CVE-2013-4408:s4:dcerpc_sock: check for invalid frag_len within sock_complete_packet()
[Samba.git] / source3 / nmbd / nmbd_workgroupdb.c
blob14b33b321e1cd2262cebb346f7108f5add689893
1 /*
2 Unix SMB/CIFS implementation.
3 NBT netbios routines and daemon - version 2
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Luke Kenneth Casson Leighton 1994-1998
6 Copyright (C) Jeremy Allison 1994-1998
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "includes.h"
24 #include "../librpc/gen_ndr/svcctl.h"
25 #include "nmbd/nmbd.h"
27 extern uint16 samba_nb_type;
29 int workgroup_count = 0; /* unique index key: one for each workgroup */
31 /****************************************************************************
32 Add a workgroup into the list.
33 **************************************************************************/
35 static void add_workgroup(struct subnet_record *subrec, struct work_record *work)
37 work->subnet = subrec;
38 DLIST_ADD(subrec->workgrouplist, work);
39 subrec->work_changed = True;
42 /****************************************************************************
43 Copy name to unstring. Used by create_workgroup() and find_workgroup_on_subnet().
44 **************************************************************************/
46 static void name_to_unstring(unstring unname, const char *name)
48 nstring nname;
50 errno = 0;
51 push_ascii_nstring(nname, name);
52 if (errno == E2BIG) {
53 unstring tname;
54 pull_ascii_nstring(tname, sizeof(tname), nname);
55 strlcpy(unname, tname, sizeof(nname));
56 DEBUG(0,("name_to_nstring: workgroup name %s is too long. Truncating to %s\n",
57 name, tname));
58 } else {
59 unstrcpy(unname, name);
63 /****************************************************************************
64 Create an empty workgroup.
65 **************************************************************************/
67 static struct work_record *create_workgroup(const char *name, int ttl)
69 struct work_record *work;
70 struct subnet_record *subrec;
71 int t = -1;
73 if((work = SMB_MALLOC_P(struct work_record)) == NULL) {
74 DEBUG(0,("create_workgroup: malloc fail !\n"));
75 return NULL;
77 memset((char *)work, '\0', sizeof(*work));
79 name_to_unstring(work->work_group, name);
81 work->serverlist = NULL;
83 work->RunningElection = False;
84 work->ElectionCount = 0;
85 work->announce_interval = 0;
86 work->needelection = False;
87 work->needannounce = True;
88 work->lastannounce_time = time(NULL);
89 work->mst_state = lp_local_master() ? MST_POTENTIAL : MST_NONE;
90 work->dom_state = DOMAIN_NONE;
91 work->log_state = LOGON_NONE;
93 work->death_time = (ttl != PERMANENT_TTL) ? time(NULL)+(ttl*3) : PERMANENT_TTL;
95 /* Make sure all token representations of workgroups are unique. */
97 for (subrec = FIRST_SUBNET; subrec && (t == -1); subrec = NEXT_SUBNET_INCLUDING_UNICAST(subrec)) {
98 struct work_record *w;
99 for (w = subrec->workgrouplist; w && t == -1; w = w->next) {
100 if (strequal(w->work_group, work->work_group))
101 t = w->token;
105 if (t == -1)
106 work->token = ++workgroup_count;
107 else
108 work->token = t;
110 /* No known local master browser as yet. */
111 *work->local_master_browser_name = '\0';
113 /* No known domain master browser as yet. */
114 *work->dmb_name.name = '\0';
115 zero_ip_v4(&work->dmb_addr);
117 /* WfWg uses 01040b01 */
118 /* Win95 uses 01041501 */
119 /* NTAS uses ???????? */
120 work->ElectionCriterion = (MAINTAIN_LIST)|(BROWSER_ELECTION_VERSION<<8);
121 work->ElectionCriterion |= (lp_os_level() << 24);
122 if (lp_domain_master())
123 work->ElectionCriterion |= 0x80;
125 return work;
128 /*******************************************************************
129 Remove a workgroup.
130 ******************************************************************/
132 static struct work_record *remove_workgroup_from_subnet(struct subnet_record *subrec,
133 struct work_record *work)
135 struct work_record *ret_work = NULL;
137 DEBUG(3,("remove_workgroup: Removing workgroup %s\n", work->work_group));
139 ret_work = work->next;
141 remove_all_servers(work);
143 if (!work->serverlist) {
144 DLIST_REMOVE(subrec->workgrouplist, work);
145 ZERO_STRUCTP(work);
146 SAFE_FREE(work);
149 subrec->work_changed = True;
151 return ret_work;
154 /****************************************************************************
155 Find a workgroup in the workgroup list of a subnet.
156 **************************************************************************/
158 struct work_record *find_workgroup_on_subnet(struct subnet_record *subrec,
159 const char *name)
161 struct work_record *ret;
162 unstring un_name;
164 DEBUG(4, ("find_workgroup_on_subnet: workgroup search for %s on subnet %s: ",
165 name, subrec->subnet_name));
167 name_to_unstring(un_name, name);
169 for (ret = subrec->workgrouplist; ret; ret = ret->next) {
170 if (strequal(ret->work_group,un_name)) {
171 DEBUGADD(4, ("found.\n"));
172 return(ret);
175 DEBUGADD(4, ("not found.\n"));
176 return NULL;
179 /****************************************************************************
