/*
setup our listening sockets on the configured network interfaces
*/
static NTSTATUS cldapd_startup_interfaces(struct cldapd_server *cldapd, struct loadparm_context *lp_ctx,
struct interface *ifaces)
{
int i, num_interfaces;
TALLOC_CTX *tmp_ctx = talloc_new(cldapd);
NTSTATUS status;
num_interfaces = iface_list_count(ifaces);
/* if we are allowing incoming packets from any address, then
we need to bind to the wildcard address */
if (!lpcfg_bind_interfaces_only(lp_ctx)) {
const char **wcard = iface_list_wildcard(cldapd, lp_ctx);
NT_STATUS_HAVE_NO_MEMORY(wcard);
for (i=0; wcard[i]; i++) {
status = cldapd_add_socket(cldapd, lp_ctx, wcard[i]);
NT_STATUS_NOT_OK_RETURN(status);
}
talloc_free(wcard);
}
/* now we have to also listen on the specific interfaces,
so that replies always come from the right IP */
for (i=0; i<num_interfaces; i++) {
const char *address = talloc_strdup(tmp_ctx, iface_list_n_ip(ifaces, i));
status = cldapd_add_socket(cldapd, lp_ctx, address);
NT_STATUS_NOT_OK_RETURN(status);
}
talloc_free(tmp_ctx);
return NT_STATUS_OK;
}
/*
startup the nbtd task
*/
static void nbtd_task_init(struct task_server *task)
{
struct nbtd_server *nbtsrv;
NTSTATUS status;
struct interface *ifaces;
load_interface_list(task, task->lp_ctx, &ifaces);
if (iface_list_count(ifaces) == 0) {
task_server_terminate(task, "nbtd: no network interfaces configured", false);
return;
}
if (lpcfg_disable_netbios(task->lp_ctx)) {
task_server_terminate(task, "nbtd: 'disable netbios = yes' set in smb.conf, shutting down nbt server", false);
return;
}
task_server_set_title(task, "task[nbtd]");
nbtsrv = talloc(task, struct nbtd_server);
if (nbtsrv == NULL) {
task_server_terminate(task, "nbtd: out of memory", true);
return;
}
nbtsrv->task = task;
nbtsrv->interfaces = NULL;
nbtsrv->bcast_interface = NULL;
nbtsrv->wins_interface = NULL;
/* start listening on the configured network interfaces */
status = nbtd_startup_interfaces(nbtsrv, task->lp_ctx, ifaces);
if (!NT_STATUS_IS_OK(status)) {
task_server_terminate(task, "nbtd failed to setup interfaces", true);
return;
}
nbtsrv->sam_ctx = samdb_connect(nbtsrv, task->event_ctx, task->lp_ctx, system_session(task->lp_ctx), 0);
if (nbtsrv->sam_ctx == NULL) {
task_server_terminate(task, "nbtd failed to open samdb", true);
return;
}
/* start the WINS server, if appropriate */
status = nbtd_winsserver_init(nbtsrv);
if (!NT_STATUS_IS_OK(status)) {
task_server_terminate(task, "nbtd failed to start WINS server", true);
return;
}
nbtd_register_irpc(nbtsrv);
/* start the process of registering our names on all interfaces */
nbtd_register_names(nbtsrv);
irpc_add_name(task->msg_ctx, "nbt_server");
}
/*
open the smb server sockets
*/
static void samba3_smb_task_init(struct task_server *task)
{
NTSTATUS status;
const struct model_ops *model_ops;
model_ops = process_model_startup("standard");
if (model_ops == NULL) {
goto failed;
}
task_server_set_title(task, "task[samba3_smb]");
if (lpcfg_interfaces(task->lp_ctx)
&& lpcfg_bind_interfaces_only(task->lp_ctx)) {
int num_interfaces;
int i;
struct interface *ifaces;
load_interface_list(task, task->lp_ctx, &ifaces);
num_interfaces = iface_list_count(ifaces);
/* We have been given an interfaces line, and been
told to only bind to those interfaces. Create a
socket per interface and bind to only these.
