2025-01-12 09:18:10 +03:00 · 2005-02-14 09:15:24 +00:00 · 2005-02-14 09:15:24 +00:00 · 8dc2a028d3
commit 8dc2a028d3
parent 75766603e3
8 changed files with 333 additions and 48 deletions
--- a/source/lib/util_strlist.c
+++ b/source/lib/util_strlist.c
@ -122,3 +122,54 @@ BOOL str_list_equal(const char **list1, const char **list2)
 	}
 	return True;
 }
+
+
+/*
+  add an entry to a string list
+*/
+const char **str_list_add(const char **list, const char *s)
+{
+	size_t len = str_list_length(list);
+	const char **ret;
+
+	ret = talloc_realloc(NULL, list, const char *, len+2);
+	if (ret == NULL) return NULL;
+
+	ret[len] = talloc_strdup(ret, s);
+	if (ret[len] == NULL) return NULL;
+
+	ret[len+1] = NULL;
+
+	return ret;
+}
+
+/*
+  remove an entry from a string list
+*/
+void str_list_remove(const char **list, const char *s)
+{
+	int i;
+
+	for (i=0;list[i];i++) {
+		if (strcmp(list[i], s) == 0) break;
+	}
+	if (!list[i]) return;
+
+	for (;list[i];i++) {
+		list[i] = list[i+1];
+	}
+}
+
+
+/*
+  return True if a string is in a list
+*/
+BOOL str_list_check(const char **list, const char *s)
+{
+	int i;
+
+	for (i=0;list[i];i++) {
+		if (strcmp(list[i], s) == 0) return True;
+	}
+	return False;
+}
--- a/source/libcli/nbt/namequery.c
+++ b/source/libcli/nbt/namequery.c
@ -98,7 +98,7 @@ NTSTATUS nbt_name_query_recv(struct nbt_name_request *req,

 	io->out.name = packet->answers[0].name;
 	io->out.num_addrs = packet->answers[0].rdata.netbios.length / 6;
-	io->out.reply_addrs = talloc_array(mem_ctx, const char *, io->out.num_addrs);
+	io->out.reply_addrs = talloc_array(mem_ctx, const char *, io->out.num_addrs+1);
 	if (io->out.reply_addrs == NULL) {
 		talloc_free(req);
 		return NT_STATUS_NO_MEMORY;
@ -108,6 +108,7 @@ NTSTATUS nbt_name_query_recv(struct nbt_name_request *req,
 		io->out.reply_addrs[i] = talloc_steal(mem_ctx, 
 						      packet->answers[0].rdata.netbios.addresses[i].ipaddr);
 	}
+	io->out.reply_addrs[i] = NULL;

 	talloc_steal(mem_ctx, io->out.name.name);
 	talloc_steal(mem_ctx, io->out.name.scope);
--- a/source/nbt_server/config.mk
+++ b/source/nbt_server/config.mk
@ -14,7 +14,8 @@ ADD_OBJ_FILES = \
 		nbt_server/defense.o \
 		nbt_server/packet.o \
 		nbt_server/winsserver.o \
-		nbt_server/winsdb.o
+		nbt_server/winsdb.o \
+		nbt_server/winswack.o
 REQUIRED_SUBSYSTEMS = \
 		LIBCLI_NBT
 # End SUBSYSTEM SMB
--- a/source/nbt_server/packet.c
+++ b/source/nbt_server/packet.c
@ -261,3 +261,46 @@ void nbtd_name_release_reply(struct nbt_name_socket *nbtsock,
 failed:
 	talloc_free(packet);
 }
+
+
+/*
+  send a WACK reply
+*/
+void nbtd_wack_reply(struct nbt_name_socket *nbtsock, 
+		     struct nbt_name_packet *request_packet, 
+		     const char *src_address, int src_port,
+		     uint32_t ttl)
+{
+	struct nbt_name_packet *packet;
+	struct nbt_name *name = &request_packet->questions[0].name;
+
+	packet = talloc_zero(nbtsock, struct nbt_name_packet);
+	if (packet == NULL) return;
+
+	packet->name_trn_id = request_packet->name_trn_id;
+	packet->ancount = 1;
+	packet->operation = 
+		NBT_FLAG_REPLY | 
+		NBT_OPCODE_WACK |
+		NBT_FLAG_AUTHORITIVE;
+	
+	packet->answers = talloc_array(packet, struct nbt_res_rec, 1);
+	if (packet->answers == NULL) goto failed;
+
+	packet->answers[0].name              = *name;
+	packet->answers[0].rr_type           = NBT_QTYPE_NETBIOS;
+	packet->answers[0].rr_class          = NBT_QCLASS_IP;
+	packet->answers[0].ttl               = ttl;
+	packet->answers[0].rdata.data.length = 2;
+	packet->answers[0].rdata.data.data   = talloc_size(packet, 2);
+	if (packet->answers[0].rdata.data.data == NULL) goto failed;
+	RSSVAL(packet->answers[0].rdata.data.data, 0, request_packet->operation);
+
+	DEBUG(7,("Sending WACK reply for %s to %s:%d\n", 
+		 nbt_name_string(packet, name), src_address, src_port));
+	
+	nbt_name_reply_send(nbtsock, src_address, src_port, packet);
+
+failed:
+	talloc_free(packet);
+}
--- a/source/nbt_server/winsdb.c
+++ b/source/nbt_server/winsdb.c
@ -78,7 +78,7 @@ struct winsdb_record *winsdb_load(struct wins_server *winssrv,
 	    rec->expire_time <= time(NULL)) {
 		DEBUG(5,("WINS: expiring name %s (expired at %s)\n", 
 			 nbt_name_string(tmp_ctx, rec->name), timestring(tmp_ctx, rec->expire_time)));
-		rec->state = WINS_REC_EXPIRED;
+		rec->state = WINS_REC_RELEASED;
 	}

