/* handle incoming cldap requests */ void cldapd_netlogon_request(struct cldap_socket *cldap, struct cldapd_server *cldapd, TALLOC_CTX *tmp_ctx, uint32_t message_id, struct ldb_parse_tree *tree, struct tsocket_address *src) { unsigned int i; const char *domain = NULL; const char *host = NULL; const char *user = NULL; const char *domain_guid = NULL; struct dom_sid *domain_sid = NULL; int acct_control = -1; int version = -1; struct netlogon_samlogon_response netlogon; NTSTATUS status = NT_STATUS_INVALID_PARAMETER; if (tree->operation != LDB_OP_AND) goto failed; /* extract the query elements */ for (i=0;i<tree->u.list.num_elements;i++) { struct ldb_parse_tree *t = tree->u.list.elements[i]; if (t->operation != LDB_OP_EQUALITY) goto failed; if (strcasecmp(t->u.equality.attr, "DnsDomain") == 0) { domain = talloc_strndup(tmp_ctx, (const char *)t->u.equality.value.data, t->u.equality.value.length); } if (strcasecmp(t->u.equality.attr, "Host") == 0) { host = talloc_strndup(tmp_ctx, (const char *)t->u.equality.value.data, t->u.equality.value.length); } if (strcasecmp(t->u.equality.attr, "DomainGuid") == 0) { NTSTATUS enc_status; struct GUID guid; enc_status = ldap_decode_ndr_GUID(tmp_ctx, t->u.equality.value, &guid); if (NT_STATUS_IS_OK(enc_status)) { domain_guid = GUID_string(tmp_ctx, &guid); } } if (strcasecmp(t->u.equality.attr, "DomainSid") == 0) { enum ndr_err_code ndr_err; domain_sid = talloc(tmp_ctx, struct dom_sid); if (domain_sid == NULL) { goto failed; } ndr_err = ndr_pull_struct_blob(&t->u.equality.value, domain_sid, domain_sid, (ndr_pull_flags_fn_t)ndr_pull_dom_sid); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { talloc_free(domain_sid); goto failed; } } if (strcasecmp(t->u.equality.attr, "User") == 0) { user = talloc_strndup(tmp_ctx, (const char *)t->u.equality.value.data, t->u.equality.value.length); } if (strcasecmp(t->u.equality.attr, "NtVer") == 0 && t->u.equality.value.length == 4) { version = IVAL(t->u.equality.value.data, 0); } if (strcasecmp(t->u.equality.attr, "AAC") == 0 && t->u.equality.value.length == 4) { acct_control = IVAL(t->u.equality.value.data, 0); } } if ((domain == NULL) && (domain_guid == NULL) && (domain_sid == NULL)) { domain = lpcfg_dnsdomain(cldapd->task->lp_ctx); } if (version == -1) { goto failed; } DEBUG(5,("cldap netlogon query domain=%s host=%s user=%s version=%d guid=%s\n", domain, host, user, version, domain_guid)); status = fill_netlogon_samlogon_response(cldapd->samctx, tmp_ctx, domain, NULL, domain_sid, domain_guid, user, acct_control, tsocket_address_inet_addr_string(src, tmp_ctx), version, cldapd->task->lp_ctx, &netlogon, false); if (!NT_STATUS_IS_OK(status)) { goto failed; } status = cldap_netlogon_reply(cldap, message_id, src, version, &netlogon); if (!NT_STATUS_IS_OK(status)) { goto failed; } return; failed: DEBUG(2,("cldap netlogon query failed domain=%s host=%s version=%d - %s\n", domain, host, version, nt_errstr(status))); cldap_empty_reply(cldap, message_id, src); }
/* handle incoming cldap requests */ void cldapd_netlogon_request(struct cldap_socket *cldap, uint32_t message_id, struct ldb_parse_tree *tree, struct socket_address *src) { struct cldapd_server *cldapd = talloc_get_type(cldap->incoming.private, struct cldapd_server); int i; const char *domain = NULL; const char *host = NULL; const char *user = NULL; const char *domain_guid = NULL; const char *domain_sid = NULL; int acct_control = -1; int version = -1; union nbt_cldap_netlogon netlogon; NTSTATUS status = NT_STATUS_INVALID_PARAMETER; TALLOC_CTX *tmp_ctx = talloc_new(cldap); if (tree->operation != LDB_OP_AND) goto failed; /* extract the query elements */ for (i=0;i<tree->u.list.num_elements;i++) { struct ldb_parse_tree *t = tree->u.list.elements[i]; if (t->operation != LDB_OP_EQUALITY) goto failed; if (strcasecmp(t->u.equality.attr, "DnsDomain") == 0) { domain = talloc_strndup(tmp_ctx, (const char *)t->u.equality.value.data, t->u.equality.value.length); } if (strcasecmp(t->u.equality.attr, "Host") == 0) { host = talloc_strndup(tmp_ctx, (const char *)t->u.equality.value.data, t->u.equality.value.length); } if (strcasecmp(t->u.equality.attr, "DomainGuid") == 0) { NTSTATUS enc_status; struct GUID guid; enc_status = ldap_decode_ndr_GUID(tmp_ctx, t->u.equality.value, &guid); if (NT_STATUS_IS_OK(enc_status)) { domain_guid = GUID_string(tmp_ctx, &guid); } } if (strcasecmp(t->u.equality.attr, "DomainSid") == 0) { domain_sid = talloc_strndup(tmp_ctx, (const char *)t->u.equality.value.data, t->u.equality.value.length); } if (strcasecmp(t->u.equality.attr, "User") == 0) { user = talloc_strndup(tmp_ctx, (const char *)t->u.equality.value.data, t->u.equality.value.length); } if (strcasecmp(t->u.equality.attr, "NtVer") == 0 && t->u.equality.value.length == 4) { version = IVAL(t->u.equality.value.data, 0); } if (strcasecmp(t->u.equality.attr, "AAC") == 0 && t->u.equality.value.length == 4) { acct_control = IVAL(t->u.equality.value.data, 0); } } if (domain_guid == NULL && domain == NULL) { domain = lp_realm(); } if (version == -1) { goto failed; } DEBUG(5,("cldap netlogon query domain=%s host=%s user=%s version=%d guid=%s\n", domain, host, user, version, domain_guid)); status = cldapd_netlogon_fill(cldapd, tmp_ctx, domain, domain_guid, user, src->addr, version, &netlogon); if (!NT_STATUS_IS_OK(status)) { goto failed; } status = cldap_netlogon_reply(cldap, message_id, src, version, &netlogon); if (!NT_STATUS_IS_OK(status)) { goto failed; } talloc_free(tmp_ctx); return; failed: DEBUG(2,("cldap netlogon query failed domain=%s host=%s version=%d - %s\n", domain, host, version, nt_errstr(status))); talloc_free(tmp_ctx); cldap_empty_reply(cldap, message_id, src); }