*/
for(i = 0; i < num_interfaces; i++) {
const char *address = iface_list_n_ip(ifaces, i);
status = samba3_add_socket(task,
task->event_ctx,
task->lp_ctx,
model_ops, address);
if (!NT_STATUS_IS_OK(status)) goto failed;
}
} else {
const char **wcard;
int i;
wcard = iface_list_wildcard(task, task->lp_ctx);
if (wcard == NULL) {
DEBUG(0,("No wildcard addresses available\n"));
goto failed;
}
for (i=0; wcard[i]; i++) {
status = samba3_add_socket(task,
task->event_ctx, task->lp_ctx,
model_ops,
wcard[i]);
if (!NT_STATUS_IS_OK(status)) goto failed;
}
talloc_free(wcard);
}
return;
failed:
task_server_terminate(task, "Failed to startup samba3 smb task", true);
}
/*
startup the cldapd task
*/
static void cldapd_task_init(struct task_server *task)
{
struct cldapd_server *cldapd;
NTSTATUS status;
struct interface *ifaces;
load_interface_list(task, task->lp_ctx, &ifaces);
if (iface_list_count(ifaces) == 0) {
task_server_terminate(task, "cldapd: no network interfaces configured", false);
return;
}
switch (lpcfg_server_role(task->lp_ctx)) {
case ROLE_STANDALONE:
task_server_terminate(task, "cldap_server: no CLDAP server required in standalone configuration",
false);
return;
case ROLE_DOMAIN_MEMBER:
task_server_terminate(task, "cldap_server: no CLDAP server required in member server configuration",
false);
return;
case ROLE_ACTIVE_DIRECTORY_DC:
/* Yes, we want an CLDAP server */
break;
}
task_server_set_title(task, "task[cldapd]");
cldapd = talloc(task, struct cldapd_server);
if (cldapd == NULL) {
task_server_terminate(task, "cldapd: out of memory", true);
return;
}
cldapd->task = task;
cldapd->samctx = samdb_connect(cldapd,
task->event_ctx,
task->lp_ctx,
system_session(task->lp_ctx),
NULL,
0);
if (cldapd->samctx == NULL) {
task_server_terminate(task, "cldapd failed to open samdb", true);
return;
}
/* start listening on the configured network interfaces */
status = cldapd_startup_interfaces(cldapd, task->lp_ctx, ifaces);
if (!NT_STATUS_IS_OK(status)) {
task_server_terminate(task, "cldapd failed to setup interfaces", true);
return;
}
irpc_add_name(task->msg_ctx, "cldap_server");
}
/*
startup the kdc task
*/
static void kdc_task_init(struct task_server *task)
{
struct kdc_server *kdc;
krb5_kdc_configuration *kdc_config = NULL;
NTSTATUS status;
krb5_error_code ret;
struct interface *ifaces;
int ldb_ret;
switch (lpcfg_server_role(task->lp_ctx)) {
case ROLE_STANDALONE:
task_server_terminate(task, "kdc: no KDC required in standalone configuration", false);
return;
case ROLE_DOMAIN_MEMBER:
task_server_terminate(task, "kdc: no KDC required in member server configuration", false);
return;
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
task_server_terminate(task, "Cannot start KDC as a 'classic Samba' DC", true);
return;
case ROLE_ACTIVE_DIRECTORY_DC:
/* Yes, we want a KDC */
break;
}
load_interface_list(task, task->lp_ctx, &ifaces);
