search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:auth: Enforce machine authentication policy for NTLM authentication
[Samba.git] / source3 / libsmb / namequery.c
blob047fff22ad94bb57a0d223a730b40f18b02a952a
1 /*
2 Unix SMB/CIFS implementation.
3 name query routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "libsmb/namequery.h"
23 #include "../lib/util/tevent_ntstatus.h"
24 #include "libads/sitename_cache.h"
25 #include "../lib/addns/dnsquery.h"
26 #include "../lib/addns/dnsquery_srv.h"
27 #include "../libcli/netlogon/netlogon.h"
28 #include "lib/async_req/async_sock.h"
29 #include "lib/tsocket/tsocket.h"
30 #include "libsmb/nmblib.h"
31 #include "libsmb/unexpected.h"
32 #include "../libcli/nbt/libnbt.h"
33 #include "libads/kerberos_proto.h"
34 #include "lib/gencache.h"
35 #include "librpc/gen_ndr/dns.h"
36 #include "lib/util/util_net.h"
37 #include "lib/util/string_wrappers.h"
38
39 /* nmbd.c sets this to True. */
40 bool global_in_nmbd = False;
41
42 /*
43 * Utility function to convert from a sockaddr_storage
44 * array to a struct samba_sockaddr array.
45 */
46
47 static NTSTATUS sockaddr_array_to_samba_sockaddr_array(
48 TALLOC_CTX *ctx,
49 struct samba_sockaddr **sa_out,
50 size_t *count_out,
51 const struct sockaddr_storage *ss_in,
52 size_t count_in)
53 {
54 struct samba_sockaddr *sa = NULL;
55 size_t i;
56 size_t count = 0;
57
58 if (count_in == 0) {
59 /*
60 * Zero length arrays are returned as NULL.
61 * in the name resolution code.
62 */
63 *count_out = 0;
64 *sa_out = NULL;
65 return NT_STATUS_OK;
66 }
67 sa = talloc_zero_array(ctx,
68 struct samba_sockaddr,
69 count_in);
70 if (sa == NULL) {
71 return NT_STATUS_NO_MEMORY;
72 }
73 count = 0;
74 for (i = 0; i < count_in; i++) {
75 bool ok;
76
77 /* Filter out zero addresses. */
78 if (is_zero_addr(&ss_in[i])) {
79 continue;
80 }
81 ok = sockaddr_storage_to_samba_sockaddr(&sa[count],
82 &ss_in[i]);
83 if (!ok) {
84 continue;
85 }
86 count++;
87 }
88 if (count == 0) {
89 /*
90 * Zero length arrays are returned as NULL.
91 * in the name resolution code.
92 */
93 TALLOC_FREE(sa);
94 }
95 *count_out = count;
96 *sa_out = sa;
97 return NT_STATUS_OK;
98 }
99
100 /****************************
101 * SERVER AFFINITY ROUTINES *
102 ****************************/
103
104 /* Server affinity is the concept of preferring the last domain
105 controller with whom you had a successful conversation */
106
107 /****************************************************************************
108 ****************************************************************************/
109 #define SAFKEY_FMT "SAF/DOMAIN/%s"
110 #define SAF_TTL 900
111 #define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
112 #define SAFJOIN_TTL 3600
113
114 static char *saf_key(TALLOC_CTX *mem_ctx, const char *domain)
115 {
116 return talloc_asprintf_strupper_m(mem_ctx, SAFKEY_FMT, domain);
117 }
118
119 static char *saf_join_key(TALLOC_CTX *mem_ctx, const char *domain)
120 {
121 return talloc_asprintf_strupper_m(mem_ctx, SAFJOINKEY_FMT, domain);
122 }
123
124 /****************************************************************************
125 ****************************************************************************/
126
127 bool saf_store( const char *domain, const char *servername )
128 {
129 char *key;
130 time_t expire;
131 bool ret = False;
132
133 if ( !domain || !servername ) {
134 DEBUG(2,("saf_store: "
135 "Refusing to store empty domain or servername!\n"));
136 return False;
137 }
138
139 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
140 DEBUG(0,("saf_store: "
141 "refusing to store 0 length domain or servername!\n"));
142 return False;
143 }
144
145 key = saf_key(talloc_tos(), domain);
146 if (key == NULL) {
147 DEBUG(1, ("saf_key() failed\n"));
148 return false;
149 }
150 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
151
152 DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n",
153 domain, servername, (unsigned int)expire ));
154
155 ret = gencache_set( key, servername, expire );
156
157 TALLOC_FREE( key );
158
159 return ret;
160 }
161
162 bool saf_join_store( const char *domain, const char *servername )
163 {
164 char *key;
165 time_t expire;
166 bool ret = False;
167
168 if ( !domain || !servername ) {
169 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
170 return False;
171 }
172
173 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
174 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
175 return False;
176 }
177
178 key = saf_join_key(talloc_tos(), domain);
179 if (key == NULL) {
180 DEBUG(1, ("saf_join_key() failed\n"));
181 return false;
182 }
183 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
184
185 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
186 domain, servername, (unsigned int)expire ));
187
188 ret = gencache_set( key, servername, expire );
189
190 TALLOC_FREE( key );
191
192 return ret;
193 }
194
195 bool saf_delete( const char *domain )
196 {
197 char *key;
198 bool ret = False;
199
200 if ( !domain ) {
201 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
202 return False;
203 }
204
205 key = saf_join_key(talloc_tos(), domain);
206 if (key == NULL) {
207 DEBUG(1, ("saf_join_key() failed\n"));
208 return false;
209 }
210 ret = gencache_del(key);
211 TALLOC_FREE(key);
212
213 if (ret) {
214 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
215 }
216
217 key = saf_key(talloc_tos(), domain);
218 if (key == NULL) {
219 DEBUG(1, ("saf_key() failed\n"));
220 return false;
221 }
222 ret = gencache_del(key);
223 TALLOC_FREE(key);
224
225 if (ret) {
226 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
227 }
228
229 return ret;
230 }
231
232 /****************************************************************************
233 ****************************************************************************/
234
235 char *saf_fetch(TALLOC_CTX *mem_ctx, const char *domain )
236 {
237 char *server = NULL;
238 time_t timeout;
239 bool ret = False;
240 char *key = NULL;
241
242 if ( !domain || strlen(domain) == 0) {
243 DEBUG(2,("saf_fetch: Empty domain name!\n"));
244 return NULL;
245 }
246
247 key = saf_join_key(talloc_tos(), domain);
248 if (key == NULL) {
249 DEBUG(1, ("saf_join_key() failed\n"));
250 return NULL;
251 }
252
253 ret = gencache_get( key, mem_ctx, &server, &timeout );
254
255 TALLOC_FREE( key );
256
257 if ( ret ) {
258 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
259 server, domain ));
260 return server;
261 }
262
263 key = saf_key(talloc_tos(), domain);
264 if (key == NULL) {
265 DEBUG(1, ("saf_key() failed\n"));
266 return NULL;
267 }
268
269 ret = gencache_get( key, mem_ctx, &server, &timeout );
270
271 TALLOC_FREE( key );
272
273 if ( !ret ) {
274 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
275 domain ));
276 } else {
277 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
278 server, domain ));
279 }
280
281 return server;
282 }
283
284 static void set_socket_addr_v4(struct samba_sockaddr *addr)
285 {
286 if (!interpret_string_addr(&addr->u.ss, lp_nbt_client_socket_address(),
287 AI_NUMERICHOST|AI_PASSIVE)) {
288 zero_sockaddr(&addr->u.ss);
289 /* zero_sockaddr sets family to AF_INET. */
290 addr->sa_socklen = sizeof(struct sockaddr_in);
291 }
292 if (addr->u.ss.ss_family != AF_INET) {
293 zero_sockaddr(&addr->u.ss);
294 /* zero_sockaddr sets family to AF_INET. */
295 addr->sa_socklen = sizeof(struct sockaddr_in);
296 }
297 }
298
299 static struct in_addr my_socket_addr_v4(void)
300 {
301 struct samba_sockaddr my_addr = {0};
302
303 set_socket_addr_v4(&my_addr);
304 return my_addr.u.in.sin_addr;
305 }
306
307 /****************************************************************************
308 Generate a random trn_id.
309 ****************************************************************************/
310
311 static int generate_trn_id(void)
312 {
313 uint16_t id;
314
315 generate_random_buffer((uint8_t *)&id, sizeof(id));
316
317 return id % (unsigned)0x7FFF;
318 }
319
320 /****************************************************************************
321 Parse a node status response into an array of structures.
322 ****************************************************************************/
323
324 static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx, char *p,
325 size_t *num_names,
326 struct node_status_extra *extra)
327 {
328 struct node_status *ret;
329 size_t i;
330 size_t result_count = 0;
331
332 result_count = CVAL(p,0);
333
334 if (result_count == 0)
335 return NULL;
336
337 ret = talloc_array(mem_ctx, struct node_status,result_count);
338 if (!ret)
339 return NULL;
340
341 p++;
342 for (i=0;i< result_count;i++) {
343 strlcpy(ret[i].name,p,16);
344 trim_char(ret[i].name,'\0',' ');
345 ret[i].type = CVAL(p,15);
346 ret[i].flags = p[16];
347 p += 18;
348 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
349 ret[i].type, ret[i].flags));
350 }
351 /*
352 * Also, pick up the MAC address ...
353 */
354 if (extra) {
355 memcpy(&extra->mac_addr, p, 6); /* Fill in the mac addr */
356 }
357 *num_names = result_count;
358 return ret;
359 }
360
361 struct sock_packet_read_state {
362 struct tevent_context *ev;
363 enum packet_type type;
364 int trn_id;
365
366 struct nb_packet_reader *reader;
367 struct tevent_req *reader_req;
368
369 struct tdgram_context *sock;
370 struct tevent_req *socket_req;
371 uint8_t *buf;
372 struct tsocket_address *addr;
373
374 bool (*validator)(struct packet_struct *p,
375 void *private_data);
376 void *private_data;
377
378 struct packet_struct *packet;
379 };
380
381 static void sock_packet_read_got_packet(struct tevent_req *subreq);
382 static void sock_packet_read_got_socket(struct tevent_req *subreq);
383
384 static struct tevent_req *sock_packet_read_send(
385 TALLOC_CTX *mem_ctx,
386 struct tevent_context *ev,
387 struct tdgram_context *sock,
388 struct nb_packet_reader *reader,
389 enum packet_type type,
390 int trn_id,
391 bool (*validator)(struct packet_struct *p, void *private_data),
392 void *private_data)
393 {
394 struct tevent_req *req;
395 struct sock_packet_read_state *state;
396
397 req = tevent_req_create(mem_ctx, &state,
398 struct sock_packet_read_state);
399 if (req == NULL) {
400 return NULL;
401 }
402 state->ev = ev;
403 state->reader = reader;
404 state->sock = sock;
405 state->type = type;
406 state->trn_id = trn_id;
407 state->validator = validator;
408 state->private_data = private_data;
409
410 if (reader != NULL) {
411 state->reader_req = nb_packet_read_send(state, ev, reader);
412 if (tevent_req_nomem(state->reader_req, req)) {
413 return tevent_req_post(req, ev);
414 }
415 tevent_req_set_callback(
416 state->reader_req, sock_packet_read_got_packet, req);
417 }
418
419 state->socket_req = tdgram_recvfrom_send(state, ev, state->sock);
420 if (tevent_req_nomem(state->socket_req, req)) {
421 return tevent_req_post(req, ev);
422 }
423 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
424 req);
425
426 return req;
427 }
428
429 static void sock_packet_read_got_packet(struct tevent_req *subreq)
430 {
431 struct tevent_req *req = tevent_req_callback_data(
432 subreq, struct tevent_req);
433 struct sock_packet_read_state *state = tevent_req_data(
434 req, struct sock_packet_read_state);
435 NTSTATUS status;
436
437 status = nb_packet_read_recv(subreq, state, &state->packet);
438
439 TALLOC_FREE(state->reader_req);
440
441 if (!NT_STATUS_IS_OK(status)) {
442 if (state->socket_req != NULL) {
443 /*
444 * Still waiting for socket
445 */
446 return;
447 }
448 /*
449 * Both socket and packet reader failed
450 */
451 tevent_req_nterror(req, status);
452 return;
453 }
454
455 if ((state->validator != NULL) &&
456 !state->validator(state->packet, state->private_data)) {
457 DEBUG(10, ("validator failed\n"));
458
459 TALLOC_FREE(state->packet);
460
461 state->reader_req = nb_packet_read_send(state, state->ev,
462 state->reader);
463 if (tevent_req_nomem(state->reader_req, req)) {
464 return;
465 }
466 tevent_req_set_callback(
467 state->reader_req, sock_packet_read_got_packet, req);
468 return;
469 }
470
471 TALLOC_FREE(state->socket_req);
472 tevent_req_done(req);
473 }
474
475 static void sock_packet_read_got_socket(struct tevent_req *subreq)
476 {
477 struct tevent_req *req = tevent_req_callback_data(
478 subreq, struct tevent_req);
479 struct sock_packet_read_state *state = tevent_req_data(
480 req, struct sock_packet_read_state);
481 struct samba_sockaddr addr = {0};
482 ssize_t ret;
483 ssize_t received;
484 int err;
485 bool ok;
486
487 received = tdgram_recvfrom_recv(subreq, &err, state,
488 &state->buf, &state->addr);
489
490 TALLOC_FREE(state->socket_req);
491
492 if (received == -1) {
493 if (state->reader_req != NULL) {
494 /*
495 * Still waiting for reader
496 */
497 return;
498 }
499 /*
500 * Both socket and reader failed
501 */
502 tevent_req_nterror(req, map_nt_error_from_unix(err));
503 return;
504 }
505 ok = tsocket_address_is_inet(state->addr, "ipv4");
506 if (!ok) {
507 goto retry;
508 }
509 ret = tsocket_address_bsd_sockaddr(state->addr,
510 &addr.u.sa,
511 sizeof(addr.u.in));
512 if (ret == -1) {
513 tevent_req_nterror(req, map_nt_error_from_unix(errno));
514 return;
515 }
516
517 state->packet = parse_packet_talloc(
518 state, (char *)state->buf, received, state->type,
519 addr.u.in.sin_addr, addr.u.in.sin_port);
520 if (state->packet == NULL) {
521 DEBUG(10, ("parse_packet failed\n"));
522 goto retry;
523 }
524 if ((state->trn_id != -1) &&
525 (state->trn_id != packet_trn_id(state->packet))) {
526 DEBUG(10, ("Expected transaction id %d, got %d\n",
