2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Guenther Deschner 2007-2008
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 #include "../libgpo/gpo.h"
22 #include "../libgpo/gpext/gpext.h"
23 #include "librpc/gen_ndr/ndr_misc.h"
24 #include "lib/util/dlinklist.h"
25 #include "../libcli/registry/util_reg.h"
26 #include "libgpo/gpo_proto.h"
28 #include "registry/reg_api.h"
30 static struct gp_extension *extensions = NULL;
32 /****************************************************************
33 ****************************************************************/
35 struct gp_extension *gpext_get_gp_extension_list(void)
40 /****************************************************************
41 ****************************************************************/
43 /* see http://support.microsoft.com/kb/216358/en-us/ for more info */
45 struct gp_extension_reg_table gpext_reg_vals[] = {
46 { "DllName", REG_EXPAND_SZ },
47 { "ProcessGroupPolicy", REG_SZ },
48 { "NoMachinePolicy", REG_DWORD },
49 { "NoUserPolicy", REG_DWORD },
50 { "NoSlowLink", REG_DWORD },
51 { "NoBackgroundPolicy", REG_DWORD },
52 { "NoGPOListChanges", REG_DWORD },
53 { "PerUserLocalSettings", REG_DWORD },
54 { "RequiresSuccessfulRegistry", REG_DWORD },
55 { "EnableAsynchronousProcessing", REG_DWORD },
56 { "ExtensionDebugLevel", REG_DWORD },
58 { "GenerateGroupPolicy", REG_SZ }, /* not supported on w2k */
59 { "NotifyLinkTransition", REG_DWORD },
60 { "ProcessGroupPolicyEx", REG_SZ }, /* not supported on w2k */
61 { "ExtensionEventSource", REG_MULTI_SZ }, /* not supported on w2k */
62 { "GenerateGroupPolicy", REG_SZ },
63 { "MaxNoGPOListChangesInterval", REG_DWORD },
67 /****************************************************************
68 ****************************************************************/
70 static struct gp_extension *get_extension_by_name(struct gp_extension *be,
73 struct gp_extension *b;
75 for (b = be; b; b = b->next) {
76 if (strequal(b->name, name)) {
84 /****************************************************************
85 ****************************************************************/
87 static struct gp_extension_methods *get_methods_by_name(struct gp_extension *be,
90 struct gp_extension *b;
92 for (b = be; b; b = b->next) {
93 if (strequal(b->name, name)) {
101 /****************************************************************
102 ****************************************************************/
104 NTSTATUS gpext_unregister_gp_extension(const char *name)
106 struct gp_extension *ext;
108 ext = get_extension_by_name(extensions, name);
113 DLIST_REMOVE(extensions, ext);
116 DEBUG(2,("Successfully removed GP extension '%s'\n", name));
121 /****************************************************************
122 ****************************************************************/
124 NTSTATUS gpext_register_gp_extension(TALLOC_CTX *gpext_ctx,
128 struct gp_extension_methods *methods)
130 struct gp_extension_methods *test;
131 struct gp_extension *entry;
135 return NT_STATUS_INTERNAL_DB_ERROR;
138 if ((version != SMB_GPEXT_INTERFACE_VERSION)) {
139 DEBUG(0,("Failed to register gp extension.\n"
140 "The module was compiled against "
141 "SMB_GPEXT_INTERFACE_VERSION %d,\n"
142 "current SMB_GPEXT_INTERFACE_VERSION is %d.\n"
143 "Please recompile against the current "
144 "version of samba!\n",
145 version, SMB_GPEXT_INTERFACE_VERSION));
146 return NT_STATUS_OBJECT_TYPE_MISMATCH;
149 if (!guid || !name || !name[0] || !methods) {
150 DEBUG(0,("Called with NULL pointer or empty name!\n"));
