summaryrefslogtreecommitdiffstats
path: root/source4/nbt_server
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--source4/nbt_server/defense.c79
-rw-r--r--source4/nbt_server/dgram/browse.c85
-rw-r--r--source4/nbt_server/dgram/netlogon.c286
-rw-r--r--source4/nbt_server/dgram/ntlogon.c121
-rw-r--r--source4/nbt_server/dgram/request.c150
-rw-r--r--source4/nbt_server/interfaces.c426
-rw-r--r--source4/nbt_server/irpc.c210
-rw-r--r--source4/nbt_server/nbt_server.c117
-rw-r--r--source4/nbt_server/nbt_server.h94
-rw-r--r--source4/nbt_server/nodestatus.c182
-rw-r--r--source4/nbt_server/packet.c387
-rw-r--r--source4/nbt_server/query.c102
-rw-r--r--source4/nbt_server/register.c310
-rw-r--r--source4/nbt_server/wins/wins_dns_proxy.c99
-rw-r--r--source4/nbt_server/wins/wins_hook.c94
-rw-r--r--source4/nbt_server/wins/wins_ldb.c127
-rw-r--r--source4/nbt_server/wins/winsclient.c284
-rw-r--r--source4/nbt_server/wins/winsdb.c1027
-rw-r--r--source4/nbt_server/wins/winsdb.h81
-rw-r--r--source4/nbt_server/wins/winsserver.c1074
-rw-r--r--source4/nbt_server/wins/winsserver.h67
-rw-r--r--source4/nbt_server/wins/winswack.c387
-rw-r--r--source4/nbt_server/wscript_build54
23 files changed, 5843 insertions, 0 deletions
diff --git a/source4/nbt_server/defense.c b/source4/nbt_server/defense.c
new file mode 100644
index 0000000..fbe22aa
--- /dev/null
+++ b/source4/nbt_server/defense.c
@@ -0,0 +1,79 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ defend our names against name registration requests
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../lib/util/dlinklist.h"
+#include "system/network.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsserver.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "lib/socket/socket.h"
+
+
+/*
+ defend our registered names against registration or name refresh
+ requests
+*/
+void nbtd_request_defense(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbtd_iface_name *iname;
+ struct nbt_name *name;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+
+ /*
+ * if the packet comes from one of our interfaces
+ * it must be our winsclient trying to reach the winsserver
+ */
+ if (nbtd_self_packet(nbtsock, packet, src)) {
+ nbtd_winsserver_request(nbtsock, packet, src);
+ return;
+ }
+
+ NBTD_ASSERT_PACKET(packet, src, packet->qdcount == 1);
+ NBTD_ASSERT_PACKET(packet, src, packet->arcount == 1);
+ NBTD_ASSERT_PACKET(packet, src,
+ packet->questions[0].question_type == NBT_QTYPE_NETBIOS);
+ NBTD_ASSERT_PACKET(packet, src,
+ packet->questions[0].question_class == NBT_QCLASS_IP);
+ NBTD_ASSERT_PACKET(packet, src,
+ packet->additional[0].rr_type == NBT_QTYPE_NETBIOS);
+ NBTD_ASSERT_PACKET(packet, src,
+ packet->additional[0].rr_class == NBT_QCLASS_IP);
+ NBTD_ASSERT_PACKET(packet, src,
+ packet->additional[0].rdata.netbios.length == 6);
+
+ /* see if we have the requested name on this interface */
+ name = &packet->questions[0].name;
+
+ iname = nbtd_find_iname(iface, name, NBT_NM_ACTIVE);
+ if (iname != NULL &&
+ !(name->type == NBT_NAME_LOGON || iname->nb_flags & NBT_NM_GROUP)) {
+ DEBUG(2,("Defending name %s on %s against %s\n",
+ nbt_name_string(packet, name),
+ iface->bcast_address, src->addr));
+ nbtd_name_registration_reply(nbtsock, packet, src, NBT_RCODE_ACT);
+ } else {
+ nbtd_winsserver_request(nbtsock, packet, src);
+ }
+}
diff --git a/source4/nbt_server/dgram/browse.c b/source4/nbt_server/dgram/browse.c
new file mode 100644
index 0000000..1e4f28b
--- /dev/null
+++ b/source4/nbt_server/dgram/browse.c
@@ -0,0 +1,85 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ NBT datagram browse server
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "lib/socket/socket.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "nbt_server/dgram/proto.h"
+
+static const char *nbt_browse_opcode_string(enum nbt_browse_opcode r)
+{
+ const char *val = NULL;
+
+ switch (r) {
+ case HostAnnouncement: val = "HostAnnouncement"; break;
+ case AnnouncementRequest: val = "AnnouncementRequest"; break;
+ case Election: val = "Election"; break;
+ case GetBackupListReq: val = "GetBackupListReq"; break;
+ case GetBackupListResp: val = "GetBackupListResp"; break;
+ case BecomeBackup: val = "BecomeBackup"; break;
+ case DomainAnnouncement: val = "DomainAnnouncement"; break;
+ case MasterAnnouncement: val = "MasterAnnouncement"; break;
+ case ResetBrowserState: val = "ResetBrowserState"; break;
+ case LocalMasterAnnouncement: val = "LocalMasterAnnouncement"; break;
+ }
+
+ return val;
+}
+
+/*
+ handle incoming browse mailslot requests
+*/
+void nbtd_mailslot_browse_handler(struct dgram_mailslot_handler *dgmslot,
+ struct nbt_dgram_packet *packet,
+ struct socket_address *src)
+{
+ struct nbt_browse_packet *browse = talloc(dgmslot, struct nbt_browse_packet);
+ struct nbt_name *name = &packet->data.msg.dest_name;
+ NTSTATUS status;
+
+ if (browse == NULL) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto failed;
+ }
+
+ status = dgram_mailslot_browse_parse(dgmslot, browse, packet, browse);
+ if (!NT_STATUS_IS_OK(status)) goto failed;
+
+ DEBUG(4,("Browse %s (Op %d) on '%s' '%s' from %s:%d\n",
+ nbt_browse_opcode_string(browse->opcode), browse->opcode,
+ nbt_name_string(browse, name), dgmslot->mailslot_name,
+ src->addr, src->port));
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_DEBUG(nbt_browse_packet, browse);
+ }
+
+ talloc_free(browse);
+ return;
+
+failed:
+ DEBUG(2,("nbtd browse handler failed from %s:%d to %s - %s\n",
+ src->addr, src->port, nbt_name_string(browse, name),
+ nt_errstr(status)));
+ talloc_free(browse);
+
+}
diff --git a/source4/nbt_server/dgram/netlogon.c b/source4/nbt_server/dgram/netlogon.c
new file mode 100644
index 0000000..e9d89e5
--- /dev/null
+++ b/source4/nbt_server/dgram/netlogon.c
@@ -0,0 +1,286 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ NBT datagram netlogon server
+
+ Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "lib/socket/socket.h"
+#include <ldb.h>
+#include "dsdb/samdb/samdb.h"
+#include "auth/auth.h"
+#include "param/param.h"
+#include "samba/service_task.h"
+#include "dsdb/samdb/ldb_modules/util.h"
+#include "libcli/security/security.h"
+#include "nbt_server/dgram/proto.h"
+#include "libds/common/roles.h"
+
+/*
+ reply to a GETDC request
+ */
+static NTSTATUS nbtd_netlogon_getdc(struct nbtd_server *nbtsrv,
+ struct nbt_name *dst_name,
+ struct nbt_netlogon_packet *netlogon,
+ TALLOC_CTX *mem_ctx,
+ struct nbt_netlogon_response **presponse,
+ char **preply_mailslot)
+{
+ struct nbt_netlogon_response_from_pdc *pdc;
+ struct ldb_context *samctx;
+ struct nbt_netlogon_response *response = NULL;
+ char *reply_mailslot = NULL;
+
+ /* only answer getdc requests on the PDC or LOGON names */
+ if ((dst_name->type != NBT_NAME_PDC) &&
+ (dst_name->type != NBT_NAME_LOGON)) {
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ samctx = nbtsrv->sam_ctx;
+
+ if (lpcfg_server_role(nbtsrv->task->lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC
+ || !samdb_is_pdc(samctx)) {
+ DEBUG(2, ("Not a PDC, so not processing LOGON_PRIMARY_QUERY\n"));
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ if (strcasecmp_m(dst_name->name,
+ lpcfg_workgroup(nbtsrv->task->lp_ctx)) != 0) {
+ DBG_INFO("GetDC requested for a domain %s that we don't "
+ "host\n", dst_name->name);
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ reply_mailslot = talloc_strdup(
+ mem_ctx, netlogon->req.pdc.mailslot_name);
+ if (reply_mailslot == NULL) {
+ goto nomem;
+ }
+
+ /* setup a GETDC reply */
+ response = talloc_zero(mem_ctx, struct nbt_netlogon_response);
+ if (response == NULL) {
+ goto nomem;
+ }
+ response->response_type = NETLOGON_GET_PDC;
+ pdc = &response->data.get_pdc;
+
+ pdc->command = NETLOGON_RESPONSE_FROM_PDC;
+
+ pdc->pdc_name = talloc_strdup(
+ response, lpcfg_netbios_name(nbtsrv->task->lp_ctx));
+ if (pdc->pdc_name == NULL) {
+ goto nomem;
+ }
+
+ pdc->unicode_pdc_name = pdc->pdc_name;
+
+ pdc->domain_name = talloc_strdup(
+ response, lpcfg_workgroup(nbtsrv->task->lp_ctx));
+ if (pdc->domain_name == NULL) {
+ goto nomem;
+ }
+
+ pdc->nt_version = 1;
+ pdc->lmnt_token = 0xFFFF;
+ pdc->lm20_token = 0xFFFF;
+
+ *presponse = response;
+ *preply_mailslot = reply_mailslot;
+ return NT_STATUS_OK;
+
+nomem:
+ TALLOC_FREE(response);
+ TALLOC_FREE(reply_mailslot);
+ return NT_STATUS_NO_MEMORY;
+}
+
+/*
+ reply to a ADS style GETDC request
+ */
+static NTSTATUS nbtd_netlogon_samlogon(
+ struct nbtd_server *nbtsrv,
+ struct nbt_name *dst_name,
+ const struct socket_address *src,
+ struct nbt_netlogon_packet *netlogon,
+ TALLOC_CTX *mem_ctx,
+ struct nbt_netlogon_response **presponse,
+ char **preply_mailslot)
+{
+ struct ldb_context *samctx;
+ struct dom_sid *sid = NULL;
+ struct nbt_netlogon_response *response = NULL;
+ char *reply_mailslot = NULL;
+ NTSTATUS status;
+
+ /* only answer getdc requests on the PDC or LOGON names */
+ if ((dst_name->type != NBT_NAME_PDC) &&
+ (dst_name->type != NBT_NAME_LOGON)) {
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ samctx = nbtsrv->sam_ctx;
+
+ if (netlogon->req.logon.sid_size != 0) {
+ sid = &netlogon->req.logon.sid;
+ }
+
+ reply_mailslot = talloc_strdup(
+ mem_ctx, netlogon->req.logon.mailslot_name);
+ if (reply_mailslot == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ response = talloc_zero(mem_ctx, struct nbt_netlogon_response);
+ if (response == NULL) {
+ TALLOC_FREE(reply_mailslot);
+ return NT_STATUS_NO_MEMORY;
+ }
+ response->response_type = NETLOGON_SAMLOGON;
+
+ status = fill_netlogon_samlogon_response(
+ samctx, response, NULL, dst_name->name, sid, NULL,
+ netlogon->req.logon.user_name,
+ netlogon->req.logon.acct_control, src->addr,
+ netlogon->req.logon.nt_version, nbtsrv->task->lp_ctx,
+ &response->data.samlogon, false);
+ if (!NT_STATUS_IS_OK(status)) {
+ struct dom_sid_buf buf;
+
+ DBG_NOTICE("NBT netlogon query failed domain=%s sid=%s "
+ "version=%d - %s\n",
+ dst_name->name,
+ dom_sid_str_buf(sid, &buf),
+ netlogon->req.logon.nt_version,
+ nt_errstr(status));
+ TALLOC_FREE(reply_mailslot);
+ TALLOC_FREE(response);
+ return status;
+ }
+
+ *presponse = response;
+ *preply_mailslot = reply_mailslot;
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS nbtd_mailslot_netlogon_reply(
+ struct nbtd_interface *iface,
+ struct nbt_dgram_packet *packet,
+ struct socket_address *src,
+ TALLOC_CTX *mem_ctx,
+ struct nbt_netlogon_response **presponse,
+ char **preply_mailslot)
+{
+ struct nbt_netlogon_packet *netlogon;
+ struct nbt_name *dst_name = &packet->data.msg.dest_name;
+ struct nbt_netlogon_response *response = NULL;
+ struct nbtd_iface_name *iname;
+ char *reply_mailslot = NULL;
+ NTSTATUS status;
+
+ /*
+ see if the we are listening on the destination netbios name
+ */
+ iname = nbtd_find_iname(iface, dst_name, 0);
+ if (iname == NULL) {
+ return NT_STATUS_BAD_NETWORK_NAME;
+ }
+
+ netlogon = talloc(mem_ctx, struct nbt_netlogon_packet);
+ if (netlogon == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = dgram_mailslot_netlogon_parse_request(netlogon, packet,
+ netlogon);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto failed;
+ }
+
+ switch (netlogon->command) {
+ case LOGON_PRIMARY_QUERY:
+ status = nbtd_netlogon_getdc(
+ iface->nbtsrv, &packet->data.msg.dest_name,
+ netlogon, mem_ctx, &response, &reply_mailslot);
+ break;
+ case LOGON_SAM_LOGON_REQUEST:
+ status = nbtd_netlogon_samlogon(
+ iface->nbtsrv, &packet->data.msg.dest_name, src,
+ netlogon, mem_ctx, &response, &reply_mailslot);
+ break;
+ default:
+ DEBUG(2,("unknown netlogon op %d from %s:%d\n",
+ netlogon->command, src->addr, src->port));
+ NDR_PRINT_DEBUG(nbt_netlogon_packet, netlogon);
+ status = NT_STATUS_NOT_SUPPORTED;
+ break;
+ }
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_DEBUG("Calculating reply failed: %s\n",
+ nt_errstr(status));
+ goto failed;
+ }
+
+ *presponse = response;
+ *preply_mailslot = reply_mailslot;
+ return NT_STATUS_OK;
+
+failed:
+ TALLOC_FREE(reply_mailslot);
+ TALLOC_FREE(netlogon);
+ return status;
+}
+
+/*
+ handle incoming netlogon mailslot requests
+*/
+void nbtd_mailslot_netlogon_handler(struct dgram_mailslot_handler *dgmslot,
+ struct nbt_dgram_packet *packet,
+ struct socket_address *src)
+{
+ NTSTATUS status = NT_STATUS_NO_MEMORY;
+ struct nbtd_interface *iface =
+ talloc_get_type(dgmslot->private_data, struct nbtd_interface);
+ struct nbtd_interface *reply_iface = nbtd_find_reply_iface(
+ iface, src->addr, false);
+ struct nbt_netlogon_response *response = NULL;
+ char *reply_mailslot = NULL;
+
+ if (reply_iface->ip_address == NULL) {
+ DBG_WARNING("Could not obtain own IP address for datagram "
+ "socket\n");
+ return;
+ }
+
+ status = nbtd_mailslot_netlogon_reply(
+ iface, packet, src, dgmslot, &response, &reply_mailslot);
+
+ if (NT_STATUS_IS_OK(status)) {
+ dgram_mailslot_netlogon_reply(
+ reply_iface->dgmsock, packet,
+ lpcfg_netbios_name(iface->nbtsrv->task->lp_ctx),
+ reply_mailslot, response);
+ }
+
+ TALLOC_FREE(response);
+ TALLOC_FREE(reply_mailslot);
+}
diff --git a/source4/nbt_server/dgram/ntlogon.c b/source4/nbt_server/dgram/ntlogon.c
new file mode 100644
index 0000000..8c6a6e9
--- /dev/null
+++ b/source4/nbt_server/dgram/ntlogon.c
@@ -0,0 +1,121 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ NBT datagram ntlogon server
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "samba/service_task.h"
+#include "lib/socket/socket.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "param/param.h"
+
+/*
+ reply to a SAM LOGON request
+ */
+static void nbtd_ntlogon_sam_logon(struct dgram_mailslot_handler *dgmslot,
+ struct nbtd_interface *iface,
+ struct nbt_dgram_packet *packet,
+ const struct socket_address *src,
+ struct nbt_ntlogon_packet *ntlogon)
+{
+ struct nbt_name *name = &packet->data.msg.dest_name;
+ struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, false);
+ struct nbt_ntlogon_packet reply;
+ struct nbt_ntlogon_sam_logon_reply *logon;
+
+ /* only answer sam logon requests on the PDC or LOGON names */
+ if (name->type != NBT_NAME_PDC && name->type != NBT_NAME_LOGON) {
+ return;
+ }
+
+ /* setup a SAM LOGON reply */
+ ZERO_STRUCT(reply);
+ reply.command = NTLOGON_SAM_LOGON_REPLY;
+ logon = &reply.req.reply;
+
+ logon->server = talloc_asprintf(packet, "\\\\%s",
+ lpcfg_netbios_name(iface->nbtsrv->task->lp_ctx));
+ logon->user_name = ntlogon->req.logon.user_name;
+ logon->domain = lpcfg_workgroup(iface->nbtsrv->task->lp_ctx);
+ logon->nt_version = 1;
+ logon->lmnt_token = 0xFFFF;
+ logon->lm20_token = 0xFFFF;
+
+ packet->data.msg.dest_name.type = 0;
+
+ dgram_mailslot_ntlogon_reply(reply_iface->dgmsock,
+ packet,
+ lpcfg_netbios_name(iface->nbtsrv->task->lp_ctx),
+ ntlogon->req.logon.mailslot_name,
+ &reply);
+}
+
+/*
+ handle incoming ntlogon mailslot requests
+*/
+void nbtd_mailslot_ntlogon_handler(struct dgram_mailslot_handler *dgmslot,
+ struct nbt_dgram_packet *packet,
+ struct socket_address *src)
+{
+ NTSTATUS status = NT_STATUS_NO_MEMORY;
+ struct nbtd_interface *iface =
+ talloc_get_type(dgmslot->private_data, struct nbtd_interface);
+ struct nbt_ntlogon_packet *ntlogon =
+ talloc(dgmslot, struct nbt_ntlogon_packet);
+ struct nbtd_iface_name *iname;
+ struct nbt_name *name = &packet->data.msg.dest_name;
+
+ if (ntlogon == NULL) goto failed;
+
+ /*
+ see if the we are listening on the destination netbios name
+ */
+ iname = nbtd_find_iname(iface, name, 0);
+ if (iname == NULL) {
+ status = NT_STATUS_BAD_NETWORK_NAME;
+ goto failed;
+ }
+
+ DEBUG(2,("ntlogon request to %s from %s:%d\n",
+ nbt_name_string(ntlogon, name), src->addr, src->port));
+ status = dgram_mailslot_ntlogon_parse(dgmslot, ntlogon, packet, ntlogon);
+ if (!NT_STATUS_IS_OK(status)) goto failed;
+
+ NDR_PRINT_DEBUG(nbt_ntlogon_packet, ntlogon);
+
+ switch (ntlogon->command) {
+ case NTLOGON_SAM_LOGON:
+ nbtd_ntlogon_sam_logon(dgmslot, iface, packet, src, ntlogon);
+ break;
+ default:
+ DEBUG(2,("unknown ntlogon op %d from %s:%d\n",
+ ntlogon->command, src->addr, src->port));
+ break;
+ }
+
+ talloc_free(ntlogon);
+ return;
+
+failed:
+ DEBUG(2,("nbtd ntlogon handler failed from %s:%d to %s - %s\n",
+ src->addr, src->port, nbt_name_string(ntlogon, name),
+ nt_errstr(status)));
+ talloc_free(ntlogon);
+}
diff --git a/source4/nbt_server/dgram/request.c b/source4/nbt_server/dgram/request.c
new file mode 100644
index 0000000..ea2b6e8
--- /dev/null
+++ b/source4/nbt_server/dgram/request.c
@@ -0,0 +1,150 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ NBT datagram server
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "samba/service_task.h"
+#include "lib/socket/socket.h"
+#include "libcli/resolve/resolve.h"
+#include "nbt_server/dgram/proto.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "param/param.h"
+
+/*
+ a list of mailslots that we have static handlers for
+*/
+static const struct {
+ const char *mailslot_name;
+ dgram_mailslot_handler_t handler;
+} mailslot_handlers[] = {
+ /* Handle both NTLOGON and NETLOGON in the same function, as
+ * they are very similar */
+ { NBT_MAILSLOT_NETLOGON, nbtd_mailslot_netlogon_handler },
+ { NBT_MAILSLOT_NTLOGON, nbtd_mailslot_netlogon_handler },
+ { NBT_MAILSLOT_BROWSE, nbtd_mailslot_browse_handler }
+};
+
+/*
+ receive an incoming dgram request. This is used for general datagram
+ requests. Mailslot requests for our listening mailslots
+ are handled in the specific mailslot handlers
+*/
+void dgram_request_handler(struct nbt_dgram_socket *dgmsock,
+ struct nbt_dgram_packet *packet,
+ struct socket_address *src)
+{
+ DEBUG(0,("General datagram request from %s:%d\n", src->addr, src->port));
+ NDR_PRINT_DEBUG(nbt_dgram_packet, packet);
+}
+
+
+/*
+ setup the port 138 datagram listener for a given interface
+*/
+NTSTATUS nbtd_dgram_setup(struct nbtd_interface *iface, const char *bind_address)
+{
+ struct nbt_dgram_socket *bcast_dgmsock = NULL;
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+ struct socket_address *bcast_addr, *bind_addr;
+ NTSTATUS status;
+ TALLOC_CTX *tmp_ctx = talloc_new(iface);
+ /* the list of mailslots that we are interested in */
+ size_t i;
+
+ if (!tmp_ctx) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (strcmp("0.0.0.0", iface->netmask) != 0) {
+ /* listen for broadcasts on port 138 */
+ bcast_dgmsock = nbt_dgram_socket_init(iface, nbtsrv->task->event_ctx);
+ if (!bcast_dgmsock) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ bcast_addr = socket_address_from_strings(tmp_ctx, bcast_dgmsock->sock->backend_name,
+ iface->bcast_address,
+ lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx));
+ if (!bcast_addr) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = socket_listen(bcast_dgmsock->sock, bcast_addr, 0, 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(tmp_ctx);
+ DEBUG(0,("Failed to bind to %s:%d - %s\n",
+ iface->bcast_address, lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx),
+ nt_errstr(status)));
+ return status;
+ }
+
+ dgram_set_incoming_handler(bcast_dgmsock, dgram_request_handler, iface);
+ }
+
+ /* listen for unicasts on port 138 */
+ iface->dgmsock = nbt_dgram_socket_init(iface, nbtsrv->task->event_ctx);
+ if (!iface->dgmsock) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ bind_addr = socket_address_from_strings(tmp_ctx, iface->dgmsock->sock->backend_name,
+ bind_address, lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx));
+ if (!bind_addr) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = socket_listen(iface->dgmsock->sock, bind_addr, 0, 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(tmp_ctx);
+ DEBUG(0,("Failed to bind to %s:%d - %s\n",
+ bind_address, lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx), nt_errstr(status)));
+ return status;
+ }
+
+ dgram_set_incoming_handler(iface->dgmsock, dgram_request_handler, iface);
+
+ talloc_free(tmp_ctx);
+
+ for (i=0;i<ARRAY_SIZE(mailslot_handlers);i++) {
+ /* note that we don't need to keep the pointer
+ to the dgmslot around - the callback is all
+ we need */
+ struct dgram_mailslot_handler *dgmslot;
+
+ if (bcast_dgmsock) {
+ dgmslot = dgram_mailslot_listen(bcast_dgmsock,
