2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2009
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 see RFC1798 for details of CLDAP
27 - carried over UDP on port 389
28 - request and response matched by message ID
29 - request consists of only a single searchRequest element
30 - response can be in one of two forms
31 - a single searchResponse, followed by a searchResult
32 - a single searchResult
37 #include "../lib/util/dlinklist.h"
38 #include "../libcli/ldap/ldap_message.h"
39 #include "../libcli/ldap/ldap_ndr.h"
40 #include "../libcli/cldap/cldap.h"
41 #include "../lib/tsocket/tsocket.h"
42 #include "../libcli/security/dom_sid.h"
43 #include "../librpc/gen_ndr/ndr_nbt.h"
44 #include "../lib/util/asn1.h"
45 #include "../lib/util/tevent_ntstatus.h"
50 context structure for operations on cldap packets
53 /* the low level socket */
54 struct tsocket_context *sock;
57 * Are we in connected mode, which means
58 * we get ICMP errors back instead of timing
59 * out requests. And we can only send requests
60 * to the connected peer.
65 * we allow sync requests only, if the caller
66 * did not pass an event context to cldap_socket_init()
70 struct tevent_context *ctx;
73 /* the queue for outgoing dgrams */
74 struct tevent_queue *send_queue;
76 /* do we have an async tsocket_recvfrom request pending */
77 struct tevent_req *recv_subreq;
80 /* a queue of pending search requests */
81 struct cldap_search_state *list;
83 /* mapping from message_id to pending request */
84 struct idr_context *idr;
87 /* what to do with incoming request packets */
89 void (*handler)(struct cldap_socket *,
91 struct cldap_incoming *);
96 struct cldap_search_state {
97 struct cldap_search_state *prev, *next;
100 struct cldap_socket *cldap;
109 struct tsocket_address *dest;
114 struct cldap_incoming *in;
115 struct asn1_data *asn1;
118 struct tevent_req *req;
121 static int cldap_socket_destructor(struct cldap_socket *c)
123 tsocket_disconnect(c->sock);
125 while (c->searches.list) {
126 struct cldap_search_state *s = c->searches.list;
127 DLIST_REMOVE(c->searches.list, s);
128 ZERO_STRUCT(s->caller);
131 talloc_free(c->recv_subreq);
132 talloc_free(c->send_queue);
133 talloc_free(c->sock);
137 static void cldap_recvfrom_done(struct tevent_req *subreq);
139 static bool cldap_recvfrom_setup(struct cldap_socket *c)
141 if (c->recv_subreq) {
145 if (!c->searches.list && !c->incoming.handler) {
149 c->recv_subreq = tsocket_recvfrom_send(c->sock, c);
150 if (!c->recv_subreq) {
153 tevent_req_set_callback(c->recv_subreq, cldap_recvfrom_done, c);
158 static void cldap_recvfrom_stop(struct cldap_socket *c)
160 if (!c->recv_subreq) {
164 if (c->searches.list || c->incoming.handler) {
168 talloc_free(c->recv_subreq);
169 c->recv_subreq = NULL;
172 static void cldap_socket_recv_dgram(struct cldap_socket *c,
173 struct cldap_incoming *in);
175 static void cldap_recvfrom_done(struct tevent_req *subreq)
177 struct cldap_socket *c = tevent_req_callback_data(subreq,
178 struct cldap_socket);
179 struct cldap_incoming *in = NULL;
182 c->recv_subreq = NULL;
184 in = talloc_zero(c, struct cldap_incoming);
189 ret = tsocket_recvfrom_recv(subreq,
199 if (ret == -1 && in->recv_errno == 0) {
200 in->recv_errno = EIO;
203 /* this function should free or steal 'in' */
204 cldap_socket_recv_dgram(c, in);
207 if (!cldap_recvfrom_setup(c)) {
216 /*TODO: call a dead socket handler */
221 handle recv events on a cldap socket
223 static void cldap_socket_recv_dgram(struct cldap_socket *c,
224 struct cldap_incoming *in)
227 struct asn1_data *asn1;