527 state->trn_id, packet_trn_id(state->packet)));
528 goto retry;
529 }
530
531 if ((state->validator != NULL) &&
532 !state->validator(state->packet, state->private_data)) {
533 DEBUG(10, ("validator failed\n"));
534 goto retry;
535 }
536
537 tevent_req_done(req);
538 return;
539
540 retry:
541 TALLOC_FREE(state->packet);
542 TALLOC_FREE(state->buf);
543 TALLOC_FREE(state->addr);
544
545 state->socket_req = tdgram_recvfrom_send(state, state->ev, state->sock);
546 if (tevent_req_nomem(state->socket_req, req)) {
547 return;
548 }
549 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
550 req);
551 }
552
553 static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
554 TALLOC_CTX *mem_ctx,
555 struct packet_struct **ppacket)
556 {
557 struct sock_packet_read_state *state = tevent_req_data(
558 req, struct sock_packet_read_state);
559 NTSTATUS status;
560
561 if (tevent_req_is_nterror(req, &status)) {
562 return status;
563 }
564 *ppacket = talloc_move(mem_ctx, &state->packet);
565 return NT_STATUS_OK;
566 }
567
568 struct nb_trans_state {
569 struct tevent_context *ev;
570 struct tdgram_context *sock;
571 struct nb_packet_reader *reader;
572
573 struct tsocket_address *src_addr;
574 struct tsocket_address *dst_addr;
575 uint8_t *buf;
576 size_t buflen;
577 enum packet_type type;
578 int trn_id;
579
580 bool (*validator)(struct packet_struct *p,
581 void *private_data);
582 void *private_data;
583
584 struct packet_struct *packet;
585 };
586
587 static void nb_trans_got_reader(struct tevent_req *subreq);
588 static void nb_trans_done(struct tevent_req *subreq);
589 static void nb_trans_sent(struct tevent_req *subreq);
590 static void nb_trans_send_next(struct tevent_req *subreq);
591
592 static struct tevent_req *nb_trans_send(
593 TALLOC_CTX *mem_ctx,
594 struct tevent_context *ev,
595 const struct samba_sockaddr *_my_addr,
596 const struct samba_sockaddr *_dst_addr,
597 bool bcast,
598 uint8_t *buf, size_t buflen,
599 enum packet_type type, int trn_id,
600 bool (*validator)(struct packet_struct *p,
601 void *private_data),
602 void *private_data)
603 {
604 const struct sockaddr *my_addr = &_my_addr->u.sa;
605 size_t my_addr_len = sizeof(_my_addr->u.in); /*We know it's AF_INET.*/
606 const struct sockaddr *dst_addr = &_dst_addr->u.sa;
607 size_t dst_addr_len = sizeof(_dst_addr->u.in); /*We know it's AF_INET.*/
608 struct tevent_req *req, *subreq;
609 struct nb_trans_state *state;
610 int ret;
611
612 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
613 if (req == NULL) {
614 return NULL;
615 }
616 state->ev = ev;
617 state->buf = buf;
618 state->buflen = buflen;
619 state->type = type;
620 state->trn_id = trn_id;
621 state->validator = validator;
622 state->private_data = private_data;
623
624 ret = tsocket_address_bsd_from_sockaddr(state,
625 my_addr, my_addr_len,
626 &state->src_addr);
627 if (ret == -1) {
628 tevent_req_nterror(req, map_nt_error_from_unix(errno));
629 return tevent_req_post(req, ev);
630 }
631
632 ret = tsocket_address_bsd_from_sockaddr(state,
633 dst_addr, dst_addr_len,
634 &state->dst_addr);
635 if (ret == -1) {
636 tevent_req_nterror(req, map_nt_error_from_unix(errno));
637 return tevent_req_post(req, ev);
638 }
639
640 ret = tdgram_inet_udp_broadcast_socket(state->src_addr, state,
641 &state->sock);
642 if (ret == -1) {
643 tevent_req_nterror(req, map_nt_error_from_unix(errno));
644 return tevent_req_post(req, ev);
645 }
646
647 subreq = nb_packet_reader_send(state, ev, type, state->trn_id, NULL);
648 if (tevent_req_nomem(subreq, req)) {
649 return tevent_req_post(req, ev);
650 }
651 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
652 return req;
653 }
654
655 static void nb_trans_got_reader(struct tevent_req *subreq)
656 {
657 struct tevent_req *req = tevent_req_callback_data(
658 subreq, struct tevent_req);
659 struct nb_trans_state *state = tevent_req_data(
660 req, struct nb_trans_state);
661 NTSTATUS status;
662
663 status = nb_packet_reader_recv(subreq, state, &state->reader);
664 TALLOC_FREE(subreq);
665
666 if (!NT_STATUS_IS_OK(status)) {
667 DEBUG(10, ("nmbd not around\n"));
668 state->reader = NULL;
669 }
670
671 subreq = sock_packet_read_send(
672 state, state->ev, state->sock,
673 state->reader, state->type, state->trn_id,
674 state->validator, state->private_data);
675 if (tevent_req_nomem(subreq, req)) {
676 return;
677 }
678 tevent_req_set_callback(subreq, nb_trans_done, req);
679
680 subreq = tdgram_sendto_send(state, state->ev,
681 state->sock,
682 state->buf, state->buflen,
683 state->dst_addr);
684 if (tevent_req_nomem(subreq, req)) {
685 return;
686 }
687 tevent_req_set_callback(subreq, nb_trans_sent, req);
688 }
689
690 static void nb_trans_sent(struct tevent_req *subreq)
691 {
692 struct tevent_req *req = tevent_req_callback_data(
693 subreq, struct tevent_req);
694 struct nb_trans_state *state = tevent_req_data(
695 req, struct nb_trans_state);
696 ssize_t sent;
697 int err;
698
699 sent = tdgram_sendto_recv(subreq, &err);
700 TALLOC_FREE(subreq);
701 if (sent == -1) {
702 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
703 tevent_req_nterror(req, map_nt_error_from_unix(err));
704 return;
705 }
706 subreq = tevent_wakeup_send(state, state->ev,
707 timeval_current_ofs(1, 0));
708 if (tevent_req_nomem(subreq, req)) {
709 return;
710 }
711 tevent_req_set_callback(subreq, nb_trans_send_next, req);
712 }
713
714 static void nb_trans_send_next(struct tevent_req *subreq)
715 {
716 struct tevent_req *req = tevent_req_callback_data(
717 subreq, struct tevent_req);
718 struct nb_trans_state *state = tevent_req_data(
719 req, struct nb_trans_state);
720 bool ret;
721
722 ret = tevent_wakeup_recv(subreq);
723 TALLOC_FREE(subreq);
724 if (!ret) {
725 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
726 return;
727 }
728 subreq = tdgram_sendto_send(state, state->ev,
729 state->sock,
730 state->buf, state->buflen,
731 state->dst_addr);
732 if (tevent_req_nomem(subreq, req)) {
733 return;
734 }
735 tevent_req_set_callback(subreq, nb_trans_sent, req);
736 }
737
738 static void nb_trans_done(struct tevent_req *subreq)
739 {
740 struct tevent_req *req = tevent_req_callback_data(
741 subreq, struct tevent_req);
742 struct nb_trans_state *state = tevent_req_data(
743 req, struct nb_trans_state);
744 NTSTATUS status;
745
746 status = sock_packet_read_recv(subreq, state, &state->packet);
747 TALLOC_FREE(subreq);
748 if (tevent_req_nterror(req, status)) {
749 return;
750 }
751 tevent_req_done(req);
752 }
753
754 static NTSTATUS nb_trans_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
755 struct packet_struct **ppacket)
756 {
757 struct nb_trans_state *state = tevent_req_data(
758 req, struct nb_trans_state);
759 NTSTATUS status;
760
761 if (tevent_req_is_nterror(req, &status)) {
762 return status;
763 }
764 *ppacket = talloc_move(mem_ctx, &state->packet);
765 return NT_STATUS_OK;
766 }
767
768 /****************************************************************************
769 Do a NBT node status query on an open socket and return an array of
770 structures holding the returned names or NULL if the query failed.
771 **************************************************************************/
772
773 struct node_status_query_state {
774 struct samba_sockaddr my_addr;
775 struct samba_sockaddr addr;
776 uint8_t buf[1024];
777 ssize_t buflen;
778 struct packet_struct *packet;
779 };
780
781 static bool node_status_query_validator(struct packet_struct *p,
782 void *private_data);
783 static void node_status_query_done(struct tevent_req *subreq);
784
785 struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
786 struct tevent_context *ev,
787 struct nmb_name *name,
788 const struct sockaddr_storage *addr)
789 {
790 struct tevent_req *req, *subreq;
791 struct node_status_query_state *state;
792 struct packet_struct p;
793 struct nmb_packet *nmb = &p.packet.nmb;
794 bool ok;
795
796 req = tevent_req_create(mem_ctx, &state,
797 struct node_status_query_state);
798 if (req == NULL) {
799 return NULL;
800 }
801
802 if (addr->ss_family != AF_INET) {
803 /* Can't do node status to IPv6 */
804 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
805 return tevent_req_post(req, ev);
806 }
807
808 ok = sockaddr_storage_to_samba_sockaddr(&state->addr, addr);
809 if (!ok) {
810 /* node status must be IPv4 */
811 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
812 return tevent_req_post(req, ev);
813 }
814 state->addr.u.in.sin_port = htons(NMB_PORT);
815
816 set_socket_addr_v4(&state->my_addr);
817
818 ZERO_STRUCT(p);
819 nmb->header.name_trn_id = generate_trn_id();
820 nmb->header.opcode = 0;
821 nmb->header.response = false;
822 nmb->header.nm_flags.bcast = false;
823 nmb->header.nm_flags.recursion_available = false;
824 nmb->header.nm_flags.recursion_desired = false;
825 nmb->header.nm_flags.trunc = false;
826 nmb->header.nm_flags.authoritative = false;
827 nmb->header.rcode = 0;
828 nmb->header.qdcount = 1;
829 nmb->header.ancount = 0;
830 nmb->header.nscount = 0;
831 nmb->header.arcount = 0;
832 nmb->question.question_name = *name;
833 nmb->question.question_type = 0x21;
834 nmb->question.question_class = 0x1;
835
836 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
837 &p);
838 if (state->buflen == 0) {
839 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
840 DEBUG(10, ("build_packet failed\n"));
841 return tevent_req_post(req, ev);
842 }
843
844 subreq = nb_trans_send(state,
845 ev,
846 &state->my_addr,
847 &state->addr,
848 false,
849 state->buf,
850 state->buflen,
851 NMB_PACKET,
852 nmb->header.name_trn_id,
853 node_status_query_validator,
854 NULL);
855 if (tevent_req_nomem(subreq, req)) {
856 DEBUG(10, ("nb_trans_send failed\n"));
857 return tevent_req_post(req, ev);
858 }
859 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
860 return tevent_req_post(req, ev);
861 }
862 tevent_req_set_callback(subreq, node_status_query_done, req);
863 return req;
864 }
865
866 static bool node_status_query_validator(struct packet_struct *p,
867 void *private_data)
868 {
869 struct nmb_packet *nmb = &p->packet.nmb;
870 debug_nmb_packet(p);
871
872 if (nmb->header.opcode != 0 ||
873 nmb->header.nm_flags.bcast ||
874 nmb->header.rcode ||
875 !nmb->header.ancount ||
876 nmb->answers->rr_type != 0x21) {
877 /*
878 * XXXX what do we do with this? could be a redirect,
879 * but we'll discard it for the moment
880 */
881 return false;
882 }
883 return true;
884 }
885
886 static void node_status_query_done(struct tevent_req *subreq)
887 {
888 struct tevent_req *req = tevent_req_callback_data(
889 subreq, struct tevent_req);
890 struct node_status_query_state *state = tevent_req_data(
891 req, struct node_status_query_state);
892 NTSTATUS status;
893
894 status = nb_trans_recv(subreq, state, &state->packet);
895 TALLOC_FREE(subreq);
896 if (tevent_req_nterror(req, status)) {
897 return;
898 }
899 tevent_req_done(req);
900 }
901
902 NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
903 struct node_status **pnode_status,
904 size_t *pnum_names,
905 struct node_status_extra *extra)
906 {
907 struct node_status_query_state *state = tevent_req_data(
908 req, struct node_status_query_state);
909 struct node_status *node_status;
910 size_t num_names = 0;
911 NTSTATUS status;
912
913 if (tevent_req_is_nterror(req, &status)) {
914 return status;
915 }
916 node_status = parse_node_status(
917 mem_ctx, &state->packet->packet.nmb.answers->rdata[0],
918 &num_names, extra);
919 if (node_status == NULL) {
920 return NT_STATUS_NO_MEMORY;
921 }
922 *pnode_status = node_status;
923 *pnum_names = num_names;
924 return NT_STATUS_OK;
925 }
926
927 NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
928 const struct sockaddr_storage *addr,
929 struct node_status **pnode_status,
930 size_t *pnum_names,
931 struct node_status_extra *extra)
932 {
933 TALLOC_CTX *frame = talloc_stackframe();
934 struct tevent_context *ev;
935 struct tevent_req *req;
936 NTSTATUS status = NT_STATUS_NO_MEMORY;
937
938 ev = samba_tevent_context_init(frame);
939 if (ev == NULL) {
940 goto fail;
941 }
942 req = node_status_query_send(ev, ev, name, addr);
943 if (req == NULL) {
944 goto fail;
945 }
946 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
947 goto fail;
948 }
949 status = node_status_query_recv(req, mem_ctx, pnode_status,
950 pnum_names, extra);
951 fail:
952 TALLOC_FREE(frame);
953 return status;
954 }
955
956 static bool name_status_lmhosts(const struct sockaddr_storage *paddr,
957 int qname_type, fstring pname)
958 {
959 FILE *f;
960 char *name;
961 int name_type;
962 struct samba_sockaddr addr_in = {0};
963 struct samba_sockaddr addr = {0};
964 bool ok;
965
966 ok = sockaddr_storage_to_samba_sockaddr(&addr_in, paddr);
967 if (!ok) {
968 return false;
969 }
970 if (addr_in.u.ss.ss_family != AF_INET) {
971 return false;
972 }
973
974 f = startlmhosts(get_dyn_LMHOSTSFILE());
975 if (f == NULL) {
976 return false;
977 }
978
979 while (getlmhostsent(talloc_tos(), f, &name, &name_type, &addr.u.ss)) {
980 if (addr.u.ss.ss_family != AF_INET) {
981 continue;
982 }
983 if (name_type != qname_type) {
984 continue;
985 }
986 if (sockaddr_equal(&addr_in.u.sa, &addr.u.sa)) {
987 fstrcpy(pname, name);
988 endlmhosts(f);
989 return true;
990 }
991 }
992 endlmhosts(f);
993 return false;
994 }
995
996 /****************************************************************************
997 Find the first type XX name in a node status reply - used for finding
998 a servers name given its IP. Return the matched name in *name.
