2 Unix SMB/CIFS implementation.
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Jeremy Allison 2007.
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "../lib/util/tevent_ntstatus.h"
23 #include "libads/sitename_cache.h"
24 #include "libads/dns.h"
25 #include "../libcli/netlogon/netlogon.h"
26 #include "lib/async_req/async_sock.h"
27 #include "libsmb/nmblib.h"
29 /* nmbd.c sets this to True. */
30 bool global_in_nmbd = False;
32 /****************************
33 * SERVER AFFINITY ROUTINES *
34 ****************************/
36 /* Server affinity is the concept of preferring the last domain
37 controller with whom you had a successful conversation */
39 /****************************************************************************
40 ****************************************************************************/
41 #define SAFKEY_FMT "SAF/DOMAIN/%s"
43 #define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s"
44 #define SAFJOIN_TTL 3600
46 static char *saf_key(const char *domain)
50 asprintf_strupper_m(&keystr, SAFKEY_FMT, domain);
55 static char *saf_join_key(const char *domain)
59 asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain);
64 /****************************************************************************
65 ****************************************************************************/
67 bool saf_store( const char *domain, const char *servername )
73 if ( !domain || !servername ) {
74 DEBUG(2,("saf_store: "
75 "Refusing to store empty domain or servername!\n"));
79 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
80 DEBUG(0,("saf_store: "
81 "refusing to store 0 length domain or servername!\n"));
85 key = saf_key( domain );
86 expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL);
88 DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n",
89 domain, servername, (unsigned int)expire ));
91 ret = gencache_set( key, servername, expire );
98 bool saf_join_store( const char *domain, const char *servername )
104 if ( !domain || !servername ) {
105 DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n"));
109 if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) {
110 DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n"));
114 key = saf_join_key( domain );
115 expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL);
117 DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n",
118 domain, servername, (unsigned int)expire ));
120 ret = gencache_set( key, servername, expire );
127 bool saf_delete( const char *domain )
133 DEBUG(2,("saf_delete: Refusing to delete empty domain\n"));
137 key = saf_join_key(domain);
138 ret = gencache_del(key);
142 DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain ));
145 key = saf_key(domain);
146 ret = gencache_del(key);
150 DEBUG(10,("saf_delete: domain = [%s]\n", domain ));
156 /****************************************************************************
157 ****************************************************************************/
159 char *saf_fetch( const char *domain )
166 if ( !domain || strlen(domain) == 0) {
167 DEBUG(2,("saf_fetch: Empty domain name!\n"));
171 key = saf_join_key( domain );
173 ret = gencache_get( key, &server, &timeout );
178 DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n",
183 key = saf_key( domain );
185 ret = gencache_get( key, &server, &timeout );
190 DEBUG(5,("saf_fetch: failed to find server for \"%s\" domain\n",
193 DEBUG(5,("saf_fetch: Returning \"%s\" for \"%s\" domain\n",
200 static void set_socket_addr_v4(struct sockaddr_storage *addr)
202 if (!interpret_string_addr(addr, lp_socket_address(),
203 AI_NUMERICHOST|AI_PASSIVE)) {
206 if (addr->ss_family != AF_INET) {
211 static struct in_addr my_socket_addr_v4(void)
213 struct sockaddr_storage my_addr;
214 struct sockaddr_in *in_addr = (struct sockaddr_in *)((char *)&my_addr);
216 set_socket_addr_v4(&my_addr);
217 return in_addr->sin_addr;
220 /****************************************************************************
221 Generate a random trn_id.
222 ****************************************************************************/
224 static int generate_trn_id(void)
228 generate_random_buffer((uint8 *)&id, sizeof(id));
230 return id % (unsigned)0x7FFF;
233 /****************************************************************************
234 Parse a node status response into an array of structures.
235 ****************************************************************************/
237 static struct node_status *parse_node_status(TALLOC_CTX *mem_ctx, char *p,
239 struct node_status_extra *extra)
241 struct node_status *ret;
244 *num_names = CVAL(p,0);
249 ret = talloc_array(mem_ctx, struct node_status,*num_names);
254 for (i=0;i< *num_names;i++) {
255 StrnCpy(ret[i].name,p,15);
256 trim_char(ret[i].name,'\0',' ');
257 ret[i].type = CVAL(p,15);
258 ret[i].flags = p[16];
260 DEBUG(10, ("%s#%02x: flags = 0x%02x\n", ret[i].name,
261 ret[i].type, ret[i].flags));
264 * Also, pick up the MAC address ...
267 memcpy(&extra->mac_addr, p, 6); /* Fill in the mac addr */
272 struct sock_packet_read_state {
273 struct tevent_context *ev;
274 enum packet_type type;
277 struct nb_packet_reader *reader;
278 struct tevent_req *reader_req;
281 struct tevent_req *socket_req;
283 struct sockaddr_storage addr;
286 bool (*validator)(struct packet_struct *p,
290 struct packet_struct *packet;
293 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s);
294 static void sock_packet_read_got_packet(struct tevent_req *subreq);
295 static void sock_packet_read_got_socket(struct tevent_req *subreq);
297 static struct tevent_req *sock_packet_read_send(
299 struct tevent_context *ev,
300 int sock, /* dgram socket */
301 struct nb_packet_reader *reader,
302 enum packet_type type,
304 bool (*validator)(struct packet_struct *p, void *private_data),
307 struct tevent_req *req;
308 struct sock_packet_read_state *state;
310 req = tevent_req_create(mem_ctx, &state,
311 struct sock_packet_read_state);
315 talloc_set_destructor(state, sock_packet_read_state_destructor);
317 state->reader = reader;
320 state->trn_id = trn_id;
321 state->validator = validator;
322 state->private_data = private_data;
324 if (reader != NULL) {
325 state->reader_req = nb_packet_read_send(state, ev, reader);
326 if (tevent_req_nomem(state->reader_req, req)) {
327 return tevent_req_post(req, ev);
329 tevent_req_set_callback(
330 state->reader_req, sock_packet_read_got_packet, req);
333 state->addr_len = sizeof(state->addr);
334 state->socket_req = recvfrom_send(state, ev, sock,
335 state->buf, sizeof(state->buf), 0,
336 &state->addr, &state->addr_len);
337 if (tevent_req_nomem(state->socket_req, req)) {
338 return tevent_req_post(req, ev);
340 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
346 static int sock_packet_read_state_destructor(struct sock_packet_read_state *s)
348 if (s->packet != NULL) {
349 free_packet(s->packet);
355 static void sock_packet_read_got_packet(struct tevent_req *subreq)
357 struct tevent_req *req = tevent_req_callback_data(
358 subreq, struct tevent_req);
359 struct sock_packet_read_state *state = tevent_req_data(
360 req, struct sock_packet_read_state);
363 status = nb_packet_read_recv(subreq, &state->packet);
365 TALLOC_FREE(state->reader_req);
367 if (!NT_STATUS_IS_OK(status)) {
368 if (state->socket_req != NULL) {
370 * Still waiting for socket
375 * Both socket and packet reader failed
377 tevent_req_nterror(req, status);
381 if ((state->validator != NULL) &&
382 !state->validator(state->packet, state->private_data)) {
383 DEBUG(10, ("validator failed\n"));
385 free_packet(state->packet);
386 state->packet = NULL;
388 state->reader_req = nb_packet_read_send(state, state->ev,
390 if (tevent_req_nomem(state->reader_req, req)) {
393 tevent_req_set_callback(
394 state->reader_req, sock_packet_read_got_packet, req);
398 TALLOC_FREE(state->socket_req);
399 tevent_req_done(req);
402 static void sock_packet_read_got_socket(struct tevent_req *subreq)
404 struct tevent_req *req = tevent_req_callback_data(
405 subreq, struct tevent_req);
406 struct sock_packet_read_state *state = tevent_req_data(
407 req, struct sock_packet_read_state);
408 struct sockaddr_in *in_addr;
412 received = recvfrom_recv(subreq, &err);
414 TALLOC_FREE(state->socket_req);
416 if (received == -1) {
417 if (state->reader_req != NULL) {
419 * Still waiting for reader
424 * Both socket and reader failed
426 tevent_req_nterror(req, map_nt_error_from_unix(err));
429 if (state->addr.ss_family != AF_INET) {
432 in_addr = (struct sockaddr_in *)(void *)&state->addr;
434 state->packet = parse_packet((char *)state->buf, received, state->type,
435 in_addr->sin_addr, in_addr->sin_port);
436 if (state->packet == NULL) {
437 DEBUG(10, ("parse_packet failed\n"));
440 if ((state->trn_id != -1) &&
441 (state->trn_id != packet_trn_id(state->packet))) {
442 DEBUG(10, ("Expected transaction id %d, got %d\n",
443 state->trn_id, packet_trn_id(state->packet)));
447 if ((state->validator != NULL) &&
448 !state->validator(state->packet, state->private_data)) {
449 DEBUG(10, ("validator failed\n"));
453 tevent_req_done(req);
457 if (state->packet != NULL) {
458 free_packet(state->packet);
459 state->packet = NULL;
461 state->socket_req = recvfrom_send(state, state->ev, state->sock,
462 state->buf, sizeof(state->buf), 0,
463 &state->addr, &state->addr_len);
464 if (tevent_req_nomem(state->socket_req, req)) {
467 tevent_req_set_callback(state->socket_req, sock_packet_read_got_socket,
471 static NTSTATUS sock_packet_read_recv(struct tevent_req *req,
472 struct packet_struct **ppacket)
474 struct sock_packet_read_state *state = tevent_req_data(