229 struct cldap_search_state *search;
232 if (in->recv_errno != 0) {
236 blob = data_blob_const(in->buf, in->len);
238 asn1 = asn1_init(in);
243 if (!asn1_load(asn1, blob)) {
247 in->ldap_msg = talloc(in, struct ldap_message);
248 if (in->ldap_msg == NULL) {
252 /* this initial decode is used to find the message id */
253 status = ldap_decode(asn1, NULL, in->ldap_msg);
254 if (!NT_STATUS_IS_OK(status)) {
258 /* find the pending request */
259 p = idr_find(c->searches.idr, in->ldap_msg->messageid);
261 if (!c->incoming.handler) {
265 /* this function should free or steal 'in' */
266 c->incoming.handler(c, c->incoming.private_data, in);
270 search = talloc_get_type(p, struct cldap_search_state);
271 search->response.in = talloc_move(search, &in);
272 search->response.asn1 = asn1;
273 search->response.asn1->ofs = 0;
275 tevent_req_done(search->req);
279 in->recv_errno = ENOMEM;
281 status = map_nt_error_from_unix(in->recv_errno);
283 /* in connected mode the first pending search gets the error */
285 /* otherwise we just ignore the error */
288 if (!c->searches.list) {
291 tevent_req_nterror(c->searches.list->req, status);
297 initialise a cldap_sock
299 NTSTATUS cldap_socket_init(TALLOC_CTX *mem_ctx,
300 struct tevent_context *ev,
301 const struct tsocket_address *local_addr,
302 const struct tsocket_address *remote_addr,
303 struct cldap_socket **_cldap)
305 struct cldap_socket *c = NULL;
306 struct tsocket_address *any = NULL;
310 c = talloc_zero(mem_ctx, struct cldap_socket);
316 ev = tevent_context_init(c);
320 c->event.allow_poll = true;
325 ret = tsocket_address_inet_from_strings(c, "ipv4",
329 status = map_nt_error_from_unix(errno);
335 c->searches.idr = idr_init(c);
336 if (!c->searches.idr) {
340 ret = tsocket_address_create_socket(local_addr,
344 status = map_nt_error_from_unix(errno);
349 tsocket_set_event_context(c->sock, c->event.ctx);
352 ret = tsocket_connect(c->sock, remote_addr);
354 status = map_nt_error_from_unix(errno);
360 c->send_queue = tevent_queue_create(c, "cldap_send_queue");
361 if (!c->send_queue) {
365 talloc_set_destructor(c, cldap_socket_destructor);
371 status = NT_STATUS_NO_MEMORY;
378 setup a handler for incoming requests
380 NTSTATUS cldap_set_incoming_handler(struct cldap_socket *c,
381 void (*handler)(struct cldap_socket *,
383 struct cldap_incoming *),
387 return NT_STATUS_PIPE_CONNECTED;
390 /* if sync requests are allowed, we don't allow an incoming handler */
391 if (c->event.allow_poll) {
392 return NT_STATUS_INVALID_PIPE_STATE;
395 c->incoming.handler = handler;
396 c->incoming.private_data = private_data;
398 if (!cldap_recvfrom_setup(c)) {
399 ZERO_STRUCT(c->incoming);
400 return NT_STATUS_NO_MEMORY;
406 struct cldap_reply_state {
407 struct tsocket_address *dest;
411 static void cldap_reply_state_destroy(struct tevent_req *req);
414 queue a cldap reply for send
416 NTSTATUS cldap_reply_send(struct cldap_socket *cldap, struct cldap_reply *io)
418 struct cldap_reply_state *state = NULL;
419 struct ldap_message *msg;
420 DATA_BLOB blob1, blob2;
422 struct tevent_req *req;
424 if (cldap->connected) {
425 return NT_STATUS_PIPE_CONNECTED;
429 return NT_STATUS_INVALID_ADDRESS;
432 state = talloc(cldap, struct cldap_reply_state);
433 NT_STATUS_HAVE_NO_MEMORY(state);
435 state->dest = tsocket_address_copy(io->dest, state);
440 msg = talloc(state, struct ldap_message);
445 msg->messageid = io->messageid;
446 msg->controls = NULL;
449 msg->type = LDAP_TAG_SearchResultEntry;
450 msg->r.SearchResultEntry = *io->response;
452 if (!ldap_encode(msg, NULL, &blob1, state)) {
