search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
8322 nl: misleading-indentation
[unleashed/tickless.git] / usr / src / lib / smbsrv / libsmbns / common / smbns_netbios_name.c
blob063a505504e51628a65798758e276cc63ae3d08e
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright (c) 2016 by Delphix. All rights reserved.
25 */
26
27 /*
28 * NetBIOS name resolution node types.
29 *
30 * A B-node (broadcast node) uses broadcasts for name registration
31 * and resolution. Routers typically do not forward broadcasts and
32 * only computers on the local subnet will respond.
33 *
34 * A P-node (peer-to-peer node) uses a NetBIOS name server (WINS)
35 * to resolve NetBIOS names, which allows it to work across routers.
36 * In order to function in a P-node environment, all computers must
37 * be configured to use the NetBIOS name server because P-nodes do
38 * not broadcast on the network.
39 *
40 * A mixed node (M-node) behaves as a B-node by default. If it cannot
41 * resolve the name via broadcast then it tries a NetBIOS name server
42 * lookup (P-node).
43 *
44 * A hybrid node (H-node) behaves as a P-node by default. If it cannot
45 * resolve the name using a NetBIOS name server then it resorts to
46 * broadcasts (B-node).
47 *
48 * NetBIOS Name Service Protocols
49 *
50 * A REQUEST packet is always sent to the well known UDP port 137.
51 * The destination address is normally either the IP broadcast address or
52 * the address of the NAME - the address of the NAME server it set up at
53 * initialization time. In rare cases, a request packet will be sent to
54 * an end node, e.g. a NAME QUERY REQUEST sent to "challenge" a node.
55 *
56 * A RESPONSE packet is always sent to the source UDP port and source IP
57 * address of the request packet.
58 *
59 * A DEMAND packet must always be sent to the well known UDP port 137.
60 * There is no restriction on the target IP address.
61 *
62 * A transaction ID is a value composed from the requestor's IP address and
63 * a unique 16 bit value generated by the originator of the transaction.
64 */
65
66 #include <unistd.h>
67 #include <syslog.h>
68 #include <stdlib.h>
69 #include <synch.h>
70 #include <errno.h>
71 #include <netdb.h>
72 #include <sys/socket.h>
73 #include <sys/sockio.h>
74 #include <arpa/inet.h>
75 #include <net/if_arp.h>
76
77 #include <smbsrv/libsmbns.h>
78 #include <smbns_netbios.h>
79
80 /*
81 * RFC 1002 4.2.1.1. HEADER
82 */
83 #define QUESTION_TYPE_NETBIOS_GENERAL 0x20
84 #define QUESTION_TYPE_NETBIOS_STATUS 0x21
85
86 #define QUESTION_CLASS_INTERNET 0x0001
87
88 /*
89 * RFC 1002 4.2.1.3. RESOURCE RECORD
90 */
91 #define RR_TYPE_IP_ADDRESS_RESOURCE 0x0001
92 #define RR_TYPE_NAME_SERVER_RESOURCE 0x0002
93 #define RR_TYPE_NULL_RESOURCE 0x000A
94 #define RR_TYPE_NETBIOS_RESOURCE 0x0020
95 #define RR_TYPE_NETBIOS_STATUS 0x0021
96
97 /*
98 *
99 * RESOURCE RECORD RR_CLASS field definitions
100 */
101 #define RR_CLASS_INTERNET_CLASS 0x0001
102
103 /*
104 * NB_FLAGS field of the RESOURCE RECORD RDATA field for RR_TYPE of NB.
105 */
106 #define RR_FLAGS_NB_ONT_MASK 0x6000
107 #define RR_FLAGS_NB_ONT_B_NODE 0x0000
108 #define RR_FLAGS_NB_ONT_P_NODE 0x2000
109 #define RR_FLAGS_NB_ONT_M_NODE 0x4000
110 #define RR_FLAGS_NB_ONT_RESERVED 0x6000
111 #define RR_FLAGS_NB_GROUP_NAME 0x8000
112
113 #define NAME_FLAGS_PERMANENT_NAME 0x0200
114 #define NAME_FLAGS_ACTIVE_NAME 0x0400
115 #define NAME_FLAGS_CONFLICT 0x0800
116 #define NAME_FLAGS_DEREGISTER 0x1000
117 #define NAME_FLAGS_ONT_MASK 0x6000
118 #define NAME_FLAGS_ONT_B_NODE 0x0000
119 #define NAME_FLAGS_ONT_P_NODE 0x2000
120 #define NAME_FLAGS_ONT_M_NODE 0x4000
121 #define NAME_FLAGS_ONT_RESERVED 0x6000
122 #define NAME_FLAGS_GROUP_NAME 0x8000
123
124 #define MAX_NETBIOS_REPLY_DATA_SIZE 500
125
126 #define NAME_HEADER_SIZE 12
127
128 typedef struct nbt_name_reply {
129 struct nbt_name_reply *forw;
130 struct nbt_name_reply *back;
131 struct name_packet *packet;
132 addr_entry_t *addr;
133 uint16_t name_trn_id;
134 boolean_t reply_ready;
135 } nbt_name_reply_t;
136
137 static nbt_name_reply_t reply_queue;
138 static mutex_t rq_mtx;
139 static cond_t rq_cv;
140
141 static mutex_t nbt_name_config_mtx;
142
143 static name_queue_t delete_queue;
144 static name_queue_t refresh_queue;
145
146 static int name_sock = 0;
147
148 static int bcast_num = 0;
149 static int nbns_num = 0;
150 static addr_entry_t smb_bcast_list[SMB_PI_MAX_NETWORKS];
151 static addr_entry_t smb_nbns[SMB_PI_MAX_WINS];
152
153 static int smb_netbios_process_response(uint16_t, addr_entry_t *,
154 struct name_packet *, uint32_t);
155
156 static int smb_send_name_service_packet(addr_entry_t *addr,
157 struct name_packet *packet);
158
159 /*
160 * Allocate a transaction id.
161 */
162 static uint16_t
163 smb_netbios_name_trn_id(void)
164 {
165 static uint16_t trn_id;
166 static mutex_t trn_id_mtx;
167
168 (void) mutex_lock(&trn_id_mtx);
169
170 do {
171 ++trn_id;
172 } while (trn_id == 0 || trn_id == (uint16_t)-1);
173
174 (void) mutex_unlock(&trn_id_mtx);
175 return (trn_id);
176 }
177
178 static int
179 smb_end_node_challenge(nbt_name_reply_t *reply_info)
180 {
181 int rc;
182 uint32_t retry;
183 uint16_t tid;
184 struct resource_record *answer;
185 struct name_question question;
186 addr_entry_t *addr;
187 struct name_entry *destination;
188 struct name_packet packet;
189 struct timespec st;
190
191 /*
192 * The response packet has in it the address of the presumed owner
193 * of the name. Challenge that owner. If owner either does not
194 * respond or indicates that they no longer own the name, claim the
195 * name. Otherwise, the name cannot be claimed.
196 */
197
198 if ((answer = reply_info->packet->answer) == 0)
199 return (-1);
200
201 destination = answer->name;
202 question.name = answer->name;
203
204 packet.info = NAME_QUERY_REQUEST | NM_FLAGS_UNICAST;
205 packet.qdcount = 1; /* question entries */
206 packet.question = &question;
207 packet.ancount = 0; /* answer recs */
208 packet.answer = NULL;
209 packet.nscount = 0; /* authority recs */
210 packet.authority = NULL;
211 packet.arcount = 0; /* additional recs */
212 packet.additional = NULL;
213
214 addr = &destination->addr_list;
215 for (retry = 0; retry < UCAST_REQ_RETRY_COUNT; retry++) {
216 tid = smb_netbios_name_trn_id();
217 packet.name_trn_id = tid;
218 if (smb_send_name_service_packet(addr, &packet) >= 0) {
219 if ((rc = smb_netbios_process_response(tid, addr,
220 &packet, UCAST_REQ_RETRY_TIMEOUT)) != 0)
221 return (rc);
222 }
223 st.tv_sec = 0;
224 st.tv_nsec = (UCAST_REQ_RETRY_TIMEOUT * 1000000);
225 (void) nanosleep(&st, 0);
226 }
227 /* No reply */
228 return (0);
229 }
230
231 static nbt_name_reply_t *
232 smb_name_get_reply(uint16_t tid, uint32_t timeout)
233 {
234 uint16_t info;
235 struct resource_record *answer;
236 nbt_name_reply_t *reply;
237 uint32_t wait_time, to_save; /* in millisecond */
238 struct timeval wt;
239 timestruc_t to;
240
241 to_save = timeout;
242 reply = malloc(sizeof (nbt_name_reply_t));
243 if (reply != NULL) {
244 reply->reply_ready = B_FALSE;
245 reply->name_trn_id = tid;
246 (void) mutex_lock(&rq_mtx);
247 QUEUE_INSERT_TAIL(&reply_queue, reply);
248 (void) mutex_unlock(&rq_mtx);
249
250 for (;;) {
251 (void) gettimeofday(&wt, 0);
252 wait_time = wt.tv_usec / 1000;
253
254 to.tv_sec = 0;
255 to.tv_nsec = timeout * 1000000;
256 (void) mutex_lock(&rq_mtx);
257 (void) cond_reltimedwait(&rq_cv, &rq_mtx, &to);
258 (void) mutex_unlock(&rq_mtx);
259
260 if (reply->reply_ready) {
261 info = reply->packet->info;
262 if (PACKET_TYPE(info) == WACK_RESPONSE) {
263 answer = reply->packet->answer;
264 wait_time = (answer) ?
