2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2009
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 see RFC1798 for details of CLDAP
27 - carried over UDP on port 389
28 - request and response matched by message ID
29 - request consists of only a single searchRequest element
30 - response can be in one of two forms
31 - a single searchResponse, followed by a searchResult
32 - a single searchResult
37 #include "../lib/util/dlinklist.h"
38 #include "../libcli/ldap/ldap_message.h"
39 #include "../libcli/ldap/ldap_ndr.h"
40 #include "../libcli/cldap/cldap.h"
41 #include "../lib/tsocket/tsocket.h"
42 #include "../libcli/security/dom_sid.h"
43 #include "../librpc/gen_ndr/ndr_nbt.h"
44 #include "../lib/util/asn1.h"
45 #include "../lib/util/tevent_ntstatus.h"
50 context structure for operations on cldap packets
53 /* the low level socket */
54 struct tdgram_context *sock;
57 * Are we in connected mode, which means
58 * we get ICMP errors back instead of timing
59 * out requests. And we can only send requests
60 * to the connected peer.
64 /* the queue for outgoing dgrams */
65 struct tevent_queue *send_queue;
67 /* do we have an async tsocket_recvfrom request pending */
68 struct tevent_req *recv_subreq;
71 /* a queue of pending search requests */
72 struct cldap_search_state *list;
74 /* mapping from message_id to pending request */
75 struct idr_context *idr;
78 /* what to do with incoming request packets */
80 struct tevent_context *ev;
81 void (*handler)(struct cldap_socket *,
83 struct cldap_incoming *);
88 struct cldap_search_state {
89 struct cldap_search_state *prev, *next;
92 struct tevent_context *ev;
93 struct cldap_socket *cldap;
102 struct tsocket_address *dest;
107 struct cldap_incoming *in;
108 struct asn1_data *asn1;
111 struct tevent_req *req;
114 static int cldap_socket_destructor(struct cldap_socket *c)
116 while (c->searches.list) {
117 struct cldap_search_state *s = c->searches.list;
118 DLIST_REMOVE(c->searches.list, s);
119 ZERO_STRUCT(s->caller);
122 talloc_free(c->recv_subreq);
123 talloc_free(c->send_queue);
124 talloc_free(c->sock);
128 static void cldap_recvfrom_done(struct tevent_req *subreq);
130 static bool cldap_recvfrom_setup(struct cldap_socket *c)
132 struct tevent_context *ev;
134 if (c->recv_subreq) {
138 if (!c->searches.list && !c->incoming.handler) {
144 ev = c->searches.list->caller.ev;
147 c->recv_subreq = tdgram_recvfrom_send(c, ev, c->sock);
148 if (!c->recv_subreq) {
151 tevent_req_set_callback(c->recv_subreq, cldap_recvfrom_done, c);
156 static void cldap_recvfrom_stop(struct cldap_socket *c)
158 if (!c->recv_subreq) {
162 if (c->searches.list || c->incoming.handler) {
166 talloc_free(c->recv_subreq);
167 c->recv_subreq = NULL;
170 static bool cldap_socket_recv_dgram(struct cldap_socket *c,
171 struct cldap_incoming *in);
173 static void cldap_recvfrom_done(struct tevent_req *subreq)
175 struct cldap_socket *c = tevent_req_callback_data(subreq,
176 struct cldap_socket);
177 struct cldap_incoming *in = NULL;
181 c->recv_subreq = NULL;
183 in = talloc_zero(c, struct cldap_incoming);
188 ret = tdgram_recvfrom_recv(subreq,
198 if (ret == -1 && in->recv_errno == 0) {
199 in->recv_errno = EIO;
202 /* this function should free or steal 'in' */
203 setup_done = cldap_socket_recv_dgram(c, in);
206 if (!setup_done && !cldap_recvfrom_setup(c)) {
218 handle recv events on a cldap socket
220 static bool cldap_socket_recv_dgram(struct cldap_socket *c,
221 struct cldap_incoming *in)
223 struct asn1_data *asn1;
225 struct cldap_search_state *search;
228 if (in->recv_errno != 0) {
232 asn1 = asn1_init(in);
237 asn1_load_nocopy(asn1, in->buf, in->len);
239 in->ldap_msg = talloc(in, struct ldap_message);
240 if (in->ldap_msg == NULL) {
