search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drsuapi.idl: fix source_dsa spelling
[samba4-gss.git] / source3 / libsmb / namequery.c
bloba54ca2f74d37fea7651c6e3a44065be67bf3aeb6
1 /*
2 Unix SMB/CIFS implementation.
3 name query routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "libsmb/namequery.h"
23 #include "../lib/util/tevent_ntstatus.h"
24 #include "libads/sitename_cache.h"
25 #include "../lib/addns/dnsquery.h"
26 #include "../lib/addns/dnsquery_srv.h"
27 #include "../libcli/netlogon/netlogon.h"
28 #include "lib/async_req/async_sock.h"
29 #include "lib/tsocket/tsocket.h"
30 #include "libsmb/nmblib.h"
31 #include "libsmb/unexpected.h"
32 #include "../libcli/nbt/libnbt.h"
33 #include "lib/gencache.h"
34 #include "librpc/gen_ndr/dns.h"
35 #include "lib/util/util_net.h"
36 #include "lib/util/tsort.h"
37 #include "lib/util/string_wrappers.h"
38
39 /* nmbd.c sets this to True. */
40 bool global_in_nmbd = False;
41
42 /*
43 * Utility function to convert from a sockaddr_storage
44 * array to a struct samba_sockaddr array.
45 */
46
47 static NTSTATUS sockaddr_array_to_samba_sockaddr_array(
48 TALLOC_CTX *ctx,
49 struct samba_sockaddr **sa_out,
50 size_t *count_out,
51 const struct sockaddr_storage *ss_in,
52 size_t count_in)
53 {
54 struct samba_sockaddr *sa = NULL;
55 size_t i;
56 size_t count = 0;
57
58 if (count_in == 0) {
59 /*
60 * Zero length arrays are returned as NULL.
61 * in the name resolution code.
62 */
63 *count_out = 0;
64 *sa_out = NULL;
65 return NT_STATUS_OK;
66 }
67 sa = talloc_zero_array(ctx,
68 struct samba_sockaddr,
69 count_in);
70 if (sa == NULL) {
71 return NT_STATUS_NO_MEMORY;
72 }
73 count = 0;
74 for (i = 0; i < count_in; i++) {
75 bool ok;
76
77 /* Filter out zero addresses. */
78 if (is_zero_addr(&ss_in[i])) {
79 continue;
80 }
81 ok = sockaddr_storage_to_samba_sockaddr(&sa[count],
82 &ss_in[i]);
83 if (!ok) {
84 continue;
85 }
86 count++;
87 }
88 if (count == 0) {
89 /*
90 * Zero length arrays are returned as NULL.
91 * in the name resolution code.
92 */
93 TALLOC_FREE(sa);
94 }
95 *count_out = count;
96 *sa_out = sa;
97 return NT_STATUS_OK;
98 }
99
100 /****************************
101 * SERVER AFFINITY ROUTINES *
102 ****************************/
103
104 /* Server affinity is the concept of preferring the last domain
105 controller with whom you had a successful conversation */
106
107 /****************************************************************************
108 ****************************************************************************/
109 #define SAFKEY_FMT "SAF/DOMAIN/%s"
110 #define SAF_TTL 900
111 #define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
112 #define SAFJOIN_TTL 3600
113
114 static char *saf_key(TALLOC_CTX *mem_ctx, const char *domain)
115 {
116 return talloc_asprintf_strupper_m(mem_ctx, SAFKEY_FMT, domain);
117 }
118
119 static char *saf_join_key(TALLOC_CTX *mem_ctx, const char *domain)
120 {
121 return talloc_asprintf_strupper_m(mem_ctx, SAFJOINKEY_FMT, domain);
122 }
123
124 /****************************************************************************
125 ****************************************************************************/
126
127 bool saf_store( const char *domain, const char *servername )
128 {
129 char *key;
130 time_t expire;
131 bool ret = False;
132
133 if ( !domain || !servername ) {
134 DEBUG(2,("saf_store: "
135 "Refusing to store empty domain or servername!\n"));
136 return False;
137 }
138
139 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
140 DEBUG(0,("saf_store: "
141 "refusing to store 0 length domain or servername!\n"));
142 return False;
143 }
144
145 key = saf_key(talloc_tos(), domain);
146 if (key == NULL) {
147 DEBUG(1, ("saf_key() failed\n"));
148 return false;
149 }
150 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
151
152 DBG_DEBUG("domain = [%s], server = [%s], expire = [%" PRIu64 "]\n",
153 domain,
154 servername,
155 (uint64_t)expire);
156
157 ret = gencache_set( key, servername, expire );
158
159 TALLOC_FREE( key );
160
161 return ret;
162 }
163
164 bool saf_join_store( const char *domain, const char *servername )
165 {
166 char *key;
167 time_t expire;
168 bool ret = False;
169
170 if ( !domain || !servername ) {
171 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
172 return False;
173 }
174
175 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
176 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
177 return False;
178 }
179
180 key = saf_join_key(talloc_tos(), domain);
181 if (key == NULL) {
182 DEBUG(1, ("saf_join_key() failed\n"));
183 return false;
184 }
185 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
186
187 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
188 domain, servername, (unsigned int)expire ));
189
190 ret = gencache_set( key, servername, expire );
191
192 TALLOC_FREE( key );
193
194 return ret;
195 }
196
197 bool saf_delete( const char *domain )
198 {
199 char *key;
200 bool ret = False;
201
202 if ( !domain ) {
203 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
204 return False;
205 }
206
207 key = saf_join_key(talloc_tos(), domain);
208 if (key == NULL) {
209 DEBUG(1, ("saf_join_key() failed\n"));
210 return false;
211 }
212 ret = gencache_del(key);
213 TALLOC_FREE(key);
214
215 if (ret) {
216 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
217 }
218
219 key = saf_key(talloc_tos(), domain);
220 if (key == NULL) {
221 DEBUG(1, ("saf_key() failed\n"));
222 return false;
223 }
224 ret = gencache_del(key);
225 TALLOC_FREE(key);
226
227 if (ret) {
228 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
229 }
230
231 return ret;
232 }
233
234 /****************************************************************************
235 ****************************************************************************/
236
237 char *saf_fetch(TALLOC_CTX *mem_ctx, const char *domain )
238 {
239 char *server = NULL;
240 time_t timeout;
241 bool ret = False;
242 char *key = NULL;
243
244 if ( !domain || strlen(domain) == 0) {
245 DEBUG(2,("saf_fetch: Empty domain name!\n"));
246 return NULL;
247 }
248
249 key = saf_join_key(talloc_tos(), domain);
250 if (key == NULL) {
251 DEBUG(1, ("saf_join_key() failed\n"));
252 return NULL;
253 }
254
255 ret = gencache_get( key, mem_ctx, &server, &timeout );
256
257 TALLOC_FREE( key );
258
259 if ( ret ) {
260 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
261 server, domain ));
262 return server;
263 }
264
265 key = saf_key(talloc_tos(), domain);
266 if (key == NULL) {
267 DEBUG(1, ("saf_key() failed\n"));
268 return NULL;
269 }
270
271 ret = gencache_get( key, mem_ctx, &server, &timeout );
272
273 TALLOC_FREE( key );
274
275 if ( !ret ) {
276 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
277 domain ));
278 } else {
279 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
280 server, domain ));
281 }
282
283 return server;
284 }
285
286 static void set_socket_addr_v4(struct samba_sockaddr *addr)
287 {
288 if (!interpret_string_addr(&addr->u.ss, lp_nbt_client_socket_address(),
289 AI_NUMERICHOST|AI_PASSIVE)) {
290 zero_sockaddr(&addr->u.ss);
291 /* zero_sockaddr sets family to AF_INET. */
292 addr->sa_socklen = sizeof(struct sockaddr_in);
293 }
294 if (addr->u.ss.ss_family != AF_INET) {
295 zero_sockaddr(&addr->u.ss);
296 /* zero_sockaddr sets family to AF_INET. */
297 addr->sa_socklen = sizeof(struct sockaddr_in);
298 }
299 }
300
301 static struct in_addr my_socket_addr_v4(void)
302 {
303 struct samba_sockaddr my_addr = {0};
304
305 set_socket_addr_v4(&my_addr);
306 return my_addr.u.in.sin_addr;
307 }
308
309 /****************************************************************************
310 Generate a random trn_id.
311 ****************************************************************************/
312
313 static int generate_trn_id(void)
314 {
315 uint16_t id;
316
317 generate_random_buffer((uint8_t *)&id, sizeof(id));
318
319 return id % (unsigned)0x7FFF;
320 }
321
322 /****************************************************************************
323 Parse a node status response into an array of structures.
324 ****************************************************************************/
325
326 static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx,
327 const char *rdata,
328 size_t rdlen,
329 size_t *num_names,
330 struct node_status_extra *extra)
331 {
332 struct node_status *ret;
333 size_t i;
334 size_t len = 0;
335 size_t result_count = 0;
336 const size_t result_len = MAX_NETBIOSNAME_LEN + sizeof(uint8_t) +
337 sizeof(char);
338 const char *r = NULL;
339
340 *num_names = 0;
341 if (rdlen == 0) {
342 return NULL;
343 }
344
345 result_count = PULL_LE_U8(rdata, 0);
346 if (result_count == 0) {
347 return NULL;
348 }
349 r = rdata + 1;
350
351 len = result_len * result_count + sizeof(uint8_t);
352 if (len > rdlen) {
353 return NULL;
354 }
355
356 ret = talloc_zero_array(mem_ctx, struct node_status, result_count);
357 if (!ret)
358 return NULL;
359
360 for (i = 0; i < result_count; i++) {
361 strlcpy(ret[i].name, r, MAX_NETBIOSNAME_LEN);
362 trim_char(ret[i].name,'\0',' ');
363 ret[i].type = PULL_LE_U8(r, 15);
364 ret[i].flags = r[16];
365
366 r += result_len;
367
368 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
369 ret[i].type, ret[i].flags));
370 }
371
372 /*
373 * Also, pick up the MAC address ...
374 */
375 if (extra) {
376 if (len + 6 > rdlen) {
377 TALLOC_FREE(ret);
378 return NULL;
379 }
380 memcpy(&extra->mac_addr, r, 6); /* Fill in the mac addr */
381 }
382
383 *num_names = result_count;
384 return ret;
385 }
386
387 struct sock_packet_read_state {
388 struct tevent_context *ev;
389 enum packet_type type;
390 int trn_id;
391
392 struct nb_packet_reader *reader;
393 struct tevent_req *reader_req;
394
395 struct tdgram_context *sock;
396 struct tevent_req *socket_req;
397 uint8_t *buf;
398 struct tsocket_address *addr;
399
400 bool (*validator)(struct packet_struct *p,
401 void *private_data);
402 void *private_data;
403
404 struct packet_struct *packet;
405 };
406
407 static void sock_packet_read_got_packet(struct tevent_req *subreq);
408 static void sock_packet_read_got_socket(struct tevent_req *subreq);
409
410 static struct tevent_req *sock_packet_read_send(
411 TALLOC_CTX *mem_ctx,
412 struct tevent_context *ev,
413 struct tdgram_context *sock,
414 struct nb_packet_reader *reader,
415 enum packet_type type,
416 int trn_id,
417 bool (*validator)(struct packet_struct *p, void *private_data),
418 void *private_data)
419 {
420 struct tevent_req *req;
421 struct sock_packet_read_state *state;
422
423 req = tevent_req_create(mem_ctx, &state,
424 struct sock_packet_read_state);
425 if (req == NULL) {
426 return NULL;
427 }
428 state->ev = ev;
429 state->reader = reader;
430 state->sock = sock;
431 state->type = type;
432 state->trn_id = trn_id;
433 state->validator = validator;
434 state->private_data = private_data;
435
436 if (reader != NULL) {
437 state->reader_req = nb_packet_read_send(state, ev, reader);
438 if (tevent_req_nomem(state->reader_req, req)) {
439 return tevent_req_post(req, ev);
440 }
441 tevent_req_set_callback(
442 state->reader_req, sock_packet_read_got_packet, req);
443 }
444
445 state->socket_req = tdgram_recvfrom_send(state, ev, state->sock);
446 if (tevent_req_nomem(state->socket_req, req)) {
447 return tevent_req_post(req, ev);
448 }
449 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
450 req);
451
452 return req;
453 }
454
455 static void sock_packet_read_got_packet(struct tevent_req *subreq)
456 {
457 struct tevent_req *req = tevent_req_callback_data(
458 subreq, struct tevent_req);
459 struct sock_packet_read_state *state = tevent_req_data(
460 req, struct sock_packet_read_state);
461 NTSTATUS status;
462
463 status = nb_packet_read_recv(subreq, state, &state->packet);
464
465 TALLOC_FREE(state->reader_req);
466
467 if (!NT_STATUS_IS_OK(status)) {
468 if (state->socket_req != NULL) {
469 /*
470 * Still waiting for socket
471 */
472 return;
473 }
474 /*
475 * Both socket and packet reader failed
476 */
477 tevent_req_nterror(req, status);
478 return;
479 }
480
481 if ((state->validator != NULL) &&
482 !state->validator(state->packet, state->private_data)) {
483 DEBUG(10, ("validator failed\n"));
484
485 TALLOC_FREE(state->packet);
486
487 state->reader_req = nb_packet_read_send(state, state->ev,
488 state->reader);
489 if (tevent_req_nomem(state->reader_req, req)) {
490 return;
491 }
492 tevent_req_set_callback(
493 state->reader_req, sock_packet_read_got_packet, req);
494 return;
495 }
496
497 TALLOC_FREE(state->socket_req);
498 tevent_req_done(req);
499 }
500
501 static void sock_packet_read_got_socket(struct tevent_req *subreq)
502 {
503 struct tevent_req *req = tevent_req_callback_data(
504 subreq, struct tevent_req);
505 struct sock_packet_read_state *state = tevent_req_data(
506 req, struct sock_packet_read_state);
507 struct samba_sockaddr addr = {0};
508 ssize_t ret;
509 ssize_t received;
510 int err;
511 bool ok;
512
513 received = tdgram_recvfrom_recv(subreq, &err, state,
514 &state->buf, &state->addr);
515
516 TALLOC_FREE(state->socket_req);
517
518 if (received == -1) {
519 if (state->reader_req != NULL) {
520 /*
521 * Still waiting for reader
522 */
523 return;
524 }
525 /*
526 * Both socket and reader failed
527 */
528 tevent_req_nterror(req, map_nt_error_from_unix(err));
529 return;
530 }
531 ok = tsocket_address_is_inet(state->addr, "ipv4");
532 if (!ok) {
533 goto retry;
534 }
535 ret = tsocket_address_bsd_sockaddr(state->addr,
536 &addr.u.sa,
537 sizeof(addr.u.in));
538 if (ret == -1) {
539 tevent_req_nterror(req, map_nt_error_from_unix(errno));
540 return;
541 }
542
543 state->packet = parse_packet_talloc(
544 state, (char *)state->buf, received, state->type,
545 addr.u.in.sin_addr, addr.u.in.sin_port);
546 if (state->packet == NULL) {