+ mailslot_handlers[i].mailslot_name,
+ mailslot_handlers[i].handler, iface);
+ NT_STATUS_HAVE_NO_MEMORY(dgmslot);
+ }
+
+ dgmslot = dgram_mailslot_listen(iface->dgmsock,
+ mailslot_handlers[i].mailslot_name,
+ mailslot_handlers[i].handler, iface);
+ NT_STATUS_HAVE_NO_MEMORY(dgmslot);
+ }
+
+ return NT_STATUS_OK;
+}
diff --git a/source4/nbt_server/interfaces.c b/source4/nbt_server/interfaces.c
new file mode 100644
index 0000000..93e1497
--- /dev/null
+++ b/source4/nbt_server/interfaces.c
@@ -0,0 +1,426 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ NBT interface handling
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../lib/util/dlinklist.h"
+#include "nbt_server/nbt_server.h"
+#include "samba/service_task.h"
+#include "lib/socket/socket.h"
+#include "nbt_server/wins/winsserver.h"
+#include "nbt_server/dgram/proto.h"
+#include "system/network.h"
+#include "lib/socket/netif.h"
+#include "param/param.h"
+#include "lib/util/util_net.h"
+
+
+/*
+ receive an incoming request and dispatch it to the right place
+*/
+static void nbtd_request_handler(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ nbtsrv->stats.total_received++;
+
+ /* see if it's from one of our own interfaces - if so, then ignore it */
+ if (nbtd_self_packet_and_bcast(nbtsock, packet, src)) {
+ DEBUG(10,("Ignoring bcast self packet from %s:%d\n", src->addr, src->port));
+ return;
+ }
+
+ switch (packet->operation & NBT_OPCODE) {
+ case NBT_OPCODE_QUERY:
+ nbtsrv->stats.query_count++;
+ nbtd_request_query(nbtsock, packet, src);
+ break;
+
+ case NBT_OPCODE_REGISTER:
+ case NBT_OPCODE_REFRESH:
+ case NBT_OPCODE_REFRESH2:
+ nbtsrv->stats.register_count++;
+ nbtd_request_defense(nbtsock, packet, src);
+ break;
+
+ case NBT_OPCODE_RELEASE:
+ case NBT_OPCODE_MULTI_HOME_REG:
+ nbtsrv->stats.release_count++;
+ nbtd_winsserver_request(nbtsock, packet, src);
+ break;
+
+ default:
+ nbtd_bad_packet(packet, src, "Unexpected opcode");
+ break;
+ }
+}
+
+static void nbtd_unexpected_handler(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+ struct nbtd_interface *i;
+ struct nbt_name_request *req = NULL;
+
+ nbtsrv->stats.total_received++;
+
+ DEBUG(10,("unexpected from src[%s] on interface[%p] %s/%s\n",
+ src->addr, iface, iface->ip_address, iface->netmask));
+
+ /* try the broadcast interface */
+ if (nbtsrv->bcast_interface) {
+ i = nbtsrv->bcast_interface;
+ req = idr_find(i->nbtsock->idr, packet->name_trn_id);
+ }
+
+ /* try the wins server client interface */
+ if (!req && nbtsrv->wins_interface && nbtsrv->wins_interface->nbtsock) {
+ i = nbtsrv->wins_interface;
+ req = idr_find(i->nbtsock->idr, packet->name_trn_id);
+ }
+
+ /* try all other interfaces... */
+ if (!req) {
+ for (i = nbtsrv->interfaces; i; i = i->next) {
+ if (i == iface) {
+ continue;
+ }
+ req = idr_find(i->nbtsock->idr, packet->name_trn_id);
+ if (req) break;
+ }
+ }
+
+ if (!req) {
+ DEBUG(10,("unexpected from src[%s] unable to redirected\n", src->addr));
+ return;
+ }
+
+ DEBUG(10,("unexpected from src[%s] redirected to interface[%p] %s/%s\n",
+ src->addr, i, i->ip_address, i->netmask));
+
+ /*
+ * redirect the incoming response to the socket
+ * we sent the matching request
+ */
+ nbt_name_socket_handle_response_packet(req, packet, src);
+}
+
+/*
+ find a registered name on an interface
+*/
+struct nbtd_iface_name *nbtd_find_iname(struct nbtd_interface *iface,
+ struct nbt_name *name,
+ uint16_t nb_flags)
+{
+ struct nbtd_iface_name *iname;
+ for (iname=iface->names;iname;iname=iname->next) {
+ if (iname->name.type == name->type &&
+ strcmp(name->name, iname->name.name) == 0 &&
+ ((iname->nb_flags & nb_flags) == nb_flags)) {
+ return iname;
+ }
+ }
+ return NULL;
+}
+
+/*
+ start listening on the given address
+*/
+static NTSTATUS nbtd_add_socket(struct nbtd_server *nbtsrv,
+ struct loadparm_context *lp_ctx,
+ const char *bind_address,
+ const char *address,
+ const char *bcast,
+ const char *netmask)
+{
+ struct nbtd_interface *iface;
+ NTSTATUS status;
+ struct socket_address *bcast_address;
+ struct socket_address *unicast_address;
+
+ DEBUG(6,("nbtd_add_socket(%s, %s, %s, %s)\n", bind_address, address, bcast, netmask));
+
+ /*
+ we actually create two sockets. One listens on the broadcast address
+ for the interface, and the other listens on our specific address. This
+ allows us to run with "bind interfaces only" while still receiving
+ broadcast addresses, and also simplifies matching incoming requests
+ to interfaces
+ */
+
+ iface = talloc(nbtsrv, struct nbtd_interface);
+ NT_STATUS_HAVE_NO_MEMORY(iface);
+
+ iface->nbtsrv = nbtsrv;
+ iface->bcast_address = talloc_steal(iface, bcast);
+ iface->ip_address = talloc_steal(iface, address);
+ iface->netmask = talloc_steal(iface, netmask);
+ iface->names = NULL;
+ iface->wack_queue = NULL;
+
+ if (strcmp(netmask, "0.0.0.0") != 0) {
+ struct nbt_name_socket *bcast_nbtsock;
+
+ /* listen for broadcasts on port 137 */
+ bcast_nbtsock = nbt_name_socket_init(iface, nbtsrv->task->event_ctx);
+ if (!bcast_nbtsock) {
+ talloc_free(iface);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ bcast_address = socket_address_from_strings(bcast_nbtsock, bcast_nbtsock->sock->backend_name,
+ bcast, lpcfg_nbt_port(lp_ctx));
+ if (!bcast_address) {
+ talloc_free(iface);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = socket_listen(bcast_nbtsock->sock, bcast_address, 0, 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("Failed to bind to %s:%d - %s\n",
+ bcast, lpcfg_nbt_port(lp_ctx), nt_errstr(status)));
+ talloc_free(iface);
+ return status;
+ }
+ talloc_free(bcast_address);
+
+ nbt_set_incoming_handler(bcast_nbtsock, nbtd_request_handler, iface);
+ }
+
+ /* listen for unicasts on port 137 */
+ iface->nbtsock = nbt_name_socket_init(iface, nbtsrv->task->event_ctx);
+ if (!iface->nbtsock) {
+ talloc_free(iface);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ unicast_address = socket_address_from_strings(iface->nbtsock,
+ iface->nbtsock->sock->backend_name,
+ bind_address, lpcfg_nbt_port(lp_ctx));
+
+ status = socket_listen(iface->nbtsock->sock, unicast_address, 0, 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("Failed to bind to %s:%d - %s\n",
+ bind_address, lpcfg_nbt_port(lp_ctx), nt_errstr(status)));
+ talloc_free(iface);
+ return status;
+ }
+ talloc_free(unicast_address);
+
+ nbt_set_incoming_handler(iface->nbtsock, nbtd_request_handler, iface);
+ nbt_set_unexpected_handler(iface->nbtsock, nbtd_unexpected_handler, iface);
+
+ /* also setup the datagram listeners */
+ status = nbtd_dgram_setup(iface, bind_address);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("Failed to setup dgram listen on %s - %s\n",
+ bind_address, nt_errstr(status)));
+ talloc_free(iface);
+ return status;
+ }
+
+ if (strcmp(netmask, "0.0.0.0") == 0) {
+ DLIST_ADD(nbtsrv->bcast_interface, iface);
+ } else {
+ DLIST_ADD(nbtsrv->interfaces, iface);
+ }
+
+ return NT_STATUS_OK;
+}
+
+/*
+ setup a socket for talking to our WINS servers
+*/
+static NTSTATUS nbtd_add_wins_socket(struct nbtd_server *nbtsrv)
+{
+ struct nbtd_interface *iface;
+
+ iface = talloc_zero(nbtsrv, struct nbtd_interface);
+ NT_STATUS_HAVE_NO_MEMORY(iface);
+
+ iface->nbtsrv = nbtsrv;
+
+ DLIST_ADD(nbtsrv->wins_interface, iface);
+
+ return NT_STATUS_OK;
+}
+
+
+/*
+ setup our listening sockets on the configured network interfaces
+*/
+NTSTATUS nbtd_startup_interfaces(struct nbtd_server *nbtsrv, struct loadparm_context *lp_ctx,
+ struct interface *ifaces)
+{
+ int num_interfaces = iface_list_count(ifaces);
+ int i;
+ TALLOC_CTX *tmp_ctx = talloc_new(nbtsrv);
+ NTSTATUS status;
+
+ /* if we are allowing incoming packets from any address, then
+ we also need to bind to the wildcard address */
+ if (!lpcfg_bind_interfaces_only(lp_ctx)) {
+ const char *primary_address;
+
+ primary_address = iface_list_first_v4(ifaces);
+
+ /* the primary address is the address we will return
+ for non-WINS queries not made on a specific
+ interface */
+ if (primary_address == NULL) {
+ primary_address = inet_ntoa(interpret_addr2(
+ lpcfg_netbios_name(lp_ctx)));
+ }
+
+ primary_address = talloc_strdup(tmp_ctx, primary_address);
+ NT_STATUS_HAVE_NO_MEMORY(primary_address);
+
+ status = nbtd_add_socket(nbtsrv,
+ lp_ctx,
+ "0.0.0.0",
+ primary_address,
+ talloc_strdup(tmp_ctx, "255.255.255.255"),
+ talloc_strdup(tmp_ctx, "0.0.0.0"));
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+
+ for (i=0; i<num_interfaces; i++) {
+ const char *bcast;
+ const char *address, *netmask;
+
+ if (!iface_list_n_is_v4(ifaces, i)) {
+ /* v4 only for NBT protocol */
+ continue;
+ }
+
+ bcast = iface_list_n_bcast(ifaces, i);
+ /* we can't assume every interface is broadcast capable */
+ if (bcast == NULL) continue;
+
+ address = talloc_strdup(tmp_ctx, iface_list_n_ip(ifaces, i));
+ bcast = talloc_strdup(tmp_ctx, bcast);
+ netmask = talloc_strdup(tmp_ctx, iface_list_n_netmask(ifaces, i));
+
+ status = nbtd_add_socket(nbtsrv, lp_ctx,
+ address, address, bcast, netmask);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+
+ if (lpcfg_wins_server_list(lp_ctx)) {
+ status = nbtd_add_wins_socket(nbtsrv);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+
+ talloc_free(tmp_ctx);
+
+ return NT_STATUS_OK;
+}
+
+
+/*
+ form a list of addresses that we should use in name query replies
+ we always place the IP in the given interface first
+*/
+const char **nbtd_address_list(struct nbtd_interface *iface, TALLOC_CTX *mem_ctx)
+{
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+ const char **ret = NULL;
+ struct nbtd_interface *iface2;
+ bool is_loopback = false;
+
+ if (iface->ip_address) {
+ is_loopback = iface_list_same_net(iface->ip_address, "127.0.0.1", "255.0.0.0");
+ ret = str_list_add(ret, iface->ip_address);
+ }
+
+ for (iface2=nbtsrv->interfaces;iface2;iface2=iface2->next) {
+ if (iface2 == iface) continue;
+
+ if (!iface2->ip_address) continue;
+
+ if (!is_loopback) {
+ if (iface_list_same_net(iface2->ip_address, "127.0.0.1", "255.0.0.0")) {
+ continue;
+ }
+ }
+
+ ret = str_list_add(ret, iface2->ip_address);
+ }
+
+ talloc_steal(mem_ctx, ret);
+
+ return ret;
+}
+
+
+/*
+ find the interface to use for sending a outgoing request
+*/
+struct nbtd_interface *nbtd_find_request_iface(struct nbtd_server *nbtd_server,
+ const char *address, bool allow_bcast_iface)
+{
+ struct nbtd_interface *cur;
+
+ /* try to find a exact match */
+ for (cur=nbtd_server->interfaces;cur;cur=cur->next) {
+ if (iface_list_same_net(address, cur->ip_address, cur->netmask)) {
+ DEBUG(10,("find interface for dst[%s] ip: %s/%s (iface[%p])\n",
+ address, cur->ip_address, cur->netmask, cur));
+ return cur;
+ }
+ }
+
+ /* no exact match, if we have the broadcast interface, use that */
+ if (allow_bcast_iface && nbtd_server->bcast_interface) {
+ cur = nbtd_server->bcast_interface;
+ DEBUG(10,("find interface for dst[%s] ip: %s/%s (bcast iface[%p])\n",
+ address, cur->ip_address, cur->netmask, cur));
+ return cur;
+ }
+
+ /* fallback to first interface */
+ cur = nbtd_server->interfaces;
+ DEBUG(10,("find interface for dst[%s] ip: %s/%s (default iface[%p])\n",
+ address, cur->ip_address, cur->netmask, cur));
+ return cur;
+}
+
+/*
+ * find the interface to use for sending a outgoing reply
+ */
+struct nbtd_interface *nbtd_find_reply_iface(struct nbtd_interface *iface,
+ const char *address, bool allow_bcast_iface)
+{
+ struct nbtd_server *nbtd_server = iface->nbtsrv;
+
+ /* first try to use the given interfacel when it's not the broadcast one */
+ if (iface != nbtd_server->bcast_interface) {
+ return iface;
+ }
+
+ return nbtd_find_request_iface(nbtd_server, address, allow_bcast_iface);
+}
diff --git a/source4/nbt_server/irpc.c b/source4/nbt_server/irpc.c
new file mode 100644
index 0000000..e835ffd
--- /dev/null
+++ b/source4/nbt_server/irpc.c
@@ -0,0 +1,210 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ irpc services for the NBT server
+
+ Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Volker Lendecke 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "samba/service_task.h"
+#include "samba/service.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsserver.h"
+#include "librpc/gen_ndr/ndr_irpc.h"
+#include "lib/socket/socket.h"
+#include "libcli/resolve/resolve.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+
+/*
+ serve out the nbt statistics
+*/
+static NTSTATUS nbtd_information(struct irpc_message *msg,
+ struct nbtd_information *r)
+{
+ struct nbtd_server *server = talloc_get_type(msg->private_data,
+ struct nbtd_server);
+
+ switch (r->in.level) {
+ case NBTD_INFO_STATISTICS:
+ r->out.info.stats = &server->stats;
+ break;
+ }
+
+ return NT_STATUS_OK;
+}
+
+
+/*
+ winbind needs to be able to do a getdc request, but most (all?) windows
+ servers always send the reply to port 138, regardless of the request
+ port. To cope with this we use a irpc request to the NBT server
+ which has port 138 open, and thus can receive the replies
+*/
+struct getdc_state {
+ struct irpc_message *msg;
+ struct nbtd_getdcname *req;
+};
+
+static void getdc_recv_netlogon_reply(struct dgram_mailslot_handler *dgmslot,
+ struct nbt_dgram_packet *packet,
+ struct socket_address *src)
+{
+ struct getdc_state *s =
+ talloc_get_type(dgmslot->private_data, struct getdc_state);
+ const char *p;
+ struct nbt_netlogon_response netlogon;
+ NTSTATUS status;
+
+ status = dgram_mailslot_netlogon_parse_response(packet, packet,
+ &netlogon);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(5, ("dgram_mailslot_ntlogon_parse failed: %s\n",
+ nt_errstr(status)));
+ goto done;
+ }
+
+ /* We asked for version 1 only */
+ if (netlogon.response_type == NETLOGON_SAMLOGON
+ && netlogon.data.samlogon.ntver != NETLOGON_NT_VERSION_1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+
+ p = netlogon.data.samlogon.data.nt4.pdc_name;
+
+ DEBUG(10, ("NTLOGON_SAM_LOGON_REPLY: server: %s, user: %s, "
+ "domain: %s\n", p,
+ netlogon.data.samlogon.data.nt4.user_name,
+ netlogon.data.samlogon.data.nt4.domain_name));
+
+ if (*p == '\\') p += 1;
+ if (*p == '\\') p += 1;
+
+ s->req->out.dcname = talloc_strdup(s->req, p);
+ if (s->req->out.dcname == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ status = NT_STATUS_OK;
+
+ done:
+ irpc_send_reply(s->msg, status);
+}
+
+static NTSTATUS nbtd_getdcname(struct irpc_message *msg,
+ struct nbtd_getdcname *req)
+{
+ struct nbtd_server *server =
+ talloc_get_type(msg->private_data, struct nbtd_server);
+ struct nbtd_interface *iface = nbtd_find_request_iface(server, req->in.ip_address, true);
+ struct getdc_state *s;
+ struct nbt_netlogon_packet p;
+ struct NETLOGON_SAM_LOGON_REQUEST *r;
+ struct nbt_name src, dst;
+ struct socket_address *dest;
+ struct dgram_mailslot_handler *handler;
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(0, ("nbtd_getdcname called\n"));
+
+ s = talloc(msg, struct getdc_state);
+ NT_STATUS_HAVE_NO_MEMORY(s);
+
+ s->msg = msg;
+ s->req = req;
+
+ handler = dgram_mailslot_temp(iface->dgmsock, NBT_MAILSLOT_GETDC,
+ getdc_recv_netlogon_reply, s);
+ NT_STATUS_HAVE_NO_MEMORY(handler);
+
+ ZERO_STRUCT(p);
+ p.command = LOGON_SAM_LOGON_REQUEST;
+ r = &p.req.logon;
+ r->request_count = 0;
+ r->computer_name = req->in.my_computername;
+ r->user_name = req->in.my_accountname;
+ r->mailslot_name = handler->mailslot_name;
+ r->acct_control = req->in.account_control;
+ r->sid = *req->in.domain_sid;
+ r->nt_version = NETLOGON_NT_VERSION_1;
+ r->lmnt_token = 0xffff;
+ r->lm20_token = 0xffff;
+
+ make_nbt_name_client(&src, req->in.my_computername);
+ make_nbt_name(&dst, req->in.domainname, 0x1c);
+
+ dest = socket_address_from_strings(msg, iface->dgmsock->sock->backend_name,
+ req->in.ip_address, 138);
+ NT_STATUS_HAVE_NO_MEMORY(dest);
+
+ status = dgram_mailslot_netlogon_send(iface->dgmsock,
+ &dst, dest,
+ NBT_MAILSLOT_NETLOGON,
+ &src, &p);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("dgram_mailslot_ntlogon_send failed: %s\n",
+ nt_errstr(status)));
+ return status;
+ }
+
+ msg->defer_reply = true;
+ return NT_STATUS_OK;
+}
+
+
+/*
+ register the irpc handlers for the nbt server
+*/
+void nbtd_register_irpc(struct nbtd_server *nbtsrv)
+{
+ NTSTATUS status;
+ struct task_server *task = nbtsrv->task;
+
+ status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_INFORMATION,
+ nbtd_information, nbtsrv);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task, "nbtd failed to setup monitoring", true);
+ return;
+ }
+
+ status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_GETDCNAME,
+ nbtd_getdcname, nbtsrv);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task, "nbtd failed to setup getdcname "
+ "handler", true);
+ return;
+ }
+
+ status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_PROXY_WINS_CHALLENGE,
+ nbtd_proxy_wins_challenge, nbtsrv);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task, "nbtd failed to setup wins challenge "
+ "handler", true);
+ return;
+ }
+
+ status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_PROXY_WINS_RELEASE_DEMAND,
+ nbtd_proxy_wins_release_demand, nbtsrv);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task, "nbtd failed to setup wins release demand "
+ "handler", true);
+ return;
+ }
+}
diff --git a/source4/nbt_server/nbt_server.c b/source4/nbt_server/nbt_server.c
new file mode 100644
index 0000000..6d28bbd
--- /dev/null
+++ b/source4/nbt_server/nbt_server.c
@@ -0,0 +1,117 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ NBT server task
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "samba/service_task.h"
+#include "samba/service.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsserver.h"
+#include "system/network.h"
+#include "lib/socket/netif.h"
+#include "auth/auth.h"
+#include "dsdb/samdb/samdb.h"
+#include "param/param.h"
+
+NTSTATUS server_service_nbtd_init(TALLOC_CTX *);
+
+/*
+ startup the nbtd task
+*/
+static NTSTATUS nbtd_task_init(struct task_server *task)
+{
+ struct nbtd_server *nbtsrv;
+ NTSTATUS status;
+ struct interface *ifaces;
+
+ load_interface_list(task, task->lp_ctx, &ifaces);
+
+ if (iface_list_count(ifaces) == 0) {
+ task_server_terminate(task, "nbtd: no network interfaces configured", false);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if (lpcfg_disable_netbios(task->lp_ctx)) {
+ task_server_terminate(task, "nbtd: 'disable netbios = yes' set in smb.conf, shutting down nbt server", false);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ task_server_set_title(task, "task[nbtd]");
+
+ nbtsrv = talloc(task, struct nbtd_server);
+ if (nbtsrv == NULL) {
+ task_server_terminate(task, "nbtd: out of memory", true);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ nbtsrv->task = task;
+ nbtsrv->interfaces = NULL;
+ nbtsrv->bcast_interface = NULL;
+ nbtsrv->wins_interface = NULL;
+
+ /* start listening on the configured network interfaces */
+ status = nbtd_startup_interfaces(nbtsrv, task->lp_ctx, ifaces);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task, "nbtd failed to setup interfaces", true);
+ return status;
+ }
+
+ nbtsrv->sam_ctx = samdb_connect(nbtsrv,
+ task->event_ctx,
+ task->lp_ctx,
+ system_session(task->lp_ctx),
+ NULL,
+ 0);
+ if (nbtsrv->sam_ctx == NULL) {
+ task_server_terminate(task, "nbtd failed to open samdb", true);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ /* start the WINS server, if appropriate */
+ status = nbtd_winsserver_init(nbtsrv);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task, "nbtd failed to start WINS server", true);
+ return status;
+ }
+
+ nbtd_register_irpc(nbtsrv);
+
+ /* start the process of registering our names on all interfaces */
+ nbtd_register_names(nbtsrv);
+
+ irpc_add_name(task->msg_ctx, "nbt_server");
+
+ return NT_STATUS_OK;
+}
+
+
+/*
+ register ourselves as a available server
+*/
+NTSTATUS server_service_nbtd_init(TALLOC_CTX *ctx)
+{
+ static const struct service_details details = {
+ .inhibit_fork_on_accept = true,
+ .inhibit_pre_fork = true,
+ .task_init = nbtd_task_init,
+ .post_fork = NULL
+ };
+ return register_server_service(ctx, "nbt", &details);
+}
diff --git a/source4/nbt_server/nbt_server.h b/source4/nbt_server/nbt_server.h