999 **************************************************************************/
1000
1001 bool name_status_find(const char *q_name,
1002 int q_type,
1003 int type,
1004 const struct sockaddr_storage *to_ss,
1005 fstring name)
1006 {
1007 char addr[INET6_ADDRSTRLEN];
1008 struct node_status *addrs = NULL;
1009 struct nmb_name nname;
1010 size_t count = 0, i;
1011 bool result = false;
1012 NTSTATUS status;
1013
1014 if (lp_disable_netbios()) {
1015 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
1016 q_name, q_type));
1017 return False;
1018 }
1019
1020 print_sockaddr(addr, sizeof(addr), to_ss);
1021
1022 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
1023 q_type, addr));
1024
1025 /* Check the cache first. */
1026
1027 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
1028 return True;
1029 }
1030
1031 if (to_ss->ss_family != AF_INET) {
1032 /* Can't do node status to IPv6 */
1033 return false;
1034 }
1035
1036 result = name_status_lmhosts(to_ss, type, name);
1037 if (result) {
1038 DBG_DEBUG("Found name %s in lmhosts\n", name);
1039 namecache_status_store(q_name, q_type, type, to_ss, name);
1040 return true;
1041 }
1042
1043 /* W2K PDC's seem not to respond to '*'#0. JRA */
1044 make_nmb_name(&nname, q_name, q_type);
1045 status = node_status_query(talloc_tos(), &nname, to_ss,
1046 &addrs, &count, NULL);
1047 if (!NT_STATUS_IS_OK(status)) {
1048 goto done;
1049 }
1050
1051 for (i=0;i<count;i++) {
1052 /* Find first one of the requested type that's not a GROUP. */
1053 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
1054 break;
1055 }
1056 if (i == count)
1057 goto done;
1058
1059 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
1060
1061 /* Store the result in the cache. */
1062 /* but don't store an entry for 0x1c names here. Here we have
1063 a single host and DOMAIN<0x1c> names should be a list of hosts */
1064
1065 if ( q_type != 0x1c ) {
1066 namecache_status_store(q_name, q_type, type, to_ss, name);
1067 }
1068
1069 result = true;
1070
1071 done:
1072 TALLOC_FREE(addrs);
1073
1074 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
1075
1076 if (result)
1077 DEBUGADD(10, (", name %s ip address is %s", name, addr));
1078
1079 DEBUG(10, ("\n"));
1080
1081 return result;
1082 }
1083
1084 /*
1085 comparison function used by sort_addr_list
1086 */
1087
1088 static int addr_compare(const struct sockaddr_storage *ss1,
1089 const struct sockaddr_storage *ss2)
1090 {
1091 int max_bits1=0, max_bits2=0;
1092 int num_interfaces = iface_count();
1093 int i;
1094 struct samba_sockaddr sa1;
1095 struct samba_sockaddr sa2;
1096 bool ok;
1097
1098 ok = sockaddr_storage_to_samba_sockaddr(&sa1, ss1);
1099 if (!ok) {
1100 return 0; /* No change. */
1101 }
1102
1103 ok = sockaddr_storage_to_samba_sockaddr(&sa2, ss2);
1104 if (!ok) {
1105 return 0; /* No change. */
1106 }
1107
1108 /* Sort IPv4 addresses first. */
1109 if (sa1.u.ss.ss_family != sa2.u.ss.ss_family) {
1110 if (sa2.u.ss.ss_family == AF_INET) {
1111 return 1;
1112 } else {
1113 return -1;
1114 }
1115 }
1116
1117 /* Here we know both addresses are of the same
1118 * family. */
1119
1120 for (i=0;i<num_interfaces;i++) {
1121 struct samba_sockaddr sif = {0};
1122 const unsigned char *p_ss1 = NULL;
1123 const unsigned char *p_ss2 = NULL;
1124 const unsigned char *p_if = NULL;
1125 size_t len = 0;
1126 int bits1, bits2;
1127
1128 ok = sockaddr_storage_to_samba_sockaddr(&sif, iface_n_bcast(i));
1129 if (!ok) {
1130 return 0; /* No change. */
1131 }
1132 if (sif.u.ss.ss_family != sa1.u.ss.ss_family) {
1133 /* Ignore interfaces of the wrong type. */
1134 continue;
1135 }
1136 if (sif.u.ss.ss_family == AF_INET) {
1137 p_if = (const unsigned char *)&sif.u.in.sin_addr;
1138 p_ss1 = (const unsigned char *)&sa1.u.in.sin_addr;
1139 p_ss2 = (const unsigned char *)&sa2.u.in.sin_addr;
1140 len = 4;
1141 }
1142 #if defined(HAVE_IPV6)
1143 if (sif.u.ss.ss_family == AF_INET6) {
1144 p_if = (const unsigned char *)&sif.u.in6.sin6_addr;
1145 p_ss1 = (const unsigned char *)&sa1.u.in6.sin6_addr;
1146 p_ss2 = (const unsigned char *)&sa2.u.in6.sin6_addr;
1147 len = 16;
1148 }
1149 #endif
1150 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
1151 continue;
1152 }
1153 bits1 = matching_len_bits(p_ss1, p_if, len);
1154 bits2 = matching_len_bits(p_ss2, p_if, len);
1155 max_bits1 = MAX(bits1, max_bits1);
1156 max_bits2 = MAX(bits2, max_bits2);
1157 }
1158
1159 /* Bias towards directly reachable IPs */
1160 if (iface_local(&sa1.u.sa)) {
1161 if (sa1.u.ss.ss_family == AF_INET) {
1162 max_bits1 += 32;
1163 } else {
1164 max_bits1 += 128;
1165 }
1166 }
1167 if (iface_local(&sa2.u.sa)) {
1168 if (sa2.u.ss.ss_family == AF_INET) {
1169 max_bits2 += 32;
1170 } else {
1171 max_bits2 += 128;
1172 }
1173 }
1174 return max_bits2 - max_bits1;
1175 }
1176
1177 /*
1178 sort an IP list so that names that are close to one of our interfaces
1179 are at the top. This prevents the problem where a WINS server returns an IP
1180 that is not reachable from our subnet as the first match
1181 */
1182
1183 static void sort_addr_list(struct sockaddr_storage *sslist, size_t count)
1184 {
1185 if (count <= 1) {
1186 return;
1187 }
1188
1189 TYPESAFE_QSORT(sslist, count, addr_compare);
1190 }
1191
1192 static int samba_sockaddr_compare(struct samba_sockaddr *sa1,
1193 struct samba_sockaddr *sa2)
1194 {
1195 return addr_compare(&sa1->u.ss, &sa2->u.ss);
1196 }
1197
1198 static void sort_sa_list(struct samba_sockaddr *salist, size_t count)
1199 {
1200 if (count <= 1) {
1201 return;
1202 }
1203
1204 TYPESAFE_QSORT(salist, count, samba_sockaddr_compare);
1205 }
1206
1207 /**********************************************************************
1208 Remove any duplicate address/port pairs in the samba_sockaddr array.
1209 *********************************************************************/
1210
1211 size_t remove_duplicate_addrs2(struct samba_sockaddr *salist, size_t count )
1212 {
1213 size_t i, j;
1214
1215 DBG_DEBUG("looking for duplicate address/port pairs\n");
1216
1217 /* One loop to set duplicates to a zero addr. */
1218 for (i=0; i < count; i++) {
1219 if (is_zero_addr(&salist[i].u.ss)) {
1220 continue;
1221 }
1222
1223 for (j=i+1; j<count; j++) {
1224 if (sockaddr_equal(&salist[i].u.sa, &salist[j].u.sa)) {
1225 zero_sockaddr(&salist[j].u.ss);
1226 }
1227 }
1228 }
1229
1230 /* Now remove any addresses set to zero above. */
1231 for (i = 0; i < count; i++) {
1232 while (i < count &&
1233 is_zero_addr(&salist[i].u.ss)) {
1234 ARRAY_DEL_ELEMENT(salist, i, count);
1235 count--;
1236 }
1237 }
1238
1239 return count;
1240 }
1241
1242 static bool prioritize_ipv4_list(struct samba_sockaddr *salist, size_t count)
1243 {
1244 TALLOC_CTX *frame = talloc_stackframe();
1245 struct samba_sockaddr *salist_new = talloc_array(frame,
1246 struct samba_sockaddr,
1247 count);
1248 size_t i, j;
1249
1250 if (salist_new == NULL) {
1251 TALLOC_FREE(frame);
1252 return false;
1253 }
1254
1255 j = 0;
1256
1257 /* Copy IPv4 first. */
1258 for (i = 0; i < count; i++) {
1259 if (salist[i].u.ss.ss_family == AF_INET) {
1260 salist_new[j++] = salist[i];
1261 }
1262 }
1263
1264 /* Copy IPv6. */
1265 for (i = 0; i < count; i++) {
1266 if (salist[i].u.ss.ss_family != AF_INET) {
1267 salist_new[j++] = salist[i];
1268 }
1269 }
1270
1271 memcpy(salist, salist_new, sizeof(struct samba_sockaddr)*count);
1272 TALLOC_FREE(frame);
1273 return true;
1274 }
1275
1276 /****************************************************************************
1277 Do a netbios name query to find someones IP.
1278 Returns an array of IP addresses or NULL if none.
1279 *count will be set to the number of addresses returned.
1280 *timed_out is set if we failed by timing out
1281 ****************************************************************************/
1282
1283 struct name_query_state {
1284 struct samba_sockaddr my_addr;
1285 struct samba_sockaddr addr;
1286 bool bcast;
1287 bool bcast_star_query;
1288
1289
1290 uint8_t buf[1024];
1291 ssize_t buflen;
1292
1293 NTSTATUS validate_error;
1294 uint8_t flags;
1295
1296 struct sockaddr_storage *addrs;
1297 size_t num_addrs;
1298 };
1299
1300 static bool name_query_validator(struct packet_struct *p, void *private_data);
1301 static void name_query_done(struct tevent_req *subreq);
1302
1303 struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1304 struct tevent_context *ev,
1305 const char *name, int name_type,
1306 bool bcast, bool recurse,
1307 const struct sockaddr_storage *addr)
1308 {
1309 struct tevent_req *req, *subreq;
1310 struct name_query_state *state;
1311 struct packet_struct p;
1312 struct nmb_packet *nmb = &p.packet.nmb;
1313 bool ok;
1314
1315 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1316 if (req == NULL) {
1317 return NULL;
1318 }
1319 state->bcast = bcast;
1320
1321 if (addr->ss_family != AF_INET) {
1322 /* Can't do node status to IPv6 */
1323 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1324 return tevent_req_post(req, ev);
1325 }
1326
1327 if (lp_disable_netbios()) {
1328 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1329 name, name_type));
1330 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1331 return tevent_req_post(req, ev);
1332 }
1333
1334 ok = sockaddr_storage_to_samba_sockaddr(&state->addr, addr);
1335 if (!ok) {
1336 /* Node status must be IPv4 */
1337 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1338 return tevent_req_post(req, ev);
1339 }
1340 state->addr.u.in.sin_port = htons(NMB_PORT);
1341
1342 set_socket_addr_v4(&state->my_addr);
1343
1344 ZERO_STRUCT(p);
1345 nmb->header.name_trn_id = generate_trn_id();
1346 nmb->header.opcode = 0;
1347 nmb->header.response = false;
1348 nmb->header.nm_flags.bcast = bcast;
1349 nmb->header.nm_flags.recursion_available = false;
1350 nmb->header.nm_flags.recursion_desired = recurse;
1351 nmb->header.nm_flags.trunc = false;
1352 nmb->header.nm_flags.authoritative = false;
1353 nmb->header.rcode = 0;
1354 nmb->header.qdcount = 1;
1355 nmb->header.ancount = 0;
1356 nmb->header.nscount = 0;
1357 nmb->header.arcount = 0;
1358
1359 if (bcast && (strcmp(name, "*")==0)) {
1360 /*
1361 * We're doing a broadcast query for all
1362 * names in the area. Remember this so
1363 * we will wait for all names within
1364 * the timeout period.
