search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3-build: remove RPCCLI_WINREG subsystem.
[Samba.git] / source3 / libsmb / namequery.c
blob64452d53a2aa9beac05e83e42a6e61f60c2cfcee
1 /*
2 Unix SMB/CIFS implementation.
3 name query routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "libads/sitename_cache.h"
23 #include "libads/dns.h"
24 #include "../libcli/netlogon/netlogon.h"
25 #include "librpc/gen_ndr/messaging.h"
26 #include "lib/async_req/async_sock.h"
27
28 /* nmbd.c sets this to True. */
29 bool global_in_nmbd = False;
30
31 /****************************
32 * SERVER AFFINITY ROUTINES *
33 ****************************/
34
35 /* Server affinity is the concept of preferring the last domain
36 controller with whom you had a successful conversation */
37
38 /****************************************************************************
39 ****************************************************************************/
40 #define SAFKEY_FMT "SAF/DOMAIN/%s"
41 #define SAF_TTL 900
42 #define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
43 #define SAFJOIN_TTL 3600
44
45 static char *saf_key(const char *domain)
46 {
47 char *keystr;
48
49 asprintf_strupper_m(&keystr, SAFKEY_FMT, domain);
50
51 return keystr;
52 }
53
54 static char *saf_join_key(const char *domain)
55 {
56 char *keystr;
57
58 asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain);
59
60 return keystr;
61 }
62
63 /****************************************************************************
64 ****************************************************************************/
65
66 bool saf_store( const char *domain, const char *servername )
67 {
68 char *key;
69 time_t expire;
70 bool ret = False;
71
72 if ( !domain || !servername ) {
73 DEBUG(2,("saf_store: "
74 "Refusing to store empty domain or servername!\n"));
75 return False;
76 }
77
78 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
79 DEBUG(0,("saf_store: "
80 "refusing to store 0 length domain or servername!\n"));
81 return False;
82 }
83
84 key = saf_key( domain );
85 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
86
87 DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n",
88 domain, servername, (unsigned int)expire ));
89
90 ret = gencache_set( key, servername, expire );
91
92 SAFE_FREE( key );
93
94 return ret;
95 }
96
97 bool saf_join_store( const char *domain, const char *servername )
98 {
99 char *key;
100 time_t expire;
101 bool ret = False;
102
103 if ( !domain || !servername ) {
104 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
105 return False;
106 }
107
108 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
109 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
110 return False;
111 }
112
113 key = saf_join_key( domain );
114 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
115
116 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
117 domain, servername, (unsigned int)expire ));
118
119 ret = gencache_set( key, servername, expire );
120
121 SAFE_FREE( key );
122
123 return ret;
124 }
125
126 bool saf_delete( const char *domain )
127 {
128 char *key;
129 bool ret = False;
130
131 if ( !domain ) {
132 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
133 return False;
134 }
135
136 key = saf_join_key(domain);
137 ret = gencache_del(key);
138 SAFE_FREE(key);
139
140 if (ret) {
141 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
142 }
143
144 key = saf_key(domain);
145 ret = gencache_del(key);
146 SAFE_FREE(key);
147
148 if (ret) {
149 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
150 }
151
152 return ret;
153 }
154
155 /****************************************************************************
156 ****************************************************************************/
157
158 char *saf_fetch( const char *domain )
159 {
160 char *server = NULL;
161 time_t timeout;
162 bool ret = False;
163 char *key = NULL;
164
165 if ( !domain || strlen(domain) == 0) {
166 DEBUG(2,("saf_fetch: Empty domain name!\n"));
167 return NULL;
168 }
169
170 key = saf_join_key( domain );
171
172 ret = gencache_get( key, &server, &timeout );
173
174 SAFE_FREE( key );
175
176 if ( ret ) {
177 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
178 server, domain ));
179 return server;
180 }
181
182 key = saf_key( domain );
183
184 ret = gencache_get( key, &server, &timeout );
185
186 SAFE_FREE( key );
187
188 if ( !ret ) {
189 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
190 domain ));
191 } else {
192 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
193 server, domain ));
194 }
195
196 return server;
197 }
198
199 /****************************************************************************
200 Generate a random trn_id.
201 ****************************************************************************/
202
203 static int generate_trn_id(void)
204 {
205 uint16 id;
206
207 generate_random_buffer((uint8 *)&id, sizeof(id));
208
209 return id % (unsigned)0x7FFF;
210 }
211
212 /****************************************************************************
213 Parse a node status response into an array of structures.
214 ****************************************************************************/
215
216 static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx, char *p,
217 int *num_names,
218 struct node_status_extra *extra)
219 {
220 struct node_status *ret;
221 int i;
222
223 *num_names = CVAL(p,0);
224
225 if (*num_names == 0)
226 return NULL;
227
228 ret = TALLOC_ARRAY(mem_ctx, struct node_status,*num_names);
229 if (!ret)
230 return NULL;
231
232 p++;
233 for (i=0;i< *num_names;i++) {
234 StrnCpy(ret[i].name,p,15);
235 trim_char(ret[i].name,'\0',' ');
236 ret[i].type = CVAL(p,15);
237 ret[i].flags = p[16];
238 p += 18;
239 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
240 ret[i].type, ret[i].flags));
241 }
242 /*
243 * Also, pick up the MAC address ...
244 */
245 if (extra) {
246 memcpy(&extra->mac_addr, p, 6); /* Fill in the mac addr */
247 }
248 return ret;
249 }
250
251 struct sock_packet_read_state {
252 struct tevent_context *ev;
253 enum packet_type type;
254 int trn_id;
255
256 struct nb_packet_reader *reader;
257 struct tevent_req *reader_req;
258
259 int sock;
260 struct tevent_req *socket_req;
261 uint8_t buf[1024];
262 struct sockaddr_storage addr;
263 socklen_t addr_len;
264
265 bool (*validator)(struct packet_struct *p,
266 void *private_data);
267 void *private_data;
268
269 struct packet_struct *packet;
270 };
271
272 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s);
273 static void sock_packet_read_got_packet(struct tevent_req *subreq);
274 static void sock_packet_read_got_socket(struct tevent_req *subreq);
275
276 static struct tevent_req *sock_packet_read_send(
277 TALLOC_CTX *mem_ctx,
278 struct tevent_context *ev,
279 int sock, /* dgram socket */
280 struct nb_packet_reader *reader,
281 enum packet_type type,
282 int trn_id,
283 bool (*validator)(struct packet_struct *p, void *private_data),
284 void *private_data)
285 {
286 struct tevent_req *req;
287 struct sock_packet_read_state *state;
288
289 req = tevent_req_create(mem_ctx, &state,
290 struct sock_packet_read_state);
291 if (req == NULL) {
292 return NULL;
293 }
294 talloc_set_destructor(state, sock_packet_read_state_destructor);
295 state->ev = ev;
296 state->reader = reader;
297 state->sock = sock;
298 state->type = type;
299 state->trn_id = trn_id;
300 state->validator = validator;
301 state->private_data = private_data;
302
303 if (reader != NULL) {
304 state->reader_req = nb_packet_read_send(state, ev, reader);
305 if (tevent_req_nomem(state->reader_req, req)) {
306 return tevent_req_post(req, ev);
307 }
308 tevent_req_set_callback(
309 state->reader_req, sock_packet_read_got_packet, req);
310 }
311
312 state->addr_len = sizeof(state->addr);
313 state->socket_req = recvfrom_send(state, ev, sock,
314 state->buf, sizeof(state->buf), 0,
315 &state->addr, &state->addr_len);
316 if (tevent_req_nomem(state->socket_req, req)) {
317 return tevent_req_post(req, ev);
318 }
319 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
320 req);
321
322 return req;
323 }
324
325 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s)
326 {
327 if (s->packet != NULL) {
328 free_packet(s->packet);
329 s->packet = NULL;
330 }
331 return 0;
332 }
333
334 static void sock_packet_read_got_packet(struct tevent_req *subreq)
335 {
336 struct tevent_req *req = tevent_req_callback_data(
337 subreq, struct tevent_req);
338 struct sock_packet_read_state *state = tevent_req_data(
339 req, struct sock_packet_read_state);
340 NTSTATUS status;
341
342 status = nb_packet_read_recv(subreq, &state->packet);
343
344 TALLOC_FREE(state->reader_req);
345
346 if (!NT_STATUS_IS_OK(status)) {
347 if (state->socket_req != NULL) {
