static void find_all_domain_master_names_query_success(struct subnet_record *subrec, struct userdata_struct *userdata_in, struct nmb_name *q_name, struct in_addr answer_ip, struct res_rec *rrec) { /* * We now have a list of all the domain master browsers for all workgroups * that have registered with the WINS server. Now do a node status request * to each one and look for the first 1b name in the reply. This will be * the workgroup name that we will add to the unicast subnet as a 'non-local' * workgroup. */ struct nmb_name nmbname; struct in_addr send_ip; int i; if( DEBUGLVL( 5 ) ) { dbgtext( "find_all_domain_master_names_query_succes:\n" ); dbgtext( "Got answer from WINS server of %d ", (rrec->rdlength / 6) ); dbgtext( "IP addresses for Domain Master Browsers.\n" ); } for(i = 0; i < rrec->rdlength / 6; i++) { /* Initiate the node status requests. */ make_nmb_name(&nmbname, "*", 0); putip((char *)&send_ip, (char *)&rrec->rdata[(i*6) + 2]); /* * Don't send node status requests to ourself. */ if(ismyip( send_ip )) { if( DEBUGLVL( 5 ) ) { dbgtext( "find_all_domain_master_names_query_succes:\n" ); dbgtext( "Not sending node status to our own IP " ); dbgtext( "%s.\n", inet_ntoa(send_ip) ); } continue; } if( DEBUGLVL( 5 ) ) { dbgtext( "find_all_domain_master_names_query_success:\n" ); dbgtext( "Sending node status request to IP %s.\n", inet_ntoa(send_ip) ); } node_status( subrec, &nmbname, send_ip, get_domain_master_name_node_status_success, get_domain_master_name_node_status_fail, NULL); } }
/******************************************************** resolve via "wins" method *********************************************************/ static BOOL resolve_wins (const char *name, struct in_addr *return_ip, int name_type) { int sock; struct in_addr wins_ip; BOOL wins_ismyip; /* * "wins" means do a unicast lookup to the WINS server. * Ignore if there is no WINS server specified or if the * WINS server is one of our interfaces (if we're being * called from within nmbd - we can't do this call as we * would then block). */ DEBUG (3, ("resolve_name: Attempting wins lookup for name %s<0x%x>\n", name, name_type)); if (!*lp_wins_server ()) { DEBUG (3, ("resolve_name: WINS server resolution selected and no WINS server present.\n")); return False; } wins_ip = *interpret_addr2 (lp_wins_server ()); wins_ismyip = ismyip (wins_ip); if ((wins_ismyip && !global_in_nmbd) || !wins_ismyip) { sock = open_socket_in (SOCK_DGRAM, 0, 3, interpret_addr (lp_socket_address ()), True); if (sock != -1) { struct in_addr *iplist = NULL; int count; iplist = name_query (sock, name, name_type, False, True, wins_ip, &count, NULL); if (iplist != NULL) { *return_ip = iplist[0]; free ((char *) iplist); close (sock); return True; } close (sock); } } return False; }
static void announce_local_master_browser_to_domain_master_browser( struct work_record *work) { pstring outbuf; unstring myname; unstring dmb_name; char *p; if(ismyip(work->dmb_addr)) { if( DEBUGLVL( 2 ) ) { dbgtext( "announce_local_master_browser_to_domain_master_browser:\n" ); dbgtext( "We are both a domain and a local master browser for " ); dbgtext( "workgroup %s. ", work->work_group ); dbgtext( "Do not announce to ourselves.\n" ); } return; } memset(outbuf,'\0',sizeof(outbuf)); p = outbuf; SCVAL(p,0,ANN_MasterAnnouncement); p++; unstrcpy(myname, global_myname()); strupper_m(myname); myname[15]='\0'; /* The call below does CH_UNIX -> CH_DOS conversion. JRA */ push_pstring_base(p, myname, outbuf); p = skip_string(p,1); if( DEBUGLVL( 4 ) ) { dbgtext( "announce_local_master_browser_to_domain_master_browser:\n" ); dbgtext( "Sending local master announce to " ); dbgtext( "%s for workgroup %s.\n", nmb_namestr(&work->dmb_name), work->work_group ); } /* Target name for send_mailslot must be in UNIX charset. */ pull_ascii_nstring(dmb_name, sizeof(dmb_name), work->dmb_name.name); send_mailslot(True, BROWSE_MAILSLOT, outbuf,PTR_DIFF(p,outbuf), global_myname(), 0x0, dmb_name, 0x0, work->dmb_addr, FIRST_SUBNET->myip, DGRAM_PORT); }
