search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: Remove unused cli_reset_error
[Samba.git] / source3 / libsmb / namequery.c
blob1cd5eb79bbcd1cb222a566cdbba0c0911ba4bcc1
1 /*
2 Unix SMB/CIFS implementation.
3 name query routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "../lib/util/tevent_ntstatus.h"
23 #include "libads/sitename_cache.h"
24 #include "libads/dns.h"
25 #include "../libcli/netlogon/netlogon.h"
26 #include "lib/async_req/async_sock.h"
27 #include "libsmb/nmblib.h"
28
29 /* nmbd.c sets this to True. */
30 bool global_in_nmbd = False;
31
32 /****************************
33 * SERVER AFFINITY ROUTINES *
34 ****************************/
35
36 /* Server affinity is the concept of preferring the last domain
37 controller with whom you had a successful conversation */
38
39 /****************************************************************************
40 ****************************************************************************/
41 #define SAFKEY_FMT "SAF/DOMAIN/%s"
42 #define SAF_TTL 900
43 #define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
44 #define SAFJOIN_TTL 3600
45
46 static char *saf_key(const char *domain)
47 {
48 char *keystr;
49
50 asprintf_strupper_m(&keystr, SAFKEY_FMT, domain);
51
52 return keystr;
53 }
54
55 static char *saf_join_key(const char *domain)
56 {
57 char *keystr;
58
59 asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain);
60
61 return keystr;
62 }
63
64 /****************************************************************************
65 ****************************************************************************/
66
67 bool saf_store( const char *domain, const char *servername )
68 {
69 char *key;
70 time_t expire;
71 bool ret = False;
72
73 if ( !domain || !servername ) {
74 DEBUG(2,("saf_store: "
75 "Refusing to store empty domain or servername!\n"));
76 return False;
77 }
78
79 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
80 DEBUG(0,("saf_store: "
81 "refusing to store 0 length domain or servername!\n"));
82 return False;
83 }
84
85 key = saf_key( domain );
86 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
87
88 DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n",
89 domain, servername, (unsigned int)expire ));
90
91 ret = gencache_set( key, servername, expire );
92
93 SAFE_FREE( key );
94
95 return ret;
96 }
97
98 bool saf_join_store( const char *domain, const char *servername )
99 {
100 char *key;
101 time_t expire;
102 bool ret = False;
103
104 if ( !domain || !servername ) {
105 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
106 return False;
107 }
108
109 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
110 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
111 return False;
112 }
113
114 key = saf_join_key( domain );
115 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
116
117 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
118 domain, servername, (unsigned int)expire ));
119
120 ret = gencache_set( key, servername, expire );
121
122 SAFE_FREE( key );
123
124 return ret;
125 }
126
127 bool saf_delete( const char *domain )
128 {
129 char *key;
130 bool ret = False;
131
132 if ( !domain ) {
133 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
134 return False;
135 }
136
137 key = saf_join_key(domain);
138 ret = gencache_del(key);
139 SAFE_FREE(key);
140
141 if (ret) {
142 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
143 }
144
145 key = saf_key(domain);
146 ret = gencache_del(key);
147 SAFE_FREE(key);
148
149 if (ret) {
150 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
151 }
152
153 return ret;
154 }
155
156 /****************************************************************************
157 ****************************************************************************/
158
159 char *saf_fetch( const char *domain )
160 {
161 char *server = NULL;
162 time_t timeout;
163 bool ret = False;
164 char *key = NULL;
165
166 if ( !domain || strlen(domain) == 0) {
167 DEBUG(2,("saf_fetch: Empty domain name!\n"));
168 return NULL;
169 }
170
171 key = saf_join_key( domain );
172
173 ret = gencache_get( key, &server, &timeout );
174
175 SAFE_FREE( key );
176
177 if ( ret ) {
178 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
179 server, domain ));
180 return server;
181 }
182
183 key = saf_key( domain );
184
185 ret = gencache_get( key, &server, &timeout );
186
187 SAFE_FREE( key );
188
189 if ( !ret ) {
190 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
191 domain ));
192 } else {
193 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
194 server, domain ));
195 }
196
197 return server;
198 }
199
200 static void set_socket_addr_v4(struct sockaddr_storage *addr)
201 {
202 if (!interpret_string_addr(addr, lp_socket_address(),
203 AI_NUMERICHOST|AI_PASSIVE)) {
204 zero_sockaddr(addr);
205 }
206 if (addr->ss_family != AF_INET) {
207 zero_sockaddr(addr);
208 }
209 }
210
211 /****************************************************************************
212 Generate a random trn_id.
213 ****************************************************************************/
214
215 static int generate_trn_id(void)
216 {
217 uint16 id;
218
219 generate_random_buffer((uint8 *)&id, sizeof(id));
220
221 return id % (unsigned)0x7FFF;
222 }
223
224 /****************************************************************************
225 Parse a node status response into an array of structures.
226 ****************************************************************************/
227
228 static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx, char *p,
229 int *num_names,
230 struct node_status_extra *extra)
231 {
232 struct node_status *ret;
233 int i;
234
235 *num_names = CVAL(p,0);
236
237 if (*num_names == 0)
238 return NULL;
239
240 ret = TALLOC_ARRAY(mem_ctx, struct node_status,*num_names);
241 if (!ret)
242 return NULL;
243
244 p++;
245 for (i=0;i< *num_names;i++) {
246 StrnCpy(ret[i].name,p,15);
247 trim_char(ret[i].name,'\0',' ');
248 ret[i].type = CVAL(p,15);
249 ret[i].flags = p[16];
250 p += 18;
251 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
252 ret[i].type, ret[i].flags));
253 }
254 /*
255 * Also, pick up the MAC address ...
256 */
257 if (extra) {
258 memcpy(&extra->mac_addr, p, 6); /* Fill in the mac addr */
259 }
260 return ret;
261 }
262
263 struct sock_packet_read_state {
264 struct tevent_context *ev;
265 enum packet_type type;
266 int trn_id;
267
268 struct nb_packet_reader *reader;
269 struct tevent_req *reader_req;
270
271 int sock;
272 struct tevent_req *socket_req;
273 uint8_t buf[1024];
274 struct sockaddr_storage addr;
275 socklen_t addr_len;
276
277 bool (*validator)(struct packet_struct *p,
278 void *private_data);
279 void *private_data;
280
281 struct packet_struct *packet;
282 };
283
284 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s);
285 static void sock_packet_read_got_packet(struct tevent_req *subreq);
286 static void sock_packet_read_got_socket(struct tevent_req *subreq);
287
288 static struct tevent_req *sock_packet_read_send(
289 TALLOC_CTX *mem_ctx,
290 struct tevent_context *ev,
291 int sock, /* dgram socket */
292 struct nb_packet_reader *reader,
293 enum packet_type type,
294 int trn_id,
295 bool (*validator)(struct packet_struct *p, void *private_data),
296 void *private_data)
297 {
298 struct tevent_req *req;
299 struct sock_packet_read_state *state;
300
301 req = tevent_req_create(mem_ctx, &state,
302 struct sock_packet_read_state);
303 if (req == NULL) {
304 return NULL;
305 }
306 talloc_set_destructor(state, sock_packet_read_state_destructor);
307 state->ev = ev;
308 state->reader = reader;
309 state->sock = sock;
310 state->type = type;
311 state->trn_id = trn_id;
312 state->validator = validator;
313 state->private_data = private_data;
314
315 if (reader != NULL) {
316 state->reader_req = nb_packet_read_send(state, ev, reader);
317 if (tevent_req_nomem(state->reader_req, req)) {
318 return tevent_req_post(req, ev);
319 }
320 tevent_req_set_callback(
321 state->reader_req, sock_packet_read_got_packet, req);
322 }
323
324 state->addr_len = sizeof(state->addr);
325 state->socket_req = recvfrom_send(state, ev, sock,
326 state->buf, sizeof(state->buf), 0,
327 &state->addr, &state->addr_len);
328 if (tevent_req_nomem(state->socket_req, req)) {
329 return tevent_req_post(req, ev);
330 }
331 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
332 req);
333
334 return req;
335 }
336
337 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s)
338 {
339 if (s->packet != NULL) {
340 free_packet(s->packet);
341 s->packet = NULL;
342 }
343 return 0;
344 }
345
346 static void sock_packet_read_got_packet(struct tevent_req *subreq)
347 {
348 struct tevent_req *req = tevent_req_callback_data(
349 subreq, struct tevent_req);
350 struct sock_packet_read_state *state = tevent_req_data(
351 req, struct sock_packet_read_state);
352 NTSTATUS status;
353
