2 Unix SMB/CIFS implementation.
4 Copyright Matthieu Patou <mat@matws.net> 2010-2011
5 Copyright Stefan Metzmacher 2011
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/dfsblobs.h"
23 #include "librpc/gen_ndr/ndr_dfsblobs.h"
24 #include "dsdb/samdb/samdb.h"
25 #include "auth/session.h"
26 #include "param/param.h"
27 #include "lib/tsocket/tsocket.h"
28 #include "dfs_server/dfs_server_ad.h"
29 #include "lib/util/util_net.h"
30 #include "libds/common/roles.h"
32 #define MAX_DFS_RESPONSE 56*1024 /* 56 Kb */
36 /* A DC set is a group of DC, they might have been grouped together
37 because they belong to the same site, or to site with same cost ...
44 static void shuffle_dc_set(struct dc_set
*list
)
48 for (i
= list
->count
; i
> 1; i
--) {
52 r
= generate_random() % i
;
54 tmp
= list
->names
[i
- 1];
55 list
->names
[i
- 1] = list
->names
[r
];
61 fill a referral type structure
63 static NTSTATUS
fill_normal_dfs_referraltype(TALLOC_CTX
*mem_ctx
,
64 struct dfs_referral_type
*ref
,
67 const char *server_path
, int isfirstoffset
)
72 ref
->version
= version
;
73 /* For the moment there is a bug with XP that doesn't
74 * seem to appreciate much level4 so we return just
75 * level 3 for everyone
77 ref
->referral
.v4
.server_type
= DFS_SERVER_NON_ROOT
;
78 /* "normal" referral seems to always include the GUID */
79 ref
->referral
.v4
.size
= 34;
82 ref
->referral
.v4
.entry_flags
= DFS_HEADER_FLAG_TARGET_BCK
;
84 ref
->referral
.v4
.ttl
= 900; /* As w2k8r2 */
85 ref
->referral
.v4
.referrals
.r1
.DFS_path
= talloc_strdup(mem_ctx
, dfs_path
);
86 if (ref
->referral
.v4
.referrals
.r1
.DFS_path
== NULL
) {
87 return NT_STATUS_NO_MEMORY
;
89 ref
->referral
.v4
.referrals
.r1
.DFS_alt_path
= talloc_strdup(mem_ctx
, dfs_path
);
90 if (ref
->referral
.v4
.referrals
.r1
.DFS_alt_path
== NULL
) {
91 return NT_STATUS_NO_MEMORY
;
93 ref
->referral
.v4
.referrals
.r1
.netw_address
= talloc_strdup(mem_ctx
, server_path
);
94 if (ref
->referral
.v4
.referrals
.r1
.netw_address
== NULL
) {
95 return NT_STATUS_NO_MEMORY
;
99 ref
->version
= version
;
100 ref
->referral
.v3
.server_type
= DFS_SERVER_NON_ROOT
;
101 /* "normal" referral seems to always include the GUID */
102 ref
->referral
.v3
.size
= 34;
104 ref
->referral
.v3
.entry_flags
= 0;
105 ref
->referral
.v3
.ttl
= 600; /* As w2k3 */
106 ref
->referral
.v3
.referrals
.r1
.DFS_path
= talloc_strdup(mem_ctx
, dfs_path
);
107 if (ref
->referral
.v3
.referrals
.r1
.DFS_path
== NULL
) {
108 return NT_STATUS_NO_MEMORY
;
110 ref
->referral
.v3
.referrals
.r1
.DFS_alt_path
= talloc_strdup(mem_ctx
, dfs_path
);
111 if (ref
->referral
.v3
.referrals
.r1
.DFS_alt_path
== NULL
) {
112 return NT_STATUS_NO_MEMORY
;
114 ref
->referral
.v3
.referrals
.r1
.netw_address
= talloc_strdup(mem_ctx
, server_path
);
115 if (ref
->referral
.v3
.referrals
.r1
.netw_address
== NULL
) {
116 return NT_STATUS_NO_MEMORY
;
120 return NT_STATUS_INVALID_LEVEL
;
124 fill a domain refererral
126 static NTSTATUS
fill_domain_dfs_referraltype(TALLOC_CTX
*mem_ctx
,
127 struct dfs_referral_type
*ref
,
136 DEBUG(8, ("Called fill_domain_dfs_referraltype\n"));
137 ref
->version
= version
;
138 ref
->referral
.v3
.server_type
= DFS_SERVER_NON_ROOT
;
140 /* We use to have variable size, on Windows 2008R2 it's the same
141 * and it seems that it gives better results so ... let's use the same
144 * Additional note: XP SP2 will ask for version 3 and SP3 for version 4.
