search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: Fix build file due to file move. Use the new path of iniparser
[Samba/ekacnet.git] / source4 / wrepl_server / wrepl_in_call.c
blob6737d6f5c8784203908ea92802d0f0fb83d369ac
1 /*
2 Unix SMB/CIFS implementation.
3
4 WINS Replication server
5
6 Copyright (C) Stefan Metzmacher 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "lib/events/events.h"
24 #include "lib/socket/socket.h"
25 #include "smbd/service_stream.h"
26 #include "libcli/wrepl/winsrepl.h"
27 #include "wrepl_server/wrepl_server.h"
28 #include "libcli/composite/composite.h"
29 #include "nbt_server/wins/winsdb.h"
30 #include "lib/ldb/include/ldb.h"
31 #include "lib/ldb/include/ldb_errors.h"
32 #include "system/time.h"
33 #include "lib/util/tsort.h"
34 #include "lib/stream/packet.h" /* FIXME */
35
36 static NTSTATUS wreplsrv_in_start_association(struct wreplsrv_in_call *call)
37 {
38 struct wrepl_start *start = &call->req_packet.message.start;
39 struct wrepl_start *start_reply = &call->rep_packet.message.start_reply;
40
41 if (call->req_packet.opcode & WREPL_OPCODE_BITS) {
42 /*
43 *if the assoc_ctx doesn't match ignore the packet
44 */
45 if ((call->req_packet.assoc_ctx != call->wreplconn->assoc_ctx.our_ctx)
46 && (call->req_packet.assoc_ctx != 0)) {
47 return ERROR_INVALID_PARAMETER;
48 }
49 } else {
50 call->wreplconn->assoc_ctx.our_ctx = WREPLSRV_INVALID_ASSOC_CTX;
51 return NT_STATUS_OK;
52 }
53
54 /*
55 * it seems that we don't know all details about the start_association
56 * to support replication with NT4 (it sends 1.1 instead of 5.2)
57 * we ignore the version numbers until we know all details
58 */
59 #if 0
60 if (start->minor_version != 2 || start->major_version != 5) {
61 /* w2k terminate the connection if the versions doesn't match */
62 return NT_STATUS_UNKNOWN_REVISION;
63 }
64 #endif
65
66 call->wreplconn->assoc_ctx.stopped = false;
67 call->wreplconn->assoc_ctx.our_ctx = WREPLSRV_VALID_ASSOC_CTX;
68 call->wreplconn->assoc_ctx.peer_ctx = start->assoc_ctx;
69
70 call->rep_packet.mess_type = WREPL_START_ASSOCIATION_REPLY;
71 start_reply->assoc_ctx = call->wreplconn->assoc_ctx.our_ctx;
72 start_reply->minor_version = 2;
73 start_reply->major_version = 5;
74
75 /*
76 * nt4 uses 41 bytes for the start_association call
77 * so do it the same and as we don't know the meanings of this bytes
78 * we just send zeros and nt4, w2k and w2k3 seems to be happy with this
79 *
80 * if we don't do this nt4 uses an old version of the wins replication protocol
81 * and that would break nt4 <-> samba replication
82 */
83 call->rep_packet.padding = data_blob_talloc(call, NULL, 21);
84 NT_STATUS_HAVE_NO_MEMORY(call->rep_packet.padding.data);
85
86 memset(call->rep_packet.padding.data, 0, call->rep_packet.padding.length);
87
88 return NT_STATUS_OK;
89 }
90
91 static NTSTATUS wreplsrv_in_stop_assoc_ctx(struct wreplsrv_in_call *call)
92 {
93 struct wrepl_stop *stop_out = &call->rep_packet.message.stop;
94
95 call->wreplconn->assoc_ctx.stopped = true;
96
97 call->rep_packet.mess_type = WREPL_STOP_ASSOCIATION;
98 stop_out->reason = 4;
99
100 return NT_STATUS_OK;
101 }
102
103 static NTSTATUS wreplsrv_in_stop_association(struct wreplsrv_in_call *call)
104 {
105 /*
106 * w2k only check the assoc_ctx if the opcode has the 0x00007800 bits are set
107 */
108 if (call->req_packet.opcode & WREPL_OPCODE_BITS) {
109 /*
110 *if the assoc_ctx doesn't match ignore the packet
