2 Unix SMB/CIFS implementation.
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "../lib/util/tevent_ntstatus.h"
23 #include "libads/sitename_cache.h"
24 #include "libads/dns.h"
25 #include "../libcli/netlogon/netlogon.h"
26 #include "lib/async_req/async_sock.h"
27 #include "libsmb/nmblib.h"
29 /* nmbd.c sets this to True. */
30 bool global_in_nmbd = False;
32 /****************************
33 * SERVER AFFINITY ROUTINES *
34 ****************************/
36 /* Server affinity is the concept of preferring the last domain
37 controller with whom you had a successful conversation */
39 /****************************************************************************
40 ****************************************************************************/
41 #define SAFKEY_FMT "SAF/DOMAIN/%s"
43 #define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
44 #define SAFJOIN_TTL 3600
46 static char *saf_key(const char *domain)
50 asprintf_strupper_m(&keystr, SAFKEY_FMT, domain);
55 static char *saf_join_key(const char *domain)
59 asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain);
64 /****************************************************************************
65 ****************************************************************************/
67 bool saf_store( const char *domain, const char *servername )
73 if ( !domain || !servername ) {
74 DEBUG(2,("saf_store: "
75 "Refusing to store empty domain or servername!\n"));
79 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
80 DEBUG(0,("saf_store: "
81 "refusing to store 0 length domain or servername!\n"));
85 key = saf_key( domain );
86 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
88 DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n",
89 domain, servername, (unsigned int)expire ));
91 ret = gencache_set( key, servername, expire );
98 bool saf_join_store( const char *domain, const char *servername )
104 if ( !domain || !servername ) {
105 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
109 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
110 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
114 key = saf_join_key( domain );
115 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
117 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
118 domain, servername, (unsigned int)expire ));
120 ret = gencache_set( key, servername, expire );
127 bool saf_delete( const char *domain )
133 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
137 key = saf_join_key(domain);
138 ret = gencache_del(key);
142 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
145 key = saf_key(domain);
146 ret = gencache_del(key);
150 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
156 /****************************************************************************
157 ****************************************************************************/
159 char *saf_fetch( const char *domain )
166 if ( !domain || strlen(domain) == 0) {
167 DEBUG(2,("saf_fetch: Empty domain name!\n"));
171 key = saf_join_key( domain );
173 ret = gencache_get( key, &server, &timeout );
178 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
183 key = saf_key( domain );
185 ret = gencache_get( key, &server, &timeout );
190 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
193 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
200 static void set_socket_addr_v4(struct sockaddr_storage *addr)
202 if (!interpret_string_addr(addr, lp_socket_address(),
203 AI_NUMERICHOST|AI_PASSIVE)) {
206 if (addr->ss_family != AF_INET) {
211 /****************************************************************************
212 Generate a random trn_id.
213 ****************************************************************************/
215 static int generate_trn_id(void)
219 generate_random_buffer((uint8 *)&id, sizeof(id));
221 return id % (unsigned)0x7FFF;
224 /****************************************************************************
225 Parse a node status response into an array of structures.
226 ****************************************************************************/
228 static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx, char *p,
230 struct node_status_extra *extra)
232 struct node_status *ret;
235 *num_names = CVAL(p,0);
240 ret = TALLOC_ARRAY(mem_ctx, struct node_status,*num_names);
245 for (i=0;i< *num_names;i++) {
246 StrnCpy(ret[i].name,p,15);
247 trim_char(ret[i].name,'\0',' ');
248 ret[i].type = CVAL(p,15);
249 ret[i].flags = p[16];
251 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
252 ret[i].type, ret[i].flags));
255 * Also, pick up the MAC address ...
258 memcpy(&extra->mac_addr, p, 6); /* Fill in the mac addr */
263 struct sock_packet_read_state {
264 struct tevent_context *ev;
265 enum packet_type type;
268 struct nb_packet_reader *reader;
269 struct tevent_req *reader_req;
272 struct tevent_req *socket_req;
274 struct sockaddr_storage addr;
277 bool (*validator)(struct packet_struct *p,
281 struct packet_struct *packet;
284 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s);
285 static void sock_packet_read_got_packet(struct tevent_req *subreq);
286 static void sock_packet_read_got_socket(struct tevent_req *subreq);
288 static struct tevent_req *sock_packet_read_send(
290 struct tevent_context *ev,
291 int sock, /* dgram socket */
292 struct nb_packet_reader *reader,
293 enum packet_type type,
295 bool (*validator)(struct packet_struct *p, void *private_data),
298 struct tevent_req *req;
299 struct sock_packet_read_state *state;
301 req = tevent_req_create(mem_ctx, &state,
302 struct sock_packet_read_state);
306 talloc_set_destructor(state, sock_packet_read_state_destructor);
308 state->reader = reader;
311 state->trn_id = trn_id;
312 state->validator = validator;
313 state->private_data = private_data;
315 if (reader != NULL) {
316 state->reader_req = nb_packet_read_send(state, ev, reader);
317 if (tevent_req_nomem(state->reader_req, req)) {
318 return tevent_req_post(req, ev);
320 tevent_req_set_callback(
321 state->reader_req, sock_packet_read_got_packet, req);
324 state->addr_len = sizeof(state->addr);
325 state->socket_req = recvfrom_send(state, ev, sock,
326 state->buf, sizeof(state->buf), 0,
327 &state->addr, &state->addr_len);
328 if (tevent_req_nomem(state->socket_req, req)) {
329 return tevent_req_post(req, ev);
331 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
337 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s)
339 if (s->packet != NULL) {
340 free_packet(s->packet);
346 static void sock_packet_read_got_packet(struct tevent_req *subreq)
348 struct tevent_req *req = tevent_req_callback_data(
349 subreq, struct tevent_req);
350 struct sock_packet_read_state *state = tevent_req_data(
351 req, struct sock_packet_read_state);
354 status = nb_packet_read_recv(subreq, &state->packet);
356 TALLOC_FREE(state->reader_req);
358 if (!NT_STATUS_IS_OK(status)) {
359 if (state->socket_req != NULL) {
361 * Still waiting for socket
366 * Both socket and packet reader failed
368 tevent_req_nterror(req, status);
372 if ((state->validator != NULL) &&
373 !state->validator(state->packet, state->private_data)) {
374 DEBUG(10, ("validator failed\n"));
376 free_packet(state->packet);
377 state->packet = NULL;
379 state->reader_req = nb_packet_read_send(state, state->ev,
381 if (tevent_req_nomem(state->reader_req, req)) {
384 tevent_req_set_callback(
385 state->reader_req, sock_packet_read_got_packet, req);
389 TALLOC_FREE(state->socket_req);
390 tevent_req_done(req);
393 static void sock_packet_read_got_socket(struct tevent_req *subreq)
395 struct tevent_req *req = tevent_req_callback_data(
396 subreq, struct tevent_req);
397 struct sock_packet_read_state *state = tevent_req_data(
398 req, struct sock_packet_read_state);
399 struct sockaddr_in *in_addr;
403 received = recvfrom_recv(subreq, &err);
405 TALLOC_FREE(state->socket_req);
407 if (received == -1) {
408 if (state->reader_req != NULL) {
410 * Still waiting for reader
415 * Both socket and reader failed
417 tevent_req_nterror(req, map_nt_error_from_unix(err));
420 if (state->addr.ss_family != AF_INET) {
423 in_addr = (struct sockaddr_in *)(void *)&state->addr;
425 state->packet = parse_packet((char *)state->buf, received, state->type,
426 in_addr->sin_addr, in_addr->sin_port);
427 if (state->packet == NULL) {
428 DEBUG(10, ("parse_packet failed\n"));
431 if ((state->trn_id != -1) &&
432 (state->trn_id != packet_trn_id(state->packet))) {
433 DEBUG(10, ("Expected transaction id %d, got %d\n",
434 state->trn_id, packet_trn_id(state->packet)));
438 if ((state->validator != NULL) &&
439 !state->validator(state->packet, state->private_data)) {
440 DEBUG(10, ("validator failed\n"));
444 tevent_req_done(req);
448 if (state->packet != NULL) {
449 free_packet(state->packet);
450 state->packet = NULL;
452 state->socket_req = recvfrom_send(state, state->ev, state->sock,
453 state->buf, sizeof(state->buf), 0,
454 &state->addr, &state->addr_len);
455 if (tevent_req_nomem(state->socket_req, req)) {
458 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
462 static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
463 struct packet_struct **ppacket)
465 struct sock_packet_read_state *state = tevent_req_data(
466 req, struct sock_packet_read_state);
469 if (tevent_req_is_nterror(req, &status)) {
472 *ppacket = state->packet;
473 state->packet = NULL;
477 struct nb_trans_state {