147 * It's hard coded ... don't think it's a good way but the
148 * sizeof return not the correct values
150 * We have 18 if the GUID is not included 34 otherwise
153 /* Windows return without the guid when returning domain list
155 ref
->referral
.v3
.size
= 18;
157 ref
->referral
.v3
.size
= 34;
160 /* As seen in w2k8r2 it always return the null GUID */
161 ref
->referral
.v3
.size
= 34;
162 ref
->referral
.v3
.entry_flags
= DFS_FLAG_REFERRAL_DOMAIN_RESP
;
163 ref
->referral
.v3
.ttl
= 600; /* As w2k3 and w2k8r2*/
164 ref
->referral
.v3
.referrals
.r2
.special_name
= talloc_strdup(mem_ctx
,
166 if (ref
->referral
.v3
.referrals
.r2
.special_name
== NULL
) {
167 return NT_STATUS_NO_MEMORY
;
169 ref
->referral
.v3
.referrals
.r2
.nb_expanded_names
= numnames
;
170 /* Put the final terminator */
173 const char **names2
= talloc_array(mem_ctx
, const char *,
175 NT_STATUS_HAVE_NO_MEMORY(names2
);
176 for (i
= 0; i
<numnames
; i
++) {
177 names2
[i
] = talloc_asprintf(names2
, "\\%s", names
[i
]);
178 NT_STATUS_HAVE_NO_MEMORY(names2
[i
]);
180 names2
[numnames
] = NULL
;
181 ref
->referral
.v3
.referrals
.r2
.expanded_names
= names2
;
185 return NT_STATUS_INVALID_LEVEL
;
189 get the DCs list within a site
191 static NTSTATUS
get_dcs_insite(TALLOC_CTX
*ctx
, struct ldb_context
*ldb
,
192 struct ldb_dn
*sitedn
, struct dc_set
*list
,
195 static const char *attrs
[] = { "serverReference", NULL
};
196 static const char *attrs2
[] = { "dNSHostName", "sAMAccountName", NULL
};
197 struct ldb_result
*r
;
200 const char **dc_list
;
202 ret
= ldb_search(ldb
, ctx
, &r
, sitedn
, LDB_SCOPE_SUBTREE
, attrs
,
203 "(&(objectClass=server)(serverReference=*))");
204 if (ret
!= LDB_SUCCESS
) {
205 DEBUG(2,(__location__
": Failed to get list of servers - %s\n",
206 ldb_errstring(ldb
)));
207 return NT_STATUS_INTERNAL_ERROR
;
211 /* none in this site */
217 * need to search for all server object to know the size of the array.
