| 1 | /*
|
|---|
| 2 | Unix SMB/CIFS implementation.
|
|---|
| 3 |
|
|---|
| 4 | DNS server utils
|
|---|
| 5 |
|
|---|
| 6 | Copyright (C) 2010 Kai Blin <kai@samba.org>
|
|---|
| 7 |
|
|---|
| 8 | This program is free software; you can redistribute it and/or modify
|
|---|
| 9 | it under the terms of the GNU General Public License as published by
|
|---|
| 10 | the Free Software Foundation; either version 3 of the License, or
|
|---|
| 11 | (at your option) any later version.
|
|---|
| 12 |
|
|---|
| 13 | This program is distributed in the hope that it will be useful,
|
|---|
| 14 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 16 | GNU General Public License for more details.
|
|---|
| 17 |
|
|---|
| 18 | You should have received a copy of the GNU General Public License
|
|---|
| 19 | along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|---|
| 20 | */
|
|---|
| 21 |
|
|---|
| 22 | #include "includes.h"
|
|---|
| 23 | #include "libcli/util/ntstatus.h"
|
|---|
| 24 | #include "libcli/util/werror.h"
|
|---|
| 25 | #include "librpc/ndr/libndr.h"
|
|---|
| 26 | #include "librpc/gen_ndr/ndr_dns.h"
|
|---|
| 27 | #include "librpc/gen_ndr/ndr_dnsp.h"
|
|---|
| 28 | #include <ldb.h>
|
|---|
| 29 | #include "dsdb/samdb/samdb.h"
|
|---|
| 30 | #include "dsdb/common/util.h"
|
|---|
| 31 | #include "dns_server/dns_server.h"
|
|---|
| 32 |
|
|---|
| 33 | uint8_t werr_to_dns_err(WERROR werr)
|
|---|
| 34 | {
|
|---|
| 35 | if (W_ERROR_EQUAL(WERR_OK, werr)) {
|
|---|
| 36 | return DNS_RCODE_OK;
|
|---|
| 37 | } else if (W_ERROR_EQUAL(DNS_ERR(FORMAT_ERROR), werr)) {
|
|---|
| 38 | return DNS_RCODE_FORMERR;
|
|---|
| 39 | } else if (W_ERROR_EQUAL(DNS_ERR(SERVER_FAILURE), werr)) {
|
|---|
| 40 | return DNS_RCODE_SERVFAIL;
|
|---|
| 41 | } else if (W_ERROR_EQUAL(DNS_ERR(NAME_ERROR), werr)) {
|
|---|
| 42 | return DNS_RCODE_NXDOMAIN;
|
|---|
| 43 | } else if (W_ERROR_EQUAL(DNS_ERR(NOT_IMPLEMENTED), werr)) {
|
|---|
| 44 | return DNS_RCODE_NOTIMP;
|
|---|
| 45 | } else if (W_ERROR_EQUAL(DNS_ERR(REFUSED), werr)) {
|
|---|
| 46 | return DNS_RCODE_REFUSED;
|
|---|
| 47 | } else if (W_ERROR_EQUAL(DNS_ERR(YXDOMAIN), werr)) {
|
|---|
| 48 | return DNS_RCODE_YXDOMAIN;
|
|---|
| 49 | } else if (W_ERROR_EQUAL(DNS_ERR(YXRRSET), werr)) {
|
|---|
| 50 | return DNS_RCODE_YXRRSET;
|
|---|
| 51 | } else if (W_ERROR_EQUAL(DNS_ERR(NXRRSET), werr)) {
|
|---|
| 52 | return DNS_RCODE_NXRRSET;
|
|---|
| 53 | } else if (W_ERROR_EQUAL(DNS_ERR(NOTAUTH), werr)) {
|
|---|
| 54 | return DNS_RCODE_NOTAUTH;
|
|---|
| 55 | } else if (W_ERROR_EQUAL(DNS_ERR(NOTZONE), werr)) {
|
|---|
| 56 | return DNS_RCODE_NOTZONE;
|
|---|
| 57 | }
|
|---|
| 58 | DEBUG(5, ("No mapping exists for %%s\n"));
|
|---|
| 59 | return DNS_RCODE_SERVFAIL;
|
|---|
| 60 | }
|
|---|
| 61 |
|
|---|
| 62 | bool dns_name_match(const char *zone, const char *name, size_t *host_part_len)