475 req, struct sock_packet_read_state);
478 if (tevent_req_is_nterror(req, &status)) {
481 *ppacket = state->packet;
482 state->packet = NULL;
486 struct nb_trans_state {
487 struct tevent_context *ev;
489 struct nb_packet_reader *reader;
491 const struct sockaddr_storage *dst_addr;
494 enum packet_type type;
497 bool (*validator)(struct packet_struct *p,
501 struct packet_struct *packet;
504 static int nb_trans_state_destructor(struct nb_trans_state *s);
505 static void nb_trans_got_reader(struct tevent_req *subreq);
506 static void nb_trans_done(struct tevent_req *subreq);
507 static void nb_trans_sent(struct tevent_req *subreq);
508 static void nb_trans_send_next(struct tevent_req *subreq);
510 static struct tevent_req *nb_trans_send(
512 struct tevent_context *ev,
513 const struct sockaddr_storage *my_addr,
514 const struct sockaddr_storage *dst_addr,
516 uint8_t *buf, size_t buflen,
517 enum packet_type type, int trn_id,
518 bool (*validator)(struct packet_struct *p,
522 struct tevent_req *req, *subreq;
523 struct nb_trans_state *state;
525 req = tevent_req_create(mem_ctx, &state, struct nb_trans_state);
529 talloc_set_destructor(state, nb_trans_state_destructor);
531 state->dst_addr = dst_addr;
533 state->buflen = buflen;
535 state->trn_id = trn_id;
536 state->validator = validator;
537 state->private_data = private_data;
539 state->sock = open_socket_in(SOCK_DGRAM, 0, 3, my_addr, True);
540 if (state->sock == -1) {
541 tevent_req_nterror(req, map_nt_error_from_unix(errno));
542 DEBUG(10, ("open_socket_in failed: %s\n", strerror(errno)));
543 return tevent_req_post(req, ev);
547 set_socket_options(state->sock,"SO_BROADCAST");
550 subreq = nb_packet_reader_send(state, ev, type, state->trn_id, NULL);
551 if (tevent_req_nomem(subreq, req)) {
552 return tevent_req_post(req, ev);
554 tevent_req_set_callback(subreq, nb_trans_got_reader, req);
558 static int nb_trans_state_destructor(struct nb_trans_state *s)
564 if (s->packet != NULL) {
565 free_packet(s->packet);
571 static void nb_trans_got_reader(struct tevent_req *subreq)
573 struct tevent_req *req = tevent_req_callback_data(
574 subreq, struct tevent_req);
575 struct nb_trans_state *state = tevent_req_data(
576 req, struct nb_trans_state);
579 status = nb_packet_reader_recv(subreq, state, &state->reader);
582 if (!NT_STATUS_IS_OK(status)) {
583 DEBUG(10, ("nmbd not around\n"));
584 state->reader = NULL;
587 subreq = sock_packet_read_send(
588 state, state->ev, state->sock,
589 state->reader, state->type, state->trn_id,
590 state->validator, state->private_data);
591 if (tevent_req_nomem(subreq, req)) {
594 tevent_req_set_callback(subreq, nb_trans_done, req);
596 subreq = sendto_send(state, state->ev, state->sock,
597 state->buf, state->buflen, 0, state->dst_addr);
598 if (tevent_req_nomem(subreq, req)) {
601 tevent_req_set_callback(subreq, nb_trans_sent, req);
604 static void nb_trans_sent(struct tevent_req *subreq)
606 struct tevent_req *req = tevent_req_callback_data(
607 subreq, struct tevent_req);
608 struct nb_trans_state *state = tevent_req_data(
609 req, struct nb_trans_state);
613 sent = sendto_recv(subreq, &err);
616 DEBUG(10, ("sendto failed: %s\n", strerror(err)));
617 tevent_req_nterror(req, map_nt_error_from_unix(err));
620 subreq = tevent_wakeup_send(state, state->ev,
621 timeval_current_ofs(1, 0));
622 if (tevent_req_nomem(subreq, req)) {
625 tevent_req_set_callback(subreq, nb_trans_send_next, req);
628 static void nb_trans_send_next(struct tevent_req *subreq)
630 struct tevent_req *req = tevent_req_callback_data(
631 subreq, struct tevent_req);
632 struct nb_trans_state *state = tevent_req_data(
633 req, struct nb_trans_state);
636 ret = tevent_wakeup_recv(subreq);
639 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
642 subreq = sendto_send(state, state->ev, state->sock,
643 state->buf, state->buflen, 0, state->dst_addr);
644 if (tevent_req_nomem(subreq, req)) {
647 tevent_req_set_callback(subreq, nb_trans_sent, req);
650 static void nb_trans_done(struct tevent_req *subreq)
652 struct tevent_req *req = tevent_req_callback_data(
653 subreq, struct tevent_req);
654 struct nb_trans_state *state = tevent_req_data(
655 req, struct nb_trans_state);
658 status = sock_packet_read_recv(subreq, &state->packet);
660 if (tevent_req_nterror(req, status)) {
663 tevent_req_done(req);
666 static NTSTATUS nb_trans_recv(struct tevent_req *req,
667 struct packet_struct **ppacket)
669 struct nb_trans_state *state = tevent_req_data(
670 req, struct nb_trans_state);
673 if (tevent_req_is_nterror(req, &status)) {
676 *ppacket = state->packet;
677 state->packet = NULL;
681 /****************************************************************************
682 Do a NBT node status query on an open socket and return an array of
683 structures holding the returned names or NULL if the query failed.
684 **************************************************************************/
686 struct node_status_query_state {
687 struct sockaddr_storage my_addr;
688 struct sockaddr_storage addr;
691 struct packet_struct *packet;
694 static int node_status_query_state_destructor(
695 struct node_status_query_state *s);
696 static bool node_status_query_validator(struct packet_struct *p,
698 static void node_status_query_done(struct tevent_req *subreq);
700 struct tevent_req *node_status_query_send(TALLOC_CTX *mem_ctx,
701 struct tevent_context *ev,
702 struct nmb_name *name,
703 const struct sockaddr_storage *addr)
705 struct tevent_req *req, *subreq;
706 struct node_status_query_state *state;
707 struct packet_struct p;
708 struct nmb_packet *nmb = &p.packet.nmb;
709 struct sockaddr_in *in_addr;
711 req = tevent_req_create(mem_ctx, &state,
712 struct node_status_query_state);
716 talloc_set_destructor(state, node_status_query_state_destructor);
718 if (addr->ss_family != AF_INET) {
719 /* Can't do node status to IPv6 */
720 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
721 return tevent_req_post(req, ev);
725 in_addr = (struct sockaddr_in *)(void *)&state->addr;
726 in_addr->sin_port = htons(NMB_PORT);
728 set_socket_addr_v4(&state->my_addr);
731 nmb->header.name_trn_id = generate_trn_id();
732 nmb->header.opcode = 0;
733 nmb->header.response = false;
734 nmb->header.nm_flags.bcast = false;
735 nmb->header.nm_flags.recursion_available = false;
736 nmb->header.nm_flags.recursion_desired = false;
737 nmb->header.nm_flags.trunc = false;
738 nmb->header.nm_flags.authoritative = false;
739 nmb->header.rcode = 0;
740 nmb->header.qdcount = 1;
741 nmb->header.ancount = 0;
742 nmb->header.nscount = 0;
743 nmb->header.arcount = 0;
744 nmb->question.question_name = *name;
745 nmb->question.question_type = 0x21;
746 nmb->question.question_class = 0x1;
748 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
750 if (state->buflen == 0) {
751 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
752 DEBUG(10, ("build_packet failed\n"));
753 return tevent_req_post(req, ev);
756 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, false,
757 state->buf, state->buflen,
758 NMB_PACKET, nmb->header.name_trn_id,
759 node_status_query_validator, NULL);
760 if (tevent_req_nomem(subreq, req)) {
761 DEBUG(10, ("nb_trans_send failed\n"));
762 return tevent_req_post(req, ev);
764 if (!tevent_req_set_endtime(req, ev, timeval_current_ofs(10, 0))) {
765 return tevent_req_post(req, ev);
767 tevent_req_set_callback(subreq, node_status_query_done, req);
771 static bool node_status_query_validator(struct packet_struct *p,
774 struct nmb_packet *nmb = &p->packet.nmb;
777 if (nmb->header.opcode != 0 ||
778 nmb->header.nm_flags.bcast ||
780 !nmb->header.ancount ||
781 nmb->answers->rr_type != 0x21) {
783 * XXXX what do we do with this? could be a redirect,
784 * but we'll discard it for the moment
791 static int node_status_query_state_destructor(
792 struct node_status_query_state *s)
794 if (s->packet != NULL) {
795 free_packet(s->packet);
801 static void node_status_query_done(struct tevent_req *subreq)
803 struct tevent_req *req = tevent_req_callback_data(
804 subreq, struct tevent_req);
805 struct node_status_query_state *state = tevent_req_data(
806 req, struct node_status_query_state);
809 status = nb_trans_recv(subreq, &state->packet);
811 if (tevent_req_nterror(req, status)) {
814 tevent_req_done(req);
817 NTSTATUS node_status_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
818 struct node_status **pnode_status,
820 struct node_status_extra *extra)
822 struct node_status_query_state *state = tevent_req_data(
823 req, struct node_status_query_state);
824 struct node_status *node_status;
828 if (tevent_req_is_nterror(req, &status)) {
831 node_status = parse_node_status(
832 mem_ctx, &state->packet->packet.nmb.answers->rdata[0],
834 if (node_status == NULL) {
835 return NT_STATUS_NO_MEMORY;
837 *pnode_status = node_status;
838 *pnum_names = num_names;
842 NTSTATUS node_status_query(TALLOC_CTX *mem_ctx, struct nmb_name *name,
843 const struct sockaddr_storage *addr,
844 struct node_status **pnode_status,
846 struct node_status_extra *extra)
848 TALLOC_CTX *frame = talloc_stackframe();
849 struct tevent_context *ev;
850 struct tevent_req *req;
851 NTSTATUS status = NT_STATUS_NO_MEMORY;
853 ev = tevent_context_init(frame);
857 req = node_status_query_send(ev, ev, name, addr);
861 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
864 status = node_status_query_recv(req, mem_ctx, pnode_status,
871 /****************************************************************************
872 Find the first type XX name in a node status reply - used for finding
873 a servers name given its IP. Return the matched name in *name.
