* Don't restart winbind if a corrupted tdb is found during
initialization.
* Fix Windows 2008 (Longhorn) join.
+ * Fix crashbug in winbindd.
* Add share parameter "administrative share".
CHARSETLIBDIR = $(LIBDIR)/charset
AUTHLIBDIR = $(LIBDIR)/auth
CONFIGLIBDIR = $(LIBDIR)/config
+GPEXTLIBDIR = $(LIBDIR)/gpext
CONFIGDIR = @configdir@
VARDIR = @localstatedir@
MANDIR = @mandir@
CHARSET_MODULES = @CHARSET_MODULES@
AUTH_MODULES = @AUTH_MODULES@
NSS_INFO_MODULES = @NSS_INFO_MODULES@
+GPEXT_MODULES = @GPEXT_MODULES@
MODULES = $(VFS_MODULES) $(PDB_MODULES) $(RPC_MODULES) $(IDMAP_MODULES) \
- $(CHARSET_MODULES) $(AUTH_MODULES) $(NSS_INFO_MODULES)
+ $(CHARSET_MODULES) $(AUTH_MODULES) $(NSS_INFO_MODULES) \
+ $(GPEXT_MODULES)
######################################################################
# object file lists
RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o rpc_parse/parse_srv.o
RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o rpc_parse/parse_srv.o \
rpc_client/init_netlogon.o \
- rpc_client/init_lsa.o
+ rpc_client/init_lsa.o \
+ rpc_client/init_srvsvc.o
LIBREPLACE_OBJ = @LIBREPLACE_OBJS@
$(WBCOMMON_OBJ) \
@LIBTALLOC_STATIC@ $(LIBREPLACE_OBJ)
+GPEXT_OBJ = libgpo/gpext/gpext.o @GPEXT_STATIC@
+
LIBGPO_OBJ0 = libgpo/gpo_ldap.o libgpo/gpo_ini.o libgpo/gpo_util.o \
- libgpo/gpo_fetch.o libgpo/gpo_filesync.o libgpo/gpo_sec.o
+ libgpo/gpo_fetch.o libgpo/gpo_filesync.o libgpo/gpo_sec.o \
+ libgpo/gpo_reg.o \
+ $(GPEXT_OBJ)
LIBGPO_OBJ = $(LIBGPO_OBJ0)
LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o \
pam_modules : $(PAM_MODULES)
+gpext_modules : SHOWFLAGS $(GPEXT_MODULES)
+
pam_smbpass : SHOWFLAGS bin/pam_smbpass.@SHLIBEXT@
pam_winbind : SHOWFLAGS bin/pam_winbind.@SHLIBEXT@
IDL_FILES = lsa.idl dfs.idl echo.idl winreg.idl initshutdown.idl \
srvsvc.idl svcctl.idl eventlog.idl wkssvc.idl netlogon.idl notify.idl \
epmapper.idl messaging.idl xattr.idl misc.idl samr.idl security.idl \
- dssetup.idl krb5pac.idl ntsvcs.idl libnet_join.idl
+ dssetup.idl krb5pac.idl ntsvcs.idl
idl:
@IDL_FILES="$(IDL_FILES)" CPP="$(CPP)" PERL="$(PERL)" \
@echo "Building plugin $@"
@$(SHLD_MODULE) $(VFS_AIO_FORK_OBJ)
+bin/registry.@SHLIBEXT@: $(BINARY_PREREQS) libgpo/gpext/registry.o
+ @echo "Building plugin $@"
+ @$(SHLD_MODULE) libgpo/gpext/registry.o
+
#########################################################
## IdMap NSS plugins
@$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(NSSINFOLIBDIR) $(NSS_INFO_MODULES)
@$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(CHARSETLIBDIR) $(CHARSET_MODULES)
@$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(AUTHLIBDIR) $(AUTH_MODULES)
+ @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(GPEXTLIBDIR) $(GPEXT_MODULES)
@$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam.@SHLIBEXT@
@$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam_compat.@SHLIBEXT@
@$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ ldapsam_compat.@SHLIBEXT@
@$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(IDMAPLIBDIR) $(IDMAP_MODULES)
@$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(CHARSETLIBDIR) $(CHARSET_MODULES)
@$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(AUTHLIBDIR) $(AUTH_MODULES)
+ @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(GPEXTLIBDIR) $(GPEXT_MODULES)
uninstallscripts:
@$(SHELL) $(srcdir)/script/uninstallscripts.sh $(INSTALLPERMS_BIN) $(DESTDIR)$(BINDIR) $(SCRIPTS)
# e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes #
# -> "3.0.0-SVN-build-199" #
########################################################
-SAMBA_VERSION_IS_GIT_SNAPSHOT=
+SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
########################################################
# This can be set by vendors if they want... #
# e.g. SAMBA_VERSION_VENDOR_SUFFIX=vendor_version() #
# -> "CVS 3.0.0rc2-VendorVersion" #
########################################################
-SAMBA_VERSION_VENDOR_SUFFIX=
+SAMBA_VERSION_VENDOR_SUFFIX="test"
SAMBA_VERSION_VENDOR_PATCH=
nt_status = create_local_token(auth_ntlmssp_state->server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(10, ("create_local_token failed\n"));
+ DEBUG(10, ("create_local_token failed: %s\n",
+ nt_errstr(nt_status)));
return nt_status;
}
AC_SUBST(KRB5_LIBS)
AC_SUBST(UUID_LIBS)
AC_SUBST(LDAP_LIBS)
+AC_SUBST(GPEXT_LIBS)
AC_SUBST(PAM_MODULES)
AC_SUBST(INSTALL_PAM_MODULES)
AC_SUBST(UNINSTALL_PAM_MODULES)
SMB_SUBSYSTEM(VFS,smbd/vfs.o)
+SMB_MODULE(gpext_registry, libgpo/gpext/registry.o, "bin/registry.$SHLIBEXT", GPEXT)
+SMB_SUBSYSTEM(GPEXT, libgpo/gpext/gpext.o)
+
AC_DEFINE_UNQUOTED(STRING_STATIC_MODULES, "$string_static_modules", [String list of builtin modules])
#################################################
/*
* Unix SMB/CIFS implementation.
* Group Policy Object Support
- * Copyright (C) Guenther Deschner 2005-2007
+ * Copyright (C) Guenther Deschner 2005-2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
GP_LINK_MACHINE = 1,
GP_LINK_SITE = 2,
GP_LINK_DOMAIN = 3,
- GP_LINK_OU = 4
+ GP_LINK_OU = 4,
+ GP_LINK_LOCAL = 5 /* for convenience */
};
/* GPO_OPTIONS */
#define GPO_LIST_FLAG_MACHINE 0x00000001
#define GPO_LIST_FLAG_SITEONLY 0x00000002
+/* following flags from http://support.microsoft.com/kb/312164/EN-US/ */
+#define GPO_INFO_FLAG_MACHINE 0x00000001
+#define GPO_INFO_FLAG_BACKGROUND 0x00000010
+#define GPO_INFO_FLAG_SLOWLINK 0x00000020
+#define GPO_INFO_FLAG_VERBOSE 0x00000040
+#define GPO_INFO_FLAG_NOCHANGES 0x00000080
+#define GPO_INFO_FLAG_LINKTRANSITION 0x00000100
+#define GPO_INFO_FLAG_LOGRSOP_TRANSITION 0x00000200
+#define GPO_INFO_FLAG_FORCED_REFRESH 0x00000400
+#define GPO_INFO_FLAG_SAFEMODE_BOOT 0x00000800
+
#define GPO_VERSION_USER(x) (x >> 16)
#define GPO_VERSION_MACHINE(x) (x & 0xffff)
char **extensions_guid;
char **snapins;
char **snapins_guid;
+ struct GP_EXT *next, *prev;
};
#define GPO_CACHE_DIR "gpo_cache"
#define GPT_INI "GPT.INI"
+#define GPO_REFRESH_INTERVAL 60*90
+
+#define GPO_REG_STATE_MACHINE "State\\Machine"
+
+enum gp_reg_action {
+ GP_REG_ACTION_NONE = 0,
+ GP_REG_ACTION_ADD_VALUE = 1,
+ GP_REG_ACTION_ADD_KEY = 2,
+ GP_REG_ACTION_DEL_VALUES = 3,
+ GP_REG_ACTION_DEL_VALUE = 4,
+ GP_REG_ACTION_DEL_ALL_VALUES = 5,
+ GP_REG_ACTION_DEL_KEYS = 6,
+ GP_REG_ACTION_SEC_KEY_SET = 7,
+ GP_REG_ACTION_SEC_KEY_RESET = 8
+};
+
+struct gp_registry_entry {
+ enum gp_reg_action action;
+ const char *key;
+ const char *value;
+ struct registry_value *data;
+};
+
+struct gp_registry_value {
+ const char *value;
+ struct registry_value *data;
+};
+
+struct gp_registry_entry2 {
+ enum gp_reg_action action;
+ const char *key;
+ size_t num_values;
+ struct gp_registry_value **values;
+};
+
+struct gp_registry_entries {
+ size_t num_entries;
+ struct gp_registry_entry **entries;
+};
+
+struct gp_registry_context {
+ const struct nt_user_token *token;
+ const char *path;
+ struct registry_key *curr_key;
+};
#define GP_EXT_GUID_SECURITY "827D319E-6EAC-11D2-A4EA-00C04F79F83A"
#define GP_EXT_GUID_REGISTRY "35378EAC-683F-11D2-A89A-00C04FBBCFA2"
#define GP_EXT_GUID_SCRIPTS "42B5FAAE-6536-11D2-AE5A-0000F87571E3"
+
+#include "libgpo/gpext/gpext.h"
#include "libnscd.h"
#endif
+#if defined(HAVE_IPV6)
+void in6_addr_to_sockaddr_storage(struct sockaddr_storage *ss,
+ struct in6_addr ip);
+#endif
+
#endif /* _INCLUDES_H */
#define KEY_CURRENT_VERSION "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion"
#define KEY_PERFLIB "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib"
#define KEY_PERFLIB_009 "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib\\009"
+#define KEY_GROUP_POLICY "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Group Policy"
+#define KEY_WINLOGON "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon"
#define KEY_SMBCONF "HKLM\\SOFTWARE\\Samba\\smbconf"
+#define KEY_SAMBA_GROUP_POLICY "HKLM\\SOFTWARE\\Samba\\Group Policy"
#define KEY_TREE_ROOT ""
+#define KEY_GP_MACHINE_POLICY "HKLM\\Software\\Policies"
+#define KEY_GP_MACHINE_WIN_POLICY "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies"
+#define KEY_GP_USER_POLICY "HKCU\\Software\\Policies"
+#define KEY_GP_USER_WIN_POLICY "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies"
/*
* Registry key types
* Most keys are going to be GENERIC -- may need a better name?
