1/* 2 Unix SMB/CIFS implementation. 3 NBT netbios routines and daemon - version 2 4 Copyright (C) Andrew Tridgell 1994-1998 5 Copyright (C) Luke Kenneth Casson Leighton 1994-1998 6 Copyright (C) Jeremy Allison 1994-2003 7 8 This program is free software; you can redistribute it and/or modify 9 it under the terms of the GNU General Public License as published by 10 the Free Software Foundation; either version 2 of the License, or 11 (at your option) any later version. 12 13 This program is distributed in the hope that it will be useful, 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program; if not, write to the Free Software 20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 21 22*/ 23 24#include "includes.h" 25 26extern int ClientNMB; 27extern int ClientDGRAM; 28extern int global_nmb_port; 29 30extern int num_response_packets; 31 32extern struct in_addr loopback_ip; 33 34static void queue_packet(struct packet_struct *packet); 35 36BOOL rescan_listen_set = False; 37 38 39/******************************************************************* 40 The global packet linked-list. Incoming entries are 41 added to the end of this list. It is supposed to remain fairly 42 short so we won't bother with an end pointer. 43******************************************************************/ 44 45static struct packet_struct *packet_queue = NULL; 46 47/*************************************************************************** 48Utility function to find the specific fd to send a packet out on. 49**************************************************************************/ 50 51static int find_subnet_fd_for_address( struct in_addr local_ip ) 52{ 53 struct subnet_record *subrec; 54 55 for( subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) 56 if(ip_equal(local_ip, subrec->myip)) 57 return subrec->nmb_sock; 58 59 return ClientNMB; 60} 61 62/*************************************************************************** 63Utility function to find the specific fd to send a mailslot packet out on. 64**************************************************************************/ 65 66static int find_subnet_mailslot_fd_for_address( struct in_addr local_ip ) 67{ 68 struct subnet_record *subrec; 69 70 for( subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) 71 if(ip_equal(local_ip, subrec->myip)) 72 return subrec->dgram_sock; 73 74 return ClientDGRAM; 75} 76 77/*************************************************************************** 78Get/Set problematic nb_flags as network byte order 16 bit int. 79**************************************************************************/ 80 81uint16 get_nb_flags(char *buf) 82{ 83 return ((((uint16)*buf)&0xFFFF) & NB_FLGMSK); 84} 85 86void set_nb_flags(char *buf, uint16 nb_flags) 87{ 88 *buf++ = ((nb_flags & NB_FLGMSK) & 0xFF); 89 *buf = '\0'; 90} 91 92/*************************************************************************** 93Dumps out the browse packet data. 94**************************************************************************/ 95 96static void debug_browse_data(char *outbuf, int len) 97{ 98 int i,j; 99 100 DEBUG( 4, ( "debug_browse_data():\n" ) ); 101 for (i = 0; i < len; i+= 16) { 102 DEBUGADD( 4, ( "%3x char ", i ) ); 103 104 for (j = 0; j < 16; j++) { 105 unsigned char x; 106 if (i+j >= len) 107 break; 108 109 x = outbuf[i+j]; 110 if (x < 32 || x > 127) 111 x = '.'; 112 113 DEBUGADD( 4, ( "%c", x ) ); 114 } 115 116 DEBUGADD( 4, ( "%*s hex", 16-j, "" ) ); 117 118 for (j = 0; j < 16; j++) { 119 if (i+j >= len) 120 break; 121 DEBUGADD( 4, ( " %02x", (unsigned char)outbuf[i+j] ) ); 122 } 123 124 DEBUGADD( 4, ("\n") ); 125 } 126} 127 128/*************************************************************************** 129 Generates the unique transaction identifier 130**************************************************************************/ 131 132static uint16 name_trn_id=0; 133 134static uint16 generate_name_trn_id(void) 135{ 136 if (!name_trn_id) { 137 name_trn_id = ((unsigned)time(NULL)%(unsigned)0x7FFF) + ((unsigned)sys_getpid()%(unsigned)100); 138 } 139 name_trn_id = (name_trn_id+1) % (unsigned)0x7FFF; 140 return name_trn_id; 141} 142 143/*************************************************************************** 144 Either loops back or sends out a completed NetBIOS packet. 145**************************************************************************/ 146 147static BOOL send_netbios_packet(struct packet_struct *p) 148{ 149 BOOL loopback_this_packet = False; 150 151 /* Check if we are sending to or from ourselves as a WINS server. */ 152 if(ismyip(p->ip) && (p->port == global_nmb_port)) 153 loopback_this_packet = True; 154 155 if(loopback_this_packet) { 156 struct packet_struct *lo_packet = NULL; 157 DEBUG(5,("send_netbios_packet: sending packet to ourselves.\n")); 158 if((lo_packet = copy_packet(p)) == NULL) 159 return False; 160 queue_packet(lo_packet); 161 } else if (!send_packet(p)) { 162 DEBUG(0,("send_netbios_packet: send_packet() to IP %s port %d failed\n", 163 inet_ntoa(p->ip),p->port)); 164 return False; 165 } 166 167 return True; 168} 169 170/*************************************************************************** 171 Sets up the common elements of an outgoing NetBIOS packet. 172 173 Note: do not attempt to rationalise whether rec_des should be set or not 174 in a particular situation. Just follow rfc_1002 or look at examples from WinXX. 175 It does NOT follow the rule that requests to the wins server always have 176 rec_des true. See for example name releases and refreshes 177**************************************************************************/ 178 179static struct packet_struct *create_and_init_netbios_packet(struct nmb_name *nmbname, 180 BOOL bcast, BOOL rec_des, 181 struct in_addr to_ip) 182{ 183 struct packet_struct *packet = NULL; 184 struct nmb_packet *nmb = NULL; 185 186 /* Allocate the packet_struct we will return. */ 187 if((packet = (struct packet_struct *)malloc(sizeof(*packet))) == NULL) { 188 DEBUG(0,("create_and_init_netbios_packet: malloc fail (1) for packet struct.\n")); 189 return NULL; 190 } 191 192 memset((char *)packet,'\0',sizeof(*packet)); 193 194 nmb = &packet->packet.nmb; 195 196 nmb->header.name_trn_id = generate_name_trn_id(); 197 nmb->header.response = False; 198 nmb->header.nm_flags.recursion_desired = rec_des; 199 nmb->header.nm_flags.recursion_available = False; 200 nmb->header.nm_flags.trunc = False; 201 nmb->header.nm_flags.authoritative = False; 202 nmb->header.nm_flags.bcast = bcast; 203 204 nmb->header.rcode = 0; 205 nmb->header.qdcount = 1; 206 nmb->header.ancount = 0; 207 nmb->header.nscount = 0; 208 209 nmb->question.question_name = *nmbname; 210 nmb->question.question_type = QUESTION_TYPE_NB_QUERY; 211 nmb->question.question_class = QUESTION_CLASS_IN; 212 213 packet->ip = to_ip; 214 packet->port = NMB_PORT; 215 packet->fd = ClientNMB; 216 packet->timestamp = time(NULL); 217 packet->packet_type = NMB_PACKET; 218 packet->locked = False; 219 220 return packet; /* Caller must free. */ 221} 222 223/*************************************************************************** 224 Sets up the common elements of register, refresh or release packet. 225**************************************************************************/ 226 227static BOOL create_and_init_additional_record(struct packet_struct *packet, 228 uint16 nb_flags, 229 struct in_addr *register_ip) 230{ 231 struct nmb_packet *nmb = &packet->packet.nmb; 232 233 if((nmb->additional = (struct res_rec *)malloc(sizeof(struct res_rec))) == NULL) { 234 DEBUG(0,("initiate_name_register_packet: malloc fail for additional record.