2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2009
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 see RFC1798 for details of CLDAP
27 - carried over UDP on port 389
28 - request and response matched by message ID
29 - request consists of only a single searchRequest element
30 - response can be in one of two forms
31 - a single searchResponse, followed by a searchResult
32 - a single searchResult
37 #include "../lib/util/dlinklist.h"
38 #include "../libcli/ldap/ldap_message.h"
39 #include "../libcli/ldap/ldap_ndr.h"
40 #include "../libcli/cldap/cldap.h"
41 #include "../lib/tsocket/tsocket.h"
42 #include "../libcli/security/dom_sid.h"
43 #include "../librpc/gen_ndr/ndr_nbt.h"
44 #include "../lib/util/asn1.h"
45 #include "../lib/util/tevent_ntstatus.h"
50 context structure for operations on cldap packets
53 /* the low level socket */
54 struct tdgram_context *sock;
57 * Are we in connected mode, which means
58 * we get ICMP errors back instead of timing
59 * out requests. And we can only send requests
60 * to the connected peer.
64 /* the queue for outgoing dgrams */
65 struct tevent_queue *send_queue;
67 /* do we have an async tsocket_recvfrom request pending */
68 struct tevent_req *recv_subreq;
71 /* a queue of pending search requests */
72 struct cldap_search_state *list;
74 /* mapping from message_id to pending request */
75 struct idr_context *idr;
78 /* what to do with incoming request packets */
80 struct tevent_context *ev;
81 void (*handler)(struct cldap_socket *,
83 struct cldap_incoming *);
88 struct cldap_search_state {
89 struct cldap_search_state *prev, *next;
92 struct tevent_context *ev;
93 struct cldap_socket *cldap;
102 struct tsocket_address *dest;
107 struct cldap_incoming *in;
108 struct asn1_data *asn1;
111 struct tevent_req *req;
114 static int cldap_socket_destructor(struct cldap_socket *c)
116 while (c->searches.list) {
117 struct cldap_search_state *s = c->searches.list;
118 DLIST_REMOVE(c->searches.list, s);
119 ZERO_STRUCT(s->caller);
122 talloc_free(c->recv_subreq);
123 talloc_free(c->send_queue);
124 talloc_free(c->sock);
128 static void cldap_recvfrom_done(struct tevent_req *subreq);
130 static bool cldap_recvfrom_setup(struct cldap_socket *c)
132 struct tevent_context *ev;
134 if (c->recv_subreq) {
138 if (!c->searches.list && !c->incoming.handler) {
144 ev = c->searches.list->caller.ev;
147 c->recv_subreq = tdgram_recvfrom_send(c, ev, c->sock);
148 if (!c->recv_subreq) {
151 tevent_req_set_callback(c->recv_subreq, cldap_recvfrom_done, c);
156 static void cldap_recvfrom_stop(struct cldap_socket *c)
158 if (!c->recv_subreq) {
162 if (c->searches.list || c->incoming.handler) {
166 talloc_free(c->recv_subreq);
167 c->recv_subreq = NULL;
170 static bool cldap_socket_recv_dgram(struct cldap_socket *c,
171 struct cldap_incoming *in);
173 static void cldap_recvfrom_done(struct tevent_req *subreq)
175 struct cldap_socket *c = tevent_req_callback_data(subreq,
176 struct cldap_socket);
177 struct cldap_incoming *in = NULL;
181 c->recv_subreq = NULL;
183 in = talloc_zero(c, struct cldap_incoming);
188 ret = tdgram_recvfrom_recv(subreq,
198 if (ret == -1 && in->recv_errno == 0) {
199 in->recv_errno = EIO;
202 /* this function should free or steal 'in' */
203 setup_done = cldap_socket_recv_dgram(c, in);
206 if (!setup_done && !cldap_recvfrom_setup(c)) {
215 /*TODO: call a dead socket handler */
220 handle recv events on a cldap socket
222 static bool cldap_socket_recv_dgram(struct cldap_socket *c,
223 struct cldap_incoming *in)
226 struct asn1_data *asn1;
228 struct cldap_search_state *search;
231 if (in->recv_errno != 0) {
235 blob = data_blob_const(in->buf, in->len);