354 status = nb_packet_read_recv(subreq, &state->packet);
355
356 TALLOC_FREE(state->reader_req);
357
358 if (!NT_STATUS_IS_OK(status)) {
359 if (state->socket_req != NULL) {
360 /*
361 * Still waiting for socket
362 */
363 return;
364 }
365 /*
366 * Both socket and packet reader failed
367 */
368 tevent_req_nterror(req, status);
369 return;
370 }
371
372 if ((state->validator != NULL) &&
373 !state->validator(state->packet, state->private_data)) {
374 DEBUG(10, ("validator failed\n"));
375
376 free_packet(state->packet);
377 state->packet = NULL;
378
379 state->reader_req = nb_packet_read_send(state, state->ev,
380 state->reader);
381 if (tevent_req_nomem(state->reader_req, req)) {
382 return;
383 }
384 tevent_req_set_callback(
385 state->reader_req, sock_packet_read_got_packet, req);
386 return;
387 }
388
389 TALLOC_FREE(state->socket_req);
390 tevent_req_done(req);
391 }
392
393 static void sock_packet_read_got_socket(struct tevent_req *subreq)
394 {
395 struct tevent_req *req = tevent_req_callback_data(
396 subreq, struct tevent_req);
397 struct sock_packet_read_state *state = tevent_req_data(
398 req, struct sock_packet_read_state);
399 struct sockaddr_in *in_addr;
400 ssize_t received;
401 int err;
402
403 received = recvfrom_recv(subreq, &err);
404
405 TALLOC_FREE(state->socket_req);
406
407 if (received == -1) {
408 if (state->reader_req != NULL) {
409 /*
410 * Still waiting for reader
411 */
412 return;
413 }
414 /*
415 * Both socket and reader failed
416 */
417 tevent_req_nterror(req, map_nt_error_from_unix(err));
418 return;
419 }
420 if (state->addr.ss_family != AF_INET) {
421 goto retry;
422 }
423 in_addr = (struct sockaddr_in *)(void *)&state->addr;
424
425 state->packet = parse_packet((char *)state->buf, received, state->type,
426 in_addr->sin_addr, in_addr->sin_port);
427 if (state->packet == NULL) {
428 DEBUG(10, ("parse_packet failed\n"));
429 goto retry;
430 }
431 if ((state->trn_id != -1) &&
432 (state->trn_id != packet_trn_id(state->packet))) {
433 DEBUG(10, ("Expected transaction id %d, got %d\n",
434 state->trn_id, packet_trn_id(state->packet)));
435 goto retry;
436 }
437
438 if ((state->validator != NULL) &&
439 !state->validator(state->packet, state->private_data)) {
440 DEBUG(10, ("validator failed\n"));
441 goto retry;
442 }
443
444 tevent_req_done(req);
445 return;
446
447 retry:
448 if (state->packet != NULL) {
449 free_packet(state->packet);
450 state->packet = NULL;
451 }
452 state->socket_req = recvfrom_send(state, state->ev, state->sock,
453 state->buf, sizeof(state->buf), 0,
454 &state->addr, &state->addr_len);
455 if (tevent_req_nomem(state->socket_req, req)) {
456 return;
457 }
458 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
459 req);
460 }
461
462 static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
463 struct packet_struct **ppacket)
464 {
465 struct sock_packet_read_state *state = tevent_req_data(
466 req, struct sock_packet_read_state);
467 NTSTATUS status;
468
469 if (tevent_req_is_nterror(req, &status)) {
470 return status;
471 }
472 *ppacket = state->packet;
473 state->packet = NULL;
474 return NT_STATUS_OK;
475 }
476
477 struct nb_trans_state {
478 struct tevent_context *ev;
479 int sock;
480 struct nb_packet_reader *reader;
481
482 const struct sockaddr_storage *dst_addr;
483 uint8_t *buf;
484 size_t buflen;
485 enum packet_type type;
486 int trn_id;
487
488 bool (*validator)(struct packet_struct *p,
489 void *private_data);
490 void *private_data;
491
492 struct packet_struct *packet;
493 };
494
495 static int nb_trans_state_destructor(struct nb_trans_state *s);
496 static void nb_trans_got_reader(struct tevent_req *subreq);
497 static void nb_trans_done(struct tevent_req *subreq);
498 static void nb_trans_sent(struct tevent_req *subreq);
499 static void nb_trans_send_next(struct tevent_req *subreq);
500
501 static struct tevent_req *nb_trans_send(
502 TALLOC_CTX *mem_ctx,
503 struct tevent_context *ev,
504 const struct sockaddr_storage *my_addr,
505 const struct sockaddr_storage *dst_addr,
506 bool bcast,
507 uint8_t *buf, size_t buflen,
508 enum packet_type type, int trn_id,
509 bool (*validator)(struct packet_struct *p,
510 void *private_data),
511 void *private_data)
512 {
513 struct tevent_req *req, *subreq;
514 struct nb_trans_state *state;
515
516 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
517 if (req == NULL) {
518 return NULL;
519 }
520 talloc_set_destructor(state, nb_trans_state_destructor);
521 state->ev = ev;
522 state->dst_addr = dst_addr;
523 state->buf = buf;
524 state->buflen = buflen;
525 state->type = type;
526 state->trn_id = trn_id;
527 state->validator = validator;
528 state->private_data = private_data;
529
530 state->sock = open_socket_in(SOCK_DGRAM, 0, 3, my_addr, True);
531 if (state->sock == -1) {
532 tevent_req_nterror(req, map_nt_error_from_unix(errno));
533 DEBUG(10, ("open_socket_in failed: %s\n", strerror(errno)));
534 return tevent_req_post(req, ev);
535 }
536
537 if (bcast) {
538 set_socket_options(state->sock,"SO_BROADCAST");
539 }
540
541 subreq = nb_packet_reader_send(state, ev, type, state->trn_id, NULL);
542 if (tevent_req_nomem(subreq, req)) {
543 return tevent_req_post(req, ev);
544 }
545 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
546 return req;
547 }
548
549 static int nb_trans_state_destructor(struct nb_trans_state *s)
550 {
551 if (s->sock != -1) {
552 close(s->sock);
553 s->sock = -1;
554 }
555 if (s->packet != NULL) {
556 free_packet(s->packet);
557 s->packet = NULL;
558 }
559 return 0;
560 }
561
562 static void nb_trans_got_reader(struct tevent_req *subreq)
563 {
564 struct tevent_req *req = tevent_req_callback_data(
565 subreq, struct tevent_req);
566 struct nb_trans_state *state = tevent_req_data(
567 req, struct nb_trans_state);
568 NTSTATUS status;
569
570 status = nb_packet_reader_recv(subreq, state, &state->reader);
571 TALLOC_FREE(subreq);
572
573 if (!NT_STATUS_IS_OK(status)) {
574 DEBUG(10, ("nmbd not around\n"));
575 state->reader = NULL;
576 }
577
578 subreq = sock_packet_read_send(
579 state, state->ev, state->sock,
580 state->reader, state->type, state->trn_id,
581 state->validator, state->private_data);
582 if (tevent_req_nomem(subreq, req)) {
583 return;
584 }
585 tevent_req_set_callback(subreq, nb_trans_done, req);
586
587 subreq = sendto_send(state, state->ev, state->sock,
588 state->buf, state->buflen, 0, state->dst_addr);
589 if (tevent_req_nomem(subreq, req)) {
590 return;
591 }
592 tevent_req_set_callback(subreq, nb_trans_sent, req);
593 }
594
595 static void nb_trans_sent(struct tevent_req *subreq)
596 {
597 struct tevent_req *req = tevent_req_callback_data(
598 subreq, struct tevent_req);
599 struct nb_trans_state *state = tevent_req_data(
600 req, struct nb_trans_state);
601 ssize_t sent;
602 int err;
603
604 sent = sendto_recv(subreq, &err);
605 TALLOC_FREE(subreq);
606 if (sent == -1) {
607 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
608 tevent_req_nterror(req, map_nt_error_from_unix(err));
609 return;
610 }
611 subreq = tevent_wakeup_send(state, state->ev,
612 timeval_current_ofs(1, 0));
613 if (tevent_req_nomem(subreq, req)) {
614 return;
615 }
616 tevent_req_set_callback(subreq, nb_trans_send_next, req);
617 }
618
619 static void nb_trans_send_next(struct tevent_req *subreq)
620 {
621 struct tevent_req *req = tevent_req_callback_data(
622 subreq, struct tevent_req);
623 struct nb_trans_state *state = tevent_req_data(
624 req, struct nb_trans_state);
625 bool ret;
626
627 ret = tevent_wakeup_recv(subreq);
628 TALLOC_FREE(subreq);
629 if (!ret) {
630 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
631 return;
632 }
633 subreq = sendto_send(state, state->ev, state->sock,
634 state->buf, state->buflen, 0, state->dst_addr);
635 if (tevent_req_nomem(subreq, req)) {
636 return;
637 }
638 tevent_req_set_callback(subreq, nb_trans_sent, req);
639 }
640
641 static void nb_trans_done(struct tevent_req *subreq)
642 {
643 struct tevent_req *req = tevent_req_callback_data(
644 subreq, struct tevent_req);
645 struct nb_trans_state *state = tevent_req_data(
646 req, struct nb_trans_state);
647 NTSTATUS status;
648
649 status = sock_packet_read_recv(subreq, &state->packet);
650 TALLOC_FREE(subreq);
651 if (tevent_req_nterror(req, status)) {
652 return;
653 }
654 tevent_req_done(req);
655 }
656
657 static NTSTATUS nb_trans_recv(struct tevent_req *req,
658 struct packet_struct **ppacket)
659 {
660 struct nb_trans_state *state = tevent_req_data(
661 req, struct nb_trans_state);
662 NTSTATUS status;
663
664 if (tevent_req_is_nterror(req, &status)) {
665 return status;
666 }
667 *ppacket = state->packet;
668 state->packet = NULL;
669 return NT_STATUS_OK;
670 }
671
672 /****************************************************************************
673 Do a NBT node status query on an open socket and return an array of
674 structures holding the returned names or NULL if the query failed.
