xref: /dports/net/samba412/samba-4.12.15/source3/utils/net_dns.c

/*
   Samba Unix/Linux Dynamic DNS Update
   net ads commands

   Copyright (C) Krishna Ganugapati (krishnag@centeris.com)         2006
   Copyright (C) Gerald Carter                                      2006

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

#include "includes.h"
#include "utils/net.h"
#include "../lib/addns/dns.h"
#include "utils/net_dns.h"

#if defined(WITH_DNS_UPDATES)

/*********************************************************************
*********************************************************************/

DNS_ERROR DoDNSUpdate(char *pszServerName,
		      const char *pszDomainName, const char *pszHostName,
		      const struct sockaddr_storage *sslist, size_t num_addrs,
		      uint32_t flags, bool remove_host)
{
	DNS_ERROR err;
	struct dns_connection *conn;
	TALLOC_CTX *mem_ctx;
	OM_uint32 minor;
	struct dns_update_request *req, *resp;

	DEBUG(10,("DoDNSUpdate called with flags: 0x%08x\n", flags));

	if (!(flags & DNS_UPDATE_SIGNED) &&
	    !(flags & DNS_UPDATE_UNSIGNED) &&
	    !(flags & DNS_UPDATE_PROBE)) {
		return ERROR_DNS_INVALID_PARAMETER;
	}

	if ( !remove_host && ((num_addrs <= 0) || !sslist) ) {
		return ERROR_DNS_INVALID_PARAMETER;
	}

	if (!(mem_ctx = talloc_init("DoDNSUpdate"))) {
		return ERROR_DNS_NO_MEMORY;
	}

	err = dns_open_connection( pszServerName, DNS_TCP, mem_ctx, &conn );
	if (!ERR_DNS_IS_OK(err)) {
		goto error;
	}

	if (flags & DNS_UPDATE_PROBE) {

		/*
		 * Probe if everything's fine
		 */

		err = dns_create_probe(mem_ctx, pszDomainName, pszHostName,
				       num_addrs, sslist, &req);
		if (!ERR_DNS_IS_OK(err)) goto error;

		err = dns_update_transaction(mem_ctx, conn, req, &resp);

		if (!ERR_DNS_IS_OK(err)) {
			DEBUG(3,("DoDNSUpdate: failed to probe DNS\n"));
			goto error;
		}

		if ((dns_response_code(resp->flags) == DNS_NO_ERROR) &&
		    (flags & DNS_UPDATE_PROBE_SUFFICIENT)) {
			TALLOC_FREE(mem_ctx);
			return ERROR_DNS_SUCCESS;
		}
	}

	if (flags & DNS_UPDATE_UNSIGNED) {

		/*
		 * First try without signing
		 */

		err = dns_create_update_request(mem_ctx, pszDomainName, pszHostName,
						sslist, num_addrs, &req);
		if (!ERR_DNS_IS_OK(err)) goto error;

		err = dns_update_transaction(mem_ctx, conn, req, &resp);
		if (!ERR_DNS_IS_OK(err)) {
			DEBUG(3,("DoDNSUpdate: unsigned update failed\n"));
			goto error;
		}

		if ((dns_response_code(resp->flags) == DNS_NO_ERROR) &&
		    (flags & DNS_UPDATE_UNSIGNED_SUFFICIENT)) {
			TALLOC_FREE(mem_ctx);
			return ERROR_DNS_SUCCESS;
		}
	}

	/*
	 * Okay, we have to try with signing
	 */
	if (flags & DNS_UPDATE_SIGNED) {
		gss_ctx_id_t gss_context;
		char *keyname;

		err = dns_create_update_request(mem_ctx, pszDomainName, pszHostName,
						sslist, num_addrs, &req);
		if (!ERR_DNS_IS_OK(err)) goto error;

		if (!(keyname = dns_generate_keyname( mem_ctx ))) {
			err = ERROR_DNS_NO_MEMORY;
			goto error;
		}

		err = dns_negotiate_sec_ctx( pszDomainName, pszServerName,
					     keyname, &gss_context, DNS_SRV_ANY );

		/* retry using the Windows 2000 DNS hack */
		if (!ERR_DNS_IS_OK(err)) {
			err = dns_negotiate_sec_ctx( pszDomainName, pszServerName,
						     keyname, &gss_context,
						     DNS_SRV_WIN2000 );
		}

		if (!ERR_DNS_IS_OK(err))
			goto error;

		err = dns_sign_update(req, gss_context, keyname,
				      "gss.microsoft.com", time(NULL), 3600);

		gss_delete_sec_context(&minor, &gss_context, GSS_C_NO_BUFFER);

		if (!ERR_DNS_IS_OK(err)) goto error;

		err = dns_update_transaction(mem_ctx, conn, req, &resp);
		if (!ERR_DNS_IS_OK(err)) goto error;

		err = (dns_response_code(resp->flags) == DNS_NO_ERROR) ?
			ERROR_DNS_SUCCESS : ERROR_DNS_UPDATE_FAILED;

		if (!ERR_DNS_IS_OK(err)) {
			DEBUG(3,("DoDNSUpdate: signed update failed\n"));
		}
	}


error:
	TALLOC_FREE(mem_ctx);
	return err;
}

/*********************************************************************
*********************************************************************/

int get_my_ip_address( struct sockaddr_storage **pp_ss )

{
	int i, n;
	struct sockaddr_storage *list = NULL;
	int count = 0;

	/* Honor the configured list of interfaces to register */

	load_interfaces();
	n = iface_count();

	if (n <= 0) {
		return -1;
	}

	if ( (list = SMB_MALLOC_ARRAY( struct sockaddr_storage, n )) == NULL ) {
		return -1;
	}

	for ( i=0; i<n; i++ ) {
		const struct sockaddr_storage *nic_sa_storage = NULL;

		if ((nic_sa_storage = iface_n_sockaddr_storage(i)) == NULL)
			continue;

		/* Don't register loopback addresses */
		if (is_loopback_addr((const struct sockaddr *)nic_sa_storage)) {
			continue;
		}

		/* Don't register link-local addresses */
		if (is_linklocal_addr(nic_sa_storage)) {
			continue;
		}

		memcpy(&list[count++], nic_sa_storage, sizeof(struct sockaddr_storage));
	}
	*pp_ss = list;

	return count;
}

DNS_ERROR do_gethostbyname(const char *server, const char *host)
{
	struct dns_connection *conn = NULL;
	struct dns_request *req, *resp;
	DNS_ERROR err;
	int ans = 0;

	err = dns_open_connection(server, DNS_UDP, NULL, &conn);
	if (!ERR_DNS_IS_OK(err)) {
		goto error;
	}

	err = dns_create_query(conn, host, QTYPE_A, DNS_CLASS_IN, &req);
	if (!ERR_DNS_IS_OK(err)) {
		goto error;
	}

	err = dns_transaction(conn, conn, req, &resp);
	if (!ERR_DNS_IS_OK(err)) {
		goto error;
	}

	if (resp->num_answers == 0) {
		printf("%s", "No answers!\n");
		goto error;
	}

	for (ans = 0; ans < resp->num_answers; ans++) {
		struct in_addr resp_ip;

		if (ans > 0)
			printf("%s", " ");

		resp_ip.s_addr = *((uint32_t *)resp->answers[ans]->data);
		printf("%s", inet_ntoa(resp_ip));
	}

	printf("%s", "\n");

 error:
	TALLOC_FREE(conn);
	return err;
}

#endif	/* defined(WITH_DNS_UPDATES) */