218 * Search all the object of class server in this site
220 dc_list
= talloc_array(r
, const char *, r
->count
);
221 if (dc_list
== NULL
) {
223 return NT_STATUS_NO_MEMORY
;
226 /* TODO put some random here in the order */
227 list
->names
= talloc_realloc(list
, list
->names
, const char *, list
->count
+ r
->count
);
228 if (list
->names
== NULL
) {
230 return NT_STATUS_NO_MEMORY
;
233 for (i
= 0; i
<r
->count
; i
++) {
235 struct ldb_message
*msg
;
237 dn
= ldb_msg_find_attr_as_dn(ldb
, ctx
, r
->msgs
[i
], "serverReference");
239 return NT_STATUS_INTERNAL_ERROR
;
242 ret
= dsdb_search_one(ldb
, r
, &msg
, dn
, LDB_SCOPE_BASE
, attrs2
, 0, "(objectClass=computer)");
243 if (ret
!= LDB_SUCCESS
) {
244 DEBUG(2,(__location__
": Search for computer on %s failed - %s\n",
245 ldb_dn_get_linearized(dn
), ldb_errstring(ldb
)));
246 return NT_STATUS_INTERNAL_ERROR
;
250 const char *dns
= ldb_msg_find_attr_as_string(msg
, "dNSHostName", NULL
);
252 DEBUG(2,(__location__
": dNSHostName missing on %s\n",
253 ldb_dn_get_linearized(dn
)));
255 return NT_STATUS_INTERNAL_ERROR
;
258 list
->names
[list
->count
] = talloc_strdup(list
->names
, dns
);
259 if (list
->names
[list
->count
] == NULL
) {
261 return NT_STATUS_NO_MEMORY
;
265 const char *aname
= ldb_msg_find_attr_as_string(msg
, "sAMAccountName", NULL
);
267 DEBUG(2,(__location__
": sAMAccountName missing on %s\n",
268 ldb_dn_get_linearized(dn
)));
270 return NT_STATUS_INTERNAL_ERROR
;
273 tmp
= talloc_strdup(list
->names
, aname
);
276 return NT_STATUS_NO_MEMORY
;
279 /* Netbios name is also the sAMAccountName for
280 computer but without the final $ */
281 tmp
[strlen(tmp
) - 1] = '\0';
282 list
->names
[list
->count
] = tmp
;
288 shuffle_dc_set(list
);
298 static NTSTATUS
get_dcs(TALLOC_CTX
*ctx
, struct ldb_context
*ldb
,
299 const char *searched_site
, bool need_fqdn
,
300 struct dc_set
***pset_list
, uint32_t flags
)
303 * Flags will be used later to indicate things like least-expensive
304 * or same-site options
306 const char *attrs_none
[] = { NULL
};
307 const char *attrs3
[] = { "name", NULL
};
308 struct ldb_dn
*configdn
, *sitedn
, *dn
, *sitescontainerdn
;
309 struct ldb_result
*r
;
310 struct dc_set
**set_list
= NULL
;
313 uint32_t current_pos
= 0;
317 *pset_list
= set_list
= NULL
;
319 subctx
= talloc_new(ctx
);
320 NT_STATUS_HAVE_NO_MEMORY(subctx
);
322 configdn
= ldb_get_config_basedn(ldb
);
324 /* Let's search for the Site container */
325 ret
= ldb_search(ldb
, subctx
, &r
, configdn
, LDB_SCOPE_SUBTREE
, attrs_none
,
326 "(objectClass=sitesContainer)");
327 if (ret
!= LDB_SUCCESS
) {
328 DEBUG(2,(__location__
": Failed to find sitesContainer within %s - %s\n",
329 ldb_dn_get_linearized(configdn
), ldb_errstring(ldb
)));
331 return NT_STATUS_INTERNAL_ERROR
;
334 DEBUG(2,(__location__
": Expected 1 sitesContainer - found %u within %s\n",
335 r
->count
, ldb_dn_get_linearized(configdn
)));
337 return NT_STATUS_INTERNAL_ERROR
;
340 sitescontainerdn
= talloc_steal(subctx
, r
->msgs
[0]->dn
);
344 * TODO: Here we should have a more subtle handling
345 * for the case "same-site"
347 ret
= ldb_search(ldb
, subctx
, &r
, sitescontainerdn
, LDB_SCOPE_SUBTREE
,
348 attrs_none
, "(objectClass=server)");
349 if (ret
!= LDB_SUCCESS
) {
350 DEBUG(2,(__location__
": Failed to find servers within %s - %s\n",
