void dns_save_send(DNS_HANDLE pDcb, PCHAR pDomainName, USHORT sAddr, UCHAR iBankOffset, UCHAR iType)
{
PCHAR pBuf;
BOOLEAN bDns1Failed, bDns2Failed;
bDns1Failed = IsValidIP(Sys_pDnsIp) ? FALSE : TRUE;
bDns2Failed = IsValidIP(Sys_pDnsIp2) ? FALSE : TRUE;
if (bDns1Failed && bDns2Failed)
{
dns_failed(sAddr, iBankOffset);
return;
}
pBuf = heap_save_str(pDomainName);
if (pBuf)
{
pDcb->iBankOffset = iBankOffset;
pDcb->sCallBack = sAddr;
pDcb->iState = DS_PENDING;
rand_array(pDcb->pID, DNS_ID_LEN);
pDcb->iType = iType;
pDcb->pName = pBuf;
pDcb->bDns1Failed = bDns1Failed;
pDcb->bDns2Failed = bDns2Failed;
dns_send(pDcb);
}
else
{
// dns module resource limited, try later
dns_failed(sAddr, iBankOffset);
}
}
IPaddr_t resolv(char *host)
{
IPaddr_t ip;
const char *ns;
if (!string_to_ip(host, &ip))
return ip;
dns_ip = 0;
dns_state = STATE_INIT;
ns = getenv("net.nameserver");
if (!ns || !*ns) {
printk("%s: no nameserver specified in $net.nameserver\n",
__func__);
return 0;
}
if (string_to_ip(ns, &ip))
return 0;
debug("resolving host %s via nameserver %s\n", host, ip_to_string(ip));
dns_con = net_udp_new(ip, DNS_PORT, dns_handler, NULL);
if (IS_ERR(dns_con))
return PTR_ERR(dns_con);
dns_timer_start = get_time_ns();
dns_send(host);
while (dns_state != STATE_DONE) {
if (ctrlc()) {
break;
}
net_poll();
if (is_timeout(dns_timer_start, SECOND)) {
dns_timer_start = get_time_ns();
printf("T ");
dns_send(host);
}
}
net_unregister(dns_con);
return dns_ip;
}
void dns_start(void)
{
debug("%s\n", __func__);
net_set_timeout_handler(DNS_TIMEOUT, dns_timeout_handler);
net_set_udp_handler(dns_handler);
/* Clear a previous MAC address, the server IP might have changed. */
memset(net_server_ethaddr, 0, sizeof(net_server_ethaddr));
dns_send();
}
void DnsTimer()
{
UCHAR i;
DNS_HANDLE pDcb;
pDcb = _pDcbData;
for (i = 0; i < DNS_CB_TSIZE; i ++)
{
if (pDcb->iState == DS_PENDING)
{
pDcb->iTimer ++;
if (pDcb->iTimer >= DNS_RETRY_TIMEOUT)
{
pDcb->iTimer = 0;
pDcb->iRetry ++;
if (pDcb->iRetry > DNS_MAX_RETRY)
{
// dns failed, do something here
pDcb->iRetry = 0;
dns_failed(pDcb->sCallBack, pDcb->iBankOffset);
dns_dealloc(pDcb);
}
else
{
dns_send(pDcb);
}
}
}
else if (pDcb->iState == DS_RESOLVED)
{
if (!pDcb->iTimer)
{
if (!pDcb->iRetry)
{
// cache time out, remove this entry
dns_dealloc(pDcb);
}
else
{
pDcb->iRetry --;
pDcb->iTimer = 255;
}
}
else
{
pDcb->iTimer --;
}
}
pDcb ++;
}
}
static DNS_ERROR dns_negotiate_gss_ctx_int( TALLOC_CTX *mem_ctx,
struct dns_connection *conn,
const char *keyname,
const gss_name_t target_name,
gss_ctx_id_t *ctx,
enum dns_ServerType srv_type )
{
struct gss_buffer_desc_struct input_desc, *input_ptr, output_desc;
OM_uint32 major, minor;
OM_uint32 ret_flags;
DNS_ERROR err;
gss_OID_desc krb5_oid_desc =
{ 9, (const char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" };
*ctx = GSS_C_NO_CONTEXT;
input_ptr = NULL;
do {
major = gss_init_sec_context(
&minor, NULL, ctx, target_name, &krb5_oid_desc,
GSS_C_REPLAY_FLAG | GSS_C_MUTUAL_FLAG |
GSS_C_CONF_FLAG |
GSS_C_INTEG_FLAG,
0, NULL, input_ptr, NULL, &output_desc,
&ret_flags, NULL );
if (input_ptr != NULL) {
TALLOC_FREE(input_desc.value);
}
if (output_desc.length != 0) {
struct dns_request *req;
struct dns_rrec *rec;
struct dns_buffer *buf;
time_t t = time(NULL);
err = dns_create_query(mem_ctx, keyname, QTYPE_TKEY,
DNS_CLASS_IN, &req);
if (!ERR_DNS_IS_OK(err)) goto error;
err = dns_create_tkey_record(
req, keyname, "gss.microsoft.com", t,
t + 86400, DNS_TKEY_MODE_GSSAPI, 0,
output_desc.length, (uint8 *)output_desc.value,
&rec );
if (!ERR_DNS_IS_OK(err)) goto error;
/* Windows 2000 DNS is broken and requires the
TKEY payload in the Answer section instead
of the Additional seciton like Windows 2003 */
if ( srv_type == DNS_SRV_WIN2000 ) {
err = dns_add_rrec(req, rec, &req->num_answers,
&req->answers);
} else {
err = dns_add_rrec(req, rec, &req->num_additionals,
&req->additionals);
}
if (!ERR_DNS_IS_OK(err)) goto error;
err = dns_marshall_request(req, req, &buf);
if (!ERR_DNS_IS_OK(err)) goto error;
err = dns_send(conn, buf);
if (!ERR_DNS_IS_OK(err)) goto error;
TALLOC_FREE(req);
}
gss_release_buffer(&minor, &output_desc);
if ((major != GSS_S_COMPLETE) &&
(major != GSS_S_CONTINUE_NEEDED)) {
return ERROR_DNS_GSS_ERROR;
}
if (major == GSS_S_CONTINUE_NEEDED) {
struct dns_request *resp;
struct dns_buffer *buf;
struct dns_tkey_record *tkey;
err = dns_receive(mem_ctx, conn, &buf);
if (!ERR_DNS_IS_OK(err)) goto error;
err = dns_unmarshall_request(buf, buf, &resp);
if (!ERR_DNS_IS_OK(err)) goto error;
/*
* TODO: Compare id and keyname
*/
if ((resp->num_additionals != 1) ||
(resp->num_answers == 0) ||
(resp->answers[0]->type != QTYPE_TKEY)) {
err = ERROR_DNS_INVALID_MESSAGE;
goto error;
}
err = dns_unmarshall_tkey_record(
mem_ctx, resp->answers[0], &tkey);
if (!ERR_DNS_IS_OK(err)) goto error;
input_desc.length = tkey->key_length;
input_desc.value = talloc_move(mem_ctx, &tkey->key);
input_ptr = &input_desc;
TALLOC_FREE(buf);
}
} while ( major == GSS_S_CONTINUE_NEEDED );
/* If we arrive here, we have a valid security context */
err = ERROR_DNS_SUCCESS;
error:
return err;
}