if (iface_list_count(ifaces) == 0) {
task_server_terminate(task, "kdc: no network interfaces configured", false);
return;
}
task_server_set_title(task, "task[kdc]");
kdc = talloc_zero(task, struct kdc_server);
if (kdc == NULL) {
task_server_terminate(task, "kdc: out of memory", true);
return;
}
kdc->task = task;
/* get a samdb connection */
kdc->samdb = samdb_connect(kdc,
kdc->task->event_ctx,
kdc->task->lp_ctx,
system_session(kdc->task->lp_ctx),
NULL,
0);
if (!kdc->samdb) {
DEBUG(1,("kdc_task_init: unable to connect to samdb\n"));
task_server_terminate(task, "kdc: krb5_init_context samdb connect failed", true);
return;
}
ldb_ret = samdb_rodc(kdc->samdb, &kdc->am_rodc);
if (ldb_ret != LDB_SUCCESS) {
DEBUG(1, ("kdc_task_init: Cannot determine if we are an RODC: %s\n",
ldb_errstring(kdc->samdb)));
task_server_terminate(task, "kdc: krb5_init_context samdb RODC connect failed", true);
return;
}
kdc->proxy_timeout = lpcfg_parm_int(kdc->task->lp_ctx, NULL, "kdc", "proxy timeout", 5);
initialize_krb5_error_table();
ret = smb_krb5_init_context(kdc, task->lp_ctx, &kdc->smb_krb5_context);
if (ret) {
DEBUG(1,("kdc_task_init: krb5_init_context failed (%s)\n",
error_message(ret)));
task_server_terminate(task, "kdc: krb5_init_context failed", true);
return;
}
krb5_add_et_list(kdc->smb_krb5_context->krb5_context, initialize_hdb_error_table_r);
ret = krb5_kdc_get_config(kdc->smb_krb5_context->krb5_context,
&kdc_config);
if(ret) {
task_server_terminate(task, "kdc: failed to get KDC configuration", true);
return;
}
kdc_config->logf = (krb5_log_facility *)kdc->smb_krb5_context->pvt_log_data;
kdc_config->db = talloc(kdc, struct HDB *);
if (!kdc_config->db) {
task_server_terminate(task, "kdc: out of memory", true);
return;
}
kdc_config->num_db = 1;
/*
* This restores the behavior before
* commit 255e3e18e00f717d99f3bc57c8a8895ff624f3c3
* s4:heimdal: import lorikeet-heimdal-201107150856
* (commit 48936803fae4a2fb362c79365d31f420c917b85b)
*
* as_use_strongest_session_key,preauth_use_strongest_session_key
* and tgs_use_strongest_session_key are input to the
* _kdc_find_etype() function. The old bahavior is in
* the use_strongest_session_key=FALSE code path.
* (The only remaining difference in _kdc_find_etype()
* is the is_preauth parameter.)
*
* The old behavior in the _kdc_get_preferred_key()
* function is use_strongest_server_key=TRUE.
*/
kdc_config->as_use_strongest_session_key = false;
kdc_config->preauth_use_strongest_session_key = false;
kdc_config->tgs_use_strongest_session_key = false;
kdc_config->use_strongest_server_key = true;
kdc_config->autodetect_referrals = false;
/* Register hdb-samba4 hooks for use as a keytab */
kdc->base_ctx = talloc_zero(kdc, struct samba_kdc_base_context);
if (!kdc->base_ctx) {
task_server_terminate(task, "kdc: out of memory", true);
return;
}
kdc->base_ctx->ev_ctx = task->event_ctx;