478 struct tevent_context *ev;
480 struct nb_packet_reader *reader;
482 const struct sockaddr_storage *dst_addr;
485 enum packet_type type;
488 bool (*validator)(struct packet_struct *p,
492 struct packet_struct *packet;
495 static int nb_trans_state_destructor(struct nb_trans_state *s);
496 static void nb_trans_got_reader(struct tevent_req *subreq);
497 static void nb_trans_done(struct tevent_req *subreq);
498 static void nb_trans_sent(struct tevent_req *subreq);
499 static void nb_trans_send_next(struct tevent_req *subreq);
501 static struct tevent_req *nb_trans_send(
503 struct tevent_context *ev,
504 const struct sockaddr_storage *my_addr,
505 const struct sockaddr_storage *dst_addr,
507 uint8_t *buf, size_t buflen,
508 enum packet_type type, int trn_id,
509 bool (*validator)(struct packet_struct *p,
513 struct tevent_req *req, *subreq;
514 struct nb_trans_state *state;
516 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
520 talloc_set_destructor(state, nb_trans_state_destructor);
522 state->dst_addr = dst_addr;
524 state->buflen = buflen;
526 state->trn_id = trn_id;
527 state->validator = validator;
528 state->private_data = private_data;
530 state->sock = open_socket_in(SOCK_DGRAM, 0, 3, my_addr, True);
531 if (state->sock == -1) {
532 tevent_req_nterror(req, map_nt_error_from_unix(errno));
533 DEBUG(10, ("open_socket_in failed: %s\n", strerror(errno)));
534 return tevent_req_post(req, ev);
538 set_socket_options(state->sock,"SO_BROADCAST");
541 subreq = nb_packet_reader_send(state, ev, type, state->trn_id, NULL);
542 if (tevent_req_nomem(subreq, req)) {
543 return tevent_req_post(req, ev);
545 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
549 static int nb_trans_state_destructor(struct nb_trans_state *s)
555 if (s->packet != NULL) {
556 free_packet(s->packet);
562 static void nb_trans_got_reader(struct tevent_req *subreq)
564 struct tevent_req *req = tevent_req_callback_data(
565 subreq, struct tevent_req);
566 struct nb_trans_state *state = tevent_req_data(
567 req, struct nb_trans_state);
570 status = nb_packet_reader_recv(subreq, state, &state->reader);
573 if (!NT_STATUS_IS_OK(status)) {
574 DEBUG(10, ("nmbd not around\n"));
575 state->reader = NULL;
578 subreq = sock_packet_read_send(
579 state, state->ev, state->sock,
580 state->reader, state->type, state->trn_id,
581 state->validator, state->private_data);
582 if (tevent_req_nomem(subreq, req)) {
585 tevent_req_set_callback(subreq, nb_trans_done, req);
587 subreq = sendto_send(state, state->ev, state->sock,
588 state->buf, state->buflen, 0, state->dst_addr);
589 if (tevent_req_nomem(subreq, req)) {
592 tevent_req_set_callback(subreq, nb_trans_sent, req);
595 static void nb_trans_sent(struct tevent_req *subreq)
597 struct tevent_req *req = tevent_req_callback_data(
598 subreq, struct tevent_req);
599 struct nb_trans_state *state = tevent_req_data(
600 req, struct nb_trans_state);
604 sent = sendto_recv(subreq, &err);
607 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
608 tevent_req_nterror(req, map_nt_error_from_unix(err));
611 subreq = tevent_wakeup_send(state, state->ev,
612 timeval_current_ofs(1, 0));
613 if (tevent_req_nomem(subreq, req)) {
616 tevent_req_set_callback(subreq, nb_trans_send_next, req);
619 static void nb_trans_send_next(struct tevent_req *subreq)
621 struct tevent_req *req = tevent_req_callback_data(
622 subreq, struct tevent_req);
623 struct nb_trans_state *state = tevent_req_data(
624 req, struct nb_trans_state);
627 ret = tevent_wakeup_recv(subreq);
630 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
633 subreq = sendto_send(state, state->ev, state->sock,
634 state->buf, state->buflen, 0, state->dst_addr);
635 if (tevent_req_nomem(subreq, req)) {
638 tevent_req_set_callback(subreq, nb_trans_sent, req);
641 static void nb_trans_done(struct tevent_req *subreq)
643 struct tevent_req *req = tevent_req_callback_data(
644 subreq, struct tevent_req);
645 struct nb_trans_state *state = tevent_req_data(
646 req, struct nb_trans_state);
649 status = sock_packet_read_recv(subreq, &state->packet);
651 if (tevent_req_nterror(req, status)) {
654 tevent_req_done(req);
657 static NTSTATUS nb_trans_recv(struct tevent_req *req,
658 struct packet_struct **ppacket)
660 struct nb_trans_state *state = tevent_req_data(
661 req, struct nb_trans_state);
664 if (tevent_req_is_nterror(req, &status)) {
667 *ppacket = state->packet;
668 state->packet = NULL;
672 /****************************************************************************
673 Do a NBT node status query on an open socket and return an array of
674 structures holding the returned names or NULL if the query failed.
675 **************************************************************************/
677 struct node_status_query_state {
678 struct sockaddr_storage my_addr;
679 struct sockaddr_storage addr;
682 struct packet_struct *packet;
685 static int node_status_query_state_destructor(
686 struct node_status_query_state *s);
687 static bool node_status_query_validator(struct packet_struct *p,
689 static void node_status_query_done(struct tevent_req *subreq);
691 struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
692 struct tevent_context *ev,
693 struct nmb_name *name,
694 const struct sockaddr_storage *addr)
696 struct tevent_req *req, *subreq;
697 struct node_status_query_state *state;
698 struct packet_struct p;
699 struct nmb_packet *nmb = &p.packet.nmb;
700 struct sockaddr_in *in_addr;
702 req = tevent_req_create(mem_ctx, &state,
703 struct node_status_query_state);
707 talloc_set_destructor(state, node_status_query_state_destructor);
709 if (addr->ss_family != AF_INET) {
710 /* Can't do node status to IPv6 */
711 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
712 return tevent_req_post(req, ev);
716 in_addr = (struct sockaddr_in *)(void *)&state->addr;
717 in_addr->sin_port = htons(NMB_PORT);
719 set_socket_addr_v4(&state->my_addr);
722 nmb->header.name_trn_id = generate_trn_id();
723 nmb->header.opcode = 0;
724 nmb->header.response = false;
725 nmb->header.nm_flags.bcast = false;
726 nmb->header.nm_flags.recursion_available = false;
727 nmb->header.nm_flags.recursion_desired = false;
728 nmb->header.nm_flags.trunc = false;
729 nmb->header.nm_flags.authoritative = false;
730 nmb->header.rcode = 0;
731 nmb->header.qdcount = 1;
732 nmb->header.ancount = 0;
733 nmb->header.nscount = 0;
734 nmb->header.arcount = 0;
735 nmb->question.question_name = *name;
736 nmb->question.question_type = 0x21;
737 nmb->question.question_class = 0x1;
739 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
741 if (state->buflen == 0) {
742 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
743 DEBUG(10, ("build_packet failed\n"));
744 return tevent_req_post(req, ev);
747 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, false,
748 state->buf, state->buflen,
749 NMB_PACKET, nmb->header.name_trn_id,
750 node_status_query_validator, NULL);
751 if (tevent_req_nomem(subreq, req)) {
752 DEBUG(10, ("nb_trans_send failed\n"));
753 return tevent_req_post(req, ev);
755 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
756 return tevent_req_post(req, ev);
758 tevent_req_set_callback(subreq, node_status_query_done, req);
762 static bool node_status_query_validator(struct packet_struct *p,
765 struct nmb_packet *nmb = &p->packet.nmb;
768 if (nmb->header.opcode != 0 ||
769 nmb->header.nm_flags.bcast ||
771 !nmb->header.ancount ||
772 nmb->answers->rr_type != 0x21) {
774 * XXXX what do we do with this? could be a redirect,
775 * but we'll discard it for the moment
782 static int node_status_query_state_destructor(
783 struct node_status_query_state *s)
785 if (s->packet != NULL) {
786 free_packet(s->packet);
792 static void node_status_query_done(struct tevent_req *subreq)
794 struct tevent_req *req = tevent_req_callback_data(
795 subreq, struct tevent_req);
796 struct node_status_query_state *state = tevent_req_data(
797 req, struct node_status_query_state);
800 status = nb_trans_recv(subreq, &state->packet);
802 if (tevent_req_nterror(req, status)) {
805 tevent_req_done(req);
808 NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
809 struct node_status **pnode_status,
811 struct node_status_extra *extra)
813 struct node_status_query_state *state = tevent_req_data(
814 req, struct node_status_query_state);
815 struct node_status *node_status;
819 if (tevent_req_is_nterror(req, &status)) {
822 node_status = parse_node_status(
823 mem_ctx, &state->packet->packet.nmb.answers->rdata[0],
825 if (node_status == NULL) {
826 return NT_STATUS_NO_MEMORY;
828 *pnode_status = node_status;
829 *pnum_names = num_names;
833 NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
834 const struct sockaddr_storage *addr,
835 struct node_status **pnode_status,
837 struct node_status_extra *extra)
839 TALLOC_CTX *frame = talloc_stackframe();
840 struct tevent_context *ev;
841 struct tevent_req *req;
842 NTSTATUS status = NT_STATUS_NO_MEMORY;
844 ev = tevent_context_init(frame);
848 req = node_status_query_send(ev, ev, name, addr);
852 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
855 status = node_status_query_recv(req, mem_ctx, pnode_status,
862 /****************************************************************************
863 Find the first type XX name in a node status reply - used for finding
864 a servers name given its IP. Return the matched name in *name.