1365 */
1366 state->bcast_star_query = true;
1367 }
1368
1369 make_nmb_name(&nmb->question.question_name,name,name_type);
1370
1371 nmb->question.question_type = 0x20;
1372 nmb->question.question_class = 0x1;
1373
1374 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1375 &p);
1376 if (state->buflen == 0) {
1377 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1378 DEBUG(10, ("build_packet failed\n"));
1379 return tevent_req_post(req, ev);
1380 }
1381
1382 subreq = nb_trans_send(state,
1383 ev,
1384 &state->my_addr,
1385 &state->addr,
1386 bcast,
1387 state->buf,
1388 state->buflen,
1389 NMB_PACKET,
1390 nmb->header.name_trn_id,
1391 name_query_validator,
1392 state);
1393 if (tevent_req_nomem(subreq, req)) {
1394 DEBUG(10, ("nb_trans_send failed\n"));
1395 return tevent_req_post(req, ev);
1396 }
1397 tevent_req_set_callback(subreq, name_query_done, req);
1398 return req;
1399 }
1400
1401 static bool name_query_validator(struct packet_struct *p, void *private_data)
1402 {
1403 struct name_query_state *state = talloc_get_type_abort(
1404 private_data, struct name_query_state);
1405 struct nmb_packet *nmb = &p->packet.nmb;
1406 struct sockaddr_storage *tmp_addrs;
1407 bool got_unique_netbios_name = false;
1408 int i;
1409
1410 debug_nmb_packet(p);
1411
1412 /*
1413 * If we get a Negative Name Query Response from a WINS
1414 * server, we should report it and give up.
1415 */
1416 if( 0 == nmb->header.opcode /* A query response */
1417 && !state->bcast /* from a WINS server */
1418 && nmb->header.rcode /* Error returned */
1419 ) {
1420
1421 if( DEBUGLVL( 3 ) ) {
1422 /* Only executed if DEBUGLEVEL >= 3 */
1423 dbgtext( "Negative name query "
1424 "response, rcode 0x%02x: ",
1425 nmb->header.rcode );
1426 switch( nmb->header.rcode ) {
1427 case 0x01:
1428 dbgtext("Request was invalidly formatted.\n");
1429 break;
1430 case 0x02:
1431 dbgtext("Problem with NBNS, cannot process "
1432 "name.\n");
1433 break;
1434 case 0x03:
1435 dbgtext("The name requested does not "
1436 "exist.\n");
1437 break;
1438 case 0x04:
1439 dbgtext("Unsupported request error.\n");
1440 break;
1441 case 0x05:
1442 dbgtext("Query refused error.\n");
1443 break;
1444 default:
1445 dbgtext("Unrecognized error code.\n" );
1446 break;
1447 }
1448 }
1449
1450 /*
1451 * We accept this packet as valid, but tell the upper
1452 * layers that it's a negative response.
1453 */
1454 state->validate_error = NT_STATUS_NOT_FOUND;
1455 return true;
1456 }
1457
1458 if (nmb->header.opcode != 0 ||
1459 nmb->header.nm_flags.bcast ||
1460 nmb->header.rcode ||
1461 !nmb->header.ancount) {
1462 /*
1463 * XXXX what do we do with this? Could be a redirect,
1464 * but we'll discard it for the moment.
1465 */
1466 return false;
1467 }
1468
1469 tmp_addrs = talloc_realloc(
1470 state, state->addrs, struct sockaddr_storage,
1471 state->num_addrs + nmb->answers->rdlength/6);
1472 if (tmp_addrs == NULL) {
1473 state->validate_error = NT_STATUS_NO_MEMORY;
1474 return true;
1475 }
1476 state->addrs = tmp_addrs;
1477
1478 DEBUG(2,("Got a positive name query response "
1479 "from %s ( ", inet_ntoa(p->ip)));
1480
1481 for (i=0; i<nmb->answers->rdlength/6; i++) {
1482 uint16_t flags;
1483 struct in_addr ip;
1484 struct sockaddr_storage addr;
1485 struct samba_sockaddr sa = {0};
1486 bool ok;
1487 size_t j;
1488
1489 flags = RSVAL(&nmb->answers->rdata[i*6], 0);
1490 got_unique_netbios_name |= ((flags & 0x8000) == 0);
1491
1492 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1493 in_addr_to_sockaddr_storage(&addr, ip);
1494
1495 ok = sockaddr_storage_to_samba_sockaddr(&sa, &addr);
1496 if (!ok) {
1497 continue;
1498 }
1499
1500 if (is_zero_addr(&sa.u.ss)) {
1501 continue;
1502 }
1503
1504 for (j=0; j<state->num_addrs; j++) {
1505 struct samba_sockaddr sa_j = {0};
1506
1507 ok = sockaddr_storage_to_samba_sockaddr(&sa_j,
1508 &state->addrs[j]);
1509 if (!ok) {
1510 continue;
1511 }
1512 if (sockaddr_equal(&sa.u.sa, &sa_j.u.sa)) {
1513 break;
1514 }
1515 }
1516 if (j < state->num_addrs) {
1517 /* Already got it */
1518 continue;
1519 }
1520
1521 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1522
1523 state->addrs[state->num_addrs] = addr;
1524 /* wrap check. */
1525 if (state->num_addrs + 1 < state->num_addrs) {
1526 return false;
1527 }
1528 state->num_addrs += 1;
1529 }
1530 DEBUGADD(2,(")\n"));
1531
1532 /* We add the flags back ... */
1533 if (nmb->header.response)
1534 state->flags |= NM_FLAGS_RS;
1535 if (nmb->header.nm_flags.authoritative)
1536 state->flags |= NM_FLAGS_AA;
1537 if (nmb->header.nm_flags.trunc)
1538 state->flags |= NM_FLAGS_TC;
1539 if (nmb->header.nm_flags.recursion_desired)
1540 state->flags |= NM_FLAGS_RD;
1541 if (nmb->header.nm_flags.recursion_available)
1542 state->flags |= NM_FLAGS_RA;
1543 if (nmb->header.nm_flags.bcast)
1544 state->flags |= NM_FLAGS_B;
1545
1546 if (state->bcast) {
1547 /*
1548 * We have to collect all entries coming in from broadcast
1549 * queries. If we got a unique name and we are not querying
1550 * all names registered within broadcast area (query
1551 * for the name '*', so state->bcast_star_query is set),
1552 * we're done.
1553 */
1554 return (got_unique_netbios_name && !state->bcast_star_query);
1555 }
1556 /*
1557 * WINS responses are accepted when they are received
1558 */
1559 return true;
1560 }
1561
1562 static void name_query_done(struct tevent_req *subreq)
1563 {
1564 struct tevent_req *req = tevent_req_callback_data(
1565 subreq, struct tevent_req);
1566 struct name_query_state *state = tevent_req_data(
1567 req, struct name_query_state);
1568 NTSTATUS status;
1569 struct packet_struct *p = NULL;
1570
1571 status = nb_trans_recv(subreq, state, &p);
1572 TALLOC_FREE(subreq);
1573 if (tevent_req_nterror(req, status)) {
1574 return;
1575 }
1576 if (!NT_STATUS_IS_OK(state->validate_error)) {
1577 tevent_req_nterror(req, state->validate_error);
1578 return;
1579 }
1580 tevent_req_done(req);
1581 }
1582
1583 NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1584 struct sockaddr_storage **addrs, size_t *num_addrs,
1585 uint8_t *flags)
1586 {
1587 struct name_query_state *state = tevent_req_data(
1588 req, struct name_query_state);
1589 NTSTATUS status;
1590
1591 if (tevent_req_is_nterror(req, &status)) {
1592 if (state->bcast &&
1593 NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1594 /*
1595 * In the broadcast case we collect replies until the
1596 * timeout.
1597 */
1598 status = NT_STATUS_OK;
1599 }
1600 if (!NT_STATUS_IS_OK(status)) {
1601 return status;
1602 }
1603 }
1604 if (state->num_addrs == 0) {
1605 return NT_STATUS_NOT_FOUND;
1606 }
1607 *addrs = talloc_move(mem_ctx, &state->addrs);
1608 sort_addr_list(*addrs, state->num_addrs);
1609 *num_addrs = state->num_addrs;
1610 if (flags != NULL) {
1611 *flags = state->flags;
1612 }
1613 return NT_STATUS_OK;
1614 }
1615
1616 NTSTATUS name_query(const char *name, int name_type,
1617 bool bcast, bool recurse,
1618 const struct sockaddr_storage *to_ss,
1619 TALLOC_CTX *mem_ctx,
1620 struct sockaddr_storage **addrs,
1621 size_t *num_addrs, uint8_t *flags)
1622 {
1623 TALLOC_CTX *frame = talloc_stackframe();
1624 struct tevent_context *ev;
1625 struct tevent_req *req;
1626 struct timeval timeout;
1627 NTSTATUS status = NT_STATUS_NO_MEMORY;
1628
1629 ev = samba_tevent_context_init(frame);
1630 if (ev == NULL) {
1631 goto fail;
1632 }
1633 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1634 if (req == NULL) {
1635 goto fail;
1636 }
1637 if (bcast) {
1638 timeout = timeval_current_ofs(0, 250000);
1639 } else {
1640 timeout = timeval_current_ofs(2, 0);
1641 }
1642 if (!tevent_req_set_endtime(req, ev, timeout)) {
1643 goto fail;
1644 }
1645 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1646 goto fail;
1647 }
1648 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1649 fail:
1650 TALLOC_FREE(frame);
1651 return status;
1652 }
1653
1654 struct name_queries_state {
1655 struct tevent_context *ev;
1656 const char *name;
1657 int name_type;
1658 bool bcast;
1659 bool recurse;
1660 const struct sockaddr_storage *addrs;
1661 size_t num_addrs;
1662 int wait_msec;
1663 int timeout_msec;
1664
1665 struct tevent_req **subreqs;
1666 size_t num_received;
1667 size_t num_sent;
1668
1669 size_t received_index;
1670 struct sockaddr_storage *result_addrs;
1671 size_t num_result_addrs;
1672 uint8_t flags;
1673 };
1674
1675 static void name_queries_done(struct tevent_req *subreq);
1676 static void name_queries_next(struct tevent_req *subreq);
1677
1678 /*
1679 * Send a name query to multiple destinations with a wait time in between
1680 */
1681
1682 static struct tevent_req *name_queries_send(
1683 TALLOC_CTX *mem_ctx, struct tevent_context *ev,
1684 const char *name, int name_type,
1685 bool bcast, bool recurse,
1686 const struct sockaddr_storage *addrs,
1687 size_t num_addrs, int wait_msec, int timeout_msec)
1688 {
1689 struct tevent_req *req, *subreq;
1690 struct name_queries_state *state;
1691
1692 req = tevent_req_create(mem_ctx, &state,
1693 struct name_queries_state);
1694 if (req == NULL) {
1695 return NULL;
1696 }
1697 state->ev = ev;
1698 state->name = name;
1699 state->name_type = name_type;
1700 state->bcast = bcast;
1701 state->recurse = recurse;
1702 state->addrs = addrs;
1703 state->num_addrs = num_addrs;
1704 state->wait_msec = wait_msec;
1705 state->timeout_msec = timeout_msec;
1706
1707 state->subreqs = talloc_zero_array(
1708 state, struct tevent_req *, num_addrs);
1709 if (tevent_req_nomem(state->subreqs, req)) {
1710 return tevent_req_post(req, ev);
1711 }
1712 state->num_sent = 0;
1713
1714 subreq = name_query_send(
1715 state->subreqs, state->ev, name, name_type, bcast, recurse,
1716 &state->addrs[state->num_sent]);
1717 if (tevent_req_nomem(subreq, req)) {
1718 return tevent_req_post(req, ev);
1719 }
1720 if (!tevent_req_set_endtime(
1721 subreq, state->ev,
1722 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1723 return tevent_req_post(req, ev);
1724 }
1725 tevent_req_set_callback(subreq, name_queries_done, req);
1726
1727 state->subreqs[state->num_sent] = subreq;
1728 state->num_sent += 1;
1729
1730 if (state->num_sent < state->num_addrs) {
1731 subreq = tevent_wakeup_send(
1732 state, state->ev,
1733 timeval_current_ofs(0, state->wait_msec * 1000));
1734 if (tevent_req_nomem(subreq, req)) {
1735 return tevent_req_post(req, ev);
1736 }
1737 tevent_req_set_callback(subreq, name_queries_next, req);
1738 }
1739 return req;
1740 }
1741
1742 static void name_queries_done(struct tevent_req *subreq)
1743 {
1744 struct tevent_req *req = tevent_req_callback_data(
1745 subreq, struct tevent_req);
1746 struct name_queries_state *state = tevent_req_data(
1747 req, struct name_queries_state);
1748 size_t i;
1749 NTSTATUS status;
1750
1751 status = name_query_recv(subreq, state, &state->result_addrs,
1752 &state->num_result_addrs, &state->flags);
1753
1754 for (i=0; i<state->num_sent; i++) {
1755 if (state->subreqs[i] == subreq) {
1756 break;
1757 }
1758 }
1759 if (i == state->num_sent) {
1760 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1761 return;
1762 }
1763 TALLOC_FREE(state->subreqs[i]);
1764
1765 /* wrap check. */
1766 if (state->num_received + 1 < state->num_received) {
1767 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
1768 return;
1769 }
1770 state->num_received += 1;
1771
1772 if (!NT_STATUS_IS_OK(status)) {
1773
1774 if (state->num_received >= state->num_addrs) {
1775 tevent_req_nterror(req, status);
1776 return;
1777 }
1778 /*
1779 * Still outstanding requests, just wait
1780 */
1781 return;
1782 }
1783 state->received_index = i;
1784 tevent_req_done(req);
1785 }
1786
1787 static void name_queries_next(struct tevent_req *subreq)
1788 {
1789 struct tevent_req *req = tevent_req_callback_data(
1790 subreq, struct tevent_req);
1791 struct name_queries_state *state = tevent_req_data(
1792 req, struct name_queries_state);
1793
1794 if (!tevent_wakeup_recv(subreq)) {
1795 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1796 return;
1797 }
1798
1799 subreq = name_query_send(
1800 state->subreqs, state->ev,
1801 state->name, state->name_type, state->bcast, state->recurse,
1802 &state->addrs[state->num_sent]);
1803 if (tevent_req_nomem(subreq, req)) {
1804 return;
1805 }
1806 tevent_req_set_callback(subreq, name_queries_done, req);
1807 if (!tevent_req_set_endtime(
1808 subreq, state->ev,
1809 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1810 return;
1811 }
1812 state->subreqs[state->num_sent] = subreq;
1813 state->num_sent += 1;
1814
1815 if (state->num_sent < state->num_addrs) {
1816 subreq = tevent_wakeup_send(
1817 state, state->ev,
1818 timeval_current_ofs(0, state->wait_msec * 1000));
1819 if (tevent_req_nomem(subreq, req)) {
1820 return;
1821 }
1822 tevent_req_set_callback(subreq, name_queries_next, req);
1823 }
1824 }
1825
1826 static NTSTATUS name_queries_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1827 struct sockaddr_storage **result_addrs,
1828 size_t *num_result_addrs, uint8_t *flags,
1829 size_t *received_index)
1830 {
1831 struct name_queries_state *state = tevent_req_data(
1832 req, struct name_queries_state);
1833 NTSTATUS status;
1834
1835 if (tevent_req_is_nterror(req, &status)) {
1836 return status;
1837 }
1838
1839 if (result_addrs != NULL) {
1840 *result_addrs = talloc_move(mem_ctx, &state->result_addrs);
1841 }
1842 if (num_result_addrs != NULL) {
1843 *num_result_addrs = state->num_result_addrs;
1844 }
1845 if (flags != NULL) {
1846 *flags = state->flags;
1847 }
1848 if (received_index != NULL) {
1849 *received_index = state->received_index;
1850 }
1851 return NT_STATUS_OK;