WERROR status;
} SRV_R_NET_FILE_ENUM;
-/* SRV_INFO_100 */
-typedef struct srv_info_100_info
-{
- uint32 platform_id; /* 0x500 */
- uint32 ptr_name; /* pointer to server name */
-
- UNISTR2 uni_name; /* server name "server" */
-
-} SRV_INFO_100;
-
-/* SRV_INFO_101 */
-typedef struct srv_info_101_info
-{
- uint32 platform_id; /* 0x500 */
- uint32 ptr_name; /* pointer to server name */
- uint32 ver_major; /* 0x4 */
- uint32 ver_minor; /* 0x2 */
- uint32 srv_type; /* browse etc type */
- uint32 ptr_comment; /* pointer to server comment */
-
- UNISTR2 uni_name; /* server name "server" */
- UNISTR2 uni_comment; /* server comment "samba x.x.x blah" */
-
-} SRV_INFO_101;
-
-/* SRV_INFO_102 */
-typedef struct srv_info_102_info
-{
- uint32 platform_id; /* 0x500 */
- uint32 ptr_name; /* pointer to server name */
- uint32 ver_major; /* 0x4 */
- uint32 ver_minor; /* 0x2 */
- uint32 srv_type; /* browse etc type */
- uint32 ptr_comment; /* pointer to server comment */
- uint32 users; /* 0xffff ffff*/
- uint32 disc; /* 0xf */
- uint32 hidden; /* 0x0 */
- uint32 announce; /* 240 */
- uint32 ann_delta; /* 3000 */
- uint32 licenses; /* 0 */
- uint32 ptr_usr_path; /* pointer to user path */
-
- UNISTR2 uni_name; /* server name "server" */
- UNISTR2 uni_comment; /* server comment "samba x.x.x blah" */
- UNISTR2 uni_usr_path; /* "c:\" (eh?) */
-
-} SRV_INFO_102;
-
-
-/* SRV_INFO_CTR */
-typedef struct srv_info_ctr_info
-{
- uint32 switch_value; /* switch value */
- uint32 ptr_srv_ctr; /* pointer to server info */
- union
- {
- SRV_INFO_102 sv102; /* server info level 102 */
- SRV_INFO_101 sv101; /* server info level 101 */
- SRV_INFO_100 sv100; /* server info level 100 */
-
- } srv;
-
-} SRV_INFO_CTR;
-
-/* SRV_Q_NET_SRV_GET_INFO */
-typedef struct q_net_srv_get_info
-{
- uint32 ptr_srv_name;
- UNISTR2 uni_srv_name; /* "\\server" */
- uint32 switch_value;
-
-} SRV_Q_NET_SRV_GET_INFO;
-
-/* SRV_R_NET_SRV_GET_INFO */
-typedef struct r_net_srv_get_info
-{
- SRV_INFO_CTR *ctr;
-
- WERROR status; /* return status */
-
-} SRV_R_NET_SRV_GET_INFO;
-
-/* SRV_Q_NET_SRV_SET_INFO */
-typedef struct q_net_srv_set_info
-{
- uint32 ptr_srv_name;
- UNISTR2 uni_srv_name; /* "\\server" */
- uint32 switch_value;
-
- SRV_INFO_CTR *ctr;
-
-} SRV_Q_NET_SRV_SET_INFO;
-
-
-/* SRV_R_NET_SRV_SET_INFO */
-typedef struct r_net_srv_set_info
-{
- uint32 switch_value; /* switch value */
-
- WERROR status; /* return status */
-
-} SRV_R_NET_SRV_SET_INFO;
-
-/* SRV_Q_NET_REMOTE_TOD */
-typedef struct q_net_remote_tod
-{
- uint32 ptr_srv_name;
- UNISTR2 uni_srv_name; /* "\\server" */
-
-} SRV_Q_NET_REMOTE_TOD;
-
-/* TIME_OF_DAY_INFO */
-typedef struct time_of_day_info
-{
- uint32 elapsedt;
- uint32 msecs;
- uint32 hours;
- uint32 mins;
- uint32 secs;
- uint32 hunds;
- uint32 zone;
- uint32 tintervals;
- uint32 day;
- uint32 month;
- uint32 year;
- uint32 weekday;
-
-} TIME_OF_DAY_INFO;
-
-/* SRV_R_NET_REMOTE_TOD */
-typedef struct r_net_remote_tod
-{
- uint32 ptr_srv_tod; /* pointer to TOD */
- TIME_OF_DAY_INFO *tod;
-
- WERROR status; /* return status */
-
-} SRV_R_NET_REMOTE_TOD;
-
/* SRV_Q_NET_FILE_QUERY_SECDESC */
typedef struct q_net_file_query_secdesc
{
status = rpccli_srvsvc_NetSrvSetInfo(pipe_cli, ctx,
server_name,
level,
- info,
+ &info,
parm_error,
&werr);
if (!NT_STATUS_IS_OK(status)) {
* Copyright (C) Rafal Szczesniak 2002
* Copyright (C) Volker Lendecke 2006
* Copyright (C) Michael Adam 2007
+ * Copyright (C) Guenther Deschner 2007
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
return token;
}
+/****************************************************************************
+ merge NT tokens
+****************************************************************************/
+
+NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
+ const struct nt_user_token *token_1,
+ const struct nt_user_token *token_2,
+ struct nt_user_token **token_out)
+{
+ struct nt_user_token *token = NULL;
+ NTSTATUS status;
+ int i;
+
+ if (!token_1 || !token_2 || !token_out) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
+ NT_STATUS_HAVE_NO_MEMORY(token);
+
+ for (i=0; i < token_1->num_sids; i++) {
+ status = add_sid_to_array_unique(mem_ctx,
+ &token_1->user_sids[i],
+ &token->user_sids,
+ &token->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(token);
+ return status;
+ }
+ }
+
+ for (i=0; i < token_2->num_sids; i++) {
+ status = add_sid_to_array_unique(mem_ctx,
+ &token_2->user_sids[i],
+ &token->user_sids,
+ &token->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(token);
+ return status;
+ }
+ }
+
+ se_priv_add(&token->privileges, &token_1->privileges);
+ se_priv_add(&token->privileges, &token_2->privileges);
+
+ *token_out = token;
+
+ return NT_STATUS_OK;
+}
Convert an IPv6 struct in_addr to a struct sockaddr_storage.
********************************************************************/
-void in6_addr_to_sockaddr_storage(struct sockaddr_storage *ss,
+ void in6_addr_to_sockaddr_storage(struct sockaddr_storage *ss,
struct in6_addr ip)
{
struct sockaddr_in6 *sa = (struct sockaddr_in6 *)ss;
the receiver (in this example case "123.456.789.1")
and the specified port number. */
+ ZERO_STRUCT(RecvAddr);
RecvAddr.sin_family = AF_INET;
RecvAddr.sin_port = htons( DNS_UDP_PORT );
RecvAddr.sin_addr.s_addr = ulAddress;
--- /dev/null
+/*
+ * Unix SMB/CIFS implementation.
+ * Group Policy Support
+ * Copyright (C) Guenther Deschner 2007-2008
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+static struct gp_extension *extensions = NULL;
+
+/****************************************************************
+****************************************************************/
+
+struct gp_extension *get_gp_extension_list(void)
+{
+ return extensions;
+}
+
+/****************************************************************
+****************************************************************/
+
+/* see http://support.microsoft.com/kb/216358/en-us/ for more info */
+
+struct gp_extension_reg_table gpext_reg_vals[] = {
+ { "DllName", REG_EXPAND_SZ },
+ { "ProcessGroupPolicy", REG_SZ },
+ { "NoMachinePolicy", REG_DWORD },
+ { "NoUserPolicy", REG_DWORD },
+ { "NoSlowLink", REG_DWORD },
+ { "NoBackgroundPolicy", REG_DWORD },
+ { "NoGPOListChanges", REG_DWORD },
+ { "PerUserLocalSettings", REG_DWORD },
+ { "RequiresSuccessfulRegistry", REG_DWORD },
+ { "EnableAsynchronousProcessing", REG_DWORD },
+ { "ExtensionDebugLevel", REG_DWORD },
+ /* new */
+ { "GenerateGroupPolicy", REG_SZ }, /* not supported on w2k */
+ { "NotifyLinkTransition", REG_DWORD },
+ { "ProcessGroupPolicyEx", REG_SZ }, /* not supported on w2k */
+ { "ExtensionEventSource", REG_MULTI_SZ }, /* not supported on w2k */
+ { "GenerateGroupPolicy", REG_SZ },
+ { "MaxNoGPOListChangesInterval", REG_DWORD },
+ { NULL, REG_NONE }
+};
+
+/****************************************************************
+****************************************************************/
+
+static struct gp_extension *get_extension_by_name(struct gp_extension *be,
+ const char *name)
+{
+ struct gp_extension *b;
+
+ for (b = be; b; b = b->next) {
+ if (strequal(b->name, name)) {
+ return b;
+ }
+ }
+
+ return NULL;
+}
+
+/****************************************************************
+****************************************************************/
+
+static struct gp_extension_methods *get_methods_by_name(struct gp_extension *be,
+ const char *name)
+{
+ struct gp_extension *b;
+
+ for (b = be; b; b = b->next) {
+ if (strequal(b->name, name)) {
+ return b->methods;
+ }
+ }
+
+ return NULL;
+}
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS unregister_gp_extension(const char *name)
+{
+ struct gp_extension *ext;
+
+ ext = get_extension_by_name(extensions, name);
+ if (!ext) {
+ return NT_STATUS_OK;
+ }
+
+ DLIST_REMOVE(extensions, ext);
+ TALLOC_FREE(ext);
+
+ DEBUG(2,("Successfully removed GP extension '%s'\n", name));
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS register_gp_extension(TALLOC_CTX *gpext_ctx,
+ int version,
+ const char *name,
+ const char *guid,
+ struct gp_extension_methods *methods)
+{
+ struct gp_extension_methods *test;
+ struct gp_extension *entry;
+ NTSTATUS status;
+
+ if (!gpext_ctx) {
+ return NT_STATUS_INTERNAL_DB_ERROR;
+ }
+
+ if ((version != SMB_GPEXT_INTERFACE_VERSION)) {
+ DEBUG(0,("Failed to register gp extension.\n"
+ "The module was compiled against "
+ "SMB_GPEXT_INTERFACE_VERSION %d,\n"
+ "current SMB_GPEXT_INTERFACE_VERSION is %d.\n"
+ "Please recompile against the current "
+ "version of samba!\n",
+ version, SMB_GPEXT_INTERFACE_VERSION));
+ return NT_STATUS_OBJECT_TYPE_MISMATCH;
+ }
+
+ if (!guid || !name || !name[0] || !methods) {
+ DEBUG(0,("Called with NULL pointer or empty name!\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ test = get_methods_by_name(extensions, name);
+ if (test) {
+ DEBUG(0,("GP extension module %s already registered!\n",
+ name));
+ return NT_STATUS_OBJECT_NAME_COLLISION;
+ }
+
+ entry = TALLOC_ZERO_P(gpext_ctx, struct gp_extension);
+ NT_STATUS_HAVE_NO_MEMORY(entry);
+
+ entry->name = talloc_strdup(gpext_ctx, name);
+ NT_STATUS_HAVE_NO_MEMORY(entry->name);
+
+ entry->guid = TALLOC_ZERO_P(gpext_ctx, struct GUID);
+ NT_STATUS_HAVE_NO_MEMORY(entry->guid);
+ status = GUID_from_string(guid, entry->guid);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ entry->methods = methods;
+ DLIST_ADD(extensions, entry);
+
+ DEBUG(2,("Successfully added GP extension '%s' %s\n",
+ name, GUID_string2(gpext_ctx, entry->guid)));
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS gp_extension_init_module(TALLOC_CTX *mem_ctx,
+ const char *name,
+ struct gp_extension **gpext)
+{
+ NTSTATUS status;
+ struct gp_extension *ext = NULL;
+
+ ext = TALLOC_ZERO_P(mem_ctx, struct gp_extension);
+ NT_STATUS_HAVE_NO_MEMORY(gpext);
+
+ ext->methods = get_methods_by_name(extensions, name);
+ if (!ext->methods) {
+
+ status = smb_probe_module(SAMBA_SUBSYSTEM_GPEXT,
+ name);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ ext->methods = get_methods_by_name(extensions, name);
+ if (!ext->methods) {
+ return NT_STATUS_DLL_INIT_FAILED;
+ }
+ }
+
+ *gpext = ext;
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool add_gp_extension_reg_entry_to_array(TALLOC_CTX *mem_ctx,
+ struct gp_extension_reg_entry *entry,
+ struct gp_extension_reg_entry **entries,
+ size_t *num)
+{
+ *entries = TALLOC_REALLOC_ARRAY(mem_ctx, *entries,
+ struct gp_extension_reg_entry,
+ (*num)+1);
+ if (*entries == NULL) {
+ *num = 0;
+ return false;
+ }
+
+ (*entries)[*num].value = entry->value;
+ (*entries)[*num].data = entry->data;
+
+ *num += 1;
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool add_gp_extension_reg_info_entry_to_array(TALLOC_CTX *mem_ctx,
+ struct gp_extension_reg_info_entry *entry,
+ struct gp_extension_reg_info_entry **entries,
+ size_t *num)
+{
+ *entries = TALLOC_REALLOC_ARRAY(mem_ctx, *entries,
+ struct gp_extension_reg_info_entry,
+ (*num)+1);
+ if (*entries == NULL) {
+ *num = 0;
+ return false;
+ }
+
+ (*entries)[*num].guid = entry->guid;
+ (*entries)[*num].num_entries = entry->num_entries;
+ (*entries)[*num].entries = entry->entries;
+
+ *num += 1;
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS gp_ext_info_add_reg(TALLOC_CTX *mem_ctx,
+ struct gp_extension_reg_info_entry *entry,
+ const char *value,
+ enum winreg_Type type,
+ const char *data_s)
+{
+ struct gp_extension_reg_entry *reg_entry = NULL;
+ struct registry_value *data = NULL;