111 */
112 if (call->req_packet.assoc_ctx != call->wreplconn->assoc_ctx.our_ctx) {
113 return ERROR_INVALID_PARAMETER;
114 }
115 /* when the opcode bits are set the connection should be directly terminated */
116 return NT_STATUS_CONNECTION_RESET;
117 }
118
119 if (call->wreplconn->assoc_ctx.stopped) {
120 /* this causes the connection to be directly terminated */
121 return NT_STATUS_CONNECTION_RESET;
122 }
123
124 /* this will cause to not receive packets anymore and terminate the connection if the reply is send */
125 call->terminate_after_send = true;
126 return wreplsrv_in_stop_assoc_ctx(call);
127 }
128
129 static NTSTATUS wreplsrv_in_table_query(struct wreplsrv_in_call *call)
130 {
131 struct wreplsrv_service *service = call->wreplconn->service;
132 struct wrepl_replication *repl_out = &call->rep_packet.message.replication;
133 struct wrepl_table *table_out = &call->rep_packet.message.replication.info.table;
134
135 repl_out->command = WREPL_REPL_TABLE_REPLY;
136
137 return wreplsrv_fill_wrepl_table(service, call, table_out,
138 service->wins_db->local_owner, true);
139 }
140
141 static int wreplsrv_in_sort_wins_name(struct wrepl_wins_name *n1,
142 struct wrepl_wins_name *n2)
143 {
144 if (n1->id < n2->id) return -1;
145 if (n1->id > n2->id) return 1;
146 return 0;
147 }
148
149 static NTSTATUS wreplsrv_record2wins_name(TALLOC_CTX *mem_ctx,
150 struct wrepl_wins_name *name,
151 struct winsdb_record *rec)
152 {
153 uint32_t num_ips, i;
154 struct wrepl_ip *ips;
155
156 name->name = rec->name;
157 talloc_steal(mem_ctx, rec->name);
158
159 name->id = rec->version;
160 name->unknown = "255.255.255.255";
161
162 name->flags = WREPL_NAME_FLAGS(rec->type, rec->state, rec->node, rec->is_static);
163
164 switch (name->flags & 2) {
165 case 0:
166 name->addresses.ip = rec->addresses[0]->address;
167 talloc_steal(mem_ctx, rec->addresses[0]->address);
168 break;
169 case 2:
170 num_ips = winsdb_addr_list_length(rec->addresses);
171 ips = talloc_array(mem_ctx, struct wrepl_ip, num_ips);
172 NT_STATUS_HAVE_NO_MEMORY(ips);
173
174 for (i = 0; i < num_ips; i++) {
175 ips[i].owner = rec->addresses[i]->wins_owner;
176 talloc_steal(ips, rec->addresses[i]->wins_owner);
177 ips[i].ip = rec->addresses[i]->address;
178 talloc_steal(ips, rec->addresses[i]->address);
179 }
180
181 name->addresses.addresses.num_ips = num_ips;
182 name->addresses.addresses.ips = ips;
183 break;
184 }
185
186 return NT_STATUS_OK;
187 }
188
189 static NTSTATUS wreplsrv_in_send_request(struct wreplsrv_in_call *call)
190 {
191 struct wreplsrv_service *service = call->wreplconn->service;
192 struct wrepl_wins_owner *owner_in = &call->req_packet.message.replication.info.owner;
193 struct wrepl_replication *repl_out = &call->rep_packet.message.replication;
194 struct wrepl_send_reply *reply_out = &call->rep_packet.message.replication.info.reply;
195 struct wreplsrv_owner *owner;
196 const char *owner_filter;
197 const char *filter;
198 struct ldb_result *res = NULL;
199 int ret;
200 struct wrepl_wins_name *names;
201 struct winsdb_record *rec;
202 NTSTATUS status;
203 uint32_t i, j;
204 time_t now = time(NULL);
205
206 owner = wreplsrv_find_owner(service, service->table, owner_in->address);
207
208 repl_out->command = WREPL_REPL_SEND_REPLY;
209 reply_out->num_names = 0;
210 reply_out->names = NULL;
211
212 /*
213 * if we didn't know this owner, must be a bug in the partners client code...
