diff options
Diffstat (limited to 'source4/nbt_server')
23 files changed, 5843 insertions, 0 deletions
diff --git a/source4/nbt_server/defense.c b/source4/nbt_server/defense.c new file mode 100644 index 0000000..fbe22aa --- /dev/null +++ b/source4/nbt_server/defense.c @@ -0,0 +1,79 @@ +/* + Unix SMB/CIFS implementation. + + defend our names against name registration requests + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "../lib/util/dlinklist.h" +#include "system/network.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsserver.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "lib/socket/socket.h" + + +/* + defend our registered names against registration or name refresh + requests +*/ +void nbtd_request_defense(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbtd_iface_name *iname; + struct nbt_name *name; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + + /* + * if the packet comes from one of our interfaces + * it must be our winsclient trying to reach the winsserver + */ + if (nbtd_self_packet(nbtsock, packet, src)) { + nbtd_winsserver_request(nbtsock, packet, src); + return; + } + + NBTD_ASSERT_PACKET(packet, src, packet->qdcount == 1); + NBTD_ASSERT_PACKET(packet, src, packet->arcount == 1); + NBTD_ASSERT_PACKET(packet, src, + packet->questions[0].question_type == NBT_QTYPE_NETBIOS); + NBTD_ASSERT_PACKET(packet, src, + packet->questions[0].question_class == NBT_QCLASS_IP); + NBTD_ASSERT_PACKET(packet, src, + packet->additional[0].rr_type == NBT_QTYPE_NETBIOS); + NBTD_ASSERT_PACKET(packet, src, + packet->additional[0].rr_class == NBT_QCLASS_IP); + NBTD_ASSERT_PACKET(packet, src, + packet->additional[0].rdata.netbios.length == 6); + + /* see if we have the requested name on this interface */ + name = &packet->questions[0].name; + + iname = nbtd_find_iname(iface, name, NBT_NM_ACTIVE); + if (iname != NULL && + !(name->type == NBT_NAME_LOGON || iname->nb_flags & NBT_NM_GROUP)) { + DEBUG(2,("Defending name %s on %s against %s\n", + nbt_name_string(packet, name), + iface->bcast_address, src->addr)); + nbtd_name_registration_reply(nbtsock, packet, src, NBT_RCODE_ACT); + } else { + nbtd_winsserver_request(nbtsock, packet, src); + } +} diff --git a/source4/nbt_server/dgram/browse.c b/source4/nbt_server/dgram/browse.c new file mode 100644 index 0000000..1e4f28b --- /dev/null +++ b/source4/nbt_server/dgram/browse.c @@ -0,0 +1,85 @@ +/* + Unix SMB/CIFS implementation. + + NBT datagram browse server + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "lib/socket/socket.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "nbt_server/dgram/proto.h" + +static const char *nbt_browse_opcode_string(enum nbt_browse_opcode r) +{ + const char *val = NULL; + + switch (r) { + case HostAnnouncement: val = "HostAnnouncement"; break; + case AnnouncementRequest: val = "AnnouncementRequest"; break; + case Election: val = "Election"; break; + case GetBackupListReq: val = "GetBackupListReq"; break; + case GetBackupListResp: val = "GetBackupListResp"; break; + case BecomeBackup: val = "BecomeBackup"; break; + case DomainAnnouncement: val = "DomainAnnouncement"; break; + case MasterAnnouncement: val = "MasterAnnouncement"; break; + case ResetBrowserState: val = "ResetBrowserState"; break; + case LocalMasterAnnouncement: val = "LocalMasterAnnouncement"; break; + } + + return val; +} + +/* + handle incoming browse mailslot requests +*/ +void nbtd_mailslot_browse_handler(struct dgram_mailslot_handler *dgmslot, + struct nbt_dgram_packet *packet, + struct socket_address *src) +{ + struct nbt_browse_packet *browse = talloc(dgmslot, struct nbt_browse_packet); + struct nbt_name *name = &packet->data.msg.dest_name; + NTSTATUS status; + + if (browse == NULL) { + status = NT_STATUS_INVALID_PARAMETER; + goto failed; + } + + status = dgram_mailslot_browse_parse(dgmslot, browse, packet, browse); + if (!NT_STATUS_IS_OK(status)) goto failed; + + DEBUG(4,("Browse %s (Op %d) on '%s' '%s' from %s:%d\n", + nbt_browse_opcode_string(browse->opcode), browse->opcode, + nbt_name_string(browse, name), dgmslot->mailslot_name, + src->addr, src->port)); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_DEBUG(nbt_browse_packet, browse); + } + + talloc_free(browse); + return; + +failed: + DEBUG(2,("nbtd browse handler failed from %s:%d to %s - %s\n", + src->addr, src->port, nbt_name_string(browse, name), + nt_errstr(status))); + talloc_free(browse); + +} diff --git a/source4/nbt_server/dgram/netlogon.c b/source4/nbt_server/dgram/netlogon.c new file mode 100644 index 0000000..e9d89e5 --- /dev/null +++ b/source4/nbt_server/dgram/netlogon.c @@ -0,0 +1,286 @@ +/* + Unix SMB/CIFS implementation. + + NBT datagram netlogon server + + Copyright (C) Andrew Tridgell 2005 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "lib/socket/socket.h" +#include <ldb.h> +#include "dsdb/samdb/samdb.h" +#include "auth/auth.h" +#include "param/param.h" +#include "samba/service_task.h" +#include "dsdb/samdb/ldb_modules/util.h" +#include "libcli/security/security.h" +#include "nbt_server/dgram/proto.h" +#include "libds/common/roles.h" + +/* + reply to a GETDC request + */ +static NTSTATUS nbtd_netlogon_getdc(struct nbtd_server *nbtsrv, + struct nbt_name *dst_name, + struct nbt_netlogon_packet *netlogon, + TALLOC_CTX *mem_ctx, + struct nbt_netlogon_response **presponse, + char **preply_mailslot) +{ + struct nbt_netlogon_response_from_pdc *pdc; + struct ldb_context *samctx; + struct nbt_netlogon_response *response = NULL; + char *reply_mailslot = NULL; + + /* only answer getdc requests on the PDC or LOGON names */ + if ((dst_name->type != NBT_NAME_PDC) && + (dst_name->type != NBT_NAME_LOGON)) { + return NT_STATUS_NOT_SUPPORTED; + } + + samctx = nbtsrv->sam_ctx; + + if (lpcfg_server_role(nbtsrv->task->lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC + || !samdb_is_pdc(samctx)) { + DEBUG(2, ("Not a PDC, so not processing LOGON_PRIMARY_QUERY\n")); + return NT_STATUS_NOT_SUPPORTED; + } + + if (strcasecmp_m(dst_name->name, + lpcfg_workgroup(nbtsrv->task->lp_ctx)) != 0) { + DBG_INFO("GetDC requested for a domain %s that we don't " + "host\n", dst_name->name); + return NT_STATUS_NOT_SUPPORTED; + } + + reply_mailslot = talloc_strdup( + mem_ctx, netlogon->req.pdc.mailslot_name); + if (reply_mailslot == NULL) { + goto nomem; + } + + /* setup a GETDC reply */ + response = talloc_zero(mem_ctx, struct nbt_netlogon_response); + if (response == NULL) { + goto nomem; + } + response->response_type = NETLOGON_GET_PDC; + pdc = &response->data.get_pdc; + + pdc->command = NETLOGON_RESPONSE_FROM_PDC; + + pdc->pdc_name = talloc_strdup( + response, lpcfg_netbios_name(nbtsrv->task->lp_ctx)); + if (pdc->pdc_name == NULL) { + goto nomem; + } + + pdc->unicode_pdc_name = pdc->pdc_name; + + pdc->domain_name = talloc_strdup( + response, lpcfg_workgroup(nbtsrv->task->lp_ctx)); + if (pdc->domain_name == NULL) { + goto nomem; + } + + pdc->nt_version = 1; + pdc->lmnt_token = 0xFFFF; + pdc->lm20_token = 0xFFFF; + + *presponse = response; + *preply_mailslot = reply_mailslot; + return NT_STATUS_OK; + +nomem: + TALLOC_FREE(response); + TALLOC_FREE(reply_mailslot); + return NT_STATUS_NO_MEMORY; +} + +/* + reply to a ADS style GETDC request + */ +static NTSTATUS nbtd_netlogon_samlogon( + struct nbtd_server *nbtsrv, + struct nbt_name *dst_name, + const struct socket_address *src, + struct nbt_netlogon_packet *netlogon, + TALLOC_CTX *mem_ctx, + struct nbt_netlogon_response **presponse, + char **preply_mailslot) +{ + struct ldb_context *samctx; + struct dom_sid *sid = NULL; + struct nbt_netlogon_response *response = NULL; + char *reply_mailslot = NULL; + NTSTATUS status; + + /* only answer getdc requests on the PDC or LOGON names */ + if ((dst_name->type != NBT_NAME_PDC) && + (dst_name->type != NBT_NAME_LOGON)) { + return NT_STATUS_NOT_SUPPORTED; + } + + samctx = nbtsrv->sam_ctx; + + if (netlogon->req.logon.sid_size != 0) { + sid = &netlogon->req.logon.sid; + } + + reply_mailslot = talloc_strdup( + mem_ctx, netlogon->req.logon.mailslot_name); + if (reply_mailslot == NULL) { + return NT_STATUS_NO_MEMORY; + } + + response = talloc_zero(mem_ctx, struct nbt_netlogon_response); + if (response == NULL) { + TALLOC_FREE(reply_mailslot); + return NT_STATUS_NO_MEMORY; + } + response->response_type = NETLOGON_SAMLOGON; + + status = fill_netlogon_samlogon_response( + samctx, response, NULL, dst_name->name, sid, NULL, + netlogon->req.logon.user_name, + netlogon->req.logon.acct_control, src->addr, + netlogon->req.logon.nt_version, nbtsrv->task->lp_ctx, + &response->data.samlogon, false); + if (!NT_STATUS_IS_OK(status)) { + struct dom_sid_buf buf; + + DBG_NOTICE("NBT netlogon query failed domain=%s sid=%s " + "version=%d - %s\n", + dst_name->name, + dom_sid_str_buf(sid, &buf), + netlogon->req.logon.nt_version, + nt_errstr(status)); + TALLOC_FREE(reply_mailslot); + TALLOC_FREE(response); + return status; + } + + *presponse = response; + *preply_mailslot = reply_mailslot; + return NT_STATUS_OK; +} + +static NTSTATUS nbtd_mailslot_netlogon_reply( + struct nbtd_interface *iface, + struct nbt_dgram_packet *packet, + struct socket_address *src, + TALLOC_CTX *mem_ctx, + struct nbt_netlogon_response **presponse, + char **preply_mailslot) +{ + struct nbt_netlogon_packet *netlogon; + struct nbt_name *dst_name = &packet->data.msg.dest_name; + struct nbt_netlogon_response *response = NULL; + struct nbtd_iface_name *iname; + char *reply_mailslot = NULL; + NTSTATUS status; + + /* + see if the we are listening on the destination netbios name + */ + iname = nbtd_find_iname(iface, dst_name, 0); + if (iname == NULL) { + return NT_STATUS_BAD_NETWORK_NAME; + } + + netlogon = talloc(mem_ctx, struct nbt_netlogon_packet); + if (netlogon == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = dgram_mailslot_netlogon_parse_request(netlogon, packet, + netlogon); + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + switch (netlogon->command) { + case LOGON_PRIMARY_QUERY: + status = nbtd_netlogon_getdc( + iface->nbtsrv, &packet->data.msg.dest_name, + netlogon, mem_ctx, &response, &reply_mailslot); + break; + case LOGON_SAM_LOGON_REQUEST: + status = nbtd_netlogon_samlogon( + iface->nbtsrv, &packet->data.msg.dest_name, src, + netlogon, mem_ctx, &response, &reply_mailslot); + break; + default: + DEBUG(2,("unknown netlogon op %d from %s:%d\n", + netlogon->command, src->addr, src->port)); + NDR_PRINT_DEBUG(nbt_netlogon_packet, netlogon); + status = NT_STATUS_NOT_SUPPORTED; + break; + } + + if (!NT_STATUS_IS_OK(status)) { + DBG_DEBUG("Calculating reply failed: %s\n", + nt_errstr(status)); + goto failed; + } + + *presponse = response; + *preply_mailslot = reply_mailslot; + return NT_STATUS_OK; + +failed: + TALLOC_FREE(reply_mailslot); + TALLOC_FREE(netlogon); + return status; +} + +/* + handle incoming netlogon mailslot requests +*/ +void nbtd_mailslot_netlogon_handler(struct dgram_mailslot_handler *dgmslot, + struct nbt_dgram_packet *packet, + struct socket_address *src) +{ + NTSTATUS status = NT_STATUS_NO_MEMORY; + struct nbtd_interface *iface = + talloc_get_type(dgmslot->private_data, struct nbtd_interface); + struct nbtd_interface *reply_iface = nbtd_find_reply_iface( + iface, src->addr, false); + struct nbt_netlogon_response *response = NULL; + char *reply_mailslot = NULL; + + if (reply_iface->ip_address == NULL) { + DBG_WARNING("Could not obtain own IP address for datagram " + "socket\n"); + return; + } + + status = nbtd_mailslot_netlogon_reply( + iface, packet, src, dgmslot, &response, &reply_mailslot); + + if (NT_STATUS_IS_OK(status)) { + dgram_mailslot_netlogon_reply( + reply_iface->dgmsock, packet, + lpcfg_netbios_name(iface->nbtsrv->task->lp_ctx), + reply_mailslot, response); + } + + TALLOC_FREE(response); + TALLOC_FREE(reply_mailslot); +} diff --git a/source4/nbt_server/dgram/ntlogon.c b/source4/nbt_server/dgram/ntlogon.c new file mode 100644 index 0000000..8c6a6e9 --- /dev/null +++ b/source4/nbt_server/dgram/ntlogon.c @@ -0,0 +1,121 @@ +/* + Unix SMB/CIFS implementation. + + NBT datagram ntlogon server + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "samba/service_task.h" +#include "lib/socket/socket.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "param/param.h" + +/* + reply to a SAM LOGON request + */ +static void nbtd_ntlogon_sam_logon(struct dgram_mailslot_handler *dgmslot, + struct nbtd_interface *iface, + struct nbt_dgram_packet *packet, + const struct socket_address *src, + struct nbt_ntlogon_packet *ntlogon) +{ + struct nbt_name *name = &packet->data.msg.dest_name; + struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, false); + struct nbt_ntlogon_packet reply; + struct nbt_ntlogon_sam_logon_reply *logon; + + /* only answer sam logon requests on the PDC or LOGON names */ + if (name->type != NBT_NAME_PDC && name->type != NBT_NAME_LOGON) { + return; + } + + /* setup a SAM LOGON reply */ + ZERO_STRUCT(reply); + reply.command = NTLOGON_SAM_LOGON_REPLY; + logon = &reply.req.reply; + + logon->server = talloc_asprintf(packet, "\\\\%s", + lpcfg_netbios_name(iface->nbtsrv->task->lp_ctx)); + logon->user_name = ntlogon->req.logon.user_name; + logon->domain = lpcfg_workgroup(iface->nbtsrv->task->lp_ctx); + logon->nt_version = 1; + logon->lmnt_token = 0xFFFF; + logon->lm20_token = 0xFFFF; + + packet->data.msg.dest_name.type = 0; + + dgram_mailslot_ntlogon_reply(reply_iface->dgmsock, + packet, + lpcfg_netbios_name(iface->nbtsrv->task->lp_ctx), + ntlogon->req.logon.mailslot_name, + &reply); +} + +/* + handle incoming ntlogon mailslot requests +*/ +void nbtd_mailslot_ntlogon_handler(struct dgram_mailslot_handler *dgmslot, + struct nbt_dgram_packet *packet, + struct socket_address *src) +{ + NTSTATUS status = NT_STATUS_NO_MEMORY; + struct nbtd_interface *iface = + talloc_get_type(dgmslot->private_data, struct nbtd_interface); + struct nbt_ntlogon_packet *ntlogon = + talloc(dgmslot, struct nbt_ntlogon_packet); + struct nbtd_iface_name *iname; + struct nbt_name *name = &packet->data.msg.dest_name; + + if (ntlogon == NULL) goto failed; + + /* + see if the we are listening on the destination netbios name + */ + iname = nbtd_find_iname(iface, name, 0); + if (iname == NULL) { + status = NT_STATUS_BAD_NETWORK_NAME; + goto failed; + } + + DEBUG(2,("ntlogon request to %s from %s:%d\n", + nbt_name_string(ntlogon, name), src->addr, src->port)); + status = dgram_mailslot_ntlogon_parse(dgmslot, ntlogon, packet, ntlogon); + if (!NT_STATUS_IS_OK(status)) goto failed; + + NDR_PRINT_DEBUG(nbt_ntlogon_packet, ntlogon); + + switch (ntlogon->command) { + case NTLOGON_SAM_LOGON: + nbtd_ntlogon_sam_logon(dgmslot, iface, packet, src, ntlogon); + break; + default: + DEBUG(2,("unknown ntlogon op %d from %s:%d\n", + ntlogon->command, src->addr, src->port)); + break; + } + + talloc_free(ntlogon); + return; + +failed: + DEBUG(2,("nbtd ntlogon handler failed from %s:%d to %s - %s\n", + src->addr, src->port, nbt_name_string(ntlogon, name), + nt_errstr(status))); + talloc_free(ntlogon); +} diff --git a/source4/nbt_server/dgram/request.c b/source4/nbt_server/dgram/request.c new file mode 100644 index 0000000..ea2b6e8 --- /dev/null +++ b/source4/nbt_server/dgram/request.c @@ -0,0 +1,150 @@ +/* + Unix SMB/CIFS implementation. + + NBT datagram server + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "samba/service_task.h" +#include "lib/socket/socket.h" +#include "libcli/resolve/resolve.h" +#include "nbt_server/dgram/proto.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "param/param.h" + +/* + a list of mailslots that we have static handlers for +*/ +static const struct { + const char *mailslot_name; + dgram_mailslot_handler_t handler; +} mailslot_handlers[] = { + /* Handle both NTLOGON and NETLOGON in the same function, as + * they are very similar */ + { NBT_MAILSLOT_NETLOGON, nbtd_mailslot_netlogon_handler }, + { NBT_MAILSLOT_NTLOGON, nbtd_mailslot_netlogon_handler }, + { NBT_MAILSLOT_BROWSE, nbtd_mailslot_browse_handler } +}; + +/* + receive an incoming dgram request. This is used for general datagram + requests. Mailslot requests for our listening mailslots + are handled in the specific mailslot handlers +*/ +void dgram_request_handler(struct nbt_dgram_socket *dgmsock, + struct nbt_dgram_packet *packet, + struct socket_address *src) +{ + DEBUG(0,("General datagram request from %s:%d\n", src->addr, src->port)); + NDR_PRINT_DEBUG(nbt_dgram_packet, packet); +} + + +/* + setup the port 138 datagram listener for a given interface +*/ +NTSTATUS nbtd_dgram_setup(struct nbtd_interface *iface, const char *bind_address) +{ + struct nbt_dgram_socket *bcast_dgmsock = NULL; + struct nbtd_server *nbtsrv = iface->nbtsrv; + struct socket_address *bcast_addr, *bind_addr; + NTSTATUS status; + TALLOC_CTX *tmp_ctx = talloc_new(iface); + /* the list of mailslots that we are interested in */ + size_t i; + + if (!tmp_ctx) { + return NT_STATUS_NO_MEMORY; + } + + if (strcmp("0.0.0.0", iface->netmask) != 0) { + /* listen for broadcasts on port 138 */ + bcast_dgmsock = nbt_dgram_socket_init(iface, nbtsrv->task->event_ctx); + if (!bcast_dgmsock) { + talloc_free(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + + bcast_addr = socket_address_from_strings(tmp_ctx, bcast_dgmsock->sock->backend_name, + iface->bcast_address, + lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx)); + if (!bcast_addr) { + talloc_free(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + + status = socket_listen(bcast_dgmsock->sock, bcast_addr, 0, 0); + if (!NT_STATUS_IS_OK(status)) { + talloc_free(tmp_ctx); + DEBUG(0,("Failed to bind to %s:%d - %s\n", + iface->bcast_address, lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx), + nt_errstr(status))); + return status; + } + + dgram_set_incoming_handler(bcast_dgmsock, dgram_request_handler, iface); + } + + /* listen for unicasts on port 138 */ + iface->dgmsock = nbt_dgram_socket_init(iface, nbtsrv->task->event_ctx); + if (!iface->dgmsock) { + talloc_free(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + + bind_addr = socket_address_from_strings(tmp_ctx, iface->dgmsock->sock->backend_name, + bind_address, lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx)); + if (!bind_addr) { + talloc_free(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + + status = socket_listen(iface->dgmsock->sock, bind_addr, 0, 0); + if (!NT_STATUS_IS_OK(status)) { + talloc_free(tmp_ctx); + DEBUG(0,("Failed to bind to %s:%d - %s\n", + bind_address, lpcfg_dgram_port(iface->nbtsrv->task->lp_ctx), nt_errstr(status))); + return status; + } + + dgram_set_incoming_handler(iface->dgmsock, dgram_request_handler, iface); + + talloc_free(tmp_ctx); + + for (i=0;i<ARRAY_SIZE(mailslot_handlers);i++) { + /* note that we don't need to keep the pointer + to the dgmslot around - the callback is all + we need */ + struct dgram_mailslot_handler *dgmslot; + + if (bcast_dgmsock) { + dgmslot = dgram_mailslot_listen(bcast_dgmsock, + mailslot_handlers[i].mailslot_name, + mailslot_handlers[i].handler, iface); + NT_STATUS_HAVE_NO_MEMORY(dgmslot); + } + + dgmslot = dgram_mailslot_listen(iface->dgmsock, + mailslot_handlers[i].mailslot_name, + mailslot_handlers[i].handler, iface); + NT_STATUS_HAVE_NO_MEMORY(dgmslot); + } + + return NT_STATUS_OK; +} diff --git a/source4/nbt_server/interfaces.c