237 asn1 = asn1_init(in);
242 if (!asn1_load(asn1, blob)) {
246 in->ldap_msg = talloc(in, struct ldap_message);
247 if (in->ldap_msg == NULL) {
251 /* this initial decode is used to find the message id */
252 status = ldap_decode(asn1, NULL, in->ldap_msg);
253 if (!NT_STATUS_IS_OK(status)) {
257 /* find the pending request */
258 p = idr_find(c->searches.idr, in->ldap_msg->messageid);
260 if (!c->incoming.handler) {
264 /* this function should free or steal 'in' */
265 c->incoming.handler(c, c->incoming.private_data, in);
269 search = talloc_get_type(p, struct cldap_search_state);
270 search->response.in = talloc_move(search, &in);
271 search->response.asn1 = asn1;
272 search->response.asn1->ofs = 0;
274 DLIST_REMOVE(c->searches.list, search);
276 if (!cldap_recvfrom_setup(c)) {
280 tevent_req_done(search->req);
285 in->recv_errno = ENOMEM;
287 status = map_nt_error_from_unix_common(in->recv_errno);
289 /* in connected mode the first pending search gets the error */
291 /* otherwise we just ignore the error */
294 if (!c->searches.list) {
297 tevent_req_nterror(c->searches.list->req, status);
304 initialise a cldap_sock
306 NTSTATUS cldap_socket_init(TALLOC_CTX *mem_ctx,
307 const struct tsocket_address *local_addr,
308 const struct tsocket_address *remote_addr,
309 struct cldap_socket **_cldap)
311 struct cldap_socket *c = NULL;
312 struct tsocket_address *any = NULL;
315 const char *fam = NULL;
317 if (local_addr == NULL && remote_addr == NULL) {
318 return NT_STATUS_INVALID_PARAMETER_MIX;
325 is_ipv4 = tsocket_address_is_inet(remote_addr, "ipv4");
326 is_ipv6 = tsocket_address_is_inet(remote_addr, "ipv6");
330 } else if (is_ipv6) {
333 return NT_STATUS_INVALID_ADDRESS;
337 c = talloc_zero(mem_ctx, struct cldap_socket);
344 * Here we know the address family of the remote address.
347 return NT_STATUS_INVALID_PARAMETER_MIX;
350 ret = tsocket_address_inet_from_strings(c, fam,
354 status = map_nt_error_from_unix_common(errno);
360 c->searches.idr = idr_init(c);
361 if (!c->searches.idr) {
365 ret = tdgram_inet_udp_socket(local_addr, remote_addr,
368 status = map_nt_error_from_unix_common(errno);
377 c->send_queue = tevent_queue_create(c, "cldap_send_queue");
378 if (!c->send_queue) {
382 talloc_set_destructor(c, cldap_socket_destructor);
388 status = NT_STATUS_NO_MEMORY;
395 setup a handler for incoming requests
397 NTSTATUS cldap_set_incoming_handler(struct cldap_socket *c,
398 struct tevent_context *ev,
399 void (*handler)(struct cldap_socket *,
401 struct cldap_incoming *),
405 return NT_STATUS_PIPE_CONNECTED;
409 c->incoming.handler = handler;
410 c->incoming.private_data = private_data;
412 if (!cldap_recvfrom_setup(c)) {
413 ZERO_STRUCT(c->incoming);
414 return NT_STATUS_NO_MEMORY;
420 struct cldap_reply_state {
421 struct tsocket_address *dest;
425 static void cldap_reply_state_destroy(struct tevent_req *subreq);
428 queue a cldap reply for send
430 NTSTATUS cldap_reply_send(struct cldap_socket *cldap, struct cldap_reply *io)
432 struct cldap_reply_state *state = NULL;
433 struct ldap_message *msg;
434 DATA_BLOB blob1, blob2;
436 struct tevent_req *subreq;
438 if (cldap->connected) {
439 return NT_STATUS_PIPE_CONNECTED;
442 if (cldap->incoming.ev == NULL) {
443 return NT_STATUS_INVALID_PIPE_STATE;
447 return NT_STATUS_INVALID_ADDRESS;
450 state = talloc(cldap, struct cldap_reply_state);
451 NT_STATUS_HAVE_NO_MEMORY(state);
453 state->dest = tsocket_address_copy(io->dest, state);
458 msg = talloc(state, struct ldap_message);
463 msg->messageid = io->messageid;
464 msg->controls = NULL;
467 msg->type = LDAP_TAG_SearchResultEntry;
468 msg->r.SearchResultEntry = *io->response;