new file mode 100644
index 0000000..c80e5bf
--- /dev/null
+++ b/source4/nbt_server/nbt_server.h
@@ -0,0 +1,94 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ NBT server structures
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "../libcli/nbt/libnbt.h"
+#include "libcli/wrepl/winsrepl.h"
+#include "libcli/dgram/libdgram.h"
+#include "librpc/gen_ndr/irpc.h"
+#include "lib/messaging/irpc.h"
+
+/*
+ a list of our registered names on each interface
+*/
+struct nbtd_iface_name {
+ struct nbtd_iface_name *next, *prev;
+ struct nbtd_interface *iface;
+ struct nbt_name name;
+ uint16_t nb_flags;
+ struct timeval registration_time;
+ uint32_t ttl;
+
+ /* if registered with a wins server, then this lists the server being
+ used */
+ const char *wins_server;
+};
+
+struct nbtd_wins_wack_state;
+
+/* a list of network interfaces we are listening on */
+struct nbtd_interface {
+ struct nbtd_interface *next, *prev;
+ struct nbtd_server *nbtsrv;
+ const char *ip_address;
+ const char *bcast_address;
+ const char *netmask;
+ struct nbt_name_socket *nbtsock;
+ struct nbt_dgram_socket *dgmsock;
+ struct nbtd_iface_name *names;
+ struct nbtd_wins_wack_state *wack_queue;
+};
+
+
+/*
+ top level context structure for the nbt server
+*/
+struct nbtd_server {
+ struct task_server *task;
+
+ /* the list of local network interfaces */
+ struct nbtd_interface *interfaces;
+
+ /* broadcast interface used for receiving packets only */
+ struct nbtd_interface *bcast_interface;
+
+ /* wins client interface - used for registering and refreshing
+ our names with a WINS server */
+ struct nbtd_interface *wins_interface;
+
+ struct wins_server *winssrv;
+
+ struct nbtd_statistics stats;
+
+ struct ldb_context *sam_ctx;
+};
+
+
+
+/* check a condition on an incoming packet */
+#define NBTD_ASSERT_PACKET(packet, src, test) do { \
+ if (!(test)) { \
+ nbtd_bad_packet(packet, src, #test); \
+ return; \
+ } \
+} while (0)
+
+struct interface;
+#include "nbt_server/nbt_server_proto.h"
diff --git a/source4/nbt_server/nodestatus.c b/source4/nbt_server/nodestatus.c
new file mode 100644
index 0000000..e26cda7
--- /dev/null
+++ b/source4/nbt_server/nodestatus.c
@@ -0,0 +1,182 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ answer node status queries
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../lib/util/dlinklist.h"
+#include "system/network.h"
+#include "nbt_server/nbt_server.h"
+#include "lib/socket/socket.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+
+struct nbt_name_packet *nbtd_node_status_reply_packet(
+ TALLOC_CTX *mem_ctx,
+ uint16_t trn_id,
+ const struct nbt_name *name,
+ struct nbtd_interface *iface)
+{
+ struct nbtd_iface_name *iname;
+ struct nbt_name_packet *packet;
+ struct nbt_res_rec *answer;
+ struct nbt_rdata_status *stat;
+ uint32_t num_names;
+ NTSTATUS status;
+
+ num_names = 0;
+ for (iname = iface->names; iname != NULL; iname = iname->next) {
+ if ((iname->nb_flags & NBT_NM_ACTIVE) == 0) {
+ continue;
+ }
+ if (strcmp(iname->name.name, "*") == 0) {
+ continue;
+ }
+ num_names += 1;
+ }
+
+ packet = talloc_zero(mem_ctx, struct nbt_name_packet);
+ if (packet == NULL) {
+ return NULL;
+ }
+
+ packet->name_trn_id = trn_id;
+ packet->ancount = 1;
+ packet->operation =
+ NBT_OPCODE_QUERY |
+ NBT_FLAG_REPLY |
+ NBT_FLAG_AUTHORITATIVE;
+
+ packet->answers = talloc_array(packet, struct nbt_res_rec, 1);
+ if (packet->answers == NULL) {
+ goto failed;
+ }
+
+ answer = &packet->answers[0];
+
+ status = nbt_name_dup(packet->answers, name, &answer->name);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto failed;
+ }
+
+ answer->rr_type = NBT_QTYPE_STATUS;
+ answer->rr_class = NBT_QCLASS_IP;
+ answer->ttl = 0;
+
+ stat = &packet->answers[0].rdata.status;
+
+ stat->num_names = num_names;
+ stat->names = talloc_zero_array(
+ packet->answers,
+ struct nbt_status_name,
+ num_names);
+ if (stat->names == NULL) {
+ goto failed;
+ }
+
+ num_names = 0;
+ for (iname = iface->names; iname != NULL; iname = iname->next) {
+ struct nbt_status_name *n = &stat->names[num_names];
+
+ if ((iname->nb_flags & NBT_NM_ACTIVE) == 0) {
+ continue;
+ }
+ if (strcmp(iname->name.name, "*") == 0) {
+ continue;
+ }
+
+ n->name = talloc_asprintf(
+ stat->names,
+ "%-15s",
+ iname->name.name);
+ if (n->name == NULL) {
+ goto failed;
+ }
+ n->type = iname->name.type;
+ n->nb_flags = iname->nb_flags;
+
+ num_names += 1;
+ }
+
+ return packet;
+
+failed:
+ TALLOC_FREE(packet);
+ return NULL;
+}
+
+/*
+ send a name status reply
+*/
+static void nbtd_node_status_reply(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *request_packet,
+ struct socket_address *src,
+ struct nbt_name *name,
+ struct nbtd_interface *iface)
+{
+ struct nbt_name_packet *packet;
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ packet = nbtd_node_status_reply_packet(
+ nbtsock,
+ request_packet->name_trn_id,
+ name,
+ iface);
+ if (packet == NULL) {
+ return;
+ }
+
+ DEBUG(7,("Sending node status reply for %s to %s:%d\n",
+ nbt_name_string(packet, name), src->addr, src->port));
+
+ nbtsrv->stats.total_sent++;
+ nbt_name_reply_send(nbtsock, src, packet);
+
+ talloc_free(packet);
+}
+
+
+/*
+ answer a node status query
+*/
+void nbtd_query_status(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbt_name *name;
+ struct nbtd_iface_name *iname;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+
+ NBTD_ASSERT_PACKET(packet, src, packet->qdcount == 1);
+ NBTD_ASSERT_PACKET(packet, src, packet->questions[0].question_type == NBT_QTYPE_STATUS);
+ NBTD_ASSERT_PACKET(packet, src, packet->questions[0].question_class == NBT_QCLASS_IP);
+
+ /* see if we have the requested name on this interface */
+ name = &packet->questions[0].name;
+
+ iname = nbtd_find_iname(iface, name, NBT_NM_ACTIVE);
+ if (iname == NULL) {
+ DEBUG(7,("Node status query for %s from %s - not found on %s\n",
+ nbt_name_string(packet, name), src->addr, iface->ip_address));
+ return;
+ }
+
+ nbtd_node_status_reply(nbtsock, packet, src,
+ &iname->name, iface);
+}
diff --git a/source4/nbt_server/packet.c b/source4/nbt_server/packet.c
new file mode 100644
index 0000000..b9aea56
--- /dev/null
+++ b/source4/nbt_server/packet.c
@@ -0,0 +1,387 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ packet utility functions
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "samba/service_task.h"
+#include "lib/socket/socket.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "param/param.h"
+
+/*
+ we received a badly formed packet - log it
+*/
+void nbtd_bad_packet(struct nbt_name_packet *packet,
+ const struct socket_address *src, const char *reason)
+{
+ DEBUG(2,("nbtd: bad packet '%s' from %s:%d\n", reason, src->addr, src->port));
+ if (DEBUGLVL(5)) {
+ NDR_PRINT_DEBUG(nbt_name_packet, packet);
+ }
+}
+
+
+/*
+ see if an incoming packet is a broadcast packet from one of our own
+ interfaces
+*/
+bool nbtd_self_packet_and_bcast(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ const struct socket_address *src)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+
+ /* if its not a broadcast then its not considered a self packet */
+ if (!(packet->operation & NBT_FLAG_BROADCAST)) {
+ return false;
+ }
+
+ /*
+ * this uses the fact that iface->nbtsock is the unicast listen address
+ * if the interface isn't the global bcast interface
+ *
+ * so if the request was directed to the unicast address it isn't a broadcast
+ * message
+ */
+ if (iface->nbtsock == nbtsock &&
+ iface != iface->nbtsrv->bcast_interface) {
+ return false;
+ }
+
+ return nbtd_self_packet(nbtsock, packet, src);
+}
+
+bool nbtd_self_packet(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ const struct socket_address *src)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ /* if its not from the nbt port, then it wasn't a broadcast from us */
+ if (src->port != lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx)) {
+ return false;
+ }
+
+ /* we have to loop over our interface list, seeing if its from
+ one of our own interfaces */
+ for (iface=nbtsrv->interfaces;iface;iface=iface->next) {
+ if (strcmp(src->addr, iface->ip_address) == 0) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+struct nbt_name_packet *nbtd_name_query_reply_packet(
+ TALLOC_CTX *mem_ctx,
+ uint16_t trn_id,
+ uint32_t ttl,
+ uint16_t nb_flags,
+ const struct nbt_name *name,
+ const char **addresses,
+ size_t num_addresses)
+{
+ struct nbt_name_packet *packet;
+ size_t i;
+ struct nbt_res_rec *answer;
+ struct nbt_rdata_netbios *rdata;
+ NTSTATUS status;
+
+ if (num_addresses == 0) {
+ return NULL;
+ }
+
+ packet = talloc_zero(mem_ctx, struct nbt_name_packet);
+ if (packet == NULL) {
+ return NULL;
+ }
+
+ packet->name_trn_id = trn_id;
+ packet->ancount = 1;
+ packet->operation =
+ NBT_FLAG_REPLY |
+ NBT_OPCODE_QUERY |
+ NBT_FLAG_AUTHORITATIVE |
+ NBT_FLAG_RECURSION_DESIRED |
+ NBT_FLAG_RECURSION_AVAIL;
+
+ packet->answers = talloc_array(packet, struct nbt_res_rec, 1);
+ if (packet->answers == NULL) {
+ goto failed;
+ }
+ answer = packet->answers;
+
+ status = nbt_name_dup(packet->answers, name, &answer->name);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto failed;
+ }
+ answer->rr_type = NBT_QTYPE_NETBIOS;
+ answer->rr_class = NBT_QCLASS_IP;
+ answer->ttl = ttl;
+
+ rdata = &answer->rdata.netbios;
+ rdata->length = num_addresses*6;
+ rdata->addresses = talloc_array(
+ packet->answers,
+ struct nbt_rdata_address,
+ num_addresses);
+ if (rdata->addresses == NULL) {
+ goto failed;
+ }
+
+ for (i=0; i<num_addresses; i++) {
+ struct nbt_rdata_address *addr = &rdata->addresses[i];
+ addr->nb_flags = nb_flags;
+ addr->ipaddr = talloc_strdup(packet->answers, addresses[i]);
+ if (addr->ipaddr == NULL) {
+ goto failed;
+ }
+ }
+
+ return packet;
+
+failed:
+ TALLOC_FREE(packet);
+ return NULL;
+}
+
+/*
+ send a name query reply
+*/
+void nbtd_name_query_reply(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *request_packet,
+ struct socket_address *src,
+ struct nbt_name *name, uint32_t ttl,
+ uint16_t nb_flags, const char **addresses)
+{
+ struct nbt_name_packet *packet;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ packet = nbtd_name_query_reply_packet(
+ nbtsock,
+ request_packet->name_trn_id,
+ ttl,
+ nb_flags,
+ name,
+ addresses,
+ str_list_length(addresses));
+ if (packet == NULL) {
+ return;
+ }
+
+ DEBUG(7,("Sending name query reply for %s at %s to %s:%d\n",
+ nbt_name_string(packet, name), addresses[0], src->addr, src->port));
+
+ nbtsrv->stats.total_sent++;
+ nbt_name_reply_send(nbtsock, src, packet);
+
+ talloc_free(packet);
+}
+
+
+/*
+ send a negative name query reply
+*/
+void nbtd_negative_name_query_reply(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *request_packet,
+ struct socket_address *src)
+{
+ struct nbt_name_packet *packet;
+ struct nbt_name *name = &request_packet->questions[0].name;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ packet = talloc_zero(nbtsock, struct nbt_name_packet);
+ if (packet == NULL) return;
+
+ packet->name_trn_id = request_packet->name_trn_id;
+ packet->ancount = 1;
+ packet->operation =
+ NBT_FLAG_REPLY |
+ NBT_OPCODE_QUERY |
+ NBT_FLAG_AUTHORITATIVE |
+ NBT_RCODE_NAM;
+
+ packet->answers = talloc_array(packet, struct nbt_res_rec, 1);
+ if (packet->answers == NULL) goto failed;
+
+ packet->answers[0].name = *name;
+ packet->answers[0].rr_type = NBT_QTYPE_NULL;
+ packet->answers[0].rr_class = NBT_QCLASS_IP;
+ packet->answers[0].ttl = 0;
+ ZERO_STRUCT(packet->answers[0].rdata);
+
+ DEBUG(7,("Sending negative name query reply for %s to %s:%d\n",
+ nbt_name_string(packet, name), src->addr, src->port));
+
+ nbtsrv->stats.total_sent++;
+ nbt_name_reply_send(nbtsock, src, packet);
+
+failed:
+ talloc_free(packet);
+}
+
+/*
+ send a name registration reply
+*/
+void nbtd_name_registration_reply(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *request_packet,
+ struct socket_address *src,
+ uint8_t rcode)
+{
+ struct nbt_name_packet *packet;
+ struct nbt_name *name = &request_packet->questions[0].name;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ packet = talloc_zero(nbtsock, struct nbt_name_packet);
+ if (packet == NULL) return;
+
+ packet->name_trn_id = request_packet->name_trn_id;
+ packet->ancount = 1;
+ packet->operation =
+ NBT_FLAG_REPLY |
+ NBT_OPCODE_REGISTER |
+ NBT_FLAG_AUTHORITATIVE |
+ NBT_FLAG_RECURSION_DESIRED |
+ NBT_FLAG_RECURSION_AVAIL |
+ rcode;
+
+ packet->answers = talloc_array(packet, struct nbt_res_rec, 1);
+ if (packet->answers == NULL) goto failed;
+
+ packet->answers[0].name = *name;
+ packet->answers[0].rr_type = NBT_QTYPE_NETBIOS;
+ packet->answers[0].rr_class = NBT_QCLASS_IP;
+ packet->answers[0].ttl = request_packet->additional[0].ttl;
+ packet->answers[0].rdata = request_packet->additional[0].rdata;
+
+ DEBUG(7,("Sending %s name registration reply for %s to %s:%d\n",
+ rcode==0?"positive":"negative",
+ nbt_name_string(packet, name), src->addr, src->port));
+
+ nbtsrv->stats.total_sent++;
+ nbt_name_reply_send(nbtsock, src, packet);
+
+failed:
+ talloc_free(packet);
+}
+
+
+/*
+ send a name release reply
+*/
+void nbtd_name_release_reply(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *request_packet,
+ struct socket_address *src,
+ uint8_t rcode)
+{
+ struct nbt_name_packet *packet;
+ struct nbt_name *name = &request_packet->questions[0].name;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ packet = talloc_zero(nbtsock, struct nbt_name_packet);
+ if (packet == NULL) return;
+
+ packet->name_trn_id = request_packet->name_trn_id;
+ packet->ancount = 1;
+ packet->operation =
+ NBT_FLAG_REPLY |
+ NBT_OPCODE_RELEASE |
+ NBT_FLAG_AUTHORITATIVE |
+ rcode;
+
+ packet->answers = talloc_array(packet, struct nbt_res_rec, 1);
+ if (packet->answers == NULL) goto failed;
+
+ packet->answers[0].name = *name;
+ packet->answers[0].rr_type = NBT_QTYPE_NETBIOS;
+ packet->answers[0].rr_class = NBT_QCLASS_IP;
+ packet->answers[0].ttl = request_packet->additional[0].ttl;
+ packet->answers[0].rdata = request_packet->additional[0].rdata;
+
+ DEBUG(7,("Sending %s name release reply for %s to %s:%d\n",
+ rcode==0?"positive":"negative",
+ nbt_name_string(packet, name), src->addr, src->port));
+
+ nbtsrv->stats.total_sent++;
+ nbt_name_reply_send(nbtsock, src, packet);
+
+failed:
+ talloc_free(packet);
+}
+
+
+/*
+ send a WACK reply
+*/
+void nbtd_wack_reply(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *request_packet,
+ struct socket_address *src,
+ uint32_t ttl)
+{
+ struct nbt_name_packet *packet;
+ struct nbt_name *name = &request_packet->questions[0].name;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ packet = talloc_zero(nbtsock, struct nbt_name_packet);
+ if (packet == NULL) return;
+
+ packet->name_trn_id = request_packet->name_trn_id;
+ packet->ancount = 1;
+ packet->operation =
+ NBT_FLAG_REPLY |
+ NBT_OPCODE_WACK |
+ NBT_FLAG_AUTHORITATIVE;
+
+ packet->answers = talloc_array(packet, struct nbt_res_rec, 1);
+ if (packet->answers == NULL) goto failed;
+
+ packet->answers[0].name = *name;
+ packet->answers[0].rr_type = NBT_QTYPE_NETBIOS;
+ packet->answers[0].rr_class = NBT_QCLASS_IP;
+ packet->answers[0].ttl = ttl;
+ packet->answers[0].rdata.data.length = 2;
+ packet->answers[0].rdata.data.data = talloc_array(packet, uint8_t, 2);
+ if (packet->answers[0].rdata.data.data == NULL) goto failed;
+ RSSVAL(packet->answers[0].rdata.data.data, 0, request_packet->operation);
+
+ DEBUG(7,("Sending WACK reply for %s to %s:%d\n",
+ nbt_name_string(packet, name), src->addr, src->port));
+
+ nbtsrv->stats.total_sent++;
+ nbt_name_reply_send(nbtsock, src, packet);
+
+failed:
+ talloc_free(packet);
+}
diff --git a/source4/nbt_server/query.c b/source4/nbt_server/query.c
new file mode 100644
index 0000000..7e1a760
--- /dev/null
+++ b/source4/nbt_server/query.c
@@ -0,0 +1,102 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ answer name queries
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../lib/util/dlinklist.h"
+#include "system/network.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsserver.h"
+#include "samba/service_task.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "lib/socket/socket.h"
+#include "param/param.h"
+
+/*
+ answer a name query
+*/
+void nbtd_request_query(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbtd_iface_name *iname;
+ struct nbt_name *name;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+
+ /* see if its a node status query */
+ if (packet->qdcount == 1 &&
+ packet->questions[0].question_type == NBT_QTYPE_STATUS) {
+ nbtd_query_status(nbtsock, packet, src);
+ return;
+ }
+
+ NBTD_ASSERT_PACKET(packet, src, packet->qdcount == 1);
+ NBTD_ASSERT_PACKET(packet, src,
+ packet->questions[0].question_type == NBT_QTYPE_NETBIOS);
+ NBTD_ASSERT_PACKET(packet, src,
+ packet->questions[0].question_class == NBT_QCLASS_IP);
+
+ /* see if we have the requested name on this interface */
+ name = &packet->questions[0].name;
+
+ iname = nbtd_find_iname(iface, name, 0);
+ if (iname == NULL) {
+ /* don't send negative replies to broadcast queries */
+ if (packet->operation & NBT_FLAG_BROADCAST) {
+ return;
+ }
+
+ if (packet->operation & NBT_FLAG_RECURSION_DESIRED) {
+ nbtd_winsserver_request(nbtsock, packet, src);
+ return;
+ }
+
+ /* otherwise send a negative reply */
+ nbtd_negative_name_query_reply(nbtsock, packet, src);
+ return;
+ }
+
+ /*
+ * normally we should forward all queries with the
+ * recursion desired flag to the wins server, but this
+ * breaks are winsclient code, when doing mhomed registrations
+ */
+ if (!(packet->operation & NBT_FLAG_BROADCAST) &&
+ (packet->operation & NBT_FLAG_RECURSION_DESIRED) &&
+ (iname->nb_flags & NBT_NM_GROUP) &&
+ lpcfg_we_are_a_wins_server(iface->nbtsrv->task->lp_ctx)) {
+ nbtd_winsserver_request(nbtsock, packet, src);
+ return;
+ }
+
+ /* if the name is not yet active and its a broadcast query then
+ ignore it for now */
+ if (!(iname->nb_flags & NBT_NM_ACTIVE) &&
+ (packet->operation & NBT_FLAG_BROADCAST)) {
+ DEBUG(7,("Query for %s from %s - name not active yet on %s\n",
+ nbt_name_string(packet, name), src->addr, iface->ip_address));
+ return;
+ }
+
+ nbtd_name_query_reply(nbtsock, packet, src,
+ &iname->name, iname->ttl, iname->nb_flags,
+ nbtd_address_list(iface, packet));
+}
diff --git a/source4/nbt_server/register.c b/source4/nbt_server/register.c
new file mode 100644
index 0000000..4d10e9b
--- /dev/null
+++ b/source4/nbt_server/register.c
@@ -0,0 +1,310 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ register our names
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "lib/events/events.h"
+#include "../lib/util/dlinklist.h"
+#include "nbt_server/nbt_server.h"
+#include "samba/service_task.h"
+#include "libcli/composite/composite.h"
+#include "librpc/gen_ndr/ndr_samr.h"
+#include "nbt_server/wins/winsserver.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "dsdb/samdb/samdb.h"
+#include "param/param.h"
+#include "libds/common/roles.h"
+
+static void nbtd_start_refresh_timer(struct nbtd_iface_name *iname);
+
+/*
+ a name refresh request has completed
+*/
+static void refresh_completion_handler(struct nbt_name_request *req)
+{
+ struct nbtd_iface_name *iname = talloc_get_type(req->async.private_data,
+ struct nbtd_iface_name);
+ NTSTATUS status;
+ struct nbt_name_refresh io;
+ TALLOC_CTX *tmp_ctx = talloc_new(iname);
+
+ status = nbt_name_refresh_recv(req, tmp_ctx, &io);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
+ DEBUG(4,("Refreshed name %s with %s on interface %s\n",
+ nbt_name_string(tmp_ctx, &iname->name),
+ iname->iface->ip_address, iname->iface->bcast_address));
+ iname->registration_time = timeval_current();
+ nbtd_start_refresh_timer(iname);
+ talloc_free(tmp_ctx);
+ return;
+ }
+
+ iname->nb_flags |= NBT_NM_CONFLICT;
+ iname->nb_flags &= ~NBT_NM_ACTIVE;
+
+ if (NT_STATUS_IS_OK(status)) {
+ DEBUG(1,("Name conflict from %s refreshing name %s with %s on interface %s - %s\n",
+ io.out.reply_addr, nbt_name_string(tmp_ctx, &iname->name),
+ iname->iface->ip_address, iname->iface->bcast_address,
+ nt_errstr(nbt_rcode_to_ntstatus(io.out.rcode))));