675 **************************************************************************/
676
677 struct node_status_query_state {
678 struct sockaddr_storage my_addr;
679 struct sockaddr_storage addr;
680 uint8_t buf[1024];
681 ssize_t buflen;
682 struct packet_struct *packet;
683 };
684
685 static int node_status_query_state_destructor(
686 struct node_status_query_state *s);
687 static bool node_status_query_validator(struct packet_struct *p,
688 void *private_data);
689 static void node_status_query_done(struct tevent_req *subreq);
690
691 struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
692 struct tevent_context *ev,
693 struct nmb_name *name,
694 const struct sockaddr_storage *addr)
695 {
696 struct tevent_req *req, *subreq;
697 struct node_status_query_state *state;
698 struct packet_struct p;
699 struct nmb_packet *nmb = &p.packet.nmb;
700 struct sockaddr_in *in_addr;
701
702 req = tevent_req_create(mem_ctx, &state,
703 struct node_status_query_state);
704 if (req == NULL) {
705 return NULL;
706 }
707 talloc_set_destructor(state, node_status_query_state_destructor);
708
709 if (addr->ss_family != AF_INET) {
710 /* Can't do node status to IPv6 */
711 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
712 return tevent_req_post(req, ev);
713 }
714
715 state->addr = *addr;
716 in_addr = (struct sockaddr_in *)(void *)&state->addr;
717 in_addr->sin_port = htons(NMB_PORT);
718
719 set_socket_addr_v4(&state->my_addr);
720
721 ZERO_STRUCT(p);
722 nmb->header.name_trn_id = generate_trn_id();
723 nmb->header.opcode = 0;
724 nmb->header.response = false;
725 nmb->header.nm_flags.bcast = false;
726 nmb->header.nm_flags.recursion_available = false;
727 nmb->header.nm_flags.recursion_desired = false;
728 nmb->header.nm_flags.trunc = false;
729 nmb->header.nm_flags.authoritative = false;
730 nmb->header.rcode = 0;
731 nmb->header.qdcount = 1;
732 nmb->header.ancount = 0;
733 nmb->header.nscount = 0;
734 nmb->header.arcount = 0;
735 nmb->question.question_name = *name;
736 nmb->question.question_type = 0x21;
737 nmb->question.question_class = 0x1;
738
739 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
740 &p);
741 if (state->buflen == 0) {
742 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
743 DEBUG(10, ("build_packet failed\n"));
744 return tevent_req_post(req, ev);
745 }
746
747 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, false,
748 state->buf, state->buflen,
749 NMB_PACKET, nmb->header.name_trn_id,
750 node_status_query_validator, NULL);
751 if (tevent_req_nomem(subreq, req)) {
752 DEBUG(10, ("nb_trans_send failed\n"));
753 return tevent_req_post(req, ev);
754 }
755 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
756 return tevent_req_post(req, ev);
757 }
758 tevent_req_set_callback(subreq, node_status_query_done, req);
759 return req;
760 }
761
762 static bool node_status_query_validator(struct packet_struct *p,
763 void *private_data)
764 {
765 struct nmb_packet *nmb = &p->packet.nmb;
766 debug_nmb_packet(p);
767
768 if (nmb->header.opcode != 0 ||
769 nmb->header.nm_flags.bcast ||
770 nmb->header.rcode ||
771 !nmb->header.ancount ||
772 nmb->answers->rr_type != 0x21) {
773 /*
774 * XXXX what do we do with this? could be a redirect,
775 * but we'll discard it for the moment
776 */
777 return false;
778 }
779 return true;
780 }
781
782 static int node_status_query_state_destructor(
783 struct node_status_query_state *s)
784 {
785 if (s->packet != NULL) {
786 free_packet(s->packet);
787 s->packet = NULL;
788 }
789 return 0;
790 }
791
792 static void node_status_query_done(struct tevent_req *subreq)
793 {
794 struct tevent_req *req = tevent_req_callback_data(
795 subreq, struct tevent_req);
796 struct node_status_query_state *state = tevent_req_data(
797 req, struct node_status_query_state);
798 NTSTATUS status;
799
800 status = nb_trans_recv(subreq, &state->packet);
801 TALLOC_FREE(subreq);
802 if (tevent_req_nterror(req, status)) {
803 return;
804 }
805 tevent_req_done(req);
806 }
807
808 NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
809 struct node_status **pnode_status,
810 int *pnum_names,
811 struct node_status_extra *extra)
812 {
813 struct node_status_query_state *state = tevent_req_data(
814 req, struct node_status_query_state);
815 struct node_status *node_status;
816 int num_names;
817 NTSTATUS status;
818
819 if (tevent_req_is_nterror(req, &status)) {
820 return status;
821 }
822 node_status = parse_node_status(
823 mem_ctx, &state->packet->packet.nmb.answers->rdata[0],
824 &num_names, extra);
825 if (node_status == NULL) {
826 return NT_STATUS_NO_MEMORY;
827 }
828 *pnode_status = node_status;
829 *pnum_names = num_names;
830 return NT_STATUS_OK;
831 }
832
833 NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
834 const struct sockaddr_storage *addr,
835 struct node_status **pnode_status,
836 int *pnum_names,
837 struct node_status_extra *extra)
838 {
839 TALLOC_CTX *frame = talloc_stackframe();
840 struct tevent_context *ev;
841 struct tevent_req *req;
842 NTSTATUS status = NT_STATUS_NO_MEMORY;
843
844 ev = tevent_context_init(frame);
845 if (ev == NULL) {
846 goto fail;
847 }
848 req = node_status_query_send(ev, ev, name, addr);
849 if (req == NULL) {
850 goto fail;
851 }
852 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
853 goto fail;
854 }
855 status = node_status_query_recv(req, mem_ctx, pnode_status,
856 pnum_names, extra);
857 fail:
858 TALLOC_FREE(frame);
859 return status;
860 }
861
862 /****************************************************************************
863 Find the first type XX name in a node status reply - used for finding
864 a servers name given its IP. Return the matched name in *name.
865 **************************************************************************/
866
867 bool name_status_find(const char *q_name,
868 int q_type,
869 int type,
870 const struct sockaddr_storage *to_ss,
871 fstring name)
872 {
873 char addr[INET6_ADDRSTRLEN];
874 struct sockaddr_storage ss;
875 struct node_status *addrs = NULL;
876 struct nmb_name nname;
877 int count, i;
878 bool result = false;
879 NTSTATUS status;
880
881 if (lp_disable_netbios()) {
882 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
883 q_name, q_type));
884 return False;
885 }
886
887 print_sockaddr(addr, sizeof(addr), to_ss);
888
889 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
890 q_type, addr));
891
892 /* Check the cache first. */
893
894 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
895 return True;
896 }
897
898 if (to_ss->ss_family != AF_INET) {
899 /* Can't do node status to IPv6 */
900 return false;
901 }
902
903 set_socket_addr_v4(&ss);
904
905 /* W2K PDC's seem not to respond to '*'#0. JRA */
906 make_nmb_name(&nname, q_name, q_type);
907 status = node_status_query(talloc_tos(), &nname, to_ss,
908 &addrs, &count, NULL);
909 if (!NT_STATUS_IS_OK(status)) {
910 goto done;
911 }
912
913 for (i=0;i<count;i++) {
914 /* Find first one of the requested type that's not a GROUP. */
915 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
916 break;
917 }
918 if (i == count)
919 goto done;
920
921 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
922
923 /* Store the result in the cache. */
924 /* but don't store an entry for 0x1c names here. Here we have
925 a single host and DOMAIN<0x1c> names should be a list of hosts */
926
927 if ( q_type != 0x1c ) {
928 namecache_status_store(q_name, q_type, type, to_ss, name);
929 }
930
931 result = true;
932
933 done:
934 TALLOC_FREE(addrs);
935
936 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
937
938 if (result)
939 DEBUGADD(10, (", name %s ip address is %s", name, addr));
940
941 DEBUG(10, ("\n"));
942
943 return result;
944 }
945
946 /*
947 comparison function used by sort_addr_list
948 */
949
950 static int addr_compare(const struct sockaddr_storage *ss1,
951 const struct sockaddr_storage *ss2)
952 {
953 int max_bits1=0, max_bits2=0;
954 int num_interfaces = iface_count();
955 int i;
956
957 /* Sort IPv4 addresses first. */
958 if (ss1->ss_family != ss2->ss_family) {
959 if (ss2->ss_family == AF_INET) {
960 return 1;
961 } else {
962 return -1;
963 }
964 }
965
966 /* Here we know both addresses are of the same
967 * family. */
968
969 for (i=0;i<num_interfaces;i++) {
970 const struct sockaddr_storage *pss = iface_n_bcast(i);
971 const unsigned char *p_ss1 = NULL;
972 const unsigned char *p_ss2 = NULL;
973 const unsigned char *p_if = NULL;
974 size_t len = 0;
975 int bits1, bits2;
976
977 if (pss->ss_family != ss1->ss_family) {
978 /* Ignore interfaces of the wrong type. */
979 continue;
980 }
981 if (pss->ss_family == AF_INET) {
982 p_if = (const unsigned char *)
983 &((const struct sockaddr_in *)pss)->sin_addr;
984 p_ss1 = (const unsigned char *)
985 &((const struct sockaddr_in *)ss1)->sin_addr;
986 p_ss2 = (const unsigned char *)
987 &((const struct sockaddr_in *)ss2)->sin_addr;
988 len = 4;
989 }
990 #if defined(HAVE_IPV6)
991 if (pss->ss_family == AF_INET6) {
992 p_if = (const unsigned char *)
993 &((const struct sockaddr_in6 *)pss)->sin6_addr;
994 p_ss1 = (const unsigned char *)
995 &((const struct sockaddr_in6 *)ss1)->sin6_addr;
996 p_ss2 = (const unsigned char *)
997 &((const struct sockaddr_in6 *)ss2)->sin6_addr;
998 len = 16;
999 }
1000 #endif
1001 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
1002 continue;
1003 }
1004 bits1 = matching_len_bits(p_ss1, p_if, len);
1005 bits2 = matching_len_bits(p_ss2, p_if, len);
1006 max_bits1 = MAX(bits1, max_bits1);
1007 max_bits2 = MAX(bits2, max_bits2);
1008 }
1009
1010 /* Bias towards directly reachable IPs */
1011 if (iface_local((const struct sockaddr *)ss1)) {
1012 if (ss1->ss_family == AF_INET) {
1013 max_bits1 += 32;
1014 } else {
1015 max_bits1 += 128;
1016 }
1017 }
1018 if (iface_local((const struct sockaddr *)ss2)) {
1019 if (ss2->ss_family == AF_INET) {
1020 max_bits2 += 32;
1021 } else {
1022 max_bits2 += 128;
1023 }
1024 }
1025 return max_bits2 - max_bits1;
1026 }
1027
1028 /*******************************************************************
1029 compare 2 ldap IPs by nearness to our interfaces - used in qsort
1030 *******************************************************************/
1031
1032 int ip_service_compare(struct ip_service *ss1, struct ip_service *ss2)
1033 {
1034 int result;
1035
1036 if ((result = addr_compare(&ss1->ss, &ss2->ss)) != 0) {
1037 return result;
1038 }
1039
1040 if (ss1->port > ss2->port) {
1041 return 1;
1042 }
1043
1044 if (ss1->port < ss2->port) {
1045 return -1;
1046 }
1047
1048 return 0;
1049 }
1050
1051 /*
1052 sort an IP list so that names that are close to one of our interfaces
1053 are at the top. This prevents the problem where a WINS server returns an IP
1054 that is not reachable from our subnet as the first match
1055 */
1056
1057 static void sort_addr_list(struct sockaddr_storage *sslist, int count)
1058 {
1059 if (count <= 1) {
1060 return;
1061 }
1062
1063 TYPESAFE_QSORT(sslist, count, addr_compare);
1064 }
1065
1066 static void sort_service_list(struct ip_service *servlist, int count)
1067 {
1068 if (count <= 1) {
1069 return;
1070 }
1071
1072 TYPESAFE_QSORT(servlist, count, ip_service_compare);
1073 }
1074
1075 /**********************************************************************
1076 Remove any duplicate address/port pairs in the list
1077 *********************************************************************/
1078
1079 static int remove_duplicate_addrs2(struct ip_service *iplist, int count )
1080 {
1081 int i, j;
1082
1083 DEBUG(10,("remove_duplicate_addrs2: "
1084 "looking for duplicate address/port pairs\n"));
1085
1086 /* one loop to remove duplicates */
1087 for ( i=0; i<count; i++ ) {
1088 if ( is_zero_addr(&iplist[i].ss)) {
1089 continue;
1090 }
1091
1092 for ( j=i+1; j<count; j++ ) {
1093 if (sockaddr_equal((struct sockaddr *)&iplist[i].ss, (struct sockaddr *)&iplist[j].ss) &&
1094 iplist[i].port == iplist[j].port) {
1095 zero_sockaddr(&iplist[j].ss);
1096 }
1097 }
1098 }
1099
1100 /* one loop to clean up any holes we left */
1101 /* first ip should never be a zero_ip() */
1102 for (i = 0; i<count; ) {
1103 if (is_zero_addr(&iplist[i].ss) ) {
1104 if (i != count-1) {
1105 memmove(&iplist[i], &iplist[i+1],
1106 (count - i - 1)*sizeof(iplist[i]));
1107 }
1108 count--;
1109 continue;
1110 }
1111 i++;
1112 }
1113
1114 return count;
1115 }
1116
1117 static bool prioritize_ipv4_list(struct ip_service *iplist, int count)
1118 {
1119 TALLOC_CTX *frame = talloc_stackframe();
1120 struct ip_service *iplist_new = TALLOC_ARRAY(frame, struct ip_service, count);
1121 int i, j;
1122
1123 if (iplist_new == NULL) {
1124 TALLOC_FREE(frame);
1125 return false;
1126 }
1127
1128 j = 0;
1129
1130 /* Copy IPv4 first. */
1131 for (i = 0; i < count; i++) {
1132 if (iplist[i].ss.ss_family == AF_INET) {
1133 iplist_new[j++] = iplist[i];
1134 }
1135 }
1136
1137 /* Copy IPv6. */
1138 for (i = 0; i < count; i++) {
1139 if (iplist[i].ss.ss_family != AF_INET) {
1140 iplist_new[j++] = iplist[i];
1141 }
1142 }
1143
1144 memcpy(iplist, iplist_new, sizeof(struct ip_service)*count);
1145 TALLOC_FREE(frame);
1146 return true;
1147 }
1148
1149 /****************************************************************************
1150 Do a netbios name query to find someones IP.
1151 Returns an array of IP addresses or NULL if none.
1152 *count will be set to the number of addresses returned.
