1 /* $NetBSD: dnssrv.c,v 1.1.1.3 2010/12/12 15:21:30 adam Exp $ */ 2 3 /* OpenLDAP: pkg/ldap/libraries/libldap/dnssrv.c,v 1.39.2.6 2010/04/13 20:22:56 kurt Exp */ 4 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 5 * 6 * Copyright 1998-2010 The OpenLDAP Foundation. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted only as authorized by the OpenLDAP 11 * Public License. 12 * 13 * A copy of this license is available in the file LICENSE in the 14 * top-level directory of the distribution or, alternatively, at 15 * <http://www.OpenLDAP.org/license.html>. 16 */ 17 18 /* 19 * locate LDAP servers using DNS SRV records. 20 * Location code based on MIT Kerberos KDC location code. 21 */ 22 #include "portable.h" 23 24 #include <stdio.h> 25 26 #include <ac/stdlib.h> 27 28 #include <ac/param.h> 29 #include <ac/socket.h> 30 #include <ac/string.h> 31 #include <ac/time.h> 32 33 #include "ldap-int.h" 34 35 #ifdef HAVE_ARPA_NAMESER_H 36 #include <arpa/nameser.h> 37 #endif 38 #ifdef HAVE_RESOLV_H 39 #include <resolv.h> 40 #endif 41 42 int ldap_dn2domain( 43 LDAP_CONST char *dn_in, 44 char **domainp) 45 { 46 int i, j; 47 char *ndomain; 48 LDAPDN dn = NULL; 49 LDAPRDN rdn = NULL; 50 LDAPAVA *ava = NULL; 51 struct berval domain = BER_BVNULL; 52 static const struct berval DC = BER_BVC("DC"); 53 static const struct berval DCOID = BER_BVC("0.9.2342.19200300.100.1.25"); 54 55 assert( dn_in != NULL ); 56 assert( domainp != NULL ); 57 58 *domainp = NULL; 59 60 if ( ldap_str2dn( dn_in, &dn, LDAP_DN_FORMAT_LDAP ) != LDAP_SUCCESS ) { 61 return -2; 62 } 63 64 if( dn ) for( i=0; dn[i] != NULL; i++ ) { 65 rdn = dn[i]; 66 67 for( j=0; rdn[j] != NULL; j++ ) { 68 ava = rdn[j]; 69 70 if( rdn[j+1] == NULL && 71 (ava->la_flags & LDAP_AVA_STRING) && 72 ava->la_value.bv_len && 73 ( ber_bvstrcasecmp( &ava->la_attr, &DC ) == 0 74 || ber_bvcmp( &ava->la_attr, &DCOID ) == 0 ) ) 75 { 76 if( domain.bv_len == 0 ) { 77 ndomain = LDAP_REALLOC( domain.bv_val, 78 ava->la_value.bv_len + 1); 79 80 if( ndomain == NULL ) { 81 goto return_error; 82 } 83 84 domain.bv_val = ndomain; 85 86 AC_MEMCPY( domain.bv_val, ava->la_value.bv_val, 87 ava->la_value.bv_len ); 88 89 domain.bv_len = ava->la_value.bv_len; 90 domain.bv_val[domain.bv_len] = '\0'; 91 92 } else { 93 ndomain = LDAP_REALLOC( domain.bv_val, 94 ava->la_value.bv_len + sizeof(".") + domain.bv_len ); 95 96 if( ndomain == NULL ) { 97 goto return_error; 98 } 99 100 domain.bv_val = ndomain; 101 domain.bv_val[domain.bv_len++] = '.'; 102 AC_MEMCPY( &domain.bv_val[domain.bv_len], 103 ava->la_value.bv_val, ava->la_value.bv_len ); 104 domain.bv_len += ava->la_value.bv_len; 105 domain.bv_val[domain.bv_len] = '\0'; 106 } 107 } else { 108 domain.bv_len = 0; 109 } 110 } 111 } 112 113 114 if( domain.bv_len == 0 && domain.bv_val != NULL ) { 115 LDAP_FREE( domain.bv_val ); 116 domain.bv_val = NULL; 117 } 118 119 ldap_dnfree( dn ); 120 *domainp = domain.bv_val; 121 return 0; 122 123 return_error: 124 ldap_dnfree( dn ); 125 LDAP_FREE( domain.bv_val ); 126 return -1; 127 } 128 129 int ldap_domain2dn( 130 LDAP_CONST char *domain_in, 131 char **dnp) 132 { 133 char *domain, *s, *tok_r, *dn, *dntmp; 134 size_t loc; 135 136 assert( domain_in != NULL ); 137 assert( dnp != NULL ); 138 139 domain = LDAP_STRDUP(domain_in); 140 if (domain == NULL) { 141 return LDAP_NO_MEMORY; 142 } 143 dn = NULL; 144 loc = 0; 145 146 for (s = ldap_pvt_strtok(domain, ".", &tok_r); 147 s != NULL; 148 s = ldap_pvt_strtok(NULL, ".", &tok_r)) 149 { 150 size_t len = strlen(s); 151 152 dntmp = (char *) LDAP_REALLOC(dn, loc + sizeof(",dc=") + len ); 153 if (dntmp == NULL) { 154 if (dn != NULL) 155 LDAP_FREE(dn); 156 LDAP_FREE(domain); 157 return LDAP_NO_MEMORY; 158 } 159 160 dn = dntmp; 161 162 if (loc > 0) { 163 /* not first time. */ 164 strcpy(dn + loc, ","); 165 loc++; 166 } 167 strcpy(dn + loc, "dc="); 168 loc += sizeof("dc=")-1; 169 170 strcpy(dn + loc, s); 171 loc += len; 172 } 173 174 LDAP_FREE(domain); 175 *dnp = dn; 176 return LDAP_SUCCESS; 177 } 178 179 /* 180 * Lookup and return LDAP servers for domain (using the DNS 181 * SRV record _ldap._tcp.domain). 