874 **************************************************************************/
876 bool name_status_find(const char *q_name,
879 const struct sockaddr_storage *to_ss,
882 char addr[INET6_ADDRSTRLEN];
883 struct sockaddr_storage ss;
884 struct node_status *addrs = NULL;
885 struct nmb_name nname;
890 if (lp_disable_netbios()) {
891 DEBUG(5,("name_status_find(%s#%02x): netbios is disabled\n",
896 print_sockaddr(addr, sizeof(addr), to_ss);
898 DEBUG(10, ("name_status_find: looking up %s#%02x at %s\n", q_name,
901 /* Check the cache first. */
903 if (namecache_status_fetch(q_name, q_type, type, to_ss, name)) {
907 if (to_ss->ss_family != AF_INET) {
908 /* Can't do node status to IPv6 */
912 set_socket_addr_v4(&ss);
914 /* W2K PDC's seem not to respond to '*'#0. JRA */
915 make_nmb_name(&nname, q_name, q_type);
916 status = node_status_query(talloc_tos(), &nname, to_ss,
917 &addrs, &count, NULL);
918 if (!NT_STATUS_IS_OK(status)) {
922 for (i=0;i<count;i++) {
923 /* Find first one of the requested type that's not a GROUP. */
924 if (addrs[i].type == type && ! (addrs[i].flags & 0x80))
930 pull_ascii_nstring(name, sizeof(fstring), addrs[i].name);
932 /* Store the result in the cache. */
933 /* but don't store an entry for 0x1c names here. Here we have
934 a single host and DOMAIN<0x1c> names should be a list of hosts */
936 if ( q_type != 0x1c ) {
937 namecache_status_store(q_name, q_type, type, to_ss, name);
945 DEBUG(10, ("name_status_find: name %sfound", result ? "" : "not "));
948 DEBUGADD(10, (", name %s ip address is %s", name, addr));
956 comparison function used by sort_addr_list
959 static int addr_compare(const struct sockaddr_storage *ss1,
960 const struct sockaddr_storage *ss2)
962 int max_bits1=0, max_bits2=0;
963 int num_interfaces = iface_count();
966 /* Sort IPv4 addresses first. */
967 if (ss1->ss_family != ss2->ss_family) {
968 if (ss2->ss_family == AF_INET) {
975 /* Here we know both addresses are of the same
978 for (i=0;i<num_interfaces;i++) {
979 const struct sockaddr_storage *pss = iface_n_bcast(i);
980 const unsigned char *p_ss1 = NULL;
981 const unsigned char *p_ss2 = NULL;
982 const unsigned char *p_if = NULL;
986 if (pss->ss_family != ss1->ss_family) {
987 /* Ignore interfaces of the wrong type. */
990 if (pss->ss_family == AF_INET) {
991 p_if = (const unsigned char *)
992 &((const struct sockaddr_in *)pss)->sin_addr;
993 p_ss1 = (const unsigned char *)
994 &((const struct sockaddr_in *)ss1)->sin_addr;
995 p_ss2 = (const unsigned char *)
996 &((const struct sockaddr_in *)ss2)->sin_addr;
999 #if defined(HAVE_IPV6)
1000 if (pss->ss_family == AF_INET6) {
1001 p_if = (const unsigned char *)
1002 &((const struct sockaddr_in6 *)pss)->sin6_addr;
1003 p_ss1 = (const unsigned char *)
1004 &((const struct sockaddr_in6 *)ss1)->sin6_addr;
1005 p_ss2 = (const unsigned char *)
1006 &((const struct sockaddr_in6 *)ss2)->sin6_addr;
1010 if (!p_ss1 || !p_ss2 || !p_if || len == 0) {
1013 bits1 = matching_len_bits(p_ss1, p_if, len);
1014 bits2 = matching_len_bits(p_ss2, p_if, len);
1015 max_bits1 = MAX(bits1, max_bits1);
1016 max_bits2 = MAX(bits2, max_bits2);
1019 /* Bias towards directly reachable IPs */
1020 if (iface_local((const struct sockaddr *)ss1)) {
1021 if (ss1->ss_family == AF_INET) {
1027 if (iface_local((const struct sockaddr *)ss2)) {
1028 if (ss2->ss_family == AF_INET) {
1034 return max_bits2 - max_bits1;
1037 /*******************************************************************
1038 compare 2 ldap IPs by nearness to our interfaces - used in qsort
1039 *******************************************************************/
1041 int ip_service_compare(struct ip_service *ss1, struct ip_service *ss2)
1045 if ((result = addr_compare(&ss1->ss, &ss2->ss)) != 0) {
1049 if (ss1->port > ss2->port) {
1053 if (ss1->port < ss2->port) {
1061 sort an IP list so that names that are close to one of our interfaces
1062 are at the top. This prevents the problem where a WINS server returns an IP
1063 that is not reachable from our subnet as the first match
1066 static void sort_addr_list(struct sockaddr_storage *sslist, int count)
1072 TYPESAFE_QSORT(sslist, count, addr_compare);
1075 static void sort_service_list(struct ip_service *servlist, int count)
1081 TYPESAFE_QSORT(servlist, count, ip_service_compare);
1084 /**********************************************************************
1085 Remove any duplicate address/port pairs in the list
1086 *********************************************************************/
1088 static int remove_duplicate_addrs2(struct ip_service *iplist, int count )
1092 DEBUG(10,("remove_duplicate_addrs2: "
1093 "looking for duplicate address/port pairs\n"));
1095 /* one loop to remove duplicates */
1096 for ( i=0; i<count; i++ ) {
1097 if ( is_zero_addr(&iplist[i].ss)) {
1101 for ( j=i+1; j<count; j++ ) {
1102 if (sockaddr_equal((struct sockaddr *)&iplist[i].ss, (struct sockaddr *)&iplist[j].ss) &&
1103 iplist[i].port == iplist[j].port) {
1104 zero_sockaddr(&iplist[j].ss);
1109 /* one loop to clean up any holes we left */
1110 /* first ip should never be a zero_ip() */
1111 for (i = 0; i<count; ) {
1112 if (is_zero_addr(&iplist[i].ss) ) {
1114 memmove(&iplist[i], &iplist[i+1],
1115 (count - i - 1)*sizeof(iplist[i]));
1126 static bool prioritize_ipv4_list(struct ip_service *iplist, int count)
1128 TALLOC_CTX *frame = talloc_stackframe();
1129 struct ip_service *iplist_new = talloc_array(frame, struct ip_service, count);
1132 if (iplist_new == NULL) {
1139 /* Copy IPv4 first. */
1140 for (i = 0; i < count; i++) {
1141 if (iplist[i].ss.ss_family == AF_INET) {
1142 iplist_new[j++] = iplist[i];
1147 for (i = 0; i < count; i++) {
1148 if (iplist[i].ss.ss_family != AF_INET) {
1149 iplist_new[j++] = iplist[i];
1153 memcpy(iplist, iplist_new, sizeof(struct ip_service)*count);
1158 /****************************************************************************
1159 Do a netbios name query to find someones IP.
1160 Returns an array of IP addresses or NULL if none.
1161 *count will be set to the number of addresses returned.
1162 *timed_out is set if we failed by timing out
1163 ****************************************************************************/
1165 struct name_query_state {
1166 struct sockaddr_storage my_addr;
1167 struct sockaddr_storage addr;
1174 NTSTATUS validate_error;
1177 struct sockaddr_storage *addrs;
1181 static bool name_query_validator(struct packet_struct *p, void *private_data);
1182 static void name_query_done(struct tevent_req *subreq);
1184 struct tevent_req *name_query_send(TALLOC_CTX *mem_ctx,
1185 struct tevent_context *ev,
1186 const char *name, int name_type,
1187 bool bcast, bool recurse,
1188 const struct sockaddr_storage *addr)
1190 struct tevent_req *req, *subreq;
1191 struct name_query_state *state;
1192 struct packet_struct p;
1193 struct nmb_packet *nmb = &p.packet.nmb;
1194 struct sockaddr_in *in_addr;
1196 req = tevent_req_create(mem_ctx, &state, struct name_query_state);
1200 state->bcast = bcast;
1202 if (addr->ss_family != AF_INET) {
1203 /* Can't do node status to IPv6 */
1204 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
1205 return tevent_req_post(req, ev);
1208 if (lp_disable_netbios()) {
1209 DEBUG(5,("name_query(%s#%02x): netbios is disabled\n",
1211 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
1212 return tevent_req_post(req, ev);
1215 state->addr = *addr;
1216 in_addr = (struct sockaddr_in *)(void *)&state->addr;
1217 in_addr->sin_port = htons(NMB_PORT);
1219 set_socket_addr_v4(&state->my_addr);
1222 nmb->header.name_trn_id = generate_trn_id();
1223 nmb->header.opcode = 0;
1224 nmb->header.response = false;
1225 nmb->header.nm_flags.bcast = bcast;
1226 nmb->header.nm_flags.recursion_available = false;
1227 nmb->header.nm_flags.recursion_desired = recurse;
1228 nmb->header.nm_flags.trunc = false;
1229 nmb->header.nm_flags.authoritative = false;
1230 nmb->header.rcode = 0;
1231 nmb->header.qdcount = 1;
1232 nmb->header.ancount = 0;
1233 nmb->header.nscount = 0;
1234 nmb->header.arcount = 0;
1236 make_nmb_name(&nmb->question.question_name,name,name_type);
1238 nmb->question.question_type = 0x20;
1239 nmb->question.question_class = 0x1;
1241 state->buflen = build_packet((char *)state->buf, sizeof(state->buf),
1243 if (state->buflen == 0) {
1244 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1245 DEBUG(10, ("build_packet failed\n"));
1246 return tevent_req_post(req, ev);
1249 subreq = nb_trans_send(state, ev, &state->my_addr, &state->addr, bcast,
1250 state->buf, state->buflen,
1251 NMB_PACKET, nmb->header.name_trn_id,
1252 name_query_validator, state);
1253 if (tevent_req_nomem(subreq, req)) {
1254 DEBUG(10, ("nb_trans_send failed\n"));
1255 return tevent_req_post(req, ev);
1257 tevent_req_set_callback(subreq, name_query_done, req);
1261 static bool name_query_validator(struct packet_struct *p, void *private_data)
1263 struct name_query_state *state = talloc_get_type_abort(
1264 private_data, struct name_query_state);
1265 struct nmb_packet *nmb = &p->packet.nmb;
1266 struct sockaddr_storage *tmp_addrs;
1267 bool got_unique_netbios_name = false;
1270 debug_nmb_packet(p);
1273 * If we get a Negative Name Query Response from a WINS
1274 * server, we should report it and give up.
