search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: smbd: Sanitize any "server" and "share" components of SMB1 DFS paths to remove...
[Samba.git] / lib / addns / dnsquery.c
blob7590c9ff508a2c774bf13420487be5acb6e9548c
1 /*
2 Unix SMB/CIFS implementation.
3 DNS utility library
4 Copyright (C) Gerald (Jerry) Carter 2006.
5 Copyright (C) Jeremy Allison 2007.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "lib/util/util_net.h"
23 #include "lib/util/tsort.h"
24 #include "librpc/gen_ndr/dns.h"
25 #include "libcli/dns/dns_lookup.h"
26 #include "lib/util/tevent_ntstatus.h"
27 #include "dnsquery.h"
28
29 /*********************************************************************
30 Sort SRV record list based on weight and priority. See RFC 2782.
31 *********************************************************************/
32
33 static int dnssrvcmp( struct dns_rr_srv *a, struct dns_rr_srv *b )
34 {
35 if ( a->priority == b->priority ) {
36
37 /* randomize entries with an equal weight and priority */
38 if ( a->weight == b->weight )
39 return 0;
40
41 /* higher weights should be sorted lower */
42 if ( a->weight > b->weight )
43 return -1;
44 else
45 return 1;
46 }
47
48 if ( a->priority < b->priority )
49 return -1;
50
51 return 1;
52 }
53
54 struct ads_dns_lookup_srv_state {
55 struct dns_rr_srv *srvs;
56 size_t num_srvs;
57 };
58
59 static void ads_dns_lookup_srv_done(struct tevent_req *subreq);
60
61 struct tevent_req *ads_dns_lookup_srv_send(TALLOC_CTX *mem_ctx,
62 struct tevent_context *ev,
63 const char *name)
64 {
65 struct tevent_req *req, *subreq;
66 struct ads_dns_lookup_srv_state *state;
67
68 req = tevent_req_create(mem_ctx, &state,
69 struct ads_dns_lookup_srv_state);
70 if (req == NULL) {
71 return NULL;
72 }
73
74 subreq = dns_lookup_send(
75 state,
76 ev,
77 NULL,
78 name,
79 DNS_QCLASS_IN,
80 DNS_QTYPE_SRV);
81
82 if (tevent_req_nomem(subreq, req)) {
83 return tevent_req_post(req, ev);
84 }
85 tevent_req_set_callback(subreq, ads_dns_lookup_srv_done, req);
86 return req;
87 }
88
89 static void ads_dns_lookup_srv_done(struct tevent_req *subreq)
90 {
91 struct tevent_req *req = tevent_req_callback_data(
92 subreq, struct tevent_req);
93 struct ads_dns_lookup_srv_state *state = tevent_req_data(
94 req, struct ads_dns_lookup_srv_state);
95 int ret;
96 struct dns_name_packet *reply;
97 uint16_t i, idx;
98
99 ret = dns_lookup_recv(subreq, state, &reply);
100 TALLOC_FREE(subreq);
101 if (ret != 0) {
102 tevent_req_nterror(req, map_nt_error_from_unix_common(ret));
103 return;
104 }
105
106 for (i=0; i<reply->ancount; i++) {
107 if (reply->answers[i].rr_type == DNS_QTYPE_SRV) {
108 /* uint16_t can't wrap here. */
109 state->num_srvs += 1;
110 }
111 }
112
113 state->srvs = talloc_array(state, struct dns_rr_srv, state->num_srvs);
114 if (tevent_req_nomem(state->srvs, req)) {
115 return;
116 }
117
118 idx = 0;
119
120 for (i=0; i<reply->ancount; i++) {
121 struct dns_res_rec *an = &reply->answers[i];
122 struct dns_rr_srv *dst = &state->srvs[idx];
123 struct dns_srv_record *src;
124
125 if (an->rr_type != DNS_QTYPE_SRV) {