1852 }
1853
1854 /********************************************************
1855 Resolve via "bcast" method.
1856 *********************************************************/
1857
1858 struct name_resolve_bcast_state {
1859 struct sockaddr_storage *addrs;
1860 size_t num_addrs;
1861 };
1862
1863 static void name_resolve_bcast_done(struct tevent_req *subreq);
1864
1865 struct tevent_req *name_resolve_bcast_send(TALLOC_CTX *mem_ctx,
1866 struct tevent_context *ev,
1867 const char *name,
1868 int name_type)
1869 {
1870 struct tevent_req *req, *subreq;
1871 struct name_resolve_bcast_state *state;
1872 struct sockaddr_storage *bcast_addrs;
1873 size_t i, num_addrs, num_bcast_addrs;
1874
1875 req = tevent_req_create(mem_ctx, &state,
1876 struct name_resolve_bcast_state);
1877 if (req == NULL) {
1878 return NULL;
1879 }
1880
1881 if (lp_disable_netbios()) {
1882 DEBUG(5, ("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1883 name, name_type));
1884 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
1885 return tevent_req_post(req, ev);
1886 }
1887
1888 /*
1889 * "bcast" means do a broadcast lookup on all the local interfaces.
1890 */
1891
1892 DEBUG(3, ("name_resolve_bcast: Attempting broadcast lookup "
1893 "for name %s<0x%x>\n", name, name_type));
1894
1895 num_addrs = iface_count();
1896 bcast_addrs = talloc_array(state, struct sockaddr_storage, num_addrs);
1897 if (tevent_req_nomem(bcast_addrs, req)) {
1898 return tevent_req_post(req, ev);
1899 }
1900
1901 /*
1902 * Lookup the name on all the interfaces, return on
1903 * the first successful match.
1904 */
1905 num_bcast_addrs = 0;
1906
1907 for (i=0; i<num_addrs; i++) {
1908 const struct sockaddr_storage *pss = iface_n_bcast(i);
1909
1910 if (pss->ss_family != AF_INET) {
1911 continue;
1912 }
1913 bcast_addrs[num_bcast_addrs] = *pss;
1914 num_bcast_addrs += 1;
1915 }
1916
1917 subreq = name_queries_send(state, ev, name, name_type, true, true,
1918 bcast_addrs, num_bcast_addrs, 0, 250);
1919 if (tevent_req_nomem(subreq, req)) {
1920 return tevent_req_post(req, ev);
1921 }
1922 tevent_req_set_callback(subreq, name_resolve_bcast_done, req);
1923 return req;
1924 }
1925
1926 static void name_resolve_bcast_done(struct tevent_req *subreq)
1927 {
1928 struct tevent_req *req = tevent_req_callback_data(
1929 subreq, struct tevent_req);
1930 struct name_resolve_bcast_state *state = tevent_req_data(
1931 req, struct name_resolve_bcast_state);
1932 NTSTATUS status;
1933
1934 status = name_queries_recv(subreq, state,
1935 &state->addrs, &state->num_addrs,
1936 NULL, NULL);
1937 TALLOC_FREE(subreq);
1938 if (tevent_req_nterror(req, status)) {
1939 return;
1940 }
1941 tevent_req_done(req);
1942 }
1943
1944 NTSTATUS name_resolve_bcast_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1945 struct sockaddr_storage **addrs,
1946 size_t *num_addrs)
1947 {
1948 struct name_resolve_bcast_state *state = tevent_req_data(
1949 req, struct name_resolve_bcast_state);
1950 NTSTATUS status;
1951
1952 if (tevent_req_is_nterror(req, &status)) {
1953 return status;
1954 }
1955 *addrs = talloc_move(mem_ctx, &state->addrs);
1956 *num_addrs = state->num_addrs;
1957 return NT_STATUS_OK;
1958 }
1959
1960 NTSTATUS name_resolve_bcast(TALLOC_CTX *mem_ctx,
1961 const char *name,
1962 int name_type,
1963 struct sockaddr_storage **return_iplist,
1964 size_t *return_count)
1965 {
1966 TALLOC_CTX *frame = talloc_stackframe();
1967 struct tevent_context *ev;
1968 struct tevent_req *req;
1969 NTSTATUS status = NT_STATUS_NO_MEMORY;
1970
1971 ev = samba_tevent_context_init(frame);
1972 if (ev == NULL) {
1973 goto fail;
1974 }
1975 req = name_resolve_bcast_send(frame, ev, name, name_type);
1976 if (req == NULL) {
1977 goto fail;
1978 }
1979 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1980 goto fail;
1981 }
1982 status = name_resolve_bcast_recv(req, mem_ctx, return_iplist,
1983 return_count);
1984 fail:
1985 TALLOC_FREE(frame);
1986 return status;
1987 }
1988
1989 struct query_wins_list_state {
1990 struct tevent_context *ev;
1991 const char *name;
1992 uint8_t name_type;
1993 struct in_addr *servers;
1994 size_t num_servers;
1995 struct sockaddr_storage server;
1996 size_t num_sent;
1997
1998 struct sockaddr_storage *addrs;
1999 size_t num_addrs;
2000 uint8_t flags;
2001 };
2002
2003 static void query_wins_list_done(struct tevent_req *subreq);
2004
2005 /*
2006 * Query a list of (replicating) wins servers in sequence, call them
2007 * dead if they don't reply
2008 */
2009
2010 static struct tevent_req *query_wins_list_send(
2011 TALLOC_CTX *mem_ctx, struct tevent_context *ev,
2012 struct in_addr src_ip, const char *name, uint8_t name_type,
2013 struct in_addr *servers, size_t num_servers)
2014 {
2015 struct tevent_req *req, *subreq;
2016 struct query_wins_list_state *state;
2017
2018 req = tevent_req_create(mem_ctx, &state,
2019 struct query_wins_list_state);
2020 if (req == NULL) {
2021 return NULL;
2022 }
2023 state->ev = ev;
2024 state->name = name;
2025 state->name_type = name_type;
2026 state->servers = servers;
2027 state->num_servers = num_servers;
2028
2029 if (state->num_servers == 0) {
2030 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
2031 return tevent_req_post(req, ev);
2032 }
2033
2034 in_addr_to_sockaddr_storage(
2035 &state->server, state->servers[state->num_sent]);
2036
2037 subreq = name_query_send(state, state->ev,
2038 state->name, state->name_type,
2039 false, true, &state->server);
2040
2041 if (tevent_req_nomem(subreq, req)) {
2042 return tevent_req_post(req, ev);
2043 }
2044
2045 /* wrap check */
2046 if (state->num_sent + 1 < state->num_sent) {
2047 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2048 return tevent_req_post(req, ev);
2049 }
2050
2051 state->num_sent += 1;
2052 if (!tevent_req_set_endtime(subreq, state->ev,
2053 timeval_current_ofs(2, 0))) {
2054 return tevent_req_post(req, ev);
2055 }
2056 tevent_req_set_callback(subreq, query_wins_list_done, req);
2057 return req;
2058 }
2059
2060 static void query_wins_list_done(struct tevent_req *subreq)
2061 {
2062 struct tevent_req *req = tevent_req_callback_data(
2063 subreq, struct tevent_req);
2064 struct query_wins_list_state *state = tevent_req_data(
2065 req, struct query_wins_list_state);
2066 NTSTATUS status;
2067
2068 status = name_query_recv(subreq, state,
2069 &state->addrs, &state->num_addrs,
2070 &state->flags);
2071 TALLOC_FREE(subreq);
2072 if (NT_STATUS_IS_OK(status)) {
2073 tevent_req_done(req);
2074 return;
2075 }
2076 if (!NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
2077 tevent_req_nterror(req, status);
2078 return;
2079 }
2080 wins_srv_died(state->servers[state->num_sent-1],
2081 my_socket_addr_v4());
2082
2083 if (state->num_sent == state->num_servers) {
2084 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
2085 return;
2086 }
2087
2088 in_addr_to_sockaddr_storage(
2089 &state->server, state->servers[state->num_sent]);
2090
2091 subreq = name_query_send(state, state->ev,
2092 state->name, state->name_type,
2093 false, true, &state->server);
2094 state->num_sent += 1;
2095 if (tevent_req_nomem(subreq, req)) {
2096 return;
2097 }
2098 if (!tevent_req_set_endtime(subreq, state->ev,
2099 timeval_current_ofs(2, 0))) {
2100 return;
2101 }
2102 tevent_req_set_callback(subreq, query_wins_list_done, req);
2103 }
2104
2105 static NTSTATUS query_wins_list_recv(struct tevent_req *req,
2106 TALLOC_CTX *mem_ctx,
2107 struct sockaddr_storage **addrs,
2108 size_t *num_addrs,
2109 uint8_t *flags)
2110 {
2111 struct query_wins_list_state *state = tevent_req_data(
2112 req, struct query_wins_list_state);
2113 NTSTATUS status;
2114
2115 if (tevent_req_is_nterror(req, &status)) {
2116 return status;
2117 }
2118 if (addrs != NULL) {
2119 *addrs = talloc_move(mem_ctx, &state->addrs);
2120 }
2121 if (num_addrs != NULL) {
2122 *num_addrs = state->num_addrs;
2123 }
2124 if (flags != NULL) {
2125 *flags = state->flags;
2126 }
2127 return NT_STATUS_OK;
2128 }
2129
2130 struct resolve_wins_state {
2131 size_t num_sent;
2132 size_t num_received;
2133
2134 struct sockaddr_storage *addrs;
2135 size_t num_addrs;
2136 uint8_t flags;
2137 };
2138
2139 static void resolve_wins_done(struct tevent_req *subreq);
2140
2141 struct tevent_req *resolve_wins_send(TALLOC_CTX *mem_ctx,
2142 struct tevent_context *ev,
2143 const char *name,
2144 int name_type)
2145 {
2146 struct tevent_req *req, *subreq;
2147 struct resolve_wins_state *state;
2148 char **wins_tags = NULL;
2149 struct sockaddr_storage src_ss;
2150 struct samba_sockaddr src_sa = {0};
2151 struct in_addr src_ip;
2152 size_t i, num_wins_tags;
2153 bool ok;
2154
2155 req = tevent_req_create(mem_ctx, &state,
2156 struct resolve_wins_state);
2157 if (req == NULL) {
2158 return NULL;
2159 }
2160
2161 if (wins_srv_count() < 1) {
2162 DEBUG(3,("resolve_wins: WINS server resolution selected "
2163 "and no WINS servers listed.\n"));
2164 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2165 goto fail;
2166 }
2167
2168 /* the address we will be sending from */
2169 if (!interpret_string_addr(&src_ss, lp_nbt_client_socket_address(),
2170 AI_NUMERICHOST|AI_PASSIVE)) {
2171 zero_sockaddr(&src_ss);
2172 }
2173
2174 ok = sockaddr_storage_to_samba_sockaddr(&src_sa, &src_ss);
2175 if (!ok) {
2176 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2177 goto fail;
2178 }
2179
2180 if (src_sa.u.ss.ss_family != AF_INET) {
2181 char addr[INET6_ADDRSTRLEN];
2182 print_sockaddr(addr, sizeof(addr), &src_sa.u.ss);
2183 DEBUG(3,("resolve_wins: cannot receive WINS replies "
2184 "on IPv6 address %s\n",
2185 addr));
2186 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2187 goto fail;
2188 }
2189
2190 src_ip = src_sa.u.in.sin_addr;
2191
2192 wins_tags = wins_srv_tags();
2193 if (wins_tags == NULL) {
2194 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2195 goto fail;
2196 }
2197
2198 num_wins_tags = 0;
2199 while (wins_tags[num_wins_tags] != NULL) {
2200 /* wrap check. */
2201 if (num_wins_tags + 1 < num_wins_tags) {
2202 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2203 goto fail;
2204 }
2205 num_wins_tags += 1;
2206 }
2207
2208 for (i=0; i<num_wins_tags; i++) {
2209 size_t num_servers, num_alive;
2210 struct in_addr *servers, *alive;
2211 size_t j;
2212
2213 if (!wins_server_tag_ips(wins_tags[i], talloc_tos(),
2214 &servers, &num_servers)) {
2215 DEBUG(10, ("wins_server_tag_ips failed for tag %s\n",
2216 wins_tags[i]));
2217 continue;
2218 }
2219
2220 alive = talloc_array(state, struct in_addr, num_servers);
2221 if (tevent_req_nomem(alive, req)) {
2222 goto fail;
2223 }
2224
2225 num_alive = 0;
2226 for (j=0; j<num_servers; j++) {
2227 struct in_addr wins_ip = servers[j];
2228
2229 if (global_in_nmbd && ismyip_v4(wins_ip)) {
2230 /* yikes! we'll loop forever */
2231 continue;
2232 }
2233 /* skip any that have been unresponsive lately */
2234 if (wins_srv_is_dead(wins_ip, src_ip)) {
2235 continue;
2236 }
2237 DEBUG(3, ("resolve_wins: using WINS server %s "
2238 "and tag '%s'\n",
2239 inet_ntoa(wins_ip), wins_tags[i]));
2240 alive[num_alive] = wins_ip;
2241 num_alive += 1;
2242 }
2243 TALLOC_FREE(servers);
2244
2245 if (num_alive == 0) {
2246 continue;
2247 }
2248
2249 subreq = query_wins_list_send(
2250 state, ev, src_ip, name, name_type,
2251 alive, num_alive);
2252 if (tevent_req_nomem(subreq, req)) {
2253 goto fail;
2254 }
2255 tevent_req_set_callback(subreq, resolve_wins_done, req);
2256 state->num_sent += 1;
2257 }
2258
2259 if (state->num_sent == 0) {
2260 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
2261 goto fail;
2262 }
2263
2264 wins_srv_tags_free(wins_tags);
2265 return req;
2266 fail:
2267 wins_srv_tags_free(wins_tags);
2268 return tevent_req_post(req, ev);
2269 }
2270
2271 static void resolve_wins_done(struct tevent_req *subreq)
2272 {
2273 struct tevent_req *req = tevent_req_callback_data(
2274 subreq, struct tevent_req);
2275 struct resolve_wins_state *state = tevent_req_data(
2276 req, struct resolve_wins_state);
2277 NTSTATUS status;
2278
2279 status = query_wins_list_recv(subreq, state, &state->addrs,
2280 &state->num_addrs, &state->flags);
2281 if (NT_STATUS_IS_OK(status)) {
2282 tevent_req_done(req);
2283 return;
2284 }
2285
2286 /* wrap check. */
2287 if (state->num_received + 1 < state->num_received) {
2288 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2289 return;
2290 }
2291
2292 state->num_received += 1;
2293
2294 if (state->num_received < state->num_sent) {
2295 /*
2296 * Wait for the others
2297 */
2298 return;
2299 }
2300 tevent_req_nterror(req, status);
2301 }
2302
2303 NTSTATUS resolve_wins_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
2304 struct sockaddr_storage **addrs,
2305 size_t *num_addrs, uint8_t *flags)
2306 {
2307 struct resolve_wins_state *state = tevent_req_data(
2308 req, struct resolve_wins_state);
2309 NTSTATUS status;
2310
2311 if (tevent_req_is_nterror(req, &status)) {
2312 return status;
2313 }
2314 if (addrs != NULL) {
2315 *addrs = talloc_move(mem_ctx, &state->addrs);
2316 }
2317 if (num_addrs != NULL) {
2318 *num_addrs = state->num_addrs;
2319 }
2320 if (flags != NULL) {
2321 *flags = state->flags;
2322 }
2323 return NT_STATUS_OK;