348 /*
349 * Still waiting for socket
350 */
351 return;
352 }
353 /*
354 * Both socket and packet reader failed
355 */
356 tevent_req_nterror(req, status);
357 return;
358 }
359
360 if ((state->validator != NULL) &&
361 !state->validator(state->packet, state->private_data)) {
362 DEBUG(10, ("validator failed\n"));
363
364 free_packet(state->packet);
365 state->packet = NULL;
366
367 state->reader_req = nb_packet_read_send(state, state->ev,
368 state->reader);
369 if (tevent_req_nomem(state->reader_req, req)) {
370 return;
371 }
372 tevent_req_set_callback(
373 state->reader_req, sock_packet_read_got_packet, req);
374 return;
375 }
376
377 TALLOC_FREE(state->socket_req);
378 tevent_req_done(req);
379 }
380
381 static void sock_packet_read_got_socket(struct tevent_req *subreq)
382 {
383 struct tevent_req *req = tevent_req_callback_data(
384 subreq, struct tevent_req);
385 struct sock_packet_read_state *state = tevent_req_data(
386 req, struct sock_packet_read_state);
387 struct sockaddr_in *in_addr;
388 ssize_t received;
389 int err;
390
391 received = recvfrom_recv(subreq, &err);
392
393 TALLOC_FREE(state->socket_req);
394
395 if (received == -1) {
396 if (state->reader_req != NULL) {
397 /*
398 * Still waiting for reader
399 */
400 return;
401 }
402 /*
403 * Both socket and reader failed
404 */
405 tevent_req_nterror(req, map_nt_error_from_unix(err));
406 return;
407 }
408 if (state->addr.ss_family != AF_INET) {
409 goto retry;
410 }
411 in_addr = (struct sockaddr_in *)(void *)&state->addr;
412
413 state->packet = parse_packet((char *)state->buf, received, state->type,
414 in_addr->sin_addr, in_addr->sin_port);
415 if (state->packet == NULL) {
416 DEBUG(10, ("parse_packet failed\n"));
417 goto retry;
418 }
419 if ((state->trn_id != -1) &&
420 (state->trn_id != packet_trn_id(state->packet))) {
421 DEBUG(10, ("Expected transaction id %d, got %d\n",
422 state->trn_id, packet_trn_id(state->packet)));
423 goto retry;
424 }
425
426 if ((state->validator != NULL) &&
427 !state->validator(state->packet, state->private_data)) {
428 DEBUG(10, ("validator failed\n"));
429 goto retry;
430 }
431
432 tevent_req_done(req);
433 return;
434
435 retry:
436 if (state->packet != NULL) {
437 free_packet(state->packet);
438 state->packet = NULL;
439 }
440 state->socket_req = recvfrom_send(state, state->ev, state->sock,
441 state->buf, sizeof(state->buf), 0,
442 &state->addr, &state->addr_len);
443 if (tevent_req_nomem(state->socket_req, req)) {
444 return;
445 }
446 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
447 req);
448 }
449
450 static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
451 struct packet_struct **ppacket)
452 {
453 struct sock_packet_read_state *state = tevent_req_data(
454 req, struct sock_packet_read_state);
455 NTSTATUS status;
456
457 if (tevent_req_is_nterror(req, &status)) {
458 return status;
459 }
460 *ppacket = state->packet;
461 state->packet = NULL;
462 return NT_STATUS_OK;
463 }
464
465 struct nb_trans_state {
466 struct tevent_context *ev;
467 int sock;
468 struct nb_packet_reader *reader;
469
470 const struct sockaddr_storage *dst_addr;
471 uint8_t *buf;
472 size_t buflen;
473 enum packet_type type;
474 int trn_id;
475
476 bool (*validator)(struct packet_struct *p,
477 void *private_data);
478 void *private_data;
479
480 struct packet_struct *packet;
481 };
482
483 static int nb_trans_state_destructor(struct nb_trans_state *s);
484 static void nb_trans_got_reader(struct tevent_req *subreq);
485 static void nb_trans_done(struct tevent_req *subreq);
486 static void nb_trans_sent(struct tevent_req *subreq);
487 static void nb_trans_send_next(struct tevent_req *subreq);
488
489 static struct tevent_req *nb_trans_send(
490 TALLOC_CTX *mem_ctx,
491 struct tevent_context *ev,
492 const struct sockaddr_storage *my_addr,
493 const struct sockaddr_storage *dst_addr,
494 bool bcast,
495 uint8_t *buf, size_t buflen,
496 enum packet_type type, int trn_id,
497 bool (*validator)(struct packet_struct *p,
498 void *private_data),
499 void *private_data)
500 {
501 struct tevent_req *req, *subreq;
502 struct nb_trans_state *state;
503
504 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
505 if (req == NULL) {
506 return NULL;
507 }
508 talloc_set_destructor(state, nb_trans_state_destructor);
509 state->ev = ev;
510 state->dst_addr = dst_addr;
511 state->buf = buf;
512 state->buflen = buflen;
513 state->type = type;
514 state->trn_id = trn_id;
515 state->validator = validator;
516 state->private_data = private_data;
517
518 state->sock = open_socket_in(SOCK_DGRAM, 0, 3, my_addr, True);
519 if (state->sock == -1) {
520 tevent_req_nterror(req, map_nt_error_from_unix(errno));
521 DEBUG(10, ("open_socket_in failed: %s\n", strerror(errno)));
522 return tevent_req_post(req, ev);
523 }
524
525 if (bcast) {
526 set_socket_options(state->sock,"SO_BROADCAST");
527 }
528
529 subreq = nb_packet_reader_send(state, ev, type, state->trn_id, NULL);
530 if (tevent_req_nomem(subreq, req)) {
531 return tevent_req_post(req, ev);
532 }
533 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
534 return req;
535 }
536
537 static int nb_trans_state_destructor(struct nb_trans_state *s)
538 {
539 if (s->sock != -1) {
540 close(s->sock);
541 s->sock = -1;
542 }
543 if (s->packet != NULL) {
544 free_packet(s->packet);
545 s->packet = NULL;
546 }
547 return 0;
548 }
549
550 static void nb_trans_got_reader(struct tevent_req *subreq)
551 {
552 struct tevent_req *req = tevent_req_callback_data(
553 subreq, struct tevent_req);
554 struct nb_trans_state *state = tevent_req_data(
555 req, struct nb_trans_state);
556 NTSTATUS status;
557
558 status = nb_packet_reader_recv(subreq, state, &state->reader);
559 TALLOC_FREE(subreq);
560
561 if (!NT_STATUS_IS_OK(status)) {
562 DEBUG(10, ("nmbd not around\n"));
563 state->reader = NULL;
564 }
565
566 subreq = sock_packet_read_send(
567 state, state->ev, state->sock,
568 state->reader, state->type, state->trn_id,
569 state->validator, state->private_data);
570 if (tevent_req_nomem(subreq, req)) {
571 return;
572 }
573 tevent_req_set_callback(subreq, nb_trans_done, req);
574
575 subreq = sendto_send(state, state->ev, state->sock,
576 state->buf, state->buflen, 0, state->dst_addr);
577 if (tevent_req_nomem(subreq, req)) {
578 return;
579 }
580 tevent_req_set_callback(subreq, nb_trans_sent, req);
581 }
582
583 static void nb_trans_sent(struct tevent_req *subreq)
584 {
585 struct tevent_req *req = tevent_req_callback_data(
586 subreq, struct tevent_req);
587 struct nb_trans_state *state = tevent_req_data(
588 req, struct nb_trans_state);
589 ssize_t sent;
590 int err;
591
592 sent = sendto_recv(subreq, &err);
593 TALLOC_FREE(subreq);
594 if (sent == -1) {
595 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
596 tevent_req_nterror(req, map_nt_error_from_unix(err));
597 return;
598 }
599 subreq = tevent_wakeup_send(state, state->ev,
600 timeval_current_ofs(1, 0));
601 if (tevent_req_nomem(subreq, req)) {
602 return;
603 }
604 tevent_req_set_callback(subreq, nb_trans_send_next, req);
605 }
606
607 static void nb_trans_send_next(struct tevent_req *subreq)
608 {
609 struct tevent_req *req = tevent_req_callback_data(
610 subreq, struct tevent_req);
611 struct nb_trans_state *state = tevent_req_data(
612 req, struct nb_trans_state);
613 bool ret;
614
615 ret = tevent_wakeup_recv(subreq);
616 TALLOC_FREE(subreq);
617 if (!ret) {
618 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
619 return;
620 }
621 subreq = sendto_send(state, state->ev, state->sock,
622 state->buf, state->buflen, 0, state->dst_addr);
623 if (tevent_req_nomem(subreq, req)) {
624 return;
625 }
626 tevent_req_set_callback(subreq, nb_trans_sent, req);
627 }
628
629 static void nb_trans_done(struct tevent_req *subreq)
630 {
631 struct tevent_req *req = tevent_req_callback_data(
632 subreq, struct tevent_req);
633 struct nb_trans_state *state = tevent_req_data(
634 req, struct nb_trans_state);
635 NTSTATUS status;
636
637 status = sock_packet_read_recv(subreq, &state->packet);
638 TALLOC_FREE(subreq);
639 if (tevent_req_nterror(req, status)) {
640 return;
641 }
642 tevent_req_done(req);
643 }
644
645 static NTSTATUS nb_trans_recv(struct tevent_req *req,
646 struct packet_struct **ppacket)
647 {
648 struct nb_trans_state *state = tevent_req_data(
649 req, struct nb_trans_state);
650 NTSTATUS status;
651
652 if (tevent_req_is_nterror(req, &status)) {
653 return status;
654 }
655 *ppacket = state->packet;
656 state->packet = NULL;
657 return NT_STATUS_OK;
658 }
659
660 /****************************************************************************
661 Do a NBT node status query on an open socket and return an array of
662 structures holding the returned names or NULL if the query failed.