126 continue;
127 }
128 src = &an->rdata.srv_record;
129
130 *dst = (struct dns_rr_srv) {
131 .hostname = talloc_move(state->srvs, &src->target),
132 .priority = src->priority,
133 .weight = src->weight,
134 .port = src->port,
135 };
136 idx += 1;
137 }
138
139 for (i=0; i<reply->arcount; i++) {
140 struct dns_res_rec *ar = &reply->additional[i];
141 struct sockaddr_storage addr;
142 bool ok;
143 size_t j;
144
145 ok = dns_res_rec_get_sockaddr(ar, &addr);
146 if (!ok) {
147 continue;
148 }
149
150 for (j=0; j<state->num_srvs; j++) {
151 struct dns_rr_srv *srv = &state->srvs[j];
152 struct sockaddr_storage *tmp;
153
154 if (strcmp(srv->hostname, ar->name) != 0) {
155 continue;
156 }
157 /* uint16_t can't wrap here. */
158 tmp = talloc_realloc(
159 state->srvs,
160 srv->ss_s,
161 struct sockaddr_storage,
162 srv->num_ips+1);
163
164 if (tevent_req_nomem(tmp, req)) {
165 return;
166 }
167 srv->ss_s = tmp;
168
169 srv->ss_s[srv->num_ips] = addr;
170 srv->num_ips += 1;
171 }
172 }
173
174 TYPESAFE_QSORT(state->srvs, state->num_srvs, dnssrvcmp);
175
176 tevent_req_done(req);
177 }
178
179 NTSTATUS ads_dns_lookup_srv_recv(struct tevent_req *req,
180 TALLOC_CTX *mem_ctx,
181 struct dns_rr_srv **srvs,
182 size_t *num_srvs)
183 {
184 struct ads_dns_lookup_srv_state *state = tevent_req_data(
185 req, struct ads_dns_lookup_srv_state);
186 NTSTATUS status;
187
188 if (tevent_req_is_nterror(req, &status)) {
189 return status;
190 }
191 *srvs = talloc_move(mem_ctx, &state->srvs);
192 *num_srvs = state->num_srvs;
193 tevent_req_received(req);
194 return NT_STATUS_OK;
195 }
196
197 /*********************************************************************
198 Simple wrapper for a DNS SRV query
199 *********************************************************************/
200
201 NTSTATUS ads_dns_lookup_srv(TALLOC_CTX *ctx,
202 const char *name,
203 struct dns_rr_srv **dclist,
204 size_t *numdcs)
205 {
206 struct tevent_context *ev;
207 struct tevent_req *req;
208 NTSTATUS status = NT_STATUS_NO_MEMORY;
209 size_t num_srvs = 0;
210
211 ev = samba_tevent_context_init(ctx);
212 if (ev == NULL) {
213 goto fail;
214 }
215 req = ads_dns_lookup_srv_send(ev, ev, name);
216 if (req == NULL) {
217 goto fail;
218 }
219 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
220 goto fail;
221 }
222 status = ads_dns_lookup_srv_recv(req, ctx, dclist, &num_srvs);
223 if (NT_STATUS_IS_OK(status)) {
224 *numdcs = num_srvs;
225 }
226 fail:
227 TALLOC_FREE(ev);
228 return status;
229 }
230
231 struct ads_dns_lookup_ns_state {
232 struct dns_rr_ns *nss;
233 size_t num_nss;
234 };
235
236 static void ads_dns_lookup_ns_done(struct tevent_req *subreq);
237
238 struct tevent_req *ads_dns_lookup_ns_send(TALLOC_CTX *mem_ctx,
239 struct tevent_context *ev,
240 const char *name)
241 {
242 struct tevent_req *req, *subreq;
243 struct ads_dns_lookup_ns_state *state;
244
245 req = tevent_req_create(mem_ctx, &state,
246 struct ads_dns_lookup_ns_state);
247 if (req == NULL) {
248 return NULL;
249 }
250
251 subreq = dns_lookup_send(state, ev, NULL, name, DNS_QCLASS_IN,