547 DEBUG(10, ("parse_packet failed\n"));
548 goto retry;
549 }
550 if ((state->trn_id != -1) &&
551 (state->trn_id != packet_trn_id(state->packet))) {
552 DEBUG(10, ("Expected transaction id %d, got %d\n",
553 state->trn_id, packet_trn_id(state->packet)));
554 goto retry;
555 }
556
557 if ((state->validator != NULL) &&
558 !state->validator(state->packet, state->private_data)) {
559 DEBUG(10, ("validator failed\n"));
560 goto retry;
561 }
562
563 tevent_req_done(req);
564 return;
565
566 retry:
567 TALLOC_FREE(state->packet);
568 TALLOC_FREE(state->buf);
569 TALLOC_FREE(state->addr);
570
571 state->socket_req = tdgram_recvfrom_send(state, state->ev, state->sock);
572 if (tevent_req_nomem(state->socket_req, req)) {
573 return;
574 }
575 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
576 req);
577 }
578
579 static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
580 TALLOC_CTX *mem_ctx,
581 struct packet_struct **ppacket)
582 {
583 struct sock_packet_read_state *state = tevent_req_data(
584 req, struct sock_packet_read_state);
585 NTSTATUS status;
586
587 if (tevent_req_is_nterror(req, &status)) {
588 return status;
589 }
590 *ppacket = talloc_move(mem_ctx, &state->packet);
591 return NT_STATUS_OK;
592 }
593
594 struct nb_trans_state {
595 struct tevent_context *ev;
596 struct tdgram_context *sock;
597 struct nb_packet_reader *reader;
598
599 struct tsocket_address *src_addr;
600 struct tsocket_address *dst_addr;
601 uint8_t *buf;
602 size_t buflen;
603 enum packet_type type;
604 int trn_id;
605
606 bool (*validator)(struct packet_struct *p,
607 void *private_data);
608 void *private_data;
609
610 struct packet_struct *packet;
611 };
612
613 static void nb_trans_got_reader(struct tevent_req *subreq);
614 static void nb_trans_done(struct tevent_req *subreq);
615 static void nb_trans_sent(struct tevent_req *subreq);
616 static void nb_trans_send_next(struct tevent_req *subreq);
617
618 static struct tevent_req *nb_trans_send(
619 TALLOC_CTX *mem_ctx,
620 struct tevent_context *ev,
621 const struct samba_sockaddr *_my_addr,
622 const struct samba_sockaddr *_dst_addr,
623 bool bcast,
624 uint8_t *buf, size_t buflen,
625 enum packet_type type, int trn_id,
626 bool (*validator)(struct packet_struct *p,
627 void *private_data),
628 void *private_data)
629 {
630 const struct sockaddr *my_addr = &_my_addr->u.sa;
631 size_t my_addr_len = sizeof(_my_addr->u.in); /*We know it's AF_INET.*/
632 const struct sockaddr *dst_addr = &_dst_addr->u.sa;
633 size_t dst_addr_len = sizeof(_dst_addr->u.in); /*We know it's AF_INET.*/
634 struct tevent_req *req, *subreq;
635 struct nb_trans_state *state;
636 int ret;
637
638 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
639 if (req == NULL) {
640 return NULL;
641 }
642 state->ev = ev;
643 state->buf = buf;
644 state->buflen = buflen;
645 state->type = type;
646 state->trn_id = trn_id;
647 state->validator = validator;
648 state->private_data = private_data;
649
650 ret = tsocket_address_bsd_from_sockaddr(state,
651 my_addr, my_addr_len,
652 &state->src_addr);
653 if (ret == -1) {
654 tevent_req_nterror(req, map_nt_error_from_unix(errno));
655 return tevent_req_post(req, ev);
656 }
657
658 ret = tsocket_address_bsd_from_sockaddr(state,
659 dst_addr, dst_addr_len,
660 &state->dst_addr);
661 if (ret == -1) {
662 tevent_req_nterror(req, map_nt_error_from_unix(errno));
663 return tevent_req_post(req, ev);
664 }
665
666 ret = tdgram_inet_udp_broadcast_socket(state->src_addr, state,
667 &state->sock);
668 if (ret == -1) {
669 tevent_req_nterror(req, map_nt_error_from_unix(errno));
670 return tevent_req_post(req, ev);
671 }
672
673 subreq = nb_packet_reader_send(state,
674 ev,
675 global_nmbd_socket_dir(),
676 type,
677 state->trn_id,
678 NULL);
679 if (tevent_req_nomem(subreq, req)) {
680 return tevent_req_post(req, ev);
681 }
682 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
683 return req;
684 }
685
686 static void nb_trans_got_reader(struct tevent_req *subreq)
687 {
688 struct tevent_req *req = tevent_req_callback_data(
689 subreq, struct tevent_req);
690 struct nb_trans_state *state = tevent_req_data(
691 req, struct nb_trans_state);
692 NTSTATUS status;
693
694 status = nb_packet_reader_recv(subreq, state, &state->reader);
695 TALLOC_FREE(subreq);
696
697 if (!NT_STATUS_IS_OK(status)) {
698 DEBUG(10, ("nmbd not around\n"));
699 state->reader = NULL;
700 }
701
702 subreq = sock_packet_read_send(
703 state, state->ev, state->sock,
704 state->reader, state->type, state->trn_id,
705 state->validator, state->private_data);
706 if (tevent_req_nomem(subreq, req)) {
707 return;
708 }
709 tevent_req_set_callback(subreq, nb_trans_done, req);
710
711 subreq = tdgram_sendto_send(state, state->ev,
712 state->sock,
713 state->buf, state->buflen,
714 state->dst_addr);
715 if (tevent_req_nomem(subreq, req)) {
716 return;
717 }
718 tevent_req_set_callback(subreq, nb_trans_sent, req);
719 }
720
721 static void nb_trans_sent(struct tevent_req *subreq)
722 {
723 struct tevent_req *req = tevent_req_callback_data(
724 subreq, struct tevent_req);
725 struct nb_trans_state *state = tevent_req_data(
726 req, struct nb_trans_state);
727 ssize_t sent;
728 int err;
729
730 sent = tdgram_sendto_recv(subreq, &err);
731 TALLOC_FREE(subreq);
732 if (sent == -1) {
733 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
734 tevent_req_nterror(req, map_nt_error_from_unix(err));
735 return;
736 }
737 subreq = tevent_wakeup_send(state, state->ev,
738 timeval_current_ofs(1, 0));
739 if (tevent_req_nomem(subreq, req)) {
740 return;
741 }
742 tevent_req_set_callback(subreq, nb_trans_send_next, req);
743 }
744
745 static void nb_trans_send_next(struct tevent_req *subreq)
746 {
747 struct tevent_req *req = tevent_req_callback_data(
748 subreq, struct tevent_req);
749 struct nb_trans_state *state = tevent_req_data(
750 req, struct nb_trans_state);
751 bool ret;
752
753 ret = tevent_wakeup_recv(subreq);
754 TALLOC_FREE(subreq);
755 if (!ret) {
756 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
757 return;
758 }
759 subreq = tdgram_sendto_send(state, state->ev,
760 state->sock,
761 state->buf, state->buflen,
762 state->dst_addr);
763 if (tevent_req_nomem(subreq, req)) {
764 return;
765 }
766 tevent_req_set_callback(subreq, nb_trans_sent, req);
767 }
768
769 static void nb_trans_done(struct tevent_req *subreq)
770 {
771 struct tevent_req *req = tevent_req_callback_data(
772 subreq, struct tevent_req);
773 struct nb_trans_state *state = tevent_req_data(
774 req, struct nb_trans_state);
775 NTSTATUS status;
776
777 status = sock_packet_read_recv(subreq, state, &state->packet);
778 TALLOC_FREE(subreq);
779 if (tevent_req_nterror(req, status)) {
780 return;
781 }
782 tevent_req_done(req);
783 }
784
785 static NTSTATUS nb_trans_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
786 struct packet_struct **ppacket)
787 {
788 struct nb_trans_state *state = tevent_req_data(
789 req, struct nb_trans_state);
790 NTSTATUS status;
791
792 if (tevent_req_is_nterror(req, &status)) {
793 return status;
794 }
795 *ppacket = talloc_move(mem_ctx, &state->packet);
796 return NT_STATUS_OK;
797 }
798
799 /****************************************************************************
800 Do a NBT node status query on an open socket and return an array of
801 structures holding the returned names or NULL if the query failed.
802 **************************************************************************/
803
804 struct node_status_query_state {
805 struct samba_sockaddr my_addr;
806 struct samba_sockaddr addr;
807 uint8_t buf[1024];
808 ssize_t buflen;
809 struct packet_struct *packet;
810 };
811
812 static bool node_status_query_validator(struct packet_struct *p,
813 void *private_data);
814 static void node_status_query_done(struct tevent_req *subreq);
815
816 struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
817 struct tevent_context *ev,
818 struct nmb_name *name,
819 const struct sockaddr_storage *addr)
820 {
821 struct tevent_req *req, *subreq;
822 struct node_status_query_state *state;
823 struct packet_struct p;
824 struct nmb_packet *nmb = &p.packet.nmb;
825 bool ok;
826
827 req = tevent_req_create(mem_ctx, &state,
828 struct node_status_query_state);
829 if (req == NULL) {
830 return NULL;
831 }
832
833 if (addr->ss_family != AF_INET) {
834 /* Can't do node status to IPv6 */
835 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
836 return tevent_req_post(req, ev);
837 }
838
839 ok = sockaddr_storage_to_samba_sockaddr(&state->addr, addr);
840 if (!ok) {
841 /* node status must be IPv4 */
842 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
843 return tevent_req_post(req, ev);
844 }
845 state->addr.u.in.sin_port = htons(NMB_PORT);
846
847 set_socket_addr_v4(&state->my_addr);
848
849 ZERO_STRUCT(p);
850 nmb->header.name_trn_id = generate_trn_id();
851 nmb->header.opcode = 0;
852 nmb->header.response = false;
853 nmb->header.nm_flags.bcast = false;
854 nmb->header.nm_flags.recursion_available = false;
855 nmb->header.nm_flags.recursion_desired = false;
856 nmb->header.nm_flags.trunc = false;
857 nmb->header.nm_flags.authoritative = false;
858 nmb->header.rcode = 0;
859 nmb->header.qdcount = 1;
860 nmb->header.ancount = 0;
861 nmb->header.nscount = 0;
862 nmb->header.arcount = 0;
863 nmb->question.question_name = *name;
864 nmb->question.question_type = 0x21;
865 nmb->question.question_class = 0x1;
866
867 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
868 &p);
869 if (state->buflen == 0) {
870 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
871 DEBUG(10, ("build_packet failed\n"));
872 return tevent_req_post(req, ev);
873 }
874
875 subreq = nb_trans_send(state,
876 ev,
877 &state->my_addr,
878 &state->addr,
879 false,
880 state->buf,
881 state->buflen,
882 NMB_PACKET,
883 nmb->header.name_trn_id,
884 node_status_query_validator,
885 NULL);
886 if (tevent_req_nomem(subreq, req)) {
887 DEBUG(10, ("nb_trans_send failed\n"));
888 return tevent_req_post(req, ev);
889 }
890 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
891 return tevent_req_post(req, ev);
892 }
893 tevent_req_set_callback(subreq, node_status_query_done, req);
894 return req;
895 }
896
897 static bool node_status_query_validator(struct packet_struct *p,
898 void *private_data)
899 {
900 struct nmb_packet *nmb = &p->packet.nmb;
901 debug_nmb_packet(p);
902
903 if (nmb->header.opcode != 0 ||
904 nmb->header.nm_flags.bcast ||
905 nmb->header.rcode ||
906 !nmb->header.ancount ||
907 nmb->answers->rr_type != 0x21) {
908 /*
909 * XXXX what do we do with this? could be a redirect,
910 * but we'll discard it for the moment
911 */
912 return false;
913 }
914 return true;
915 }
916
917 static void node_status_query_done(struct tevent_req *subreq)
918 {
919 struct tevent_req *req = tevent_req_callback_data(
920 subreq, struct tevent_req);
921 struct node_status_query_state *state = tevent_req_data(
922 req, struct node_status_query_state);
923 NTSTATUS status;
924
925 status = nb_trans_recv(subreq, state, &state->packet);
926 TALLOC_FREE(subreq);
927 if (tevent_req_nterror(req, status)) {
928 return;
929 }
930 tevent_req_done(req);
931 }
932
933 NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
934 struct node_status **pnode_status,
935 size_t *pnum_names,
936 struct node_status_extra *extra)
937 {
938 struct node_status_query_state *state = tevent_req_data(
939 req, struct node_status_query_state);
940 struct node_status *node_status;
941 size_t num_names = 0;
942 NTSTATUS status;
943
944 if (tevent_req_is_nterror(req, &status)) {
945 return status;
946 }
947 node_status = parse_node_status(
948 mem_ctx,
949 state->packet->packet.nmb.answers->rdata,
950 state->packet->packet.nmb.answers->rdlength,
951 &num_names,
952 extra);
953 if (node_status == NULL) {
954 return NT_STATUS_NO_MEMORY;
955 }
956 *pnode_status = node_status;
957 *pnum_names = num_names;
958 return NT_STATUS_OK;
959 }
960
961 NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
962 const struct sockaddr_storage *addr,
963 struct node_status **pnode_status,
964 size_t *pnum_names,
965 struct node_status_extra *extra)
966 {
967 TALLOC_CTX *frame = talloc_stackframe();
968 struct tevent_context *ev;
969 struct tevent_req *req;
970 NTSTATUS status = NT_STATUS_NO_MEMORY;
971
972 ev = samba_tevent_context_init(frame);
973 if (ev == NULL) {
974 goto fail;
975 }
976 req = node_status_query_send(ev, ev, name, addr);
977 if (req == NULL) {
978 goto fail;
979 }
980 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
981 goto fail;
982 }
983 status = node_status_query_recv(req, mem_ctx, pnode_status,
984 pnum_names, extra);
985 fail:
986 TALLOC_FREE(frame);
987 return status;
988 }
989
990 static bool name_status_lmhosts(const struct sockaddr_storage *paddr,
991 int qname_type, fstring pname)
992 {
993 FILE *f;
994 char *name;
995 int name_type;
996 struct samba_sockaddr addr_in = {0};
997 struct samba_sockaddr addr = {0};
998 bool ok;
999
1000 ok = sockaddr_storage_to_samba_sockaddr(&addr_in, paddr);
1001 if (!ok) {
1002 return false;
1003 }
1004 if (addr_in.u.ss.ss_family != AF_INET) {
1005 return false;
1006 }
1007
1008 f = startlmhosts(get_dyn_LMHOSTSFILE());
1009 if (f == NULL) {
1010 return false;
1011 }
1012
1013 while (getlmhostsent(talloc_tos(), f, &name, &name_type, &addr.u.ss)) {
1014 if (addr.u.ss.ss_family != AF_INET) {
1015 continue;
1016 }
1017 if (name_type != qname_type) {
1018 continue;
1019 }
1020 if (sockaddr_equal(&addr_in.u.sa, &addr.u.sa)) {
1021 fstrcpy(pname, name);
1022 endlmhosts(f);
1023 return true;
1024 }
1025 }
1026 endlmhosts(f);
1027 return false;
1028 }
1029
1030 /****************************************************************************
1031 Find the first type XX name in a node status reply - used for finding
1032 a servers name given its IP. Return the matched name in *name.