663 **************************************************************************/
664
665 struct node_status_query_state {
666 struct sockaddr_storage my_addr;
667 struct sockaddr_storage addr;
668 uint8_t buf[1024];
669 ssize_t buflen;
670 struct packet_struct *packet;
671 };
672
673 static int node_status_query_state_destructor(
674 struct node_status_query_state *s);
675 static bool node_status_query_validator(struct packet_struct *p,
676 void *private_data);
677 static void node_status_query_done(struct tevent_req *subreq);
678
679 struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
680 struct tevent_context *ev,
681 struct nmb_name *name,
682 const struct sockaddr_storage *addr)
683 {
684 struct tevent_req *req, *subreq;
685 struct node_status_query_state *state;
686 struct packet_struct p;
687 struct nmb_packet *nmb = &p.packet.nmb;
688 struct sockaddr_in *in_addr;
689
690 req = tevent_req_create(mem_ctx, &state,
691 struct node_status_query_state);
692 if (req == NULL) {
693 return NULL;
694 }
695 talloc_set_destructor(state, node_status_query_state_destructor);
696
697 if (addr->ss_family != AF_INET) {
698 /* Can't do node status to IPv6 */
699 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
700 return tevent_req_post(req, ev);
701 }
702
703 state->addr = *addr;
704 in_addr = (struct sockaddr_in *)(void *)&state->addr;
705 in_addr->sin_port = htons(NMB_PORT);
706
707 if (!interpret_string_addr(&state->my_addr, lp_socket_address(),
708 AI_NUMERICHOST|AI_PASSIVE)) {
709 zero_sockaddr(&state->my_addr);
710 }
711
712 ZERO_STRUCT(p);
713 nmb->header.name_trn_id = generate_trn_id();
714 nmb->header.opcode = 0;
715 nmb->header.response = false;
716 nmb->header.nm_flags.bcast = false;
717 nmb->header.nm_flags.recursion_available = false;
718 nmb->header.nm_flags.recursion_desired = false;
719 nmb->header.nm_flags.trunc = false;
720 nmb->header.nm_flags.authoritative = false;
721 nmb->header.rcode = 0;
722 nmb->header.qdcount = 1;
723 nmb->header.ancount = 0;
724 nmb->header.nscount = 0;
725 nmb->header.arcount = 0;
726 nmb->question.question_name = *name;
727 nmb->question.question_type = 0x21;
728 nmb->question.question_class = 0x1;
729
730 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
731 &p);
732 if (state->buflen == 0) {
733 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
734 DEBUG(10, ("build_packet failed\n"));
735 return tevent_req_post(req, ev);
736 }
737
738 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, false,
739 state->buf, state->buflen,
740 NMB_PACKET, nmb->header.name_trn_id,
741 node_status_query_validator, NULL);
742 if (tevent_req_nomem(subreq, req)) {
743 DEBUG(10, ("nb_trans_send failed\n"));
744 return tevent_req_post(req, ev);
745 }
746 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
747 return tevent_req_post(req, ev);
748 }
749 tevent_req_set_callback(subreq, node_status_query_done, req);
750 return req;
751 }
752
753 static bool node_status_query_validator(struct packet_struct *p,
754 void *private_data)
755 {
756 struct nmb_packet *nmb = &p->packet.nmb;
757 debug_nmb_packet(p);
758
759 if (nmb->header.opcode != 0 ||
760 nmb->header.nm_flags.bcast ||
761 nmb->header.rcode ||
762 !nmb->header.ancount ||
763 nmb->answers->rr_type != 0x21) {
764 /*
765 * XXXX what do we do with this? could be a redirect,
766 * but we'll discard it for the moment
767 */
768 return false;
769 }
770 return true;
771 }
772
773 static int node_status_query_state_destructor(
774 struct node_status_query_state *s)
775 {
776 if (s->packet != NULL) {
777 free_packet(s->packet);
778 s->packet = NULL;
779 }
780 return 0;
781 }
782
783 static void node_status_query_done(struct tevent_req *subreq)
784 {
785 struct tevent_req *req = tevent_req_callback_data(
786 subreq, struct tevent_req);
787 struct node_status_query_state *state = tevent_req_data(
788 req, struct node_status_query_state);
789 NTSTATUS status;
790
791 status = nb_trans_recv(subreq, &state->packet);
792 TALLOC_FREE(subreq);
793 if (tevent_req_nterror(req, status)) {
794 return;
795 }
796 tevent_req_done(req);
797 }
798
799 NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
800 struct node_status **pnode_status,
801 int *pnum_names,
802 struct node_status_extra *extra)
803 {
804 struct node_status_query_state *state = tevent_req_data(
805 req, struct node_status_query_state);
806 struct node_status *node_status;
807 int num_names;
808 NTSTATUS status;
809
810 if (tevent_req_is_nterror(req, &status)) {
811 return status;
812 }
813 node_status = parse_node_status(
814 mem_ctx, &state->packet->packet.nmb.answers->rdata[0],
815 &num_names, extra);
816 if (node_status == NULL) {
817 return NT_STATUS_NO_MEMORY;
818 }
819 *pnode_status = node_status;
820 *pnum_names = num_names;
821 return NT_STATUS_OK;
822 }
823
824 NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
825 const struct sockaddr_storage *addr,
826 struct node_status **pnode_status,
827 int *pnum_names,
828 struct node_status_extra *extra)
829 {
830 TALLOC_CTX *frame = talloc_stackframe();
831 struct tevent_context *ev;
832 struct tevent_req *req;
833 NTSTATUS status = NT_STATUS_NO_MEMORY;
834
835 ev = tevent_context_init(frame);
836 if (ev == NULL) {
837 goto fail;
838 }
839 req = node_status_query_send(ev, ev, name, addr);
840 if (req == NULL) {
841 goto fail;
842 }
843 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
844 goto fail;
845 }
846 status = node_status_query_recv(req, mem_ctx, pnode_status,
847 pnum_names, extra);
848 fail:
849 TALLOC_FREE(frame);
850 return status;
851 }
852
853 /****************************************************************************
854 Find the first type XX name in a node status reply - used for finding
855 a servers name given its IP. Return the matched name in *name.
856 **************************************************************************/
857
858 bool name_status_find(const char *q_name,
859 int q_type,
860 int type,
861 const struct sockaddr_storage *to_ss,
862 fstring name)
863 {
864 char addr[INET6_ADDRSTRLEN];
865 struct sockaddr_storage ss;
866 struct node_status *addrs = NULL;
867 struct nmb_name nname;
868 int count, i;
869 bool result = false;
870 NTSTATUS status;
871
872 if (lp_disable_netbios()) {
873 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
874 q_name, q_type));
875 return False;
876 }
877
878 print_sockaddr(addr, sizeof(addr), to_ss);
879
880 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
881 q_type, addr));
882
883 /* Check the cache first. */
884
885 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
886 return True;
887 }
888
889 if (to_ss->ss_family != AF_INET) {
890 /* Can't do node status to IPv6 */
891 return false;
892 }
893
894 if (!interpret_string_addr(&ss, lp_socket_address(),
895 AI_NUMERICHOST|AI_PASSIVE)) {
896 zero_sockaddr(&ss);
897 }
898
899 /* W2K PDC's seem not to respond to '*'#0. JRA */
900 make_nmb_name(&nname, q_name, q_type);
901 status = node_status_query(talloc_tos(), &nname, to_ss,
902 &addrs, &count, NULL);
903 if (!NT_STATUS_IS_OK(status)) {
904 goto done;
905 }
906
907 for (i=0;i<count;i++) {
908 /* Find first one of the requested type that's not a GROUP. */
909 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
910 break;
911 }
912 if (i == count)
913 goto done;
914
915 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
916
917 /* Store the result in the cache. */
918 /* but don't store an entry for 0x1c names here. Here we have
919 a single host and DOMAIN<0x1c> names should be a list of hosts */
920
921 if ( q_type != 0x1c ) {
922 namecache_status_store(q_name, q_type, type, to_ss, name);
923 }
924
925 result = true;
926
927 done:
928 TALLOC_FREE(addrs);
929
930 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
931
932 if (result)
933 DEBUGADD(10, (", name %s ip address is %s", name, addr));
934
935 DEBUG(10, ("\n"));
936
937 return result;
938 }
939
940 /*
941 comparison function used by sort_addr_list
942 */
943
944 static int addr_compare(const struct sockaddr_storage *ss1,
945 const struct sockaddr_storage *ss2)
946 {
947 int max_bits1=0, max_bits2=0;
948 int num_interfaces = iface_count();
949 int i;
950
951 /* Sort IPv4 addresses first. */
952 if (ss1->ss_family != ss2->ss_family) {
953 if (ss2->ss_family == AF_INET) {
954 return 1;
955 } else {
956 return -1;
957 }
958 }
959
960 /* Here we know both addresses are of the same
961 * family. */
962
963 for (i=0;i<num_interfaces;i++) {
964 const struct sockaddr_storage *pss = iface_n_bcast(i);
965 unsigned char *p_ss1 = NULL;
966 unsigned char *p_ss2 = NULL;
967 unsigned char *p_if = NULL;
968 size_t len = 0;
969 int bits1, bits2;
970
971 if (pss->ss_family != ss1->ss_family) {
972 /* Ignore interfaces of the wrong type. */
973 continue;
974 }
975 if (pss->ss_family == AF_INET) {
976 p_if = (unsigned char *)
977 &((const struct sockaddr_in *)pss)->sin_addr;
978 p_ss1 = (unsigned char *)
979 &((const struct sockaddr_in *)ss1)->sin_addr;
980 p_ss2 = (unsigned char *)
981 &((const struct sockaddr_in *)ss2)->sin_addr;
982 len = 4;
983 }
984 #if defined(HAVE_IPV6)
985 if (pss->ss_family == AF_INET6) {
986 p_if = (unsigned char *)
987 &((const struct sockaddr_in6 *)pss)->sin6_addr;
988 p_ss1 = (unsigned char *)
989 &((const struct sockaddr_in6 *)ss1)->sin6_addr;
990 p_ss2 = (unsigned char *)
991 &((const struct sockaddr_in6 *)ss2)->sin6_addr;
992 len = 16;
993 }
994 #endif
995 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
996 continue;
997 }
998 bits1 = matching_len_bits(p_ss1, p_if, len);
999 bits2 = matching_len_bits(p_ss2, p_if, len);
1000 max_bits1 = MAX(bits1, max_bits1);
1001 max_bits2 = MAX(bits2, max_bits2);
1002 }
1003
1004 /* Bias towards directly reachable IPs */
1005 if (iface_local((struct sockaddr *)ss1)) {
1006 if (ss1->ss_family == AF_INET) {
1007 max_bits1 += 32;
1008 } else {
1009 max_bits1 += 128;
1010 }
1011 }
1012 if (iface_local((struct sockaddr *)ss2)) {
1013 if (ss2->ss_family == AF_INET) {
1014 max_bits2 += 32;
1015 } else {
1016 max_bits2 += 128;
1017 }
1018 }
1019 return max_bits2 - max_bits1;
1020 }
1021
1022 /*******************************************************************
1023 compare 2 ldap IPs by nearness to our interfaces - used in qsort
1024 *******************************************************************/
1025
1026 int ip_service_compare(struct ip_service *ss1, struct ip_service *ss2)
1027 {
1028 int result;
1029
1030 if ((result = addr_compare(&ss1->ss, &ss2->ss)) != 0) {
1031 return result;
1032 }
1033
1034 if (ss1->port > ss2->port) {
1035 return 1;
1036 }
1037
1038 if (ss1->port < ss2->port) {
1039 return -1;
1040 }
1041
1042 return 0;
1043 }
1044
1045 /*
1046 sort an IP list so that names that are close to one of our interfaces
1047 are at the top. This prevents the problem where a WINS server returns an IP
1048 that is not reachable from our subnet as the first match
1049 */
1050
1051 static void sort_addr_list(struct sockaddr_storage *sslist, int count)
1052 {
1053 if (count <= 1) {
1054 return;
1055 }
1056
1057 TYPESAFE_QSORT(sslist, count, addr_compare);
1058 }
1059
1060 static void sort_service_list(struct ip_service *servlist, int count)
1061 {
1062 if (count <= 1) {
1063 return;
1064 }
1065
1066 TYPESAFE_QSORT(servlist, count, ip_service_compare);
1067 }
1068
1069 /**********************************************************************
1070 Remove any duplicate address/port pairs in the list
1071 *********************************************************************/
1072
1073 static int remove_duplicate_addrs2(struct ip_service *iplist, int count )
1074 {
1075 int i, j;
1076
1077 DEBUG(10,("remove_duplicate_addrs2: "
1078 "looking for duplicate address/port pairs\n"));
1079
1080 /* one loop to remove duplicates */
1081 for ( i=0; i<count; i++ ) {
1082 if ( is_zero_addr((struct sockaddr *)&iplist[i].ss)) {
1083 continue;
1084 }
1085
1086 for ( j=i+1; j<count; j++ ) {
1087 if (sockaddr_equal((struct sockaddr *)&iplist[i].ss, (struct sockaddr *)&iplist[j].ss) &&
1088 iplist[i].port == iplist[j].port) {
1089 zero_sockaddr(&iplist[j].ss);
1090 }
1091 }
1092 }
1093
1094 /* one loop to clean up any holes we left */
1095 /* first ip should never be a zero_ip() */
1096 for (i = 0; i<count; ) {
1097 if (is_zero_addr((struct sockaddr *)&iplist[i].ss) ) {
1098 if (i != count-1) {
1099 memmove(&iplist[i], &iplist[i+1],
1100 (count - i - 1)*sizeof(iplist[i]));
1101 }
1102 count--;
1103 continue;
1104 }
1105 i++;
1106 }
1107
1108 return count;
1109 }
1110
1111 static bool prioritize_ipv4_list(struct ip_service *iplist, int count)
1112 {
1113 TALLOC_CTX *frame = talloc_stackframe();
1114 struct ip_service *iplist_new = TALLOC_ARRAY(frame, struct ip_service, count);
1115 int i, j;
1116
1117 if (iplist_new == NULL) {
1118 TALLOC_FREE(frame);
1119 return false;
1120 }
1121
1122 j = 0;
1123
1124 /* Copy IPv4 first. */
1125 for (i = 0; i < count; i++) {
1126 if (iplist[i].ss.ss_family == AF_INET) {
1127 iplist_new[j++] = iplist[i];
1128 }
1129 }
1130
1131 /* Copy IPv6. */
1132 for (i = 0; i < count; i++) {
1133 if (iplist[i].ss.ss_family != AF_INET) {
1134 iplist_new[j++] = iplist[i];
1135 }
1136 }
1137
1138 memcpy(iplist, iplist_new, sizeof(struct ip_service)*count);
1139 TALLOC_FREE(frame);
1140 return true;
1141 }
1142
1143 /****************************************************************************
1144 Do a netbios name query to find someones IP.
1145 Returns an array of IP addresses or NULL if none.
1146 *count will be set to the number of addresses returned.