b/source4/nbt_server/interfaces.c new file mode 100644 index 0000000..93e1497 --- /dev/null +++ b/source4/nbt_server/interfaces.c @@ -0,0 +1,426 @@ +/* + Unix SMB/CIFS implementation. + + NBT interface handling + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "../lib/util/dlinklist.h" +#include "nbt_server/nbt_server.h" +#include "samba/service_task.h" +#include "lib/socket/socket.h" +#include "nbt_server/wins/winsserver.h" +#include "nbt_server/dgram/proto.h" +#include "system/network.h" +#include "lib/socket/netif.h" +#include "param/param.h" +#include "lib/util/util_net.h" + + +/* + receive an incoming request and dispatch it to the right place +*/ +static void nbtd_request_handler(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + + nbtsrv->stats.total_received++; + + /* see if it's from one of our own interfaces - if so, then ignore it */ + if (nbtd_self_packet_and_bcast(nbtsock, packet, src)) { + DEBUG(10,("Ignoring bcast self packet from %s:%d\n", src->addr, src->port)); + return; + } + + switch (packet->operation & NBT_OPCODE) { + case NBT_OPCODE_QUERY: + nbtsrv->stats.query_count++; + nbtd_request_query(nbtsock, packet, src); + break; + + case NBT_OPCODE_REGISTER: + case NBT_OPCODE_REFRESH: + case NBT_OPCODE_REFRESH2: + nbtsrv->stats.register_count++; + nbtd_request_defense(nbtsock, packet, src); + break; + + case NBT_OPCODE_RELEASE: + case NBT_OPCODE_MULTI_HOME_REG: + nbtsrv->stats.release_count++; + nbtd_winsserver_request(nbtsock, packet, src); + break; + + default: + nbtd_bad_packet(packet, src, "Unexpected opcode"); + break; + } +} + +static void nbtd_unexpected_handler(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + struct nbtd_interface *i; + struct nbt_name_request *req = NULL; + + nbtsrv->stats.total_received++; + + DEBUG(10,("unexpected from src[%s] on interface[%p] %s/%s\n", + src->addr, iface, iface->ip_address, iface->netmask)); + + /* try the broadcast interface */ + if (nbtsrv->bcast_interface) { + i = nbtsrv->bcast_interface; + req = idr_find(i->nbtsock->idr, packet->name_trn_id); + } + + /* try the wins server client interface */ + if (!req && nbtsrv->wins_interface && nbtsrv->wins_interface->nbtsock) { + i = nbtsrv->wins_interface; + req = idr_find(i->nbtsock->idr, packet->name_trn_id); + } + + /* try all other interfaces... */ + if (!req) { + for (i = nbtsrv->interfaces; i; i = i->next) { + if (i == iface) { + continue; + } + req = idr_find(i->nbtsock->idr, packet->name_trn_id); + if (req) break; + } + } + + if (!req) { + DEBUG(10,("unexpected from src[%s] unable to redirected\n", src->addr)); + return; + } + + DEBUG(10,("unexpected from src[%s] redirected to interface[%p] %s/%s\n", + src->addr, i, i->ip_address, i->netmask)); + + /* + * redirect the incoming response to the socket + * we sent the matching request + */ + nbt_name_socket_handle_response_packet(req, packet, src); +} + +/* + find a registered name on an interface +*/ +struct nbtd_iface_name *nbtd_find_iname(struct nbtd_interface *iface, + struct nbt_name *name, + uint16_t nb_flags) +{ + struct nbtd_iface_name *iname; + for (iname=iface->names;iname;iname=iname->next) { + if (iname->name.type == name->type && + strcmp(name->name, iname->name.name) == 0 && + ((iname->nb_flags & nb_flags) == nb_flags)) { + return iname; + } + } + return NULL; +} + +/* + start listening on the given address +*/ +static NTSTATUS nbtd_add_socket(struct nbtd_server *nbtsrv, + struct loadparm_context *lp_ctx, + const char *bind_address, + const char *address, + const char *bcast, + const char *netmask) +{ + struct nbtd_interface *iface; + NTSTATUS status; + struct socket_address *bcast_address; + struct socket_address *unicast_address; + + DEBUG(6,("nbtd_add_socket(%s, %s, %s, %s)\n", bind_address, address, bcast, netmask)); + + /* + we actually create two sockets. One listens on the broadcast address + for the interface, and the other listens on our specific address. This + allows us to run with "bind interfaces only" while still receiving + broadcast addresses, and also simplifies matching incoming requests + to interfaces + */ + + iface = talloc(nbtsrv, struct nbtd_interface); + NT_STATUS_HAVE_NO_MEMORY(iface); + + iface->nbtsrv = nbtsrv; + iface->bcast_address = talloc_steal(iface, bcast); + iface->ip_address = talloc_steal(iface, address); + iface->netmask = talloc_steal(iface, netmask); + iface->names = NULL; + iface->wack_queue = NULL; + + if (strcmp(netmask, "0.0.0.0") != 0) { + struct nbt_name_socket *bcast_nbtsock; + + /* listen for broadcasts on port 137 */ + bcast_nbtsock = nbt_name_socket_init(iface, nbtsrv->task->event_ctx); + if (!bcast_nbtsock) { + talloc_free(iface); + return NT_STATUS_NO_MEMORY; + } + + bcast_address = socket_address_from_strings(bcast_nbtsock, bcast_nbtsock->sock->backend_name, + bcast, lpcfg_nbt_port(lp_ctx)); + if (!bcast_address) { + talloc_free(iface); + return NT_STATUS_NO_MEMORY; + } + + status = socket_listen(bcast_nbtsock->sock, bcast_address, 0, 0); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("Failed to bind to %s:%d - %s\n", + bcast, lpcfg_nbt_port(lp_ctx), nt_errstr(status))); + talloc_free(iface); + return status; + } + talloc_free(bcast_address); + + nbt_set_incoming_handler(bcast_nbtsock, nbtd_request_handler, iface); + } + + /* listen for unicasts on port 137 */ + iface->nbtsock = nbt_name_socket_init(iface, nbtsrv->task->event_ctx); + if (!iface->nbtsock) { + talloc_free(iface); + return NT_STATUS_NO_MEMORY; + } + + unicast_address = socket_address_from_strings(iface->nbtsock, + iface->nbtsock->sock->backend_name, + bind_address, lpcfg_nbt_port(lp_ctx)); + + status = socket_listen(iface->nbtsock->sock, unicast_address, 0, 0); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("Failed to bind to %s:%d - %s\n", + bind_address, lpcfg_nbt_port(lp_ctx), nt_errstr(status))); + talloc_free(iface); + return status; + } + talloc_free(unicast_address); + + nbt_set_incoming_handler(iface->nbtsock, nbtd_request_handler, iface); + nbt_set_unexpected_handler(iface->nbtsock, nbtd_unexpected_handler, iface); + + /* also setup the datagram listeners */ + status = nbtd_dgram_setup(iface, bind_address); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("Failed to setup dgram listen on %s - %s\n", + bind_address, nt_errstr(status))); + talloc_free(iface); + return status; + } + + if (strcmp(netmask, "0.0.0.0") == 0) { + DLIST_ADD(nbtsrv->bcast_interface, iface); + } else { + DLIST_ADD(nbtsrv->interfaces, iface); + } + + return NT_STATUS_OK; +} + +/* + setup a socket for talking to our WINS servers +*/ +static NTSTATUS nbtd_add_wins_socket(struct nbtd_server *nbtsrv) +{ + struct nbtd_interface *iface; + + iface = talloc_zero(nbtsrv, struct nbtd_interface); + NT_STATUS_HAVE_NO_MEMORY(iface); + + iface->nbtsrv = nbtsrv; + + DLIST_ADD(nbtsrv->wins_interface, iface); + + return NT_STATUS_OK; +} + + +/* + setup our listening sockets on the configured network interfaces +*/ +NTSTATUS nbtd_startup_interfaces(struct nbtd_server *nbtsrv, struct loadparm_context *lp_ctx, + struct interface *ifaces) +{ + int num_interfaces = iface_list_count(ifaces); + int i; + TALLOC_CTX *tmp_ctx = talloc_new(nbtsrv); + NTSTATUS status; + + /* if we are allowing incoming packets from any address, then + we also need to bind to the wildcard address */ + if (!lpcfg_bind_interfaces_only(lp_ctx)) { + const char *primary_address; + + primary_address = iface_list_first_v4(ifaces); + + /* the primary address is the address we will return + for non-WINS queries not made on a specific + interface */ + if (primary_address == NULL) { + primary_address = inet_ntoa(interpret_addr2( + lpcfg_netbios_name(lp_ctx))); + } + + primary_address = talloc_strdup(tmp_ctx, primary_address); + NT_STATUS_HAVE_NO_MEMORY(primary_address); + + status = nbtd_add_socket(nbtsrv, + lp_ctx, + "0.0.0.0", + primary_address, + talloc_strdup(tmp_ctx, "255.255.255.255"), + talloc_strdup(tmp_ctx, "0.0.0.0")); + NT_STATUS_NOT_OK_RETURN(status); + } + + for (i=0; i<num_interfaces; i++) { + const char *bcast; + const char *address, *netmask; + + if (!iface_list_n_is_v4(ifaces, i)) { + /* v4 only for NBT protocol */ + continue; + } + + bcast = iface_list_n_bcast(ifaces, i); + /* we can't assume every interface is broadcast capable */ + if (bcast == NULL) continue; + + address = talloc_strdup(tmp_ctx, iface_list_n_ip(ifaces, i)); + bcast = talloc_strdup(tmp_ctx, bcast); + netmask = talloc_strdup(tmp_ctx, iface_list_n_netmask(ifaces, i)); + + status = nbtd_add_socket(nbtsrv, lp_ctx, + address, address, bcast, netmask); + NT_STATUS_NOT_OK_RETURN(status); + } + + if (lpcfg_wins_server_list(lp_ctx)) { + status = nbtd_add_wins_socket(nbtsrv); + NT_STATUS_NOT_OK_RETURN(status); + } + + talloc_free(tmp_ctx); + + return NT_STATUS_OK; +} + + +/* + form a list of addresses that we should use in name query replies + we always place the IP in the given interface first +*/ +const char **nbtd_address_list(struct nbtd_interface *iface, TALLOC_CTX *mem_ctx) +{ + struct nbtd_server *nbtsrv = iface->nbtsrv; + const char **ret = NULL; + struct nbtd_interface *iface2; + bool is_loopback = false; + + if (iface->ip_address) { + is_loopback = iface_list_same_net(iface->ip_address, "127.0.0.1", "255.0.0.0"); + ret = str_list_add(ret, iface->ip_address); + } + + for (iface2=nbtsrv->interfaces;iface2;iface2=iface2->next) { + if (iface2 == iface) continue; + + if (!iface2->ip_address) continue; + + if (!is_loopback) { + if (iface_list_same_net(iface2->ip_address, "127.0.0.1", "255.0.0.0")) { + continue; + } + } + + ret = str_list_add(ret, iface2->ip_address); + } + + talloc_steal(mem_ctx, ret); + + return ret; +} + + +/* + find the interface to use for sending a outgoing request +*/ +struct nbtd_interface *nbtd_find_request_iface(struct nbtd_server *nbtd_server, + const char *address, bool allow_bcast_iface) +{ + struct nbtd_interface *cur; + + /* try to find a exact match */ + for (cur=nbtd_server->interfaces;cur;cur=cur->next) { + if (iface_list_same_net(address, cur->ip_address, cur->netmask)) { + DEBUG(10,("find interface for dst[%s] ip: %s/%s (iface[%p])\n", + address, cur->ip_address, cur->netmask, cur)); + return cur; + } + } + + /* no exact match, if we have the broadcast interface, use that */ + if (allow_bcast_iface && nbtd_server->bcast_interface) { + cur = nbtd_server->bcast_interface; + DEBUG(10,("find interface for dst[%s] ip: %s/%s (bcast iface[%p])\n", + address, cur->ip_address, cur->netmask, cur)); + return cur; + } + + /* fallback to first interface */ + cur = nbtd_server->interfaces; + DEBUG(10,("find interface for dst[%s] ip: %s/%s (default iface[%p])\n", + address, cur->ip_address, cur->netmask, cur)); + return cur; +} + +/* + * find the interface to use for sending a outgoing reply + */ +struct nbtd_interface *nbtd_find_reply_iface(struct nbtd_interface *iface, + const char *address, bool allow_bcast_iface) +{ + struct nbtd_server *nbtd_server = iface->nbtsrv; + + /* first try to use the given interfacel when it's not the broadcast one */ + if (iface != nbtd_server->bcast_interface) { + return iface; + } + + return nbtd_find_request_iface(nbtd_server, address, allow_bcast_iface); +} diff --git a/source4/nbt_server/irpc.c b/source4/nbt_server/irpc.c new file mode 100644 index 0000000..e835ffd --- /dev/null +++ b/source4/nbt_server/irpc.c @@ -0,0 +1,210 @@ +/* + Unix SMB/CIFS implementation. + + irpc services for the NBT server + + Copyright (C) Andrew Tridgell 2005 + Copyright (C) Volker Lendecke 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "samba/service_task.h" +#include "samba/service.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsserver.h" +#include "librpc/gen_ndr/ndr_irpc.h" +#include "lib/socket/socket.h" +#include "libcli/resolve/resolve.h" +#include "librpc/gen_ndr/ndr_nbt.h" + +/* + serve out the nbt statistics +*/ +static NTSTATUS nbtd_information(struct irpc_message *msg, + struct nbtd_information *r) +{ + struct nbtd_server *server = talloc_get_type(msg->private_data, + struct nbtd_server); + + switch (r->in.level) { + case NBTD_INFO_STATISTICS: + r->out.info.stats = &server->stats; + break; + } + + return NT_STATUS_OK; +} + + +/* + winbind needs to be able to do a getdc request, but most (all?) windows + servers always send the reply to port 138, regardless of the request + port. To cope with this we use a irpc request to the NBT server + which has port 138 open, and thus can receive the replies +*/ +struct getdc_state { + struct irpc_message *msg; + struct nbtd_getdcname *req; +}; + +static void getdc_recv_netlogon_reply(struct dgram_mailslot_handler *dgmslot, + struct nbt_dgram_packet *packet, + struct socket_address *src) +{ + struct getdc_state *s = + talloc_get_type(dgmslot->private_data, struct getdc_state); + const char *p; + struct nbt_netlogon_response netlogon; + NTSTATUS status; + + status = dgram_mailslot_netlogon_parse_response(packet, packet, + &netlogon); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(5, ("dgram_mailslot_ntlogon_parse failed: %s\n", + nt_errstr(status))); + goto done; + } + + /* We asked for version 1 only */ + if (netlogon.response_type == NETLOGON_SAMLOGON + && netlogon.data.samlogon.ntver != NETLOGON_NT_VERSION_1) { + status = NT_STATUS_INVALID_NETWORK_RESPONSE; + goto done; + } + + p = netlogon.data.samlogon.data.nt4.pdc_name; + + DEBUG(10, ("NTLOGON_SAM_LOGON_REPLY: server: %s, user: %s, " + "domain: %s\n", p, + netlogon.data.samlogon.data.nt4.user_name, + netlogon.data.samlogon.data.nt4.domain_name)); + + if (*p == '\\') p += 1; + if (*p == '\\') p += 1; + + s->req->out.dcname = talloc_strdup(s->req, p); + if (s->req->out.dcname == NULL) { + DEBUG(0, ("talloc failed\n")); + status = NT_STATUS_NO_MEMORY; + goto done; + } + + status = NT_STATUS_OK; + + done: + irpc_send_reply(s->msg, status); +} + +static NTSTATUS nbtd_getdcname(struct irpc_message *msg, + struct nbtd_getdcname *req) +{ + struct nbtd_server *server = + talloc_get_type(msg->private_data, struct nbtd_server); + struct nbtd_interface *iface = nbtd_find_request_iface(server, req->in.ip_address, true); + struct getdc_state *s; + struct nbt_netlogon_packet p; + struct NETLOGON_SAM_LOGON_REQUEST *r; + struct nbt_name src, dst; + struct socket_address *dest; + struct dgram_mailslot_handler *handler; + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + + DEBUG(0, ("nbtd_getdcname called\n")); + + s = talloc(msg, struct getdc_state); + NT_STATUS_HAVE_NO_MEMORY(s); + + s->msg = msg; + s->req = req; + + handler = dgram_mailslot_temp(iface->dgmsock, NBT_MAILSLOT_GETDC, + getdc_recv_netlogon_reply, s); + NT_STATUS_HAVE_NO_MEMORY(handler); + + ZERO_STRUCT(p); + p.command = LOGON_SAM_LOGON_REQUEST; + r = &p.req.logon; + r->request_count = 0; + r->computer_name = req->in.my_computername; + r->user_name = req->in.my_accountname; + r->mailslot_name = handler->mailslot_name; + r->acct_control = req->in.account_control; + r->sid = *req->in.domain_sid; + r->nt_version = NETLOGON_NT_VERSION_1; + r->lmnt_token = 0xffff; + r->lm20_token = 0xffff; + + make_nbt_name_client(&src, req->in.my_computername); + make_nbt_name(&dst, req->in.domainname, 0x1c); + + dest = socket_address_from_strings(msg, iface->dgmsock->sock->backend_name, + req->in.ip_address, 138); + NT_STATUS_HAVE_NO_MEMORY(dest); + + status = dgram_mailslot_netlogon_send(iface->dgmsock, + &dst, dest, + NBT_MAILSLOT_NETLOGON, + &src, &p); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("dgram_mailslot_ntlogon_send failed: %s\n", + nt_errstr(status))); + return status; + } + + msg->defer_reply = true; + return NT_STATUS_OK; +} + + +/* + register the irpc handlers for the nbt server +*/ +void nbtd_register_irpc(struct nbtd_server *nbtsrv) +{ + NTSTATUS status; + struct task_server *task = nbtsrv->task; + + status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_INFORMATION, + nbtd_information, nbtsrv); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, "nbtd failed to setup monitoring", true); + return; + } + + status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_GETDCNAME, + nbtd_getdcname, nbtsrv); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, "nbtd failed to setup getdcname " + "handler", true); + return; + } + + status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_PROXY_WINS_CHALLENGE, + nbtd_proxy_wins_challenge, nbtsrv); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, "nbtd failed to setup wins challenge " + "handler", true); + return; + } + + status = IRPC_REGISTER(task->msg_ctx, irpc, NBTD_PROXY_WINS_RELEASE_DEMAND, + nbtd_proxy_wins_release_demand, nbtsrv); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, "nbtd failed to setup wins release demand " + "handler", true); + return; + } +} diff --git a/source4/nbt_server/nbt_server.c b/source4/nbt_server/nbt_server.c new file mode 100644 index 0000000..6d28bbd --- /dev/null +++ b/source4/nbt_server/nbt_server.c @@ -0,0 +1,117 @@ +/* + Unix SMB/CIFS implementation. + + NBT server task + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "samba/service_task.h" +#include "samba/service.