2324 }
2325
2326 /********************************************************
2327 Resolve via "wins" method.
2328 *********************************************************/
2329
2330 NTSTATUS resolve_wins(TALLOC_CTX *mem_ctx,
2331 const char *name,
2332 int name_type,
2333 struct sockaddr_storage **return_iplist,
2334 size_t *return_count)
2335 {
2336 struct tevent_context *ev;
2337 struct tevent_req *req;
2338 NTSTATUS status = NT_STATUS_NO_MEMORY;
2339
2340 ev = samba_tevent_context_init(talloc_tos());
2341 if (ev == NULL) {
2342 goto fail;
2343 }
2344 req = resolve_wins_send(ev, ev, name, name_type);
2345 if (req == NULL) {
2346 goto fail;
2347 }
2348 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
2349 goto fail;
2350 }
2351 status = resolve_wins_recv(req, mem_ctx, return_iplist, return_count,
2352 NULL);
2353 fail:
2354 TALLOC_FREE(ev);
2355 return status;
2356 }
2357
2358
2359 /********************************************************
2360 Resolve via "hosts" method.
2361 *********************************************************/
2362
2363 static NTSTATUS resolve_hosts(TALLOC_CTX *mem_ctx,
2364 const char *name,
2365 int name_type,
2366 struct sockaddr_storage **return_iplist,
2367 size_t *return_count)
2368 {
2369 /*
2370 * "host" means do a localhost, or dns lookup.
2371 */
2372 struct addrinfo hints;
2373 struct addrinfo *ailist = NULL;
2374 struct addrinfo *res = NULL;
2375 int ret = -1;
2376 size_t i = 0;
2377 size_t ret_count = 0;
2378 struct sockaddr_storage *iplist = NULL;
2379
2380 if ( name_type != 0x20 && name_type != 0x0) {
2381 DEBUG(5, ("resolve_hosts: not appropriate "
2382 "for name type <0x%x>\n",
2383 name_type));
2384 return NT_STATUS_INVALID_PARAMETER;
2385 }
2386
2387 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
2388 name, name_type));
2389
2390 ZERO_STRUCT(hints);
2391 /* By default make sure it supports TCP. */
2392 hints.ai_socktype = SOCK_STREAM;
2393 hints.ai_flags = AI_ADDRCONFIG;
2394
2395 #if !defined(HAVE_IPV6)
2396 /* Unless we have IPv6, we really only want IPv4 addresses back. */
2397 hints.ai_family = AF_INET;
2398 #endif
2399
2400 ret = getaddrinfo(name,
2401 NULL,
2402 &hints,
2403 &ailist);
2404 if (ret) {
2405 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
2406 name,
2407 gai_strerror(ret) ));
2408 }
2409
2410 for (res = ailist; res; res = res->ai_next) {
2411 struct sockaddr_storage ss = {0};
2412 struct sockaddr_storage *tmp = NULL;
2413
2414 if ((res->ai_addr == NULL) ||
2415 (res->ai_addrlen == 0) ||
2416 (res->ai_addrlen > sizeof(ss))) {
2417 continue;
2418 }
2419
2420 memcpy(&ss, res->ai_addr, res->ai_addrlen);
2421
2422 if (is_zero_addr(&ss)) {
2423 continue;
2424 }
2425
2426 /* wrap check. */
2427 if (ret_count + 1 < ret_count) {
2428 freeaddrinfo(ailist);
2429 TALLOC_FREE(iplist);
2430 return NT_STATUS_INVALID_PARAMETER;
2431 }
2432 ret_count += 1;
2433
2434 tmp = talloc_realloc(
2435 mem_ctx, iplist, struct sockaddr_storage,
2436 ret_count);
2437 if (tmp == NULL) {
2438 DEBUG(3,("resolve_hosts: malloc fail !\n"));
2439 freeaddrinfo(ailist);
2440 TALLOC_FREE(iplist);
2441 return NT_STATUS_NO_MEMORY;
2442 }
2443 iplist = tmp;
2444 iplist[i] = ss;
2445 i++;
2446 }
2447 if (ailist) {
2448 freeaddrinfo(ailist);
2449 }
2450 if (ret_count == 0) {
2451 return NT_STATUS_UNSUCCESSFUL;
2452 }
2453 *return_count = ret_count;
2454 *return_iplist = iplist;
2455 return NT_STATUS_OK;
2456 }
2457
2458 /********************************************************
2459 Resolve via "ADS" method.
2460 *********************************************************/
2461
2462 /* Special name type used to cause a _kerberos DNS lookup. */
2463 #define KDC_NAME_TYPE 0xDCDC
2464
2465 static NTSTATUS resolve_ads(TALLOC_CTX *ctx,
2466 const char *name,
2467 int name_type,
2468 const char *sitename,
2469 struct sockaddr_storage **return_addrs,
2470 size_t *return_count)
2471 {
2472 size_t i;
2473 NTSTATUS status;
2474 struct dns_rr_srv *dcs = NULL;
2475 size_t numdcs = 0;
2476 size_t num_srv_addrs = 0;
2477 struct sockaddr_storage *srv_addrs = NULL;
2478 char *query = NULL;
2479
2480 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
2481 (name_type != 0x1b)) {
2482 return NT_STATUS_INVALID_PARAMETER;
2483 }
2484
2485 status = NT_STATUS_OK;
2486
2487 switch (name_type) {
2488 case 0x1b:
2489 DEBUG(5,("resolve_ads: Attempting to resolve "
2490 "PDC for %s using DNS\n", name));
2491 query = ads_dns_query_string_pdc(ctx, name);
2492 break;
2493
2494 case 0x1c:
2495 DEBUG(5,("resolve_ads: Attempting to resolve "
2496 "DCs for %s using DNS\n", name));
2497 query = ads_dns_query_string_dcs(ctx, name);
2498 break;
2499 case KDC_NAME_TYPE:
2500 DEBUG(5,("resolve_ads: Attempting to resolve "
2501 "KDCs for %s using DNS\n", name));
2502 query = ads_dns_query_string_kdcs(ctx, name);
2503 break;
2504 default:
2505 status = NT_STATUS_INVALID_PARAMETER;
2506 break;
2507 }
2508
2509 if (!NT_STATUS_IS_OK(status)) {
2510 return status;
2511 }
2512 if (query == NULL) {
2513 return NT_STATUS_NO_MEMORY;
2514 }
2515
2516 DBG_DEBUG("SRV query for %s\n", query);
2517
2518 status = ads_dns_query_srv(
2519 ctx,
2520 lp_get_async_dns_timeout(),
2521 sitename,
2522 query,
2523 &dcs,
2524 &numdcs);
2525 if (!NT_STATUS_IS_OK(status)) {
2526 return status;
2527 }
2528
2529 if (numdcs == 0) {
2530 *return_addrs = NULL;
2531 *return_count = 0;
2532 TALLOC_FREE(dcs);
2533 return NT_STATUS_OK;
2534 }
2535
2536 /* First count the sizes of each array. */
2537 for(i = 0; i < numdcs; i++) {
2538 if (dcs[i].ss_s == NULL) {
2539 /*
2540 * Nothing received or timeout in A/AAAA reqs
2541 */
2542 continue;
2543 }
2544
2545 if (num_srv_addrs + dcs[i].num_ips < num_srv_addrs) {
2546 /* Wrap check. */
2547 TALLOC_FREE(dcs);
2548 return NT_STATUS_INVALID_PARAMETER;
2549 }
2550 /* Add in the number of addresses we got. */
2551 num_srv_addrs += dcs[i].num_ips;
2552 }
2553
2554 /* Allocate the list of IP addresses we already have. */
2555 srv_addrs = talloc_zero_array(ctx,
2556 struct sockaddr_storage,
2557 num_srv_addrs);
2558 if (srv_addrs == NULL) {
2559 TALLOC_FREE(dcs);
2560 return NT_STATUS_NO_MEMORY;
2561 }
2562
2563 num_srv_addrs = 0;
2564 for(i = 0; i < numdcs; i++) {
2565 /* Copy all the IP addresses from the SRV response */
2566 size_t j;
2567 for (j = 0; j < dcs[i].num_ips; j++) {
2568 char addr[INET6_ADDRSTRLEN];
2569
2570 srv_addrs[num_srv_addrs] = dcs[i].ss_s[j];
2571 if (is_zero_addr(&srv_addrs[num_srv_addrs])) {
2572 continue;
2573 }
2574
2575 DBG_DEBUG("SRV lookup %s got IP[%zu] %s\n",
2576 name,
2577 j,
2578 print_sockaddr(addr,
2579 sizeof(addr),
2580 &srv_addrs[num_srv_addrs]));
2581
2582 num_srv_addrs++;
2583 }
2584 }
2585
2586 TALLOC_FREE(dcs);
2587
2588 *return_addrs = srv_addrs;
2589 *return_count = num_srv_addrs;
2590 return NT_STATUS_OK;
2591 }
2592
2593 static const char **filter_out_nbt_lookup(TALLOC_CTX *mem_ctx,
2594 const char **resolve_order)
2595 {
2596 size_t i, len, result_idx;
2597 const char **result;
2598
2599 len = 0;
2600 while (resolve_order[len] != NULL) {
2601 len += 1;
2602 }
2603
2604 result = talloc_array(mem_ctx, const char *, len+1);
2605 if (result == NULL) {
2606 return NULL;
2607 }
2608
2609 result_idx = 0;
2610
2611 for (i=0; i<len; i++) {
2612 const char *tok = resolve_order[i];
2613
2614 if (strequal(tok, "lmhosts") || strequal(tok, "wins") ||
2615 strequal(tok, "bcast")) {
2616 continue;
2617 }
2618 result[result_idx++] = tok;
2619 }
2620 result[result_idx] = NULL;
2621
2622 return result;
2623 }
2624
2625 /*******************************************************************
2626 Samba interface to resolve a name into an IP address.
2627 Use this function if the string is either an IP address, DNS
2628 or host name or NetBIOS name. This uses the name switch in the
2629 smb.conf to determine the order of name resolution.
2630
2631 Added support for ip addr/port to support ADS ldap servers.
2632 the only place we currently care about the port is in the
2633 resolve_hosts() when looking up DC's via SRV RR entries in DNS
2634 **********************************************************************/
2635
2636 NTSTATUS internal_resolve_name(TALLOC_CTX *ctx,
2637 const char *name,
2638 int name_type,
2639 const char *sitename,
2640 struct samba_sockaddr **return_salist,
2641 size_t *return_count,
2642 const char **resolve_order)
2643 {
2644 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
2645 size_t i;
2646 size_t nc_count = 0;
2647 size_t ret_count = 0;
2648 bool ok;
2649 struct sockaddr_storage *ss_list = NULL;
2650 struct samba_sockaddr *sa_list = NULL;
2651 TALLOC_CTX *frame = talloc_stackframe();
2652
2653 DBG_DEBUG("looking up %s#%x (sitename %s)\n",
2654 name, name_type, sitename ? sitename : "(null)");
2655
2656 if (is_ipaddress(name)) {
2657 struct sockaddr_storage ss;
2658
2659 /* if it's in the form of an IP address then get the lib to interpret it */
2660 ok = interpret_string_addr(&ss, name, AI_NUMERICHOST);
2661 if (!ok) {
2662 DBG_WARNING("interpret_string_addr failed on %s\n",
2663 name);
2664 TALLOC_FREE(frame);
2665 return NT_STATUS_INVALID_PARAMETER;
2666 }
2667 if (is_zero_addr(&ss)) {
2668 TALLOC_FREE(frame);
2669 return NT_STATUS_UNSUCCESSFUL;
2670 }
2671
2672 status = sockaddr_array_to_samba_sockaddr_array(frame,
2673 &sa_list,
2674 &ret_count,
2675 &ss,
2676 1);
2677 if (!NT_STATUS_IS_OK(status)) {
2678 TALLOC_FREE(frame);
2679 return status;
2680 }
2681
2682 *return_salist = talloc_move(ctx, &sa_list);
2683 *return_count = 1;
2684 TALLOC_FREE(frame);
2685 return NT_STATUS_OK;
2686 }
2687
2688 /* Check name cache */
2689
2690 ok = namecache_fetch(frame,
2691 name,
2692 name_type,
2693 &sa_list,
2694 &nc_count);
2695 if (ok) {
2696 /*
2697 * remove_duplicate_addrs2() has the
2698 * side effect of removing zero addresses,
2699 * so use it here.