\n")); 235 return False; 236 } 237 238 memset((char *)nmb->additional,'\0',sizeof(struct res_rec)); 239 240 nmb->additional->rr_name = nmb->question.question_name; 241 nmb->additional->rr_type = RR_TYPE_NB; 242 nmb->additional->rr_class = RR_CLASS_IN; 243 244 /* See RFC 1002, sections 5.1.1.1, 5.1.1.2 and 5.1.1.3 */ 245 if (nmb->header.nm_flags.bcast) 246 nmb->additional->ttl = PERMANENT_TTL; 247 else 248 nmb->additional->ttl = lp_max_ttl(); 249 250 nmb->additional->rdlength = 6; 251 252 set_nb_flags(nmb->additional->rdata,nb_flags); 253 254 /* Set the address for the name we are registering. */ 255 putip(&nmb->additional->rdata[2], register_ip); 256 257 /* 258 it turns out that Jeremys code was correct, we are supposed 259 to send registrations from the IP we are registering. The 260 trick is what to do on timeouts! When we send on a 261 non-routable IP then the reply will timeout, and we should 262 treat this as success, not failure. That means we go into 263 our standard refresh cycle for that name which copes nicely 264 with disconnected networks. 265 */ 266 packet->fd = find_subnet_fd_for_address(*register_ip); 267 268 return True; 269} 270 271/*************************************************************************** 272 Sends out a name query. 273**************************************************************************/ 274 275static BOOL initiate_name_query_packet( struct packet_struct *packet) 276{ 277 struct nmb_packet *nmb = NULL; 278 279 nmb = &packet->packet.nmb; 280 281 nmb->header.opcode = NMB_NAME_QUERY_OPCODE; 282 nmb->header.arcount = 0; 283 284 nmb->header.nm_flags.recursion_desired = True; 285 286 DEBUG(4,("initiate_name_query_packet: sending query for name %s (bcast=%s) to IP %s\n", 287 nmb_namestr(&nmb->question.question_name), 288 BOOLSTR(nmb->header.nm_flags.bcast), inet_ntoa(packet->ip))); 289 290 return send_netbios_packet( packet ); 291} 292 293/*************************************************************************** 294 Sends out a name query - from a WINS server. 295**************************************************************************/ 296 297static BOOL initiate_name_query_packet_from_wins_server( struct packet_struct *packet) 298{ 299 struct nmb_packet *nmb = NULL; 300 301 nmb = &packet->packet.nmb; 302 303 nmb->header.opcode = NMB_NAME_QUERY_OPCODE; 304 nmb->header.arcount = 0; 305 306 nmb->header.nm_flags.recursion_desired = False; 307 308 DEBUG(4,("initiate_name_query_packet_from_wins_server: sending query for name %s (bcast=%s) to IP %s\n", 309 nmb_namestr(&nmb->question.question_name), 310 BOOLSTR(nmb->header.nm_flags.bcast), inet_ntoa(packet->ip))); 311 312 return send_netbios_packet( packet ); 313} 314 315/*************************************************************************** 316 Sends out a name register. 317**************************************************************************/ 318 319static BOOL initiate_name_register_packet( struct packet_struct *packet, 320 uint16 nb_flags, struct in_addr *register_ip) 321{ 322 struct nmb_packet *nmb = &packet->packet.nmb; 323 324 nmb->header.opcode = NMB_NAME_REG_OPCODE; 325 nmb->header.arcount = 1; 326 327 nmb->header.nm_flags.recursion_desired = True; 328 329 if(create_and_init_additional_record(packet, nb_flags, register_ip) == False) 330 return False; 331 332 DEBUG(4,("initiate_name_register_packet: sending registration for name %s (bcast=%s) to IP %s\n", 333 nmb_namestr(&nmb->additional->rr_name), 334 BOOLSTR(nmb->header.nm_flags.bcast), inet_ntoa(packet->ip))); 335 336 return send_netbios_packet( packet ); 337} 338 339/*************************************************************************** 340 Sends out a multihomed name register. 341**************************************************************************/ 342 343static BOOL initiate_multihomed_name_register_packet(struct packet_struct *packet, 344 uint16 nb_flags, struct in_addr *register_ip) 345{ 346 struct nmb_packet *nmb = &packet->packet.nmb; 347 fstring second_ip_buf; 348 349 fstrcpy(second_ip_buf, inet_ntoa(packet->ip)); 350 351 nmb->header.opcode = NMB_NAME_MULTIHOMED_REG_OPCODE; 352 nmb->header.arcount = 1; 353 354 nmb->header.nm_flags.recursion_desired = True; 355 356 if(create_and_init_additional_record(packet, nb_flags, register_ip) == False) 357 return False; 358 359 DEBUG(4,("initiate_multihomed_name_register_packet: sending registration \ 360for name %s IP %s (bcast=%s) to IP %s\n", 361 nmb_namestr(&nmb->additional->rr_name), inet_ntoa(*register_ip), 362 BOOLSTR(nmb->header.nm_flags.bcast), second_ip_buf )); 363 364 return send_netbios_packet( packet ); 365} 366 367/*************************************************************************** 368 Sends out a name refresh. 369**************************************************************************/ 370 371static BOOL initiate_name_refresh_packet( struct packet_struct *packet, 372 uint16 nb_flags, struct in_addr *refresh_ip) 373{ 374 struct nmb_packet *nmb = &packet->packet.nmb; 375 376 nmb->header.opcode = NMB_NAME_REFRESH_OPCODE_8; 377 nmb->header.arcount = 1; 378 379 nmb->header.nm_flags.recursion_desired = False; 380 381 if(create_and_init_additional_record(packet, nb_flags, refresh_ip) == False) 382 return False; 383 384 DEBUG(4,("initiate_name_refresh_packet: sending refresh for name %s (bcast=%s) to IP %s\n", 385 nmb_namestr(&nmb->additional->rr_name), 386 BOOLSTR(nmb->header.nm_flags.bcast), inet_ntoa(packet->ip))); 387 388 return send_netbios_packet( packet ); 389} 390 391/*************************************************************************** 392 Sends out a name release. 393**************************************************************************/ 394 395static BOOL initiate_name_release_packet( struct packet_struct *packet, 396 uint16 nb_flags, struct in_addr *release_ip) 397{ 398 struct nmb_packet *nmb = &packet->packet.nmb; 399 400 nmb->header.opcode = NMB_NAME_RELEASE_OPCODE; 401 nmb->header.arcount = 1; 402 403 nmb->header.nm_flags.recursion_desired = False; 404 405 if(create_and_init_additional_record(packet, nb_flags, release_ip) == False) 406 return False; 407 408 DEBUG(4,("initiate_name_release_packet: sending release for name %s (bcast=%s) to IP %s\n", 409 nmb_namestr(&nmb->additional->rr_name), 410 BOOLSTR(nmb->header.nm_flags.bcast), inet_ntoa(packet->ip))); 411 412 return send_netbios_packet( packet ); 413} 414 415/*************************************************************************** 416 Sends out a node status. 417**************************************************************************/ 418 419static BOOL initiate_node_status_packet( struct packet_struct *packet ) 420{ 421 struct nmb_packet *nmb = &packet->packet.nmb; 422 423 nmb->header.opcode = NMB_NAME_QUERY_OPCODE; 424 nmb->header.arcount = 0; 425 426 nmb->header.nm_flags.recursion_desired = False; 427 428 nmb->question.question_type = QUESTION_TYPE_NB_STATUS; 429 430 DEBUG(4,("initiate_node_status_packet: sending node status request for name %s to IP %s\n", 431 nmb_namestr(&nmb->question.question_name), 432 inet_ntoa(packet->ip))); 433 434 return send_netbios_packet( packet ); 435} 436 437/**************************************************************************** 438 Simplification functions for queuing standard packets. 439 These should be the only publicly callable functions for sending 440 out packets. 441****************************************************************************/ 442 443/**************************************************************************** 444 Assertion - we should never be sending nmbd packets on the remote 445 broadcast subnet. 446****************************************************************************/ 447 448static BOOL assert_check_subnet(struct subnet_record *subrec) 449{ 450 if( subrec == remote_broadcast_subnet) { 451 DEBUG(0,("assert_check_subnet: Attempt to send packet on remote broadcast subnet. \ 452This is a bug.\n")); 453 return True; 454 } 455 return False; 456} 457 458/**************************************************************************** 459 Queue a register name packet to the broadcast address of a subnet. 