+
+ reg_entry = TALLOC_ZERO_P(mem_ctx, struct gp_extension_reg_entry);
+ NT_STATUS_HAVE_NO_MEMORY(reg_entry);
+
+ data = TALLOC_ZERO_P(mem_ctx, struct registry_value);
+ NT_STATUS_HAVE_NO_MEMORY(data);
+
+ data->type = type;
+
+ switch (type) {
+ case REG_SZ:
+ case REG_EXPAND_SZ:
+ data->v.sz.str = talloc_strdup(mem_ctx, data_s);
+ NT_STATUS_HAVE_NO_MEMORY(data->v.sz.str);
+ data->v.sz.len = strlen(data_s);
+ break;
+ case REG_DWORD:
+ data->v.dword = atoi(data_s);
+ break;
+ default:
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ reg_entry->value = value;
+ reg_entry->data = data;
+
+ if (!add_gp_extension_reg_entry_to_array(mem_ctx, reg_entry,
+ &entry->entries,
+ &entry->num_entries)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS gp_ext_info_add_reg_table(TALLOC_CTX *mem_ctx,
+ const char *module,
+ struct gp_extension_reg_info_entry *entry,
+ struct gp_extension_reg_table *table)
+{
+ NTSTATUS status;
+ const char *module_name = NULL;
+ int i;
+
+ module_name = talloc_asprintf(mem_ctx, "%s.%s", module, shlib_ext());
+ NT_STATUS_HAVE_NO_MEMORY(module_name);
+
+ status = gp_ext_info_add_reg(mem_ctx, entry,
+ "DllName", REG_EXPAND_SZ, module_name);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ for (i=0; table[i].val; i++) {
+ status = gp_ext_info_add_reg(mem_ctx, entry,
+ table[i].val,
+ table[i].type,
+ table[i].data);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+
+ return status;
+}
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS gp_ext_info_add_entry(TALLOC_CTX *mem_ctx,
+ const char *module,
+ const char *ext_guid,
+ struct gp_extension_reg_table *table,
+ struct gp_extension_reg_info *info)
+{
+ NTSTATUS status;
+ struct gp_extension_reg_info_entry *entry = NULL;
+
+ entry = TALLOC_ZERO_P(mem_ctx, struct gp_extension_reg_info_entry);
+ NT_STATUS_HAVE_NO_MEMORY(entry);
+
+ status = GUID_from_string(ext_guid, &entry->guid);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ status = gp_ext_info_add_reg_table(mem_ctx, module, entry, table);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ if (!add_gp_extension_reg_info_entry_to_array(mem_ctx, entry,
+ &info->entries,
+ &info->num_entries)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool gp_extension_reg_info_verify_entry(struct gp_extension_reg_entry *entry)
+{
+ int i;
+
+ for (i=0; gpext_reg_vals[i].val; i++) {
+
+ if ((strequal(entry->value, gpext_reg_vals[i].val)) &&
+ (entry->data->type == gpext_reg_vals[i].type)) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool gp_extension_reg_info_verify(struct gp_extension_reg_info_entry *entry)
+{
+ int i;
+
+ for (i=0; i < entry->num_entries; i++) {
+ if (!gp_extension_reg_info_verify_entry(&entry->entries[i])) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_extension_store_reg_vals(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ struct gp_extension_reg_info_entry *entry)
+{
+ WERROR werr = WERR_OK;
+ size_t i;
+
+ for (i=0; i < entry->num_entries; i++) {
+
+ werr = reg_setvalue(key,
+ entry->entries[i].value,
+ entry->entries[i].data);
+ W_ERROR_NOT_OK_RETURN(werr);
+ }
+
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_extension_store_reg_entry(TALLOC_CTX *mem_ctx,
+ struct gp_registry_context *reg_ctx,
+ struct gp_extension_reg_info_entry *entry)
+{
+ WERROR werr;
+ struct registry_key *key = NULL;
+ const char *subkeyname = NULL;
+
+ if (!gp_extension_reg_info_verify(entry)) {
+ return WERR_INVALID_PARAM;
+ }
+
+ subkeyname = GUID_string2(mem_ctx, &entry->guid);
+ W_ERROR_HAVE_NO_MEMORY(subkeyname);
+
+ strupper_m(CONST_DISCARD(char *,subkeyname));
+
+ werr = gp_store_reg_subkey(mem_ctx,
+ subkeyname,
+ reg_ctx->curr_key,
+ &key);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_extension_store_reg_vals(mem_ctx,
+ key,
+ entry);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_extension_store_reg(TALLOC_CTX *mem_ctx,
+ struct gp_registry_context *reg_ctx,
+ struct gp_extension_reg_info *info)
+{
+ WERROR werr = WERR_OK;
+ int i;
+
+ if (!info) {
+ return WERR_OK;
+ }
+
+ for (i=0; i < info->num_entries; i++) {
+ werr = gp_extension_store_reg_entry(mem_ctx,
+ reg_ctx,
+ &info->entries[i]);
+ W_ERROR_NOT_OK_RETURN(werr);
+ }
+
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS gp_glob_ext_list(TALLOC_CTX *mem_ctx,
+ const char ***ext_list,
+ size_t *ext_list_len)
+{
+ SMB_STRUCT_DIR *dir = NULL;
+ SMB_STRUCT_DIRENT *dirent = NULL;
+
+ dir = sys_opendir(lib_path(SAMBA_SUBSYSTEM_GPEXT));
+ if (!dir) {
+ return map_nt_error_from_unix(errno);
+ }
+
+ while ((dirent = sys_readdir(dir))) {
+
+ fstring name; /* forgive me... */
+ char *p;
+
+ if ((strequal(dirent->d_name, ".")) ||
+ (strequal(dirent->d_name, ".."))) {
+ continue;
+ }
+
+ p = strrchr(dirent->d_name, '.');
+ if (!p) {
+ sys_closedir(dir);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!strcsequal(p+1, shlib_ext())) {
+ DEBUG(10,("gp_glob_ext_list: not a *.so file: %s\n",
+ dirent->d_name));
+ continue;
+ }
+
+ fstrcpy(name, dirent->d_name);
+ name[PTR_DIFF(p, dirent->d_name)] = 0;
+
+ if (!add_string_to_array(mem_ctx, name, ext_list,
+ (int *)ext_list_len)) {
+ sys_closedir(dir);
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+
+ sys_closedir(dir);
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS shutdown_gp_extensions(void)
+{
+ struct gp_extension *ext = NULL;
+
+ for (ext = extensions; ext; ext = ext->next) {
+ if (ext->methods && ext->methods->shutdown) {
+ ext->methods->shutdown();
+ }
+ }
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS init_gp_extensions(TALLOC_CTX *mem_ctx)
+{
+ NTSTATUS status;
+ WERROR werr;
+ int i = 0;
+ const char **ext_array = NULL;
+ size_t ext_array_len = 0;
+ struct gp_extension *gpext = NULL;
+ struct gp_registry_context *reg_ctx = NULL;
+
+ if (get_gp_extension_list()) {
+ return NT_STATUS_OK;
+ }
+
+ status = gp_glob_ext_list(mem_ctx, &ext_array, &ext_array_len);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ for (i=0; i<ext_array_len; i++) {
+
+ struct gp_extension_reg_info *info = NULL;
+
+ status = gp_extension_init_module(mem_ctx, ext_array[i],
+ &gpext);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto out;
+ }
+
+ if (gpext->methods->get_reg_config) {
+
+ status = gpext->methods->initialize(mem_ctx);
+ if (!NT_STATUS_IS_OK(status)) {
+ gpext->methods->shutdown();
+ goto out;
+ }
+
+ status = gpext->methods->get_reg_config(mem_ctx,
+ &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ gpext->methods->shutdown();
+ goto out;
+ }
+
+ if (!reg_ctx) {
+ struct nt_user_token *token;
+
+ token = registry_create_system_token(mem_ctx);
+ NT_STATUS_HAVE_NO_MEMORY(token);
+
+ werr = gp_init_reg_ctx(mem_ctx,
+ KEY_WINLOGON_GPEXT_PATH,
+ REG_KEY_WRITE,
+ token,
+ ®_ctx);
+ if (!W_ERROR_IS_OK(werr)) {
+ status = werror_to_ntstatus(werr);
+ gpext->methods->shutdown();
+ goto out;
+ }
+ }
+
+ werr = gp_extension_store_reg(mem_ctx, reg_ctx, info);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(1,("gp_extension_store_reg failed: %s\n",
+ dos_errstr(werr)));
+ TALLOC_FREE(info);
+ gpext->methods->shutdown();
+ status = werror_to_ntstatus(werr);
+ goto out;
+ }
+ TALLOC_FREE(info);
+ }
+
+ }
+
+ out:
+ TALLOC_FREE(reg_ctx);
+
+ return status;
+}
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS free_gp_extensions(void)
+{
+ struct gp_extension *ext, *ext_next = NULL;
+
+ for (ext = extensions; ext; ext = ext_next) {
+ ext_next = ext->next;
+ DLIST_REMOVE(extensions, ext);
+ TALLOC_FREE(ext);
+ }
+
+ extensions = NULL;
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+void debug_gpext_header(int lvl,
+ const char *name,
+ uint32_t flags,
+ struct GROUP_POLICY_OBJECT *gpo,
+ const char *extension_guid,
+ const char *snapin_guid)
+{
+ char *flags_str = NULL;
+
+ DEBUG(lvl,("%s\n", name));
+ DEBUGADD(lvl,("\tgpo: %s (%s)\n", gpo->name,
+ gpo->display_name));
+ DEBUGADD(lvl,("\tcse extension: %s (%s)\n", extension_guid,
+ cse_gpo_guid_string_to_name(extension_guid)));
+ DEBUGADD(lvl,("\tgplink: %s\n", gpo->link));
+ DEBUGADD(lvl,("\tsnapin: %s (%s)\n", snapin_guid,
+ cse_snapin_gpo_guid_string_to_name(snapin_guid)));
+
+ flags_str = gpo_flag_str(flags);
+ DEBUGADD(lvl,("\tflags: 0x%08x %s\n", flags, flags_str));
+ SAFE_FREE(flags_str);
+}
+
+NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ const struct nt_user_token *token,
+ struct GROUP_POLICY_OBJECT *gpo_list,
+ const char *extension_guid,
+ const char *snapin_guid)
+{
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ const struct nt_user_token *token,
+ struct registry_key *root_key,
+ struct GROUP_POLICY_OBJECT *gpo,
+ const char *extension_guid,
+ const char *snapin_guid)
+{
+ NTSTATUS status;
+ struct gp_extension *ext = NULL;
+ struct GUID guid;
+ bool cse_found = false;
+
+ status = init_gp_extensions(mem_ctx);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1,("init_gp_extensions failed: %s\n",
+ nt_errstr(status)));
+ return status;
+ }
+
+ status = GUID_from_string(extension_guid, &guid);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ for (ext = extensions; ext; ext = ext->next) {
+
+ if (GUID_equal(ext->guid, &guid)) {
+ cse_found = true;
+ break;
+ }
+ }
+
+ if (!cse_found) {
+ goto no_ext;
+ }
+
+ status = ext->methods->initialize(mem_ctx);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ status = ext->methods->process_group_policy(ads,
+ mem_ctx,
+ flags,
+ root_key,
+ token,
+ gpo,
+ extension_guid,
+ snapin_guid);
+ if (!NT_STATUS_IS_OK(status)) {
+ ext->methods->shutdown();
+ }
+
+ return status;
+
+ no_ext:
+ if (flags & GPO_INFO_FLAG_VERBOSE) {
+ DEBUG(0,("process_extension: no extension available for:\n"));
+ DEBUGADD(0,("%s (%s) (snapin: %s)\n",
+ extension_guid,
+ cse_gpo_guid_string_to_name(extension_guid),
+ snapin_guid));
+ }
+
+ return NT_STATUS_OK;
+}
--- /dev/null
+/*
+ * Unix SMB/CIFS implementation.
+ * Group Policy Support
+ * Copyright (C) Guenther Deschner 2007-2008
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#define KEY_WINLOGON_GPEXT_PATH "HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GPExtensions"
+
+#define SAMBA_SUBSYSTEM_GPEXT "gpext"
+
+#define SMB_GPEXT_INTERFACE_VERSION 1
+
+struct gp_extension {
+ struct GUID *guid;
+ const char *name;
+ struct gp_extension_methods *methods;
+ struct gp_extension *prev, *next;
+};
+
+struct gp_extension_reg_table {
+ const char *val;
+ enum winreg_Type type;
+ const char *data;
+};
+
+struct gp_extension_reg_entry {
+ const char *value;
+ struct registry_value *data;
+};
+
+struct gp_extension_reg_info_entry {
+ struct GUID guid;
+ size_t num_entries;
+ struct gp_extension_reg_entry *entries;
+};
+
+struct gp_extension_reg_info {
+ size_t num_entries;
+ struct gp_extension_reg_info_entry *entries;
+};
+
+struct gp_extension_methods {
+
+ NTSTATUS (*initialize)(TALLOC_CTX *mem_ctx);
+
+ NTSTATUS (*process_group_policy)(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ struct registry_key *root_key,
+ const struct nt_user_token *token,
+ struct GROUP_POLICY_OBJECT *gpo,
+ const char *extension_guid,
+ const char *snapin_guid);
+
+ NTSTATUS (*process_group_policy2)(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ const struct nt_user_token *token,
+ struct GROUP_POLICY_OBJECT *gpo_list,
+ const char *extension_guid);
+
+ NTSTATUS (*get_reg_config)(TALLOC_CTX *mem_ctx,
+ struct gp_extension_reg_info **info);
+
+ NTSTATUS (*shutdown)(void);
+};
--- /dev/null
+/*
+ * Unix SMB/CIFS implementation.
