mirror of
https://github.com/samba-team/samba.git
synced 2025-02-02 09:47:23 +03:00
r14709: allways use the unicast socket of the interface, when reply to DGRAM
requests... this fixes a bug where I thought windows would try KRB5 via broadcast... metze (This used to be commit 0e7b224294ce6a3b5bbdc284181ab496a5a0c058)
This commit is contained in:
Stefan Metzmacher
Gerald (Jerry) Carter
parent
3451ba729d
commit
767685e9fd
@ -33,11 +33,13 @@
|
||||
reply to a GETDC request
|
||||
*/
|
||||
static void nbtd_netlogon_getdc(struct dgram_mailslot_handler *dgmslot,
|
||||
struct nbtd_interface *iface,
|
||||
struct nbt_dgram_packet *packet,
|
||||
const struct socket_address *src,
|
||||
struct nbt_netlogon_packet *netlogon)
|
||||
{
|
||||
struct nbt_name *name = &packet->data.msg.dest_name;
|
||||
struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, False);
|
||||
struct nbt_netlogon_packet reply;
|
||||
struct nbt_netlogon_response_from_pdc *pdc;
|
||||
const char *ref_attrs[] = {"nETBIOSName", NULL};
|
||||
@ -80,7 +82,7 @@ static void nbtd_netlogon_getdc(struct dgram_mailslot_handler *dgmslot,
|
||||
|
||||
packet->data.msg.dest_name.type = 0;
|
||||
|
||||
dgram_mailslot_netlogon_reply(dgmslot->dgmsock,
|
||||
dgram_mailslot_netlogon_reply(reply_iface->dgmsock,
|
||||
packet,
|
||||
netlogon->req.pdc.mailslot_name,
|
||||
&reply);
|
||||
@ -90,12 +92,14 @@ static void nbtd_netlogon_getdc(struct dgram_mailslot_handler *dgmslot,
|
||||
/*
|
||||
reply to a ADS style GETDC request
|
||||
*/
|
||||
static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot,
|
||||
static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot,
|
||||
struct nbtd_interface *iface,
|
||||
struct nbt_dgram_packet *packet,
|
||||
const struct socket_address *src,
|
||||
struct nbt_netlogon_packet *netlogon)
|
||||
{
|
||||
struct nbt_name *name = &packet->data.msg.dest_name;
|
||||
struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, False);
|
||||
struct nbt_netlogon_packet reply;
|
||||
struct nbt_netlogon_response_from_pdc2 *pdc;
|
||||
struct ldb_context *samctx;
|
||||
@ -104,7 +108,7 @@ static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot,
|
||||
struct ldb_message **ref_res, **dom_res;
|
||||
int ret;
|
||||
const char **services = lp_server_services();
|
||||
struct socket_address *my_ip = socket_get_my_addr(dgmslot->dgmsock->sock, packet);
|
||||
const char *my_ip = reply_iface->ip_address;
|
||||
if (!my_ip) {
|
||||
DEBUG(0, ("Could not obtain own IP address for datagram socket\n"));
|
||||
return;
|
||||
@ -188,14 +192,14 @@ static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot,
|
||||
pdc->site_name2 = "Default-First-Site-Name";
|
||||
pdc->unknown = 0x10; /* what is this? */
|
||||
pdc->unknown2 = 2; /* and this ... */
|
||||
pdc->pdc_ip = my_ip->addr;
|
||||
pdc->pdc_ip = my_ip;
|
||||
pdc->nt_version = 13;
|
||||
pdc->lmnt_token = 0xFFFF;
|
||||
pdc->lm20_token = 0xFFFF;
|
||||
|
||||
packet->data.msg.dest_name.type = 0;
|
||||
|
||||
dgram_mailslot_netlogon_reply(dgmslot->dgmsock,
|
||||
dgram_mailslot_netlogon_reply(reply_iface->dgmsock,
|
||||