 	talloc_steal(mem_ctx, rec);
--- a/source/nbt_server/winsdb.h
+++ b/source/nbt_server/winsdb.h
@ -22,8 +22,7 @@

 enum wins_record_state {
 	WINS_REC_RELEASED =0,
-	WINS_REC_ACTIVE   =1,
-	WINS_REC_EXPIRED  =2
+	WINS_REC_ACTIVE   =1
 };

 /*
--- a/source/nbt_server/winsserver.c
+++ b/source/nbt_server/winsserver.c
@ -25,6 +25,16 @@
 #include "nbt_server/winsdb.h"
 #include "system/time.h"

+/*
+  work out the ttl we will use given a client requested ttl
+*/
+uint32_t wins_server_ttl(struct wins_server *winssrv, uint32_t ttl)
+{
+	ttl = MIN(ttl, winssrv->max_ttl);
+	ttl = MAX(ttl, winssrv->min_ttl);
+	return ttl;
+}
+
 /*
  register a new name with WINS
 */
@ -36,14 +46,11 @@ static uint8_t wins_register_new(struct nbt_name_socket *nbtsock,
 						       struct nbtd_interface);
 	struct wins_server *winssrv = iface->nbtsrv->winssrv;
 	struct nbt_name *name = &packet->questions[0].name;
-	uint32_t ttl = packet->additional[0].ttl;
+	uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl);
 	uint16_t nb_flags = packet->additional[0].rdata.netbios.addresses[0].nb_flags;
 	const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
 	struct winsdb_record rec;

-	ttl = MIN(ttl, winssrv->max_ttl);
-	ttl = MAX(ttl, winssrv->min_ttl);
-
 	rec.name          = name;
 	rec.nb_flags      = nb_flags;
 	rec.state         = WINS_REC_ACTIVE;
@ -74,13 +81,10 @@ static uint8_t wins_update_ttl(struct nbt_name_socket *nbtsock,
 	struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private, 
 						       struct nbtd_interface);
 	struct wins_server *winssrv = iface->nbtsrv->winssrv;
-	uint32_t ttl = packet->additional[0].ttl;
+	uint32_t ttl = wins_server_ttl(winssrv, packet->additional[0].ttl);
 	const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
 	time_t now = time(NULL);

-	ttl = MIN(ttl, winssrv->max_ttl);
-	ttl = MAX(ttl, winssrv->min_ttl);
-
 	if (now + ttl > rec->expire_time) {
 		rec->expire_time   = now + ttl;
 	}
@ -92,28 +96,6 @@ static uint8_t wins_update_ttl(struct nbt_name_socket *nbtsock,
 	return winsdb_modify(winssrv, rec);
 }