460****************************************************************************/ 461 462struct response_record *queue_register_name( struct subnet_record *subrec, 463 response_function resp_fn, 464 timeout_response_function timeout_fn, 465 register_name_success_function success_fn, 466 register_name_fail_function fail_fn, 467 struct userdata_struct *userdata, 468 struct nmb_name *nmbname, 469 uint16 nb_flags) 470{ 471 struct packet_struct *p; 472 struct response_record *rrec; 473 474 if(assert_check_subnet(subrec)) 475 return NULL; 476 477 /* note that all name registration requests have RD set (rfc1002 - section 4.2.2 */ 478 if ((p = create_and_init_netbios_packet(nmbname, (subrec != unicast_subnet), True, 479 subrec->bcast_ip)) == NULL) 480 return NULL; 481 482 if(initiate_name_register_packet( p, nb_flags, iface_ip(subrec->bcast_ip)) == False) { 483 p->locked = False; 484 free_packet(p); 485 return NULL; 486 } 487 488 if((rrec = make_response_record(subrec, /* subnet record. */ 489 p, /* packet we sent. */ 490 resp_fn, /* function to call on response. */ 491 timeout_fn, /* function to call on timeout. */ 492 (success_function)success_fn, /* function to call on operation success. */ 493 (fail_function)fail_fn, /* function to call on operation fail. */ 494 userdata)) == NULL) { 495 p->locked = False; 496 free_packet(p); 497 return NULL; 498 } 499 500 return rrec; 501} 502 503/**************************************************************************** 504 Queue a refresh name packet to the broadcast address of a subnet. 505****************************************************************************/ 506 507void queue_wins_refresh(struct nmb_name *nmbname, 508 response_function resp_fn, 509 timeout_response_function timeout_fn, 510 uint16 nb_flags, 511 struct in_addr refresh_ip, 512 const char *tag) 513{ 514 struct packet_struct *p; 515 struct response_record *rrec; 516 struct in_addr wins_ip; 517 struct userdata_struct *userdata; 518 fstring ip_str; 519 520 wins_ip = wins_srv_ip_tag(tag, refresh_ip); 521 522 if ((p = create_and_init_netbios_packet(nmbname, False, False, wins_ip)) == NULL) { 523 return; 524 } 525 526 if (!initiate_name_refresh_packet(p, nb_flags, &refresh_ip)) { 527 p->locked = False; 528 free_packet(p); 529 return; 530 } 531 532 fstrcpy(ip_str, inet_ntoa(refresh_ip)); 533 534 DEBUG(6,("Refreshing name %s IP %s with WINS server %s using tag '%s'\n", 535 nmb_namestr(nmbname), ip_str, inet_ntoa(wins_ip), tag)); 536 537 userdata = (struct userdata_struct *)malloc(sizeof(*userdata) + strlen(tag) + 1); 538 if (!userdata) { 539 DEBUG(0,("Failed to allocate userdata structure!\n")); 540 return; 541 } 542 ZERO_STRUCTP(userdata); 543 userdata->userdata_len = strlen(tag) + 1; 544 strlcpy(userdata->data, tag, userdata->userdata_len); 545 546 if ((rrec = make_response_record(unicast_subnet, 547 p, 548 resp_fn, timeout_fn, 549 NULL, 550 NULL, 551 userdata)) == NULL) { 552 p->locked = False; 553 free_packet(p); 554 return; 555 } 556 557 free(userdata); 558 559 /* we don't want to repeat refresh packets */ 560 rrec->repeat_count = 0; 561} 562 563 564/**************************************************************************** 565 Queue a multihomed register name packet to a given WINS server IP 566****************************************************************************/ 567 568struct response_record *queue_register_multihomed_name( struct subnet_record *subrec, 569 response_function resp_fn, 570 timeout_response_function timeout_fn, 571 register_name_success_function success_fn, 572 register_name_fail_function fail_fn, 573 struct userdata_struct *userdata, 574 struct nmb_name *nmbname, 575 uint16 nb_flags, 576 struct in_addr register_ip, 577 struct in_addr wins_ip) 578{ 579 struct packet_struct *p; 580 struct response_record *rrec; 581 BOOL ret; 582 583 /* Sanity check. */ 584 if(subrec != unicast_subnet) { 585 DEBUG(0,("queue_register_multihomed_name: should only be done on \ 586unicast subnet. subnet is %s\n.", subrec->subnet_name )); 587 return NULL; 588 } 589 590 if(assert_check_subnet(subrec)) 591 return NULL; 592 593 if ((p = create_and_init_netbios_packet(nmbname, False, True, wins_ip)) == NULL) 594 return NULL; 595 596 if (nb_flags & NB_GROUP) 597 ret = initiate_name_register_packet( p, nb_flags, ®ister_ip); 598 else 599 ret = initiate_multihomed_name_register_packet(p, nb_flags, ®ister_ip); 600 601 if (ret == False) { 602 p->locked = False; 603 free_packet(p); 604 return NULL; 605 } 606 607 if ((rrec = make_response_record(subrec, /* subnet record. */ 608 p, /* packet we sent. */ 609 resp_fn, /* function to call on response. */ 610 timeout_fn, /* function to call on timeout. */ 611 (success_function)success_fn, /* function to call on operation success. */ 612 (fail_function)fail_fn, /* function to call on operation fail. */ 613 userdata)) == NULL) { 614 p->locked = False; 615 free_packet(p); 616 return NULL; 617 } 618 619 return rrec; 620} 621 622/**************************************************************************** 623 Queue a release name packet to the broadcast address of a subnet. 624****************************************************************************/ 625 626struct response_record *queue_release_name( struct subnet_record *subrec, 627 response_function resp_fn, 628 timeout_response_function timeout_fn, 629 release_name_success_function success_fn, 630 release_name_fail_function fail_fn, 631 struct userdata_struct *userdata, 632 struct nmb_name *nmbname, 633 uint16 nb_flags, 634 struct in_addr release_ip, 635 struct in_addr dest_ip) 636{ 637 struct packet_struct *p; 638 struct response_record *rrec; 639 640 if(assert_check_subnet(subrec)) 641 return NULL; 642 643 if ((p = create_and_init_netbios_packet(nmbname, (subrec != unicast_subnet), False, dest_ip)) == NULL) 644 return NULL; 645 646 if(initiate_name_release_packet( p, nb_flags, &release_ip) == False) { 647 p->locked = False; 648 free_packet(p); 649 return NULL; 650 } 651 652 if((rrec = make_response_record(subrec, /* subnet record. */ 653 p, /* packet we sent. */ 654 resp_fn, /* function to call on response. */ 655 timeout_fn, /* function to call on timeout. */ 656 (success_function)success_fn, /* function to call on operation success. */ 657 (fail_function)fail_fn, /* function to call on operation fail. */ 658 userdata)) == NULL) { 659 p->locked = False; 660 free_packet(p); 661 return NULL; 662 } 663 664 /* 665 * For a broadcast release packet, only send once. 666 * This will cause us to remove the name asap. JRA. 667 */ 668 669 if (subrec != unicast_subnet) { 670 rrec->repeat_count = 0; 671 rrec->repeat_time = 0; 672 } 673 674 return rrec; 675} 676 677/**************************************************************************** 678 Queue a query name packet to the broadcast address of a subnet. 679****************************************************************************/ 680 681struct response_record *queue_query_name( struct subnet_record *subrec, 682 response_function resp_fn, 683 timeout_response_function timeout_fn, 684 query_name_success_function success_fn, 685 query_name_fail_function fail_fn, 686 struct userdata_struct *userdata, 687 struct nmb_name *nmbname) 688{ 689 struct packet_struct *p; 690 struct response_record *rrec; 691 struct in_addr to_ip; 692 693 if(assert_check_subnet(subrec)) 694 return NULL; 695 696 to_ip = subrec->bcast_ip; 697 698 /* queries to the WINS server turn up here as queries to IP 0.0.0.0 699 These need to be handled a bit differently */ 700 if (subrec->type == UNICAST_SUBNET && is_zero_ip(to_ip)) { 701 /* What we really need to do is loop over each of our wins 702 * servers and wins server tags here, but that just doesn't 703 * fit our architecture at the moment (userdata may already 704 * be used when we get here). For now we just query the first 705 * active wins server on the first tag. 706 */ 707 char **tags = wins_srv_tags(); 708 if (!tags) { 709 return NULL; 710 } 711 to_ip = wins_srv_ip_tag(tags[0], to_ip); 712 wins_srv_tags_free(tags); 713 } 714 715 if(( p = create_and_init_netbios_packet(nmbname, 716 (subrec != unicast_subnet), 717 (subrec == unicast_subnet), 718 to_ip)) == NULL) 719 return NULL; 720 721 if(lp_bind_interfaces_only()) { 722 int i; 723 724 DEBUG(10,("queue_query_name: bind_interfaces_only is set, looking for suitable source IP\n")); 725 for(i = 0; i < iface_count(); i++) { 726 struct in_addr *ifip = iface_n_ip(i); 727 728 if(ifip == NULL) { 729 DEBUG(0,("queue_query_name: interface %d has NULL IP address !