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsserver.h" +#include "system/network.h" +#include "lib/socket/netif.h" +#include "auth/auth.h" +#include "dsdb/samdb/samdb.h" +#include "param/param.h" + +NTSTATUS server_service_nbtd_init(TALLOC_CTX *); + +/* + startup the nbtd task +*/ +static NTSTATUS nbtd_task_init(struct task_server *task) +{ + struct nbtd_server *nbtsrv; + NTSTATUS status; + struct interface *ifaces; + + load_interface_list(task, task->lp_ctx, &ifaces); + + if (iface_list_count(ifaces) == 0) { + task_server_terminate(task, "nbtd: no network interfaces configured", false); + return NT_STATUS_UNSUCCESSFUL; + } + + if (lpcfg_disable_netbios(task->lp_ctx)) { + task_server_terminate(task, "nbtd: 'disable netbios = yes' set in smb.conf, shutting down nbt server", false); + return NT_STATUS_UNSUCCESSFUL; + } + + task_server_set_title(task, "task[nbtd]"); + + nbtsrv = talloc(task, struct nbtd_server); + if (nbtsrv == NULL) { + task_server_terminate(task, "nbtd: out of memory", true); + return NT_STATUS_NO_MEMORY; + } + + nbtsrv->task = task; + nbtsrv->interfaces = NULL; + nbtsrv->bcast_interface = NULL; + nbtsrv->wins_interface = NULL; + + /* start listening on the configured network interfaces */ + status = nbtd_startup_interfaces(nbtsrv, task->lp_ctx, ifaces); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, "nbtd failed to setup interfaces", true); + return status; + } + + nbtsrv->sam_ctx = samdb_connect(nbtsrv, + task->event_ctx, + task->lp_ctx, + system_session(task->lp_ctx), + NULL, + 0); + if (nbtsrv->sam_ctx == NULL) { + task_server_terminate(task, "nbtd failed to open samdb", true); + return NT_STATUS_UNSUCCESSFUL; + } + + /* start the WINS server, if appropriate */ + status = nbtd_winsserver_init(nbtsrv); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, "nbtd failed to start WINS server", true); + return status; + } + + nbtd_register_irpc(nbtsrv); + + /* start the process of registering our names on all interfaces */ + nbtd_register_names(nbtsrv); + + irpc_add_name(task->msg_ctx, "nbt_server"); + + return NT_STATUS_OK; +} + + +/* + register ourselves as a available server +*/ +NTSTATUS server_service_nbtd_init(TALLOC_CTX *ctx) +{ + static const struct service_details details = { + .inhibit_fork_on_accept = true, + .inhibit_pre_fork = true, + .task_init = nbtd_task_init, + .post_fork = NULL + }; + return register_server_service(ctx, "nbt", &details); +} diff --git a/source4/nbt_server/nbt_server.h b/source4/nbt_server/nbt_server.h new file mode 100644 index 0000000..c80e5bf --- /dev/null +++ b/source4/nbt_server/nbt_server.h @@ -0,0 +1,94 @@ +/* + Unix SMB/CIFS implementation. + + NBT server structures + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "../libcli/nbt/libnbt.h" +#include "libcli/wrepl/winsrepl.h" +#include "libcli/dgram/libdgram.h" +#include "librpc/gen_ndr/irpc.h" +#include "lib/messaging/irpc.h" + +/* + a list of our registered names on each interface +*/ +struct nbtd_iface_name { + struct nbtd_iface_name *next, *prev; + struct nbtd_interface *iface; + struct nbt_name name; + uint16_t nb_flags; + struct timeval registration_time; + uint32_t ttl; + + /* if registered with a wins server, then this lists the server being + used */ + const char *wins_server; +}; + +struct nbtd_wins_wack_state; + +/* a list of network interfaces we are listening on */ +struct nbtd_interface { + struct nbtd_interface *next, *prev; + struct nbtd_server *nbtsrv; + const char *ip_address; + const char *bcast_address; + const char *netmask; + struct nbt_name_socket *nbtsock; + struct nbt_dgram_socket *dgmsock; + struct nbtd_iface_name *names; + struct nbtd_wins_wack_state *wack_queue; +}; + + +/* + top level context structure for the nbt server +*/ +struct nbtd_server { + struct task_server *task; + + /* the list of local network interfaces */ + struct nbtd_interface *interfaces; + + /* broadcast interface used for receiving packets only */ + struct nbtd_interface *bcast_interface; + + /* wins client interface - used for registering and refreshing + our names with a WINS server */ + struct nbtd_interface *wins_interface; + + struct wins_server *winssrv; + + struct nbtd_statistics stats; + + struct ldb_context *sam_ctx; +}; + + + +/* check a condition on an incoming packet */ +#define NBTD_ASSERT_PACKET(packet, src, test) do { \ + if (!(test)) { \ + nbtd_bad_packet(packet, src, #test); \ + return; \ + } \ +} while (0) + +struct interface; +#include "nbt_server/nbt_server_proto.h" diff --git a/source4/nbt_server/nodestatus.c b/source4/nbt_server/nodestatus.c new file mode 100644 index 0000000..e26cda7 --- /dev/null +++ b/source4/nbt_server/nodestatus.c @@ -0,0 +1,182 @@ +/* + Unix SMB/CIFS implementation. + + answer node status queries + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "../lib/util/dlinklist.h" +#include "system/network.h" +#include "nbt_server/nbt_server.h" +#include "lib/socket/socket.h" +#include "librpc/gen_ndr/ndr_nbt.h" + +struct nbt_name_packet *nbtd_node_status_reply_packet( + TALLOC_CTX *mem_ctx, + uint16_t trn_id, + const struct nbt_name *name, + struct nbtd_interface *iface) +{ + struct nbtd_iface_name *iname; + struct nbt_name_packet *packet; + struct nbt_res_rec *answer; + struct nbt_rdata_status *stat; + uint32_t num_names; + NTSTATUS status; + + num_names = 0; + for (iname = iface->names; iname != NULL; iname = iname->next) { + if ((iname->nb_flags & NBT_NM_ACTIVE) == 0) { + continue; + } + if (strcmp(iname->name.name, "*") == 0) { + continue; + } + num_names += 1; + } + + packet = talloc_zero(mem_ctx, struct nbt_name_packet); + if (packet == NULL) { + return NULL; + } + + packet->name_trn_id = trn_id; + packet->ancount = 1; + packet->operation = + NBT_OPCODE_QUERY | + NBT_FLAG_REPLY | + NBT_FLAG_AUTHORITATIVE; + + packet->answers = talloc_array(packet, struct nbt_res_rec, 1); + if (packet->answers == NULL) { + goto failed; + } + + answer = &packet->answers[0]; + + status = nbt_name_dup(packet->answers, name, &answer->name); + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + answer->rr_type = NBT_QTYPE_STATUS; + answer->rr_class = NBT_QCLASS_IP; + answer->ttl = 0; + + stat = &packet->answers[0].rdata.status; + + stat->num_names = num_names; + stat->names = talloc_zero_array( + packet->answers, + struct nbt_status_name, + num_names); + if (stat->names == NULL) { + goto failed; + } + + num_names = 0; + for (iname = iface->names; iname != NULL; iname = iname->next) { + struct nbt_status_name *n = &stat->names[num_names]; + + if ((iname->nb_flags & NBT_NM_ACTIVE) == 0) { + continue; + } + if (strcmp(iname->name.name, "*") == 0) { + continue; + } + + n->name = talloc_asprintf( + stat->names, + "%-15s", + iname->name.name); + if (n->name == NULL) { + goto failed; + } + n->type = iname->name.type; + n->nb_flags = iname->nb_flags; + + num_names += 1; + } + + return packet; + +failed: + TALLOC_FREE(packet); + return NULL; +} + +/* + send a name status reply +*/ +static void nbtd_node_status_reply(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *request_packet, + struct socket_address *src, + struct nbt_name *name, + struct nbtd_interface *iface) +{ + struct nbt_name_packet *packet; + struct nbtd_server *nbtsrv = iface->nbtsrv; + + packet = nbtd_node_status_reply_packet( + nbtsock, + request_packet->name_trn_id, + name, + iface); + if (packet == NULL) { + return; + } + + DEBUG(7,("Sending node status reply for %s to %s:%d\n", + nbt_name_string(packet, name), src->addr, src->port)); + + nbtsrv->stats.total_sent++; + nbt_name_reply_send(nbtsock, src, packet); + + talloc_free(packet); +} + + +/* + answer a node status query +*/ +void nbtd_query_status(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbt_name *name; + struct nbtd_iface_name *iname; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + + NBTD_ASSERT_PACKET(packet, src, packet->qdcount == 1); + NBTD_ASSERT_PACKET(packet, src, packet->questions[0].question_type == NBT_QTYPE_STATUS); + NBTD_ASSERT_PACKET(packet, src, packet->questions[0].question_class == NBT_QCLASS_IP); + + /* see if we have the requested name on this interface */ + name = &packet->questions[0].name; + + iname = nbtd_find_iname(iface, name, NBT_NM_ACTIVE); + if (iname == NULL) { + DEBUG(7,("Node status query for %s from %s - not found on %s\n", + nbt_name_string(packet, name), src->addr, iface->ip_address)); + return; + } + + nbtd_node_status_reply(nbtsock, packet, src, + &iname->name, iface); +} diff --git a/source4/nbt_server/packet.c b/source4/nbt_server/packet.c new file mode 100644 index 0000000..b9aea56 --- /dev/null +++ b/source4/nbt_server/packet.c @@ -0,0 +1,387 @@ +/* + Unix SMB/CIFS implementation. + + packet utility functions + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "samba/service_task.h" +#include "lib/socket/socket.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "param/param.h" + +/* + we received a badly formed packet - log it +*/ +void nbtd_bad_packet(struct nbt_name_packet *packet, + const struct socket_address *src, const char *reason) +{ + DEBUG(2,("nbtd: bad packet '%s' from %s:%d\n", reason, src->addr, src->port)); + if (DEBUGLVL(5)) { + NDR_PRINT_DEBUG(nbt_name_packet, packet); + } +} + + +/* + see if an incoming packet is a broadcast packet from one of our own + interfaces +*/ +bool nbtd_self_packet_and_bcast(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + const struct socket_address *src) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + + /* if its not a broadcast then its not considered a self packet */ + if (!(packet->operation & NBT_FLAG_BROADCAST)) { + return false; + } + + /* + * this uses the fact that iface->nbtsock is the unicast listen address + * if the interface isn't the global bcast interface + * + * so if the request was directed to the unicast address it isn't a broadcast + * message + */ + if (iface->nbtsock == nbtsock && + iface != iface->nbtsrv->bcast_interface) { + return false; + } + + return nbtd_self_packet(nbtsock, packet, src); +} + +bool nbtd_self_packet(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + const struct socket_address *src) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + + /* if its not from the nbt port, then it wasn't a broadcast from us */ + if (src->port != lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx)) { + return false; + } + + /* we have to loop over our interface list, seeing if its from + one of our own interfaces */ + for (iface=nbtsrv->interfaces;iface;iface=iface->next) { + if (strcmp(src->addr, iface->ip_address) == 0) { + return true; + } + } + + return false; +} + +struct nbt_name_packet *nbtd_name_query_reply_packet( + TALLOC_CTX *mem_ctx, + uint16_t trn_id, + uint32_t ttl, + uint16_t nb_flags, + const struct nbt_name *name, + const char **addresses, + size_t num_addresses) +{ + struct nbt_name_packet *packet; + size_t i; + struct nbt_res_rec *answer; + struct nbt_rdata_netbios *rdata; + NTSTATUS status; + + if (num_addresses == 0) { + return NULL; + } + + packet = talloc_zero(mem_ctx, struct nbt_name_packet); + if (packet == NULL) { + return NULL; + } + + packet->name_trn_id = trn_id; + packet->ancount = 1; + packet->operation = + NBT_FLAG_REPLY | + NBT_OPCODE_QUERY | + NBT_FLAG_AUTHORITATIVE | + NBT_FLAG_RECURSION_DESIRED | + NBT_FLAG_RECURSION_AVAIL; + + packet->answers = talloc_array(packet, struct nbt_res_rec, 1); + if (packet->answers == NULL) { + goto failed; + } + answer = packet->answers; + + status = nbt_name_dup(packet->answers, name, &answer->name); + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + answer->rr_type = NBT_QTYPE_NETBIOS; + answer->rr_class = NBT_QCLASS_IP; + answer->ttl = ttl; + + rdata = &answer->rdata.netbios; + rdata->length = num_addresses*6; + rdata->addresses = talloc_array( + packet->answers, + struct nbt_rdata_address, + num_addresses); + if (rdata->addresses == NULL) { + goto failed; + } + + for (i=0; i<num_addresses; i++) { + struct nbt_rdata_address *addr = &rdata->addresses[i]; + addr->nb_flags = nb_flags; + addr->ipaddr = talloc_strdup(packet->answers, addresses[i]); + if (addr->ipaddr == NULL) { + goto failed; + } + } + + return packet; + +failed: + TALLOC_FREE(packet); + return NULL; +} + +/* + send a name query reply +*/ +void nbtd_name_query_reply(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *request_packet, + struct socket_address *src, + struct nbt_name *name, uint32_t ttl, + uint16_t nb_flags, const char **addresses) +{ + struct nbt_name_packet *packet; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + + packet = nbtd_name_query_reply_packet( + nbtsock, + request_packet->name_trn_id, + ttl, + nb_flags, + name, + addresses, + str_list_length(addresses)); + if (packet == NULL) { + return; + } + + DEBUG(7,("Sending name query reply for %s at %s to %s:%d\n", + nbt_name_string(packet, name), addresses[0], src->addr, src->port)); + + nbtsrv->stats.total_sent++; + nbt_name_reply_send(nbtsock, src, packet); + + talloc_free(packet); +} + + +/* + send a negative name query reply +*/ +void nbtd_negative_name_query_reply(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *request_packet, + struct socket_address *src) +{ + struct nbt_name_packet *packet; + struct nbt_name *name = &request_packet->questions[0].name; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + + packet = talloc_zero(nbtsock, struct nbt_name_packet); + if (packet == NULL) return; + + packet->name_trn_id = request_packet->name_trn_id; + packet->ancount = 1; + packet->operation = + NBT_FLAG_REPLY | + NBT_OPCODE_QUERY | + NBT_FLAG_AUTHORITATIVE | + NBT_RCODE_NAM; + + packet->answers = talloc_array(packet, struct nbt_res_rec, 1); + if (packet->answers == NULL) goto failed; + + packet->answers[0].name = *name; + packet->answers[0].rr_type = NBT_QTYPE_NULL; + packet->answers[0].rr_class = NBT_QCLASS_IP; + packet->answers[0].ttl = 0; + ZERO_STRUCT(packet->answers[0].rdata); + + DEBUG(7,("Sending negative name query reply for %s to %s:%d\n", + nbt_name_string(packet, name), src->addr, src->port)); + + nbtsrv->stats.total_sent++; + nbt_name_reply_send(nbtsock, src, packet); + +failed: + talloc_free(packet); +} + +/* + send a name registration reply +*/ +void nbtd_name_registration_reply(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *request_packet, + struct socket_address *src, + uint8_t rcode) +{ + struct nbt_name_packet *packet; + struct nbt_name *name = &request_packet->questions[0].name; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + + packet = talloc_zero(nbtsock, struct nbt_name_packet); + if (packet == NULL) return; + + packet->name_trn_id = request_packet->name_trn_id; + packet->ancount = 1; + packet->operation = + NBT_FLAG_REPLY | + NBT_OPCODE_REGISTER | + NBT_FLAG_AUTHORITATIVE | + NBT_FLAG_RECURSION_DESIRED | + NBT_FLAG_RECURSION_AVAIL | + rcode; + + packet->answers = talloc_array(packet, struct nbt_res_rec, 1); + if (packet->answers == NULL) goto failed; + + packet->answers[0].name = *name; + packet->answers[0].rr_type = NBT_QTYPE_NETBIOS; + packet->answers[0].rr_class = NBT_QCLASS_IP; + packet->answers[0].ttl = request_packet->additional[0].ttl; + packet->answers[0].rdata = request_packet->additional[0].rdata; + + DEBUG(7,("Sending %s name registration reply for %s to %s:%d\n", + rcode==0?"positive":"negative", + nbt_name_string(packet, name), src->addr, src->port)); + + nbtsrv->stats.total_sent++; + nbt_name_reply_send(nbtsock, src, packet); + +failed: + talloc_free(packet); +} + + +/* + send a name release reply +*/ +void nbtd_name_release_reply(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *request_packet, + struct socket_address *src, + uint8_t rcode) +{ + struct nbt_name_packet *packet; + struct nbt_name *name = &request_packet->questions[0].name; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + + packet = talloc_zero(nbtsock, struct nbt_name_packet); + if (packet == NULL) return; + + packet->name_trn_id = request_packet->name_trn_id; + packet->ancount = 1; + packet->operation = + NBT_FLAG_REPLY | + NBT_OPCODE_RELEASE | + NBT_FLAG_AUTHORITATIVE | + rcode; + + packet->answers = talloc_array(packet, struct nbt_res_rec, 1); + if (packet->answers == NULL) goto failed; + + packet->answers[0].name = *name; + packet->answers[0].rr_type = NBT_QTYPE_NETBIOS; + packet->answers[0].rr_class = NBT_QCLASS_IP; + packet->answers[0].ttl = request_packet->additional[0].ttl; + packet->answers[0].rdata = request_packet->additional[0].rdata; + + DEBUG(7,("Sending %s name release reply for %s to %s:%d\n", + rcode==0?"positive":"negative", + nbt_name_string(packet, name), src->addr, src->port)); + + nbtsrv->stats.total_sent++; + nbt_name_reply_send(nbtsock, src, packet); + +failed: + talloc_free(packet); +} + + +/* + send a WACK reply +*/ +void nbtd_wack_reply(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *request_packet, + struct socket_address *src, + uint32_t ttl) +{ + struct nbt_name_packet *packet; + struct nbt_name *name = &request_packet->questions[0].name; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct nbtd_server *nbtsrv = iface->nbtsrv; + + packet = talloc_zero(nbtsock, struct nbt_name_packet); + if (packet == NULL) return; + + packet->name_trn_id = request_packet->name_trn_id; + packet->ancount = 1; + packet->operation = + NBT_FLAG_REPLY | + NBT_OPCODE_WACK | + NBT_FLAG_AUTHORITATIVE; + + packet->answers = talloc_array(packet, struct nbt_res_rec, 1); + if (packet->answers == NULL) goto failed; + + packet->answers[0].name = *name; + packet->answers[0].rr_type = NBT_QTYPE_NETBIOS; + packet->answers[0].rr_class = NBT_QCLASS_IP; + packet->answers[0].ttl = ttl; + packet->answers[0].rdata.data.length = 2; + packet->answers[0].rdata.data.data = talloc_array(packet, uint8_t, 2); + if (packet->answers[0].rdata.data.data == NULL) goto failed; + RSSVAL(packet->answers[0].rdata.data.data, 0, request_packet->operation); + + DEBUG(7,("Sending WACK reply for %s to %s:%d\n", + nbt_name_string(packet, name), src->addr, src->port)); + + nbtsrv->stats.total_sent++; + nbt_name_reply_send(nbtsock, src, packet); + +failed: + talloc_free(packet); +} diff --git a/source4/nbt_server/query.c b/source4/nbt_server/query.c new file mode 100644 index 0000000..7e1a760 --- /dev/null +++ b/source4/nbt_server/query.c @@ -0,0 +1,102 @@ +/* + Unix SMB/CIFS implementation. + + answer name queries + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "../lib/util/dlinklist.h" +#include "system/network.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsserver.h" +#include "samba/service_task.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "lib/socket/socket.h" +#include "param/param.h" + +/* + answer a name query +*/ +void nbtd_request_query(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbtd_iface_name *iname; + struct nbt_name *name; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + + /* see if its a node status query */ + if (packet->qdcount == 1 && + packet->questions[0].question_type == NBT_QTYPE_STATUS) { + nbtd_query_status(nbtsock, packet, src); + return; + } + + NBTD_ASSERT_PACKET(packet, src, packet->qdcount == 1); + NBTD_ASSERT_PACKET(packet, src, + packet->questions[0].question_type == NBT_QTYPE_NETBIOS); + NBTD_ASSERT_PACKET(packet, src, + packet->questions[0].question_class == NBT_QCLASS_IP); + + /* see if we have the requested name on this interface */ + name = &packet->questions[0].name; + + iname = nbtd_find_iname(iface, name, 0); + if (iname == NULL) { + /* don't send negative replies to broadcast queries */ + if (packet->operation & NBT_FLAG_BROADCAST) { + return; + } + + if (packet->operation & NBT_FLAG_RECURSION_DESIRED) { + nbtd_winsserver_request(nbtsock, packet, src); + return; + } + + /* otherwise send a negative reply */ + nbtd_negative_name_query_reply(nbtsock, packet, src); + return; + } + + /* + * normally we should forward all queries with the + * recursion desired flag to the wins server, but this + * breaks are winsclient code, when doing mhomed registrations + */ + if (!(packet->operation & NBT_FLAG_BROADCAST) && + (packet->operation & NBT_FLAG_RECURSION_DESIRED) && + (iname->nb_flags & NBT_NM_GROUP) && + lpcfg_we_are_a_wins_server(iface->nbtsrv->task->lp_ctx)) { + nbtd_winsserver_request(nbtsock, packet, src); + return; + } + + /* if the name is not yet active and its a broadcast query then + ignore it for now */ + if (!(iname->nb_flags & NBT_NM_ACTIVE) && + (packet->operation & NBT_FLAG_BROADCAST)) { + DEBUG(7,("Query for %s from %s - name not active yet on %s\n", + nbt_name_string(packet, name), src->addr, iface->ip_address)); + return; + } + + nbtd_name_query_reply(nbtsock, packet, src, + &iname->name, iname->ttl, iname->nb_flags, + nbtd_address_list(iface, packet)); +} diff --git a/source4/nbt_server/register.c b/source4/nbt_server/register.c new file mode 100644 index 0000000..4d10e9b --- /dev/null +++ b/source4/nbt_server/register.c @@ -0,0 +1,310 @@ +/* + Unix SMB/CIFS implementation. + + register our names + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/events/events.h" +#include "../lib/util/dlinklist.h" +#include "nbt_server/nbt_server.h" +#include "samba/service_task.h" +#include "libcli/composite/composite.h" +#include "librpc/gen_ndr/ndr_samr.h" +#include "nbt_server/wins/winsserver.