static void ipip_receive(void *argp)
{
int addrlen;
int hdr_len;
int l;
int32 ipaddr;
struct edv_t *edv;
struct iface *ifp;
struct ip *ipptr;
struct mbuf *bp;
struct sockaddr_in addr;
uint8 buf[MAX_FRAME];
uint8 *bufptr;
ifp = (struct iface *) argp;
edv = (struct edv_t *) ifp->edv;
addrlen = sizeof(addr);
l = recvfrom(edv->fd, (char *) (bufptr = buf), sizeof(buf), 0, (struct sockaddr *) &addr, &addrlen);
if (edv->type == USE_IP) {
if (l <= sizeof(struct ip)) goto Fail;
ipptr = (struct ip *) bufptr;
hdr_len = 4 * ipptr->ip_hl;
bufptr += hdr_len;
l -= hdr_len;
}
if (l <= 0) goto Fail;
if ((ipaddr = get32(bufptr + 12)) && ismyaddr(ipaddr) == NULL)
rt_add(ipaddr, 32, (int32) ntohl(addr.sin_addr.s_addr), ifp, 1L, 0x7fffffff / 1000, 0);
bp = qdata(bufptr, l);
net_route(ifp, &bp);
return;
Fail:
ifp->crcerrors++;
}
static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
{
struct cli_state *cli = NULL;
char *desthost = NULL;
struct sockaddr_storage dest_ss;
const char *p;
char *pserver = NULL;
bool connected_ok = False;
struct named_mutex *mutex = NULL;
NTSTATUS status;
pserver = talloc_strdup(mem_ctx, lp_passwordserver());
p = pserver;
while(next_token_talloc(mem_ctx, &p, &desthost, LIST_SEP)) {
desthost = talloc_sub_basic(mem_ctx,
current_user_info.smb_name,
current_user_info.domain,
desthost);
if (!desthost) {
return NULL;
}
strupper_m(desthost);
if (strequal(desthost, myhostname())) {
DEBUG(1,("Password server loop - disabling "
"password server %s\n", desthost));
continue;
}
if(!resolve_name( desthost, &dest_ss, 0x20, false)) {
DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",desthost));
continue;
}
if (ismyaddr((struct sockaddr *)(void *)&dest_ss)) {
DEBUG(1,("Password server loop - disabling password server %s\n",desthost));
continue;
}
/* we use a mutex to prevent two connections at once - when a
Win2k PDC get two connections where one hasn't completed a
session setup yet it will send a TCP reset to the first
connection (tridge) */
mutex = grab_named_mutex(talloc_tos(), desthost, 10);
if (mutex == NULL) {
return NULL;
}
status = cli_connect_nb(desthost, &dest_ss, 0, 0x20,
lp_netbios_name(), Undefined, &cli);
if (NT_STATUS_IS_OK(status)) {
DEBUG(3,("connected to password server %s\n",desthost));
connected_ok = True;
break;
}
DEBUG(10,("server_cryptkey: failed to connect to server %s. Error %s\n",
desthost, nt_errstr(status) ));
TALLOC_FREE(mutex);
}
if (!connected_ok) {
DEBUG(0,("password server not available\n"));
return NULL;
}
/* security = server just can't function with spnego */
cli->use_spnego = False;
DEBUG(3,("got session\n"));
status = cli_negprot(cli);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(mutex);
DEBUG(1, ("%s rejected the negprot: %s\n",
desthost, nt_errstr(status)));
cli_shutdown(cli);
return NULL;
}
if (cli->protocol < PROTOCOL_LANMAN2 ||
!(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
TALLOC_FREE(mutex);
DEBUG(1,("%s isn't in user level security mode\n",desthost));
cli_shutdown(cli);
return NULL;
}
/* Get the first session setup done quickly, to avoid silly
Win2k bugs. (The next connection to the server will kill
this one...
*/
status = cli_session_setup(cli, "", "", 0, "", 0, "");
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(mutex);
DEBUG(0,("%s rejected the initial session setup (%s)\n",
desthost, nt_errstr(status)));
cli_shutdown(cli);
return NULL;
}
TALLOC_FREE(mutex);
DEBUG(3,("password server OK\n"));
return cli;
}
/* Send an IP datagram. Modeled after the example interface on p 32 of
* RFC 791
*/
int
ip_send(
int32 source, /* source address */
int32 dest, /* Destination address */
char protocol, /* Protocol */
char tos, /* Type of service */
char ttl, /* Time-to-live */
struct mbuf **bpp, /* Data portion of datagram */
uint16 length, /* Optional length of data portion */
uint16 id, /* Optional identification */
char df /* Don't-fragment flag */
){
struct ip ip; /* IP header */
ipOutRequests++;
if(bpp == NULL)
return -1;
if(source == INADDR_ANY)
source = locaddr(dest);
if(length == 0 && *bpp != NULL)
length = len_p(*bpp);
if(id == 0)
id = Id_cntr++;
if(ttl == 0)
ttl = ipDefaultTTL;
/* Fill in IP header */
ip.version = IPVERSION;
ip.tos = tos;
ip.length = IPLEN + length;
ip.id = id;
ip.offset = 0;
ip.flags.mf = 0;
ip.flags.df = df;
ip.flags.congest = 0;
ip.ttl = ttl;
ip.protocol = protocol;
ip.source = source;
ip.dest = dest;
ip.optlen = 0;
if(Ip_trace)
dumpip(NULL,&ip,*bpp,0);
htonip(&ip,bpp,IP_CS_NEW);
if(ismyaddr(ip.dest)){
/* Pretend it has been sent by the loopback interface before
* it appears in the receive queue
*/
#ifdef SIM
net_sim(bpp);
#else
net_route(&Loopback,bpp);
#endif
Loopback.ipsndcnt++;
Loopback.rawsndcnt++;
Loopback.lastsent = secclock();
} else
net_route(NULL,bpp);
return 0;
}
bool ismyip_v4(struct in_addr ip)
{
struct sockaddr_storage ss;
in_addr_to_sockaddr_storage(&ss, ip);
return ismyaddr((struct sockaddr *)&ss);
}