1276 if( 0 == nmb->header.opcode /* A query response */
1277 && !state->bcast /* from a WINS server */
1278 && nmb->header.rcode /* Error returned */
1281 if( DEBUGLVL( 3 ) ) {
1282 /* Only executed if DEBUGLEVEL >= 3 */
1283 dbgtext( "Negative name query "
1284 "response, rcode 0x%02x: ",
1285 nmb->header.rcode );
1286 switch( nmb->header.rcode ) {
1288 dbgtext("Request was invalidly formatted.\n");
1291 dbgtext("Problem with NBNS, cannot process "
1295 dbgtext("The name requested does not "
1299 dbgtext("Unsupported request error.\n");
1302 dbgtext("Query refused error.\n");
1305 dbgtext("Unrecognized error code.\n" );
1311 * We accept this packet as valid, but tell the upper
1312 * layers that it's a negative response.
1314 state->validate_error = NT_STATUS_NOT_FOUND;
1318 if (nmb->header.opcode != 0 ||
1319 nmb->header.nm_flags.bcast ||
1320 nmb->header.rcode ||
1321 !nmb->header.ancount) {
1323 * XXXX what do we do with this? Could be a redirect,
1324 * but we'll discard it for the moment.
1329 tmp_addrs = talloc_realloc(
1330 state, state->addrs, struct sockaddr_storage,
1331 state->num_addrs + nmb->answers->rdlength/6);
1332 if (tmp_addrs == NULL) {
1333 state->validate_error = NT_STATUS_NO_MEMORY;
1336 state->addrs = tmp_addrs;
1338 DEBUG(2,("Got a positive name query response "
1339 "from %s ( ", inet_ntoa(p->ip)));
1341 for (i=0; i<nmb->answers->rdlength/6; i++) {
1344 struct sockaddr_storage addr;
1347 flags = RSVAL(&nmb->answers->rdata[i*6], 0);
1348 got_unique_netbios_name |= ((flags & 0x8000) == 0);
1350 putip((char *)&ip,&nmb->answers->rdata[2+i*6]);
1351 in_addr_to_sockaddr_storage(&addr, ip);
1353 for (j=0; j<state->num_addrs; j++) {
1355 (struct sockaddr *)&addr,
1356 (struct sockaddr *)&state->addrs[j])) {
1360 if (j < state->num_addrs) {
1361 /* Already got it */
1365 DEBUGADD(2,("%s ",inet_ntoa(ip)));
1367 state->addrs[state->num_addrs] = addr;
1368 state->num_addrs += 1;
1370 DEBUGADD(2,(")\n"));
1372 /* We add the flags back ... */
1373 if (nmb->header.response)
1374 state->flags |= NM_FLAGS_RS;
1375 if (nmb->header.nm_flags.authoritative)
1376 state->flags |= NM_FLAGS_AA;
1377 if (nmb->header.nm_flags.trunc)
1378 state->flags |= NM_FLAGS_TC;
1379 if (nmb->header.nm_flags.recursion_desired)
1380 state->flags |= NM_FLAGS_RD;
1381 if (nmb->header.nm_flags.recursion_available)
1382 state->flags |= NM_FLAGS_RA;
1383 if (nmb->header.nm_flags.bcast)
1384 state->flags |= NM_FLAGS_B;
1388 * We have to collect all entries coming in from broadcast
1389 * queries. If we got a unique name, we're done.
1391 return got_unique_netbios_name;
1394 * WINS responses are accepted when they are received
1399 static void name_query_done(struct tevent_req *subreq)
1401 struct tevent_req *req = tevent_req_callback_data(
1402 subreq, struct tevent_req);
1403 struct name_query_state *state = tevent_req_data(
1404 req, struct name_query_state);
1406 struct packet_struct *p = NULL;
1408 status = nb_trans_recv(subreq, &p);
1409 TALLOC_FREE(subreq);
1410 if (tevent_req_nterror(req, status)) {
1413 if (!NT_STATUS_IS_OK(state->validate_error)) {
1414 tevent_req_nterror(req, state->validate_error);
1419 * Free the packet here, we've collected the response in the
1424 tevent_req_done(req);
1427 NTSTATUS name_query_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1428 struct sockaddr_storage **addrs, int *num_addrs,
1431 struct name_query_state *state = tevent_req_data(
1432 req, struct name_query_state);
1435 if (tevent_req_is_nterror(req, &status)) {
1437 NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1439 * In the broadcast case we collect replies until the
1442 status = NT_STATUS_OK;
1444 if (!NT_STATUS_IS_OK(status)) {
1448 if (state->num_addrs == 0) {
1449 return NT_STATUS_NOT_FOUND;
1451 *addrs = talloc_move(mem_ctx, &state->addrs);
1452 sort_addr_list(*addrs, state->num_addrs);
1453 *num_addrs = state->num_addrs;
1454 if (flags != NULL) {
1455 *flags = state->flags;
1457 return NT_STATUS_OK;
1460 NTSTATUS name_query(const char *name, int name_type,
1461 bool bcast, bool recurse,
1462 const struct sockaddr_storage *to_ss,
1463 TALLOC_CTX *mem_ctx,
1464 struct sockaddr_storage **addrs,
1465 int *num_addrs, uint8_t *flags)
1467 TALLOC_CTX *frame = talloc_stackframe();
1468 struct tevent_context *ev;
1469 struct tevent_req *req;
1470 struct timeval timeout;
1471 NTSTATUS status = NT_STATUS_NO_MEMORY;
1473 ev = tevent_context_init(frame);
1477 req = name_query_send(ev, ev, name, name_type, bcast, recurse, to_ss);
1482 timeout = timeval_current_ofs(0, 250000);
1484 timeout = timeval_current_ofs(2, 0);
1486 if (!tevent_req_set_endtime(req, ev, timeout)) {
1489 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1492 status = name_query_recv(req, mem_ctx, addrs, num_addrs, flags);
1498 /********************************************************
1499 convert an array if struct sockaddr_storage to struct ip_service
1500 return false on failure. Port is set to PORT_NONE;
1501 *********************************************************/
1503 static bool convert_ss2service(struct ip_service **return_iplist,
1504 const struct sockaddr_storage *ss_list,
1509 if ( count==0 || !ss_list )
1512 /* copy the ip address; port will be PORT_NONE */
1513 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, count)) ==
1515 DEBUG(0,("convert_ip2service: malloc failed "
1516 "for %d enetries!\n", count ));
1520 for ( i=0; i<count; i++ ) {
1521 (*return_iplist)[i].ss = ss_list[i];
1522 (*return_iplist)[i].port = PORT_NONE;
1528 struct name_queries_state {
1529 struct tevent_context *ev;
1534 const struct sockaddr_storage *addrs;
1539 struct tevent_req **subreqs;
1544 struct sockaddr_storage *result_addrs;
1545 int num_result_addrs;
1549 static void name_queries_done(struct tevent_req *subreq);
1550 static void name_queries_next(struct tevent_req *subreq);
1553 * Send a name query to multiple destinations with a wait time in between
1556 static struct tevent_req *name_queries_send(
1557 TALLOC_CTX *mem_ctx, struct tevent_context *ev,
1558 const char *name, int name_type,
1559 bool bcast, bool recurse,
1560 const struct sockaddr_storage *addrs,
1561 int num_addrs, int wait_msec, int timeout_msec)
1563 struct tevent_req *req, *subreq;
1564 struct name_queries_state *state;
1566 req = tevent_req_create(mem_ctx, &state,
1567 struct name_queries_state);
1573 state->name_type = name_type;
1574 state->bcast = bcast;
1575 state->recurse = recurse;
1576 state->addrs = addrs;
1577 state->num_addrs = num_addrs;
1578 state->wait_msec = wait_msec;
1579 state->timeout_msec = timeout_msec;
1581 state->subreqs = talloc_zero_array(
1582 state, struct tevent_req *, num_addrs);
1583 if (tevent_req_nomem(state->subreqs, req)) {
1584 return tevent_req_post(req, ev);
1586 state->num_sent = 0;
1588 subreq = name_query_send(
1589 state->subreqs, state->ev, name, name_type, bcast, recurse,
1590 &state->addrs[state->num_sent]);
1591 if (tevent_req_nomem(subreq, req)) {
1592 return tevent_req_post(req, ev);
1594 if (!tevent_req_set_endtime(
1596 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1597 tevent_req_nomem(NULL, req);
1598 return tevent_req_post(req, ev);
1600 tevent_req_set_callback(subreq, name_queries_done, req);
1602 state->subreqs[state->num_sent] = subreq;
1603 state->num_sent += 1;
1605 if (state->num_sent < state->num_addrs) {
1606 subreq = tevent_wakeup_send(
1608 timeval_current_ofs(0, state->wait_msec * 1000));
1609 if (tevent_req_nomem(subreq, req)) {
1610 return tevent_req_post(req, ev);
1612 tevent_req_set_callback(subreq, name_queries_next, req);
1617 static void name_queries_done(struct tevent_req *subreq)
1619 struct tevent_req *req = tevent_req_callback_data(
1620 subreq, struct tevent_req);
1621 struct name_queries_state *state = tevent_req_data(
1622 req, struct name_queries_state);
1626 status = name_query_recv(subreq, state, &state->result_addrs,
1627 &state->num_result_addrs, &state->flags);
1629 for (i=0; i<state->num_sent; i++) {
1630 if (state->subreqs[i] == subreq) {
1634 if (i == state->num_sent) {
1635 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1638 TALLOC_FREE(state->subreqs[i]);
1640 state->num_received += 1;
1642 if (!NT_STATUS_IS_OK(status)) {
1644 if (state->num_received >= state->num_addrs) {
1645 tevent_req_nterror(req, status);
1649 * Still outstanding requests, just wait
1653 state->received_index = i;
1654 tevent_req_done(req);
1657 static void name_queries_next(struct tevent_req *subreq)
1659 struct tevent_req *req = tevent_req_callback_data(
1660 subreq, struct tevent_req);
1661 struct name_queries_state *state = tevent_req_data(
1662 req, struct name_queries_state);
1664 if (!tevent_wakeup_recv(subreq)) {
1665 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
1669 subreq = name_query_send(
1670 state->subreqs, state->ev,
1671 state->name, state->name_type, state->bcast, state->recurse,
1672 &state->addrs[state->num_sent]);
1673 if (tevent_req_nomem(subreq, req)) {
1676 tevent_req_set_callback(subreq, name_queries_done, req);
1677 if (!tevent_req_set_endtime(
1679 timeval_current_ofs(0, state->timeout_msec * 1000))) {
1680 tevent_req_nomem(NULL, req);
1683 state->subreqs[state->num_sent] = subreq;
1684 state->num_sent += 1;
1686 if (state->num_sent < state->num_addrs) {
1687 subreq = tevent_wakeup_send(
1689 timeval_current_ofs(0, state->wait_msec * 1000));
1690 if (tevent_req_nomem(subreq, req)) {
1693 tevent_req_set_callback(subreq, name_queries_next, req);
1697 static NTSTATUS name_queries_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
1698 struct sockaddr_storage **result_addrs,
1699 int *num_result_addrs, uint8_t *flags,
1700 int *received_index)
1702 struct name_queries_state *state = tevent_req_data(
1703 req, struct name_queries_state);
1706 if (tevent_req_is_nterror(req, &status)) {
1710 if (result_addrs != NULL) {
1711 *result_addrs = talloc_move(mem_ctx, &state->result_addrs);
1713 if (num_result_addrs != NULL) {
1714 *num_result_addrs = state->num_result_addrs;
1716 if (flags != NULL) {
1717 *flags = state->flags;
1719 if (received_index != NULL) {
1720 *received_index = state->received_index;
1722 return NT_STATUS_OK;
1725 static NTSTATUS name_queries(const char *name, int name_type,
1726 bool bcast, bool recurse,
1727 const struct sockaddr_storage *addrs,
1728 int num_addrs, int wait_msec, int timeout_msec,
1729 TALLOC_CTX *mem_ctx,
1730 struct sockaddr_storage **result_addrs,
1731 int *num_result_addrs, uint8_t *flags,
1732 int *received_index)
1734 TALLOC_CTX *frame = talloc_stackframe();
1735 struct event_context *ev;
1736 struct tevent_req *req;
1737 NTSTATUS status = NT_STATUS_NO_MEMORY;
1739 ev = event_context_init(frame);
1743 req = name_queries_send(frame, ev, name, name_type, bcast,
1744 recurse, addrs, num_addrs, wait_msec,
1749 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1752 status = name_queries_recv(req, mem_ctx, result_addrs,
1753 num_result_addrs, flags, received_index);