\n", i)); 730 continue; 731 } 732 733 if (ip_equal(*ifip,loopback_ip)) { 734 DEBUG(5,("queue_query_name: ignoring loopback interface (%d)\n", i)); 735 continue; 736 } 737 738 DEBUG(10,("queue_query_name: using source IP %s\n",inet_ntoa(*ifip))); 739 p->fd = find_subnet_fd_for_address( *ifip ); 740 break; 741 } 742 } 743 744 if(initiate_name_query_packet( p ) == False) { 745 p->locked = False; 746 free_packet(p); 747 return NULL; 748 } 749 750 if((rrec = make_response_record(subrec, /* subnet record. */ 751 p, /* packet we sent. */ 752 resp_fn, /* function to call on response. */ 753 timeout_fn, /* function to call on timeout. */ 754 (success_function)success_fn, /* function to call on operation success. */ 755 (fail_function)fail_fn, /* function to call on operation fail. */ 756 userdata)) == NULL) { 757 p->locked = False; 758 free_packet(p); 759 return NULL; 760 } 761 762 return rrec; 763} 764 765/**************************************************************************** 766 Queue a query name packet to a given address from the WINS subnet. 767****************************************************************************/ 768 769struct response_record *queue_query_name_from_wins_server( struct in_addr to_ip, 770 response_function resp_fn, 771 timeout_response_function timeout_fn, 772 query_name_success_function success_fn, 773 query_name_fail_function fail_fn, 774 struct userdata_struct *userdata, 775 struct nmb_name *nmbname) 776{ 777 struct packet_struct *p; 778 struct response_record *rrec; 779 780 if ((p = create_and_init_netbios_packet(nmbname, False, False, to_ip)) == NULL) 781 return NULL; 782 783 if(initiate_name_query_packet_from_wins_server( p ) == False) { 784 p->locked = False; 785 free_packet(p); 786 return NULL; 787 } 788 789 if((rrec = make_response_record(wins_server_subnet, /* subnet record. */ 790 p, /* packet we sent. */ 791 resp_fn, /* function to call on response. */ 792 timeout_fn, /* function to call on timeout. */ 793 (success_function)success_fn, /* function to call on operation success. */ 794 (fail_function)fail_fn, /* function to call on operation fail. */ 795 userdata)) == NULL) { 796 p->locked = False; 797 free_packet(p); 798 return NULL; 799 } 800 801 return rrec; 802} 803 804/**************************************************************************** 805 Queue a node status packet to a given name and address. 806****************************************************************************/ 807 808struct response_record *queue_node_status( struct subnet_record *subrec, 809 response_function resp_fn, 810 timeout_response_function timeout_fn, 811 node_status_success_function success_fn, 812 node_status_fail_function fail_fn, 813 struct userdata_struct *userdata, 814 struct nmb_name *nmbname, 815 struct in_addr send_ip) 816{ 817 struct packet_struct *p; 818 struct response_record *rrec; 819 820 /* Sanity check. */ 821 if(subrec != unicast_subnet) { 822 DEBUG(0,("queue_register_multihomed_name: should only be done on \ 823unicast subnet. subnet is %s\n.", subrec->subnet_name )); 824 return NULL; 825 } 826 827 if(assert_check_subnet(subrec)) 828 return NULL; 829 830 if(( p = create_and_init_netbios_packet(nmbname, False, False, send_ip)) == NULL) 831 return NULL; 832 833 if(initiate_node_status_packet(p) == False) { 834 p->locked = False; 835 free_packet(p); 836 return NULL; 837 } 838 839 if((rrec = make_response_record(subrec, /* subnet record. */ 840 p, /* packet we sent. */ 841 resp_fn, /* function to call on response. */ 842 timeout_fn, /* function to call on timeout. */ 843 (success_function)success_fn, /* function to call on operation success. */ 844 (fail_function)fail_fn, /* function to call on operation fail. */ 845 userdata)) == NULL) { 846 p->locked = False; 847 free_packet(p); 848 return NULL; 849 } 850 851 return rrec; 852} 853 854/**************************************************************************** 855 Reply to a netbios name packet. see rfc1002.txt 856****************************************************************************/ 857 858void reply_netbios_packet(struct packet_struct *orig_packet, 859 int rcode, enum netbios_reply_type_code rcv_code, int opcode, 860 int ttl, char *data,int len) 861{ 862 struct packet_struct packet; 863 struct nmb_packet *nmb = NULL; 864 struct res_rec answers; 865 struct nmb_packet *orig_nmb = &orig_packet->packet.nmb; 866 BOOL loopback_this_packet = False; 867 const char *packet_type = "unknown"; 868 869 /* Check if we are sending to or from ourselves. */ 870 if(ismyip(orig_packet->ip) && (orig_packet->port == global_nmb_port)) 871 loopback_this_packet = True; 872 873 nmb = &packet.packet.nmb; 874 875 /* Do a partial copy of the packet. We clear the locked flag and 876 the resource record pointers. */ 877 packet = *orig_packet; /* Full structure copy. */ 878 packet.locked = False; 879 nmb->answers = NULL; 880 nmb->nsrecs = NULL; 881 nmb->additional = NULL; 882 883 switch (rcv_code) { 884 case NMB_STATUS: 885 packet_type = "nmb_status"; 886 nmb->header.nm_flags.recursion_desired = False; 887 nmb->header.nm_flags.recursion_available = False; 888 break; 889 case NMB_QUERY: 890 packet_type = "nmb_query"; 891 nmb->header.nm_flags.recursion_desired = True; 892 nmb->header.nm_flags.recursion_available = True; 893 break; 894 case NMB_REG: 895 case NMB_REG_REFRESH: 896 packet_type = "nmb_reg"; 897 nmb->header.nm_flags.recursion_desired = True; 898 nmb->header.nm_flags.recursion_available = True; 899 break; 900 case NMB_REL: 901 packet_type = "nmb_rel"; 902 nmb->header.nm_flags.recursion_desired = False; 903 nmb->header.nm_flags.recursion_available = False; 904 break; 905 case NMB_WAIT_ACK: 906 packet_type = "nmb_wack"; 907 nmb->header.nm_flags.recursion_desired = False; 908 nmb->header.nm_flags.recursion_available = False; 909 break; 910 case WINS_REG: 911 packet_type = "wins_reg"; 912 nmb->header.nm_flags.recursion_desired = True; 913 nmb->header.nm_flags.recursion_available = True; 914 break; 915 case WINS_QUERY: 916 packet_type = "wins_query"; 917 nmb->header.nm_flags.recursion_desired = True; 918 nmb->header.nm_flags.recursion_available = True; 919 break; 920 default: 921 DEBUG(0,("reply_netbios_packet: Unknown packet type: %s %s to ip %s\n", 922 packet_type, nmb_namestr(&orig_nmb->question.question_name), 923 inet_ntoa(packet.ip))); 924 return; 925 } 926 927 DEBUG(4,("reply_netbios_packet: sending a reply of packet type: %s %s to ip %s \ 928for id %hu\n", packet_type, nmb_namestr(&orig_nmb->question.question_name), 929 inet_ntoa(packet.ip), orig_nmb->header.name_trn_id)); 930 931 nmb->header.name_trn_id = orig_nmb->header.name_trn_id; 932 nmb->header.opcode = opcode; 933 nmb->header.response = True; 934 nmb->header.nm_flags.bcast = False; 935 nmb->header.nm_flags.trunc = False; 936 nmb->header.nm_flags.authoritative = True; 937 938 nmb->header.rcode = rcode; 939 nmb->header.qdcount = 0; 940 nmb->header.ancount = 1; 941 nmb->header.nscount = 0; 942 nmb->header.arcount = 0; 943 944 memset((char*)&nmb->question,'\0',sizeof(nmb->question)); 945 946 nmb->answers = &answers; 947 memset((char*)nmb->answers,'\0',sizeof(*nmb->answers)); 948 949 nmb->answers->rr_name = orig_nmb->question.question_name; 950 nmb->answers->rr_type = orig_nmb->question.question_type; 951 nmb->answers->rr_class = orig_nmb->question.question_class; 952 nmb->answers->ttl = ttl; 953 954 if (data && len) { 955 nmb->answers->rdlength = len; 956 memcpy(nmb->answers->rdata, data, len); 957 } 958 959 packet.packet_type = NMB_PACKET; 960 /* Ensure we send out on the same fd that the original 961 packet came in on to give the correct source IP address. */ 962 packet.fd = orig_packet->fd; 963 packet.timestamp = time(NULL); 964 965 debug_nmb_packet(&packet); 966 967 if(loopback_this_packet) { 968 struct packet_struct *lo_packet; 969 DEBUG(5,("reply_netbios_packet: sending packet to ourselves.