351 ldb_dn_get_linearized(sitescontainerdn
), ldb_errstring(ldb
)));
353 return NT_STATUS_INTERNAL_ERROR
;
357 if (searched_site
!= NULL
&& searched_site
[0] != '\0') {
358 ret
= ldb_search(ldb
, subctx
, &r
, configdn
, LDB_SCOPE_SUBTREE
,
359 attrs_none
, "(&(name=%s)(objectClass=site))", searched_site
);
360 if (ret
!= LDB_SUCCESS
) {
362 return NT_STATUS_FOOBAR
;
363 } else if (r
->count
!= 1) {
365 return NT_STATUS_FOOBAR
;
368 /* All of this was to get the DN of the searched_site */
369 sitedn
= r
->msgs
[0]->dn
;
372 * We will realloc + 2 because we will need one additional place
373 * for element at current_pos + 1 for the NULL element
375 set_list
= talloc_realloc(subctx
, set_list
, struct dc_set
*, current_pos
+2);
376 if (set_list
== NULL
) {
378 return NT_STATUS_NO_MEMORY
;
381 set_list
[current_pos
] = talloc(set_list
, struct dc_set
);
382 if (set_list
[current_pos
] == NULL
) {
384 return NT_STATUS_NO_MEMORY
;
387 set_list
[current_pos
]->names
= NULL
;
388 set_list
[current_pos
]->count
= 0;
390 set_list
[current_pos
+1] = NULL
;
392 status
= get_dcs_insite(subctx
, ldb
, sitedn
,
393 set_list
[current_pos
], need_fqdn
);
394 if (!NT_STATUS_IS_OK(status
)) {
395 DEBUG(2,(__location__
": Failed to get DC from site %s - %s\n",
396 ldb_dn_get_linearized(sitedn
), nt_errstr(status
)));
404 /* Let's find all the sites */
405 ret
= ldb_search(ldb
, subctx
, &r
, configdn
, LDB_SCOPE_SUBTREE
, attrs3
, "(objectClass=site)");
406 if (ret
!= LDB_SUCCESS
) {
407 DEBUG(2,(__location__
": Failed to find any site containers in %s\n",
408 ldb_dn_get_linearized(configdn
)));
410 return NT_STATUS_INTERNAL_DB_CORRUPTION
;
415 * We should randomize the order in the main site,
416 * it's mostly needed for sysvol/netlogon referral.
417 * Depending of flag we either randomize order of the
418 * not "in the same site DCs"
419 * or we randomize by group of site that have the same cost
420 * In the long run we want to manipulate an array of site_set
421 * All the site in one set have the same cost (if least-expansive options is selected)
422 * and we will put all the dc related to 1 site set into 1 DCs set.
423 * Within a site set, site order has to be randomized
425 * But for the moment we just return the list of sites
429 * We will realloc + 2 because we will need one additional place
430 * for element at current_pos + 1 for the NULL element
432 set_list
= talloc_realloc(subctx
, set_list
, struct dc_set
*,
434 if (set_list
== NULL
) {
436 return NT_STATUS_NO_MEMORY
;
439 set_list
[current_pos
] = talloc(ctx
, struct dc_set
);
440 if (set_list
[current_pos
] == NULL
) {
442 return NT_STATUS_NO_MEMORY
;
445 set_list
[current_pos
]->names
= NULL
;
446 set_list
[current_pos
]->count
= 0;
448 set_list
[current_pos
+1] = NULL
;
451 for (i
=0; i
<r
->count
; i
++) {
452 const char *site_name
= ldb_msg_find_attr_as_string(r
->msgs
[i
], "name", NULL
);
453 if (site_name
== NULL
) {
454 DEBUG(2,(__location__
": Failed to find name attribute in %s\n",
455 ldb_dn_get_linearized(r
->msgs
[i
]->dn
)));
457 return NT_STATUS_INTERNAL_DB_CORRUPTION
;
460 if (searched_site
== NULL
||
461 strcmp(searched_site
, site_name
) != 0) {
463 (__location__
": Site: %s %s\n",
464 searched_site
!= NULL
? searched_site
469 * Do all the site but the one of the client
470 * (because it has already been done ...)