265 TO_MILLISECONDS(answer->ttl) :
266 DEFAULT_TTL;
267 free(reply->addr);
268 free(reply->packet);
269 timeout = to_save + wait_time;
270 reply->reply_ready = B_FALSE;
271 reply->name_trn_id = tid;
272 (void) mutex_lock(&rq_mtx);
273 QUEUE_INSERT_TAIL(&reply_queue, reply);
274 (void) mutex_unlock(&rq_mtx);
275 continue;
276 }
277 return (reply);
278 }
279 (void) gettimeofday(&wt, 0);
280 wait_time = (wt.tv_usec / 1000) - wait_time;
281 if (wait_time >= timeout) {
282 (void) mutex_lock(&rq_mtx);
283 QUEUE_CLIP(reply);
284 (void) mutex_unlock(&rq_mtx);
285 free(reply);
286 break;
287 }
288 timeout -= wait_time;
289 }
290 }
291
292 return (0);
293 }
294
295 static void
296 smb_reply_ready(struct name_packet *packet, addr_entry_t *addr)
297 {
298 nbt_name_reply_t *reply;
299 struct resource_record *answer;
300
301 (void) mutex_lock(&rq_mtx);
302 for (reply = reply_queue.forw; reply != &reply_queue;
303 reply = reply->forw) {
304 if (reply->name_trn_id == packet->name_trn_id) {
305 QUEUE_CLIP(reply);
306
307 reply->addr = addr;
308 reply->packet = packet;
309 reply->reply_ready = B_TRUE;
310 (void) cond_signal(&rq_cv);
311 (void) mutex_unlock(&rq_mtx);
312 return;
313 }
314 }
315 (void) mutex_unlock(&rq_mtx);
316
317 /* Presumably nobody is waiting any more... */
318 free(addr);
319
320 answer = packet->answer;
321 if (answer)
322 smb_netbios_name_freeaddrs(answer->name);
323 free(packet);
324 }
325
326 static int
327 smb_netbios_process_response(uint16_t tid, addr_entry_t *addr,
328 struct name_packet *packet, uint32_t timeout)
329 {
330 int rc = 0;
331 uint16_t info;
332 nbt_name_reply_t *reply;
333 struct resource_record *answer;
334 struct name_entry *name;
335 struct name_entry *entry;
336 struct name_question *question;
337 uint32_t ttl;
338
339 if ((reply = smb_name_get_reply(tid, timeout)) == 0) {
340 return (0); /* No reply: retry */
341 }
342 info = reply->packet->info;
343 answer = reply->packet->answer;
344
345 /* response */
346 switch (PACKET_TYPE(info)) {
347 case NAME_QUERY_RESPONSE:
348 if (POSITIVE_RESPONSE(info)) {
349 addr = &answer->name->addr_list;
350 do {
351 /*
352 * Make sure that remote name is not
353 * flagged local
354 */
355 addr->attributes &= ~NAME_ATTR_LOCAL;
356
357 if (answer->ttl)
358 addr->ttl = answer->ttl;
359 else
360 addr->ttl = DEFAULT_TTL;
361 addr->refresh_ttl = TO_SECONDS(addr->ttl);
362 addr->ttl = addr->refresh_ttl;
363
364 addr = addr->forw;
365 } while (addr != &answer->name->addr_list);
366 smb_netbios_name_logf(answer->name);
367 (void) smb_netbios_cache_insert_list(answer->name);
368 rc = 1;
369 } else {
370 rc = -1;
371 }
372 break;
373
374 case NAME_REGISTRATION_RESPONSE:
375 if (NEGATIVE_RESPONSE(info)) {
376 if (RCODE(info) == RCODE_CFT_ERR) {
377 if (answer == 0) {
378 rc = -RCODE(info);
379 break;
380 }
381
382 name = answer->name;
383 entry = smb_netbios_cache_lookup(name);
384 if (entry) {
385 /*
386 * a name in the state "conflict
387 * detected" does not "logically" exist
388 * on that node. No further session
389 * will be accepted on that name.
390 * No datagrams can be sent against
391 * that name.
392 * Such an entry will not be used for
393 * purposes of processing incoming
394 * request packets.
395 * The only valid user NetBIOS operation
396 * against such a name is DELETE NAME.
397 */
398 entry->attributes |= NAME_ATTR_CONFLICT;
399 syslog(LOG_DEBUG,
400 "nbns: name conflict: %15.15s",
401 entry->name);
402 smb_netbios_cache_unlock_entry(entry);
403 }
404 }
405 rc = -RCODE(info);
406 break;
407 }
408
409 /*
410 * name can be added:
411 * adjust refresh timeout value,
412 * TTL, for this name
413 */
414 question = packet->question;
415 ttl = (answer && answer->ttl) ? answer->ttl : DEFAULT_TTL;
416 ttl = TO_SECONDS(ttl);
417 if ((entry = smb_netbios_cache_lookup(question->name)) != 0) {
418 addr = &entry->addr_list;
419 do {
420 if ((addr->refresh_ttl == 0) ||
421 (ttl < addr->refresh_ttl))
422 addr->refresh_ttl = addr->ttl = ttl;
423 addr = addr->forw;
424 } while (addr != &entry->addr_list);
425 smb_netbios_cache_unlock_entry(entry);
426 }
427
428 rc = 1;
429 break;
430
431 case NAME_RELEASE_RESPONSE:
432 rc = 1;
433 break;
434
435 case END_NODE_CHALLENGE_REGISTRATION_REQUEST:
436 /*
437 * The response packet has in it the
438 * address of the presumed owner of the
439 * name. Challenge that owner. If
440 * owner either does not respond or
441 * indicates that they no longer own the
442 * name, claim the name. Otherwise,
443 * the name cannot be claimed.
444 */
445 rc = smb_end_node_challenge(reply);
446 break;
447
448 default:
449 rc = 0;
450 break;
451 }
452
453 if (answer)
454 smb_netbios_name_freeaddrs(answer->name);
455 free(reply->addr);
456 free(reply->packet);
457 free(reply);
458 return (rc); /* retry */
459 }
460
461 /*
462 * smb_name_buf_from_packet
463 *
464 * Description:
465 * Convert a NetBIOS Name Server Packet Block (npb)
466 * into the bits and bytes destined for the wire.
467 * The "buf" is used as a heap.
468 *
469 * Inputs:
470 * char * buf -> Buffer, from the wire
471 * unsigned n_buf -> Length of 'buf'
472 * name_packet *npb -> Packet block, decode into
473 * unsigned n_npb -> Max bytes in 'npb'
474 *
475 * Returns:
476 * >0 -> Encode successful, value is length of packet in "buf"
477 * -1 -> Hard error, can not possibly encode
478 * -2 -> Need more memory in buf -- it's too small
479 */
480 static int
481 smb_name_buf_from_packet(unsigned char *buf, int n_buf,
482 struct name_packet *npb)
483 {
484 addr_entry_t *raddr;
485 unsigned char *heap = buf;
486 unsigned char *end_heap = heap + n_buf;
487 unsigned char *dnptrs[32];
488 unsigned char comp_name_buf[MAX_NAME_LENGTH];
489 unsigned int tmp;
490 int i, step;
491
492 if (n_buf < NAME_HEADER_SIZE)
493 return (-1); /* no header, impossible */
494
495 dnptrs[0] = heap;
496 dnptrs[1] = 0;
497
498 BE_OUT16(heap, npb->name_trn_id);
499 heap += 2;
500
501 BE_OUT16(heap, npb->info);
502 heap += 2;
503
504 BE_OUT16(heap, npb->qdcount);
505 heap += 2;
506
507 BE_OUT16(heap, npb->ancount);
508 heap += 2;
509
510 BE_OUT16(heap, npb->nscount);
511 heap += 2;
512
513 BE_OUT16(heap, npb->arcount);
514 heap += 2;
515
516 for (i = 0; i < npb->qdcount; i++) {
517 if ((heap + 34 + 4) > end_heap)
518 return (-2);
519
520 (void) smb_first_level_name_encode(npb->question[i].name,
521 comp_name_buf, sizeof (comp_name_buf));
522 (void) strcpy((char *)heap, (char *)comp_name_buf);
523 heap += strlen((char *)comp_name_buf) + 1;
524
525 BE_OUT16(heap, npb->question[i].question_type);
526 heap += 2;
527
528 BE_OUT16(heap, npb->question[i].question_class);
529 heap += 2;
530 }
531
532 for (step = 1; step <= 3; step++) {
533 struct resource_record *nrr;
534 int n;
535
536 /* truly ugly, but saves code copying */
537 if (step == 1) {
538 n = npb->ancount;
539 nrr = npb->answer;
540 } else if (step == 2) {
541 n = npb->nscount;
542 nrr = npb->authority;
543 } else { /* step == 3 */
544 n = npb->arcount;
545 nrr = npb->additional;
546 }
547
548 for (i = 0; i < n; i++) {
549 if ((heap + 34 + 10) > end_heap)
550 return (-2);
551
552 (void) smb_first_level_name_encode(nrr->name,
553 comp_name_buf, sizeof (comp_name_buf));
554 (void) strcpy((char *)heap, (char *)comp_name_buf);
555 heap += strlen((char *)comp_name_buf) + 1;
556
557 BE_OUT16(heap, nrr[i].rr_type);
558 heap += 2;
559
560 BE_OUT16(heap, nrr[i].rr_class);
561 heap += 2;
562
563 BE_OUT32(heap, nrr[i].ttl);
564 heap += 4;
565
566 BE_OUT16(heap, nrr[i].rdlength);
567 heap += 2;
568
569 if ((tmp = nrr[i].rdlength) > 0) {
570 if ((heap + tmp) > end_heap)
571 return (-2);
572
573 if (nrr[i].rr_type == NAME_RR_TYPE_NB &&
574 nrr[i].rr_class == NAME_RR_CLASS_IN &&
575 tmp >= 6 && nrr[i].rdata == 0) {
576 tmp = nrr[i].name->attributes &
577 (NAME_ATTR_GROUP |
578 NAME_ATTR_OWNER_NODE_TYPE);
579 BE_OUT16(heap, tmp);
580 heap += 2;
581
582 raddr = &nrr[i].name->addr_list;
583 (void) memcpy(heap,
584 &raddr->sin.sin_addr.s_addr,
585 sizeof (uint32_t));
586 heap += 4;
587 } else {
588 bcopy(nrr[i].rdata, heap, tmp);
589 heap += tmp;
590 }
591 }
592 }
593 }
594 return (heap - buf);
595 }
596
597 /*
598 * strnchr
599 *
600 * Lookup for character 'c' in first 'n' chars of string 's'.
601 * Returns pointer to the found char, otherwise returns 0.
602 */
603 static char *
604 strnchr(const char *s, char c, int n)
605 {
606 char *ps = (char *)s;
607 char *es = (char *)s + n;
608
609 while (ps < es && *ps) {
610 if (*ps == c)
611 return (ps);
612
613 ++ps;
614 }
615
616 if (*ps == '\0' && c == '\0')
617 return (ps);
618
619 return (0);
620 }
621
622 static boolean_t
623 is_multihome(char *name)
624 {
625 return (smb_nic_getnum(name) > 1);
626 }
627
628 /*
629 * smb_netbios_getname
630 *
631 * Get the Netbios name part of the given record.
632 * Does some boundary checks.
633 *
634 * Returns the name length on success, otherwise
635 * returns 0.
636 */
637 static int
638 smb_netbios_getname(char *name, char *buf, char *buf_end)
639 {
640 char *name_end;
641 int name_len;
642
643 if (buf >= buf_end) {
644 /* no room for a NB name */
645 return (0);
646 }
647
648 name_end = strnchr(buf, '\0', buf_end - buf + 1);
649 if (name_end == 0) {
650 /* not a valid NB name */
651 return (0);
652 }
653
654 name_len = name_end - buf + 1;
655
656 (void) strlcpy(name, buf, name_len);
657 return (name_len);
658 }
659
660 /*
661 * smb_name_buf_to_packet
662 *
663 * Convert the bits and bytes that came from the wire into a NetBIOS
664 * Name Server Packet Block (npb). The "block" is used as a heap.
665 *
666 * Returns a pointer to a name packet on success. Otherwise, returns
667 * a NULL pointer.
