2 Unix SMB/CIFS implementation.
4 bind9 dlz driver for Samba
6 Copyright (C) 2010 Andrew Tridgell
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "param/param.h"
25 #include "dsdb/samdb/samdb.h"
26 #include "dsdb/common/util.h"
27 #include "auth/session.h"
28 #include "gen_ndr/ndr_dnsp.h"
29 #include "lib/cmdline/popt_common.h"
30 #include "dlz_bind9.h"
32 struct dlz_bind9_data {
33 struct ldb_context *samdb;
34 struct tevent_context *ev_ctx;
35 struct loadparm_context *lp;
37 /* helper functions from the dlz_dlopen driver */
38 void (*log)(int level, const char *fmt, ...);
39 isc_result_t (*putrr)(dns_sdlzlookup_t *handle, const char *type,
40 dns_ttl_t ttl, const char *data);
41 isc_result_t (*putnamedrr)(dns_sdlzlookup_t *handle, const char *name,
42 const char *type, dns_ttl_t ttl, const char *data);
46 return the version of the API
48 _PUBLIC_ int dlz_version(unsigned int *flags)
50 return DLZ_DLOPEN_VERSION;
54 remember a helper function from the bind9 dlz_dlopen driver
56 static void b9_add_helper(struct dlz_bind9_data *state, const char *helper_name, void *ptr)
58 if (strcmp(helper_name, "log") == 0) {
61 if (strcmp(helper_name, "putrr") == 0) {
64 if (strcmp(helper_name, "putnamedrr") == 0) {
65 state->putnamedrr = ptr;
70 format a record for bind9
72 static bool b9_format(struct dlz_bind9_data *state,
74 struct dnsp_DnssrvRpcRecord *rec,
75 const char **type, const char **data)
80 *data = rec->data.ipv4;
85 *data = rec->data.ipv6;
90 *data = rec->data.cname;
95 *data = rec->data.txt;
100 *data = rec->data.ptr;
105 *data = talloc_asprintf(mem_ctx, "%u %u %u %s",
106 rec->data.srv.wPriority,
107 rec->data.srv.wWeight,
109 rec->data.srv.nameTarget);
114 *data = talloc_asprintf(mem_ctx, "%u %s",
115 rec->data.srv.wPriority,
116 rec->data.srv.nameTarget);
121 *data = talloc_asprintf(mem_ctx, "%s %s",
128 *data = rec->data.ns;
133 *data = talloc_asprintf(mem_ctx, "%s %s %u %u %u %u %u",
136 rec->data.soa.serial,
137 rec->data.soa.refresh,
139 rec->data.soa.expire,
140 rec->data.soa.minimum);
144 state->log(ISC_LOG_ERROR, "samba b9_putrr: unhandled record type %u",
153 send a resource recond to bind9
155 static isc_result_t b9_putrr(struct dlz_bind9_data *state,
156 void *handle, struct dnsp_DnssrvRpcRecord *rec,
160 const char *type, *data;
161 TALLOC_CTX *tmp_ctx = talloc_new(state);
163 if (!b9_format(state, tmp_ctx, rec, &type, &data)) {
164 return ISC_R_FAILURE;
168 talloc_free(tmp_ctx);
169 return ISC_R_NOMEMORY;
174 for (i=0; types[i]; i++) {
175 if (strcmp(types[i], type) == 0) break;
177 if (types[i] == NULL) {
179 return ISC_R_SUCCESS;
183 result = state->putrr(handle, type, rec->dwTtlSeconds, data);
184 if (result != ISC_R_SUCCESS) {
185 state->log(ISC_LOG_ERROR, "Failed to put rr");
187 talloc_free(tmp_ctx);
193 send a named resource recond to bind9
195 static isc_result_t b9_putnamedrr(struct dlz_bind9_data *state,
196 void *handle, const char *name,
197 struct dnsp_DnssrvRpcRecord *rec)
200 const char *type, *data;
201 TALLOC_CTX *tmp_ctx = talloc_new(state);
203 if (!b9_format(state, tmp_ctx, rec, &type, &data)) {
204 return ISC_R_FAILURE;
208 talloc_free(tmp_ctx);
209 return ISC_R_NOMEMORY;
212 result = state->putnamedrr(handle, name, type, rec->dwTtlSeconds, data);
213 if (result != ISC_R_SUCCESS) {
214 state->log(ISC_LOG_ERROR, "Failed to put named rr '%s'", name);
216 talloc_free(tmp_ctx);
224 static isc_result_t parse_options(struct dlz_bind9_data *state,
225 unsigned int argc, char *argv[])
229 struct poptOption long_options[] = {
234 pc = poptGetContext("dlz_bind9", argc, (const char **)argv, long_options,
235 POPT_CONTEXT_KEEP_FIRST);
237 while ((opt = poptGetNextOpt(pc)) != -1) {
240 state->log(ISC_LOG_ERROR, "Invalid option %s: %s",
241 poptBadOption(pc, 0), poptStrerror(opt));
242 return ISC_R_FAILURE;
246 return ISC_R_SUCCESS;
251 called to initialise the driver
253 _PUBLIC_ isc_result_t dlz_create(const char *dlzname,
254 unsigned int argc, char *argv[],
255 void *driverarg, void **dbdata, ...)
