1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #include <errno.h> 27 #include <stdlib.h> 28 #include <stdio.h> 29 #include <unistd.h> 30 #include <syslog.h> 31 #include <string.h> 32 #include <strings.h> 33 #include <time.h> 34 #include <synch.h> 35 #include <netdb.h> 36 #include <sys/socket.h> 37 #include <arpa/inet.h> 38 39 #include <smbsrv/libsmb.h> 40 #include <smbsrv/libsmbns.h> 41 42 #include <smbsrv/cifs.h> 43 #include <smbsrv/mailslot.h> 44 45 #include <smbns_browser.h> 46 #include <smbns_netbios.h> 47 48 /* 49 * ntdomain_info 50 * Temporary. It should be removed once NBTD is integrated. 51 */ 52 smb_ntdomain_t ntdomain_info; 53 mutex_t ntdomain_mtx; 54 cond_t ntdomain_cv; 55 56 #define SMB_SERVER_SIGNATURE 0xaa550415 57 58 typedef struct smb_hostinfo { 59 list_node_t hi_lnd; 60 smb_nic_t hi_nic; 61 char hi_nbname[NETBIOS_NAME_SZ]; 62 name_entry_t hi_netname; 63 uint32_t hi_nextannouce; 64 int hi_reps; 65 int hi_interval; 66 uint8_t hi_updatecnt; 67 uint32_t hi_type; 68 } smb_hostinfo_t; 69 70 typedef struct smb_browserinfo { 71 list_t bi_hlist; 72 int bi_hcnt; 73 rwlock_t bi_hlist_rwl; 74 boolean_t bi_changed; 75 mutex_t bi_mtx; 76 } smb_browserinfo_t; 77 78 static smb_browserinfo_t smb_binfo; 79 80 static int smb_browser_init(void); 81 static void smb_browser_infoinit(void); 82 static void smb_browser_infoterm(void); 83 static void smb_browser_infofree(void); 84 85 86 87 88 void 89 smb_browser_reconfig(void) 90 { 91 (void) mutex_lock(&smb_binfo.bi_mtx); 92 smb_binfo.bi_changed = B_TRUE; 93 (void) mutex_unlock(&smb_binfo.bi_mtx); 94 } 95 96 /* 97 * 3. Browser Overview 98 * 99 * Hosts involved in the browsing process can be separated into two 100 * distinct groups, browser clients and browser servers (often referred to 101 * simply as "browsers"). 102 * 103 * A browser is a server which maintains information about servers - 104 * primarily the domain they are in and the services that they are running 105 * -- and about domains. Browsers may assume several different roles in 106 * their lifetimes, and dynamically switch between them. 107 * 108 * Browser clients are of two types: workstations and (non-browser) 109 * servers. In the context of browsing, workstations query browsers for the 110 * information they contain; servers supply browsers the information by 111 * registering with them. Note that, at times, browsers may themselves 112 * behave as browser clients and query other browsers. 113 * 114 * For the purposes of this specification, a domain is simply a name with 115 * which to associate a group of resources such as computers, servers and 116 * users. Domains allow a convenient means for browser clients to restrict 117 * the scope of a search when they query browser servers. Every domain has 118 * a "master" server called the Primary Domain Controller (PDC) that 119 * manages various activities within the domain. 120 * 121 * One browser for each domain on a subnet is designated the Local Master 122 * Browser for that domain. Servers in its domain on the subnet register 123 * with it, as do the Local Master Browsers for other domains on the 124 * subnet. It uses these registrations to maintain authoritative 125 * information about its domain on its subnet. If there are other subnets 126 * in the network, it also knows the name of the server running the 127 * domain's Domain Master Browser; it registers with it, and uses it to 128 * obtain information about the rest of the network (see below). 129 * 130 * Clients on a subnet query browsers designated as the Backup Browsers for 131 * the subnet (not the Master Browser). Backup Browsers maintain a copy of 132 * the information on the Local Master Browser; they get it by periodically 133 * querying the Local Master Browser for all of its information. Clients 134 * find the Backup Browsers by asking the Local Master Browser. Clients are 135 * expected to spread their queries evenly across Backup Browsers to 136 * balance the load. 137 * 138 * The Local Master Browser is dynamically elected automatically. Multiple 139 * Backup Browser Servers may exist per subnet; they are selected from 140 * among the potential browser servers by the Local Master Browser, which 141 * is configured to select enough to handle the expected query load. 142 * 143 * When there are multiple subnets, a Domain Master Browser is assigned 144 * the task of keeping the multiple subnets in synchronization. The Primary 145 * Domain Controller (PDC) always acts as the Domain Master Browser. The 146 * Domain Master Browser periodically acts as a client and queries all the 147 * Local Master Browsers for its domain, asking them for a list containing 148 * all the domains and all the servers in their domain known within their 149 * subnets; it merges all the replies into a single master list. This 150 * allows a Domain Master Browser server to act as a collection point for 151 * inter-subnet browsing information. Local Master Browsers periodically 152 * query the Domain Master Browser to retrieve the network-wide information 153 * it maintains. 154 * 155 * When a domain spans only a single subnet, there will not be any distinct 156 * Local Master Browser; this role will be handled by the Domain Master 157 * Browser. Similarly, the Domain Master Browser is always the Local Master 158 * Browser for the subnet it is on. 159 * 160 * When a browser client suspects that the Local Master Browser has failed, 161 * the client will instigate an election in which the browser servers 162 * participate, and some browser servers may change roles. 163 * 164 * Some characteristics of a good browsing mechanism include: 165 * . minimal network traffic 166 * . minimum server discovery time 167 * . minimum change discovery latency 168 * . immunity to machine failures 169 * 170 * Historically, Browser implementations had been very closely tied to 171 * NETBIOS and datagrams. The early implementations caused a lot of 172 * broadcast traffic. See Appendix D for an overview that presents how the 173 * Browser specification evolved. 174 * 175 * 4. Browsing Protocol Architecture 176 * 177 * This section first describes the how the browsing protocol is layered, 178 * then describes the roles of clients, servers, and browsers in the 179 * browsing subsystem. 180 * 181 * 4.1 Layering of Browsing Protocol Requests 182 * 183 * Most of the browser functionality is implemented using mailslots. 