453 status = NT_STATUS_INVALID_PARAMETER;
457 blob1 = data_blob(NULL, 0);
460 msg->type = LDAP_TAG_SearchResultDone;
461 msg->r.SearchResultDone = *io->result;
463 if (!ldap_encode(msg, NULL, &blob2, state)) {
464 status = NT_STATUS_INVALID_PARAMETER;
469 state->blob = data_blob_talloc(state, NULL, blob1.length + blob2.length);
470 if (!state->blob.data) {
474 memcpy(state->blob.data, blob1.data, blob1.length);
475 memcpy(state->blob.data+blob1.length, blob2.data, blob2.length);
476 data_blob_free(&blob1);
477 data_blob_free(&blob2);
479 req = tsocket_sendto_queue_send(state,
488 /* the callback will just free the state, as we don't need a result */
489 tevent_req_set_callback(req, cldap_reply_state_destroy, state);
494 status = NT_STATUS_NO_MEMORY;
500 static void cldap_reply_state_destroy(struct tevent_req *req)
502 struct cldap_reply_state *state = tevent_req_callback_data(req,
503 struct cldap_reply_state);
505 /* we don't want to know the result here, we just free the state */
510 static int cldap_search_state_destructor(struct cldap_search_state *s)
512 if (s->caller.cldap) {
513 if (s->message_id != -1) {
514 idr_remove(s->caller.cldap->searches.idr, s->message_id);
517 DLIST_REMOVE(s->caller.cldap->searches.list, s);
518 cldap_recvfrom_stop(s->caller.cldap);
519 ZERO_STRUCT(s->caller);
525 static void cldap_search_state_queue_done(struct tevent_req *subreq);
526 static void cldap_search_state_wakeup_done(struct tevent_req *subreq);
529 queue a cldap reply for send
531 struct tevent_req *cldap_search_send(TALLOC_CTX *mem_ctx,
532 struct cldap_socket *cldap,
533 const struct cldap_search *io)
535 struct tevent_req *req, *subreq;
536 struct cldap_search_state *state = NULL;
537 struct ldap_message *msg;
538 struct ldap_SearchRequest *search;
544 req = tevent_req_create(mem_ctx, &state,
545 struct cldap_search_state);
551 state->caller.cldap = cldap;
552 state->message_id = -1;
554 talloc_set_destructor(state, cldap_search_state_destructor);
556 if (io->in.dest_address) {
557 if (cldap->connected) {
558 tevent_req_nterror(req, NT_STATUS_PIPE_CONNECTED);
561 ret = tsocket_address_inet_from_strings(state,
565 &state->request.dest);
567 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
571 if (!cldap->connected) {
572 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
575 state->request.dest = NULL;
578 state->message_id = idr_get_new_random(cldap->searches.idr,
580 if (state->message_id == -1) {
581 tevent_req_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
585 msg = talloc(state, struct ldap_message);
586 if (tevent_req_nomem(msg, req)) {
590 msg->messageid = state->message_id;
591 msg->type = LDAP_TAG_SearchRequest;
592 msg->controls = NULL;
593 search = &msg->r.SearchRequest;
596 search->scope = LDAP_SEARCH_SCOPE_BASE;
597 search->deref = LDAP_DEREFERENCE_NEVER;
598 search->timelimit = 0;
599 search->sizelimit = 0;
600 search->attributesonly = false;
601 search->num_attributes = str_list_length(io->in.attributes);
602 search->attributes = io->in.attributes;
603 search->tree = ldb_parse_tree(msg, io->in.filter);
604 if (tevent_req_nomem(search->tree, req)) {
608 if (!ldap_encode(msg, NULL, &state->request.blob, state)) {
609 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
614 state->request.idx = 0;
615 state->request.delay = 10*1000*1000;
616 state->request.count = 3;
617 if (io->in.timeout > 0) {
618 state->request.delay = io->in.timeout * 1000 * 1000;
619 state->request.count = io->in.retries + 1;
622 now = tevent_timeval_current();
624 for (i = 0; i < state->request.count; i++) {