1759 /********************************************************
1760 Resolve via "bcast" method.
1761 *********************************************************/
1763 NTSTATUS name_resolve_bcast(const char *name,
1765 TALLOC_CTX *mem_ctx,
1766 struct sockaddr_storage **return_iplist,
1769 struct sockaddr_storage *bcast_addrs;
1770 int i, num_addrs, num_bcast_addrs;
1773 if (lp_disable_netbios()) {
1774 DEBUG(5,("name_resolve_bcast(%s#%02x): netbios is disabled\n",
1776 return NT_STATUS_INVALID_PARAMETER;
1780 * "bcast" means do a broadcast lookup on all the local interfaces.
1783 DEBUG(3,("name_resolve_bcast: Attempting broadcast lookup "
1784 "for name %s<0x%x>\n", name, name_type));
1786 num_addrs = iface_count();
1787 bcast_addrs = talloc_array(talloc_tos(), struct sockaddr_storage,
1789 if (bcast_addrs == NULL) {
1790 return NT_STATUS_NO_MEMORY;
1794 * Lookup the name on all the interfaces, return on
1795 * the first successful match.
1797 num_bcast_addrs = 0;
1799 for (i=0; i<num_addrs; i++) {
1800 const struct sockaddr_storage *pss = iface_n_bcast(i);
1802 if (pss->ss_family != AF_INET) {
1805 bcast_addrs[num_bcast_addrs] = *pss;
1806 num_bcast_addrs += 1;
1809 status = name_queries(name, name_type, true, true,
1810 bcast_addrs, num_bcast_addrs, 0, 1000,
1811 mem_ctx, return_iplist, return_count,
1813 TALLOC_FREE(bcast_addrs);
1817 struct query_wins_list_state {
1818 struct tevent_context *ev;
1821 struct in_addr *servers;
1822 uint32_t num_servers;
1823 struct sockaddr_storage server;
1826 struct sockaddr_storage *addrs;
1831 static void query_wins_list_done(struct tevent_req *subreq);
1834 * Query a list of (replicating) wins servers in sequence, call them
1835 * dead if they don't reply
1838 static struct tevent_req *query_wins_list_send(
1839 TALLOC_CTX *mem_ctx, struct tevent_context *ev,
1840 struct in_addr src_ip, const char *name, uint8_t name_type,
1841 struct in_addr *servers, int num_servers)
1843 struct tevent_req *req, *subreq;
1844 struct query_wins_list_state *state;
1846 req = tevent_req_create(mem_ctx, &state,
1847 struct query_wins_list_state);
1853 state->name_type = name_type;
1854 state->servers = servers;
1855 state->num_servers = num_servers;
1857 if (state->num_servers == 0) {
1858 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
1859 return tevent_req_post(req, ev);
1862 in_addr_to_sockaddr_storage(
1863 &state->server, state->servers[state->num_sent]);
1865 subreq = name_query_send(state, state->ev,
1866 state->name, state->name_type,
1867 false, true, &state->server);
1868 state->num_sent += 1;
1869 if (tevent_req_nomem(subreq, req)) {
1870 return tevent_req_post(req, ev);
1872 if (!tevent_req_set_endtime(subreq, state->ev,
1873 timeval_current_ofs(2, 0))) {
1874 tevent_req_nomem(NULL, req);
1875 return tevent_req_post(req, ev);
1877 tevent_req_set_callback(subreq, query_wins_list_done, req);
1881 static void query_wins_list_done(struct tevent_req *subreq)
1883 struct tevent_req *req = tevent_req_callback_data(
1884 subreq, struct tevent_req);
1885 struct query_wins_list_state *state = tevent_req_data(
1886 req, struct query_wins_list_state);
1889 status = name_query_recv(subreq, state,
1890 &state->addrs, &state->num_addrs,
1892 TALLOC_FREE(subreq);
1893 if (NT_STATUS_IS_OK(status)) {
1894 tevent_req_done(req);
1897 if (!NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
1898 tevent_req_nterror(req, status);
1901 wins_srv_died(state->servers[state->num_sent-1],
1902 my_socket_addr_v4());
1904 if (state->num_sent == state->num_servers) {
1905 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
1909 in_addr_to_sockaddr_storage(
1910 &state->server, state->servers[state->num_sent]);
1912 subreq = name_query_send(state, state->ev,
1913 state->name, state->name_type,
1914 false, true, &state->server);
1915 state->num_sent += 1;
1916 if (tevent_req_nomem(subreq, req)) {
1919 if (!tevent_req_set_endtime(subreq, state->ev,
1920 timeval_current_ofs(2, 0))) {
1921 tevent_req_nomem(NULL, req);
1924 tevent_req_set_callback(subreq, query_wins_list_done, req);
1927 static NTSTATUS query_wins_list_recv(struct tevent_req *req,
1928 TALLOC_CTX *mem_ctx,
1929 struct sockaddr_storage **addrs,
1933 struct query_wins_list_state *state = tevent_req_data(
1934 req, struct query_wins_list_state);
1937 if (tevent_req_is_nterror(req, &status)) {
1940 if (addrs != NULL) {
1941 *addrs = talloc_move(mem_ctx, &state->addrs);
1943 if (num_addrs != NULL) {
1944 *num_addrs = state->num_addrs;
1946 if (flags != NULL) {
1947 *flags = state->flags;
1949 return NT_STATUS_OK;
1952 struct resolve_wins_state {
1956 struct sockaddr_storage *addrs;
1961 static void resolve_wins_done(struct tevent_req *subreq);
1963 struct tevent_req *resolve_wins_send(TALLOC_CTX *mem_ctx,
1964 struct tevent_context *ev,
1968 struct tevent_req *req, *subreq;
1969 struct resolve_wins_state *state;
1970 char **wins_tags = NULL;
1971 struct sockaddr_storage src_ss;
1972 struct in_addr src_ip;
1973 int i, num_wins_tags;
1975 req = tevent_req_create(mem_ctx, &state,
1976 struct resolve_wins_state);
1981 if (wins_srv_count() < 1) {
1982 DEBUG(3,("resolve_wins: WINS server resolution selected "
1983 "and no WINS servers listed.\n"));
1984 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
1988 /* the address we will be sending from */
1989 if (!interpret_string_addr(&src_ss, lp_socket_address(),
1990 AI_NUMERICHOST|AI_PASSIVE)) {
1991 zero_sockaddr(&src_ss);
1994 if (src_ss.ss_family != AF_INET) {
1995 char addr[INET6_ADDRSTRLEN];
1996 print_sockaddr(addr, sizeof(addr), &src_ss);
1997 DEBUG(3,("resolve_wins: cannot receive WINS replies "
1998 "on IPv6 address %s\n",
2000 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2004 src_ip = ((const struct sockaddr_in *)(void *)&src_ss)->sin_addr;
2006 wins_tags = wins_srv_tags();
2007 if (wins_tags == NULL) {
2008 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
2013 while (wins_tags[num_wins_tags] != NULL) {
2017 for (i=0; i<num_wins_tags; i++) {
2018 int num_servers, num_alive;
2019 struct in_addr *servers, *alive;
2022 if (!wins_server_tag_ips(wins_tags[i], talloc_tos(),
2023 &servers, &num_servers)) {
2024 DEBUG(10, ("wins_server_tag_ips failed for tag %s\n",
2029 alive = talloc_array(state, struct in_addr, num_servers);
2030 if (tevent_req_nomem(alive, req)) {
2035 for (j=0; j<num_servers; j++) {
2036 struct in_addr wins_ip = servers[j];
2038 if (global_in_nmbd && ismyip_v4(wins_ip)) {
2039 /* yikes! we'll loop forever */
2042 /* skip any that have been unresponsive lately */
2043 if (wins_srv_is_dead(wins_ip, src_ip)) {
2046 DEBUG(3, ("resolve_wins: using WINS server %s "
2048 inet_ntoa(wins_ip), wins_tags[i]));
2049 alive[num_alive] = wins_ip;
2052 TALLOC_FREE(servers);
2054 if (num_alive == 0) {
2058 subreq = query_wins_list_send(
2059 state, ev, src_ip, name, name_type,
2061 if (tevent_req_nomem(subreq, req)) {
2064 tevent_req_set_callback(subreq, resolve_wins_done, req);
2065 state->num_sent += 1;
2068 if (state->num_sent == 0) {
2069 tevent_req_nterror(req, NT_STATUS_NOT_FOUND);
2073 wins_srv_tags_free(wins_tags);
2076 wins_srv_tags_free(wins_tags);
2077 return tevent_req_post(req, ev);
2080 static void resolve_wins_done(struct tevent_req *subreq)
2082 struct tevent_req *req = tevent_req_callback_data(
2083 subreq, struct tevent_req);
2084 struct resolve_wins_state *state = tevent_req_data(
2085 req, struct resolve_wins_state);
2088 status = query_wins_list_recv(subreq, state, &state->addrs,
2089 &state->num_addrs, &state->flags);
2090 if (NT_STATUS_IS_OK(status)) {
2091 tevent_req_done(req);
2095 state->num_received += 1;
2097 if (state->num_received < state->num_sent) {
2099 * Wait for the others
2103 tevent_req_nterror(req, status);
2106 NTSTATUS resolve_wins_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
2107 struct sockaddr_storage **addrs,
2108 int *num_addrs, uint8_t *flags)
2110 struct resolve_wins_state *state = tevent_req_data(
2111 req, struct resolve_wins_state);
2114 if (tevent_req_is_nterror(req, &status)) {
2117 if (addrs != NULL) {
2118 *addrs = talloc_move(mem_ctx, &state->addrs);
2120 if (num_addrs != NULL) {
2121 *num_addrs = state->num_addrs;
2123 if (flags != NULL) {
2124 *flags = state->flags;
2126 return NT_STATUS_OK;