1033 **************************************************************************/
1034
1035 bool name_status_find(const char *q_name,
1036 int q_type,
1037 int type,
1038 const struct sockaddr_storage *to_ss,
1039 fstring name)
1040 {
1041 char addr[INET6_ADDRSTRLEN];
1042 struct node_status *addrs = NULL;
1043 struct nmb_name nname;
1044 size_t count = 0, i;
1045 bool result = false;
1046 NTSTATUS status;
1047
1048 if (lp_disable_netbios()) {
1049 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
1050 q_name, q_type));
1051 return False;
1052 }
1053
1054 print_sockaddr(addr, sizeof(addr), to_ss);
1055
1056 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
1057 q_type, addr));
1058
1059 /* Check the cache first. */
1060
1061 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
1062 return True;
1063 }
1064
1065 if (to_ss->ss_family != AF_INET) {
1066 /* Can't do node status to IPv6 */
1067 return false;
1068 }
1069
1070 result = name_status_lmhosts(to_ss, type, name);
1071 if (result) {
1072 DBG_DEBUG("Found name %s in lmhosts\n", name);
1073 namecache_status_store(q_name, q_type, type, to_ss, name);
1074 return true;
1075 }
1076
1077 /* W2K PDC's seem not to respond to '*'#0. JRA */
1078 make_nmb_name(&nname, q_name, q_type);
1079 status = node_status_query(talloc_tos(), &nname, to_ss,
1080 &addrs, &count, NULL);
1081 if (!NT_STATUS_IS_OK(status)) {
1082 goto done;
1083 }
1084
1085 for (i=0;i<count;i++) {
1086 /* Find first one of the requested type that's not a GROUP. */
1087 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
1088 break;
1089 }
1090 if (i == count)
1091 goto done;
1092
1093 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
1094
1095 /* Store the result in the cache. */
1096 /* but don't store an entry for 0x1c names here. Here we have
1097 a single host and DOMAIN<0x1c> names should be a list of hosts */
1098
1099 if ( q_type != 0x1c ) {
1100 namecache_status_store(q_name, q_type, type, to_ss, name);
1101 }
1102
1103 result = true;
1104
1105 done:
1106 TALLOC_FREE(addrs);
1107
1108 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
1109
1110 if (result)
1111 DEBUGADD(10, (", name %s ip address is %s", name, addr));
1112
1113 DEBUG(10, ("\n"));
1114
1115 return result;
1116 }
1117
1118 /*
1119 * comparison function used by sort_addr_list
1120 *
1121 * This comparison is intransitive in sort if a socket has an invalid
1122 * family (i.e., not IPv4 or IPv6), or an interface doesn't support
1123 * the family. Say we have sockaddrs with IP versions {4,5,6}, of
1124 * which 5 is invalid. By this function, 4 == 5 and 6 == 5, but 4 !=
1125 * 6. This is of course a consequence of cmp() being unable to
1126 * communicate error.
1127 */
1128
1129 static int addr_compare(const struct sockaddr_storage *ss1,
1130 const struct sockaddr_storage *ss2)
1131 {
1132 int max_bits1=0, max_bits2=0;
1133 int num_interfaces = iface_count();
1134 int i;
1135 struct samba_sockaddr sa1;
1136 struct samba_sockaddr sa2;
1137 bool ok;
1138
1139 ok = sockaddr_storage_to_samba_sockaddr(&sa1, ss1);
1140 if (!ok) {
1141 return 0; /* No change. */
1142 }
1143
1144 ok = sockaddr_storage_to_samba_sockaddr(&sa2, ss2);
1145 if (!ok) {
1146 return 0; /* No change. */
1147 }
1148
1149 /* Sort IPv4 addresses first. */
1150 if (sa1.u.ss.ss_family != sa2.u.ss.ss_family) {
1151 if (sa2.u.ss.ss_family == AF_INET) {
1152 return 1;
1153 } else {
1154 return -1;
1155 }
1156 }
1157
1158 /* Here we know both addresses are of the same
1159 * family. */
1160
1161 for (i=0;i<num_interfaces;i++) {
1162 struct samba_sockaddr sif = {0};
1163 const unsigned char *p_ss1 = NULL;
1164 const unsigned char *p_ss2 = NULL;
1165 const unsigned char *p_if = NULL;
1166 size_t len = 0;
1167 int bits1, bits2;
1168
1169 ok = sockaddr_storage_to_samba_sockaddr(&sif, iface_n_bcast(i));
1170 if (!ok) {
1171 return 0; /* No change. */
1172 }
1173 if (sif.u.ss.ss_family != sa1.u.ss.ss_family) {
1174 /* Ignore interfaces of the wrong type. */
1175 continue;
1176 }
1177 if (sif.u.ss.ss_family == AF_INET) {
1178 p_if = (const unsigned char *)&sif.u.in.sin_addr;
1179 p_ss1 = (const unsigned char *)&sa1.u.in.sin_addr;
1180 p_ss2 = (const unsigned char *)&sa2.u.in.sin_addr;
1181 len = 4;
1182 }
1183 #if defined(HAVE_IPV6)
1184 if (sif.u.ss.ss_family == AF_INET6) {
1185 p_if = (const unsigned char *)&sif.u.in6.sin6_addr;
1186 p_ss1 = (const unsigned char *)&sa1.u.in6.sin6_addr;
1187 p_ss2 = (const unsigned char *)&sa2.u.in6.sin6_addr;
1188 len = 16;
1189 }
1190 #endif
1191 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
1192 continue;
1193 }
1194 bits1 = matching_len_bits(p_ss1, p_if, len);
1195 bits2 = matching_len_bits(p_ss2, p_if, len);
1196 max_bits1 = MAX(bits1, max_bits1);
1197 max_bits2 = MAX(bits2, max_bits2);
1198 }
1199
1200 /* Bias towards directly reachable IPs */
1201 if (iface_local(&sa1.u.sa)) {
1202 if (sa1.u.ss.ss_family == AF_INET) {
1203 max_bits1 += 32;
1204 } else {
1205 max_bits1 += 128;
1206 }
1207 }
1208 if (iface_local(&sa2.u.sa)) {
1209 if (sa2.u.ss.ss_family == AF_INET) {
1210 max_bits2 += 32;
1211 } else {
1212 max_bits2 += 128;
1213 }
1214 }
1215 return NUMERIC_CMP(max_bits2, max_bits1);
1216 }
1217
1218 /*
1219 sort an IP list so that names that are close to one of our interfaces
1220 are at the top. This prevents the problem where a WINS server returns an IP
1221 that is not reachable from our subnet as the first match
1222 */
1223
1224 static void sort_addr_list(struct sockaddr_storage *sslist, size_t count)
1225 {
1226 if (count <= 1) {
1227 return;
1228 }
1229
1230 TYPESAFE_QSORT(sslist, count, addr_compare);
1231 }
1232
1233 static int samba_sockaddr_compare(struct samba_sockaddr *sa1,
1234 struct samba_sockaddr *sa2)
1235 {
1236 return addr_compare(&sa1->u.ss, &sa2->u.ss);
1237 }
1238
1239 static void sort_sa_list(struct samba_sockaddr *salist, size_t count)
1240 {
1241 if (count <= 1) {
1242 return;
1243 }
1244
1245 TYPESAFE_QSORT(salist, count, samba_sockaddr_compare);
1246 }
1247
1248 /**********************************************************************
1249 Remove any duplicate address/port pairs in the samba_sockaddr array.
1250 *********************************************************************/
1251
1252 size_t remove_duplicate_addrs2(struct samba_sockaddr *salist, size_t count )
1253 {
1254 size_t i, j;
1255
1256 DBG_DEBUG("looking for duplicate address/port pairs\n");
1257
1258 /* One loop to set duplicates to a zero addr. */
1259 for (i=0; i < count; i++) {
1260 if (is_zero_addr(&salist[i].u.ss)) {
1261 continue;
1262 }
1263
1264 for (j=i+1; j<count; j++) {
1265 if (sockaddr_equal(&salist[i].u.sa, &salist[j].u.sa)) {
1266 zero_sockaddr(&salist[j].u.ss);
1267 }
1268 }
1269 }
1270
1271 /* Now remove any addresses set to zero above. */
1272 for (i = 0; i < count; i++) {
1273 while (i < count &&
1274 is_zero_addr(&salist[i].u.ss)) {
1275 ARRAY_DEL_ELEMENT(salist, i, count);
1276 count--;
1277 }
1278 }
1279
1280 return count;
1281 }
1282
1283 static bool prioritize_ipv4_list(struct samba_sockaddr *salist, size_t count)
1284 {
1285 TALLOC_CTX *frame = talloc_stackframe();
1286 struct samba_sockaddr *salist_new = talloc_array(frame,
1287 struct samba_sockaddr,
1288 count);
1289 size_t i, j;
1290
1291 if (salist_new == NULL) {
1292 TALLOC_FREE(frame);
1293 return false;
1294 }
1295
1296 j = 0;
1297
1298 /* Copy IPv4 first. */
1299 for (i = 0; i < count; i++) {
1300 if (salist[i].u.ss.ss_family == AF_INET) {
1301 salist_new[j++] = salist[i];
1302 }
1303 }
1304
1305 /* Copy IPv6. */
1306 for (i = 0; i < count; i++) {
1307 if (salist[i].u.ss.ss_family != AF_INET) {
1308 salist_new[j++] = salist[i];
1309 }
1310 }
1311
1312 memcpy(salist, salist_new, sizeof(struct samba_sockaddr)*count);
1313 TALLOC_FREE(frame);
1314 return true;
1315 }
1316
1317 /****************************************************************************
1318 Do a netbios name query to find someones IP.
1319 Returns an array of IP addresses or NULL if none.
1320 *count will be set to the number of addresses returned.
1321 *timed_out is set if we failed by timing out
1322 ****************************************************************************/
1323
1324 struct name_query_state {
1325 struct samba_sockaddr my_addr;
1326 struct samba_sockaddr addr;
1327 bool bcast;
1328 bool bcast_star_query;
1329
1330
1331 uint8_t buf[1024];
1332 ssize_t buflen;
1333
1334 NTSTATUS validate_error;
1335 uint8_t flags;
1336
1337 struct sockaddr_storage *addrs;
1338 size_t num_addrs;
1339 };
1340
1341 static bool name_query_validator(struct packet_struct *p, void *private_data);
1342 static void name_query_done(struct tevent_req *subreq);
1343
1344 struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1345 struct tevent_context *ev,
1346 const char *name, int name_type,
1347 bool bcast, bool recurse,
1348 const struct sockaddr_storage *addr)
1349 {
1350 struct tevent_req *req, *subreq;
1351 struct name_query_state *state;
1352 struct packet_struct p;
1353 struct nmb_packet *nmb = &p.packet.nmb;
1354 bool ok;
1355
1356 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1357 if (req == NULL) {
1358 return NULL;
1359 }
1360 state->bcast = bcast;
1361
1362 if (addr->ss_family != AF_INET) {
1363 /* Can't do node status to IPv6 */
1364 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1365 return tevent_req_post(req, ev);
1366 }
1367
1368 if (lp_disable_netbios()) {
1369 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1370 name, name_type));
1371 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1372 return tevent_req_post(req, ev);
1373 }
1374
1375 ok = sockaddr_storage_to_samba_sockaddr(&state->addr, addr);
1376 if (!ok) {
1377 /* Node status must be IPv4 */
1378 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1379 return tevent_req_post(req, ev);
1380 }
1381 state->addr.u.in.sin_port = htons(NMB_PORT);
1382
1383 set_socket_addr_v4(&state->my_addr);
1384
1385 ZERO_STRUCT(p);
1386 nmb->header.name_trn_id = generate_trn_id();
1387 nmb->header.opcode = 0;
1388 nmb->header.response = false;
1389 nmb->header.nm_flags.bcast = bcast;
1390 nmb->header.nm_flags.recursion_available = false;
1391 nmb->header.nm_flags.recursion_desired = recurse;
1392 nmb->header.nm_flags.trunc = false;
1393 nmb->header.nm_flags.authoritative = false;
1394 nmb->header.rcode = 0;
1395 nmb->header.qdcount = 1;
1396 nmb->header.ancount = 0;
1397 nmb->header.nscount = 0;
1398 nmb->header.arcount = 0;
1399
1400 if (bcast && (strcmp(name, "*")==0)) {
1401 /*
1402 * We're doing a broadcast query for all
1403 * names in the area. Remember this so
1404 * we will wait for all names within
1405 * the timeout period.
