r14709: allways use the unicast socket of the interface, when reply to DGRAM

requests...

this fixes a bug where I thought windows would try KRB5 via broadcast...

metze
(This used to be commit 0e7b224294ce6a3b5bbdc284181ab496a5a0c058)

5 files changed, 44 insertions, 22 deletions

diff --git a/source4/nbt_server/dgram/netlogon.c b/source4/nbt_server/dgram/netlogon.c
index 632f987c37f..c50c0ba1c0b 100644
--- a/source4/nbt_server/dgram/netlogon.c
+++ b/source4/nbt_server/dgram/netlogon.c
@@ -33,11 +33,13 @@
   reply to a GETDC request
  */
 static void nbtd_netlogon_getdc(struct dgram_mailslot_handler *dgmslot, 
+				struct nbtd_interface *iface,
 				struct nbt_dgram_packet *packet, 
 				const struct socket_address *src,
 				struct nbt_netlogon_packet *netlogon)
 {
 	struct nbt_name *name = &packet->data.msg.dest_name;
+	struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, False);
 	struct nbt_netlogon_packet reply;
 	struct nbt_netlogon_response_from_pdc *pdc;
 	const char *ref_attrs[] = {"nETBIOSName", NULL};
@@ -80,7 +82,7 @@ static void nbtd_netlogon_getdc(struct dgram_mailslot_handler *dgmslot,
 
 	packet->data.msg.dest_name.type = 0;
 
-	dgram_mailslot_netlogon_reply(dgmslot->dgmsock, 
+	dgram_mailslot_netlogon_reply(reply_iface->dgmsock, 
 				      packet, 
 				      netlogon->req.pdc.mailslot_name,
 				      &reply);
@@ -90,12 +92,14 @@ static void nbtd_netlogon_getdc(struct dgram_mailslot_handler *dgmslot,
 /*
   reply to a ADS style GETDC request
  */
-static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot, 
+static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot,
+				 struct nbtd_interface *iface,
 				 struct nbt_dgram_packet *packet, 
 				 const struct socket_address *src,
 				 struct nbt_netlogon_packet *netlogon)
 {
 	struct nbt_name *name = &packet->data.msg.dest_name;
+	struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, False);
 	struct nbt_netlogon_packet reply;
 	struct nbt_netlogon_response_from_pdc2 *pdc;
 	struct ldb_context *samctx;
@@ -104,7 +108,7 @@ static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot,
 	struct ldb_message **ref_res, **dom_res;
 	int ret;
 	const char **services = lp_server_services();
-	struct socket_address *my_ip = socket_get_my_addr(dgmslot->dgmsock->sock, packet);
+	const char *my_ip = reply_iface->ip_address; 
 	if (!my_ip) {
 		DEBUG(0, ("Could not obtain own IP address for datagram socket\n"));
 		return;
@@ -188,14 +192,14 @@ static void nbtd_netlogon_getdc2(struct dgram_mailslot_handler *dgmslot,
 	pdc->site_name2       = "Default-First-Site-Name";
 	pdc->unknown          = 0x10; /* what is this? */
 	pdc->unknown2         = 2; /* and this ... */
-	pdc->pdc_ip           = my_ip->addr;
+	pdc->pdc_ip           = my_ip;
 	pdc->nt_version       = 13;
 	pdc->lmnt_token       = 0xFFFF;
 	pdc->lm20_token       = 0xFFFF;
 
 	packet->data.msg.dest_name.type = 0;
 