packet,
|
||||
netlogon->req.pdc2.mailslot_name,
|
||||
&reply);
|
||||
@ -235,10 +239,10 @@ void nbtd_mailslot_netlogon_handler(struct dgram_mailslot_handler *dgmslot,
|
||||
|
||||
switch (netlogon->command) {
|
||||
case NETLOGON_QUERY_FOR_PDC:
|
||||
nbtd_netlogon_getdc(dgmslot, packet, src, netlogon);
|
||||
nbtd_netlogon_getdc(dgmslot, iface, packet, src, netlogon);
|
||||
break;
|
||||
case NETLOGON_QUERY_FOR_PDC2:
|
||||
nbtd_netlogon_getdc2(dgmslot, packet, src, netlogon);
|
||||
nbtd_netlogon_getdc2(dgmslot, iface, packet, src, netlogon);
|
||||
break;
|
||||
default:
|
||||
DEBUG(2,("unknown netlogon op %d from %s:%d\n",
|
||||
|
||||
@ -29,11 +29,13 @@
|
||||
reply to a SAM LOGON request
|
||||
*/
|
||||
static void nbtd_ntlogon_sam_logon(struct dgram_mailslot_handler *dgmslot,
|
||||
struct nbtd_interface *iface,
|
||||
struct nbt_dgram_packet *packet,
|
||||
const struct socket_address *src,
|
||||
struct nbt_ntlogon_packet *ntlogon)
|
||||
{
|
||||
struct nbt_name *name = &packet->data.msg.dest_name;
|
||||
struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, False);
|
||||
struct nbt_ntlogon_packet reply;
|
||||
struct nbt_ntlogon_sam_logon_reply *logon;
|
||||
|
||||
@ -56,7 +58,7 @@ static void nbtd_ntlogon_sam_logon(struct dgram_mailslot_handler *dgmslot,
|
||||
|
||||
packet->data.msg.dest_name.type = 0;
|
||||
|
||||
dgram_mailslot_ntlogon_reply(dgmslot->dgmsock,
|
||||
dgram_mailslot_ntlogon_reply(reply_iface->dgmsock,
|
||||
packet,
|
||||
ntlogon->req.logon.mailslot_name,
|
||||
&reply);
|
||||
@ -97,7 +99,7 @@ void nbtd_mailslot_ntlogon_handler(struct dgram_mailslot_handler *dgmslot,
|
||||
|
||||
switch (ntlogon->command) {
|
||||
case NTLOGON_SAM_LOGON:
|
||||
nbtd_ntlogon_sam_logon(dgmslot, packet, src, ntlogon);
|
||||
nbtd_ntlogon_sam_logon(dgmslot, iface, packet, src, ntlogon);
|
||||
break;
|
||||
default:
|
||||
DEBUG(2,("unknown ntlogon op %d from %s:%d\n",
|
||||
|
||||
@ -193,7 +193,6 @@ static NTSTATUS nbtd_add_socket(struct nbtd_server *nbtsrv,
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
setup a socket for talking to our WINS servers
|
||||
*/
|
||||
@ -312,22 +311,39 @@ const char **nbtd_address_list(struct nbtd_interface *iface, TALLOC_CTX *mem_ctx
|
||||
/*
|
||||
find the interface to use for sending a outgoing request
|
||||
*/
|
||||
struct nbtd_interface *nbtd_find_interface(struct nbtd_server *nbtd_server,
|
||||
const char *address)
|
||||
struct nbtd_interface *nbtd_find_request_iface(struct nbtd_server *nbtd_server,
|
||||
const char *address, BOOL allow_bcast_iface)
|
||||
{
|
||||
struct nbtd_interface *iface;
|
||||
struct nbtd_interface *cur;
|
||||
|
||||
/* try to find a exact match */
|
||||
for (iface=nbtd_server->interfaces;iface;iface=iface->next) {
|
||||
if (iface_same_net(address, iface->ip_address, iface->netmask)) {
|
||||
return iface;
|
||||
for (cur=nbtd_server->interfaces;cur;cur=cur->next) {
|
||||
if (iface_same_net(address, cur->ip_address, cur->netmask)) {
|
||||
return cur;
|
||||
}
|
||||
}
|
||||
|
||||
/* no exact match, if we have the broadcast interface, use that */
|