1406 */
1407 state->bcast_star_query = true;
1408 }
1409
1410 make_nmb_name(&nmb->question.question_name,name,name_type);
1411
1412 nmb->question.question_type = 0x20;
1413 nmb->question.question_class = 0x1;
1414
1415 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1416 &p);
1417 if (state->buflen == 0) {
1418 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1419 DEBUG(10, ("build_packet failed\n"));
1420 return tevent_req_post(req, ev);
1421 }
1422
1423 subreq = nb_trans_send(state,
1424 ev,
1425 &state->my_addr,
1426 &state->addr,
1427 bcast,
1428 state->buf,
1429 state->buflen,
1430 NMB_PACKET,
1431 nmb->header.name_trn_id,
1432 name_query_validator,
1433 state);
1434 if (tevent_req_nomem(subreq, req)) {
1435 DEBUG(10, ("nb_trans_send failed\n"));
1436 return tevent_req_post(req, ev);
1437 }
1438 tevent_req_set_callback(subreq, name_query_done, req);
1439 return req;
1440 }
1441
1442 static bool name_query_validator(struct packet_struct *p, void *private_data)
1443 {
1444 struct name_query_state *state = talloc_get_type_abort(
1445 private_data, struct name_query_state);
1446 struct nmb_packet *nmb = &p->packet.nmb;
1447 struct sockaddr_storage *tmp_addrs;
1448 bool got_unique_netbios_name = false;
1449 int i;
1450
1451 debug_nmb_packet(p);
1452
1453 /*
1454 * If we get a Negative Name Query Response from a WINS
1455 * server, we should report it and give up.
1456 */
1457 if( 0 == nmb->header.opcode /* A query response */
1458 && !state->bcast /* from a WINS server */
1459 && nmb->header.rcode /* Error returned */
1460 ) {
1461
1462 if( DEBUGLVL( 3 ) ) {
1463 /* Only executed if DEBUGLEVEL >= 3 */
1464 dbgtext( "Negative name query "
1465 "response, rcode 0x%02x: ",
1466 nmb->header.rcode );
1467 switch( nmb->header.rcode ) {
1468 case 0x01:
1469 dbgtext("Request was invalidly formatted.\n");
1470 break;
1471 case 0x02:
1472 dbgtext("Problem with NBNS, cannot process "
1473 "name.\n");
1474 break;
1475 case 0x03:
1476 dbgtext("The name requested does not "
1477 "exist.\n");
1478 break;
1479 case 0x04:
1480 dbgtext("Unsupported request error.\n");
1481 break;
1482 case 0x05:
1483 dbgtext("Query refused error.\n");
1484 break;
1485 default:
1486 dbgtext("Unrecognized error code.\n" );
1487 break;
1488 }
1489 }
1490
1491 /*
1492 * We accept this packet as valid, but tell the upper
1493 * layers that it's a negative response.
1494 */
1495 state->validate_error = NT_STATUS_NOT_FOUND;
1496 return true;
1497 }
1498
1499 if (nmb->header.opcode != 0 ||
1500 nmb->header.nm_flags.bcast ||
1501 nmb->header.rcode ||
1502 !nmb->header.ancount) {
1503 /*
1504 * XXXX what do we do with this? Could be a redirect,
1505 * but we'll discard it for the moment.
1506 */
1507 return false;
1508 }
1509
1510 tmp_addrs = talloc_realloc(
1511 state, state->addrs, struct sockaddr_storage,
1512 state->num_addrs + nmb->answers->rdlength/6);
1513 if (tmp_addrs == NULL) {
1514 state->validate_error = NT_STATUS_NO_MEMORY;
1515 return true;
1516 }
1517 state->addrs = tmp_addrs;
1518
1519 DEBUG(2,("Got a positive name query response "
1520 "from %s ( ", inet_ntoa(p->ip)));
1521
1522 for (i=0; i<nmb->answers->rdlength/6; i++) {
1523 uint16_t flags;
1524 struct in_addr ip;
1525 struct sockaddr_storage addr;
1526 struct samba_sockaddr sa = {0};
1527 bool ok;
1528 size_t j;
1529
1530 flags = RSVAL(&nmb->answers->rdata[i*6], 0);
1531 got_unique_netbios_name |= ((flags & 0x8000) == 0);
1532
1533 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1534 in_addr_to_sockaddr_storage(&addr, ip);
1535
1536 ok = sockaddr_storage_to_samba_sockaddr(&sa, &addr);
1537 if (!ok) {
1538 continue;
1539 }
1540
1541 if (is_zero_addr(&sa.u.ss)) {
1542 continue;
1543 }
1544
1545 for (j=0; j<state->num_addrs; j++) {
1546 struct samba_sockaddr sa_j = {0};
1547
1548 ok = sockaddr_storage_to_samba_sockaddr(&sa_j,
1549 &state->addrs[j]);
1550 if (!ok) {
1551 continue;
1552 }
1553 if (sockaddr_equal(&sa.u.sa, &sa_j.u.sa)) {
1554 break;
1555 }
1556 }
1557 if (j < state->num_addrs) {
1558 /* Already got it */
1559 continue;
1560 }
1561
1562 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1563
1564 state->addrs[state->num_addrs] = addr;
1565 /* wrap check. */
1566 if (state->num_addrs + 1 < state->num_addrs) {
1567 return false;
1568 }
1569 state->num_addrs += 1;
1570 }
1571 DEBUGADD(2,(")\n"));
1572
1573 /* We add the flags back ... */
1574 if (nmb->header.response)
1575 state->flags |= NM_FLAGS_RS;
1576 if (nmb->header.nm_flags.authoritative)
1577 state->flags |= NM_FLAGS_AA;
1578 if (nmb->header.nm_flags.trunc)
1579 state->flags |= NM_FLAGS_TC;
1580 if (nmb->header.nm_flags.recursion_desired)
1581 state->flags |= NM_FLAGS_RD;
1582 if (nmb->header.nm_flags.recursion_available)
1583 state->flags |= NM_FLAGS_RA;
1584 if (nmb->header.nm_flags.bcast)
1585 state->flags |= NM_FLAGS_B;
1586
1587 if (state->bcast) {
1588 /*
1589 * We have to collect all entries coming in from broadcast
1590 * queries. If we got a unique name and we are not querying
1591 * all names registered within broadcast area (query
1592 * for the name '*', so state->bcast_star_query is set),
1593 * we're done.
1594 */
1595 return (got_unique_netbios_name && !state->bcast_star_query);
1596 }
1597 /*
1598 * WINS responses are accepted when they are received
1599 */
1600 return true;
1601 }
1602
1603 static void name_query_done(struct tevent_req *subreq)
1604 {
1605 struct tevent_req *req = tevent_req_callback_data(
1606 subreq, struct tevent_req);
1607 struct name_query_state *state = tevent_req_data(
1608 req, struct name_query_state);
1609 NTSTATUS status;
1610 struct packet_struct *p = NULL;
1611
1612 status = nb_trans_recv(subreq, state, &p);
1613 TALLOC_FREE(subreq);
1614 if (tevent_req_nterror(req, status)) {
1615 return;
1616 }
1617 if (!NT_STATUS_IS_OK(state->validate_error)) {
1618 tevent_req_nterror(req, state->validate_error);
1619 return;
1620 }
1621 tevent_req_done(req);
1622 }
1623
1624 NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1625 struct sockaddr_storage **addrs, size_t *num_addrs,
1626 uint8_t *flags)
1627 {
1628 struct name_query_state *state = tevent_req_data(
1629 req, struct name_query_state);
1630 NTSTATUS status;
1631
1632 if (tevent_req_is_nterror(req, &status)) {
1633 if (state->bcast &&
1634 NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1635 /*
1636 * In the broadcast case we collect replies until the
1637 * timeout.
1638 */
1639 status = NT_STATUS_OK;
1640 }
1641 if (!NT_STATUS_IS_OK(status)) {
1642 return status;
1643 }
1644 }
1645 if (state->num_addrs == 0) {
1646 return NT_STATUS_NOT_FOUND;
1647 }
1648 *addrs = talloc_move(mem_ctx, &state->addrs);
1649 sort_addr_list(*addrs, state->num_addrs);
1650 *num_addrs = state->num_addrs;
1651 if (flags != NULL) {
1652 *flags = state->flags;
1653 }
1654 return NT_STATUS_OK;
1655 }
1656
1657 NTSTATUS name_query(const char *name, int name_type,
1658 bool bcast, bool recurse,
1659 const struct sockaddr_storage *to_ss,
1660 TALLOC_CTX *mem_ctx,
1661 struct sockaddr_storage **addrs,
1662 size_t *num_addrs, uint8_t *flags)
1663 {
1664 TALLOC_CTX *frame = talloc_stackframe();
1665 struct tevent_context *ev;
1666 struct tevent_req *req;
1667 struct timeval timeout;
1668 NTSTATUS status = NT_STATUS_NO_MEMORY;
1669
1670 ev = samba_tevent_context_init(frame);
1671 if (ev == NULL) {
1672 goto fail;
1673 }
1674 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1675 if (req == NULL) {
1676 goto fail;
1677 }
1678 if (bcast) {
1679 timeout = timeval_current_ofs(0, 250000);
1680 } else {
1681 timeout = timeval_current_ofs(2, 0);
1682 }
1683 if (!tevent_req_set_endtime(req, ev, timeout)) {
1684 goto fail;
1685 }
1686 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1687 goto fail;
1688 }
1689 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1690 fail:
1691 TALLOC_FREE(frame);
1692 return status;
1693 }
1694
1695 struct name_queries_state {
1696 struct tevent_context *ev;
1697 const char *name;
1698 int name_type;
1699 bool bcast;
1700 bool recurse;
1701 const struct sockaddr_storage *addrs;
1702 size_t num_addrs;
1703 int wait_msec;
1704 int timeout_msec;
1705
1706 struct tevent_req **subreqs;
1707 size_t num_received;
1708 size_t num_sent;
1709
1710 size_t received_index;
1711 struct sockaddr_storage *result_addrs;
1712 size_t num_result_addrs;
1713 uint8_t flags;
1714 };
1715
1716 static void name_queries_done(struct tevent_req *subreq);
1717 static void name_queries_next(struct tevent_req *subreq);
1718
1719 /*
1720 * Send a name query to multiple destinations with a wait time in between
1721 */
1722
1723 static struct tevent_req *name_queries_send(
1724 TALLOC_CTX *mem_ctx, struct tevent_context *ev,
1725 const char *name, int name_type,
1726 bool bcast, bool recurse,
1727 const struct sockaddr_storage *addrs,
1728 size_t num_addrs, int wait_msec, int timeout_msec)
1729 {
1730 struct tevent_req *req, *subreq;
1731 struct name_queries_state *state;
1732
1733 if (num_addrs == 0) {
1734 return NULL;
1735 }
1736
1737 req = tevent_req_create(mem_ctx, &state,
1738 struct name_queries_state);
1739 if (req == NULL) {
1740 return NULL;
1741 }
1742 state->ev = ev;
1743 state->name = name;
1744 state->name_type = name_type;
1745 state->bcast = bcast;
1746 state->recurse = recurse;
1747 state->addrs = addrs;
1748 state->num_addrs = num_addrs;
1749 state->wait_msec = wait_msec;
1750 state->timeout_msec = timeout_msec;
1751
1752 state->subreqs = talloc_zero_array(
1753 state, struct tevent_req *, num_addrs);
1754 if (tevent_req_nomem(state->subreqs, req)) {
1755 return tevent_req_post(req, ev);
1756 }
1757 state->num_sent = 0;
1758
1759 subreq = name_query_send(
1760 state->subreqs, state->ev, name, name_type, bcast, recurse,
1761 &state->addrs[state->num_sent]);
1762 if (tevent_req_nomem(subreq, req)) {
1763 return tevent_req_post(req, ev);
1764 }
1765 if (!tevent_req_set_endtime(
1766 subreq, state->ev,
1767 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1768 return tevent_req_post(req, ev);
1769 }
1770 tevent_req_set_callback(subreq, name_queries_done, req);
1771
1772 state->subreqs[state->num_sent] = subreq;
1773 state->num_sent += 1;
1774
1775 if (state->num_sent < state->num_addrs) {
1776 subreq = tevent_wakeup_send(
1777 state, state->ev,
1778 timeval_current_ofs(0, state->wait_msec * 1000));
1779 if (tevent_req_nomem(subreq, req)) {
1780 return tevent_req_post(req, ev);
1781 }
1782 tevent_req_set_callback(subreq, name_queries_next, req);
1783 }
1784 return req;
1785 }
1786
1787 static void name_queries_done(struct tevent_req *subreq)
1788 {
1789 struct tevent_req *req = tevent_req_callback_data(
1790 subreq, struct tevent_req);
1791 struct name_queries_state *state = tevent_req_data(
1792 req, struct name_queries_state);
1793 size_t i;
1794 NTSTATUS status;
1795
1796 status = name_query_recv(subreq, state, &state->result_addrs,
1797 &state->num_result_addrs, &state->flags);
1798
1799 for (i=0; i<state->num_sent; i++) {
1800 if (state->subreqs[i] == subreq) {
1801 break;
1802 }
1803 }
1804 if (i == state->num_sent) {
1805 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1806 return;
1807 }
1808 TALLOC_FREE(state->subreqs[i]);
1809
1810 /* wrap check. */
1811 if (state->num_received + 1 < state->num_received) {
1812 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
1813 return;
1814 }
1815 state->num_received += 1;
1816
1817 if (!NT_STATUS_IS_OK(status)) {
1818
1819 if (state->num_received >= state->num_addrs) {
1820 tevent_req_nterror(req, status);
1821 return;
1822 }
1823 /*
1824 * Still outstanding requests, just wait
1825 */
1826 return;
1827 }
1828 state->received_index = i;
1829 tevent_req_done(req);
1830 }
1831
1832 static void name_queries_next(struct tevent_req *subreq)
1833 {
1834 struct tevent_req *req = tevent_req_callback_data(
1835 subreq, struct tevent_req);
1836 struct name_queries_state *state = tevent_req_data(
1837 req, struct name_queries_state);
1838
1839 if (!tevent_wakeup_recv(subreq)) {
1840 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1841 return;
1842 }
1843
1844 subreq = name_query_send(
1845 state->subreqs, state->ev,
1846 state->name, state->name_type, state->bcast, state->recurse,
1847 &state->addrs[state->num_sent]);
1848 if (tevent_req_nomem(subreq, req)) {
1849 return;
1850 }
1851 tevent_req_set_callback(subreq, name_queries_done, req);
1852 if (!tevent_req_set_endtime(
1853 subreq, state->ev,
1854 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1855 return;
1856 }
1857 state->subreqs[state->num_sent] = subreq;
1858 state->num_sent += 1;
1859
1860 if (state->num_sent < state->num_addrs) {
1861 subreq = tevent_wakeup_send(
1862 state, state->ev,
1863 timeval_current_ofs(0, state->wait_msec * 1000));
1864 if (tevent_req_nomem(subreq, req)) {
1865 return;
1866 }
1867 tevent_req_set_callback(subreq, name_queries_next, req);
1868 }
1869 }
1870
1871 static NTSTATUS name_queries_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1872 struct sockaddr_storage **result_addrs,
1873 size_t *num_result_addrs, uint8_t *flags,
1874 size_t *received_index)
1875 {
1876 struct name_queries_state *state = tevent_req_data(
1877 req, struct name_queries_state);
1878 NTSTATUS status;
1879
1880 if (tevent_req_is_nterror(req, &status)) {
1881 return status;
1882 }
1883
1884 if (result_addrs != NULL) {
1885 *result_addrs = talloc_move(mem_ctx, &state->result_addrs);
1886 }
1887 if (num_result_addrs != NULL) {
1888 *num_result_addrs = state->num_result_addrs;
1889 }
1890 if (flags != NULL) {
1891 *flags = state->flags;
1892 }
1893 if (received_index != NULL) {
1894 *received_index = state->received_index;
1895 }
1896 return NT_STATUS_OK;