-	dgram_mailslot_netlogon_reply(dgmslot->dgmsock, 
+	dgram_mailslot_netlogon_reply(reply_iface->dgmsock, 
 				      packet, 
 				      netlogon->req.pdc2.mailslot_name,
 				      &reply);
@@ -235,10 +239,10 @@ void nbtd_mailslot_netlogon_handler(struct dgram_mailslot_handler *dgmslot,
 
 	switch (netlogon->command) {
 	case NETLOGON_QUERY_FOR_PDC:
-		nbtd_netlogon_getdc(dgmslot, packet, src, netlogon);
+		nbtd_netlogon_getdc(dgmslot, iface, packet, src, netlogon);
 		break;
 	case NETLOGON_QUERY_FOR_PDC2:
-		nbtd_netlogon_getdc2(dgmslot, packet, src, netlogon);
+		nbtd_netlogon_getdc2(dgmslot, iface, packet, src, netlogon);
 		break;
 	default:
 		DEBUG(2,("unknown netlogon op %d from %s:%d\n", 
diff --git a/source4/nbt_server/dgram/ntlogon.c b/source4/nbt_server/dgram/ntlogon.c
index 165a9f461a3..15bf9038447 100644
--- a/source4/nbt_server/dgram/ntlogon.c
+++ b/source4/nbt_server/dgram/ntlogon.c
@@ -29,11 +29,13 @@
   reply to a SAM LOGON request
  */
 static void nbtd_ntlogon_sam_logon(struct dgram_mailslot_handler *dgmslot, 
+				   struct nbtd_interface *iface,
 				   struct nbt_dgram_packet *packet,
 				   const struct socket_address *src,
 				   struct nbt_ntlogon_packet *ntlogon)
 {
 	struct nbt_name *name = &packet->data.msg.dest_name;
+	struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, False);
 	struct nbt_ntlogon_packet reply;
 	struct nbt_ntlogon_sam_logon_reply *logon;
 
@@ -56,7 +58,7 @@ static void nbtd_ntlogon_sam_logon(struct dgram_mailslot_handler *dgmslot,
 
 	packet->data.msg.dest_name.type = 0;
 
-	dgram_mailslot_ntlogon_reply(dgmslot->dgmsock, 
+	dgram_mailslot_ntlogon_reply(reply_iface->dgmsock, 
 				     packet, 
 				     ntlogon->req.logon.mailslot_name,
 				     &reply);
@@ -97,7 +99,7 @@ void nbtd_mailslot_ntlogon_handler(struct dgram_mailslot_handler *dgmslot,
 
 	switch (ntlogon->command) {
 	case NTLOGON_SAM_LOGON:
-		nbtd_ntlogon_sam_logon(dgmslot, packet, src, ntlogon);
+		nbtd_ntlogon_sam_logon(dgmslot, iface, packet, src, ntlogon);
 		break;
 	default:
 		DEBUG(2,("unknown ntlogon op %d from %s:%d\n", 
diff --git a/source4/nbt_server/interfaces.c b/source4/nbt_server/interfaces.c
index e51cd5c6f35..1cfe79bb9f7 100644
--- a/source4/nbt_server/interfaces.c
+++ b/source4/nbt_server/interfaces.c
@@ -193,7 +193,6 @@ static NTSTATUS nbtd_add_socket(struct nbtd_server *nbtsrv,
 	return NT_STATUS_OK;
 }
 
-
 /*
   setup a socket for talking to our WINS servers
 */
@@ -312,22 +311,39 @@ const char **nbtd_address_list(struct nbtd_interface *iface, TALLOC_CTX *mem_ctx
 /*
   find the interface to use for sending a outgoing request
 */
-struct nbtd_interface *nbtd_find_interface(struct nbtd_server *nbtd_server,
-					   const char *address)
+struct nbtd_interface *nbtd_find_request_iface(struct nbtd_server *nbtd_server,
+					       const char *address, BOOL allow_bcast_iface)
 {
-	struct nbtd_interface *iface;
+	struct nbtd_interface *cur;
+
 	/* try to find a exact match */
-	for (iface=nbtd_server->interfaces;iface;iface=iface->next) {
-		if (iface_same_net(address, iface->ip_address, iface->netmask)) {
-			return iface;
+	for (cur=nbtd_server->interfaces;cur;cur=cur->next) {
+		if (iface_same_net(address, cur->ip_address, cur->netmask)) {
+			return cur;
 		}
 	}
 