|
|---|
| 63 | {
|
|---|
| 64 | size_t zl = strlen(zone);
|
|---|
| 65 | size_t nl = strlen(name);
|
|---|
| 66 | ssize_t zi, ni;
|
|---|
| 67 | static const size_t fixup = 'a' - 'A';
|
|---|
| 68 |
|
|---|
| 69 | if (zl > nl) {
|
|---|
| 70 | return false;
|
|---|
| 71 | }
|
|---|
| 72 |
|
|---|
| 73 | for (zi = zl, ni = nl; zi >= 0; zi--, ni--) {
|
|---|
| 74 | char zc = zone[zi];
|
|---|
| 75 | char nc = name[ni];
|
|---|
| 76 |
|
|---|
| 77 | /* convert to lower case */
|
|---|
| 78 | if (zc >= 'A' && zc <= 'Z') {
|
|---|
| 79 | zc += fixup;
|
|---|
| 80 | }
|
|---|
| 81 | if (nc >= 'A' && nc <= 'Z') {
|
|---|
| 82 | nc += fixup;
|
|---|
| 83 | }
|
|---|
| 84 |
|
|---|
| 85 | if (zc != nc) {
|
|---|
| 86 | return false;
|
|---|
| 87 | }
|
|---|
| 88 | }
|
|---|
| 89 |
|
|---|
| 90 | if (ni >= 0) {
|
|---|
| 91 | if (name[ni] != '.') {
|
|---|
| 92 | return false;
|
|---|
| 93 | }
|
|---|
| 94 |
|
|---|
| 95 | ni--;
|
|---|
| 96 | }
|
|---|
| 97 |
|
|---|
| 98 | *host_part_len = ni+1;
|
|---|
| 99 |
|
|---|
| 100 | return true;
|
|---|
| 101 | }
|
|---|
| 102 |
|
|---|
| 103 | WERROR dns_name2dn(struct dns_server *dns,
|
|---|
| 104 | TALLOC_CTX *mem_ctx,
|
|---|
| 105 | const char *name,
|
|---|
| 106 | struct ldb_dn **_dn)
|
|---|
| 107 | {
|
|---|
| 108 | struct ldb_dn *base;
|
|---|
| 109 | struct ldb_dn *dn;
|
|---|
| 110 | const struct dns_server_zone *z;
|
|---|
| 111 | size_t host_part_len = 0;
|
|---|
| 112 |
|
|---|
| 113 | if (name == NULL) {
|
|---|
| 114 | return DNS_ERR(FORMAT_ERROR);
|
|---|
| 115 | }
|
|---|
| 116 |
|
|---|
| 117 | /*TODO: Check if 'name' is a valid DNS name */
|
|---|
| 118 |
|
|---|
| 119 | if (strcmp(name, "") == 0) {
|
|---|
| 120 | base = ldb_get_default_basedn(dns->samdb);
|
|---|
| 121 | dn = ldb_dn_copy(mem_ctx, base);
|
|---|
| 122 | ldb_dn_add_child_fmt(dn, "DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System");
|
|---|
| 123 | *_dn = dn;
|
|---|
| 124 | return WERR_OK;
|
|---|
| 125 | }
|
|---|
| 126 |
|
|---|
| 127 | for (z = dns->zones; z != NULL; z = z->next) {
|
|---|
| 128 | bool match;
|
|---|
| 129 |
|
|---|
| 130 | match = dns_name_match(z->name, name, &host_part_len);
|
|---|
| 131 | if (match) {
|
|---|
| 132 | break;
|
|---|
| 133 | }
|
|---|
| 134 | }
|
|---|
| 135 |
|
|---|
| 136 | if (z == NULL) {
|
|---|
| 137 | return DNS_ERR(NAME_ERROR);
|
|---|
| 138 | }
|
|---|
| 139 |
|
|---|
| 140 | if (host_part_len == 0) {
|
|---|
| 141 | dn = ldb_dn_copy(mem_ctx, z->dn);
|
|---|
| 142 | ldb_dn_add_child_fmt(dn, "DC=@");
|
|---|
| 143 | *_dn = dn;
|
|---|
| 144 | return WERR_OK;
|
|---|
| 145 | }
|
|---|
| 146 |
|
|---|
| 147 | dn = ldb_dn_copy(mem_ctx, z->dn);
|
|---|
| 148 | ldb_dn_add_child_fmt(dn, "DC=%*.*s", (int)host_part_len, (int)host_part_len, name);
|
|---|
| 149 | *_dn = dn;
|
|---|
| 150 | return WERR_OK;
|
|---|
| 151 | }
|
|---|