252 DNS_QTYPE_NS);
253 if (tevent_req_nomem(subreq, req)) {
254 return tevent_req_post(req, ev);
255 }
256 tevent_req_set_callback(subreq, ads_dns_lookup_ns_done, req);
257 return req;
258 }
259
260 static void ads_dns_lookup_ns_done(struct tevent_req *subreq)
261 {
262 struct tevent_req *req = tevent_req_callback_data(
263 subreq, struct tevent_req);
264 struct ads_dns_lookup_ns_state *state = tevent_req_data(
265 req, struct ads_dns_lookup_ns_state);
266 int ret;
267 struct dns_name_packet *reply;
268 uint16_t i, idx;
269
270 ret = dns_lookup_recv(subreq, state, &reply);
271 TALLOC_FREE(subreq);
272 if (ret != 0) {
273 tevent_req_nterror(req, map_nt_error_from_unix_common(ret));
274 return;
275 }
276
277 for (i=0; i<reply->ancount; i++) {
278 if (reply->answers[i].rr_type == DNS_QTYPE_NS) {
279 state->num_nss += 1;
280 }
281 }
282
283 state->nss = talloc_array(state, struct dns_rr_ns, state->num_nss);
284 if (tevent_req_nomem(state->nss, req)) {
285 return;
286 }
287
288 idx = 0;
289
290 for (i=0; i<reply->ancount; i++) {
291 struct dns_res_rec *an = &reply->answers[i];
292
293 if (an->rr_type != DNS_QTYPE_NS) {
294 continue;
295 }
296
297 state->nss[idx].hostname = talloc_move(state->nss,
298 &an->rdata.ns_record);
299 idx += 1;
300 }
301
302 for (i=0; i<reply->arcount; i++) {
303 struct dns_res_rec *ar = &reply->additional[i];
304 struct sockaddr_storage addr;
305 bool ok;
306 size_t j;
307
308 ok = dns_res_rec_get_sockaddr(ar, &addr);
309 if (!ok) {
310 continue;
311 }
312
313 for (j=0; j<state->num_nss; j++) {
314 struct dns_rr_ns *ns = &state->nss[j];
315
316 if (strcmp(ns->hostname, ar->name) == 0) {
317 ns->ss = addr;
318 }
319 }
320 }
321
322 tevent_req_done(req);
323 }
324
325 NTSTATUS ads_dns_lookup_ns_recv(struct tevent_req *req,
326 TALLOC_CTX *mem_ctx,
327 struct dns_rr_ns **nss,
328 size_t *num_nss)
329 {
330 struct ads_dns_lookup_ns_state *state = tevent_req_data(
331 req, struct ads_dns_lookup_ns_state);
332 NTSTATUS status;
333
334 if (tevent_req_is_nterror(req, &status)) {
335 return status;
336 }
337 *nss = talloc_move(mem_ctx, &state->nss);
338 *num_nss = state->num_nss;
339 tevent_req_received(req);
340 return NT_STATUS_OK;
341 }
342
343 /*********************************************************************
344 Simple wrapper for a DNS NS query
345 *********************************************************************/
346
347 NTSTATUS ads_dns_lookup_ns(TALLOC_CTX *ctx,
348 const char *dnsdomain,
349 struct dns_rr_ns **nslist,
350 size_t *numns)
351 {
352 struct tevent_context *ev;
353 struct tevent_req *req;
354 NTSTATUS status = NT_STATUS_NO_MEMORY;
355 size_t num_ns = 0;
356
357 ev = samba_tevent_context_init(ctx);
358 if (ev == NULL) {
359 goto fail;
360 }
361 req = ads_dns_lookup_ns_send(ev, ev, dnsdomain);
362 if (req == NULL) {
363 goto fail;
364 }
365 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
366 goto fail;
367 }
368 status = ads_dns_lookup_ns_recv(req, ctx, nslist, &num_ns);
369 *numns = num_ns;
370 fail:
371 TALLOC_FREE(ev);
372 return status;