1153 *timed_out is set if we failed by timing out
1154 ****************************************************************************/
1155
1156 struct name_query_state {
1157 struct sockaddr_storage my_addr;
1158 struct sockaddr_storage addr;
1159 bool bcast;
1160
1161
1162 uint8_t buf[1024];
1163 ssize_t buflen;
1164
1165 NTSTATUS validate_error;
1166 uint8_t flags;
1167
1168 struct sockaddr_storage *addrs;
1169 int num_addrs;
1170 };
1171
1172 static bool name_query_validator(struct packet_struct *p, void *private_data);
1173 static void name_query_done(struct tevent_req *subreq);
1174
1175 struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1176 struct tevent_context *ev,
1177 const char *name, int name_type,
1178 bool bcast, bool recurse,
1179 const struct sockaddr_storage *addr)
1180 {
1181 struct tevent_req *req, *subreq;
1182 struct name_query_state *state;
1183 struct packet_struct p;
1184 struct nmb_packet *nmb = &p.packet.nmb;
1185 struct sockaddr_in *in_addr;
1186
1187 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1188 if (req == NULL) {
1189 return NULL;
1190 }
1191 state->bcast = bcast;
1192
1193 if (addr->ss_family != AF_INET) {
1194 /* Can't do node status to IPv6 */
1195 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1196 return tevent_req_post(req, ev);
1197 }
1198
1199 if (lp_disable_netbios()) {
1200 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1201 name, name_type));
1202 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1203 return tevent_req_post(req, ev);
1204 }
1205
1206 state->addr = *addr;
1207 in_addr = (struct sockaddr_in *)(void *)&state->addr;
1208 in_addr->sin_port = htons(NMB_PORT);
1209
1210 set_socket_addr_v4(&state->my_addr);
1211
1212 ZERO_STRUCT(p);
1213 nmb->header.name_trn_id = generate_trn_id();
1214 nmb->header.opcode = 0;
1215 nmb->header.response = false;
1216 nmb->header.nm_flags.bcast = bcast;
1217 nmb->header.nm_flags.recursion_available = false;
1218 nmb->header.nm_flags.recursion_desired = recurse;
1219 nmb->header.nm_flags.trunc = false;
1220 nmb->header.nm_flags.authoritative = false;
1221 nmb->header.rcode = 0;
1222 nmb->header.qdcount = 1;
1223 nmb->header.ancount = 0;
1224 nmb->header.nscount = 0;
1225 nmb->header.arcount = 0;
1226
1227 make_nmb_name(&nmb->question.question_name,name,name_type);
1228
1229 nmb->question.question_type = 0x20;
1230 nmb->question.question_class = 0x1;
1231
1232 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1233 &p);
1234 if (state->buflen == 0) {
1235 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1236 DEBUG(10, ("build_packet failed\n"));
1237 return tevent_req_post(req, ev);
1238 }
1239
1240 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, bcast,
1241 state->buf, state->buflen,
1242 NMB_PACKET, nmb->header.name_trn_id,
1243 name_query_validator, state);
1244 if (tevent_req_nomem(subreq, req)) {
1245 DEBUG(10, ("nb_trans_send failed\n"));
1246 return tevent_req_post(req, ev);
1247 }
1248 tevent_req_set_callback(subreq, name_query_done, req);
1249 return req;
1250 }
1251
1252 static bool name_query_validator(struct packet_struct *p, void *private_data)
1253 {
1254 struct name_query_state *state = talloc_get_type_abort(
1255 private_data, struct name_query_state);
1256 struct nmb_packet *nmb = &p->packet.nmb;
1257 struct sockaddr_storage *tmp_addrs;
1258 bool got_unique_netbios_name = false;
1259 int i;
1260
1261 debug_nmb_packet(p);
1262
1263 /*
1264 * If we get a Negative Name Query Response from a WINS
1265 * server, we should report it and give up.
1266 */
1267 if( 0 == nmb->header.opcode /* A query response */
1268 && !state->bcast /* from a WINS server */
1269 && nmb->header.rcode /* Error returned */
1270 ) {
1271
1272 if( DEBUGLVL( 3 ) ) {
1273 /* Only executed if DEBUGLEVEL >= 3 */
1274 dbgtext( "Negative name query "
1275 "response, rcode 0x%02x: ",
1276 nmb->header.rcode );
1277 switch( nmb->header.rcode ) {
1278 case 0x01:
1279 dbgtext("Request was invalidly formatted.\n");
1280 break;
1281 case 0x02:
1282 dbgtext("Problem with NBNS, cannot process "
1283 "name.\n");
1284 break;
1285 case 0x03:
1286 dbgtext("The name requested does not "
1287 "exist.\n");
1288 break;
1289 case 0x04:
1290 dbgtext("Unsupported request error.\n");
1291 break;
1292 case 0x05:
1293 dbgtext("Query refused error.\n");
1294 break;
1295 default:
1296 dbgtext("Unrecognized error code.\n" );
1297 break;
1298 }
1299 }
1300
1301 /*
1302 * We accept this packet as valid, but tell the upper
1303 * layers that it's a negative response.
1304 */
1305 state->validate_error = NT_STATUS_NOT_FOUND;
1306 return true;
1307 }
1308
1309 if (nmb->header.opcode != 0 ||
1310 nmb->header.nm_flags.bcast ||
1311 nmb->header.rcode ||
1312 !nmb->header.ancount) {
1313 /*
1314 * XXXX what do we do with this? Could be a redirect,
1315 * but we'll discard it for the moment.
1316 */
1317 return false;
1318 }
1319
1320 tmp_addrs = TALLOC_REALLOC_ARRAY(
1321 state, state->addrs, struct sockaddr_storage,
1322 state->num_addrs + nmb->answers->rdlength/6);
1323 if (tmp_addrs == NULL) {
1324 state->validate_error = NT_STATUS_NO_MEMORY;
1325 return true;
1326 }
1327 state->addrs = tmp_addrs;
1328
1329 DEBUG(2,("Got a positive name query response "
1330 "from %s ( ", inet_ntoa(p->ip)));
1331
1332 for (i=0; i<nmb->answers->rdlength/6; i++) {
1333 uint16_t flags;
1334 struct in_addr ip;
1335 struct sockaddr_storage addr;
1336 int j;
1337
1338 flags = RSVAL(&nmb->answers->rdata[i*6], 0);
1339 got_unique_netbios_name |= ((flags & 0x8000) == 0);
1340
1341 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1342 in_addr_to_sockaddr_storage(&addr, ip);
1343
1344 for (j=0; j<state->num_addrs; j++) {
1345 if (sockaddr_equal(
1346 (struct sockaddr *)&addr,
1347 (struct sockaddr *)&state->addrs[j])) {
1348 break;
1349 }
1350 }
1351 if (j < state->num_addrs) {
1352 /* Already got it */
1353 continue;
1354 }
1355
1356 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1357
1358 state->addrs[state->num_addrs] = addr;
1359 state->num_addrs += 1;
1360 }
1361 DEBUGADD(2,(")\n"));
1362
1363 /* We add the flags back ... */
1364 if (nmb->header.response)
1365 state->flags |= NM_FLAGS_RS;
1366 if (nmb->header.nm_flags.authoritative)
1367 state->flags |= NM_FLAGS_AA;
1368 if (nmb->header.nm_flags.trunc)
1369 state->flags |= NM_FLAGS_TC;
1370 if (nmb->header.nm_flags.recursion_desired)
1371 state->flags |= NM_FLAGS_RD;
1372 if (nmb->header.nm_flags.recursion_available)
1373 state->flags |= NM_FLAGS_RA;
1374 if (nmb->header.nm_flags.bcast)
1375 state->flags |= NM_FLAGS_B;
1376
1377 if (state->bcast) {
1378 /*
1379 * We have to collect all entries coming in from broadcast
1380 * queries. If we got a unique name, we're done.
