From cdd9913c4a7d254ab3ef677737493f9f540272c7 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Wed, 7 May 2008 15:49:09 +0200
Subject: cldap: let ads_cldap_netlogon() return all possible cldap replies.

Guenther
(This used to be commit 6f9d5e1cc94bc90685b54c04622b8f3357bd2f69)
---
 source3/libads/cldap.c | 69 ++++++++++++++++++++++++++++++++++++++++----------
 source3/libads/ldap.c  |  2 +-
 2 files changed, 56 insertions(+), 15 deletions(-)

(limited to 'source3/libads')

diff --git a/source3/libads/cldap.c b/source3/libads/cldap.c
index 8b23ff9022..e4fa965a0f 100644
--- a/source3/libads/cldap.c
+++ b/source3/libads/cldap.c
@@ -3,6 +3,7 @@
    net ads cldap functions 
    Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
    Copyright (C) 2003 Jim McDonough (jmcd@us.ibm.com)
+   Copyright (C) 2008 Guenther Deschner (gd@samba.org)
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -118,7 +119,8 @@ static void gotalarm_sig(void)
 */
 static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
 			       int sock,
-			       struct nbt_cldap_netlogon_5 *reply)
+			       uint32_t *nt_version,
+			       union nbt_cldap_netlogon **reply)
 {
 	int ret;
 	ASN1_DATA data;
@@ -129,8 +131,7 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
 	int i1;
 	/* half the time of a regular ldap timeout, not less than 3 seconds. */
 	unsigned int al_secs = MAX(3,lp_ldap_timeout()/2);
-	union nbt_cldap_netlogon p;
-	enum ndr_err_code ndr_err;
+	union nbt_cldap_netlogon *r = NULL;
 
 	blob = data_blob(NULL, 8192);
 	if (blob.data == NULL) {
@@ -184,16 +185,23 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
 		return -1;
 	}
 
-	ndr_err = ndr_pull_union_blob_all(&os3, mem_ctx, &p, 5,
-		       (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon);
-	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+	r = TALLOC_ZERO_P(mem_ctx, union nbt_cldap_netlogon);
+	if (!r) {
+		errno = ENOMEM;
+		data_blob_free(&os1);
+		data_blob_free(&os2);
+		data_blob_free(&os3);
+		data_blob_free(&blob);
 		return -1;
 	}
 
-	*reply = p.logon5;
-
-	if (DEBUGLEVEL >= 10) {
-		NDR_PRINT_UNION_DEBUG(nbt_cldap_netlogon, 5, &p);
+	if (!pull_mailslot_cldap_reply(mem_ctx, &os3, r, nt_version)) {
+		data_blob_free(&os1);
+		data_blob_free(&os2);
+		data_blob_free(&os3);
+		data_blob_free(&blob);
+		TALLOC_FREE(r);
+		return -1;
 	}
 
 	data_blob_free(&os1);
@@ -203,6 +211,12 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
 	
 	asn1_free(&data);
 
+	if (reply) {
+		*reply = r;
+	} else {
+		TALLOC_FREE(r);
+	}
+
 	return 0;
 }
 
@@ -213,11 +227,11 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
 bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
 			const char *server,
 			const char *realm,
-			struct nbt_cldap_netlogon_5 *reply)
+			uint32_t *nt_version,
+			union nbt_cldap_netlogon **reply)
 {
 	int sock;
 	int ret;
-	uint32_t nt_version = NETLOGON_VERSION_5 | NETLOGON_VERSION_5EX;
 
 	sock = open_udp_socket(server, LDAP_PORT );
 	if (sock == -1) {
@@ -226,12 +240,12 @@ bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
 		return False;
 	}
 
-	ret = send_cldap_netlogon(sock, realm, global_myname(), nt_version);
+	ret = send_cldap_netlogon(sock, realm, global_myname(), *nt_version);
 	if (ret != 0) {
 		close(sock);
 		return False;
 	}
-	ret = recv_cldap_netlogon(mem_ctx, sock, reply);
+	ret = recv_cldap_netlogon(mem_ctx, sock, nt_version, reply);
 	close(sock);
 
 	if (ret == -1) {
@@ -240,3 +254,30 @@ bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
 
 	return True;
 }
+
+/*******************************************************************
+  do a cldap netlogon query.  Always 389/udp
+*******************************************************************/
+
+bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx,
+			  const char *server,
+			  const char *realm,
+			  struct nbt_cldap_netlogon_5 *reply5)
+{
+	uint32_t nt_version = NETLOGON_VERSION_5 | NETLOGON_VERSION_5EX;
+	union nbt_cldap_netlogon *reply = NULL;
+	bool ret;
+
+	ret = ads_cldap_netlogon(mem_ctx, server, realm, &nt_version, &reply);
+	if (!ret) {
+		return false;
+	}
+
+	if (nt_version != (NETLOGON_VERSION_5 | NETLOGON_VERSION_5EX)) {
+		return false;
+	}
+
+	*reply5 = reply->logon5;
+
+	return true;
+}
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 9321302151..24eb114f51 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -199,7 +199,7 @@ bool ads_try_connect(ADS_STRUCT *ads, const char *server )
 
 	ZERO_STRUCT( cldap_reply );
 
-	if ( !ads_cldap_netlogon(mem_ctx, srv, ads->server.realm, &cldap_reply ) ) {
+	if ( !ads_cldap_netlogon_5(mem_ctx, srv, ads->server.realm, &cldap_reply ) ) {
 		DEBUG(3,("ads_try_connect: CLDAP request %s failed.\n", srv));
 		ret = false;
 		goto out;
-- 
cgit