625 end = tevent_timeval_add(&end, 0, state->request.delay);
628 if (!tevent_req_set_endtime(req, state->caller.cldap->event.ctx, end)) {
629 tevent_req_nomem(NULL, req);
633 subreq = tsocket_sendto_queue_send(state,
634 state->caller.cldap->sock,
635 state->caller.cldap->send_queue,
636 state->request.blob.data,
637 state->request.blob.length,
638 state->request.dest);
639 if (tevent_req_nomem(subreq, req)) {
642 tevent_req_set_callback(subreq, cldap_search_state_queue_done, req);
644 DLIST_ADD_END(cldap->searches.list, state, struct cldap_search_state *);
649 return tevent_req_post(req, cldap->event.ctx);
652 static void cldap_search_state_queue_done(struct tevent_req *subreq)
654 struct tevent_req *req = tevent_req_callback_data(subreq,
656 struct cldap_search_state *state = tevent_req_data(req,
657 struct cldap_search_state);
662 ret = tsocket_sendto_queue_recv(subreq, &sys_errno);
666 status = map_nt_error_from_unix(sys_errno);
667 DLIST_REMOVE(state->caller.cldap->searches.list, state);
668 ZERO_STRUCT(state->caller.cldap);
669 tevent_req_nterror(req, status);
673 state->request.idx++;
675 /* wait for incoming traffic */
676 if (!cldap_recvfrom_setup(state->caller.cldap)) {
677 tevent_req_nomem(NULL, req);
681 if (state->request.idx > state->request.count) {
682 /* we just wait for the response or a timeout */
686 next = tevent_timeval_current_ofs(0, state->request.delay);
687 subreq = tevent_wakeup_send(state,
688 state->caller.cldap->event.ctx,
690 if (tevent_req_nomem(subreq, req)) {
693 tevent_req_set_callback(subreq, cldap_search_state_wakeup_done, req);
696 static void cldap_search_state_wakeup_done(struct tevent_req *subreq)
698 struct tevent_req *req = tevent_req_callback_data(subreq,
700 struct cldap_search_state *state = tevent_req_data(req,
701 struct cldap_search_state);
704 ok = tevent_wakeup_recv(subreq);
707 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
711 subreq = tsocket_sendto_queue_send(state,
712 state->caller.cldap->sock,
713 state->caller.cldap->send_queue,
714 state->request.blob.data,
715 state->request.blob.length,
716 state->request.dest);
717 if (tevent_req_nomem(subreq, req)) {
720 tevent_req_set_callback(subreq, cldap_search_state_queue_done, req);
724 receive a cldap reply
726 NTSTATUS cldap_search_recv(struct tevent_req *req,
728 struct cldap_search *io)
730 struct cldap_search_state *state = tevent_req_data(req,
731 struct cldap_search_state);
732 struct ldap_message *ldap_msg;
735 if (tevent_req_is_nterror(req, &status)) {
739 ldap_msg = talloc(mem_ctx, struct ldap_message);
744 status = ldap_decode(state->response.asn1, NULL, ldap_msg);
745 if (!NT_STATUS_IS_OK(status)) {
749 ZERO_STRUCT(io->out);
751 /* the first possible form has a search result in first place */
752 if (ldap_msg->type == LDAP_TAG_SearchResultEntry) {
753 io->out.response = talloc(mem_ctx, struct ldap_SearchResEntry);
754 if (!io->out.response) {
757 *io->out.response = ldap_msg->r.SearchResultEntry;
759 /* decode the 2nd part */
760 status = ldap_decode(state->response.asn1, NULL, ldap_msg);
761 if (!NT_STATUS_IS_OK(status)) {
766 if (ldap_msg->type != LDAP_TAG_SearchResultDone) {
767 status = NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR);
771 io->out.result = talloc(mem_ctx, struct ldap_Result);
772 if (!io->out.result) {
775 *io->out.result = ldap_msg->r.SearchResultDone;
777 if (io->out.result->resultcode != LDAP_SUCCESS) {
778 status = NT_STATUS_LDAP(io->out.result->resultcode);
782 tevent_req_received(req);
786 status = NT_STATUS_NO_MEMORY;
788 tevent_req_received(req);