kdc->base_ctx->lp_ctx = task->lp_ctx;
kdc->base_ctx->msg_ctx = task->msg_ctx;
status = hdb_samba4_create_kdc(kdc->base_ctx,
kdc->smb_krb5_context->krb5_context,
&kdc_config->db[0]);
if (!NT_STATUS_IS_OK(status)) {
task_server_terminate(task, "kdc: hdb_samba4_create_kdc (setup KDC database) failed", true);
return;
}
ret = krb5_plugin_register(kdc->smb_krb5_context->krb5_context,
PLUGIN_TYPE_DATA, "hdb",
&hdb_samba4_interface);
if(ret) {
task_server_terminate(task, "kdc: failed to register hdb plugin", true);
return;
}
ret = krb5_kt_register(kdc->smb_krb5_context->krb5_context, &hdb_kt_ops);
if(ret) {
task_server_terminate(task, "kdc: failed to register keytab plugin", true);
return;
}
kdc->keytab_name = talloc_asprintf(kdc, "HDB:samba4&%p", kdc->base_ctx);
if (kdc->keytab_name == NULL) {
task_server_terminate(task,
"kdc: Failed to set keytab name",
true);
return;
}
/* Register WinDC hooks */
ret = krb5_plugin_register(kdc->smb_krb5_context->krb5_context,
PLUGIN_TYPE_DATA, "windc",
&windc_plugin_table);
if(ret) {
task_server_terminate(task, "kdc: failed to register windc plugin", true);
return;
}
ret = krb5_kdc_windc_init(kdc->smb_krb5_context->krb5_context);
if(ret) {
task_server_terminate(task, "kdc: failed to init windc plugin", true);
return;
}
ret = krb5_kdc_pkinit_config(kdc->smb_krb5_context->krb5_context, kdc_config);
if(ret) {
task_server_terminate(task, "kdc: failed to init kdc pkinit subsystem", true);
return;
}
kdc->private_data = kdc_config;
/* start listening on the configured network interfaces */
status = kdc_startup_interfaces(kdc, task->lp_ctx, ifaces,
task->model_ops);
if (!NT_STATUS_IS_OK(status)) {
task_server_terminate(task, "kdc failed to setup interfaces", true);
return;
}
status = IRPC_REGISTER(task->msg_ctx, irpc, KDC_CHECK_GENERIC_KERBEROS,
kdc_check_generic_kerberos, kdc);
if (!NT_STATUS_IS_OK(status)) {
task_server_terminate(task, "kdc failed to setup monitoring", true);
return;
}
irpc_add_name(task->msg_ctx, "kdc_server");
}
/*
setup our listening sockets on the configured network interfaces
*/
static NTSTATUS kdc_startup_interfaces(struct kdc_server *kdc,
struct loadparm_context *lp_ctx,
struct interface *ifaces,
const struct model_ops *model_ops)
{
int num_interfaces;
TALLOC_CTX *tmp_ctx = talloc_new(kdc);
NTSTATUS status;
int i;
uint16_t kdc_port = lpcfg_krb5_port(lp_ctx);
uint16_t kpasswd_port = lpcfg_kpasswd_port(lp_ctx);
bool done_wildcard = false;
num_interfaces = iface_list_count(ifaces);
/* if we are allowing incoming packets from any address, then
we need to bind to the wildcard address */
if (!lpcfg_bind_interfaces_only(lp_ctx)) {
int num_binds = 0;
char **wcard = iface_list_wildcard(kdc);
NT_STATUS_HAVE_NO_MEMORY(wcard);
for (i=0; wcard[i]; i++) {
if (kdc_port) {
status = kdc_add_socket(kdc, model_ops,
"kdc", wcard[i], kdc_port,
kdc_process, false);
if (NT_STATUS_IS_OK(status)) {