1381 */
1382 return got_unique_netbios_name;
1383 }
1384 /*
1385 * WINS responses are accepted when they are received
1386 */
1387 return true;
1388 }
1389
1390 static void name_query_done(struct tevent_req *subreq)
1391 {
1392 struct tevent_req *req = tevent_req_callback_data(
1393 subreq, struct tevent_req);
1394 struct name_query_state *state = tevent_req_data(
1395 req, struct name_query_state);
1396 NTSTATUS status;
1397 struct packet_struct *p = NULL;
1398
1399 status = nb_trans_recv(subreq, &p);
1400 TALLOC_FREE(subreq);
1401 if (tevent_req_nterror(req, status)) {
1402 return;
1403 }
1404 if (!NT_STATUS_IS_OK(state->validate_error)) {
1405 tevent_req_nterror(req, state->validate_error);
1406 return;
1407 }
1408 if (p != NULL) {
1409 /*
1410 * Free the packet here, we've collected the response in the
1411 * validator
1412 */
1413 free_packet(p);
1414 }
1415 tevent_req_done(req);
1416 }
1417
1418 NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1419 struct sockaddr_storage **addrs, int *num_addrs,
1420 uint8_t *flags)
1421 {
1422 struct name_query_state *state = tevent_req_data(
1423 req, struct name_query_state);
1424 NTSTATUS status;
1425
1426 if (tevent_req_is_nterror(req, &status)
1427 && !NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1428 return status;
1429 }
1430 if (state->num_addrs == 0) {
1431 return NT_STATUS_NOT_FOUND;
1432 }
1433 *addrs = talloc_move(mem_ctx, &state->addrs);
1434 sort_addr_list(*addrs, state->num_addrs);
1435 *num_addrs = state->num_addrs;
1436 if (flags != NULL) {
1437 *flags = state->flags;
1438 }
1439 return NT_STATUS_OK;
1440 }
1441
1442 NTSTATUS name_query(const char *name, int name_type,
1443 bool bcast, bool recurse,
1444 const struct sockaddr_storage *to_ss,
1445 TALLOC_CTX *mem_ctx,
1446 struct sockaddr_storage **addrs,
1447 int *num_addrs, uint8_t *flags)
1448 {
1449 TALLOC_CTX *frame = talloc_stackframe();
1450 struct tevent_context *ev;
1451 struct tevent_req *req;
1452 struct timeval timeout;
1453 NTSTATUS status = NT_STATUS_NO_MEMORY;
1454
1455 ev = tevent_context_init(frame);
1456 if (ev == NULL) {
1457 goto fail;
1458 }
1459 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1460 if (req == NULL) {
1461 goto fail;
1462 }
1463 if (bcast) {
1464 timeout = timeval_current_ofs(0, 250000);
1465 } else {
1466 timeout = timeval_current_ofs(2, 0);
1467 }
1468 if (!tevent_req_set_endtime(req, ev, timeout)) {
1469 goto fail;
1470 }
1471 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1472 goto fail;
1473 }
1474 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1475 fail:
1476 TALLOC_FREE(frame);
1477 return status;
1478 }
1479
1480 /********************************************************
1481 convert an array if struct sockaddr_storage to struct ip_service
1482 return false on failure. Port is set to PORT_NONE;
1483 *********************************************************/
1484
1485 static bool convert_ss2service(struct ip_service **return_iplist,
1486 const struct sockaddr_storage *ss_list,
1487 int count)
1488 {
1489 int i;
1490
1491 if ( count==0 || !ss_list )
1492 return False;
1493
1494 /* copy the ip address; port will be PORT_NONE */
1495 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, count)) ==
1496 NULL) {
1497 DEBUG(0,("convert_ip2service: malloc failed "
1498 "for %d enetries!\n", count ));
1499 return False;
1500 }
1501
1502 for ( i=0; i<count; i++ ) {
1503 (*return_iplist)[i].ss = ss_list[i];
1504 (*return_iplist)[i].port = PORT_NONE;
1505 }
1506
1507 return true;
1508 }
1509
1510 /********************************************************
1511 Resolve via "bcast" method.
1512 *********************************************************/
1513
1514 NTSTATUS name_resolve_bcast(const char *name,
1515 int name_type,
1516 TALLOC_CTX *mem_ctx,
1517 struct sockaddr_storage **return_iplist,
1518 int *return_count)
1519 {
1520 int i;
1521 int num_interfaces = iface_count();
1522 struct sockaddr_storage *ss_list;
1523 NTSTATUS status = NT_STATUS_NOT_FOUND;
1524
1525 if (lp_disable_netbios()) {
1526 DEBUG(5,("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1527 name, name_type));
1528 return NT_STATUS_INVALID_PARAMETER;
1529 }
1530
1531 *return_iplist = NULL;
1532 *return_count = 0;
1533
1534 /*
1535 * "bcast" means do a broadcast lookup on all the local interfaces.
1536 */
1537
1538 DEBUG(3,("name_resolve_bcast: Attempting broadcast lookup "
1539 "for name %s<0x%x>\n", name, name_type));
1540
1541 /*
1542 * Lookup the name on all the interfaces, return on
1543 * the first successful match.
1544 */
1545 for( i = num_interfaces-1; i >= 0; i--) {
1546 const struct sockaddr_storage *pss = iface_n_bcast(i);
1547
1548 /* Done this way to fix compiler error on IRIX 5.x */
1549 if (!pss) {
1550 continue;
1551 }
1552 status = name_query(name, name_type, true, true, pss,
1553 talloc_tos(), &ss_list, return_count,
1554 NULL);
1555 if (NT_STATUS_IS_OK(status)) {
1556 goto success;
1557 }
1558 }
1559
1560 /* failed - no response */
1561
1562 return status;
1563
1564 success:
1565 *return_iplist = ss_list;
1566 return status;
1567 }
1568
1569 /********************************************************
1570 Resolve via "wins" method.
1571 *********************************************************/
1572
1573 NTSTATUS resolve_wins(const char *name,
1574 int name_type,
1575 struct ip_service **return_iplist,
1576 int *return_count)
1577 {
1578 int t, i;
1579 char **wins_tags;
1580 struct sockaddr_storage src_ss, *ss_list = NULL;
1581 struct in_addr src_ip;
1582 NTSTATUS status;
1583
1584 if (lp_disable_netbios()) {
1585 DEBUG(5,("resolve_wins(%s#%02x): netbios is disabled\n",
1586 name, name_type));
1587 return NT_STATUS_INVALID_PARAMETER;
1588 }
1589
1590 *return_iplist = NULL;
1591 *return_count = 0;
1592
1593 DEBUG(3,("resolve_wins: Attempting wins lookup for name %s<0x%x>\n",
1594 name, name_type));
1595
1596 if (wins_srv_count() < 1) {
1597 DEBUG(3,("resolve_wins: WINS server resolution selected "
1598 "and no WINS servers listed.\n"));
1599 return NT_STATUS_INVALID_PARAMETER;
1600 }
1601
1602 /* we try a lookup on each of the WINS tags in turn */
1603 wins_tags = wins_srv_tags();
1604
1605 if (!wins_tags) {
1606 /* huh? no tags?? give up in disgust */
1607 return NT_STATUS_INVALID_PARAMETER;
1608 }
1609
1610 /* the address we will be sending from */
1611 if (!interpret_string_addr(&src_ss, lp_socket_address(),
1612 AI_NUMERICHOST|AI_PASSIVE)) {
1613 zero_sockaddr(&src_ss);
1614 }
1615
1616 if (src_ss.ss_family != AF_INET) {
1617 char addr[INET6_ADDRSTRLEN];
1618 print_sockaddr(addr, sizeof(addr), &src_ss);
1619 DEBUG(3,("resolve_wins: cannot receive WINS replies "
1620 "on IPv6 address %s\n",
1621 addr));
1622 wins_srv_tags_free(wins_tags);
1623 return NT_STATUS_INVALID_PARAMETER;
1624 }
1625
1626 src_ip = ((struct sockaddr_in *)&src_ss)->sin_addr;
1627
1628 /* in the worst case we will try every wins server with every
1629 tag! */
1630 for (t=0; wins_tags && wins_tags[t]; t++) {
1631 int srv_count = wins_srv_count_tag(wins_tags[t]);
1632 for (i=0; i<srv_count; i++) {
1633 struct sockaddr_storage wins_ss;
1634 struct in_addr wins_ip;
1635
1636 wins_ip = wins_srv_ip_tag(wins_tags[t], src_ip);
1637
1638 if (global_in_nmbd && ismyip_v4(wins_ip)) {
1639 /* yikes! we'll loop forever */
1640 continue;
1641 }
1642
1643 /* skip any that have been unresponsive lately */
1644 if (wins_srv_is_dead(wins_ip, src_ip)) {
1645 continue;
1646 }
1647
1648 DEBUG(3,("resolve_wins: using WINS server %s "
1649 "and tag '%s'\n",
1650 inet_ntoa(wins_ip), wins_tags[t]));
1651
1652 in_addr_to_sockaddr_storage(&wins_ss, wins_ip);
1653 status = name_query(name,
1654 name_type,
1655 false,
1656 true,
1657 &wins_ss,
1658 talloc_tos(),
1659 &ss_list,
1660 return_count,
1661 NULL);
1662
1663 /* exit loop if we got a list of addresses */
1664
1665 if (NT_STATUS_IS_OK(status)) {
1666 goto success;
1667 }
1668
1669 if (NT_STATUS_EQUAL(status,
1670 NT_STATUS_IO_TIMEOUT)) {
1671 /* Timed out waiting for WINS server to
1672 * respond.
1673 * Mark it dead. */
1674 wins_srv_died(wins_ip, src_ip);
1675 } else {
1676 /* The name definitely isn't in this
1677 group of WINS servers.
1678 goto the next group */
1679 break;
1680 }
1681 }
1682 }
1683
1684 wins_srv_tags_free(wins_tags);
1685 return NT_STATUS_NO_LOGON_SERVERS;
1686
1687 success:
1688
1689 status = NT_STATUS_OK;
1690 if (!convert_ss2service(return_iplist, ss_list, *return_count))
1691 status = NT_STATUS_INVALID_PARAMETER;
1692
1693 TALLOC_FREE(ss_list);
1694 wins_srv_tags_free(wins_tags);
1695
1696 return status;
1697 }
1698
1699 /********************************************************
1700 Resolve via "lmhosts" method.
1701 *********************************************************/
1702
1703 static NTSTATUS resolve_lmhosts(const char *name, int name_type,
1704 struct ip_service **return_iplist,
1705 int *return_count)
1706 {
1707 /*
1708 * "lmhosts" means parse the local lmhosts file.
1709 */
1710 struct sockaddr_storage *ss_list;
1711 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1712 TALLOC_CTX *ctx = NULL;
1713
1714 *return_iplist = NULL;
1715 *return_count = 0;
1716
1717 DEBUG(3,("resolve_lmhosts: "
1718 "Attempting lmhosts lookup for name %s<0x%x>\n",
1719 name, name_type));
1720
1721 ctx = talloc_init("resolve_lmhosts");
1722 if (!ctx) {
1723 return NT_STATUS_NO_MEMORY;
1724 }
1725
1726 status = resolve_lmhosts_file_as_sockaddr(get_dyn_LMHOSTSFILE(),
1727 name, name_type,
1728 ctx,
1729 &ss_list,
1730 return_count);
1731 if (NT_STATUS_IS_OK(status)) {
1732 if (convert_ss2service(return_iplist,
1733 ss_list,
1734 *return_count)) {
1735 talloc_free(ctx);
1736 return NT_STATUS_OK;
1737 } else {
1738 talloc_free(ctx);
1739 return NT_STATUS_NO_MEMORY;
1740 }
1741 }
1742 talloc_free(ctx);
1743 return status;
1744 }
1745
1746
1747 /********************************************************
1748 Resolve via "hosts" method.
1749 *********************************************************/
1750
1751 static NTSTATUS resolve_hosts(const char *name, int name_type,
1752 struct ip_service **return_iplist,
1753 int *return_count)
1754 {
1755 /*
1756 * "host" means do a localhost, or dns lookup.