184 * Mailslots provide a mechanism for fast, unreliable unidirectional data 185 * transfer; they are named via ASCII "mailslot (path) name". Mailslots are 186 * implemented using the CIFS Transact SMB which is encapsulated in a 187 * NETBIOS datagram. Browser protocol requests are sent to browser specific 188 * mailslots using some browser-specific NETBIOS names. These datagrams can 189 * either be unicast or broadcast, depending on whether the NETBIOS name is 190 * a "unique name" or a "group name". Various data structures, which are 191 * detailed subsequently within this document, flow as the data portion of 192 * the Transact SMB. 193 * 194 * Here is an example of a generic browser SMB, showing how a browser 195 * request is encapsulated in a TRANSACT SMB request. Note that the PID, 196 * TID, MID, UID, and Flags are all 0 in mailslot requests. 197 * 198 * SMB: C transact, File = \MAILSLOT\BROWSE 199 * SMB: SMB Status = Error Success 200 * SMB: Error class = No Error 201 * SMB: Error code = No Error 202 * SMB: Header: PID = 0x0000 TID = 0x0000 MID = 0x0000 UID = 0x0000 203 * SMB: Tree ID (TID) = 0 (0x0) 204 * SMB: Process ID (PID) = 0 (0x0) 205 * SMB: User ID (UID) = 0 (0x0) 206 * SMB: Multiplex ID (MID) = 0 (0x0) 207 * SMB: Flags Summary = 0 (0x0) 208 * SMB: Command = C transact 209 * SMB: Word count = 17 210 * SMB: Word parameters 211 * SMB: Total parm bytes = 0 212 * SMB: Total data bytes = 33 213 * SMB: Max parm bytes = 0 214 * SMB: Max data bytes = 0 215 * SMB: Max setup words = 0 216 * SMB: Transact Flags Summary = 0 (0x0) 217 * SMB: ...............0 = Leave session intact 218 * SMB: ..............0. = Response required 219 * SMB: Transact timeout = 0 (0x0) 220 * SMB: Parameter bytes = 0 (0x0) 221 * SMB: Parameter offset = 0 (0x0) 222 * SMB: Data bytes = 33 (0x21) 223 * SMB: Data offset = 86 (0x56) 224 * SMB: Setup word count = 3 225 * SMB: Setup words 226 * SMB: Mailslot opcode = Write mailslot 227 * SMB: Transaction priority = 1 228 * SMB: Mailslot class = Unreliable (broadcast) 229 * SMB: Byte count = 50 230 * SMB: Byte parameters 231 * SMB: Path name = \MAILSLOT\BROWSE 232 * SMB: Transaction data 233 * SMB: Data: Number of data bytes remaining = 33 (0x0021) 234 * 235 * Note the SMB command is Transact, the opcode within the Transact SMB is 236 * Mailslot Write, and the browser data structure is carried as the 237 * Transact data. 238 * The Transaction data begins with an opcode, that signifies the operation 239 * and determines the size and structure of data that follows. This opcode 240 * is named as per one of the below: 241 * 242 * HostAnnouncement 1 243 * AnnouncementRequest 2 244 * RequestElection 8 245 * GetBackupListReq 9 246 * GetBackupListResp 10 247 * BecomeBackup 11 248 * DomainAnnouncment 12 249 * MasterAnnouncement 13 250 * LocalMasterAnnouncement 15 251 * 252 * Browser datagrams are often referred to as simply browser frames. The 253 * frames are in particular, referred to by the name of the opcode within 254 * the Transaction data e.g. a GetBackupListReq browser frame, a 255 * RequestElection browser frame, etc. 256 * 257 * The structures that are sent as the data portion of the Transact SMB are 258 * described in section(s) 6.2 through 6.12 in this document. These 259 * structures are tightly packed, i.e. there are no intervening pad bytes 260 * in the structure, unless they are explicitly described as being there. 261 * All quantities are sent in native Intel format and multi-byte values are 262 * transmitted least significant byte first. 263 * 264 * Besides mailslots and Transaction SMBs, the other important piece of the 265 * browser architecture is the NetServerEnum2 request. This request that 266 * allows an application to interrogate a Browser Server and obtain a 267 * complete list of resources (servers, domains, etc) known to that Browser 268 * server. Details of the NetServerEnum2 request are presented in section 269 * 6.4. Some examples of the NetServerEnum2 request being used are when a 270 * Local Master Browser sends a NetServerEnum2 request to the Domain Master 271 * Browser and vice versa. Another example is when a browser client sends a 272 * NetServerEnum2 request to a Backup Browser server. 273 * 274 * 4.3 Non-Browser Server 275 * 276 * A non-browser server is a server that has some resource(s) or service(s) 277 * it wishes to advertise as being available using the browsing protocol. 278 * Examples of non-browser servers would be an SQL server, print server, 279 * etc. 280 * 281 * A non-browser server MUST periodically send a HostAnnouncement browser 282 * frame, specifying the type of resources or services it is advertising. 283 * Details are in section 6.5. 284 * 285 * A non-browser server SHOULD announce itself relatively frequently when 286 * it first starts up in order to make its presence quickly known to the 287 * browsers and thence to potential clients. The frequency of the 288 * announcements SHOULD then be gradually stretched, so as to minimize 289 * network traffic. Typically, non-browser servers announce themselves 290 * once every minute upon start up and then gradually adjust the frequency 291 * of the announcements to once every 12 minutes. 292 * 293 * A non-browser server SHOULD send a HostAnnouncement browser frame 294 * specifying a type of 0 just prior to shutting down, to allow it to 295 * quickly be removed from the list of available servers. 296 * 297 * A non-browser server MUST receive and process AnnouncementRequest frames 298 * from the Local Master Browser, and MUST respond with a HostAnnouncement 299 * frame, after a delay chosen randomly from the interval [0,30] seconds. 300 * AnnouncementRequests typically happen when a Local Master Browser starts 301 * up with an empty list of servers for the domain, and wants to fill it 302 * quickly. The 30 second range for responses prevents the Master Browser 303 * from becoming overloaded and losing replies, as well as preventing the 304 * network from being flooded with responses. 305 * 306 * 4.4 Browser Servers 307 * 308 * The following sections describe the roles of the various types of 309 * browser servers. 310 * 311 * 4.4.1 Potential Browser Server 312 * 313 * A Potential Browser server is a browser server that is capable of being 314 * a Backup Browser server or Master Browser server, but is not currently 315 * fulfilling either of those roles. 316 * 317 * A Potential Browser MUST set type SV_TYPE_POTENTIAL_BROWSER (see section 318 * 6.4.1) in its HostAnnouncement until it is ready to shut down. In its 319 * last HostAnnouncement frame before it shuts down, it SHOULD specify a 320 * type of 0. 