470 if (!ldap_encode(msg, NULL, &blob1, state)) {
471 status = NT_STATUS_INVALID_PARAMETER;
475 blob1 = data_blob(NULL, 0);
478 msg->type = LDAP_TAG_SearchResultDone;
479 msg->r.SearchResultDone = *io->result;
481 if (!ldap_encode(msg, NULL, &blob2, state)) {
482 status = NT_STATUS_INVALID_PARAMETER;
487 state->blob = data_blob_talloc(state, NULL, blob1.length + blob2.length);
488 if (!state->blob.data) {
492 memcpy(state->blob.data, blob1.data, blob1.length);
493 memcpy(state->blob.data+blob1.length, blob2.data, blob2.length);
494 data_blob_free(&blob1);
495 data_blob_free(&blob2);
497 subreq = tdgram_sendto_queue_send(state,
507 /* the callback will just free the state, as we don't need a result */
508 tevent_req_set_callback(subreq, cldap_reply_state_destroy, state);
513 status = NT_STATUS_NO_MEMORY;
519 static void cldap_reply_state_destroy(struct tevent_req *subreq)
521 struct cldap_reply_state *state = tevent_req_callback_data(subreq,
522 struct cldap_reply_state);
524 /* we don't want to know the result here, we just free the state */
529 static int cldap_search_state_destructor(struct cldap_search_state *s)
531 if (s->caller.cldap) {
532 if (s->message_id != -1) {
533 idr_remove(s->caller.cldap->searches.idr, s->message_id);
536 DLIST_REMOVE(s->caller.cldap->searches.list, s);
537 cldap_recvfrom_stop(s->caller.cldap);
538 ZERO_STRUCT(s->caller);
544 static void cldap_search_state_queue_done(struct tevent_req *subreq);
545 static void cldap_search_state_wakeup_done(struct tevent_req *subreq);
548 queue a cldap reply for send
550 struct tevent_req *cldap_search_send(TALLOC_CTX *mem_ctx,
551 struct tevent_context *ev,
552 struct cldap_socket *cldap,
553 const struct cldap_search *io)
555 struct tevent_req *req, *subreq;
556 struct cldap_search_state *state = NULL;
557 struct ldap_message *msg;
558 struct ldap_SearchRequest *search;
564 req = tevent_req_create(mem_ctx, &state,
565 struct cldap_search_state);
570 state->caller.ev = ev;
572 state->caller.cldap = cldap;
573 state->message_id = -1;
575 talloc_set_destructor(state, cldap_search_state_destructor);
577 if (io->in.dest_address) {
578 if (cldap->connected) {
579 tevent_req_nterror(req, NT_STATUS_PIPE_CONNECTED);
582 ret = tsocket_address_inet_from_strings(state,
586 &state->request.dest);
588 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
592 if (!cldap->connected) {
593 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
596 state->request.dest = NULL;
599 state->message_id = idr_get_new_random(cldap->searches.idr,
601 if (state->message_id == -1) {
602 tevent_req_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
606 msg = talloc(state, struct ldap_message);
607 if (tevent_req_nomem(msg, req)) {
611 msg->messageid = state->message_id;
612 msg->type = LDAP_TAG_SearchRequest;
613 msg->controls = NULL;
614 search = &msg->r.SearchRequest;
617 search->scope = LDAP_SEARCH_SCOPE_BASE;
618 search->deref = LDAP_DEREFERENCE_NEVER;
619 search->timelimit = 0;
620 search->sizelimit = 0;
621 search->attributesonly = false;
622 search->num_attributes = str_list_length(io->in.attributes);
623 search->attributes = io->in.attributes;
624 search->tree = ldb_parse_tree(msg, io->in.filter);
625 if (tevent_req_nomem(search->tree, req)) {
629 if (!ldap_encode(msg, NULL, &state->request.blob, state)) {
630 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 state->request.idx = 0;
636 state->request.delay = 10*1000*1000;
637 state->request.count = 3;
638 if (io->in.timeout > 0) {
639 state->request.delay = io->in.timeout * 1000 * 1000;
640 state->request.count = io->in.retries + 1;
643 now = tevent_timeval_current();
645 for (i = 0; i < state->request.count; i++) {