+ } else {
+ DEBUG(1,("Error refreshing name %s with %s on interface %s - %s\n",
+ nbt_name_string(tmp_ctx, &iname->name),
+ iname->iface->ip_address, iname->iface->bcast_address,
+ nt_errstr(status)));
+ }
+
+ talloc_free(tmp_ctx);
+}
+
+
+/*
+ handle name refresh timer events
+*/
+static void name_refresh_handler(struct tevent_context *ev, struct tevent_timer *te,
+ struct timeval t, void *private_data)
+{
+ struct nbtd_iface_name *iname = talloc_get_type(private_data, struct nbtd_iface_name);
+ struct nbtd_interface *iface = iname->iface;
+ struct nbt_name_register io;
+ struct nbt_name_request *req;
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ /* setup a single name register request. Notice that we don't
+ use a name refresh request, as Windows and Samba3 do not
+ defend against broadcast name refresh packets. So for this
+ to be of any use at all, we need to refresh using name
+ registration packets */
+ io.in.name = iname->name;
+ io.in.dest_addr = iface->bcast_address;
+ io.in.dest_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx);
+ io.in.address = iface->ip_address;
+ io.in.nb_flags = iname->nb_flags;
+ io.in.ttl = iname->ttl;
+ io.in.register_demand = false;
+ io.in.broadcast = true;
+ io.in.multi_homed = false;
+ io.in.timeout = 3;
+ io.in.retries = 0;
+
+ nbtsrv->stats.total_sent++;
+ req = nbt_name_register_send(iface->nbtsock, &io);
+ if (req == NULL) return;
+
+ req->async.fn = refresh_completion_handler;
+ req->async.private_data = iname;
+}
+
+
+/*
+ start a timer to refresh this name
+*/
+static void nbtd_start_refresh_timer(struct nbtd_iface_name *iname)
+{
+ uint32_t refresh_time;
+ uint32_t max_refresh_time = lpcfg_parm_int(iname->iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "max_refresh_time", 7200);
+
+ refresh_time = MIN(max_refresh_time, iname->ttl/2);
+
+ tevent_add_timer(iname->iface->nbtsrv->task->event_ctx,
+ iname,
+ timeval_add(&iname->registration_time, refresh_time, 0),
+ name_refresh_handler, iname);
+}
+
+struct nbtd_register_name_state {
+ struct nbtd_iface_name *iname;
+ struct nbt_name_register_bcast io;
+};
+
+/*
+ a name registration has completed
+*/
+static void nbtd_register_name_handler(struct tevent_req *subreq)
+{
+ struct nbtd_register_name_state *state =
+ tevent_req_callback_data(subreq,
+ struct nbtd_register_name_state);
+ struct nbtd_iface_name *iname = state->iname;
+ NTSTATUS status;
+
+ status = nbt_name_register_bcast_recv(subreq);
+ TALLOC_FREE(subreq);
+ if (NT_STATUS_IS_OK(status)) {
+ /* good - nobody complained about our registration */
+ iname->nb_flags |= NBT_NM_ACTIVE;
+ DEBUG(3,("Registered %s with %s on interface %s\n",
+ nbt_name_string(state, &iname->name),
+ iname->iface->ip_address, iname->iface->bcast_address));
+ iname->registration_time = timeval_current();
+ talloc_free(state);
+ nbtd_start_refresh_timer(iname);
+ return;
+ }
+
+ /* someone must have replied with an objection! */
+ iname->nb_flags |= NBT_NM_CONFLICT;
+
+ DEBUG(1,("Error registering %s with %s on interface %s - %s\n",
+ nbt_name_string(state, &iname->name),
+ iname->iface->ip_address, iname->iface->bcast_address,
+ nt_errstr(status)));
+ talloc_free(state);
+}
+
+
+/*
+ register a name on a network interface
+*/
+static void nbtd_register_name_iface(struct nbtd_interface *iface,
+ const char *name, enum nbt_name_type type,
+ uint16_t nb_flags)
+{
+ struct nbtd_iface_name *iname;
+ const char *scope = lpcfg_netbios_scope(iface->nbtsrv->task->lp_ctx);
+ struct nbtd_register_name_state *state;
+ struct tevent_req *subreq;
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+
+ iname = talloc(iface, struct nbtd_iface_name);
+ if (!iname) return;
+
+ iname->iface = iface;
+ iname->name.name = strupper_talloc(iname, name);
+ iname->name.type = type;
+ if (scope && *scope) {
+ iname->name.scope = strupper_talloc(iname, scope);
+ } else {
+ iname->name.scope = NULL;
+ }
+ iname->nb_flags = nb_flags;
+ iname->ttl = lpcfg_parm_int(iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "bcast_ttl", 300000);
+ iname->registration_time = timeval_zero();
+ iname->wins_server = NULL;
+
+ DLIST_ADD_END(iface->names, iname);
+
+ if (nb_flags & NBT_NM_PERMANENT) {
+ /* permanent names are not announced and are immediately active */
+ iname->nb_flags |= NBT_NM_ACTIVE;
+ iname->ttl = 0;
+ return;
+ }
+
+ /* if this is the wins interface, then we need to do a special
+ wins name registration */
+ if (iface == iface->nbtsrv->wins_interface) {
+ nbtd_winsclient_register(iname);
+ return;
+ }
+
+ state = talloc_zero(iname, struct nbtd_register_name_state);
+ if (state == NULL) {
+ return;
+ }
+
+ state->iname = iname;
+
+ /* setup a broadcast name registration request */
+ state->io.in.name = iname->name;
+ state->io.in.dest_addr = iface->bcast_address;
+ state->io.in.dest_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx);
+ state->io.in.address = iface->ip_address;
+ state->io.in.nb_flags = nb_flags;
+ state->io.in.ttl = iname->ttl;
+
+ nbtsrv->stats.total_sent++;
+
+ subreq = nbt_name_register_bcast_send(state, nbtsrv->task->event_ctx,
+ iface->nbtsock, &state->io);
+ if (subreq == NULL) {
+ return;
+ }
+
+ tevent_req_set_callback(subreq, nbtd_register_name_handler, state);
+}
+
+
+/*
+ register one name on all our interfaces
+*/
+void nbtd_register_name(struct nbtd_server *nbtsrv,
+ const char *name, enum nbt_name_type type,
+ uint16_t nb_flags)
+{
+ struct nbtd_interface *iface;
+
+ /* register with all the local interfaces */
+ for (iface=nbtsrv->interfaces;iface;iface=iface->next) {
+ nbtd_register_name_iface(iface, name, type, nb_flags);
+ }
+
+ /* register on our general broadcast interface as a permanent name */
+ if (nbtsrv->bcast_interface) {
+ nbtd_register_name_iface(nbtsrv->bcast_interface, name, type,
+ nb_flags | NBT_NM_PERMANENT);
+ }
+
+ /* register with our WINS servers */
+ if (nbtsrv->wins_interface) {
+ nbtd_register_name_iface(nbtsrv->wins_interface, name, type, nb_flags);
+ }
+}
+
+
+/*
+ register our names on all interfaces
+*/
+void nbtd_register_names(struct nbtd_server *nbtsrv)
+{
+ uint16_t nb_flags = NBT_NODE_M;
+ const char **aliases;
+
+ /* note that we don't initially mark the names "ACTIVE". They are
+ marked active once registration is successful */
+ nbtd_register_name(nbtsrv, lpcfg_netbios_name(nbtsrv->task->lp_ctx), NBT_NAME_CLIENT, nb_flags);
+ nbtd_register_name(nbtsrv, lpcfg_netbios_name(nbtsrv->task->lp_ctx), NBT_NAME_USER, nb_flags);
+ nbtd_register_name(nbtsrv, lpcfg_netbios_name(nbtsrv->task->lp_ctx), NBT_NAME_SERVER, nb_flags);
+
+ aliases = lpcfg_netbios_aliases(nbtsrv->task->lp_ctx);
+ while (aliases && aliases[0]) {
+ nbtd_register_name(nbtsrv, aliases[0], NBT_NAME_CLIENT, nb_flags);
+ nbtd_register_name(nbtsrv, aliases[0], NBT_NAME_SERVER, nb_flags);
+ aliases++;
+ }
+
+ if (lpcfg_server_role(nbtsrv->task->lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
+ bool is_pdc = samdb_is_pdc(nbtsrv->sam_ctx);
+ if (is_pdc) {
+ nbtd_register_name(nbtsrv, lpcfg_workgroup(nbtsrv->task->lp_ctx),
+ NBT_NAME_PDC, nb_flags);
+ }
+ nbtd_register_name(nbtsrv, lpcfg_workgroup(nbtsrv->task->lp_ctx),
+ NBT_NAME_LOGON, nb_flags | NBT_NM_GROUP);
+ }
+
+ nb_flags |= NBT_NM_GROUP;
+ nbtd_register_name(nbtsrv, lpcfg_workgroup(nbtsrv->task->lp_ctx), NBT_NAME_CLIENT, nb_flags);
+
+ nb_flags |= NBT_NM_PERMANENT;
+ nbtd_register_name(nbtsrv, "__SAMBA__", NBT_NAME_CLIENT, nb_flags);
+ nbtd_register_name(nbtsrv, "__SAMBA__", NBT_NAME_SERVER, nb_flags);
+ nbtd_register_name(nbtsrv, "*", NBT_NAME_CLIENT, nb_flags);
+}
diff --git a/source4/nbt_server/wins/wins_dns_proxy.c b/source4/nbt_server/wins/wins_dns_proxy.c
new file mode 100644
index 0000000..95ceb21
--- /dev/null
+++ b/source4/nbt_server/wins/wins_dns_proxy.c
@@ -0,0 +1,99 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ wins server dns proxy
+
+ Copyright (C) Stefan Metzmacher 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsdb.h"
+#include "nbt_server/wins/winsserver.h"
+#include "system/time.h"
+#include "libcli/composite/composite.h"
+#include "samba/service_task.h"
+#include "libcli/resolve/resolve.h"
+#include "lib/socket/socket.h"
+
+struct wins_dns_proxy_state {
+ struct nbt_name_socket *nbtsock;
+ struct nbt_name_packet *packet;
+ struct socket_address *src;
+};
+
+static void nbtd_wins_dns_proxy_handler(struct composite_context *creq)
+{
+ NTSTATUS status;
+ struct wins_dns_proxy_state *s = talloc_get_type(creq->async.private_data,
+ struct wins_dns_proxy_state);
+ struct nbt_name *name = &s->packet->questions[0].name;
+ const char *address;
+ const char **addresses;
+ uint16_t nb_flags = 0; /* TODO: ... */
+
+ status = resolve_name_recv(creq, s->packet, &address);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto notfound;
+ }
+
+ addresses = str_list_add(NULL, address);
+ talloc_steal(s->packet, addresses);
+ if (!addresses) goto notfound;
+
+ nbtd_name_query_reply(s->nbtsock, s->packet, s->src, name,
+ 0, nb_flags, addresses);
+ return;
+notfound:
+ nbtd_negative_name_query_reply(s->nbtsock, s->packet, s->src);
+}
+
+/*
+ dns proxy query a name
+*/
+void nbtd_wins_dns_proxy_query(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbt_name *name = &packet->questions[0].name;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_dns_proxy_state *s;
+ struct composite_context *creq;
+ struct resolve_context *resolve_ctx;
+
+ s = talloc(nbtsock, struct wins_dns_proxy_state);
+ if (!s) goto failed;
+ s->nbtsock = nbtsock;
+ s->packet = talloc_steal(s, packet);
+ s->src = socket_address_copy(s, src);
+ if (s->src == NULL) {
+ goto failed;
+ }
+
+ resolve_ctx = resolve_context_init(s);
+ if (resolve_ctx == NULL) goto failed;
+ resolve_context_add_host_method(resolve_ctx);
+
+ creq = resolve_name_send(resolve_ctx, s, name, iface->nbtsrv->task->event_ctx);
+ if (!creq) goto failed;
+
+ creq->async.fn = nbtd_wins_dns_proxy_handler;
+ creq->async.private_data= s;
+ return;
+failed:
+ nbtd_negative_name_query_reply(nbtsock, packet, src);
+}
diff --git a/source4/nbt_server/wins/wins_hook.c b/source4/nbt_server/wins/wins_hook.c
new file mode 100644
index 0000000..1af471b
--- /dev/null
+++ b/source4/nbt_server/wins/wins_hook.c
@@ -0,0 +1,94 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ wins hook feature, we run a specified script
+ which can then do some custom actions
+
+ Copyright (C) Stefan Metzmacher 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsdb.h"
+#include "system/filesys.h"
+
+static const char *wins_hook_action_string(enum wins_hook_action action)
+{
+ switch (action) {
+ case WINS_HOOK_ADD: return "add";
+ case WINS_HOOK_MODIFY: return "refresh";
+ case WINS_HOOK_DELETE: return "delete";
+ }
+
+ return "unknown";
+}
+
+void wins_hook(struct winsdb_handle *h, const struct winsdb_record *rec,
+ enum wins_hook_action action, const char *wins_hook_script)
+{
+ uint32_t i, length;
+ int child;
+ char *cmd = NULL;
+ TALLOC_CTX *tmp_mem = NULL;
+
+ if (!wins_hook_script || !wins_hook_script[0]) return;
+
+ tmp_mem = talloc_new(h);
+ if (!tmp_mem) goto failed;
+
+ length = winsdb_addr_list_length(rec->addresses);
+
+ if (action == WINS_HOOK_MODIFY && length < 1) {
+ action = WINS_HOOK_DELETE;
+ }
+
+ cmd = talloc_asprintf(tmp_mem,
+ "%s %s %s %02x %ld",
+ wins_hook_script,
+ wins_hook_action_string(action),
+ rec->name->name,
+ rec->name->type,
+ (long int) rec->expire_time);
+ if (!cmd) goto failed;
+
+ for (i=0; rec->addresses[i]; i++) {
+ cmd = talloc_asprintf_append_buffer(cmd, " %s", rec->addresses[i]->address);
+ if (!cmd) goto failed;
+ }
+
+ DEBUG(10,("call wins hook '%s'\n", cmd));
+
+ /* signal handling in posix really sucks - doing this in a library
+ affects the whole app, but what else to do?? */
+ signal(SIGCHLD, SIG_IGN);
+
+ child = fork();
+ if (child == (pid_t)-1) {
+ goto failed;
+ }
+
+ if (child == 0) {
+/* TODO: close file handles */
+ execl("/bin/sh", "sh", "-c", cmd, NULL);
+ _exit(0);
+ }
+
+ talloc_free(tmp_mem);
+ return;
+failed:
+ talloc_free(tmp_mem);
+ DEBUG(0,("FAILED: calling wins hook '%s'\n", wins_hook_script));
+}
diff --git a/source4/nbt_server/wins/wins_ldb.c b/source4/nbt_server/wins/wins_ldb.c
new file mode 100644
index 0000000..304c98d
--- /dev/null
+++ b/source4/nbt_server/wins/wins_ldb.c
@@ -0,0 +1,127 @@
+/*
+ ldb database module
+
+ Copyright (C) Stefan Metzmacher 2006
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * Name: ldb
+ *
+ * Component: ldb winsdb module
+ *
+ * Description: verify winsdb records before they're written to disk
+ *
+ * Author: Stefan Metzmacher
+ */
+
+#include "includes.h"
+#include "lib/events/events.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsdb.h"
+#include <ldb_module.h>
+#include "system/network.h"
+#include "lib/socket/netif.h"
+#include "param/param.h"
+
+static int wins_ldb_verify(struct ldb_module *module, struct ldb_request *req)
+{
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ struct winsdb_handle *h = talloc_get_type(ldb_get_opaque(ldb, "winsdb_handle"),
+ struct winsdb_handle);
+ const struct ldb_message *msg;
+
+ switch (req->operation) {
+ case LDB_ADD:
+ msg = req->op.add.message;
+ break;
+
+ case LDB_MODIFY:
+ msg = req->op.mod.message;
+ break;
+
+ default:
+ return ldb_next_request(module, req);
+ }
+
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(msg->dn)) {
+ return ldb_next_request(module, req);
+ }
+
+ if (!h) {
+ ldb_debug_set(ldb, LDB_DEBUG_FATAL, "%s", "WINS_LDB: INTERNAL ERROR: no winsdb_handle present!");
+ return LDB_ERR_OTHER;
+ }
+
+ switch (h->caller) {
+ case WINSDB_HANDLE_CALLER_NBTD:
+ case WINSDB_HANDLE_CALLER_WREPL:
+ /* we trust our nbt and wrepl code ... */
+ return ldb_next_request(module, req);
+
+ case WINSDB_HANDLE_CALLER_ADMIN:
+ ldb_debug(ldb, LDB_DEBUG_WARNING, "%s\n", "WINS_LDB: TODO verify add/modify for WINSDB_HANDLE_CALLER_ADMIN");
+ return ldb_next_request(module, req);
+ }
+
+ return LDB_ERR_OTHER;
+}
+
+static int wins_ldb_init(struct ldb_module *module)
+{
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ struct winsdb_handle *h;
+ const char *owner;
+ struct loadparm_context *lp_ctx = ldb_get_opaque(ldb, "loadparm");
+
+ ldb_module_set_private(module, NULL);
+
+ owner = lpcfg_parm_string(lp_ctx, NULL, "winsdb", "local_owner");
+ if (!owner) {
+ struct interface *ifaces;
+ load_interface_list(module, lp_ctx, &ifaces);
+ owner = iface_list_first_v4(ifaces);
+ if (!owner) {
+ owner = "0.0.0.0";
+ }
+ }
+
+ h = talloc_zero(module, struct winsdb_handle);
+ if (!h) goto failed;
+ h->ldb = ldb;
+ h->caller = WINSDB_HANDLE_CALLER_ADMIN;
+ h->local_owner = talloc_strdup(h, owner);
+ if (!h->local_owner) goto failed;
+
+ return ldb_set_opaque(ldb, "winsdb_handle", h);
+
+failed:
+ talloc_free(h);
+ return LDB_ERR_OTHER;
+}
+
+static const struct ldb_module_ops ldb_wins_ldb_module_ops = {
+ .name = "wins_ldb",
+ .add = wins_ldb_verify,
+ .modify = wins_ldb_verify,
+ .init_context = wins_ldb_init
+};
+
+int ldb_wins_ldb_module_init(const char *version)
+{
+ LDB_MODULE_CHECK_VERSION(version);
+ return ldb_register_module(&ldb_wins_ldb_module_ops);
+}
diff --git a/source4/nbt_server/wins/winsclient.c b/source4/nbt_server/wins/winsclient.c
new file mode 100644
index 0000000..c1e7f9a
--- /dev/null
+++ b/source4/nbt_server/wins/winsclient.c
@@ -0,0 +1,284 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ wins client name registration and refresh
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsserver.h"
+#include "libcli/composite/composite.h"
+#include "lib/events/events.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "samba/service_task.h"
+#include "param/param.h"
+
+/* we send WINS client requests using our primary network interface
+*/
+static struct nbt_name_socket *wins_socket(struct nbtd_interface *iface)
+{
+ struct nbtd_server *nbtsrv = iface->nbtsrv;
+ return nbtsrv->interfaces->nbtsock;
+}
+
+
+static void nbtd_wins_refresh(struct tevent_context *ev, struct tevent_timer *te,
+ struct timeval t, void *private_data);
+
+/*
+ retry a WINS name registration
+*/
+static void nbtd_wins_register_retry(struct tevent_context *ev, struct tevent_timer *te,
+ struct timeval t, void *private_data)
+{
+ struct nbtd_iface_name *iname = talloc_get_type(private_data, struct nbtd_iface_name);
+ nbtd_winsclient_register(iname);
+}
+
+/*
+ start a timer to refresh this name
+*/
+static void nbtd_wins_start_refresh_timer(struct nbtd_iface_name *iname)
+{
+ uint32_t refresh_time;
+ uint32_t max_refresh_time = lpcfg_parm_int(iname->iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "max_refresh_time", 7200);
+
+ refresh_time = MIN(max_refresh_time, iname->ttl/2);
+
+ tevent_add_timer(iname->iface->nbtsrv->task->event_ctx,
+ iname,
+ timeval_add(&iname->registration_time, refresh_time, 0),
+ nbtd_wins_refresh, iname);
+}
+
+struct nbtd_wins_refresh_state {
+ struct nbtd_iface_name *iname;
+ struct nbt_name_refresh_wins io;
+};
+
+/*
+ called when a wins name refresh has completed
+*/
+static void nbtd_wins_refresh_handler(struct tevent_req *subreq)
+{
+ NTSTATUS status;
+ struct nbtd_wins_refresh_state *state =
+ tevent_req_callback_data(subreq,
+ struct nbtd_wins_refresh_state);
+ struct nbtd_iface_name *iname = state->iname;
+
+ status = nbt_name_refresh_wins_recv(subreq, state, &state->io);
+ TALLOC_FREE(subreq);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
+ /* our WINS server is dead - start registration over
+ from scratch */
+ DEBUG(2,("Failed to refresh %s with WINS server %s\n",
+ nbt_name_string(state, &iname->name), iname->wins_server));
+ talloc_free(state);
+ nbtd_winsclient_register(iname);
+ return;
+ }
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1,("Name refresh failure with WINS for %s - %s\n",
+ nbt_name_string(state, &iname->name), nt_errstr(status)));
+ talloc_free(state);
+ return;
+ }
+
+ if (state->io.out.rcode != 0) {
+ DEBUG(1,("WINS server %s rejected name refresh of %s - %s\n",
+ state->io.out.wins_server,
+ nbt_name_string(state, &iname->name),
+ nt_errstr(nbt_rcode_to_ntstatus(state->io.out.rcode))));
+ iname->nb_flags |= NBT_NM_CONFLICT;
+ talloc_free(state);
+ return;
+ }
+
+ DEBUG(4,("Refreshed name %s with WINS server %s\n",
+ nbt_name_string(state, &iname->name), iname->wins_server));
+ /* success - start a periodic name refresh */
+ iname->nb_flags |= NBT_NM_ACTIVE;
+ if (iname->wins_server) {
+ /*
+ * talloc_free() would generate a warning,
+ * so steal it into the tmp context
+ */
+ talloc_steal(state, iname->wins_server);
+ }
+ iname->wins_server = talloc_move(iname, &state->io.out.wins_server);
+ iname->registration_time = timeval_current();
+
+ talloc_free(state);
+
+ nbtd_wins_start_refresh_timer(iname);
+}
+
+
+/*
+ refresh a WINS name registration
+*/
+static void nbtd_wins_refresh(struct tevent_context *ev, struct tevent_timer *te,
+ struct timeval t, void *private_data)
+{
+ struct nbtd_iface_name *iname = talloc_get_type(private_data, struct nbtd_iface_name);
+ struct nbtd_interface *iface = iname->iface;
+ struct nbt_name_socket *nbtsock = wins_socket(iface);
+ struct tevent_req *subreq;
+ struct nbtd_wins_refresh_state *state;
+ char **l;
+
+ state = talloc_zero(iname, struct nbtd_wins_refresh_state);
+ if (state == NULL) {
+ return;
+ }
+
+ state->iname = iname;
+
+ /* setup a wins name refresh request */
+ state->io.in.name = iname->name;
+ l = str_list_make_single(state, iname->wins_server);
+ state->io.in.wins_servers = discard_const_p(const char *, l);
+ state->io.in.wins_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx);
+ state->io.in.addresses = nbtd_address_list(iface, state);
+ state->io.in.nb_flags = iname->nb_flags;
+ state->io.in.ttl = iname->ttl;
+
+ if (!state->io.in.addresses) {
+ talloc_free(state);
+ return;
+ }
+
+ subreq = nbt_name_refresh_wins_send(state, ev, nbtsock, &state->io);
+ if (subreq == NULL) {
+ talloc_free(state);
+ return;
+ }
+
+ tevent_req_set_callback(subreq, nbtd_wins_refresh_handler, state);
+}
+
+struct nbtd_wins_register_state {
+ struct nbtd_iface_name *iname;
+ struct nbt_name_register_wins io;
+};
+