794 synchronous cldap search
796 NTSTATUS cldap_search(struct cldap_socket *cldap,
798 struct cldap_search *io)
800 struct tevent_req *req;
803 if (!cldap->event.allow_poll) {
804 return NT_STATUS_INVALID_PIPE_STATE;
807 if (cldap->searches.list) {
808 return NT_STATUS_PIPE_BUSY;
811 req = cldap_search_send(mem_ctx, cldap, io);
812 NT_STATUS_HAVE_NO_MEMORY(req);
814 if (!tevent_req_poll(req, cldap->event.ctx)) {
816 return NT_STATUS_INTERNAL_ERROR;
819 status = cldap_search_recv(req, mem_ctx, io);
825 struct cldap_netlogon_state {
826 struct cldap_search search;
829 static void cldap_netlogon_state_done(struct tevent_req *subreq);
831 queue a cldap netlogon for send
833 struct tevent_req *cldap_netlogon_send(TALLOC_CTX *mem_ctx,
834 struct cldap_socket *cldap,
835 const struct cldap_netlogon *io)
837 struct tevent_req *req, *subreq;
838 struct cldap_netlogon_state *state;
840 static const char * const attr[] = { "NetLogon", NULL };
842 req = tevent_req_create(mem_ctx, &state,
843 struct cldap_netlogon_state);
848 filter = talloc_asprintf(state, "(&(NtVer=%s)",
849 ldap_encode_ndr_uint32(state, io->in.version));
850 if (tevent_req_nomem(filter, req)) {
854 filter = talloc_asprintf_append_buffer(filter, "(User=%s)", io->in.user);
855 if (tevent_req_nomem(filter, req)) {
860 filter = talloc_asprintf_append_buffer(filter, "(Host=%s)", io->in.host);
861 if (tevent_req_nomem(filter, req)) {
866 filter = talloc_asprintf_append_buffer(filter, "(DnsDomain=%s)", io->in.realm);
867 if (tevent_req_nomem(filter, req)) {
871 if (io->in.acct_control != -1) {
872 filter = talloc_asprintf_append_buffer(filter, "(AAC=%s)",
873 ldap_encode_ndr_uint32(state, io->in.acct_control));
874 if (tevent_req_nomem(filter, req)) {
878 if (io->in.domain_sid) {
879 struct dom_sid *sid = dom_sid_parse_talloc(state, io->in.domain_sid);
880 if (tevent_req_nomem(sid, req)) {
883 filter = talloc_asprintf_append_buffer(filter, "(domainSid=%s)",
884 ldap_encode_ndr_dom_sid(state, sid));
885 if (tevent_req_nomem(filter, req)) {
889 if (io->in.domain_guid) {
892 status = GUID_from_string(io->in.domain_guid, &guid);
893 if (tevent_req_nterror(req, status)) {
896 filter = talloc_asprintf_append_buffer(filter, "(DomainGuid=%s)",
897 ldap_encode_ndr_GUID(state, &guid));
898 if (tevent_req_nomem(filter, req)) {
902 filter = talloc_asprintf_append_buffer(filter, ")");
903 if (tevent_req_nomem(filter, req)) {
907 if (io->in.dest_address) {
908 state->search.in.dest_address = talloc_strdup(state,
909 io->in.dest_address);
910 if (tevent_req_nomem(state->search.in.dest_address, req)) {
913 state->search.in.dest_port = io->in.dest_port;
915 state->search.in.dest_address = NULL;
916 state->search.in.dest_port = 0;
918 state->search.in.filter = filter;
919 state->search.in.attributes = attr;
920 state->search.in.timeout = 2;
921 state->search.in.retries = 2;
923 subreq = cldap_search_send(state, cldap, &state->search);
924 if (tevent_req_nomem(subreq, req)) {
927 tevent_req_set_callback(subreq, cldap_netlogon_state_done, req);
931 return tevent_req_post(req, cldap->event.ctx);
934 static void cldap_netlogon_state_done(struct tevent_req *subreq)
936 struct tevent_req *req = tevent_req_callback_data(subreq,
938 struct cldap_netlogon_state *state = tevent_req_data(req,
939 struct cldap_netlogon_state);
942 status = cldap_search_recv(subreq, state, &state->search);
945 if (tevent_req_nterror(req, status)) {
949 tevent_req_done(req);
953 receive a cldap netlogon reply
955 NTSTATUS cldap_netlogon_recv(struct tevent_req *req,
956 struct smb_iconv_convenience *iconv_convenience,