373 }
374
375 /*********************************************************************
376 Async A record lookup.
377 *********************************************************************/
378
379 struct ads_dns_lookup_a_state {
380 uint8_t rcode;
381 size_t num_names;
382 char **hostnames;
383 struct samba_sockaddr *addrs;
384 };
385
386 static void ads_dns_lookup_a_done(struct tevent_req *subreq);
387
388 struct tevent_req *ads_dns_lookup_a_send(TALLOC_CTX *mem_ctx,
389 struct tevent_context *ev,
390 const char *name)
391 {
392 struct tevent_req *req = NULL, *subreq = NULL;
393 struct ads_dns_lookup_a_state *state = NULL;
394
395 req = tevent_req_create(mem_ctx, &state,
396 struct ads_dns_lookup_a_state);
397 if (req == NULL) {
398 return NULL;
399 }
400
401 subreq = dns_lookup_send(
402 state,
403 ev,
404 NULL,
405 name,
406 DNS_QCLASS_IN,
407 DNS_QTYPE_A);
408
409 if (tevent_req_nomem(subreq, req)) {
410 return tevent_req_post(req, ev);
411 }
412 tevent_req_set_callback(subreq, ads_dns_lookup_a_done, req);
413 return req;
414 }
415
416 static void ads_dns_lookup_a_done(struct tevent_req *subreq)
417 {
418 struct tevent_req *req = tevent_req_callback_data(
419 subreq, struct tevent_req);
420 struct ads_dns_lookup_a_state *state = tevent_req_data(
421 req, struct ads_dns_lookup_a_state);
422 int ret;
423 struct dns_name_packet *reply = NULL;
424 uint16_t i;
425
426 ret = dns_lookup_recv(subreq, state, &reply);
427 TALLOC_FREE(subreq);
428 if (ret != 0) {
429 tevent_req_nterror(req, map_nt_error_from_unix_common(ret));
430 return;
431 }
432
433 state->rcode = (reply->operation & DNS_RCODE);
434 if (state->rcode != DNS_RCODE_OK) {
435 /* Don't bother looking for answers. */
436 tevent_req_done(req);
437 return;
438 }
439
440 /*
441 * We don't care about CNAME answers here. We're
442 * just wanting an async name -> IPv4 lookup.
443 */
444 for (i = 0; i < reply->ancount; i++) {
445 if (reply->answers[i].rr_type == DNS_QTYPE_A) {
446 state->num_names += 1;
447 }
448 }
449
450 state->hostnames = talloc_zero_array(state,
451 char *,
452 state->num_names);
453 if (tevent_req_nomem(state->hostnames, req)) {
454 return;
455 }
456 state->addrs = talloc_zero_array(state,
457 struct samba_sockaddr,
458 state->num_names);
459 if (tevent_req_nomem(state->addrs, req)) {
460 return;
461 }
462
463 state->num_names = 0;
464
465 for (i = 0; i < reply->ancount; i++) {
466 bool ok;
467 struct sockaddr_storage ss = {0};
468 struct dns_res_rec *an = &reply->answers[i];
469
470 if (an->rr_type != DNS_QTYPE_A) {
471 continue;
472 }
473 if (an->name == NULL) {
474 /* Can this happen? */
475 continue;
476 }
477 if (an->rdata.ipv4_record == NULL) {
478 /* Can this happen? */
479 continue;
480 }
481 ok = dns_res_rec_get_sockaddr(an,
482 &ss);
483 if (!ok) {
484 continue;
485 }
486 if (is_zero_addr(&ss)) {
487 continue;
488 }
489 state->addrs[state->num_names].u.ss = ss;
490 state->addrs[state->num_names].sa_socklen =
491 sizeof(struct sockaddr_in);
492 state->hostnames[state->num_names] = talloc_strdup(
493 state->hostnames,
494 an->name);
495 if (tevent_req_nomem(state->hostnames[state->num_names], req)) {
496 return;
497 }
498 state->num_names += 1;
499 }
500
501 tevent_req_done(req);
502 }
503
504 NTSTATUS ads_dns_lookup_a_recv(struct tevent_req *req,
505 TALLOC_CTX *mem_ctx,
506 uint8_t *rcode_out,
507 size_t *num_names_out,
508 char ***hostnames_out,
509 struct samba_sockaddr **addrs_out)
510 {
511 struct ads_dns_lookup_a_state *state = tevent_req_data(
512 req, struct ads_dns_lookup_a_state);
513 NTSTATUS status;
514
515 if (tevent_req_is_nterror(req, &status)) {
516 return status;
517 }
518 if (rcode_out != NULL) {
519 /*
520 * If we got no names, an upper layer may
521 * want to print a debug message.