668 */
669 static struct name_packet *
670 smb_name_buf_to_packet(char *buf, int n_buf)
671 {
672 struct name_packet *npb;
673 unsigned char *heap;
674 unsigned char *scan = (unsigned char *)buf;
675 unsigned char *scan_end = scan + n_buf;
676 char name_buf[MAX_NAME_LENGTH];
677 struct resource_record *nrr = 0;
678 int rc, i, n, nn, ns;
679 uint16_t name_trn_id, info;
680 uint16_t qdcount, ancount, nscount, arcount;
681 addr_entry_t *next;
682 int name_len;
683
684 if (n_buf < NAME_HEADER_SIZE) {
685 /* truncated header */
686 syslog(LOG_DEBUG, "nbns: short packet (%d bytes)", n_buf);
687 return (NULL);
688 }
689
690 name_trn_id = BE_IN16(scan); scan += 2;
691 info = BE_IN16(scan); scan += 2;
692 qdcount = BE_IN16(scan); scan += 2;
693 ancount = BE_IN16(scan); scan += 2;
694 nscount = BE_IN16(scan); scan += 2;
695 arcount = BE_IN16(scan); scan += 2;
696
697 ns = sizeof (struct name_entry);
698 n = n_buf + sizeof (struct name_packet) +
699 ((unsigned)qdcount * (sizeof (struct name_question) + ns)) +
700 ((unsigned)ancount * (sizeof (struct resource_record) + ns)) +
701 ((unsigned)nscount * (sizeof (struct resource_record) + ns)) +
702 ((unsigned)arcount * (sizeof (struct resource_record) + ns));
703
704 if ((npb = malloc(n)) == NULL)
705 return (NULL);
706
707 bzero(npb, n);
708 heap = npb->block_data;
709 npb->name_trn_id = name_trn_id;
710 npb->info = info;
711 npb->qdcount = qdcount;
712 npb->ancount = ancount;
713 npb->nscount = nscount;
714 npb->arcount = arcount;
715
716 /* scan is in position for question entries */
717
718 /*
719 * Measure the space needed for the tables
720 */
721 if (qdcount > 0) {
722 /* LINTED - E_BAD_PTR_CAST_ALIGN */
723 npb->question = (struct name_question *)heap;
724 heap += qdcount * sizeof (struct name_question);
725 for (i = 0; i < qdcount; i++) {
726 /* LINTED - E_BAD_PTR_CAST_ALIGN */
727 npb->question[i].name = (struct name_entry *)heap;
728 heap += sizeof (struct name_entry);
729 }
730 }
731
732 /* LINTED - E_BAD_PTR_CAST_ALIGN */
733 nrr = (struct resource_record *)heap;
734
735 if (ancount > 0) {
736 /* LINTED - E_BAD_PTR_CAST_ALIGN */
737 npb->answer = (struct resource_record *)heap;
738 heap += ancount * sizeof (struct resource_record);
739 }
740
741 if (nscount > 0) {
742 /* LINTED - E_BAD_PTR_CAST_ALIGN */
743 npb->authority = (struct resource_record *)heap;
744 heap += nscount * sizeof (struct resource_record);
745 }
746
747 if (arcount > 0) {
748 /* LINTED - E_BAD_PTR_CAST_ALIGN */
749 npb->additional = (struct resource_record *)heap;
750 heap += arcount * sizeof (struct resource_record);
751 }
752
753 /*
754 * Populate each resource_record's .name field.
755 * Done as a second pass so that all resource records
756 * (answer, authority, additional) are consecutive via nrr[i].
757 */
758 for (i = 0; i < (ancount + nscount + arcount); i++) {
759 /* LINTED - E_BAD_PTR_CAST_ALIGN */
760 nrr[i].name = (struct name_entry *)heap;
761 heap += sizeof (struct name_entry);
762 }
763
764
765 for (i = 0; i < npb->qdcount; i++) {
766 name_len = smb_netbios_getname(name_buf, (char *)scan,
767 (char *)scan_end);
768 if (name_len <= 0) {
769 free(npb);
770 return (NULL);
771 }
772
773 smb_init_name_struct(NETBIOS_EMPTY_NAME, 0, 0, 0, 0, 0, 0,
774 npb->question[i].name);
775 rc = smb_first_level_name_decode((unsigned char *)name_buf,
776 npb->question[i].name);
777 if (rc < 0) {
778 /* Couldn't decode the question name */
779 free(npb);
780 return (NULL);
781 }
782
783 scan += name_len;
784 if (scan + 4 > scan_end) {
785 /* no room for Question Type(2) and Class(2) fields */
786 free(npb);
787 return (NULL);
788 }
789
790 npb->question[i].question_type = BE_IN16(scan); scan += 2;
791 npb->question[i].question_class = BE_IN16(scan); scan += 2;
792 }
793
794 /*
795 * Cheat. Remaining sections are of the same resource_record
796 * format. Table space is consecutive.
797 */
798
799 for (i = 0; i < (ancount + nscount + arcount); i++) {
800 if (scan[0] == 0xc0) {
801 /* Namebuf is reused... */
802 rc = 2;
803 } else {
804 name_len = smb_netbios_getname(name_buf, (char *)scan,
805 (char *)scan_end);
806 if (name_len <= 0) {
807 free(npb);
808 return (NULL);
809 }
810 rc = name_len;
811 }
812 scan += rc;
813
814 if (scan + 10 > scan_end) {
815 /*
816 * no room for RR_TYPE (2), RR_CLASS (2), TTL (4) and
817 * RDLENGTH (2) fields.
818 */
819 free(npb);
820 return (NULL);
821 }
822
823 smb_init_name_struct(NETBIOS_EMPTY_NAME, 0, 0, 0, 0, 0, 0,
824 nrr[i].name);
825 if ((rc = smb_first_level_name_decode((unsigned char *)name_buf,
826 nrr[i].name)) < 0) {
827 free(npb);
828 return (NULL);
829 }
830
831 nrr[i].rr_type = BE_IN16(scan); scan += 2;
832 nrr[i].rr_class = BE_IN16(scan); scan += 2;
833 nrr[i].ttl = BE_IN32(scan); scan += 4;
834 nrr[i].rdlength = BE_IN16(scan); scan += 2;
835
836 if ((n = nrr[i].rdlength) > 0) {
837 if ((scan + n) > scan_end) {
838 /* no room for RDATA */
839 free(npb);
840 return (NULL);
841 }
842 bcopy(scan, heap, n);
843
844 nn = n;
845 if (nrr[i].rr_type == 0x0020 &&
846 nrr[i].rr_class == 0x01 && n >= 6) {
847 while (nn) {
848 if (nn == 6)
849 next = &nrr[i].name->addr_list;
850 else {
851 next = malloc(
852 sizeof (addr_entry_t));
853 if (next == 0) {
854 /* not enough memory */
855 free(npb);
856 return (NULL);
857 }
858 QUEUE_INSERT_TAIL(
859 &nrr[i].name->addr_list,
860 next);
861 }
862 nrr[i].name->attributes =
863 BE_IN16(scan);
864 next->sin.sin_family = AF_INET;
865 next->sinlen = sizeof (next->sin);
866 (void) memcpy(
867 &next->sin.sin_addr.s_addr,
868 scan + 2, sizeof (uint32_t));
869 next->sin.sin_port =
870 htons(IPPORT_NETBIOS_DGM);
871 nn -= 6;
872 scan += 6;
873 }
874 } else {
875 nrr[i].rdata = heap;
876 scan += n;
877 }
878 heap += n;
879 }
880 }
881 return (npb);
882 }
883
884 /*
885 * smb_send_name_service_packet
886 *
887 * Description:
888 *
889 * Send out a name service packet to proper destination.
890 *
891 * Inputs:
892 * struct netbios_name *dest -> NETBIOS name of destination
893 * struct name_packet *packet -> Packet to send
894 *
895 * Returns:
896 * success -> >0
897 * failure -> <=0
898 */
899 static int
900 smb_send_name_service_packet(addr_entry_t *addr, struct name_packet *packet)
901 {
902 unsigned char buf[MAX_DATAGRAM_LENGTH];
903 int len;
904
905 if ((len = smb_name_buf_from_packet(buf, sizeof (buf), packet)) < 0) {
906 errno = EINVAL;
907 return (-1);
908 }
909
910 return (sendto(name_sock, buf, len, MSG_EOR,
911 (struct sockaddr *)&addr->sin, addr->sinlen));
912 }
913
914 /*
915 * smb_netbios_send_rcv
916 *
917 * This function sends the given NetBIOS packet to the given
918 * address and get back the response. If send operation is not
919 * successful, it's repeated 'retries' times.
920 *
921 * Returns:
922 * 0 Unsuccessful send operation; no reply
923 * 1 Got reply
924 */
925 static int
926 smb_netbios_send_rcv(int bcast, addr_entry_t *destination,
927 struct name_packet *packet, uint32_t retries, uint32_t timeout)
928 {
929 uint32_t retry;
930 uint16_t tid;
931 struct timespec st;
932 int rc;
933
934 for (retry = 0; retry < retries; retry++) {
935 if ((destination->flags & ADDR_FLAG_VALID) == 0)
936 return (0);
937
938 tid = smb_netbios_name_trn_id();
939 packet->name_trn_id = tid;
940 if (smb_send_name_service_packet(destination, packet) >= 0) {
941 rc = smb_netbios_process_response(tid, destination,
942 packet, timeout);
943
944 if ((rc > 0) || (bcast == BROADCAST))
945 return (1);
946
947 if (rc != 0)
948 return (0);
949 }
950
951 st.tv_sec = 0;
952 st.tv_nsec = (timeout * 1000000);
953 (void) nanosleep(&st, 0);
954 }
955
956 return (0);
957 }
958
959 /*
960 * RFC 1002 4.2.2. NAME REGISTRATION REQUEST
961 */
962 static int
963 smb_send_name_registration_request(int bcast, struct name_question *question,
964 struct resource_record *additional)
965 {
966 int gotreply = 0;
967 uint32_t retries;
968 uint32_t timeout;
969 addr_entry_t *destination;
970 struct name_packet packet;
971 unsigned char type;
972 int i, addr_num, rc;
973
974 type = question->name->name[15];
975 if ((type != NBT_WKSTA) && (type != NBT_SERVER)) {
976 syslog(LOG_DEBUG, "nbns: name registration bad type (0x%02x)",
977 type);
978 smb_netbios_name_logf(question->name);
979 question->name->attributes &= ~NAME_ATTR_LOCAL;
980 return (-1);
981 }
982
983 if (bcast == BROADCAST) {
984 if (bcast_num == 0)
985 return (0);
986 destination = smb_bcast_list;
987 addr_num = bcast_num;
988 retries = BCAST_REQ_RETRY_COUNT;
989 timeout = BCAST_REQ_RETRY_TIMEOUT;
990 packet.info = NAME_REGISTRATION_REQUEST | NM_FLAGS_BROADCAST;
991 } else {
992 if (nbns_num == 0)
993 return (0);
994 destination = smb_nbns;
995 addr_num = nbns_num;
996 retries = UCAST_REQ_RETRY_COUNT;
997 timeout = UCAST_REQ_RETRY_TIMEOUT;
998 packet.info = NAME_REGISTRATION_REQUEST | NM_FLAGS_UNICAST;
999 }
1000
1001 packet.qdcount = 1; /* question entries */
1002 packet.question = question;
1003 packet.ancount = 0; /* answer recs */
1004 packet.answer = NULL;
1005 packet.nscount = 0; /* authority recs */
1006 packet.authority = NULL;
1007 packet.arcount = 1; /* additional recs */
1008 packet.additional = additional;
1009
1010 if (IS_UNIQUE(question->name->attributes) &&
1011 (is_multihome((char *)(question->name->name))))
1012 packet.info |= NAME_MULTIHOME_REGISTRATION_REQUEST;
1013
1014 for (i = 0; i < addr_num; i++) {
1015 /*
1016 * Only register with the Primary WINS server,
1017 * unless we got no reply.