+ * Group Policy Support
+ * Copyright (C) Guenther Deschner 2007-2008
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+#define GP_EXT_NAME "registry"
+
+/* more info can be found at:
+ * http://msdn2.microsoft.com/en-us/library/aa374407.aspx */
+
+#define GP_REGPOL_FILE "Registry.pol"
+
+#define GP_REGPOL_FILE_SIGNATURE 0x67655250 /* 'PReg' */
+#define GP_REGPOL_FILE_VERSION 1
+
+static TALLOC_CTX *ctx = NULL;
+
+struct gp_registry_file_header {
+ uint32_t signature;
+ uint32_t version;
+};
+
+struct gp_registry_file_entry {
+ UNISTR key;
+ UNISTR value;
+ enum winreg_Type type;
+ size_t size;
+ uint8_t *data;
+};
+
+struct gp_registry_file {
+ struct gp_registry_file_header header;
+ size_t num_entries;
+ struct gp_registry_entry *entries;
+};
+
+/****************************************************************
+****************************************************************/
+
+static bool reg_parse_header(const char *desc,
+ struct gp_registry_file_header *header,
+ prs_struct *ps,
+ int depth)
+{
+ if (!header)
+ return false;
+
+ prs_debug(ps, depth, desc, "reg_parse_header");
+ depth++;
+
+ if (!prs_uint32("signature", ps, depth, &header->signature))
+ return false;
+
+ if (!prs_uint32("version", ps, depth, &header->version))
+ return false;
+
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool reg_parse_and_verify_ucs2_char(const char *desc,
+ char character,
+ prs_struct *ps,
+ int depth)
+{
+ uint16_t tmp;
+
+ if (!prs_uint16(desc, ps, depth, &tmp))
+ return false;
+
+ if (tmp != UCS2_CHAR(character))
+ return false;
+
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool reg_parse_init(prs_struct *ps, int depth)
+{
+ return reg_parse_and_verify_ucs2_char("initiator '['", '[',
+ ps, depth);
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool reg_parse_sep(prs_struct *ps, int depth)
+{
+ return reg_parse_and_verify_ucs2_char("separator ';'", ';',
+ ps, depth);
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool reg_parse_term(prs_struct *ps, int depth)
+{
+ return reg_parse_and_verify_ucs2_char("terminator ']'", ']',
+ ps, depth);
+}
+
+
+/****************************************************************
+* [key;value;type;size;data]
+****************************************************************/
+
+static bool reg_parse_entry(TALLOC_CTX *mem_ctx,
+ const char *desc,
+ struct gp_registry_file_entry *entry,
+ prs_struct *ps,
+ int depth)
+{
+ uint32_t size = 0;
+
+ if (!entry)
+ return false;
+
+ prs_debug(ps, depth, desc, "reg_parse_entry");
+ depth++;
+
+ ZERO_STRUCTP(entry);
+
+ if (!reg_parse_init(ps, depth))
+ return false;
+
+ if (!prs_unistr("key", ps, depth, &entry->key))
+ return false;
+
+ if (!reg_parse_sep(ps, depth))
+ return false;
+
+ if (!prs_unistr("value", ps, depth, &entry->value))
+ return false;
+
+ if (!reg_parse_sep(ps, depth))
+ return false;
+
+ if (!prs_uint32("type", ps, depth, &entry->type))
+ return false;
+
+ if (!reg_parse_sep(ps, depth))
+ return false;
+
+ if (!prs_uint32("size", ps, depth, &size))
+ return false;
+
+ entry->size = size;
+
+ if (!reg_parse_sep(ps, depth))
+ return false;
+
+ if (entry->size) {
+ entry->data = TALLOC_ZERO_ARRAY(mem_ctx, uint8, entry->size);
+ if (!entry->data)
+ return false;
+ }
+
+ if (!prs_uint8s(false, "data", ps, depth, entry->data, entry->size))
+ return false;
+
+ if (!reg_parse_term(ps, depth))
+ return false;
+
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool reg_parse_value(TALLOC_CTX *mem_ctx,
+ char **value,
+ enum gp_reg_action *action)
+{
+ if (!*value) {
+ *action = GP_REG_ACTION_ADD_KEY;
+ return true;
+ }
+
+ if (strncmp(*value, "**", 2) != 0) {
+ *action = GP_REG_ACTION_ADD_VALUE;
+ return true;
+ }
+
+ if (strnequal(*value, "**DelVals.", 10)) {
+ *action = GP_REG_ACTION_DEL_ALL_VALUES;
+ return true;
+ }
+
+ if (strnequal(*value, "**Del.", 6)) {
+ *value = talloc_strdup(mem_ctx, *value + 6);
+ *action = GP_REG_ACTION_DEL_VALUE;
+ return true;
+ }
+
+ if (strnequal(*value, "**SecureKey", 11)) {
+ if (strnequal(*value, "**SecureKey=1", 13)) {
+ *action = GP_REG_ACTION_SEC_KEY_SET;
+ return true;
+ }
+
+ /*************** not tested from here on ***************/
+ if (strnequal(*value, "**SecureKey=0", 13)) {
+ smb_panic("not supported: **SecureKey=0");
+ *action = GP_REG_ACTION_SEC_KEY_RESET;
+ return true;
+ }
+ DEBUG(0,("unknown: SecureKey: %s\n", *value));
+ smb_panic("not supported SecureKey method");
+ return false;
+ }
+
+ if (strnequal(*value, "**DeleteValues", strlen("**DeleteValues"))) {
+ smb_panic("not supported: **DeleteValues");
+ *action = GP_REG_ACTION_DEL_VALUES;
+ return false;
+ }
+
+ if (strnequal(*value, "**DeleteKeys", strlen("**DeleteKeys"))) {
+ smb_panic("not supported: **DeleteKeys");
+ *action = GP_REG_ACTION_DEL_KEYS;
+ return false;
+ }
+
+ DEBUG(0,("unknown value: %s\n", *value));
+ smb_panic(*value);
+ return false;
+}
+
+/****************************************************************
+****************************************************************/
+
+static bool gp_reg_entry_from_file_entry(TALLOC_CTX *mem_ctx,
+ struct gp_registry_file_entry *file_entry,
+ struct gp_registry_entry **reg_entry)
+{
+ struct registry_value *data = NULL;
+ struct gp_registry_entry *entry = NULL;
+ char *key = NULL;
+ char *value = NULL;
+ enum gp_reg_action action = GP_REG_ACTION_NONE;
+
+ ZERO_STRUCTP(*reg_entry);
+
+ data = TALLOC_ZERO_P(mem_ctx, struct registry_value);
+ if (!data)
+ return false;
+
+ if (strlen_w((const smb_ucs2_t *)file_entry->key.buffer) <= 0)
+ return false;
+
+ if (!pull_ucs2_talloc(mem_ctx, &key, file_entry->key.buffer))
+ return false;
+
+ if (strlen_w((const smb_ucs2_t *)file_entry->value.buffer) > 0) {
+ if (!pull_ucs2_talloc(mem_ctx, &value,
+ file_entry->value.buffer))
+ return false;
+ }
+
+ if (!reg_parse_value(mem_ctx, &value, &action))
+ return false;
+
+ data->type = file_entry->type;
+
+ switch (data->type) {
+ case REG_DWORD:
+ data->v.dword = atoi((char *)file_entry->data);
+ break;
+ case REG_BINARY:
+ data->v.binary = data_blob_talloc(mem_ctx,
+ file_entry->data,
+ file_entry->size);
+ break;
+ case REG_NONE:
+ break;
+ case REG_SZ:
+ data->v.sz.len = pull_ucs2_talloc(mem_ctx,
+ &data->v.sz.str,
+ (const smb_ucs2_t *)file_entry->data);
+ break;
+ case REG_DWORD_BIG_ENDIAN:
+ case REG_EXPAND_SZ:
+ case REG_LINK:
+ case REG_MULTI_SZ:
+ case REG_QWORD:
+/* case REG_DWORD_LITTLE_ENDIAN: */
+/* case REG_QWORD_LITTLE_ENDIAN: */
+ printf("not yet implemented: %d\n", data->type);
+ return false;
+ default:
+ printf("invalid reg type defined: %d\n", data->type);
+ return false;
+
+ }
+
+ entry = TALLOC_ZERO_P(mem_ctx, struct gp_registry_entry);
+ if (!entry)
+ return false;
+
+ entry->key = key;
+ entry->value = value;
+ entry->data = data;
+ entry->action = action;
+
+ *reg_entry = entry;
+
+ return true;
+}
+
+/****************************************************************
+* [key;value;type;size;data][key;value;type;size;data]...
+****************************************************************/
+
+static bool reg_parse_entries(TALLOC_CTX *mem_ctx,
+ const char *desc,
+ struct gp_registry_entry **entries,
+ size_t *num_entries,
+ prs_struct *ps,
+ int depth)
+{
+
+ if (!entries || !num_entries)
+ return false;
+
+ prs_debug(ps, depth, desc, "reg_parse_entries");
+ depth++;
+
+ *entries = NULL;
+ *num_entries = 0;
+
+ while (ps->buffer_size > ps->data_offset) {
+
+ struct gp_registry_file_entry f_entry;
+ struct gp_registry_entry *r_entry = NULL;
+
+ if (!reg_parse_entry(mem_ctx, desc, &f_entry,
+ ps, depth))
+ return false;
+
+ if (!gp_reg_entry_from_file_entry(mem_ctx,
+ &f_entry,
+ &r_entry))
+ return false;
+
+ if (!add_gp_registry_entry_to_array(mem_ctx,
+ r_entry,
+ entries,
+ num_entries))
+ return false;
+ }
+
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS reg_parse_registry(TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ const char *filename,
+ struct gp_registry_entry **entries,
+ size_t *num_entries)
+{
+ uint16_t *buf = NULL;
+ size_t n = 0;
+ NTSTATUS status;
+ prs_struct ps;
+ struct gp_registry_file *reg_file;
+ const char *real_filename = NULL;
+
+ reg_file = TALLOC_ZERO_P(mem_ctx, struct gp_registry_file);
+ NT_STATUS_HAVE_NO_MEMORY(reg_file);
+
+ status = gp_find_file(mem_ctx,
+ flags,
+ filename,
+ GP_REGPOL_FILE,
+ &real_filename);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(reg_file);
+ return status;
+ }
+
+ buf = (uint16 *)file_load(real_filename, &n, 0);
+ if (!buf) {
+ TALLOC_FREE(reg_file);
+ return NT_STATUS_CANNOT_LOAD_REGISTRY_FILE;
+ }
+
+ if (!prs_init(&ps, n, mem_ctx, UNMARSHALL)) {
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
+ }
+
+ if (!prs_copy_data_in(&ps, (char *)buf, n)) {
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
+ }
+
+ prs_set_offset(&ps, 0);
+
+ if (!reg_parse_header("header", ®_file->header, &ps, 0)) {
+ status = NT_STATUS_REGISTRY_IO_FAILED;
+ goto out;
+ }
+
+ if (reg_file->header.signature != GP_REGPOL_FILE_SIGNATURE) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+
+ if (reg_file->header.version != GP_REGPOL_FILE_VERSION) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+
+ if (!reg_parse_entries(mem_ctx, "entries", ®_file->entries,
+ ®_file->num_entries, &ps, 0)) {
+ status = NT_STATUS_REGISTRY_IO_FAILED;
+ goto out;
+ }
+
+ *entries = reg_file->entries;
+ *num_entries = reg_file->num_entries;
+
+ status = NT_STATUS_OK;
+
+ out:
+ SAFE_FREE(buf);
+ prs_mem_free(&ps);
+
+ return status;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR reg_apply_registry(TALLOC_CTX *mem_ctx,
+ const struct nt_user_token *token,
+ struct registry_key *root_key,
+ uint32_t flags,
+ struct gp_registry_entry *entries,
+ size_t num_entries)
+{
+ struct gp_registry_context *reg_ctx = NULL;
+ WERROR werr;
+ size_t i;
+
+ if (num_entries == 0) {
+ return WERR_OK;
+ }
+
+#if 0
+ if (flags & GPO_LIST_FLAG_MACHINE) {
+ werr = gp_init_reg_ctx(mem_ctx, KEY_HKLM, REG_KEY_WRITE,
+ get_system_token(),
+ ®_ctx);
+ } else {
+ werr = gp_init_reg_ctx(mem_ctx, KEY_HKCU, REG_KEY_WRITE,
+ token,
+ ®_ctx);
+ }
+ W_ERROR_NOT_OK_RETURN(werr);
+#endif
+ for (i=0; i<num_entries; i++) {
+
+ /* FIXME: maybe we should check here if we attempt to go beyond
+ * the 4 allowed reg keys */
+
+ werr = reg_apply_registry_entry(mem_ctx, root_key,
+ reg_ctx,
+ &(entries)[i],
+ token, flags);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("failed to apply registry: %s\n",
+ dos_errstr(werr)));
+ goto done;
+ }
+ }
+
+done:
+ gp_free_reg_ctx(reg_ctx);
+ return werr;
+}
+
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS registry_process_group_policy(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ struct registry_key *root_key,
+ const struct nt_user_token *token,
+ struct GROUP_POLICY_OBJECT *gpo,
+ const char *extension_guid,
+ const char *snapin_guid)
+{
+ NTSTATUS status;
+ WERROR werr;
+ struct gp_registry_entry *entries = NULL;
+ size_t num_entries = 0;
+ char *unix_path = NULL;
+
+ debug_gpext_header(0, "registry_process_group_policy", flags, gpo,
+ extension_guid, snapin_guid);
+
+ status = gpo_get_unix_path(mem_ctx, gpo, &unix_path);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ status = reg_parse_registry(mem_ctx,
+ flags,
+ unix_path,
+ &entries,
+ &num_entries);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("failed to parse registry: %s\n",
+ nt_errstr(status)));
+ return status;
+ }
+
+ dump_reg_entries(flags, "READ", entries, num_entries);
+
+ werr = reg_apply_registry(mem_ctx, token, root_key, flags,