321 * 322 * A Potential Browser server MUST receive and process BecomeBackup frames 323 * (see section 6.9) and become a backup browser upon their receipt. 324 * 325 * A Potential Browser MUST participate in browser elections (see section 326 * 6.8). 327 * 328 * 4.4.2 Backup Browser 329 * 330 * Backup Browser servers are a subset of the Potential Browsers that have 331 * been chosen by the Master Browser on their subnet to be the Backup 332 * Browsers for the subnet. 333 * 334 * A Backup Browser MUST set type SV_TYPE_BACKUP_BROWSER (see section 335 * 6.4.1) in its HostAnnouncement until it is ready to shut down. In its 336 * last HostAnnouncement frame before it shuts down, it SHOULD specify a 337 * type of 0. 338 * 339 * A Backup Browser MUST listen for a LocalMasterAnnouncement frame (see 340 * section 6.10) from the Local Master Browser, and use it to set the name 341 * of the Master Browser it queries for the server and domain lists. 342 * 343 * A Backup Browsers MUST periodically make a NetServerEnum2 request of 344 * the Master Browser on its subnet for its domain to get a list of servers 345 * in that domain, as well as a list of domains. The period is a 346 * configuration option balancing currency of the information with network 347 * traffic costs - a typical value is 15 minutes. 348 * 349 * A Backup Browser SHOULD force an election by sending a RequestElection 350 * frame (see section 6.7) if it does not get a response to its periodic 351 * NetServeEnum2 request to the Master Browser. 352 * 353 * A Backup Browser MUST receive and process NetServerEnum2 requests from 354 * browser clients, for its own domain and others. If the request is for a 355 * list of servers in its domain, or for a list of domains, it can answer 356 * from its internal lists. If the request is for a list of servers in a 357 * domain different than the one it serves, it sends a NetServerEnum2 358 * request to the Domain Master Browser for that domain (which it can in 359 * find in its list of domains and their Domain Master Browsers). 360 * 361 * A Backup Browser MUST participate in browser elections (see section 362 * 6.8). 363 * 364 * 4.4.3 Master Browser 365 * 366 * Master Browsers are responsible for: 367 * . indicating it is a Master Browser 368 * . receiving server announcements and building a list of such servers 369 * and keeping it reasonably up-to-date. 370 * . returning lists of Backup Browsers to browser clients. 371 * . ensuring an appropriate number of Backup Browsers are available. 372 * . announcing their existence to other Master Browsers on their subnet, 373 * to the Domain Master Browser for their domain, and to all browsers in 374 * their domain on their subnet 375 * . forwarding requests for lists of servers on other domains to the 376 * Master Browser for that domain 377 * . keeping a list of domains in its subnet 378 * . synchronizing with the Domain Master Browser (if any) for its domain 379 * . participating in browser elections 380 * . ensuring that there is only one Master Browser on its subnet 381 * 382 * A Master Browser MUST set type SV_TYPE_MASTER_BROWSER (see section 383 * 6.4.1) in its HostAnnouncement until it is ready to shut down. In its 384 * last HostAnnouncement frame before it shuts down, it SHOULD specify a 385 * type of 0. 386 * 387 * A Master Browser MUST receive and process HostAnnouncement frames from 388 * servers, adding the server name and other information to its servers 389 * list; it must mark them as "local" entries. Periodically, it MUST check 390 * all local server entries to see if a server's HostAnnouncement has timed 391 * out (no HostAnnouncement received for three times the periodicity the 392 * server gave in the last received HostAnnouncement) and remove timed-out 393 * servers from its list. 394 * 395 * A Master Browser MUST receive and process DomainAnnouncement frames (see 396 * section 6.12) and maintain the domain names and their associated (Local) 397 * Master Browsers in its internal domain list until they time out; it must 398 * mark these as "local" entries. Periodically, it MUST check all local 399 * domain entries to see if a server's DomainAnnouncement has timed out (no 400 * DomainAnnouncement received for three times the periodicity the server 401 * gave in the last received DomainAnnouncement) and remove timed-out 402 * servers from its list. 403 * 404 * A Master Browser MUST receive and process GetBackupListRequest frames 405 * from clients, returning GetBackupListResponse frames containing a list 406 * of the Backup Servers for its domain. 407 * 408 * A Master Browser MUST eventually send BecomeBackup frames (see section 409 * 6.9) to one or more Potential Browser servers to increase the number of 410 * Backup Browsers if there are not enough Backup Browsers to handle the 411 * anticipated query load. Note: possible good times for checking for 412 * sufficient backup browsers are after being elected, when timing out 413 * server HostAnnouncements, and when receiving a server's HostAnnouncement 414 * for the first time. 415 * 416 * A Master Browser MUST periodically announce itself and the domain it 417 * serves to other (Local) Master Browsers on its subnet, by sending a 418 * DomainAnnouncement frame (see section 6.12) to its subnet. 419 * 420 * A Master Browser MUST send a MasterAnnouncement frame (see section 6.11) 421 * to the Domain Master Browser after it is first elected, and periodically 422 * thereafter. This informs the Domain Master Browser of the presence of 423 * all the Master Browsers. 424 * 425 * A Master Browser MUST periodically announce itself to all browsers for 426 * its domain on its subnet by sending a LocalMasterAnnouncement frame (see 427 * section 6.10). 428 * 429 * A Master Browser MUST receive and process NetServerEnum2 requests from 430 * browser clients, for its own domain and others. If the request is for a 431 * list of servers in its domain, or for a list of domains, it can answer 432 * from its internal lists. Entries in its list marked "local" MUST have 433 * the SV_TYPE_LOCAL_LIST_ONLY bit set in the returned results; it must be 434 * clear for all other entries. If the request is for a list of servers in 435 * a domain different than the one it serves, it sends a NetServerEnum2 436 * request to the Domain Master Browser for that domain (which it can in 437 * find in its list of domains and their Domain Master Browsers). 438 * 439 * Note: The list of servers that the Master Browser maintains and 440 * returns to the Backup Browsers, is limited in size to 64K of 441 * data. This will limit the number of systems that can be in a 442 * browse list in a single workgroup or domain to approximately two 443 * thousand systems. 