474 status
= get_dcs_insite(subctx
, ldb
, dn
,
475 set_list
[current_pos
],
477 if (!NT_STATUS_IS_OK(status
)) {
484 *pset_list
= talloc_move(ctx
, &set_list
);
489 static NTSTATUS
dodomain_referral(struct loadparm_context
*lp_ctx
,
490 struct ldb_context
*sam_ctx
,
491 const struct tsocket_address
*client
,
492 struct dfs_GetDFSReferral
*r
)
495 * TODO for the moment we just return the local domain
498 const char *dns_domain
= lpcfg_dnsdomain(lp_ctx
);
499 const char *netbios_domain
= lpcfg_workgroup(lp_ctx
);
500 struct dfs_referral_type
*referrals
;
501 const char *referral_str
;
502 /* In the future this needs to be fetched from the ldb */
503 uint32_t found_domain
= 2;
505 if (lpcfg_server_role(lp_ctx
) != ROLE_ACTIVE_DIRECTORY_DC
) {
506 DEBUG(10 ,("Received a domain referral request on a non DC\n"));
507 return NT_STATUS_INVALID_PARAMETER
;
510 if (r
->in
.req
.max_referral_level
< 3) {
511 DEBUG(2,("invalid max_referral_level %u\n",
512 r
->in
.req
.max_referral_level
));
513 return NT_STATUS_UNSUCCESSFUL
;
516 r
->out
.resp
= talloc_zero(r
, struct dfs_referral_resp
);
517 if (r
->out
.resp
== NULL
) {
518 return NT_STATUS_NO_MEMORY
;
521 r
->out
.resp
->path_consumed
= 0;
522 r
->out
.resp
->header_flags
= 0; /* Do like w2k3 */
523 r
->out
.resp
->nb_referrals
= found_domain
; /* the fqdn one + the NT domain */
525 referrals
= talloc_zero_array(r
->out
.resp
,
526 struct dfs_referral_type
,
527 r
->out
.resp
->nb_referrals
);
528 if (referrals
== NULL
) {
529 return NT_STATUS_NO_MEMORY
;
531 r
->out
.resp
->referral_entries
= referrals
;
533 referral_str
= talloc_asprintf(r
, "\\%s", netbios_domain
);
534 if (referral_str
== NULL
) {
535 return NT_STATUS_NO_MEMORY
;
538 status
= fill_domain_dfs_referraltype(referrals
,
542 if (!NT_STATUS_IS_OK(status
)) {
543 DEBUG(2,("%s: Unable to fill domain referral structure - %s\n",
544 __location__
, nt_errstr(status
)));
548 referral_str
= talloc_asprintf(r
, "\\%s", dns_domain
);
549 if (referral_str
== NULL
) {
550 return NT_STATUS_NO_MEMORY
;
553 status
= fill_domain_dfs_referraltype(referrals
,
557 if (!NT_STATUS_IS_OK(status
)) {
558 DEBUG(2,("%s: Unable to fill domain referral structure - %s\n",
559 __location__
, nt_errstr(status
)));
567 * Handle the logic for dfs referral request like
568 * \\dns_domain or \\netbios_domain.