1897 }
1898
1899 /********************************************************
1900 Resolve via "bcast" method.
1901 *********************************************************/
1902
1903 struct name_resolve_bcast_state {
1904 struct sockaddr_storage *addrs;
1905 size_t num_addrs;
1906 };
1907
1908 static void name_resolve_bcast_done(struct tevent_req *subreq);
1909
1910 struct tevent_req *name_resolve_bcast_send(TALLOC_CTX *mem_ctx,
1911 struct tevent_context *ev,
1912 const char *name,
1913 int name_type)
1914 {
1915 struct tevent_req *req, *subreq;
1916 struct name_resolve_bcast_state *state;
1917 struct sockaddr_storage *bcast_addrs;
1918 size_t i, num_addrs, num_bcast_addrs;
1919
1920 req = tevent_req_create(mem_ctx, &state,
1921 struct name_resolve_bcast_state);
1922 if (req == NULL) {
1923 return NULL;
1924 }
1925
1926 if (lp_disable_netbios()) {
1927 DEBUG(5, ("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1928 name, name_type));
1929 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
1930 return tevent_req_post(req, ev);
1931 }
1932
1933 /*
1934 * "bcast" means do a broadcast lookup on all the local interfaces.
1935 */
1936
1937 DEBUG(3, ("name_resolve_bcast: Attempting broadcast lookup "
1938 "for name %s<0x%x>\n", name, name_type));
1939
1940 num_addrs = iface_count();
1941 if (num_addrs == 0) {
1942 DBG_INFO("name_resolve_bcast(%s#%02x): no interfaces are available\n",
1943 name,
1944 name_type);
1945 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
1946 return tevent_req_post(req, ev);
1947 }
1948
1949 bcast_addrs = talloc_array(state, struct sockaddr_storage, num_addrs);
1950 if (tevent_req_nomem(bcast_addrs, req)) {
1951 return tevent_req_post(req, ev);
1952 }
1953
1954 /*
1955 * Lookup the name on all the interfaces, return on
1956 * the first successful match.
1957 */
1958 num_bcast_addrs = 0;
1959
1960 for (i=0; i<num_addrs; i++) {
1961 const struct sockaddr_storage *pss = iface_n_bcast(i);
1962
1963 if (pss->ss_family != AF_INET) {
1964 continue;
1965 }
1966 bcast_addrs[num_bcast_addrs] = *pss;
1967 num_bcast_addrs += 1;
1968 }
1969
1970 subreq = name_queries_send(state, ev, name, name_type, true, true,
1971 bcast_addrs, num_bcast_addrs, 0, 250);
1972 if (tevent_req_nomem(subreq, req)) {
1973 return tevent_req_post(req, ev);
1974 }
1975 tevent_req_set_callback(subreq, name_resolve_bcast_done, req);
1976 return req;
1977 }
1978
1979 static void name_resolve_bcast_done(struct tevent_req *subreq)
1980 {
1981 struct tevent_req *req = tevent_req_callback_data(
1982 subreq, struct tevent_req);
1983 struct name_resolve_bcast_state *state = tevent_req_data(
1984 req, struct name_resolve_bcast_state);
1985 NTSTATUS status;
1986
1987 status = name_queries_recv(subreq, state,
1988 &state->addrs, &state->num_addrs,
1989 NULL, NULL);
1990 TALLOC_FREE(subreq);
1991 if (tevent_req_nterror(req, status)) {
1992 return;
1993 }
1994 tevent_req_done(req);
1995 }
1996
1997 NTSTATUS name_resolve_bcast_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1998 struct sockaddr_storage **addrs,
1999 size_t *num_addrs)
2000 {
2001 struct name_resolve_bcast_state *state = tevent_req_data(
2002 req, struct name_resolve_bcast_state);
2003 NTSTATUS status;
2004
2005 if (tevent_req_is_nterror(req, &status)) {
2006 return status;
2007 }
2008 *addrs = talloc_move(mem_ctx, &state->addrs);
2009 *num_addrs = state->num_addrs;
2010 return NT_STATUS_OK;
2011 }
2012
2013 NTSTATUS name_resolve_bcast(TALLOC_CTX *mem_ctx,
2014 const char *name,
2015 int name_type,
2016 struct sockaddr_storage **return_iplist,
2017 size_t *return_count)
2018 {
2019 TALLOC_CTX *frame = talloc_stackframe();
2020 struct tevent_context *ev;
2021 struct tevent_req *req;
2022 NTSTATUS status = NT_STATUS_NO_MEMORY;
2023
2024 ev = samba_tevent_context_init(frame);
2025 if (ev == NULL) {
2026 goto fail;
2027 }
2028 req = name_resolve_bcast_send(frame, ev, name, name_type);
2029 if (req == NULL) {
2030 goto fail;
2031 }
2032 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
2033 goto fail;
2034 }
2035 status = name_resolve_bcast_recv(req, mem_ctx, return_iplist,
2036 return_count);
2037 fail:
2038 TALLOC_FREE(frame);
2039 return status;
2040 }
2041
2042 struct query_wins_list_state {
2043 struct tevent_context *ev;
2044 const char *name;
2045 uint8_t name_type;
2046 struct in_addr *servers;
2047 size_t num_servers;
2048 struct sockaddr_storage server;
2049 size_t num_sent;
2050
2051 struct sockaddr_storage *addrs;
2052 size_t num_addrs;
2053 uint8_t flags;
2054 };
2055
2056 static void query_wins_list_done(struct tevent_req *subreq);
2057
2058 /*
2059 * Query a list of (replicating) wins servers in sequence, call them
2060 * dead if they don't reply
2061 */
2062
2063 static struct tevent_req *query_wins_list_send(
2064 TALLOC_CTX *mem_ctx, struct tevent_context *ev,
2065 struct in_addr src_ip, const char *name, uint8_t name_type,
2066 struct in_addr *servers, size_t num_servers)
2067 {
2068 struct tevent_req *req, *subreq;
2069 struct query_wins_list_state *state;
2070
2071 req = tevent_req_create(mem_ctx, &state,
2072 struct query_wins_list_state);
2073 if (req == NULL) {
2074 return NULL;
2075 }
2076 state->ev = ev;
2077 state->name = name;
2078 state->name_type = name_type;
2079 state->servers = servers;
2080 state->num_servers = num_servers;
2081
2082 if (state->num_servers == 0) {
2083 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
2084 return tevent_req_post(req, ev);
2085 }
2086
2087 in_addr_to_sockaddr_storage(
2088 &state->server, state->servers[state->num_sent]);
2089
2090 subreq = name_query_send(state, state->ev,
2091 state->name, state->name_type,
2092 false, true, &state->server);
2093
2094 if (tevent_req_nomem(subreq, req)) {
2095 return tevent_req_post(req, ev);
2096 }
2097
2098 /* wrap check */
2099 if (state->num_sent + 1 < state->num_sent) {
2100 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2101 return tevent_req_post(req, ev);
2102 }
2103
2104 state->num_sent += 1;
2105 if (!tevent_req_set_endtime(subreq, state->ev,
2106 timeval_current_ofs(2, 0))) {
2107 return tevent_req_post(req, ev);
2108 }
2109 tevent_req_set_callback(subreq, query_wins_list_done, req);
2110 return req;
2111 }
2112
2113 static void query_wins_list_done(struct tevent_req *subreq)
2114 {
2115 struct tevent_req *req = tevent_req_callback_data(
2116 subreq, struct tevent_req);
2117 struct query_wins_list_state *state = tevent_req_data(
2118 req, struct query_wins_list_state);
2119 NTSTATUS status;
2120
2121 status = name_query_recv(subreq, state,
2122 &state->addrs, &state->num_addrs,
2123 &state->flags);
2124 TALLOC_FREE(subreq);
2125 if (NT_STATUS_IS_OK(status)) {
2126 tevent_req_done(req);
2127 return;
2128 }
2129 if (!NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
2130 tevent_req_nterror(req, status);
2131 return;
2132 }
2133 wins_srv_died(state->servers[state->num_sent-1],
2134 my_socket_addr_v4());
2135
2136 if (state->num_sent == state->num_servers) {
2137 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
2138 return;
2139 }
2140
2141 in_addr_to_sockaddr_storage(
2142 &state->server, state->servers[state->num_sent]);
2143
2144 subreq = name_query_send(state, state->ev,
2145 state->name, state->name_type,
2146 false, true, &state->server);
2147 state->num_sent += 1;
2148 if (tevent_req_nomem(subreq, req)) {
2149 return;
2150 }
2151 if (!tevent_req_set_endtime(subreq, state->ev,
2152 timeval_current_ofs(2, 0))) {
2153 return;
2154 }
2155 tevent_req_set_callback(subreq, query_wins_list_done, req);
2156 }
2157
2158 static NTSTATUS query_wins_list_recv(struct tevent_req *req,
2159 TALLOC_CTX *mem_ctx,
2160 struct sockaddr_storage **addrs,
2161 size_t *num_addrs,
2162 uint8_t *flags)
2163 {
2164 struct query_wins_list_state *state = tevent_req_data(
2165 req, struct query_wins_list_state);
2166 NTSTATUS status;
2167
2168 if (tevent_req_is_nterror(req, &status)) {
2169 return status;
2170 }
2171 if (addrs != NULL) {
2172 *addrs = talloc_move(mem_ctx, &state->addrs);
2173 }
2174 if (num_addrs != NULL) {
2175 *num_addrs = state->num_addrs;
2176 }
2177 if (flags != NULL) {
2178 *flags = state->flags;
2179 }
2180 return NT_STATUS_OK;
2181 }
2182
2183 struct resolve_wins_state {
2184 size_t num_sent;
2185 size_t num_received;
2186
2187 struct sockaddr_storage *addrs;
2188 size_t num_addrs;
2189 uint8_t flags;
2190 };
2191
2192 static void resolve_wins_done(struct tevent_req *subreq);
2193
2194 struct tevent_req *resolve_wins_send(TALLOC_CTX *mem_ctx,
2195 struct tevent_context *ev,
2196 const char *name,
2197 int name_type)
2198 {
2199 struct tevent_req *req, *subreq;
2200 struct resolve_wins_state *state;
2201 char **wins_tags = NULL;
2202 struct sockaddr_storage src_ss;
2203 struct samba_sockaddr src_sa = {0};
2204 struct in_addr src_ip;
2205 size_t i, num_wins_tags;
2206 bool ok;
2207
2208 req = tevent_req_create(mem_ctx, &state,
2209 struct resolve_wins_state);
2210 if (req == NULL) {
2211 return NULL;
2212 }
2213
2214 if (wins_srv_count() < 1) {
2215 DEBUG(3,("resolve_wins: WINS server resolution selected "
2216 "and no WINS servers listed.\n"));
2217 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2218 goto fail;
2219 }
2220
2221 /* the address we will be sending from */
2222 if (!interpret_string_addr(&src_ss, lp_nbt_client_socket_address(),
2223 AI_NUMERICHOST|AI_PASSIVE)) {
2224 zero_sockaddr(&src_ss);
2225 }
2226
2227 ok = sockaddr_storage_to_samba_sockaddr(&src_sa, &src_ss);
2228 if (!ok) {
2229 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2230 goto fail;
2231 }
2232
2233 if (src_sa.u.ss.ss_family != AF_INET) {
2234 char addr[INET6_ADDRSTRLEN];
2235 print_sockaddr(addr, sizeof(addr), &src_sa.u.ss);
2236 DEBUG(3,("resolve_wins: cannot receive WINS replies "
2237 "on IPv6 address %s\n",
2238 addr));
2239 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2240 goto fail;
2241 }
2242
2243 src_ip = src_sa.u.in.sin_addr;
2244
2245 wins_tags = wins_srv_tags();
2246 if (wins_tags == NULL) {
2247 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2248 goto fail;
2249 }
2250
2251 num_wins_tags = 0;
2252 while (wins_tags[num_wins_tags] != NULL) {
2253 /* wrap check. */
2254 if (num_wins_tags + 1 < num_wins_tags) {
2255 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2256 goto fail;
2257 }
2258 num_wins_tags += 1;
2259 }
2260
2261 for (i=0; i<num_wins_tags; i++) {
2262 size_t num_servers, num_alive;
2263 struct in_addr *servers, *alive;
2264 size_t j;
2265
2266 if (!wins_server_tag_ips(wins_tags[i], talloc_tos(),
2267 &servers, &num_servers)) {
2268 DEBUG(10, ("wins_server_tag_ips failed for tag %s\n",
2269 wins_tags[i]));
2270 continue;
2271 }
2272
2273 alive = talloc_array(state, struct in_addr, num_servers);
2274 if (tevent_req_nomem(alive, req)) {
2275 goto fail;
2276 }
2277
2278 num_alive = 0;
2279 for (j=0; j<num_servers; j++) {
2280 struct in_addr wins_ip = servers[j];
2281
2282 if (global_in_nmbd && ismyip_v4(wins_ip)) {
2283 /* yikes! we'll loop forever */
2284 continue;
2285 }
2286 /* skip any that have been unresponsive lately */
2287 if (wins_srv_is_dead(wins_ip, src_ip)) {
2288 continue;
2289 }
2290 DEBUG(3, ("resolve_wins: using WINS server %s "
2291 "and tag '%s'\n",
2292 inet_ntoa(wins_ip), wins_tags[i]));
2293 alive[num_alive] = wins_ip;
2294 num_alive += 1;
2295 }
2296 TALLOC_FREE(servers);
2297
2298 if (num_alive == 0) {
2299 continue;
2300 }
2301
2302 subreq = query_wins_list_send(
2303 state, ev, src_ip, name, name_type,
2304 alive, num_alive);
2305 if (tevent_req_nomem(subreq, req)) {
2306 goto fail;
2307 }
2308 tevent_req_set_callback(subreq, resolve_wins_done, req);
2309 state->num_sent += 1;
2310 }
2311
2312 if (state->num_sent == 0) {
2313 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
2314 goto fail;
2315 }
2316
2317 wins_srv_tags_free(wins_tags);
2318 return req;
2319 fail:
2320 wins_srv_tags_free(wins_tags);
2321 return tevent_req_post(req, ev);
2322 }
2323
2324 static void resolve_wins_done(struct tevent_req *subreq)
2325 {
2326 struct tevent_req *req = tevent_req_callback_data(
2327 subreq, struct tevent_req);
2328 struct resolve_wins_state *state = tevent_req_data(
2329 req, struct resolve_wins_state);
2330 NTSTATUS status;
2331
2332 status = query_wins_list_recv(subreq, state, &state->addrs,
2333 &state->num_addrs, &state->flags);
2334 if (NT_STATUS_IS_OK(status)) {
2335 tevent_req_done(req);
2336 return;
2337 }
2338
2339 /* wrap check. */
2340 if (state->num_received + 1 < state->num_received) {
2341 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2342 return;
2343 }
2344
2345 state->num_received += 1;
2346
2347 if (state->num_received < state->num_sent) {
2348 /*
2349 * Wait for the others
2350 */
2351 return;
2352 }
2353 tevent_req_nterror(req, status);
2354 }
2355
2356 NTSTATUS resolve_wins_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
2357 struct sockaddr_storage **addrs,
2358 size_t *num_addrs, uint8_t *flags)
2359 {
2360 struct resolve_wins_state *state = tevent_req_data(
2361 req, struct resolve_wins_state);
2362 NTSTATUS status;
2363
2364 if (tevent_req_is_nterror(req, &status)) {
2365 return status;
2366 }
2367 if (addrs != NULL) {
2368 *addrs = talloc_move(mem_ctx, &state->addrs);
2369 }
2370 if (num_addrs != NULL) {
2371 *num_addrs = state->num_addrs;
2372 }
2373 if (flags != NULL) {
2374 *flags = state->flags;
2375 }
2376 return NT_STATUS_OK;