244 /* this initial decode is used to find the message id */
245 status = ldap_decode(asn1, NULL, in->ldap_msg);
246 if (!NT_STATUS_IS_OK(status)) {
250 /* find the pending request */
251 p = idr_find(c->searches.idr, in->ldap_msg->messageid);
253 if (!c->incoming.handler) {
258 /* this function should free or steal 'in' */
259 c->incoming.handler(c, c->incoming.private_data, in);
263 search = talloc_get_type_abort(p, struct cldap_search_state);
264 search->response.in = talloc_move(search, &in);
266 search->response.asn1 = asn1;
268 asn1_load_nocopy(search->response.asn1,
269 search->response.in->buf, search->response.in->len);
271 DLIST_REMOVE(c->searches.list, search);
273 if (cldap_recvfrom_setup(c)) {
274 tevent_req_done(search->req);
279 * This request was ok, just defer the notify of the caller
280 * and then just fail the next request if needed
282 tevent_req_defer_callback(search->req, search->caller.ev);
283 tevent_req_done(search->req);
285 status = NT_STATUS_NO_MEMORY;
286 /* in is NULL it this point */
289 in->recv_errno = ENOMEM;
291 status = map_nt_error_from_unix_common(in->recv_errno);
294 /* in connected mode the first pending search gets the error */
296 /* otherwise we just ignore the error */
299 if (!c->searches.list) {
303 * We might called tevent_req_done() for a successful
304 * search before, so we better deliver the failure
305 * after the success, that is why we better also
306 * use tevent_req_defer_callback() here.
308 tevent_req_defer_callback(c->searches.list->req,
309 c->searches.list->caller.ev);
310 tevent_req_nterror(c->searches.list->req, status);
315 initialise a cldap_sock
317 NTSTATUS cldap_socket_init(TALLOC_CTX *mem_ctx,
318 const struct tsocket_address *local_addr,
319 const struct tsocket_address *remote_addr,
320 struct cldap_socket **_cldap)
322 struct cldap_socket *c = NULL;
323 struct tsocket_address *any = NULL;
326 const char *fam = NULL;
328 if (local_addr == NULL && remote_addr == NULL) {
329 return NT_STATUS_INVALID_PARAMETER_MIX;
336 is_ipv4 = tsocket_address_is_inet(remote_addr, "ipv4");
337 is_ipv6 = tsocket_address_is_inet(remote_addr, "ipv6");
341 } else if (is_ipv6) {
344 return NT_STATUS_INVALID_ADDRESS;
348 c = talloc_zero(mem_ctx, struct cldap_socket);
355 * Here we know the address family of the remote address.
358 return NT_STATUS_INVALID_PARAMETER_MIX;
361 ret = tsocket_address_inet_from_strings(c, fam,
365 status = map_nt_error_from_unix_common(errno);
371 c->searches.idr = idr_init(c);
372 if (!c->searches.idr) {
376 ret = tdgram_inet_udp_socket(local_addr, remote_addr,
379 status = map_nt_error_from_unix_common(errno);
388 c->send_queue = tevent_queue_create(c, "cldap_send_queue");
389 if (!c->send_queue) {
393 talloc_set_destructor(c, cldap_socket_destructor);
399 status = NT_STATUS_NO_MEMORY;
406 setup a handler for incoming requests
408 NTSTATUS cldap_set_incoming_handler(struct cldap_socket *c,
409 struct tevent_context *ev,
410 void (*handler)(struct cldap_socket *,
412 struct cldap_incoming *),
416 return NT_STATUS_PIPE_CONNECTED;
420 c->incoming.handler = handler;
421 c->incoming.private_data = private_data;
423 if (!cldap_recvfrom_setup(c)) {
424 ZERO_STRUCT(c->incoming);
425 return NT_STATUS_NO_MEMORY;
431 struct cldap_reply_state {
432 struct tsocket_address *dest;
436 static void cldap_reply_state_destroy(struct tevent_req *subreq);
439 queue a cldap reply for send
441 NTSTATUS cldap_reply_send(struct cldap_socket *cldap, struct cldap_reply *io)
443 struct cldap_reply_state *state = NULL;
444 struct ldap_message *msg;
445 DATA_BLOB blob1, blob2;
447 struct tevent_req *subreq;
449 if (cldap->connected) {
450 return NT_STATUS_PIPE_CONNECTED;
453 if (cldap->incoming.ev == NULL) {
454 return NT_STATUS_INVALID_PIPE_STATE;
458 return NT_STATUS_INVALID_ADDRESS;