1147 *timed_out is set if we failed by timing out
1148 ****************************************************************************/
1149
1150 struct name_query_state {
1151 struct sockaddr_storage my_addr;
1152 struct sockaddr_storage addr;
1153 bool bcast;
1154
1155
1156 uint8_t buf[1024];
1157 ssize_t buflen;
1158
1159 NTSTATUS validate_error;
1160 uint8_t flags;
1161
1162 struct sockaddr_storage *addrs;
1163 int num_addrs;
1164 };
1165
1166 static bool name_query_validator(struct packet_struct *p, void *private_data);
1167 static void name_query_done(struct tevent_req *subreq);
1168
1169 struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1170 struct tevent_context *ev,
1171 const char *name, int name_type,
1172 bool bcast, bool recurse,
1173 const struct sockaddr_storage *addr)
1174 {
1175 struct tevent_req *req, *subreq;
1176 struct name_query_state *state;
1177 struct packet_struct p;
1178 struct nmb_packet *nmb = &p.packet.nmb;
1179 struct sockaddr_in *in_addr;
1180 struct timeval timeout;
1181
1182 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1183 if (req == NULL) {
1184 return NULL;
1185 }
1186 state->bcast = bcast;
1187
1188 if (addr->ss_family != AF_INET) {
1189 /* Can't do node status to IPv6 */
1190 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1191 return tevent_req_post(req, ev);
1192 }
1193
1194 if (lp_disable_netbios()) {
1195 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1196 name, name_type));
1197 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1198 return tevent_req_post(req, ev);
1199 }
1200
1201 state->addr = *addr;
1202 in_addr = (struct sockaddr_in *)(void *)&state->addr;
1203 in_addr->sin_port = htons(NMB_PORT);
1204
1205 if (!interpret_string_addr(&state->my_addr, lp_socket_address(),
1206 AI_NUMERICHOST|AI_PASSIVE)) {
1207 zero_sockaddr(&state->my_addr);
1208 }
1209
1210 ZERO_STRUCT(p);
1211 nmb->header.name_trn_id = generate_trn_id();
1212 nmb->header.opcode = 0;
1213 nmb->header.response = false;
1214 nmb->header.nm_flags.bcast = bcast;
1215 nmb->header.nm_flags.recursion_available = false;
1216 nmb->header.nm_flags.recursion_desired = recurse;
1217 nmb->header.nm_flags.trunc = false;
1218 nmb->header.nm_flags.authoritative = false;
1219 nmb->header.rcode = 0;
1220 nmb->header.qdcount = 1;
1221 nmb->header.ancount = 0;
1222 nmb->header.nscount = 0;
1223 nmb->header.arcount = 0;
1224
1225 make_nmb_name(&nmb->question.question_name,name,name_type);
1226
1227 nmb->question.question_type = 0x20;
1228 nmb->question.question_class = 0x1;
1229
1230 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1231 &p);
1232 if (state->buflen == 0) {
1233 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1234 DEBUG(10, ("build_packet failed\n"));
1235 return tevent_req_post(req, ev);
1236 }
1237
1238 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, bcast,
1239 state->buf, state->buflen,
1240 NMB_PACKET, nmb->header.name_trn_id,
1241 name_query_validator, state);
1242 if (tevent_req_nomem(subreq, req)) {
1243 DEBUG(10, ("nb_trans_send failed\n"));
1244 return tevent_req_post(req, ev);
1245 }
1246 if (bcast) {
1247 timeout = timeval_current_ofs(0, 250000);
1248 } else {
1249 timeout = timeval_current_ofs(2, 0);
1250 }
1251 if (!tevent_req_set_endtime(req, ev, timeout)) {
1252 return tevent_req_post(req, ev);
1253 }
1254 tevent_req_set_callback(subreq, name_query_done, req);
1255 return req;
1256 }
1257
1258 static bool name_query_validator(struct packet_struct *p, void *private_data)
1259 {
1260 struct name_query_state *state = talloc_get_type_abort(
1261 private_data, struct name_query_state);
1262 struct nmb_packet *nmb = &p->packet.nmb;
1263 struct sockaddr_storage *tmp_addrs;
1264 int i;
1265
1266 debug_nmb_packet(p);
1267
1268 /*
1269 * If we get a Negative Name Query Response from a WINS
1270 * server, we should report it and give up.
1271 */
1272 if( 0 == nmb->header.opcode /* A query response */
1273 && !state->bcast /* from a WINS server */
1274 && nmb->header.rcode /* Error returned */
1275 ) {
1276
1277 if( DEBUGLVL( 3 ) ) {
1278 /* Only executed if DEBUGLEVEL >= 3 */
1279 dbgtext( "Negative name query "
1280 "response, rcode 0x%02x: ",
1281 nmb->header.rcode );
1282 switch( nmb->header.rcode ) {
1283 case 0x01:
1284 dbgtext("Request was invalidly formatted.\n");
1285 break;
1286 case 0x02:
1287 dbgtext("Problem with NBNS, cannot process "
1288 "name.\n");
1289 break;
1290 case 0x03:
1291 dbgtext("The name requested does not "
1292 "exist.\n");
1293 break;
1294 case 0x04:
1295 dbgtext("Unsupported request error.\n");
1296 break;
1297 case 0x05:
1298 dbgtext("Query refused error.\n");
1299 break;
1300 default:
1301 dbgtext("Unrecognized error code.\n" );
1302 break;
1303 }
1304 }
1305
1306 /*
1307 * We accept this packet as valid, but tell the upper
1308 * layers that it's a negative response.
1309 */
1310 state->validate_error = NT_STATUS_NOT_FOUND;
1311 return true;
1312 }
1313
1314 if (nmb->header.opcode != 0 ||
1315 nmb->header.nm_flags.bcast ||
1316 nmb->header.rcode ||
1317 !nmb->header.ancount) {
1318 /*
1319 * XXXX what do we do with this? Could be a redirect,
1320 * but we'll discard it for the moment.
1321 */
1322 return false;
1323 }
1324
1325 tmp_addrs = TALLOC_REALLOC_ARRAY(
1326 state, state->addrs, struct sockaddr_storage,
1327 state->num_addrs + nmb->answers->rdlength/6);
1328 if (tmp_addrs == NULL) {
1329 state->validate_error = NT_STATUS_NO_MEMORY;
1330 return true;
1331 }
1332 state->addrs = tmp_addrs;
1333
1334 DEBUG(2,("Got a positive name query response "
1335 "from %s ( ", inet_ntoa(p->ip)));
1336
1337 for (i=0; i<nmb->answers->rdlength/6; i++) {
1338 struct in_addr ip;
1339 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1340 in_addr_to_sockaddr_storage(
1341 &state->addrs[state->num_addrs], ip);
1342 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1343 state->num_addrs += 1;
1344 }
1345 DEBUGADD(2,(")\n"));
1346
1347 /* We add the flags back ... */
1348 if (nmb->header.response)
1349 state->flags |= NM_FLAGS_RS;
1350 if (nmb->header.nm_flags.authoritative)
1351 state->flags |= NM_FLAGS_AA;
1352 if (nmb->header.nm_flags.trunc)
1353 state->flags |= NM_FLAGS_TC;
1354 if (nmb->header.nm_flags.recursion_desired)
1355 state->flags |= NM_FLAGS_RD;
1356 if (nmb->header.nm_flags.recursion_available)
1357 state->flags |= NM_FLAGS_RA;
1358 if (nmb->header.nm_flags.bcast)
1359 state->flags |= NM_FLAGS_B;
1360
1361 if (state->bcast) {
1362 /*
1363 * We have to collect all entries coming in from
1364 * broadcast queries
1365 */
1366 return false;
1367 }
1368 /*
1369 * WINS responses are accepted when they are received
1370 */
1371 return true;
1372 }
1373
1374 static void name_query_done(struct tevent_req *subreq)
1375 {
1376 struct tevent_req *req = tevent_req_callback_data(
1377 subreq, struct tevent_req);
1378 struct name_query_state *state = tevent_req_data(
1379 req, struct name_query_state);
1380 NTSTATUS status;
1381 struct packet_struct *p = NULL;
1382
1383 status = nb_trans_recv(subreq, &p);
1384 TALLOC_FREE(subreq);
1385 if (tevent_req_nterror(req, status)) {
1386 return;
1387 }
1388 if (!NT_STATUS_IS_OK(state->validate_error)) {
1389 tevent_req_nterror(req, state->validate_error);
1390 return;
1391 }
1392 if (p != NULL) {
1393 /*
1394 * Free the packet here, we've collected the response in the
1395 * validator
1396 */
1397 free_packet(p);
1398 }
1399 tevent_req_done(req);
1400 }
1401
1402 NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1403 struct sockaddr_storage **addrs, int *num_addrs,
1404 uint8_t *flags)
1405 {
1406 struct name_query_state *state = tevent_req_data(
1407 req, struct name_query_state);
1408 NTSTATUS status;
1409
1410 if (tevent_req_is_nterror(req, &status)
1411 && !NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1412 return status;
1413 }
1414 if (state->num_addrs == 0) {
1415 return NT_STATUS_NOT_FOUND;
1416 }
1417 *addrs = talloc_move(mem_ctx, &state->addrs);
1418 sort_addr_list(*addrs, state->num_addrs);
1419 *num_addrs = state->num_addrs;
1420 if (flags != NULL) {
1421 *flags = state->flags;
1422 }
1423 return NT_STATUS_OK;
1424 }
1425
1426 NTSTATUS name_query(const char *name, int name_type,
1427 bool bcast, bool recurse,
1428 const struct sockaddr_storage *to_ss,
1429 TALLOC_CTX *mem_ctx,
1430 struct sockaddr_storage **addrs,
1431 int *num_addrs, uint8_t *flags)
1432 {
1433 TALLOC_CTX *frame = talloc_stackframe();
1434 struct tevent_context *ev;
1435 struct tevent_req *req;
1436 NTSTATUS status = NT_STATUS_NO_MEMORY;
1437
1438 ev = tevent_context_init(frame);
1439 if (ev == NULL) {
1440 goto fail;
1441 }
1442 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1443 if (req == NULL) {
1444 goto fail;
1445 }
1446 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1447 goto fail;
1448 }
1449 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1450 fail:
1451 TALLOC_FREE(frame);
1452 return status;
1453 }
1454
1455 /********************************************************
1456 convert an array if struct sockaddr_storage to struct ip_service
1457 return false on failure. Port is set to PORT_NONE;
1458 *********************************************************/
1459
1460 static bool convert_ss2service(struct ip_service **return_iplist,
1461 const struct sockaddr_storage *ss_list,
1462 int count)
1463 {
1464 int i;
1465
1466 if ( count==0 || !ss_list )
1467 return False;
1468
1469 /* copy the ip address; port will be PORT_NONE */
1470 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, count)) ==
1471 NULL) {
1472 DEBUG(0,("convert_ip2service: malloc failed "
1473 "for %d enetries!\n", count ));
1474 return False;
1475 }
1476
1477 for ( i=0; i<count; i++ ) {
1478 (*return_iplist)[i].ss = ss_list[i];
1479 (*return_iplist)[i].port = PORT_NONE;
1480 }
1481
1482 return true;
