;
2216 char *sitename = NULL;
2217 int count = 0;
2218 int i;
2219 unsigned int num_entries;
2220 NTSTATUS status;
2221
2222 *p_num_entries = 0;
2223 *return_ss_arr = NULL;
2224
2225 if (is_ipaddress(name)) {
2226 *return_ss_arr = TALLOC_P(ctx, struct sockaddr_storage);
2227 if (!*return_ss_arr) {
2228 return NT_STATUS_NO_MEMORY;
2229 }
2230 if (!interpret_string_addr(*return_ss_arr, name, AI_NUMERICHOST)) {
2231 TALLOC_FREE(*return_ss_arr);
2232 return NT_STATUS_BAD_NETWORK_NAME;
2233 }
2234 *p_num_entries = 1;
2235 return NT_STATUS_OK;
2236 }
2237
2238 sitename = sitename_fetch(lp_realm()); /* wild guess */
2239
2240 status = internal_resolve_name(name, name_type, sitename,
2241 &ss_list, &count,
2242 lp_name_resolve_order());
2243 SAFE_FREE(sitename);
2244
2245 if (!NT_STATUS_IS_OK(status)) {
2246 return status;
2247 }
2248
2249 /* only return valid addresses for TCP connections */
2250 for (i=0, num_entries = 0; i<count; i++) {
2251 if (!is_zero_addr(&ss_list[i].ss) &&
2252 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2253 num_entries++;
2254 }
2255 }
2256 if (num_entries == 0) {
2257 SAFE_FREE(ss_list);
2258 return NT_STATUS_BAD_NETWORK_NAME;
2259 }
2260
2261 *return_ss_arr = TALLOC_ARRAY(ctx,
2262 struct sockaddr_storage,
2263 num_entries);
2264 if (!(*return_ss_arr)) {
2265 SAFE_FREE(ss_list);
2266 return NT_STATUS_NO_MEMORY;
2267 }
2268
2269 for (i=0, num_entries = 0; i<count; i++) {
2270 if (!is_zero_addr(&ss_list[i].ss) &&
2271 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2272 (*return_ss_arr)[num_entries++] = ss_list[i].ss;
2273 }
2274 }
2275
2276 status = NT_STATUS_OK;
2277 *p_num_entries = num_entries;
2278
2279 SAFE_FREE(ss_list);
2280 return NT_STATUS_OK;
2281}
2282
2283/********************************************************
2284 Find the IP address of the master browser or DMB for a workgroup.
2285*********************************************************/
2286
2287bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
2288{
2289 struct ip_service *ip_list = NULL;
2290 int count = 0;
2291 NTSTATUS status;
2292
2293 if (lp_disable_netbios()) {
2294 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
2295 return false;
2296 }
2297
2298 status = internal_resolve_name(group, 0x1D, NULL, &ip_list, &count,
2299 lp_name_resolve_order());
2300 if (NT_STATUS_IS_OK(status)) {
2301 *master_ss = ip_list[0].ss;
2302 SAFE_FREE(ip_list);
2303 return true;
2304 }
2305
2306 status = internal_resolve_name(group, 0x1B, NULL, &ip_list, &count,
2307 lp_name_resolve_order());
2308 if (NT_STATUS_IS_OK(status)) {
2309 *master_ss = ip_list[0].ss;
2310 SAFE_FREE(ip_list);
2311 return true;
2312 }
2313
2314 SAFE_FREE(ip_list);
2315 return false;
2316}
2317
2318/********************************************************
2319 Get the IP address list of the primary domain controller
2320 for a domain.