865 **************************************************************************/
867 bool name_status_find(const char *q_name,
870 const struct sockaddr_storage *to_ss,
873 char addr[INET6_ADDRSTRLEN];
874 struct sockaddr_storage ss;
875 struct node_status *addrs = NULL;
876 struct nmb_name nname;
881 if (lp_disable_netbios()) {
882 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
887 print_sockaddr(addr, sizeof(addr), to_ss);
889 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
892 /* Check the cache first. */
894 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
898 if (to_ss->ss_family != AF_INET) {
899 /* Can't do node status to IPv6 */
903 set_socket_addr_v4(&ss);
905 /* W2K PDC's seem not to respond to '*'#0. JRA */
906 make_nmb_name(&nname, q_name, q_type);
907 status = node_status_query(talloc_tos(), &nname, to_ss,
908 &addrs, &count, NULL);
909 if (!NT_STATUS_IS_OK(status)) {
913 for (i=0;i<count;i++) {
914 /* Find first one of the requested type that's not a GROUP. */
915 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
921 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
923 /* Store the result in the cache. */
924 /* but don't store an entry for 0x1c names here. Here we have
925 a single host and DOMAIN<0x1c> names should be a list of hosts */
927 if ( q_type != 0x1c ) {
928 namecache_status_store(q_name, q_type, type, to_ss, name);
936 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
939 DEBUGADD(10, (", name %s ip address is %s", name, addr));
947 comparison function used by sort_addr_list
950 static int addr_compare(const struct sockaddr_storage *ss1,
951 const struct sockaddr_storage *ss2)
953 int max_bits1=0, max_bits2=0;
954 int num_interfaces = iface_count();
957 /* Sort IPv4 addresses first. */
958 if (ss1->ss_family != ss2->ss_family) {
959 if (ss2->ss_family == AF_INET) {
966 /* Here we know both addresses are of the same
969 for (i=0;i<num_interfaces;i++) {
970 const struct sockaddr_storage *pss = iface_n_bcast(i);
971 const unsigned char *p_ss1 = NULL;
972 const unsigned char *p_ss2 = NULL;
973 const unsigned char *p_if = NULL;
977 if (pss->ss_family != ss1->ss_family) {
978 /* Ignore interfaces of the wrong type. */
981 if (pss->ss_family == AF_INET) {
982 p_if = (const unsigned char *)
983 &((const struct sockaddr_in *)pss)->sin_addr;
984 p_ss1 = (const unsigned char *)
985 &((const struct sockaddr_in *)ss1)->sin_addr;
986 p_ss2 = (const unsigned char *)
987 &((const struct sockaddr_in *)ss2)->sin_addr;
990 #if defined(HAVE_IPV6)
991 if (pss->ss_family == AF_INET6) {
992 p_if = (const unsigned char *)
993 &((const struct sockaddr_in6 *)pss)->sin6_addr;
994 p_ss1 = (const unsigned char *)
995 &((const struct sockaddr_in6 *)ss1)->sin6_addr;
996 p_ss2 = (const unsigned char *)
997 &((const struct sockaddr_in6 *)ss2)->sin6_addr;
1001 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
1004 bits1 = matching_len_bits(p_ss1, p_if, len);
1005 bits2 = matching_len_bits(p_ss2, p_if, len);
1006 max_bits1 = MAX(bits1, max_bits1);
1007 max_bits2 = MAX(bits2, max_bits2);
1010 /* Bias towards directly reachable IPs */
1011 if (iface_local((const struct sockaddr *)ss1)) {
1012 if (ss1->ss_family == AF_INET) {
1018 if (iface_local((const struct sockaddr *)ss2)) {
1019 if (ss2->ss_family == AF_INET) {
1025 return max_bits2 - max_bits1;
1028 /*******************************************************************
1029 compare 2 ldap IPs by nearness to our interfaces - used in qsort
1030 *******************************************************************/
1032 int ip_service_compare(struct ip_service *ss1, struct ip_service *ss2)
1036 if ((result = addr_compare(&ss1->ss, &ss2->ss)) != 0) {
1040 if (ss1->port > ss2->port) {
1044 if (ss1->port < ss2->port) {
1052 sort an IP list so that names that are close to one of our interfaces
1053 are at the top. This prevents the problem where a WINS server returns an IP
1054 that is not reachable from our subnet as the first match
1057 static void sort_addr_list(struct sockaddr_storage *sslist, int count)
1063 TYPESAFE_QSORT(sslist, count, addr_compare);
1066 static void sort_service_list(struct ip_service *servlist, int count)
1072 TYPESAFE_QSORT(servlist, count, ip_service_compare);
1075 /**********************************************************************
1076 Remove any duplicate address/port pairs in the list
1077 *********************************************************************/
1079 static int remove_duplicate_addrs2(struct ip_service *iplist, int count )
1083 DEBUG(10,("remove_duplicate_addrs2: "
1084 "looking for duplicate address/port pairs\n"));
1086 /* one loop to remove duplicates */
1087 for ( i=0; i<count; i++ ) {
1088 if ( is_zero_addr(&iplist[i].ss)) {
1092 for ( j=i+1; j<count; j++ ) {
1093 if (sockaddr_equal((struct sockaddr *)&iplist[i].ss, (struct sockaddr *)&iplist[j].ss) &&
1094 iplist[i].port == iplist[j].port) {
1095 zero_sockaddr(&iplist[j].ss);
1100 /* one loop to clean up any holes we left */
1101 /* first ip should never be a zero_ip() */
1102 for (i = 0; i<count; ) {
1103 if (is_zero_addr(&iplist[i].ss) ) {
1105 memmove(&iplist[i], &iplist[i+1],
1106 (count - i - 1)*sizeof(iplist[i]));
1117 static bool prioritize_ipv4_list(struct ip_service *iplist, int count)
1119 TALLOC_CTX *frame = talloc_stackframe();
1120 struct ip_service *iplist_new = TALLOC_ARRAY(frame, struct ip_service, count);
1123 if (iplist_new == NULL) {
1130 /* Copy IPv4 first. */
1131 for (i = 0; i < count; i++) {
1132 if (iplist[i].ss.ss_family == AF_INET) {
1133 iplist_new[j++] = iplist[i];
1138 for (i = 0; i < count; i++) {
1139 if (iplist[i].ss.ss_family != AF_INET) {
1140 iplist_new[j++] = iplist[i];
1144 memcpy(iplist, iplist_new, sizeof(struct ip_service)*count);
1149 /****************************************************************************
1150 Do a netbios name query to find someones IP.
1151 Returns an array of IP addresses or NULL if none.
1152 *count will be set to the number of addresses returned.
1153 *timed_out is set if we failed by timing out
1154 ****************************************************************************/
1156 struct name_query_state {
1157 struct sockaddr_storage my_addr;
1158 struct sockaddr_storage addr;
1165 NTSTATUS validate_error;
1168 struct sockaddr_storage *addrs;
1172 static bool name_query_validator(struct packet_struct *p, void *private_data);
1173 static void name_query_done(struct tevent_req *subreq);
1175 struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1176 struct tevent_context *ev,
1177 const char *name, int name_type,
1178 bool bcast, bool recurse,
1179 const struct sockaddr_storage *addr)
1181 struct tevent_req *req, *subreq;
1182 struct name_query_state *state;
1183 struct packet_struct p;
1184 struct nmb_packet *nmb = &p.packet.nmb;
1185 struct sockaddr_in *in_addr;
1187 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1191 state->bcast = bcast;
1193 if (addr->ss_family != AF_INET) {
1194 /* Can't do node status to IPv6 */
1195 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1196 return tevent_req_post(req, ev);
1199 if (lp_disable_netbios()) {
1200 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1202 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1203 return tevent_req_post(req, ev);
1206 state->addr = *addr;
1207 in_addr = (struct sockaddr_in *)(void *)&state->addr;
1208 in_addr->sin_port = htons(NMB_PORT);
1210 set_socket_addr_v4(&state->my_addr);
1213 nmb->header.name_trn_id = generate_trn_id();
1214 nmb->header.opcode = 0;
1215 nmb->header.response = false;
1216 nmb->header.nm_flags.bcast = bcast;
1217 nmb->header.nm_flags.recursion_available = false;
1218 nmb->header.nm_flags.recursion_desired = recurse;
1219 nmb->header.nm_flags.trunc = false;
1220 nmb->header.nm_flags.authoritative = false;
1221 nmb->header.rcode = 0;
1222 nmb->header.qdcount = 1;
1223 nmb->header.ancount = 0;
1224 nmb->header.nscount = 0;
1225 nmb->header.arcount = 0;
1227 make_nmb_name(&nmb->question.question_name,name,name_type);
1229 nmb->question.question_type = 0x20;
1230 nmb->question.question_class = 0x1;
1232 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1234 if (state->buflen == 0) {
1235 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1236 DEBUG(10, ("build_packet failed\n"));
1237 return tevent_req_post(req, ev);
1240 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, bcast,
1241 state->buf, state->buflen,
1242 NMB_PACKET, nmb->header.name_trn_id,
1243 name_query_validator, state);
1244 if (tevent_req_nomem(subreq, req)) {
1245 DEBUG(10, ("nb_trans_send failed\n"));
1246 return tevent_req_post(req, ev);
1248 tevent_req_set_callback(subreq, name_query_done, req);
1252 static bool name_query_validator(struct packet_struct *p, void *private_data)
1254 struct name_query_state *state = talloc_get_type_abort(
1255 private_data, struct name_query_state);
1256 struct nmb_packet *nmb = &p->packet.nmb;
1257 struct sockaddr_storage *tmp_addrs;
1258 bool got_unique_netbios_name = false;
1261 debug_nmb_packet(p);
1264 * If we get a Negative Name Query Response from a WINS
1265 * server, we should report it and give up.