2700 */
2701 nc_count = remove_duplicate_addrs2(sa_list, nc_count);
2702 if (nc_count == 0) {
2703 TALLOC_FREE(sa_list);
2704 TALLOC_FREE(frame);
2705 return NT_STATUS_UNSUCCESSFUL;
2706 }
2707 *return_count = nc_count;
2708 *return_salist = talloc_move(ctx, &sa_list);
2709 TALLOC_FREE(frame);
2710 return NT_STATUS_OK;
2711 }
2712
2713 /* set the name resolution order */
2714
2715 if (resolve_order && strcmp(resolve_order[0], "NULL") == 0) {
2716 DBG_DEBUG("all lookups disabled\n");
2717 TALLOC_FREE(frame);
2718 return NT_STATUS_INVALID_PARAMETER;
2719 }
2720
2721 if (!resolve_order || !resolve_order[0]) {
2722 static const char *host_order[] = { "host", NULL };
2723 resolve_order = host_order;
2724 }
2725
2726 if ((strlen(name) > MAX_NETBIOSNAME_LEN - 1) ||
2727 (strchr(name, '.') != NULL)) {
2728 /*
2729 * Don't do NBT lookup, the name would not fit anyway
2730 */
2731 resolve_order = filter_out_nbt_lookup(frame, resolve_order);
2732 if (resolve_order == NULL) {
2733 TALLOC_FREE(frame);
2734 return NT_STATUS_NO_MEMORY;
2735 }
2736 }
2737
2738 /* iterate through the name resolution backends */
2739
2740 for (i=0; resolve_order[i]; i++) {
2741 const char *tok = resolve_order[i];
2742
2743 if ((strequal(tok, "host") || strequal(tok, "hosts"))) {
2744 status = resolve_hosts(talloc_tos(),
2745 name,
2746 name_type,
2747 &ss_list,
2748 &ret_count);
2749 if (!NT_STATUS_IS_OK(status)) {
2750 continue;
2751 }
2752 goto done;
2753 }
2754
2755 if (strequal(tok, "kdc")) {
2756 /* deal with KDC_NAME_TYPE names here.
2757 * This will result in a SRV record lookup */
2758 status = resolve_ads(talloc_tos(),
2759 name,
2760 KDC_NAME_TYPE,
2761 sitename,
2762 &ss_list,
2763 &ret_count);
2764 if (!NT_STATUS_IS_OK(status)) {
2765 continue;
2766 }
2767 /* Ensure we don't namecache
2768 * this with the KDC port. */
2769 name_type = KDC_NAME_TYPE;
2770 goto done;
2771 }
2772
2773 if (strequal(tok, "ads")) {
2774 /* deal with 0x1c and 0x1b names here.
2775 * This will result in a SRV record lookup */
2776 status = resolve_ads(talloc_tos(),
2777 name,
2778 name_type,
2779 sitename,
2780 &ss_list,
2781 &ret_count);
2782 if (!NT_STATUS_IS_OK(status)) {
2783 continue;
2784 }
2785 goto done;
2786 }
2787
2788 if (strequal(tok, "lmhosts")) {
2789 status = resolve_lmhosts_file_as_sockaddr(
2790 talloc_tos(),
2791 get_dyn_LMHOSTSFILE(),
2792 name,
2793 name_type,
2794 &ss_list,
2795 &ret_count);
2796 if (!NT_STATUS_IS_OK(status)) {
2797 continue;
2798 }
2799 goto done;
2800 }
2801
2802 if (strequal(tok, "wins")) {
2803 /* don't resolve 1D via WINS */
2804 if (name_type == 0x1D) {
2805 continue;
2806 }
2807 status = resolve_wins(talloc_tos(),
2808 name,
2809 name_type,
2810 &ss_list,
2811 &ret_count);
2812 if (!NT_STATUS_IS_OK(status)) {
2813 continue;
2814 }
2815 goto done;
2816 }
2817
2818 if (strequal(tok, "bcast")) {
2819 status = name_resolve_bcast(
2820 talloc_tos(),
2821 name,
2822 name_type,
2823 &ss_list,
2824 &ret_count);
2825 if (!NT_STATUS_IS_OK(status)) {
2826 continue;
2827 }
2828 goto done;
2829 }
2830
2831 DBG_ERR("unknown name switch type %s\n", tok);
2832 }
2833
2834 /* All of the resolve_* functions above have returned false. */
2835
2836 TALLOC_FREE(frame);
2837 *return_count = 0;
2838
2839 return status;
2840
2841 done:
2842
2843 status = sockaddr_array_to_samba_sockaddr_array(frame,
2844 &sa_list,
2845 &ret_count,
2846 ss_list,
2847 ret_count);
2848 if (!NT_STATUS_IS_OK(status)) {
2849 TALLOC_FREE(frame);
2850 return NT_STATUS_NO_MEMORY;
2851 }
2852
2853 /* Remove duplicate entries. Some queries, notably #1c (domain
2854 controllers) return the PDC in iplist[0] and then all domain
2855 controllers including the PDC in iplist[1..n]. Iterating over
2856 the iplist when the PDC is down will cause two sets of timeouts. */
2857
2858 ret_count = remove_duplicate_addrs2(sa_list, ret_count);
2859
2860 /* Save in name cache */
2861 if ( DEBUGLEVEL >= 100 ) {
2862 for (i = 0; i < ret_count && DEBUGLEVEL == 100; i++) {
2863 char addr[INET6_ADDRSTRLEN];
2864 print_sockaddr(addr, sizeof(addr),
2865 &sa_list[i].u.ss);
2866 DEBUG(100, ("Storing name %s of type %d (%s:0)\n",
2867 name,
2868 name_type,
2869 addr));
2870 }
2871 }
2872
2873 if (ret_count) {
2874 namecache_store(name,
2875 name_type,
2876 ret_count,
2877 sa_list);
2878 }
2879
2880 /* Display some debugging info */
2881
2882 if ( DEBUGLEVEL >= 10 ) {
2883 DBG_DEBUG("returning %zu addresses: ",
2884 ret_count);
2885
2886 for (i = 0; i < ret_count; i++) {
2887 char addr[INET6_ADDRSTRLEN];
2888 print_sockaddr(addr, sizeof(addr),
2889 &sa_list[i].u.ss);
2890 DEBUGADD(10, ("%s ", addr));
2891 }
2892 DEBUG(10, ("\n"));
2893 }
2894
2895 *return_count = ret_count;
2896 *return_salist = talloc_move(ctx, &sa_list);
2897
2898 TALLOC_FREE(frame);
2899 return status;
2900 }
2901
2902 /********************************************************
2903 Internal interface to resolve a name into one IP address.
2904 Use this function if the string is either an IP address, DNS
2905 or host name or NetBIOS name. This uses the name switch in the
2906 smb.conf to determine the order of name resolution.
2907 *********************************************************/
2908
2909 bool resolve_name(const char *name,
2910 struct sockaddr_storage *return_ss,
2911 int name_type,
2912 bool prefer_ipv4)
2913 {
2914 struct samba_sockaddr *sa_list = NULL;
2915 char *sitename = NULL;
2916 size_t count = 0;
2917 NTSTATUS status;
2918 TALLOC_CTX *frame = NULL;
2919
2920 if (is_ipaddress(name)) {
2921 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2922 }
2923
2924 frame = talloc_stackframe();
2925
2926 sitename = sitename_fetch(frame, lp_realm()); /* wild guess */
2927
2928 status = internal_resolve_name(frame,
2929 name,
2930 name_type,
2931 sitename,
2932 &sa_list,
2933 &count,
2934 lp_name_resolve_order());
2935 if (NT_STATUS_IS_OK(status)) {
2936 size_t i;
2937
2938 if (prefer_ipv4) {
2939 for (i=0; i<count; i++) {
2940 if (!is_broadcast_addr(&sa_list[i].u.sa) &&
2941 (sa_list[i].u.ss.ss_family == AF_INET)) {
2942 *return_ss = sa_list[i].u.ss;
2943 TALLOC_FREE(sa_list);
2944 TALLOC_FREE(frame);
2945 return True;
2946 }
2947 }
2948 }
2949
2950 /* only return valid addresses for TCP connections */
2951 for (i=0; i<count; i++) {
2952 if (!is_broadcast_addr(&sa_list[i].u.sa)) {
2953 *return_ss = sa_list[i].u.ss;
2954 TALLOC_FREE(sa_list);
2955 TALLOC_FREE(frame);
2956 return True;
2957 }
2958 }
2959 }
2960
2961 TALLOC_FREE(sa_list);
2962 TALLOC_FREE(frame);
2963 return False;
2964 }
2965
2966 /********************************************************
2967 Internal interface to resolve a name into a list of IP addresses.
2968 Use this function if the string is either an IP address, DNS
2969 or host name or NetBIOS name. This uses the name switch in the
2970 smb.conf to determine the order of name resolution.
2971 *********************************************************/
2972
2973 NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
2974 const char *name,
2975 int name_type,
2976 struct sockaddr_storage **return_ss_arr,
2977 unsigned int *p_num_entries)
2978 {
2979 struct samba_sockaddr *sa_list = NULL;
2980 char *sitename = NULL;
2981 size_t count = 0;
2982 size_t i;
2983 unsigned int num_entries = 0;
2984 struct sockaddr_storage *result_arr = NULL;
2985 NTSTATUS status;
2986
2987 if (is_ipaddress(name)) {
2988 result_arr = talloc(ctx, struct sockaddr_storage);
2989 if (result_arr == NULL) {
2990 return NT_STATUS_NO_MEMORY;
2991 }
2992 if (!interpret_string_addr(result_arr, name, AI_NUMERICHOST)) {
2993 TALLOC_FREE(result_arr);
2994 return NT_STATUS_BAD_NETWORK_NAME;
2995 }
2996 *p_num_entries = 1;
2997 *return_ss_arr = result_arr;
2998 return NT_STATUS_OK;
2999 }
3000
3001 sitename = sitename_fetch(ctx, lp_realm()); /* wild guess */
3002
3003 status = internal_resolve_name(ctx,
3004 name,
3005 name_type,
3006 sitename,
3007 &sa_list,
3008 &count,
3009 lp_name_resolve_order());
3010 TALLOC_FREE(sitename);
3011
3012 if (!NT_STATUS_IS_OK(status)) {
3013 return status;
3014 }
3015
3016 /* only return valid addresses for TCP connections */
3017 for (i=0, num_entries = 0; i<count; i++) {
3018 if (!is_zero_addr(&sa_list[i].u.ss) &&
3019 !is_broadcast_addr(&sa_list[i].u.sa)) {
3020 num_entries++;
3021 }
3022 }
3023 if (num_entries == 0) {
3024 status = NT_STATUS_BAD_NETWORK_NAME;
3025 goto done;
3026 }
3027
3028 result_arr = talloc_array(ctx,
3029 struct sockaddr_storage,
3030 num_entries);
3031 if (result_arr == NULL) {
3032 status = NT_STATUS_NO_MEMORY;
3033 goto done;
3034 }
3035
3036 for (i=0, num_entries = 0; i<count; i++) {
3037 if (!is_zero_addr(&sa_list[i].u.ss) &&
3038 !is_broadcast_addr(&sa_list[i].u.sa)) {
3039 result_arr[num_entries++] = sa_list[i].u.ss;
3040 }
3041 }
3042
3043 if (num_entries == 0) {
3044 TALLOC_FREE(result_arr);
3045 status = NT_STATUS_BAD_NETWORK_NAME;
3046 goto done;
3047 }
3048
3049 status = NT_STATUS_OK;
3050 *p_num_entries = num_entries;
3051 *return_ss_arr = result_arr;
3052 done:
3053 TALLOC_FREE(sa_list);
3054 return status;
3055 }
3056
3057 /********************************************************
3058 Find the IP address of the master browser or DMB for a workgroup.
3059 *********************************************************/
3060
3061 bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
3062 {
3063 struct samba_sockaddr *sa_list = NULL;
3064 size_t count = 0;
3065 NTSTATUS status;
3066
3067 if (lp_disable_netbios()) {
3068 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
3069 return false;
3070 }
3071
3072 status = internal_resolve_name(talloc_tos(),
3073 group,
3074 0x1D,
3075 NULL,
3076 &sa_list,
3077 &count,
3078 lp_name_resolve_order());
3079 if (NT_STATUS_IS_OK(status)) {
3080 *master_ss = sa_list[0].u.ss;
3081 TALLOC_FREE(sa_list);
3082 return true;
3083 }
3084
3085 TALLOC_FREE(sa_list);
3086
3087 status = internal_resolve_name(talloc_tos(),
3088 group,
3089 0x1B,
3090 NULL,
3091 &sa_list,
3092 &count,
3093 lp_name_resolve_order());
3094 if (NT_STATUS_IS_OK(status)) {
3095 *master_ss = sa_list[0].u.ss;
3096 TALLOC_FREE(sa_list);
3097 return true;
3098 }
3099
3100 TALLOC_FREE(sa_list);
3101 return false;
3102 }
3103
3104 /********************************************************
3105 Get the IP address list of the primary domain controller
3106 for a domain.