\n")); 970 if((lo_packet = copy_packet(&packet)) == NULL) 971 return; 972 queue_packet(lo_packet); 973 } else if (!send_packet(&packet)) { 974 DEBUG(0,("reply_netbios_packet: send_packet to IP %s port %d failed\n", 975 inet_ntoa(packet.ip),packet.port)); 976 } 977} 978 979/******************************************************************* 980 Queue a packet into a packet queue 981******************************************************************/ 982 983static void queue_packet(struct packet_struct *packet) 984{ 985 struct packet_struct *p; 986 987 if (!packet_queue) { 988 packet->prev = NULL; 989 packet->next = NULL; 990 packet_queue = packet; 991 return; 992 } 993 994 /* find the bottom */ 995 for (p=packet_queue;p->next;p=p->next) 996 ; 997 998 p->next = packet; 999 packet->next = NULL; 1000 packet->prev = p; 1001} 1002 1003/**************************************************************************** 1004 Try and find a matching subnet record for a datagram port 138 packet. 1005****************************************************************************/ 1006 1007static struct subnet_record *find_subnet_for_dgram_browse_packet(struct packet_struct *p) 1008{ 1009 struct subnet_record *subrec; 1010 1011 /* Go through all the broadcast subnets and see if the mask matches. */ 1012 for (subrec = FIRST_SUBNET; subrec ; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { 1013 if(same_net(p->ip, subrec->bcast_ip, subrec->mask_ip)) 1014 return subrec; 1015 } 1016 1017 /* If the subnet record is the remote announce broadcast subnet, 1018 hack it here to be the first subnet. This is really gross and 1019 is needed due to people turning on port 137/138 broadcast 1020 forwarding on their routers. May fire and brimstone rain 1021 down upon them... 1022 */ 1023 1024 return FIRST_SUBNET; 1025} 1026 1027/**************************************************************************** 1028Dispatch a browse frame from port 138 to the correct processing function. 1029****************************************************************************/ 1030 1031static void process_browse_packet(struct packet_struct *p, char *buf,int len) 1032{ 1033 struct dgram_packet *dgram = &p->packet.dgram; 1034 int command = CVAL(buf,0); 1035 struct subnet_record *subrec = find_subnet_for_dgram_browse_packet(p); 1036 char scope[64]; 1037 nstring src_name; 1038 1039 /* Drop the packet if it's a different NetBIOS scope, or the source is from one of our names. */ 1040 pull_ascii(scope, dgram->dest_name.scope, 64, 64, STR_TERMINATE); 1041 if (!strequal(scope, global_scope())) { 1042 DEBUG(7,("process_browse_packet: Discarding datagram from IP %s. Scope (%s) \ 1043mismatch with our scope (%s).\n", inet_ntoa(p->ip), scope, global_scope())); 1044 return; 1045 } 1046 1047 pull_ascii_nstring(src_name, dgram->source_name.name); 1048 if (is_myname(src_name)) { 1049 DEBUG(0,("process_browse_packet: Discarding datagram from IP %s. Source name \ 1050%s is one of our names !\n", inet_ntoa(p->ip), nmb_namestr(&dgram->source_name))); 1051 return; 1052 } 1053 1054 switch (command) { 1055 case ANN_HostAnnouncement: 1056 debug_browse_data(buf, len); 1057 process_host_announce(subrec, p, buf+1); 1058 break; 1059 case ANN_DomainAnnouncement: 1060 debug_browse_data(buf, len); 1061 process_workgroup_announce(subrec, p, buf+1); 1062 break; 1063 case ANN_LocalMasterAnnouncement: 1064 debug_browse_data(buf, len); 1065 process_local_master_announce(subrec, p, buf+1); 1066 break; 1067 case ANN_AnnouncementRequest: 1068 debug_browse_data(buf, len); 1069 process_announce_request(subrec, p, buf+1); 1070 break; 1071 case ANN_Election: 1072 debug_browse_data(buf, len); 1073 process_election(subrec, p, buf+1); 1074 break; 1075 case ANN_GetBackupListReq: 1076 debug_browse_data(buf, len); 1077 process_get_backup_list_request(subrec, p, buf+1); 1078 break; 1079 case ANN_GetBackupListResp: 1080 debug_browse_data(buf, len); 1081 /* We never send ANN_GetBackupListReq so we should never get these. */ 1082 DEBUG(0,("process_browse_packet: Discarding GetBackupListResponse \ 1083packet from %s IP %s\n", nmb_namestr(&dgram->source_name), inet_ntoa(p->ip))); 1084 break; 1085 case ANN_ResetBrowserState: 1086 debug_browse_data(buf, len); 1087 process_reset_browser(subrec, p, buf+1); 1088 break; 1089 case ANN_MasterAnnouncement: 1090 /* Master browser datagrams must be processed on the unicast subnet. */ 1091 subrec = unicast_subnet; 1092 1093 debug_browse_data(buf, len); 1094 process_master_browser_announce(subrec, p, buf+1); 1095 break; 1096 case ANN_BecomeBackup: 1097 /* 1098 * We don't currently implement this. Log it just in case. 1099 */ 1100 debug_browse_data(buf, len); 1101 DEBUG(10,("process_browse_packet: On subnet %s ignoring browse packet \ 1102command ANN_BecomeBackup from %s IP %s to %s\n", subrec->subnet_name, nmb_namestr(&dgram->source_name), 1103 inet_ntoa(p->ip), nmb_namestr(&dgram->dest_name))); 1104 break; 1105 default: 1106 debug_browse_data(buf, len); 1107 DEBUG(0,("process_browse_packet: On subnet %s ignoring browse packet \ 1108command code %d from %s IP %s to %s\n", subrec->subnet_name, command, nmb_namestr(&dgram->source_name), 1109 inet_ntoa(p->ip), nmb_namestr(&dgram->dest_name))); 1110 break; 1111 } 1112} 1113 1114/**************************************************************************** 1115 Dispatch a LanMan browse frame from port 138 to the correct processing function. 1116****************************************************************************/ 1117 1118static void process_lanman_packet(struct packet_struct *p, char *buf,int len) 1119{ 1120 struct dgram_packet *dgram = &p->packet.dgram; 1121 int command = SVAL(buf,0); 1122 struct subnet_record *subrec = find_subnet_for_dgram_browse_packet(p); 1123 char scope[64]; 1124 nstring src_name; 1125 1126 /* Drop the packet if it's a different NetBIOS scope, or the source is from one of our names. */ 1127 1128 pull_ascii(scope, dgram->dest_name.scope, 64, 64, STR_TERMINATE); 1129 if (!strequal(scope, global_scope())) { 1130 DEBUG(7,("process_lanman_packet: Discarding datagram from IP %s. Scope (%s) \ 1131mismatch with our scope (%s).\n", inet_ntoa(p->ip), scope, global_scope())); 1132 return; 1133 } 1134 1135 pull_ascii_nstring(src_name, dgram->source_name.name); 1136 if (is_myname(src_name)) { 1137 DEBUG(0,("process_lanman_packet: Discarding datagram from IP %s. Source name \ 1138%s is one of our names !\n", inet_ntoa(p->ip), nmb_namestr(&dgram->source_name))); 1139 return; 1140 } 1141 1142 switch (command) { 1143 case ANN_HostAnnouncement: 1144 debug_browse_data(buf, len); 1145 process_lm_host_announce(subrec, p, buf+1); 1146 break; 1147 case ANN_AnnouncementRequest: 1148 process_lm_announce_request(subrec, p, buf+1); 1149 break; 1150 default: 1151 DEBUG(0,("process_lanman_packet: On subnet %s ignoring browse packet \ 1152command code %d from %s IP %s to %s\n", subrec->subnet_name, command, nmb_namestr(&dgram->source_name), 1153 inet_ntoa(p->ip), nmb_namestr(&dgram->dest_name))); 1154 break; 1155 } 1156} 1157 1158/**************************************************************************** 1159 Determine if a packet is for us on port 138. Note that to have any chance of 1160 being efficient we need to drop as many packets as possible at this 1161 stage as subsequent processing is expensive. 