-
-/*
-  send a WACK reply, then check if the current owners want to keep the name
-*/
-static uint8_t wins_register_wack(struct nbt_name_socket *nbtsock, 
-				  struct nbt_name_packet *packet, 
-				  struct winsdb_record *rec,
-				  const char *src_address, int src_port)
-{
-	struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private, 
-						       struct nbtd_interface);
-	struct wins_server *winssrv = iface->nbtsrv->winssrv;
-	uint32_t ttl = packet->additional[0].ttl;
-	const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
-	time_t now = time(NULL);
-
-	DEBUG(0,("TODO: WACK\n"));
-
-	return NBT_RCODE_SVR;
-}
-
-
 /*
  register a name
 */
@ -129,7 +111,6 @@ static void nbtd_winsserver_register(struct nbt_name_socket *nbtsock,
 	uint8_t rcode = NBT_RCODE_OK;
 	uint16_t nb_flags = packet->additional[0].rdata.netbios.addresses[0].nb_flags;
 	const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
-	int i;

 	rec = winsdb_load(winssrv, name, packet);
 	if (rec == NULL) {
@ -165,15 +146,13 @@ static void nbtd_winsserver_register(struct nbt_name_socket *nbtsock,

 	/* if the registration is for an address that is currently active, then 
 	   just update the expiry time */
-	for (i=0;rec->addresses[i];i++) {
-		if (strcmp(address, rec->addresses[i]) == 0) {
-			wins_update_ttl(nbtsock, packet, rec, src_address, src_port);
-			goto done;
-		}
+	if (str_list_check(rec->addresses, address)) {
+		wins_update_ttl(nbtsock, packet, rec, src_address, src_port);
+		goto done;
 	}

-	/* we have to do a WACK to see if the current owners are willing to give
-	   up their claim */	
+	/* we have to do a WACK to see if the current owner is willing
+	   to give up its claim */	
 	wins_register_wack(nbtsock, packet, rec, src_address, src_port);
 	return;

@ -220,14 +199,26 @@ static void nbtd_winsserver_release(struct nbt_name_socket *nbtsock,
 	struct winsdb_record *rec;

 	rec = winsdb_load(winssrv, name, packet);
-	if (rec != NULL && 
-	    rec->state == WINS_REC_ACTIVE &&
-	    !(rec->nb_flags & NBT_NM_GROUP)) {
-		/* should we release all, or only some of the addresses? */
-		rec->state = WINS_REC_RELEASED;
+	if (rec == NULL || 
+	    rec->state != WINS_REC_ACTIVE || 
+	    (rec->nb_flags & NBT_NM_GROUP)) {
+		goto done;
+	}
+
+	/* we only allow releases from an owner - other releases are
+	   silently ignored */
+	if (str_list_check(rec->addresses, src_address)) {
+		const char *address = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
+
+		DEBUG(4,("WINS: released name %s at %s\n", nbt_name_string(rec, rec->name), address));
+		str_list_remove(rec->addresses, address);
+		if (rec->addresses[0] == NULL) {
+			rec->state = WINS_REC_RELEASED;
+		}
 		winsdb_modify(winssrv, rec);
 	}