num_binds++;
}
}
if (kpasswd_port) {
status = kdc_add_socket(kdc, model_ops,
"kpasswd", wcard[i], kpasswd_port,
kpasswd_process, false);
if (NT_STATUS_IS_OK(status)) {
num_binds++;
}
}
}
talloc_free(wcard);
if (num_binds == 0) {
return NT_STATUS_INVALID_PARAMETER_MIX;
}
done_wildcard = true;
}
for (i=0; i<num_interfaces; i++) {
const char *address = talloc_strdup(tmp_ctx, iface_list_n_ip(ifaces, i));
if (kdc_port) {
status = kdc_add_socket(kdc, model_ops,
"kdc", address, kdc_port,
kdc_process, done_wildcard);
NT_STATUS_NOT_OK_RETURN(status);
}
if (kpasswd_port) {
status = kdc_add_socket(kdc, model_ops,
"kpasswd", address, kpasswd_port,
kpasswd_process, done_wildcard);
NT_STATUS_NOT_OK_RETURN(status);
}
}
talloc_free(tmp_ctx);
return NT_STATUS_OK;
}
static bool process_one(struct loadparm_context *lp_ctx, struct tevent_context *ev,
struct interface *ifaces, const char *name, int nbt_port)
{
TALLOC_CTX *tmp_ctx = talloc_new(NULL);
enum nbt_name_type node_type = NBT_NAME_CLIENT;
char *node_name, *p;
struct socket_address *all_zero_addr;
struct nbt_name_socket *nbtsock;
NTSTATUS status = NT_STATUS_OK;
bool ret = true;
if (!options.case_sensitive) {
name = strupper_talloc(tmp_ctx, name);
}
if (options.find_master) {
node_type = NBT_NAME_MASTER;
if (*name == '-' || *name == '_') {
name = "\01\02__MSBROWSE__\02";
node_type = NBT_NAME_MS;
}
}
p = strchr(name, '#');
if (p) {
node_name = talloc_strndup(tmp_ctx, name, PTR_DIFF(p,name));
node_type = (enum nbt_name_type)strtol(p+1, NULL, 16);
} else {
node_name = talloc_strdup(tmp_ctx, name);
}
nbtsock = nbt_name_socket_init(tmp_ctx, ev);
if (options.root_port) {
all_zero_addr = socket_address_from_strings(tmp_ctx, nbtsock->sock->backend_name,
"0.0.0.0", NBT_NAME_SERVICE_PORT);
if (!all_zero_addr) {
talloc_free(tmp_ctx);
return false;
}
status = socket_listen(nbtsock->sock, all_zero_addr, 0, 0);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to bind to local port 137 - %s\n", nt_errstr(status));
talloc_free(tmp_ctx);
return false;
}
}
if (options.lookup_by_ip) {
ret = do_node_status(nbtsock, name, nbt_port);
talloc_free(tmp_ctx);
return ret;
}
if (options.broadcast_address) {
status = do_node_query(nbtsock, options.broadcast_address, nbt_port,
node_name, node_type, true);
} else if (options.unicast_address) {
status = do_node_query(nbtsock, options.unicast_address,
nbt_port, node_name, node_type, false);
} else {
int i, num_interfaces;
num_interfaces = iface_list_count(ifaces);
for (i=0;i<num_interfaces;i++) {
const char *bcast = iface_list_n_bcast(ifaces, i);
if (bcast == NULL) continue;
status = do_node_query(nbtsock, bcast, nbt_port,
node_name, node_type, true);
if (NT_STATUS_IS_OK(status)) break;
}
}
if (!NT_STATUS_IS_OK(status)) {
printf("Lookup failed - %s\n", nt_errstr(status));
ret = false;
}
talloc_free(tmp_ctx);
return ret;
}
/*