570 static NTSTATUS
dodc_referral(struct loadparm_context
*lp_ctx
,
571 struct ldb_context
*sam_ctx
,
572 const struct tsocket_address
*client
,
573 struct dfs_GetDFSReferral
*r
,
574 const char *domain_name
)
577 const char *site_name
= NULL
; /* Name of the site where the client is */
578 bool need_fqdn
= false;
580 const char **dc_list
= NULL
;
581 uint32_t num_dcs
= 0;
583 char *client_str
= NULL
;
584 struct dfs_referral_type
*referrals
;
585 const char *referral_str
;
587 if (lpcfg_server_role(lp_ctx
) != ROLE_ACTIVE_DIRECTORY_DC
) {
588 return NT_STATUS_INVALID_PARAMETER
;
591 if (r
->in
.req
.max_referral_level
< 3) {
592 DEBUG(2,("invalid max_referral_level %u\n",
593 r
->in
.req
.max_referral_level
));
594 return NT_STATUS_UNSUCCESSFUL
;
597 DEBUG(10, ("in this we have request for %s requested is %s\n",
598 domain_name
, r
->in
.req
.servername
));
600 if (strchr(domain_name
,'.')) {
604 if (tsocket_address_is_inet(client
, "ip")) {
605 client_str
= tsocket_address_inet_addr_string(client
, r
);
606 if (client_str
== NULL
) {
607 return NT_STATUS_NO_MEMORY
;
611 site_name
= samdb_client_site_name(sam_ctx
, r
, client_str
, NULL
, true);
613 status
= get_dcs(r
, sam_ctx
, site_name
, need_fqdn
, &set
, 0);
614 if (!NT_STATUS_IS_OK(status
)) {
615 DEBUG(3,("Unable to get list of DCs - %s\n",
620 for(i
=0; set
[i
]; i
++) {
623 dc_list
= talloc_realloc(r
, dc_list
, const char*,
624 num_dcs
+ set
[i
]->count
+ 1);
625 if (dc_list
== NULL
) {
626 return NT_STATUS_NO_MEMORY
;
629 for(j
=0; j
<set
[i
]->count
; j
++) {
630 dc_list
[num_dcs
+ j
] = talloc_move(dc_list
,
633 num_dcs
= num_dcs
+ set
[i
]->count
;
635 dc_list
[num_dcs
] = NULL
;
638 r
->out
.resp
= talloc_zero(r
, struct dfs_referral_resp
);
639 if (r
->out
.resp
== NULL
) {
640 return NT_STATUS_NO_MEMORY
;
643 r
->out
.resp
->path_consumed
= 0;
644 r
->out
.resp
->header_flags
= 0; /* Do like w2k3 */
645 r
->out
.resp
->nb_referrals
= 1;
647 referrals
= talloc_zero_array(r
->out
.resp
,
648 struct dfs_referral_type
,
649 r
->out
.resp
->nb_referrals
);
650 if (referrals
== NULL
) {
651 return NT_STATUS_NO_MEMORY
;
653 r
->out
.resp
->referral_entries
= referrals
;
655 if (r
->in
.req
.servername
[0] == '\\') {
656 referral_str
= talloc_asprintf(referrals
, "%s",
659 referral_str
= talloc_asprintf(referrals
, "\\%s",
662 if (referral_str
== NULL
) {
663 return NT_STATUS_NO_MEMORY
;
666 status
= fill_domain_dfs_referraltype(referrals
,
670 if (!NT_STATUS_IS_OK(status
)) {
671 DEBUG(2,("%s: Unable to fill domain referral structure - %s\n",
672 __location__
, nt_errstr(status
)));
680 * Handle the logic for dfs referral request like
681 * \\domain\sysvol or \\domain\netlogon
683 static NTSTATUS
dosysvol_referral(struct loadparm_context
*lp_ctx
,
684 struct ldb_context
*sam_ctx
,
685 const struct tsocket_address
*client
,
686 struct dfs_GetDFSReferral
*r
,
687 const char *domain_name
,
688 const char *dfs_name
)
690 const char *site_name
= NULL
; /* Name of the site where the client is */
691 bool need_fqdn
= false;
692 unsigned int i
, c
= 0, nb_entries
= 0;
694 char *client_str
= NULL
;
696 struct dfs_referral_type
*referrals
;
698 if (lpcfg_server_role(lp_ctx
) != ROLE_ACTIVE_DIRECTORY_DC