214 * return an empty list.
215 */
216 if (!owner) {
217 DEBUG(2,("WINSREPL:reply [0] records unknown owner[%s] to partner[%s]\n",
218 owner_in->address, call->wreplconn->partner->address));
219 return NT_STATUS_OK;
220 }
221
222 /*
223 * the client sends a max_version of 0, interpret it as
224 * (uint64_t)-1
225 */
226 if (owner_in->max_version == 0) {
227 owner_in->max_version = (uint64_t)-1;
228 }
229
230 /*
231 * if the partner ask for nothing, or give invalid ranges,
232 * return an empty list.
233 */
234 if (owner_in->min_version > owner_in->max_version) {
235 DEBUG(2,("WINSREPL:reply [0] records owner[%s] min[%llu] max[%llu] to partner[%s]\n",
236 owner_in->address,
237 (long long)owner_in->min_version,
238 (long long)owner_in->max_version,
239 call->wreplconn->partner->address));
240 return NT_STATUS_OK;
241 }
242
243 /*
244 * if the partner has already all records for nothing, or give invalid ranges,
245 * return an empty list.
246 */
247 if (owner_in->min_version > owner->owner.max_version) {
248 DEBUG(2,("WINSREPL:reply [0] records owner[%s] min[%llu] max[%llu] to partner[%s]\n",
249 owner_in->address,
250 (long long)owner_in->min_version,
251 (long long)owner_in->max_version,
252 call->wreplconn->partner->address));
253 return NT_STATUS_OK;
254 }
255
256 owner_filter = wreplsrv_owner_filter(service, call, owner->owner.address);
257 NT_STATUS_HAVE_NO_MEMORY(owner_filter);
258 filter = talloc_asprintf(call,
259 "(&%s(objectClass=winsRecord)"
260 "(|(recordState=%u)(recordState=%u))"
261 "(versionID>=%llu)(versionID<=%llu))",
262 owner_filter,
263 WREPL_STATE_ACTIVE, WREPL_STATE_TOMBSTONE,
264 (long long)owner_in->min_version,
265 (long long)owner_in->max_version);
266 NT_STATUS_HAVE_NO_MEMORY(filter);
267 ret = ldb_search(service->wins_db->ldb, call, &res, NULL, LDB_SCOPE_SUBTREE, NULL, "%s", filter);
268 if (ret != LDB_SUCCESS) return NT_STATUS_INTERNAL_DB_CORRUPTION;
269 DEBUG(10,("WINSREPL: filter '%s' count %d\n", filter, res->count));
270
271 if (res->count == 0) {
272 DEBUG(2,("WINSREPL:reply [%u] records owner[%s] min[%llu] max[%llu] to partner[%s]\n",
273 res->count, owner_in->address,
274 (long long)owner_in->min_version,
275 (long long)owner_in->max_version,
276 call->wreplconn->partner->address));
277 return NT_STATUS_OK;
278 }
279
280 names = talloc_array(call, struct wrepl_wins_name, res->count);
281 NT_STATUS_HAVE_NO_MEMORY(names);
282
283 for (i=0, j=0; i < res->count; i++) {
284 status = winsdb_record(service->wins_db, res->msgs[i], call, now, &rec);
285 NT_STATUS_NOT_OK_RETURN(status);
286
287 /*
288 * it's possible that winsdb_record() made the record RELEASED
289 * because it's expired, but in the database it's still stored
290 * as ACTIVE...