+ entries, num_entries);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("failed to apply registry: %s\n",
+ dos_errstr(werr)));
+ return werror_to_ntstatus(werr);
+ }
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS registry_get_reg_config(TALLOC_CTX *mem_ctx,
+ struct gp_extension_reg_info **reg_info)
+{
+ NTSTATUS status;
+ struct gp_extension_reg_info *info = NULL;
+ struct gp_extension_reg_table table[] = {
+ { "ProcessGroupPolicy", REG_SZ, "registry_process_group_policy" },
+ { NULL, REG_NONE, NULL }
+ };
+
+ info = TALLOC_ZERO_P(mem_ctx, struct gp_extension_reg_info);
+ NT_STATUS_HAVE_NO_MEMORY(info);
+
+ status = gp_ext_info_add_entry(mem_ctx, GP_EXT_NAME,
+ GP_EXT_GUID_REGISTRY,
+ table, info);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ *reg_info = info;
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS registry_initialize(TALLOC_CTX *mem_ctx)
+{
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS registry_shutdown(void)
+{
+ NTSTATUS status;
+
+ status = unregister_gp_extension(GP_EXT_NAME);
+ if (NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ TALLOC_FREE(ctx);
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static struct gp_extension_methods registry_methods = {
+ .initialize = registry_initialize,
+ .process_group_policy = registry_process_group_policy,
+ .get_reg_config = registry_get_reg_config,
+ .shutdown = registry_shutdown
+};
+
+/****************************************************************
+****************************************************************/
+
+NTSTATUS gpext_registry_init(void)
+{
+ NTSTATUS status;
+
+ ctx = talloc_init("gpext_registry_init");
+ NT_STATUS_HAVE_NO_MEMORY(ctx);
+
+ status = register_gp_extension(ctx, SMB_GPEXT_INTERFACE_VERSION,
+ GP_EXT_NAME, GP_EXT_GUID_REGISTRY,
+ ®istry_methods);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(ctx);
+ }
+
+ return status;
+}
if (!next_token_talloc(mem_ctx, &file_sys_path, server, "\\")) {
return NT_STATUS_INVALID_PARAMETER;
}
+ NT_STATUS_HAVE_NO_MEMORY(*server);
if (!next_token_talloc(mem_ctx, &file_sys_path, service, "\\")) {
return NT_STATUS_INVALID_PARAMETER;
}
+ NT_STATUS_HAVE_NO_MEMORY(*service);
if ((*nt_path = talloc_asprintf(mem_ctx, "\\%s", file_sys_path))
== NULL) {
return NT_STATUS_NO_MEMORY;
}
+ NT_STATUS_HAVE_NO_MEMORY(*nt_path);
if ((path = talloc_asprintf(mem_ctx,
"%s/%s",
return NT_STATUS_NO_MEMORY;
}
- if ((*unix_path = talloc_strdup(mem_ctx, path)) == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
+ *unix_path = talloc_strdup(mem_ctx, path);
+ NT_STATUS_HAVE_NO_MEMORY(*unix_path);
TALLOC_FREE(path);
return NT_STATUS_OK;
result = gpo_explode_filesyspath(mem_ctx, gpo->file_sys_path,
&server, &service, &nt_path,
&unix_path);
- if (!NT_STATUS_IS_OK(result)) {
- goto out;
- }
+ NT_STATUS_NOT_OK_RETURN(result);
result = gpo_prepare_local_store(mem_ctx, unix_path);
- if (!NT_STATUS_IS_OK(result)) {
- goto out;
- }
+ NT_STATUS_NOT_OK_RETURN(result);
unix_ini_path = talloc_asprintf(mem_ctx, "%s/%s", unix_path, GPT_INI);
nt_ini_path = talloc_asprintf(mem_ctx, "%s\\%s", nt_path, GPT_INI);
- if (!unix_path || !nt_ini_path) {
- result = NT_STATUS_NO_MEMORY;
- goto out;
- }
+ NT_STATUS_HAVE_NO_MEMORY(unix_ini_path);
+ NT_STATUS_HAVE_NO_MEMORY(nt_ini_path);
result = gpo_copy_file(mem_ctx, cli, nt_ini_path, unix_ini_path);
- if (!NT_STATUS_IS_OK(result)) {
- goto out;
- }
+ NT_STATUS_NOT_OK_RETURN(result);
result = gpo_sync_directories(mem_ctx, cli, nt_path, unix_path);
- if (!NT_STATUS_IS_OK(result)) {
- goto out;
- }
+ NT_STATUS_NOT_OK_RETURN(result);
- result = NT_STATUS_OK;
-
- out:
- return result;
+ return NT_STATUS_OK;
}
/****************************************************************
ctx) == -1) {
DEBUG(1,("listing [%s] failed with error: %s\n",
ctx->mask, cli_errstr(ctx->cli)));
- return False;
+ return false;
}
- return True;
+ return true;
}
/****************************************************************
failed:
- DEBUG(1,("gp_inifile_init_context failed: %s\n",
+ DEBUG(1,("gp_inifile_init_context failed: %s\n",
nt_errstr(status)));
TALLOC_FREE(ctx);
result = NT_STATUS_OK;
out:
- if (dict) {
+ if (dict) {
iniparser_freedict(dict);
}
const char *extension_raw,
struct GP_EXT **gp_ext)
{
- bool ret = False;
+ bool ret = false;
struct GP_EXT *ext = NULL;
char **ext_list = NULL;
char **ext_strings = NULL;
*gp_ext = ext;
- ret = True;
+ ret = true;
parse_error:
TALLOC_FREE(ext_list);
}
}
- new_token = create_local_nt_token(mem_ctx, &object_sid, False,
+ new_token = create_local_nt_token(mem_ctx, &object_sid, false,
num_token_sids, token_sids);
ADS_ERROR_HAVE_NO_MEMORY(new_token);
ADS_STATUS status;
struct GP_LINK gp_link;
const char *parent_dn, *site_dn, *tmp_dn;
- bool add_only_forced_gpos = False;
+ bool add_only_forced_gpos = false;
ZERO_STRUCTP(gpo_list);
/* block inheritance from now on */
if (gp_link.gp_opts &
GPOPTIONS_BLOCK_INHERITANCE) {
- add_only_forced_gpos = True;
+ add_only_forced_gpos = true;
}
status = add_gplink_to_gpo_list(ads,
/* block inheritance from now on */
if (gp_link.gp_opts &
GPOPTIONS_BLOCK_INHERITANCE) {
- add_only_forced_gpos = True;
+ add_only_forced_gpos = true;
}
status = add_gplink_to_gpo_list(ads,
--- /dev/null
+/*
+ * Unix SMB/CIFS implementation.
+ * Group Policy Object Support
+ * Copyright (C) Guenther Deschner 2007-2008
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+
+extern REGISTRY_OPS regdb_ops;
+
+static int gp_reg_fetch_keys(const char *key, REGSUBKEY_CTR *subkey_ctr)
+{
+ return regdb_ops.fetch_subkeys(key, subkey_ctr);
+}
+
+static bool gp_reg_store_keys(const char *key, REGSUBKEY_CTR *subkeys)
+{
+ return regdb_ops.store_subkeys(key, subkeys);
+}
+
+static int gp_reg_fetch_values(const char *key, REGVAL_CTR *val)
+{
+ return regdb_ops.fetch_values(key, val);
+}
+
+static bool gp_reg_store_values(const char *key, REGVAL_CTR *val)
+{
+ return regdb_ops.store_values(key, val);
+}
+
+static WERROR gp_reg_get_secdesc(TALLOC_CTX *mem_ctx, const char *key,
+ struct security_descriptor **psecdesc)
+{
+ return regdb_ops.get_secdesc(mem_ctx, key, psecdesc);
+}
+
+static WERROR gp_reg_set_secdesc(const char *key,
+ struct security_descriptor *secdesc)
+{
+ return regdb_ops.set_secdesc(key, secdesc);
+}
+
+/****************************************************************
+****************************************************************/
+
+static REGISTRY_OPS gp_reg_ops = {
+ .fetch_subkeys = gp_reg_fetch_keys,
+ .fetch_values = gp_reg_fetch_values,
+ .store_subkeys = gp_reg_store_keys,
+ .store_values = gp_reg_store_values,
+/* .reg_access_check = gp_reg_reg_access_check, */
+ .get_secdesc = gp_reg_get_secdesc,
+ .set_secdesc = gp_reg_set_secdesc
+};
+
+/****************************************************************
+****************************************************************/
+
+struct nt_user_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
+{
+ struct nt_user_token *token = NULL;
+
+ token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
+ if (!token) {
+ DEBUG(1,("talloc failed\n"));
+ return NULL;
+ }
+
+ token->privileges = se_priv_all;
+
+ if (!NT_STATUS_IS_OK(add_sid_to_array(token, &global_sid_System,
+ &token->user_sids, &token->num_sids))) {
+ DEBUG(1,("Error adding nt-authority system sid to token\n"));
+ return NULL;
+ }
+
+ return token;
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_init_reg_ctx(TALLOC_CTX *mem_ctx,
+ const char *initial_path,
+ uint32_t desired_access,
+ const struct nt_user_token *token,
+ struct gp_registry_context **reg_ctx)
+{
+ struct gp_registry_context *tmp_ctx;
+ static REGISTRY_HOOK gp_reg_hook;
+ WERROR werr;
+
+ if (!reg_ctx) {
+ return WERR_INVALID_PARAM;
+ }
+
+ if (!regdb_init()) {
+ return WERR_CAN_NOT_COMPLETE;
+ }
+
+ gp_reg_hook.keyname = initial_path; /* KEY_SAMBA_GROUP_POLICY */
+ gp_reg_hook.ops = &gp_reg_ops;
+
+ /* not sure about the cache hook */
+ reghook_cache_init();
+
+ if (!reghook_cache_add(&gp_reg_hook)) {
+ return WERR_CAN_NOT_COMPLETE;
+ }
+
+ tmp_ctx = TALLOC_ZERO_P(mem_ctx, struct gp_registry_context);
+ W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
+
+ if (token) {
+ tmp_ctx->token = token;
+ } else {
+ tmp_ctx->token = registry_create_system_token(mem_ctx);
+ }
+ if (!tmp_ctx->token) {
+ TALLOC_FREE(tmp_ctx);
+ return WERR_NOMEM;
+ }
+
+ if (initial_path) {
+ tmp_ctx->path = talloc_strdup(mem_ctx, initial_path);
+ if (!tmp_ctx->path) {
+ TALLOC_FREE(tmp_ctx);
+ return WERR_NOMEM;
+ }
+
+ werr = reg_open_path(mem_ctx, tmp_ctx->path, desired_access,
+ tmp_ctx->token, &tmp_ctx->curr_key);
+ if (!W_ERROR_IS_OK(werr)) {
+ TALLOC_FREE(tmp_ctx);
+ return werr;
+ }
+ }
+
+ *reg_ctx = tmp_ctx;
+
+ return WERR_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+void gp_free_reg_ctx(struct gp_registry_context *reg_ctx)
+{
+ TALLOC_FREE(reg_ctx);
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_store_reg_subkey(TALLOC_CTX *mem_ctx,
+ const char *subkeyname,
+ struct registry_key *curr_key,
+ struct registry_key **new_key)
+{
+ enum winreg_CreateAction action = REG_ACTION_NONE;
+ WERROR werr;
+
+ werr = reg_createkey(mem_ctx, curr_key, subkeyname,
+ REG_KEY_WRITE, new_key, &action);
+ if (W_ERROR_IS_OK(werr) && (action != REG_CREATED_NEW_KEY)) {
+ return WERR_OK;
+ }
+
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_read_reg_subkey(TALLOC_CTX *mem_ctx,
+ struct gp_registry_context *reg_ctx,
+ const char *subkeyname,
+ struct registry_key **key)
+{
+ const char *tmp = NULL;
+
+ if (!reg_ctx || !subkeyname || !key) {
+ return WERR_INVALID_PARAM;
+ }
+
+ tmp = talloc_asprintf(mem_ctx, "%s\\%s", reg_ctx->path, subkeyname);
+ W_ERROR_HAVE_NO_MEMORY(tmp);
+
+ return reg_open_path(mem_ctx, tmp, REG_KEY_READ,
+ reg_ctx->token, key);
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_store_reg_val_sz(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ const char *val_name,
+ const char *val)
+{
+ struct registry_value reg_val;
+ ZERO_STRUCT(reg_val);
+
+ /* FIXME: hack */
+ val = val ? val : " ";
+
+ reg_val.type = REG_SZ;
+ reg_val.v.sz.len = strlen(val);
+ reg_val.v.sz.str = talloc_strdup(mem_ctx, val);
+ W_ERROR_HAVE_NO_MEMORY(reg_val.v.sz.str);
+
+ return reg_setvalue(key, val_name, ®_val);
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_store_reg_val_dword(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ const char *val_name,
+ uint32_t val)
+{
+ struct registry_value reg_val;
+ ZERO_STRUCT(reg_val);
+
+ reg_val.type = REG_DWORD;
+ reg_val.v.dword = val;
+
+ return reg_setvalue(key, val_name, ®_val);
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_read_reg_val_sz(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ const char *val_name,
+ const char **val)
+{
+ WERROR werr;
+ struct registry_value *reg_val = NULL;
+
+ werr = reg_queryvalue(mem_ctx, key, val_name, ®_val);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ if (reg_val->type != REG_SZ) {
+ return WERR_INVALID_DATATYPE;
+ }
+
+ *val = talloc_strdup(mem_ctx, reg_val->v.sz.str);
+ W_ERROR_HAVE_NO_MEMORY(*val);
+
+ return WERR_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_read_reg_val_dword(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ const char *val_name,
+ uint32_t *val)
+{
+ WERROR werr;
+ struct registry_value *reg_val = NULL;
+
+ werr = reg_queryvalue(mem_ctx, key, val_name, ®_val);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ if (reg_val->type != REG_DWORD) {
+ return WERR_INVALID_DATATYPE;
+ }
+
+ *val = reg_val->v.dword;
+
+ return WERR_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_store_reg_gpovals(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ struct GROUP_POLICY_OBJECT *gpo)