2129 /********************************************************
2130 Resolve via "wins" method.
2131 *********************************************************/
2133 NTSTATUS resolve_wins(const char *name,
2135 TALLOC_CTX *mem_ctx,
2136 struct sockaddr_storage **return_iplist,
2139 struct tevent_context *ev;
2140 struct tevent_req *req;
2141 NTSTATUS status = NT_STATUS_NO_MEMORY;
2143 ev = tevent_context_init(talloc_tos());
2147 req = resolve_wins_send(ev, ev, name, name_type);
2151 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
2154 status = resolve_wins_recv(req, mem_ctx, return_iplist, return_count,
2161 /********************************************************
2162 Resolve via "lmhosts" method.
2163 *********************************************************/
2165 static NTSTATUS resolve_lmhosts(const char *name, int name_type,
2166 struct ip_service **return_iplist,
2170 * "lmhosts" means parse the local lmhosts file.
2172 struct sockaddr_storage *ss_list;
2173 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
2174 TALLOC_CTX *ctx = NULL;
2176 *return_iplist = NULL;
2179 DEBUG(3,("resolve_lmhosts: "
2180 "Attempting lmhosts lookup for name %s<0x%x>\n",
2183 ctx = talloc_init("resolve_lmhosts");
2185 return NT_STATUS_NO_MEMORY;
2188 status = resolve_lmhosts_file_as_sockaddr(get_dyn_LMHOSTSFILE(),
2193 if (NT_STATUS_IS_OK(status)) {
2194 if (convert_ss2service(return_iplist,
2198 return NT_STATUS_OK;
2201 return NT_STATUS_NO_MEMORY;
2209 /********************************************************
2210 Resolve via "hosts" method.
2211 *********************************************************/
2213 static NTSTATUS resolve_hosts(const char *name, int name_type,
2214 struct ip_service **return_iplist,
2218 * "host" means do a localhost, or dns lookup.
2220 struct addrinfo hints;
2221 struct addrinfo *ailist = NULL;
2222 struct addrinfo *res = NULL;
2225 const char *dns_hosts_file;
2227 if ( name_type != 0x20 && name_type != 0x0) {
2228 DEBUG(5, ("resolve_hosts: not appropriate "
2229 "for name type <0x%x>\n",
2231 return NT_STATUS_INVALID_PARAMETER;
2234 *return_iplist = NULL;
2237 DEBUG(3,("resolve_hosts: Attempting host lookup for name %s<0x%x>\n",
2241 /* By default make sure it supports TCP. */
2242 hints.ai_socktype = SOCK_STREAM;
2243 hints.ai_flags = AI_ADDRCONFIG;
2245 #if !defined(HAVE_IPV6)
2246 /* Unless we have IPv6, we really only want IPv4 addresses back. */
2247 hints.ai_family = AF_INET;
2250 dns_hosts_file = lp_parm_const_string(-1, "resolv", "host file", NULL);
2251 if (dns_hosts_file) {
2252 struct sockaddr_storage *ss_list;
2254 TALLOC_CTX *ctx = talloc_stackframe();
2256 return NT_STATUS_NO_MEMORY;
2259 status = resolve_dns_hosts_file_as_sockaddr(dns_hosts_file, name, false,
2260 ctx, &ss_list, return_count);
2261 if (NT_STATUS_IS_OK(status)) {
2262 if (convert_ss2service(return_iplist,
2266 return NT_STATUS_OK;
2269 return NT_STATUS_NO_MEMORY;
2273 return NT_STATUS_UNSUCCESSFUL;
2276 ret = getaddrinfo(name,
2281 DEBUG(3,("resolve_hosts: getaddrinfo failed for name %s [%s]\n",
2283 gai_strerror(ret) ));
2286 for (res = ailist; res; res = res->ai_next) {
2287 struct sockaddr_storage ss;
2289 if (!res->ai_addr || res->ai_addrlen == 0) {
2294 memcpy(&ss, res->ai_addr, res->ai_addrlen);
2298 *return_iplist = SMB_REALLOC_ARRAY(*return_iplist,
2301 if (!*return_iplist) {
2302 DEBUG(3,("resolve_hosts: malloc fail !\n"));
2303 freeaddrinfo(ailist);
2304 return NT_STATUS_NO_MEMORY;
2306 (*return_iplist)[i].ss = ss;
2307 (*return_iplist)[i].port = PORT_NONE;
2311 freeaddrinfo(ailist);
2313 if (*return_count) {
2314 return NT_STATUS_OK;
2316 return NT_STATUS_UNSUCCESSFUL;
2319 /********************************************************
2320 Resolve via "ADS" method.
2321 *********************************************************/
2323 /* Special name type used to cause a _kerberos DNS lookup. */
2324 #define KDC_NAME_TYPE 0xDCDC
2326 static NTSTATUS resolve_ads(const char *name,
2328 const char *sitename,
2329 struct ip_service **return_iplist,
2335 struct dns_rr_srv *dcs = NULL;
2339 if ((name_type != 0x1c) && (name_type != KDC_NAME_TYPE) &&
2340 (name_type != 0x1b)) {
2341 return NT_STATUS_INVALID_PARAMETER;
2344 if ( (ctx = talloc_init("resolve_ads")) == NULL ) {
2345 DEBUG(0,("resolve_ads: talloc_init() failed!\n"));
2346 return NT_STATUS_NO_MEMORY;
2349 /* The DNS code needs fixing to find IPv6 addresses... JRA. */
2351 switch (name_type) {
2353 DEBUG(5,("resolve_ads: Attempting to resolve "
2354 "PDC for %s using DNS\n", name));
2355 status = ads_dns_query_pdc(ctx, name, &dcs, &numdcs);
2359 DEBUG(5,("resolve_ads: Attempting to resolve "
2360 "DCs for %s using DNS\n", name));
2361 status = ads_dns_query_dcs(ctx, name, sitename, &dcs,
2365 DEBUG(5,("resolve_ads: Attempting to resolve "
2366 "KDCs for %s using DNS\n", name));
2367 status = ads_dns_query_kdcs(ctx, name, sitename, &dcs,
2371 status = NT_STATUS_INVALID_PARAMETER;
2375 if ( !NT_STATUS_IS_OK( status ) ) {
2376 talloc_destroy(ctx);
2380 for (i=0;i<numdcs;i++) {
2381 numaddrs += MAX(dcs[i].num_ips,1);
2384 if ((*return_iplist = SMB_MALLOC_ARRAY(struct ip_service, numaddrs)) ==
2386 DEBUG(0,("resolve_ads: malloc failed for %d entries\n",
2388 talloc_destroy(ctx);
2389 return NT_STATUS_NO_MEMORY;
2392 /* now unroll the list of IP addresses */
2397 while ( i < numdcs && (*return_count<numaddrs) ) {
2398 struct ip_service *r = &(*return_iplist)[*return_count];
2400 r->port = dcs[i].port;
2402 /* If we don't have an IP list for a name, lookup it up */
2405 interpret_string_addr(&r->ss, dcs[i].hostname, 0);
2409 /* use the IP addresses from the SRV sresponse */
2411 if ( j >= dcs[i].num_ips ) {
2417 r->ss = dcs[i].ss_s[j];
2421 /* make sure it is a valid IP. I considered checking the
2422 * negative connection cache, but this is the wrong place
2423 * for it. Maybe only as a hack. After think about it, if
2424 * all of the IP addresses returned from DNS are dead, what
2425 * hope does a netbios name lookup have ? The standard reason
2426 * for falling back to netbios lookups is that our DNS server
2427 * doesn't know anything about the DC's -- jerry */
2429 if (!is_zero_addr(&r->ss)) {
2434 talloc_destroy(ctx);
2435 return NT_STATUS_OK;
2438 /*******************************************************************
2439 Internal interface to resolve a name into an IP address.
2440 Use this function if the string is either an IP address, DNS
2441 or host name or NetBIOS name. This uses the name switch in the
2442 smb.conf to determine the order of name resolution.