1267 if( 0 == nmb->header.opcode /* A query response */
1268 && !state->bcast /* from a WINS server */
1269 && nmb->header.rcode /* Error returned */
1272 if( DEBUGLVL( 3 ) ) {
1273 /* Only executed if DEBUGLEVEL >= 3 */
1274 dbgtext( "Negative name query "
1275 "response, rcode 0x%02x: ",
1276 nmb->header.rcode );
1277 switch( nmb->header.rcode ) {
1279 dbgtext("Request was invalidly formatted.\n");
1282 dbgtext("Problem with NBNS, cannot process "
1286 dbgtext("The name requested does not "
1290 dbgtext("Unsupported request error.\n");
1293 dbgtext("Query refused error.\n");
1296 dbgtext("Unrecognized error code.\n" );
1302 * We accept this packet as valid, but tell the upper
1303 * layers that it's a negative response.
1305 state->validate_error = NT_STATUS_NOT_FOUND;
1309 if (nmb->header.opcode != 0 ||
1310 nmb->header.nm_flags.bcast ||
1311 nmb->header.rcode ||
1312 !nmb->header.ancount) {
1314 * XXXX what do we do with this? Could be a redirect,
1315 * but we'll discard it for the moment.
1320 tmp_addrs = talloc_realloc(
1321 state, state->addrs, struct sockaddr_storage,
1322 state->num_addrs + nmb->answers->rdlength/6);
1323 if (tmp_addrs == NULL) {
1324 state->validate_error = NT_STATUS_NO_MEMORY;
1327 state->addrs = tmp_addrs;
1329 DEBUG(2,("Got a positive name query response "
1330 "from %s ( ", inet_ntoa(p->ip)));
1332 for (i=0; i<nmb->answers->rdlength/6; i++) {
1335 struct sockaddr_storage addr;
1338 flags = RSVAL(&nmb->answers->rdata[i*6], 0);
1339 got_unique_netbios_name |= ((flags & 0x8000) == 0);
1341 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1342 in_addr_to_sockaddr_storage(&addr, ip);
1344 for (j=0; j<state->num_addrs; j++) {
1346 (struct sockaddr *)&addr,
1347 (struct sockaddr *)&state->addrs[j])) {
1351 if (j < state->num_addrs) {
1352 /* Already got it */
1356 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1358 state->addrs[state->num_addrs] = addr;
1359 state->num_addrs += 1;
1361 DEBUGADD(2,(")\n"));
1363 /* We add the flags back ... */
1364 if (nmb->header.response)
1365 state->flags |= NM_FLAGS_RS;
1366 if (nmb->header.nm_flags.authoritative)
1367 state->flags |= NM_FLAGS_AA;
1368 if (nmb->header.nm_flags.trunc)
1369 state->flags |= NM_FLAGS_TC;
1370 if (nmb->header.nm_flags.recursion_desired)
1371 state->flags |= NM_FLAGS_RD;
1372 if (nmb->header.nm_flags.recursion_available)
1373 state->flags |= NM_FLAGS_RA;
1374 if (nmb->header.nm_flags.bcast)
1375 state->flags |= NM_FLAGS_B;
1379 * We have to collect all entries coming in from broadcast
1380 * queries. If we got a unique name, we're done.
1382 return got_unique_netbios_name;
1385 * WINS responses are accepted when they are received
1390 static void name_query_done(struct tevent_req *subreq)
1392 struct tevent_req *req = tevent_req_callback_data(
1393 subreq, struct tevent_req);
1394 struct name_query_state *state = tevent_req_data(
1395 req, struct name_query_state);
1397 struct packet_struct *p = NULL;
1399 status = nb_trans_recv(subreq, &p);
1400 TALLOC_FREE(subreq);
1401 if (tevent_req_nterror(req, status)) {
1404 if (!NT_STATUS_IS_OK(state->validate_error)) {
1405 tevent_req_nterror(req, state->validate_error);
1410 * Free the packet here, we've collected the response in the
1415 tevent_req_done(req);
1418 NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1419 struct sockaddr_storage **addrs, int *num_addrs,
1422 struct name_query_state *state = tevent_req_data(
1423 req, struct name_query_state);
1426 if (tevent_req_is_nterror(req, &status)
1427 && !NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1430 if (state->num_addrs == 0) {
1431 return NT_STATUS_NOT_FOUND;
1433 *addrs = talloc_move(mem_ctx, &state->addrs);
1434 sort_addr_list(*addrs, state->num_addrs);
1435 *num_addrs = state->num_addrs;
1436 if (flags != NULL) {
1437 *flags = state->flags;
1439 return NT_STATUS_OK;
1442 NTSTATUS name_query(const char *name, int name_type,
1443 bool bcast, bool recurse,
1444 const struct sockaddr_storage *to_ss,
1445 TALLOC_CTX *mem_ctx,
1446 struct sockaddr_storage **addrs,
1447 int *num_addrs, uint8_t *flags)
1449 TALLOC_CTX *frame = talloc_stackframe();
1450 struct tevent_context *ev;
1451 struct tevent_req *req;
1452 struct timeval timeout;
1453 NTSTATUS status = NT_STATUS_NO_MEMORY;
1455 ev = tevent_context_init(frame);
1459 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1464 timeout = timeval_current_ofs(0, 250000);
1466 timeout = timeval_current_ofs(2, 0);
1468 if (!tevent_req_set_endtime(req, ev, timeout)) {
1471 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1474 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1480 /********************************************************
1481 convert an array if struct sockaddr_storage to struct ip_service
1482 return false on failure. Port is set to PORT_NONE;
1483 *********************************************************/
1485 static bool convert_ss2service(struct ip_service **return_iplist,
1486 const struct sockaddr_storage *ss_list,
1491 if ( count==0 || !ss_list )
1494 /* copy the ip address; port will be PORT_NONE */
1495 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, count)) ==
1497 DEBUG(0,("convert_ip2service: malloc failed "
1498 "for %d enetries!\n", count ));
1502 for ( i=0; i<count; i++ ) {
1503 (*return_iplist)[i].ss = ss_list[i];
1504 (*return_iplist)[i].port = PORT_NONE;
1510 struct name_queries_state {
1511 struct tevent_context *ev;
1516 const struct sockaddr_storage *addrs;
1521 struct tevent_req **subreqs;
1526 struct sockaddr_storage *result_addrs;
1527 int num_result_addrs;
1531 static void name_queries_done(struct tevent_req *subreq);
1532 static void name_queries_next(struct tevent_req *subreq);
1535 * Send a name query to multiple destinations with a wait time in between
1538 static struct tevent_req *name_queries_send(
1539 TALLOC_CTX *mem_ctx, struct tevent_context *ev,
1540 const char *name, int name_type,
1541 bool bcast, bool recurse,
1542 const struct sockaddr_storage *addrs,
1543 int num_addrs, int wait_msec, int timeout_msec)
1545 struct tevent_req *req, *subreq;
1546 struct name_queries_state *state;
1548 req = tevent_req_create(mem_ctx, &state,
1549 struct name_queries_state);
1555 state->name_type = name_type;
1556 state->bcast = bcast;
1557 state->recurse = recurse;
1558 state->addrs = addrs;
1559 state->num_addrs = num_addrs;
1560 state->wait_msec = wait_msec;
1561 state->timeout_msec = timeout_msec;
1563 state->subreqs = talloc_zero_array(
1564 state, struct tevent_req *, num_addrs);
1565 if (tevent_req_nomem(state->subreqs, req)) {
1566 return tevent_req_post(req, ev);
1568 state->num_sent = 0;
1570 subreq = name_query_send(
1571 state->subreqs, state->ev, name, name_type, bcast, recurse,
1572 &state->addrs[state->num_sent]);
1573 if (tevent_req_nomem(subreq, req)) {
1574 return tevent_req_post(req, ev);
1576 if (!tevent_req_set_endtime(
1578 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1579 tevent_req_nomem(NULL, req);
1580 return tevent_req_post(req, ev);
1582 tevent_req_set_callback(subreq, name_queries_done, req);
1584 state->subreqs[state->num_sent] = subreq;
1585 state->num_sent += 1;
1587 if (state->num_sent < state->num_addrs) {
1588 subreq = tevent_wakeup_send(
1590 timeval_current_ofs(0, state->wait_msec * 1000));