+{
+ WERROR werr;
+
+ if (!key || !gpo) {
+ return WERR_INVALID_PARAM;
+ }
+
+ werr = gp_store_reg_val_dword(mem_ctx, key, "Version",
+ gpo->version);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_dword(mem_ctx, key, "WQLFilterPass",
+ true); /* fake */
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_dword(mem_ctx, key, "AccessDenied",
+ false); /* fake */
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_dword(mem_ctx, key, "GPO-Disabled",
+ (gpo->options & GPO_FLAG_DISABLE));
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_dword(mem_ctx, key, "Options",
+ gpo->options);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_sz(mem_ctx, key, "GPOID",
+ gpo->name);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_sz(mem_ctx, key, "SOM",
+ gpo->link);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_sz(mem_ctx, key, "DisplayName",
+ gpo->display_name);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_store_reg_val_sz(mem_ctx, key, "WQL-Id",
+ NULL);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+static const char *gp_reg_groupmembership_path(TALLOC_CTX *mem_ctx,
+ const DOM_SID *sid,
+ uint32_t flags)
+{
+ if (flags & GPO_LIST_FLAG_MACHINE) {
+ return "GroupMembership";
+ }
+
+ return talloc_asprintf(mem_ctx, "%s\\%s", sid_string_tos(sid),
+ "GroupMembership");
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_reg_del_groupmembership(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ const struct nt_user_token *token,
+ uint32_t flags)
+{
+ const char *path = NULL;
+
+ path = gp_reg_groupmembership_path(mem_ctx, &token->user_sids[0],
+ flags);
+ W_ERROR_HAVE_NO_MEMORY(path);
+
+ return reg_deletekey_recursive(mem_ctx, key, path);
+
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_reg_store_groupmembership(TALLOC_CTX *mem_ctx,
+ struct gp_registry_context *reg_ctx,
+ const struct nt_user_token *token,
+ uint32_t flags)
+{
+ struct registry_key *key = NULL;
+ WERROR werr;
+ int i = 0;
+ const char *valname = NULL;
+ const char *path = NULL;
+ const char *val = NULL;
+ int count = 0;
+
+ path = gp_reg_groupmembership_path(mem_ctx, &token->user_sids[0],
+ flags);
+ W_ERROR_HAVE_NO_MEMORY(path);
+
+ gp_reg_del_groupmembership(mem_ctx, reg_ctx->curr_key, token, flags);
+
+ werr = gp_store_reg_subkey(mem_ctx, path,
+ reg_ctx->curr_key, &key);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ for (i=0; i<token->num_sids; i++) {
+
+ valname = talloc_asprintf(mem_ctx, "Group%d", count++);
+ W_ERROR_HAVE_NO_MEMORY(valname);
+
+ val = sid_string_talloc(mem_ctx, &token->user_sids[i]);
+ W_ERROR_HAVE_NO_MEMORY(val);
+ werr = gp_store_reg_val_sz(mem_ctx, key, valname, val);
+ W_ERROR_NOT_OK_RETURN(werr);
+ }
+
+ werr = gp_store_reg_val_dword(mem_ctx, key, "Count", count);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ return WERR_OK;
+}
+
+/****************************************************************
+****************************************************************/
+#if 0
+/* not used yet */
+static WERROR gp_reg_read_groupmembership(TALLOC_CTX *mem_ctx,
+ struct gp_registry_context *reg_ctx,
+ const DOM_SID *object_sid,
+ struct nt_user_token **token,
+ uint32_t flags)
+{
+ struct registry_key *key = NULL;
+ WERROR werr;
+ int i = 0;
+ const char *valname = NULL;
+ const char *val = NULL;
+ const char *path = NULL;
+ uint32_t count = 0;
+ int num_token_sids = 0;
+ struct nt_user_token *tmp_token = NULL;
+
+ tmp_token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
+ W_ERROR_HAVE_NO_MEMORY(tmp_token);
+
+ path = gp_reg_groupmembership_path(mem_ctx, object_sid, flags);
+ W_ERROR_HAVE_NO_MEMORY(path);
+
+ werr = gp_read_reg_subkey(mem_ctx, reg_ctx, path, &key);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_read_reg_val_dword(mem_ctx, key, "Count", &count);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ for (i=0; i<count; i++) {
+
+ valname = talloc_asprintf(mem_ctx, "Group%d", i);
+ W_ERROR_HAVE_NO_MEMORY(valname);
+
+ werr = gp_read_reg_val_sz(mem_ctx, key, valname, &val);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ if (!string_to_sid(&tmp_token->user_sids[num_token_sids++],
+ val)) {
+ return WERR_INSUFFICIENT_BUFFER;
+ }
+ }
+
+ tmp_token->num_sids = num_token_sids;
+
+ *token = tmp_token;
+
+ return WERR_OK;
+}
+#endif
+/****************************************************************
+****************************************************************/
+
+static const char *gp_req_state_path(TALLOC_CTX *mem_ctx,
+ const DOM_SID *sid,
+ uint32_t flags)
+{
+ if (flags & GPO_LIST_FLAG_MACHINE) {
+ return GPO_REG_STATE_MACHINE;
+ }
+
+ return talloc_asprintf(mem_ctx, "%s\\%s", "State", sid_string_tos(sid));
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_del_reg_state(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ const char *path)
+{
+ return reg_deletesubkeys_recursive(mem_ctx, key, path);
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_reg_state_store(TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ const char *dn,
+ const struct nt_user_token *token,
+ struct GROUP_POLICY_OBJECT *gpo_list)
+{
+ struct gp_registry_context *reg_ctx = NULL;
+ WERROR werr = WERR_GENERAL_FAILURE;
+ const char *subkeyname = NULL;
+ struct GROUP_POLICY_OBJECT *gpo;
+ int count = 0;
+ struct registry_key *key;
+
+ werr = gp_init_reg_ctx(mem_ctx, KEY_GROUP_POLICY, REG_KEY_WRITE,
+ token, ®_ctx);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_secure_key(mem_ctx, flags, KEY_GROUP_POLICY,
+ &token->user_sids[0]);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("failed to secure key: %s\n", dos_errstr(werr)));
+ goto done;
+ }
+
+ werr = gp_reg_store_groupmembership(mem_ctx, reg_ctx, token, flags);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("failed to store group membership: %s\n", dos_errstr(werr)));
+ goto done;
+ }
+
+ subkeyname = gp_req_state_path(mem_ctx, &token->user_sids[0], flags);
+ if (!subkeyname) {
+ werr = WERR_NOMEM;
+ goto done;
+ }
+
+ werr = gp_del_reg_state(mem_ctx, reg_ctx->curr_key, subkeyname);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("failed to delete old state: %s\n", dos_errstr(werr)));
+ /* goto done; */
+ }
+
+ werr = gp_store_reg_subkey(mem_ctx, subkeyname,
+ reg_ctx->curr_key, ®_ctx->curr_key);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ werr = gp_store_reg_val_sz(mem_ctx, reg_ctx->curr_key,
+ "Distinguished-Name", dn);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ /* store link list */
+
+ werr = gp_store_reg_subkey(mem_ctx, "GPLink-List",
+ reg_ctx->curr_key, &key);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ /* store gpo list */
+
+ werr = gp_store_reg_subkey(mem_ctx, "GPO-List",
+ reg_ctx->curr_key, ®_ctx->curr_key);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ for (gpo = gpo_list; gpo; gpo = gpo->next) {
+
+ subkeyname = talloc_asprintf(mem_ctx, "%d", count++);
+ if (!subkeyname) {
+ werr = WERR_NOMEM;
+ goto done;
+ }
+
+ werr = gp_store_reg_subkey(mem_ctx, subkeyname,
+ reg_ctx->curr_key, &key);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ werr = gp_store_reg_gpovals(mem_ctx, key, gpo);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("gp_reg_state_store: "
+ "gpo_store_reg_gpovals failed for %s: %s\n",
+ gpo->display_name, dos_errstr(werr)));
+ goto done;
+ }
+ }
+ done:
+ gp_free_reg_ctx(reg_ctx);
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_read_reg_gpovals(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ struct GROUP_POLICY_OBJECT *gpo)
+{
+ WERROR werr;
+
+ if (!key || !gpo) {
+ return WERR_INVALID_PARAM;
+ }
+
+ werr = gp_read_reg_val_dword(mem_ctx, key, "Version",
+ &gpo->version);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_read_reg_val_dword(mem_ctx, key, "Options",
+ &gpo->options);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_read_reg_val_sz(mem_ctx, key, "GPOID",
+ &gpo->name);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_read_reg_val_sz(mem_ctx, key, "SOM",
+ &gpo->link);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = gp_read_reg_val_sz(mem_ctx, key, "DisplayName",
+ &gpo->display_name);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_read_reg_gpo(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ struct GROUP_POLICY_OBJECT **gpo_ret)
+{
+ struct GROUP_POLICY_OBJECT *gpo = NULL;
+ WERROR werr;
+
+ if (!gpo_ret || !key) {
+ return WERR_INVALID_PARAM;
+ }
+
+ gpo = TALLOC_ZERO_P(mem_ctx, struct GROUP_POLICY_OBJECT);
+ W_ERROR_HAVE_NO_MEMORY(gpo);
+
+ werr = gp_read_reg_gpovals(mem_ctx, key, gpo);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ *gpo_ret = gpo;
+
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_reg_state_read(TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ const DOM_SID *sid,
+ struct GROUP_POLICY_OBJECT **gpo_list)
+{
+ struct gp_registry_context *reg_ctx = NULL;
+ WERROR werr = WERR_GENERAL_FAILURE;
+ const char *subkeyname = NULL;
+ struct GROUP_POLICY_OBJECT *gpo = NULL;
+ int count = 0;
+ struct registry_key *key = NULL;
+ const char *path = NULL;
+ const char *gp_state_path = NULL;
+
+ if (!gpo_list) {
+ return WERR_INVALID_PARAM;
+ }
+
+ ZERO_STRUCTP(gpo_list);
+
+ gp_state_path = gp_req_state_path(mem_ctx, sid, flags);
+ if (!gp_state_path) {
+ werr = WERR_NOMEM;
+ goto done;
+ }
+
+ path = talloc_asprintf(mem_ctx, "%s\\%s\\%s",
+ KEY_GROUP_POLICY,
+ gp_state_path,
+ "GPO-List");
+ if (!path) {
+ werr = WERR_NOMEM;
+ goto done;
+ }
+
+ werr = gp_init_reg_ctx(mem_ctx, path, REG_KEY_READ, NULL, ®_ctx);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ while (1) {
+
+ subkeyname = talloc_asprintf(mem_ctx, "%d", count++);
+ if (!subkeyname) {
+ werr = WERR_NOMEM;
+ goto done;
+ }
+
+ werr = gp_read_reg_subkey(mem_ctx, reg_ctx, subkeyname, &key);
+ if (W_ERROR_EQUAL(werr, WERR_BADFILE)) {
+ werr = WERR_OK;
+ break;
+ }
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("gp_reg_state_read: "
+ "gp_read_reg_subkey gave: %s\n",
+ dos_errstr(werr)));
+ goto done;
+ }
+
+ werr = gp_read_reg_gpo(mem_ctx, key, &gpo);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ DLIST_ADD(*gpo_list, gpo);
+ }
+
+ done:
+ gp_free_reg_ctx(reg_ctx);
+ return werr;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx,
+ const DOM_SID *sid,
+ struct security_descriptor **sd,
+ size_t *sd_size)
+{
+ SEC_ACE ace[6];
+ SEC_ACCESS mask;
+
+ SEC_ACL *acl = NULL;
+
+ uint8_t inherit_flags;
+
+ init_sec_access(&mask, REG_KEY_ALL);
+ init_sec_ace(&ace[0],
+ &global_sid_System,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ mask, 0);
+
+ init_sec_access(&mask, REG_KEY_ALL);
+ init_sec_ace(&ace[1],
+ &global_sid_Builtin_Administrators,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ mask, 0);
+
+ init_sec_access(&mask, REG_KEY_READ);
+ init_sec_ace(&ace[2],
+ sid ? sid : &global_sid_Authenticated_Users,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ mask, 0);
+
+ inherit_flags = SEC_ACE_FLAG_OBJECT_INHERIT |
+ SEC_ACE_FLAG_CONTAINER_INHERIT |
+ SEC_ACE_FLAG_INHERIT_ONLY;
+
+ init_sec_access(&mask, REG_KEY_ALL);
+ init_sec_ace(&ace[3],
+ &global_sid_System,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ mask, inherit_flags);
+
+ init_sec_access(&mask, REG_KEY_ALL);
+ init_sec_ace(&ace[4],
+ &global_sid_Builtin_Administrators,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ mask, inherit_flags);
+
+ init_sec_access(&mask, REG_KEY_READ);
+ init_sec_ace(&ace[5],
+ sid ? sid : &global_sid_Authenticated_Users,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ mask, inherit_flags);