2321*********************************************************/
2322
2323bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
2324{
2325 struct ip_service *ip_list = NULL;
2326 int count = 0;
2327 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
2328
2329 /* Look up #1B name */
2330
2331 if (lp_security() == SEC_ADS) {
2332 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2333 &count, "ads");
2334 }
2335
2336 if (!NT_STATUS_IS_OK(status) || count == 0) {
2337 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2338 &count,
2339 lp_name_resolve_order());
2340 if (!NT_STATUS_IS_OK(status)) {
2341 return false;
2342 }
2343 }
2344
2345 /* if we get more than 1 IP back we have to assume it is a
2346 multi-homed PDC and not a mess up */
2347
2348 if ( count > 1 ) {
2349 DEBUG(6,("get_pdc_ip: PDC has %d IP addresses!\n", count));
2350 sort_service_list(ip_list, count);
2351 }
2352
2353 *pss = ip_list[0].ss;
2354 SAFE_FREE(ip_list);
2355 return true;
2356}
2357
2358/* Private enum type for lookups. */
2359
2360enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
2361
2362/********************************************************
2363 Get the IP address list of the domain controllers for
2364 a domain.
2365*********************************************************/
2366
2367static NTSTATUS get_dc_list(const char *domain,
2368 const char *sitename,
2369 struct ip_service **ip_list,
2370 int *count,
2371 enum dc_lookup_type lookup_type,
2372 bool *ordered)
2373{
2374 char *resolve_order = NULL;
2375 char *saf_servername = NULL;
2376 char *pserver = NULL;
2377 const char *p;
2378 char *port_str = NULL;
2379 int port;
2380 char *name;
2381 int num_addresses = 0;
2382 int local_count, i, j;
2383 struct ip_service *return_iplist = NULL;
2384 struct ip_service *auto_ip_list = NULL;
2385 bool done_auto_lookup = false;
2386 int auto_count = 0;
2387 NTSTATUS status;
2388 TALLOC_CTX *ctx = talloc_init("get_dc_list");
2389
2390 *ip_list = NULL;
2391 *count = 0;
2392
2393 if (!ctx) {
2394 return NT_STATUS_NO_MEMORY;
2395 }
2396
2397 *ordered = False;
2398
2399 /* if we are restricted to solely using DNS for looking
2400 up a domain controller, make sure that host lookups
2401 are enabled for the 'name resolve order'. If host lookups
2402 are disabled and ads_only is True, then set the string to
2403 NULL. */
2404
2405 resolve_order = talloc_strdup(ctx, lp_name_resolve_order());
2406 if (!resolve_order) {
2407 status = NT_STATUS_NO_MEMORY;
2408 goto out;
2409 }
2410 strlower_m(resolve_order);
2411 if (lookup_type == DC_ADS_ONLY) {
2412 if (strstr( resolve_order, "host")) {
2413 resolve_order = talloc_strdup(ctx, "ads");
2414
2415 /* DNS SRV lookups used by the ads resolver
2416 are already sorted by priority and weight */
2417 *ordered = true;
2418 } else {
2419 resolve_order = talloc_strdup(ctx, "NULL");
2420 }
2421 } else if (lookup_type == DC_KDC_ONLY) {
2422 /* DNS SRV lookups used by the ads/kdc resolver
2423 are already sorted by priority and weight */
2424 *ordered = true;
2425 resolve_order = talloc_strdup(ctx, "kdc");
2426 }
2427 if (!resolve_order) {
2428 status = NT_STATUS_NO_MEMORY;
2429 goto out;
2430 }
2431
2432 /* fetch the server we have affinity for. Add the
2433 'password server' list to a search for our domain controllers */
2434
2435 saf_servername = saf_fetch( domain);
2436
2437 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
2438 pserver = talloc_asprintf(ctx, "%s, %s",
2439 saf_servername ? saf_servername : "",
2440 lp_passwordserver());
2441 } else {
2442 pserver = talloc_asprintf(ctx, "%s, *",
2443 saf_servername ? saf_servername : "");
2444 }
2445
2446 SAFE_FREE(saf_servername);
2447 if (!pserver) {