461 state = talloc(cldap, struct cldap_reply_state);
462 NT_STATUS_HAVE_NO_MEMORY(state);
464 state->dest = tsocket_address_copy(io->dest, state);
469 msg = talloc(state, struct ldap_message);
474 msg->messageid = io->messageid;
475 msg->controls = NULL;
478 msg->type = LDAP_TAG_SearchResultEntry;
479 msg->r.SearchResultEntry = *io->response;
481 if (!ldap_encode(msg, NULL, &blob1, state)) {
482 status = NT_STATUS_INVALID_PARAMETER;
486 blob1 = data_blob(NULL, 0);
489 msg->type = LDAP_TAG_SearchResultDone;
490 msg->r.SearchResultDone = *io->result;
492 if (!ldap_encode(msg, NULL, &blob2, state)) {
493 status = NT_STATUS_INVALID_PARAMETER;
498 state->blob = data_blob_talloc(state, NULL, blob1.length + blob2.length);
499 if (!state->blob.data) {
503 memcpy(state->blob.data, blob1.data, blob1.length);
504 memcpy(state->blob.data+blob1.length, blob2.data, blob2.length);
505 data_blob_free(&blob1);
506 data_blob_free(&blob2);
508 subreq = tdgram_sendto_queue_send(state,
518 /* the callback will just free the state, as we don't need a result */
519 tevent_req_set_callback(subreq, cldap_reply_state_destroy, state);
524 status = NT_STATUS_NO_MEMORY;
530 static void cldap_reply_state_destroy(struct tevent_req *subreq)
532 struct cldap_reply_state *state = tevent_req_callback_data(subreq,
533 struct cldap_reply_state);
535 /* we don't want to know the result here, we just free the state */
540 static int cldap_search_state_destructor(struct cldap_search_state *s)
542 if (s->caller.cldap) {
543 if (s->message_id != -1) {
544 idr_remove(s->caller.cldap->searches.idr, s->message_id);
547 DLIST_REMOVE(s->caller.cldap->searches.list, s);
548 cldap_recvfrom_stop(s->caller.cldap);
549 ZERO_STRUCT(s->caller);
555 static void cldap_search_state_queue_done(struct tevent_req *subreq);
556 static void cldap_search_state_wakeup_done(struct tevent_req *subreq);
559 queue a cldap reply for send
561 struct tevent_req *cldap_search_send(TALLOC_CTX *mem_ctx,
562 struct tevent_context *ev,
563 struct cldap_socket *cldap,
564 const struct cldap_search *io)
566 struct tevent_req *req, *subreq;
567 struct cldap_search_state *state = NULL;
568 struct ldap_message *msg;
569 struct ldap_SearchRequest *search;
575 req = tevent_req_create(mem_ctx, &state,
576 struct cldap_search_state);
581 state->caller.ev = ev;
583 state->caller.cldap = cldap;
584 state->message_id = -1;
586 talloc_set_destructor(state, cldap_search_state_destructor);
588 if (io->in.dest_address) {
589 if (cldap->connected) {
590 tevent_req_nterror(req, NT_STATUS_PIPE_CONNECTED);
593 ret = tsocket_address_inet_from_strings(state,
597 &state->request.dest);
599 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
603 if (!cldap->connected) {
604 tevent_req_nterror(req, NT_STATUS_INVALID_ADDRESS);
607 state->request.dest = NULL;
610 state->message_id = idr_get_new_random(cldap->searches.idr,
612 if (state->message_id == -1) {
613 tevent_req_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
617 msg = talloc(state, struct ldap_message);
618 if (tevent_req_nomem(msg, req)) {
622 msg->messageid = state->message_id;
623 msg->type = LDAP_TAG_SearchRequest;
624 msg->controls = NULL;
625 search = &msg->r.SearchRequest;
628 search->scope = LDAP_SEARCH_SCOPE_BASE;
629 search->deref = LDAP_DEREFERENCE_NEVER;
630 search->timelimit = 0;
631 search->sizelimit = 0;
632 search->attributesonly = false;
633 search->num_attributes = str_list_length(io->in.attributes);
634 search->attributes = io->in.attributes;
635 search->tree = ldb_parse_tree(msg, io->in.filter);
636 if (tevent_req_nomem(search->tree, req)) {
640 if (!ldap_encode(msg, NULL, &state->request.blob, state)) {
641 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
646 state->request.idx = 0;