151 return NT_STATUS_INVALID_PARAMETER;
154 test = get_methods_by_name(extensions, name);
156 DEBUG(0,("GP extension module %s already registered!\n",
158 return NT_STATUS_OBJECT_NAME_COLLISION;
161 entry = talloc_zero(gpext_ctx, struct gp_extension);
162 NT_STATUS_HAVE_NO_MEMORY(entry);
164 entry->name = talloc_strdup(gpext_ctx, name);
165 NT_STATUS_HAVE_NO_MEMORY(entry->name);
167 entry->guid = talloc_zero(gpext_ctx, struct GUID);
168 NT_STATUS_HAVE_NO_MEMORY(entry->guid);
169 status = GUID_from_string(guid, entry->guid);
170 NT_STATUS_NOT_OK_RETURN(status);
172 entry->methods = methods;
173 DLIST_ADD(extensions, entry);
175 DEBUG(2,("Successfully added GP extension '%s' %s\n",
176 name, GUID_string2(gpext_ctx, entry->guid)));
181 /****************************************************************
182 ****************************************************************/
184 static NTSTATUS gp_extension_init_module(TALLOC_CTX *mem_ctx,
186 struct gp_extension **gpext)
189 struct gp_extension *ext = NULL;
191 ext = talloc_zero(mem_ctx, struct gp_extension);
192 NT_STATUS_HAVE_NO_MEMORY(gpext);
194 ext->methods = get_methods_by_name(extensions, name);
197 status = smb_probe_module(SAMBA_SUBSYSTEM_GPEXT,
199 if (!NT_STATUS_IS_OK(status)) {
203 ext->methods = get_methods_by_name(extensions, name);
205 return NT_STATUS_DLL_INIT_FAILED;
214 /****************************************************************
215 ****************************************************************/
217 static bool add_gp_extension_reg_entry_to_array(TALLOC_CTX *mem_ctx,
218 struct gp_extension_reg_entry *entry,
219 struct gp_extension_reg_entry **entries,
222 *entries = talloc_realloc(mem_ctx, *entries,
223 struct gp_extension_reg_entry,
225 if (*entries == NULL) {
230 (*entries)[*num].value = entry->value;
231 (*entries)[*num].data = entry->data;
237 /****************************************************************
238 ****************************************************************/
240 static bool add_gp_extension_reg_info_entry_to_array(TALLOC_CTX *mem_ctx,
241 struct gp_extension_reg_info_entry *entry,
242 struct gp_extension_reg_info_entry **entries,
245 *entries = talloc_realloc(mem_ctx, *entries,
246 struct gp_extension_reg_info_entry,
248 if (*entries == NULL) {
253 (*entries)[*num].guid = entry->guid;
254 (*entries)[*num].num_entries = entry->num_entries;
255 (*entries)[*num].entries = entry->entries;
261 /****************************************************************
262 ****************************************************************/
264 static NTSTATUS gp_ext_info_add_reg(TALLOC_CTX *mem_ctx,
265 struct gp_extension_reg_info_entry *entry,
267 enum winreg_Type type,
270 struct gp_extension_reg_entry *reg_entry = NULL;
271 struct registry_value *data = NULL;
273 reg_entry = talloc_zero(mem_ctx, struct gp_extension_reg_entry);
274 NT_STATUS_HAVE_NO_MEMORY(reg_entry);
276 data = talloc_zero(mem_ctx, struct registry_value);
277 NT_STATUS_HAVE_NO_MEMORY(data);
284 if (!push_reg_sz(mem_ctx, &data->data, data_s)) {
285 return NT_STATUS_NO_MEMORY;
289 uint32_t v = atoi(data_s);
290 data->data = data_blob_talloc(mem_ctx, NULL, 4);
291 SIVAL(data->data.data, 0, v);
295 return NT_STATUS_NOT_SUPPORTED;
298 reg_entry->value = value;
299 reg_entry->data = data;
301 if (!add_gp_extension_reg_entry_to_array(mem_ctx, reg_entry,
303 &entry->num_entries)) {
304 return NT_STATUS_NO_MEMORY;
310 /****************************************************************
311 ****************************************************************/