180 Create a workgroup in the workgroup list of the subnet.
181 **************************************************************************/
183 struct work_record *create_workgroup_on_subnet(struct subnet_record *subrec,
184 const char *name, int ttl)
186 struct work_record *work = NULL;
188 DEBUG(4,("create_workgroup_on_subnet: creating group %s on subnet %s\n",
189 name, subrec->subnet_name));
191 if ((work = create_workgroup(name, ttl))) {
192 add_workgroup(subrec, work);
193 subrec->work_changed = True;
194 return(work);
197 return NULL;
200 /****************************************************************************
201 Update a workgroup ttl.
202 **************************************************************************/
204 void update_workgroup_ttl(struct work_record *work, int ttl)
206 if(work->death_time != PERMANENT_TTL)
207 work->death_time = time(NULL)+(ttl*3);
208 work->subnet->work_changed = True;
211 /****************************************************************************
212 Fail function called if we cannot register the WORKGROUP<0> and
213 WORKGROUP<1e> names on the net.
214 **************************************************************************/
216 static void fail_register(struct subnet_record *subrec, struct response_record *rrec,
217 struct nmb_name *nmbname)
219 DEBUG(0,("fail_register: Failed to register name %s on subnet %s.\n",
220 nmb_namestr(nmbname), subrec->subnet_name));
223 /****************************************************************************
224 If the workgroup is our primary workgroup, add the required names to it.
225 **************************************************************************/
227 void initiate_myworkgroup_startup(struct subnet_record *subrec, struct work_record *work)
229 int i;
231 if(!strequal(lp_workgroup(), work->work_group))
232 return;
234 /* If this is a broadcast subnet then start elections on it if we are so configured. */
236 if ((subrec != unicast_subnet) && (subrec != remote_broadcast_subnet) &&
237 (subrec != wins_server_subnet) && lp_preferred_master() && lp_local_master()) {
238 DEBUG(3, ("initiate_myworkgroup_startup: preferred master startup for \
239 workgroup %s on subnet %s\n", work->work_group, subrec->subnet_name));
240 work->needelection = True;
241 work->ElectionCriterion |= (1<<3);
244 /* Register the WORKGROUP<0> and WORKGROUP<1e> names on the network. */
246 register_name(subrec,lp_workgroup(),0x0,samba_nb_type|NB_GROUP, NULL, fail_register,NULL);
247 register_name(subrec,lp_workgroup(),0x1e,samba_nb_type|NB_GROUP, NULL, fail_register,NULL);
249 for( i = 0; my_netbios_names(i); i++) {
250 const char *name = my_netbios_names(i);
251 int stype = lp_default_server_announce() | (lp_local_master() ? SV_TYPE_POTENTIAL_BROWSER : 0 );
253 if(!strequal(lp_netbios_name(), name))
254 stype &= ~(SV_TYPE_MASTER_BROWSER|SV_TYPE_POTENTIAL_BROWSER|SV_TYPE_DOMAIN_MASTER|SV_TYPE_DOMAIN_MEMBER);
256 create_server_on_workgroup(work,name,stype|SV_TYPE_LOCAL_LIST_ONLY, PERMANENT_TTL,
257 string_truncate(lp_serverstring(talloc_tos()), MAX_SERVER_STRING_LENGTH));
258 DEBUG(3,("initiate_myworkgroup_startup: Added server name entry %s \
259 on subnet %s\n", name, subrec->subnet_name));
263 /****************************************************************************
264 Dump a copy of the workgroup database into the log file.
265 **************************************************************************/
267 void dump_workgroups(bool force_write)
269 struct subnet_record *subrec;
270 int debuglevel = force_write ? 0 : 4;
272 for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_INCLUDING_UNICAST(subrec)) {
273 if (subrec->workgrouplist) {
274 struct work_record *work;
276 if( DEBUGLVL( debuglevel ) ) {
277 dbgtext( "dump_workgroups()\n " );
278 dbgtext( "dump workgroup on subnet %15s: ", subrec->subnet_name );
279 dbgtext( "netmask=%15s:\n", inet_ntoa(subrec->mask_ip) );
282 for (work = subrec->workgrouplist; work; work = work->next) {
283 DEBUGADD( debuglevel, ( "\t%s(%d) current master browser = %s\n", work->work_group,
284 work->token, *work->local_master_browser_name ? work->local_master_browser_name : "UNKNOWN" ) );
285 if (work->serverlist) {
286 struct server_record *servrec;
287 for (servrec = work->serverlist; servrec; servrec = servrec->next) {
288 DEBUGADD( debuglevel, ( "\t\t%s %8x (%s)\n",
289 servrec->serv.name,
290 servrec->serv.type,
291 servrec->serv.comment ) );
299 /****************************************************************************
300 Expire any dead servers on all workgroups. If the workgroup has expired
301 remove it.
302 **************************************************************************/
304 void expire_workgroups_and_servers(time_t t)
306 struct subnet_record *subrec;
308 for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_INCLUDING_UNICAST(subrec)) {
309 struct work_record *work;
310 struct work_record *nextwork;
312 for (work = subrec->workgrouplist; work; work = nextwork) {
313 nextwork = work->next;
314 expire_servers(work, t);
316 if ((work->serverlist == NULL) && (work->death_time != PERMANENT_TTL) &&
317 ((t == (time_t)-1) || (work->death_time < t))) {
318 DEBUG(3,("expire_workgroups_and_servers: Removing timed out workgroup %s\n",
319 work->work_group));
320 remove_workgroup_from_subnet(subrec, work);