2448 status = NT_STATUS_NO_MEMORY;
2449 goto out;
2450 }
2451
2452 /* if we are starting from scratch, just lookup DOMAIN<0x1c> */
2453
2454 if (!*pserver ) {
2455 DEBUG(10,("get_dc_list: no preferred domain controllers.\n"));
2456 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2457 count, resolve_order);
2458 goto out;
2459 }
2460
2461 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
2462
2463 /*
2464 * if '*' appears in the "password server" list then add
2465 * an auto lookup to the list of manually configured
2466 * DC's. If any DC is listed by name, then the list should be
2467 * considered to be ordered
2468 */
2469
2470 p = pserver;
2471 while (next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2472 if (!done_auto_lookup && strequal(name, "*")) {
2473 status = internal_resolve_name(domain, 0x1C, sitename,
2474 &auto_ip_list,
2475 &auto_count,
2476 resolve_order);
2477 if (NT_STATUS_IS_OK(status)) {
2478 num_addresses += auto_count;
2479 }
2480 done_auto_lookup = true;
2481 DEBUG(8,("Adding %d DC's from auto lookup\n",
2482 auto_count));
2483 } else {
2484 num_addresses++;
2485 }
2486 }
2487
2488 /* if we have no addresses and haven't done the auto lookup, then
2489 just return the list of DC's. Or maybe we just failed. */
2490
2491 if ((num_addresses == 0)) {
2492 if (done_auto_lookup) {
2493 DEBUG(4,("get_dc_list: no servers found\n"));
2494 status = NT_STATUS_NO_LOGON_SERVERS;
2495 goto out;
2496 }
2497 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2498 count, resolve_order);
2499 goto out;
2500 }
2501
2502 if ((return_iplist = SMB_MALLOC_ARRAY(struct ip_service,
2503 num_addresses)) == NULL) {
2504 DEBUG(3,("get_dc_list: malloc fail !\n"));
2505 status = NT_STATUS_NO_MEMORY;
2506 goto out;
2507 }
2508
2509 p = pserver;
2510 local_count = 0;
2511
2512 /* fill in the return list now with real IP's */
2513
2514 while ((local_count<num_addresses) &&
2515 next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2516 struct sockaddr_storage name_ss;
2517
2518 /* copy any addersses from the auto lookup */
2519
2520 if (strequal(name, "*")) {
2521 for (j=0; j<auto_count; j++) {
2522 char addr[INET6_ADDRSTRLEN];
2523 print_sockaddr(addr,
2524 sizeof(addr),
2525 &auto_ip_list[j].ss);
2526 /* Check for and don't copy any
2527 * known bad DC IP's. */
2528 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
2529 domain,
2530 addr))) {
2531 DEBUG(5,("get_dc_list: "
2532 "negative entry %s removed "
2533 "from DC list\n",
2534 addr));
2535 continue;
2536 }
2537 return_iplist[local_count].ss =
2538 auto_ip_list[j].ss;
2539 return_iplist[local_count].port =
2540 auto_ip_list[j].port;
2541 local_count++;
2542 }
2543 continue;
2544 }
2545
2546 /* added support for address:port syntax for ads
2547 * (not that I think anyone will ever run the LDAP
2548 * server in an AD domain on something other than
2549 * port 389 */
2550
2551 port = (lp_security() == SEC_ADS) ? LDAP_PORT : PORT_NONE;
2552 if ((port_str=strchr(name, ':')) != NULL) {
2553 *port_str = '\0';
2554 port_str++;
2555 port = atoi(port_str);
2556 }
2557
2558 /* explicit lookup; resolve_name() will
2559 * handle names & IP addresses */
2560 if (resolve_name( name, &name_ss, 0x20, true )) {
2561 char addr[INET6_ADDRSTRLEN];
2562 print_sockaddr(addr,
2563 sizeof(addr),
2564 &name_ss);
2565
2566 /* Check for and don't copy any known bad DC IP's. */
2567 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
2568 addr)) ) {
2569 DEBUG(5,("get_dc_list: negative entry %s "
2570 "removed from DC list\n",
2571 name ));
2572 continue;
2573 }
2574
2575 return_iplist[local_count].ss = name_ss;
2576 return_iplist[local_count].port = port;