313 static NTSTATUS gp_ext_info_add_reg_table(TALLOC_CTX *mem_ctx,
315 struct gp_extension_reg_info_entry *entry,
316 struct gp_extension_reg_table *table)
319 const char *module_name = NULL;
322 module_name = talloc_asprintf(mem_ctx, "%s.%s", module, shlib_ext());
323 NT_STATUS_HAVE_NO_MEMORY(module_name);
325 status = gp_ext_info_add_reg(mem_ctx, entry,
326 "DllName", REG_EXPAND_SZ, module_name);
327 NT_STATUS_NOT_OK_RETURN(status);
329 for (i=0; table[i].val; i++) {
330 status = gp_ext_info_add_reg(mem_ctx, entry,
334 NT_STATUS_NOT_OK_RETURN(status);
340 /****************************************************************
341 ****************************************************************/
343 NTSTATUS gpext_info_add_entry(TALLOC_CTX *mem_ctx,
345 const char *ext_guid,
346 struct gp_extension_reg_table *table,
347 struct gp_extension_reg_info *info)
350 struct gp_extension_reg_info_entry *entry = NULL;
352 entry = talloc_zero(mem_ctx, struct gp_extension_reg_info_entry);
353 NT_STATUS_HAVE_NO_MEMORY(entry);
355 status = GUID_from_string(ext_guid, &entry->guid);
356 NT_STATUS_NOT_OK_RETURN(status);
358 status = gp_ext_info_add_reg_table(mem_ctx, module, entry, table);
359 NT_STATUS_NOT_OK_RETURN(status);
361 if (!add_gp_extension_reg_info_entry_to_array(mem_ctx, entry,
363 &info->num_entries)) {
364 return NT_STATUS_NO_MEMORY;
370 /****************************************************************
371 ****************************************************************/
373 static bool gp_extension_reg_info_verify_entry(struct gp_extension_reg_entry *entry)
377 for (i=0; gpext_reg_vals[i].val; i++) {
379 if ((strequal(entry->value, gpext_reg_vals[i].val)) &&
380 (entry->data->type == gpext_reg_vals[i].type)) {
388 /****************************************************************
389 ****************************************************************/
391 static bool gp_extension_reg_info_verify(struct gp_extension_reg_info_entry *entry)
395 for (i=0; i < entry->num_entries; i++) {
396 if (!gp_extension_reg_info_verify_entry(&entry->entries[i])) {
404 /****************************************************************
405 ****************************************************************/
407 static WERROR gp_extension_store_reg_vals(TALLOC_CTX *mem_ctx,
408 struct registry_key *key,
409 struct gp_extension_reg_info_entry *entry)
411 WERROR werr = WERR_OK;
414 for (i=0; i < entry->num_entries; i++) {
416 werr = reg_setvalue(key,
417 entry->entries[i].value,
418 entry->entries[i].data);
419 W_ERROR_NOT_OK_RETURN(werr);
425 /****************************************************************
426 ****************************************************************/
428 static WERROR gp_extension_store_reg_entry(TALLOC_CTX *mem_ctx,
429 struct gp_registry_context *reg_ctx,
430 struct gp_extension_reg_info_entry *entry)
433 struct registry_key *key = NULL;
434 const char *subkeyname = NULL;
436 if (!gp_extension_reg_info_verify(entry)) {
437 return WERR_INVALID_PARAM;
440 subkeyname = GUID_string2(mem_ctx, &entry->guid);
441 W_ERROR_HAVE_NO_MEMORY(subkeyname);
443 if (!strupper_m(discard_const_p(char, subkeyname))) {
444 return WERR_INVALID_PARAM;
447 werr = gp_store_reg_subkey(mem_ctx,
451 W_ERROR_NOT_OK_RETURN(werr);
453 werr = gp_extension_store_reg_vals(mem_ctx,
456 W_ERROR_NOT_OK_RETURN(werr);
461 /****************************************************************
462 ****************************************************************/
464 static WERROR gp_extension_store_reg(TALLOC_CTX *mem_ctx,