291 *
292 * make sure we really only replicate ACTIVE and TOMBSTONE records
293 */
294 if (rec->state == WREPL_STATE_ACTIVE || rec->state == WREPL_STATE_TOMBSTONE) {
295 status = wreplsrv_record2wins_name(names, &names[j], rec);
296 NT_STATUS_NOT_OK_RETURN(status);
297 j++;
298 }
299
300 talloc_free(rec);
301 talloc_free(res->msgs[i]);
302 }
303
304 /* sort the names before we send them */
305 TYPESAFE_QSORT(names, j, wreplsrv_in_sort_wins_name);
306
307 DEBUG(2,("WINSREPL:reply [%u] records owner[%s] min[%llu] max[%llu] to partner[%s]\n",
308 j, owner_in->address,
309 (long long)owner_in->min_version,
310 (long long)owner_in->max_version,
311 call->wreplconn->partner->address));
312
313 reply_out->num_names = j;
314 reply_out->names = names;
315
316 return NT_STATUS_OK;
317 }
318
319 struct wreplsrv_in_update_state {
320 struct wreplsrv_in_connection *wrepl_in;
321 struct wreplsrv_out_connection *wrepl_out;
322 struct composite_context *creq;
323 struct wreplsrv_pull_cycle_io cycle_io;
324 };
325
326 static void wreplsrv_in_update_handler(struct composite_context *creq)
327 {
328 struct wreplsrv_in_update_state *update_state = talloc_get_type(creq->async.private_data,
329 struct wreplsrv_in_update_state);
330 NTSTATUS status;
331
332 status = wreplsrv_pull_cycle_recv(creq);
333
334 talloc_free(update_state->wrepl_out);
335
336 wreplsrv_terminate_in_connection(update_state->wrepl_in, nt_errstr(status));
337 }
338
339 static NTSTATUS wreplsrv_in_update(struct wreplsrv_in_call *call)
340 {
341 struct wreplsrv_in_connection *wrepl_in = call->wreplconn;
342 struct wreplsrv_out_connection *wrepl_out;
343 struct wrepl_table *update_in = &call->req_packet.message.replication.info.table;
344 struct wreplsrv_in_update_state *update_state;
345 struct packet_context *packet;
346
347 DEBUG(2,("WREPL_REPL_UPDATE: partner[%s] initiator[%s] num_owners[%u]\n",
348 call->wreplconn->partner->address,
349 update_in->initiator, update_in->partner_count));
350
351 update_state = talloc(wrepl_in, struct wreplsrv_in_update_state);
352 NT_STATUS_HAVE_NO_MEMORY(update_state);
353
354 /*
355 * We need to flip the connection into a client connection
356 * and do a WREPL_REPL_SEND_REQUEST's on the that connection
357 * and then stop this connection.
358 */
359 packet = packet_init(wrepl_in);
360 if (packet == NULL) {
361 return NT_STATUS_NO_MEMORY;
362 }
363
364 /*
365 * TODO We can free the tstream here as we don't use it in the client
366 * yet.
367 */
368 TALLOC_FREE(wrepl_in->send_queue);
369 TALLOC_FREE(wrepl_in->tstream);
370
371 wrepl_out = talloc(update_state, struct wreplsrv_out_connection);
372 NT_STATUS_HAVE_NO_MEMORY(wrepl_out);
373 wrepl_out->service = wrepl_in->service;
374 wrepl_out->partner = wrepl_in->partner;
375 wrepl_out->assoc_ctx.our_ctx = wrepl_in->assoc_ctx.our_ctx;
376 wrepl_out->assoc_ctx.peer_ctx = wrepl_in->assoc_ctx.peer_ctx;
377 wrepl_out->sock = wrepl_socket_merge(wrepl_out,
378 wrepl_in->conn->event.ctx,
379 wrepl_in->conn->socket,
380 packet);
381 NT_STATUS_HAVE_NO_MEMORY(wrepl_out->sock);
382
383 update_state->wrepl_in = wrepl_in;
384 update_state->wrepl_out = wrepl_out;
385 update_state->cycle_io.in.partner = wrepl_out->partner;