2377 }
2378
2379 /********************************************************
2380 Resolve via "wins" method.
2381 *********************************************************/
2382
2383 NTSTATUS resolve_wins(TALLOC_CTX *mem_ctx,
2384 const char *name,
2385 int name_type,
2386 struct sockaddr_storage **return_iplist,
2387 size_t *return_count)
2388 {
2389 struct tevent_context *ev;
2390 struct tevent_req *req;
2391 NTSTATUS status = NT_STATUS_NO_MEMORY;
2392
2393 ev = samba_tevent_context_init(talloc_tos());
2394 if (ev == NULL) {
2395 goto fail;
2396 }
2397 req = resolve_wins_send(ev, ev, name, name_type);
2398 if (req == NULL) {
2399 goto fail;
2400 }
2401 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
2402 goto fail;
2403 }
2404 status = resolve_wins_recv(req, mem_ctx, return_iplist, return_count,
2405 NULL);
2406 fail:
2407 TALLOC_FREE(ev);
2408 return status;
2409 }
2410
2411
2412 /********************************************************
2413 Resolve via "hosts" method.
2414 *********************************************************/
2415
2416 static NTSTATUS resolve_hosts(TALLOC_CTX *mem_ctx,
2417 const char *name,
2418 int name_type,
2419 struct sockaddr_storage **return_iplist,
2420 size_t *return_count)
2421 {
2422 /*
2423 * "host" means do a localhost, or dns lookup.
2424 */
2425 struct addrinfo hints;
2426 struct addrinfo *ailist = NULL;
2427 struct addrinfo *res = NULL;
2428 int ret = -1;
2429 size_t i = 0;
2430 size_t ret_count = 0;
2431 struct sockaddr_storage *iplist = NULL;
2432
2433 if ( name_type != 0x20 && name_type != 0x0) {
2434 DEBUG(5, ("resolve_hosts: not appropriate "
2435 "for name type <0x%x>\n",
2436 name_type));
2437 return NT_STATUS_INVALID_PARAMETER;
2438 }
2439
2440 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
2441 name, name_type));
2442
2443 ZERO_STRUCT(hints);
2444 /* By default make sure it supports TCP. */
2445 hints.ai_socktype = SOCK_STREAM;
2446 hints.ai_flags = AI_ADDRCONFIG;
2447
2448 #if !defined(HAVE_IPV6)
2449 /* Unless we have IPv6, we really only want IPv4 addresses back. */
2450 hints.ai_family = AF_INET;
2451 #endif
2452
2453 ret = getaddrinfo(name,
2454 NULL,
2455 &hints,
2456 &ailist);
2457 if (ret) {
2458 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
2459 name,
2460 gai_strerror(ret) ));
2461 }
2462
2463 for (res = ailist; res; res = res->ai_next) {
2464 struct sockaddr_storage ss = {0};
2465 struct sockaddr_storage *tmp = NULL;
2466
2467 if ((res->ai_addr == NULL) ||
2468 (res->ai_addrlen == 0) ||
2469 (res->ai_addrlen > sizeof(ss))) {
2470 continue;
2471 }
2472
2473 memcpy(&ss, res->ai_addr, res->ai_addrlen);
2474
2475 if (is_zero_addr(&ss)) {
2476 continue;
2477 }
2478
2479 /* wrap check. */
2480 if (ret_count + 1 < ret_count) {
2481 freeaddrinfo(ailist);
2482 TALLOC_FREE(iplist);
2483 return NT_STATUS_INVALID_PARAMETER;
2484 }
2485 ret_count += 1;
2486
2487 tmp = talloc_realloc(
2488 mem_ctx, iplist, struct sockaddr_storage,
2489 ret_count);
2490 if (tmp == NULL) {
2491 DEBUG(3,("resolve_hosts: malloc fail !\n"));
2492 freeaddrinfo(ailist);
2493 TALLOC_FREE(iplist);
2494 return NT_STATUS_NO_MEMORY;
2495 }
2496 iplist = tmp;
2497 iplist[i] = ss;
2498 i++;
2499 }
2500 if (ailist) {
2501 freeaddrinfo(ailist);
2502 }
2503 if (ret_count == 0) {
2504 return NT_STATUS_UNSUCCESSFUL;
2505 }
2506 *return_count = ret_count;
2507 *return_iplist = iplist;
2508 return NT_STATUS_OK;
2509 }
2510
2511 /********************************************************
2512 Resolve via "ADS" method.
2513 *********************************************************/
2514
2515 /* Special name type used to cause a _kerberos DNS lookup. */
2516 #define KDC_NAME_TYPE 0xDCDC
2517
2518 static NTSTATUS resolve_ads(TALLOC_CTX *ctx,
2519 const char *name,
2520 int name_type,
2521 const char *sitename,
2522 struct sockaddr_storage **return_addrs,
2523 size_t *return_count)
2524 {
2525 size_t i;
2526 NTSTATUS status;
2527 struct dns_rr_srv *dcs = NULL;
2528 size_t numdcs = 0;
2529 size_t num_srv_addrs = 0;
2530 struct sockaddr_storage *srv_addrs = NULL;
2531 char *query = NULL;
2532
2533 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
2534 (name_type != 0x1b)) {
2535 return NT_STATUS_INVALID_PARAMETER;
2536 }
2537
2538 status = NT_STATUS_OK;
2539
2540 switch (name_type) {
2541 case 0x1b:
2542 DEBUG(5,("resolve_ads: Attempting to resolve "
2543 "PDC for %s using DNS\n", name));
2544 query = ads_dns_query_string_pdc(ctx, name);
2545 break;
2546
2547 case 0x1c:
2548 DEBUG(5,("resolve_ads: Attempting to resolve "
2549 "DCs for %s using DNS\n", name));
2550 query = ads_dns_query_string_dcs(ctx, name);
2551 break;
2552 case KDC_NAME_TYPE:
2553 DEBUG(5,("resolve_ads: Attempting to resolve "
2554 "KDCs for %s using DNS\n", name));
2555 query = ads_dns_query_string_kdcs(ctx, name);
2556 break;
2557 default:
2558 status = NT_STATUS_INVALID_PARAMETER;
2559 break;
2560 }
2561
2562 if (!NT_STATUS_IS_OK(status)) {
2563 return status;
2564 }
2565 if (query == NULL) {
2566 return NT_STATUS_NO_MEMORY;
2567 }
2568
2569 DBG_DEBUG("SRV query for %s\n", query);
2570
2571 status = ads_dns_query_srv(
2572 ctx,
2573 lp_get_async_dns_timeout(),
2574 sitename,
2575 query,
2576 &dcs,
2577 &numdcs);
2578 if (!NT_STATUS_IS_OK(status)) {
2579 return status;
2580 }
2581
2582 if (numdcs == 0) {
2583 *return_addrs = NULL;
2584 *return_count = 0;
2585 TALLOC_FREE(dcs);
2586 return NT_STATUS_OK;
2587 }
2588
2589 /* First count the sizes of each array. */
2590 for(i = 0; i < numdcs; i++) {
2591 if (dcs[i].ss_s == NULL) {
2592 /*
2593 * Nothing received or timeout in A/AAAA reqs
2594 */
2595 continue;
2596 }
2597
2598 if (num_srv_addrs + dcs[i].num_ips < num_srv_addrs) {
2599 /* Wrap check. */
2600 TALLOC_FREE(dcs);
2601 return NT_STATUS_INVALID_PARAMETER;
2602 }
2603 /* Add in the number of addresses we got. */
2604 num_srv_addrs += dcs[i].num_ips;
2605 }
2606
2607 /* Allocate the list of IP addresses we already have. */
2608 srv_addrs = talloc_zero_array(ctx,
2609 struct sockaddr_storage,
2610 num_srv_addrs);
2611 if (srv_addrs == NULL) {
2612 TALLOC_FREE(dcs);
2613 return NT_STATUS_NO_MEMORY;
2614 }
2615
2616 num_srv_addrs = 0;
2617 for(i = 0; i < numdcs; i++) {
2618 /* Copy all the IP addresses from the SRV response */
2619 size_t j;
2620 for (j = 0; j < dcs[i].num_ips; j++) {
2621 char addr[INET6_ADDRSTRLEN];
2622
2623 srv_addrs[num_srv_addrs] = dcs[i].ss_s[j];
2624 if (is_zero_addr(&srv_addrs[num_srv_addrs])) {
2625 continue;
2626 }
2627
2628 DBG_DEBUG("SRV lookup %s got IP[%zu] %s\n",
2629 name,
2630 j,
2631 print_sockaddr(addr,
2632 sizeof(addr),
2633 &srv_addrs[num_srv_addrs]));
2634
2635 num_srv_addrs++;
2636 }
2637 }
2638
2639 TALLOC_FREE(dcs);
2640
2641 *return_addrs = srv_addrs;
2642 *return_count = num_srv_addrs;
2643 return NT_STATUS_OK;
2644 }
2645
2646 static const char **filter_out_nbt_lookup(TALLOC_CTX *mem_ctx,
2647 const char **resolve_order)
2648 {
2649 size_t i, len, result_idx;
2650 const char **result;
2651
2652 len = 0;
2653 while (resolve_order[len] != NULL) {
2654 len += 1;
2655 }
2656
2657 result = talloc_array(mem_ctx, const char *, len+1);
2658 if (result == NULL) {
2659 return NULL;
2660 }
2661
2662 result_idx = 0;
2663
2664 for (i=0; i<len; i++) {
2665 const char *tok = resolve_order[i];
2666
2667 if (strequal(tok, "lmhosts") || strequal(tok, "wins") ||
2668 strequal(tok, "bcast")) {
2669 continue;
2670 }
2671 result[result_idx++] = tok;
2672 }
2673 result[result_idx] = NULL;
2674
2675 return result;
2676 }
2677
2678 /*******************************************************************
2679 Samba interface to resolve a name into an IP address.
2680 Use this function if the string is either an IP address, DNS
2681 or host name or NetBIOS name. This uses the name switch in the
2682 smb.conf to determine the order of name resolution.