2444 Added support for ip addr/port to support ADS ldap servers.
2445 the only place we currently care about the port is in the
2446 resolve_hosts() when looking up DC's via SRV RR entries in DNS
2447 **********************************************************************/
2449 NTSTATUS internal_resolve_name(const char *name,
2451 const char *sitename,
2452 struct ip_service **return_iplist,
2454 const char *resolve_order)
2458 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
2460 TALLOC_CTX *frame = NULL;
2462 *return_iplist = NULL;
2465 DEBUG(10, ("internal_resolve_name: looking up %s#%x (sitename %s)\n",
2466 name, name_type, sitename ? sitename : "(null)"));
2468 if (is_ipaddress(name)) {
2469 if ((*return_iplist = SMB_MALLOC_P(struct ip_service)) ==
2471 DEBUG(0,("internal_resolve_name: malloc fail !\n"));
2472 return NT_STATUS_NO_MEMORY;
2475 /* ignore the port here */
2476 (*return_iplist)->port = PORT_NONE;
2478 /* if it's in the form of an IP address then get the lib to interpret it */
2479 if (!interpret_string_addr(&(*return_iplist)->ss,
2480 name, AI_NUMERICHOST)) {
2481 DEBUG(1,("internal_resolve_name: interpret_string_addr "
2484 SAFE_FREE(*return_iplist);
2485 return NT_STATUS_INVALID_PARAMETER;
2488 return NT_STATUS_OK;
2491 /* Check name cache */
2493 if (namecache_fetch(name, name_type, return_iplist, return_count)) {
2494 /* This could be a negative response */
2495 if (*return_count > 0) {
2496 return NT_STATUS_OK;
2498 return NT_STATUS_UNSUCCESSFUL;
2502 /* set the name resolution order */
2504 if (strcmp( resolve_order, "NULL") == 0) {
2505 DEBUG(8,("internal_resolve_name: all lookups disabled\n"));
2506 return NT_STATUS_INVALID_PARAMETER;
2509 if (!resolve_order[0]) {
2512 ptr = resolve_order;
2515 /* iterate through the name resolution backends */
2517 frame = talloc_stackframe();
2518 while (next_token_talloc(frame, &ptr, &tok, LIST_SEP)) {
2519 if((strequal(tok, "host") || strequal(tok, "hosts"))) {
2520 status = resolve_hosts(name, name_type, return_iplist,
2522 if (NT_STATUS_IS_OK(status)) {
2525 } else if(strequal( tok, "kdc")) {
2526 /* deal with KDC_NAME_TYPE names here.
2527 * This will result in a SRV record lookup */
2528 status = resolve_ads(name, KDC_NAME_TYPE, sitename,
2529 return_iplist, return_count);
2530 if (NT_STATUS_IS_OK(status)) {
2531 /* Ensure we don't namecache
2532 * this with the KDC port. */
2533 name_type = KDC_NAME_TYPE;
2536 } else if(strequal( tok, "ads")) {
2537 /* deal with 0x1c and 0x1b names here.
2538 * This will result in a SRV record lookup */
2539 status = resolve_ads(name, name_type, sitename,
2540 return_iplist, return_count);
2541 if (NT_STATUS_IS_OK(status)) {
2544 } else if(strequal( tok, "lmhosts")) {
2545 status = resolve_lmhosts(name, name_type,
2546 return_iplist, return_count);
2547 if (NT_STATUS_IS_OK(status)) {
2550 } else if(strequal( tok, "wins")) {
2551 /* don't resolve 1D via WINS */
2552 struct sockaddr_storage *ss_list;
2553 if (name_type != 0x1D) {
2554 status = resolve_wins(name, name_type,
2558 if (NT_STATUS_IS_OK(status)) {
2559 if (!convert_ss2service(return_iplist,
2562 status = NT_STATUS_NO_MEMORY;
2567 } else if(strequal( tok, "bcast")) {
2568 struct sockaddr_storage *ss_list;
2569 status = name_resolve_bcast(
2570 name, name_type, talloc_tos(),
2571 &ss_list, return_count);
2572 if (NT_STATUS_IS_OK(status)) {
2573 if (!convert_ss2service(return_iplist,
2576 status = NT_STATUS_NO_MEMORY;
2581 DEBUG(0,("resolve_name: unknown name switch type %s\n",
2586 /* All of the resolve_* functions above have returned false. */
2589 SAFE_FREE(*return_iplist);
2592 return NT_STATUS_UNSUCCESSFUL;
2596 /* Remove duplicate entries. Some queries, notably #1c (domain
2597 controllers) return the PDC in iplist[0] and then all domain
2598 controllers including the PDC in iplist[1..n]. Iterating over
2599 the iplist when the PDC is down will cause two sets of timeouts. */
2601 if ( *return_count ) {
2602 *return_count = remove_duplicate_addrs2(*return_iplist,
2606 /* Save in name cache */
2607 if ( DEBUGLEVEL >= 100 ) {
2608 for (i = 0; i < *return_count && DEBUGLEVEL == 100; i++) {
2609 char addr[INET6_ADDRSTRLEN];
2610 print_sockaddr(addr, sizeof(addr),
2611 &(*return_iplist)[i].ss);
2612 DEBUG(100, ("Storing name %s of type %d (%s:%d)\n",
2616 (*return_iplist)[i].port));
2620 namecache_store(name, name_type, *return_count, *return_iplist);
2622 /* Display some debugging info */
2624 if ( DEBUGLEVEL >= 10 ) {
2625 DEBUG(10, ("internal_resolve_name: returning %d addresses: ",
2628 for (i = 0; i < *return_count; i++) {
2629 char addr[INET6_ADDRSTRLEN];
2630 print_sockaddr(addr, sizeof(addr),
2631 &(*return_iplist)[i].ss);
2632 DEBUGADD(10, ("%s:%d ",
2634 (*return_iplist)[i].port));
2643 /********************************************************
2644 Internal interface to resolve a name into one IP address.
2645 Use this function if the string is either an IP address, DNS
2646 or host name or NetBIOS name. This uses the name switch in the
2647 smb.conf to determine the order of name resolution.
2648 *********************************************************/
2650 bool resolve_name(const char *name,
2651 struct sockaddr_storage *return_ss,
2655 struct ip_service *ss_list = NULL;
2656 char *sitename = NULL;
2659 if (is_ipaddress(name)) {
2660 return interpret_string_addr(return_ss, name, AI_NUMERICHOST);
2663 sitename = sitename_fetch(lp_realm()); /* wild guess */
2665 if (NT_STATUS_IS_OK(internal_resolve_name(name, name_type, sitename,
2667 lp_name_resolve_order()))) {
2671 for (i=0; i<count; i++) {
2672 if (!is_zero_addr(&ss_list[i].ss) &&
2673 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss) &&
2674 (ss_list[i].ss.ss_family == AF_INET)) {
2675 *return_ss = ss_list[i].ss;
2677 SAFE_FREE(sitename);
2683 /* only return valid addresses for TCP connections */
2684 for (i=0; i<count; i++) {
2685 if (!is_zero_addr(&ss_list[i].ss) &&
2686 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2687 *return_ss = ss_list[i].ss;
2689 SAFE_FREE(sitename);
2696 SAFE_FREE(sitename);
2700 /********************************************************
2701 Internal interface to resolve a name into a list of IP addresses.
2702 Use this function if the string is either an IP address, DNS
2703 or host name or NetBIOS name. This uses the name switch in the
2704 smb.conf to determine the order of name resolution.
2705 *********************************************************/
2707 NTSTATUS resolve_name_list(TALLOC_CTX *ctx,
2710 struct sockaddr_storage **return_ss_arr,
2711 unsigned int *p_num_entries)
2713 struct ip_service *ss_list = NULL;
2714 char *sitename = NULL;
2717 unsigned int num_entries;
2721 *return_ss_arr = NULL;
2723 if (is_ipaddress(name)) {
2724 *return_ss_arr = talloc(ctx, struct sockaddr_storage);
2725 if (!*return_ss_arr) {
2726 return NT_STATUS_NO_MEMORY;
2728 if (!interpret_string_addr(*return_ss_arr, name, AI_NUMERICHOST)) {
2729 TALLOC_FREE(*return_ss_arr);
2730 return NT_STATUS_BAD_NETWORK_NAME;
2733 return NT_STATUS_OK;
2736 sitename = sitename_fetch(lp_realm()); /* wild guess */
2738 status = internal_resolve_name(name, name_type, sitename,
2740 lp_name_resolve_order());
2741 SAFE_FREE(sitename);
2743 if (!NT_STATUS_IS_OK(status)) {
2747 /* only return valid addresses for TCP connections */
2748 for (i=0, num_entries = 0; i<count; i++) {
2749 if (!is_zero_addr(&ss_list[i].ss) &&
2750 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2754 if (num_entries == 0) {
2756 return NT_STATUS_BAD_NETWORK_NAME;
2759 *return_ss_arr = talloc_array(ctx,
2760 struct sockaddr_storage,
2762 if (!(*return_ss_arr)) {
2764 return NT_STATUS_NO_MEMORY;
2767 for (i=0, num_entries = 0; i<count; i++) {
2768 if (!is_zero_addr(&ss_list[i].ss) &&
2769 !is_broadcast_addr((struct sockaddr *)&ss_list[i].ss)) {
2770 (*return_ss_arr)[num_entries++] = ss_list[i].ss;
2774 status = NT_STATUS_OK;
2775 *p_num_entries = num_entries;
2778 return NT_STATUS_OK;