+/*
+ called when a wins name register has completed
+*/
+static void nbtd_wins_register_handler(struct tevent_req *subreq)
+{
+ NTSTATUS status;
+ struct nbtd_wins_register_state *state =
+ tevent_req_callback_data(subreq,
+ struct nbtd_wins_register_state);
+ struct nbtd_iface_name *iname = state->iname;
+
+ status = nbt_name_register_wins_recv(subreq, state, &state->io);
+ TALLOC_FREE(subreq);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
+ /* none of the WINS servers responded - try again
+ periodically */
+ int wins_retry_time = lpcfg_parm_int(iname->iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "wins_retry", 300);
+ tevent_add_timer(iname->iface->nbtsrv->task->event_ctx,
+ iname,
+ timeval_current_ofs(wins_retry_time, 0),
+ nbtd_wins_register_retry,
+ iname);
+ talloc_free(state);
+ return;
+ }
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1,("Name register failure with WINS for %s - %s\n",
+ nbt_name_string(state, &iname->name), nt_errstr(status)));
+ talloc_free(state);
+ return;
+ }
+
+ if (state->io.out.rcode != 0) {
+ DEBUG(1,("WINS server %s rejected name register of %s - %s\n",
+ state->io.out.wins_server,
+ nbt_name_string(state, &iname->name),
+ nt_errstr(nbt_rcode_to_ntstatus(state->io.out.rcode))));
+ iname->nb_flags |= NBT_NM_CONFLICT;
+ talloc_free(state);
+ return;
+ }
+
+ /* success - start a periodic name refresh */
+ iname->nb_flags |= NBT_NM_ACTIVE;
+ if (iname->wins_server) {
+ /*
+ * talloc_free() would generate a warning,
+ * so steal it into the tmp context
+ */
+ talloc_steal(state, iname->wins_server);
+ }
+ iname->wins_server = talloc_move(iname, &state->io.out.wins_server);
+
+ iname->registration_time = timeval_current();
+
+ DEBUG(3,("Registered %s with WINS server %s\n",
+ nbt_name_string(state, &iname->name), iname->wins_server));
+
+ talloc_free(state);
+
+ nbtd_wins_start_refresh_timer(iname);
+}
+
+/*
+ register a name with our WINS servers
+*/
+void nbtd_winsclient_register(struct nbtd_iface_name *iname)
+{
+ struct nbtd_interface *iface = iname->iface;
+ struct nbt_name_socket *nbtsock = wins_socket(iface);
+ struct nbtd_wins_register_state *state;
+ struct tevent_req *subreq;
+
+ state = talloc_zero(iname, struct nbtd_wins_register_state);
+ if (state == NULL) {
+ return;
+ }
+
+ state->iname = iname;
+
+ /* setup a wins name register request */
+ state->io.in.name = iname->name;
+ state->io.in.wins_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx);
+ state->io.in.wins_servers = lpcfg_wins_server_list(iface->nbtsrv->task->lp_ctx);
+ state->io.in.addresses = nbtd_address_list(iface, state);
+ state->io.in.nb_flags = iname->nb_flags;
+ state->io.in.ttl = iname->ttl;
+
+ if (state->io.in.addresses == NULL) {
+ talloc_free(state);
+ return;
+ }
+
+ subreq = nbt_name_register_wins_send(state, iface->nbtsrv->task->event_ctx,
+ nbtsock, &state->io);
+ if (subreq == NULL) {
+ talloc_free(state);
+ return;
+ }
+
+ tevent_req_set_callback(subreq, nbtd_wins_register_handler, state);
+}
diff --git a/source4/nbt_server/wins/winsdb.c b/source4/nbt_server/wins/winsdb.c
new file mode 100644
index 0000000..2a05e96
--- /dev/null
+++ b/source4/nbt_server/wins/winsdb.c
@@ -0,0 +1,1027 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ WINS database routines
+
+ Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Stefan Metzmacher 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsdb.h"
+#include <ldb.h>
+#include <ldb_errors.h>
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "system/time.h"
+#include "ldb_wrap.h"
+#include "system/network.h"
+#include "lib/socket/netif.h"
+#include "param/param.h"
+#include "lib/util/smb_strtox.h"
+
+#undef strcasecmp
+
+uint64_t winsdb_get_maxVersion(struct winsdb_handle *h)
+{
+ int ret;
+ struct ldb_context *ldb = h->ldb;
+ struct ldb_dn *dn;
+ struct ldb_result *res = NULL;
+ TALLOC_CTX *tmp_ctx = talloc_new(ldb);
+ uint64_t maxVersion = 0;
+
+ dn = ldb_dn_new(tmp_ctx, ldb, "CN=VERSION");
+ if (!dn) goto failed;
+
+ /* find the record in the WINS database */
+ ret = ldb_search(ldb, tmp_ctx, &res, dn, LDB_SCOPE_BASE, NULL, NULL);
+ if (ret != LDB_SUCCESS) goto failed;
+ if (res->count > 1) goto failed;
+
+ if (res->count == 1) {
+ maxVersion = ldb_msg_find_attr_as_uint64(res->msgs[0], "maxVersion", 0);
+ }
+
+failed:
+ talloc_free(tmp_ctx);
+ return maxVersion;
+}
+
+/*
+ if newVersion == 0 return the old maxVersion + 1 and save it
+ if newVersion > 0 return MAX(oldMaxVersion, newMaxVersion) and save it
+*/
+uint64_t winsdb_set_maxVersion(struct winsdb_handle *h, uint64_t newMaxVersion)
+{
+ int trans;
+ int ret;
+ struct ldb_dn *dn;
+ struct ldb_result *res = NULL;
+ struct ldb_message *msg = NULL;
+ struct ldb_context *wins_db = h->ldb;
+ TALLOC_CTX *tmp_ctx = talloc_new(wins_db);
+ uint64_t oldMaxVersion = 0;
+
+ trans = ldb_transaction_start(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ dn = ldb_dn_new(tmp_ctx, wins_db, "CN=VERSION");
+ if (!dn) goto failed;
+
+ /* find the record in the WINS database */
+ ret = ldb_search(wins_db, tmp_ctx, &res, dn, LDB_SCOPE_BASE, NULL, NULL);
+ if (ret != LDB_SUCCESS) goto failed;
+ if (res->count > 1) goto failed;
+
+ if (res->count == 1) {
+ oldMaxVersion = ldb_msg_find_attr_as_uint64(res->msgs[0], "maxVersion", 0);
+ }
+
+ if (newMaxVersion == 0) {
+ newMaxVersion = oldMaxVersion + 1;
+ } else {
+ newMaxVersion = MAX(oldMaxVersion, newMaxVersion);
+ }
+
+ msg = ldb_msg_new(tmp_ctx);
+ if (!msg) goto failed;
+ msg->dn = dn;
+
+
+ ret = ldb_msg_append_string(msg, "objectClass", "winsMaxVersion",
+ LDB_FLAG_MOD_REPLACE);
+ if (ret != LDB_SUCCESS) goto failed;
+ ret = ldb_msg_append_fmt(msg, LDB_FLAG_MOD_REPLACE,
+ "maxVersion", "%llu", (long long)newMaxVersion);
+ if (ret != LDB_SUCCESS) goto failed;
+
+ ret = ldb_modify(wins_db, msg);
+ if (ret != LDB_SUCCESS) ret = ldb_add(wins_db, msg);
+ if (ret != LDB_SUCCESS) goto failed;
+
+ trans = ldb_transaction_commit(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ talloc_free(tmp_ctx);
+ return newMaxVersion;
+
+failed:
+ if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db);
+ talloc_free(tmp_ctx);
+ return 0;
+}
+
+/*
+ return a DN for a nbt_name
+*/
+static struct ldb_dn *winsdb_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
+ const struct nbt_name *name)
+{
+ struct ldb_dn *dn;
+
+ dn = ldb_dn_new_fmt(mem_ctx, ldb, "type=0x%02X", name->type);
+ if (ldb_dn_is_valid(dn) && name->name && *name->name) {
+ ldb_dn_add_child_fmt(dn, "name=%s", name->name);
+ }
+ if (ldb_dn_is_valid(dn) && name->scope && *name->scope) {
+ ldb_dn_add_child_fmt(dn, "scope=%s", name->scope);
+ }
+ return dn;
+}
+
+static NTSTATUS winsdb_nbt_name(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, struct nbt_name **_name)
+{
+ NTSTATUS status;
+ struct nbt_name *name;
+ unsigned int comp_num;
+ uint32_t cur = 0;
+ int error = 0;
+
+ name = talloc(mem_ctx, struct nbt_name);
+ if (!name) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ comp_num = ldb_dn_get_comp_num(dn);
+
+ if (comp_num > 3) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+
+ if (comp_num > cur && strcasecmp("scope", ldb_dn_get_component_name(dn, cur)) == 0) {
+ name->scope = (const char *)talloc_strdup(name, (char *)ldb_dn_get_component_val(dn, cur)->data);
+ cur++;
+ } else {
+ name->scope = NULL;
+ }
+
+ if (comp_num > cur && strcasecmp("name", ldb_dn_get_component_name(dn, cur)) == 0) {
+ name->name = (const char *)talloc_strdup(name, (char *)ldb_dn_get_component_val(dn, cur)->data);
+ cur++;
+ } else {
+ name->name = talloc_strdup(name, "");
+ if (!name->name) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+ }
+
+ if (comp_num > cur && strcasecmp("type", ldb_dn_get_component_name(dn, cur)) == 0) {
+ name->type =
+ smb_strtoul(
+ (char *)ldb_dn_get_component_val(dn, cur)->data,
+ NULL,
+ 0,
+ &error,
+ SMB_STR_STANDARD);
+ if (error != 0) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+ cur++;
+ } else {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+
+ *_name = name;
+ return NT_STATUS_OK;
+failed:
+ talloc_free(name);
+ return status;
+}
+
+/*
+ decode the winsdb_addr("address") attribute:
+ "172.31.1.1" or
+ "172.31.1.1;winsOwner:172.31.9.202;expireTime:20050923032330.0Z;"
+ are valid records
+*/
+static NTSTATUS winsdb_addr_decode(struct winsdb_handle *h, struct winsdb_record *rec, struct ldb_val *val,
+ TALLOC_CTX *mem_ctx, struct winsdb_addr **_addr)
+{
+ NTSTATUS status;
+ struct winsdb_addr *addr;
+ const char *address;
+ const char *wins_owner;
+ const char *expire_time;
+ char *p;
+
+ addr = talloc(mem_ctx, struct winsdb_addr);
+ if (!addr) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ address = (char *)val->data;
+
+ p = strchr(address, ';');
+ if (!p) {
+ /* support old entries, with only the address */
+ addr->address = (const char *)talloc_steal(addr, val->data);
+ addr->wins_owner = talloc_strdup(addr, rec->wins_owner);
+ if (!addr->wins_owner) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+ addr->expire_time = rec->expire_time;
+ *_addr = addr;
+ return NT_STATUS_OK;
+ }
+
+ *p = '\0'; p++;
+ addr->address = talloc_strdup(addr, address);
+ if (!addr->address) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ if (strncmp("winsOwner:", p, 10) != 0) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+ wins_owner = p + 10;
+ p = strchr(wins_owner, ';');
+ if (!p) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+
+ *p = '\0';p++;
+ if (strcmp(wins_owner, "0.0.0.0") == 0) {
+ wins_owner = h->local_owner;
+ }
+ addr->wins_owner = talloc_strdup(addr, wins_owner);
+ if (!addr->wins_owner) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ if (strncmp("expireTime:", p, 11) != 0) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+
+ expire_time = p + 11;
+ p = strchr(expire_time, ';');
+ if (!p) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+
+ *p = '\0';p++;
+ addr->expire_time = ldb_string_to_time(expire_time);
+
+ *_addr = addr;
+ return NT_STATUS_OK;
+failed:
+ talloc_free(addr);
+ return status;
+}
+
+/*
+ encode the winsdb_addr("address") attribute like this:
+ non-static record:
+ "172.31.1.1;winsOwner:172.31.9.202;expireTime:20050923032330.0Z;"
+ static record:
+ "172.31.1.1"
+*/
+static int ldb_msg_add_winsdb_addr(struct ldb_message *msg, struct winsdb_record *rec,
+ const char *attr_name, struct winsdb_addr *addr)
+{
+ const char *str;
+
+ if (rec->is_static) {
+ str = talloc_strdup(msg, addr->address);
+ if (!str) return LDB_ERR_OPERATIONS_ERROR;
+ } else {
+ char *expire_time;
+ expire_time = ldb_timestring(msg, addr->expire_time);
+ if (!expire_time) return LDB_ERR_OPERATIONS_ERROR;
+ str = talloc_asprintf(msg, "%s;winsOwner:%s;expireTime:%s;",
+ addr->address, addr->wins_owner,
+ expire_time);
+ talloc_free(expire_time);
+ if (!str) return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ return ldb_msg_add_string(msg, attr_name, str);
+}
+
+struct winsdb_addr **winsdb_addr_list_make(TALLOC_CTX *mem_ctx)
+{
+ struct winsdb_addr **addresses;
+
+ addresses = talloc_array(mem_ctx, struct winsdb_addr *, 1);
+ if (!addresses) return NULL;
+
+ addresses[0] = NULL;
+
+ return addresses;
+}
+
+static int winsdb_addr_sort_list (struct winsdb_addr **p1, struct winsdb_addr **p2, void *opaque)
+{
+ struct winsdb_addr *a1 = talloc_get_type(*p1, struct winsdb_addr);
+ struct winsdb_addr *a2 = talloc_get_type(*p2, struct winsdb_addr);
+ struct winsdb_handle *h= talloc_get_type(opaque, struct winsdb_handle);
+ bool a1_owned = false;
+ bool a2_owned = false;
+
+ /*
+ * first the owned addresses with the newest to the oldest address
+ * then the replica addresses with the newest to the oldest address
+ */
+ if (a2->expire_time != a1->expire_time) {
+ return a2->expire_time - a1->expire_time;
+ }
+
+ if (strcmp(a2->wins_owner, h->local_owner) == 0) {
+ a2_owned = true;
+ }
+
+ if (strcmp(a1->wins_owner, h->local_owner) == 0) {
+ a1_owned = true;
+ }
+
+ return a2_owned - a1_owned;
+}
+
+struct winsdb_addr **winsdb_addr_list_add(struct winsdb_handle *h, const struct winsdb_record *rec,
+ struct winsdb_addr **addresses, const char *address,
+ const char *wins_owner, time_t expire_time,
+ bool is_name_registration)
+{
+ struct winsdb_addr *old_addr = NULL;
+ size_t len = 0;
+ size_t i;
+ bool found_old_replica = false;
+
+ /*
+ * count the addresses and maybe
+ * find an old entry for the new address
+ */
+ for (i=0; addresses[i]; i++) {
+ if (old_addr) continue;
+ if (strcmp(addresses[i]->address, address) == 0) {
+ old_addr = addresses[i];
+ }
+ }
+ len = i;
+
+ /*
+ * the address is already there
+ * and we can replace it
+ */
+ if (old_addr) {
+ goto remove_old_addr;
+ }
+
+ /*
+ * if we don't have 25 addresses already,
+ * we can just add the new address
+ */
+ if (len < 25) {
+ goto add_new_addr;
+ }
+
+ /*
+ * if we haven't found the address,
+ * and we have already have 25 addresses
+ * if so then we need to do the following:
+ * - if it isn't a name registration, then just ignore the new address
+ * - if it is a name registration, then first search for
+ * the oldest replica and if there's no replica address
+ * search the oldest owned address
+ */
+ if (!is_name_registration) {
+ return addresses;
+ }
+
+ /*
+ * find the oldest replica address, if there's no replica
+ * record at all, find the oldest owned address
+ */
+ for (i=0; addresses[i]; i++) {
+ bool cur_is_replica = false;
+ /* find out if the current address is a replica */
+ if (strcmp(addresses[i]->wins_owner, h->local_owner) != 0) {
+ cur_is_replica = true;
+ }
+
+ /*
+ * if we already found a replica address and the current address
+ * is not a replica, then skip it
+ */
+ if (found_old_replica && !cur_is_replica) continue;
+
+ /*
+ * if we found the first replica address, reset the address
+ * that would be replaced
+ */
+ if (!found_old_replica && cur_is_replica) {
+ found_old_replica = true;
+ old_addr = addresses[i];
+ continue;
+ }
+
+ /*
+ * if the first address isn't a replica, just start with
+ * the first one
+ */
+ if (!old_addr) {
+ old_addr = addresses[i];
+ continue;
+ }
+
+ /*
+ * see if we find an older address
+ */
+ if (addresses[i]->expire_time < old_addr->expire_time) {
+ old_addr = addresses[i];
+ continue;
+ }
+ }
+
+remove_old_addr:
+ winsdb_addr_list_remove(addresses, old_addr->address);
+ len --;
+
+add_new_addr:
+ addresses = talloc_realloc(addresses, addresses, struct winsdb_addr *, len + 2);
+ if (!addresses) return NULL;
+
+ addresses[len] = talloc(addresses, struct winsdb_addr);
+ if (!addresses[len]) {
+ talloc_free(addresses);
+ return NULL;
+ }
+
+ addresses[len]->address = talloc_strdup(addresses[len], address);
+ if (!addresses[len]->address) {
+ talloc_free(addresses);
+ return NULL;
+ }
+
+ addresses[len]->wins_owner = talloc_strdup(addresses[len], wins_owner);
+ if (!addresses[len]->wins_owner) {
+ talloc_free(addresses);
+ return NULL;
+ }
+
+ addresses[len]->expire_time = expire_time;
+
+ addresses[len+1] = NULL;
+
+ LDB_TYPESAFE_QSORT(addresses, len+1, h, winsdb_addr_sort_list);
+
+ return addresses;
+}
+
+void winsdb_addr_list_remove(struct winsdb_addr **addresses, const char *address)
+{
+ size_t i;
+
+ for (i=0; addresses[i]; i++) {
+ if (strcmp(addresses[i]->address, address) == 0) {
+ break;
+ }
+ }
+
+ for (; addresses[i]; i++) {
+ addresses[i] = addresses[i+1];
+ }
+
+ return;
+}
+
+struct winsdb_addr *winsdb_addr_list_check(struct winsdb_addr **addresses, const char *address)
+{
+ size_t i;
+
+ for (i=0; addresses[i]; i++) {
+ if (strcmp(addresses[i]->address, address) == 0) {
+ return addresses[i];
+ }
+ }
+
+ return NULL;
+}
+
+size_t winsdb_addr_list_length(struct winsdb_addr **addresses)
+{
+ size_t i;
+ for (i=0; addresses[i]; i++);
+ return i;
+}
+
+const char **winsdb_addr_string_list(TALLOC_CTX *mem_ctx, struct winsdb_addr **addresses)
+{
+ size_t len = winsdb_addr_list_length(addresses);
+ const char **str_list=NULL;
+ size_t i;
+
+ for (i=0; i < len; i++) {
+ str_list = str_list_add(str_list, addresses[i]->address);
+ if (!str_list[i]) {
+ return NULL;
+ }
+ }
+ talloc_steal(mem_ctx, str_list);
+ return str_list;
+}
+
+/*
+ load a WINS entry from the database
+*/
+NTSTATUS winsdb_lookup(struct winsdb_handle *h,
+ const struct nbt_name *name,
+ TALLOC_CTX *mem_ctx,
+ struct winsdb_record **_rec)
+{
+ NTSTATUS status;
+ struct ldb_result *res = NULL;
+ int ret;
+ struct winsdb_record *rec;
+ struct ldb_context *wins_db = h->ldb;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ time_t now = time(NULL);
+
+ /* find the record in the WINS database */
+ ret = ldb_search(wins_db, tmp_ctx, &res,
+ winsdb_dn(tmp_ctx, wins_db, name),
+ LDB_SCOPE_BASE, NULL, NULL);
+
+ if (ret != LDB_SUCCESS || res->count > 1) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ } else if (res->count== 0) {
+ status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ goto failed;
+ }
+
+ status = winsdb_record(h, res->msgs[0], tmp_ctx, now, &rec);
+ if (!NT_STATUS_IS_OK(status)) goto failed;
+
+ talloc_steal(mem_ctx, rec);
+ talloc_free(tmp_ctx);
+ *_rec = rec;
+ return NT_STATUS_OK;
+
+failed:
+ talloc_free(tmp_ctx);
+ return status;
+}
+
+NTSTATUS winsdb_record(struct winsdb_handle *h, struct ldb_message *msg, TALLOC_CTX *mem_ctx, time_t now, struct winsdb_record **_rec)
+{
+ NTSTATUS status;
+ struct winsdb_record *rec;
+ struct ldb_message_element *el;
+ struct nbt_name *name;
+ uint32_t i, j, num_values;
+
+ rec = talloc(mem_ctx, struct winsdb_record);
+ if (rec == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ status = winsdb_nbt_name(rec, msg->dn, &name);
+ if (!NT_STATUS_IS_OK(status)) goto failed;
+
+ if (strlen(name->name) > 15) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+ if (name->scope && strlen(name->scope) > 238) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+
+ /* parse it into a more convenient winsdb_record structure */
+ rec->name = name;
+ rec->type = ldb_msg_find_attr_as_int(msg, "recordType", WREPL_TYPE_UNIQUE);
+ rec->state = ldb_msg_find_attr_as_int(msg, "recordState", WREPL_STATE_RELEASED);
+ rec->node = ldb_msg_find_attr_as_int(msg, "nodeType", WREPL_NODE_B);
+ rec->is_static = ldb_msg_find_attr_as_int(msg, "isStatic", 0);
+ rec->expire_time = ldb_string_to_time(ldb_msg_find_attr_as_string(msg, "expireTime", NULL));
+ rec->version = ldb_msg_find_attr_as_uint64(msg, "versionID", 0);
+ rec->wins_owner = ldb_msg_find_attr_as_string(msg, "winsOwner", NULL);
+ rec->registered_by = ldb_msg_find_attr_as_string(msg, "registeredBy", NULL);
+ talloc_steal(rec, rec->wins_owner);
+ talloc_steal(rec, rec->registered_by);
+
+ if (!rec->wins_owner || strcmp(rec->wins_owner, "0.0.0.0") == 0) {
+ rec->wins_owner = h->local_owner;
+ }
+
+ el = ldb_msg_find_element(msg, "address");
+ if (el) {
+ num_values = el->num_values;
+ } else {
+ num_values = 0;
+ }
+
+ if (rec->type == WREPL_TYPE_UNIQUE || rec->type == WREPL_TYPE_GROUP) {
+ if (num_values != 1) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+ }
+ if (rec->state == WREPL_STATE_ACTIVE) {
+ if (num_values < 1) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+ }
+ if (num_values > 25) {
+ status = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ goto failed;
+ }
+
+ rec->addresses = talloc_array(rec, struct winsdb_addr *, num_values+1);
+ if (rec->addresses == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ for (i=0,j=0;i<num_values;i++) {
+ bool we_are_owner = false;
+
+ status = winsdb_addr_decode(h, rec, &el->values[i], rec->addresses, &rec->addresses[j]);
+ if (!NT_STATUS_IS_OK(status)) goto failed;
+
+ if (strcmp(rec->addresses[j]->wins_owner, h->local_owner) == 0) {
+ we_are_owner = true;
+ }
+
+ /*
+ * the record isn't static and is active
+ * then don't add the address if it's expired,
+ * but only if we're the owner of the address
+ *
+ * This is important for SGROUP records,
+ * because each server thinks he's the owner of the
+ * record and the record isn't replicated on a
+ * name_refresh. So addresses owned by another owner
+ * could expire, but we still need to return them
+ * (as windows does).