646 end = tevent_timeval_add(&end, state->request.delay / 1000000,
647 state->request.delay % 1000000);
650 if (!tevent_req_set_endtime(req, state->caller.ev, end)) {
655 subreq = tdgram_sendto_queue_send(state,
657 state->caller.cldap->sock,
658 state->caller.cldap->send_queue,
659 state->request.blob.data,
660 state->request.blob.length,
661 state->request.dest);
662 if (tevent_req_nomem(subreq, req)) {
665 tevent_req_set_callback(subreq, cldap_search_state_queue_done, req);
667 DLIST_ADD_END(cldap->searches.list, state, struct cldap_search_state *);
672 return tevent_req_post(req, state->caller.ev);
675 static void cldap_search_state_queue_done(struct tevent_req *subreq)
677 struct tevent_req *req = tevent_req_callback_data(subreq,
679 struct cldap_search_state *state = tevent_req_data(req,
680 struct cldap_search_state);
685 ret = tdgram_sendto_queue_recv(subreq, &sys_errno);
689 status = map_nt_error_from_unix_common(sys_errno);
690 DLIST_REMOVE(state->caller.cldap->searches.list, state);
691 ZERO_STRUCT(state->caller.cldap);
692 tevent_req_nterror(req, status);
696 state->request.idx++;
698 /* wait for incoming traffic */
699 if (!cldap_recvfrom_setup(state->caller.cldap)) {
704 if (state->request.idx > state->request.count) {
705 /* we just wait for the response or a timeout */
709 next = tevent_timeval_current_ofs(state->request.delay / 1000000,
710 state->request.delay % 1000000);
711 subreq = tevent_wakeup_send(state,
714 if (tevent_req_nomem(subreq, req)) {
717 tevent_req_set_callback(subreq, cldap_search_state_wakeup_done, req);
720 static void cldap_search_state_wakeup_done(struct tevent_req *subreq)
722 struct tevent_req *req = tevent_req_callback_data(subreq,
724 struct cldap_search_state *state = tevent_req_data(req,
725 struct cldap_search_state);
728 ok = tevent_wakeup_recv(subreq);
731 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
735 subreq = tdgram_sendto_queue_send(state,
737 state->caller.cldap->sock,
738 state->caller.cldap->send_queue,
739 state->request.blob.data,
740 state->request.blob.length,
741 state->request.dest);
742 if (tevent_req_nomem(subreq, req)) {
745 tevent_req_set_callback(subreq, cldap_search_state_queue_done, req);
749 receive a cldap reply
751 NTSTATUS cldap_search_recv(struct tevent_req *req,
753 struct cldap_search *io)
755 struct cldap_search_state *state = tevent_req_data(req,
756 struct cldap_search_state);
757 struct ldap_message *ldap_msg;
760 if (tevent_req_is_nterror(req, &status)) {
764 ldap_msg = talloc(mem_ctx, struct ldap_message);
769 status = ldap_decode(state->response.asn1, NULL, ldap_msg);
770 if (!NT_STATUS_IS_OK(status)) {
774 ZERO_STRUCT(io->out);
776 /* the first possible form has a search result in first place */
777 if (ldap_msg->type == LDAP_TAG_SearchResultEntry) {
778 io->out.response = talloc(mem_ctx, struct ldap_SearchResEntry);
779 if (!io->out.response) {
782 *io->out.response = ldap_msg->r.SearchResultEntry;
784 /* decode the 2nd part */
785 status = ldap_decode(state->response.asn1, NULL, ldap_msg);
786 if (!NT_STATUS_IS_OK(status)) {
791 if (ldap_msg->type != LDAP_TAG_SearchResultDone) {
792 status = NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR);
796 io->out.result = talloc(mem_ctx, struct ldap_Result);
797 if (!io->out.result) {
800 *io->out.result = ldap_msg->r.SearchResultDone;
802 if (io->out.result->resultcode != LDAP_SUCCESS) {
803 status = NT_STATUS_LDAP(io->out.result->resultcode);
807 tevent_req_received(req);
811 status = NT_STATUS_NO_MEMORY;
813 tevent_req_received(req);
819 synchronous cldap search
821 NTSTATUS cldap_search(struct cldap_socket *cldap,
