tdb: change version to tdb-1.2.12

[obnox/samba/samba-obnox.git] / libgpo / gpo_ldap.c

diff --git a/libgpo/gpo_ldap.c b/libgpo/gpo_ldap.c
index 788d6887a3f73c2aec3c3fb80889503e1381e61a..803e027cd32cdffc88348d4c3213d1e8546d2d3f 100644 (file)
--- a/libgpo/gpo_ldap.c
+++ b/libgpo/gpo_ldap.c
@@ -18,9 +18,10 @@
  */
 
 #include "includes.h"
-#if _SAMBA_BUILD_ == 4
-#include "source4/libgpo/ads_convenience.h"
-#endif
+#include "libgpo/gpo.h"
+#include "auth.h"
+#include "../libcli/security/security.h"
+#include "lib/param/loadparm.h"
 
 /****************************************************************
  parse the raw extension string into a GP_EXT structure
@@ -42,12 +43,12 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
 
        DEBUG(20,("ads_parse_gp_ext: %s\n", extension_raw));
 
-       ext = TALLOC_ZERO_P(mem_ctx, struct GP_EXT);
+       ext = talloc_zero(mem_ctx, struct GP_EXT);
        if (!ext) {
                goto parse_error;
        }
 
-       ext_list = str_list_make_v3(mem_ctx, extension_raw, "]");
+       ext_list = str_list_make(mem_ctx, extension_raw, "]");
        if (!ext_list) {
                goto parse_error;
        }
@@ -59,13 +60,13 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
        ext->num_exts = i;
 
        if (ext->num_exts) {
-               ext->extensions         = TALLOC_ZERO_ARRAY(mem_ctx, char *,
+               ext->extensions         = talloc_zero_array(mem_ctx, char *,
                                                            ext->num_exts);
-               ext->extensions_guid    = TALLOC_ZERO_ARRAY(mem_ctx, char *,
+               ext->extensions_guid    = talloc_zero_array(mem_ctx, char *,
                                                            ext->num_exts);
-               ext->snapins            = TALLOC_ZERO_ARRAY(mem_ctx, char *,
+               ext->snapins            = talloc_zero_array(mem_ctx, char *,
                                                            ext->num_exts);
-               ext->snapins_guid       = TALLOC_ZERO_ARRAY(mem_ctx, char *,
+               ext->snapins_guid       = talloc_zero_array(mem_ctx, char *,
                                                            ext->num_exts);
        }
 
@@ -90,7 +91,7 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
                        p++;
                }
 
-               ext_strings = str_list_make_v3(mem_ctx, p, "}");
+               ext_strings = str_list_make(mem_ctx, p, "}");
                if (ext_strings == NULL) {
                        goto parse_error;
                }
@@ -140,8 +141,8 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
        ret = true;
 
  parse_error:
-       TALLOC_FREE(ext_list);
-       TALLOC_FREE(ext_strings);
+       talloc_free(ext_list);
+       talloc_free(ext_strings);
 
        return ret;
 }
@@ -178,9 +179,9 @@ static ADS_STATUS gpo_parse_gplink(TALLOC_CTX *mem_ctx,
        gp_link->num_links = i;
 
        if (gp_link->num_links) {
-               gp_link->link_names = TALLOC_ZERO_ARRAY(mem_ctx, char *,
+               gp_link->link_names = talloc_zero_array(mem_ctx, char *,
                                                        gp_link->num_links);
-               gp_link->link_opts = TALLOC_ZERO_ARRAY(mem_ctx, uint32_t,
+               gp_link->link_opts = talloc_zero_array(mem_ctx, uint32_t,
                                                       gp_link->num_links);
        }
 
@@ -225,7 +226,7 @@ static ADS_STATUS gpo_parse_gplink(TALLOC_CTX *mem_ctx,
        status = ADS_SUCCESS;
 
  parse_error:
-       TALLOC_FREE(link_list);
+       talloc_free(link_list);
 
        return status;
 }
@@ -483,7 +484,7 @@ ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
                "ntSecurityDescriptor",
                "versionNumber",
                NULL};
-       uint32_t sd_flags = DACL_SECURITY_INFORMATION;
+       uint32_t sd_flags = SECINFO_DACL;
 
