diff options
Diffstat (limited to 'source4/rpc_server/dnsserver/dnsutils.c')
-rw-r--r-- | source4/rpc_server/dnsserver/dnsutils.c | 414 |
1 files changed, 414 insertions, 0 deletions
diff --git a/source4/rpc_server/dnsserver/dnsutils.c b/source4/rpc_server/dnsserver/dnsutils.c new file mode 100644 index 0000000..2c56946 --- /dev/null +++ b/source4/rpc_server/dnsserver/dnsutils.c @@ -0,0 +1,414 @@ +/* + Unix SMB/CIFS implementation. + + DNS Server + + Copyright (C) Amitay Isaacs 2011 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "dnsserver.h" +#include "rpc_server/common/common.h" +#include "dns_server/dnsserver_common.h" +#include "dsdb/samdb/samdb.h" +#include "lib/socket/netif.h" +#include "lib/util/util_net.h" +#include "dnsserver_common.h" + +#undef strcasecmp + +static struct DNS_ADDR_ARRAY *fill_dns_addr_array(TALLOC_CTX *mem_ctx, + struct loadparm_context *lp_ctx, + bool listen_only) +{ + struct interface *ifaces; + int num_interfaces, i; + struct DNS_ADDR_ARRAY *dns_addr_array; + const char *ipstr; + bool have_ipv4, have_ipv6; + uint16_t family; + + have_ipv4 = have_ipv6 = false; + + if (!listen_only) { + /* + Return all interfaces from kernel + Not implemented! + */ + return NULL; + } + + /* Only the used interfaces */ + load_interface_list(mem_ctx, lp_ctx, &ifaces); + num_interfaces = iface_list_count(ifaces); + + dns_addr_array = talloc_zero(mem_ctx, struct DNS_ADDR_ARRAY); + if (dns_addr_array == NULL) { + goto nomem; + } + dns_addr_array->MaxCount = num_interfaces; + dns_addr_array->AddrCount = num_interfaces; + if (num_interfaces == 0) { + goto nomem; + } + + dns_addr_array->AddrArray = talloc_zero_array(mem_ctx, struct DNS_ADDR, + num_interfaces); + if (!dns_addr_array->AddrArray) { + TALLOC_FREE(dns_addr_array); + goto nomem; + } + + for (i = 0; i < num_interfaces; i++) { + int ret; + ipstr = iface_list_n_ip(ifaces, i); + if (is_ipaddress_v4(ipstr)) { + have_ipv4 = true; + dns_addr_array->AddrArray[i].MaxSa[0] = 0x02; + ret = inet_pton(AF_INET, ipstr, + &dns_addr_array->AddrArray[i].MaxSa[4]); + } else { + have_ipv6 = true; + dns_addr_array->AddrArray[i].MaxSa[0] = 0x17; + ret = inet_pton(AF_INET6, ipstr, + &dns_addr_array->AddrArray[i].MaxSa[8]); + } + if (ret != 1) { /*yep, 1 means success for inet_pton */ + DBG_ERR("Interface %d address (%s) is invalid\n", + i, ipstr); + goto nomem; + } + } + + if (have_ipv4 && have_ipv6) { + family = 0; /* mixed: MS-DNSP */ + } else if (have_ipv4 && !have_ipv6) { + family = AF_INET; + } else { + family = AF_INET6; + } + dns_addr_array->Family = family; + +nomem: + talloc_free(ifaces); + return dns_addr_array; +} + +struct dnsserver_serverinfo *dnsserver_init_serverinfo(TALLOC_CTX *mem_ctx, + struct loadparm_context *lp_ctx, + struct ldb_context *samdb) +{ + struct dnsserver_serverinfo *serverinfo; + struct dcerpc_server_info *dinfo; + struct ldb_dn *domain_dn, *forest_dn; + + serverinfo = talloc_zero(mem_ctx, struct dnsserver_serverinfo); + if (serverinfo == NULL) { + return NULL; + } + + dinfo = lpcfg_dcerpc_server_info(mem_ctx, lp_ctx); + if (dinfo) { + serverinfo->dwVersion = (dinfo->version_build & 0x0000FFFF) << 16 | + (dinfo->version_minor & 0x000000FF) << 8 | + (dinfo->version_major & 0x000000FF); + talloc_free(dinfo); + } else { + serverinfo->dwVersion = 0x0ECE0205; /* build, os_minor, os_major */; + } + + serverinfo->fBootMethod = DNS_BOOT_METHOD_DIRECTORY; + serverinfo->fAdminConfigured = 0; + serverinfo->fAllowUpdate = 1; + serverinfo->fDsAvailable = 1; + + serverinfo->pszServerName = talloc_asprintf(mem_ctx, "%s.%s", + lpcfg_netbios_name(lp_ctx), + lpcfg_dnsdomain(lp_ctx)); + + domain_dn = ldb_get_default_basedn(samdb); + forest_dn = ldb_get_root_basedn(samdb); + + serverinfo->pszDsContainer = talloc_asprintf(mem_ctx, + "CN=MicrosoftDNS,DC=DomainDnsZones,%s", + ldb_dn_get_linearized(domain_dn)); + + serverinfo->dwDsForestVersion = dsdb_forest_functional_level(samdb); + serverinfo->dwDsDomainVersion = dsdb_functional_level(samdb); + serverinfo->dwDsDsaVersion = dsdb_dc_functional_level(samdb); + + serverinfo->pszDomainName = samdb_dn_to_dns_domain(mem_ctx, domain_dn); + serverinfo->pszForestName = samdb_dn_to_dns_domain(mem_ctx, forest_dn); + + serverinfo->pszDomainDirectoryPartition = talloc_asprintf(mem_ctx, + "DC=DomainDnsZones,%s", + ldb_dn_get_linearized(domain_dn)); + serverinfo->pszForestDirectoryPartition = talloc_asprintf(mem_ctx, + "DC=ForestDnsZones,%s", + ldb_dn_get_linearized(forest_dn)); + /* IP addresses on which the DNS server listens for DNS requests */ + serverinfo->aipListenAddrs = fill_dns_addr_array(mem_ctx, lp_ctx, true); + + /* All IP addresses available on the server + * Not implemented! + * Use same as listen addresses + */ + serverinfo->aipServerAddrs = serverinfo->aipListenAddrs; + + serverinfo->aipForwarders = NULL; + + serverinfo->aipLogFilter = NULL; + serverinfo->pwszLogFilePath = NULL; + + serverinfo->dwLogLevel = 0; + serverinfo->dwDebugLevel = 0; + serverinfo->dwEventLogLevel = DNS_EVENT_LOG_INFORMATION_TYPE; + serverinfo->dwLogFileMaxSize = 0; + + serverinfo->dwForwardTimeout = 3; /* seconds (default) */ + serverinfo->dwRpcProtocol = 5; + serverinfo->dwNameCheckFlag = DNS_ALLOW_MULTIBYTE_NAMES; + serverinfo->cAddressAnswerLimit = 0; + serverinfo->dwRecursionRetry = 3; /* seconds (default) */ + serverinfo->dwRecursionTimeout = 8; /* seconds (default) */ + serverinfo->dwMaxCacheTtl = 0x00015180; /* 1 day (default) */ + serverinfo->dwDsPollingInterval = 0xB4; /* 3 minutes (default) */ + serverinfo->dwLocalNetPriorityNetMask = 0x000000FF; + + serverinfo->dwScavengingInterval = lpcfg_parm_int( + lp_ctx, NULL, "dnsserver", "ScavengingInterval", 24 * 7); + serverinfo->dwDefaultRefreshInterval = lpcfg_parm_int( + lp_ctx, NULL, "dnsserver", "DefaultRefreshInterval", 24 * 3); + serverinfo->dwDefaultNoRefreshInterval = lpcfg_parm_int( + lp_ctx, NULL, "dnsserver", "DefaultNoRefreshInterval", 24 * 3); + + serverinfo->dwLastScavengeTime = 0; + + serverinfo->fAutoReverseZones = 0; + serverinfo->fAutoCacheUpdate = 0; + + serverinfo->fRecurseAfterForwarding = 0; + serverinfo->fForwardDelegations = 1; + serverinfo->fNoRecursion = 0; + serverinfo->fSecureResponses = 0; + + serverinfo->fRoundRobin = 1; + serverinfo->fLocalNetPriority = 0; + + serverinfo->fBindSecondaries = 0; + serverinfo->fWriteAuthorityNs = 0; + + serverinfo->fStrictFileParsing = 0; + serverinfo->fLooseWildcarding = 0 ; + serverinfo->fDefaultAgingState = 0; + + return serverinfo; +} + +struct dnsserver_zoneinfo *dnsserver_init_zoneinfo(struct dnsserver_zone *zone, + struct dnsserver_serverinfo *serverinfo) +{ + struct dnsserver_zoneinfo *zoneinfo; + uint32_t fReverse; + const char *revzone = "in-addr.arpa"; + const char *revzone6 = "ip6.arpa"; + int len1, len2; + unsigned int i = 0; + + zoneinfo = talloc_zero(zone, struct dnsserver_zoneinfo); + if (zoneinfo == NULL) { + return NULL; + } + + /* If the zone name ends with in-addr.arpa, it's reverse zone */ + /* If the zone name ends with ip6.arpa, it's reverse zone (IPv6) */ + fReverse = 0; + len1 = strlen(zone->name); + len2 = strlen(revzone); + if (len1 > len2 && strcasecmp(&zone->name[len1-len2], revzone) == 0) { + fReverse = 1; + } else { + len2 = strlen(revzone6); + if (len1 > len2 && strcasecmp(&zone->name[len1-len2], revzone6) == 0) { + fReverse = 1; + } + } + + zoneinfo->Version = 0x32; + zoneinfo->Flags = DNS_RPC_ZONE_DSINTEGRATED; + + if (strcmp(zone->name, ".") == 0) { + zoneinfo->dwZoneType = DNS_ZONE_TYPE_CACHE; + zoneinfo->fAllowUpdate = DNS_ZONE_UPDATE_OFF; + zoneinfo->fSecureSecondaries = DNS_ZONE_SECSECURE_NO_SECURITY; + zoneinfo->fNotifyLevel = DNS_ZONE_NOTIFY_OFF; + zoneinfo->dwNoRefreshInterval = 0; + zoneinfo->dwRefreshInterval = 0; + } else { + zoneinfo->Flags |= DNS_RPC_ZONE_UPDATE_SECURE; + zoneinfo->dwZoneType = DNS_ZONE_TYPE_PRIMARY; + zoneinfo->fAllowUpdate = DNS_ZONE_UPDATE_SECURE; + zoneinfo->fSecureSecondaries = DNS_ZONE_SECSECURE_NO_XFER; + zoneinfo->fNotifyLevel = DNS_ZONE_NOTIFY_LIST_ONLY; + zoneinfo->dwNoRefreshInterval = serverinfo->dwDefaultNoRefreshInterval; + zoneinfo->dwRefreshInterval = serverinfo->dwDefaultRefreshInterval; + } + + zoneinfo->fReverse = fReverse; + zoneinfo->fPaused = 0; + zoneinfo->fShutdown = 0; + zoneinfo->fAutoCreated = 0; + zoneinfo->fUseDatabase = 1; + zoneinfo->pszDataFile = NULL; + zoneinfo->aipMasters = NULL; + zoneinfo->aipSecondaries = NULL; + zoneinfo->aipNotify = NULL; + zoneinfo->fUseWins = 0; + zoneinfo->fUseNbstat = 0; + zoneinfo->fAging = 0; + zoneinfo->dwAvailForScavengeTime = 0; + zoneinfo->aipScavengeServers = NULL; + zoneinfo->dwForwarderTimeout = 0; + zoneinfo->fForwarderSlave = 0; + zoneinfo->aipLocalMasters = NULL; + zoneinfo->pwszZoneDn = discard_const_p(char, ldb_dn_get_linearized(zone->zone_dn)); + zoneinfo->dwLastSuccessfulSoaCheck = 0; + zoneinfo->dwLastSuccessfulXfr = 0; + zoneinfo->fQueuedForBackgroundLoad = 0; + zoneinfo->fBackgroundLoadInProgress = 0; + zoneinfo->fReadOnlyZone = 0; + zoneinfo->dwLastXfrAttempt = 0; + zoneinfo->dwLastXfrResult = 0; + + for(i=0; i<zone->num_props; i++){ + bool valid_property; + valid_property = dns_zoneinfo_load_zone_property( + zoneinfo, &zone->tmp_props[i]); + if (!valid_property) { + TALLOC_FREE(zoneinfo); + return NULL; + } + } + + return