386 update_state->cycle_io.in.num_owners = update_in->partner_count;
387 update_state->cycle_io.in.owners = update_in->partners;
388 talloc_steal(update_state, update_in->partners);
389 update_state->cycle_io.in.wreplconn = wrepl_out;
390 update_state->creq = wreplsrv_pull_cycle_send(update_state, &update_state->cycle_io);
391 if (!update_state->creq) {
392 return NT_STATUS_INTERNAL_ERROR;
393 }
394
395 update_state->creq->async.fn = wreplsrv_in_update_handler;
396 update_state->creq->async.private_data = update_state;
397
398 return ERROR_INVALID_PARAMETER;
399 }
400
401 static NTSTATUS wreplsrv_in_update2(struct wreplsrv_in_call *call)
402 {
403 return wreplsrv_in_update(call);
404 }
405
406 static NTSTATUS wreplsrv_in_inform(struct wreplsrv_in_call *call)
407 {
408 struct wrepl_table *inform_in = &call->req_packet.message.replication.info.table;
409
410 DEBUG(2,("WREPL_REPL_INFORM: partner[%s] initiator[%s] num_owners[%u]\n",
411 call->wreplconn->partner->address,
412 inform_in->initiator, inform_in->partner_count));
413
414 wreplsrv_out_partner_pull(call->wreplconn->partner, inform_in);
415
416 /* we don't reply to WREPL_REPL_INFORM messages */
417 return ERROR_INVALID_PARAMETER;
418 }
419
420 static NTSTATUS wreplsrv_in_inform2(struct wreplsrv_in_call *call)
421 {
422 return wreplsrv_in_inform(call);
423 }
424
425 static NTSTATUS wreplsrv_in_replication(struct wreplsrv_in_call *call)
426 {
427 struct wrepl_replication *repl_in = &call->req_packet.message.replication;
428 NTSTATUS status;
429
430 /*
431 * w2k only check the assoc_ctx if the opcode has the 0x00007800 bits are set
432 */
433 if (call->req_packet.opcode & WREPL_OPCODE_BITS) {
434 /*
435 *if the assoc_ctx doesn't match ignore the packet
436 */
437 if (call->req_packet.assoc_ctx != call->wreplconn->assoc_ctx.our_ctx) {
438 return ERROR_INVALID_PARAMETER;
439 }
440 }
441
442 if (!call->wreplconn->partner) {
443 struct socket_address *partner_ip = socket_get_peer_addr(call->wreplconn->conn->socket, call);
444
445 call->wreplconn->partner = wreplsrv_find_partner(call->wreplconn->service, partner_ip->addr);
446 if (!call->wreplconn->partner) {
447 DEBUG(1,("Failing WINS replication from non-partner %s\n",
448 partner_ip ? partner_ip->addr : NULL));
449 return wreplsrv_in_stop_assoc_ctx(call);
450 }
451 }
452
453 switch (repl_in->command) {
454 case WREPL_REPL_TABLE_QUERY:
455 if (!(call->wreplconn->partner->type & WINSREPL_PARTNER_PUSH)) {
456 DEBUG(0,("Failing WINS replication TABLE_QUERY from non-push-partner %s\n",
457 call->wreplconn->partner->address));
458 return wreplsrv_in_stop_assoc_ctx(call);
459 }
460 status = wreplsrv_in_table_query(call);
461 break;
462
463 case WREPL_REPL_TABLE_REPLY:
464 return ERROR_INVALID_PARAMETER;
465
466 case WREPL_REPL_SEND_REQUEST:
467 if (!(call->wreplconn->partner->type & WINSREPL_PARTNER_PUSH)) {
468 DEBUG(0,("Failing WINS replication SEND_REQUESET from non-push-partner %s\n",
469 call->wreplconn->partner->address));
470 return wreplsrv_in_stop_assoc_ctx(call);
471 }
472 status = wreplsrv_in_send_request(call);
473 break;
474
475 case WREPL_REPL_SEND_REPLY:
476 return ERROR_INVALID_PARAMETER;
477
478 case WREPL_REPL_UPDATE:
479 if (!(call->wreplconn->partner->type & WINSREPL_PARTNER_PULL)) {