647 state->request.delay = 10*1000*1000;
648 state->request.count = 3;
649 if (io->in.timeout > 0) {
650 state->request.delay = io->in.timeout * 1000 * 1000;
651 state->request.count = io->in.retries + 1;
654 now = tevent_timeval_current();
656 for (i = 0; i < state->request.count; i++) {
657 end = tevent_timeval_add(&end, state->request.delay / 1000000,
658 state->request.delay % 1000000);
661 if (!tevent_req_set_endtime(req, state->caller.ev, end)) {
666 subreq = tdgram_sendto_queue_send(state,
668 state->caller.cldap->sock,
669 state->caller.cldap->send_queue,
670 state->request.blob.data,
671 state->request.blob.length,
672 state->request.dest);
673 if (tevent_req_nomem(subreq, req)) {
676 tevent_req_set_callback(subreq, cldap_search_state_queue_done, req);
678 DLIST_ADD_END(cldap->searches.list, state, struct cldap_search_state *);
683 return tevent_req_post(req, state->caller.ev);
686 static void cldap_search_state_queue_done(struct tevent_req *subreq)
688 struct tevent_req *req = tevent_req_callback_data(subreq,
690 struct cldap_search_state *state = tevent_req_data(req,
691 struct cldap_search_state);
696 ret = tdgram_sendto_queue_recv(subreq, &sys_errno);
700 status = map_nt_error_from_unix_common(sys_errno);
701 DLIST_REMOVE(state->caller.cldap->searches.list, state);
702 ZERO_STRUCT(state->caller.cldap);
703 tevent_req_nterror(req, status);
707 state->request.idx++;
709 /* wait for incoming traffic */
710 if (!cldap_recvfrom_setup(state->caller.cldap)) {
715 if (state->request.idx > state->request.count) {
716 /* we just wait for the response or a timeout */
720 next = tevent_timeval_current_ofs(state->request.delay / 1000000,
721 state->request.delay % 1000000);
722 subreq = tevent_wakeup_send(state,
725 if (tevent_req_nomem(subreq, req)) {
728 tevent_req_set_callback(subreq, cldap_search_state_wakeup_done, req);
731 static void cldap_search_state_wakeup_done(struct tevent_req *subreq)
733 struct tevent_req *req = tevent_req_callback_data(subreq,
735 struct cldap_search_state *state = tevent_req_data(req,
736 struct cldap_search_state);
739 ok = tevent_wakeup_recv(subreq);
742 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
746 subreq = tdgram_sendto_queue_send(state,
748 state->caller.cldap->sock,
749 state->caller.cldap->send_queue,
750 state->request.blob.data,
751 state->request.blob.length,
752 state->request.dest);
753 if (tevent_req_nomem(subreq, req)) {
756 tevent_req_set_callback(subreq, cldap_search_state_queue_done, req);
760 receive a cldap reply
762 NTSTATUS cldap_search_recv(struct tevent_req *req,
764 struct cldap_search *io)
766 struct cldap_search_state *state = tevent_req_data(req,
767 struct cldap_search_state);
768 struct ldap_message *ldap_msg;
771 if (tevent_req_is_nterror(req, &status)) {
775 ldap_msg = talloc(mem_ctx, struct ldap_message);
780 status = ldap_decode(state->response.asn1, NULL, ldap_msg);
781 if (!NT_STATUS_IS_OK(status)) {
785 ZERO_STRUCT(io->out);
787 /* the first possible form has a search result in first place */
788 if (ldap_msg->type == LDAP_TAG_SearchResultEntry) {
789 io->out.response = talloc(mem_ctx, struct ldap_SearchResEntry);
790 if (!io->out.response) {
793 *io->out.response = ldap_msg->r.SearchResultEntry;
795 /* decode the 2nd part */
796 status = ldap_decode(state->response.asn1, NULL, ldap_msg);
797 if (!NT_STATUS_IS_OK(status)) {
802 if (ldap_msg->type != LDAP_TAG_SearchResultDone) {
803 status = NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR);
807 io->out.result = talloc(mem_ctx, struct ldap_Result);
808 if (!io->out.result) {
811 *io->out.result = ldap_msg->r.SearchResultDone;
813 if (io->out.result->resultcode != LDAP_SUCCESS) {
814 status = NT_STATUS_LDAP(io->out.result->resultcode);
818 tevent_req_received(req);