+
+ acl = make_sec_acl(mem_ctx, NT4_ACL_REVISION, 6, ace);
+ W_ERROR_HAVE_NO_MEMORY(acl);
+
+ *sd = make_sec_desc(mem_ctx, SEC_DESC_REVISION,
+ SEC_DESC_SELF_RELATIVE |
+ SEC_DESC_DACL_AUTO_INHERITED | /* really ? */
+ SEC_DESC_DACL_AUTO_INHERIT_REQ, /* really ? */
+ NULL, NULL, NULL,
+ acl, sd_size);
+ W_ERROR_HAVE_NO_MEMORY(*sd);
+
+ return WERR_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+WERROR gp_secure_key(TALLOC_CTX *mem_ctx,
+ uint32_t flags,
+ const char *key,
+ const DOM_SID *sid)
+{
+ struct security_descriptor *sd = NULL;
+ size_t sd_size = 0;
+ const DOM_SID *sd_sid = NULL;
+ WERROR werr;
+
+ if (!(flags & GPO_LIST_FLAG_MACHINE)) {
+ sd_sid = sid;
+ }
+
+ werr = gp_reg_generate_sd(mem_ctx, sd_sid, &sd, &sd_size);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ return gp_reg_set_secdesc(key, sd);
+}
+
+/****************************************************************
+****************************************************************/
+
+void dump_reg_val(int lvl, const char *direction,
+ const char *key, const char *subkey,
+ struct registry_value *val)
+{
+ int i = 0;
+ const char *type_str = NULL;
+
+ if (!val) {
+ DEBUG(lvl,("no val!\n"));
+ return;
+ }
+
+ type_str = reg_type_lookup(val->type);
+
+ DEBUG(lvl,("\tdump_reg_val: %s '%s' '%s' %s: ",
+ direction, key, subkey, type_str));
+
+ switch (val->type) {
+ case REG_DWORD:
+ DEBUG(lvl,("%d\n", (int)val->v.dword));
+ break;
+ case REG_QWORD:
+ DEBUG(lvl,("%d\n", (int)val->v.qword));
+ break;
+ case REG_SZ:
+ DEBUG(lvl,("%s (length: %d)\n",
+ val->v.sz.str,
+ (int)val->v.sz.len));
+ break;
+ case REG_MULTI_SZ:
+ DEBUG(lvl,("(num_strings: %d)\n",
+ val->v.multi_sz.num_strings));
+ for (i=0; i < val->v.multi_sz.num_strings; i++) {
+ DEBUGADD(lvl,("\t%s\n",
+ val->v.multi_sz.strings[i]));
+ }
+ break;
+ case REG_NONE:
+ DEBUG(lvl,("\n"));
+ break;
+ case REG_BINARY:
+ dump_data(lvl, val->v.binary.data,
+ val->v.binary.length);
+ break;
+ default:
+ DEBUG(lvl,("unsupported type: %d\n", val->type));
+ break;
+ }
+}
+
+/****************************************************************
+****************************************************************/
+
+void dump_reg_entry(uint32_t flags,
+ const char *dir,
+ struct gp_registry_entry *entry)
+{
+ if (!(flags & GPO_INFO_FLAG_VERBOSE))
+ return;
+
+ dump_reg_val(1, dir,
+ entry->key,
+ entry->value,
+ entry->data);
+}
+
+/****************************************************************
+****************************************************************/
+
+void dump_reg_entries(uint32_t flags,
+ const char *dir,
+ struct gp_registry_entry *entries,
+ size_t num_entries)
+{
+ size_t i;
+
+ if (!(flags & GPO_INFO_FLAG_VERBOSE))
+ return;
+
+ for (i=0; i < num_entries; i++) {
+ dump_reg_entry(flags, dir, &entries[i]);
+ }
+}
+
+/****************************************************************
+****************************************************************/
+
+bool add_gp_registry_entry_to_array(TALLOC_CTX *mem_ctx,
+ struct gp_registry_entry *entry,
+ struct gp_registry_entry **entries,
+ size_t *num)
+{
+ *entries = TALLOC_REALLOC_ARRAY(mem_ctx, *entries,
+ struct gp_registry_entry,
+ (*num)+1);
+
+ if (*entries == NULL) {
+ *num = 0;
+ return false;
+ }
+
+ (*entries)[*num].action = entry->action;
+ (*entries)[*num].key = entry->key;
+ (*entries)[*num].value = entry->value;
+ (*entries)[*num].data = entry->data;
+
+ *num += 1;
+ return true;
+}
+
+/****************************************************************
+****************************************************************/
+
+static const char *gp_reg_action_str(enum gp_reg_action action)
+{
+ switch (action) {
+ case GP_REG_ACTION_NONE:
+ return "GP_REG_ACTION_NONE";
+ case GP_REG_ACTION_ADD_VALUE:
+ return "GP_REG_ACTION_ADD_VALUE";
+ case GP_REG_ACTION_ADD_KEY:
+ return "GP_REG_ACTION_ADD_KEY";
+ case GP_REG_ACTION_DEL_VALUES:
+ return "GP_REG_ACTION_DEL_VALUES";
+ case GP_REG_ACTION_DEL_VALUE:
+ return "GP_REG_ACTION_DEL_VALUE";
+ case GP_REG_ACTION_DEL_ALL_VALUES:
+ return "GP_REG_ACTION_DEL_ALL_VALUES";
+ case GP_REG_ACTION_DEL_KEYS:
+ return "GP_REG_ACTION_DEL_KEYS";
+ case GP_REG_ACTION_SEC_KEY_SET:
+ return "GP_REG_ACTION_SEC_KEY_SET";
+ case GP_REG_ACTION_SEC_KEY_RESET:
+ return "GP_REG_ACTION_SEC_KEY_RESET";
+ default:
+ return "unknown";
+ }
+};
+
+/****************************************************************
+****************************************************************/
+
+WERROR reg_apply_registry_entry(TALLOC_CTX *mem_ctx,
+ struct registry_key *root_key,
+ struct gp_registry_context *reg_ctx,
+ struct gp_registry_entry *entry,
+ const struct nt_user_token *token,
+ uint32_t flags)
+{
+ WERROR werr;
+ struct registry_key *key = NULL;
+
+ if (flags & GPO_INFO_FLAG_VERBOSE) {
+ printf("about to store key: [%s]\n", entry->key);
+ printf(" value: [%s]\n", entry->value);
+ printf(" data: [%s]\n", reg_type_lookup(entry->data->type));
+ printf(" action: [%s]\n", gp_reg_action_str(entry->action));
+ }
+
+ werr = gp_store_reg_subkey(mem_ctx, entry->key,
+ root_key, &key);
+ /* reg_ctx->curr_key, &key); */
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("gp_store_reg_subkey failed: %s\n", dos_errstr(werr)));
+ return werr;
+ }
+
+ switch (entry->action) {
+ case GP_REG_ACTION_NONE:
+ case GP_REG_ACTION_ADD_KEY:
+ return WERR_OK;
+
+ case GP_REG_ACTION_SEC_KEY_SET:
+ werr = gp_secure_key(mem_ctx, flags,
+ entry->key,
+ &token->user_sids[0]);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("reg_apply_registry_entry: "
+ "gp_secure_key failed: %s\n",
+ dos_errstr(werr)));
+ return werr;
+ }
+ break;
+ case GP_REG_ACTION_ADD_VALUE:
+ werr = reg_setvalue(key, entry->value, entry->data);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("reg_apply_registry_entry: "
+ "reg_setvalue failed: %s\n",
+ dos_errstr(werr)));
+ dump_reg_entry(flags, "STORE", entry);
+ return werr;
+ }
+ break;
+ case GP_REG_ACTION_DEL_VALUE:
+ werr = reg_deletevalue(key, entry->value);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("reg_apply_registry_entry: "
+ "reg_deletevalue failed: %s\n",
+ dos_errstr(werr)));
+ dump_reg_entry(flags, "STORE", entry);
+ return werr;
+ }
+ break;
+ case GP_REG_ACTION_DEL_ALL_VALUES:
+ werr = reg_deleteallvalues(key);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0,("reg_apply_registry_entry: "
+ "reg_deleteallvalues failed: %s\n",
+ dos_errstr(werr)));
+ dump_reg_entry(flags, "STORE", entry);
+ return werr;
+ }
+ break;
+ case GP_REG_ACTION_DEL_VALUES:
+ case GP_REG_ACTION_DEL_KEYS:
+ case GP_REG_ACTION_SEC_KEY_RESET:
+ DEBUG(0,("reg_apply_registry_entry: "
+ "not yet supported: %s (%d)\n",
+ gp_reg_action_str(entry->action),
+ entry->action));
+ return WERR_NOT_SUPPORTED;
+ default:
+ DEBUG(0,("invalid action: %d\n", entry->action));
+ return WERR_INVALID_PARAM;
+ }
+
+ return werr;
+}
+
NTSTATUS status;
if (!object) {
- return False;
+ return false;
}
status = GUID_from_string(ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY,
&ext_right_apg_guid);
if (!NT_STATUS_IS_OK(status)) {
- return False;
+ return false;
}
switch (object->flags) {
break;
}
- return False;
+ return false;
}
/****************************************************************
static bool gpo_sd_check_agp_object(const SEC_ACE *ace)
{
if (!sec_ace_object(ace->type)) {
- return False;
+ return false;
}
return gpo_sd_check_agp_object_guid(&ace->object.object);
/*
* Unix SMB/CIFS implementation.
* Group Policy Object Support
- * Copyright (C) Guenther Deschner 2005-2007
+ * Copyright (C) Guenther Deschner 2005-2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
/****************************************************************
****************************************************************/
+NTSTATUS gpo_get_unix_path(TALLOC_CTX *mem_ctx,
+ struct GROUP_POLICY_OBJECT *gpo,
+ char **unix_path)
+{
+ char *server, *share, *nt_path;
+ return gpo_explode_filesyspath(mem_ctx, gpo->file_sys_path,
+ &server, &share, &nt_path, unix_path);
+}
+
+/****************************************************************
+****************************************************************/
+
+char *gpo_flag_str(uint32_t flags)
+{
+ fstring str = "";
+
+ if (flags == 0) {
+ return NULL;
+ }
+
+ if (flags & GPO_INFO_FLAG_SLOWLINK)
+ fstrcat(str, "GPO_INFO_FLAG_SLOWLINK ");
+ if (flags & GPO_INFO_FLAG_VERBOSE)
+ fstrcat(str, "GPO_INFO_FLAG_VERBOSE ");
+ if (flags & GPO_INFO_FLAG_SAFEMODE_BOOT)
+ fstrcat(str, "GPO_INFO_FLAG_SAFEMODE_BOOT ");
+ if (flags & GPO_INFO_FLAG_NOCHANGES)
+ fstrcat(str, "GPO_INFO_FLAG_NOCHANGES ");
+ if (flags & GPO_INFO_FLAG_MACHINE)
+ fstrcat(str, "GPO_INFO_FLAG_MACHINE ");
+ if (flags & GPO_INFO_FLAG_LOGRSOP_TRANSITION)
+ fstrcat(str, "GPO_INFO_FLAG_LOGRSOP_TRANSITION ");
+ if (flags & GPO_INFO_FLAG_LINKTRANSITION)
+ fstrcat(str, "GPO_INFO_FLAG_LINKTRANSITION ");
+ if (flags & GPO_INFO_FLAG_FORCED_REFRESH)
+ fstrcat(str, "GPO_INFO_FLAG_FORCED_REFRESH ");
+ if (flags & GPO_INFO_FLAG_BACKGROUND)
+ fstrcat(str, "GPO_INFO_FLAG_BACKGROUND ");
+
+ return SMB_STRDUP(str);
+}
+
+/****************************************************************
+****************************************************************/
+
NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
uint32_t flags,
const char *filename,
return NT_STATUS_OK;
}
- tmp = talloc_asprintf_strupper_m(mem_ctx, "%s/%s/%s", filename, path,
- suffix);
+ path = talloc_strdup_upper(mem_ctx, path);
+ NT_STATUS_HAVE_NO_MEMORY(path);
+
+ tmp = talloc_asprintf(mem_ctx, "%s/%s/%s", filename,
+ path, suffix);
NT_STATUS_HAVE_NO_MEMORY(tmp);
if (sys_stat(tmp, &sbuf) == 0) {
return NT_STATUS_NO_SUCH_FILE;
}
+/****************************************************************
+****************************************************************/
+
+ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ const char *dn,
+ struct nt_user_token **token)
+{
+ struct nt_user_token *ad_token = NULL;
+ ADS_STATUS status;
+ NTSTATUS ntstatus;
+
+#ifndef HAVE_ADS
+ return ADS_ERROR_NT(NT_STATUS_NOT_SUPPORTED);
+#endif
+ status = ads_get_sid_token(ads, mem_ctx, dn, &ad_token);
+ if (!ADS_ERR_OK(status)) {
+ return status;
+ }
+
+ ntstatus = merge_nt_token(mem_ctx, ad_token, get_system_token(),
+ token);
+ if (!NT_STATUS_IS_OK(ntstatus)) {
+ return ADS_ERROR_NT(ntstatus);
+ }
+
+ return ADS_SUCCESS;
+}
char *str = NULL; \
str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_JoinCtx, f, r); \
DEBUG(1,("libnet_Join:\n%s", str)); \
- talloc_free(str); \
+ TALLOC_FREE(str); \
} while (0)
#define LIBNET_JOIN_IN_DUMP_CTX(ctx, r) \
char *str = NULL; \
str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_UnjoinCtx, f, r); \
DEBUG(1,("libnet_Unjoin:\n%s", str)); \
- talloc_free(str); \
+ TALLOC_FREE(str); \
} while (0)
#define LIBNET_UNJOIN_IN_DUMP_CTX(ctx, r) \
if (!secrets_store_machine_password(r->in.machine_password,
r->out.netbios_domain_name,
- SEC_CHAN_WKSTA))
+ r->in.secure_channel_type))
{
DEBUG(1,("Failed to save machine password\n"));
return false;
ctx->in.machine_name = talloc_strdup(mem_ctx, global_myname());
W_ERROR_HAVE_NO_MEMORY(ctx->in.machine_name);
+ ctx->in.secure_channel_type = SEC_CHAN_WKSTA;
+
*r = ctx;
return WERR_OK;
const char *server_unc,
const char *share_name,
uint32_t level,
- union srvsvc_NetShareInfo info,
+ union srvsvc_NetShareInfo *info,
uint32_t *parm_error,
WERROR *werror)
{
TALLOC_CTX *mem_ctx,
const char *server_unc,
uint32_t level,
- union srvsvc_NetSrvInfo info,
+ union srvsvc_NetSrvInfo *info,
uint32_t *parm_error,
WERROR *werror)
{