||||
if (nbtd_server->bcast_interface) {
|
||||
if (allow_bcast_iface && nbtd_server->bcast_interface) {
|
||||
return nbtd_server->bcast_interface;
|
||||
}
|
||||
|
||||
/* fallback to first interface */
|
||||
return nbtd_server->interfaces;
|
||||
}
|
||||
|
||||
/*
|
||||
* find the interface to use for sending a outgoing reply
|
||||
*/
|
||||
struct nbtd_interface *nbtd_find_reply_iface(struct nbtd_interface *iface,
|
||||
const char *address, BOOL allow_bcast_iface)
|
||||
{
|
||||
struct nbtd_server *nbtd_server = iface->nbtsrv;
|
||||
|
||||
/* first try to use the given interfacel when it's not the broadcast one */
|
||||
if (iface != nbtd_server->bcast_interface) {
|
||||
return iface;
|
||||
}
|
||||
|
||||
return nbtd_find_request_iface(nbtd_server, address, allow_bcast_iface);
|
||||
}
|
||||
|
||||
@ -120,7 +120,7 @@ static NTSTATUS nbtd_getdcname(struct irpc_message *msg,
|
||||
{
|
||||
struct nbtd_server *server =
|
||||
talloc_get_type(msg->private, struct nbtd_server);
|
||||
struct nbtd_interface *iface = nbtd_find_interface(server, req->in.ip_address);
|
||||
struct nbtd_interface *iface = nbtd_find_request_iface(server, req->in.ip_address, True);
|
||||
struct getdc_state *s;
|
||||
struct nbt_ntlogon_packet p;
|
||||
struct nbt_ntlogon_sam_logon *r;
|
||||
|
||||
@ -49,7 +49,7 @@ static void wins_challenge_handler(struct nbt_name_request *req)
|
||||
|
||||
state->query.in.dest_addr = state->io->in.addresses[state->current_address];
|
||||
|
||||
iface = nbtd_find_interface(state->io->in.nbtd_server, state->query.in.dest_addr);
|
||||
iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, True);
|
||||
if (!iface) {
|
||||
composite_error(ctx, NT_STATUS_INTERNAL_ERROR);
|
||||
return;
|
||||
@ -111,7 +111,7 @@ struct composite_context *wins_challenge_send(TALLOC_CTX *mem_ctx, struct wins_c
|
||||
state->query.in.retries = 2;
|
||||
ZERO_STRUCT(state->query.out);
|
||||
|
||||
iface = nbtd_find_interface(state->io->in.nbtd_server, state->query.in.dest_addr);
|
||||
iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, True);
|
||||
if (!iface) {
|
||||
goto failed;
|
||||
}
|
||||
@ -165,7 +165,7 @@ static void wins_release_demand_handler(struct nbt_name_request *req)
|
||||
state->release.in.timeout = (state->addresses_left > 1 ? 2 : 1);
|
||||
state->release.in.retries = (state->addresses_left > 1 ? 0 : 2);
|
||||
|
||||
iface = nbtd_find_interface(state->io->in.nbtd_server, state->release.in.dest_addr);
|
||||
iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, True);
|
||||
if (!iface) {
|
||||
composite_error(ctx, NT_STATUS_INTERNAL_ERROR);
|
||||
return;
|
||||
@ -226,7 +226,7 @@ static struct composite_context *wins_release_demand_send(TALLOC_CTX *mem_ctx, s
|
||||
state->release.in.retries = (state->addresses_left > 1 ? 0 : 2);
|
||||
ZERO_STRUCT(state->release.out);
|
||||
|
||||
iface = nbtd_find_interface(state->io->in.nbtd_server, state->release.in.dest_addr);
|
||||
iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, True);
|
||||
if (!iface) {
|
||||
goto failed;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user