+done:
 	/* we match w2k3 by always giving a positive reply to name releases. */
 	nbtd_name_release_reply(nbtsock, packet, src_address, src_port, NBT_RCODE_OK);
 }
--- a/source/nbt_server/winswack.c
+++ b/source/nbt_server/winswack.c
@ -0,0 +1,199 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   "secure" wins server WACK processing
+
+   Copyright (C) Andrew Tridgell	2005
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "nbt_server/nbt_server.h"
+#include "nbt_server/winsdb.h"
+#include "system/time.h"
+
+struct wack_state {
+	struct wins_server *winssrv;
+	struct nbt_name_socket *nbtsock;
+	struct nbt_name_packet *request_packet;
+	struct winsdb_record *rec;
+	const char *src_address;
+	int src_port;
+	const char **owner_addresses;
+	const char *reg_address;
+	struct nbt_name_query query;
+};
+
+
+/*
+  deny a registration request
+*/
+static void wins_wack_deny(struct wack_state *state)
+{
+	nbtd_name_registration_reply(state->nbtsock, state->request_packet, 
+				     state->src_address, state->src_port, NBT_RCODE_ACT);
+	DEBUG(4,("WINS: denied name registration request for %s from %s\n",
+		 nbt_name_string(state, state->rec->name), state->src_address));
+	talloc_free(state);
+}
+
+/*
+  allow a registration request
+*/
+static void wins_wack_allow(struct wack_state *state)
+{
+	uint32_t ttl;
+	time_t now = time(NULL);
+	struct winsdb_record *rec = state->rec;
+
+	nbtd_name_registration_reply(state->nbtsock, state->request_packet, 
+				     state->src_address, state->src_port, NBT_RCODE_OK);
+
+	rec->addresses = str_list_add(rec->addresses, state->reg_address);
+	if (rec->addresses == NULL) goto failed;
+	
+	ttl = wins_server_ttl(state->winssrv, state->request_packet->additional[0].ttl);
+	if (now + ttl > rec->expire_time) {
+		rec->expire_time = now + ttl;
+	}
+	rec->registered_by = state->src_address;
+
+	winsdb_modify(state->winssrv, rec);
+
+	DEBUG(4,("WINS: accepted registration of %s with address %s\n",
+		 nbt_name_string(state, rec->name), state->reg_address));
+
+failed:
+	talloc_free(state);
+}
+
+/*
+  called when a name query to a current owner completes
+*/
+static void wins_wack_handler(struct nbt_name_request *req)
+{
+	struct wack_state *state = talloc_get_type(req->async.private, struct wack_state);
+	NTSTATUS status;
+	int i;
+	struct winsdb_record *rec = state->rec;
+
+	status = nbt_name_query_recv(req, state, &state->query);
+
+	/* if we timed out then try the next owner address, if any */
+	if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
+		state->owner_addresses++;
+		if (state->owner_addresses[0] == NULL) {
+			wins_wack_allow(state);
+			return;
+		}
+		state->query.in.dest_addr = state->owner_addresses[0];
+
+		req = nbt_name_query_send(state->nbtsock, &state->query);
+		if (req == NULL) goto failed;
+
+		req->async.fn = wins_wack_handler;
+		req->async.private = state;
+		return;
+	}
+
+	/* if the owner denies it holds the name, then allow
+	   the registration */
+	if (!NT_STATUS_IS_OK(status)) {
+		wins_wack_allow(state);
+		return;
+	}
+
+	/* if the owner still wants the name and doesn't reply
+	   with the address trying to be registered, then deny
+	   the registration */
+	if (!str_list_check(state->query.out.reply_addrs, state->reg_address)) {
+		wins_wack_deny(state);
+		return;
+	}
+
+	/* we are going to allow the registration, but first remove any addresses
+	   from the record that aren't in the reply from the client */
+	for (i=0;rec->addresses[i];) {
+		if (!str_list_check(state->query.out.reply_addrs, rec->addresses[i])) {
+			str_list_remove(rec->addresses, rec->addresses[i]);
+		} else {
+			i++;
+		}
+	}
+
+	wins_wack_allow(state);
+	return;
+
+failed:
+	talloc_free(state);
+}
+
+
+/*
+  a client has asked to register a unique name that someone else owns. We
+  need to ask each of the current owners if they still want it. If they do
+  then reject the registration, otherwise allow it
+*/
+void wins_register_wack(struct nbt_name_socket *nbtsock, 
+			struct nbt_name_packet *packet, 
+			struct winsdb_record *rec,
+			const char *src_address, int src_port)
+{
+	struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private, 
+						       struct nbtd_interface);
+	struct wins_server *winssrv = iface->nbtsrv->winssrv;
+	struct wack_state *state;
+	struct nbt_name_request *req;
+	uint32_t ttl;
+
+	state = talloc(nbtsock, struct wack_state);
+	if (state == NULL) goto failed;
+
+	/* package up the state variables for this wack request */
+	state->winssrv         = winssrv;
+	state->nbtsock         = nbtsock;
+	state->request_packet  = talloc_steal(state, packet);
+	state->rec             = talloc_steal(state, rec);
+	state->src_port        = src_port;
+	state->owner_addresses = rec->addresses;
+	state->reg_address     = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
+	state->src_address     = talloc_strdup(state, src_address);
+	if (state->src_address == NULL) goto failed;
+
+	/* send a WACK to the client, specifying the maximum time it could
+	   take to check with the owner, plus some slack */
+	ttl = 5 + 4 * str_list_length(rec->addresses);
+	nbtd_wack_reply(nbtsock, packet, src_address, src_port, ttl);
+
+	/* setup a name query to the first address */
+	state->query.in.name        = *rec->name;
+	state->query.in.dest_addr   = state->owner_addresses[0];
+	state->query.in.broadcast   = False;
+	state->query.in.wins_lookup = True;
+	state->query.in.timeout     = 1;
+	state->query.in.retries     = 2;
+
+	req = nbt_name_query_send(nbtsock, &state->query);
+	if (req == NULL) goto failed;
+
+	req->async.fn = wins_wack_handler;
+	req->async.private = state;
+	return;	
+
+failed:
+	talloc_free(state);
+	nbtd_name_registration_reply(nbtsock, packet, src_address, src_port, NBT_RCODE_SVR);	
+}