257 struct dlz_bind9_data *state;
258 const char *helper_name;
266 state = talloc_zero(NULL, struct dlz_bind9_data);
268 return ISC_R_NOMEMORY;
271 tmp_ctx = talloc_new(state);
273 /* fill in the helper functions */
274 va_start(ap, dbdata);
275 while ((helper_name = va_arg(ap, const char *)) != NULL) {
276 b9_add_helper(state, helper_name, va_arg(ap, void*));
280 result = parse_options(state, argc, argv);
281 if (result != ISC_R_SUCCESS) {
285 state->lp = loadparm_init_global(true);
286 if (state->lp == NULL) {
287 result = ISC_R_NOMEMORY;
291 state->ev_ctx = tevent_context_init(state);
292 if (state->ev_ctx == NULL) {
293 result = ISC_R_NOMEMORY;
297 state->samdb = ldb_init(state, state->ev_ctx);
298 if (state->samdb == NULL) {
299 state->log(ISC_LOG_ERROR, "samba dlz_bind9: Failed to create ldb");
300 result = ISC_R_FAILURE;
304 url = talloc_asprintf(tmp_ctx, "ldapi://%s",
305 private_path(tmp_ctx, state->lp, "ldap_priv/ldapi"));
307 result = ISC_R_NOMEMORY;
311 ret = ldb_connect(state->samdb, url, 0, NULL);
313 state->log(ISC_LOG_ERROR, "samba dlz_bind9: Failed to connect to %s - %s",
314 url, ldb_errstring(state->samdb));
315 result = ISC_R_FAILURE;
319 dn = ldb_get_default_basedn(state->samdb);
321 state->log(ISC_LOG_ERROR, "samba dlz_bind9: Unable to get basedn for %s - %s",
322 url, ldb_errstring(state->samdb));
323 result = ISC_R_FAILURE;
327 state->log(ISC_LOG_INFO, "samba dlz_bind9: started for DN %s",
328 ldb_dn_get_linearized(dn));
332 talloc_free(tmp_ctx);
333 return ISC_R_SUCCESS;
343 _PUBLIC_ void dlz_destroy(void *driverarg, void *dbdata)
345 struct dlz_bind9_data *state = talloc_get_type_abort(dbdata, struct dlz_bind9_data);
346 state->log(ISC_LOG_INFO, "samba dlz_bind9: shutting down");
352 see if we handle a given zone
354 _PUBLIC_ isc_result_t dlz_findzonedb(void *driverarg, void *dbdata, const char *name)
356 struct dlz_bind9_data *state = talloc_get_type_abort(dbdata, struct dlz_bind9_data);
357 if (strcasecmp(lpcfg_dnsdomain(state->lp), name) == 0) {
358 return ISC_R_SUCCESS;
360 return ISC_R_NOTFOUND;
367 _PUBLIC_ isc_result_t dlz_lookup_types(struct dlz_bind9_data *state,
368 const char *zone, const char *name,
369 void *driverarg, dns_sdlzlookup_t *lookup,
373 TALLOC_CTX *tmp_ctx = talloc_new(state);
374 const char *attrs[] = { "dnsRecord", NULL };
376 struct ldb_result *res;
377 struct ldb_message_element *el;
379 dn = ldb_dn_copy(tmp_ctx, ldb_get_default_basedn(state->samdb));
381 talloc_free(tmp_ctx);
382 return ISC_R_NOMEMORY;
385 if (!ldb_dn_add_child_fmt(dn, "DC=%s,DC=%s,CN=MicrosoftDNS,DC=DomainDnsZones",
387 talloc_free(tmp_ctx);
388 return ISC_R_NOMEMORY;
391 ret = ldb_search(state->samdb, tmp_ctx, &res, dn, LDB_SCOPE_BASE,
392 attrs, "objectClass=dnsNode");
393 if (ret != LDB_SUCCESS) {
394 talloc_free(tmp_ctx);
395 return ISC_R_NOTFOUND;
398 el = ldb_msg_find_element(res->msgs[0], "dnsRecord");
399 if (el == NULL || el->num_values == 0) {
400 state->log(ISC_LOG_INFO, "failed to find %s",
401 ldb_dn_get_linearized(dn));
402 talloc_free(tmp_ctx);
403 return ISC_R_NOTFOUND;
406 for (i=0; i<el->num_values; i++) {
407 struct dnsp_DnssrvRpcRecord rec;
408 enum ndr_err_code ndr_err;
411 ndr_err = ndr_pull_struct_blob(&el->values[i], tmp_ctx, &rec,
412 (ndr_pull_flags_fn_t)ndr_pull_dnsp_DnssrvRpcRecord);