        ZERO_STRUCTP(gpo);
 
@@ -550,7 +551,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
                                         struct GP_LINK *gp_link,
                                         enum GPO_LINK_TYPE link_type,
                                         bool only_add_forced_gpos,
-                                        const struct nt_user_token *token)
+                                        const struct security_token *token)
 {
        ADS_STATUS status;
        int i;
@@ -578,7 +579,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
                        }
                }
 
-               new_gpo = TALLOC_ZERO_P(mem_ctx, struct GROUP_POLICY_OBJECT);
+               new_gpo = talloc_zero(mem_ctx, struct GROUP_POLICY_OBJECT);
                ADS_ERROR_HAVE_NO_MEMORY(new_gpo);
 
                status = ads_get_gpo(ads, mem_ctx, gp_link->link_names[i],
@@ -595,7 +596,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
                        DEBUG(10,("skipping GPO \"%s\" as object "
                                "has no access to it\n",
                                new_gpo->display_name));
-                       TALLOC_FREE(new_gpo);
+                       talloc_free(new_gpo);
                        continue;
                }
 
@@ -617,16 +618,16 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
 ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
                             TALLOC_CTX *mem_ctx,
                             const char *dn,
-                            struct nt_user_token **token)
+                            struct security_token **token)
 {
        ADS_STATUS status;
-       DOM_SID object_sid;
-       DOM_SID primary_group_sid;
-       DOM_SID *ad_token_sids;
+       struct dom_sid object_sid;
+       struct dom_sid primary_group_sid;
+       struct dom_sid *ad_token_sids;
        size_t num_ad_token_sids = 0;
-       DOM_SID *token_sids;
-       size_t num_token_sids = 0;
-       struct nt_user_token *new_token = NULL;
+       struct dom_sid *token_sids;
+       uint32_t num_token_sids = 0;
+       struct security_token *new_token = NULL;
        int i;
 
        status = ads_get_tokensids(ads, mem_ctx, dn,
@@ -636,7 +637,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
                return status;
        }
 
-       token_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, 1);
+       token_sids = talloc_array(mem_ctx, struct dom_sid, 1);
        ADS_ERROR_HAVE_NO_MEMORY(token_sids);
 
        status = ADS_ERROR_NT(add_sid_to_array_unique(mem_ctx,
@@ -668,7 +669,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
 
        *token = new_token;
 
-       debug_nt_user_token(DBGC_CLASS, 5, *token);
+       security_token_debug(DBGC_CLASS, 5, *token);
 
        return ADS_ERROR_LDAP(LDAP_SUCCESS);
 }
@@ -684,7 +685,7 @@ static ADS_STATUS add_local_policy_to_gpo_list(TALLOC_CTX *mem_ctx,
 
        ADS_ERROR_HAVE_NO_MEMORY(gpo_list);
 
-       gpo = TALLOC_ZERO_P(mem_ctx, struct GROUP_POLICY_OBJECT);
+       gpo = talloc_zero(mem_ctx, struct GROUP_POLICY_OBJECT);
        ADS_ERROR_HAVE_NO_MEMORY(gpo);
 
        gpo->name = talloc_strdup(mem_ctx, "Local Policy");
@@ -708,7 +709,7 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
                            TALLOC_CTX *mem_ctx,
                            const char *dn,
                            uint32_t flags,
-                           const struct nt_user_token *token,
+                           const struct security_token *token,
                            struct GROUP_POLICY_OBJECT **gpo_list)
 {
        /* (L)ocal (S)ite (D)omain (O)rganizational(U)nit */
@@ -724,6 +725,10 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
                return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
        }
 
+       if (!ads_set_sasl_wrap_flags(ads, ADS_AUTH_SASL_SIGN)) {
+               return ADS_ERROR(LDAP_INVALID_CREDENTIALS);
+       }
+
        DEBUG(10,("ads_get_gpo_list: getting GPO list for [%s]\n", dn));
 
        /* (L)ocal */