+ */
+ if (!rec->is_static &&
+ rec->addresses[j]->expire_time <= now &&
+ rec->state == WREPL_STATE_ACTIVE &&
+ we_are_owner) {
+ DEBUG(5,("WINS: expiring name addr %s of %s (expired at %s)\n",
+ rec->addresses[j]->address, nbt_name_string(rec->addresses[j], rec->name),
+ timestring(rec->addresses[j], rec->addresses[j]->expire_time)));
+ talloc_free(rec->addresses[j]);
+ rec->addresses[j] = NULL;
+ continue;
+ }
+ j++;
+ }
+ rec->addresses[j] = NULL;
+ num_values = j;
+
+ if (rec->is_static && rec->state == WREPL_STATE_ACTIVE) {
+ rec->expire_time = get_time_t_max();
+ for (i=0;rec->addresses[i];i++) {
+ rec->addresses[i]->expire_time = rec->expire_time;
+ }
+ }
+
+ if (rec->state == WREPL_STATE_ACTIVE) {
+ if (num_values < 1) {
+ DEBUG(5,("WINS: expiring name %s (because it has no active addresses)\n",
+ nbt_name_string(mem_ctx, rec->name)));
+ rec->state = WREPL_STATE_RELEASED;
+ }
+ }
+
+ *_rec = rec;
+ return NT_STATUS_OK;
+failed:
+ if (NT_STATUS_EQUAL(NT_STATUS_INTERNAL_DB_CORRUPTION, status)) {
+ DEBUG(1,("winsdb_record: corrupted record: %s\n", ldb_dn_get_linearized(msg->dn)));
+ }
+ talloc_free(rec);
+ return status;
+}
+
+/*
+ form a ldb_message from a winsdb_record
+*/
+static struct ldb_message *winsdb_message(struct ldb_context *ldb,
+ struct winsdb_record *rec,
+ TALLOC_CTX *mem_ctx)
+{
+ int i, ret;
+ size_t addr_count;
+ const char *expire_time;
+ struct ldb_message *msg = ldb_msg_new(mem_ctx);
+ if (msg == NULL) goto failed;
+
+ /* make sure we don't put in corrupted records */
+ addr_count = winsdb_addr_list_length(rec->addresses);
+ if (rec->state == WREPL_STATE_ACTIVE && addr_count == 0) {
+ rec->state = WREPL_STATE_RELEASED;
+ }
+ if (rec->type == WREPL_TYPE_UNIQUE && addr_count > 1) {
+ rec->type = WREPL_TYPE_MHOMED;
+ }
+
+ expire_time = ldb_timestring(msg, rec->expire_time);
+ if (!expire_time) {
+ goto failed;
+ }
+
+ msg->dn = winsdb_dn(msg, ldb, rec->name);
+ if (msg->dn == NULL) goto failed;
+ ret = ldb_msg_add_fmt(msg, "type", "0x%02X", rec->name->type);
+ if (rec->name->name && *rec->name->name) {
+ ret |= ldb_msg_add_string(msg, "name", rec->name->name);
+ }
+ if (rec->name->scope && *rec->name->scope) {
+ ret |= ldb_msg_add_string(msg, "scope", rec->name->scope);
+ }
+ ret |= ldb_msg_add_fmt(msg, "objectClass", "winsRecord");
+ ret |= ldb_msg_add_fmt(msg, "recordType", "%u", rec->type);
+ ret |= ldb_msg_add_fmt(msg, "recordState", "%u", rec->state);
+ ret |= ldb_msg_add_fmt(msg, "nodeType", "%u", rec->node);
+ ret |= ldb_msg_add_fmt(msg, "isStatic", "%u", rec->is_static);
+ ret |= ldb_msg_add_empty(msg, "expireTime", 0, NULL);
+ if (!(rec->is_static && rec->state == WREPL_STATE_ACTIVE)) {
+ ret |= ldb_msg_add_string(msg, "expireTime", expire_time);
+ }
+ ret |= ldb_msg_add_fmt(msg, "versionID", "%llu", (long long)rec->version);
+ ret |= ldb_msg_add_string(msg, "winsOwner", rec->wins_owner);
+ ret |= ldb_msg_add_empty(msg, "address", 0, NULL);
+ for (i=0;rec->addresses[i];i++) {
+ ret |= ldb_msg_add_winsdb_addr(msg, rec, "address", rec->addresses[i]);
+ }
+ if (rec->registered_by) {
+ ret |= ldb_msg_append_string(msg, "registeredBy", rec->registered_by, 0);
+ }
+ if (ret != LDB_SUCCESS) goto failed;
+ return msg;
+
+failed:
+ talloc_free(msg);
+ return NULL;
+}
+
+/*
+ save a WINS record into the database
+*/
+uint8_t winsdb_add(struct winsdb_handle *h, struct winsdb_record *rec, uint32_t flags)
+{
+ struct ldb_message *msg;
+ struct ldb_context *wins_db = h->ldb;
+ TALLOC_CTX *tmp_ctx = talloc_new(wins_db);
+ int trans = -1;
+ int ret;
+
+ trans = ldb_transaction_start(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ if (flags & WINSDB_FLAG_ALLOC_VERSION) {
+ /* passing '0' means auto-allocate a new one */
+ rec->version = winsdb_set_maxVersion(h, 0);
+ if (rec->version == 0) goto failed;
+ }
+ if (flags & WINSDB_FLAG_TAKE_OWNERSHIP) {
+ rec->wins_owner = h->local_owner;
+ }
+
+ msg = winsdb_message(wins_db, rec, tmp_ctx);
+ if (msg == NULL) goto failed;
+ ret = ldb_add(wins_db, msg);
+ if (ret != LDB_SUCCESS) goto failed;
+
+ trans = ldb_transaction_commit(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ wins_hook(h, rec, WINS_HOOK_ADD, h->hook_script);
+
+ talloc_free(tmp_ctx);
+ return NBT_RCODE_OK;
+
+failed:
+ if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db);
+ talloc_free(tmp_ctx);
+ return NBT_RCODE_SVR;
+}
+
+
+/*
+ modify a WINS record in the database
+*/
+uint8_t winsdb_modify(struct winsdb_handle *h, struct winsdb_record *rec, uint32_t flags)
+{
+ struct ldb_message *msg;
+ struct ldb_context *wins_db = h->ldb;
+ TALLOC_CTX *tmp_ctx = talloc_new(wins_db);
+ int trans;
+ int ret;
+ unsigned int i;
+
+ trans = ldb_transaction_start(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ if (flags & WINSDB_FLAG_ALLOC_VERSION) {
+ /* passing '0' means auto-allocate a new one */
+ rec->version = winsdb_set_maxVersion(h, 0);
+ if (rec->version == 0) goto failed;
+ }
+ if (flags & WINSDB_FLAG_TAKE_OWNERSHIP) {
+ rec->wins_owner = h->local_owner;
+ }
+
+ msg = winsdb_message(wins_db, rec, tmp_ctx);
+ if (msg == NULL) goto failed;
+
+ for (i=0;i<msg->num_elements;i++) {
+ msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
+ }
+
+ ret = ldb_modify(wins_db, msg);
+ if (ret != LDB_SUCCESS) goto failed;
+
+ trans = ldb_transaction_commit(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ wins_hook(h, rec, WINS_HOOK_MODIFY, h->hook_script);
+
+ talloc_free(tmp_ctx);
+ return NBT_RCODE_OK;
+
+failed:
+ if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db);
+ talloc_free(tmp_ctx);
+ return NBT_RCODE_SVR;
+}
+
+
+/*
+ delete a WINS record from the database
+*/
+uint8_t winsdb_delete(struct winsdb_handle *h, struct winsdb_record *rec)
+{
+ struct ldb_context *wins_db = h->ldb;
+ TALLOC_CTX *tmp_ctx = talloc_new(wins_db);
+ struct ldb_dn *dn;
+ int trans;
+ int ret;
+
+ trans = ldb_transaction_start(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ dn = winsdb_dn(tmp_ctx, wins_db, rec->name);
+ if (dn == NULL) goto failed;
+
+ ret = ldb_delete(wins_db, dn);
+ if (ret != LDB_SUCCESS) goto failed;
+
+ trans = ldb_transaction_commit(wins_db);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ wins_hook(h, rec, WINS_HOOK_DELETE, h->hook_script);
+
+ talloc_free(tmp_ctx);
+ return NBT_RCODE_OK;
+
+failed:
+ if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db);
+ talloc_free(tmp_ctx);
+ return NBT_RCODE_SVR;
+}
+
+static bool winsdb_check_or_add_module_list(struct tevent_context *ev_ctx,
+ struct loadparm_context *lp_ctx, struct winsdb_handle *h,
+ const char *wins_path)
+{
+ int trans;
+ int ret;
+ struct ldb_dn *dn;
+ struct ldb_result *res = NULL;
+ struct ldb_message *msg = NULL;
+ TALLOC_CTX *tmp_ctx = talloc_new(h);
+ unsigned int flags = 0;
+
+ trans = ldb_transaction_start(h->ldb);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ /* check if we have a special @MODULES record already */
+ dn = ldb_dn_new(tmp_ctx, h->ldb, "@MODULES");
+ if (!dn) goto failed;
+
+ /* find the record in the WINS database */
+ ret = ldb_search(h->ldb, tmp_ctx, &res, dn, LDB_SCOPE_BASE, NULL, NULL);
+ if (ret != LDB_SUCCESS) goto failed;
+
+ if (res->count > 0) goto skip;
+
+ /* if there's no record, add one */
+ msg = ldb_msg_new(tmp_ctx);
+ if (!msg) goto failed;
+ msg->dn = dn;
+
+ ret = ldb_msg_add_string(msg, "@LIST", "wins_ldb");
+ if (ret != LDB_SUCCESS) goto failed;
+
+ ret = ldb_add(h->ldb, msg);
+ if (ret != LDB_SUCCESS) goto failed;
+
+ trans = ldb_transaction_commit(h->ldb);
+ if (trans != LDB_SUCCESS) goto failed;
+
+ /* close and reopen the database, with the modules */
+ trans = LDB_ERR_OTHER;
+ talloc_free(h->ldb);
+ h->ldb = NULL;
+
+ if (lpcfg_parm_bool(lp_ctx, NULL,"winsdb", "nosync", false)) {
+ flags |= LDB_FLG_NOSYNC;
+ }
+
+ h->ldb = ldb_wrap_connect(h, ev_ctx, lp_ctx, wins_path,
+ NULL, NULL, flags);
+ if (!h->ldb) goto failed;
+
+ talloc_free(tmp_ctx);
+ return true;
+
+skip:
+ if (trans == LDB_SUCCESS) ldb_transaction_cancel(h->ldb);
+ talloc_free(tmp_ctx);
+ return true;
+
+failed:
+ if (trans == LDB_SUCCESS) ldb_transaction_cancel(h->ldb);
+ talloc_free(tmp_ctx);
+ return false;
+}
+
+struct winsdb_handle *winsdb_connect(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev_ctx,
+ struct loadparm_context *lp_ctx,
+ const char *owner,
+ enum winsdb_handle_caller caller)
+{
+ const struct loadparm_substitution *lp_sub =
+ lpcfg_noop_substitution();
+ struct winsdb_handle *h = NULL;
+ unsigned int flags = 0;
+ bool ret;
+ int ldb_err;
+ char *wins_path;
+
+ h = talloc_zero(mem_ctx, struct winsdb_handle);
+ if (!h) return NULL;
+
+ wins_path = lpcfg_state_path(h, lp_ctx, "wins.ldb");
+
+ if (lpcfg_parm_bool(lp_ctx, NULL,"winsdb", "nosync", false)) {
+ flags |= LDB_FLG_NOSYNC;
+ }
+
+ h->ldb = ldb_wrap_connect(h, ev_ctx, lp_ctx, wins_path,
+ NULL, NULL, flags);
+ if (!h->ldb) goto failed;
+
+ h->caller = caller;
+ h->hook_script = lpcfg_wins_hook(lp_ctx, lp_sub, h);
+
+ h->local_owner = talloc_strdup(h, owner);
+ if (!h->local_owner) goto failed;
+
+ /* make sure the module list is available and used */
+ ret = winsdb_check_or_add_module_list(ev_ctx, lp_ctx, h, wins_path);
+ if (!ret) goto failed;
+
+ ldb_err = ldb_set_opaque(h->ldb, "winsdb_handle", h);
+ if (ldb_err != LDB_SUCCESS) goto failed;
+
+ return h;
+failed:
+ talloc_free(h);
+ return NULL;
+}
+
diff --git a/source4/nbt_server/wins/winsdb.h b/source4/nbt_server/wins/winsdb.h
new file mode 100644
index 0000000..194bcc0
--- /dev/null
+++ b/source4/nbt_server/wins/winsdb.h
@@ -0,0 +1,81 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ WINS server structures
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#define WINSDB_FLAG_ALLOC_VERSION (1<<0)
+#define WINSDB_FLAG_TAKE_OWNERSHIP (1<<1)
+
+struct winsdb_addr {
+ const char *address;
+ const char *wins_owner;
+ time_t expire_time;
+};
+
+/*
+ each record in the database contains the following information
+*/
+struct winsdb_record {
+ struct nbt_name *name;
+ enum wrepl_name_type type;
+ enum wrepl_name_state state;
+ enum wrepl_name_node node;
+ bool is_static;
+ time_t expire_time;
+ uint64_t version;
+ const char *wins_owner;
+ struct winsdb_addr **addresses;
+
+ /* only needed for debugging problems */
+ const char *registered_by;
+};
+
+enum winsdb_handle_caller {
+ WINSDB_HANDLE_CALLER_ADMIN = 0,
+ WINSDB_HANDLE_CALLER_NBTD = 1,
+ WINSDB_HANDLE_CALLER_WREPL = 2
+};
+
+struct winsdb_handle {
+ /* wins server database handle */
+ struct ldb_context *ldb;
+
+ /*
+ * the type of the caller, as we pass this to the
+ * 'wins_ldb' ldb module can decide if it needs to verify the
+ * the records before they're written to disk
+ */
+ enum winsdb_handle_caller caller;
+
+ /* local owner address */
+ const char *local_owner;
+
+ /* wins hook script */
+ const char *hook_script;
+};
+
+enum wins_hook_action {
+ WINS_HOOK_ADD = 0,
+ WINS_HOOK_MODIFY = 1,
+ WINS_HOOK_DELETE = 2
+};
+
+struct ldb_message;
+struct tevent_context;
+#include "nbt_server/wins/winsdb_proto.h"
diff --git a/source4/nbt_server/wins/winsserver.c b/source4/nbt_server/wins/winsserver.c
new file mode 100644
index 0000000..a9f3ecd
--- /dev/null
+++ b/source4/nbt_server/wins/winsserver.c
@@ -0,0 +1,1074 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ core wins server handling
+
+ Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Stefan Metzmacher 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "lib/util/dlinklist.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsdb.h"
+#include "nbt_server/wins/winsserver.h"
+#include "librpc/gen_ndr/ndr_nbt.h"
+#include "system/time.h"
+#include "libcli/composite/composite.h"
+#include "samba/service_task.h"
+#include "system/network.h"
+#include "lib/socket/socket.h"
+#include "lib/socket/netif.h"
+#include <ldb.h>
+#include "param/param.h"
+#include "libcli/resolve/resolve.h"
+#include "lib/util/util_net.h"
+
+/*
+ work out the ttl we will use given a client requested ttl
+*/
+uint32_t wins_server_ttl(struct wins_server *winssrv, uint32_t ttl)
+{
+ ttl = MIN(ttl, winssrv->config.max_renew_interval);
+ ttl = MAX(ttl, winssrv->config.min_renew_interval);
+ return ttl;
+}
+
+static enum wrepl_name_type wrepl_type(uint16_t nb_flags, struct nbt_name *name, bool mhomed)
+{
+ /* this copes with the nasty hack that is the type 0x1c name */
+ if (name->type == NBT_NAME_LOGON) {
+ return WREPL_TYPE_SGROUP;
+ }
+ if (nb_flags & NBT_NM_GROUP) {
+ return WREPL_TYPE_GROUP;
+ }
+ if (mhomed) {
+ return WREPL_TYPE_MHOMED;
+ }
+ return WREPL_TYPE_UNIQUE;
+}
+
+/*
+ register a new name with WINS
+*/
+static uint8_t wins_register_new(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ const struct socket_address *src,
+ enum wrepl_name_type type)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ struct nbt_name *name = &packet->questions[0].name;
+ uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl);
+ uint16_t nb_flags = packet->additional[0].rdata.netbios.addresses[0].nb_flags;
+ const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
+ struct winsdb_record rec;
+ enum wrepl_name_node node;
+
+#define WREPL_NODE_NBT_FLAGS(nb_flags) \
+ ((nb_flags & NBT_NM_OWNER_TYPE)>>13)
+
+ node = WREPL_NODE_NBT_FLAGS(nb_flags);
+
+ rec.name = name;
+ rec.type = type;
+ rec.state = WREPL_STATE_ACTIVE;
+ rec.node = node;
+ rec.is_static = false;
+ rec.expire_time = time(NULL) + ttl;
+ rec.version = 0; /* will be allocated later */
+ rec.wins_owner = NULL; /* will be set later */
+ rec.registered_by = src->addr;
+ rec.addresses = winsdb_addr_list_make(packet);
+ if (rec.addresses == NULL) return NBT_RCODE_SVR;
+
+ rec.addresses = winsdb_addr_list_add(winssrv->wins_db,
+ &rec, rec.addresses,
+ address,
+ winssrv->wins_db->local_owner,
+ rec.expire_time,
+ true);
+ if (rec.addresses == NULL) return NBT_RCODE_SVR;
+
+ DEBUG(4,("WINS: accepted registration of %s with address %s\n",
+ nbt_name_string(packet, name), rec.addresses[0]->address));
+
+ return winsdb_add(winssrv->wins_db, &rec, WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP);
+}
+
+
+/*
+ update the ttl on an existing record
+*/
+static uint8_t wins_update_ttl(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct winsdb_record *rec,
+ struct winsdb_addr *winsdb_addr,
+ const struct socket_address *src)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl);
+ const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
+ uint32_t modify_flags = 0;
+
+ rec->expire_time = time(NULL) + ttl;
+ rec->registered_by = src->addr;
+
+ if (winsdb_addr) {
+ rec->addresses = winsdb_addr_list_add(winssrv->wins_db,
+ rec, rec->addresses,
+ winsdb_addr->address,
+ winssrv->wins_db->local_owner,
+ rec->expire_time,
+ true);
+ if (rec->addresses == NULL) return NBT_RCODE_SVR;
+ }
+
+ if (strcmp(winssrv->wins_db->local_owner, rec->wins_owner) != 0) {
+ modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP;
+ }
+
+ DEBUG(5,("WINS: refreshed registration of %s at %s\n",
+ nbt_name_string(packet, rec->name), address));
+
+ return winsdb_modify(winssrv->wins_db, rec, modify_flags);
+}
+
+/*
+ do a sgroup merge
+*/
+static uint8_t wins_sgroup_merge(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct winsdb_record *rec,
+ const char *address,
+ const struct socket_address *src)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl);
+
+ rec->expire_time = time(NULL) + ttl;
+ rec->registered_by = src->addr;
+
+ rec->addresses = winsdb_addr_list_add(winssrv->wins_db,
+ rec, rec->addresses,
+ address,
+ winssrv->wins_db->local_owner,
+ rec->expire_time,
+ true);
+ if (rec->addresses == NULL) return NBT_RCODE_SVR;
+
+ DEBUG(5,("WINS: sgroup merge of %s at %s\n",
+ nbt_name_string(packet, rec->name), address));
+
+ return winsdb_modify(winssrv->wins_db, rec, WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP);
+}
+
+struct nbtd_wins_wack_state {
+ struct nbtd_wins_wack_state *prev, *next;
+ struct wins_server *winssrv;
+ struct nbt_name_socket *nbtsock;
+ struct nbtd_interface *iface;
+ struct nbt_name_packet *request_packet;
+ struct winsdb_record *rec;
+ struct socket_address *src;
+ const char *reg_address;
+ enum wrepl_name_type new_type;
+ struct wins_challenge_io io;
+ NTSTATUS status;
+};
+
+static int nbtd_wins_wack_state_destructor(struct nbtd_wins_wack_state *s)
+{
+ DLIST_REMOVE(s->iface->wack_queue, s);
+ return 0;
+}
+
+static bool wins_check_wack_queue(struct nbtd_interface *iface,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbtd_wins_wack_state *s;
+
+ for (s= iface->wack_queue; s; s = s->next) {
+ if (packet->name_trn_id != s->request_packet->name_trn_id) {
+ continue;
+ }
+ if (packet->operation != s->request_packet->operation) {
+ continue;
+ }
+ if (src->port != s->src->port) {
+ continue;
+ }
+ if (strcmp(src->addr, s->src->addr) != 0) {
+ continue;
+ }
+
+ return true;
+ }
+
+ return false;
+}
+
+/*
+ deny a registration request
+*/
+static void wins_wack_deny(struct nbtd_wins_wack_state *s)
+{
+ nbtd_name_registration_reply(s->nbtsock, s->request_packet,
+ s->src, NBT_RCODE_ACT);
+ DEBUG(4,("WINS: denied name registration request for %s from %s:%d\n",
+ nbt_name_string(s, s->rec->name), s->src->addr, s->src->port));
+ talloc_free(s);
+}
+
+/*
+ allow a registration request
+*/
+static void wins_wack_allow(struct nbtd_wins_wack_state *s)
+{
+ NTSTATUS status;
+ uint32_t ttl = wins_server_ttl(s->winssrv, s->request_packet->additional[0].ttl);
+ struct winsdb_record *rec = s->rec, *rec2;
+ uint32_t i,j;
+
+ status = winsdb_lookup(s->winssrv->wins_db, rec->name, s, &rec2);
+ if (!NT_STATUS_IS_OK(status) ||
+ rec2->version != rec->version ||
+ strcmp(rec2->wins_owner, rec->wins_owner) != 0) {
+ DEBUG(5,("WINS: record %s changed during WACK - failing registration\n",
+ nbt_name_string(s, rec->name)));
+ wins_wack_deny(s);
+ return;
+ }
+
+ /*
+ * if the old name owner doesn't hold the name anymore
+ * handle the request as new registration for the new name owner
+ */
+ if (!NT_STATUS_IS_OK(s->status)) {
+ uint8_t rcode;
+
+ winsdb_delete(s->winssrv->wins_db, rec);
+ rcode = wins_register_new(s->nbtsock, s->request_packet, s->src, s->new_type);
+ if (rcode != NBT_RCODE_OK) {
