added a 'net ads lookup' command that does a CLDAP NetLogon query to a

win2000 server. It does seem to work, and win200 sends us a valid
reply, but we don't parse it yet. Maybe tomorrow :)
(This used to be commit 6352508c54cee333ed7c0e3ebc372be7cd60ed62)

2 files changed, 121 insertions, 0 deletions

diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index ad405fe68c..16450c5b29 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -56,6 +56,31 @@ int net_ads_usage(int argc, const char **argv)
 }
 
 
+/*
+  this implements the CLDAP based netlogon lookup requests
+  for finding the domain controller of a ADS domain
+*/
+static int net_ads_lookup(int argc, const char **argv)
+{
+	ADS_STRUCT *ads;
+
+	ads = ads_init(NULL, NULL, opt_host);
+	if (ads) {
+		ads->auth.no_bind = 1;
+	}
+
+	ads_connect(ads);
+
+	if (!ads || !ads->config.realm) {
+		d_printf("Didn't find the cldap server!\n");
+		return -1;
+	}
+
+	return ads_cldap_netlogon(ads);
+}
+
+
+
 static int net_ads_info(int argc, const char **argv)
 {
 	ADS_STRUCT *ads;
@@ -1009,6 +1034,7 @@ int net_ads(int argc, const char **argv)
 		{"PRINTER", net_ads_printer},
 		{"SEARCH", net_ads_search},
 		{"WORKGROUP", net_ads_workgroup},
+		{"LOOKUP", net_ads_lookup},
 		{"HELP", net_ads_help},
 		{NULL, NULL}
 	};
diff --git a/source3/utils/net_ads_cldap.c b/source3/utils/net_ads_cldap.c
new file mode 100644
index 0000000000..f707f6beac
--- /dev/null
+++ b/source3/utils/net_ads_cldap.c
@@ -0,0 +1,95 @@
+/* 
+   Samba Unix/Linux SMB client library 
+   net ads cldap functions 
+   Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.  
+*/
+
+#include "includes.h"
+#include "../utils/net.h"
+
+#ifdef HAVE_ADS
+
+/*
+  do a cldap netlogon query
+*/
+int ads_cldap_netlogon(ADS_STRUCT *ads)
+{
+	ASN1_DATA data;
+	char ntver[4];
+	int sock;
+
+	SIVAL(ntver, 0, 6);
+
+	memset(&data, 0, sizeof(data));
+
+	asn1_push_tag(&data,ASN1_SEQUENCE(0));
+	asn1_write_Integer(&data, 4);
+	asn1_push_tag(&data, ASN1_APPLICATION(3));
+	asn1_write_OctetString(&data, NULL, 0);
+	asn1_write_enumerated(&data, 0);
+	asn1_write_enumerated(&data, 0);
+	asn1_write_Integer(&data, 0);
+	asn1_write_Integer(&data, 0);
+	asn1_write_BOOLEAN2(&data, False);
+	asn1_push_tag(&data, ASN1_CONTEXT(0));
+
+	asn1_push_tag(&data, ASN1_CONTEXT(3));
+	asn1_write_OctetString(&data, "DnsDomain", 9);
+	asn1_write_OctetString(&data, ads->config.realm, strlen(ads->config.realm));
+	asn1_pop_tag(&data);
+
+	asn1_push_tag(&data, ASN1_CONTEXT(3));
+	asn1_write_OctetString(&data, "Host", 4);
+	asn1_write_OctetString(&data, "blu", 3);
+	asn1_pop_tag(&data);
+
+
+	asn1_push_tag(&data, ASN1_CONTEXT(3));
+	asn1_write_OctetString(&data, "NtVer", 5);
+	asn1_write_OctetString(&data, ntver, 4);
+	asn1_pop_tag(&data);
+
+	asn1_pop_tag(&data);
+
+	asn1_push_tag(&data,ASN1_SEQUENCE(0));
+	asn1_write_OctetString(&data, "NetLogon", 8);
+	asn1_pop_tag(&data);
+	asn1_pop_tag(&data);
+	asn1_pop_tag(&data);
+
+	if (data.has_error) {
+		d_printf("Failed to build cldap netlogon at offset %d\n", (int)data.ofs);
+		asn1_free(&data);
+		return -1;
+	}
+
+	sock = open_udp_socket(inet_ntoa(ads->ldap_ip), ads->ldap_port);
+	if (sock == -1) {
+		d_printf("Failed to open udp socket to %s:%u\n", 
+			 inet_ntoa(ads->ldap_ip), 
+			 ads->ldap_port);
+		return -1;
+	}
+
+	write(sock, data.data, data.length);
+	file_save("cldap_query.dat", data.data, data.length);
+	asn1_free(&data);
+	return 0;
+}
+
+
+#endif