2781 /********************************************************
2782 Find the IP address of the master browser or DMB for a workgroup.
2783 *********************************************************/
2785 bool find_master_ip(const char *group, struct sockaddr_storage *master_ss)
2787 struct ip_service *ip_list = NULL;
2791 if (lp_disable_netbios()) {
2792 DEBUG(5,("find_master_ip(%s): netbios is disabled\n", group));
2796 status = internal_resolve_name(group, 0x1D, NULL, &ip_list, &count,
2797 lp_name_resolve_order());
2798 if (NT_STATUS_IS_OK(status)) {
2799 *master_ss = ip_list[0].ss;
2804 status = internal_resolve_name(group, 0x1B, NULL, &ip_list, &count,
2805 lp_name_resolve_order());
2806 if (NT_STATUS_IS_OK(status)) {
2807 *master_ss = ip_list[0].ss;
2816 /********************************************************
2817 Get the IP address list of the primary domain controller
2819 *********************************************************/
2821 bool get_pdc_ip(const char *domain, struct sockaddr_storage *pss)
2823 struct ip_service *ip_list = NULL;
2825 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
2827 /* Look up #1B name */
2829 if (lp_security() == SEC_ADS) {
2830 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2834 if (!NT_STATUS_IS_OK(status) || count == 0) {
2835 status = internal_resolve_name(domain, 0x1b, NULL, &ip_list,
2837 lp_name_resolve_order());
2838 if (!NT_STATUS_IS_OK(status)) {
2843 /* if we get more than 1 IP back we have to assume it is a
2844 multi-homed PDC and not a mess up */
2847 DEBUG(6,("get_pdc_ip: PDC has %d IP addresses!\n", count));
2848 sort_service_list(ip_list, count);
2851 *pss = ip_list[0].ss;
2856 /* Private enum type for lookups. */
2858 enum dc_lookup_type { DC_NORMAL_LOOKUP, DC_ADS_ONLY, DC_KDC_ONLY };
2860 /********************************************************
2861 Get the IP address list of the domain controllers for
2863 *********************************************************/
2865 static NTSTATUS get_dc_list(const char *domain,
2866 const char *sitename,
2867 struct ip_service **ip_list,
2869 enum dc_lookup_type lookup_type,
2872 char *resolve_order = NULL;
2873 char *saf_servername = NULL;
2874 char *pserver = NULL;
2876 char *port_str = NULL;
2879 int num_addresses = 0;
2880 int local_count, i, j;
2881 struct ip_service *return_iplist = NULL;
2882 struct ip_service *auto_ip_list = NULL;
2883 bool done_auto_lookup = false;
2886 TALLOC_CTX *ctx = talloc_init("get_dc_list");
2892 return NT_STATUS_NO_MEMORY;
2897 /* if we are restricted to solely using DNS for looking
2898 up a domain controller, make sure that host lookups
2899 are enabled for the 'name resolve order'. If host lookups
2900 are disabled and ads_only is True, then set the string to
2903 resolve_order = talloc_strdup(ctx, lp_name_resolve_order());
2904 if (!resolve_order) {
2905 status = NT_STATUS_NO_MEMORY;
2908 strlower_m(resolve_order);
2909 if (lookup_type == DC_ADS_ONLY) {
2910 if (strstr( resolve_order, "host")) {
2911 resolve_order = talloc_strdup(ctx, "ads");
2913 /* DNS SRV lookups used by the ads resolver
2914 are already sorted by priority and weight */
2917 resolve_order = talloc_strdup(ctx, "NULL");
2919 } else if (lookup_type == DC_KDC_ONLY) {
2920 /* DNS SRV lookups used by the ads/kdc resolver
2921 are already sorted by priority and weight */
2923 resolve_order = talloc_strdup(ctx, "kdc");
2925 if (!resolve_order) {
2926 status = NT_STATUS_NO_MEMORY;
2930 /* fetch the server we have affinity for. Add the
2931 'password server' list to a search for our domain controllers */
2933 saf_servername = saf_fetch( domain);
2935 if (strequal(domain, lp_workgroup()) || strequal(domain, lp_realm())) {
2936 pserver = talloc_asprintf(ctx, "%s, %s",
2937 saf_servername ? saf_servername : "",
2938 lp_passwordserver());
2940 pserver = talloc_asprintf(ctx, "%s, *",
2941 saf_servername ? saf_servername : "");
2944 SAFE_FREE(saf_servername);
2946 status = NT_STATUS_NO_MEMORY;
2950 /* if we are starting from scratch, just lookup DOMAIN<0x1c> */
2953 DEBUG(10,("get_dc_list: no preferred domain controllers.\n"));
2954 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2955 count, resolve_order);
2959 DEBUG(3,("get_dc_list: preferred server list: \"%s\"\n", pserver ));
2962 * if '*' appears in the "password server" list then add
2963 * an auto lookup to the list of manually configured
2964 * DC's. If any DC is listed by name, then the list should be
2965 * considered to be ordered
2969 while (next_token_talloc(ctx, &p, &name, LIST_SEP)) {
2970 if (!done_auto_lookup && strequal(name, "*")) {
2971 status = internal_resolve_name(domain, 0x1C, sitename,
2975 if (NT_STATUS_IS_OK(status)) {
2976 num_addresses += auto_count;
2978 done_auto_lookup = true;
2979 DEBUG(8,("Adding %d DC's from auto lookup\n",
2986 /* if we have no addresses and haven't done the auto lookup, then
2987 just return the list of DC's. Or maybe we just failed. */
2989 if ((num_addresses == 0)) {
2990 if (done_auto_lookup) {
2991 DEBUG(4,("get_dc_list: no servers found\n"));
2992 status = NT_STATUS_NO_LOGON_SERVERS;
2995 status = internal_resolve_name(domain, 0x1C, sitename, ip_list,
2996 count, resolve_order);
3000 if ((return_iplist = SMB_MALLOC_ARRAY(struct ip_service,
3001 num_addresses)) == NULL) {
3002 DEBUG(3,("get_dc_list: malloc fail !\n"));
3003 status = NT_STATUS_NO_MEMORY;
3010 /* fill in the return list now with real IP's */
3012 while ((local_count<num_addresses) &&
3013 next_token_talloc(ctx, &p, &name, LIST_SEP)) {
3014 struct sockaddr_storage name_ss;
3016 /* copy any addersses from the auto lookup */
3018 if (strequal(name, "*")) {
3019 for (j=0; j<auto_count; j++) {
3020 char addr[INET6_ADDRSTRLEN];
3021 print_sockaddr(addr,
3023 &auto_ip_list[j].ss);
3024 /* Check for and don't copy any
3025 * known bad DC IP's. */
3026 if(!NT_STATUS_IS_OK(check_negative_conn_cache(
3029 DEBUG(5,("get_dc_list: "
3030 "negative entry %s removed "
3035 return_iplist[local_count].ss =
3037 return_iplist[local_count].port =
3038 auto_ip_list[j].port;
3044 /* added support for address:port syntax for ads
3045 * (not that I think anyone will ever run the LDAP
3046 * server in an AD domain on something other than
3049 port = (lp_security() == SEC_ADS) ? LDAP_PORT : PORT_NONE;
3050 if ((port_str=strchr(name, ':')) != NULL) {
3053 port = atoi(port_str);
3056 /* explicit lookup; resolve_name() will
3057 * handle names & IP addresses */
3058 if (resolve_name( name, &name_ss, 0x20, true )) {
3059 char addr[INET6_ADDRSTRLEN];
3060 print_sockaddr(addr,
3064 /* Check for and don't copy any known bad DC IP's. */
3065 if( !NT_STATUS_IS_OK(check_negative_conn_cache(domain,
3067 DEBUG(5,("get_dc_list: negative entry %s "
3068 "removed from DC list\n",
3073 return_iplist[local_count].ss = name_ss;
3074 return_iplist[local_count].port = port;
3080 /* need to remove duplicates in the list if we have any
3081 explicit password servers */
3084 local_count = remove_duplicate_addrs2(return_iplist,
3088 /* For DC's we always prioritize IPv4 due to W2K3 not
3089 * supporting LDAP, KRB5 or CLDAP over IPv6. */
3091 if (local_count && return_iplist) {
3092 prioritize_ipv4_list(return_iplist, local_count);
3095 if ( DEBUGLEVEL >= 4 ) {
3096 DEBUG(4,("get_dc_list: returning %d ip addresses "
3097 "in an %sordered list\n",
3099 *ordered ? "":"un"));
3100 DEBUG(4,("get_dc_list: "));
3101 for ( i=0; i<local_count; i++ ) {
3102 char addr[INET6_ADDRSTRLEN];
3103 print_sockaddr(addr,
3105 &return_iplist[i].ss);
3106 DEBUGADD(4,("%s:%d ", addr, return_iplist[i].port ));
3111 *ip_list = return_iplist;
3112 *count = local_count;
3114 status = ( *count != 0 ? NT_STATUS_OK : NT_STATUS_NO_LOGON_SERVERS );
3118 if (!NT_STATUS_IS_OK(status)) {
3119 SAFE_FREE(return_iplist);
3124 SAFE_FREE(auto_ip_list);
3129 /*********************************************************************
3130 Small wrapper function to get the DC list and sort it if neccessary.
3131 *********************************************************************/
3133 NTSTATUS get_sorted_dc_list( const char *domain,
3134 const char *sitename,
3135 struct ip_service **ip_list,
3139 bool ordered = false;
3141 enum dc_lookup_type lookup_type = DC_NORMAL_LOOKUP;
3146 DEBUG(8,("get_sorted_dc_list: attempting lookup "
3147 "for name %s (sitename %s) using [%s]\n",
3149 sitename ? sitename : "NULL",
3150 (ads_only ? "ads" : lp_name_resolve_order())));
3153 lookup_type = DC_ADS_ONLY;
3156 status = get_dc_list(domain, sitename, ip_list,
3157 count, lookup_type, &ordered);
3158 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS)
3160 DEBUG(3,("get_sorted_dc_list: no server for name %s available"
3161 " in site %s, fallback to all servers\n",
3163 status = get_dc_list(domain, NULL, ip_list,
3164 count, lookup_type, &ordered);
3167 if (!NT_STATUS_IS_OK(status)) {
3168 SAFE_FREE(*ip_list);
3173 /* only sort if we don't already have an ordered list */
3175 sort_service_list(*ip_list, *count);
3178 return NT_STATUS_OK;
3181 /*********************************************************************
3182 Get the KDC list - re-use all the logic in get_dc_list.
3183 *********************************************************************/
3185 NTSTATUS get_kdc_list( const char *realm,
3186 const char *sitename,
3187 struct ip_service **ip_list,
3196 status = get_dc_list(realm, sitename, ip_list,
3197 count, DC_KDC_ONLY, &ordered);
3199 if (!NT_STATUS_IS_OK(status)) {
3200 SAFE_FREE(*ip_list);
3205 /* only sort if we don't already have an ordered list */
3207 sort_service_list(*ip_list, *count);
3210 return NT_STATUS_OK;