) {
699 return NT_STATUS_INVALID_PARAMETER
;
702 if (r
->in
.req
.max_referral_level
< 3) {
703 DEBUG(2,("invalid max_referral_level %u\n",
704 r
->in
.req
.max_referral_level
));
705 return NT_STATUS_UNSUCCESSFUL
;
708 DEBUG(10, ("in this we have request for %s and share %s requested is %s\n",
709 domain_name
, dfs_name
, r
->in
.req
.servername
));
711 if (strchr(domain_name
,'.')) {
715 if (tsocket_address_is_inet(client
, "ip")) {
716 client_str
= tsocket_address_inet_addr_string(client
, r
);
717 if (client_str
== NULL
) {
718 return NT_STATUS_NO_MEMORY
;
722 site_name
= samdb_client_site_name(sam_ctx
, r
, client_str
, NULL
, true);
724 status
= get_dcs(r
, sam_ctx
, site_name
, need_fqdn
, &set
, 0);
725 if (!NT_STATUS_IS_OK(status
)) {
726 DEBUG(3,("Unable to get list of DCs - %s\n",
731 for(i
=0; set
[i
]; i
++) {
732 nb_entries
= nb_entries
+ set
[i
]->count
;
735 r
->out
.resp
= talloc_zero(r
, struct dfs_referral_resp
);
736 if (r
->out
.resp
== NULL
) {
737 return NT_STATUS_NO_MEMORY
;
740 /* The length is expected in bytes */
741 r
->out
.resp
->path_consumed
= strlen_m(r
->in
.req
.servername
) * 2;
742 /* Do like w2k3 and like in 3.3.5.3 of MS-DFSC*/
743 r
->out
.resp
->header_flags
= DFS_HEADER_FLAG_STORAGE_SVR
;
744 r
->out
.resp
->nb_referrals
= nb_entries
;
746 referrals
= talloc_zero_array(r
->out
.resp
,
747 struct dfs_referral_type
,
748 r
->out
.resp
->nb_referrals
);
749 if (referrals
== NULL
) {
750 return NT_STATUS_NO_MEMORY
;
752 r
->out
.resp
->referral_entries
= referrals
;
755 for(i
=0; set
[i
]; i
++) {
758 for(j
=0; j
< set
[i
]->count
; j
++) {
759 struct dfs_referral_type
*ref
= &referrals
[c
];
760 const char *referral_str
;
762 referral_str
= talloc_asprintf(referrals
, "\\%s\\%s",
763 set
[i
]->names
[j
], dfs_name
);
764 if (referral_str
== NULL
) {
765 return NT_STATUS_NO_MEMORY
;
768 DEBUG(8,("Doing a dfs referral for %s with this value "
770 set
[i
]->names
[j
], referral_str
,
771 r
->in
.req
.servername
));
773 status
= fill_normal_dfs_referraltype(referrals
, ref
,
774 r
->in
.req
.max_referral_level
,
775 r
->in
.req
.servername
,
779 if (!NT_STATUS_IS_OK(status
)) {
780 DEBUG(2,("%s: Unable to fill domain referral "
782 __location__
, nt_errstr(status
)));
794 trans2 getdfsreferral implementation
796 NTSTATUS
dfs_server_ad_get_referrals(struct loadparm_context
*lp_ctx
,
797 struct ldb_context
*sam_ctx
,
798 const struct tsocket_address
*client
,
799 struct dfs_GetDFSReferral
*r
)
801 char *server_name
= NULL
;
802 char *dfs_name
= NULL
;
803 char *link_path
= NULL
;
804 const char *netbios_domain
;
805 const char *dns_domain
;
806 const char *netbios_name
;
807 const char *dns_hostname
= NULL
;
808 const char **netbios_aliases
;
811 if (!lpcfg_host_msdfs(lp_ctx
)) {
812 return NT_STATUS_FS_DRIVER_REQUIRED
;
815 if (r
->in
.req
.servername
== NULL
) {
816 return NT_STATUS_INVALID_PARAMETER
;
819 DEBUG(8, ("Requested DFS name: %s length: %u\n",
820 r
->in
.req
.servername
,
821 (unsigned int)strlen_m(r
->in
.req
.servername
)*2));
824 * If the servername is "" then we are in a case of domain dfs
825 * and the client just searches for the list of local domain
826 * it is attached and also trusted ones.