+ DEBUG(1,("WINS: record %s failed to register as new during WACK\n",
+ nbt_name_string(s, rec->name)));
+ wins_wack_deny(s);
+ return;
+ }
+ goto done;
+ }
+
+ rec->expire_time = time(NULL) + ttl;
+ rec->registered_by = s->src->addr;
+
+ /*
+ * now remove all addresses that the client doesn't hold anymore
+ * and update the time stamp and owner for the ones that are still there
+ */
+ for (i=0; rec->addresses[i]; i++) {
+ bool found = false;
+ for (j=0; j < s->io.out.num_addresses; j++) {
+ if (strcmp(rec->addresses[i]->address, s->io.out.addresses[j]) != 0) continue;
+
+ found = true;
+ break;
+ }
+ if (found) {
+ rec->addresses = winsdb_addr_list_add(s->winssrv->wins_db,
+ rec, rec->addresses,
+ s->reg_address,
+ s->winssrv->wins_db->local_owner,
+ rec->expire_time,
+ true);
+ if (rec->addresses == NULL) goto failed;
+ continue;
+ }
+
+ winsdb_addr_list_remove(rec->addresses, rec->addresses[i]->address);
+ }
+
+ rec->addresses = winsdb_addr_list_add(s->winssrv->wins_db,
+ rec, rec->addresses,
+ s->reg_address,
+ s->winssrv->wins_db->local_owner,
+ rec->expire_time,
+ true);
+ if (rec->addresses == NULL) goto failed;
+
+ /* if we have more than one address, this becomes implicit a MHOMED record */
+ if (winsdb_addr_list_length(rec->addresses) > 1) {
+ rec->type = WREPL_TYPE_MHOMED;
+ }
+
+ winsdb_modify(s->winssrv->wins_db, rec, WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP);
+
+ DEBUG(4,("WINS: accepted registration of %s with address %s\n",
+ nbt_name_string(s, rec->name), s->reg_address));
+
+done:
+ nbtd_name_registration_reply(s->nbtsock, s->request_packet,
+ s->src, NBT_RCODE_OK);
+failed:
+ talloc_free(s);
+}
+
+/*
+ called when a name query to a current owner completes
+*/
+static void wack_wins_challenge_handler(struct composite_context *c_req)
+{
+ struct nbtd_wins_wack_state *s = talloc_get_type(c_req->async.private_data,
+ struct nbtd_wins_wack_state);
+ bool found;
+ uint32_t i;
+
+ s->status = wins_challenge_recv(c_req, s, &s->io);
+
+ /*
+ * if the owner denies it holds the name, then allow
+ * the registration
+ */
+ if (!NT_STATUS_IS_OK(s->status)) {
+ wins_wack_allow(s);
+ return;
+ }
+
+ if (s->new_type == WREPL_TYPE_GROUP || s->new_type == WREPL_TYPE_SGROUP) {
+ DEBUG(1,("WINS: record %s failed to register as group type(%u) during WACK, it's still type(%u)\n",
+ nbt_name_string(s, s->rec->name), s->new_type, s->rec->type));
+ wins_wack_deny(s);
+ return;
+ }
+
+ /*
+ * if the owner still wants the name and doesn't reply
+ * with the address trying to be registered, then deny
+ * the registration
+ */
+ found = false;
+ for (i=0; i < s->io.out.num_addresses; i++) {
+ if (strcmp(s->reg_address, s->io.out.addresses[i]) != 0) continue;
+
+ found = true;
+ break;
+ }
+ if (!found) {
+ wins_wack_deny(s);
+ return;
+ }
+
+ wins_wack_allow(s);
+ return;
+}
+
+
+/*
+ a client has asked to register a unique name that someone else owns. We
+ need to ask each of the current owners if they still want it. If they do
+ then reject the registration, otherwise allow it
+*/
+static void wins_register_wack(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct winsdb_record *rec,
+ struct socket_address *src,
+ enum wrepl_name_type new_type)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ struct nbtd_wins_wack_state *s;
+ struct composite_context *c_req;
+ uint32_t ttl;
+
+ s = talloc_zero(nbtsock, struct nbtd_wins_wack_state);
+ if (s == NULL) goto failed;
+
+ /* package up the state variables for this wack request */
+ s->winssrv = winssrv;
+ s->nbtsock = nbtsock;
+ s->iface = iface;
+ s->request_packet = talloc_steal(s, packet);
+ s->rec = talloc_steal(s, rec);
+ s->reg_address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
+ s->new_type = new_type;
+ s->src = socket_address_copy(s, src);
+ if (s->src == NULL) goto failed;
+
+ s->io.in.nbtd_server = iface->nbtsrv;
+ s->io.in.nbt_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx);
+ s->io.in.event_ctx = iface->nbtsrv->task->event_ctx;
+ s->io.in.name = rec->name;
+ s->io.in.num_addresses = winsdb_addr_list_length(rec->addresses);
+ s->io.in.addresses = winsdb_addr_string_list(s, rec->addresses);
+ if (s->io.in.addresses == NULL) goto failed;
+
+ DLIST_ADD_END(iface->wack_queue, s);
+
+ talloc_set_destructor(s, nbtd_wins_wack_state_destructor);
+
+ /*
+ * send a WACK to the client, specifying the maximum time it could
+ * take to check with the owner, plus some slack
+ */
+ ttl = 5 + 4 * winsdb_addr_list_length(rec->addresses);
+ nbtd_wack_reply(nbtsock, packet, src, ttl);
+
+ /*
+ * send the challenge to the old addresses
+ */
+ c_req = wins_challenge_send(s, &s->io);
+ if (c_req == NULL) goto failed;
+
+ c_req->async.fn = wack_wins_challenge_handler;
+ c_req->async.private_data = s;
+ return;
+
+failed:
+ talloc_free(s);
+ nbtd_name_registration_reply(nbtsock, packet, src, NBT_RCODE_SVR);
+}
+
+/*
+ register a name
+*/
+static void nbtd_winsserver_register(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ NTSTATUS status;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ struct nbt_name *name = &packet->questions[0].name;
+ struct winsdb_record *rec;
+ uint8_t rcode = NBT_RCODE_OK;
+ uint16_t nb_flags = packet->additional[0].rdata.netbios.addresses[0].nb_flags;
+ const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
+ bool mhomed = ((packet->operation & NBT_OPCODE) == NBT_OPCODE_MULTI_HOME_REG);
+ enum wrepl_name_type new_type = wrepl_type(nb_flags, name, mhomed);
+ struct winsdb_addr *winsdb_addr = NULL;
+ bool duplicate_packet;
+
+ /*
+ * as a special case, the local master browser name is always accepted
+ * for registration, but never stored, but w2k3 stores it if it's registered
+ * as a group name, (but a query for the 0x1D name still returns not found!)
+ */
+ if (name->type == NBT_NAME_MASTER && !(nb_flags & NBT_NM_GROUP)) {
+ rcode = NBT_RCODE_OK;
+ goto done;
+ }
+
+ /* w2k3 refuses 0x1B names with marked as group */
+ if (name->type == NBT_NAME_PDC && (nb_flags & NBT_NM_GROUP)) {
+ rcode = NBT_RCODE_RFS;
+ goto done;
+ }
+
+ /* w2k3 refuses 0x1C names with out marked as group */
+ if (name->type == NBT_NAME_LOGON && !(nb_flags & NBT_NM_GROUP)) {
+ rcode = NBT_RCODE_RFS;
+ goto done;
+ }
+
+ /* w2k3 refuses 0x1E names with out marked as group */
+ if (name->type == NBT_NAME_BROWSER && !(nb_flags & NBT_NM_GROUP)) {
+ rcode = NBT_RCODE_RFS;
+ goto done;
+ }
+
+ if (name->scope && strlen(name->scope) > 237) {
+ rcode = NBT_RCODE_SVR;
+ goto done;
+ }
+
+ duplicate_packet = wins_check_wack_queue(iface, packet, src);
+ if (duplicate_packet) {
+ /* just ignore the packet */
+ DEBUG(5,("Ignoring duplicate packet while WACK is pending from %s:%d\n",
+ src->addr, src->port));
+ return;
+ }
+
+ status = winsdb_lookup(winssrv->wins_db, name, packet, &rec);
+ if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
+ rcode = wins_register_new(nbtsock, packet, src, new_type);
+ goto done;
+ } else if (!NT_STATUS_IS_OK(status)) {
+ rcode = NBT_RCODE_SVR;
+ goto done;
+ } else if (rec->is_static) {
+ if (rec->type == WREPL_TYPE_GROUP || rec->type == WREPL_TYPE_SGROUP) {
+ rcode = NBT_RCODE_OK;
+ goto done;
+ }
+ rcode = NBT_RCODE_ACT;
+ goto done;
+ }
+
+ if (rec->type == WREPL_TYPE_GROUP) {
+ if (new_type != WREPL_TYPE_GROUP) {
+ DEBUG(2,("WINS: Attempt to register name %s as non normal group(%u)"
+ " while a normal group is already there\n",
+ nbt_name_string(packet, name), new_type));
+ rcode = NBT_RCODE_ACT;
+ goto done;
+ }
+
+ if (rec->state == WREPL_STATE_ACTIVE) {
+ /* TODO: is this correct? */
+ rcode = wins_update_ttl(nbtsock, packet, rec, NULL, src);
+ goto done;
+ }
+
+ /* TODO: is this correct? */
+ winsdb_delete(winssrv->wins_db, rec);
+ rcode = wins_register_new(nbtsock, packet, src, new_type);
+ goto done;
+ }
+
+ if (rec->state != WREPL_STATE_ACTIVE) {
+ winsdb_delete(winssrv->wins_db, rec);
+ rcode = wins_register_new(nbtsock, packet, src, new_type);
+ goto done;
+ }
+
+ switch (rec->type) {
+ case WREPL_TYPE_UNIQUE:
+ case WREPL_TYPE_MHOMED:
+ /*
+ * if its an active unique name, and the registration is for a group, then
+ * see if the unique name owner still wants the name
+ * TODO: is this correct?
+ */
+ if (new_type == WREPL_TYPE_GROUP || new_type == WREPL_TYPE_GROUP) {
+ wins_register_wack(nbtsock, packet, rec, src, new_type);
+ return;
+ }
+
+ /*
+ * if the registration is for an address that is currently active, then
+ * just update the expiry time of the record and the address
+ */
+ winsdb_addr = winsdb_addr_list_check(rec->addresses, address);
+ if (winsdb_addr) {
+ rcode = wins_update_ttl(nbtsock, packet, rec, winsdb_addr, src);
+ goto done;
+ }
+
+ /*
+ * we have to do a WACK to see if the current owner is willing
+ * to give up its claim
+ */
+ wins_register_wack(nbtsock, packet, rec, src, new_type);
+ return;
+
+ case WREPL_TYPE_GROUP:
+ /* this should not be reached as normal groups are handled above */
+ DEBUG(0,("BUG at %s\n",__location__));
+ rcode = NBT_RCODE_ACT;
+ goto done;
+
+ case WREPL_TYPE_SGROUP:
+ /* if the new record isn't also a special group, refuse the registration */
+ if (new_type != WREPL_TYPE_SGROUP) {
+ DEBUG(2,("WINS: Attempt to register name %s as non special group(%u)"
+ " while a special group is already there\n",
+ nbt_name_string(packet, name), new_type));
+ rcode = NBT_RCODE_ACT;
+ goto done;
+ }
+
+ /*
+ * if the registration is for an address that is currently active, then
+ * just update the expiry time of the record and the address
+ */
+ winsdb_addr = winsdb_addr_list_check(rec->addresses, address);
+ if (winsdb_addr) {
+ rcode = wins_update_ttl(nbtsock, packet, rec, winsdb_addr, src);
+ goto done;
+ }
+
+ rcode = wins_sgroup_merge(nbtsock, packet, rec, address, src);
+ goto done;
+ }
+
+done:
+ nbtd_name_registration_reply(nbtsock, packet, src, rcode);
+}
+
+static uint32_t ipv4_match_bits(struct in_addr ip1, struct in_addr ip2)
+{
+ uint32_t i, j, match=0;
+ uint8_t *p1, *p2;
+
+ p1 = (uint8_t *)&ip1.s_addr;
+ p2 = (uint8_t *)&ip2.s_addr;
+
+ for (i=0; i<4; i++) {
+ if (p1[i] != p2[i]) break;
+ match += 8;
+ }
+
+ if (i==4) return match;
+
+ for (j=0; j<8; j++) {
+ if ((p1[i] & (1<<(7-j))) != (p2[i] & (1<<(7-j))))
+ break;
+ match++;
+ }
+
+ return match;
+}
+
+static int nbtd_wins_randomize1Clist_sort(void *p1,/* (const char **) */
+ void *p2,/* (const char **) */
+ struct socket_address *src)
+{
+ const char *a1 = (const char *)*(const char **)p1;
+ const char *a2 = (const char *)*(const char **)p2;
+ uint32_t match_bits1;
+ uint32_t match_bits2;
+
+ match_bits1 = ipv4_match_bits(interpret_addr2(a1), interpret_addr2(src->addr));
+ match_bits2 = ipv4_match_bits(interpret_addr2(a2), interpret_addr2(src->addr));
+
+ return match_bits2 - match_bits1;
+}
+
+static void nbtd_wins_randomize1Clist(struct loadparm_context *lp_ctx,
+ const char **addresses, struct socket_address *src)
+{
+ const char *mask;
+ const char *tmp;
+ uint32_t num_addrs;
+ uint32_t idx, sidx;
+ int r;
+
+ for (num_addrs=0; addresses[num_addrs]; num_addrs++) { /* noop */ }
+
+ if (num_addrs <= 1) return; /* nothing to do */
+
+ /* first sort the addresses depending on the matching to the client */
+ LDB_TYPESAFE_QSORT(addresses, num_addrs, src, nbtd_wins_randomize1Clist_sort);
+
+ mask = lpcfg_parm_string(lp_ctx, NULL, "nbtd", "wins_randomize1Clist_mask");
+ if (!mask) {
+ mask = "255.255.255.0";
+ }
+
+ /*
+ * choose a random address to be the first in the response to the client,
+ * prefer the addresses inside the nbtd:wins_randomize1Clist_mask netmask
+ */
+ r = random();
+ idx = sidx = r % num_addrs;
+
+ while (1) {
+ bool same;
+
+ /* if the current one is in the same subnet, use it */
+ same = iface_list_same_net(addresses[idx], src->addr, mask);
+ if (same) {
+ sidx = idx;
+ break;
+ }
+
+ /* we need to check for idx == 0, after checking for the same net */
+ if (idx == 0) break;
+ /*
+ * if we haven't found an address in the same subnet, search in ones
+ * which match the client more
+ *
+ * some notes:
+ *
+ * it's not "idx = idx % r" but "idx = r % idx"
+ * because in "a % b" b is the allowed range
+ * and b-1 is the maximum possible result, so it must be decreasing
+ * and the above idx == 0 check breaks the while(1) loop.
+ */
+ idx = r % idx;
+ }
+
+ /* note sidx == 0 is also valid here ... */
+ tmp = addresses[0];
+ addresses[0] = addresses[sidx];
+ addresses[sidx] = tmp;
+}
+
+/*
+ query a name
+*/
+static void nbtd_winsserver_query(struct loadparm_context *lp_ctx,
+ struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ NTSTATUS status;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ struct nbt_name *name = &packet->questions[0].name;
+ struct winsdb_record *rec;
+ struct winsdb_record *rec_1b = NULL;
+ const char **addresses;
+ const char **addresses_1b = NULL;
+ uint16_t nb_flags = 0;
+
+ if (name->type == NBT_NAME_MASTER) {
+ goto notfound;
+ }
+
+ /*
+ * w2k3 returns the first address of the 0x1B record as first address
+ * to a 0x1C query
+ *
+ * since Windows 2000 Service Pack 2 there's on option to trigger this behavior:
+ *
+ * HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\WINS\Parameters\Prepend1BTo1CQueries
+ * Typ: Daten REG_DWORD
+ * Value: 0 = deactivated, 1 = activated
+ */
+ if (name->type == NBT_NAME_LOGON &&
+ lpcfg_parm_bool(lp_ctx, NULL, "nbtd", "wins_prepend1Bto1Cqueries", true)) {
+ struct nbt_name name_1b;
+
+ name_1b = *name;
+ name_1b.type = NBT_NAME_PDC;
+
+ status = winsdb_lookup(winssrv->wins_db, &name_1b, packet, &rec_1b);
+ if (NT_STATUS_IS_OK(status)) {
+ addresses_1b = winsdb_addr_string_list(packet, rec_1b->addresses);
+ }
+ }
+
+ status = winsdb_lookup(winssrv->wins_db, name, packet, &rec);
+ if (!NT_STATUS_IS_OK(status)) {
+ if (!lpcfg_wins_dns_proxy(lp_ctx)) {
+ goto notfound;
+ }
+
+ if (name->type != NBT_NAME_CLIENT && name->type != NBT_NAME_SERVER) {
+ goto notfound;
+ }
+
+ nbtd_wins_dns_proxy_query(nbtsock, packet, src);
+ return;
+ }
+
+ /*
+ * for group's we always reply with
+ * 255.255.255.255 as address, even if
+ * the record is released or tombstoned
+ */
+ if (rec->type == WREPL_TYPE_GROUP) {
+ addresses = str_list_add(NULL, "255.255.255.255");
+ talloc_steal(packet, addresses);
+ if (!addresses) {
+ goto notfound;
+ }
+ nb_flags |= NBT_NM_GROUP;
+ goto found;
+ }
+
+ if (rec->state != WREPL_STATE_ACTIVE) {
+ goto notfound;
+ }
+
+ addresses = winsdb_addr_string_list(packet, rec->addresses);
+ if (!addresses) {
+ goto notfound;
+ }
+
+ /*
+ * if addresses_1b isn't NULL, we have a 0x1C query and need to return the
+ * first 0x1B address as first address
+ */
+ if (addresses_1b && addresses_1b[0]) {
+ const char **addresses_1c = addresses;
+ uint32_t i;
+ uint32_t num_addrs;
+
+ addresses = str_list_add(NULL, addresses_1b[0]);
+ if (!addresses) {
+ goto notfound;
+ }
+ talloc_steal(packet, addresses);
+ num_addrs = 1;
+
+ for (i=0; addresses_1c[i]; i++) {
+ if (strcmp(addresses_1b[0], addresses_1c[i]) == 0) continue;
+
+ /*
+ * stop when we already have 25 addresses
+ */
+ if (num_addrs >= 25) break;
+
+ num_addrs++;
+ addresses = str_list_add(addresses, addresses_1c[i]);
+ if (!addresses) {
+ goto notfound;
+ }
+ }
+ }
+
+ if (rec->type == WREPL_TYPE_SGROUP) {
+ nb_flags |= NBT_NM_GROUP;
+ } else {
+ nb_flags |= (rec->node <<13);
+ }
+
+ /*
+ * since Windows 2000 Service Pack 2 there's on option to trigger this behavior:
+ *
+ * HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\WINS\Parameters\Randomize1CList
+ * Typ: Daten REG_DWORD
+ * Value: 0 = deactivated, 1 = activated
+ */
+ if (name->type == NBT_NAME_LOGON &&
+ lpcfg_parm_bool(lp_ctx, NULL, "nbtd", "wins_randomize1Clist", false)) {
+ nbtd_wins_randomize1Clist(lp_ctx, addresses, src);
+ }
+
+found:
+ nbtd_name_query_reply(nbtsock, packet, src, name,
+ 0, nb_flags, addresses);
+ return;
+
+notfound:
+ nbtd_negative_name_query_reply(nbtsock, packet, src);
+}
+
+/*
+ release a name
+*/
+static void nbtd_winsserver_release(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ NTSTATUS status;
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ struct nbt_name *name = &packet->questions[0].name;
+ struct winsdb_record *rec;
+ uint32_t modify_flags = 0;
+ uint8_t ret;
+
+ if (name->type == NBT_NAME_MASTER) {
+ goto done;
+ }
+
+ if (name->scope && strlen(name->scope) > 237) {
+ goto done;
+ }
+
+ status = winsdb_lookup(winssrv->wins_db, name, packet, &rec);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ if (rec->is_static) {
+ if (rec->type == WREPL_TYPE_UNIQUE || rec->type == WREPL_TYPE_MHOMED) {
+ goto done;
+ }
+ nbtd_name_release_reply(nbtsock, packet, src, NBT_RCODE_ACT);
+ return;
+ }
+
+ if (rec->state != WREPL_STATE_ACTIVE) {
+ goto done;
+ }
+
+ /*
+ * TODO: do we need to check if
+ * src->addr matches packet->additional[0].rdata.netbios.addresses[0].ipaddr
+ * here?
+ */
+
+ /*
+ * we only allow releases from an owner - other releases are
+ * silently ignored
+ */
+ if (!winsdb_addr_list_check(rec->addresses, src->addr)) {
+ int i;
+ DEBUG(4,("WINS: silently ignoring attempted name release on %s from %s\n", nbt_name_string(rec, rec->name), src->addr));
+ DEBUGADD(4, ("Registered Addresses: \n"));
+ for (i=0; rec->addresses && rec->addresses[i]; i++) {
+ DEBUGADD(4, ("%s\n", rec->addresses[i]->address));
+ }
+ goto done;
+ }
+
+ DEBUG(4,("WINS: released name %s from %s\n", nbt_name_string(rec, rec->name), src->addr));
+
+ switch (rec->type) {
+ case WREPL_TYPE_UNIQUE:
+ rec->state = WREPL_STATE_RELEASED;
+ break;
+
+ case WREPL_TYPE_GROUP:
+ rec->state = WREPL_STATE_RELEASED;
+ break;
+
+ case WREPL_TYPE_SGROUP:
+ winsdb_addr_list_remove(rec->addresses, src->addr);
+ /* TODO: do we need to take the ownership here? */
+ if (winsdb_addr_list_length(rec->addresses) == 0) {
+ rec->state = WREPL_STATE_RELEASED;
+ }
+ break;
+
+ case WREPL_TYPE_MHOMED:
+ winsdb_addr_list_remove(rec->addresses, src->addr);
+ /* TODO: do we need to take the ownership here? */
+ if (winsdb_addr_list_length(rec->addresses) == 0) {
+ rec->state = WREPL_STATE_RELEASED;
+ }
+ break;
+ }
+
+ if (rec->state == WREPL_STATE_ACTIVE) {
+ /*
+ * If the record is still active, we need to update the
+ * expire_time.