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "dsdb/samdb/samdb.h" +#include "param/param.h" +#include "libds/common/roles.h" + +static void nbtd_start_refresh_timer(struct nbtd_iface_name *iname); + +/* + a name refresh request has completed +*/ +static void refresh_completion_handler(struct nbt_name_request *req) +{ + struct nbtd_iface_name *iname = talloc_get_type(req->async.private_data, + struct nbtd_iface_name); + NTSTATUS status; + struct nbt_name_refresh io; + TALLOC_CTX *tmp_ctx = talloc_new(iname); + + status = nbt_name_refresh_recv(req, tmp_ctx, &io); + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + DEBUG(4,("Refreshed name %s with %s on interface %s\n", + nbt_name_string(tmp_ctx, &iname->name), + iname->iface->ip_address, iname->iface->bcast_address)); + iname->registration_time = timeval_current(); + nbtd_start_refresh_timer(iname); + talloc_free(tmp_ctx); + return; + } + + iname->nb_flags |= NBT_NM_CONFLICT; + iname->nb_flags &= ~NBT_NM_ACTIVE; + + if (NT_STATUS_IS_OK(status)) { + DEBUG(1,("Name conflict from %s refreshing name %s with %s on interface %s - %s\n", + io.out.reply_addr, nbt_name_string(tmp_ctx, &iname->name), + iname->iface->ip_address, iname->iface->bcast_address, + nt_errstr(nbt_rcode_to_ntstatus(io.out.rcode)))); + } else { + DEBUG(1,("Error refreshing name %s with %s on interface %s - %s\n", + nbt_name_string(tmp_ctx, &iname->name), + iname->iface->ip_address, iname->iface->bcast_address, + nt_errstr(status))); + } + + talloc_free(tmp_ctx); +} + + +/* + handle name refresh timer events +*/ +static void name_refresh_handler(struct tevent_context *ev, struct tevent_timer *te, + struct timeval t, void *private_data) +{ + struct nbtd_iface_name *iname = talloc_get_type(private_data, struct nbtd_iface_name); + struct nbtd_interface *iface = iname->iface; + struct nbt_name_register io; + struct nbt_name_request *req; + struct nbtd_server *nbtsrv = iface->nbtsrv; + + /* setup a single name register request. Notice that we don't + use a name refresh request, as Windows and Samba3 do not + defend against broadcast name refresh packets. So for this + to be of any use at all, we need to refresh using name + registration packets */ + io.in.name = iname->name; + io.in.dest_addr = iface->bcast_address; + io.in.dest_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx); + io.in.address = iface->ip_address; + io.in.nb_flags = iname->nb_flags; + io.in.ttl = iname->ttl; + io.in.register_demand = false; + io.in.broadcast = true; + io.in.multi_homed = false; + io.in.timeout = 3; + io.in.retries = 0; + + nbtsrv->stats.total_sent++; + req = nbt_name_register_send(iface->nbtsock, &io); + if (req == NULL) return; + + req->async.fn = refresh_completion_handler; + req->async.private_data = iname; +} + + +/* + start a timer to refresh this name +*/ +static void nbtd_start_refresh_timer(struct nbtd_iface_name *iname) +{ + uint32_t refresh_time; + uint32_t max_refresh_time = lpcfg_parm_int(iname->iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "max_refresh_time", 7200); + + refresh_time = MIN(max_refresh_time, iname->ttl/2); + + tevent_add_timer(iname->iface->nbtsrv->task->event_ctx, + iname, + timeval_add(&iname->registration_time, refresh_time, 0), + name_refresh_handler, iname); +} + +struct nbtd_register_name_state { + struct nbtd_iface_name *iname; + struct nbt_name_register_bcast io; +}; + +/* + a name registration has completed +*/ +static void nbtd_register_name_handler(struct tevent_req *subreq) +{ + struct nbtd_register_name_state *state = + tevent_req_callback_data(subreq, + struct nbtd_register_name_state); + struct nbtd_iface_name *iname = state->iname; + NTSTATUS status; + + status = nbt_name_register_bcast_recv(subreq); + TALLOC_FREE(subreq); + if (NT_STATUS_IS_OK(status)) { + /* good - nobody complained about our registration */ + iname->nb_flags |= NBT_NM_ACTIVE; + DEBUG(3,("Registered %s with %s on interface %s\n", + nbt_name_string(state, &iname->name), + iname->iface->ip_address, iname->iface->bcast_address)); + iname->registration_time = timeval_current(); + talloc_free(state); + nbtd_start_refresh_timer(iname); + return; + } + + /* someone must have replied with an objection! */ + iname->nb_flags |= NBT_NM_CONFLICT; + + DEBUG(1,("Error registering %s with %s on interface %s - %s\n", + nbt_name_string(state, &iname->name), + iname->iface->ip_address, iname->iface->bcast_address, + nt_errstr(status))); + talloc_free(state); +} + + +/* + register a name on a network interface +*/ +static void nbtd_register_name_iface(struct nbtd_interface *iface, + const char *name, enum nbt_name_type type, + uint16_t nb_flags) +{ + struct nbtd_iface_name *iname; + const char *scope = lpcfg_netbios_scope(iface->nbtsrv->task->lp_ctx); + struct nbtd_register_name_state *state; + struct tevent_req *subreq; + struct nbtd_server *nbtsrv = iface->nbtsrv; + + iname = talloc(iface, struct nbtd_iface_name); + if (!iname) return; + + iname->iface = iface; + iname->name.name = strupper_talloc(iname, name); + iname->name.type = type; + if (scope && *scope) { + iname->name.scope = strupper_talloc(iname, scope); + } else { + iname->name.scope = NULL; + } + iname->nb_flags = nb_flags; + iname->ttl = lpcfg_parm_int(iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "bcast_ttl", 300000); + iname->registration_time = timeval_zero(); + iname->wins_server = NULL; + + DLIST_ADD_END(iface->names, iname); + + if (nb_flags & NBT_NM_PERMANENT) { + /* permanent names are not announced and are immediately active */ + iname->nb_flags |= NBT_NM_ACTIVE; + iname->ttl = 0; + return; + } + + /* if this is the wins interface, then we need to do a special + wins name registration */ + if (iface == iface->nbtsrv->wins_interface) { + nbtd_winsclient_register(iname); + return; + } + + state = talloc_zero(iname, struct nbtd_register_name_state); + if (state == NULL) { + return; + } + + state->iname = iname; + + /* setup a broadcast name registration request */ + state->io.in.name = iname->name; + state->io.in.dest_addr = iface->bcast_address; + state->io.in.dest_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx); + state->io.in.address = iface->ip_address; + state->io.in.nb_flags = nb_flags; + state->io.in.ttl = iname->ttl; + + nbtsrv->stats.total_sent++; + + subreq = nbt_name_register_bcast_send(state, nbtsrv->task->event_ctx, + iface->nbtsock, &state->io); + if (subreq == NULL) { + return; + } + + tevent_req_set_callback(subreq, nbtd_register_name_handler, state); +} + + +/* + register one name on all our interfaces +*/ +void nbtd_register_name(struct nbtd_server *nbtsrv, + const char *name, enum nbt_name_type type, + uint16_t nb_flags) +{ + struct nbtd_interface *iface; + + /* register with all the local interfaces */ + for (iface=nbtsrv->interfaces;iface;iface=iface->next) { + nbtd_register_name_iface(iface, name, type, nb_flags); + } + + /* register on our general broadcast interface as a permanent name */ + if (nbtsrv->bcast_interface) { + nbtd_register_name_iface(nbtsrv->bcast_interface, name, type, + nb_flags | NBT_NM_PERMANENT); + } + + /* register with our WINS servers */ + if (nbtsrv->wins_interface) { + nbtd_register_name_iface(nbtsrv->wins_interface, name, type, nb_flags); + } +} + + +/* + register our names on all interfaces +*/ +void nbtd_register_names(struct nbtd_server *nbtsrv) +{ + uint16_t nb_flags = NBT_NODE_M; + const char **aliases; + + /* note that we don't initially mark the names "ACTIVE". They are + marked active once registration is successful */ + nbtd_register_name(nbtsrv, lpcfg_netbios_name(nbtsrv->task->lp_ctx), NBT_NAME_CLIENT, nb_flags); + nbtd_register_name(nbtsrv, lpcfg_netbios_name(nbtsrv->task->lp_ctx), NBT_NAME_USER, nb_flags); + nbtd_register_name(nbtsrv, lpcfg_netbios_name(nbtsrv->task->lp_ctx), NBT_NAME_SERVER, nb_flags); + + aliases = lpcfg_netbios_aliases(nbtsrv->task->lp_ctx); + while (aliases && aliases[0]) { + nbtd_register_name(nbtsrv, aliases[0], NBT_NAME_CLIENT, nb_flags); + nbtd_register_name(nbtsrv, aliases[0], NBT_NAME_SERVER, nb_flags); + aliases++; + } + + if (lpcfg_server_role(nbtsrv->task->lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) { + bool is_pdc = samdb_is_pdc(nbtsrv->sam_ctx); + if (is_pdc) { + nbtd_register_name(nbtsrv, lpcfg_workgroup(nbtsrv->task->lp_ctx), + NBT_NAME_PDC, nb_flags); + } + nbtd_register_name(nbtsrv, lpcfg_workgroup(nbtsrv->task->lp_ctx), + NBT_NAME_LOGON, nb_flags | NBT_NM_GROUP); + } + + nb_flags |= NBT_NM_GROUP; + nbtd_register_name(nbtsrv, lpcfg_workgroup(nbtsrv->task->lp_ctx), NBT_NAME_CLIENT, nb_flags); + + nb_flags |= NBT_NM_PERMANENT; + nbtd_register_name(nbtsrv, "__SAMBA__", NBT_NAME_CLIENT, nb_flags); + nbtd_register_name(nbtsrv, "__SAMBA__", NBT_NAME_SERVER, nb_flags); + nbtd_register_name(nbtsrv, "*", NBT_NAME_CLIENT, nb_flags); +} diff --git a/source4/nbt_server/wins/wins_dns_proxy.c b/source4/nbt_server/wins/wins_dns_proxy.c new file mode 100644 index 0000000..95ceb21 --- /dev/null +++ b/source4/nbt_server/wins/wins_dns_proxy.c @@ -0,0 +1,99 @@ +/* + Unix SMB/CIFS implementation. + + wins server dns proxy + + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsdb.h" +#include "nbt_server/wins/winsserver.h" +#include "system/time.h" +#include "libcli/composite/composite.h" +#include "samba/service_task.h" +#include "libcli/resolve/resolve.h" +#include "lib/socket/socket.h" + +struct wins_dns_proxy_state { + struct nbt_name_socket *nbtsock; + struct nbt_name_packet *packet; + struct socket_address *src; +}; + +static void nbtd_wins_dns_proxy_handler(struct composite_context *creq) +{ + NTSTATUS status; + struct wins_dns_proxy_state *s = talloc_get_type(creq->async.private_data, + struct wins_dns_proxy_state); + struct nbt_name *name = &s->packet->questions[0].name; + const char *address; + const char **addresses; + uint16_t nb_flags = 0; /* TODO: ... */ + + status = resolve_name_recv(creq, s->packet, &address); + if (!NT_STATUS_IS_OK(status)) { + goto notfound; + } + + addresses = str_list_add(NULL, address); + talloc_steal(s->packet, addresses); + if (!addresses) goto notfound; + + nbtd_name_query_reply(s->nbtsock, s->packet, s->src, name, + 0, nb_flags, addresses); + return; +notfound: + nbtd_negative_name_query_reply(s->nbtsock, s->packet, s->src); +} + +/* + dns proxy query a name +*/ +void nbtd_wins_dns_proxy_query(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbt_name *name = &packet->questions[0].name; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_dns_proxy_state *s; + struct composite_context *creq; + struct resolve_context *resolve_ctx; + + s = talloc(nbtsock, struct wins_dns_proxy_state); + if (!s) goto failed; + s->nbtsock = nbtsock; + s->packet = talloc_steal(s, packet); + s->src = socket_address_copy(s, src); + if (s->src == NULL) { + goto failed; + } + + resolve_ctx = resolve_context_init(s); + if (resolve_ctx == NULL) goto failed; + resolve_context_add_host_method(resolve_ctx); + + creq = resolve_name_send(resolve_ctx, s, name, iface->nbtsrv->task->event_ctx); + if (!creq) goto failed; + + creq->async.fn = nbtd_wins_dns_proxy_handler; + creq->async.private_data= s; + return; +failed: + nbtd_negative_name_query_reply(nbtsock, packet, src); +} diff --git a/source4/nbt_server/wins/wins_hook.c b/source4/nbt_server/wins/wins_hook.c new file mode 100644 index 0000000..1af471b --- /dev/null +++ b/source4/nbt_server/wins/wins_hook.c @@ -0,0 +1,94 @@ +/* + Unix SMB/CIFS implementation. + + wins hook feature, we run a specified script + which can then do some custom actions + + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsdb.h" +#include "system/filesys.h" + +static const char *wins_hook_action_string(enum wins_hook_action action) +{ + switch (action) { + case WINS_HOOK_ADD: return "add"; + case WINS_HOOK_MODIFY: return "refresh"; + case WINS_HOOK_DELETE: return "delete"; + } + + return "unknown"; +} + +void wins_hook(struct winsdb_handle *h, const struct winsdb_record *rec, + enum wins_hook_action action, const char *wins_hook_script) +{ + uint32_t i, length; + int child; + char *cmd = NULL; + TALLOC_CTX *tmp_mem = NULL; + + if (!wins_hook_script || !wins_hook_script[0]) return; + + tmp_mem = talloc_new(h); + if (!tmp_mem) goto failed; + + length = winsdb_addr_list_length(rec->addresses); + + if (action == WINS_HOOK_MODIFY && length < 1) { + action = WINS_HOOK_DELETE; + } + + cmd = talloc_asprintf(tmp_mem, + "%s %s %s %02x %ld", + wins_hook_script, + wins_hook_action_string(action), + rec->name->name, + rec->name->type, + (long int) rec->expire_time); + if (!cmd) goto failed; + + for (i=0; rec->addresses[i]; i++) { + cmd = talloc_asprintf_append_buffer(cmd, " %s", rec->addresses[i]->address); + if (!cmd) goto failed; + } + + DEBUG(10,("call wins hook '%s'\n", cmd)); + + /* signal handling in posix really sucks - doing this in a library + affects the whole app, but what else to do?? */ + signal(SIGCHLD, SIG_IGN); + + child = fork(); + if (child == (pid_t)-1) { + goto failed; + } + + if (child == 0) { +/* TODO: close file handles */ + execl("/bin/sh", "sh", "-c", cmd, NULL); + _exit(0); + } + + talloc_free(tmp_mem); + return; +failed: + talloc_free(tmp_mem); + DEBUG(0,("FAILED: calling wins hook '%s'\n", wins_hook_script)); +} diff --git a/source4/nbt_server/wins/wins_ldb.c b/source4/nbt_server/wins/wins_ldb.c new file mode 100644 index 0000000..304c98d --- /dev/null +++ b/source4/nbt_server/wins/wins_ldb.c @@ -0,0 +1,127 @@ +/* + ldb database module + + Copyright (C) Stefan Metzmacher 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* + * Name: ldb + * + * Component: ldb winsdb module + * + * Description: verify winsdb records before they're written to disk + * + * Author: Stefan Metzmacher + */ + +#include "includes.h" +#include "lib/events/events.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsdb.h" +#include <ldb_module.h> +#include "system/network.h" +#include "lib/socket/netif.h" +#include "param/param.h" + +static int wins_ldb_verify(struct ldb_module *module, struct ldb_request *req) +{ + struct ldb_context *ldb = ldb_module_get_ctx(module); + struct winsdb_handle *h = talloc_get_type(ldb_get_opaque(ldb, "winsdb_handle"), + struct winsdb_handle); + const struct ldb_message *msg; + + switch (req->operation) { + case LDB_ADD: + msg = req->op.add.message; + break; + + case LDB_MODIFY: + msg = req->op.mod.message; + break; + + default: + return ldb_next_request(module, req); + } + + /* do not manipulate our control entries */ + if (ldb_dn_is_special(msg->dn)) { + return ldb_next_request(module, req); + } + + if (!h) { + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "%s", "WINS_LDB: INTERNAL ERROR: no winsdb_handle present!"); + return LDB_ERR_OTHER; + } + + switch (h->caller) { + case WINSDB_HANDLE_CALLER_NBTD: + case WINSDB_HANDLE_CALLER_WREPL: + /* we trust our nbt and wrepl code ... */ + return ldb_next_request(module, req); + + case WINSDB_HANDLE_CALLER_ADMIN: + ldb_debug(ldb, LDB_DEBUG_WARNING, "%s\n", "WINS_LDB: TODO verify add/modify for WINSDB_HANDLE_CALLER_ADMIN"); + return ldb_next_request(module, req); + } + + return LDB_ERR_OTHER; +} + +static int wins_ldb_init(struct ldb_module *module) +{ + struct ldb_context *ldb = ldb_module_get_ctx(module); + struct winsdb_handle *h; + const char *owner; + struct loadparm_context *lp_ctx = ldb_get_opaque(ldb, "loadparm"); + + ldb_module_set_private(module, NULL); + + owner = lpcfg_parm_string(lp_ctx, NULL, "winsdb", "local_owner"); + if (!owner) { + struct interface *ifaces; + load_interface_list(module, lp_ctx, &ifaces); + owner = iface_list_first_v4(ifaces); + if (!owner) { + owner = "0.0.0.0"; + } + } + + h = talloc_zero(module, struct winsdb_handle); + if (!h) goto failed; + h->ldb = ldb; + h->caller = WINSDB_HANDLE_CALLER_ADMIN; + h->local_owner = talloc_strdup(h, owner); + if (!h->local_owner) goto failed; + + return ldb_set_opaque(ldb, "winsdb_handle", h); + +failed: + talloc_free(h); + return LDB_ERR_OTHER; +} + +static const struct ldb_module_ops ldb_wins_ldb_module_ops = { + .name = "wins_ldb", + .add = wins_ldb_verify, + .modify = wins_ldb_verify, + .init_context = wins_ldb_init +}; + +int ldb_wins_ldb_module_init(const char *version) +{ + LDB_MODULE_CHECK_VERSION(version); + return ldb_register_module(&ldb_wins_ldb_module_ops); +} diff --git a/source4/nbt_server/wins/winsclient.c b/source4/nbt_server/wins/winsclient.c new file mode 100644 index 0000000..c1e7f9a --- /dev/null +++ b/source4/nbt_server/wins/winsclient.c @@ -0,0 +1,284 @@ +/* + Unix SMB/CIFS implementation. + + wins client name registration and refresh + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsserver.h" +#include "libcli/composite/composite.h" +#include "lib/events/events.