1162****************************************************************************/ 1163 1164static BOOL listening(struct packet_struct *p,struct nmb_name *nbname) 1165{ 1166 struct subnet_record *subrec = NULL; 1167 1168 for (subrec = FIRST_SUBNET; subrec ; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { 1169 if(same_net(p->ip, subrec->bcast_ip, subrec->mask_ip)) 1170 break; 1171 } 1172 1173 if(subrec == NULL) 1174 subrec = unicast_subnet; 1175 1176 return (find_name_on_subnet(subrec, nbname, FIND_SELF_NAME) != NULL); 1177} 1178 1179/**************************************************************************** 1180 Process udp 138 datagrams 1181****************************************************************************/ 1182 1183static void process_dgram(struct packet_struct *p) 1184{ 1185 char *buf; 1186 char *buf2; 1187 int len; 1188 struct dgram_packet *dgram = &p->packet.dgram; 1189 1190 /* If we aren't listening to the destination name then ignore the packet */ 1191 if (!listening(p,&dgram->dest_name)) { 1192 unexpected_packet(p); 1193 DEBUG(5,("process_dgram: ignoring dgram packet sent to name %s from %s\n", 1194 nmb_namestr(&dgram->dest_name), inet_ntoa(p->ip))); 1195 return; 1196 } 1197 1198 if (dgram->header.msg_type != 0x10 && dgram->header.msg_type != 0x11 && dgram->header.msg_type != 0x12) { 1199 unexpected_packet(p); 1200 /* Don't process error packets etc yet */ 1201 DEBUG(5,("process_dgram: ignoring dgram packet sent to name %s from IP %s as it is \ 1202an error packet of type %x\n", nmb_namestr(&dgram->dest_name), inet_ntoa(p->ip), dgram->header.msg_type)); 1203 return; 1204 } 1205 1206 buf = &dgram->data[0]; 1207 buf -= 4; /* XXXX for the pseudo tcp length - someday I need to get rid of this */ 1208 1209 if (CVAL(buf,smb_com) != SMBtrans) 1210 return; 1211 1212 len = SVAL(buf,smb_vwv11); 1213 buf2 = smb_base(buf) + SVAL(buf,smb_vwv12); 1214 1215 if (len <= 0) 1216 return; 1217 1218 if (buf2 + len > buf + sizeof(dgram->data)) { 1219 DEBUG(2,("process_dgram: datagram from %s to %s IP %s for %s len=%d too long.\n", 1220 nmb_namestr(&dgram->source_name),nmb_namestr(&dgram->dest_name), 1221 inet_ntoa(p->ip), smb_buf(buf),len)); 1222 len = (buf + sizeof(dgram->data)) - buf; 1223 } 1224 1225 DEBUG(4,("process_dgram: datagram from %s to %s IP %s for %s of type %d len=%d\n", 1226 nmb_namestr(&dgram->source_name),nmb_namestr(&dgram->dest_name), 1227 inet_ntoa(p->ip), smb_buf(buf),CVAL(buf2,0),len)); 1228 1229 /* Datagram packet received for the browser mailslot */ 1230 if (strequal(smb_buf(buf),BROWSE_MAILSLOT)) { 1231 process_browse_packet(p,buf2,len); 1232 return; 1233 } 1234 1235 /* Datagram packet received for the LAN Manager mailslot */ 1236 if (strequal(smb_buf(buf),LANMAN_MAILSLOT)) { 1237 process_lanman_packet(p,buf2,len); 1238 return; 1239 } 1240 1241 /* Datagram packet received for the domain logon mailslot */ 1242 if (strequal(smb_buf(buf),NET_LOGON_MAILSLOT)) { 1243 process_logon_packet(p,buf2,len,NET_LOGON_MAILSLOT); 1244 return; 1245 } 1246 1247 /* Datagram packet received for the NT domain logon mailslot */ 1248 if (strequal(smb_buf(buf),NT_LOGON_MAILSLOT)) { 1249 process_logon_packet(p,buf2,len,NT_LOGON_MAILSLOT); 1250 return; 1251 } 1252 1253 unexpected_packet(p); 1254} 1255 1256/**************************************************************************** 1257 Validate a response nmb packet. 1258****************************************************************************/ 1259 1260static BOOL validate_nmb_response_packet( struct nmb_packet *nmb ) 1261{ 1262 BOOL ignore = False; 1263 1264 switch (nmb->header.opcode) { 1265 case NMB_NAME_REG_OPCODE: 1266 case NMB_NAME_REFRESH_OPCODE_8: /* ambiguity in rfc1002 about which is correct. */ 1267 case NMB_NAME_REFRESH_OPCODE_9: /* WinNT uses 8 by default. */ 1268 if (nmb->header.ancount == 0) { 1269 DEBUG(0,("validate_nmb_response_packet: Bad REG/REFRESH Packet. ")); 1270 ignore = True; 1271 } 1272 break; 1273 1274 case NMB_NAME_QUERY_OPCODE: 1275 if ((nmb->header.ancount != 0) && (nmb->header.ancount != 1)) { 1276 DEBUG(0,("validate_nmb_response_packet: Bad QUERY Packet. ")); 1277 ignore = True; 1278 } 1279 break; 1280 1281 case NMB_NAME_RELEASE_OPCODE: 1282 if (nmb->header.ancount == 0) { 1283 DEBUG(0,("validate_nmb_response_packet: Bad RELEASE Packet. ")); 1284 ignore = True; 1285 } 1286 break; 1287 1288 case NMB_WACK_OPCODE: 1289 /* Check WACK response here. */ 1290 if (nmb->header.ancount != 1) { 1291 DEBUG(0,("validate_nmb_response_packet: Bad WACK Packet. ")); 1292 ignore = True; 1293 } 1294 break; 1295 default: 1296 DEBUG(0,("validate_nmb_response_packet: Ignoring packet with unknown opcode %d.\n", 1297 nmb->header.opcode)); 1298 return True; 1299 } 1300 1301 if(ignore) 1302 DEBUG(0,("Ignoring response packet with opcode %d.\n", nmb->header.opcode)); 1303 1304 return ignore; 1305} 1306 1307/**************************************************************************** 1308 Validate a request nmb packet. 1309****************************************************************************/ 1310 1311static BOOL validate_nmb_packet( struct nmb_packet *nmb ) 1312{ 1313 BOOL ignore = False; 1314 1315 switch (nmb->header.opcode) { 1316 case NMB_NAME_REG_OPCODE: 1317 case NMB_NAME_REFRESH_OPCODE_8: /* ambiguity in rfc1002 about which is correct. */ 1318 case NMB_NAME_REFRESH_OPCODE_9: /* WinNT uses 8 by default. */ 1319 case NMB_NAME_MULTIHOMED_REG_OPCODE: 1320 if (nmb->header.qdcount==0 || nmb->header.arcount==0) { 1321 DEBUG(0,("validate_nmb_packet: Bad REG/REFRESH Packet. ")); 1322 ignore = True; 1323 } 1324 break; 1325 1326 case NMB_NAME_QUERY_OPCODE: 1327 if ((nmb->header.qdcount == 0) || ((nmb->question.question_type != QUESTION_TYPE_NB_QUERY) && 1328 (nmb->question.question_type != QUESTION_TYPE_NB_STATUS))) { 1329 DEBUG(0,("validate_nmb_packet: Bad QUERY Packet. ")); 1330 ignore = True; 1331 } 1332 break; 1333 1334 case NMB_NAME_RELEASE_OPCODE: 1335 if (nmb->header.qdcount==0 || nmb->header.arcount==0) { 1336 DEBUG(0,("validate_nmb_packet: Bad RELEASE Packet. ")); 1337 ignore = True; 1338 } 1339 break; 1340 default: 1341 DEBUG(0,("validate_nmb_packet: Ignoring packet with unknown opcode %d.\n", 1342 nmb->header.opcode)); 1343 return True; 1344 } 1345 1346 if(ignore) 1347 DEBUG(0,("validate_nmb_packet: Ignoring request packet with opcode %d.\n", nmb->header.opcode)); 1348 1349 return ignore; 1350} 1351 1352/**************************************************************************** 1353 Find a subnet (and potentially a response record) for a packet. 1354****************************************************************************/ 1355 1356static struct subnet_record *find_subnet_for_nmb_packet( struct packet_struct *p, 1357 struct response_record **pprrec) 1358{ 1359 struct nmb_packet *nmb = &p->packet.nmb; 1360 struct response_record *rrec = NULL; 1361 struct subnet_record *subrec = NULL; 1362 1363 if(pprrec != NULL) 1364 *pprrec = NULL; 1365 1366 if(nmb->header.response) { 1367 /* It's a response packet. Find a record for it or it's an error. */ 1368 1369 rrec = find_response_record( &subrec, nmb->header.name_trn_id); 1370 if(rrec == NULL) { 1371 DEBUG(3,("find_subnet_for_nmb_packet: response record not found for response id %hu\n", 1372 nmb->header.name_trn_id)); 1373 unexpected_packet(p); 1374 return NULL; 1375 } 1376 1377 if(subrec == NULL) { 1378 DEBUG(0,("find_subnet_for_nmb_packet: subnet record not found for response id %hu\n", 1379 nmb->header.name_trn_id)); 1380 return NULL; 1381 } 1382 1383 if(pprrec != NULL) 1384 *pprrec = rrec; 1385 return subrec; 1386 } 1387 1388 /* Try and see what subnet this packet belongs to. */ 1389 1390 /* WINS server ? */ 1391 if(packet_is_for_wins_server(p)) 1392 return wins_server_subnet; 1393 1394 /* If it wasn't a broadcast packet then send to the UNICAST subnet. */ 1395 if(nmb->header.nm_flags.bcast == False) 1396 return unicast_subnet; 1397 1398 /* Go through all the broadcast subnets and see if the mask matches. */ 1399 for (subrec = FIRST_SUBNET; subrec ; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { 1400 if(same_net(p->ip, subrec->bcast_ip, subrec->mask_ip)) 1401 return subrec; 