444 * 445 * A Master Browser SHOULD request all servers to register with it by 446 * sending an AnnouncementRequest frame, if, on becoming the Master Browser 447 * by winning an election, its server list is empty. Otherwise, clients 448 * might get an incomplete list of servers until the servers' periodic 449 * registrations fill the server list. 450 * 451 * If the Master Browser on a subnet is not the Primary Domain Controller 452 * (PDC), then it is a Local Master Browser. 453 * 454 * A Local Master Browser MUST periodically synchronize with the Domain 455 * Master Browser (which is the PDC). This synchronization is performed by 456 * making a NetServerEnum2 request to the Domain Master Browser and merging 457 * the results with its list of servers and domains. An entry from the 458 * Domain Master Browser should be marked "non-local", and must not 459 * overwrite an entry with the same name marked "local". The Domain Master 460 * Browser is located as specified in Appendix B. 461 * 462 * A Master Browser MUST participate in browser elections (see section 463 * 6.8). 464 * 465 * A Master Browser MUST, if it receives a HostAnnouncement, 466 * DomainAnnouncement, or LocalMasterAnnouncement frame another system that 467 * claims to be the Master Browser for its domain, demote itself from 468 * Master Browser and force an election. This ensures that there is only 469 * ever one Master Browser in each workgroup or domain. 470 * 471 * A Master Browser SHOULD, if it loses an election, become a Backup 472 * Browser (without being told to do so by the new Master Browser). Since 473 * it has more up-to-date information in its lists than a Potential 474 * Browser, it is more efficient to have it be a Backup Browser than to 475 * promote a Potential Browser. 476 * 477 * 4.4.3.1 Preferred Master Browser 478 * 479 * A Preferred Master Browser supports exactly the same protocol elements 480 * as a Potential Browser, except as follows. 481 * 482 * A Preferred Master Browser MUST always force an election when it starts 483 * up. 484 * 485 * A Preferred Master Browser MUST participate in browser elections (see 486 * section 6.8). 487 * 488 * A Preferred Master Browser MUST set the Preferred Master bit in the 489 * RequestElection frame (see section 6.7) to bias the election in its 490 * favor. 491 * 492 * A Preferred Master Browser SHOULD, if it loses an election, 493 * automatically become a Backup Browser, without being told to do so by 494 * the Master Browser. 495 * 496 * 4.4.4 Domain Master Browser 497 * 498 * Since the Domain Master Browser always runs on the PDC, it must 499 * implement all the protocols required of a PDC in addition to the 500 * browsing protocol, and that is way beyond the scope of this 501 * specification. 502 * 503 * 5. Mailslot Protocol Specification 504 * 505 * The only transaction allowed to a mailslot is a mailslot write. Mailslot 506 * writes requests are encapsulated in TRANSACT SMBs. The following table 507 * shows the interpretation of the TRANSACT SMB parameters for a mailslot 508 * transaction: 509 * 510 * Name Value Description 511 * Command SMB_COM_TRANSACTION 512 * Name <name> STRING name of mail slot to write; 513 * must start with "\\MAILSLOT\\" 514 * SetupCount 3 Always 3 for mailslot writes 515 * Setup[0] 1 Command code == write mailslot 516 * Setup[1] Ignored 517 * Setup[2] Ignored 518 * TotalDataCount n Size of data in bytes to write to 519 * the mailslot 520 * Data[ n ] The data to write to the mailslot 521 * 522 */ 523 524 /* 525 * SMB: C transact, File = \MAILSLOT\BROWSE 526 * SMB: SMB Status = Error Success 527 * SMB: Error class = No Error 528 * SMB: Error code = No Error 529 * SMB: Header: PID = 0x0000 TID = 0x0000 MID = 0x0000 UID = 0x0000 530 * SMB: Tree ID (TID) = 0 (0x0) 531 * SMB: Process ID (PID) = 0 (0x0) 532 * SMB: User ID (UID) = 0 (0x0) 533 * SMB: Multiplex ID (MID) = 0 (0x0) 534 * SMB: Flags Summary = 0 (0x0) 535 * SMB: Command = C transact 536 * SMB: Word count = 17 537 * SMB: Word parameters 538 * SMB: Total parm bytes = 0 539 * SMB: Total data bytes = 33 540 * SMB: Max parm bytes = 0 541 * SMB: Max data bytes = 0 542 * SMB: Max setup words = 0 543 * SMB: Transact Flags Summary = 0 (0x0) 544 * SMB: ...............0 = Leave session intact 545 * SMB: ..............0. = Response required 546 * SMB: Transact timeout = 0 (0x0) 547 * SMB: Parameter bytes = 0 (0x0) 548 * SMB: Parameter offset = 0 (0x0) 549 * SMB: Data bytes = 33 (0x21) 550 * SMB: Data offset = 86 (0x56) 551 * SMB: Setup word count = 3 552 * SMB: Setup words 553 * SMB: Mailslot opcode = Write mailslot 554 * SMB: Transaction priority = 1 555 * SMB: Mailslot class = Unreliable (broadcast) 556 * SMB: Byte count = 50 557 * SMB: Byte parameters 558 * SMB: Path name = \MAILSLOT\BROWSE 559 * SMB: Transaction data 560 * SMB: Data: Number of data bytes remaining = 33 (0x0021) 561 * 562 * 5. Mailslot Protocol Specification 563 * 564 * The only transaction allowed to a mailslot is a mailslot write. Mailslot 565 * writes requests are encapsulated in TRANSACT SMBs. The following table 566 * shows the interpretation of the TRANSACT SMB parameters for a mailslot 567 * transaction: 568 * 569 * Name Value Description 570 * Command SMB_COM_TRANSACTION 571 * Name <name> STRING name of mail slot to write; 572 * must start with "\MAILSLOT\" 573 * SetupCount 3 Always 3 for mailslot writes 574 * Setup[0] 1 Command code == write mailslot 575 * Setup[1] Ignored 576 * Setup[2] Ignored 577 * TotalDataCount n Size of data in bytes to write to 578 * the mailslot 579 * Data[ n ] The data to write to the mailslot 580 * 581 * Magic 0xFF 'S' 'M' 'B' 582 * smb_com a byte, the "first" command 583 * Error a 4-byte union, ignored in a request 584 * smb_flg a one byte set of eight flags 585 * smb_flg2 a two byte set of 16 flags 586 * . twelve reserved bytes, have a role 587 * in connectionless transports (IPX, UDP?) 588 * smb_tid a 16-bit tree ID, a mount point sorta, 589 * 0xFFFF is this command does not have 590 * or require a tree context 591 * smb_pid a 16-bit process ID 592 * smb_uid a 16-bit user ID, specific to this "session" 593 * and mapped to a system (bona-fide) UID 594 * smb_mid a 16-bit multiplex ID, used to differentiate 595 * multiple simultaneous requests from the same 596 * process (pid) (ref RPC "xid") 597 */ 598 599 int 600 smb_browser_load_transact_header(unsigned char *buffer, int maxcnt, 601 int data_count, int reply, char *mailbox) 602 { 603 smb_msgbuf_t mb; 604 int mailboxlen; 605 char *fmt; 606 int result; 607 short class = (reply == ONE_WAY_TRANSACTION) ? 