2577 local_count++;
2578 *ordered = true;
2579 }
2580 }
2581
2582 /* need to remove duplicates in the list if we have any
2583 explicit password servers */
2584
2585 if (local_count) {
2586 local_count = remove_duplicate_addrs2(return_iplist,
2587 local_count );
2588 }
2589
2590 /* For DC's we always prioritize IPv4 due to W2K3 not
2591 * supporting LDAP, KRB5 or CLDAP over IPv6. */
2592
2593 if (local_count && return_iplist) {
2594 prioritize_ipv4_list(return_iplist, local_count);
2595 }
2596
2597 if ( DEBUGLEVEL >= 4 ) {
2598 DEBUG(4,("get_dc_list: returning %d ip addresses "
2599 "in an %sordered list\n",
2600 local_count,
2601 *ordered ? "":"un"));
2602 DEBUG(4,("get_dc_list: "));
2603 for ( i=0; i<local_count; i++ ) {
2604 char addr[INET6_ADDRSTRLEN];
2605 print_sockaddr(addr,
2606 sizeof(addr),
2607 &return_iplist[i].ss);
2608 DEBUGADD(4,("%s:%d ", addr, return_iplist[i].port ));
2609 }
2610 DEBUGADD(4,("\n"));
2611 }
2612
2613 *ip_list = return_iplist;
2614 *count = local_count;
2615
2616 status = ( *count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS );
2617
2618 out:
2619
2620 if (!NT_STATUS_IS_OK(status)) {
2621 SAFE_FREE(return_iplist);
2622 *ip_list = NULL;
2623 *count = 0;
2624 }
2625
2626 SAFE_FREE(auto_ip_list);
2627 TALLOC_FREE(ctx);
2628 return status;
2629}
2630
2631/*********************************************************************
2632 Small wrapper function to get the DC list and sort it if neccessary.
2633*********************************************************************/
2634
2635NTSTATUS get_sorted_dc_list( const char *domain,
2636 const char *sitename,
2637 struct ip_service **ip_list,
2638 int *count,
2639 bool ads_only )
2640{
2641 bool ordered = false;
2642 NTSTATUS status;
2643 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
2644
2645 *ip_list = NULL;
2646 *count = 0;
2647
2648 DEBUG(8,("get_sorted_dc_list: attempting lookup "
2649 "for name %s (sitename %s) using [%s]\n",
2650 domain,
2651 sitename ? sitename : "NULL",
2652 (ads_only ? "ads" : lp_name_resolve_order())));
2653
2654 if (ads_only) {
2655 lookup_type = DC_ADS_ONLY;
2656 }
2657
2658 status = get_dc_list(domain, sitename, ip_list,
2659 count, lookup_type, &ordered);
2660 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
2661 && sitename) {
2662 DEBUG(3,("get_sorted_dc_list: no server for name %s available"
2663 " in site %s, fallback to all servers\n",
2664 domain, sitename));
2665 status = get_dc_list(domain, NULL, ip_list,
2666 count, lookup_type, &ordered);
2667 }
2668
2669 if (!NT_STATUS_IS_OK(status)) {
2670 SAFE_FREE(*ip_list);
2671 *count = 0;
2672 return status;
2673 }
2674
2675 /* only sort if we don't already have an ordered list */
2676 if (!ordered) {
2677 sort_service_list(*ip_list, *count);
2678 }
2679
2680 return NT_STATUS_OK;
2681}
2682
2683/*********************************************************************
2684 Get the KDC list - re-use all the logic in get_dc_list.
2685*********************************************************************/
2686
2687NTSTATUS get_kdc_list( const char *realm,
2688 const char *sitename,
2689 struct ip_service **ip_list,
2690 int *count)
2691{
2692 bool ordered;
2693 NTSTATUS status;
2694
2695 *count = 0;
2696 *ip_list = NULL;
2697
2698 status = get_dc_list(realm, sitename, ip_list,
2699 count, DC_KDC_ONLY, &ordered);
2700
2701 if (!NT_STATUS_IS_OK(status)) {
2702 SAFE_FREE(*ip_list);
2703 *count = 0;
2704 return status;
2705 }
2706
2707 /* only sort if we don't already have an ordered list */
2708 if ( !ordered ) {
2709 sort_service_list(*ip_list, *count);
2710 }
2711
2712 return NT_STATUS_OK;
2713}
Note: See TracBrowser for help on using the repository browser.