1757 */
1758 struct addrinfo hints;
1759 struct addrinfo *ailist = NULL;
1760 struct addrinfo *res = NULL;
1761 int ret = -1;
1762 int i = 0;
1763 const char *dns_hosts_file;
1764
1765 if ( name_type != 0x20 && name_type != 0x0) {
1766 DEBUG(5, ("resolve_hosts: not appropriate "
1767 "for name type <0x%x>\n",
1768 name_type));
1769 return NT_STATUS_INVALID_PARAMETER;
1770 }
1771
1772 *return_iplist = NULL;
1773 *return_count = 0;
1774
1775 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
1776 name, name_type));
1777
1778 ZERO_STRUCT(hints);
1779 /* By default make sure it supports TCP. */
1780 hints.ai_socktype = SOCK_STREAM;
1781 hints.ai_flags = AI_ADDRCONFIG;
1782
1783 #if !defined(HAVE_IPV6)
1784 /* Unless we have IPv6, we really only want IPv4 addresses back. */
1785 hints.ai_family = AF_INET;
1786 #endif
1787
1788 dns_hosts_file = lp_parm_const_string(-1, "resolv", "host file", NULL);
1789 if (dns_hosts_file) {
1790 struct sockaddr_storage *ss_list;
1791 NTSTATUS status;
1792 TALLOC_CTX *ctx = talloc_stackframe();
1793 if (!ctx) {
1794 return NT_STATUS_NO_MEMORY;
1795 }
1796
1797 status = resolve_dns_hosts_file_as_sockaddr(dns_hosts_file, name, false,
1798 ctx, &ss_list, return_count);
1799 if (NT_STATUS_IS_OK(status)) {
1800 if (convert_ss2service(return_iplist,
1801 ss_list,
1802 *return_count)) {
1803 talloc_free(ctx);
1804 return NT_STATUS_OK;
1805 } else {
1806 talloc_free(ctx);
1807 return NT_STATUS_NO_MEMORY;
1808 }
1809 }
1810 talloc_free(ctx);
1811 return NT_STATUS_UNSUCCESSFUL;
1812 }
1813
1814 ret = getaddrinfo(name,
1815 NULL,
1816 &hints,
1817 &ailist);
1818 if (ret) {
1819 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
1820 name,
1821 gai_strerror(ret) ));
1822 }
1823
1824 for (res = ailist; res; res = res->ai_next) {
1825 struct sockaddr_storage ss;
1826
1827 if (!res->ai_addr || res->ai_addrlen == 0) {
1828 continue;
1829 }
1830
1831 ZERO_STRUCT(ss);
1832 memcpy(&ss, res->ai_addr, res->ai_addrlen);
1833
1834 *return_count += 1;
1835
1836 *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
1837 struct ip_service,
1838 *return_count);
1839 if (!*return_iplist) {
1840 DEBUG(3,("resolve_hosts: malloc fail !\n"));
1841 freeaddrinfo(ailist);
1842 return NT_STATUS_NO_MEMORY;
1843 }
1844 (*return_iplist)[i].ss = ss;
1845 (*return_iplist)[i].port = PORT_NONE;
1846 i++;
1847 }
1848 if (ailist) {
1849 freeaddrinfo(ailist);
1850 }
1851 if (*return_count) {
1852 return NT_STATUS_OK;
1853 }
1854 return NT_STATUS_UNSUCCESSFUL;
1855 }
1856
1857 /********************************************************
1858 Resolve via "ADS" method.
1859 *********************************************************/
1860
1861 /* Special name type used to cause a _kerberos DNS lookup. */
1862 #define KDC_NAME_TYPE 0xDCDC
1863
1864 static NTSTATUS resolve_ads(const char *name,
1865 int name_type,
1866 const char *sitename,
1867 struct ip_service **return_iplist,
1868 int *return_count)
1869 {
1870 int i, j;
1871 NTSTATUS status;
1872 TALLOC_CTX *ctx;
1873 struct dns_rr_srv *dcs = NULL;
1874 int numdcs = 0;
1875 int numaddrs = 0;
1876
1877 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
1878 (name_type != 0x1b)) {
1879 return NT_STATUS_INVALID_PARAMETER;
1880 }
1881
1882 if ( (ctx = talloc_init("resolve_ads")) == NULL ) {
1883 DEBUG(0,("resolve_ads: talloc_init() failed!\n"));
1884 return NT_STATUS_NO_MEMORY;
1885 }
1886
1887 /* The DNS code needs fixing to find IPv6 addresses... JRA. */
1888
1889 switch (name_type) {
1890 case 0x1b:
1891 DEBUG(5,("resolve_ads: Attempting to resolve "
1892 "PDC for %s using DNS\n", name));
1893 status = ads_dns_query_pdc(ctx, name, &dcs, &numdcs);
1894 break;
1895
1896 case 0x1c:
1897 DEBUG(5,("resolve_ads: Attempting to resolve "
1898 "DCs for %s using DNS\n", name));
1899 status = ads_dns_query_dcs(ctx, name, sitename, &dcs,
1900 &numdcs);
1901 break;
1902 case KDC_NAME_TYPE:
1903 DEBUG(5,("resolve_ads: Attempting to resolve "
1904 "KDCs for %s using DNS\n", name));
1905 status = ads_dns_query_kdcs(ctx, name, sitename, &dcs,
1906 &numdcs);
1907 break;
1908 default:
1909 status = NT_STATUS_INVALID_PARAMETER;
1910 break;
1911 }
1912
1913 if ( !NT_STATUS_IS_OK( status ) ) {
1914 talloc_destroy(ctx);
1915 return status;
1916 }
1917
1918 for (i=0;i<numdcs;i++) {
1919 numaddrs += MAX(dcs[i].num_ips,1);
1920 }
1921
1922 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, numaddrs)) ==
1923 NULL ) {
1924 DEBUG(0,("resolve_ads: malloc failed for %d entries\n",
1925 numaddrs ));
1926 talloc_destroy(ctx);
1927 return NT_STATUS_NO_MEMORY;
1928 }
1929
1930 /* now unroll the list of IP addresses */
1931
1932 *return_count = 0;
1933 i = 0;
1934 j = 0;
1935 while ( i < numdcs && (*return_count<numaddrs) ) {
1936 struct ip_service *r = &(*return_iplist)[*return_count];
1937
1938 r->port = dcs[i].port;
1939
1940 /* If we don't have an IP list for a name, lookup it up */
1941
1942 if (!dcs[i].ss_s) {
1943 interpret_string_addr(&r->ss, dcs[i].hostname, 0);
1944 i++;
1945 j = 0;
1946 } else {
1947 /* use the IP addresses from the SRV sresponse */
1948
1949 if ( j >= dcs[i].num_ips ) {
1950 i++;
1951 j = 0;
1952 continue;
1953 }
1954
1955 r->ss = dcs[i].ss_s[j];
1956 j++;
1957 }
1958
1959 /* make sure it is a valid IP. I considered checking the
1960 * negative connection cache, but this is the wrong place
1961 * for it. Maybe only as a hack. After think about it, if
1962 * all of the IP addresses returned from DNS are dead, what
1963 * hope does a netbios name lookup have ? The standard reason
1964 * for falling back to netbios lookups is that our DNS server
1965 * doesn't know anything about the DC's -- jerry */
1966
1967 if (!is_zero_addr(&r->ss)) {
1968 (*return_count)++;
1969 }
1970 }
1971
1972 talloc_destroy(ctx);
1973 return NT_STATUS_OK;
1974 }
1975
1976 /*******************************************************************
1977 Internal interface to resolve a name into an IP address.
1978 Use this function if the string is either an IP address, DNS
1979 or host name or NetBIOS name. This uses the name switch in the
1980 smb.conf to determine the order of name resolution.
1981
1982 Added support for ip addr/port to support ADS ldap servers.
1983 the only place we currently care about the port is in the
1984 resolve_hosts() when looking up DC's via SRV RR entries in DNS
1985 **********************************************************************/
1986
1987 NTSTATUS internal_resolve_name(const char *name,
1988 int name_type,
1989 const char *sitename,
1990 struct ip_service **return_iplist,
1991 int *return_count,
1992 const char *resolve_order)
1993 {
1994 char *tok;
1995 const char *ptr;
1996 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
1997 int i;
1998 TALLOC_CTX *frame = NULL;
1999
2000 *return_iplist = NULL;
2001 *return_count = 0;
2002
2003 DEBUG(10, ("internal_resolve_name: looking up %s#%x (sitename %s)\n",
2004 name, name_type, sitename ? sitename : "(null)"));
2005
2006 if (is_ipaddress(name)) {
2007 if ((*return_iplist = SMB_MALLOC_P(struct ip_service)) ==
2008 NULL) {
2009 DEBUG(0,("internal_resolve_name: malloc fail !\n"));
2010 return NT_STATUS_NO_MEMORY;
2011 }
2012
2013 /* ignore the port here */
2014 (*return_iplist)->port = PORT_NONE;
2015
2016 /* if it's in the form of an IP address then get the lib to interpret it */
2017 if (!interpret_string_addr(&(*return_iplist)->ss,
2018 name, AI_NUMERICHOST)) {
2019 DEBUG(1,("internal_resolve_name: interpret_string_addr "
2020 "failed on %s\n",
2021 name));
2022 SAFE_FREE(*return_iplist);
2023 return NT_STATUS_INVALID_PARAMETER;
2024 }
2025 *return_count = 1;
2026 return NT_STATUS_OK;
2027 }
2028
2029 /* Check name cache */
2030
2031 if (namecache_fetch(name, name_type, return_iplist, return_count)) {
2032 /* This could be a negative response */
2033 if (*return_count > 0) {
2034 return NT_STATUS_OK;
2035 } else {
2036 return NT_STATUS_UNSUCCESSFUL;
2037 }
2038 }
2039
2040 /* set the name resolution order */
2041
2042 if (strcmp( resolve_order, "NULL") == 0) {
2043 DEBUG(8,("internal_resolve_name: all lookups disabled\n"));
2044 return NT_STATUS_INVALID_PARAMETER;
2045 }
2046
2047 if (!resolve_order[0]) {
2048 ptr = "host";
2049 } else {
2050 ptr = resolve_order;
2051 }
2052
2053 /* iterate through the name resolution backends */
2054
2055 frame = talloc_stackframe();
2056 while (next_token_talloc(frame, &ptr, &tok, LIST_SEP)) {
2057 if((strequal(tok, "host") || strequal(tok, "hosts"))) {
2058 status = resolve_hosts(name, name_type, return_iplist,
2059 return_count);
2060 if (NT_STATUS_IS_OK(status)) {
2061 goto done;
2062 }
2063 } else if(strequal( tok, "kdc")) {
2064 /* deal with KDC_NAME_TYPE names here.
2065 * This will result in a SRV record lookup */
2066 status = resolve_ads(name, KDC_NAME_TYPE, sitename,
2067 return_iplist, return_count);
2068 if (NT_STATUS_IS_OK(status)) {
2069 /* Ensure we don't namecache
2070 * this with the KDC port. */
2071 name_type = KDC_NAME_TYPE;
2072 goto done;
2073 }
2074 } else if(strequal( tok, "ads")) {
2075 /* deal with 0x1c and 0x1b names here.