2683
2684 Added support for ip addr/port to support ADS ldap servers.
2685 the only place we currently care about the port is in the
2686 resolve_hosts() when looking up DC's via SRV RR entries in DNS
2687 **********************************************************************/
2688
2689 NTSTATUS internal_resolve_name(TALLOC_CTX *ctx,
2690 const char *name,
2691 int name_type,
2692 const char *sitename,
2693 struct samba_sockaddr **return_salist,
2694 size_t *return_count,
2695 const char **resolve_order)
2696 {
2697 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
2698 size_t i;
2699 size_t nc_count = 0;
2700 size_t ret_count = 0;
2701 bool ok;
2702 struct sockaddr_storage *ss_list = NULL;
2703 struct samba_sockaddr *sa_list = NULL;
2704 TALLOC_CTX *frame = talloc_stackframe();
2705
2706 DBG_DEBUG("looking up %s#%x (sitename %s)\n",
2707 name, name_type, sitename ? sitename : "(null)");
2708
2709 if (is_ipaddress(name)) {
2710 struct sockaddr_storage ss;
2711
2712 /* if it's in the form of an IP address then get the lib to interpret it */
2713 ok = interpret_string_addr(&ss, name, AI_NUMERICHOST);
2714 if (!ok) {
2715 DBG_WARNING("interpret_string_addr failed on %s\n",
2716 name);
2717 TALLOC_FREE(frame);
2718 return NT_STATUS_INVALID_PARAMETER;
2719 }
2720 if (is_zero_addr(&ss)) {
2721 TALLOC_FREE(frame);
2722 return NT_STATUS_UNSUCCESSFUL;
2723 }
2724
2725 status = sockaddr_array_to_samba_sockaddr_array(frame,
2726 &sa_list,
2727 &ret_count,
2728 &ss,
2729 1);
2730 if (!NT_STATUS_IS_OK(status)) {
2731 TALLOC_FREE(frame);
2732 return status;
2733 }
2734
2735 *return_salist = talloc_move(ctx, &sa_list);
2736 *return_count = 1;
2737 TALLOC_FREE(frame);
2738 return NT_STATUS_OK;
2739 }
2740
2741 /* Check name cache */
2742
2743 ok = namecache_fetch(frame,
2744 name,
2745 name_type,
2746 &sa_list,
2747 &nc_count);
2748 if (ok) {
2749 /*
2750 * remove_duplicate_addrs2() has the
2751 * side effect of removing zero addresses,
2752 * so use it here.
2753 */
2754 nc_count = remove_duplicate_addrs2(sa_list, nc_count);
2755 if (nc_count == 0) {
2756 TALLOC_FREE(sa_list);
2757 TALLOC_FREE(frame);
2758 return NT_STATUS_UNSUCCESSFUL;
2759 }
2760 *return_count = nc_count;
2761 *return_salist = talloc_move(ctx, &sa_list);
2762 TALLOC_FREE(frame);
2763 return NT_STATUS_OK;
2764 }
2765
2766 /* set the name resolution order */
2767
2768 if (resolve_order && strcmp(resolve_order[0], "NULL") == 0) {
2769 DBG_DEBUG("all lookups disabled\n");
2770 TALLOC_FREE(frame);
2771 return NT_STATUS_INVALID_PARAMETER;
2772 }
2773
2774 if (!resolve_order || !resolve_order[0]) {
2775 static const char *host_order[] = { "host", NULL };
2776 resolve_order = host_order;
2777 }
2778
2779 if ((strlen(name) > MAX_NETBIOSNAME_LEN - 1) ||
2780 (strchr(name, '.') != NULL)) {
2781 /*
2782 * Don't do NBT lookup, the name would not fit anyway
2783 */
2784 resolve_order = filter_out_nbt_lookup(frame, resolve_order);
2785 if (resolve_order == NULL) {
2786 TALLOC_FREE(frame);
2787 return NT_STATUS_NO_MEMORY;
2788 }
2789 }
2790
2791 /* iterate through the name resolution backends */
2792
2793 for (i=0; resolve_order[i]; i++) {
2794 const char *tok = resolve_order[i];
2795
2796 if ((strequal(tok, "host") || strequal(tok, "hosts"))) {
2797 status = resolve_hosts(talloc_tos(),
2798 name,
2799 name_type,
2800 &ss_list,
2801 &ret_count);
2802 if (!NT_STATUS_IS_OK(status)) {
2803 continue;
2804 }
2805 goto done;
2806 }
2807
2808 if (strequal(tok, "kdc")) {
2809 /* deal with KDC_NAME_TYPE names here.
2810 * This will result in a SRV record lookup */
2811 status = resolve_ads(talloc_tos(),
2812 name,
2813 KDC_NAME_TYPE,
2814 sitename,
2815 &ss_list,
2816 &ret_count);
2817 if (!NT_STATUS_IS_OK(status)) {
2818 continue;
2819 }
2820 /* Ensure we don't namecache
2821 * this with the KDC port. */
2822 name_type = KDC_NAME_TYPE;
2823 goto done;
2824 }
2825
2826 if (strequal(tok, "ads")) {
2827 /* deal with 0x1c and 0x1b names here.
2828 * This will result in a SRV record lookup */
2829 status = resolve_ads(talloc_tos(),
2830 name,
2831 name_type,
2832 sitename,
2833 &ss_list,
2834 &ret_count);
2835 if (!NT_STATUS_IS_OK(status)) {
2836 continue;
2837 }
2838 goto done;
2839 }
2840
2841 if (strequal(tok, "lmhosts")) {
2842 status = resolve_lmhosts_file_as_sockaddr(
2843 talloc_tos(),
2844 get_dyn_LMHOSTSFILE(),
2845 name,
2846 name_type,
2847 &ss_list,
2848 &ret_count);
2849 if (!NT_STATUS_IS_OK(status)) {
2850 continue;
2851 }
2852 goto done;
2853 }
2854
2855 if (strequal(tok, "wins")) {
2856 /* don't resolve 1D via WINS */
2857 if (name_type == 0x1D) {
2858 continue;
2859 }
2860 status = resolve_wins(talloc_tos(),
2861 name,
2862 name_type,
2863 &ss_list,
2864 &ret_count);
2865 if (!NT_STATUS_IS_OK(status)) {
2866 continue;
2867 }
2868 goto done;
2869 }
2870
2871 if (strequal(tok, "bcast")) {
2872 status = name_resolve_bcast(
2873 talloc_tos(),
2874 name,
2875 name_type,
2876 &ss_list,
2877 &ret_count);
2878 if (!NT_STATUS_IS_OK(status)) {
2879 continue;
2880 }
2881 goto done;
2882 }
2883
2884 DBG_ERR("unknown name switch type %s\n", tok);
2885 }
2886
2887 /* All of the resolve_* functions above have returned false. */
2888
2889 TALLOC_FREE(frame);
2890 *return_count = 0;
2891
2892 return status;
2893
2894 done:
2895
2896 status = sockaddr_array_to_samba_sockaddr_array(frame,
2897 &sa_list,
2898 &ret_count,
2899 ss_list,
2900 ret_count);
2901 if (!NT_STATUS_IS_OK(status)) {
2902 TALLOC_FREE(frame);
2903 return NT_STATUS_NO_MEMORY;
2904 }
2905
2906 /* Remove duplicate entries. Some queries, notably #1c (domain
2907 controllers) return the PDC in iplist[0] and then all domain
2908 controllers including the PDC in iplist[1..n]. Iterating over
2909 the iplist when the PDC is down will cause two sets of timeouts. */
2910
2911 ret_count = remove_duplicate_addrs2(sa_list, ret_count);
2912
2913 /* Save in name cache */
2914 if ( DEBUGLEVEL >= 100 ) {
2915 for (i = 0; i < ret_count && DEBUGLEVEL == 100; i++) {
2916 char addr[INET6_ADDRSTRLEN];
2917 print_sockaddr(addr, sizeof(addr),
2918 &sa_list[i].u.ss);
2919 DEBUG(100, ("Storing name %s of type %d (%s:0)\n",
2920 name,
2921 name_type,
2922 addr));
2923 }
2924 }
2925
2926 if (ret_count) {
2927 namecache_store(name,
2928 name_type,
2929 ret_count,
2930 sa_list);
2931 }
2932
2933 /* Display some debugging info */
2934
2935 if ( DEBUGLEVEL >= 10 ) {
2936 DBG_DEBUG("returning %zu addresses: ",
2937 ret_count);
2938
2939 for (i = 0; i < ret_count; i++) {
2940 char addr[INET6_ADDRSTRLEN];
2941 print_sockaddr(addr, sizeof(addr),
2942 &sa_list[i].u.ss);
2943 DEBUGADD(10, ("%s ", addr));
2944 }
2945 DEBUG(10, ("\n"));
2946 }
2947
2948 *return_count = ret_count;
2949 *return_salist = talloc_move(ctx, &sa_list);
2950
2951 TALLOC_FREE(frame);
2952 return status;
2953 }
2954
2955 /********************************************************
2956 Internal interface to resolve a name into one IP address.
2957 Use this function if the string is either an IP address, DNS
2958 or host name or NetBIOS name. This uses the name switch in the
2959 smb.conf to determine the order of name resolution.
2960 *********************************************************/
2961
2962 bool resolve_name(const char *name,
2963 struct sockaddr_storage *return_ss,
2964 int name_type,
2965 bool prefer_ipv4)
2966 {
2967 struct samba_sockaddr *sa_list = NULL;
2968 char *sitename = NULL;
2969 size_t count = 0;
2970 NTSTATUS status;
2971 TALLOC_CTX *frame = NULL;
2972
2973 if (is_ipaddress(name)) {
2974 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2975 }
2976
2977 frame = talloc_stackframe();
2978
2979 sitename = sitename_fetch(frame, lp_realm()); /* wild guess */
2980
2981 status = internal_resolve_name(frame,
2982 name,
2983 name_type,
2984 sitename,
2985 &sa_list,
2986 &count,
2987 lp_name_resolve_order());
2988 if (NT_STATUS_IS_OK(status)) {
2989 size_t i;
2990
2991 if (prefer_ipv4) {
2992 for (i=0; i<count; i++) {
2993 if (!is_broadcast_addr(&sa_list[i].u.sa) &&
2994 (sa_list[i].u.ss.ss_family == AF_INET)) {
2995 *return_ss = sa_list[i].u.ss;
2996 TALLOC_FREE(sa_list);
2997 TALLOC_FREE(frame);
2998 return True;
2999 }
3000 }
3001 }
3002
3003 /* only return valid addresses for TCP connections */
3004 for (i=0; i<count; i++) {
3005 if (!is_broadcast_addr(&sa_list[i].u.sa)) {
3006 *return_ss = sa_list[i].u.ss;
3007 TALLOC_FREE(sa_list);
3008 TALLOC_FREE(frame);
3009 return True;
3010 }
3011 }
3012 }
3013
3014 TALLOC_FREE(sa_list);
3015 TALLOC_FREE(frame);
3016 return False;
3017 }
3018
3019 /********************************************************
3020 Internal interface to resolve a name into a list of IP addresses.
3021 Use this function if the string is either an IP address, DNS
3022 or host name or NetBIOS name. This uses the name switch in the
3023 smb.conf to determine the order of name resolution.
3024 *********************************************************/
3025
3026 NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
3027 const char *name,
3028 int name_type,
3029 struct sockaddr_storage **return_ss_arr,
3030 unsigned int *p_num_entries)
3031 {
3032 struct samba_sockaddr *sa_list = NULL;
3033 char *sitename = NULL;
3034 size_t count = 0;
3035 size_t i;
3036 unsigned int num_entries = 0;
3037 struct sockaddr_storage *result_arr = NULL;
3038 NTSTATUS status;
3039
3040 if (is_ipaddress(name)) {
3041 result_arr = talloc(ctx, struct sockaddr_storage);
3042 if (result_arr == NULL) {
3043 return NT_STATUS_NO_MEMORY;
3044 }
3045 if (!interpret_string_addr(result_arr, name, AI_NUMERICHOST)) {
3046 TALLOC_FREE(result_arr);
3047 return NT_STATUS_BAD_NETWORK_NAME;
3048 }
3049 *p_num_entries = 1;
3050 *return_ss_arr = result_arr;
3051 return NT_STATUS_OK;
3052 }
3053
3054 sitename = sitename_fetch(ctx, lp_realm()); /* wild guess */
3055
3056 status = internal_resolve_name(ctx,
3057 name,
3058 name_type,
3059 sitename,
3060 &sa_list,
3061 &count,
3062 lp_name_resolve_order());
3063 TALLOC_FREE(sitename);
3064
3065 if (!NT_STATUS_IS_OK(status)) {
3066 return status;
3067 }
3068
3069 /* only return valid addresses for TCP connections */
3070 for (i=0, num_entries = 0; i<count; i++) {
3071 if (!is_zero_addr(&sa_list[i].u.ss) &&
3072 !is_broadcast_addr(&sa_list[i].u.sa)) {
3073 num_entries++;
3074 }
3075 }
3076 if (num_entries == 0) {
3077 status = NT_STATUS_BAD_NETWORK_NAME;
3078 goto done;
3079 }
3080
3081 result_arr = talloc_array(ctx,
3082 struct sockaddr_storage,
3083 num_entries);
3084 if (result_arr == NULL) {
3085 status = NT_STATUS_NO_MEMORY;
3086 goto done;
3087 }
3088
3089 for (i=0, num_entries = 0; i<count; i++) {
3090 if (!is_zero_addr(&sa_list[i].u.ss) &&
3091 !is_broadcast_addr(&sa_list[i].u.sa)) {
3092 result_arr[num_entries++] = sa_list[i].u.ss;
3093 }
3094 }
3095
3096 if (num_entries == 0) {
3097 TALLOC_FREE(result_arr);
3098 status = NT_STATUS_BAD_NETWORK_NAME;
3099 goto done;
3100 }
3101
3102 status = NT_STATUS_OK;
3103 *p_num_entries = num_entries;
3104 *return_ss_arr = result_arr;
3105 done:
3106 TALLOC_FREE(sa_list);
3107 return status;
3108 }
3109
3110 /********************************************************
3111 Find the IP address of the master browser or DMB for a workgroup.
3112 *********************************************************/
3113
3114 bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
3115 {
3116 struct samba_sockaddr *sa_list = NULL;
3117 size_t count = 0;
3118 NTSTATUS status;
3119
3120 if (lp_disable_netbios()) {
3121 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
3122 return false;
3123 }
3124
3125 status = internal_resolve_name(talloc_tos(),
3126 group,
3127 0x1D,
3128 NULL,
3129 &sa_list,
3130 &count,
3131 lp_name_resolve_order());
3132 if (NT_STATUS_IS_OK(status)) {
3133 *master_ss = sa_list[0].u.ss;
3134 TALLOC_FREE(sa_list);
3135 return true;
3136 }
3137
3138 TALLOC_FREE(sa_list);
3139
3140 status = internal_resolve_name(talloc_tos(),
3141 group,
3142 0x1B,
3143 NULL,
3144 &sa_list,
3145 &count,
3146 lp_name_resolve_order());
3147 if (NT_STATUS_IS_OK(status)) {
3148 *master_ss = sa_list[0].u.ss;
3149 TALLOC_FREE(sa_list);
3150 return true;
3151 }
3152
3153 TALLOC_FREE(sa_list);
3154 return false;
3155 }
3156
3157 /********************************************************
3158 Get the IP address list of the primary domain controller
3159 for a domain.