958 struct cldap_netlogon *io)
960 struct cldap_netlogon_state *state = tevent_req_data(req,
961 struct cldap_netlogon_state);
965 if (tevent_req_is_nterror(req, &status)) {
969 if (state->search.out.response == NULL) {
970 status = NT_STATUS_NOT_FOUND;
974 if (state->search.out.response->num_attributes != 1 ||
975 strcasecmp(state->search.out.response->attributes[0].name, "netlogon") != 0 ||
976 state->search.out.response->attributes[0].num_values != 1 ||
977 state->search.out.response->attributes[0].values->length < 2) {
978 status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
981 data = state->search.out.response->attributes[0].values;
983 status = pull_netlogon_samlogon_response(data, mem_ctx,
986 if (!NT_STATUS_IS_OK(status)) {
990 if (io->in.map_response) {
991 map_netlogon_samlogon_response(&io->out.netlogon);
994 status = NT_STATUS_OK;
996 tevent_req_received(req);
1001 sync cldap netlogon search
1003 NTSTATUS cldap_netlogon(struct cldap_socket *cldap,
1004 struct smb_iconv_convenience *iconv_convenience,
1005 TALLOC_CTX *mem_ctx,
1006 struct cldap_netlogon *io)
1008 struct tevent_req *req;
1011 if (!cldap->event.allow_poll) {
1012 return NT_STATUS_INVALID_PIPE_STATE;
1015 if (cldap->searches.list) {
1016 return NT_STATUS_PIPE_BUSY;
1019 req = cldap_netlogon_send(mem_ctx, cldap, io);
1020 NT_STATUS_HAVE_NO_MEMORY(req);
1022 if (!tevent_req_poll(req, cldap->event.ctx)) {
1024 return NT_STATUS_INTERNAL_ERROR;
1027 status = cldap_netlogon_recv(req, iconv_convenience, mem_ctx, io);
1035 send an empty reply (used on any error, so the client doesn't keep waiting
1036 or send the bad request again)
1038 NTSTATUS cldap_empty_reply(struct cldap_socket *cldap,
1039 uint32_t message_id,
1040 struct tsocket_address *dest)
1043 struct cldap_reply reply;
1044 struct ldap_Result result;
1046 reply.messageid = message_id;
1048 reply.response = NULL;
1049 reply.result = &result;
1051 ZERO_STRUCT(result);
1053 status = cldap_reply_send(cldap, &reply);
1059 send an error reply (used on any error, so the client doesn't keep waiting
1060 or send the bad request again)
1062 NTSTATUS cldap_error_reply(struct cldap_socket *cldap,
1063 uint32_t message_id,
1064 struct tsocket_address *dest,
1066 const char *errormessage)
1069 struct cldap_reply reply;
1070 struct ldap_Result result;
1072 reply.messageid = message_id;
1074 reply.response = NULL;
1075 reply.result = &result;
1077 ZERO_STRUCT(result);
1078 result.resultcode = resultcode;
1079 result.errormessage = errormessage;
1081 status = cldap_reply_send(cldap, &reply);
1088 send a netlogon reply
1090 NTSTATUS cldap_netlogon_reply(struct cldap_socket *cldap,
1091 struct smb_iconv_convenience *iconv_convenience,
1092 uint32_t message_id,
1093 struct tsocket_address *dest,
1095 struct netlogon_samlogon_response *netlogon)
1098 struct cldap_reply reply;
1099 struct ldap_SearchResEntry response;
1100 struct ldap_Result result;
1101 TALLOC_CTX *tmp_ctx = talloc_new(cldap);
1104 status = push_netlogon_samlogon_response(&blob, tmp_ctx,
1107 if (!NT_STATUS_IS_OK(status)) {
1108 talloc_free(tmp_ctx);
1111 reply.messageid = message_id;
1113 reply.response = &response;
1114 reply.result = &result;
1116 ZERO_STRUCT(result);
1119 response.num_attributes = 1;
1120 response.attributes = talloc(tmp_ctx, struct ldb_message_element);
1121 NT_STATUS_HAVE_NO_MEMORY(response.attributes);
1122 response.attributes->name = "netlogon";
1123 response.attributes->num_values = 1;
1124 response.attributes->values = &blob;
1126 status = cldap_reply_send(cldap, &reply);
1128 talloc_free(tmp_ctx);