+ *
+ * if we're not the owner, we need to take the ownership.
+ */
+ rec->expire_time= time(NULL) + winssrv->config.max_renew_interval;
+ if (strcmp(rec->wins_owner, winssrv->wins_db->local_owner) != 0) {
+ modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP;
+ }
+ if (lpcfg_parm_bool(iface->nbtsrv->task->lp_ctx, NULL, "wreplsrv", "propagate name releases", false)) {
+ /*
+ * We have an option to propagate every name release,
+ * this is off by default to match windows servers
+ */
+ modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP;
+ }
+ } else if (rec->state == WREPL_STATE_RELEASED) {
+ /*
+ * if we're not the owner, we need to take the owner ship
+ * and make the record tombstone, but expire after
+ * tombstone_interval + tombstone_timeout and not only after tombstone_timeout
+ * like for normal tombstone records.
+ * This is to replicate the record directly to the original owner,
+ * where the record is still active
+ */
+ if (strcmp(rec->wins_owner, winssrv->wins_db->local_owner) == 0) {
+ rec->expire_time= time(NULL) + winssrv->config.tombstone_interval;
+ } else {
+ rec->state = WREPL_STATE_TOMBSTONE;
+ rec->expire_time= time(NULL) +
+ winssrv->config.tombstone_interval +
+ winssrv->config.tombstone_timeout;
+ modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP;
+ }
+ }
+
+ ret = winsdb_modify(winssrv->wins_db, rec, modify_flags);
+ if (ret != NBT_RCODE_OK) {
+ DEBUG(1,("WINS: FAILED: released name %s at %s: error:%u\n",
+ nbt_name_string(rec, rec->name), src->addr, ret));
+ }
+done:
+ /* we match w2k3 by always giving a positive reply to name releases. */
+ nbtd_name_release_reply(nbtsock, packet, src, NBT_RCODE_OK);
+}
+
+
+/*
+ answer a name query
+*/
+void nbtd_winsserver_request(struct nbt_name_socket *nbtsock,
+ struct nbt_name_packet *packet,
+ struct socket_address *src)
+{
+ struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data,
+ struct nbtd_interface);
+ struct wins_server *winssrv = iface->nbtsrv->winssrv;
+ if ((packet->operation & NBT_FLAG_BROADCAST) || winssrv == NULL) {
+ return;
+ }
+
+ switch (packet->operation & NBT_OPCODE) {
+ case NBT_OPCODE_QUERY:
+ nbtd_winsserver_query(iface->nbtsrv->task->lp_ctx, nbtsock, packet, src);
+ break;
+
+ case NBT_OPCODE_REGISTER:
+ case NBT_OPCODE_REFRESH:
+ case NBT_OPCODE_REFRESH2:
+ case NBT_OPCODE_MULTI_HOME_REG:
+ nbtd_winsserver_register(nbtsock, packet, src);
+ break;
+
+ case NBT_OPCODE_RELEASE:
+ nbtd_winsserver_release(nbtsock, packet, src);
+ break;
+ }
+
+}
+
+/*
+ startup the WINS server, if configured
+*/
+NTSTATUS nbtd_winsserver_init(struct nbtd_server *nbtsrv)
+{
+ uint32_t tmp;
+ const char *owner;
+
+ if (!lpcfg_we_are_a_wins_server(nbtsrv->task->lp_ctx)) {
+ nbtsrv->winssrv = NULL;
+ return NT_STATUS_OK;
+ }
+
+ nbtsrv->winssrv = talloc_zero(nbtsrv, struct wins_server);
+ NT_STATUS_HAVE_NO_MEMORY(nbtsrv->winssrv);
+
+ nbtsrv->winssrv->config.max_renew_interval = lpcfg_max_wins_ttl(nbtsrv->task->lp_ctx);
+ nbtsrv->winssrv->config.min_renew_interval = lpcfg_min_wins_ttl(nbtsrv->task->lp_ctx);
+ tmp = lpcfg_parm_int(nbtsrv->task->lp_ctx, NULL, "wreplsrv", "tombstone_interval", 6*24*60*60);
+ nbtsrv->winssrv->config.tombstone_interval = tmp;
+ tmp = lpcfg_parm_int(nbtsrv->task->lp_ctx, NULL, "wreplsrv"," tombstone_timeout", 1*24*60*60);
+ nbtsrv->winssrv->config.tombstone_timeout = tmp;
+
+ owner = lpcfg_parm_string(nbtsrv->task->lp_ctx, NULL, "winsdb", "local_owner");
+
+ if (owner == NULL) {
+ struct interface *ifaces;
+ load_interface_list(nbtsrv->task, nbtsrv->task->lp_ctx, &ifaces);
+ owner = iface_list_first_v4(ifaces);
+ }
+
+ nbtsrv->winssrv->wins_db = winsdb_connect(nbtsrv->winssrv, nbtsrv->task->event_ctx,
+ nbtsrv->task->lp_ctx,
+ owner, WINSDB_HANDLE_CALLER_NBTD);
+ if (!nbtsrv->winssrv->wins_db) {
+ return NT_STATUS_INTERNAL_DB_ERROR;
+ }
+
+ irpc_add_name(nbtsrv->task->msg_ctx, "wins_server");
+
+ return NT_STATUS_OK;
+}
diff --git a/source4/nbt_server/wins/winsserver.h b/source4/nbt_server/wins/winsserver.h
new file mode 100644
index 0000000..803a9e2
--- /dev/null
+++ b/source4/nbt_server/wins/winsserver.h
@@ -0,0 +1,67 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ wins server WACK processing
+
+ Copyright (C) Stefan Metzmacher 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+struct wins_server {
+ /* wins server database handle */
+ struct winsdb_handle *wins_db;
+
+ /* some configuration */
+ struct {
+ /*
+ * the interval (in secs) till an active record will be marked as RELEASED
+ */
+ uint32_t min_renew_interval;
+ uint32_t max_renew_interval;
+
+ /*
+ * the interval (in secs) a record remains in RELEASED state,
+ * before it will be marked as TOMBSTONE
+ * (also known as extinction interval)
+ */
+ uint32_t tombstone_interval;
+
+ /*
+ * the interval (in secs) a record remains in TOMBSTONE state,
+ * before it will be removed from the database.
+ * See also 'tombstone_extra_timeout'.
+ * (also known as extinction timeout)
+ */
+ uint32_t tombstone_timeout;
+ } config;
+};
+
+struct wins_challenge_io {
+ struct {
+ struct nbtd_server *nbtd_server;
+ uint16_t nbt_port;
+ struct tevent_context *event_ctx;
+ struct nbt_name *name;
+ uint32_t num_addresses;
+ const char **addresses;
+ } in;
+ struct {
+ uint32_t num_addresses;
+ const char **addresses;
+ } out;
+};
+
+struct composite_context;
+#include "nbt_server/wins/winsserver_proto.h"
diff --git a/source4/nbt_server/wins/winswack.c b/source4/nbt_server/wins/winswack.c
new file mode 100644
index 0000000..735a4e6
--- /dev/null
+++ b/source4/nbt_server/wins/winswack.c
@@ -0,0 +1,387 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ "secure" wins server WACK processing
+
+ Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Stefan Metzmacher 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/wins/winsdb.h"
+#include "nbt_server/wins/winsserver.h"
+#include "system/time.h"
+#include "libcli/composite/composite.h"
+#include "param/param.h"
+#include "samba/service_task.h"
+
+struct wins_challenge_state {
+ struct wins_challenge_io *io;
+ uint32_t current_address;
+ struct nbt_name_query query;
+};
+
+static void wins_challenge_handler(struct nbt_name_request *req)
+{
+ struct composite_context *ctx = talloc_get_type(req->async.private_data, struct composite_context);
+ struct wins_challenge_state *state = talloc_get_type(ctx->private_data, struct wins_challenge_state);
+
+ ctx->status = nbt_name_query_recv(req, state, &state->query);
+
+ /* if we timed out then try the next owner address, if any */
+ if (NT_STATUS_EQUAL(ctx->status, NT_STATUS_IO_TIMEOUT)) {
+ state->current_address++;
+ if (state->current_address < state->io->in.num_addresses) {
+ struct nbtd_interface *iface;
+
+ state->query.in.dest_port = state->io->in.nbt_port;
+ state->query.in.dest_addr = state->io->in.addresses[state->current_address];
+
+ iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, true);
+ if (!iface) {
+ composite_error(ctx, NT_STATUS_INTERNAL_ERROR);
+ return;
+ }
+
+ ZERO_STRUCT(state->query.out);
+ req = nbt_name_query_send(iface->nbtsock, &state->query);
+ composite_continue_nbt(ctx, req, wins_challenge_handler, ctx);
+ return;
+ }
+ }
+
+ composite_done(ctx);
+}
+
+NTSTATUS wins_challenge_recv(struct composite_context *ctx, TALLOC_CTX *mem_ctx, struct wins_challenge_io *io)
+{
+ NTSTATUS status = ctx->status;
+ struct wins_challenge_state *state = talloc_get_type(ctx->private_data, struct wins_challenge_state);
+
+ if (NT_STATUS_IS_OK(status)) {
+ io->out.num_addresses = state->query.out.num_addrs;
+ io->out.addresses = state->query.out.reply_addrs;
+ talloc_steal(mem_ctx, io->out.addresses);
+ } else {
+ ZERO_STRUCT(io->out);
+ }
+
+ talloc_free(ctx);
+ return status;
+}
+
+struct composite_context *wins_challenge_send(TALLOC_CTX *mem_ctx, struct wins_challenge_io *io)
+{
+ struct composite_context *result;
+ struct wins_challenge_state *state;
+ struct nbt_name_request *req;
+ struct nbtd_interface *iface;
+
+ result = talloc_zero(mem_ctx, struct composite_context);
+ if (result == NULL) return NULL;
+ result->state = COMPOSITE_STATE_IN_PROGRESS;
+ result->event_ctx = io->in.event_ctx;
+
+ state = talloc_zero(result, struct wins_challenge_state);
+ if (state == NULL) goto failed;
+ result->private_data = state;
+
+ /* package up the state variables for this wack request */
+ state->io = io;
+ state->current_address = 0;
+
+ /* setup a name query to the first address */
+ state->query.in.name = *state->io->in.name;
+ state->query.in.dest_port = state->io->in.nbt_port;
+ state->query.in.dest_addr = state->io->in.addresses[state->current_address];
+ state->query.in.broadcast = false;
+ state->query.in.wins_lookup = true;
+ state->query.in.timeout = 1;
+ state->query.in.retries = 2;
+ ZERO_STRUCT(state->query.out);
+
+ iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, true);
+ if (!iface) {
+ goto failed;
+ }
+
+ req = nbt_name_query_send(iface->nbtsock, &state->query);
+ if (req == NULL) goto failed;
+
+ req->async.fn = wins_challenge_handler;
+ req->async.private_data = result;
+
+ return result;
+failed:
+ talloc_free(result);
+ return NULL;
+}
+
+struct wins_release_demand_io {
+ struct {
+ struct nbtd_server *nbtd_server;
+ struct tevent_context *event_ctx;
+ struct nbt_name *name;
+ uint16_t nb_flags;
+ uint32_t num_addresses;
+ const char **addresses;
+ } in;
+};
+
+struct wins_release_demand_state {
+ struct wins_release_demand_io *io;
+ uint32_t current_address;
+ uint32_t addresses_left;
+ struct nbt_name_release release;
+};
+
+static void wins_release_demand_handler(struct nbt_name_request *req)
+{
+ struct composite_context *ctx = talloc_get_type(req->async.private_data, struct composite_context);
+ struct wins_release_demand_state *state = talloc_get_type(ctx->private_data, struct wins_release_demand_state);
+
+ ctx->status = nbt_name_release_recv(req, state, &state->release);
+
+ /* if we timed out then try the next owner address, if any */
+ if (NT_STATUS_EQUAL(ctx->status, NT_STATUS_IO_TIMEOUT)) {
+ state->current_address++;
+ state->addresses_left--;
+ if (state->current_address < state->io->in.num_addresses) {
+ struct nbtd_interface *iface;
+
+ state->release.in.dest_port = lpcfg_nbt_port(state->io->in.nbtd_server->task->lp_ctx);
+ state->release.in.dest_addr = state->io->in.addresses[state->current_address];
+ state->release.in.address = state->release.in.dest_addr;
+ state->release.in.timeout = (state->addresses_left > 1 ? 2 : 1);
+ state->release.in.retries = (state->addresses_left > 1 ? 0 : 2);
+
+ iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, true);
+ if (!iface) {
+ composite_error(ctx, NT_STATUS_INTERNAL_ERROR);
+ return;
+ }
+
+ ZERO_STRUCT(state->release.out);
+ req = nbt_name_release_send(iface->nbtsock, &state->release);
+ composite_continue_nbt(ctx, req, wins_release_demand_handler, ctx);
+ return;
+ }
+ }
+
+ composite_done(ctx);
+}
+
+static NTSTATUS wins_release_demand_recv(struct composite_context *ctx,
+ TALLOC_CTX *mem_ctx,
+ struct wins_release_demand_io *io)
+{
+ NTSTATUS status = ctx->status;
+ talloc_free(ctx);
+ return status;
+}
+
+static struct composite_context *wins_release_demand_send(TALLOC_CTX *mem_ctx, struct wins_release_demand_io *io)
+{
+ struct composite_context *result;
+ struct wins_release_demand_state *state;
+ struct nbt_name_request *req;
+ struct nbtd_interface *iface;
+
+ result = talloc_zero(mem_ctx, struct composite_context);
+ if (result == NULL) return NULL;
+ result->state = COMPOSITE_STATE_IN_PROGRESS;
+ result->event_ctx = io->in.event_ctx;
+
+ state = talloc_zero(result, struct wins_release_demand_state);
+ if (state == NULL) goto failed;
+ result->private_data = state;
+
+ /* package up the state variables for this wack request */
+ state->io = io;
+ state->current_address = 0;
+ state->addresses_left = state->io->in.num_addresses;
+
+ /*
+ * setup a name query to the first address
+ * - if we have more than one address try the first
+ * with 2 secs timeout and no retry
+ * - otherwise use 1 sec timeout (w2k3 uses 0.5 sec here)
+ * with 2 retries
+ */
+ state->release.in.name = *state->io->in.name;
+ state->release.in.dest_port = lpcfg_nbt_port(state->io->in.nbtd_server->task->lp_ctx);
+ state->release.in.dest_addr = state->io->in.addresses[state->current_address];
+ state->release.in.address = state->release.in.dest_addr;
+ state->release.in.broadcast = false;
+ state->release.in.timeout = (state->addresses_left > 1 ? 2 : 1);
+ state->release.in.retries = (state->addresses_left > 1 ? 0 : 2);
+ ZERO_STRUCT(state->release.out);
+
+ iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, true);
+ if (!iface) {
+ goto failed;
+ }
+
+ req = nbt_name_release_send(iface->nbtsock, &state->release);
+ if (req == NULL) goto failed;
+
+ req->async.fn = wins_release_demand_handler;
+ req->async.private_data = result;
+
+ return result;
+failed:
+ talloc_free(result);
+ return NULL;
+}
+
+/*
+ wrepl_server needs to be able to do a name query request, but some windows
+ servers always send the reply to port 137, regardless of the request
+ port. To cope with this we use a irpc request to the NBT server
+ which has port 137 open, and thus can receive the replies
+*/
+struct proxy_wins_challenge_state {
+ struct irpc_message *msg;
+ struct nbtd_proxy_wins_challenge *req;
+ struct wins_challenge_io io;
+ struct composite_context *c_req;
+};
+
+static void proxy_wins_challenge_handler(struct composite_context *c_req)
+{
+ NTSTATUS status;
+ uint32_t i;
+ struct proxy_wins_challenge_state *s = talloc_get_type(c_req->async.private_data,
+ struct proxy_wins_challenge_state);
+
+ status = wins_challenge_recv(s->c_req, s, &s->io);
+ if (!NT_STATUS_IS_OK(status)) {
+ ZERO_STRUCT(s->req->out);
+ irpc_send_reply(s->msg, status);
+ return;
+ }
+
+ s->req->out.num_addrs = s->io.out.num_addresses;
+ /* TODO: fix pidl to handle inline ipv4address arrays */
+ s->req->out.addrs = talloc_array(s->msg, struct nbtd_proxy_wins_addr,
+ s->io.out.num_addresses);
+ if (!s->req->out.addrs) {
+ ZERO_STRUCT(s->req->out);
+ irpc_send_reply(s->msg, NT_STATUS_NO_MEMORY);
+ return;
+ }
+ for (i=0; i < s->io.out.num_addresses; i++) {
+ s->req->out.addrs[i].addr = talloc_steal(s->req->out.addrs, s->io.out.addresses[i]);
+ }
+
+ irpc_send_reply(s->msg, status);
+}
+
+NTSTATUS nbtd_proxy_wins_challenge(struct irpc_message *msg,
+ struct nbtd_proxy_wins_challenge *req)
+{
+ struct nbtd_server *nbtd_server =
+ talloc_get_type(msg->private_data, struct nbtd_server);
+ struct proxy_wins_challenge_state *s;
+ uint32_t i;
+
+ s = talloc(msg, struct proxy_wins_challenge_state);
+ NT_STATUS_HAVE_NO_MEMORY(s);
+
+ s->msg = msg;
+ s->req = req;
+
+ s->io.in.nbtd_server = nbtd_server;
+ s->io.in.nbt_port = lpcfg_nbt_port(nbtd_server->task->lp_ctx);
+ s->io.in.event_ctx = nbtd_server->task->event_ctx;
+ s->io.in.name = &req->in.name;
+ s->io.in.num_addresses = req->in.num_addrs;
+ s->io.in.addresses = talloc_array(s, const char *, req->in.num_addrs);
+ NT_STATUS_HAVE_NO_MEMORY(s->io.in.addresses);
+ /* TODO: fix pidl to handle inline ipv4address arrays */
+ for (i=0; i < req->in.num_addrs; i++) {
+ s->io.in.addresses[i] = talloc_steal(s->io.in.addresses, req->in.addrs[i].addr);
+ }
+
+ s->c_req = wins_challenge_send(s, &s->io);
+ NT_STATUS_HAVE_NO_MEMORY(s->c_req);
+
+ s->c_req->async.fn = proxy_wins_challenge_handler;
+ s->c_req->async.private_data = s;
+
+ msg->defer_reply = true;
+ return NT_STATUS_OK;
+}
+
+/*
+ wrepl_server needs to be able to do a name release demands, but some windows
+ servers always send the reply to port 137, regardless of the request
+ port. To cope with this we use a irpc request to the NBT server
+ which has port 137 open, and thus can receive the replies
+*/
+struct proxy_wins_release_demand_state {
+ struct irpc_message *msg;
+ struct nbtd_proxy_wins_release_demand *req;
+ struct wins_release_demand_io io;
+ struct composite_context *c_req;
+};
+
+static void proxy_wins_release_demand_handler(struct composite_context *c_req)
+{
+ NTSTATUS status;
+ struct proxy_wins_release_demand_state *s = talloc_get_type(c_req->async.private_data,
+ struct proxy_wins_release_demand_state);
+
+ status = wins_release_demand_recv(s->c_req, s, &s->io);
+
+ irpc_send_reply(s->msg, status);
+}
+
+NTSTATUS nbtd_proxy_wins_release_demand(struct irpc_message *msg,
+ struct nbtd_proxy_wins_release_demand *req)
+{
+ struct nbtd_server *nbtd_server =
+ talloc_get_type(msg->private_data, struct nbtd_server);
+ struct proxy_wins_release_demand_state *s;
+ uint32_t i;
+
+ s = talloc(msg, struct proxy_wins_release_demand_state);
+ NT_STATUS_HAVE_NO_MEMORY(s);
+
+ s->msg = msg;
+ s->req = req;
+
+ s->io.in.nbtd_server = nbtd_server;
+ s->io.in.event_ctx = nbtd_server->task->event_ctx;
+ s->io.in.name = &req->in.name;
+ s->io.in.num_addresses = req->in.num_addrs;
+ s->io.in.addresses = talloc_array(s, const char *, req->in.num_addrs);
+ NT_STATUS_HAVE_NO_MEMORY(s->io.in.addresses);
+ /* TODO: fix pidl to handle inline ipv4address arrays */
+ for (i=0; i < req->in.num_addrs; i++) {
+ s->io.in.addresses[i] = talloc_steal(s->io.in.addresses, req->in.addrs[i].addr);
+ }
+
+ s->c_req = wins_release_demand_send(s, &s->io);
+ NT_STATUS_HAVE_NO_MEMORY(s->c_req);
+
+ s->c_req->async.fn = proxy_wins_release_demand_handler;
+ s->c_req->async.private_data = s;
+
+ msg->defer_reply = true;
+ return NT_STATUS_OK;
+}
diff --git a/source4/nbt_server/wscript_build b/source4/nbt_server/wscript_build
new file mode 100644
index 0000000..9d0c24a
--- /dev/null
+++ b/source4/nbt_server/wscript_build
@@ -0,0 +1,54 @@
+#!/usr/bin/env python
+
+bld.SAMBA_SUBSYSTEM('WINSDB',
+ source='wins/winsdb.c wins/wins_hook.c',
+ autoproto='wins/winsdb_proto.h',
+ public_deps='ldb ldbsamba',
+ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+bld.SAMBA_MODULE('ldb_wins_ldb',
+ source='wins/wins_ldb.c',
+ subsystem='ldb',
+ init_function='ldb_wins_ldb_module_init',
+ module_init_name='ldb_init_module',
+ deps='ldb netif samba-hostconfig samba-util',
+ internal_module=False,
+ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+bld.SAMBA_SUBSYSTEM('NBTD_WINS',
+ source='wins/winsserver.c wins/winsclient.c wins/winswack.c wins/wins_dns_proxy.c',
+ autoproto='wins/winsserver_proto.h',
+ deps='cli-nbt WINSDB',
+ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+bld.SAMBA_SUBSYSTEM('NBTD_DGRAM',
+ source='dgram/request.c dgram/netlogon.c dgram/browse.c',
+ autoproto='dgram/proto.h',
+ deps='LIBCLI_DGRAM DSDB_MODULE_HELPERS',
+ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+bld.SAMBA_SUBSYSTEM('NBT_SERVER',
+ source='interfaces.c register.c query.c nodestatus.c defense.c packet.c irpc.c',
+ autoproto='nbt_server_proto.h',
+ deps='cli-nbt NBTD_WINS NBTD_DGRAM service',
+ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+bld.SAMBA_MODULE('service_nbtd',
+ source='nbt_server.c',
+ subsystem='service',
+ init_function='server_service_nbtd_init',
+ deps='NBT_SERVER process_model',
+ internal_module=False,
+ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+