3107 *********************************************************/
3108
3109 bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
3110 {
3111 struct samba_sockaddr *sa_list = NULL;
3112 size_t count = 0;
3113 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
3114 static const char *ads_order[] = { "ads", NULL };
3115 /* Look up #1B name */
3116
3117 if (lp_security() == SEC_ADS) {
3118 status = internal_resolve_name(talloc_tos(),
3119 domain,
3120 0x1b,
3121 NULL,
3122 &sa_list,
3123 &count,
3124 ads_order);
3125 }
3126
3127 if (!NT_STATUS_IS_OK(status) || count == 0) {
3128 TALLOC_FREE(sa_list);
3129 status = internal_resolve_name(talloc_tos(),
3130 domain,
3131 0x1b,
3132 NULL,
3133 &sa_list,
3134 &count,
3135 lp_name_resolve_order());
3136 if (!NT_STATUS_IS_OK(status)) {
3137 TALLOC_FREE(sa_list);
3138 return false;
3139 }
3140 }
3141
3142 /* if we get more than 1 IP back we have to assume it is a
3143 multi-homed PDC and not a mess up */
3144
3145 if ( count > 1 ) {
3146 DBG_INFO("PDC has %zu IP addresses!\n", count);
3147 sort_sa_list(sa_list, count);
3148 }
3149
3150 *pss = sa_list[0].u.ss;
3151 TALLOC_FREE(sa_list);
3152 return true;
3153 }
3154
3155 /* Private enum type for lookups. */
3156
3157 enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
3158
3159 /********************************************************
3160 Get the IP address list of the domain controllers for
3161 a domain.
3162 *********************************************************/
3163
3164 static NTSTATUS get_dc_list(TALLOC_CTX *ctx,
3165 const char *domain,
3166 const char *sitename,
3167 struct samba_sockaddr **sa_list_ret,
3168 size_t *ret_count,
3169 enum dc_lookup_type lookup_type,
3170 bool *ordered)
3171 {
3172 const char **resolve_order = NULL;
3173 char *saf_servername = NULL;
3174 char *pserver = NULL;
3175 const char *p;
3176 char *name;
3177 size_t num_addresses = 0;
3178 size_t local_count = 0;
3179 size_t i;
3180 struct samba_sockaddr *auto_sa_list = NULL;
3181 struct samba_sockaddr *return_salist = NULL;
3182 bool done_auto_lookup = false;
3183 size_t auto_count = 0;
3184 NTSTATUS status;
3185 TALLOC_CTX *frame = talloc_stackframe();
3186 int auto_name_type = 0x1C;
3187
3188 *ordered = False;
3189
3190 /* if we are restricted to solely using DNS for looking
3191 up a domain controller, make sure that host lookups
3192 are enabled for the 'name resolve order'. If host lookups
3193 are disabled and ads_only is True, then set the string to
3194 NULL. */
3195
3196 resolve_order = lp_name_resolve_order();
3197 if (!resolve_order) {
3198 status = NT_STATUS_NO_MEMORY;
3199 goto out;
3200 }
3201 if (lookup_type == DC_ADS_ONLY) {
3202 if (str_list_check_ci(resolve_order, "host")) {
3203 static const char *ads_order[] = { "ads", NULL };
3204 resolve_order = ads_order;
3205
3206 /* DNS SRV lookups used by the ads resolver
3207 are already sorted by priority and weight */
3208 *ordered = true;
3209 } else {
3210 /* this is quite bizarre! */
3211 static const char *null_order[] = { "NULL", NULL };
3212 resolve_order = null_order;
3213 }
3214 } else if (lookup_type == DC_KDC_ONLY) {
3215 static const char *kdc_order[] = { "kdc", NULL };
3216 /* DNS SRV lookups used by the ads/kdc resolver
3217 are already sorted by priority and weight */
3218 *ordered = true;
3219 resolve_order = kdc_order;
3220 auto_name_type = KDC_NAME_TYPE;
3221 }
3222
3223 /* fetch the server we have affinity for. Add the
3224 'password server' list to a search for our domain controllers */
3225
3226 saf_servername = saf_fetch(frame, domain);
3227
3228 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
3229 pserver = talloc_asprintf(frame, "%s, %s",
3230 saf_servername ? saf_servername : "",
3231 lp_password_server());
3232 } else {
3233 pserver = talloc_asprintf(frame, "%s, *",
3234 saf_servername ? saf_servername : "");
3235 }
3236
3237 TALLOC_FREE(saf_servername);
3238 if (!pserver) {
3239 status = NT_STATUS_NO_MEMORY;
3240 goto out;
3241 }
3242
3243 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
3244
3245 /*
3246 * if '*' appears in the "password server" list then add
3247 * an auto lookup to the list of manually configured
3248 * DC's. If any DC is listed by name, then the list should be
3249 * considered to be ordered
3250 */
3251
3252 p = pserver;
3253 while (next_token_talloc(frame, &p, &name, LIST_SEP)) {
3254 if (!done_auto_lookup && strequal(name, "*")) {
3255 done_auto_lookup = true;
3256
3257 status = internal_resolve_name(frame,
3258 domain,
3259 auto_name_type,
3260 sitename,
3261 &auto_sa_list,
3262 &auto_count,
3263 resolve_order);
3264 if (!NT_STATUS_IS_OK(status)) {
3265 continue;
3266 }
3267 /* Wrap check. */
3268 if (num_addresses + auto_count < num_addresses) {
3269 TALLOC_FREE(auto_sa_list);
3270 status = NT_STATUS_INVALID_PARAMETER;
3271 goto out;
3272 }
3273 num_addresses += auto_count;
3274 DBG_DEBUG("Adding %zu DC's from auto lookup\n",
3275 auto_count);
3276 } else {
3277 /* Wrap check. */
3278 if (num_addresses + 1 < num_addresses) {
3279 TALLOC_FREE(auto_sa_list);
3280 status = NT_STATUS_INVALID_PARAMETER;
3281 goto out;
3282 }
3283 num_addresses++;
3284 }
3285 }
3286
3287 /* if we have no addresses and haven't done the auto lookup, then
3288 just return the list of DC's. Or maybe we just failed. */
3289
3290 if (num_addresses == 0) {
3291 struct samba_sockaddr *dc_salist = NULL;
3292 size_t dc_count = 0;
3293
3294 if (done_auto_lookup) {
3295 DEBUG(4,("get_dc_list: no servers found\n"));
3296 status = NT_STATUS_NO_LOGON_SERVERS;
3297 goto out;
3298 }
3299 /* talloc off frame, only move to ctx on success. */
3300 status = internal_resolve_name(frame,
3301 domain,
3302 auto_name_type,
3303 sitename,
3304 &dc_salist,
3305 &dc_count,
3306 resolve_order);
3307 if (!NT_STATUS_IS_OK(status)) {
3308 goto out;
3309 }
3310 return_salist = dc_salist;
3311 local_count = dc_count;
3312 goto out;
3313 }
3314
3315 return_salist = talloc_zero_array(frame,
3316 struct samba_sockaddr,
3317 num_addresses);
3318 if (return_salist == NULL) {
3319 DEBUG(3,("get_dc_list: malloc fail !\n"));
3320 status = NT_STATUS_NO_MEMORY;
3321 goto out;
3322 }
3323
3324 p = pserver;
3325 local_count = 0;
3326
3327 /* fill in the return list now with real IP's */
3328
3329 while ((local_count<num_addresses) &&
3330 next_token_talloc(frame, &p, &name, LIST_SEP)) {
3331 struct samba_sockaddr name_sa = {0};
3332
3333 /* copy any addresses from the auto lookup */
3334
3335 if (strequal(name, "*")) {
3336 size_t j;
3337 for (j=0; j<auto_count; j++) {
3338 char addr[INET6_ADDRSTRLEN];
3339 print_sockaddr(addr,
3340 sizeof(addr),
3341 &auto_sa_list[j].u.ss);
3342 /* Check for and don't copy any
3343 * known bad DC IP's. */
3344 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
3345 domain,
3346 addr))) {
3347 DEBUG(5,("get_dc_list: "
3348 "negative entry %s removed "
3349 "from DC list\n",
3350 addr));
3351 continue;
3352 }
3353 return_salist[local_count] = auto_sa_list[j];
3354 local_count++;
3355 }
3356 continue;
3357 }
3358
3359 /* explicit lookup; resolve_name() will
3360 * handle names & IP addresses */
3361 if (resolve_name(name, &name_sa.u.ss, 0x20, true)) {
3362 char addr[INET6_ADDRSTRLEN];
3363 bool ok;
3364
3365 /*
3366 * Ensure we set sa_socklen correctly.
3367 * Doesn't matter now, but eventually we
3368 * will remove ip_service and return samba_sockaddr
3369 * arrays directly.
3370 */
3371 ok = sockaddr_storage_to_samba_sockaddr(
3372 &name_sa,
3373 &name_sa.u.ss);
3374 if (!ok) {
3375 status = NT_STATUS_INVALID_ADDRESS;
3376 goto out;
3377 }
3378
3379 print_sockaddr(addr,
3380 sizeof(addr),
3381 &name_sa.u.ss);
3382
3383 /* Check for and don't copy any known bad DC IP's. */
3384 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
3385 addr)) ) {
3386 DEBUG(5,("get_dc_list: negative entry %s "
3387 "removed from DC list\n",
3388 name ));
3389 continue;
3390 }
3391
3392 return_salist[local_count] = name_sa;
3393 local_count++;
3394 *ordered = true;
3395 }
3396 }
3397
3398 /* need to remove duplicates in the list if we have any
3399 explicit password servers */
3400
3401 local_count = remove_duplicate_addrs2(return_salist, local_count );
3402
3403 /* For DC's we always prioritize IPv4 due to W2K3 not
3404 * supporting LDAP, KRB5 or CLDAP over IPv6. */
3405
3406 if (local_count && return_salist != NULL) {
3407 prioritize_ipv4_list(return_salist, local_count);
3408 }
3409
3410 if ( DEBUGLEVEL >= 4 ) {
3411 DEBUG(4,("get_dc_list: returning %zu ip addresses "
3412 "in an %sordered list\n",
3413 local_count,
3414 *ordered ? "":"un"));
3415 DEBUG(4,("get_dc_list: "));
3416 for ( i=0; i<local_count; i++ ) {
3417 char addr[INET6_ADDRSTRLEN];
3418 print_sockaddr(addr,
3419 sizeof(addr),
3420 &return_salist[i].u.ss);
3421 DEBUGADD(4,("%s ", addr));
3422 }
3423 DEBUGADD(4,("\n"));
3424 }
3425
3426 status = (local_count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS);
3427
3428 out:
3429
3430 if (NT_STATUS_IS_OK(status)) {
3431 *sa_list_ret = talloc_move(ctx, &return_salist);
3432 *ret_count = local_count;
3433 }
3434 TALLOC_FREE(return_salist);
3435 TALLOC_FREE(auto_sa_list);
3436 TALLOC_FREE(frame);
3437 return status;
3438 }
3439
3440 /*********************************************************************
3441 Small wrapper function to get the DC list and sort it if neccessary.
3442 Returns a samba_sockaddr array.
3443 *********************************************************************/
3444
3445 NTSTATUS get_sorted_dc_list(TALLOC_CTX *ctx,
3446 const char *domain,
3447 const char *sitename,
3448 struct samba_sockaddr **sa_list_ret,
3449 size_t *ret_count,
3450 bool ads_only)
3451 {
3452 bool ordered = false;
3453 NTSTATUS status;
3454 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
3455 struct samba_sockaddr *sa_list = NULL;
3456 size_t count = 0;
3457
3458 DBG_INFO("attempting lookup for name %s (sitename %s)\n",
3459 domain,
3460 sitename ? sitename : "NULL");
3461
3462 if (ads_only) {
3463 lookup_type = DC_ADS_ONLY;
3464 }
3465
3466 status = get_dc_list(ctx,
3467 domain,
3468 sitename,
3469 &sa_list,
3470 &count,
3471 lookup_type,
3472 &ordered);
3473 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
3474 && sitename) {
3475 DBG_NOTICE("no server for name %s available"
3476 " in site %s, fallback to all servers\n",
3477 domain,
3478 sitename);
3479 status = get_dc_list(ctx,
3480 domain,
3481 NULL,
3482 &sa_list,
3483 &count,
3484 lookup_type,
3485 &ordered);
3486 }
3487
3488 if (!NT_STATUS_IS_OK(status)) {
3489 return status;
3490 }
3491
3492 /* only sort if we don't already have an ordered list */
3493 if (!ordered) {
3494 sort_sa_list(sa_list, count);
3495 }
3496
3497 *ret_count = count;
3498 *sa_list_ret = sa_list;
3499 return status;
3500 }
3501
3502 /*********************************************************************
3503 Get the KDC list - re-use all the logic in get_dc_list.
3504 Returns a samba_sockaddr array.
3505 *********************************************************************/
3506
3507 NTSTATUS get_kdc_list(TALLOC_CTX *ctx,
3508 const char *realm,
3509 const char *sitename,
3510 struct samba_sockaddr **sa_list_ret,
3511 size_t *ret_count)
3512 {
3513 size_t count = 0;
3514 struct samba_sockaddr *sa_list = NULL;
3515 bool ordered = false;
3516 NTSTATUS status;
3517
3518 status = get_dc_list(ctx,
3519 realm,
3520 sitename,
3521 &sa_list,
3522 &count,
3523 DC_KDC_ONLY,
3524 &ordered);
3525
3526 if (!NT_STATUS_IS_OK(status)) {
3527 return status;
3528 }
3529
3530 /* only sort if we don't already have an ordered list */
3531 if (!ordered ) {
3532 sort_sa_list(sa_list, count);
3533 }
3534
3535 *ret_count = count;
3536 *sa_list_ret = sa_list;
3537 return status;
3538 }
Samba GIT mirror