822 status = NT_STATUS_NO_MEMORY;
824 tevent_req_received(req);
830 synchronous cldap search
832 NTSTATUS cldap_search(struct cldap_socket *cldap,
834 struct cldap_search *io)
837 struct tevent_req *req;
838 struct tevent_context *ev;
841 if (cldap->searches.list) {
842 return NT_STATUS_PIPE_BUSY;
845 if (cldap->incoming.handler) {
846 return NT_STATUS_INVALID_PIPE_STATE;
849 frame = talloc_stackframe();
851 ev = samba_tevent_context_init(frame);
854 return NT_STATUS_NO_MEMORY;
857 req = cldap_search_send(mem_ctx, ev, cldap, io);
860 return NT_STATUS_NO_MEMORY;
863 if (!tevent_req_poll(req, ev)) {
864 status = map_nt_error_from_unix_common(errno);
869 status = cldap_search_recv(req, mem_ctx, io);
870 if (!NT_STATUS_IS_OK(status)) {
879 struct cldap_netlogon_state {
880 struct cldap_search search;
883 char *cldap_netlogon_create_filter(TALLOC_CTX *mem_ctx,
884 const struct cldap_netlogon *io)
888 filter = talloc_asprintf(mem_ctx, "(&(NtVer=%s)",
889 ldap_encode_ndr_uint32(mem_ctx, io->in.version));
894 filter = talloc_asprintf_append_buffer(filter, "(User=%s)", io->in.user);
895 if (filter == NULL) {
900 filter = talloc_asprintf_append_buffer(filter, "(Host=%s)", io->in.host);
901 if (filter == NULL) {
906 filter = talloc_asprintf_append_buffer(filter, "(DnsDomain=%s)", io->in.realm);
907 if (filter == NULL) {
911 if (io->in.acct_control != -1) {
912 filter = talloc_asprintf_append_buffer(filter, "(AAC=%s)",
913 ldap_encode_ndr_uint32(mem_ctx, io->in.acct_control));
914 if (filter == NULL) {
918 if (io->in.domain_sid) {
919 struct dom_sid *sid = dom_sid_parse_talloc(mem_ctx, io->in.domain_sid);
921 filter = talloc_asprintf_append_buffer(filter, "(domainSid=%s)",
922 ldap_encode_ndr_dom_sid(mem_ctx, sid));
923 if (filter == NULL) {
927 if (io->in.domain_guid) {
929 GUID_from_string(io->in.domain_guid, &guid);
931 filter = talloc_asprintf_append_buffer(filter, "(DomainGuid=%s)",
932 ldap_encode_ndr_GUID(mem_ctx, &guid));
933 if (filter == NULL) {
937 filter = talloc_asprintf_append_buffer(filter, ")");
942 static void cldap_netlogon_state_done(struct tevent_req *subreq);
944 queue a cldap netlogon for send
946 struct tevent_req *cldap_netlogon_send(TALLOC_CTX *mem_ctx,
947 struct tevent_context *ev,
948 struct cldap_socket *cldap,
949 const struct cldap_netlogon *io)
951 struct tevent_req *req, *subreq;
952 struct cldap_netlogon_state *state;
954 static const char * const attr[] = { "NetLogon", NULL };
956 req = tevent_req_create(mem_ctx, &state,
957 struct cldap_netlogon_state);
962 filter = cldap_netlogon_create_filter(state, io);
963 if (tevent_req_nomem(filter, req)) {
967 if (io->in.dest_address) {
968 state->search.in.dest_address = talloc_strdup(state,
969 io->in.dest_address);
970 if (tevent_req_nomem(state->search.in.dest_address, req)) {
973 state->search.in.dest_port = io->in.dest_port;
975 state->search.in.dest_address = NULL;
976 state->search.in.dest_port = 0;
978 state->search.in.filter = filter;
979 state->search.in.attributes = attr;
980 state->search.in.timeout = 2;
981 state->search.in.retries = 2;
983 subreq = cldap_search_send(state, ev, cldap, &state->search);
984 if (tevent_req_nomem(subreq, req)) {
987 tevent_req_set_callback(subreq, cldap_netlogon_state_done, req);
991 return tevent_req_post(req, ev);
994 static void cldap_netlogon_state_done(struct tevent_req *subreq)
996 struct tevent_req *req = tevent_req_callback_data(subreq,
998 struct cldap_netlogon_state *state = tevent_req_data(req,
999 struct cldap_netlogon_state);
1002 status = cldap_search_recv(subreq, state, &state->search);
1003 talloc_free(subreq);
1005 if (tevent_req_nterror(req, status)) {
1009 tevent_req_done(req);
1013 receive a cldap netlogon reply
1015 NTSTATUS cldap_netlogon_recv(struct tevent_req *req,