1591 if (tevent_req_nomem(subreq, req)) {
1592 return tevent_req_post(req, ev);
1594 tevent_req_set_callback(subreq, name_queries_next, req);
1599 static void name_queries_done(struct tevent_req *subreq)
1601 struct tevent_req *req = tevent_req_callback_data(
1602 subreq, struct tevent_req);
1603 struct name_queries_state *state = tevent_req_data(
1604 req, struct name_queries_state);
1608 status = name_query_recv(subreq, state, &state->result_addrs,
1609 &state->num_result_addrs, &state->flags);
1611 for (i=0; i<state->num_sent; i++) {
1612 if (state->subreqs[i] == subreq) {
1616 if (i == state->num_sent) {
1617 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1620 TALLOC_FREE(state->subreqs[i]);
1622 state->num_received += 1;
1624 if (!NT_STATUS_IS_OK(status)) {
1626 if (state->num_received >= state->num_addrs) {
1627 tevent_req_nterror(req, status);
1631 * Still outstanding requests, just wait
1635 state->received_index = i;
1636 tevent_req_done(req);
1639 static void name_queries_next(struct tevent_req *subreq)
1641 struct tevent_req *req = tevent_req_callback_data(
1642 subreq, struct tevent_req);
1643 struct name_queries_state *state = tevent_req_data(
1644 req, struct name_queries_state);
1646 if (!tevent_wakeup_recv(subreq)) {
1647 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1651 subreq = name_query_send(
1652 state->subreqs, state->ev,
1653 state->name, state->name_type, state->bcast, state->recurse,
1654 &state->addrs[state->num_sent]);
1655 if (tevent_req_nomem(subreq, req)) {
1658 tevent_req_set_callback(subreq, name_queries_done, req);
1659 if (!tevent_req_set_endtime(
1661 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1662 tevent_req_nomem(NULL, req);
1665 state->subreqs[state->num_sent] = subreq;
1666 state->num_sent += 1;
1668 if (state->num_sent < state->num_addrs) {
1669 subreq = tevent_wakeup_send(
1671 timeval_current_ofs(0, state->wait_msec * 1000));
1672 if (tevent_req_nomem(subreq, req)) {
1675 tevent_req_set_callback(subreq, name_queries_next, req);
1679 static NTSTATUS name_queries_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1680 struct sockaddr_storage **result_addrs,
1681 int *num_result_addrs, uint8_t *flags,
1682 int *received_index)
1684 struct name_queries_state *state = tevent_req_data(
1685 req, struct name_queries_state);
1688 if (tevent_req_is_nterror(req, &status)) {
1692 if (result_addrs != NULL) {
1693 *result_addrs = talloc_move(mem_ctx, &state->result_addrs);
1695 if (num_result_addrs != NULL) {
1696 *num_result_addrs = state->num_result_addrs;
1698 if (flags != NULL) {
1699 *flags = state->flags;
1701 if (received_index != NULL) {
1702 *received_index = state->received_index;
1704 return NT_STATUS_OK;
1707 static NTSTATUS name_queries(const char *name, int name_type,
1708 bool bcast, bool recurse,
1709 const struct sockaddr_storage *addrs,
1710 int num_addrs, int wait_msec, int timeout_msec,
1711 TALLOC_CTX *mem_ctx,
1712 struct sockaddr_storage **result_addrs,
1713 int *num_result_addrs, uint8_t *flags,
1714 int *received_index)
1716 TALLOC_CTX *frame = talloc_stackframe();
1717 struct event_context *ev;
1718 struct tevent_req *req;
1719 NTSTATUS status = NT_STATUS_NO_MEMORY;
1721 ev = event_context_init(frame);
1725 req = name_queries_send(frame, ev, name, name_type, bcast,
1726 recurse, addrs, num_addrs, wait_msec,
1731 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1734 status = name_queries_recv(req, mem_ctx, result_addrs,
1735 num_result_addrs, flags, received_index);
1741 /********************************************************
1742 Resolve via "bcast" method.
1743 *********************************************************/
1745 NTSTATUS name_resolve_bcast(const char *name,
1747 TALLOC_CTX *mem_ctx,
1748 struct sockaddr_storage **return_iplist,
1751 struct sockaddr_storage *bcast_addrs;
1752 int i, num_addrs, num_bcast_addrs;
1754 if (lp_disable_netbios()) {
1755 DEBUG(5,("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1757 return NT_STATUS_INVALID_PARAMETER;
1761 * "bcast" means do a broadcast lookup on all the local interfaces.
1764 DEBUG(3,("name_resolve_bcast: Attempting broadcast lookup "
1765 "for name %s<0x%x>\n", name, name_type));
1767 num_addrs = iface_count();
1768 bcast_addrs = talloc_array(talloc_tos(), struct sockaddr_storage,
1770 if (bcast_addrs == NULL) {
1771 return NT_STATUS_NO_MEMORY;
1775 * Lookup the name on all the interfaces, return on
1776 * the first successful match.
1778 num_bcast_addrs = 0;
1780 for (i=0; i<num_addrs; i++) {
1781 const struct sockaddr_storage *pss = iface_n_bcast(i);
1783 if (pss->ss_family != AF_INET) {
1786 bcast_addrs[num_bcast_addrs] = *pss;
1787 num_bcast_addrs += 1;
1790 return name_queries(name, name_type, true, true,
1791 bcast_addrs, num_bcast_addrs, 0, 1000,
1792 mem_ctx, return_iplist, return_count,
1796 /********************************************************
1797 Resolve via "wins" method.
1798 *********************************************************/
1800 NTSTATUS resolve_wins(const char *name,
1802 struct ip_service **return_iplist,
1807 struct sockaddr_storage src_ss, *ss_list = NULL;
1808 struct in_addr src_ip;
1811 if (lp_disable_netbios()) {
1812 DEBUG(5,("resolve_wins(%s#%02x): netbios is disabled\n",
1814 return NT_STATUS_INVALID_PARAMETER;
1817 *return_iplist = NULL;
1820 DEBUG(3,("resolve_wins: Attempting wins lookup for name %s<0x%x>\n",
1823 if (wins_srv_count() < 1) {
1824 DEBUG(3,("resolve_wins: WINS server resolution selected "
1825 "and no WINS servers listed.\n"));
1826 return NT_STATUS_INVALID_PARAMETER;
1829 /* we try a lookup on each of the WINS tags in turn */
1830 wins_tags = wins_srv_tags();
1833 /* huh? no tags?? give up in disgust */
1834 return NT_STATUS_INVALID_PARAMETER;
1837 /* the address we will be sending from */
1838 if (!interpret_string_addr(&src_ss, lp_socket_address(),
1839 AI_NUMERICHOST|AI_PASSIVE)) {
1840 zero_sockaddr(&src_ss);
1843 if (src_ss.ss_family != AF_INET) {
1844 char addr[INET6_ADDRSTRLEN];
1845 print_sockaddr(addr, sizeof(addr), &src_ss);
1846 DEBUG(3,("resolve_wins: cannot receive WINS replies "
1847 "on IPv6 address %s\n",
1849 wins_srv_tags_free(wins_tags);
1850 return NT_STATUS_INVALID_PARAMETER;
1853 src_ip = ((struct sockaddr_in *)&src_ss)->sin_addr;
1855 /* in the worst case we will try every wins server with every
1857 for (t=0; wins_tags && wins_tags[t]; t++) {
1858 int srv_count = wins_srv_count_tag(wins_tags[t]);
1859 for (i=0; i<srv_count; i++) {
1860 struct sockaddr_storage wins_ss;
1861 struct in_addr wins_ip;
1863 wins_ip = wins_srv_ip_tag(wins_tags[t], src_ip);
1865 if (global_in_nmbd && ismyip_v4(wins_ip)) {
1866 /* yikes! we'll loop forever */
1870 /* skip any that have been unresponsive lately */
1871 if (wins_srv_is_dead(wins_ip, src_ip)) {
1875 DEBUG(3,("resolve_wins: using WINS server %s "
1877 inet_ntoa(wins_ip), wins_tags[t]));
1879 in_addr_to_sockaddr_storage(&wins_ss, wins_ip);
1880 status = name_query(name,
1890 /* exit loop if we got a list of addresses */
1892 if (NT_STATUS_IS_OK(status)) {
1896 if (NT_STATUS_EQUAL(status,
1897 NT_STATUS_IO_TIMEOUT)) {
1898 /* Timed out waiting for WINS server to
1901 wins_srv_died(wins_ip, src_ip);
1903 /* The name definitely isn't in this
1904 group of WINS servers.