1018 */
1019 if ((bcast == UNICAST) && gotreply)
1020 break;
1021
1022 rc = smb_netbios_send_rcv(bcast, &destination[i], &packet,
1023 retries, timeout);
1024 if (rc == 1)
1025 gotreply = 1;
1026 }
1027
1028 return (gotreply);
1029 }
1030
1031 /*
1032 * RFC 1002 4.2.4. NAME REFRESH REQUEST
1033 */
1034 /*ARGSUSED*/
1035 static int
1036 smb_send_name_refresh_request(int bcast, struct name_question *question,
1037 struct resource_record *additional, int force)
1038 {
1039 int rc = 0;
1040 int gotreply = 0;
1041 uint32_t retries;
1042 uint32_t timeout;
1043 addr_entry_t *addr;
1044 addr_entry_t *destination;
1045 struct name_packet packet;
1046 unsigned char type;
1047 int i, addr_num, q_addrs = 0;
1048
1049 type = question->name->name[15];
1050 if ((type != NBT_WKSTA) && (type != NBT_SERVER)) {
1051 syslog(LOG_DEBUG, "nbns: name refresh bad type (0x%02x)", type);
1052 smb_netbios_name_logf(question->name);
1053 question->name->attributes &= ~NAME_ATTR_LOCAL;
1054 return (-1);
1055 }
1056 switch (bcast) {
1057 case BROADCAST :
1058 if (bcast_num == 0)
1059 return (-1);
1060 destination = smb_bcast_list;
1061 addr_num = bcast_num;
1062 retries = BCAST_REQ_RETRY_COUNT;
1063 timeout = BCAST_REQ_RETRY_TIMEOUT;
1064 packet.info = NAME_REFRESH_REQUEST | NM_FLAGS_BROADCAST;
1065 break;
1066
1067 case UNICAST :
1068 if (nbns_num == 0)
1069 return (-1);
1070 destination = smb_nbns;
1071 addr_num = nbns_num;
1072 retries = UCAST_REQ_RETRY_COUNT;
1073 timeout = UCAST_REQ_RETRY_TIMEOUT;
1074 packet.info = NAME_REFRESH_REQUEST | NM_FLAGS_UNICAST;
1075 break;
1076
1077 default:
1078 destination = &question->name->addr_list;
1079 /*
1080 * the value of addr_num is irrelvant here, because
1081 * the code is going to do special_process so it doesn't
1082 * need the addr_num. We set a value here just to avoid
1083 * compiler warning.
1084 */
1085 addr_num = 0;
1086 retries = UCAST_REQ_RETRY_COUNT;
1087 timeout = UCAST_REQ_RETRY_TIMEOUT;
1088 packet.info = NAME_REFRESH_REQUEST | NM_FLAGS_UNICAST;
1089 q_addrs = 1;
1090 break;
1091 }
1092
1093 if (IS_UNIQUE(question->name->attributes) &&
1094 (is_multihome((char *)(question->name->name))))
1095 packet.info |= NAME_MULTIHOME_REGISTRATION_REQUEST;
1096
1097 packet.qdcount = 1; /* question entries */
1098 packet.question = question;
1099 packet.ancount = 0; /* answer recs */
1100 packet.answer = NULL;
1101 packet.nscount = 0; /* authority recs */
1102 packet.authority = NULL;
1103 packet.arcount = 1; /* additional recs */
1104 packet.additional = additional;
1105
1106 if (q_addrs)
1107 goto special_process;
1108
1109 for (i = 0; i < addr_num; i++) {
1110 rc = smb_netbios_send_rcv(bcast, &destination[i], &packet,
1111 retries, timeout);
1112 if (rc == 1)
1113 gotreply = 1;
1114 }
1115
1116 return (gotreply);
1117
1118 special_process:
1119 addr = destination;
1120 do {
1121 rc = smb_netbios_send_rcv(bcast, addr, &packet,
1122 retries, timeout);
1123 if (rc == 1)
1124 gotreply = 1;
1125 addr = addr->forw;
1126 } while (addr != destination);
1127
1128 return (gotreply);
1129 }
1130
1131 /*
1132 * RFC 1002 4.2.5. POSITIVE NAME REGISTRATION RESPONSE
1133 * RFC 1002 4.2.6. NEGATIVE NAME REGISTRATION RESPONSE
1134 */
1135 static int
1136 smb_send_name_registration_response(addr_entry_t *addr,
1137 struct name_packet *original_packet, uint16_t rcode)
1138 {
1139 struct name_packet packet;
1140 struct resource_record answer;
1141
1142 bzero(&packet, sizeof (struct name_packet));
1143 bzero(&answer, sizeof (struct resource_record));
1144
1145 packet.name_trn_id = original_packet->name_trn_id;
1146 packet.info = NAME_REGISTRATION_RESPONSE | NAME_NM_FLAGS_RA |
1147 (rcode & NAME_RCODE_MASK);
1148 packet.qdcount = 0; /* question entries */
1149 packet.question = NULL;
1150 packet.ancount = 1; /* answer recs */
1151 packet.answer = &answer;
1152 packet.nscount = 0; /* authority recs */
1153 packet.authority = NULL;
1154 packet.arcount = 0; /* additional recs */
1155 packet.additional = NULL;
1156
1157 answer.name = original_packet->question->name;
1158 answer.rr_type = NAME_QUESTION_TYPE_NB;
1159 answer.rr_class = NAME_QUESTION_CLASS_IN;
1160 answer.ttl = original_packet->additional->ttl;
1161 answer.rdlength = original_packet->additional->rdlength;
1162 answer.rdata = original_packet->additional->rdata;
1163
1164 return (smb_send_name_service_packet(addr, &packet));
1165 }
1166
1167 /*
1168 * RFC 1002 4.2.9. NAME RELEASE REQUEST & DEMAND
1169 */
1170 static int
1171 smb_send_name_release_request_and_demand(int bcast,
1172 struct name_question *question, struct resource_record *additional)
1173 {
1174 int gotreply = 0;
1175 int i, rc;
1176 int addr_num;
1177 uint32_t retries;
1178 uint32_t timeout;
1179 addr_entry_t *destination;
1180 struct name_packet packet;
1181
1182 if (bcast == BROADCAST) {
1183 if (bcast_num == 0)
1184 return (-1);
1185 destination = smb_bcast_list;
1186 addr_num = bcast_num;
1187 retries = 1; /* BCAST_REQ_RETRY_COUNT */
1188 timeout = 100; /* BCAST_REQ_RETRY_TIMEOUT */
1189 packet.info = NAME_RELEASE_REQUEST | NM_FLAGS_BROADCAST;
1190 } else {
1191 if (nbns_num == 0)
1192 return (-1);
1193 destination = smb_nbns;
1194 addr_num = nbns_num;
1195 retries = 1; /* UCAST_REQ_RETRY_COUNT */
1196 timeout = 100; /* UCAST_REQ_RETRY_TIMEOUT */
1197 packet.info = NAME_RELEASE_REQUEST | NM_FLAGS_UNICAST;
1198 }
1199
1200 packet.qdcount = 1; /* question entries */
1201 packet.question = question;
1202 packet.ancount = 0; /* answer recs */
1203 packet.answer = NULL;
1204 packet.nscount = 0; /* authority recs */
1205 packet.authority = NULL;
1206 packet.arcount = 1; /* additional recs */
1207 packet.additional = additional;
1208
1209 for (i = 0; i < addr_num; i++) {
1210 rc = smb_netbios_send_rcv(bcast, &destination[i], &packet,
1211 retries, timeout);
1212 if (rc == 1)
1213 gotreply = 1;
1214 }
1215
1216 return (gotreply);
1217 }
1218
1219 /*
1220 * RFC 1002 4.2.10. POSITIVE NAME RELEASE RESPONSE
1221 * RFC 1002 4.2.11. NEGATIVE NAME RELEASE RESPONSE
1222 */
1223 static int
1224 /* LINTED - E_STATIC_UNUSED */
1225 smb_send_name_release_response(addr_entry_t *addr,
1226 struct name_packet *original_packet, uint16_t rcode)
1227 {
1228 struct name_packet packet;
1229 struct resource_record answer;
1230
1231 bzero(&packet, sizeof (struct name_packet));
1232 bzero(&answer, sizeof (struct resource_record));
1233
1234 packet.name_trn_id = original_packet->name_trn_id;
1235 packet.info = NAME_RELEASE_RESPONSE | (rcode & NAME_RCODE_MASK);
1236 packet.qdcount = 0; /* question entries */
1237 packet.question = NULL;
1238 packet.ancount = 1; /* answer recs */
1239 packet.answer = &answer;
1240 packet.nscount = 0; /* authority recs */
1241 packet.authority = NULL;
1242 packet.arcount = 0; /* additional recs */
1243 packet.additional = NULL;
1244
1245 answer.name = original_packet->question->name;
1246 answer.rr_type = NAME_QUESTION_TYPE_NB;
1247 answer.rr_class = NAME_QUESTION_CLASS_IN;
1248 answer.ttl = original_packet->additional->ttl;
1249 answer.rdlength = original_packet->additional->rdlength;
1250 answer.rdata = original_packet->additional->rdata;
1251
1252 return (smb_send_name_service_packet(addr, &packet));
1253 }
1254
1255 /*
1256 * RFC 1002 4.2.12. NAME QUERY REQUEST
1257 */
1258 static int
1259 smb_send_name_query_request(int bcast, struct name_question *question)
1260 {
1261 int rc = 0;
1262 uint32_t retry, retries;
1263 uint32_t timeout;
1264 uint16_t tid;
1265 addr_entry_t *destination;
1266 struct name_packet packet;
1267 int i, addr_num;
1268 struct timespec st;
1269
1270 if (bcast == BROADCAST) {
1271 if (bcast_num == 0)
1272 return (-1);
1273 destination = smb_bcast_list;
1274 addr_num = bcast_num;
1275 retries = BCAST_REQ_RETRY_COUNT;
1276 timeout = BCAST_REQ_RETRY_TIMEOUT;
1277 packet.info = NAME_QUERY_REQUEST | NM_FLAGS_BROADCAST;
1278 } else {
1279 if (nbns_num == 0)
1280 return (-1);
1281 destination = smb_nbns;
1282 addr_num = nbns_num;
1283 retries = UCAST_REQ_RETRY_COUNT;
1284 timeout = UCAST_REQ_RETRY_TIMEOUT;
1285 packet.info = NAME_QUERY_REQUEST | NM_FLAGS_UNICAST;