2076 * This will result in a SRV record lookup */
2077 status = resolve_ads(name, name_type, sitename,
2078 return_iplist, return_count);
2079 if (NT_STATUS_IS_OK(status)) {
2080 goto done;
2081 }
2082 } else if(strequal( tok, "lmhosts")) {
2083 status = resolve_lmhosts(name, name_type,
2084 return_iplist, return_count);
2085 if (NT_STATUS_IS_OK(status)) {
2086 goto done;
2087 }
2088 } else if(strequal( tok, "wins")) {
2089 /* don't resolve 1D via WINS */
2090 if (name_type != 0x1D) {
2091 status = resolve_wins(name, name_type,
2092 return_iplist,
2093 return_count);
2094 if (NT_STATUS_IS_OK(status)) {
2095 goto done;
2096 }
2097 }
2098 } else if(strequal( tok, "bcast")) {
2099 struct sockaddr_storage *ss_list;
2100 status = name_resolve_bcast(
2101 name, name_type, talloc_tos(),
2102 &ss_list, return_count);
2103 if (NT_STATUS_IS_OK(status)) {
2104 if (!convert_ss2service(return_iplist,
2105 ss_list,
2106 *return_count)) {
2107 status = NT_STATUS_NO_MEMORY;
2108 }
2109 goto done;
2110 }
2111 } else {
2112 DEBUG(0,("resolve_name: unknown name switch type %s\n",
2113 tok));
2114 }
2115 }
2116
2117 /* All of the resolve_* functions above have returned false. */
2118
2119 TALLOC_FREE(frame);
2120 SAFE_FREE(*return_iplist);
2121 *return_count = 0;
2122
2123 return NT_STATUS_UNSUCCESSFUL;
2124
2125 done:
2126
2127 /* Remove duplicate entries. Some queries, notably #1c (domain
2128 controllers) return the PDC in iplist[0] and then all domain
2129 controllers including the PDC in iplist[1..n]. Iterating over
2130 the iplist when the PDC is down will cause two sets of timeouts. */
2131
2132 if ( *return_count ) {
2133 *return_count = remove_duplicate_addrs2(*return_iplist,
2134 *return_count );
2135 }
2136
2137 /* Save in name cache */
2138 if ( DEBUGLEVEL >= 100 ) {
2139 for (i = 0; i < *return_count && DEBUGLEVEL == 100; i++) {
2140 char addr[INET6_ADDRSTRLEN];
2141 print_sockaddr(addr, sizeof(addr),
2142 &(*return_iplist)[i].ss);
2143 DEBUG(100, ("Storing name %s of type %d (%s:%d)\n",
2144 name,
2145 name_type,
2146 addr,
2147 (*return_iplist)[i].port));
2148 }
2149 }
2150
2151 namecache_store(name, name_type, *return_count, *return_iplist);
2152
2153 /* Display some debugging info */
2154
2155 if ( DEBUGLEVEL >= 10 ) {
2156 DEBUG(10, ("internal_resolve_name: returning %d addresses: ",
2157 *return_count));
2158
2159 for (i = 0; i < *return_count; i++) {
2160 char addr[INET6_ADDRSTRLEN];
2161 print_sockaddr(addr, sizeof(addr),
2162 &(*return_iplist)[i].ss);
2163 DEBUGADD(10, ("%s:%d ",
2164 addr,
2165 (*return_iplist)[i].port));
2166 }
2167 DEBUG(10, ("\n"));
2168 }
2169
2170 TALLOC_FREE(frame);
2171 return status;
2172 }
2173
2174 /********************************************************
2175 Internal interface to resolve a name into one IP address.
2176 Use this function if the string is either an IP address, DNS
2177 or host name or NetBIOS name. This uses the name switch in the
2178 smb.conf to determine the order of name resolution.
2179 *********************************************************/
2180
2181 bool resolve_name(const char *name,
2182 struct sockaddr_storage *return_ss,
2183 int name_type,
2184 bool prefer_ipv4)
2185 {
2186 struct ip_service *ss_list = NULL;
2187 char *sitename = NULL;
2188 int count = 0;
2189
2190 if (is_ipaddress(name)) {
2191 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2192 }
2193
2194 sitename = sitename_fetch(lp_realm()); /* wild guess */
2195
2196 if (NT_STATUS_IS_OK(internal_resolve_name(name, name_type, sitename,
2197 &ss_list, &count,
2198 lp_name_resolve_order()))) {
2199 int i;
2200
2201 if (prefer_ipv4) {
2202 for (i=0; i<count; i++) {
2203 if (!is_zero_addr(&ss_list[i].ss) &&
2204 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss) &&
2205 (ss_list[i].ss.ss_family == AF_INET)) {
2206 *return_ss = ss_list[i].ss;
2207 SAFE_FREE(ss_list);
2208 SAFE_FREE(sitename);
2209 return True;
2210 }
2211 }
2212 }
2213
2214 /* only return valid addresses for TCP connections */
2215 for (i=0; i<count; i++) {
2216 if (!is_zero_addr(&ss_list[i].ss) &&
2217 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2218 *return_ss = ss_list[i].ss;
2219 SAFE_FREE(ss_list);
2220 SAFE_FREE(sitename);
2221 return True;
2222 }
2223 }
2224 }
2225
2226 SAFE_FREE(ss_list);
2227 SAFE_FREE(sitename);
2228 return False;
2229 }
2230
2231 /********************************************************
2232 Internal interface to resolve a name into a list of IP addresses.
2233 Use this function if the string is either an IP address, DNS
2234 or host name or NetBIOS name. This uses the name switch in the
2235 smb.conf to determine the order of name resolution.
2236 *********************************************************/
2237
2238 NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
2239 const char *name,
2240 int name_type,
2241 struct sockaddr_storage **return_ss_arr,
2242 unsigned int *p_num_entries)
2243 {
2244 struct ip_service *ss_list = NULL;
2245 char *sitename = NULL;
2246 int count = 0;
2247 int i;
2248 unsigned int num_entries;
2249 NTSTATUS status;
2250
2251 *p_num_entries = 0;
2252 *return_ss_arr = NULL;
2253
2254 if (is_ipaddress(name)) {
2255 *return_ss_arr = TALLOC_P(ctx, struct sockaddr_storage);
2256 if (!*return_ss_arr) {
2257 return NT_STATUS_NO_MEMORY;
2258 }
2259 if (!interpret_string_addr(*return_ss_arr, name, AI_NUMERICHOST)) {
2260 TALLOC_FREE(*return_ss_arr);
2261 return NT_STATUS_BAD_NETWORK_NAME;
2262 }
2263 *p_num_entries = 1;
2264 return NT_STATUS_OK;
2265 }
2266
2267 sitename = sitename_fetch(lp_realm()); /* wild guess */
2268
2269 status = internal_resolve_name(name, name_type, sitename,
2270 &ss_list, &count,
2271 lp_name_resolve_order());
2272 SAFE_FREE(sitename);
2273
2274 if (!NT_STATUS_IS_OK(status)) {
2275 return status;
2276 }
2277
2278 /* only return valid addresses for TCP connections */
2279 for (i=0, num_entries = 0; i<count; i++) {
2280 if (!is_zero_addr(&ss_list[i].ss) &&
2281 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2282 num_entries++;
2283 }
2284 }
2285 if (num_entries == 0) {
2286 SAFE_FREE(ss_list);
2287 return NT_STATUS_BAD_NETWORK_NAME;
2288 }
2289
2290 *return_ss_arr = TALLOC_ARRAY(ctx,
2291 struct sockaddr_storage,
2292 num_entries);
2293 if (!(*return_ss_arr)) {
2294 SAFE_FREE(ss_list);
2295 return NT_STATUS_NO_MEMORY;
2296 }
2297
2298 for (i=0, num_entries = 0; i<count; i++) {
2299 if (!is_zero_addr(&ss_list[i].ss) &&
2300 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2301 (*return_ss_arr)[num_entries++] = ss_list[i].ss;
2302 }
2303 }
2304
2305 status = NT_STATUS_OK;
2306 *p_num_entries = num_entries;
2307
2308 SAFE_FREE(ss_list);
2309 return NT_STATUS_OK;
2310 }
2311
2312 /********************************************************
2313 Find the IP address of the master browser or DMB for a workgroup.
2314 *********************************************************/
2315
2316 bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
2317 {
2318 struct ip_service *ip_list = NULL;
2319 int count = 0;
2320 NTSTATUS status;
2321
2322 if (lp_disable_netbios()) {
2323 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
2324 return false;
2325 }
2326
2327 status = internal_resolve_name(group, 0x1D, NULL, &ip_list, &count,
2328 lp_name_resolve_order());
2329 if (NT_STATUS_IS_OK(status)) {
2330 *master_ss = ip_list[0].ss;
2331 SAFE_FREE(ip_list);
2332 return true;
2333 }
2334
2335 status = internal_resolve_name(group, 0x1B, NULL, &ip_list, &count,
2336 lp_name_resolve_order());
2337 if (NT_STATUS_IS_OK(status)) {
2338 *master_ss = ip_list[0].ss;
2339 SAFE_FREE(ip_list);
2340 return true;
2341 }
2342
2343 SAFE_FREE(ip_list);
2344 return false;
2345 }
2346
2347 /********************************************************
2348 Get the IP address list of the primary domain controller
2349 for a domain.
2350 *********************************************************/
2351
2352 bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
2353 {
2354 struct ip_service *ip_list = NULL;
2355 int count = 0;
2356 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
2357
2358 /* Look up #1B name */
2359
2360 if (lp_security() == SEC_ADS) {
2361 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2362 &count, "ads");
2363 }
2364
2365 if (!NT_STATUS_IS_OK(status) || count == 0) {
2366 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2367 &count,
2368 lp_name_resolve_order());
2369 if (!NT_STATUS_IS_OK(status)) {
2370 return false;
2371 }
2372 }
2373
2374 /* if we get more than 1 IP back we have to assume it is a
2375 multi-homed PDC and not a mess up */
2376
2377 if ( count > 1 ) {
2378 DEBUG(6,("get_pdc_ip: PDC has %d IP addresses!\n", count));
2379 sort_service_list(ip_list, count);
2380 }
2381
2382 *pss = ip_list[0].ss;
2383 SAFE_FREE(ip_list);
2384 return true;
2385 }
2386
2387 /* Private enum type for lookups. */
2388
2389 enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
2390
2391 /********************************************************
2392 Get the IP address list of the domain controllers for
2393 a domain.