1905 goto the next group */
1911 wins_srv_tags_free(wins_tags);
1912 return NT_STATUS_NO_LOGON_SERVERS;
1916 status = NT_STATUS_OK;
1917 if (!convert_ss2service(return_iplist, ss_list, *return_count))
1918 status = NT_STATUS_INVALID_PARAMETER;
1920 TALLOC_FREE(ss_list);
1921 wins_srv_tags_free(wins_tags);
1926 /********************************************************
1927 Resolve via "lmhosts" method.
1928 *********************************************************/
1930 static NTSTATUS resolve_lmhosts(const char *name, int name_type,
1931 struct ip_service **return_iplist,
1935 * "lmhosts" means parse the local lmhosts file.
1937 struct sockaddr_storage *ss_list;
1938 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1939 TALLOC_CTX *ctx = NULL;
1941 *return_iplist = NULL;
1944 DEBUG(3,("resolve_lmhosts: "
1945 "Attempting lmhosts lookup for name %s<0x%x>\n",
1948 ctx = talloc_init("resolve_lmhosts");
1950 return NT_STATUS_NO_MEMORY;
1953 status = resolve_lmhosts_file_as_sockaddr(get_dyn_LMHOSTSFILE(),
1958 if (NT_STATUS_IS_OK(status)) {
1959 if (convert_ss2service(return_iplist,
1963 return NT_STATUS_OK;
1966 return NT_STATUS_NO_MEMORY;
1974 /********************************************************
1975 Resolve via "hosts" method.
1976 *********************************************************/
1978 static NTSTATUS resolve_hosts(const char *name, int name_type,
1979 struct ip_service **return_iplist,
1983 * "host" means do a localhost, or dns lookup.
1985 struct addrinfo hints;
1986 struct addrinfo *ailist = NULL;
1987 struct addrinfo *res = NULL;
1990 const char *dns_hosts_file;
1992 if ( name_type != 0x20 && name_type != 0x0) {
1993 DEBUG(5, ("resolve_hosts: not appropriate "
1994 "for name type <0x%x>\n",
1996 return NT_STATUS_INVALID_PARAMETER;
1999 *return_iplist = NULL;
2002 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
2006 /* By default make sure it supports TCP. */
2007 hints.ai_socktype = SOCK_STREAM;
2008 hints.ai_flags = AI_ADDRCONFIG;
2010 #if !defined(HAVE_IPV6)
2011 /* Unless we have IPv6, we really only want IPv4 addresses back. */
2012 hints.ai_family = AF_INET;
2015 dns_hosts_file = lp_parm_const_string(-1, "resolv", "host file", NULL);
2016 if (dns_hosts_file) {
2017 struct sockaddr_storage *ss_list;
2019 TALLOC_CTX *ctx = talloc_stackframe();
2021 return NT_STATUS_NO_MEMORY;
2024 status = resolve_dns_hosts_file_as_sockaddr(dns_hosts_file, name, false,
2025 ctx, &ss_list, return_count);
2026 if (NT_STATUS_IS_OK(status)) {
2027 if (convert_ss2service(return_iplist,
2031 return NT_STATUS_OK;
2034 return NT_STATUS_NO_MEMORY;
2038 return NT_STATUS_UNSUCCESSFUL;
2041 ret = getaddrinfo(name,
2046 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
2048 gai_strerror(ret) ));
2051 for (res = ailist; res; res = res->ai_next) {
2052 struct sockaddr_storage ss;
2054 if (!res->ai_addr || res->ai_addrlen == 0) {
2059 memcpy(&ss, res->ai_addr, res->ai_addrlen);
2063 *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
2066 if (!*return_iplist) {
2067 DEBUG(3,("resolve_hosts: malloc fail !\n"));
2068 freeaddrinfo(ailist);
2069 return NT_STATUS_NO_MEMORY;
2071 (*return_iplist)[i].ss = ss;
2072 (*return_iplist)[i].port = PORT_NONE;
2076 freeaddrinfo(ailist);
2078 if (*return_count) {
2079 return NT_STATUS_OK;
2081 return NT_STATUS_UNSUCCESSFUL;
2084 /********************************************************
2085 Resolve via "ADS" method.
2086 *********************************************************/
2088 /* Special name type used to cause a _kerberos DNS lookup. */
2089 #define KDC_NAME_TYPE 0xDCDC
2091 static NTSTATUS resolve_ads(const char *name,
2093 const char *sitename,
2094 struct ip_service **return_iplist,
2100 struct dns_rr_srv *dcs = NULL;
2104 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
2105 (name_type != 0x1b)) {
2106 return NT_STATUS_INVALID_PARAMETER;
2109 if ( (ctx = talloc_init("resolve_ads")) == NULL ) {
2110 DEBUG(0,("resolve_ads: talloc_init() failed!\n"));
2111 return NT_STATUS_NO_MEMORY;
2114 /* The DNS code needs fixing to find IPv6 addresses... JRA. */
2116 switch (name_type) {
2118 DEBUG(5,("resolve_ads: Attempting to resolve "
2119 "PDC for %s using DNS\n", name));
2120 status = ads_dns_query_pdc(ctx, name, &dcs, &numdcs);
2124 DEBUG(5,("resolve_ads: Attempting to resolve "
2125 "DCs for %s using DNS\n", name));
2126 status = ads_dns_query_dcs(ctx, name, sitename, &dcs,
2130 DEBUG(5,("resolve_ads: Attempting to resolve "
2131 "KDCs for %s using DNS\n", name));
2132 status = ads_dns_query_kdcs(ctx, name, sitename, &dcs,
2136 status = NT_STATUS_INVALID_PARAMETER;
2140 if ( !NT_STATUS_IS_OK( status ) ) {
2141 talloc_destroy(ctx);
2145 for (i=0;i<numdcs;i++) {
2146 numaddrs += MAX(dcs[i].num_ips,1);
2149 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, numaddrs)) ==
2151 DEBUG(0,("resolve_ads: malloc failed for %d entries\n",
2153 talloc_destroy(ctx);
2154 return NT_STATUS_NO_MEMORY;
2157 /* now unroll the list of IP addresses */
2162 while ( i < numdcs && (*return_count<numaddrs) ) {
2163 struct ip_service *r = &(*return_iplist)[*return_count];
2165 r->port = dcs[i].port;
2167 /* If we don't have an IP list for a name, lookup it up */
2170 interpret_string_addr(&r->ss, dcs[i].hostname, 0);
2174 /* use the IP addresses from the SRV sresponse */
2176 if ( j >= dcs[i].num_ips ) {
2182 r->ss = dcs[i].ss_s[j];
2186 /* make sure it is a valid IP. I considered checking the
2187 * negative connection cache, but this is the wrong place
2188 * for it. Maybe only as a hack. After think about it, if
2189 * all of the IP addresses returned from DNS are dead, what
2190 * hope does a netbios name lookup have ? The standard reason
2191 * for falling back to netbios lookups is that our DNS server
2192 * doesn't know anything about the DC's -- jerry */
2194 if (!is_zero_addr(&r->ss)) {
2199 talloc_destroy(ctx);
2200 return NT_STATUS_OK;
2203 /*******************************************************************
2204 Internal interface to resolve a name into an IP address.
2205 Use this function if the string is either an IP address, DNS
2206 or host name or NetBIOS name. This uses the name switch in the
2207 smb.conf to determine the order of name resolution.
2209 Added support for ip addr/port to support ADS ldap servers.
2210 the only place we currently care about the port is in the
2211 resolve_hosts() when looking up DC's via SRV RR entries in DNS
2212 **********************************************************************/
2214 NTSTATUS internal_resolve_name(const char *name,
2216 const char *sitename,
2217 struct ip_service **return_iplist,
2219 const char *resolve_order)
2223 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
2225 TALLOC_CTX *frame = NULL;
2227 *return_iplist = NULL;
2230 DEBUG(10, ("internal_resolve_name: looking up %s#%x (sitename %s)\n",
2231 name, name_type, sitename ? sitename : "(null)"));
2233 if (is_ipaddress(name)) {
2234 if ((*return_iplist = SMB_MALLOC_P(struct ip_service)) ==
2236 DEBUG(0,("internal_resolve_name: malloc fail !\n"));
2237 return NT_STATUS_NO_MEMORY;
2240 /* ignore the port here */
2241 (*return_iplist)->port = PORT_NONE;
2243 /* if it's in the form of an IP address then get the lib to interpret it */
2244 if (!interpret_string_addr(&(*return_iplist)->ss,
2245 name, AI_NUMERICHOST)) {
2246 DEBUG(1,("internal_resolve_name: interpret_string_addr "
2249 SAFE_FREE(*return_iplist);
2250 return NT_STATUS_INVALID_PARAMETER;
2253 return NT_STATUS_OK;
2256 /* Check name cache */
2258 if (namecache_fetch(name, name_type, return_iplist, return_count)) {
2259 /* This could be a negative response */
2260 if (*return_count > 0) {
2261 return NT_STATUS_OK;
2263 return NT_STATUS_UNSUCCESSFUL;
2267 /* set the name resolution order */
2269 if (strcmp( resolve_order, "NULL") == 0) {
2270 DEBUG(8,("internal_resolve_name: all lookups disabled\n"));
2271 return NT_STATUS_INVALID_PARAMETER;
2274 if (!resolve_order[0]) {
2277 ptr = resolve_order;
2280 /* iterate through the name resolution backends */
2282 frame = talloc_stackframe();
2283 while (next_token_talloc(frame, &ptr, &tok, LIST_SEP)) {
2284 if((strequal(tok, "host") || strequal(tok, "hosts"))) {
2285 status = resolve_hosts(name, name_type, return_iplist,
2287 if (NT_STATUS_IS_OK(status)) {
2290 } else if(strequal( tok, "kdc")) {
2291 /* deal with KDC_NAME_TYPE names here.