480 DEBUG(0,("Failing WINS replication UPDATE from non-pull-partner %s\n",
481 call->wreplconn->partner->address));
482 return wreplsrv_in_stop_assoc_ctx(call);
483 }
484 status = wreplsrv_in_update(call);
485 break;
486
487 case WREPL_REPL_UPDATE2:
488 if (!(call->wreplconn->partner->type & WINSREPL_PARTNER_PULL)) {
489 DEBUG(0,("Failing WINS replication UPDATE2 from non-pull-partner %s\n",
490 call->wreplconn->partner->address));
491 return wreplsrv_in_stop_assoc_ctx(call);
492 }
493 status = wreplsrv_in_update2(call);
494 break;
495
496 case WREPL_REPL_INFORM:
497 if (!(call->wreplconn->partner->type & WINSREPL_PARTNER_PULL)) {
498 DEBUG(0,("Failing WINS replication INFORM from non-pull-partner %s\n",
499 call->wreplconn->partner->address));
500 return wreplsrv_in_stop_assoc_ctx(call);
501 }
502 status = wreplsrv_in_inform(call);
503 break;
504
505 case WREPL_REPL_INFORM2:
506 if (!(call->wreplconn->partner->type & WINSREPL_PARTNER_PULL)) {
507 DEBUG(0,("Failing WINS replication INFORM2 from non-pull-partner %s\n",
508 call->wreplconn->partner->address));
509 return wreplsrv_in_stop_assoc_ctx(call);
510 }
511 status = wreplsrv_in_inform2(call);
512 break;
513
514 default:
515 return ERROR_INVALID_PARAMETER;
516 }
517
518 if (NT_STATUS_IS_OK(status)) {
519 call->rep_packet.mess_type = WREPL_REPLICATION;
520 }
521
522 return status;
523 }
524
525 static NTSTATUS wreplsrv_in_invalid_assoc_ctx(struct wreplsrv_in_call *call)
526 {
527 struct wrepl_start *start = &call->rep_packet.message.start;
528
529 call->rep_packet.opcode = 0x00008583;
530 call->rep_packet.assoc_ctx = 0;
531 call->rep_packet.mess_type = WREPL_START_ASSOCIATION;
532
533 start->assoc_ctx = 0x0000000a;
534 start->minor_version = 0x0001;
535 start->major_version = 0x0000;
536
537 call->rep_packet.padding = data_blob_talloc(call, NULL, 4);
538 memset(call->rep_packet.padding.data, '\0', call->rep_packet.padding.length);
539
540 return NT_STATUS_OK;
541 }
542
543 NTSTATUS wreplsrv_in_call(struct wreplsrv_in_call *call)
544 {
545 NTSTATUS status;
546
547 if (!(call->req_packet.opcode & WREPL_OPCODE_BITS)
548 && (call->wreplconn->assoc_ctx.our_ctx == WREPLSRV_INVALID_ASSOC_CTX)) {
549 return wreplsrv_in_invalid_assoc_ctx(call);
550 }
551
552 switch (call->req_packet.mess_type) {
553 case WREPL_START_ASSOCIATION:
554 status = wreplsrv_in_start_association(call);
555 break;
556 case WREPL_START_ASSOCIATION_REPLY:
557 /* this is not valid here, so we ignore it */
558 return ERROR_INVALID_PARAMETER;
559
560 case WREPL_STOP_ASSOCIATION:
561 status = wreplsrv_in_stop_association(call);
562 break;
563
564 case WREPL_REPLICATION:
565 status = wreplsrv_in_replication(call);
566 break;
567 default:
568 /* everythingelse is also not valid here, so we ignore it */
569 return ERROR_INVALID_PARAMETER;
570 }
571
572 if (call->wreplconn->assoc_ctx.our_ctx == WREPLSRV_INVALID_ASSOC_CTX) {
573 return wreplsrv_in_invalid_assoc_ctx(call);
574 }
575
576 if (NT_STATUS_IS_OK(status)) {
577 /* let the backend to set some of the opcode bits, but always add the standards */
578 call->rep_packet.opcode |= WREPL_OPCODE_BITS;
579 call->rep_packet.assoc_ctx = call->wreplconn->assoc_ctx.peer_ctx;
580 }
581
582 return status;
583 }