return the list of interface IPs we have configured
takes an loadparm context, returns a list of IPs in string form
Does not return addresses on 127.0.0.0/8
*/
static PyObject *py_interface_ips(PyObject *self, PyObject *args)
{
PyObject *pylist;
int count;
TALLOC_CTX *tmp_ctx;
PyObject *py_lp_ctx;
struct loadparm_context *lp_ctx;
struct interface *ifaces;
int i, ifcount;
int all_interfaces = 1;
if (!PyArg_ParseTuple(args, "O|i", &py_lp_ctx, &all_interfaces))
return NULL;
tmp_ctx = talloc_new(NULL);
if (tmp_ctx == NULL) {
PyErr_NoMemory();
return NULL;
}
lp_ctx = lpcfg_from_py_object(tmp_ctx, py_lp_ctx);
if (lp_ctx == NULL) {
talloc_free(tmp_ctx);
return NULL;
}
load_interface_list(tmp_ctx, lp_ctx, &ifaces);
count = iface_list_count(ifaces);
/* first count how many are not loopback addresses */
for (ifcount = i = 0; i<count; i++) {
const char *ip = iface_list_n_ip(ifaces, i);
if (all_interfaces) {
ifcount++;
continue;
}
if (iface_list_same_net(ip, "127.0.0.1", "255.0.0.0")) {
continue;
}
if (iface_list_same_net(ip, "169.254.0.0", "255.255.0.0")) {
continue;
}
if (iface_list_same_net(ip, "::1", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff")) {
continue;
}
if (iface_list_same_net(ip, "fe80::", "ffff:ffff:ffff:ffff::")) {
continue;
}
ifcount++;
}
pylist = PyList_New(ifcount);
for (ifcount = i = 0; i<count; i++) {
const char *ip = iface_list_n_ip(ifaces, i);
if (all_interfaces) {
PyList_SetItem(pylist, ifcount, PyString_FromString(ip));
ifcount++;
continue;
}
if (iface_list_same_net(ip, "127.0.0.1", "255.0.0.0")) {
continue;
}
if (iface_list_same_net(ip, "169.254.0.0", "255.255.0.0")) {
continue;
}
if (iface_list_same_net(ip, "::1", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff")) {
continue;
}
if (iface_list_same_net(ip, "fe80::", "ffff:ffff:ffff:ffff::")) {
continue;
}
PyList_SetItem(pylist, ifcount, PyString_FromString(ip));
ifcount++;
}
talloc_free(tmp_ctx);
return pylist;
}
/*
startup the wrepl port 42 server sockets
*/
NTSTATUS wreplsrv_setup_sockets(struct wreplsrv_service *service, struct loadparm_context *lp_ctx)
{
NTSTATUS status;
struct task_server *task = service->task;
const struct model_ops *model_ops;
const char *address;
uint16_t port = WINS_REPLICATION_PORT;
/* within the wrepl task we want to be a single process, so
ask for the single process model ops and pass these to the
stream_setup_socket() call. */
model_ops = process_model_startup("single");
if (!model_ops) {
DEBUG(0,("Can't find 'single' process model_ops"));
return NT_STATUS_INTERNAL_ERROR;
}
if (lpcfg_interfaces(lp_ctx) && lpcfg_bind_interfaces_only(lp_ctx)) {
int num_interfaces;
int i;
struct interface *ifaces;
load_interface_list(task, lp_ctx, &ifaces);
num_interfaces = iface_list_count(ifaces);
/* We have been given an interfaces line, and been
told to only bind to those interfaces. Create a
socket per interface and bind to only these.