1402 } 1403 1404 /* If none match it must have been a directed broadcast - assign the remote_broadcast_subnet. */ 1405 return remote_broadcast_subnet; 1406} 1407 1408/**************************************************************************** 1409 Process a nmb request packet - validate the packet and route it. 1410****************************************************************************/ 1411 1412static void process_nmb_request(struct packet_struct *p) 1413{ 1414 struct nmb_packet *nmb = &p->packet.nmb; 1415 struct subnet_record *subrec = NULL; 1416 1417 debug_nmb_packet(p); 1418 1419 /* Ensure we have a good packet. */ 1420 if(validate_nmb_packet(nmb)) 1421 return; 1422 1423 /* Allocate a subnet to this packet - if we cannot - fail. */ 1424 if((subrec = find_subnet_for_nmb_packet(p, NULL))==NULL) 1425 return; 1426 1427 switch (nmb->header.opcode) { 1428 case NMB_NAME_REG_OPCODE: 1429 if(subrec == wins_server_subnet) 1430 wins_process_name_registration_request(subrec, p); 1431 else 1432 process_name_registration_request(subrec, p); 1433 break; 1434 1435 case NMB_NAME_REFRESH_OPCODE_8: /* ambiguity in rfc1002 about which is correct. */ 1436 case NMB_NAME_REFRESH_OPCODE_9: 1437 if(subrec == wins_server_subnet) 1438 wins_process_name_refresh_request(subrec, p); 1439 else 1440 process_name_refresh_request(subrec, p); 1441 break; 1442 1443 case NMB_NAME_MULTIHOMED_REG_OPCODE: 1444 if(subrec == wins_server_subnet) { 1445 wins_process_multihomed_name_registration_request(subrec, p); 1446 } else { 1447 DEBUG(0,("process_nmb_request: Multihomed registration request must be \ 1448directed at a WINS server.\n")); 1449 } 1450 break; 1451 1452 case NMB_NAME_QUERY_OPCODE: 1453 switch (nmb->question.question_type) { 1454 case QUESTION_TYPE_NB_QUERY: 1455 if(subrec == wins_server_subnet) 1456 wins_process_name_query_request(subrec, p); 1457 else 1458 process_name_query_request(subrec, p); 1459 break; 1460 case QUESTION_TYPE_NB_STATUS: 1461 if(subrec == wins_server_subnet) { 1462 DEBUG(0,("process_nmb_request: NB_STATUS request directed at WINS server is \ 1463not allowed.\n")); 1464 break; 1465 } else { 1466 process_node_status_request(subrec, p); 1467 } 1468 break; 1469 } 1470 break; 1471 1472 case NMB_NAME_RELEASE_OPCODE: 1473 if(subrec == wins_server_subnet) 1474 wins_process_name_release_request(subrec, p); 1475 else 1476 process_name_release_request(subrec, p); 1477 break; 1478 } 1479} 1480 1481/**************************************************************************** 1482 Process a nmb response packet - validate the packet and route it. 1483 to either the WINS server or a normal response. 1484****************************************************************************/ 1485 1486static void process_nmb_response(struct packet_struct *p) 1487{ 1488 struct nmb_packet *nmb = &p->packet.nmb; 1489 struct subnet_record *subrec = NULL; 1490 struct response_record *rrec = NULL; 1491 1492 debug_nmb_packet(p); 1493 1494 if(validate_nmb_response_packet(nmb)) 1495 return; 1496 1497 if((subrec = find_subnet_for_nmb_packet(p, &rrec))==NULL) 1498 return; 1499 1500 if(rrec == NULL) { 1501 DEBUG(0,("process_nmb_response: response packet received but no response record \ 1502found for id = %hu. Ignoring packet.\n", nmb->header.name_trn_id)); 1503 return; 1504 } 1505 1506 /* Increment the number of responses received for this record. */ 1507 rrec->num_msgs++; 1508 /* Ensure we don't re-send the request. */ 1509 rrec->repeat_count = 0; 1510 1511 /* Call the response received function for this packet. */ 1512 (*rrec->resp_fn)(subrec, rrec, p); 1513} 1514 1515/******************************************************************* 1516 Run elements off the packet queue till its empty 1517******************************************************************/ 1518 1519void run_packet_queue(void) 1520{ 1521 struct packet_struct *p; 1522 1523 while ((p = packet_queue)) { 1524 packet_queue = p->next; 1525 if (packet_queue) 1526 packet_queue->prev = NULL; 1527 p->next = p->prev = NULL; 1528 1529 switch (p->packet_type) { 1530 case NMB_PACKET: 1531 if(p->packet.nmb.header.response) 1532 process_nmb_response(p); 1533 else 1534 process_nmb_request(p); 1535 break; 1536 1537 case DGRAM_PACKET: 1538 process_dgram(p); 1539 break; 1540 } 1541 free_packet(p); 1542 } 1543} 1544 1545/******************************************************************* 1546 Retransmit or timeout elements from all the outgoing subnet response 1547 record queues. NOTE that this code must also check the WINS server 1548 subnet for response records to timeout as the WINS server code 1549 can send requests to check if a client still owns a name. 1550 (Patch from Andrey Alekseyev <fetch@muffin.arcadia.spb.ru>). 1551******************************************************************/ 1552 1553void retransmit_or_expire_response_records(time_t t) 1554{ 1555 struct subnet_record *subrec; 1556 1557 for (subrec = FIRST_SUBNET; subrec; subrec = get_next_subnet_maybe_unicast_or_wins_server(subrec)) { 1558 struct response_record *rrec, *nextrrec; 1559 1560 for (rrec = subrec->responselist; rrec; rrec = nextrrec) { 1561 nextrrec = rrec->next; 1562 1563 if (rrec->repeat_time <= t) { 1564 if (rrec->repeat_count > 0) { 1565 /* Resend while we have a non-zero repeat_count. */ 1566 if(!send_packet(rrec->packet)) { 1567 DEBUG(0,("retransmit_or_expire_response_records: Failed to resend packet id %hu \ 1568to IP %s on subnet %s\n", rrec->response_id, inet_ntoa(rrec->packet->ip), subrec->subnet_name)); 1569 } 1570 rrec->repeat_time = t + rrec->repeat_interval; 1571 rrec->repeat_count--; 1572 } else { 1573 DEBUG(4,("retransmit_or_expire_response_records: timeout for packet id %hu to IP %s \ 1574on subnet %s\n", rrec->response_id, inet_ntoa(rrec->packet->ip), subrec->subnet_name)); 1575 1576 /* 1577 * Check the flag in this record to prevent recursion if we end 1578 * up in this function again via the timeout function call. 1579 */ 1580 1581 if(!rrec->in_expiration_processing) { 1582 1583 /* 1584 * Set the recursion protection flag in this record. 1585 */ 1586 1587 rrec->in_expiration_processing = True; 1588 1589 /* Call the timeout function. This will deal with removing the 1590 timed out packet. */ 1591 if(rrec->timeout_fn) { 1592 (*rrec->timeout_fn)(subrec, rrec); 1593 } else { 1594 /* We must remove the record ourself if there is 1595 no timeout function. */ 1596 remove_response_record(subrec, rrec); 1597 } 1598 } /* !rrec->in_expitation_processing */ 1599 } /* rrec->repeat_count > 0 */ 1600 } /* rrec->repeat_time <= t */ 1601 } /* end for rrec */ 1602 } /* end for subnet */ 1603} 1604 1605/**************************************************************************** 1606 Create an fd_set containing all the sockets in the subnet structures, 1607 plus the broadcast sockets. 1608***************************************************************************/ 1609 1610static BOOL create_listen_fdset(fd_set **ppset, int **psock_array, int *listen_number) 1611{ 1612 int *sock_array = NULL; 1613 struct subnet_record *subrec = NULL; 1614 int count = 0; 1615 int num = 0; 1616 fd_set *pset = (fd_set *)malloc(sizeof(fd_set)); 1617 1618 if(pset == NULL) { 1619 DEBUG(0,("create_listen_fdset: malloc fail !\n")); 1620 return True; 1621 } 1622 1623 /* Check that we can add all the fd's we need. */ 1624 for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) 1625 count++; 1626 1627 if((count*2) + 2 > FD_SETSIZE) { 1628 DEBUG(0,("create_listen_fdset: Too many file descriptors needed (%d). We can \ 1629only use %d.\n", (count*2) + 2, FD_SETSIZE)); 1630 return True; 1631 } 1632 1633 if((sock_array = (int *)malloc(((count*2) + 2)*sizeof(int))) == NULL) { 1634 DEBUG(0,("create_listen_fdset: malloc fail for socket array.