1286 }
1287 packet.qdcount = 1; /* question entries */
1288 packet.question = question;
1289 packet.ancount = 0; /* answer recs */
1290 packet.answer = NULL;
1291 packet.nscount = 0; /* authority recs */
1292 packet.authority = NULL;
1293 packet.arcount = 0; /* additional recs */
1294 packet.additional = NULL;
1295
1296 for (i = 0; i < addr_num; i++) {
1297 for (retry = 0; retry < retries; retry++) {
1298 if ((destination[i].flags & ADDR_FLAG_VALID) == 0)
1299 break;
1300 tid = smb_netbios_name_trn_id();
1301 packet.name_trn_id = tid;
1302
1303 if (smb_send_name_service_packet(&destination[i],
1304 &packet) >= 0) {
1305 if ((rc = smb_netbios_process_response(tid,
1306 &destination[i],
1307 &packet, timeout)) != 0)
1308 break;
1309 }
1310 st.tv_sec = 0;
1311 st.tv_nsec = (timeout * 1000000);
1312 (void) nanosleep(&st, 0);
1313 }
1314 }
1315
1316 return (rc);
1317 }
1318
1319 /*
1320 * RFC 1002 4.2.13. POSITIVE NAME QUERY RESPONSE
1321 * RFC 1002 4.2.14. NEGATIVE NAME QUERY RESPONSE
1322 */
1323 static int
1324 smb_send_name_query_response(addr_entry_t *addr,
1325 struct name_packet *original_packet, struct name_entry *entry,
1326 uint16_t rcode)
1327 {
1328 addr_entry_t *raddr;
1329 struct name_packet packet;
1330 struct resource_record answer;
1331 uint16_t attr;
1332 unsigned char data[MAX_DATAGRAM_LENGTH];
1333 unsigned char *scan = data;
1334 uint32_t ret_addr;
1335
1336 packet.name_trn_id = original_packet->name_trn_id;
1337 packet.info = NAME_QUERY_RESPONSE | (rcode & NAME_RCODE_MASK);
1338 packet.qdcount = 0; /* question entries */
1339 packet.question = NULL;
1340 packet.ancount = 1; /* answer recs */
1341 packet.answer = &answer;
1342 packet.nscount = 0; /* authority recs */
1343 packet.authority = NULL;
1344 packet.arcount = 0; /* additional recs */
1345 packet.additional = NULL;
1346
1347 answer.name = entry;
1348 answer.rr_class = NAME_QUESTION_CLASS_IN;
1349 answer.ttl = entry->addr_list.ttl;
1350 answer.rdata = data;
1351 if (rcode) {
1352 answer.rr_type = NAME_RR_TYPE_NULL;
1353 answer.rdlength = 0;
1354 bzero(data, 6);
1355 } else {
1356 answer.rdlength = 0;
1357 answer.rr_type = NAME_QUESTION_TYPE_NB;
1358 raddr = &entry->addr_list;
1359 scan = data;
1360 do {
1361 attr = entry->attributes & (NAME_ATTR_GROUP |
1362 NAME_ATTR_OWNER_NODE_TYPE);
1363
1364 BE_OUT16(scan, attr); scan += 2;
1365 ret_addr = LE_32(raddr->sin.sin_addr.s_addr);
1366 *scan++ = ret_addr;
1367 *scan++ = ret_addr >> 8;
1368 *scan++ = ret_addr >> 16;
1369 *scan++ = ret_addr >> 24;
1370
1371 answer.rdlength += 6;
1372 raddr = raddr->forw;
1373 } while (raddr != &entry->addr_list);
1374 }
1375
1376 return (smb_send_name_service_packet(addr, &packet));
1377 }
1378
1379 /*
1380 * RFC 1002 4.2.18. NODE STATUS RESPONSE
1381 */
1382 static int
1383 smb_send_node_status_response(addr_entry_t *addr,
1384 struct name_packet *original_packet)
1385 {
1386 uint32_t net_ipaddr;
1387 int64_t max_connections;
1388 struct arpreq arpreq;
1389 struct name_packet packet;
1390 struct resource_record answer;
1391 unsigned char *scan;
1392 unsigned char *scan_end;
1393 unsigned char data[MAX_NETBIOS_REPLY_DATA_SIZE];
1394 boolean_t scan_done = B_FALSE;
1395 smb_inaddr_t ipaddr;
1396
1397 bzero(&packet, sizeof (struct name_packet));
1398 bzero(&answer, sizeof (struct resource_record));
1399
1400 packet.name_trn_id = original_packet->name_trn_id;
1401 packet.info = NODE_STATUS_RESPONSE;
1402 packet.qdcount = 0; /* question entries */
1403 packet.question = NULL;
1404 packet.ancount = 1; /* answer recs */
1405 packet.answer = &answer;
1406 packet.nscount = 0; /* authority recs */
1407 packet.authority = NULL;
1408 packet.arcount = 0; /* additional recs */
1409 packet.additional = NULL;
1410
1411 answer.name = original_packet->question->name;
1412 answer.rr_type = NAME_RR_TYPE_NBSTAT;
1413 answer.rr_class = NAME_QUESTION_CLASS_IN;
1414 answer.ttl = 0;
1415 answer.rdata = data;
1416
1417 scan = smb_netbios_cache_status(data, MAX_NETBIOS_REPLY_DATA_SIZE,
1418 original_packet->question->name->scope);
1419
1420 scan_end = data + MAX_NETBIOS_REPLY_DATA_SIZE;
1421
1422 ipaddr.a_ipv4 = addr->sin.sin_addr.s_addr;
1423 ipaddr.a_family = AF_INET;
1424 if (smb_nic_is_same_subnet(&ipaddr))
1425 net_ipaddr = addr->sin.sin_addr.s_addr;
1426 else
1427 net_ipaddr = 0;
1428
1429 (void) smb_config_getnum(SMB_CI_MAX_CONNECTIONS, &max_connections);
1430
1431 while (!scan_done) {
1432 if ((scan + 6) >= scan_end) {
1433 packet.info |= NAME_NM_FLAGS_TC;
1434 break;
1435 }
1436
1437 if (net_ipaddr != 0) {
1438 struct sockaddr_in *s_in;
1439 int s;
1440
1441 s = socket(AF_INET, SOCK_DGRAM, 0);
1442 /* LINTED - E_BAD_PTR_CAST_ALIGN */
1443 s_in = (struct sockaddr_in *)&arpreq.arp_pa;
1444 s_in->sin_family = AF_INET;
1445 s_in->sin_addr.s_addr = net_ipaddr;
1446 if (ioctl(s, SIOCGARP, (caddr_t)&arpreq) < 0) {
1447 bzero(scan, 6);
1448 } else {
1449 bcopy(&arpreq.arp_ha.sa_data, scan, 6);
1450 }
1451 (void) close(s);
1452 } else {
1453 bzero(scan, 6);
1454 }
1455 scan += 6;
1456
1457 if ((scan + 26) >= scan_end) {
1458 packet.info |= NAME_NM_FLAGS_TC;
1459 break;
1460 }
1461 bzero(scan, 26);
1462 scan += 26;
1463
1464 if ((scan + 2) >= scan_end) {
1465 packet.info |= NAME_NM_FLAGS_TC;
1466 break;
1467 }
1468 BE_OUT16(scan, 0); scan += 2;
1469
1470 if ((scan + 2) >= scan_end) {
1471 packet.info |= NAME_NM_FLAGS_TC;
1472 break;
1473 }
1474 BE_OUT16(scan, 0); scan += 2;
1475
1476 if ((scan + 2) >= scan_end) {
1477 packet.info |= NAME_NM_FLAGS_TC;
1478 break;
1479 }
1480 BE_OUT16(scan, 0); scan += 2;
1481
1482 if ((scan + 2) >= scan_end) {
1483 packet.info |= NAME_NM_FLAGS_TC;
1484 break;
1485 }
1486 BE_OUT16(scan, 0); scan += 2;
1487
1488 if ((scan + 2) >= scan_end) {
1489 packet.info |= NAME_NM_FLAGS_TC;
1490 break;
1491 }
1492 BE_OUT16(scan, 0); scan += 2;
1493
1494 if ((scan + 2) >= scan_end) {
1495 packet.info |= NAME_NM_FLAGS_TC;
1496 break;
1497 }
1498 BE_OUT16(scan, 0); scan += 2;
1499
1500 if ((scan + 2) >= scan_end) {
1501 packet.info |= NAME_NM_FLAGS_TC;
1502 break;
1503 }
1504 BE_OUT16(scan, 0); scan += 2;
1505
1506 if ((scan + 2) >= scan_end) {
1507 packet.info |= NAME_NM_FLAGS_TC;
1508 break;
1509 }
1510 BE_OUT16(scan, max_connections); scan += 2;
1511
1512 if ((scan + 2) >= scan_end) {
1513 packet.info |= NAME_NM_FLAGS_TC;
1514 break;
1515 }
1516
1517 BE_OUT16(scan, 0); scan += 2;
1518
1519 scan_done = B_TRUE;
1520 }
1521 answer.rdlength = scan - data;
1522 return (smb_send_name_service_packet(addr, &packet));
1523 }
1524
1525 static int
1526 smb_name_Bnode_add_name(struct name_entry *name)
1527 {
1528 struct name_question question;
1529 struct resource_record additional;
1530 unsigned char data[8];
1531 uint16_t attr;
1532 addr_entry_t *addr;
1533 int rc = 0;
1534
1535 addr = &name->addr_list;
1536
1537 do {
1538 /* build name service packet */
1539 question.name = name;
1540 /*
1541 * question.name->attributes |= NAME_NB_FLAGS_ONT_B;
1542 * This is commented because NAME_NB_FLAGS_ONT_B is 0
1543 */
1544 question.question_type = NAME_QUESTION_TYPE_NB;
1545 question.question_class = NAME_QUESTION_CLASS_IN;
1546
1547 additional.name = name;
1548 additional.rr_class = NAME_QUESTION_CLASS_IN;
1549 additional.ttl = 0;
1550 additional.rdata = data;
1551 additional.rdlength = 6;
1552 additional.rr_type = NAME_QUESTION_TYPE_NB;
1553 attr = name->attributes & (NAME_ATTR_GROUP |
1554 NAME_ATTR_OWNER_NODE_TYPE);
1555
1556 BE_OUT16(&data[0], attr);
1557 (void) memcpy(&data[2], &addr->sin.sin_addr.s_addr,
1558 sizeof (uint32_t));
1559
1560 rc |= smb_send_name_registration_request(BROADCAST, &question,
1561 &additional);
1562 addr = addr->forw;
1563
1564 } while (addr != &name->addr_list);
1565
1566 return (rc);
1567 }
1568
1569 static int
1570 smb_name_Bnode_find_name(struct name_entry *name)
1571 {
1572 struct name_question question;
1573
1574 question.name = name;
1575 question.question_type = NAME_QUESTION_TYPE_NB;
1576 question.question_class = NAME_QUESTION_CLASS_IN;
1577
1578 return (smb_send_name_query_request(BROADCAST, &question));