522 */
523 *rcode_out = state->rcode;
524 }
525 if (hostnames_out != NULL) {
526 *hostnames_out = talloc_move(mem_ctx,
527 &state->hostnames);
528 }
529 if (addrs_out != NULL) {
530 *addrs_out = talloc_move(mem_ctx,
531 &state->addrs);
532 }
533 *num_names_out = state->num_names;
534 tevent_req_received(req);
535 return NT_STATUS_OK;
536 }
537
538 /*********************************************************************
539 Simple wrapper for a DNS A query
540 *********************************************************************/
541
542 NTSTATUS ads_dns_lookup_a(TALLOC_CTX *ctx,
543 const char *name_in,
544 size_t *num_names_out,
545 char ***hostnames_out,
546 struct samba_sockaddr **addrs_out)
547 {
548 struct tevent_context *ev;
549 struct tevent_req *req;
550 NTSTATUS status = NT_STATUS_NO_MEMORY;
551
552 ev = samba_tevent_context_init(ctx);
553 if (ev == NULL) {
554 goto fail;
555 }
556 req = ads_dns_lookup_a_send(ev, ev, name_in);
557 if (req == NULL) {
558 goto fail;
559 }
560 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
561 goto fail;
562 }
563 /*
564 * Synchronous doesn't need to care about the rcode or
565 * a copy of the name_in.
566 */
567 status = ads_dns_lookup_a_recv(req,
568 ctx,
569 NULL,
570 num_names_out,
571 hostnames_out,
572 addrs_out);
573 fail:
574 TALLOC_FREE(ev);
575 return status;
576 }
577
578 #if defined(HAVE_IPV6)
579 /*********************************************************************
580 Async AAAA record lookup.
581 *********************************************************************/
582
583 struct ads_dns_lookup_aaaa_state {
584 uint8_t rcode;
585 size_t num_names;
586 char **hostnames;
587 struct samba_sockaddr *addrs;
588 };
589
590 static void ads_dns_lookup_aaaa_done(struct tevent_req *subreq);
591
592 struct tevent_req *ads_dns_lookup_aaaa_send(TALLOC_CTX *mem_ctx,
593 struct tevent_context *ev,
594 const char *name)
595 {
596 struct tevent_req *req, *subreq = NULL;
597 struct ads_dns_lookup_aaaa_state *state = NULL;
598
599 req = tevent_req_create(mem_ctx, &state,
600 struct ads_dns_lookup_aaaa_state);
601 if (req == NULL) {
602 return NULL;
603 }
604
605 subreq = dns_lookup_send(
606 state,
607 ev,
608 NULL,
609 name,
610 DNS_QCLASS_IN,
611 DNS_QTYPE_AAAA);
612
613 if (tevent_req_nomem(subreq, req)) {
614 return tevent_req_post(req, ev);
615 }
616 tevent_req_set_callback(subreq, ads_dns_lookup_aaaa_done, req);
617 return req;
618 }
619
620 static void ads_dns_lookup_aaaa_done(struct tevent_req *subreq)
621 {
622 struct tevent_req *req = tevent_req_callback_data(
623 subreq, struct tevent_req);
624 struct ads_dns_lookup_aaaa_state *state = tevent_req_data(
625 req, struct ads_dns_lookup_aaaa_state);
626 int ret;
627 struct dns_name_packet *reply = NULL;
628 uint16_t i;
629
630 ret = dns_lookup_recv(subreq, state, &reply);
631 TALLOC_FREE(subreq);
632 if (ret != 0) {
633 tevent_req_nterror(req, map_nt_error_from_unix_common(ret));
634 return;
635 }
636
637 state->rcode = (reply->operation & DNS_RCODE);
638 if (state->rcode != DNS_RCODE_OK) {
639 /* Don't bother looking for answers. */
640 tevent_req_done(req);
641 return;
642 }
643
644 /*
645 * We don't care about CNAME answers here. We're
646 * just wanting an async name -> IPv6 lookup.