2 : 0; 608 609 /* 610 * If the mailboxlen is an even number we need to pad the 611 * header so that the data starts on a word boundary. 612 */ 613 fmt = "Mb4.bw20.bwwwwb.wl2.wwwwb.wwwws"; 614 mailboxlen = strlen(mailbox) + 1; 615 616 if ((mailboxlen & 0x01) == 0) { 617 ++mailboxlen; 618 fmt = "Mb4.bw20.bwwwwb.wl2.wwwwb.wwwws."; 619 } 620 621 bzero(buffer, maxcnt); 622 smb_msgbuf_init(&mb, buffer, maxcnt, 0); 623 624 result = smb_msgbuf_encode(&mb, fmt, 625 SMB_COM_TRANSACTION, /* Command */ 626 0x18, 627 0x3, 628 17, /* Count of parameter words */ 629 0, /* Total Parameter words sent */ 630 data_count, /* Total Data bytes sent */ 631 2, /* Max Parameters to return */ 632 0, /* Max data bytes to return */ 633 0, /* Max setup bytes to return */ 634 reply, /* No reply */ 635 0xffffffff, /* Timeout */ 636 0, /* Parameter bytes sent */ 637 0, /* Parameter offset */ 638 data_count, /* Data bytes sent */ 639 69 + mailboxlen, /* Data offset */ 640 3, /* Setup word count */ 641 1, /* Setup word[0] */ 642 0, /* Setup word[1] */ 643 class, /* Setup word[2] */ 644 mailboxlen + data_count, /* Total request bytes */ 645 mailbox); /* Mailbox address */ 646 647 smb_msgbuf_term(&mb); 648 return (result); 649 } 650 651 static int 652 smb_browser_addr_of_subnet(struct name_entry *name, smb_hostinfo_t *hinfo, 653 struct name_entry *result) 654 { 655 uint32_t ipaddr, mask, saddr; 656 struct addr_entry *addr; 657 658 if (name == NULL) 659 return (-1); 660 661 if (hinfo->hi_nic.nic_smbflags & SMB_NICF_ALIAS) 662 return (-1); 663 664 ipaddr = hinfo->hi_nic.nic_ip; 665 mask = hinfo->hi_nic.nic_mask; 666 667 *result = *name; 668 addr = &name->addr_list; 669 do { 670 saddr = addr->sin.sin_addr.s_addr; 671 if ((saddr & mask) == (ipaddr & mask)) { 672 *result = *name; 673 result->addr_list = *addr; 674 result->addr_list.forw = result->addr_list.back = 675 &result->addr_list; 676 return (0); 677 } 678 addr = addr->forw; 679 } while (addr != &name->addr_list); 680 681 return (-1); 682 } 683 684 685 static int 686 smb_browser_bcast_addr_of_subnet(struct name_entry *name, uint32_t bcast, 687 struct name_entry *result) 688 { 689 if (name != NULL && name != result) 690 *result = *name; 691 692 result->addr_list.sin.sin_family = AF_INET; 693 result->addr_list.sinlen = sizeof (result->addr_list.sin); 694 result->addr_list.sin.sin_addr.s_addr = bcast; 695 result->addr_list.sin.sin_port = htons(DGM_SRVC_UDP_PORT); 696 result->addr_list.forw = result->addr_list.back = &result->addr_list; 697 return (0); 698 } 699 700 /* 701 * 6.5 HostAnnouncement Browser Frame 702 * 703 * To advertise its presence, i.e. to publish itself as being available, a 704 * non-browser server sends a HostAnnouncement browser frame. If the server 705 * is a member of domain "D", this frame is sent to the NETBIOS unique name 706 * D(1d) and mailslot "\\MAILSLOT\\BROWSE". The definition of the 707 * HostAnnouncement frame is: 708 * 709 * struct { 710 * unsigned short Opcode; 711 * unsigned char UpdateCount; 712 * uint32_t Periodicity; 713 * unsigned char ServerName[]; 714 * unsigned char VersionMajor; 715 * unsigned char VersionMinor; 716 * uint32_t Type; 717 * uint32_t Signature; 718 * unsigned char Comment[]; 719 * } 720 * 721 * where: 722 * Opcode - Identifies this structure as a browser server 723 * announcement and is defined as HostAnnouncement with a 724 * value of decimal 1. 725 * 726 * UpdateCount - must be sent as zero and ignored on receipt. 727 * 728 * Periodicity - The announcement frequency of the server (in 729 * seconds). The server will be removed from the browse list 730 * if it has not been heard from in 3X its announcement 731 * frequency. In no case will the server be removed from the 732 * browse list before the period 3X has elapsed. Actual 733 * implementations may take more than 3X to actually remove 734 * the server from the browse list. 735 * 736 * ServerName - Null terminated ASCII server name (up to 16 bytes 737 * in length). 738 * 739 * VersionMajor - The major version number of the OS the server 740 * is running. it will be returned by NetServerEnum2. 741 * 742 * VersionMinor - The minor version number of the OS the server 743 * is running. This is entirely informational and does not 744 * have any significance for the browsing protocol. 745 * 746 * Type - Specifies the type of the server. The server type bits 747 * are specified in the NetServerEnum2 section. 748 * 749 * Signature - The browser protocol minor version number in the 750 * low 8 bits, the browser protocol major version number in 751 * the next higher 8 bits and the signature 0xaa55 in the 752 * high 16 bits of this field. Thus, for this version of the 753 * browser protocol (1.15) this field has the value 754 * 0xaa55010f. This may used to isolate browser servers that 755 * are running out of revision browser software; otherwise, 756 * it is ignored. 757 * 758 * Comment - Null terminated ASCII comment for the server. 759 * Limited to 43 bytes. 760 * 761 * When a non-browser server starts up, it announces itself in the manner 762 * described once every minute. The frequency of these statements is 763 * gradually stretched to once every 12 minutes. 764 * 765 * Note: older non-browser servers in a domain "D" sent HostAnnouncement 766 * frames to the NETBIOS group name D(00). Non-Browser servers supporting 767 * version 1.15 of the browsing protocol SHOULD NOT use this NETBIOS name, 768 * but for backwards compatibility Master Browsers MAY receive and process 769 * HostAnnouncement frames on this name as described above for D(1d). 770 */ 771 772 static void 773 smb_browser_send_HostAnnouncement(smb_hostinfo_t *hinfo, 774 uint32_t next_announcement, boolean_t remove, 775 struct addr_entry *addr, char suffix) 776 { 777 smb_msgbuf_t mb; 778 int offset, announce_len, data_length; 779 struct name_entry dest_name; 780 unsigned char *buffer; 781 uint32_t type; 782 char resource_domain[SMB_PI_MAX_DOMAIN]; 783 784 if (smb_getdomainname(resource_domain, SMB_PI_MAX_DOMAIN) != 0) 785 return; 786 (void) utf8_strupr(resource_domain); 787 788 if (addr == NULL) { 789 /* Local master Browser */ 790 smb_init_name_struct((unsigned char *)resource_domain, suffix, 791 0, 0, 0, 0, 0, &dest_name); 792 if (smb_browser_bcast_addr_of_subnet(0, hinfo->hi_nic.nic_bcast, 793 &dest_name) < 0) 794 return; 795 } else { 796 smb_init_name_struct((unsigned char *)resource_domain, suffix, 797 0, 0, 0, 0, 0, &dest_name); 798 dest_name.addr_list = *addr; 799 dest_name.addr_list.forw = dest_name.addr_list.back = 800 &dest_name.addr_list; 801 } 802 803 /* give some extra room */ 804 buffer = (unsigned char *)malloc(MAX_DATAGRAM_LENGTH * 2); 805 if (buffer == 0) { 806 syslog(LOG_ERR, "HostAnnouncement: resource shortage"); 807 return; 808 } 809 810 data_length = 1 + 1 + 4 + 16 + 1 + 1 + 4 + 4 + 811 strlen(hinfo->hi_nic.nic_cmnt) + 1; 812 813 offset = smb_browser_load_transact_header(buffer, 814 MAX_DATAGRAM_LENGTH, data_length, ONE_WAY_TRANSACTION, 815 MAILSLOT_BROWSE); 816 817 if (offset < 0) { 818 free(buffer); 819 return; 820 } 821 822 /* 823 * A non-browser server SHOULD send a HostAnnouncement browser frame 824 * specifying a type of 0 just prior to shutting down, to allow it to 825 * quickly be removed from the list of available servers. 