*/
for(i = 0; i < num_interfaces; i++) {
if (!iface_list_n_is_v4(ifaces, i)) {
continue;
}
address = iface_list_n_ip(ifaces, i);
status = stream_setup_socket(task, task->event_ctx,
task->lp_ctx, model_ops,
&wreplsrv_stream_ops,
"ipv4", address, &port,
lpcfg_socket_options(task->lp_ctx),
service);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("stream_setup_socket(address=%s,port=%u) failed - %s\n",
address, port, nt_errstr(status)));
return status;
}
}
} else {
address = "0.0.0.0";
status = stream_setup_socket(task, task->event_ctx, task->lp_ctx,
model_ops, &wreplsrv_stream_ops,
"ipv4", address, &port, lpcfg_socket_options(task->lp_ctx),
service);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("stream_setup_socket(address=%s,port=%u) failed - %s\n",
address, port, nt_errstr(status)));
return status;
}
}
return NT_STATUS_OK;
}
struct dnsserver_serverinfo *dnsserver_init_serverinfo(TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx,
struct ldb_context *samdb)
{
struct dnsserver_serverinfo *serverinfo;
struct dcerpc_server_info *dinfo;
struct ldb_dn *domain_dn, *forest_dn;
struct interface *ifaces;
int num_interfaces, i;
serverinfo = talloc_zero(mem_ctx, struct dnsserver_serverinfo);
if (serverinfo == NULL) {
return NULL;
}
dinfo = lpcfg_dcerpc_server_info(mem_ctx, lp_ctx);
if (dinfo) {
serverinfo->dwVersion = (dinfo->version_build & 0x0000FFFF) << 16 |
(dinfo->version_minor & 0x000000FF) << 8 |
(dinfo->version_major & 0x000000FF);
talloc_free(dinfo);
} else {
serverinfo->dwVersion = 0x0ECE0205; /* build, os_minor, os_major */;
}
serverinfo->fBootMethod = DNS_BOOT_METHOD_DIRECTORY;
serverinfo->fAdminConfigured = 0;
serverinfo->fAllowUpdate = 1;
serverinfo->fDsAvailable = 1;
serverinfo->pszServerName = talloc_asprintf(mem_ctx, "%s.%s",
lpcfg_netbios_name(lp_ctx),
lpcfg_dnsdomain(lp_ctx));
domain_dn = ldb_get_default_basedn(samdb);
forest_dn = ldb_get_root_basedn(samdb);
serverinfo->pszDsContainer = talloc_asprintf(mem_ctx,
"CN=MicrosoftDNS,DC=DomainDnsZones,%s",
ldb_dn_get_linearized(domain_dn));
serverinfo->dwDsForestVersion = dsdb_forest_functional_level(samdb);
serverinfo->dwDsDomainVersion = dsdb_functional_level(samdb);
serverinfo->dwDsDsaVersion = 4; /* need to do ldb search here */
serverinfo->pszDomainName = samdb_dn_to_dns_domain(mem_ctx, domain_dn);
serverinfo->pszForestName = samdb_dn_to_dns_domain(mem_ctx, forest_dn);
serverinfo->pszDomainDirectoryPartition = talloc_asprintf(mem_ctx,
"DC=DomainDnsZones,%s",
ldb_dn_get_linearized(domain_dn));
serverinfo->pszForestDirectoryPartition = talloc_asprintf(mem_ctx,
"DC=ForestDnsZones,%s",
ldb_dn_get_linearized(forest_dn));
load_interface_list(mem_ctx, lp_ctx, &ifaces);
num_interfaces = iface_list_count(ifaces);
serverinfo->aipServerAddrs = talloc_zero(mem_ctx, struct IP4_ARRAY);
if (serverinfo->aipServerAddrs) {
serverinfo->aipServerAddrs->AddrCount = num_interfaces;
if (num_interfaces > 0) {
serverinfo->aipServerAddrs->AddrArray = talloc_zero_array(mem_ctx,
unsigned int,
num_interfaces);
if (serverinfo->aipServerAddrs->AddrArray) {
for (i=0; i<num_interfaces; i++) {
serverinfo->aipServerAddrs->AddrArray[i] = inet_addr(iface_list_n_ip(ifaces, i));
}
} else {
serverinfo->aipServerAddrs->AddrCount = 0;
}
}
/*
startup the web server task
*/
static void websrv_task_init(struct task_server *task)
{
NTSTATUS status;
uint16_t port = lpcfg_web_port(task->lp_ctx);
const struct model_ops *model_ops;