828 if (strlen(r
->in
.req
.servername
) == 0) {
829 return dodomain_referral(lp_ctx
, sam_ctx
, client
, r
);
832 server_name
= talloc_strdup(r
, r
->in
.req
.servername
);
833 if (server_name
== NULL
) {
834 return NT_STATUS_NO_MEMORY
;
837 path_separator
= (*server_name
== '/') ? '/' : '\\';
839 while(*server_name
&& *server_name
== path_separator
) {
843 dfs_name
= strchr_m(server_name
, path_separator
);
844 if (dfs_name
!= NULL
) {
848 link_path
= strchr_m(dfs_name
, path_separator
);
849 if (link_path
!= NULL
) {
855 if (link_path
!= NULL
) {
857 * If it is a DFS Link we do not
860 return NT_STATUS_NOT_FOUND
;
863 netbios_domain
= lpcfg_workgroup(lp_ctx
);
864 dns_domain
= lpcfg_dnsdomain(lp_ctx
);
865 netbios_name
= lpcfg_netbios_name(lp_ctx
);
866 dns_hostname
= lpcfg_dns_hostname(lp_ctx
);
867 if (dns_hostname
== NULL
) {
868 return NT_STATUS_NO_MEMORY
;
871 if ((strcasecmp_m(server_name
, netbios_name
) == 0) ||
872 (strcasecmp_m(server_name
, dns_hostname
) == 0)) {
874 * If it is not domain related do not
877 return NT_STATUS_NOT_FOUND
;
880 if (is_ipaddress(server_name
)) {
882 * If it is not domain related do not
885 return NT_STATUS_NOT_FOUND
;
888 netbios_aliases
= lpcfg_netbios_aliases(lp_ctx
);
889 while (netbios_aliases
&& *netbios_aliases
) {
890 const char *netbios_alias
= *netbios_aliases
;
894 cmp
= strcasecmp_m(server_name
, netbios_alias
);
897 * If it is not domain related do not
900 return NT_STATUS_NOT_FOUND
;
903 dns_alias
= talloc_asprintf(r
, "%s.%s",
906 if (dns_alias
== NULL
) {
907 return NT_STATUS_NO_MEMORY
;
910 cmp
= strcasecmp_m(server_name
, dns_alias
);
911 talloc_free(dns_alias
);
914 * If it is not domain related do not
917 return NT_STATUS_NOT_FOUND
;
922 if ((strcasecmp_m(server_name
, netbios_domain
) != 0) &&
923 (strcasecmp_m(server_name
, dns_domain
) != 0)) {
925 * Not a domain we handle.
927 return NT_STATUS_INVALID_PARAMETER
;
931 * Here we have filtered the thing the requested name don't contain our DNS name.
932 * So if the share == NULL or if share in ("sysvol", "netlogon")
933 * then we proceed. In the first case it will be a dc refereal in the second it will
934 * be just a sysvol/netlogon referral.
936 if (dfs_name
== NULL
) {
937 return dodc_referral(lp_ctx
, sam_ctx
,
938 client
, r
, server_name
);
942 * Here we have filtered the thing the requested name don't contain our DNS name.
943 * So if the share == NULL or if share in ("sysvol", "netlogon")
944 * then we proceed. In the first case it will be a dc refereal in the second it will
945 * be just a sysvol/netlogon referral.
947 if (strcasecmp(dfs_name
, "sysvol") == 0 ||
948 strcasecmp(dfs_name
, "netlogon") == 0) {
949 return dosysvol_referral(lp_ctx
, sam_ctx
, client
, r
,
950 server_name
, dfs_name
);
953 /* By default until all the case are handled */
954 return NT_STATUS_NOT_FOUND
;