826 */ 827 if (remove || (nb_status.state & NETBIOS_SHUTTING_DOWN)) 828 type = 0; 829 else 830 type = hinfo->hi_type; 831 832 smb_msgbuf_init(&mb, buffer + offset, MAX_DATAGRAM_LENGTH - offset, 0); 833 834 announce_len = smb_msgbuf_encode(&mb, "bbl16cbblls", 835 HOST_ANNOUNCEMENT, 836 ++hinfo->hi_updatecnt, 837 next_announcement * 60000, /* Periodicity in MilliSeconds */ 838 hinfo->hi_nbname, 839 SMB_VERSION_MAJOR, 840 SMB_VERSION_MINOR, 841 type, 842 SMB_SERVER_SIGNATURE, 843 hinfo->hi_nic.nic_cmnt); 844 845 if (announce_len > 0) 846 (void) smb_netbios_datagram_send(&hinfo->hi_netname, &dest_name, 847 buffer, offset + announce_len); 848 849 free(buffer); 850 smb_msgbuf_term(&mb); 851 } 852 853 static void 854 smb_browser_process_AnnouncementRequest(struct datagram *datagram, 855 char *mailbox) 856 { 857 smb_hostinfo_t *hinfo; 858 uint32_t next_announcement; 859 uint32_t delay = random() % 29; /* in seconds */ 860 boolean_t h_found = B_FALSE; 861 862 if (strcmp(mailbox, MAILSLOT_LANMAN) != 0) { 863 syslog(LOG_DEBUG, "smb_browse: Wrong Mailbox (%s)", mailbox); 864 return; 865 } 866 867 (void) sleep(delay); 868 869 (void) rw_rdlock(&smb_binfo.bi_hlist_rwl); 870 hinfo = list_head(&smb_binfo.bi_hlist); 871 while (hinfo) { 872 if ((hinfo->hi_nic.nic_ip & hinfo->hi_nic.nic_mask) == 873 (datagram->src.addr_list.sin.sin_addr.s_addr & 874 hinfo->hi_nic.nic_mask)) { 875 h_found = B_TRUE; 876 break; 877 } 878 hinfo = list_next(&smb_binfo.bi_hlist, hinfo); 879 } 880 881 if (h_found) { 882 next_announcement = hinfo->hi_nextannouce * 60 * 1000; 883 smb_browser_send_HostAnnouncement(hinfo, next_announcement, 884 B_FALSE, &datagram->src.addr_list, 0x1D); 885 } 886 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 887 } 888 889 void * 890 smb_browser_dispatch(void *arg) 891 { 892 struct datagram *datagram = (struct datagram *)arg; 893 smb_msgbuf_t mb; 894 int rc; 895 unsigned char command; 896 unsigned char parameter_words; 897 unsigned short total_parameter_words; 898 unsigned short total_data_count; 899 unsigned short max_parameters_to_return; 900 unsigned short max_data_to_return; 901 unsigned char max_setup_bytes_to_return; 902 unsigned short reply; 903 unsigned short parameter_bytes_sent; 904 unsigned short parameter_offset; 905 unsigned short data_bytes_sent; 906 unsigned short data_offset; 907 unsigned char setup_word_count; 908 unsigned short setup_word_0; 909 unsigned short setup_word_1; 910 unsigned short setup_word_2; 911 unsigned short total_request_bytes; 912 char *mailbox; 913 unsigned char message_type; 914 unsigned char *data; 915 int datalen; 916 917 syslog(LOG_DEBUG, "smb_browse: packet_received"); 918 919 smb_msgbuf_init(&mb, datagram->data, datagram->data_length, 0); 920 rc = smb_msgbuf_decode(&mb, "Mb27.bwwwwb.w6.wwwwb.wwwws", 921 &command, /* Command */ 922 ¶meter_words, /* Count of parameter words */ 923 &total_parameter_words, /* Total Parameter words sent */ 924 &total_data_count, /* Total Data bytes sent */ 925 &max_parameters_to_return, /* Max Parameters to return */ 926 &max_data_to_return, /* Max data bytes to return */ 927 &max_setup_bytes_to_return, /* Max setup bytes to return */ 928 &reply, /* No reply */ 929 ¶meter_bytes_sent, /* Parameter bytes sent */ 930 ¶meter_offset, /* Parameter offset */ 931 &data_bytes_sent, /* Data bytes sent */ 932 &data_offset, /* Data offset */ 933 &setup_word_count, /* Setup word count */ 934 &setup_word_0, /* Setup word[0] */ 935 &setup_word_1, /* Setup word[1] */ 936 &setup_word_2, /* Setup word[2] */ 937 &total_request_bytes, /* Total request bytes */ 938 &mailbox); /* Mailbox address */ 939 940 if (rc < 0) { 941 syslog(LOG_ERR, "smb_browser_dispatch: decode error"); 942 smb_msgbuf_term(&mb); 943 free(datagram); 944 return (0); 945 } 946 947 data = &datagram->data[data_offset]; 948 datalen = datagram->data_length - data_offset; 949 950 /* 951 * The PDC location protocol, i.e. anything on the \\NET 952 * mailslot, is handled by the smb_netlogon module. 953 */ 954 if (strncasecmp("\\MAILSLOT\\NET\\", mailbox, 14) == 0) { 955 smb_netlogon_receive(datagram, mailbox, data, datalen); 956 smb_msgbuf_term(&mb); 957 free(datagram); 958 return (0); 959 } 960 961 /* 962 * If it's not a netlogon message, assume it's a browser request. 963 * This is not the most elegant way to extract the command byte 964 * but at least we no longer use it to get the netlogon opcode. 965 */ 966 message_type = datagram->data[data_offset]; 967 968 switch (message_type) { 969 case ANNOUNCEMENT_REQUEST : 970 smb_browser_process_AnnouncementRequest(datagram, mailbox); 971 break; 972 973 default: 974 syslog(LOG_DEBUG, "smb_browse: invalid message_type(%d, %x)", 975 message_type, message_type); 976 break; 977 } 978 979 smb_msgbuf_term(&mb); 980 free(datagram); 981 return (0); 982 } 983 984 985 /* 986 * 11.1 Registered unique names 987 * 988 * <COMPUTER>(00) 989 * This name is used by all servers and clients to receive second 990 * class mailslot messages. A system must add this name in order to 991 * receive mailslot messages. The only browser requests that should 992 * appear on this name are BecomeBackup, GetBackupListResp, 993 * MasterAnnouncement, and LocalMasterAnnouncement frames. All other 994 * datagrams (other than the expected non-browser datagrams) may be 995 * ignored and an error logged. 