1016 TALLOC_CTX *mem_ctx,
1017 struct cldap_netlogon *io)
1019 struct cldap_netlogon_state *state = tevent_req_data(req,
1020 struct cldap_netlogon_state);
1021 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
1024 if (tevent_req_is_nterror(req, &status)) {
1028 if (state->search.out.response == NULL) {
1029 status = NT_STATUS_NOT_FOUND;
1033 if (state->search.out.response->num_attributes != 1 ||
1034 strcasecmp(state->search.out.response->attributes[0].name, "netlogon") != 0 ||
1035 state->search.out.response->attributes[0].num_values != 1 ||
1036 state->search.out.response->attributes[0].values->length < 2) {
1037 status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
1040 data = state->search.out.response->attributes[0].values;
1042 status = pull_netlogon_samlogon_response(data, mem_ctx,
1044 if (!NT_STATUS_IS_OK(status)) {
1048 if (io->in.map_response) {
1049 map_netlogon_samlogon_response(&io->out.netlogon);
1052 status = NT_STATUS_OK;
1054 tevent_req_received(req);
1059 sync cldap netlogon search
1061 NTSTATUS cldap_netlogon(struct cldap_socket *cldap,
1062 TALLOC_CTX *mem_ctx,
1063 struct cldap_netlogon *io)
1066 struct tevent_req *req;
1067 struct tevent_context *ev;
1070 if (cldap->searches.list) {
1071 return NT_STATUS_PIPE_BUSY;
1074 if (cldap->incoming.handler) {
1075 return NT_STATUS_INVALID_PIPE_STATE;
1078 frame = talloc_stackframe();
1080 ev = samba_tevent_context_init(frame);
1083 return NT_STATUS_NO_MEMORY;
1086 req = cldap_netlogon_send(mem_ctx, ev, cldap, io);
1089 return NT_STATUS_NO_MEMORY;
1092 if (!tevent_req_poll(req, ev)) {
1093 status = map_nt_error_from_unix_common(errno);
1098 status = cldap_netlogon_recv(req, mem_ctx, io);
1099 if (!NT_STATUS_IS_OK(status)) {
1105 return NT_STATUS_OK;
1110 send an empty reply (used on any error, so the client doesn't keep waiting
1111 or send the bad request again)
1113 NTSTATUS cldap_empty_reply(struct cldap_socket *cldap,
1114 uint32_t message_id,
1115 struct tsocket_address *dest)
1118 struct cldap_reply reply;
1119 struct ldap_Result result;
1121 reply.messageid = message_id;
1123 reply.response = NULL;
1124 reply.result = &result;
1126 ZERO_STRUCT(result);
1128 status = cldap_reply_send(cldap, &reply);
1134 send an error reply (used on any error, so the client doesn't keep waiting
1135 or send the bad request again)
1137 NTSTATUS cldap_error_reply(struct cldap_socket *cldap,
1138 uint32_t message_id,
1139 struct tsocket_address *dest,
1141 const char *errormessage)
1144 struct cldap_reply reply;
1145 struct ldap_Result result;
1147 reply.messageid = message_id;
1149 reply.response = NULL;
1150 reply.result = &result;
1152 ZERO_STRUCT(result);
1153 result.resultcode = resultcode;
1154 result.errormessage = errormessage;
1156 status = cldap_reply_send(cldap, &reply);
1163 send a netlogon reply
1165 NTSTATUS cldap_netlogon_reply(struct cldap_socket *cldap,
1166 uint32_t message_id,
1167 struct tsocket_address *dest,
1169 struct netlogon_samlogon_response *netlogon)
1172 struct cldap_reply reply;
1173 struct ldap_SearchResEntry response;
1174 struct ldap_Result result;
1175 TALLOC_CTX *tmp_ctx = talloc_new(cldap);
1178 status = push_netlogon_samlogon_response(&blob, tmp_ctx,
1180 if (!NT_STATUS_IS_OK(status)) {
1181 talloc_free(tmp_ctx);
1184 reply.messageid = message_id;
1186 reply.response = &response;
1187 reply.result = &result;
1189 ZERO_STRUCT(result);
1192 response.num_attributes = 1;
1193 response.attributes = talloc(tmp_ctx, struct ldb_message_element);
1194 NT_STATUS_HAVE_NO_MEMORY(response.attributes);
1195 response.attributes->name = "netlogon";
1196 response.attributes->num_values = 1;
1197 response.attributes->values = &blob;
1199 status = cldap_reply_send(cldap, &reply);
1201 talloc_free(tmp_ctx);