647 */
648 for (i = 0; i < reply->ancount; i++) {
649 if (reply->answers[i].rr_type == DNS_QTYPE_AAAA) {
650 state->num_names += 1;
651 }
652 }
653
654 state->hostnames = talloc_zero_array(state,
655 char *,
656 state->num_names);
657 if (tevent_req_nomem(state->hostnames, req)) {
658 return;
659 }
660 state->addrs = talloc_zero_array(state,
661 struct samba_sockaddr,
662 state->num_names);
663 if (tevent_req_nomem(state->addrs, req)) {
664 return;
665 }
666
667 state->num_names = 0;
668
669 for (i = 0; i < reply->ancount; i++) {
670 bool ok;
671 struct sockaddr_storage ss = {0};
672 struct dns_res_rec *an = &reply->answers[i];
673
674 if (an->rr_type != DNS_QTYPE_AAAA) {
675 continue;
676 }
677 if (an->name == NULL) {
678 /* Can this happen? */
679 continue;
680 }
681 if (an->rdata.ipv6_record == NULL) {
682 /* Can this happen? */
683 continue;
684 }
685 ok = dns_res_rec_get_sockaddr(an,
686 &ss);
687 if (!ok) {
688 continue;
689 }
690 if (is_zero_addr(&ss)) {
691 continue;
692 }
693 state->addrs[state->num_names].u.ss = ss;
694 state->addrs[state->num_names].sa_socklen =
695 sizeof(struct sockaddr_in6);
696
697 state->hostnames[state->num_names] = talloc_strdup(
698 state->hostnames,
699 an->name);
700 if (tevent_req_nomem(state->hostnames[state->num_names], req)) {
701 return;
702 }
703 state->num_names += 1;
704 }
705
706 tevent_req_done(req);
707 }
708
709 NTSTATUS ads_dns_lookup_aaaa_recv(struct tevent_req *req,
710 TALLOC_CTX *mem_ctx,
711 uint8_t *rcode_out,
712 size_t *num_names_out,
713 char ***hostnames_out,
714 struct samba_sockaddr **addrs_out)
715 {
716 struct ads_dns_lookup_aaaa_state *state = tevent_req_data(
717 req, struct ads_dns_lookup_aaaa_state);
718 NTSTATUS status;
719
720 if (tevent_req_is_nterror(req, &status)) {
721 return status;
722 }
723 if (rcode_out != NULL) {
724 /*
725 * If we got no names, an upper layer may
726 * want to print a debug message.
727 */
728 *rcode_out = state->rcode;
729 }
730 if (hostnames_out != NULL) {
731 *hostnames_out = talloc_move(mem_ctx,
732 &state->hostnames);
733 }
734 if (addrs_out != NULL) {
735 *addrs_out = talloc_move(mem_ctx,
736 &state->addrs);
737 }
738 *num_names_out = state->num_names;
739 tevent_req_received(req);
740 return NT_STATUS_OK;
741 }
742
743 /*********************************************************************
744 Simple wrapper for a DNS AAAA query
745 *********************************************************************/
746
747 NTSTATUS ads_dns_lookup_aaaa(TALLOC_CTX *ctx,
748 const char *name_in,
749 size_t *num_names_out,
750 char ***hostnames_out,
751 struct samba_sockaddr **addrs_out)
752 {
753 struct tevent_context *ev = NULL;
754 struct tevent_req *req = NULL;
755 NTSTATUS status = NT_STATUS_NO_MEMORY;
756
757 ev = samba_tevent_context_init(ctx);
758 if (ev == NULL) {
759 goto fail;
760 }
761 req = ads_dns_lookup_aaaa_send(ev, ev, name_in);
762 if (req == NULL) {
763 goto fail;
764 }
765 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
766 goto fail;
767 }
768 /*
769 * Synchronous doesn't need to care about the rcode or
770 * a copy of the name_in.
771 */
772 status = ads_dns_lookup_aaaa_recv(req,
773 ctx,
774 NULL,
775 num_names_out,
776 hostnames_out,
777 addrs_out);
778 fail:
779 TALLOC_FREE(ev);
780 return status;
781 }
782 #endif
Samba GIT mirror