2292 * This will result in a SRV record lookup */
2293 status = resolve_ads(name, KDC_NAME_TYPE, sitename,
2294 return_iplist, return_count);
2295 if (NT_STATUS_IS_OK(status)) {
2296 /* Ensure we don't namecache
2297 * this with the KDC port. */
2298 name_type = KDC_NAME_TYPE;
2301 } else if(strequal( tok, "ads")) {
2302 /* deal with 0x1c and 0x1b names here.
2303 * This will result in a SRV record lookup */
2304 status = resolve_ads(name, name_type, sitename,
2305 return_iplist, return_count);
2306 if (NT_STATUS_IS_OK(status)) {
2309 } else if(strequal( tok, "lmhosts")) {
2310 status = resolve_lmhosts(name, name_type,
2311 return_iplist, return_count);
2312 if (NT_STATUS_IS_OK(status)) {
2315 } else if(strequal( tok, "wins")) {
2316 /* don't resolve 1D via WINS */
2317 if (name_type != 0x1D) {
2318 status = resolve_wins(name, name_type,
2321 if (NT_STATUS_IS_OK(status)) {
2325 } else if(strequal( tok, "bcast")) {
2326 struct sockaddr_storage *ss_list;
2327 status = name_resolve_bcast(
2328 name, name_type, talloc_tos(),
2329 &ss_list, return_count);
2330 if (NT_STATUS_IS_OK(status)) {
2331 if (!convert_ss2service(return_iplist,
2334 status = NT_STATUS_NO_MEMORY;
2339 DEBUG(0,("resolve_name: unknown name switch type %s\n",
2344 /* All of the resolve_* functions above have returned false. */
2347 SAFE_FREE(*return_iplist);
2350 return NT_STATUS_UNSUCCESSFUL;
2354 /* Remove duplicate entries. Some queries, notably #1c (domain
2355 controllers) return the PDC in iplist[0] and then all domain
2356 controllers including the PDC in iplist[1..n]. Iterating over
2357 the iplist when the PDC is down will cause two sets of timeouts. */
2359 if ( *return_count ) {
2360 *return_count = remove_duplicate_addrs2(*return_iplist,
2364 /* Save in name cache */
2365 if ( DEBUGLEVEL >= 100 ) {
2366 for (i = 0; i < *return_count && DEBUGLEVEL == 100; i++) {
2367 char addr[INET6_ADDRSTRLEN];
2368 print_sockaddr(addr, sizeof(addr),
2369 &(*return_iplist)[i].ss);
2370 DEBUG(100, ("Storing name %s of type %d (%s:%d)\n",
2374 (*return_iplist)[i].port));
2378 namecache_store(name, name_type, *return_count, *return_iplist);
2380 /* Display some debugging info */
2382 if ( DEBUGLEVEL >= 10 ) {
2383 DEBUG(10, ("internal_resolve_name: returning %d addresses: ",
2386 for (i = 0; i < *return_count; i++) {
2387 char addr[INET6_ADDRSTRLEN];
2388 print_sockaddr(addr, sizeof(addr),
2389 &(*return_iplist)[i].ss);
2390 DEBUGADD(10, ("%s:%d ",
2392 (*return_iplist)[i].port));
2401 /********************************************************
2402 Internal interface to resolve a name into one IP address.
2403 Use this function if the string is either an IP address, DNS
2404 or host name or NetBIOS name. This uses the name switch in the
2405 smb.conf to determine the order of name resolution.
2406 *********************************************************/
2408 bool resolve_name(const char *name,
2409 struct sockaddr_storage *return_ss,
2413 struct ip_service *ss_list = NULL;
2414 char *sitename = NULL;
2417 if (is_ipaddress(name)) {
2418 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2421 sitename = sitename_fetch(lp_realm()); /* wild guess */
2423 if (NT_STATUS_IS_OK(internal_resolve_name(name, name_type, sitename,
2425 lp_name_resolve_order()))) {
2429 for (i=0; i<count; i++) {
2430 if (!is_zero_addr(&ss_list[i].ss) &&
2431 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss) &&
2432 (ss_list[i].ss.ss_family == AF_INET)) {
2433 *return_ss = ss_list[i].ss;
2435 SAFE_FREE(sitename);
2441 /* only return valid addresses for TCP connections */
2442 for (i=0; i<count; i++) {
2443 if (!is_zero_addr(&ss_list[i].ss) &&
2444 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2445 *return_ss = ss_list[i].ss;
2447 SAFE_FREE(sitename);
2454 SAFE_FREE(sitename);
2458 /********************************************************
2459 Internal interface to resolve a name into a list of IP addresses.
2460 Use this function if the string is either an IP address, DNS
2461 or host name or NetBIOS name. This uses the name switch in the
2462 smb.conf to determine the order of name resolution.
2463 *********************************************************/
2465 NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
2468 struct sockaddr_storage **return_ss_arr,
2469 unsigned int *p_num_entries)
2471 struct ip_service *ss_list = NULL;
2472 char *sitename = NULL;
2475 unsigned int num_entries;
2479 *return_ss_arr = NULL;
2481 if (is_ipaddress(name)) {
2482 *return_ss_arr = TALLOC_P(ctx, struct sockaddr_storage);
2483 if (!*return_ss_arr) {
2484 return NT_STATUS_NO_MEMORY;
2486 if (!interpret_string_addr(*return_ss_arr, name, AI_NUMERICHOST)) {
2487 TALLOC_FREE(*return_ss_arr);
2488 return NT_STATUS_BAD_NETWORK_NAME;
2491 return NT_STATUS_OK;
2494 sitename = sitename_fetch(lp_realm()); /* wild guess */
2496 status = internal_resolve_name(name, name_type, sitename,
2498 lp_name_resolve_order());
2499 SAFE_FREE(sitename);
2501 if (!NT_STATUS_IS_OK(status)) {
2505 /* only return valid addresses for TCP connections */
2506 for (i=0, num_entries = 0; i<count; i++) {
2507 if (!is_zero_addr(&ss_list[i].ss) &&
2508 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2512 if (num_entries == 0) {
2514 return NT_STATUS_BAD_NETWORK_NAME;
2517 *return_ss_arr = TALLOC_ARRAY(ctx,
2518 struct sockaddr_storage,
2520 if (!(*return_ss_arr)) {
2522 return NT_STATUS_NO_MEMORY;
2525 for (i=0, num_entries = 0; i<count; i++) {
2526 if (!is_zero_addr(&ss_list[i].ss) &&
2527 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2528 (*return_ss_arr)[num_entries++] = ss_list[i].ss;
2532 status = NT_STATUS_OK;
2533 *p_num_entries = num_entries;
2536 return NT_STATUS_OK;