1579 }
1580
1581 static int
1582 smb_name_Bnode_delete_name(struct name_entry *name)
1583 {
1584 struct name_question question;
1585 struct resource_record additional;
1586 addr_entry_t *raddr;
1587 unsigned char data[MAX_DATAGRAM_LENGTH];
1588 unsigned char *scan = data;
1589 uint32_t attr;
1590 uint32_t ret_addr;
1591
1592 /* build packet */
1593 question.name = name;
1594 question.question_type = NAME_QUESTION_TYPE_NB;
1595 question.question_class = NAME_QUESTION_CLASS_IN;
1596
1597 additional.name = name;
1598 additional.rr_class = NAME_QUESTION_CLASS_IN;
1599 additional.ttl = 0;
1600 additional.rdata = data;
1601 additional.rdlength = 0;
1602 additional.rr_type = NAME_QUESTION_TYPE_NB;
1603 raddr = &name->addr_list;
1604 scan = data;
1605 do {
1606 attr = name->attributes & (NAME_ATTR_GROUP |
1607 NAME_ATTR_OWNER_NODE_TYPE);
1608
1609 BE_OUT16(scan, attr); scan += 2;
1610 ret_addr = LE_32(raddr->sin.sin_addr.s_addr);
1611 *scan++ = ret_addr;
1612 *scan++ = ret_addr >> 8;
1613 *scan++ = ret_addr >> 16;
1614 *scan++ = ret_addr >> 24;
1615
1616 additional.rdlength += 6;
1617 } while (raddr != &name->addr_list);
1618
1619 return (smb_send_name_release_request_and_demand(BROADCAST,
1620 &question, &additional));
1621 }
1622
1623 static int
1624 smb_name_Pnode_add_name(struct name_entry *name)
1625 {
1626 struct name_question question;
1627 struct resource_record additional;
1628 unsigned char data[8];
1629 uint16_t attr;
1630 addr_entry_t *addr;
1631 int rc = 0;
1632
1633 /* build packet */
1634 addr = &name->addr_list;
1635 do {
1636 question.name = name;
1637 question.question_type = NAME_QUESTION_TYPE_NB;
1638 question.question_class = NAME_QUESTION_CLASS_IN;
1639
1640 additional.name = name;
1641 additional.rr_class = NAME_QUESTION_CLASS_IN;
1642 additional.ttl = 0;
1643 additional.rdata = data;
1644 additional.rdlength = 6;
1645 additional.rr_type = NAME_QUESTION_TYPE_NB;
1646 attr = name->attributes &
1647 (NAME_ATTR_GROUP | NAME_ATTR_OWNER_NODE_TYPE);
1648
1649 BE_OUT16(&data[0], attr);
1650 (void) memcpy(&data[2], &addr->sin.sin_addr.s_addr,
1651 sizeof (uint32_t));
1652
1653 rc |= smb_send_name_registration_request(UNICAST, &question,
1654 &additional);
1655
1656 addr = addr->forw;
1657
1658 } while (addr != &name->addr_list);
1659
1660 return (rc);
1661 }
1662
1663 static int
1664 smb_name_Pnode_refresh_name(struct name_entry *name)
1665 {
1666 struct name_question question;
1667 struct resource_record additional;
1668 unsigned char data[8];
1669 uint16_t attr;
1670 addr_entry_t *addr;
1671 int rc = 0;
1672
1673 /* build packet */
1674 addr = &name->addr_list;
1675 do {
1676 question.name = name;
1677 question.question_type = NAME_QUESTION_TYPE_NB;
1678 question.question_class = NAME_QUESTION_CLASS_IN;
1679
1680 additional.name = name;
1681 additional.rr_class = NAME_QUESTION_CLASS_IN;
1682 additional.ttl = 0;
1683 additional.rdata = data;
1684 additional.rdlength = 6;
1685 additional.rr_type = NAME_QUESTION_TYPE_NB;
1686 attr = name->attributes &
1687 (NAME_ATTR_GROUP | NAME_ATTR_OWNER_NODE_TYPE);
1688
1689 BE_OUT16(&data[0], attr);
1690 (void) memcpy(&data[2], &addr->sin.sin_addr.s_addr,
1691 sizeof (uint32_t));
1692
1693 rc |= smb_send_name_refresh_request(UNICAST, &question,
1694 &additional, 1);
1695
1696 addr = addr->forw;
1697 } while (addr != &name->addr_list);
1698
1699 return (rc);
1700 }
1701
1702 static int
1703 smb_name_Pnode_find_name(struct name_entry *name)
1704 {
1705 struct name_question question;
1706
1707 /*
1708 * Host initiated processing for a P node
1709 */
1710 question.name = name;
1711 question.name->attributes |= NAME_NB_FLAGS_ONT_P;
1712 question.question_type = NAME_QUESTION_TYPE_NB;
1713 question.question_class = NAME_QUESTION_CLASS_IN;
1714
1715 return (smb_send_name_query_request(UNICAST, &question));
1716 }
1717
1718 static int
1719 smb_name_Pnode_delete_name(struct name_entry *name)
1720 {
1721 struct name_question question;
1722 struct resource_record additional;
1723 addr_entry_t *raddr;
1724 unsigned char data[MAX_DATAGRAM_LENGTH];
1725 unsigned char *scan = data;
1726 uint32_t attr;
1727 uint32_t ret_addr;
1728
1729 /* build packet */
1730 question.name = name;
1731 question.name->attributes |= NAME_NB_FLAGS_ONT_P;
1732 question.question_type = NAME_QUESTION_TYPE_NB;
1733 question.question_class = NAME_QUESTION_CLASS_IN;
1734
1735 additional.name = name;
1736 additional.rr_class = NAME_QUESTION_CLASS_IN;
1737 additional.ttl = 0;
1738 additional.rdata = data;
1739 additional.rdlength = 0;
1740 additional.rr_type = NAME_QUESTION_TYPE_NB;
1741 raddr = &name->addr_list;
1742 do {
1743 scan = data;
1744 attr = name->attributes & (NAME_ATTR_GROUP |
1745 NAME_ATTR_OWNER_NODE_TYPE);
1746
1747 BE_OUT16(scan, attr); scan += 2;
1748 ret_addr = LE_32(raddr->sin.sin_addr.s_addr);
1749 *scan++ = ret_addr;
1750 *scan++ = ret_addr >> 8;
1751 *scan++ = ret_addr >> 16;
1752 *scan++ = ret_addr >> 24;
1753
1754 additional.rdlength = 6;
1755 raddr = raddr->forw;
1756 (void) smb_send_name_release_request_and_demand(UNICAST,
1757 &question, &additional);
1758 } while (raddr != &name->addr_list);
1759
1760 return (1);
1761 }
1762
1763 static int
1764 smb_name_Mnode_add_name(struct name_entry *name)
1765 {
1766 if (smb_name_Bnode_add_name(name) > 0) {
1767 if (nbns_num == 0)
1768 return (1); /* No name server configured */
1769
1770 return (smb_name_Pnode_add_name(name));
1771 }
1772 return (-1);
1773 }
1774
1775 static int
1776 smb_name_Hnode_add_name(struct name_entry *name)
1777 {
1778 if (nbns_num > 0) {
1779 if (smb_name_Pnode_add_name(name) == 1)
1780 return (1);
1781 }
1782
1783 return (smb_name_Bnode_add_name(name));
1784 }
1785
1786 static int
1787 smb_name_Mnode_find_name(struct name_entry *name)
1788 {
1789 if (smb_name_Bnode_find_name(name) == 1)
1790 return (1);
1791
1792 if (nbns_num == 0)
1793 return (1); /* No name server configured */
1794
1795 return (smb_name_Pnode_find_name(name));
1796 }
1797
1798 static int
1799 smb_name_Hnode_find_name(struct name_entry *name)
1800 {
1801 if (nbns_num > 0)
1802 if (smb_name_Pnode_find_name(name) == 1)
1803 return (1);
1804
1805 return (smb_name_Bnode_find_name(name));
1806 }
1807
1808 static int
1809 smb_name_Mnode_delete_name(struct name_entry *name)
1810 {
1811 (void) smb_name_Bnode_delete_name(name);
1812
1813 if (nbns_num == 0)
1814 return (-1); /* No name server configured */
1815
1816 if (smb_name_Pnode_delete_name(name) > 0)
1817 return (1);
1818
1819 return (-1);
1820 }
1821
1822 static int
1823 smb_name_Hnode_delete_name(struct name_entry *name)
1824 {
1825 if (nbns_num > 0)
1826 if (smb_name_Pnode_delete_name(name) > 0)
1827 return (1);
1828
1829 return (smb_name_Bnode_delete_name(name));
1830 }
1831
1832 static void
1833 smb_name_process_Bnode_packet(struct name_packet *packet, addr_entry_t *addr)
1834 {
1835 struct name_entry *name;
1836 struct name_entry *entry;
1837 struct name_question *question;
1838 struct resource_record *additional;
1839
1840 question = packet->question;
1841 additional = packet->additional;
1842
1843 switch (packet->info & NAME_OPCODE_OPCODE_MASK) {
1844 case NAME_OPCODE_REFRESH:
1845 /* Guard against malformed packets */
1846 if ((question == 0) || (additional == 0))
1847 break;
1848 if (additional->name->addr_list.sin.sin_addr.s_addr == 0)
1849 break;
1850
1851 name = question->name;
1852 name->addr_list.ttl = additional->ttl;
1853 name->attributes = additional->name->attributes;
1854 name->addr_list.sin = additional->name->addr_list.sin;
1855 name->addr_list.forw = name->addr_list.back = &name->addr_list;
1856
1857 if ((entry = smb_netbios_cache_lookup_addr(name)) != 0) {
1858 smb_netbios_cache_update_entry(entry, question->name);
1859 smb_netbios_cache_unlock_entry(entry);
1860 }
1861 else
1862 (void) smb_netbios_cache_insert(question->name);
1863 break;
1864
1865 case NAME_OPCODE_QUERY:
1866 /*
1867 * This opcode covers both NAME_QUERY_REQUEST and
1868 * NODE_STATUS_REQUEST. They can be distinguished
1869 * based on the type of question entry.