struct web_server_data *wdata;
task_server_set_title(task, "task[websrv]");
/* run the web server as a single process */
model_ops = process_model_startup("single");
if (!model_ops) goto failed;
/* startup the Python processor - unfortunately we can't do this
per connection as that wouldn't allow for session variables */
wdata = talloc_zero(task, struct web_server_data);
if (wdata == NULL) goto failed;
wdata->task = task;
task->private_data = wdata;
if (lpcfg_interfaces(task->lp_ctx) && lpcfg_bind_interfaces_only(task->lp_ctx)) {
int num_interfaces;
int i;
struct interface *ifaces;
load_interface_list(NULL, task->lp_ctx, &ifaces);
num_interfaces = iface_list_count(ifaces);
for(i = 0; i < num_interfaces; i++) {
const char *address = iface_list_n_ip(ifaces, i);
status = stream_setup_socket(task,
task->event_ctx,
task->lp_ctx, model_ops,
&web_stream_ops,
"ip", address,
&port, lpcfg_socket_options(task->lp_ctx),
task);
if (!NT_STATUS_IS_OK(status)) goto failed;
}
talloc_free(ifaces);
} else {
char **wcard;
int i;
wcard = iface_list_wildcard(task);
if (wcard == NULL) {
DEBUG(0,("No wildcard addresses available\n"));
goto failed;
}
for (i=0; wcard[i]; i++) {
status = stream_setup_socket(task, task->event_ctx,
task->lp_ctx, model_ops,
&web_stream_ops,
"ip", wcard[i],
&port, lpcfg_socket_options(task->lp_ctx),
wdata);
if (!NT_STATUS_IS_OK(status)) goto failed;
}
talloc_free(wcard);
}
wdata->tls_params = tls_initialise(wdata, task->lp_ctx);
if (wdata->tls_params == NULL) goto failed;
if (!wsgi_initialize(wdata)) goto failed;
return;
failed:
task_server_terminate(task, "websrv_task_init: failed to startup web server task", true);
}
/*
setup our listening sockets on the configured network interfaces
*/
NTSTATUS nbtd_startup_interfaces(struct nbtd_server *nbtsrv, struct loadparm_context *lp_ctx,
struct interface *ifaces)
{
int num_interfaces = iface_list_count(ifaces);
int i;
TALLOC_CTX *tmp_ctx = talloc_new(nbtsrv);
NTSTATUS status;
/* if we are allowing incoming packets from any address, then
we also need to bind to the wildcard address */
if (!lpcfg_bind_interfaces_only(lp_ctx)) {
const char *primary_address;
primary_address = iface_list_first_v4(ifaces);
/* the primary address is the address we will return
for non-WINS queries not made on a specific
interface */
if (primary_address == NULL) {
primary_address = inet_ntoa(interpret_addr2(
lpcfg_netbios_name(lp_ctx)));
}
primary_address = talloc_strdup(tmp_ctx, primary_address);
NT_STATUS_HAVE_NO_MEMORY(primary_address);
status = nbtd_add_socket(nbtsrv,
lp_ctx,
"0.0.0.0",
primary_address,
talloc_strdup(tmp_ctx, "255.255.255.255"),
talloc_strdup(tmp_ctx, "0.0.0.0"));
NT_STATUS_NOT_OK_RETURN(status);
}
for (i=0; i<num_interfaces; i++) {
const char *bcast;
const char *address, *netmask;
if (!iface_list_n_is_v4(ifaces, i)) {
/* v4 only for NBT protocol */
continue;
}
bcast = iface_list_n_bcast(ifaces, i);
/* we can't assume every interface is broadcast capable */
if (bcast == NULL) continue;
address = talloc_strdup(tmp_ctx, iface_list_n_ip(ifaces, i));
bcast = talloc_strdup(tmp_ctx, bcast);
netmask = talloc_strdup(tmp_ctx, iface_list_n_netmask(ifaces, i));
status = nbtd_add_socket(nbtsrv, lp_ctx,
address, address, bcast, netmask);
NT_STATUS_NOT_OK_RETURN(status);
}
if (lpcfg_wins_server_list(lp_ctx)) {
status = nbtd_add_wins_socket(nbtsrv);
NT_STATUS_NOT_OK_RETURN(status);
}
talloc_free(tmp_ctx);
return NT_STATUS_OK;
}