zoneinfo; +} + +struct dnsserver_zone *dnsserver_find_zone(struct dnsserver_zone *zones, const char *zone_name) +{ + struct dnsserver_zone *z = NULL; + + for (z = zones; z; z = z->next) { + if (samba_dns_name_equal(zone_name, z->name)) { + break; + } + } + + return z; +} + +struct ldb_dn *dnsserver_name_to_dn(TALLOC_CTX *mem_ctx, struct dnsserver_zone *z, const char *name) +{ + struct ldb_dn *dn; + bool ret; + struct ldb_val name_val = + data_blob_string_const(name); + + dn = ldb_dn_copy(mem_ctx, z->zone_dn); + if (dn == NULL) { + return NULL; + } + if (strcasecmp(name, z->name) == 0) { + ret = ldb_dn_add_child_fmt(dn, "DC=@"); + if (!ret) { + talloc_free(dn); + return NULL; + } + return dn; + } + + ret = ldb_dn_add_child_val(dn, + "DC", + name_val); + + if (!ret) { + talloc_free(dn); + return NULL; + } + + return dn; +} + +uint32_t dnsserver_zone_to_request_filter(const char *zone_name) +{ + uint32_t request_filter = 0; + + if (strcmp(zone_name, "..AllZones") == 0) { + request_filter = DNS_ZONE_REQUEST_PRIMARY + | DNS_ZONE_REQUEST_SECONDARY + | DNS_ZONE_REQUEST_AUTO + | DNS_ZONE_REQUEST_FORWARD + | DNS_ZONE_REQUEST_REVERSE + | DNS_ZONE_REQUEST_FORWARDER + | DNS_ZONE_REQUEST_STUB + | DNS_ZONE_REQUEST_DS + | DNS_ZONE_REQUEST_NON_DS + | DNS_ZONE_REQUEST_DOMAIN_DP + | DNS_ZONE_REQUEST_FOREST_DP + | DNS_ZONE_REQUEST_CUSTOM_DP + | DNS_ZONE_REQUEST_LEGACY_DP; + } else if (strcmp(zone_name, "..AllZonesAndCache") == 0) { + request_filter = DNS_ZONE_REQUEST_PRIMARY + | DNS_ZONE_REQUEST_SECONDARY + | DNS_ZONE_REQUEST_CACHE + | DNS_ZONE_REQUEST_AUTO + | DNS_ZONE_REQUEST_FORWARD + | DNS_ZONE_REQUEST_REVERSE + | DNS_ZONE_REQUEST_FORWARDER + | DNS_ZONE_REQUEST_STUB + | DNS_ZONE_REQUEST_DS + | DNS_ZONE_REQUEST_NON_DS + | DNS_ZONE_REQUEST_DOMAIN_DP + | DNS_ZONE_REQUEST_FOREST_DP + | DNS_ZONE_REQUEST_CUSTOM_DP + | DNS_ZONE_REQUEST_LEGACY_DP; + } else if (strcmp(zone_name, "..AllPrimaryZones") == 0) { + request_filter = DNS_ZONE_REQUEST_PRIMARY; + } else if (strcmp(zone_name, "..AllSecondaryZones") == 0) { + request_filter = DNS_ZONE_REQUEST_SECONDARY; + } else if (strcmp(zone_name, "..AllForwardZones") == 0) { + request_filter = DNS_ZONE_REQUEST_FORWARD; + } else if (strcmp(zone_name, "..AllReverseZones") == 0) { + request_filter = DNS_ZONE_REQUEST_REVERSE; + } else if (strcmp(zone_name, "..AllDsZones") == 0) { + request_filter = DNS_ZONE_REQUEST_DS; + } else if (strcmp(zone_name, "..AllNonDsZones") == 0) { + request_filter = DNS_ZONE_REQUEST_NON_DS; + } else if (strcmp(zone_name, "..AllPrimaryReverseZones") == 0) { + request_filter = DNS_ZONE_REQUEST_PRIMARY + | DNS_ZONE_REQUEST_REVERSE; + } else if (strcmp(zone_name, "..AllPrimaryForwardZones") == 0) { + request_filter = DNS_ZONE_REQUEST_PRIMARY + | DNS_ZONE_REQUEST_FORWARD; + } else if (strcmp(zone_name, "..AllSecondaryReverseZones") == 0) { + request_filter = DNS_ZONE_REQUEST_SECONDARY + | DNS_ZONE_REQUEST_REVERSE; + } else if (strcmp(zone_name, "..AllSecondaryForwardZones") == 0) { + request_filter = DNS_ZONE_REQUEST_SECONDARY + | DNS_ZONE_REQUEST_REVERSE; + } + + return request_filter; +} |