465 struct gp_registry_context *reg_ctx,
466 struct gp_extension_reg_info *info)
468 WERROR werr = WERR_OK;
475 for (i=0; i < info->num_entries; i++) {
476 werr = gp_extension_store_reg_entry(mem_ctx,
479 W_ERROR_NOT_OK_RETURN(werr);
485 /****************************************************************
486 ****************************************************************/
488 static NTSTATUS gp_glob_ext_list(TALLOC_CTX *mem_ctx,
489 const char ***ext_list,
490 size_t *ext_list_len)
493 struct dirent *dirent = NULL;
495 dir = opendir(modules_path(talloc_tos(),
496 SAMBA_SUBSYSTEM_GPEXT));
498 return map_nt_error_from_unix_common(errno);
501 while ((dirent = readdir(dir))) {
503 fstring name; /* forgive me... */
506 if ((strequal(dirent->d_name, ".")) ||
507 (strequal(dirent->d_name, ".."))) {
511 p = strrchr(dirent->d_name, '.');
514 return NT_STATUS_NO_MEMORY;
517 if (!strcsequal(p+1, shlib_ext())) {
518 DEBUG(10,("gp_glob_ext_list: not a *.so file: %s\n",
523 fstrcpy(name, dirent->d_name);
524 name[PTR_DIFF(p, dirent->d_name)] = 0;
526 if (!add_string_to_array(mem_ctx, name, ext_list,
527 (int *)ext_list_len)) {
529 return NT_STATUS_NO_MEMORY;
538 /****************************************************************
539 ****************************************************************/
541 NTSTATUS gpext_shutdown_gp_extensions(void)
543 struct gp_extension *ext = NULL;
545 for (ext = extensions; ext; ext = ext->next) {
546 if (ext->methods && ext->methods->shutdown) {
547 ext->methods->shutdown();
554 /****************************************************************
555 ****************************************************************/
557 NTSTATUS gpext_init_gp_extensions(TALLOC_CTX *mem_ctx)
562 const char **ext_array = NULL;
563 size_t ext_array_len = 0;
564 struct gp_extension *gpext = NULL;
565 struct gp_registry_context *reg_ctx = NULL;
567 if (gpext_get_gp_extension_list()) {
571 status = gp_glob_ext_list(mem_ctx, &ext_array, &ext_array_len);
572 NT_STATUS_NOT_OK_RETURN(status);
574 for (i=0; i<ext_array_len; i++) {
576 struct gp_extension_reg_info *info = NULL;
578 status = gp_extension_init_module(mem_ctx, ext_array[i],
580 if (!NT_STATUS_IS_OK(status)) {
584 if (gpext->methods->get_reg_config) {
586 status = gpext->methods->initialize(mem_ctx);
587 if (!NT_STATUS_IS_OK(status)) {
588 gpext->methods->shutdown();
592 status = gpext->methods->get_reg_config(mem_ctx,
594 if (!NT_STATUS_IS_OK(status)) {
595 gpext->methods->shutdown();
600 struct security_token *token;
602 token = registry_create_system_token(mem_ctx);
603 NT_STATUS_HAVE_NO_MEMORY(token);
605 werr = gp_init_reg_ctx(mem_ctx,
606 KEY_WINLOGON_GPEXT_PATH,
610 if (!W_ERROR_IS_OK(werr)) {
611 status = werror_to_ntstatus(werr);
612 gpext->methods->shutdown();
617 werr = gp_extension_store_reg(mem_ctx, reg_ctx, info);
618 if (!W_ERROR_IS_OK(werr)) {
619 DEBUG(1,("gp_extension_store_reg failed: %s\n",
622 gpext->methods->shutdown();
623 status = werror_to_ntstatus(werr);
632 TALLOC_FREE(reg_ctx);
637 /****************************************************************
638 ****************************************************************/
640 NTSTATUS gpext_free_gp_extensions(void)
642 struct gp_extension *ext, *ext_next = NULL;
644 for (ext = extensions; ext; ext = ext_next) {
645 ext_next = ext->next;
646 DLIST_REMOVE(extensions, ext);
655 /****************************************************************
656 ****************************************************************/
658 void gpext_debug_header(int lvl,