1483 }
1484
1485 /********************************************************
1486 Resolve via "bcast" method.
1487 *********************************************************/
1488
1489 NTSTATUS name_resolve_bcast(const char *name,
1490 int name_type,
1491 struct ip_service **return_iplist,
1492 int *return_count)
1493 {
1494 int i;
1495 int num_interfaces = iface_count();
1496 struct sockaddr_storage *ss_list;
1497 struct sockaddr_storage ss;
1498 NTSTATUS status = NT_STATUS_NOT_FOUND;
1499
1500 if (lp_disable_netbios()) {
1501 DEBUG(5,("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1502 name, name_type));
1503 return NT_STATUS_INVALID_PARAMETER;
1504 }
1505
1506 *return_iplist = NULL;
1507 *return_count = 0;
1508
1509 /*
1510 * "bcast" means do a broadcast lookup on all the local interfaces.
1511 */
1512
1513 DEBUG(3,("name_resolve_bcast: Attempting broadcast lookup "
1514 "for name %s<0x%x>\n", name, name_type));
1515
1516 if (!interpret_string_addr(&ss, lp_socket_address(),
1517 AI_NUMERICHOST|AI_PASSIVE)) {
1518 zero_sockaddr(&ss);
1519 }
1520
1521 /*
1522 * Lookup the name on all the interfaces, return on
1523 * the first successful match.
1524 */
1525 for( i = num_interfaces-1; i >= 0; i--) {
1526 const struct sockaddr_storage *pss = iface_n_bcast(i);
1527
1528 /* Done this way to fix compiler error on IRIX 5.x */
1529 if (!pss) {
1530 continue;
1531 }
1532 status = name_query(name, name_type, true, true, pss,
1533 talloc_tos(), &ss_list, return_count,
1534 NULL);
1535 if (NT_STATUS_IS_OK(status)) {
1536 goto success;
1537 }
1538 }
1539
1540 /* failed - no response */
1541
1542 return status;
1543
1544 success:
1545
1546 if (!convert_ss2service(return_iplist, ss_list, *return_count) )
1547 status = NT_STATUS_NO_MEMORY;
1548
1549 TALLOC_FREE(ss_list);
1550 return status;
1551 }
1552
1553 /********************************************************
1554 Resolve via "wins" method.
1555 *********************************************************/
1556
1557 NTSTATUS resolve_wins(const char *name,
1558 int name_type,
1559 struct ip_service **return_iplist,
1560 int *return_count)
1561 {
1562 int t, i;
1563 char **wins_tags;
1564 struct sockaddr_storage src_ss, *ss_list = NULL;
1565 struct in_addr src_ip;
1566 NTSTATUS status;
1567
1568 if (lp_disable_netbios()) {
1569 DEBUG(5,("resolve_wins(%s#%02x): netbios is disabled\n",
1570 name, name_type));
1571 return NT_STATUS_INVALID_PARAMETER;
1572 }
1573
1574 *return_iplist = NULL;
1575 *return_count = 0;
1576
1577 DEBUG(3,("resolve_wins: Attempting wins lookup for name %s<0x%x>\n",
1578 name, name_type));
1579
1580 if (wins_srv_count() < 1) {
1581 DEBUG(3,("resolve_wins: WINS server resolution selected "
1582 "and no WINS servers listed.\n"));
1583 return NT_STATUS_INVALID_PARAMETER;
1584 }
1585
1586 /* we try a lookup on each of the WINS tags in turn */
1587 wins_tags = wins_srv_tags();
1588
1589 if (!wins_tags) {
1590 /* huh? no tags?? give up in disgust */
1591 return NT_STATUS_INVALID_PARAMETER;
1592 }
1593
1594 /* the address we will be sending from */
1595 if (!interpret_string_addr(&src_ss, lp_socket_address(),
1596 AI_NUMERICHOST|AI_PASSIVE)) {
1597 zero_sockaddr(&src_ss);
1598 }
1599
1600 if (src_ss.ss_family != AF_INET) {
1601 char addr[INET6_ADDRSTRLEN];
1602 print_sockaddr(addr, sizeof(addr), &src_ss);
1603 DEBUG(3,("resolve_wins: cannot receive WINS replies "
1604 "on IPv6 address %s\n",
1605 addr));
1606 wins_srv_tags_free(wins_tags);
1607 return NT_STATUS_INVALID_PARAMETER;
1608 }
1609
1610 src_ip = ((struct sockaddr_in *)&src_ss)->sin_addr;
1611
1612 /* in the worst case we will try every wins server with every
1613 tag! */
1614 for (t=0; wins_tags && wins_tags[t]; t++) {
1615 int srv_count = wins_srv_count_tag(wins_tags[t]);
1616 for (i=0; i<srv_count; i++) {
1617 struct sockaddr_storage wins_ss;
1618 struct in_addr wins_ip;
1619
1620 wins_ip = wins_srv_ip_tag(wins_tags[t], src_ip);
1621
1622 if (global_in_nmbd && ismyip_v4(wins_ip)) {
1623 /* yikes! we'll loop forever */
1624 continue;
1625 }
1626
1627 /* skip any that have been unresponsive lately */
1628 if (wins_srv_is_dead(wins_ip, src_ip)) {
1629 continue;
1630 }
1631
1632 DEBUG(3,("resolve_wins: using WINS server %s "
1633 "and tag '%s'\n",
1634 inet_ntoa(wins_ip), wins_tags[t]));
1635
1636 in_addr_to_sockaddr_storage(&wins_ss, wins_ip);
1637 status = name_query(name,
1638 name_type,
1639 false,
1640 true,
1641 &wins_ss,
1642 talloc_tos(),
1643 &ss_list,
1644 return_count,
1645 NULL);
1646
1647 /* exit loop if we got a list of addresses */
1648
1649 if (NT_STATUS_IS_OK(status)) {
1650 goto success;
1651 }
1652
1653 if (NT_STATUS_EQUAL(status,
1654 NT_STATUS_IO_TIMEOUT)) {
1655 /* Timed out waiting for WINS server to
1656 * respond.
1657 * Mark it dead. */
1658 wins_srv_died(wins_ip, src_ip);
1659 } else {
1660 /* The name definitely isn't in this
1661 group of WINS servers.
1662 goto the next group */
1663 break;
1664 }
1665 }
1666 }
1667
1668 wins_srv_tags_free(wins_tags);
1669 return NT_STATUS_NO_LOGON_SERVERS;
1670
1671 success:
1672
1673 status = NT_STATUS_OK;
1674 if (!convert_ss2service(return_iplist, ss_list, *return_count))
1675 status = NT_STATUS_INVALID_PARAMETER;
1676
1677 TALLOC_FREE(ss_list);
1678 wins_srv_tags_free(wins_tags);
1679
1680 return status;
1681 }
1682
1683 /********************************************************
1684 Resolve via "lmhosts" method.
1685 *********************************************************/
1686
1687 static NTSTATUS resolve_lmhosts(const char *name, int name_type,
1688 struct ip_service **return_iplist,
1689 int *return_count)
1690 {
1691 /*
1692 * "lmhosts" means parse the local lmhosts file.
1693 */
1694 struct sockaddr_storage *ss_list;
1695 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1696 TALLOC_CTX *ctx = NULL;
1697
1698 *return_iplist = NULL;
1699 *return_count = 0;
1700
1701 DEBUG(3,("resolve_lmhosts: "
1702 "Attempting lmhosts lookup for name %s<0x%x>\n",
1703 name, name_type));
1704
1705 ctx = talloc_init("resolve_lmhosts");
1706 if (!ctx) {
1707 return NT_STATUS_NO_MEMORY;
1708 }
1709
1710 status = resolve_lmhosts_file_as_sockaddr(get_dyn_LMHOSTSFILE(),
1711 name, name_type,
1712 ctx,
1713 &ss_list,
1714 return_count);
1715 if (NT_STATUS_IS_OK(status)) {
1716 if (convert_ss2service(return_iplist,
1717 ss_list,
1718 *return_count)) {
1719 talloc_free(ctx);
1720 return NT_STATUS_OK;
1721 } else {
1722 talloc_free(ctx);
1723 return NT_STATUS_NO_MEMORY;
1724 }
1725 }
1726 talloc_free(ctx);
1727 return status;
1728 }
1729
1730
1731 /********************************************************
1732 Resolve via "hosts" method.
1733 *********************************************************/
1734
1735 static NTSTATUS resolve_hosts(const char *name, int name_type,
1736 struct ip_service **return_iplist,
1737 int *return_count)
1738 {
1739 /*
1740 * "host" means do a localhost, or dns lookup.