823 struct cldap_search *io)
826 struct tevent_req *req;
827 struct tevent_context *ev;
830 if (cldap->searches.list) {
831 return NT_STATUS_PIPE_BUSY;
834 if (cldap->incoming.handler) {
835 return NT_STATUS_INVALID_PIPE_STATE;
838 frame = talloc_stackframe();
840 ev = tevent_context_init(frame);
843 return NT_STATUS_NO_MEMORY;
846 req = cldap_search_send(mem_ctx, ev, cldap, io);
849 return NT_STATUS_NO_MEMORY;
852 if (!tevent_req_poll(req, ev)) {
853 status = map_nt_error_from_unix_common(errno);
858 status = cldap_search_recv(req, mem_ctx, io);
859 if (!NT_STATUS_IS_OK(status)) {
868 struct cldap_netlogon_state {
869 struct cldap_search search;
872 static void cldap_netlogon_state_done(struct tevent_req *subreq);
874 queue a cldap netlogon for send
876 struct tevent_req *cldap_netlogon_send(TALLOC_CTX *mem_ctx,
877 struct tevent_context *ev,
878 struct cldap_socket *cldap,
879 const struct cldap_netlogon *io)
881 struct tevent_req *req, *subreq;
882 struct cldap_netlogon_state *state;
884 static const char * const attr[] = { "NetLogon", NULL };
886 req = tevent_req_create(mem_ctx, &state,
887 struct cldap_netlogon_state);
892 filter = talloc_asprintf(state, "(&(NtVer=%s)",
893 ldap_encode_ndr_uint32(state, io->in.version));
894 if (tevent_req_nomem(filter, req)) {
898 filter = talloc_asprintf_append_buffer(filter, "(User=%s)", io->in.user);
899 if (tevent_req_nomem(filter, req)) {
904 filter = talloc_asprintf_append_buffer(filter, "(Host=%s)", io->in.host);
905 if (tevent_req_nomem(filter, req)) {
910 filter = talloc_asprintf_append_buffer(filter, "(DnsDomain=%s)", io->in.realm);
911 if (tevent_req_nomem(filter, req)) {
915 if (io->in.acct_control != -1) {
916 filter = talloc_asprintf_append_buffer(filter, "(AAC=%s)",
917 ldap_encode_ndr_uint32(state, io->in.acct_control));
918 if (tevent_req_nomem(filter, req)) {
922 if (io->in.domain_sid) {
923 struct dom_sid *sid = dom_sid_parse_talloc(state, io->in.domain_sid);
924 if (tevent_req_nomem(sid, req)) {
927 filter = talloc_asprintf_append_buffer(filter, "(domainSid=%s)",
928 ldap_encode_ndr_dom_sid(state, sid));
929 if (tevent_req_nomem(filter, req)) {
933 if (io->in.domain_guid) {
936 status = GUID_from_string(io->in.domain_guid, &guid);
937 if (tevent_req_nterror(req, status)) {
940 filter = talloc_asprintf_append_buffer(filter, "(DomainGuid=%s)",
941 ldap_encode_ndr_GUID(state, &guid));
942 if (tevent_req_nomem(filter, req)) {
946 filter = talloc_asprintf_append_buffer(filter, ")");
947 if (tevent_req_nomem(filter, req)) {
951 if (io->in.dest_address) {
952 state->search.in.dest_address = talloc_strdup(state,
953 io->in.dest_address);
954 if (tevent_req_nomem(state->search.in.dest_address, req)) {
957 state->search.in.dest_port = io->in.dest_port;
959 state->search.in.dest_address = NULL;
960 state->search.in.dest_port = 0;
962 state->search.in.filter = filter;
963 state->search.in.attributes = attr;
964 state->search.in.timeout = 2;
965 state->search.in.retries = 2;
967 subreq = cldap_search_send(state, ev, cldap, &state->search);
968 if (tevent_req_nomem(subreq, req)) {
971 tevent_req_set_callback(subreq, cldap_netlogon_state_done, req);
975 return tevent_req_post(req, ev);
978 static void cldap_netlogon_state_done(struct tevent_req *subreq)
980 struct tevent_req *req = tevent_req_callback_data(subreq,
982 struct cldap_netlogon_state *state = tevent_req_data(req,
983 struct cldap_netlogon_state);
986 status = cldap_search_recv(subreq, state, &state->search);
989 if (tevent_req_nterror(req, status)) {
993 tevent_req_done(req);
997 receive a cldap netlogon reply
999 NTSTATUS cldap_netlogon_recv(struct tevent_req *req,
1000 TALLOC_CTX *mem_ctx,