413 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
414 state->log(ISC_LOG_ERROR, "samba dlz_bind9: failed to parse dnsRecord for %s",
415 ldb_dn_get_linearized(dn));
416 talloc_free(tmp_ctx);
417 return ISC_R_FAILURE;
420 result = b9_putrr(state, lookup, &rec, types);
421 if (result != ISC_R_SUCCESS) {
422 talloc_free(tmp_ctx);
427 talloc_free(tmp_ctx);
428 return ISC_R_SUCCESS;
434 _PUBLIC_ isc_result_t dlz_lookup(const char *zone, const char *name, void *driverarg,
435 void *dbdata, dns_sdlzlookup_t *lookup)
437 struct dlz_bind9_data *state = talloc_get_type_abort(dbdata, struct dlz_bind9_data);
438 return dlz_lookup_types(state, zone, name, driverarg, lookup, NULL);
443 see if a zone transfer is allowed
445 _PUBLIC_ isc_result_t dlz_allowzonexfr(void *driverarg, void *dbdata, const char *name,
448 struct dlz_bind9_data *state = talloc_get_type_abort(dbdata, struct dlz_bind9_data);
450 if (strcasecmp(lpcfg_dnsdomain(state->lp), name) == 0) {
451 /* TODO: check an ACL here? client is the IP of the requester */
452 state->log(ISC_LOG_INFO, "samba dlz_bind9: allowing zone transfer for '%s' by '%s'",
454 return ISC_R_SUCCESS;
456 return ISC_R_NOTFOUND;
460 perform a zone transfer
462 _PUBLIC_ isc_result_t dlz_allnodes(const char *zone, void *driverarg, void *dbdata,
463 dns_sdlzallnodes_t *allnodes)
465 struct dlz_bind9_data *state = talloc_get_type_abort(dbdata, struct dlz_bind9_data);
466 const char *attrs[] = { "dnsRecord", NULL };
469 struct ldb_result *res;
470 TALLOC_CTX *tmp_ctx = talloc_new(state);
473 dn = ldb_dn_copy(tmp_ctx, ldb_get_default_basedn(state->samdb));
475 talloc_free(tmp_ctx);
476 return ISC_R_NOMEMORY;
479 if (!ldb_dn_add_child_fmt(dn, "DC=%s,CN=MicrosoftDNS,DC=DomainDnsZones", zone)) {
480 talloc_free(tmp_ctx);
481 return ISC_R_NOMEMORY;
484 ret = ldb_search(state->samdb, tmp_ctx, &res, dn, LDB_SCOPE_SUBTREE,
485 attrs, "objectClass=dnsNode");
486 if (ret != LDB_SUCCESS) {
487 talloc_free(tmp_ctx);
488 return ISC_R_NOTFOUND;
491 for (i=0; i<res->count; i++) {
492 struct ldb_message_element *el;
493 TALLOC_CTX *el_ctx = talloc_new(tmp_ctx);
494 const char *rdn, *name;
495 const struct ldb_val *v;
497 el = ldb_msg_find_element(res->msgs[i], "dnsRecord");
498 if (el == NULL || el->num_values == 0) {
499 state->log(ISC_LOG_INFO, "failed to find dnsRecord for %s",
500 ldb_dn_get_linearized(dn));
505 v = ldb_dn_get_rdn_val(res->msgs[i]->dn);
507 state->log(ISC_LOG_INFO, "failed to find RDN for %s",
508 ldb_dn_get_linearized(dn));
513 rdn = talloc_strndup(el_ctx, (char *)v->data, v->length);
515 talloc_free(tmp_ctx);
516 return ISC_R_NOMEMORY;
519 if (strcmp(rdn, "@") == 0) {
522 name = talloc_asprintf(el_ctx, "%s.%s", rdn, zone);
525 talloc_free(tmp_ctx);
526 return ISC_R_NOMEMORY;
529 for (j=0; j<el->num_values; j++) {
530 struct dnsp_DnssrvRpcRecord rec;
531 enum ndr_err_code ndr_err;
534 ndr_err = ndr_pull_struct_blob(&el->values[j], el_ctx, &rec,
535 (ndr_pull_flags_fn_t)ndr_pull_dnsp_DnssrvRpcRecord);
536 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
537 state->log(ISC_LOG_ERROR, "samba dlz_bind9: failed to parse dnsRecord for %s",
538 ldb_dn_get_linearized(dn));
543 result = b9_putnamedrr(state, allnodes, name, &rec);
544 if (result != ISC_R_SUCCESS) {
551 talloc_free(tmp_ctx);
553 return ISC_R_SUCCESS;