1741 */
1742 struct addrinfo hints;
1743 struct addrinfo *ailist = NULL;
1744 struct addrinfo *res = NULL;
1745 int ret = -1;
1746 int i = 0;
1747
1748 if ( name_type != 0x20 && name_type != 0x0) {
1749 DEBUG(5, ("resolve_hosts: not appropriate "
1750 "for name type <0x%x>\n",
1751 name_type));
1752 return NT_STATUS_INVALID_PARAMETER;
1753 }
1754
1755 *return_iplist = NULL;
1756 *return_count = 0;
1757
1758 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
1759 name, name_type));
1760
1761 ZERO_STRUCT(hints);
1762 /* By default make sure it supports TCP. */
1763 hints.ai_socktype = SOCK_STREAM;
1764 hints.ai_flags = AI_ADDRCONFIG;
1765
1766 #if !defined(HAVE_IPV6)
1767 /* Unless we have IPv6, we really only want IPv4 addresses back. */
1768 hints.ai_family = AF_INET;
1769 #endif
1770
1771 ret = getaddrinfo(name,
1772 NULL,
1773 &hints,
1774 &ailist);
1775 if (ret) {
1776 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
1777 name,
1778 gai_strerror(ret) ));
1779 }
1780
1781 for (res = ailist; res; res = res->ai_next) {
1782 struct sockaddr_storage ss;
1783
1784 if (!res->ai_addr || res->ai_addrlen == 0) {
1785 continue;
1786 }
1787
1788 ZERO_STRUCT(ss);
1789 memcpy(&ss, res->ai_addr, res->ai_addrlen);
1790
1791 *return_count += 1;
1792
1793 *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
1794 struct ip_service,
1795 *return_count);
1796 if (!*return_iplist) {
1797 DEBUG(3,("resolve_hosts: malloc fail !\n"));
1798 freeaddrinfo(ailist);
1799 return NT_STATUS_NO_MEMORY;
1800 }
1801 (*return_iplist)[i].ss = ss;
1802 (*return_iplist)[i].port = PORT_NONE;
1803 i++;
1804 }
1805 if (ailist) {
1806 freeaddrinfo(ailist);
1807 }
1808 if (*return_count) {
1809 return NT_STATUS_OK;
1810 }
1811 return NT_STATUS_UNSUCCESSFUL;
1812 }
1813
1814 /********************************************************
1815 Resolve via "ADS" method.
1816 *********************************************************/
1817
1818 static NTSTATUS resolve_ads(const char *name,
1819 int name_type,
1820 const char *sitename,
1821 struct ip_service **return_iplist,
1822 int *return_count)
1823 {
1824 int i, j;
1825 NTSTATUS status;
1826 TALLOC_CTX *ctx;
1827 struct dns_rr_srv *dcs = NULL;
1828 int numdcs = 0;
1829 int numaddrs = 0;
1830
1831 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
1832 (name_type != 0x1b)) {
1833 return NT_STATUS_INVALID_PARAMETER;
1834 }
1835
1836 if ( (ctx = talloc_init("resolve_ads")) == NULL ) {
1837 DEBUG(0,("resolve_ads: talloc_init() failed!\n"));
1838 return NT_STATUS_NO_MEMORY;
1839 }
1840
1841 /* The DNS code needs fixing to find IPv6 addresses... JRA. */
1842
1843 switch (name_type) {
1844 case 0x1b:
1845 DEBUG(5,("resolve_ads: Attempting to resolve "
1846 "PDC for %s using DNS\n", name));
1847 status = ads_dns_query_pdc(ctx, name, &dcs, &numdcs);
1848 break;
1849
1850 case 0x1c:
1851 DEBUG(5,("resolve_ads: Attempting to resolve "
1852 "DCs for %s using DNS\n", name));
1853 status = ads_dns_query_dcs(ctx, name, sitename, &dcs,
1854 &numdcs);
1855 break;
1856 case KDC_NAME_TYPE:
1857 DEBUG(5,("resolve_ads: Attempting to resolve "
1858 "KDCs for %s using DNS\n", name));
1859 status = ads_dns_query_kdcs(ctx, name, sitename, &dcs,
1860 &numdcs);
1861 break;
1862 default:
1863 status = NT_STATUS_INVALID_PARAMETER;
1864 break;
1865 }
1866
1867 if ( !NT_STATUS_IS_OK( status ) ) {
1868 talloc_destroy(ctx);
1869 return status;
1870 }
1871
1872 for (i=0;i<numdcs;i++) {
1873 numaddrs += MAX(dcs[i].num_ips,1);
1874 }
1875
1876 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, numaddrs)) ==
1877 NULL ) {
1878 DEBUG(0,("resolve_ads: malloc failed for %d entries\n",
1879 numaddrs ));
1880 talloc_destroy(ctx);
1881 return NT_STATUS_NO_MEMORY;
1882 }
1883
1884 /* now unroll the list of IP addresses */
1885
1886 *return_count = 0;
1887 i = 0;
1888 j = 0;
1889 while ( i < numdcs && (*return_count<numaddrs) ) {
1890 struct ip_service *r = &(*return_iplist)[*return_count];
1891
1892 r->port = dcs[i].port;
1893
1894 /* If we don't have an IP list for a name, lookup it up */
1895
1896 if (!dcs[i].ss_s) {
1897 interpret_string_addr(&r->ss, dcs[i].hostname, 0);
1898 i++;
1899 j = 0;
1900 } else {
1901 /* use the IP addresses from the SRV sresponse */
1902
1903 if ( j >= dcs[i].num_ips ) {
1904 i++;
1905 j = 0;
1906 continue;
1907 }
1908
1909 r->ss = dcs[i].ss_s[j];
1910 j++;
1911 }
1912
1913 /* make sure it is a valid IP. I considered checking the
1914 * negative connection cache, but this is the wrong place
1915 * for it. Maybe only as a hack. After think about it, if
1916 * all of the IP addresses returned from DNS are dead, what
1917 * hope does a netbios name lookup have ? The standard reason
1918 * for falling back to netbios lookups is that our DNS server
1919 * doesn't know anything about the DC's -- jerry */
1920
1921 if (!is_zero_addr((struct sockaddr *)&r->ss)) {
1922 (*return_count)++;
1923 }
1924 }
1925
1926 talloc_destroy(ctx);
1927 return NT_STATUS_OK;
1928 }
1929
1930 /*******************************************************************
1931 Internal interface to resolve a name into an IP address.
1932 Use this function if the string is either an IP address, DNS
1933 or host name or NetBIOS name. This uses the name switch in the
1934 smb.conf to determine the order of name resolution.
1935
1936 Added support for ip addr/port to support ADS ldap servers.
1937 the only place we currently care about the port is in the
1938 resolve_hosts() when looking up DC's via SRV RR entries in DNS
1939 **********************************************************************/
1940
1941 NTSTATUS internal_resolve_name(const char *name,
1942 int name_type,
1943 const char *sitename,
1944 struct ip_service **return_iplist,
1945 int *return_count,
1946 const char *resolve_order)
1947 {
1948 char *tok;
1949 const char *ptr;
1950 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
1951 int i;
1952 TALLOC_CTX *frame = NULL;
1953
1954 *return_iplist = NULL;
1955 *return_count = 0;
1956
1957 DEBUG(10, ("internal_resolve_name: looking up %s#%x (sitename %s)\n",
1958 name, name_type, sitename ? sitename : "(null)"));
1959
1960 if (is_ipaddress(name)) {
1961 if ((*return_iplist = SMB_MALLOC_P(struct ip_service)) ==
1962 NULL) {
1963 DEBUG(0,("internal_resolve_name: malloc fail !\n"));
1964 return NT_STATUS_NO_MEMORY;
1965 }
1966
1967 /* ignore the port here */
1968 (*return_iplist)->port = PORT_NONE;
1969
1970 /* if it's in the form of an IP address then get the lib to interpret it */
1971 if (!interpret_string_addr(&(*return_iplist)->ss,
1972 name, AI_NUMERICHOST)) {
1973 DEBUG(1,("internal_resolve_name: interpret_string_addr "
1974 "failed on %s\n",
1975 name));
1976 SAFE_FREE(*return_iplist);
1977 return NT_STATUS_INVALID_PARAMETER;
1978 }
1979 *return_count = 1;
1980 return NT_STATUS_OK;
1981 }
1982
1983 /* Check name cache */
1984
1985 if (namecache_fetch(name, name_type, return_iplist, return_count)) {
1986 /* This could be a negative response */
1987 if (*return_count > 0) {
1988 return NT_STATUS_OK;
1989 } else {
1990 return NT_STATUS_UNSUCCESSFUL;
1991 }
1992 }
1993
1994 /* set the name resolution order */
1995
1996 if (strcmp( resolve_order, "NULL") == 0) {
1997 DEBUG(8,("internal_resolve_name: all lookups disabled\n"));
1998 return NT_STATUS_INVALID_PARAMETER;
1999 }
2000
2001 if (!resolve_order[0]) {
2002 ptr = "host";
2003 } else {
2004 ptr = resolve_order;
2005 }
2006
2007 /* iterate through the name resolution backends */
2008
2009 frame = talloc_stackframe();
2010 while (next_token_talloc(frame, &ptr, &tok, LIST_SEP)) {
2011 if((strequal(tok, "host") || strequal(tok, "hosts"))) {
2012 status = resolve_hosts(name, name_type, return_iplist,
2013 return_count);
2014 if (NT_STATUS_IS_OK(status)) {
2015 goto done;
2016 }
2017 } else if(strequal( tok, "kdc")) {
2018 /* deal with KDC_NAME_TYPE names here.
2019 * This will result in a SRV record lookup */
2020 status = resolve_ads(name, KDC_NAME_TYPE, sitename,
2021 return_iplist, return_count);
2022 if (NT_STATUS_IS_OK(status)) {
2023 /* Ensure we don't namecache
2024 * this with the KDC port. */
2025 name_type = KDC_NAME_TYPE;
2026 goto done;
2027 }
2028 } else if(strequal( tok, "ads")) {
2029 /* deal with 0x1c and 0x1b names here.
