/* 
   Unix SMB/CIFS implementation.

   "secure" wins server WACK processing

   Copyright (C) Andrew Tridgell	2005
   
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
   
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
   
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/

#include "includes.h"
#include "nbt_server/nbt_server.h"
#include "nbt_server/wins/winsdb.h"
#include "system/time.h"

struct wack_state {
	struct wins_server *winssrv;
	struct nbt_name_socket *nbtsock;
	struct nbt_name_packet *request_packet;
	struct winsdb_record *rec;
	const char *src_address;
	int src_port;
	const char **owner_addresses;
	const char *reg_address;
	struct nbt_name_query query;
};


/*
  deny a registration request
*/
static void wins_wack_deny(struct wack_state *state)
{
	nbtd_name_registration_reply(state->nbtsock, state->request_packet, 
				     state->src_address, state->src_port, NBT_RCODE_ACT);
	DEBUG(4,("WINS: denied name registration request for %s from %s\n",
		 nbt_name_string(state, state->rec->name), state->src_address));
	talloc_free(state);
}

/*
  allow a registration request
*/
static void wins_wack_allow(struct wack_state *state)
{
	uint32_t ttl;
	time_t now = time(NULL);
	struct winsdb_record *rec = state->rec, *rec2;

	rec2 = winsdb_load(state->winssrv, rec->name, state);
	if (rec2 == NULL || rec2->version != rec->version) {
		DEBUG(1,("WINS: record %s changed during WACK - failing registration\n",
			 nbt_name_string(state, rec->name)));
		wins_wack_deny(state);
		return;
	}

	nbtd_name_registration_reply(state->nbtsock, state->request_packet, 
				     state->src_address, state->src_port, NBT_RCODE_OK);

	rec->addresses = str_list_add(rec->addresses, state->reg_address);
	if (rec->addresses == NULL) goto failed;
	
	ttl = wins_server_ttl(state->winssrv, state->request_packet->additional[0].ttl);
	if (now + ttl > rec->expire_time) {
		rec->expire_time = now + ttl;
	}
	rec->registered_by = state->src_address;

	winsdb_modify(state->winssrv, rec);

	DEBUG(4,("WINS: accepted registration of %s with address %s\n",
		 nbt_name_string(state, rec->name), state->reg_address));

failed:
	talloc_free(state);
}

/*
  called when a name query to a current owner completes
*/
static void wins_wack_handler(struct nbt_name_request *req)
{
	struct wack_state *state = talloc_get_type(req->async.private, struct wack_state);
	NTSTATUS status;
	int i;
	struct winsdb_record *rec = state->rec;

	status = nbt_name_query_recv(req, state, &state->query);

	/* if we timed out then try the next owner address, if any */
	if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
		state->owner_addresses++;
		if (state->owner_addresses[0] == NULL) {
			wins_wack_allow(state);
			return;
		}
		state->query.in.dest_addr = state->owner_addresses[0];

		req = nbt_name_query_send(state->nbtsock, &state->query);
		if (req == NULL) goto failed;

		req->async.fn = wins_wack_handler;
		req->async.private = state;
		return;
	}

	/* if the owner denies it holds the name, then allow
	   the registration */
	if (!NT_STATUS_IS_OK(status)) {
		wins_wack_allow(state);
		return;
	}

	/* if the owner still wants the name and doesn't reply
	   with the address trying to be registered, then deny
	   the registration */
	if (!str_list_check(state->query.out.reply_addrs, state->reg_address)) {
		wins_wack_deny(state);
		return;
	}

	/* we are going to allow the registration, but first remove any addresses
	   from the record that aren't in the reply from the client */
	for (i=0;rec->addresses[i];) {
		if (!str_list_check(state->query.out.reply_addrs, rec->addresses[i])) {
			str_list_remove(rec->addresses, rec->addresses[i]);
		} else {
			i++;
		}
	}

	wins_wack_allow(state);
	return;

failed:
	talloc_free(state);
}


/*
  a client has asked to register a unique name that someone else owns. We
  need to ask each of the current owners if they still want it. If they do
  then reject the registration, otherwise allow it
*/
void wins_register_wack(struct nbt_name_socket *nbtsock, 
			struct nbt_name_packet *packet, 
			struct winsdb_record *rec,
			const char *src_address, int src_port)
{
	struct nbtd_interface *iface = talloc_get_type(nbtsock->incoming.private, 
						       struct nbtd_interface);
	struct wins_server *winssrv = iface->nbtsrv->winssrv;
	struct wack_state *state;
	struct nbt_name_request *req;
	uint32_t ttl;

	state = talloc(nbtsock, struct wack_state);
	if (state == NULL) goto failed;

	/* package up the state variables for this wack request */
	state->winssrv         = winssrv;
	state->nbtsock         = nbtsock;
	state->request_packet  = talloc_steal(state, packet);
	state->rec             = talloc_steal(state, rec);
	state->src_port        = src_port;
	state->owner_addresses = rec->addresses;
	state->reg_address     = packet->additional[0].rdata.netbios.addresses[0].ipaddr;
	state->src_address     = talloc_strdup(state, src_address);
	if (state->src_address == NULL) goto failed;

	/* setup a name query to the first address */
	state->query.in.name        = *rec->name;
	state->query.in.dest_addr   = state->owner_addresses[0];
	state->query.in.broadcast   = False;
	state->query.in.wins_lookup = True;
	state->query.in.timeout     = 1;
	state->query.in.retries     = 2;

	/* the LOGON type is a nasty hack */
	if (rec->name->type == NBT_NAME_LOGON) {
		wins_wack_allow(state);
		return;
	}

	/* send a WACK to the client, specifying the maximum time it could
	   take to check with the owner, plus some slack */
	ttl = 5 + 4 * str_list_length(rec->addresses);
	nbtd_wack_reply(nbtsock, packet, src_address, src_port, ttl);

	req = nbt_name_query_send(nbtsock, &state->query);
	if (req == NULL) goto failed;

	req->async.fn = wins_wack_handler;
	req->async.private = state;
	return;	

failed:
	talloc_free(state);
	nbtd_name_registration_reply(nbtsock, packet, src_address, src_port, NBT_RCODE_SVR);	
}