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "samba/service_task.h" +#include "param/param.h" + +/* we send WINS client requests using our primary network interface +*/ +static struct nbt_name_socket *wins_socket(struct nbtd_interface *iface) +{ + struct nbtd_server *nbtsrv = iface->nbtsrv; + return nbtsrv->interfaces->nbtsock; +} + + +static void nbtd_wins_refresh(struct tevent_context *ev, struct tevent_timer *te, + struct timeval t, void *private_data); + +/* + retry a WINS name registration +*/ +static void nbtd_wins_register_retry(struct tevent_context *ev, struct tevent_timer *te, + struct timeval t, void *private_data) +{ + struct nbtd_iface_name *iname = talloc_get_type(private_data, struct nbtd_iface_name); + nbtd_winsclient_register(iname); +} + +/* + start a timer to refresh this name +*/ +static void nbtd_wins_start_refresh_timer(struct nbtd_iface_name *iname) +{ + uint32_t refresh_time; + uint32_t max_refresh_time = lpcfg_parm_int(iname->iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "max_refresh_time", 7200); + + refresh_time = MIN(max_refresh_time, iname->ttl/2); + + tevent_add_timer(iname->iface->nbtsrv->task->event_ctx, + iname, + timeval_add(&iname->registration_time, refresh_time, 0), + nbtd_wins_refresh, iname); +} + +struct nbtd_wins_refresh_state { + struct nbtd_iface_name *iname; + struct nbt_name_refresh_wins io; +}; + +/* + called when a wins name refresh has completed +*/ +static void nbtd_wins_refresh_handler(struct tevent_req *subreq) +{ + NTSTATUS status; + struct nbtd_wins_refresh_state *state = + tevent_req_callback_data(subreq, + struct nbtd_wins_refresh_state); + struct nbtd_iface_name *iname = state->iname; + + status = nbt_name_refresh_wins_recv(subreq, state, &state->io); + TALLOC_FREE(subreq); + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + /* our WINS server is dead - start registration over + from scratch */ + DEBUG(2,("Failed to refresh %s with WINS server %s\n", + nbt_name_string(state, &iname->name), iname->wins_server)); + talloc_free(state); + nbtd_winsclient_register(iname); + return; + } + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1,("Name refresh failure with WINS for %s - %s\n", + nbt_name_string(state, &iname->name), nt_errstr(status))); + talloc_free(state); + return; + } + + if (state->io.out.rcode != 0) { + DEBUG(1,("WINS server %s rejected name refresh of %s - %s\n", + state->io.out.wins_server, + nbt_name_string(state, &iname->name), + nt_errstr(nbt_rcode_to_ntstatus(state->io.out.rcode)))); + iname->nb_flags |= NBT_NM_CONFLICT; + talloc_free(state); + return; + } + + DEBUG(4,("Refreshed name %s with WINS server %s\n", + nbt_name_string(state, &iname->name), iname->wins_server)); + /* success - start a periodic name refresh */ + iname->nb_flags |= NBT_NM_ACTIVE; + if (iname->wins_server) { + /* + * talloc_free() would generate a warning, + * so steal it into the tmp context + */ + talloc_steal(state, iname->wins_server); + } + iname->wins_server = talloc_move(iname, &state->io.out.wins_server); + iname->registration_time = timeval_current(); + + talloc_free(state); + + nbtd_wins_start_refresh_timer(iname); +} + + +/* + refresh a WINS name registration +*/ +static void nbtd_wins_refresh(struct tevent_context *ev, struct tevent_timer *te, + struct timeval t, void *private_data) +{ + struct nbtd_iface_name *iname = talloc_get_type(private_data, struct nbtd_iface_name); + struct nbtd_interface *iface = iname->iface; + struct nbt_name_socket *nbtsock = wins_socket(iface); + struct tevent_req *subreq; + struct nbtd_wins_refresh_state *state; + char **l; + + state = talloc_zero(iname, struct nbtd_wins_refresh_state); + if (state == NULL) { + return; + } + + state->iname = iname; + + /* setup a wins name refresh request */ + state->io.in.name = iname->name; + l = str_list_make_single(state, iname->wins_server); + state->io.in.wins_servers = discard_const_p(const char *, l); + state->io.in.wins_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx); + state->io.in.addresses = nbtd_address_list(iface, state); + state->io.in.nb_flags = iname->nb_flags; + state->io.in.ttl = iname->ttl; + + if (!state->io.in.addresses) { + talloc_free(state); + return; + } + + subreq = nbt_name_refresh_wins_send(state, ev, nbtsock, &state->io); + if (subreq == NULL) { + talloc_free(state); + return; + } + + tevent_req_set_callback(subreq, nbtd_wins_refresh_handler, state); +} + +struct nbtd_wins_register_state { + struct nbtd_iface_name *iname; + struct nbt_name_register_wins io; +}; + +/* + called when a wins name register has completed +*/ +static void nbtd_wins_register_handler(struct tevent_req *subreq) +{ + NTSTATUS status; + struct nbtd_wins_register_state *state = + tevent_req_callback_data(subreq, + struct nbtd_wins_register_state); + struct nbtd_iface_name *iname = state->iname; + + status = nbt_name_register_wins_recv(subreq, state, &state->io); + TALLOC_FREE(subreq); + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + /* none of the WINS servers responded - try again + periodically */ + int wins_retry_time = lpcfg_parm_int(iname->iface->nbtsrv->task->lp_ctx, NULL, "nbtd", "wins_retry", 300); + tevent_add_timer(iname->iface->nbtsrv->task->event_ctx, + iname, + timeval_current_ofs(wins_retry_time, 0), + nbtd_wins_register_retry, + iname); + talloc_free(state); + return; + } + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1,("Name register failure with WINS for %s - %s\n", + nbt_name_string(state, &iname->name), nt_errstr(status))); + talloc_free(state); + return; + } + + if (state->io.out.rcode != 0) { + DEBUG(1,("WINS server %s rejected name register of %s - %s\n", + state->io.out.wins_server, + nbt_name_string(state, &iname->name), + nt_errstr(nbt_rcode_to_ntstatus(state->io.out.rcode)))); + iname->nb_flags |= NBT_NM_CONFLICT; + talloc_free(state); + return; + } + + /* success - start a periodic name refresh */ + iname->nb_flags |= NBT_NM_ACTIVE; + if (iname->wins_server) { + /* + * talloc_free() would generate a warning, + * so steal it into the tmp context + */ + talloc_steal(state, iname->wins_server); + } + iname->wins_server = talloc_move(iname, &state->io.out.wins_server); + + iname->registration_time = timeval_current(); + + DEBUG(3,("Registered %s with WINS server %s\n", + nbt_name_string(state, &iname->name), iname->wins_server)); + + talloc_free(state); + + nbtd_wins_start_refresh_timer(iname); +} + +/* + register a name with our WINS servers +*/ +void nbtd_winsclient_register(struct nbtd_iface_name *iname) +{ + struct nbtd_interface *iface = iname->iface; + struct nbt_name_socket *nbtsock = wins_socket(iface); + struct nbtd_wins_register_state *state; + struct tevent_req *subreq; + + state = talloc_zero(iname, struct nbtd_wins_register_state); + if (state == NULL) { + return; + } + + state->iname = iname; + + /* setup a wins name register request */ + state->io.in.name = iname->name; + state->io.in.wins_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx); + state->io.in.wins_servers = lpcfg_wins_server_list(iface->nbtsrv->task->lp_ctx); + state->io.in.addresses = nbtd_address_list(iface, state); + state->io.in.nb_flags = iname->nb_flags; + state->io.in.ttl = iname->ttl; + + if (state->io.in.addresses == NULL) { + talloc_free(state); + return; + } + + subreq = nbt_name_register_wins_send(state, iface->nbtsrv->task->event_ctx, + nbtsock, &state->io); + if (subreq == NULL) { + talloc_free(state); + return; + } + + tevent_req_set_callback(subreq, nbtd_wins_register_handler, state); +} diff --git a/source4/nbt_server/wins/winsdb.c b/source4/nbt_server/wins/winsdb.c new file mode 100644 index 0000000..2a05e96 --- /dev/null +++ b/source4/nbt_server/wins/winsdb.c @@ -0,0 +1,1027 @@ +/* + Unix SMB/CIFS implementation. + + WINS database routines + + Copyright (C) Andrew Tridgell 2005 + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsdb.h" +#include <ldb.h> +#include <ldb_errors.h> +#include "librpc/gen_ndr/ndr_nbt.h" +#include "system/time.h" +#include "ldb_wrap.h" +#include "system/network.h" +#include "lib/socket/netif.h" +#include "param/param.h" +#include "lib/util/smb_strtox.h" + +#undef strcasecmp + +uint64_t winsdb_get_maxVersion(struct winsdb_handle *h) +{ + int ret; + struct ldb_context *ldb = h->ldb; + struct ldb_dn *dn; + struct ldb_result *res = NULL; + TALLOC_CTX *tmp_ctx = talloc_new(ldb); + uint64_t maxVersion = 0; + + dn = ldb_dn_new(tmp_ctx, ldb, "CN=VERSION"); + if (!dn) goto failed; + + /* find the record in the WINS database */ + ret = ldb_search(ldb, tmp_ctx, &res, dn, LDB_SCOPE_BASE, NULL, NULL); + if (ret != LDB_SUCCESS) goto failed; + if (res->count > 1) goto failed; + + if (res->count == 1) { + maxVersion = ldb_msg_find_attr_as_uint64(res->msgs[0], "maxVersion", 0); + } + +failed: + talloc_free(tmp_ctx); + return maxVersion; +} + +/* + if newVersion == 0 return the old maxVersion + 1 and save it + if newVersion > 0 return MAX(oldMaxVersion, newMaxVersion) and save it +*/ +uint64_t winsdb_set_maxVersion(struct winsdb_handle *h, uint64_t newMaxVersion) +{ + int trans; + int ret; + struct ldb_dn *dn; + struct ldb_result *res = NULL; + struct ldb_message *msg = NULL; + struct ldb_context *wins_db = h->ldb; + TALLOC_CTX *tmp_ctx = talloc_new(wins_db); + uint64_t oldMaxVersion = 0; + + trans = ldb_transaction_start(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + dn = ldb_dn_new(tmp_ctx, wins_db, "CN=VERSION"); + if (!dn) goto failed; + + /* find the record in the WINS database */ + ret = ldb_search(wins_db, tmp_ctx, &res, dn, LDB_SCOPE_BASE, NULL, NULL); + if (ret != LDB_SUCCESS) goto failed; + if (res->count > 1) goto failed; + + if (res->count == 1) { + oldMaxVersion = ldb_msg_find_attr_as_uint64(res->msgs[0], "maxVersion", 0); + } + + if (newMaxVersion == 0) { + newMaxVersion = oldMaxVersion + 1; + } else { + newMaxVersion = MAX(oldMaxVersion, newMaxVersion); + } + + msg = ldb_msg_new(tmp_ctx); + if (!msg) goto failed; + msg->dn = dn; + + + ret = ldb_msg_append_string(msg, "objectClass", "winsMaxVersion", + LDB_FLAG_MOD_REPLACE); + if (ret != LDB_SUCCESS) goto failed; + ret = ldb_msg_append_fmt(msg, LDB_FLAG_MOD_REPLACE, + "maxVersion", "%llu", (long long)newMaxVersion); + if (ret != LDB_SUCCESS) goto failed; + + ret = ldb_modify(wins_db, msg); + if (ret != LDB_SUCCESS) ret = ldb_add(wins_db, msg); + if (ret != LDB_SUCCESS) goto failed; + + trans = ldb_transaction_commit(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + talloc_free(tmp_ctx); + return newMaxVersion; + +failed: + if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db); + talloc_free(tmp_ctx); + return 0; +} + +/* + return a DN for a nbt_name +*/ +static struct ldb_dn *winsdb_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, + const struct nbt_name *name) +{ + struct ldb_dn *dn; + + dn = ldb_dn_new_fmt(mem_ctx, ldb, "type=0x%02X", name->type); + if (ldb_dn_is_valid(dn) && name->name && *name->name) { + ldb_dn_add_child_fmt(dn, "name=%s", name->name); + } + if (ldb_dn_is_valid(dn) && name->scope && *name->scope) { + ldb_dn_add_child_fmt(dn, "scope=%s", name->scope); + } + return dn; +} + +static NTSTATUS winsdb_nbt_name(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, struct nbt_name **_name) +{ + NTSTATUS status; + struct nbt_name *name; + unsigned int comp_num; + uint32_t cur = 0; + int error = 0; + + name = talloc(mem_ctx, struct nbt_name); + if (!name) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + + comp_num = ldb_dn_get_comp_num(dn); + + if (comp_num > 3) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + + if (comp_num > cur && strcasecmp("scope", ldb_dn_get_component_name(dn, cur)) == 0) { + name->scope = (const char *)talloc_strdup(name, (char *)ldb_dn_get_component_val(dn, cur)->data); + cur++; + } else { + name->scope = NULL; + } + + if (comp_num > cur && strcasecmp("name", ldb_dn_get_component_name(dn, cur)) == 0) { + name->name = (const char *)talloc_strdup(name, (char *)ldb_dn_get_component_val(dn, cur)->data); + cur++; + } else { + name->name = talloc_strdup(name, ""); + if (!name->name) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + } + + if (comp_num > cur && strcasecmp("type", ldb_dn_get_component_name(dn, cur)) == 0) { + name->type = + smb_strtoul( + (char *)ldb_dn_get_component_val(dn, cur)->data, + NULL, + 0, + &error, + SMB_STR_STANDARD); + if (error != 0) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + cur++; + } else { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + + *_name = name; + return NT_STATUS_OK; +failed: + talloc_free(name); + return status; +} + +/* + decode the winsdb_addr("address") attribute: + "172.31.1.1" or + "172.31.1.1;winsOwner:172.31.9.202;expireTime:20050923032330.0Z;" + are valid records +*/ +static NTSTATUS winsdb_addr_decode(struct winsdb_handle *h, struct winsdb_record *rec, struct ldb_val *val, + TALLOC_CTX *mem_ctx, struct winsdb_addr **_addr) +{ + NTSTATUS status; + struct winsdb_addr *addr; + const char *address; + const char *wins_owner; + const char *expire_time; + char *p; + + addr = talloc(mem_ctx, struct winsdb_addr); + if (!addr) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + + address = (char *)val->data; + + p = strchr(address, ';'); + if (!p) { + /* support old entries, with only the address */ + addr->address = (const char *)talloc_steal(addr, val->data); + addr->wins_owner = talloc_strdup(addr, rec->wins_owner); + if (!addr->wins_owner) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + addr->expire_time = rec->expire_time; + *_addr = addr; + return NT_STATUS_OK; + } + + *p = '\0'; p++; + addr->address = talloc_strdup(addr, address); + if (!addr->address) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + + if (strncmp("winsOwner:", p, 10) != 0) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + wins_owner = p + 10; + p = strchr(wins_owner, ';'); + if (!p) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + + *p = '\0';p++; + if (strcmp(wins_owner, "0.0.0.0") == 0) { + wins_owner = h->local_owner; + } + addr->wins_owner = talloc_strdup(addr, wins_owner); + if (!addr->wins_owner) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + + if (strncmp("expireTime:", p, 11) != 0) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + + expire_time = p + 11; + p = strchr(expire_time, ';'); + if (!p) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + + *p = '\0';p++; + addr->expire_time = ldb_string_to_time(expire_time); + + *_addr = addr; + return NT_STATUS_OK; +failed: + talloc_free(addr); + return status; +} + +/* + encode the winsdb_addr("address") attribute like this: + non-static record: + "172.31.1.1;winsOwner:172.31.9.202;expireTime:20050923032330.0Z;" + static record: + "172.31.1.1" +*/ +static int ldb_msg_add_winsdb_addr(struct ldb_message *msg, struct winsdb_record *rec, + const char *attr_name, struct winsdb_addr *addr) +{ + const char *str; + + if (rec->is_static) { + str = talloc_strdup(msg, addr->address); + if (!str) return LDB_ERR_OPERATIONS_ERROR; + } else { + char *expire_time; + expire_time = ldb_timestring(msg, addr->expire_time); + if (!expire_time) return LDB_ERR_OPERATIONS_ERROR; + str = talloc_asprintf(msg, "%s;winsOwner:%s;expireTime:%s;", + addr->address, addr->wins_owner, + expire_time); + talloc_free(expire_time); + if (!str) return LDB_ERR_OPERATIONS_ERROR; + } + + return ldb_msg_add_string(msg, attr_name, str); +} + +struct winsdb_addr **winsdb_addr_list_make(TALLOC_CTX *mem_ctx) +{ + struct winsdb_addr **addresses; + + addresses = talloc_array(mem_ctx, struct winsdb_addr *, 1); + if (!addresses) return NULL; + + addresses[0] = NULL; + + return addresses; +} + +static int winsdb_addr_sort_list (struct winsdb_addr **p1, struct winsdb_addr **p2, void *opaque) +{ + struct winsdb_addr *a1 = talloc_get_type(*p1, struct winsdb_addr); + struct winsdb_addr *a2 = talloc_get_type(*p2, struct winsdb_addr); + struct winsdb_handle *h= talloc_get_type(opaque, struct winsdb_handle); + bool a1_owned = false; + bool a2_owned = false; + + /* + * first the owned addresses with the newest to the oldest address + * then the replica addresses with the newest to the oldest address + */ + if (a2->expire_time != a1->expire_time) { + return a2->expire_time - a1->expire_time; + } + + if (strcmp(a2->wins_owner, h->local_owner) == 0) { + a2_owned = true; + } + + if (strcmp(a1->wins_owner, h->local_owner) == 0) { + a1_owned = true; + } + + return a2_owned - a1_owned; +} + +struct winsdb_addr **winsdb_addr_list_add(struct winsdb_handle *h, const struct winsdb_record *rec, + struct winsdb_addr **addresses, const char *address, + const char *wins_owner, time_t expire_time, + bool is_name_registration) +{ + struct winsdb_addr *old_addr = NULL; + size_t len = 0; + size_t i; + bool found_old_replica = false; + + /* + * count the addresses and maybe + * find an old entry for the new address + */ + for (i=0; addresses[i]; i++) { + if (old_addr) continue; + if (strcmp(addresses[i]->address, address) == 0) { + old_addr = addresses[i]; + } + } + len = i; + + /* + * the address is already there + * and we can replace it + */ + if (old_addr) { + goto remove_old_addr; + } + + /* + * if we don't have 25 addresses already, + * we can just add the new address + */ + if (len < 25) { + goto add_new_addr; + } + + /* + * if we haven't found the address, + * and we have already have 25 addresses + * if so then we need to do the following: + * - if it isn't a name registration, then just ignore the new address + * - if it is a name registration, then first search for + * the oldest replica and if there's no replica address + * search the oldest owned address + */ + if (!is_name_registration) { + return addresses; + } + + /* + * find the oldest replica address, if there's no replica + * record at all, find the oldest owned address + */ + for (i=0; addresses[i]; i++) { + bool cur_is_replica = false; + /* find out if the current address is a replica */ + if (strcmp(addresses[i]->wins_owner, h->local_owner) != 0) { + cur_is_replica = true; + } + + /* + * if we already found a replica address and the current address + * is not a replica, then skip it + */ + if (found_old_replica && !cur_is_replica) continue; + + /* + * if we found the first replica address, reset the address + * that would be replaced + */ + if (!found_old_replica && cur_is_replica) { + found_old_replica = true; + old_addr = addresses[i]; + continue; + } + + /* + * if the first address isn't a replica, just start with + * the first one + */ + if (!old_addr) { + old_addr = addresses[i]; + continue; + } + + /* + * see if we find an older address + */ + if (addresses[i]->expire_time < old_addr->expire_time) { + old_addr = addresses[i]; + continue; + } + } + +remove_old_addr: + winsdb_addr_list_remove(addresses, old_addr->address); + len --; + +add_new_addr: + addresses = talloc_realloc(addresses, addresses, struct winsdb_addr *, len + 2); + if (!addresses) return NULL; + + addresses[len] = talloc(addresses, struct winsdb_addr); + if (!addresses[len]) { + talloc_free(addresses); + return NULL; + } + + addresses[len]->address = talloc_strdup(addresses[len], address); + if (!addresses[len]->address) { + talloc_free(addresses); + return NULL; + } + + addresses[len]->wins_owner = talloc_strdup(addresses[len], wins_owner); + if (!addresses[len]->wins_owner) { + talloc_free(addresses); + return NULL; + } + + addresses[len]->expire_time = expire_time; + + addresses[len+1] = NULL; + + LDB_TYPESAFE_QSORT(addresses, len+1, h, winsdb_addr_sort_list); + + return addresses; +} + +void winsdb_addr_list_remove(struct winsdb_addr **addresses, const char *address) +{ + size_t i; + + for (i=0; addresses[i]; i++) { + if (strcmp(addresses[i]->address, address) == 0) { + break; + } + } + + for (; addresses[i]; i++) { + addresses[i] = addresses[i+1]; + } + + return; +} + +struct winsdb_addr *winsdb_addr_list_check(struct winsdb_addr **addresses, const char *address) +{ + size_t i; + + for (i=0; addresses[i]; i++) { + if (strcmp(addresses[i]->address, address) == 0) { + return addresses[i]; + } + } + + return NULL; +} + +size_t winsdb_addr_list_length(struct winsdb_addr **addresses) +{ + size_t i; + for (i=0; addresses[i]; i++); + return i; +} + +const char **winsdb_addr_string_list(TALLOC_CTX *mem_ctx, struct winsdb_addr **addresses) +{ + size_t len = winsdb_addr_list_length(addresses); + const char **str_list=NULL; + size_t i; + + for (i=0; i < len; i++) { + str_list = str_list_add(str_list, addresses[i]->address); + if (!str_list[i]) { + return NULL; + } + } + talloc_steal(mem_ctx, str_list); + return str_list; +} + +/* + load a WINS entry from the database +*/ +NTSTATUS winsdb_lookup(struct winsdb_handle *h, + const struct nbt_name *name, + TALLOC_CTX *mem_ctx, + struct winsdb_record **_rec) +{ + NTSTATUS status; + struct ldb_result *res = NULL; + int ret; + struct winsdb_record *rec; + struct ldb_context *wins_db = h->ldb; + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + time_t now = time(NULL); + + /* find the record in the WINS database */ + ret = ldb_search(wins_db, tmp_ctx, &res, + winsdb_dn(tmp_ctx, wins_db, name), + LDB_SCOPE_BASE, NULL, NULL); + + if (ret != LDB_SUCCESS || res->count > 1) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } else if (res->count== 0) { + status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + goto failed; + } + + status = winsdb_record(h, res->msgs[0], tmp_ctx, now, &rec); + if (!NT_STATUS_IS_OK(status)) goto failed; + + talloc_steal(mem_ctx, rec); + talloc_free(tmp_ctx); + *_rec = rec; + return NT_STATUS_OK; + +failed: + talloc_free(tmp_ctx); + return status; +} + +NTSTATUS winsdb_record(struct winsdb_handle *h, struct ldb_message *msg, TALLOC_CTX *mem_ctx, time_t now, struct winsdb_record **_rec) +{ + NTSTATUS status; + struct winsdb_record *rec; + struct ldb_message_element *el; + struct nbt_name *name; + uint32_t i, j, num_values; + + rec = talloc(mem_ctx, struct winsdb_record); + if (rec == NULL) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + + status = winsdb_nbt_name(rec, msg->dn, &name); + if (!NT_STATUS_IS_OK(status)) goto failed; + + if (strlen(name->name) > 15) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + if (name->scope && strlen(name->scope) > 238) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + + /* parse it into a more convenient winsdb_record structure */ + rec->name = name; + rec->type = ldb_msg_find_attr_as_int(msg, "recordType", WREPL_TYPE_UNIQUE); + rec->state = ldb_msg_find_attr_as_int(msg, "recordState", WREPL_STATE_RELEASED); + rec->node = ldb_msg_find_attr_as_int(msg, "nodeType", WREPL_NODE_B); + rec->is_static = ldb_msg_find_attr_as_int(msg, "isStatic", 0); + rec->expire_time = ldb_string_to_time(ldb_msg_find_attr_as_string(msg, "expireTime", NULL)); + rec->version = ldb_msg_find_attr_as_uint64(msg, "versionID", 0); + rec->wins_owner = ldb_msg_find_attr_as_string(msg, "winsOwner", NULL); + rec->registered_by = ldb_msg_find_attr_as_string(msg, "registeredBy", NULL); + talloc_steal(rec, rec->wins_owner); + talloc_steal(rec, rec->registered_by); + + if (!rec->wins_owner || strcmp(rec->wins_owner, "0.0.0.0") == 0) { + rec->wins_owner = h->local_owner; + } + + el = ldb_msg_find_element(msg, "address"); + if (el) { + num_values = el->num_values; + } else { + num_values = 0; + } + + if (rec->type == WREPL_TYPE_UNIQUE || rec->type == WREPL_TYPE_GROUP) { + if (num_values != 1) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + } + if (rec->state == WREPL_STATE_ACTIVE) { + if (num_values < 1) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + } + if (num_values > 25) { + status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto failed; + } + + rec->addresses = talloc_array(rec, struct winsdb_addr *, num_values+1); + if (rec->addresses == NULL) { + status = NT_STATUS_NO_MEMORY; + goto failed; + } + + for (i=0,j=0;i<num_values;i++) { + bool we_are_owner = false; + + status = winsdb_addr_decode(h, rec, &el->values[i], rec->addresses, &rec->addresses[j]); + if (!NT_STATUS_IS_OK(status)) goto failed; + + if (strcmp(rec->addresses[j]->wins_owner, h->local_owner) == 0) { + we_are_owner = true; + } + + /* + * the record isn't static and is active + * then don't add the address if it's expired, + * but only if we're the owner of the address + * + * This is important for SGROUP records, + * because each server thinks he's the owner of the + * record and the record isn't replicated on a + * name_refresh. So addresses owned by another owner + * could expire, but we still need to return them + * (as windows does). + */ + if (!rec->is_static && + rec->addresses[j]->expire_time <= now && + rec->state == WREPL_STATE_ACTIVE && + we_are_owner) { + DEBUG(5,("WINS: expiring name addr %s of %s (expired at %s)\n", + rec->addresses[j]->address, nbt_name_string(rec->addresses[j], rec->name), + timestring(rec->addresses[j], rec->addresses[j]->expire_time))); + talloc_free(rec->addresses[j]); + rec->addresses[j] = NULL; + continue; + } + j++; + } + rec->addresses[j] = NULL; + num_values = j; + + if (rec->is_static && rec->state == WREPL_STATE_ACTIVE) { + rec->expire_time = get_time_t_max(); + for (i=0;rec->addresses[i];i++) { + rec->addresses[i]->expire_time = rec->expire_time; + } + } + + if (rec->state == WREPL_STATE_ACTIVE) { + if (num_values < 1) { + DEBUG(5,("WINS: expiring name %s (because it has no active addresses)\n", + nbt_name_string(mem_ctx, rec->name))); + rec->state = WREPL_STATE_RELEASED; + } + } + + *_rec = rec; + return NT_STATUS_OK; +failed: + if (NT_STATUS_EQUAL(NT_STATUS_INTERNAL_DB_CORRUPTION, status)) { + DEBUG(1,("winsdb_record: corrupted record: %s\n", ldb_dn_get_linearized(msg->dn))); + } + talloc_free(rec); + return status; +} + +/* + form a ldb_message from a winsdb_record +*/ +static struct ldb_message *winsdb_message(struct ldb_context *ldb, + struct winsdb_record *rec, + TALLOC_CTX *mem_ctx) +{ + int i, ret; + size_t addr_count; + const char *expire_time; + struct ldb_message *msg = ldb_msg_new(mem_ctx); + if (msg == NULL) goto failed; + + /* make sure we don't put in corrupted records */ + addr_count = winsdb_addr_list_length(rec->addresses); + if (rec->state == WREPL_STATE_ACTIVE && addr_count == 0) { + rec->state = WREPL_STATE_RELEASED; + } + if (rec->type == WREPL_TYPE_UNIQUE && addr_count > 1) { + rec->type = WREPL_TYPE_MHOMED; + } + + expire_time = ldb_timestring(msg, rec->expire_time); + if (!expire_time) { + goto failed; + } + + msg->dn = winsdb_dn(msg, ldb, rec->name); + if (msg->dn == NULL) goto failed; + ret = ldb_msg_add_fmt(msg, "type", "0x%02X", rec->name->type); + if (rec->name->name && *rec->name->name) { + ret |= ldb_msg_add_string(msg, "name", rec->name->name); + } + if (rec->name->scope && *rec->name->scope) { + ret |= ldb_msg_add_string(msg, "scope", rec->name->scope); + } + ret |= ldb_msg_add_fmt(msg, "objectClass", "winsRecord"); + ret |= ldb_msg_add_fmt(msg, "recordType", "%u", rec->type); + ret |= ldb_msg_add_fmt(msg, "recordState", "%u", rec->state); + ret |= ldb_msg_add_fmt(msg, "nodeType", "%u", rec->node); + ret |= ldb_msg_add_fmt(msg, "isStatic", "%u", rec->is_static); + ret |= ldb_msg_add_empty(msg, "expireTime", 0, NULL); + if (!(rec->is_static && rec->state == WREPL_STATE_ACTIVE)) { + ret |= ldb_msg_add_string(msg, "expireTime", expire_time); + } + ret |= ldb_msg_add_fmt(msg, "versionID", "%llu", (long long)rec->version); + ret |= ldb_msg_add_string(msg, "winsOwner", rec->wins_owner); + ret |= ldb_msg_add_empty(msg, "address", 0, NULL); + for (i=0;rec->addresses[i];i++) { + ret |= ldb_msg_add_winsdb_addr(msg, rec, "address", rec->addresses[i]); + } + if (rec->registered_by) { + ret |= ldb_msg_append_string(msg, "registeredBy", rec->registered_by, 0); + } + if (ret != LDB_SUCCESS) goto failed; + return msg; + +failed: + talloc_free(msg); + return NULL; +} + +/* + save a WINS record into the database +*/ +uint8_t winsdb_add(struct winsdb_handle *h, struct winsdb_record *rec, uint32_t flags) +{ + struct ldb_message *msg; + struct ldb_context *wins_db = h->ldb; + TALLOC_CTX *tmp_ctx = talloc_new(wins_db); + int trans = -1; + int ret; + + trans = ldb_transaction_start(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + if (flags & WINSDB_FLAG_ALLOC_VERSION) { + /* passing '0' means auto-allocate a new one */ + rec->version = winsdb_set_maxVersion(h, 0); + if (rec->version == 0) goto failed; + } + if (flags & WINSDB_FLAG_TAKE_OWNERSHIP) { + rec->wins_owner = h->local_owner; + } + + msg = winsdb_message(wins_db, rec, tmp_ctx); + if (msg == NULL) goto failed; + ret = ldb_add(wins_db, msg); + if (ret != LDB_SUCCESS) goto failed; + + trans = ldb_transaction_commit(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + wins_hook(h, rec, WINS_HOOK_ADD, h->hook_script); + + talloc_free(tmp_ctx); + return NBT_RCODE_OK; + +failed: + if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db); + talloc_free(tmp_ctx); + return NBT_RCODE_SVR; +} + + +/* + modify a WINS record in the database +*/ +uint8_t winsdb_modify(struct winsdb_handle *h, struct winsdb_record *rec, uint32_t flags) +{ + struct ldb_message *msg; + struct ldb_context *wins_db = h->ldb; + TALLOC_CTX *tmp_ctx = talloc_new(wins_db); + int trans; + int ret; + unsigned int i; + + trans = ldb_transaction_start(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + if (flags & WINSDB_FLAG_ALLOC_VERSION) { + /* passing '0' means auto-allocate a new one */ + rec->version = winsdb_set_maxVersion(h, 0); + if (rec->version == 0) goto failed; + } + if (flags & WINSDB_FLAG_TAKE_OWNERSHIP) { + rec->wins_owner = h->local_owner; + } + + msg = winsdb_message(wins_db, rec, tmp_ctx); + if (msg == NULL) goto failed; + + for (i=0;i<msg->num_elements;i++) { + msg->elements[i].flags = LDB_FLAG_MOD_REPLACE; + } + + ret = ldb_modify(wins_db, msg); + if (ret != LDB_SUCCESS) goto failed; + + trans = ldb_transaction_commit(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + wins_hook(h, rec, WINS_HOOK_MODIFY, h->hook_script); + + talloc_free(tmp_ctx); + return NBT_RCODE_OK; + +failed: + if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db); + talloc_free(tmp_ctx); + return NBT_RCODE_SVR; +} + + +/* + delete a WINS record from the database +*/ +uint8_t winsdb_delete(struct winsdb_handle *h, struct winsdb_record *rec) +{ + struct ldb_context *wins_db = h->ldb; + TALLOC_CTX *tmp_ctx = talloc_new(wins_db); + struct ldb_dn *dn; + int trans; + int ret; + + trans = ldb_transaction_start(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + dn = winsdb_dn(tmp_ctx, wins_db, rec->name); + if (dn == NULL) goto failed; + + ret = ldb_delete(wins_db, dn); + if (ret != LDB_SUCCESS) goto failed; + + trans = ldb_transaction_commit(wins_db); + if (trans != LDB_SUCCESS) goto failed; + + wins_hook(h, rec, WINS_HOOK_DELETE, h->hook_script); + + talloc_free(tmp_ctx); + return NBT_RCODE_OK; + +failed: + if (trans == LDB_SUCCESS) ldb_transaction_cancel(wins_db); + talloc_free(tmp_ctx); + return NBT_RCODE_SVR; +} + +static bool winsdb_check_or_add_module_list(struct tevent_context *ev_ctx, + struct loadparm_context *lp_ctx, struct winsdb_handle *h, + const char *wins_path) +{ + int trans; + int ret; + struct ldb_dn *dn; + struct ldb_result *res = NULL; + struct ldb_message *msg = NULL; + TALLOC_CTX *tmp_ctx = talloc_new(h); + unsigned int flags = 0; + + trans = ldb_transaction_start(h->ldb); + if (trans != LDB_SUCCESS) goto failed; + + /* check if we have a special @MODULES record already */ + dn = ldb_dn_new(tmp_ctx, h->ldb, "@MODULES"); + if (!dn) goto failed; + + /* find the record in the WINS database */ + ret = ldb_search(h->ldb, tmp_ctx, &res, dn, LDB_SCOPE_BASE, NULL, NULL); + if (ret != LDB_SUCCESS) goto failed; + + if (res->count > 0) goto skip; + + /* if there's no record, add one */ + msg = ldb_msg_new(tmp_ctx); + if (!msg) goto failed; + msg->dn = dn; + + ret = ldb_msg_add_string(msg, "@LIST", "wins_ldb"); + if (ret != LDB_SUCCESS) goto failed; + + ret = ldb_add(h->ldb, msg); + if (ret != LDB_SUCCESS) goto failed; + + trans = ldb_transaction_commit(h->ldb); + if (trans != LDB_SUCCESS) goto failed; + + /* close and reopen the database, with the modules */ + trans = LDB_ERR_OTHER; + talloc_free(h->ldb); + h->ldb = NULL; + + if (lpcfg_parm_bool(lp_ctx, NULL,"winsdb", "nosync", false)) { + flags |= LDB_FLG_NOSYNC; + } + + h->ldb = ldb_wrap_connect(h, ev_ctx, lp_ctx, wins_path, + NULL, NULL, flags); + if (!h->ldb) goto failed; + + talloc_free(tmp_ctx); + return true; + +skip: + if (trans == LDB_SUCCESS) ldb_transaction_cancel(h->ldb); + talloc_free(tmp_ctx); + return true; + +failed: + if (trans == LDB_SUCCESS) ldb_transaction_cancel(h->ldb); + talloc_free(tmp_ctx); + return false; +} + +struct winsdb_handle *winsdb_connect(TALLOC_CTX *mem_ctx, + struct tevent_context *ev_ctx, + struct loadparm_context *lp_ctx, + const char *owner, + enum winsdb_handle_caller caller) +{ + const struct loadparm_substitution *lp_sub = + lpcfg_noop_substitution(); + struct winsdb_handle *h = NULL; + unsigned int flags = 0; + bool ret; + int ldb_err; + char *wins_path; + + h = talloc_zero(mem_ctx, struct winsdb_handle); + if (!h) return NULL; + + wins_path = lpcfg_state_path(h, lp_ctx, "wins.ldb"); + + if (lpcfg_parm_bool(lp_ctx, NULL,"winsdb", "nosync", false)) { + flags |= LDB_FLG_NOSYNC; + } + + h->ldb = ldb_wrap_connect(h, ev_ctx, lp_ctx, wins_path, + NULL, NULL, flags); + if (!h->ldb) goto failed; + + h->caller = caller; + h->hook_script = lpcfg_wins_hook(lp_ctx, lp_sub, h); + + h->local_owner = talloc_strdup(h, owner); + if (!h->local_owner) goto failed; + + /* make sure the module list is available and used */ + ret = winsdb_check_or_add_module_list(ev_ctx, lp_ctx, h, wins_path); + if (!ret) goto failed; + + ldb_err = ldb_set_opaque(h->ldb, "winsdb_handle", h); + if (ldb_err != LDB_SUCCESS) goto failed; + + return h; +failed: + talloc_free(h); + return NULL; +} + diff --git a/source4/nbt_server/wins/winsdb.h b/source4/nbt_server/wins/winsdb.h new file mode 100644 index 0000000..194bcc0 --- /dev/null +++ b/source4/nbt_server/wins/winsdb.h @@ -0,0 +1,81 @@ +/* + Unix SMB/CIFS implementation. + + WINS server structures + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#define WINSDB_FLAG_ALLOC_VERSION (1<<0) +#define WINSDB_FLAG_TAKE_OWNERSHIP (1<<1) + +struct winsdb_addr { + const char *address; + const char *wins_owner; + time_t expire_time; +}; + +/* + each record in the database contains the following information +*/ +struct winsdb_record { + struct nbt_name *name; + enum wrepl_name_type type; + enum wrepl_name_state state; + enum wrepl_name_node node; + bool is_static; + time_t expire_time; + uint64_t version; + const char *wins_owner; + struct winsdb_addr **addresses; + + /* only needed for debugging problems */ + const char *registered_by; +}; + +enum winsdb_handle_caller { + WINSDB_HANDLE_CALLER_ADMIN = 0, + WINSDB_HANDLE_CALLER_NBTD = 1, + WINSDB_HANDLE_CALLER_WREPL = 2 +}; + +struct winsdb_handle { + /* wins server database handle */ + struct ldb_context *ldb; + + /* + * the type of the caller, as we pass this to the + * 'wins_ldb' ldb module can decide if it needs to verify the + * the records before they're written to disk + */ + enum winsdb_handle_caller caller; + + /* local owner address */ + const char *local_owner; + + /* wins hook script */ + const char *hook_script; +}; + +enum wins_hook_action { + WINS_HOOK_ADD = 0, + WINS_HOOK_MODIFY = 1, + WINS_HOOK_DELETE = 2 +}; + +struct ldb_message; +struct tevent_context; +#include "nbt_server/wins/winsdb_proto.h" diff --git a/source4/nbt_server/wins/winsserver.c b/source4/nbt_server/wins/winsserver.c new file mode 100644 index 0000000..a9f3ecd --- /dev/null +++ b/source4/nbt_server/wins/winsserver.c @@ -0,0 +1,1074 @@ +/* + Unix SMB/CIFS implementation. + + core wins server handling + + Copyright (C) Andrew Tridgell 2005 + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/util/dlinklist.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsdb.h" +#include "nbt_server/wins/winsserver.h" +#include "librpc/gen_ndr/ndr_nbt.h" +#include "system/time.h" +#include "libcli/composite/composite.h" +#include "samba/service_task.h" +#include "system/network.h" +#include "lib/socket/socket.h" +#include "lib/socket/netif.h" +#include <ldb.h> +#include "param/param.h" +#include "libcli/resolve/resolve.h" +#include "lib/util/util_net.h" + +/* + work out the ttl we will use given a client requested ttl +*/ +uint32_t wins_server_ttl(struct wins_server *winssrv, uint32_t ttl) +{ + ttl = MIN(ttl, winssrv->config.max_renew_interval); + ttl = MAX(ttl, winssrv->config.min_renew_interval); + return ttl; +} + +static enum wrepl_name_type wrepl_type(uint16_t nb_flags, struct nbt_name *name, bool mhomed) +{ + /* this copes with the nasty hack that is the type 0x1c name */ + if (name->type == NBT_NAME_LOGON) { + return WREPL_TYPE_SGROUP; + } + if (nb_flags & NBT_NM_GROUP) { + return WREPL_TYPE_GROUP; + } + if (mhomed) { + return WREPL_TYPE_MHOMED; + } + return WREPL_TYPE_UNIQUE; +} + +/* + register a new name with WINS +*/ +static uint8_t wins_register_new(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + const struct socket_address *src, + enum wrepl_name_type type) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + struct nbt_name *name = &packet->questions[0].name; + uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl); + uint16_t nb_flags = packet->additional[0].rdata.netbios.addresses[0].nb_flags; + const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr; + struct winsdb_record rec; + enum wrepl_name_node node; + +#define WREPL_NODE_NBT_FLAGS(nb_flags) \ + ((nb_flags & NBT_NM_OWNER_TYPE)>>13) + + node = WREPL_NODE_NBT_FLAGS(nb_flags); + + rec.name = name; + rec.type = type; + rec.state = WREPL_STATE_ACTIVE; + rec.node = node; + rec.is_static = false; + rec.expire_time = time(NULL) + ttl; + rec.version = 0; /* will be allocated later */ + rec.wins_owner = NULL; /* will be set later */ + rec.registered_by = src->addr; + rec.addresses = winsdb_addr_list_make(packet); + if (rec.addresses == NULL) return NBT_RCODE_SVR; + + rec.addresses = winsdb_addr_list_add(winssrv->wins_db, + &rec, rec.addresses, + address, + winssrv->wins_db->local_owner, + rec.expire_time, + true); + if (rec.addresses == NULL) return NBT_RCODE_SVR; + + DEBUG(4,("WINS: accepted registration of %s with address %s\n", + nbt_name_string(packet, name), rec.addresses[0]->address)); + + return winsdb_add(winssrv->wins_db, &rec, WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP); +} + + +/* + update the ttl on an existing record +*/ +static uint8_t wins_update_ttl(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct winsdb_record *rec, + struct winsdb_addr *winsdb_addr, + const struct socket_address *src) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl); + const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr; + uint32_t modify_flags = 0; + + rec->expire_time = time(NULL) + ttl; + rec->registered_by = src->addr; + + if (winsdb_addr) { + rec->addresses = winsdb_addr_list_add(winssrv->wins_db, + rec, rec->addresses, + winsdb_addr->address, + winssrv->wins_db->local_owner, + rec->expire_time, + true); + if (rec->addresses == NULL) return NBT_RCODE_SVR; + } + + if (strcmp(winssrv->wins_db->local_owner, rec->wins_owner) != 0) { + modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP; + } + + DEBUG(5,("WINS: refreshed registration of %s at %s\n", + nbt_name_string(packet, rec->name), address)); + + return winsdb_modify(winssrv->wins_db, rec, modify_flags); +} + +/* + do a sgroup merge +*/ +static uint8_t wins_sgroup_merge(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct winsdb_record *rec, + const char *address, + const struct socket_address *src) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl); + + rec->expire_time = time(NULL) + ttl; + rec->registered_by = src->addr; + + rec->addresses = winsdb_addr_list_add(winssrv->wins_db, + rec, rec->addresses, + address, + winssrv->wins_db->local_owner, + rec->expire_time, + true); + if (rec->addresses == NULL) return NBT_RCODE_SVR; + + DEBUG(5,("WINS: sgroup merge of %s at %s\n", + nbt_name_string(packet, rec->name), address)); + + return winsdb_modify(winssrv->wins_db, rec, WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP); +} + +struct nbtd_wins_wack_state { + struct nbtd_wins_wack_state *prev, *next; + struct wins_server *winssrv; + struct nbt_name_socket *nbtsock; + struct nbtd_interface *iface; + struct nbt_name_packet *request_packet; + struct winsdb_record *rec; + struct socket_address *src; + const char *reg_address; + enum wrepl_name_type new_type; + struct wins_challenge_io io; + NTSTATUS status; +}; + +static int nbtd_wins_wack_state_destructor(struct nbtd_wins_wack_state *s) +{ + DLIST_REMOVE(s->iface->wack_queue, s); + return 0; +} + +static bool wins_check_wack_queue(struct nbtd_interface *iface, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbtd_wins_wack_state *s; + + for (s= iface->wack_queue; s; s = s->next) { + if (packet->name_trn_id != s->request_packet->name_trn_id) { + continue; + } + if (packet->operation != s->request_packet->operation) { + continue; + } + if (src->port != s->src->port) { + continue; + } + if (strcmp(src->addr, s->src->addr) != 0) { + continue; + } + + return true; + } + + return false; +} + +/* + deny a registration request +*/ +static void wins_wack_deny(struct nbtd_wins_wack_state *s) +{ + nbtd_name_registration_reply(s->nbtsock, s->request_packet, + s->src, NBT_RCODE_ACT); + DEBUG(4,("WINS: denied name registration request for %s from %s:%d\n", + nbt_name_string(s, s->rec->name), s->src->addr, s->src->port)); + talloc_free(s); +} + +/* + allow a registration request +*/ +static void wins_wack_allow(struct nbtd_wins_wack_state *s) +{ + NTSTATUS status; + uint32_t ttl = wins_server_ttl(s->winssrv, s->request_packet->additional[0].ttl); + struct winsdb_record *rec = s->rec, *rec2; + uint32_t i,j; + + status = winsdb_lookup(s->winssrv->wins_db, rec->name, s, &rec2); + if (!NT_STATUS_IS_OK(status) || + rec2->version != rec->version || + strcmp(rec2->wins_owner, rec->wins_owner) != 0) { + DEBUG(5,("WINS: record %s changed during WACK - failing registration\n", + nbt_name_string(s, rec->name))); + wins_wack_deny(s); + return; + } + + /* + * if the old name owner doesn't hold the name anymore + * handle the request as new registration for the new name owner + */ + if (!NT_STATUS_IS_OK(s->status)) { + uint8_t rcode; + + winsdb_delete(s->winssrv->wins_db, rec); + rcode = wins_register_new(s->nbtsock, s->request_packet, s->src, s->new_type); + if (rcode != NBT_RCODE_OK) { + DEBUG(1,("WINS: record %s failed to register as new during WACK\n", + nbt_name_string(s, rec->name))); + wins_wack_deny(s); + return; + } + goto done; + } + + rec->expire_time = time(NULL) + ttl; + rec->registered_by = s->src->addr; + + /* + * now remove all addresses that the client doesn't hold anymore + * and update the time stamp and owner for the ones that are still there + */ + for (i=0; rec->addresses[i]; i++) { + bool found = false; + for (j=0; j < s->io.out.num_addresses; j++) { + if (strcmp(rec->addresses[i]->address, s->io.out.addresses[j]) != 0) continue; + + found = true; + break; + } + if (found) { + rec->addresses = winsdb_addr_list_add(s->winssrv->wins_db, + rec, rec->addresses, + s->reg_address, + s->winssrv->wins_db->local_owner, + rec->expire_time, + true); + if (rec->addresses == NULL) goto failed; + continue; + } + + winsdb_addr_list_remove(rec->addresses, rec->addresses[i]->address); + } + + rec->addresses = winsdb_addr_list_add(s->winssrv->wins_db, + rec, rec->addresses, + s->reg_address, + s->winssrv->wins_db->local_owner, + rec->expire_time, + true); + if (rec->addresses == NULL) goto failed; + + /* if we have more than one address, this becomes implicit a MHOMED record */ + if (winsdb_addr_list_length(rec->addresses) > 1) { + rec->type = WREPL_TYPE_MHOMED; + } + + winsdb_modify(s->winssrv->wins_db, rec, WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP); + + DEBUG(4,("WINS: accepted registration of %s with address %s\n", + nbt_name_string(s, rec->name), s->reg_address)); + +done: + nbtd_name_registration_reply(s->nbtsock, s->request_packet, + s->src, NBT_RCODE_OK); +failed: + talloc_free(s); +} + +/* + called when a name query to a current owner completes +*/ +static void wack_wins_challenge_handler(struct composite_context *c_req) +{ + struct nbtd_wins_wack_state *s = talloc_get_type(c_req->async.private_data, + struct nbtd_wins_wack_state); + bool found; + uint32_t i; + + s->status = wins_challenge_recv(c_req, s, &s->io); + + /* + * if the owner denies it holds the name, then allow + * the registration + */ + if (!NT_STATUS_IS_OK(s->status)) { + wins_wack_allow(s); + return; + } + + if (s->new_type == WREPL_TYPE_GROUP || s->new_type == WREPL_TYPE_SGROUP) { + DEBUG(1,("WINS: record %s failed to register as group type(%u) during WACK, it's still type(%u)\n", + nbt_name_string(s, s->rec->name), s->new_type, s->rec->type)); + wins_wack_deny(s); + return; + } + + /* + * if the owner still wants the name and doesn't reply + * with the address trying to be registered, then deny + * the registration + */ + found = false; + for (i=0; i < s->io.out.num_addresses; i++) { + if (strcmp(s->reg_address, s->io.out.addresses[i]) != 0) continue; + + found = true; + break; + } + if (!found) { + wins_wack_deny(s); + return; + } + + wins_wack_allow(s); + return; +} + + +/* + a client has asked to register a unique name that someone else owns. We + need to ask each of the current owners if they still want it. If they do + then reject the registration, otherwise allow it +*/ +static void wins_register_wack(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct winsdb_record *rec, + struct socket_address *src, + enum wrepl_name_type new_type) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + struct nbtd_wins_wack_state *s; + struct composite_context *c_req; + uint32_t ttl; + + s = talloc_zero(nbtsock, struct nbtd_wins_wack_state); + if (s == NULL) goto failed; + + /* package up the state variables for this wack request */ + s->winssrv = winssrv; + s->nbtsock = nbtsock; + s->iface = iface; + s->request_packet = talloc_steal(s, packet); + s->rec = talloc_steal(s, rec); + s->reg_address = packet->additional[0].rdata.netbios.addresses[0].ipaddr; + s->new_type = new_type; + s->src = socket_address_copy(s, src); + if (s->src == NULL) goto failed; + + s->io.in.nbtd_server = iface->nbtsrv; + s->io.in.nbt_port = lpcfg_nbt_port(iface->nbtsrv->task->lp_ctx); + s->io.in.event_ctx = iface->nbtsrv->task->event_ctx; + s->io.in.name = rec->name; + s->io.in.num_addresses = winsdb_addr_list_length(rec->addresses); + s->io.in.addresses = winsdb_addr_string_list(s, rec->addresses); + if (s->io.in.addresses == NULL) goto failed; + + DLIST_ADD_END(iface->wack_queue, s); + + talloc_set_destructor(s, nbtd_wins_wack_state_destructor); + + /* + * send a WACK to the client, specifying the maximum time it could + * take to check with the owner, plus some slack + */ + ttl = 5 + 4 * winsdb_addr_list_length(rec->addresses); + nbtd_wack_reply(nbtsock, packet, src, ttl); + + /* + * send the challenge to the old addresses + */ + c_req = wins_challenge_send(s, &s->io); + if (c_req == NULL) goto failed; + + c_req->async.fn = wack_wins_challenge_handler; + c_req->async.private_data = s; + return; + +failed: + talloc_free(s); + nbtd_name_registration_reply(nbtsock, packet, src, NBT_RCODE_SVR); +} + +/* + register a name +*/ +static void nbtd_winsserver_register(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + NTSTATUS status; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + struct nbt_name *name = &packet->questions[0].name; + struct winsdb_record *rec; + uint8_t rcode = NBT_RCODE_OK; + uint16_t nb_flags = packet->additional[0].rdata.netbios.addresses[0].nb_flags; + const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr; + bool mhomed = ((packet->operation & NBT_OPCODE) == NBT_OPCODE_MULTI_HOME_REG); + enum wrepl_name_type new_type = wrepl_type(nb_flags, name, mhomed); + struct winsdb_addr *winsdb_addr = NULL; + bool duplicate_packet; + + /* + * as a special case, the local master browser name is always accepted + * for registration, but never stored, but w2k3 stores it if it's registered + * as a group name, (but a query for the 0x1D name still returns not found!) + */ + if (name->type == NBT_NAME_MASTER && !(nb_flags & NBT_NM_GROUP)) { + rcode = NBT_RCODE_OK; + goto done; + } + + /* w2k3 refuses 0x1B names with marked as group */ + if (name->type == NBT_NAME_PDC && (nb_flags & NBT_NM_GROUP)) { + rcode = NBT_RCODE_RFS; + goto done; + } + + /* w2k3 refuses 0x1C names with out marked as group */ + if (name->type == NBT_NAME_LOGON && !(nb_flags & NBT_NM_GROUP)) { + rcode = NBT_RCODE_RFS; + goto done; + } + + /* w2k3 refuses 0x1E names with out marked as group */ + if (name->type == NBT_NAME_BROWSER && !(nb_flags & NBT_NM_GROUP)) { + rcode = NBT_RCODE_RFS; + goto done; + } + + if (name->scope && strlen(name->scope) > 237) { + rcode = NBT_RCODE_SVR; + goto done; + } + + duplicate_packet = wins_check_wack_queue(iface, packet, src); + if (duplicate_packet) { + /* just ignore the packet */ + DEBUG(5,("Ignoring duplicate packet while WACK is pending from %s:%d\n", + src->addr, src->port)); + return; + } + + status = winsdb_lookup(winssrv->wins_db, name, packet, &rec); + if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) { + rcode = wins_register_new(nbtsock, packet, src, new_type); + goto done; + } else if (!NT_STATUS_IS_OK(status)) { + rcode = NBT_RCODE_SVR; + goto done; + } else if (rec->is_static) { + if (rec->type == WREPL_TYPE_GROUP || rec->type == WREPL_TYPE_SGROUP) { + rcode = NBT_RCODE_OK; + goto done; + } + rcode = NBT_RCODE_ACT; + goto done; + } + + if (rec->type == WREPL_TYPE_GROUP) { + if (new_type != WREPL_TYPE_GROUP) { + DEBUG(2,("WINS: Attempt to register name %s as non normal group(%u)" + " while a normal group is already there\n", + nbt_name_string(packet, name), new_type)); + rcode = NBT_RCODE_ACT; + goto done; + } + + if (rec->state == WREPL_STATE_ACTIVE) { + /* TODO: is this correct? */ + rcode = wins_update_ttl(nbtsock, packet, rec, NULL, src); + goto done; + } + + /* TODO: is this correct? */ + winsdb_delete(winssrv->wins_db, rec); + rcode = wins_register_new(nbtsock, packet, src, new_type); + goto done; + } + + if (rec->state != WREPL_STATE_ACTIVE) { + winsdb_delete(winssrv->wins_db, rec); + rcode = wins_register_new(nbtsock, packet, src, new_type); + goto done; + } + + switch (rec->type) { + case WREPL_TYPE_UNIQUE: + case WREPL_TYPE_MHOMED: + /* + * if its an active unique name, and the registration is for a group, then + * see if the unique name owner still wants the name + * TODO: is this correct? + */ + if (new_type == WREPL_TYPE_GROUP || new_type == WREPL_TYPE_GROUP) { + wins_register_wack(nbtsock, packet, rec, src, new_type); + return; + } + + /* + * if the registration is for an address that is currently active, then + * just update the expiry time of the record and the address + */ + winsdb_addr = winsdb_addr_list_check(rec->addresses, address); + if (winsdb_addr) { + rcode = wins_update_ttl(nbtsock, packet, rec, winsdb_addr, src); + goto done; + } + + /* + * we have to do a WACK to see if the current owner is willing + * to give up its claim + */ + wins_register_wack(nbtsock, packet, rec, src, new_type); + return; + + case WREPL_TYPE_GROUP: + /* this should not be reached as normal groups are handled above */ + DEBUG(0,("BUG at %s\n",__location__)); + rcode = NBT_RCODE_ACT; + goto done; + + case WREPL_TYPE_SGROUP: + /* if the new record isn't also a special group, refuse the registration */ + if (new_type != WREPL_TYPE_SGROUP) { + DEBUG(2,("WINS: Attempt to register name %s as non special group(%u)" + " while a special group is already there\n", + nbt_name_string(packet, name), new_type)); + rcode = NBT_RCODE_ACT; + goto done; + } + + /* + * if the registration is for an address that is currently active, then + * just update the expiry time of the record and the address + */ + winsdb_addr = winsdb_addr_list_check(rec->addresses, address); + if (winsdb_addr) { + rcode = wins_update_ttl(nbtsock, packet, rec, winsdb_addr, src); + goto done; + } + + rcode = wins_sgroup_merge(nbtsock, packet, rec, address, src); + goto done; + } + +done: + nbtd_name_registration_reply(nbtsock, packet, src, rcode); +} + +static uint32_t ipv4_match_bits(struct in_addr ip1, struct in_addr ip2) +{ + uint32_t i, j, match=0; + uint8_t *p1, *p2; + + p1 = (uint8_t *)&ip1.s_addr; + p2 = (uint8_t *)&ip2.s_addr; + + for (i=0; i<4; i++) { + if (p1[i] != p2[i]) break; + match += 8; + } + + if (i==4) return match; + + for (j=0; j<8; j++) { + if ((p1[i] & (1<<(7-j))) != (p2[i] & (1<<(7-j)))) + break; + match++; + } + + return match; +} + +static int nbtd_wins_randomize1Clist_sort(void *p1,/* (const char **) */ + void *p2,/* (const char **) */ + struct socket_address *src) +{ + const char *a1 = (const char *)*(const char **)p1; + const char *a2 = (const char *)*(const char **)p2; + uint32_t match_bits1; + uint32_t match_bits2; + + match_bits1 = ipv4_match_bits(interpret_addr2(a1), interpret_addr2(src->addr)); + match_bits2 = ipv4_match_bits(interpret_addr2(a2), interpret_addr2(src->addr)); + + return match_bits2 - match_bits1; +} + +static void nbtd_wins_randomize1Clist(struct loadparm_context *lp_ctx, + const char **addresses, struct socket_address *src) +{ + const char *mask; + const char *tmp; + uint32_t num_addrs; + uint32_t idx, sidx; + int r; + + for (num_addrs=0; addresses[num_addrs]; num_addrs++) { /* noop */ } + + if (num_addrs <= 1) return; /* nothing to do */ + + /* first sort the addresses depending on the matching to the client */ + LDB_TYPESAFE_QSORT(addresses, num_addrs, src, nbtd_wins_randomize1Clist_sort); + + mask = lpcfg_parm_string(lp_ctx, NULL, "nbtd", "wins_randomize1Clist_mask"); + if (!mask) { + mask = "255.255.255.0"; + } + + /* + * choose a random address to be the first in the response to the client, + * prefer the addresses inside the nbtd:wins_randomize1Clist_mask netmask + */ + r = random(); + idx = sidx = r % num_addrs; + + while (1) { + bool same; + + /* if the current one is in the same subnet, use it */ + same = iface_list_same_net(addresses[idx], src->addr, mask); + if (same) { + sidx = idx; + break; + } + + /* we need to check for idx == 0, after checking for the same net */ + if (idx == 0) break; + /* + * if we haven't found an address in the same subnet, search in ones + * which match the client more + * + * some notes: + * + * it's not "idx = idx % r" but "idx = r % idx" + * because in "a % b" b is the allowed range + * and b-1 is the maximum possible result, so it must be decreasing + * and the above idx == 0 check breaks the while(1) loop. + */ + idx = r % idx; + } + + /* note sidx == 0 is also valid here ... */ + tmp = addresses[0]; + addresses[0] = addresses[sidx]; + addresses[sidx] = tmp; +} + +/* + query a name +*/ +static void nbtd_winsserver_query(struct loadparm_context *lp_ctx, + struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + NTSTATUS status; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + struct nbt_name *name = &packet->questions[0].name; + struct winsdb_record *rec; + struct winsdb_record *rec_1b = NULL; + const char **addresses; + const char **addresses_1b = NULL; + uint16_t nb_flags = 0; + + if (name->type == NBT_NAME_MASTER) { + goto notfound; + } + + /* + * w2k3 returns the first address of the 0x1B record as first address + * to a 0x1C query + * + * since Windows 2000 Service Pack 2 there's on option to trigger this behavior: + * + * HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\WINS\Parameters\Prepend1BTo1CQueries + * Typ: Daten REG_DWORD + * Value: 0 = deactivated, 1 = activated + */ + if (name->type == NBT_NAME_LOGON && + lpcfg_parm_bool(lp_ctx, NULL, "nbtd", "wins_prepend1Bto1Cqueries", true)) { + struct nbt_name name_1b; + + name_1b = *name; + name_1b.type = NBT_NAME_PDC; + + status = winsdb_lookup(winssrv->wins_db, &name_1b, packet, &rec_1b); + if (NT_STATUS_IS_OK(status)) { + addresses_1b = winsdb_addr_string_list(packet, rec_1b->addresses); + } + } + + status = winsdb_lookup(winssrv->wins_db, name, packet, &rec); + if (!NT_STATUS_IS_OK(status)) { + if (!lpcfg_wins_dns_proxy(lp_ctx)) { + goto notfound; + } + + if (name->type != NBT_NAME_CLIENT && name->type != NBT_NAME_SERVER) { + goto notfound; + } + + nbtd_wins_dns_proxy_query(nbtsock, packet, src); + return; + } + + /* + * for group's we always reply with + * 255.255.255.255 as address, even if + * the record is released or tombstoned + */ + if (rec->type == WREPL_TYPE_GROUP) { + addresses = str_list_add(NULL, "255.255.255.255"); + talloc_steal(packet, addresses); + if (!addresses) { + goto notfound; + } + nb_flags |= NBT_NM_GROUP; + goto found; + } + + if (rec->state != WREPL_STATE_ACTIVE) { + goto notfound; + } + + addresses = winsdb_addr_string_list(packet, rec->addresses); + if (!addresses) { + goto notfound; + } + + /* + * if addresses_1b isn't NULL, we have a 0x1C query and need to return the + * first 0x1B address as first address + */ + if (addresses_1b && addresses_1b[0]) { + const char **addresses_1c = addresses; + uint32_t i; + uint32_t num_addrs; + + addresses = str_list_add(NULL, addresses_1b[0]); + if (!addresses) { + goto notfound; + } + talloc_steal(packet, addresses); + num_addrs = 1; + + for (i=0; addresses_1c[i]; i++) { + if (strcmp(addresses_1b[0], addresses_1c[i]) == 0) continue; + + /* + * stop when we already have 25 addresses + */ + if (num_addrs >= 25) break; + + num_addrs++; + addresses = str_list_add(addresses, addresses_1c[i]); + if (!addresses) { + goto notfound; + } + } + } + + if (rec->type == WREPL_TYPE_SGROUP) { + nb_flags |= NBT_NM_GROUP; + } else { + nb_flags |= (rec->node <<13); + } + + /* + * since Windows 2000 Service Pack 2 there's on option to trigger this behavior: + * + * HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\WINS\Parameters\Randomize1CList + * Typ: Daten REG_DWORD + * Value: 0 = deactivated, 1 = activated + */ + if (name->type == NBT_NAME_LOGON && + lpcfg_parm_bool(lp_ctx, NULL, "nbtd", "wins_randomize1Clist", false)) { + nbtd_wins_randomize1Clist(lp_ctx, addresses, src); + } + +found: + nbtd_name_query_reply(nbtsock, packet, src, name, + 0, nb_flags, addresses); + return; + +notfound: + nbtd_negative_name_query_reply(nbtsock, packet, src); +} + +/* + release a name +*/ +static void nbtd_winsserver_release(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + NTSTATUS status; + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + struct nbt_name *name = &packet->questions[0].name; + struct winsdb_record *rec; + uint32_t modify_flags = 0; + uint8_t ret; + + if (name->type == NBT_NAME_MASTER) { + goto done; + } + + if (name->scope && strlen(name->scope) > 237) { + goto done; + } + + status = winsdb_lookup(winssrv->wins_db, name, packet, &rec); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (rec->is_static) { + if (rec->type == WREPL_TYPE_UNIQUE || rec->type == WREPL_TYPE_MHOMED) { + goto done; + } + nbtd_name_release_reply(nbtsock, packet, src, NBT_RCODE_ACT); + return; + } + + if (rec->state != WREPL_STATE_ACTIVE) { + goto done; + } + + /* + * TODO: do we need to check if + * src->addr matches packet->additional[0].rdata.netbios.addresses[0].ipaddr + * here? + */ + + /* + * we only allow releases from an owner - other releases are + * silently ignored + */ + if (!winsdb_addr_list_check(rec->addresses, src->addr)) { + int i; + DEBUG(4,("WINS: silently ignoring attempted name release on %s from %s\n", nbt_name_string(rec, rec->name), src->addr)); + DEBUGADD(4, ("Registered Addresses: \n")); + for (i=0; rec->addresses && rec->addresses[i]; i++) { + DEBUGADD(4, ("%s\n", rec->addresses[i]->address)); + } + goto done; + } + + DEBUG(4,("WINS: released name %s from %s\n", nbt_name_string(rec, rec->name), src->addr)); + + switch (rec->type) { + case WREPL_TYPE_UNIQUE: + rec->state = WREPL_STATE_RELEASED; + break; + + case WREPL_TYPE_GROUP: + rec->state = WREPL_STATE_RELEASED; + break; + + case WREPL_TYPE_SGROUP: + winsdb_addr_list_remove(rec->addresses, src->addr); + /* TODO: do we need to take the ownership here? */ + if (winsdb_addr_list_length(rec->addresses) == 0) { + rec->state = WREPL_STATE_RELEASED; + } + break; + + case WREPL_TYPE_MHOMED: + winsdb_addr_list_remove(rec->addresses, src->addr); + /* TODO: do we need to take the ownership here? */ + if (winsdb_addr_list_length(rec->addresses) == 0) { + rec->state = WREPL_STATE_RELEASED; + } + break; + } + + if (rec->state == WREPL_STATE_ACTIVE) { + /* + * If the record is still active, we need to update the + * expire_time. + * + * if we're not the owner, we need to take the ownership. + */ + rec->expire_time= time(NULL) + winssrv->config.max_renew_interval; + if (strcmp(rec->wins_owner, winssrv->wins_db->local_owner) != 0) { + modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP; + } + if (lpcfg_parm_bool(iface->nbtsrv->task->lp_ctx, NULL, "wreplsrv", "propagate name releases", false)) { + /* + * We have an option to propagate every name release, + * this is off by default to match windows servers + */ + modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP; + } + } else if (rec->state == WREPL_STATE_RELEASED) { + /* + * if we're not the owner, we need to take the owner ship + * and make the record tombstone, but expire after + * tombstone_interval + tombstone_timeout and not only after tombstone_timeout + * like for normal tombstone records. + * This is to replicate the record directly to the original owner, + * where the record is still active + */ + if (strcmp(rec->wins_owner, winssrv->wins_db->local_owner) == 0) { + rec->expire_time= time(NULL) + winssrv->config.tombstone_interval; + } else { + rec->state = WREPL_STATE_TOMBSTONE; + rec->expire_time= time(NULL) + + winssrv->config.tombstone_interval + + winssrv->config.tombstone_timeout; + modify_flags = WINSDB_FLAG_ALLOC_VERSION | WINSDB_FLAG_TAKE_OWNERSHIP; + } + } + + ret = winsdb_modify(winssrv->wins_db, rec, modify_flags); + if (ret != NBT_RCODE_OK) { + DEBUG(1,("WINS: FAILED: released name %s at %s: error:%u\n", + nbt_name_string(rec, rec->name), src->addr, ret)); + } +done: + /* we match w2k3 by always giving a positive reply to name releases. */ + nbtd_name_release_reply(nbtsock, packet, src, NBT_RCODE_OK); +} + + +/* + answer a name query +*/ +void nbtd_winsserver_request(struct nbt_name_socket *nbtsock, + struct nbt_name_packet *packet, + struct socket_address *src) +{ + struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private_data, + struct nbtd_interface); + struct wins_server *winssrv = iface->nbtsrv->winssrv; + if ((packet->operation & NBT_FLAG_BROADCAST) || winssrv == NULL) { + return; + } + + switch (packet->operation & NBT_OPCODE) { + case NBT_OPCODE_QUERY: + nbtd_winsserver_query(iface->nbtsrv->task->lp_ctx, nbtsock, packet, src); + break; + + case NBT_OPCODE_REGISTER: + case NBT_OPCODE_REFRESH: + case NBT_OPCODE_REFRESH2: + case NBT_OPCODE_MULTI_HOME_REG: + nbtd_winsserver_register(nbtsock, packet, src); + break; + + case NBT_OPCODE_RELEASE: + nbtd_winsserver_release(nbtsock, packet, src); + break; + } + +} + +/* + startup the WINS server, if configured +*/ +NTSTATUS nbtd_winsserver_init(struct nbtd_server *nbtsrv) +{ + uint32_t tmp; + const char *owner; + + if (!lpcfg_we_are_a_wins_server(nbtsrv->task->lp_ctx)) { + nbtsrv->winssrv = NULL; + return NT_STATUS_OK; + } + + nbtsrv->winssrv = talloc_zero(nbtsrv, struct wins_server); + NT_STATUS_HAVE_NO_MEMORY(nbtsrv->winssrv); + + nbtsrv->winssrv->config.max_renew_interval = lpcfg_max_wins_ttl(nbtsrv->task->lp_ctx); + nbtsrv->winssrv->config.min_renew_interval = lpcfg_min_wins_ttl(nbtsrv->task->lp_ctx); + tmp = lpcfg_parm_int(nbtsrv->task->lp_ctx, NULL, "wreplsrv", "tombstone_interval", 6*24*60*60); + nbtsrv->winssrv->config.tombstone_interval = tmp; + tmp = lpcfg_parm_int(nbtsrv->task->lp_ctx, NULL, "wreplsrv"," tombstone_timeout", 1*24*60*60); + nbtsrv->winssrv->config.tombstone_timeout = tmp; + + owner = lpcfg_parm_string(nbtsrv->task->lp_ctx, NULL, "winsdb", "local_owner"); + + if (owner == NULL) { + struct interface *ifaces; + load_interface_list(nbtsrv->task, nbtsrv->task->lp_ctx, &ifaces); + owner = iface_list_first_v4(ifaces); + } + + nbtsrv->winssrv->wins_db = winsdb_connect(nbtsrv->winssrv, nbtsrv->task->event_ctx, + nbtsrv->task->lp_ctx, + owner, WINSDB_HANDLE_CALLER_NBTD); + if (!nbtsrv->winssrv->wins_db) { + return NT_STATUS_INTERNAL_DB_ERROR; + } + + irpc_add_name(nbtsrv->task->msg_ctx, "wins_server"); + + return NT_STATUS_OK; +} diff --git a/source4/nbt_server/wins/winsserver.h b/source4/nbt_server/wins/winsserver.h new file mode 100644 index 0000000..803a9e2 --- /dev/null +++ b/source4/nbt_server/wins/winsserver.h @@ -0,0 +1,67 @@ +/* + Unix SMB/CIFS implementation. + + wins server WACK processing + + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +struct wins_server { + /* wins server database handle */ + struct winsdb_handle *wins_db; + + /* some configuration */ + struct { + /* + * the interval (in secs) till an active record will be marked as RELEASED + */ + uint32_t min_renew_interval; + uint32_t max_renew_interval; + + /* + * the interval (in secs) a record remains in RELEASED state, + * before it will be marked as TOMBSTONE + * (also known as extinction interval) + */ + uint32_t tombstone_interval; + + /* + * the interval (in secs) a record remains in TOMBSTONE state, + * before it will be removed from the database. + * See also 'tombstone_extra_timeout'. + * (also known as extinction timeout) + */ + uint32_t tombstone_timeout; + } config; +}; + +struct wins_challenge_io { + struct { + struct nbtd_server *nbtd_server; + uint16_t nbt_port; + struct tevent_context *event_ctx; + struct nbt_name *name; + uint32_t num_addresses; + const char **addresses; + } in; + struct { + uint32_t num_addresses; + const char **addresses; + } out; +}; + +struct composite_context; +#include "nbt_server/wins/winsserver_proto.h" diff --git a/source4/nbt_server/wins/winswack.c b/source4/nbt_server/wins/winswack.c new file mode 100644 index 0000000..735a4e6 --- /dev/null +++ b/source4/nbt_server/wins/winswack.c @@ -0,0 +1,387 @@ +/* + Unix SMB/CIFS implementation. + + "secure" wins server WACK processing + + Copyright (C) Andrew Tridgell 2005 + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "nbt_server/nbt_server.h" +#include "nbt_server/wins/winsdb.h" +#include "nbt_server/wins/winsserver.h" +#include "system/time.h" +#include "libcli/composite/composite.h" +#include "param/param.h" +#include "samba/service_task.h" + +struct wins_challenge_state { + struct wins_challenge_io *io; + uint32_t current_address; + struct nbt_name_query query; +}; + +static void wins_challenge_handler(struct nbt_name_request *req) +{ + struct composite_context *ctx = talloc_get_type(req->async.private_data, struct composite_context); + struct wins_challenge_state *state = talloc_get_type(ctx->private_data, struct wins_challenge_state); + + ctx->status = nbt_name_query_recv(req, state, &state->query); + + /* if we timed out then try the next owner address, if any */ + if (NT_STATUS_EQUAL(ctx->status, NT_STATUS_IO_TIMEOUT)) { + state->current_address++; + if (state->current_address < state->io->in.num_addresses) { + struct nbtd_interface *iface; + + state->query.in.dest_port = state->io->in.nbt_port; + state->query.in.dest_addr = state->io->in.addresses[state->current_address]; + + iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, true); + if (!iface) { + composite_error(ctx, NT_STATUS_INTERNAL_ERROR); + return; + } + + ZERO_STRUCT(state->query.out); + req = nbt_name_query_send(iface->nbtsock, &state->query); + composite_continue_nbt(ctx, req, wins_challenge_handler, ctx); + return; + } + } + + composite_done(ctx); +} + +NTSTATUS wins_challenge_recv(struct composite_context *ctx, TALLOC_CTX *mem_ctx, struct wins_challenge_io *io) +{ + NTSTATUS status = ctx->status; + struct wins_challenge_state *state = talloc_get_type(ctx->private_data, struct wins_challenge_state); + + if (NT_STATUS_IS_OK(status)) { + io->out.num_addresses = state->query.out.num_addrs; + io->out.addresses = state->query.out.reply_addrs; + talloc_steal(mem_ctx, io->out.addresses); + } else { + ZERO_STRUCT(io->out); + } + + talloc_free(ctx); + return status; +} + +struct composite_context *wins_challenge_send(TALLOC_CTX *mem_ctx, struct wins_challenge_io *io) +{ + struct composite_context *result; + struct wins_challenge_state *state; + struct nbt_name_request *req; + struct nbtd_interface *iface; + + result = talloc_zero(mem_ctx, struct composite_context); + if (result == NULL) return NULL; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = io->in.event_ctx; + + state = talloc_zero(result, struct wins_challenge_state); + if (state == NULL) goto failed; + result->private_data = state; + + /* package up the state variables for this wack request */ + state->io = io; + state->current_address = 0; + + /* setup a name query to the first address */ + state->query.in.name = *state->io->in.name; + state->query.in.dest_port = state->io->in.nbt_port; + state->query.in.dest_addr = state->io->in.addresses[state->current_address]; + state->query.in.broadcast = false; + state->query.in.wins_lookup = true; + state->query.in.timeout = 1; + state->query.in.retries = 2; + ZERO_STRUCT(state->query.out); + + iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, true); + if (!iface) { + goto failed; + } + + req = nbt_name_query_send(iface->nbtsock, &state->query); + if (req == NULL) goto failed; + + req->async.fn = wins_challenge_handler; + req->async.private_data = result; + + return result; +failed: + talloc_free(result); + return NULL; +} + +struct wins_release_demand_io { + struct { + struct nbtd_server *nbtd_server; + struct tevent_context *event_ctx; + struct nbt_name *name; + uint16_t nb_flags; + uint32_t num_addresses; + const char **addresses; + } in; +}; + +struct wins_release_demand_state { + struct wins_release_demand_io *io; + uint32_t current_address; + uint32_t addresses_left; + struct nbt_name_release release; +}; + +static void wins_release_demand_handler(struct nbt_name_request *req) +{ + struct composite_context *ctx = talloc_get_type(req->async.private_data, struct composite_context); + struct wins_release_demand_state *state = talloc_get_type(ctx->private_data, struct wins_release_demand_state); + + ctx->status = nbt_name_release_recv(req, state, &state->release); + + /* if we timed out then try the next owner address, if any */ + if (NT_STATUS_EQUAL(ctx->status, NT_STATUS_IO_TIMEOUT)) { + state->current_address++; + state->addresses_left--; + if (state->current_address < state->io->in.num_addresses) { + struct nbtd_interface *iface; + + state->release.in.dest_port = lpcfg_nbt_port(state->io->in.nbtd_server->task->lp_ctx); + state->release.in.dest_addr = state->io->in.addresses[state->current_address]; + state->release.in.address = state->release.in.dest_addr; + state->release.in.timeout = (state->addresses_left > 1 ? 2 : 1); + state->release.in.retries = (state->addresses_left > 1 ? 0 : 2); + + iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, true); + if (!iface) { + composite_error(ctx, NT_STATUS_INTERNAL_ERROR); + return; + } + + ZERO_STRUCT(state->release.out); + req = nbt_name_release_send(iface->nbtsock, &state->release); + composite_continue_nbt(ctx, req, wins_release_demand_handler, ctx); + return; + } + } + + composite_done(ctx); +} + +static NTSTATUS wins_release_demand_recv(struct composite_context *ctx, + TALLOC_CTX *mem_ctx, + struct wins_release_demand_io *io) +{ + NTSTATUS status = ctx->status; + talloc_free(ctx); + return status; +} + +static struct composite_context *wins_release_demand_send(TALLOC_CTX *mem_ctx, struct wins_release_demand_io *io) +{ + struct composite_context *result; + struct wins_release_demand_state *state; + struct nbt_name_request *req; + struct nbtd_interface *iface; + + result = talloc_zero(mem_ctx, struct composite_context); + if (result == NULL) return NULL; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = io->in.event_ctx; + + state = talloc_zero(result, struct wins_release_demand_state); + if (state == NULL) goto failed; + result->private_data = state; + + /* package up the state variables for this wack request */ + state->io = io; + state->current_address = 0; + state->addresses_left = state->io->in.num_addresses; + + /* + * setup a name query to the first address + * - if we have more than one address try the first + * with 2 secs timeout and no retry + * - otherwise use 1 sec timeout (w2k3 uses 0.5 sec here) + * with 2 retries + */ + state->release.in.name = *state->io->in.name; + state->release.in.dest_port = lpcfg_nbt_port(state->io->in.nbtd_server->task->lp_ctx); + state->release.in.dest_addr = state->io->in.addresses[state->current_address]; + state->release.in.address = state->release.in.dest_addr; + state->release.in.broadcast = false; + state->release.in.timeout = (state->addresses_left > 1 ? 2 : 1); + state->release.in.retries = (state->addresses_left > 1 ? 0 : 2); + ZERO_STRUCT(state->release.out); + + iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, true); + if (!iface) { + goto failed; + } + + req = nbt_name_release_send(iface->nbtsock, &state->release); + if (req == NULL) goto failed; + + req->async.fn = wins_release_demand_handler; + req->async.private_data = result; + + return result; +failed: + talloc_free(result); + return NULL; +} + +/* + wrepl_server needs to be able to do a name query request, but some windows + servers always send the reply to port 137, regardless of the request + port. To cope with this we use a irpc request to the NBT server + which has port 137 open, and thus can receive the replies +*/ +struct proxy_wins_challenge_state { + struct irpc_message *msg; + struct nbtd_proxy_wins_challenge *req; + struct wins_challenge_io io; + struct composite_context *c_req; +}; + +static void proxy_wins_challenge_handler(struct composite_context *c_req) +{ + NTSTATUS status; + uint32_t i; + struct proxy_wins_challenge_state *s = talloc_get_type(c_req->async.private_data, + struct proxy_wins_challenge_state); + + status = wins_challenge_recv(s->c_req, s, &s->io); + if (!NT_STATUS_IS_OK(status)) { + ZERO_STRUCT(s->req->out); + irpc_send_reply(s->msg, status); + return; + } + + s->req->out.num_addrs = s->io.out.num_addresses; + /* TODO: fix pidl to handle inline ipv4address arrays */ + s->req->out.addrs = talloc_array(s->msg, struct nbtd_proxy_wins_addr, + s->io.out.num_addresses); + if (!s->req->out.addrs) { + ZERO_STRUCT(s->req->out); + irpc_send_reply(s->msg, NT_STATUS_NO_MEMORY); + return; + } + for (i=0; i < s->io.out.num_addresses; i++) { + s->req->out.addrs[i].addr = talloc_steal(s->req->out.addrs, s->io.out.addresses[i]); + } + + irpc_send_reply(s->msg, status); +} + +NTSTATUS nbtd_proxy_wins_challenge(struct irpc_message *msg, + struct nbtd_proxy_wins_challenge *req) +{ + struct nbtd_server *nbtd_server = + talloc_get_type(msg->private_data, struct nbtd_server); + struct proxy_wins_challenge_state *s; + uint32_t i; + + s = talloc(msg, struct proxy_wins_challenge_state); + NT_STATUS_HAVE_NO_MEMORY(s); + + s->msg = msg; + s->req = req; + + s->io.in.nbtd_server = nbtd_server; + s->io.in.nbt_port = lpcfg_nbt_port(nbtd_server->task->lp_ctx); + s->io.in.event_ctx = nbtd_server->task->event_ctx; + s->io.in.name = &req->in.name; + s->io.in.num_addresses = req->in.num_addrs; + s->io.in.addresses = talloc_array(s, const char *, req->in.num_addrs); + NT_STATUS_HAVE_NO_MEMORY(s->io.in.addresses); + /* TODO: fix pidl to handle inline ipv4address arrays */ + for (i=0; i < req->in.num_addrs; i++) { + s->io.in.addresses[i] = talloc_steal(s->io.in.addresses, req->in.addrs[i].addr); + } + + s->c_req = wins_challenge_send(s, &s->io); + NT_STATUS_HAVE_NO_MEMORY(s->c_req); + + s->c_req->async.fn = proxy_wins_challenge_handler; + s->c_req->async.private_data = s; + + msg->defer_reply = true; + return NT_STATUS_OK; +} + +/* + wrepl_server needs to be able to do a name release demands, but some windows + servers always send the reply to port 137, regardless of the request + port. To cope with this we use a irpc request to the NBT server + which has port 137 open, and thus can receive the replies +*/ +struct proxy_wins_release_demand_state { + struct irpc_message *msg; + struct nbtd_proxy_wins_release_demand *req; + struct wins_release_demand_io io; + struct composite_context *c_req; +}; + +static void proxy_wins_release_demand_handler(struct composite_context *c_req) +{ + NTSTATUS status; + struct proxy_wins_release_demand_state *s = talloc_get_type(c_req->async.private_data, + struct proxy_wins_release_demand_state); + + status = wins_release_demand_recv(s->c_req, s, &s->io); + + irpc_send_reply(s->msg, status); +} + +NTSTATUS nbtd_proxy_wins_release_demand(struct irpc_message *msg, + struct nbtd_proxy_wins_release_demand *req) +{ + struct nbtd_server *nbtd_server = + talloc_get_type(msg->private_data, struct nbtd_server); + struct proxy_wins_release_demand_state *s; + uint32_t i; + + s = talloc(msg, struct proxy_wins_release_demand_state); + NT_STATUS_HAVE_NO_MEMORY(s); + + s->msg = msg; + s->req = req; + + s->io.in.nbtd_server = nbtd_server; + s->io.in.event_ctx = nbtd_server->task->event_ctx; + s->io.in.name = &req->in.name; + s->io.in.num_addresses = req->in.num_addrs; + s->io.in.addresses = talloc_array(s, const char *, req->in.num_addrs); + NT_STATUS_HAVE_NO_MEMORY(s->io.in.addresses); + /* TODO: fix pidl to handle inline ipv4address arrays */ + for (i=0; i < req->in.num_addrs; i++) { + s->io.in.addresses[i] = talloc_steal(s->io.in.addresses, req->in.addrs[i].addr); + } + + s->c_req = wins_release_demand_send(s, &s->io); + NT_STATUS_HAVE_NO_MEMORY(s->c_req); + + s->c_req->async.fn = proxy_wins_release_demand_handler; + s->c_req->async.private_data = s; + + msg->defer_reply = true; + return NT_STATUS_OK; +} diff --git a/source4/nbt_server/wscript_build b/source4/nbt_server/wscript_build new file mode 100644 index 0000000..9d0c24a --- /dev/null +++ b/source4/nbt_server/wscript_build @@ -0,0 +1,54 @@ +#!/usr/bin/env python + +bld.SAMBA_SUBSYSTEM('WINSDB', + source='wins/winsdb.c wins/wins_hook.c', + autoproto='wins/winsdb_proto.h', + public_deps='ldb ldbsamba', + enabled=bld.AD_DC_BUILD_IS_ENABLED() + ) + + +bld.SAMBA_MODULE('ldb_wins_ldb', + source='wins/wins_ldb.c', + subsystem='ldb', + init_function='ldb_wins_ldb_module_init', + module_init_name='ldb_init_module', + deps='ldb netif samba-hostconfig samba-util', + internal_module=False, + enabled=bld.AD_DC_BUILD_IS_ENABLED() + ) + + +bld.SAMBA_SUBSYSTEM('NBTD_WINS', + source='wins/winsserver.c wins/winsclient.c wins/winswack.c wins/wins_dns_proxy.c', + autoproto='wins/winsserver_proto.h', + deps='cli-nbt WINSDB', + enabled=bld.AD_DC_BUILD_IS_ENABLED() + ) + + +bld.SAMBA_SUBSYSTEM('NBTD_DGRAM', + source='dgram/request.c dgram/netlogon.c dgram/browse.c', + autoproto='dgram/proto.h', + deps='LIBCLI_DGRAM DSDB_MODULE_HELPERS', + enabled=bld.AD_DC_BUILD_IS_ENABLED() + ) + + +bld.SAMBA_SUBSYSTEM('NBT_SERVER', + source='interfaces.c register.c query.c nodestatus.c defense.c packet.c irpc.c', + autoproto='nbt_server_proto.h', + deps='cli-nbt NBTD_WINS NBTD_DGRAM service', + enabled=bld.AD_DC_BUILD_IS_ENABLED() + ) + + +bld.SAMBA_MODULE('service_nbtd', + source='nbt_server.c', + subsystem='service', + init_function='server_service_nbtd_init', + deps='NBT_SERVER process_model', + internal_module=False, + enabled=bld.AD_DC_BUILD_IS_ENABLED() + ) + |