2030 * This will result in a SRV record lookup */
2031 status = resolve_ads(name, name_type, sitename,
2032 return_iplist, return_count);
2033 if (NT_STATUS_IS_OK(status)) {
2034 goto done;
2035 }
2036 } else if(strequal( tok, "lmhosts")) {
2037 status = resolve_lmhosts(name, name_type,
2038 return_iplist, return_count);
2039 if (NT_STATUS_IS_OK(status)) {
2040 goto done;
2041 }
2042 } else if(strequal( tok, "wins")) {
2043 /* don't resolve 1D via WINS */
2044 if (name_type != 0x1D) {
2045 status = resolve_wins(name, name_type,
2046 return_iplist,
2047 return_count);
2048 if (NT_STATUS_IS_OK(status)) {
2049 goto done;
2050 }
2051 }
2052 } else if(strequal( tok, "bcast")) {
2053 status = name_resolve_bcast(name, name_type,
2054 return_iplist,
2055 return_count);
2056 if (NT_STATUS_IS_OK(status)) {
2057 goto done;
2058 }
2059 } else {
2060 DEBUG(0,("resolve_name: unknown name switch type %s\n",
2061 tok));
2062 }
2063 }
2064
2065 /* All of the resolve_* functions above have returned false. */
2066
2067 TALLOC_FREE(frame);
2068 SAFE_FREE(*return_iplist);
2069 *return_count = 0;
2070
2071 return NT_STATUS_UNSUCCESSFUL;
2072
2073 done:
2074
2075 /* Remove duplicate entries. Some queries, notably #1c (domain
2076 controllers) return the PDC in iplist[0] and then all domain
2077 controllers including the PDC in iplist[1..n]. Iterating over
2078 the iplist when the PDC is down will cause two sets of timeouts. */
2079
2080 if ( *return_count ) {
2081 *return_count = remove_duplicate_addrs2(*return_iplist,
2082 *return_count );
2083 }
2084
2085 /* Save in name cache */
2086 if ( DEBUGLEVEL >= 100 ) {
2087 for (i = 0; i < *return_count && DEBUGLEVEL == 100; i++) {
2088 char addr[INET6_ADDRSTRLEN];
2089 print_sockaddr(addr, sizeof(addr),
2090 &(*return_iplist)[i].ss);
2091 DEBUG(100, ("Storing name %s of type %d (%s:%d)\n",
2092 name,
2093 name_type,
2094 addr,
2095 (*return_iplist)[i].port));
2096 }
2097 }
2098
2099 namecache_store(name, name_type, *return_count, *return_iplist);
2100
2101 /* Display some debugging info */
2102
2103 if ( DEBUGLEVEL >= 10 ) {
2104 DEBUG(10, ("internal_resolve_name: returning %d addresses: ",
2105 *return_count));
2106
2107 for (i = 0; i < *return_count; i++) {
2108 char addr[INET6_ADDRSTRLEN];
2109 print_sockaddr(addr, sizeof(addr),
2110 &(*return_iplist)[i].ss);
2111 DEBUGADD(10, ("%s:%d ",
2112 addr,
2113 (*return_iplist)[i].port));
2114 }
2115 DEBUG(10, ("\n"));
2116 }
2117
2118 TALLOC_FREE(frame);
2119 return status;
2120 }
2121
2122 /********************************************************
2123 Internal interface to resolve a name into one IP address.
2124 Use this function if the string is either an IP address, DNS
2125 or host name or NetBIOS name. This uses the name switch in the
2126 smb.conf to determine the order of name resolution.
2127 *********************************************************/
2128
2129 bool resolve_name(const char *name,
2130 struct sockaddr_storage *return_ss,
2131 int name_type,
2132 bool prefer_ipv4)
2133 {
2134 struct ip_service *ss_list = NULL;
2135 char *sitename = NULL;
2136 int count = 0;
2137
2138 if (is_ipaddress(name)) {
2139 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2140 }
2141
2142 sitename = sitename_fetch(lp_realm()); /* wild guess */
2143
2144 if (NT_STATUS_IS_OK(internal_resolve_name(name, name_type, sitename,
2145 &ss_list, &count,
2146 lp_name_resolve_order()))) {
2147 int i;
2148
2149 if (prefer_ipv4) {
2150 for (i=0; i<count; i++) {
2151 if (!is_zero_addr((struct sockaddr *)&ss_list[i].ss) &&
2152 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss) &&
2153 (ss_list[i].ss.ss_family == AF_INET)) {
2154 *return_ss = ss_list[i].ss;
2155 SAFE_FREE(ss_list);
2156 SAFE_FREE(sitename);
2157 return True;
2158 }
2159 }
2160 }
2161
2162 /* only return valid addresses for TCP connections */
2163 for (i=0; i<count; i++) {
2164 if (!is_zero_addr((struct sockaddr *)&ss_list[i].ss) &&
2165 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2166 *return_ss = ss_list[i].ss;
2167 SAFE_FREE(ss_list);
2168 SAFE_FREE(sitename);
2169 return True;
2170 }
2171 }
2172 }
2173
2174 SAFE_FREE(ss_list);
2175 SAFE_FREE(sitename);
2176 return False;
2177 }
2178
2179 /********************************************************
2180 Internal interface to resolve a name into a list of IP addresses.
2181 Use this function if the string is either an IP address, DNS
2182 or host name or NetBIOS name. This uses the name switch in the
2183 smb.conf to determine the order of name resolution.
2184 *********************************************************/
2185
2186 NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
2187 const char *name,
2188 int name_type,
2189 struct sockaddr_storage **return_ss_arr,
2190 unsigned int *p_num_entries)
2191 {
2192 struct ip_service *ss_list = NULL;
2193 char *sitename = NULL;
2194 int count = 0;
2195 int i;
2196 unsigned int num_entries;
2197 NTSTATUS status;
2198
2199 *p_num_entries = 0;
2200 *return_ss_arr = NULL;
2201
2202 if (is_ipaddress(name)) {
2203 *return_ss_arr = TALLOC_P(ctx, struct sockaddr_storage);
2204 if (!*return_ss_arr) {
2205 return NT_STATUS_NO_MEMORY;
2206 }
2207 if (!interpret_string_addr(*return_ss_arr, name, AI_NUMERICHOST)) {
2208 TALLOC_FREE(*return_ss_arr);
2209 return NT_STATUS_BAD_NETWORK_NAME;
2210 }
2211 *p_num_entries = 1;
2212 return NT_STATUS_OK;
2213 }
2214
2215 sitename = sitename_fetch(lp_realm()); /* wild guess */
2216
2217 status = internal_resolve_name(name, name_type, sitename,
2218 &ss_list, &count,
2219 lp_name_resolve_order());
2220 SAFE_FREE(sitename);
2221
2222 if (!NT_STATUS_IS_OK(status)) {
2223 return status;
2224 }
2225
2226 /* only return valid addresses for TCP connections */
2227 for (i=0, num_entries = 0; i<count; i++) {
2228 if (!is_zero_addr((struct sockaddr *)&ss_list[i].ss) &&
2229 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2230 num_entries++;
2231 }
2232 }
2233 if (num_entries == 0) {
2234 SAFE_FREE(ss_list);
2235 return NT_STATUS_BAD_NETWORK_NAME;
2236 }
2237
2238 *return_ss_arr = TALLOC_ARRAY(ctx,
2239 struct sockaddr_storage,
2240 num_entries);
2241 if (!(*return_ss_arr)) {
2242 SAFE_FREE(ss_list);
2243 return NT_STATUS_NO_MEMORY;
2244 }
2245
2246 for (i=0, num_entries = 0; i<count; i++) {
2247 if (!is_zero_addr((struct sockaddr *)&ss_list[i].ss) &&
2248 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2249 (*return_ss_arr)[num_entries++] = ss_list[i].ss;
2250 }
2251 }
2252
2253 status = NT_STATUS_OK;
2254 *p_num_entries = num_entries;
2255
2256 SAFE_FREE(ss_list);
2257 return NT_STATUS_OK;
2258 }
2259
2260 /********************************************************
2261 Find the IP address of the master browser or DMB for a workgroup.
2262 *********************************************************/
2263
2264 bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
2265 {
2266 struct ip_service *ip_list = NULL;
2267 int count = 0;
2268 NTSTATUS status;
2269
2270 if (lp_disable_netbios()) {
2271 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
2272 return false;
2273 }
2274
2275 status = internal_resolve_name(group, 0x1D, NULL, &ip_list, &count,
2276 lp_name_resolve_order());
2277 if (NT_STATUS_IS_OK(status)) {
2278 *master_ss = ip_list[0].ss;
2279 SAFE_FREE(ip_list);
2280 return true;
2281 }
2282
2283 status = internal_resolve_name(group, 0x1B, NULL, &ip_list, &count,
2284 lp_name_resolve_order());
2285 if (NT_STATUS_IS_OK(status)) {
2286 *master_ss = ip_list[0].ss;
2287 SAFE_FREE(ip_list);
2288 return true;
2289 }
2290
2291 SAFE_FREE(ip_list);
2292 return false;
2293 }
2294
2295 /********************************************************
2296 Get the IP address list of the primary domain controller
2297 for a domain.
2298 *********************************************************/
2299
2300 bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
2301 {
2302 struct ip_service *ip_list = NULL;
2303 int count = 0;
2304 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
2305
2306 /* Look up #1B name */
2307
2308 if (lp_security() == SEC_ADS) {
2309 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2310 &count, "ads");
2311 }
2312
2313 if (!NT_STATUS_IS_OK(status) || count == 0) {
2314 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2315 &count,
2316 lp_name_resolve_order());
2317 if (!NT_STATUS_IS_OK(status)) {
2318 return false;
2319 }
2320 }
2321
2322 /* if we get more than 1 IP back we have to assume it is a
2323 multi-homed PDC and not a mess up */
2324
2325 if ( count > 1 ) {
2326 DEBUG(6,("get_pdc_ip: PDC has %d IP addresses!\n", count));
2327 sort_service_list(ip_list, count);
2328 }
2329
2330 *pss = ip_list[0].ss;
2331 SAFE_FREE(ip_list);
2332 return true;
2333 }
2334
2335 /* Private enum type for lookups. */
2336
2337 enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
2338
2339 /********************************************************
2340 Get the IP address list of the domain controllers for
2341 a domain.