661 const struct GROUP_POLICY_OBJECT *gpo,
662 const char *extension_guid,
663 const char *snapin_guid)
665 char *flags_str = NULL;
667 DEBUG(lvl,("%s\n", name));
668 DEBUGADD(lvl,("\tgpo: %s (%s)\n", gpo->name,
670 DEBUGADD(lvl,("\tcse extension: %s (%s)\n", extension_guid,
671 cse_gpo_guid_string_to_name(extension_guid)));
672 DEBUGADD(lvl,("\tgplink: %s\n", gpo->link));
673 DEBUGADD(lvl,("\tsnapin: %s (%s)\n", snapin_guid,
674 cse_snapin_gpo_guid_string_to_name(snapin_guid)));
676 flags_str = gpo_flag_str(NULL, flags);
677 DEBUGADD(lvl,("\tflags: 0x%08x %s\n", flags, flags_str));
678 TALLOC_FREE(flags_str);
681 /****************************************************************
682 ****************************************************************/
684 static NTSTATUS gpext_check_gpo_for_gpext_presence(TALLOC_CTX *mem_ctx,
686 const struct GROUP_POLICY_OBJECT *gpo,
687 const struct GUID *guid,
688 bool *gpext_guid_present)
690 struct GP_EXT *gp_ext = NULL;
694 *gpext_guid_present = false;
697 if (gpo->link_type == GP_LINK_LOCAL) {
701 ok = gpo_get_gp_ext_from_gpo(mem_ctx, flags, gpo, &gp_ext);
703 return NT_STATUS_INVALID_PARAMETER;
706 if (gp_ext == NULL) {
710 for (i = 0; i < gp_ext->num_exts; i++) {
714 status = GUID_from_string(gp_ext->extensions_guid[i], &guid2);
715 if (!NT_STATUS_IS_OK(status)) {
718 if (GUID_equal(guid, &guid2)) {
719 *gpext_guid_present = true;
727 /****************************************************************
728 ****************************************************************/
730 NTSTATUS gpext_process_extension(TALLOC_CTX *mem_ctx,
732 const struct security_token *token,
733 struct registry_key *root_key,
734 const struct GROUP_POLICY_OBJECT *deleted_gpo_list,
735 const struct GROUP_POLICY_OBJECT *changed_gpo_list,
736 const char *extension_guid_filter)
739 struct gp_extension *ext = NULL;
740 const struct GROUP_POLICY_OBJECT *gpo;
741 struct GUID extension_guid_filter_guid;
743 status = gpext_init_gp_extensions(mem_ctx);
744 if (!NT_STATUS_IS_OK(status)) {
745 DEBUG(1,("gpext_init_gp_extensions failed: %s\n",
750 if (extension_guid_filter) {
751 status = GUID_from_string(extension_guid_filter,
752 &extension_guid_filter_guid);
753 if (!NT_STATUS_IS_OK(status)) {
758 for (ext = extensions; ext; ext = ext->next) {
760 struct GROUP_POLICY_OBJECT *deleted_gpo_list_filtered = NULL;
761 struct GROUP_POLICY_OBJECT *changed_gpo_list_filtered = NULL;
763 if (extension_guid_filter) {
764 if (!GUID_equal(&extension_guid_filter_guid, ext->guid)) {
769 for (gpo = deleted_gpo_list; gpo; gpo = gpo->next) {
771 bool is_present = false;
773 status = gpext_check_gpo_for_gpext_presence(mem_ctx,
778 if (!NT_STATUS_IS_OK(status)) {
783 struct GROUP_POLICY_OBJECT *new_gpo;
785 status = gpo_copy(mem_ctx, gpo, &new_gpo);
786 if (!NT_STATUS_IS_OK(status)) {
790 DLIST_ADD(deleted_gpo_list_filtered, new_gpo);
794 for (gpo = changed_gpo_list; gpo; gpo = gpo->next) {
796 bool is_present = false;
798 status = gpext_check_gpo_for_gpext_presence(mem_ctx,
803 if (!NT_STATUS_IS_OK(status)) {
808 struct GROUP_POLICY_OBJECT *new_gpo;
810 status = gpo_copy(mem_ctx, gpo, &new_gpo);
811 if (!NT_STATUS_IS_OK(status)) {
815 DLIST_ADD(changed_gpo_list_filtered, new_gpo);
819 status = ext->methods->initialize(mem_ctx);
820 NT_STATUS_NOT_OK_RETURN(status);
822 status = ext->methods->process_group_policy(mem_ctx,
826 deleted_gpo_list_filtered,
827 changed_gpo_list_filtered);
828 if (!NT_STATUS_IS_OK(status)) {
829 ext->methods->shutdown();
git.samba.org / bbaumbach / samba-autobuild / .git / blob