1870 */
1871
1872 /* All query requests have to have question entry */
1873 if (question == 0)
1874 break;
1875
1876 if (question->question_type == NAME_QUESTION_TYPE_NB) {
1877 name = question->name;
1878 if ((entry = smb_netbios_cache_lookup(name)) != 0) {
1879 (void) smb_send_name_query_response(addr,
1880 packet, entry, 0);
1881 smb_netbios_cache_unlock_entry(entry);
1882 }
1883 }
1884 else
1885 if (question->question_type == NAME_QUESTION_TYPE_NBSTAT) {
1886 /*
1887 * Name of "*" may be used to force node to
1888 * divulge status for administrative purposes
1889 */
1890 name = question->name;
1891 entry = 0;
1892 if (NETBIOS_NAME_IS_STAR(name->name) ||
1893 ((entry = smb_netbios_cache_lookup(name)) != 0)) {
1894 if (entry)
1895 smb_netbios_cache_unlock_entry(entry);
1896 /*
1897 * send only those names that are
1898 * in the same scope as the scope
1899 * field in the request packet
1900 */
1901 (void) smb_send_node_status_response(addr,
1902 packet);
1903 }
1904 }
1905 break;
1906
1907 default:
1908 break;
1909 }
1910 }
1911
1912 static void
1913 smb_name_process_Pnode_packet(struct name_packet *packet, addr_entry_t *addr)
1914 {
1915 struct name_entry *name;
1916 struct name_entry *entry;
1917 struct name_question *question;
1918 struct resource_record *additional;
1919
1920 question = packet->question;
1921 additional = packet->additional;
1922
1923 if (packet->info & NAME_NM_FLAGS_B) {
1924 /*
1925 * always ignore UDP broadcast packets
1926 */
1927 return;
1928 }
1929
1930 switch (packet->info & NAME_OPCODE_OPCODE_MASK) {
1931 case NAME_OPCODE_REFRESH:
1932 /* Guard against malformed packets */
1933 if ((question == 0) || (additional == 0))
1934 break;
1935 if (additional->name->addr_list.sin.sin_addr.s_addr == 0)
1936 break;
1937
1938 name = question->name;
1939 name->addr_list.ttl = additional->ttl;
1940 name->attributes = additional->name->attributes;
1941 name->addr_list.sin = additional->name->addr_list.sin;
1942 name->addr_list.forw = name->addr_list.back = &name->addr_list;
1943
1944 if ((entry = smb_netbios_cache_lookup(name)) != 0) {
1945 smb_netbios_cache_update_entry(entry, name);
1946 smb_netbios_cache_unlock_entry(entry);
1947 }
1948 else
1949 (void) smb_netbios_cache_insert(name);
1950
1951 (void) smb_send_name_registration_response(addr, packet, 0);
1952 break;
1953
1954 case NAME_OPCODE_QUERY:
1955 /*
1956 * This opcode covers both NAME_QUERY_REQUEST and
1957 * NODE_STATUS_REQUEST. They can be distinguished
1958 * based on the type of question entry.
1959 */
1960
1961 /* All query requests have to have question entry */
1962 if (question == 0)
1963 break;
1964
1965 if (question->question_type == NAME_QUESTION_TYPE_NB) {
1966 name = question->name;
1967 if ((entry = smb_netbios_cache_lookup(name)) != 0) {
1968 /*
1969 * send response to the IP address and port
1970 * number from which the request was received.
1971 */
1972 (void) smb_send_name_query_response(addr,
1973 packet, entry, 0);
1974 smb_netbios_cache_unlock_entry(entry);
1975 } else {
1976 /*
1977 * send response to the requestor
1978 */
1979 (void) smb_send_name_query_response(addr,
1980 packet, name, RCODE_NAM_ERR);
1981 }
1982 }
1983 else
1984 if (question->question_type == NAME_QUESTION_TYPE_NBSTAT) {
1985 /*
1986 * Name of "*" may be used to force node to
1987 * divulge status for administrative purposes
1988 */
1989 name = question->name;
1990 entry = 0;
1991 if (NETBIOS_NAME_IS_STAR(name->name) ||
1992 ((entry = smb_netbios_cache_lookup(name)) != 0)) {
1993 /*
1994 * send only those names that are
1995 * in the same scope as the scope
1996 * field in the request packet
1997 */
1998 if (entry)
1999 smb_netbios_cache_unlock_entry(entry);
2000 (void) smb_send_node_status_response(addr,
2001 packet);
2002 }
2003 }
2004 break;
2005
2006 default:
2007 break;
2008 }
2009 }
2010
2011 static void
2012 smb_name_process_Mnode_packet(struct name_packet *packet, addr_entry_t *addr)
2013 {
2014 if (packet->info & NAME_NM_FLAGS_B)
2015 smb_name_process_Bnode_packet(packet, addr);
2016 else
2017 smb_name_process_Pnode_packet(packet, addr);
2018 }
2019
2020 static void
2021 smb_name_process_Hnode_packet(struct name_packet *packet, addr_entry_t *addr)
2022 {
2023 if (packet->info & NAME_NM_FLAGS_B)
2024 smb_name_process_Bnode_packet(packet, addr);
2025 else
2026 smb_name_process_Pnode_packet(packet, addr);
2027 }
2028
2029
2030 /*
2031 * smb_netbios_name_tick
2032 *
2033 * Called once a second to handle name server timeouts.
2034 */
2035 void
2036 smb_netbios_name_tick(void)
2037 {
2038 struct name_entry *name;
2039 struct name_entry *entry;
2040
2041 (void) mutex_lock(&refresh_queue.mtx);
2042 smb_netbios_cache_refresh(&refresh_queue);
2043
2044 while ((name = refresh_queue.head.forw) != &refresh_queue.head) {
2045 QUEUE_CLIP(name);
2046 if (IS_LOCAL(name->attributes)) {
2047 if (IS_UNIQUE(name->attributes)) {
2048 (void) smb_name_Pnode_refresh_name(name);
2049 }
2050 } else {
2051 entry = smb_name_find_name(name);
2052 smb_name_unlock_name(entry);
2053 }
2054 free(name);
2055 }
2056 (void) mutex_unlock(&refresh_queue.mtx);
2057
2058 smb_netbios_cache_reset_ttl();
2059 }
2060
2061 /*
2062 * smb_name_find_name
2063 *
2064 * Lookup name cache for the given name.
2065 * If it's not in the cache it'll send a
2066 * name query request and then lookup the
2067 * cache again. Note that if a name is
2068 * returned it's locked and called MUST
2069 * unlock it by calling smb_name_unlock_name()
2070 */
2071 struct name_entry *
2072 smb_name_find_name(struct name_entry *name)
2073 {
2074 struct name_entry *result;
2075
2076 if ((result = smb_netbios_cache_lookup(name)) == 0) {
2077 switch (smb_node_type) {
2078 case 'B':
2079 (void) smb_name_Bnode_find_name(name);
2080 break;
2081 case 'P':
2082 (void) smb_name_Pnode_find_name(name);
2083 break;
2084 case 'M':
2085 (void) smb_name_Mnode_find_name(name);
2086 break;
2087 case 'H':
2088 default:
2089 (void) smb_name_Hnode_find_name(name);
2090 break;
2091 }
2092 return (smb_netbios_cache_lookup(name));
2093 }
2094
2095 return (result);
2096 }
2097
2098 void
2099 smb_name_unlock_name(struct name_entry *name)
2100 {
2101 smb_netbios_cache_unlock_entry(name);
2102 }
2103
2104 int
2105 smb_name_add_name(struct name_entry *name)
2106 {
2107 int rc = 1;
2108
2109 smb_netbios_name_logf(name);
2110
2111 switch (smb_node_type) {
2112 case 'B':
2113 rc = smb_name_Bnode_add_name(name);
2114 break;
2115 case 'P':
2116 rc = smb_name_Pnode_add_name(name);
2117 break;
2118 case 'M':
2119 rc = smb_name_Mnode_add_name(name);
2120 break;
2121 case 'H':
2122 default:
2123 rc = smb_name_Hnode_add_name(name);
2124 break;
2125 }
2126
2127 if (rc >= 0)
2128 (void) smb_netbios_cache_insert(name);
2129
2130 return (rc);
2131 }
2132
2133 int
2134 smb_name_delete_name(struct name_entry *name)
2135 {
2136 int rc;
2137 unsigned char type;
2138
2139 type = name->name[15];
2140 if ((type != NBT_WKSTA) && (type != NBT_SERVER)) {
2141 syslog(LOG_DEBUG, "nbns: name delete bad type (0x%02x)", type);
2142 smb_netbios_name_logf(name);
2143 name->attributes &= ~NAME_ATTR_LOCAL;
2144 return (-1);
2145 }
2146
2147 smb_netbios_cache_delete(name);
2148
2149 switch (smb_node_type) {
2150 case 'B':
2151 rc = smb_name_Bnode_delete_name(name);
2152 break;
2153 case 'P':
2154 rc = smb_name_Pnode_delete_name(name);
2155 break;
2156 case 'M':
2157 rc = smb_name_Mnode_delete_name(name);
2158 break;
2159 case 'H':
2160 default:
2161 rc = smb_name_Hnode_delete_name(name);
2162 break;
2163 }
2164
2165 if (rc > 0)
2166 return (0);
2167
2168 return (-1);
2169 }
2170
2171 typedef struct {
2172 addr_entry_t *addr;
2173 char *buf;
2174 int length;
2175 } worker_param_t;
2176
2177 /*
2178 * smb_netbios_worker
2179 *
2180 * Process incoming request/response packets for Netbios
2181 * name service (on port 138).
2182 */
2183 void *
2184 smb_netbios_worker(void *arg)
2185 {
2186 worker_param_t *p = (worker_param_t *)arg;
2187 addr_entry_t *addr = p->addr;
2188 struct name_packet *packet;
2189
2190 if ((packet = smb_name_buf_to_packet(p->buf, p->length)) != NULL) {
2191 if (packet->info & NAME_OPCODE_R) {
2192 /* Reply packet */
2193 smb_reply_ready(packet, addr);
2194 free(p->buf);
2195 free(p);
2196 return (NULL);
2197 }
2198
2199 /* Request packet */
2200 switch (smb_node_type) {
2201 case 'B':
2202 smb_name_process_Bnode_packet(packet, addr);
2203 break;
2204 case 'P':
2205 smb_name_process_Pnode_packet(packet, addr);
2206 break;
2207 case 'M':
2208 smb_name_process_Mnode_packet(packet, addr);
2209 break;
2210 case 'H':
2211 default:
2212 smb_name_process_Hnode_packet(packet, addr);
2213 break;
2214 }
2215
2216 if (packet->answer)
2217 smb_netbios_name_freeaddrs(packet->answer->name);
2218 free(packet);
2219 } else {
2220 syslog(LOG_ERR, "nbns: packet decode failed");
2221 }
2222
2223 free(addr);
2224 free(p->buf);
2225 free(p);
2226 return (NULL);
2227 }
2228
2229 /*
2230 * Configure the node type. If a WINS server has been specified,
2231 * act like an H-node. Otherwise, behave like a B-node.