182 */ 183 int ldap_domain2hostlist( 184 LDAP_CONST char *domain, 185 char **list ) 186 { 187 #ifdef HAVE_RES_QUERY 188 #define DNSBUFSIZ (64*1024) 189 char *request; 190 char *hostlist = NULL; 191 int rc, len, cur = 0; 192 unsigned char reply[DNSBUFSIZ]; 193 194 assert( domain != NULL ); 195 assert( list != NULL ); 196 197 if( *domain == '\0' ) { 198 return LDAP_PARAM_ERROR; 199 } 200 201 request = LDAP_MALLOC(strlen(domain) + sizeof("_ldap._tcp.")); 202 if (request == NULL) { 203 return LDAP_NO_MEMORY; 204 } 205 sprintf(request, "_ldap._tcp.%s", domain); 206 207 #ifdef LDAP_R_COMPILE 208 ldap_pvt_thread_mutex_lock(&ldap_int_resolv_mutex); 209 #endif 210 211 rc = LDAP_UNAVAILABLE; 212 #ifdef NS_HFIXEDSZ 213 /* Bind 8/9 interface */ 214 len = res_query(request, ns_c_in, ns_t_srv, reply, sizeof(reply)); 215 # ifndef T_SRV 216 # define T_SRV ns_t_srv 217 # endif 218 #else 219 /* Bind 4 interface */ 220 # ifndef T_SRV 221 # define T_SRV 33 222 # endif 223 224 len = res_query(request, C_IN, T_SRV, reply, sizeof(reply)); 225 #endif 226 if (len >= 0) { 227 unsigned char *p; 228 char host[DNSBUFSIZ]; 229 int status; 230 u_short port; 231 /* int priority, weight; */ 232 233 /* Parse out query */ 234 p = reply; 235 236 #ifdef NS_HFIXEDSZ 237 /* Bind 8/9 interface */ 238 p += NS_HFIXEDSZ; 239 #elif defined(HFIXEDSZ) 240 /* Bind 4 interface w/ HFIXEDSZ */ 241 p += HFIXEDSZ; 242 #else 243 /* Bind 4 interface w/o HFIXEDSZ */ 244 p += sizeof(HEADER); 245 #endif 246 247 status = dn_expand(reply, reply + len, p, host, sizeof(host)); 248 if (status < 0) { 249 goto out; 250 } 251 p += status; 252 p += 4; 253 254 while (p < reply + len) { 255 int type, class, ttl, size; 256 status = dn_expand(reply, reply + len, p, host, sizeof(host)); 257 if (status < 0) { 258 goto out; 259 } 260 p += status; 261 type = (p[0] << 8) | p[1]; 262 p += 2; 263 class = (p[0] << 8) | p[1]; 264 p += 2; 265 ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; 266 p += 4; 267 size = (p[0] << 8) | p[1]; 268 p += 2; 269 if (type == T_SRV) { 270 int buflen; 271 status = dn_expand(reply, reply + len, p + 6, host, sizeof(host)); 272 if (status < 0) { 273 goto out; 274 } 275 /* ignore priority and weight for now */ 276 /* priority = (p[0] << 8) | p[1]; */ 277 /* weight = (p[2] << 8) | p[3]; */ 278 port = (p[4] << 8) | p[5]; 279 280 if ( port == 0 || host[ 0 ] == '\0' ) { 281 goto add_size; 282 } 283 284 buflen = strlen(host) + STRLENOF(":65355 "); 285 hostlist = (char *) LDAP_REALLOC(hostlist, cur + buflen + 1); 286 if (hostlist == NULL) { 287 rc = LDAP_NO_MEMORY; 288 goto out; 289 } 290 if (cur > 0) { 291 /* not first time around */ 292 hostlist[cur++] = ' '; 293 } 294 cur += sprintf(&hostlist[cur], "%s:%hd", host, port); 295 } 296 add_size:; 297 p += size; 298 } 299 } 300 if (hostlist == NULL) { 301 /* No LDAP servers found in DNS. */ 302 rc = LDAP_UNAVAILABLE; 303 goto out; 304 } 305 306 rc = LDAP_SUCCESS; 307 *list = hostlist; 308 309 out: 310 #ifdef LDAP_R_COMPILE 311 ldap_pvt_thread_mutex_unlock(&ldap_int_resolv_mutex); 312 #endif 313 314 if (request != NULL) { 315 LDAP_FREE(request); 316 } 317 if (rc != LDAP_SUCCESS && hostlist != NULL) { 318 LDAP_FREE(hostlist); 319 } 320 return rc; 321 #else 322 return LDAP_NOT_SUPPORTED; 323 #endif /* HAVE_RES_QUERY */ 324 } 325