996 * 997 * <DOMAIN>(1d) 998 * This name is used to identify a master browser server for domain 999 * "DOMAIN" on a subnet. A master browser server adds this name as a 1000 * unique NETBIOS name when it becomes master browser. If the attempt 1001 * to add the name fails, the master browser server assumes that there 1002 * is another master in the domain and will fail to come up. It may 1003 * log an error if the failure occurs more than 3 times in a row (this 1004 * either indicates some form of network misconfiguration or a 1005 * software error). The only requests that should appear on this name 1006 * are GetBackupListRequest and HostAnnouncement requests. All other 1007 * datagrams on this name may be ignored (and an error logged). If 1008 * running a NETBIOS name service (NBNS, such as WINS), this name 1009 * should not be registered with the NBNS. 1010 * 1011 * <DOMAIN>(1b) 1012 * This name is used to identify the Domain Master Browser for domain 1013 * "DOMAIN" (which is also the primary domain controller). It is a 1014 * unique name added only by the primary domain controller. The 1015 * primary domain controller will respond to GetBackupListRequest on 1016 * this name just as it responds to these requests on the <DOMAIN>(1d) 1017 * name. 1018 * 1019 * 11.2 Registered group names 1020 * 1021 * (01)(02)__MSBROWSE__(02)(01) 1022 * This name is used by Master Browsers to announce themselves to the 1023 * other Master Browsers on a subnet. It is added as a group name by 1024 * all Master Browser servers. The only broadcasts that should appear 1025 * on this name is DomainAnnouncement requests. All other datagrams 1026 * can be ignored. 1027 * 1028 * <DOMAIN>(00) 1029 * This name is used by clients and servers in domain "DOMAIN" to 1030 * process server announcements. The only requests that should appear 1031 * on this name that the browser is interested in are 1032 * AnnouncementRequest and NETLOGON_QUERY (to locate the PDC) packets. 1033 * All other unidentifiable requests may be ignored (and an error 1034 * logged). 1035 * 1036 * <DOMAIN>(1E) 1037 * This name is used for announcements to browsers for domain "DOMAIN" 1038 * on a subnet. This name is registered by all the browser servers in 1039 * the domain. The only requests that should appear on this name are 1040 * RequestElection and AnnouncementRequest packets. All other 1041 * datagrams may be ignored (and an error logged). 1042 * 1043 * <DOMAIN>(1C) 1044 * This name is registered by Primary Domain Controllers. 1045 */ 1046 1047 static void 1048 smb_browser_config(void) 1049 { 1050 smb_hostinfo_t *hinfo; 1051 struct name_entry name; 1052 struct name_entry master; 1053 struct name_entry dest; 1054 struct name_entry *entry; 1055 char resource_domain[SMB_PI_MAX_DOMAIN]; 1056 int rc; 1057 1058 if (smb_browser_init() != 0) 1059 return; 1060 1061 if (smb_getdomainname(resource_domain, SMB_PI_MAX_DOMAIN) != 0) 1062 return; 1063 (void) utf8_strupr(resource_domain); 1064 1065 /* domain<00> */ 1066 smb_init_name_struct((unsigned char *)resource_domain, 0x00, 1067 0, 0, 0, 0, 0, &name); 1068 entry = smb_name_find_name(&name); 1069 smb_name_unlock_name(entry); 1070 1071 (void) rw_rdlock(&smb_binfo.bi_hlist_rwl); 1072 hinfo = list_head(&smb_binfo.bi_hlist); 1073 while (hinfo) { 1074 smb_init_name_struct((unsigned char *)resource_domain, 0x00, 0, 1075 hinfo->hi_nic.nic_ip, htons(DGM_SRVC_UDP_PORT), 1076 NAME_ATTR_GROUP, NAME_ATTR_LOCAL, &name); 1077 (void) smb_name_add_name(&name); 1078 1079 hinfo = list_next(&smb_binfo.bi_hlist, hinfo); 1080 } 1081 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1082 1083 /* All our local master browsers */ 1084 smb_init_name_struct((unsigned char *)resource_domain, 0x1D, 1085 0, 0, 0, 0, 0, &dest); 1086 entry = smb_name_find_name(&dest); 1087 1088 if (entry) { 1089 (void) rw_rdlock(&smb_binfo.bi_hlist_rwl); 1090 hinfo = list_head(&smb_binfo.bi_hlist); 1091 while (hinfo) { 1092 rc = smb_browser_addr_of_subnet(entry, hinfo, &master); 1093 if (rc == 0) { 1094 syslog(LOG_DEBUG, 1095 "smbd: Master browser found at %s", 1096 inet_ntoa(master.addr_list.sin.sin_addr)); 1097 } 1098 hinfo = list_next(&smb_binfo.bi_hlist, hinfo); 1099 } 1100 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1101 1102 smb_name_unlock_name(entry); 1103 } 1104 1105 /* Domain master browser */ 1106 smb_init_name_struct((unsigned char *)resource_domain, 1107 0x1B, 0, 0, 0, 0, 0, &dest); 1108 1109 if ((entry = smb_name_find_name(&dest)) != 0) { 1110 syslog(LOG_DEBUG, "smbd: Domain Master browser for %s is %s", 1111 resource_domain, 1112 inet_ntoa(entry->addr_list.sin.sin_addr)); 1113 smb_name_unlock_name(entry); 1114 } 1115 } 1116 1117 static int 1118 smb_browser_init(void) 1119 { 1120 smb_hostinfo_t *hinfo; 1121 smb_niciter_t ni; 1122 uint32_t type; 1123 1124 (void) rw_wrlock(&smb_binfo.bi_hlist_rwl); 1125 smb_browser_infofree(); 1126 1127 if (smb_nic_getfirst(&ni) != 0) { 1128 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1129 return (-1); 1130 } 1131 1132 type = MY_SERVER_TYPE; 1133 if (smb_config_get_secmode() == SMB_SECMODE_DOMAIN) 1134 type |= SV_DOMAIN_MEMBER; 1135 1136 do { 1137 if ((ni.ni_nic.nic_smbflags & SMB_NICF_NBEXCL) || 1138 (ni.ni_nic.nic_smbflags & SMB_NICF_ALIAS)) 1139 continue; 1140 1141 hinfo = malloc(sizeof (smb_hostinfo_t)); 1142 if (hinfo == NULL) { 1143 smb_browser_infofree(); 1144 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1145 return (-1); 1146 } 1147 1148 hinfo->hi_nic = ni.ni_nic; 1149 /* One Minute announcements for first five */ 1150 hinfo->hi_nextannouce = 1; 1151 hinfo->hi_interval = 1; 1152 hinfo->hi_reps = 5; 1153 hinfo->hi_updatecnt = 0; 1154 hinfo->hi_type = type; 1155 1156 /* This is the name used for HostAnnouncement */ 1157 (void) strlcpy(hinfo->hi_nbname, hinfo->hi_nic.nic_host, 1158 NETBIOS_NAME_SZ); 1159 (void) utf8_strupr(hinfo->hi_nbname); 1160 1161 /* 0x20: file server service */ 1162 smb_init_name_struct((unsigned char *)hinfo->hi_nbname, 1163 0x20, 0, hinfo->hi_nic.nic_ip, htons(DGM_SRVC_UDP_PORT), 1164 NAME_ATTR_UNIQUE, NAME_ATTR_LOCAL, &hinfo->hi_netname); 1165 1166 list_insert_tail(&smb_binfo.bi_hlist, hinfo); 1167 smb_binfo.bi_hcnt++; 1168 } while (smb_nic_getnext(&ni) == 0); 1169 1170 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1171 return (0); 1172 } 1173 1174 /* 1175 * smb_browser_non_master_duties 1176 * 1177 * To advertise its presence, i.e. to publish itself as being available, a 1178 * non-browser server sends a HostAnnouncement browser frame. If the server 1179 * is a member of domain "D", this frame is sent to the NETBIOS unique name 1180 * D(1d) and mailslot "\\MAILSLOT\\BROWSE". 