static void announce_local_master_browser_to_domain_master_browser( struct work_record *work) { pstring outbuf; char *p; if(ismyip(work->dmb_addr)) { if( DEBUGLVL( 2 ) ) { dbgtext( "announce_local_master_browser_to_domain_master_browser:\n" ); dbgtext( "We are both a domain and a local master browser for " ); dbgtext( "workgroup %s. ", work->work_group ); dbgtext( "Do not announce to ourselves.\n" ); } return; } memset(outbuf,'\0',sizeof(outbuf)); p = outbuf; SCVAL(p,0,ANN_MasterAnnouncement); p++; StrnCpy(p,global_myname,15); strupper(p); p = skip_string(p,1); if( DEBUGLVL( 4 ) ) { dbgtext( "announce_local_master_browser_to_domain_master_browser:\n" ); dbgtext( "Sending local master announce to " ); dbgtext( "%s for workgroup %s.\n", nmb_namestr(&work->dmb_name), work->work_group ); } send_mailslot(True, BROWSE_MAILSLOT, outbuf,PTR_DIFF(p,outbuf), global_myname, 0x0, work->dmb_name.name, 0x0, work->dmb_addr, FIRST_SUBNET->myip, DGRAM_PORT); }
static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) { struct cli_state *cli = NULL; fstring desthost; struct in_addr dest_ip; const char *p; char *pserver; BOOL connected_ok = False; if (!(cli = cli_initialise())) return NULL; /* security = server just can't function with spnego */ cli->use_spnego = False; pserver = talloc_strdup(mem_ctx, lp_passwordserver()); p = pserver; while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) { standard_sub_basic(current_user_info.smb_name, current_user_info.domain, desthost, sizeof(desthost)); strupper_m(desthost); if(!resolve_name( desthost, &dest_ip, 0x20)) { DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",desthost)); continue; } if (ismyip(dest_ip)) { DEBUG(1,("Password server loop - disabling password server %s\n",desthost)); continue; } /* we use a mutex to prevent two connections at once - when a Win2k PDC get two connections where one hasn't completed a session setup yet it will send a TCP reset to the first connection (tridge) */ if (!grab_server_mutex(desthost)) { return NULL; } if (cli_connect(cli, desthost, &dest_ip)) { DEBUG(3,("connected to password server %s\n",desthost)); connected_ok = True; break; } } if (!connected_ok) { release_server_mutex(); DEBUG(0,("password server not available\n")); cli_shutdown(cli); return NULL; } if (!attempt_netbios_session_request(&cli, global_myname(), desthost, &dest_ip)) { release_server_mutex(); DEBUG(1,("password server fails session request\n")); cli_shutdown(cli); return NULL; } if (strequal(desthost,myhostname())) { exit_server_cleanly("Password server loop!"); } DEBUG(3,("got session\n")); if (!cli_negprot(cli)) { DEBUG(1,("%s rejected the negprot\n",desthost)); release_server_mutex(); cli_shutdown(cli); return NULL; } if (cli->protocol < PROTOCOL_LANMAN2 || !(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) { DEBUG(1,("%s isn't in user level security mode\n",desthost)); release_server_mutex(); cli_shutdown(cli); return NULL; } /* Get the first session setup done quickly, to avoid silly Win2k bugs. (The next connection to the server will kill this one... */ if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 0, "", 0, ""))) { DEBUG(0,("%s rejected the initial session setup (%s)\n", desthost, cli_errstr(cli))); release_server_mutex(); cli_shutdown(cli); return NULL; } release_server_mutex(); DEBUG(3,("password server OK\n")); return cli; }
/**************************************************************************** support for server level security ****************************************************************************/ struct cli_state *server_cryptkey(void) { fstring desthost; struct in_addr dest_ip; extern fstring local_machine; char *p; if (!cli_initialise(&cli)) return NULL; for (p=strtok(lp_passwordserver(),LIST_SEP); p ; p = strtok(NULL,LIST_SEP)) { fstrcpy(desthost,p); standard_sub_basic(desthost); strupper(desthost); if(!resolve_name( desthost, &dest_ip)) { DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",p)); continue; } if (ismyip(dest_ip)) { DEBUG(1,("Password server loop - disabling password server %s\n",p)); continue; } if (cli_connect(&cli, desthost, &dest_ip)) { DEBUG(3,("connected to password server %s\n",p)); break; } } if (!p) { DEBUG(1,("password server not available\n")); cli_shutdown(&cli); return NULL; } if (!cli_session_request(&cli, desthost, 0x20, local_machine)) { DEBUG(1,("%s rejected the session\n",desthost)); cli_shutdown(&cli); return NULL; } DEBUG(3,("got session\n")); if (!cli_negprot(&cli)) { DEBUG(1,("%s rejected the negprot\n",desthost)); cli_shutdown(&cli); return NULL; } if (cli.protocol < PROTOCOL_LANMAN2 || !(cli.sec_mode & 1)) { DEBUG(1,("%s isn't in user level security mode\n",desthost)); cli_shutdown(&cli); return NULL; } DEBUG(3,("password server OK\n")); return &cli; }