1001 struct cldap_netlogon *io)
1003 struct cldap_netlogon_state *state = tevent_req_data(req,
1004 struct cldap_netlogon_state);
1008 if (tevent_req_is_nterror(req, &status)) {
1012 if (state->search.out.response == NULL) {
1013 status = NT_STATUS_NOT_FOUND;
1017 if (state->search.out.response->num_attributes != 1 ||
1018 strcasecmp(state->search.out.response->attributes[0].name, "netlogon") != 0 ||
1019 state->search.out.response->attributes[0].num_values != 1 ||
1020 state->search.out.response->attributes[0].values->length < 2) {
1021 status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
1024 data = state->search.out.response->attributes[0].values;
1026 status = pull_netlogon_samlogon_response(data, mem_ctx,
1028 if (!NT_STATUS_IS_OK(status)) {
1032 if (io->in.map_response) {
1033 map_netlogon_samlogon_response(&io->out.netlogon);
1036 status = NT_STATUS_OK;
1038 tevent_req_received(req);
1043 sync cldap netlogon search
1045 NTSTATUS cldap_netlogon(struct cldap_socket *cldap,
1046 TALLOC_CTX *mem_ctx,
1047 struct cldap_netlogon *io)
1050 struct tevent_req *req;
1051 struct tevent_context *ev;
1054 if (cldap->searches.list) {
1055 return NT_STATUS_PIPE_BUSY;
1058 if (cldap->incoming.handler) {
1059 return NT_STATUS_INVALID_PIPE_STATE;
1062 frame = talloc_stackframe();
1064 ev = tevent_context_init(frame);
1067 return NT_STATUS_NO_MEMORY;
1070 req = cldap_netlogon_send(mem_ctx, ev, cldap, io);
1073 return NT_STATUS_NO_MEMORY;
1076 if (!tevent_req_poll(req, ev)) {
1077 status = map_nt_error_from_unix_common(errno);
1082 status = cldap_netlogon_recv(req, mem_ctx, io);
1083 if (!NT_STATUS_IS_OK(status)) {
1089 return NT_STATUS_OK;
1094 send an empty reply (used on any error, so the client doesn't keep waiting
1095 or send the bad request again)
1097 NTSTATUS cldap_empty_reply(struct cldap_socket *cldap,
1098 uint32_t message_id,
1099 struct tsocket_address *dest)
1102 struct cldap_reply reply;
1103 struct ldap_Result result;
1105 reply.messageid = message_id;
1107 reply.response = NULL;
1108 reply.result = &result;
1110 ZERO_STRUCT(result);
1112 status = cldap_reply_send(cldap, &reply);
1118 send an error reply (used on any error, so the client doesn't keep waiting
1119 or send the bad request again)
1121 NTSTATUS cldap_error_reply(struct cldap_socket *cldap,
1122 uint32_t message_id,
1123 struct tsocket_address *dest,
1125 const char *errormessage)
1128 struct cldap_reply reply;
1129 struct ldap_Result result;
1131 reply.messageid = message_id;
1133 reply.response = NULL;
1134 reply.result = &result;
1136 ZERO_STRUCT(result);
1137 result.resultcode = resultcode;
1138 result.errormessage = errormessage;
1140 status = cldap_reply_send(cldap, &reply);
1147 send a netlogon reply
1149 NTSTATUS cldap_netlogon_reply(struct cldap_socket *cldap,
1150 uint32_t message_id,
1151 struct tsocket_address *dest,
1153 struct netlogon_samlogon_response *netlogon)
1156 struct cldap_reply reply;
1157 struct ldap_SearchResEntry response;
1158 struct ldap_Result result;
1159 TALLOC_CTX *tmp_ctx = talloc_new(cldap);
1162 status = push_netlogon_samlogon_response(&blob, tmp_ctx,
1164 if (!NT_STATUS_IS_OK(status)) {
1165 talloc_free(tmp_ctx);
1168 reply.messageid = message_id;
1170 reply.response = &response;
1171 reply.result = &result;
1173 ZERO_STRUCT(result);
1176 response.num_attributes = 1;
1177 response.attributes = talloc(tmp_ctx, struct ldb_message_element);
1178 NT_STATUS_HAVE_NO_MEMORY(response.attributes);
1179 response.attributes->name = "netlogon";
1180 response.attributes->num_values = 1;
1181 response.attributes->values = &blob;
1183 status = cldap_reply_send(cldap, &reply);
1185 talloc_free(tmp_ctx);