2232 */
2233 static void
2234 smb_netbios_node_config(void)
2235 {
2236 static smb_cfg_id_t wins[SMB_PI_MAX_WINS] = {
2237 SMB_CI_WINS_SRV1,
2238 SMB_CI_WINS_SRV2
2239 };
2240 char ipstr[16];
2241 uint32_t ipaddr;
2242 int i;
2243
2244 smb_node_type = SMB_NODETYPE_B;
2245 nbns_num = 0;
2246 bzero(smb_nbns, sizeof (addr_entry_t) * SMB_PI_MAX_WINS);
2247
2248 for (i = 0; i < SMB_PI_MAX_WINS; ++i) {
2249 ipstr[0] = '\0';
2250 (void) smb_config_getstr(wins[i], ipstr, sizeof (ipstr));
2251
2252 if ((ipaddr = inet_addr(ipstr)) == INADDR_NONE)
2253 continue;
2254
2255 smb_node_type = SMB_NODETYPE_H;
2256 smb_nbns[nbns_num].flags = ADDR_FLAG_VALID;
2257 smb_nbns[nbns_num].sinlen = sizeof (struct sockaddr_in);
2258 smb_nbns[nbns_num].sin.sin_family = AF_INET;
2259 smb_nbns[nbns_num].sin.sin_addr.s_addr = ipaddr;
2260 smb_nbns[nbns_num].sin.sin_port = htons(IPPORT_NETBIOS_NS);
2261 nbns_num++;
2262 }
2263 }
2264
2265 static void
2266 smb_netbios_name_registration(void)
2267 {
2268 nbcache_iter_t nbc_iter;
2269 struct name_entry *name;
2270 int rc;
2271
2272 rc = smb_netbios_cache_getfirst(&nbc_iter);
2273 while (rc == 0) {
2274 name = nbc_iter.nbc_entry;
2275 (void) smb_netbios_name_logf(name);
2276 if (IS_UNIQUE(name->attributes) && IS_LOCAL(name->attributes)) {
2277 switch (smb_node_type) {
2278 case SMB_NODETYPE_B:
2279 (void) smb_name_Bnode_add_name(name);
2280 break;
2281 case SMB_NODETYPE_P:
2282 (void) smb_name_Pnode_add_name(name);
2283 break;
2284 case SMB_NODETYPE_M:
2285 (void) smb_name_Mnode_add_name(name);
2286 break;
2287 case SMB_NODETYPE_H:
2288 default:
2289 (void) smb_name_Hnode_add_name(name);
2290 break;
2291 }
2292 }
2293 free(name);
2294 rc = smb_netbios_cache_getnext(&nbc_iter);
2295 }
2296 }
2297
2298 /*
2299 * Note that the node configuration must be setup before calling
2300 * smb_init_name_struct().
2301 */
2302 void
2303 smb_netbios_name_config(void)
2304 {
2305 addr_entry_t *bcast_entry;
2306 struct name_entry name;
2307 smb_niciter_t ni;
2308 int rc;
2309
2310 (void) mutex_lock(&nbt_name_config_mtx);
2311 smb_netbios_node_config();
2312
2313 bcast_num = 0;
2314 bzero(smb_bcast_list, sizeof (addr_entry_t) * SMB_PI_MAX_NETWORKS);
2315
2316 rc = smb_nic_getfirst(&ni);
2317 while (rc == SMB_NIC_SUCCESS) {
2318 if ((ni.ni_nic.nic_smbflags & SMB_NICF_NBEXCL) ||
2319 (ni.ni_nic.nic_smbflags & SMB_NICF_ALIAS)) {
2320 rc = smb_nic_getnext(&ni);
2321 continue;
2322 }
2323
2324 bcast_entry = &smb_bcast_list[bcast_num];
2325 bcast_entry->flags = ADDR_FLAG_VALID;
2326 bcast_entry->attributes = NAME_ATTR_LOCAL;
2327 bcast_entry->sinlen = sizeof (struct sockaddr_in);
2328 bcast_entry->sin.sin_family = AF_INET;
2329 bcast_entry->sin.sin_port = htons(IPPORT_NETBIOS_NS);
2330 bcast_entry->sin.sin_addr.s_addr = ni.ni_nic.nic_bcast;
2331 bcast_num++;
2332
2333 smb_init_name_struct((unsigned char *)ni.ni_nic.nic_host,
2334 NBT_WKSTA, 0, ni.ni_nic.nic_ip.a_ipv4,
2335 htons(IPPORT_NETBIOS_DGM),
2336 NAME_ATTR_UNIQUE, NAME_ATTR_LOCAL, &name);
2337 (void) smb_netbios_cache_insert(&name);
2338
2339 smb_init_name_struct((unsigned char *)ni.ni_nic.nic_host,
2340 NBT_SERVER, 0, ni.ni_nic.nic_ip.a_ipv4,
2341 htons(IPPORT_NETBIOS_DGM),
2342 NAME_ATTR_UNIQUE, NAME_ATTR_LOCAL, &name);
2343 (void) smb_netbios_cache_insert(&name);
2344
2345 rc = smb_nic_getnext(&ni);
2346 }
2347
2348 smb_netbios_name_registration();
2349 (void) mutex_unlock(&nbt_name_config_mtx);
2350 }
2351
2352 void
2353 smb_netbios_name_unconfig(void)
2354 {
2355 struct name_entry *name;
2356
2357 (void) mutex_lock(&nbt_name_config_mtx);
2358 (void) mutex_lock(&delete_queue.mtx);
2359 smb_netbios_cache_delete_locals(&delete_queue);
2360
2361 while ((name = delete_queue.head.forw) != &delete_queue.head) {
2362 QUEUE_CLIP(name);
2363 (void) smb_name_delete_name(name);
2364 free(name);
2365 }
2366 (void) mutex_unlock(&delete_queue.mtx);
2367 (void) mutex_unlock(&nbt_name_config_mtx);
2368 }
2369
2370 void
2371 smb_netbios_name_reconfig(void)
2372 {
2373 smb_netbios_name_unconfig();
2374 smb_netbios_name_config();
2375 }
2376
2377 /*
2378 * NetBIOS Name Service (port 137)
2379 */
2380 /*ARGSUSED*/
2381 void *
2382 smb_netbios_name_service(void *arg)
2383 {
2384 struct sockaddr_in sin;
2385 addr_entry_t *addr;
2386 int len;
2387 int flag = 1;
2388 char *buf;
2389 worker_param_t *worker_param;
2390 smb_inaddr_t ipaddr;
2391
2392 /*
2393 * Initialize reply_queue
2394 */
2395 bzero(&reply_queue, sizeof (reply_queue));
2396 reply_queue.forw = reply_queue.back = &reply_queue;
2397
2398 if ((name_sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
2399 syslog(LOG_ERR, "nbns: socket failed: %m");
2400 smb_netbios_event(NETBIOS_EVENT_ERROR);
2401 return (NULL);
2402 }
2403
2404 flag = 1;
2405 (void) setsockopt(name_sock, SOL_SOCKET, SO_REUSEADDR, &flag,
2406 sizeof (flag));
2407 flag = 1;
2408 (void) setsockopt(name_sock, SOL_SOCKET, SO_BROADCAST, &flag,
2409 sizeof (flag));
2410
2411 bzero(&sin, sizeof (struct sockaddr_in));
2412 sin.sin_family = AF_INET;
2413 sin.sin_port = htons(IPPORT_NETBIOS_NS);
2414 if (bind(name_sock, (struct sockaddr *)&sin, sizeof (sin)) != 0) {
2415 syslog(LOG_ERR, "nbns: bind(%d) failed: %m",
2416 IPPORT_NETBIOS_NS);
2417 (void) close(name_sock);
2418 smb_netbios_event(NETBIOS_EVENT_ERROR);
2419 return (NULL);
2420 }
2421
2422 smb_netbios_event(NETBIOS_EVENT_NS_START);
2423
2424 while (smb_netbios_running()) {
2425 buf = malloc(MAX_DATAGRAM_LENGTH);
2426 addr = malloc(sizeof (addr_entry_t));
2427 if ((buf == NULL) || (addr == NULL)) {
2428 /* Sleep for 10 seconds and try again */
2429 free(addr);
2430 free(buf);
2431 smb_netbios_sleep(10);
2432 continue;
2433 }
2434 ignore: bzero(addr, sizeof (addr_entry_t));
2435 addr->sinlen = sizeof (addr->sin);
2436 addr->forw = addr->back = addr;
2437
2438 if ((len = recvfrom(name_sock, buf, MAX_DATAGRAM_LENGTH,
2439 0, (struct sockaddr *)&addr->sin, &addr->sinlen)) < 0) {
2440 if (errno == ENOMEM || errno == ENFILE ||
2441 errno == EMFILE) {
2442 /* Sleep for 10 seconds and try again */
2443 free(buf);
2444 free(addr);
2445 smb_netbios_sleep(10);
2446 continue;
2447 }
2448 syslog(LOG_ERR, "nbns: recvfrom failed: %m");
2449 free(buf);
2450 free(addr);
2451 smb_netbios_event(NETBIOS_EVENT_ERROR);
2452 goto shutdown;
2453 }
2454
2455 /* Ignore any incoming packets from myself... */
2456
2457 ipaddr.a_ipv4 = addr->sin.sin_addr.s_addr;
2458 ipaddr.a_family = AF_INET;
2459 if (smb_nic_is_local(&ipaddr))
2460 goto ignore;
2461
2462 /*
2463 * Launch a netbios worker to process the received packet.
2464 */
2465 worker_param = malloc(sizeof (worker_param_t));
2466 if (worker_param) {
2467 pthread_t worker;
2468 pthread_attr_t tattr;
2469
2470 worker_param->addr = addr;
2471 worker_param->buf = buf;
2472 worker_param->length = len;
2473
2474 (void) pthread_attr_init(&tattr);
2475 (void) pthread_attr_setdetachstate(&tattr,
2476 PTHREAD_CREATE_DETACHED);
2477 (void) pthread_create(&worker, &tattr,
2478 smb_netbios_worker, worker_param);
2479 (void) pthread_attr_destroy(&tattr);
2480 }
2481 }
2482
2483 shutdown:
2484 smb_netbios_event(NETBIOS_EVENT_NS_STOP);
2485 smb_netbios_wait(NETBIOS_EVENT_BROWSER_STOP);
2486
2487 if (!smb_netbios_error())
2488 smb_netbios_name_unconfig();
2489
2490 (void) close(name_sock);
2491 return (NULL);
2492 }
unleashed repo fork