1181 */ 1182 static void 1183 smb_browser_non_master_duties(smb_hostinfo_t *hinfo, boolean_t remove) 1184 { 1185 struct name_entry name; 1186 struct name_entry *dest; 1187 struct addr_entry addr; 1188 char resource_domain[SMB_PI_MAX_DOMAIN]; 1189 1190 smb_browser_send_HostAnnouncement(hinfo, hinfo->hi_interval, 1191 remove, 0, 0x1D); 1192 if (smb_getdomainname(resource_domain, SMB_PI_MAX_DOMAIN) != 0) 1193 return; 1194 1195 (void) utf8_strupr(resource_domain); 1196 1197 smb_init_name_struct((unsigned char *)resource_domain, 0x1D, 1198 0, 0, 0, 0, 0, &name); 1199 1200 if ((dest = smb_name_find_name(&name))) { 1201 addr = dest->addr_list; 1202 addr.forw = addr.back = &addr; 1203 smb_name_unlock_name(dest); 1204 smb_browser_send_HostAnnouncement(hinfo, hinfo->hi_interval, 1205 remove, &addr, 0x1D); 1206 } else { 1207 smb_init_name_struct((unsigned char *)resource_domain, 0x1B, 1208 0, 0, 0, 0, 0, &name); 1209 if ((dest = smb_name_find_name(&name))) { 1210 addr = dest->addr_list; 1211 addr.forw = addr.back = &addr; 1212 smb_name_unlock_name(dest); 1213 smb_browser_send_HostAnnouncement(hinfo, 1214 remove, hinfo->hi_interval, &addr, 0x1B); 1215 } 1216 } 1217 1218 /* 1219 * One Minute announcements for first five 1220 * minutes, one minute longer each round 1221 * until 12 minutes and every 12 minutes 1222 * thereafter. 1223 */ 1224 if (--hinfo->hi_reps == 0) { 1225 if (hinfo->hi_interval < 12) 1226 hinfo->hi_interval++; 1227 1228 hinfo->hi_reps = 1; 1229 } 1230 1231 hinfo->hi_nextannouce = hinfo->hi_interval; 1232 } 1233 1234 1235 /* 1236 * smb_browser_sleep 1237 * 1238 * Put browser in 1 minute sleep if netbios services are not 1239 * shutting down and both name and datagram services are still 1240 * running. It'll wake up after 1 minute or if one of the above 1241 * conditions go false. It checks the conditions again and return 1242 * 1 if everything is ok or 0 if browser shouldn't continue 1243 * running. 1244 */ 1245 static boolean_t 1246 smb_browser_sleep(void) 1247 { 1248 boolean_t slept = B_FALSE; 1249 timestruc_t to; 1250 1251 (void) mutex_lock(&nb_status.mtx); 1252 while (((nb_status.state & NETBIOS_SHUTTING_DOWN) == 0) && 1253 (nb_status.state & NETBIOS_NAME_SVC_RUNNING) && 1254 (nb_status.state & NETBIOS_DATAGRAM_SVC_RUNNING)) { 1255 1256 if (slept) { 1257 (void) mutex_unlock(&nb_status.mtx); 1258 return (B_TRUE); 1259 } 1260 1261 to.tv_sec = 60; /* 1 minute */ 1262 to.tv_nsec = 0; 1263 (void) cond_reltimedwait(&nb_status.cv, &nb_status.mtx, &to); 1264 slept = B_TRUE; 1265 } 1266 (void) mutex_unlock(&nb_status.mtx); 1267 1268 return (B_FALSE); 1269 } 1270 1271 /* 1272 * smb_browser_daemon 1273 * 1274 * Smb Netbios browser daemon. 1275 */ 1276 /*ARGSUSED*/ 1277 void * 1278 smb_browser_daemon(void *arg) 1279 { 1280 smb_hostinfo_t *hinfo; 1281 1282 smb_browser_infoinit(); 1283 smb_browser_config(); 1284 1285 smb_netbios_chg_status(NETBIOS_BROWSER_RUNNING, 1); 1286 1287 restart: 1288 do { 1289 (void) rw_rdlock(&smb_binfo.bi_hlist_rwl); 1290 hinfo = list_head(&smb_binfo.bi_hlist); 1291 while (hinfo) { 1292 if (--hinfo->hi_nextannouce > 0 || 1293 hinfo->hi_nic.nic_bcast == 0) { 1294 hinfo = list_next(&smb_binfo.bi_hlist, hinfo); 1295 continue; 1296 } 1297 1298 smb_browser_non_master_duties(hinfo, B_FALSE); 1299 1300 /* Check to see whether reconfig is needed */ 1301 (void) mutex_lock(&smb_binfo.bi_mtx); 1302 if (smb_binfo.bi_changed) { 1303 smb_binfo.bi_changed = B_FALSE; 1304 (void) mutex_unlock(&smb_binfo.bi_mtx); 1305 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1306 smb_browser_config(); 1307 goto restart; 1308 } 1309 (void) mutex_unlock(&smb_binfo.bi_mtx); 1310 1311 hinfo = list_next(&smb_binfo.bi_hlist, hinfo); 1312 } 1313 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1314 } while (smb_browser_sleep()); 1315 1316 smb_browser_infoterm(); 1317 smb_netbios_chg_status(NETBIOS_BROWSER_RUNNING, 0); 1318 return (0); 1319 } 1320 1321 /* 1322 * smb_browser_netlogon 1323 * 1324 * Sends SAMLOGON/NETLOGON request for all host/ips, except 1325 * aliases, to find a domain controller. 1326 * 1327 * The dc argument will be set if a DC is found. 1328 */ 1329 boolean_t 1330 smb_browser_netlogon(char *domain, char *dc, uint32_t dc_len) 1331 { 1332 smb_hostinfo_t *hinfo; 1333 int protocol; 1334 boolean_t found = B_FALSE; 1335 timestruc_t to; 1336 int err; 1337 1338 if (smb_config_getbool(SMB_CI_DOMAIN_MEMB)) 1339 protocol = NETLOGON_PROTO_SAMLOGON; 1340 else 1341 protocol = NETLOGON_PROTO_NETLOGON; 1342 1343 (void) rw_rdlock(&smb_binfo.bi_hlist_rwl); 1344 hinfo = list_head(&smb_binfo.bi_hlist); 1345 while (hinfo) { 1346 if ((hinfo->hi_nic.nic_smbflags & SMB_NICF_ALIAS) == 0) 1347 smb_netlogon_request(&hinfo->hi_netname, protocol, 1348 domain); 1349 hinfo = list_next(&smb_binfo.bi_hlist, hinfo); 1350 } 1351 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1352 1353 bzero(dc, dc_len); 1354 to.tv_sec = 30; 1355 to.tv_nsec = 0; 1356 (void) mutex_lock(&ntdomain_mtx); 1357 while (ntdomain_info.n_ipaddr == 0) { 1358 err = cond_reltimedwait(&ntdomain_cv, &ntdomain_mtx, &to); 1359 if (err == ETIME) 1360 break; 1361 } 1362 1363 if (ntdomain_info.n_ipaddr != 0) { 1364 (void) strlcpy(dc, ntdomain_info.n_name, dc_len); 1365 found = B_TRUE; 1366 } 1367 (void) mutex_unlock(&ntdomain_mtx); 1368 1369 return (found); 1370 } 1371 1372 /* 1373 * smb_browser_infoinit 1374 * 1375 * This function is called only once when browser daemon starts 1376 * to initialize global smb_binfo structure 1377 */ 1378 static void 1379 smb_browser_infoinit(void) 1380 { 1381 (void) mutex_lock(&ntdomain_mtx); 1382 bzero(&ntdomain_info, sizeof (ntdomain_info)); 1383 (void) mutex_unlock(&ntdomain_mtx); 1384 1385 (void) rw_wrlock(&smb_binfo.bi_hlist_rwl); 1386 list_create(&smb_binfo.bi_hlist, sizeof (smb_hostinfo_t), 1387 offsetof(smb_hostinfo_t, hi_lnd)); 1388 smb_binfo.bi_hcnt = 0; 1389 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1390 1391 (void) mutex_lock(&smb_binfo.bi_mtx); 1392 smb_binfo.bi_changed = B_FALSE; 1393 (void) mutex_unlock(&smb_binfo.bi_mtx); 1394 } 1395 1396 /* 1397 * smb_browser_infoterm 1398 * 1399 * This function is called only once when browser daemon stops 1400 * to destruct smb_binfo structure 1401 */ 1402 static void 1403 smb_browser_infoterm(void) 1404 { 1405 (void) rw_wrlock(&smb_binfo.bi_hlist_rwl); 1406 smb_browser_infofree(); 1407 list_destroy(&smb_binfo.bi_hlist); 1408 (void) rw_unlock(&smb_binfo.bi_hlist_rwl); 1409 } 1410 1411 /* 1412 * smb_browser_infofree 1413 * 1414 * Removes all the hostinfo structures from the browser list 1415 * and frees the allocated memory 1416 */ 1417 static void 1418 smb_browser_infofree(void) 1419 { 1420 smb_hostinfo_t *hinfo; 1421 1422 while ((hinfo = list_head(&smb_binfo.bi_hlist)) != NULL) { 1423 list_remove(&smb_binfo.bi_hlist, hinfo); 1424 free(hinfo); 1425 } 1426 1427 smb_binfo.bi_hcnt = 0; 1428 } 1429