3160 *********************************************************/
3161
3162 bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
3163 {
3164 struct samba_sockaddr *sa_list = NULL;
3165 size_t count = 0;
3166 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
3167 static const char *ads_order[] = { "ads", NULL };
3168 /* Look up #1B name */
3169
3170 if (lp_security() == SEC_ADS) {
3171 status = internal_resolve_name(talloc_tos(),
3172 domain,
3173 0x1b,
3174 NULL,
3175 &sa_list,
3176 &count,
3177 ads_order);
3178 }
3179
3180 if (!NT_STATUS_IS_OK(status) || count == 0) {
3181 TALLOC_FREE(sa_list);
3182 status = internal_resolve_name(talloc_tos(),
3183 domain,
3184 0x1b,
3185 NULL,
3186 &sa_list,
3187 &count,
3188 lp_name_resolve_order());
3189 if (!NT_STATUS_IS_OK(status)) {
3190 TALLOC_FREE(sa_list);
3191 return false;
3192 }
3193 }
3194
3195 /* if we get more than 1 IP back we have to assume it is a
3196 multi-homed PDC and not a mess up */
3197
3198 if ( count > 1 ) {
3199 DBG_INFO("PDC has %zu IP addresses!\n", count);
3200 sort_sa_list(sa_list, count);
3201 }
3202
3203 *pss = sa_list[0].u.ss;
3204 TALLOC_FREE(sa_list);
3205 return true;
3206 }
3207
3208 /* Private enum type for lookups. */
3209
3210 enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
3211
3212 /********************************************************
3213 Get the IP address list of the domain controllers for
3214 a domain.
3215 *********************************************************/
3216
3217 static NTSTATUS get_dc_list(TALLOC_CTX *ctx,
3218 const char *domain,
3219 const char *sitename,
3220 struct samba_sockaddr **sa_list_ret,
3221 size_t *ret_count,
3222 enum dc_lookup_type lookup_type,
3223 bool *ordered)
3224 {
3225 const char **resolve_order = NULL;
3226 char *saf_servername = NULL;
3227 char *pserver = NULL;
3228 const char *p;
3229 char *name;
3230 size_t num_addresses = 0;
3231 size_t local_count = 0;
3232 size_t i;
3233 struct samba_sockaddr *auto_sa_list = NULL;
3234 struct samba_sockaddr *return_salist = NULL;
3235 bool done_auto_lookup = false;
3236 size_t auto_count = 0;
3237 NTSTATUS status;
3238 TALLOC_CTX *frame = talloc_stackframe();
3239 int auto_name_type = 0x1C;
3240
3241 *ordered = False;
3242
3243 /* if we are restricted to solely using DNS for looking
3244 up a domain controller, make sure that host lookups
3245 are enabled for the 'name resolve order'. If host lookups
3246 are disabled and ads_only is True, then set the string to
3247 NULL. */
3248
3249 resolve_order = lp_name_resolve_order();
3250 if (!resolve_order) {
3251 status = NT_STATUS_NO_MEMORY;
3252 goto out;
3253 }
3254 if (lookup_type == DC_ADS_ONLY) {
3255 if (str_list_check_ci(resolve_order, "host")) {
3256 static const char *ads_order[] = { "ads", NULL };
3257 resolve_order = ads_order;
3258
3259 /* DNS SRV lookups used by the ads resolver
3260 are already sorted by priority and weight */
3261 *ordered = true;
3262 } else {
3263 /* this is quite bizarre! */
3264 static const char *null_order[] = { "NULL", NULL };
3265 resolve_order = null_order;
3266 }
3267 } else if (lookup_type == DC_KDC_ONLY) {
3268 static const char *kdc_order[] = { "kdc", NULL };
3269 /* DNS SRV lookups used by the ads/kdc resolver
3270 are already sorted by priority and weight */
3271 *ordered = true;
3272 resolve_order = kdc_order;
3273 auto_name_type = KDC_NAME_TYPE;
3274 }
3275
3276 /* fetch the server we have affinity for. Add the
3277 'password server' list to a search for our domain controllers */
3278
3279 saf_servername = saf_fetch(frame, domain);
3280
3281 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
3282 pserver = talloc_asprintf(frame, "%s, %s",
3283 saf_servername ? saf_servername : "",
3284 lp_password_server());
3285 } else {
3286 pserver = talloc_asprintf(frame, "%s, *",
3287 saf_servername ? saf_servername : "");
3288 }
3289
3290 TALLOC_FREE(saf_servername);
3291 if (!pserver) {
3292 status = NT_STATUS_NO_MEMORY;
3293 goto out;
3294 }
3295
3296 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
3297
3298 /*
3299 * if '*' appears in the "password server" list then add
3300 * an auto lookup to the list of manually configured
3301 * DC's. If any DC is listed by name, then the list should be
3302 * considered to be ordered
3303 */
3304
3305 p = pserver;
3306 while (next_token_talloc(frame, &p, &name, LIST_SEP)) {
3307 if (!done_auto_lookup && strequal(name, "*")) {
3308 done_auto_lookup = true;
3309
3310 status = internal_resolve_name(frame,
3311 domain,
3312 auto_name_type,
3313 sitename,
3314 &auto_sa_list,
3315 &auto_count,
3316 resolve_order);
3317 if (!NT_STATUS_IS_OK(status)) {
3318 continue;
3319 }
3320 /* Wrap check. */
3321 if (num_addresses + auto_count < num_addresses) {
3322 TALLOC_FREE(auto_sa_list);
3323 status = NT_STATUS_INVALID_PARAMETER;
3324 goto out;
3325 }
3326 num_addresses += auto_count;
3327 DBG_DEBUG("Adding %zu DC's from auto lookup\n",
3328 auto_count);
3329 } else {
3330 /* Wrap check. */
3331 if (num_addresses + 1 < num_addresses) {
3332 TALLOC_FREE(auto_sa_list);
3333 status = NT_STATUS_INVALID_PARAMETER;
3334 goto out;
3335 }
3336 num_addresses++;
3337 }
3338 }
3339
3340 /* if we have no addresses and haven't done the auto lookup, then
3341 just return the list of DC's. Or maybe we just failed. */
3342
3343 if (num_addresses == 0) {
3344 struct samba_sockaddr *dc_salist = NULL;
3345 size_t dc_count = 0;
3346
3347 if (done_auto_lookup) {
3348 DEBUG(4,("get_dc_list: no servers found\n"));
3349 status = NT_STATUS_NO_LOGON_SERVERS;
3350 goto out;
3351 }
3352 /* talloc off frame, only move to ctx on success. */
3353 status = internal_resolve_name(frame,
3354 domain,
3355 auto_name_type,
3356 sitename,
3357 &dc_salist,
3358 &dc_count,
3359 resolve_order);
3360 if (!NT_STATUS_IS_OK(status)) {
3361 goto out;
3362 }
3363 return_salist = dc_salist;
3364 local_count = dc_count;
3365 goto out;
3366 }
3367
3368 return_salist = talloc_zero_array(frame,
3369 struct samba_sockaddr,
3370 num_addresses);
3371 if (return_salist == NULL) {
3372 DEBUG(3,("get_dc_list: malloc fail !\n"));
3373 status = NT_STATUS_NO_MEMORY;
3374 goto out;
3375 }
3376
3377 p = pserver;
3378 local_count = 0;
3379
3380 /* fill in the return list now with real IP's */
3381
3382 while ((local_count<num_addresses) &&
3383 next_token_talloc(frame, &p, &name, LIST_SEP)) {
3384 struct samba_sockaddr name_sa = {0};
3385
3386 /* copy any addresses from the auto lookup */
3387
3388 if (strequal(name, "*")) {
3389 size_t j;
3390 for (j=0; j<auto_count; j++) {
3391 char addr[INET6_ADDRSTRLEN];
3392 print_sockaddr(addr,
3393 sizeof(addr),
3394 &auto_sa_list[j].u.ss);
3395 /* Check for and don't copy any
3396 * known bad DC IP's. */
3397 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
3398 domain,
3399 addr))) {
3400 DEBUG(5,("get_dc_list: "
3401 "negative entry %s removed "
3402 "from DC list\n",
3403 addr));
3404 continue;
3405 }
3406 return_salist[local_count] = auto_sa_list[j];
3407 local_count++;
3408 }
3409 continue;
3410 }
3411
3412 /* explicit lookup; resolve_name() will
3413 * handle names & IP addresses */
3414 if (resolve_name(name, &name_sa.u.ss, 0x20, true)) {
3415 char addr[INET6_ADDRSTRLEN];
3416 bool ok;
3417
3418 /*
3419 * Ensure we set sa_socklen correctly.
3420 * Doesn't matter now, but eventually we
3421 * will remove ip_service and return samba_sockaddr
3422 * arrays directly.
3423 */
3424 ok = sockaddr_storage_to_samba_sockaddr(
3425 &name_sa,
3426 &name_sa.u.ss);
3427 if (!ok) {
3428 status = NT_STATUS_INVALID_ADDRESS;
3429 goto out;
3430 }
3431
3432 print_sockaddr(addr,
3433 sizeof(addr),
3434 &name_sa.u.ss);
3435
3436 /* Check for and don't copy any known bad DC IP's. */
3437 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
3438 addr)) ) {
3439 DEBUG(5,("get_dc_list: negative entry %s "
3440 "removed from DC list\n",
3441 name ));
3442 continue;
3443 }
3444
3445 return_salist[local_count] = name_sa;
3446 local_count++;
3447 *ordered = true;
3448 }
3449 }
3450
3451 /* need to remove duplicates in the list if we have any
3452 explicit password servers */
3453
3454 local_count = remove_duplicate_addrs2(return_salist, local_count );
3455
3456 /* For DC's we always prioritize IPv4 due to W2K3 not
3457 * supporting LDAP, KRB5 or CLDAP over IPv6. */
3458
3459 if (local_count && return_salist != NULL) {
3460 prioritize_ipv4_list(return_salist, local_count);
3461 }
3462
3463 if ( DEBUGLEVEL >= 4 ) {
3464 DEBUG(4,("get_dc_list: returning %zu ip addresses "
3465 "in an %sordered list\n",
3466 local_count,
3467 *ordered ? "":"un"));
3468 DEBUG(4,("get_dc_list: "));
3469 for ( i=0; i<local_count; i++ ) {
3470 char addr[INET6_ADDRSTRLEN];
3471 print_sockaddr(addr,
3472 sizeof(addr),
3473 &return_salist[i].u.ss);
3474 DEBUGADD(4,("%s ", addr));
3475 }
3476 DEBUGADD(4,("\n"));
3477 }
3478
3479 status = (local_count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS);
3480
3481 out:
3482
3483 if (NT_STATUS_IS_OK(status)) {
3484 *sa_list_ret = talloc_move(ctx, &return_salist);
3485 *ret_count = local_count;
3486 }
3487 TALLOC_FREE(return_salist);
3488 TALLOC_FREE(auto_sa_list);
3489 TALLOC_FREE(frame);
3490 return status;
3491 }
3492
3493 /*********************************************************************
3494 Small wrapper function to get the DC list and sort it if necessary.
3495 Returns a samba_sockaddr array.
3496 *********************************************************************/
3497
3498 NTSTATUS get_sorted_dc_list(TALLOC_CTX *ctx,
3499 const char *domain,
3500 const char *sitename,
3501 struct samba_sockaddr **sa_list_ret,
3502 size_t *ret_count,
3503 bool ads_only)
3504 {
3505 bool ordered = false;
3506 NTSTATUS status;
3507 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
3508 struct samba_sockaddr *sa_list = NULL;
3509 size_t count = 0;
3510
3511 DBG_INFO("attempting lookup for name %s (sitename %s)\n",
3512 domain,
3513 sitename ? sitename : "NULL");
3514
3515 if (ads_only) {
3516 lookup_type = DC_ADS_ONLY;
3517 }
3518
3519 status = get_dc_list(ctx,
3520 domain,
3521 sitename,
3522 &sa_list,
3523 &count,
3524 lookup_type,
3525 &ordered);
3526 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
3527 && sitename) {
3528 DBG_WARNING("No server for domain '%s' available"
3529 " in site '%s', fallback to all servers\n",
3530 domain,
3531 sitename);
3532 status = get_dc_list(ctx,
3533 domain,
3534 NULL,
3535 &sa_list,
3536 &count,
3537 lookup_type,
3538 &ordered);
3539 }
3540
3541 if (!NT_STATUS_IS_OK(status)) {
3542 return status;
3543 }
3544
3545 /* only sort if we don't already have an ordered list */
3546 if (!ordered) {
3547 sort_sa_list(sa_list, count);
3548 }
3549
3550 *ret_count = count;
3551 *sa_list_ret = sa_list;
3552 return status;
3553 }
3554
3555 /*********************************************************************
3556 Get the KDC list - re-use all the logic in get_dc_list.
3557 Returns a samba_sockaddr array.
3558 *********************************************************************/
3559
3560 NTSTATUS get_kdc_list(TALLOC_CTX *ctx,
3561 const char *realm,
3562 const char *sitename,
3563 struct samba_sockaddr **sa_list_ret,
3564 size_t *ret_count)
3565 {
3566 size_t count = 0;
3567 struct samba_sockaddr *sa_list = NULL;
3568 bool ordered = false;
3569 NTSTATUS status;
3570
3571 status = get_dc_list(ctx,
3572 realm,
3573 sitename,
3574 &sa_list,
3575 &count,
3576 DC_KDC_ONLY,
3577 &ordered);
3578
3579 if (!NT_STATUS_IS_OK(status)) {
3580 return status;
3581 }
3582
3583 /* only sort if we don't already have an ordered list */
3584 if (!ordered ) {
3585 sort_sa_list(sa_list, count);
3586 }
3587
3588 *ret_count = count;
3589 *sa_list_ret = sa_list;
3590 return status;
3591 }
GSS-enabled samba4