\n")); 1635 return True; 1636 } 1637 1638 FD_ZERO(pset); 1639 1640 /* Add in the broadcast socket on 137. */ 1641 FD_SET(ClientNMB,pset); 1642 sock_array[num++] = ClientNMB; 1643 1644 /* Add in the 137 sockets on all the interfaces. */ 1645 for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { 1646 FD_SET(subrec->nmb_sock,pset); 1647 sock_array[num++] = subrec->nmb_sock; 1648 } 1649 1650 /* Add in the broadcast socket on 138. */ 1651 FD_SET(ClientDGRAM,pset); 1652 sock_array[num++] = ClientDGRAM; 1653 1654 /* Add in the 138 sockets on all the interfaces. */ 1655 for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { 1656 FD_SET(subrec->dgram_sock,pset); 1657 sock_array[num++] = subrec->dgram_sock; 1658 } 1659 1660 *listen_number = (count*2) + 2; 1661 1662 SAFE_FREE(*ppset); 1663 SAFE_FREE(*psock_array); 1664 1665 *ppset = pset; 1666 *psock_array = sock_array; 1667 1668 return False; 1669} 1670 1671/**************************************************************************** 1672 Listens for NMB or DGRAM packets, and queues them. 1673 return True if the socket is dead 1674***************************************************************************/ 1675 1676BOOL listen_for_packets(BOOL run_election) 1677{ 1678 static fd_set *listen_set = NULL; 1679 static int listen_number = 0; 1680 static int *sock_array = NULL; 1681 int i; 1682 1683 fd_set fds; 1684 int selrtn; 1685 struct timeval timeout; 1686#ifndef SYNC_DNS 1687 int dns_fd; 1688#endif 1689 1690 if(listen_set == NULL || rescan_listen_set) { 1691 if(create_listen_fdset(&listen_set, &sock_array, &listen_number)) { 1692 DEBUG(0,("listen_for_packets: Fatal error. unable to create listen set. Exiting.\n")); 1693 return True; 1694 } 1695 rescan_listen_set = False; 1696 } 1697 1698 memcpy((char *)&fds, (char *)listen_set, sizeof(fd_set)); 1699 1700#ifndef SYNC_DNS 1701 dns_fd = asyncdns_fd(); 1702 if (dns_fd != -1) { 1703 FD_SET(dns_fd, &fds); 1704 } 1705#endif 1706 1707 /* 1708 * During elections and when expecting a netbios response packet we 1709 * need to send election packets at tighter intervals. 1710 * Ideally it needs to be the interval (in ms) between time now and 1711 * the time we are expecting the next netbios packet. 1712 */ 1713 1714 timeout.tv_sec = (run_election||num_response_packets) ? 1 : NMBD_SELECT_LOOP; 1715 timeout.tv_usec = 0; 1716 1717 /* Prepare for the select - allow certain signals. */ 1718 1719 BlockSignals(False, SIGTERM); 1720 1721 selrtn = sys_select(FD_SETSIZE,&fds,NULL,NULL,&timeout); 1722 1723 /* We can only take signals when we are in the select - block them again here. */ 1724 1725 BlockSignals(True, SIGTERM); 1726 1727 if(selrtn == -1) { 1728 return False; 1729 } 1730 1731#ifndef SYNC_DNS 1732 if (dns_fd != -1 && FD_ISSET(dns_fd,&fds)) { 1733 run_dns_queue(); 1734 } 1735#endif 1736 1737 for(i = 0; i < listen_number; i++) { 1738 if (i < (listen_number/2)) { 1739 /* Processing a 137 socket. */ 1740 if (FD_ISSET(sock_array[i],&fds)) { 1741 struct packet_struct *packet = read_packet(sock_array[i], NMB_PACKET); 1742 if (packet) { 1743 /* 1744 * If we got a packet on the broadcast socket and interfaces 1745 * only is set then check it came from one of our local nets. 1746 */ 1747 if(lp_bind_interfaces_only() && (sock_array[i] == ClientNMB) && 1748 (!is_local_net(packet->ip))) { 1749 DEBUG(7,("discarding nmb packet sent to broadcast socket from %s:%d\n", 1750 inet_ntoa(packet->ip),packet->port)); 1751 free_packet(packet); 1752 } else if ((ip_equal(loopback_ip, packet->ip) || 1753 ismyip(packet->ip)) && packet->port == global_nmb_port && 1754 packet->packet.nmb.header.nm_flags.bcast) { 1755 DEBUG(7,("discarding own bcast packet from %s:%d\n", 1756 inet_ntoa(packet->ip),packet->port)); 1757 free_packet(packet); 1758 } else { 1759 /* Save the file descriptor this packet came in on. */ 1760 packet->fd = sock_array[i]; 1761 queue_packet(packet); 1762 } 1763 } 1764 } 1765 } else { 1766 /* Processing a 138 socket. */ 1767 if (FD_ISSET(sock_array[i],&fds)) { 1768 struct packet_struct *packet = read_packet(sock_array[i], DGRAM_PACKET); 1769 if (packet) { 1770 /* 1771 * If we got a packet on the broadcast socket and interfaces 1772 * only is set then check it came from one of our local nets. 1773 */ 1774 if(lp_bind_interfaces_only() && (sock_array[i] == ClientDGRAM) && 1775 (!is_local_net(packet->ip))) { 1776 DEBUG(7,("discarding dgram packet sent to broadcast socket from %s:%d\n", 1777 inet_ntoa(packet->ip),packet->port)); 1778 free_packet(packet); 1779 } else if ((ip_equal(loopback_ip, packet->ip) || 1780 ismyip(packet->ip)) && packet->port == DGRAM_PORT) { 1781 DEBUG(7,("discarding own dgram packet from %s:%d\n", 1782 inet_ntoa(packet->ip),packet->port)); 1783 free_packet(packet); 1784 } else { 1785 /* Save the file descriptor this packet came in on. */ 1786 packet->fd = sock_array[i]; 1787 queue_packet(packet); 1788 } 1789 } 1790 } 1791 } /* end processing 138 socket. */ 1792 } /* end for */ 1793 return False; 1794} 1795 1796/**************************************************************************** 1797 Construct and send a netbios DGRAM. 1798**************************************************************************/ 1799 1800BOOL send_mailslot(BOOL unique, const char *mailslot,char *buf, size_t len, 1801 const char *srcname, int src_type, 1802 const char *dstname, int dest_type, 1803 struct in_addr dest_ip,struct in_addr src_ip, 1804 int dest_port) 1805{ 1806 BOOL loopback_this_packet = False; 1807 struct packet_struct p; 1808 struct dgram_packet *dgram = &p.packet.dgram; 1809 char *ptr,*p2; 1810 char tmp[4]; 1811 1812 memset((char *)&p,'\0',sizeof(p)); 1813 1814 if(ismyip(dest_ip) && (dest_port == DGRAM_PORT)) /* Only if to DGRAM_PORT */ 1815 loopback_this_packet = True; 1816 1817 /* generate_name_trn_id(); */ /* Not used, so gone, RJS */ 1818 1819 /* DIRECT GROUP or UNIQUE datagram. */ 1820 dgram->header.msg_type = unique ? 0x10 : 0x11; 1821 dgram->header.flags.node_type = M_NODE; 1822 dgram->header.flags.first = True; 1823 dgram->header.flags.more = False; 1824 dgram->header.dgm_id = generate_name_trn_id(); 1825 dgram->header.source_ip = src_ip; 1826 dgram->header.source_port = DGRAM_PORT; 1827 dgram->header.dgm_length = 0; /* Let build_dgram() handle this. */ 1828 dgram->header.packet_offset = 0; 1829 1830 make_nmb_name(&dgram->source_name,srcname,src_type); 1831 make_nmb_name(&dgram->dest_name,dstname,dest_type); 1832 1833 ptr = &dgram->data[0]; 1834 1835 /* Setup the smb part. */ 1836 ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */ 1837 memcpy(tmp,ptr,4); 1838 set_message(ptr,17,strlen(mailslot) + 1 + len,True); 1839 memcpy(ptr,tmp,4); 1840 1841 SCVAL(ptr,smb_com,SMBtrans); 1842 SSVAL(ptr,smb_vwv1,len); 1843 SSVAL(ptr,smb_vwv11,len); 1844 SSVAL(ptr,smb_vwv12,70 + strlen(mailslot)); 1845 SSVAL(ptr,smb_vwv13,3); 1846 SSVAL(ptr,smb_vwv14,1); 1847 SSVAL(ptr,smb_vwv15,1); 1848 SSVAL(ptr,smb_vwv16,2); 1849 p2 = smb_buf(ptr); 1850 safe_strcpy_base(p2, mailslot, dgram->data, sizeof(dgram->data)); 1851 p2 = skip_string(p2,1); 1852 1853 if (((p2+len) > dgram->data+sizeof(dgram->data)) || ((p2+len) < p2)) { 1854 DEBUG(0, ("send_mailslot: Cannot write beyond end of packet\n")); 1855 return False; 1856 } else { 1857 memcpy(p2,buf,len); 1858 p2 += len; 1859 } 1860 1861 dgram->datasize = PTR_DIFF(p2,ptr+4); /* +4 for tcp length. */ 1862 1863 p.ip = dest_ip; 1864 p.port = dest_port; 1865 p.fd = find_subnet_mailslot_fd_for_address( src_ip ); 1866 p.timestamp = time(NULL); 1867 p.packet_type = DGRAM_PACKET; 1868 1869 DEBUG(4,("send_mailslot: Sending to mailslot %s from %s IP %s ", mailslot, 1870 nmb_namestr(&dgram->source_name), inet_ntoa(src_ip))); 1871 DEBUG(4,("to %s IP %s\n", nmb_namestr(&dgram->dest_name), inet_ntoa(dest_ip))); 1872 1873 debug_browse_data(buf, len); 1874 1875 if(loopback_this_packet) { 1876 struct packet_struct *lo_packet = NULL; 1877 DEBUG(5,("send_mailslot: sending packet to ourselves.\n")); 1878 if((lo_packet = copy_packet(&p)) == NULL) 1879 return False; 1880 queue_packet(lo_packet); 1881 return True; 1882 } else { 1883 return(send_packet(&p)); 1884 } 1885} 1886