2342 *********************************************************/
2343
2344 static NTSTATUS get_dc_list(const char *domain,
2345 const char *sitename,
2346 struct ip_service **ip_list,
2347 int *count,
2348 enum dc_lookup_type lookup_type,
2349 bool *ordered)
2350 {
2351 char *resolve_order = NULL;
2352 char *saf_servername = NULL;
2353 char *pserver = NULL;
2354 const char *p;
2355 char *port_str = NULL;
2356 int port;
2357 char *name;
2358 int num_addresses = 0;
2359 int local_count, i, j;
2360 struct ip_service *return_iplist = NULL;
2361 struct ip_service *auto_ip_list = NULL;
2362 bool done_auto_lookup = false;
2363 int auto_count = 0;
2364 NTSTATUS status;
2365 TALLOC_CTX *ctx = talloc_init("get_dc_list");
2366
2367 *ip_list = NULL;
2368 *count = 0;
2369
2370 if (!ctx) {
2371 return NT_STATUS_NO_MEMORY;
2372 }
2373
2374 *ordered = False;
2375
2376 /* if we are restricted to solely using DNS for looking
2377 up a domain controller, make sure that host lookups
2378 are enabled for the 'name resolve order'. If host lookups
2379 are disabled and ads_only is True, then set the string to
2380 NULL. */
2381
2382 resolve_order = talloc_strdup(ctx, lp_name_resolve_order());
2383 if (!resolve_order) {
2384 status = NT_STATUS_NO_MEMORY;
2385 goto out;
2386 }
2387 strlower_m(resolve_order);
2388 if (lookup_type == DC_ADS_ONLY) {
2389 if (strstr( resolve_order, "host")) {
2390 resolve_order = talloc_strdup(ctx, "ads");
2391
2392 /* DNS SRV lookups used by the ads resolver
2393 are already sorted by priority and weight */
2394 *ordered = true;
2395 } else {
2396 resolve_order = talloc_strdup(ctx, "NULL");
2397 }
2398 } else if (lookup_type == DC_KDC_ONLY) {
2399 /* DNS SRV lookups used by the ads/kdc resolver
2400 are already sorted by priority and weight */
2401 *ordered = true;
2402 resolve_order = talloc_strdup(ctx, "kdc");
2403 }
2404 if (!resolve_order) {
2405 status = NT_STATUS_NO_MEMORY;
2406 goto out;
2407 }
2408
2409 /* fetch the server we have affinity for. Add the
2410 'password server' list to a search for our domain controllers */
2411
2412 saf_servername = saf_fetch( domain);
2413
2414 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
2415 pserver = talloc_asprintf(ctx, "%s, %s",
2416 saf_servername ? saf_servername : "",
2417 lp_passwordserver());
2418 } else {
2419 pserver = talloc_asprintf(ctx, "%s, *",
2420 saf_servername ? saf_servername : "");
2421 }
2422
2423 SAFE_FREE(saf_servername);
2424 if (!pserver) {
2425 status = NT_STATUS_NO_MEMORY;
2426 goto out;
2427 }
2428
2429 /* if we are starting from scratch, just lookup DOMAIN<0x1c> */
2430
2431 if (!*pserver ) {
2432 DEBUG(10,("get_dc_list: no preferred domain controllers.\n"));
2433 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2434 count, resolve_order);
2435 goto out;
2436 }
2437
2438 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
2439
2440 /*
2441 * if '*' appears in the "password server" list then add
2442 * an auto lookup to the list of manually configured
2443 * DC's. If any DC is listed by name, then the list should be
2444 * considered to be ordered
2445 */
2446
2447 p = pserver;
2448 while (next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2449 if (!done_auto_lookup && strequal(name, "*")) {
2450 status = internal_resolve_name(domain, 0x1C, sitename,
2451 &auto_ip_list,
2452 &auto_count,
2453 resolve_order);
2454 if (NT_STATUS_IS_OK(status)) {
2455 num_addresses += auto_count;
2456 }
2457 done_auto_lookup = true;
2458 DEBUG(8,("Adding %d DC's from auto lookup\n",
2459 auto_count));
2460 } else {
2461 num_addresses++;
2462 }
2463 }
2464
2465 /* if we have no addresses and haven't done the auto lookup, then
2466 just return the list of DC's. Or maybe we just failed. */
2467
2468 if ((num_addresses == 0)) {
2469 if (done_auto_lookup) {
2470 DEBUG(4,("get_dc_list: no servers found\n"));
2471 status = NT_STATUS_NO_LOGON_SERVERS;
2472 goto out;
2473 }
2474 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2475 count, resolve_order);
2476 goto out;
2477 }
2478
2479 if ((return_iplist = SMB_MALLOC_ARRAY(struct ip_service,
2480 num_addresses)) == NULL) {
2481 DEBUG(3,("get_dc_list: malloc fail !\n"));
2482 status = NT_STATUS_NO_MEMORY;
2483 goto out;
2484 }
2485
2486 p = pserver;
2487 local_count = 0;
2488
2489 /* fill in the return list now with real IP's */
2490
2491 while ((local_count<num_addresses) &&
2492 next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2493 struct sockaddr_storage name_ss;
2494
2495 /* copy any addersses from the auto lookup */
2496
2497 if (strequal(name, "*")) {
2498 for (j=0; j<auto_count; j++) {
2499 char addr[INET6_ADDRSTRLEN];
2500 print_sockaddr(addr,
2501 sizeof(addr),
2502 &auto_ip_list[j].ss);
2503 /* Check for and don't copy any
2504 * known bad DC IP's. */
2505 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
2506 domain,
2507 addr))) {
2508 DEBUG(5,("get_dc_list: "
2509 "negative entry %s removed "
2510 "from DC list\n",
2511 addr));
2512 continue;
2513 }
2514 return_iplist[local_count].ss =
2515 auto_ip_list[j].ss;
2516 return_iplist[local_count].port =
2517 auto_ip_list[j].port;
2518 local_count++;
2519 }
2520 continue;
2521 }
2522
2523 /* added support for address:port syntax for ads
2524 * (not that I think anyone will ever run the LDAP
2525 * server in an AD domain on something other than
2526 * port 389 */
2527
2528 port = (lp_security() == SEC_ADS) ? LDAP_PORT : PORT_NONE;
2529 if ((port_str=strchr(name, ':')) != NULL) {
2530 *port_str = '\0';
2531 port_str++;
2532 port = atoi(port_str);
2533 }
2534
2535 /* explicit lookup; resolve_name() will
2536 * handle names & IP addresses */
2537 if (resolve_name( name, &name_ss, 0x20, true )) {
2538 char addr[INET6_ADDRSTRLEN];
2539 print_sockaddr(addr,
2540 sizeof(addr),
2541 &name_ss);
2542
2543 /* Check for and don't copy any known bad DC IP's. */
2544 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
2545 addr)) ) {
2546 DEBUG(5,("get_dc_list: negative entry %s "
2547 "removed from DC list\n",
2548 name ));
2549 continue;
2550 }
2551
2552 return_iplist[local_count].ss = name_ss;
2553 return_iplist[local_count].port = port;
2554 local_count++;
2555 *ordered = true;
2556 }
2557 }
2558
2559 /* need to remove duplicates in the list if we have any
2560 explicit password servers */
2561
2562 if (local_count) {
2563 local_count = remove_duplicate_addrs2(return_iplist,
2564 local_count );
2565 }
2566
2567 /* For DC's we always prioritize IPv4 due to W2K3 not
2568 * supporting LDAP, KRB5 or CLDAP over IPv6. */
2569
2570 if (local_count && return_iplist) {
2571 prioritize_ipv4_list(return_iplist, local_count);
2572 }
2573
2574 if ( DEBUGLEVEL >= 4 ) {
2575 DEBUG(4,("get_dc_list: returning %d ip addresses "
2576 "in an %sordered list\n",
2577 local_count,
2578 *ordered ? "":"un"));
2579 DEBUG(4,("get_dc_list: "));
2580 for ( i=0; i<local_count; i++ ) {
2581 char addr[INET6_ADDRSTRLEN];
2582 print_sockaddr(addr,
2583 sizeof(addr),
2584 &return_iplist[i].ss);
2585 DEBUGADD(4,("%s:%d ", addr, return_iplist[i].port ));
2586 }
2587 DEBUGADD(4,("\n"));
2588 }
2589
2590 *ip_list = return_iplist;
2591 *count = local_count;
2592
2593 status = ( *count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS );
2594
2595 out:
2596
2597 if (!NT_STATUS_IS_OK(status)) {
2598 SAFE_FREE(return_iplist);
2599 *ip_list = NULL;
2600 *count = 0;
2601 }
2602
2603 SAFE_FREE(auto_ip_list);
2604 TALLOC_FREE(ctx);
2605 return status;
2606 }
2607
2608 /*********************************************************************
2609 Small wrapper function to get the DC list and sort it if neccessary.
2610 *********************************************************************/
2611
2612 NTSTATUS get_sorted_dc_list( const char *domain,
2613 const char *sitename,
2614 struct ip_service **ip_list,
2615 int *count,
2616 bool ads_only )
2617 {
2618 bool ordered = false;
2619 NTSTATUS status;
2620 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
2621
2622 *ip_list = NULL;
2623 *count = 0;
2624
2625 DEBUG(8,("get_sorted_dc_list: attempting lookup "
2626 "for name %s (sitename %s) using [%s]\n",
2627 domain,
2628 sitename ? sitename : "NULL",
2629 (ads_only ? "ads" : lp_name_resolve_order())));
2630
2631 if (ads_only) {
2632 lookup_type = DC_ADS_ONLY;
2633 }
2634
2635 status = get_dc_list(domain, sitename, ip_list,
2636 count, lookup_type, &ordered);
2637 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
2638 && sitename) {
2639 DEBUG(3,("get_sorted_dc_list: no server for name %s available"
2640 " in site %s, fallback to all servers\n",
2641 domain, sitename));
2642 status = get_dc_list(domain, NULL, ip_list,
2643 count, lookup_type, &ordered);
2644 }
2645
2646 if (!NT_STATUS_IS_OK(status)) {
2647 SAFE_FREE(*ip_list);
2648 *count = 0;
2649 return status;
2650 }
2651
2652 /* only sort if we don't already have an ordered list */
2653 if (!ordered) {
2654 sort_service_list(*ip_list, *count);
2655 }
2656
2657 return NT_STATUS_OK;
2658 }
2659
2660 /*********************************************************************
2661 Get the KDC list - re-use all the logic in get_dc_list.
2662 *********************************************************************/
2663
2664 NTSTATUS get_kdc_list( const char *realm,
2665 const char *sitename,
2666 struct ip_service **ip_list,
2667 int *count)
2668 {
2669 bool ordered;
2670 NTSTATUS status;
2671
2672 *count = 0;
2673 *ip_list = NULL;
2674
2675 status = get_dc_list(realm, sitename, ip_list,
2676 count, DC_KDC_ONLY, &ordered);
2677
2678 if (!NT_STATUS_IS_OK(status)) {
2679 SAFE_FREE(*ip_list);
2680 *count = 0;
2681 return status;
2682 }
2683
2684 /* only sort if we don't already have an ordered list */
2685 if ( !ordered ) {
2686 sort_service_list(*ip_list, *count);
2687 }
2688
2689 return NT_STATUS_OK;
2690 }
Samba GIT mirror