2394 *********************************************************/
2395
2396 static NTSTATUS get_dc_list(const char *domain,
2397 const char *sitename,
2398 struct ip_service **ip_list,
2399 int *count,
2400 enum dc_lookup_type lookup_type,
2401 bool *ordered)
2402 {
2403 char *resolve_order = NULL;
2404 char *saf_servername = NULL;
2405 char *pserver = NULL;
2406 const char *p;
2407 char *port_str = NULL;
2408 int port;
2409 char *name;
2410 int num_addresses = 0;
2411 int local_count, i, j;
2412 struct ip_service *return_iplist = NULL;
2413 struct ip_service *auto_ip_list = NULL;
2414 bool done_auto_lookup = false;
2415 int auto_count = 0;
2416 NTSTATUS status;
2417 TALLOC_CTX *ctx = talloc_init("get_dc_list");
2418
2419 *ip_list = NULL;
2420 *count = 0;
2421
2422 if (!ctx) {
2423 return NT_STATUS_NO_MEMORY;
2424 }
2425
2426 *ordered = False;
2427
2428 /* if we are restricted to solely using DNS for looking
2429 up a domain controller, make sure that host lookups
2430 are enabled for the 'name resolve order'. If host lookups
2431 are disabled and ads_only is True, then set the string to
2432 NULL. */
2433
2434 resolve_order = talloc_strdup(ctx, lp_name_resolve_order());
2435 if (!resolve_order) {
2436 status = NT_STATUS_NO_MEMORY;
2437 goto out;
2438 }
2439 strlower_m(resolve_order);
2440 if (lookup_type == DC_ADS_ONLY) {
2441 if (strstr( resolve_order, "host")) {
2442 resolve_order = talloc_strdup(ctx, "ads");
2443
2444 /* DNS SRV lookups used by the ads resolver
2445 are already sorted by priority and weight */
2446 *ordered = true;
2447 } else {
2448 resolve_order = talloc_strdup(ctx, "NULL");
2449 }
2450 } else if (lookup_type == DC_KDC_ONLY) {
2451 /* DNS SRV lookups used by the ads/kdc resolver
2452 are already sorted by priority and weight */
2453 *ordered = true;
2454 resolve_order = talloc_strdup(ctx, "kdc");
2455 }
2456 if (!resolve_order) {
2457 status = NT_STATUS_NO_MEMORY;
2458 goto out;
2459 }
2460
2461 /* fetch the server we have affinity for. Add the
2462 'password server' list to a search for our domain controllers */
2463
2464 saf_servername = saf_fetch( domain);
2465
2466 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
2467 pserver = talloc_asprintf(ctx, "%s, %s",
2468 saf_servername ? saf_servername : "",
2469 lp_passwordserver());
2470 } else {
2471 pserver = talloc_asprintf(ctx, "%s, *",
2472 saf_servername ? saf_servername : "");
2473 }
2474
2475 SAFE_FREE(saf_servername);
2476 if (!pserver) {
2477 status = NT_STATUS_NO_MEMORY;
2478 goto out;
2479 }
2480
2481 /* if we are starting from scratch, just lookup DOMAIN<0x1c> */
2482
2483 if (!*pserver ) {
2484 DEBUG(10,("get_dc_list: no preferred domain controllers.\n"));
2485 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2486 count, resolve_order);
2487 goto out;
2488 }
2489
2490 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
2491
2492 /*
2493 * if '*' appears in the "password server" list then add
2494 * an auto lookup to the list of manually configured
2495 * DC's. If any DC is listed by name, then the list should be
2496 * considered to be ordered
2497 */
2498
2499 p = pserver;
2500 while (next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2501 if (!done_auto_lookup && strequal(name, "*")) {
2502 status = internal_resolve_name(domain, 0x1C, sitename,
2503 &auto_ip_list,
2504 &auto_count,
2505 resolve_order);
2506 if (NT_STATUS_IS_OK(status)) {
2507 num_addresses += auto_count;
2508 }
2509 done_auto_lookup = true;
2510 DEBUG(8,("Adding %d DC's from auto lookup\n",
2511 auto_count));
2512 } else {
2513 num_addresses++;
2514 }
2515 }
2516
2517 /* if we have no addresses and haven't done the auto lookup, then
2518 just return the list of DC's. Or maybe we just failed. */
2519
2520 if ((num_addresses == 0)) {
2521 if (done_auto_lookup) {
2522 DEBUG(4,("get_dc_list: no servers found\n"));
2523 status = NT_STATUS_NO_LOGON_SERVERS;
2524 goto out;
2525 }
2526 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2527 count, resolve_order);
2528 goto out;
2529 }
2530
2531 if ((return_iplist = SMB_MALLOC_ARRAY(struct ip_service,
2532 num_addresses)) == NULL) {
2533 DEBUG(3,("get_dc_list: malloc fail !\n"));
2534 status = NT_STATUS_NO_MEMORY;
2535 goto out;
2536 }
2537
2538 p = pserver;
2539 local_count = 0;
2540
2541 /* fill in the return list now with real IP's */
2542
2543 while ((local_count<num_addresses) &&
2544 next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2545 struct sockaddr_storage name_ss;
2546
2547 /* copy any addersses from the auto lookup */
2548
2549 if (strequal(name, "*")) {
2550 for (j=0; j<auto_count; j++) {
2551 char addr[INET6_ADDRSTRLEN];
2552 print_sockaddr(addr,
2553 sizeof(addr),
2554 &auto_ip_list[j].ss);
2555 /* Check for and don't copy any
2556 * known bad DC IP's. */
2557 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
2558 domain,
2559 addr))) {
2560 DEBUG(5,("get_dc_list: "
2561 "negative entry %s removed "
2562 "from DC list\n",
2563 addr));
2564 continue;
2565 }
2566 return_iplist[local_count].ss =
2567 auto_ip_list[j].ss;
2568 return_iplist[local_count].port =
2569 auto_ip_list[j].port;
2570 local_count++;
2571 }
2572 continue;
2573 }
2574
2575 /* added support for address:port syntax for ads
2576 * (not that I think anyone will ever run the LDAP
2577 * server in an AD domain on something other than
2578 * port 389 */
2579
2580 port = (lp_security() == SEC_ADS) ? LDAP_PORT : PORT_NONE;
2581 if ((port_str=strchr(name, ':')) != NULL) {
2582 *port_str = '\0';
2583 port_str++;
2584 port = atoi(port_str);
2585 }
2586
2587 /* explicit lookup; resolve_name() will
2588 * handle names & IP addresses */
2589 if (resolve_name( name, &name_ss, 0x20, true )) {
2590 char addr[INET6_ADDRSTRLEN];
2591 print_sockaddr(addr,
2592 sizeof(addr),
2593 &name_ss);
2594
2595 /* Check for and don't copy any known bad DC IP's. */
2596 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
2597 addr)) ) {
2598 DEBUG(5,("get_dc_list: negative entry %s "
2599 "removed from DC list\n",
2600 name ));
2601 continue;
2602 }
2603
2604 return_iplist[local_count].ss = name_ss;
2605 return_iplist[local_count].port = port;
2606 local_count++;
2607 *ordered = true;
2608 }
2609 }
2610
2611 /* need to remove duplicates in the list if we have any
2612 explicit password servers */
2613
2614 if (local_count) {
2615 local_count = remove_duplicate_addrs2(return_iplist,
2616 local_count );
2617 }
2618
2619 /* For DC's we always prioritize IPv4 due to W2K3 not
2620 * supporting LDAP, KRB5 or CLDAP over IPv6. */
2621
2622 if (local_count && return_iplist) {
2623 prioritize_ipv4_list(return_iplist, local_count);
2624 }
2625
2626 if ( DEBUGLEVEL >= 4 ) {
2627 DEBUG(4,("get_dc_list: returning %d ip addresses "
2628 "in an %sordered list\n",
2629 local_count,
2630 *ordered ? "":"un"));
2631 DEBUG(4,("get_dc_list: "));
2632 for ( i=0; i<local_count; i++ ) {
2633 char addr[INET6_ADDRSTRLEN];
2634 print_sockaddr(addr,
2635 sizeof(addr),
2636 &return_iplist[i].ss);
2637 DEBUGADD(4,("%s:%d ", addr, return_iplist[i].port ));
2638 }
2639 DEBUGADD(4,("\n"));
2640 }
2641
2642 *ip_list = return_iplist;
2643 *count = local_count;
2644
2645 status = ( *count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS );
2646
2647 out:
2648
2649 if (!NT_STATUS_IS_OK(status)) {
2650 SAFE_FREE(return_iplist);
2651 *ip_list = NULL;
2652 *count = 0;
2653 }
2654
2655 SAFE_FREE(auto_ip_list);
2656 TALLOC_FREE(ctx);
2657 return status;
2658 }
2659
2660 /*********************************************************************
2661 Small wrapper function to get the DC list and sort it if neccessary.
2662 *********************************************************************/
2663
2664 NTSTATUS get_sorted_dc_list( const char *domain,
2665 const char *sitename,
2666 struct ip_service **ip_list,
2667 int *count,
2668 bool ads_only )
2669 {
2670 bool ordered = false;
2671 NTSTATUS status;
2672 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
2673
2674 *ip_list = NULL;
2675 *count = 0;
2676
2677 DEBUG(8,("get_sorted_dc_list: attempting lookup "
2678 "for name %s (sitename %s) using [%s]\n",
2679 domain,
2680 sitename ? sitename : "NULL",
2681 (ads_only ? "ads" : lp_name_resolve_order())));
2682
2683 if (ads_only) {
2684 lookup_type = DC_ADS_ONLY;
2685 }
2686
2687 status = get_dc_list(domain, sitename, ip_list,
2688 count, lookup_type, &ordered);
2689 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
2690 && sitename) {
2691 DEBUG(3,("get_sorted_dc_list: no server for name %s available"
2692 " in site %s, fallback to all servers\n",
2693 domain, sitename));
2694 status = get_dc_list(domain, NULL, ip_list,
2695 count, lookup_type, &ordered);
2696 }
2697
2698 if (!NT_STATUS_IS_OK(status)) {
2699 SAFE_FREE(*ip_list);
2700 *count = 0;
2701 return status;
2702 }
2703
2704 /* only sort if we don't already have an ordered list */
2705 if (!ordered) {
2706 sort_service_list(*ip_list, *count);
2707 }
2708
2709 return NT_STATUS_OK;
2710 }
2711
2712 /*********************************************************************
2713 Get the KDC list - re-use all the logic in get_dc_list.
2714 *********************************************************************/
2715
2716 NTSTATUS get_kdc_list( const char *realm,
2717 const char *sitename,
2718 struct ip_service **ip_list,
2719 int *count)
2720 {
2721 bool ordered;
2722 NTSTATUS status;
2723
2724 *count = 0;
2725 *ip_list = NULL;
2726
2727 status = get_dc_list(realm, sitename, ip_list,
2728 count, DC_KDC_ONLY, &ordered);
2729
2730 if (!NT_STATUS_IS_OK(status)) {
2731 SAFE_FREE(*ip_list);
2732 *count = 0;
2733 return status;
2734 }
2735
2736 /* only sort if we don't already have an ordered list */
2737 if ( !ordered ) {
2738 sort_service_list(*ip_list, *count);
2739 }
2740
2741 return NT_STATUS_OK;
2742 }
Samba GIT mirror