 	/* no exact match, if we have the broadcast interface, use that */
-	if (nbtd_server->bcast_interface) {
+	if (allow_bcast_iface && nbtd_server->bcast_interface) {
 		return nbtd_server->bcast_interface;
 	}
 
 	/* fallback to first interface */
 	return nbtd_server->interfaces;
 }
+
+/*
+ * find the interface to use for sending a outgoing reply
+ */
+struct nbtd_interface *nbtd_find_reply_iface(struct nbtd_interface *iface,
+					     const char *address, BOOL allow_bcast_iface)
+{
+	struct nbtd_server *nbtd_server = iface->nbtsrv;
+
+	/* first try to use the given interfacel when it's not the broadcast one */
+	if (iface != nbtd_server->bcast_interface) {
+		return iface;
+	}
+
+	return nbtd_find_request_iface(nbtd_server, address, allow_bcast_iface);
+}
diff --git a/source4/nbt_server/irpc.c b/source4/nbt_server/irpc.c
index 3f82bbd757c..04bbcf82857 100644
--- a/source4/nbt_server/irpc.c
+++ b/source4/nbt_server/irpc.c
@@ -120,7 +120,7 @@ static NTSTATUS nbtd_getdcname(struct irpc_message *msg,
 {
 	struct nbtd_server *server =
 		talloc_get_type(msg->private, struct nbtd_server);
-	struct nbtd_interface *iface = nbtd_find_interface(server, req->in.ip_address);
+	struct nbtd_interface *iface = nbtd_find_request_iface(server, req->in.ip_address, True);
 	struct getdc_state *s;
 	struct nbt_ntlogon_packet p;
 	struct nbt_ntlogon_sam_logon *r;
diff --git a/source4/nbt_server/wins/winswack.c b/source4/nbt_server/wins/winswack.c
index 2da73fa9cf9..3bdf682459a 100644
--- a/source4/nbt_server/wins/winswack.c
+++ b/source4/nbt_server/wins/winswack.c
@@ -49,7 +49,7 @@ static void wins_challenge_handler(struct nbt_name_request *req)
 
 			state->query.in.dest_addr = state->io->in.addresses[state->current_address];
 			
-			iface = nbtd_find_interface(state->io->in.nbtd_server, state->query.in.dest_addr);
+			iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, True);
 			if (!iface) {
 				composite_error(ctx, NT_STATUS_INTERNAL_ERROR);
 				return;
@@ -111,7 +111,7 @@ struct composite_context *wins_challenge_send(TALLOC_CTX *mem_ctx, struct wins_c
 	state->query.in.retries     = 2;
 	ZERO_STRUCT(state->query.out);
 
-	iface = nbtd_find_interface(state->io->in.nbtd_server, state->query.in.dest_addr);
+	iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->query.in.dest_addr, True);
 	if (!iface) {
 		goto failed;
 	}
@@ -165,7 +165,7 @@ static void wins_release_demand_handler(struct nbt_name_request *req)
 			state->release.in.timeout   = (state->addresses_left > 1 ? 2 : 1);
 			state->release.in.retries   = (state->addresses_left > 1 ? 0 : 2);
 
-			iface = nbtd_find_interface(state->io->in.nbtd_server, state->release.in.dest_addr);
+			iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, True);
 			if (!iface) {
 				composite_error(ctx, NT_STATUS_INTERNAL_ERROR);
 				return;
@@ -226,7 +226,7 @@ static struct composite_context *wins_release_demand_send(TALLOC_CTX *mem_ctx, s
 	state->release.in.retries     = (state->addresses_left > 1 ? 0 : 2);
 	ZERO_STRUCT(state->release.out);
 
-	iface = nbtd_find_interface(state->io->in.nbtd_server, state->release.in.dest_addr);
+	iface = nbtd_find_request_iface(state->io->in.nbtd_server, state->release.in.dest_addr, True);
 	if (!iface) {
 		goto failed;
 	}