2539 /********************************************************
2540 Find the IP address of the master browser or DMB for a workgroup.
2541 *********************************************************/
2543 bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
2545 struct ip_service *ip_list = NULL;
2549 if (lp_disable_netbios()) {
2550 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
2554 status = internal_resolve_name(group, 0x1D, NULL, &ip_list, &count,
2555 lp_name_resolve_order());
2556 if (NT_STATUS_IS_OK(status)) {
2557 *master_ss = ip_list[0].ss;
2562 status = internal_resolve_name(group, 0x1B, NULL, &ip_list, &count,
2563 lp_name_resolve_order());
2564 if (NT_STATUS_IS_OK(status)) {
2565 *master_ss = ip_list[0].ss;
2574 /********************************************************
2575 Get the IP address list of the primary domain controller
2577 *********************************************************/
2579 bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
2581 struct ip_service *ip_list = NULL;
2583 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
2585 /* Look up #1B name */
2587 if (lp_security() == SEC_ADS) {
2588 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2592 if (!NT_STATUS_IS_OK(status) || count == 0) {
2593 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2595 lp_name_resolve_order());
2596 if (!NT_STATUS_IS_OK(status)) {
2601 /* if we get more than 1 IP back we have to assume it is a
2602 multi-homed PDC and not a mess up */
2605 DEBUG(6,("get_pdc_ip: PDC has %d IP addresses!\n", count));
2606 sort_service_list(ip_list, count);
2609 *pss = ip_list[0].ss;
2614 /* Private enum type for lookups. */
2616 enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
2618 /********************************************************
2619 Get the IP address list of the domain controllers for
2621 *********************************************************/
2623 static NTSTATUS get_dc_list(const char *domain,
2624 const char *sitename,
2625 struct ip_service **ip_list,
2627 enum dc_lookup_type lookup_type,
2630 char *resolve_order = NULL;
2631 char *saf_servername = NULL;
2632 char *pserver = NULL;
2634 char *port_str = NULL;
2637 int num_addresses = 0;
2638 int local_count, i, j;
2639 struct ip_service *return_iplist = NULL;
2640 struct ip_service *auto_ip_list = NULL;
2641 bool done_auto_lookup = false;
2644 TALLOC_CTX *ctx = talloc_init("get_dc_list");
2650 return NT_STATUS_NO_MEMORY;
2655 /* if we are restricted to solely using DNS for looking
2656 up a domain controller, make sure that host lookups
2657 are enabled for the 'name resolve order'. If host lookups
2658 are disabled and ads_only is True, then set the string to
2661 resolve_order = talloc_strdup(ctx, lp_name_resolve_order());
2662 if (!resolve_order) {
2663 status = NT_STATUS_NO_MEMORY;
2666 strlower_m(resolve_order);
2667 if (lookup_type == DC_ADS_ONLY) {
2668 if (strstr( resolve_order, "host")) {
2669 resolve_order = talloc_strdup(ctx, "ads");
2671 /* DNS SRV lookups used by the ads resolver
2672 are already sorted by priority and weight */
2675 resolve_order = talloc_strdup(ctx, "NULL");
2677 } else if (lookup_type == DC_KDC_ONLY) {
2678 /* DNS SRV lookups used by the ads/kdc resolver
2679 are already sorted by priority and weight */
2681 resolve_order = talloc_strdup(ctx, "kdc");
2683 if (!resolve_order) {
2684 status = NT_STATUS_NO_MEMORY;
2688 /* fetch the server we have affinity for. Add the
2689 'password server' list to a search for our domain controllers */
2691 saf_servername = saf_fetch( domain);
2693 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
2694 pserver = talloc_asprintf(ctx, "%s, %s",
2695 saf_servername ? saf_servername : "",
2696 lp_passwordserver());
2698 pserver = talloc_asprintf(ctx, "%s, *",
2699 saf_servername ? saf_servername : "");
2702 SAFE_FREE(saf_servername);
2704 status = NT_STATUS_NO_MEMORY;
2708 /* if we are starting from scratch, just lookup DOMAIN<0x1c> */
2711 DEBUG(10,("get_dc_list: no preferred domain controllers.\n"));
2712 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2713 count, resolve_order);
2717 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
2720 * if '*' appears in the "password server" list then add
2721 * an auto lookup to the list of manually configured
2722 * DC's. If any DC is listed by name, then the list should be
2723 * considered to be ordered
2727 while (next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2728 if (!done_auto_lookup && strequal(name, "*")) {
2729 status = internal_resolve_name(domain, 0x1C, sitename,
2733 if (NT_STATUS_IS_OK(status)) {
2734 num_addresses += auto_count;
2736 done_auto_lookup = true;
2737 DEBUG(8,("Adding %d DC's from auto lookup\n",
2744 /* if we have no addresses and haven't done the auto lookup, then
2745 just return the list of DC's. Or maybe we just failed. */
2747 if ((num_addresses == 0)) {
2748 if (done_auto_lookup) {
2749 DEBUG(4,("get_dc_list: no servers found\n"));
2750 status = NT_STATUS_NO_LOGON_SERVERS;
2753 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2754 count, resolve_order);
2758 if ((return_iplist = SMB_MALLOC_ARRAY(struct ip_service,
2759 num_addresses)) == NULL) {
2760 DEBUG(3,("get_dc_list: malloc fail !\n"));
2761 status = NT_STATUS_NO_MEMORY;
2768 /* fill in the return list now with real IP's */
2770 while ((local_count<num_addresses) &&
2771 next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2772 struct sockaddr_storage name_ss;
2774 /* copy any addersses from the auto lookup */
2776 if (strequal(name, "*")) {
2777 for (j=0; j<auto_count; j++) {
2778 char addr[INET6_ADDRSTRLEN];
2779 print_sockaddr(addr,
2781 &auto_ip_list[j].ss);
2782 /* Check for and don't copy any
2783 * known bad DC IP's. */
2784 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
2787 DEBUG(5,("get_dc_list: "
2788 "negative entry %s removed "
2793 return_iplist[local_count].ss =
2795 return_iplist[local_count].port =
2796 auto_ip_list[j].port;
2802 /* added support for address:port syntax for ads
2803 * (not that I think anyone will ever run the LDAP
2804 * server in an AD domain on something other than
2807 port = (lp_security() == SEC_ADS) ? LDAP_PORT : PORT_NONE;
2808 if ((port_str=strchr(name, ':')) != NULL) {
2811 port = atoi(port_str);
2814 /* explicit lookup; resolve_name() will
2815 * handle names & IP addresses */
2816 if (resolve_name( name, &name_ss, 0x20, true )) {
2817 char addr[INET6_ADDRSTRLEN];
2818 print_sockaddr(addr,
2822 /* Check for and don't copy any known bad DC IP's. */
2823 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
2825 DEBUG(5,("get_dc_list: negative entry %s "
2826 "removed from DC list\n",
2831 return_iplist[local_count].ss = name_ss;
2832 return_iplist[local_count].port = port;
2838 /* need to remove duplicates in the list if we have any
2839 explicit password servers */
2842 local_count = remove_duplicate_addrs2(return_iplist,
2846 /* For DC's we always prioritize IPv4 due to W2K3 not
2847 * supporting LDAP, KRB5 or CLDAP over IPv6. */
2849 if (local_count && return_iplist) {
2850 prioritize_ipv4_list(return_iplist, local_count);
2853 if ( DEBUGLEVEL >= 4 ) {
2854 DEBUG(4,("get_dc_list: returning %d ip addresses "
2855 "in an %sordered list\n",
2857 *ordered ? "":"un"));
2858 DEBUG(4,("get_dc_list: "));
2859 for ( i=0; i<local_count; i++ ) {
2860 char addr[INET6_ADDRSTRLEN];
2861 print_sockaddr(addr,
2863 &return_iplist[i].ss);
2864 DEBUGADD(4,("%s:%d ", addr, return_iplist[i].port ));
2869 *ip_list = return_iplist;
2870 *count = local_count;
2872 status = ( *count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS );
2876 if (!NT_STATUS_IS_OK(status)) {
2877 SAFE_FREE(return_iplist);
2882 SAFE_FREE(auto_ip_list);
2887 /*********************************************************************
2888 Small wrapper function to get the DC list and sort it if neccessary.
2889 *********************************************************************/
2891 NTSTATUS get_sorted_dc_list( const char *domain,
2892 const char *sitename,
2893 struct ip_service **ip_list,
2897 bool ordered = false;
2899 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
2904 DEBUG(8,("get_sorted_dc_list: attempting lookup "
2905 "for name %s (sitename %s) using [%s]\n",
2907 sitename ? sitename : "NULL",
2908 (ads_only ? "ads" : lp_name_resolve_order())));
2911 lookup_type = DC_ADS_ONLY;
2914 status = get_dc_list(domain, sitename, ip_list,
2915 count, lookup_type, &ordered);
2916 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
2918 DEBUG(3,("get_sorted_dc_list: no server for name %s available"
2919 " in site %s, fallback to all servers\n",
2921 status = get_dc_list(domain, NULL, ip_list,
2922 count, lookup_type, &ordered);
2925 if (!NT_STATUS_IS_OK(status)) {
2926 SAFE_FREE(*ip_list);
2931 /* only sort if we don't already have an ordered list */
2933 sort_service_list(*ip_list, *count);
2936 return NT_STATUS_OK;
2939 /*********************************************************************
2940 Get the KDC list - re-use all the logic in get_dc_list.
2941 *********************************************************************/
2943 NTSTATUS get_kdc_list( const char *realm,
2944 const char *sitename,
2945 struct ip_service **ip_list,
2954 status = get_dc_list(realm, sitename, ip_list,
2955 count, DC_KDC_ONLY, &ordered);
2957 if (!NT_STATUS_IS_OK(status)) {
2958 SAFE_FREE(*ip_list);
2963 /* only sort if we don't already have an ordered list */
2965 sort_service_list(*ip_list, *count);
2968 return NT_STATUS_OK;
git.samba.org / obnox / samba / samba-obnox.git / blob