added a 'net ads lookup' command that does a CLDAP NetLogon query to a

win2000 server. It does seem to work, and win200 sends us a valid
reply, but we don't parse it yet. Maybe tomorrow :)

diff --git a/source/Makefile.in b/source/Makefile.in
index 69ac925fd770b6b683134716b4505e1203dd4443..734f6ee82a8244c8e870d67f335123766d38f895 100644 (file)
--- a/source/Makefile.in
+++ b/source/Makefile.in
@@ -376,7 +376,7 @@ CLIENT_OBJ1 = client/client.o client/clitar.o
 CLIENT_OBJ = $(CLIENT_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
              $(READLINE_OBJ) 
 
-NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_help.o \
+NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_ads_cldap.o utils/net_help.o \
           utils/net_rap.o utils/net_rpc.o \
           utils/net_rpc_join.o utils/net_time.o utils/net_lookup.o
 

diff --git a/source/libsmb/asn1.c b/source/libsmb/asn1.c
index b4ad3ad0b8998467121a6bca669ae196acd8ade4..c8f832f3df68cf5318141f4f60785e140398c942 100644 (file)
--- a/source/libsmb/asn1.c
+++ b/source/libsmb/asn1.c
@@ -174,6 +174,16 @@ BOOL asn1_write_BOOLEAN(ASN1_DATA *data, BOOL v)
        return !data->has_error;
 }
 
+/* write a BOOLEAN - hmm, I suspect this one is the correct one, and the 
+   above boolean is bogus. Need to check */
+BOOL asn1_write_BOOLEAN2(ASN1_DATA *data, BOOL v)
+{
+       asn1_push_tag(data, ASN1_BOOLEAN);
+       asn1_write_uint8(data, v);
+       asn1_pop_tag(data);
+       return !data->has_error;
+}
+
 /* check a BOOLEAN */
 BOOL asn1_check_BOOLEAN(ASN1_DATA *data, BOOL v)
 {

diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c
index ad405fe68c32fb46063fcabe0ca7c51db498a399..16450c5b2994c30bb6ed6946c420a8dd3eb2cbc3 100644 (file)
--- a/source/utils/net_ads.c
+++ b/source/utils/net_ads.c
@@ -56,6 +56,31 @@ int net_ads_usage(int argc, const char **argv)
 }
 
 
+/*
+  this implements the CLDAP based netlogon lookup requests
+  for finding the domain controller of a ADS domain
+*/
+static int net_ads_lookup(int argc, const char **argv)
+{
+       ADS_STRUCT *ads;
+
+       ads = ads_init(NULL, NULL, opt_host);
+       if (ads) {
+               ads->auth.no_bind = 1;
+       }
+
+       ads_connect(ads);
+
+       if (!ads || !ads->config.realm) {
+               d_printf("Didn't find the cldap server!\n");
+               return -1;
+       }
+
+       return ads_cldap_netlogon(ads);
+}
+
+
+
 static int net_ads_info(int argc, const char **argv)
 {
        ADS_STRUCT *ads;
@@ -1009,6 +1034,7 @@ int net_ads(int argc, const char **argv)
                {"PRINTER", net_ads_printer},
                {"SEARCH", net_ads_search},
                {"WORKGROUP", net_ads_workgroup},
+               {"LOOKUP", net_ads_lookup},
                {"HELP", net_ads_help},
                {NULL, NULL}
        };

diff --git a/source/utils/net_ads_cldap.c b/source/utils/net_ads_cldap.c
new file mode 100644 (file)
index 0000000..f707f6b
--- /dev/null
+++ b/source/utils/net_ads_cldap.c
@@ -0,0 +1,95 @@
+/* 
+   Samba Unix/Linux SMB client library 
+   net ads cldap functions 
+   Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.  
+*/
+
+#include "includes.h"
+#include "../utils/net.h"
+
+#ifdef HAVE_ADS
+
+/*
+  do a cldap netlogon query
+*/
+int ads_cldap_netlogon(ADS_STRUCT *ads)
+{
+       ASN1_DATA data;
+       char ntver[4];
+       int sock;
+
+       SIVAL(ntver, 0, 6);
+
+       memset(&data, 0, sizeof(data));
+
+       asn1_push_tag(&data,ASN1_SEQUENCE(0));
+       asn1_write_Integer(&data, 4);
+       asn1_push_tag(&data, ASN1_APPLICATION(3));
+       asn1_write_OctetString(&data, NULL, 0);
+       asn1_write_enumerated(&data, 0);
+       asn1_write_enumerated(&data, 0);
+       asn1_write_Integer(&data, 0);
+       asn1_write_Integer(&data, 0);
+       asn1_write_BOOLEAN2(&data, False);
+       asn1_push_tag(&data, ASN1_CONTEXT(0));
+
+       asn1_push_tag(&data, ASN1_CONTEXT(3));
+       asn1_write_OctetString(&data, "DnsDomain", 9);
+       asn1_write_OctetString(&data, ads->config.realm, strlen(ads->config.realm));
+       asn1_pop_tag(&data);
+
+       asn1_push_tag(&data, ASN1_CONTEXT(3));
+       asn1_write_OctetString(&data, "Host", 4);
+       asn1_write_OctetString(&data, "blu", 3);
+       asn1_pop_tag(&data);
+
+
+       asn1_push_tag(&data, ASN1_CONTEXT(3));
+       asn1_write_OctetString(&data, "NtVer", 5);
+       asn1_write_OctetString(&data, ntver, 4);
+       asn1_pop_tag(&data);
+
+       asn1_pop_tag(&data);
+
+       asn1_push_tag(&data,ASN1_SEQUENCE(0));
+       asn1_write_OctetString(&data, "NetLogon", 8);
+       asn1_pop_tag(&data);
+       asn1_pop_tag(&data);
+       asn1_pop_tag(&data);
+
+       if (data.has_error) {
+               d_printf("Failed to build cldap netlogon at offset %d\n", (int)data.ofs);
+               asn1_free(&data);
+               return -1;
+       }
+
+       sock = open_udp_socket(inet_ntoa(ads->ldap_ip), ads->ldap_port);
+       if (sock == -1) {
+               d_printf("Failed to open udp socket to %s:%u\n", 
+                        inet_ntoa(ads->ldap_ip), 
+                        ads->ldap_port);
+               return -1;
+       }
+
+       write(sock, data.data, data.length);
+       file_save("cldap_query.dat", data.data, data.length);
+       asn1_free(&data);
+       return 0;
+}
+
+
+#endif