NTSTATUS rpccli_srvsvc_NetRemoteTOD(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *server_unc,
- struct srvsvc_NetRemoteTODInfo *info,
+ struct srvsvc_NetRemoteTODInfo **info,
WERROR *werror)
{
struct srvsvc_NetRemoteTOD r;
}
/* Return variables */
- if (info && r.out.info) {
- *info = *r.out.info;
- }
+ *info = *r.out.info;
/* Return result */
if (werror) {
const char *server_unc,
const char *share_name,
uint32_t level,
- union srvsvc_NetShareInfo info,
+ union srvsvc_NetShareInfo *info,
uint32_t *parm_error,
WERROR *werror);
NTSTATUS rpccli_srvsvc_NetShareDel(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *server_unc,
uint32_t level,
- union srvsvc_NetSrvInfo info,
+ union srvsvc_NetSrvInfo *info,
uint32_t *parm_error,
WERROR *werror);
NTSTATUS rpccli_srvsvc_NetDiskEnum(struct rpc_pipe_client *cli,
NTSTATUS rpccli_srvsvc_NetRemoteTOD(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *server_unc,
- struct srvsvc_NetRemoteTODInfo *info,
+ struct srvsvc_NetRemoteTODInfo **info,
WERROR *werror);
NTSTATUS rpccli_srvsvc_NetSetServiceBits(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
#ifndef _HEADER_libnetjoin
#define _HEADER_libnetjoin
+enum netr_SchannelType;
+
struct libnet_JoinCtx {
struct {
uint8_t modify_config;
struct ads_struct *ads;/* [ref] */
uint8_t debug;
+ enum netr_SchannelType secure_channel_type;
} in;
struct {
ndr_print_ads_struct(ndr, "ads", r->in.ads);
ndr->depth--;
ndr_print_uint8(ndr, "debug", r->in.debug);
+ ndr_print_netr_SchannelType(ndr, "secure_channel_type", r->in.secure_channel_type);
ndr->depth--;
}
if (flags & NDR_OUT) {
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.share_name, CH_UTF16)));
NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.share_name, ndr_charset_length(r->in.share_name, CH_UTF16), sizeof(uint16_t), CH_UTF16));
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->in.level));
- NDR_CHECK(ndr_push_set_switch_value(ndr, &r->in.info, r->in.level));
- NDR_CHECK(ndr_push_srvsvc_NetShareInfo(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.info));
+ if (r->in.info == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_set_switch_value(ndr, r->in.info, r->in.level));
+ NDR_CHECK(ndr_push_srvsvc_NetShareInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info));
NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.parm_error));
if (r->in.parm_error) {
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, *r->in.parm_error));
uint32_t _ptr_server_unc;
uint32_t _ptr_parm_error;
TALLOC_CTX *_mem_save_server_unc_0;
+ TALLOC_CTX *_mem_save_info_0;
TALLOC_CTX *_mem_save_parm_error_0;
if (flags & NDR_IN) {
ZERO_STRUCT(r->out);
NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t)));
NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t), CH_UTF16));
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level));
- NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->in.info, r->in.level));
- NDR_CHECK(ndr_pull_srvsvc_NetShareInfo(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.info));
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->in.info);
+ }
+ _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.info, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_set_switch_value(ndr, r->in.info, r->in.level));
+ NDR_CHECK(ndr_pull_srvsvc_NetShareInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, LIBNDR_FLAG_REF_ALLOC);
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_parm_error));
if (_ptr_parm_error) {
NDR_PULL_ALLOC(ndr, r->in.parm_error);
ndr->depth--;
ndr_print_string(ndr, "share_name", r->in.share_name);
ndr_print_uint32(ndr, "level", r->in.level);
- ndr_print_set_switch_value(ndr, &r->in.info, r->in.level);
- ndr_print_srvsvc_NetShareInfo(ndr, "info", &r->in.info);
+ ndr_print_ptr(ndr, "info", r->in.info);
+ ndr->depth++;
+ ndr_print_set_switch_value(ndr, r->in.info, r->in.level);
+ ndr_print_srvsvc_NetShareInfo(ndr, "info", r->in.info);
+ ndr->depth--;
ndr_print_ptr(ndr, "parm_error", r->in.parm_error);
ndr->depth++;
if (r->in.parm_error) {
NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.server_unc, ndr_charset_length(r->in.server_unc, CH_UTF16), sizeof(uint16_t), CH_UTF16));
}
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->in.level));
- NDR_CHECK(ndr_push_set_switch_value(ndr, &r->in.info, r->in.level));
- NDR_CHECK(ndr_push_srvsvc_NetSrvInfo(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.info));
+ if (r->in.info == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_set_switch_value(ndr, r->in.info, r->in.level));
+ NDR_CHECK(ndr_push_srvsvc_NetSrvInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info));
NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.parm_error));
if (r->in.parm_error) {
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, *r->in.parm_error));
uint32_t _ptr_server_unc;
uint32_t _ptr_parm_error;
TALLOC_CTX *_mem_save_server_unc_0;
+ TALLOC_CTX *_mem_save_info_0;
TALLOC_CTX *_mem_save_parm_error_0;
if (flags & NDR_IN) {
ZERO_STRUCT(r->out);
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0);
}
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level));
- NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->in.info, r->in.level));
- NDR_CHECK(ndr_pull_srvsvc_NetSrvInfo(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.info));
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->in.info);
+ }
+ _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.info, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_set_switch_value(ndr, r->in.info, r->in.level));
+ NDR_CHECK(ndr_pull_srvsvc_NetSrvInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, LIBNDR_FLAG_REF_ALLOC);
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_parm_error));
if (_ptr_parm_error) {
NDR_PULL_ALLOC(ndr, r->in.parm_error);
}
ndr->depth--;
ndr_print_uint32(ndr, "level", r->in.level);
- ndr_print_set_switch_value(ndr, &r->in.info, r->in.level);
- ndr_print_srvsvc_NetSrvInfo(ndr, "info", &r->in.info);
+ ndr_print_ptr(ndr, "info", r->in.info);
+ ndr->depth++;
+ ndr_print_set_switch_value(ndr, r->in.info, r->in.level);
+ ndr_print_srvsvc_NetSrvInfo(ndr, "info", r->in.info);
+ ndr->depth--;
ndr_print_ptr(ndr, "parm_error", r->in.parm_error);
ndr->depth++;
if (r->in.parm_error) {
}
}
if (flags & NDR_OUT) {
- NDR_CHECK(ndr_push_unique_ptr(ndr, r->out.info));
- if (r->out.info) {
- NDR_CHECK(ndr_push_srvsvc_NetRemoteTODInfo(ndr, NDR_SCALARS, r->out.info));
+ if (r->out.info == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_unique_ptr(ndr, *r->out.info));
+ if (*r->out.info) {
+ NDR_CHECK(ndr_push_srvsvc_NetRemoteTODInfo(ndr, NDR_SCALARS, *r->out.info));
}
NDR_CHECK(ndr_push_WERROR(ndr, NDR_SCALARS, r->out.result));
}
uint32_t _ptr_info;
TALLOC_CTX *_mem_save_server_unc_0;
TALLOC_CTX *_mem_save_info_0;
+ TALLOC_CTX *_mem_save_info_1;
if (flags & NDR_IN) {
ZERO_STRUCT(r->out);
NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0);
}
+ NDR_PULL_ALLOC(ndr, r->out.info);
+ ZERO_STRUCTP(r->out.info);
}
if (flags & NDR_OUT) {
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->out.info);
+ }
+ _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->out.info, LIBNDR_FLAG_REF_ALLOC);
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info));
if (_ptr_info) {
- NDR_PULL_ALLOC(ndr, r->out.info);
+ NDR_PULL_ALLOC(ndr, *r->out.info);
} else {
- r->out.info = NULL;
+ *r->out.info = NULL;
}
- if (r->out.info) {
- _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr);
- NDR_PULL_SET_MEM_CTX(ndr, r->out.info, 0);
- NDR_CHECK(ndr_pull_srvsvc_NetRemoteTODInfo(ndr, NDR_SCALARS, r->out.info));
- NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, 0);
+ if (*r->out.info) {
+ _mem_save_info_1 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, *r->out.info, 0);
+ NDR_CHECK(ndr_pull_srvsvc_NetRemoteTODInfo(ndr, NDR_SCALARS, *r->out.info));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_1, 0);
}
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, LIBNDR_FLAG_REF_ALLOC);
NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result));
}
return NDR_ERR_SUCCESS;
ndr->depth++;
ndr_print_ptr(ndr, "info", r->out.info);
ndr->depth++;
- if (r->out.info) {
- ndr_print_srvsvc_NetRemoteTODInfo(ndr, "info", r->out.info);
+ ndr_print_ptr(ndr, "info", *r->out.info);
+ ndr->depth++;
+ if (*r->out.info) {
+ ndr_print_srvsvc_NetRemoteTODInfo(ndr, "info", *r->out.info);
}
ndr->depth--;
+ ndr->depth--;
ndr_print_WERROR(ndr, "result", r->out.result);
ndr->depth--;
}
}
ZERO_STRUCT(r->out);
- r->out.info = talloc_zero(r, struct srvsvc_NetRemoteTODInfo);
+ r->out.info = talloc_zero(r, struct srvsvc_NetRemoteTODInfo *);
if (r->out.info == NULL) {
talloc_free(r);
return false;
const char *server_unc;/* [unique,charset(UTF16)] */
const char *share_name;/* [charset(UTF16)] */
uint32_t level;
- union srvsvc_NetShareInfo info;/* [switch_is(level)] */
+ union srvsvc_NetShareInfo *info;/* [ref,switch_is(level)] */
uint32_t *parm_error;/* [unique] */
} in;
struct {
const char *server_unc;/* [unique,charset(UTF16)] */
uint32_t level;
- union srvsvc_NetSrvInfo info;/* [switch_is(level)] */
+ union srvsvc_NetSrvInfo *info;/* [ref,switch_is(level)] */
uint32_t *parm_error;/* [unique] */
} in;
} in;
struct {
- struct srvsvc_NetRemoteTODInfo *info;/* [unique] */
+ struct srvsvc_NetRemoteTODInfo **info;/* [ref] */
WERROR result;
} out;
interface libnetjoin
{
typedef bitmap wkssvc_joinflags wkssvc_joinflags;
+ typedef enum netr_SchannelType netr_SchannelType;
[nopush,nopull,noopnum] WERROR libnet_JoinCtx(
[in] string dc_name,
[in] boolean8 modify_config,
[in] ads_struct *ads,
[in] boolean8 debug,
+ [in] netr_SchannelType secure_channel_type,
[out] string account_name,
[out] string netbios_domain_name,
[out] string dns_domain_name,
[in,unique] [string,charset(UTF16)] uint16 *server_unc,
[in] [string,charset(UTF16)] uint16 share_name[],
[in] uint32 level,
- [in,switch_is(level)] srvsvc_NetShareInfo info,
+ [in,ref,switch_is(level)] srvsvc_NetShareInfo *info,
[in,out,unique] uint32 *parm_error
);
WERROR srvsvc_NetSrvSetInfo(
[in,unique] [string,charset(UTF16)] uint16 *server_unc,
[in] uint32 level,
- [in,switch_is(level)] srvsvc_NetSrvInfo info,
+ [in,ref,switch_is(level)] srvsvc_NetSrvInfo *info,
[in,out,unique] uint32 *parm_error
);
/* Function: 0x1c */
WERROR srvsvc_NetRemoteTOD(
[in,unique] [string,charset(UTF16)] uint16 *server_unc,
- [out,unique] srvsvc_NetRemoteTODInfo *info
+ [out,ref] srvsvc_NetRemoteTODInfo **info
);
/**************************/
split_dfs_path(ctx, refs[0].dfspath, pp_newserver,
pp_newshare, &newextrapath );
- if (!pp_newserver || !pp_newshare) {
+ if ((*pp_newserver == NULL) || (*pp_newshare == NULL)) {
return false;
}
******************************************************************/
void standard_fail_register( struct subnet_record *subrec,
- struct response_record *rrec,
struct nmb_name *nmbname )
{
struct name_record *namerec;
if( rrec->success_fn)
(*(register_name_success_function)rrec->success_fn)(subrec, rrec->userdata, answer_name, nb_flags, ttl, register_ip);
} else {
+ struct nmb_name qname = *question_name;
if( rrec->fail_fn)
(*(register_name_fail_function)rrec->fail_fn)(subrec, rrec, question_name);
/* Remove the name. */
- standard_fail_register( subrec, rrec, question_name);
+ standard_fail_register( subrec, &qname);
}
/* Ensure we don't retry. */
if( rrec->success_fn)
(*(register_name_success_function)rrec->success_fn)(subrec, rrec->userdata, question_name, nb_flags, ttl, registered_ip);
} else {
+ struct nmb_name qname = *question_name;
if( rrec->fail_fn)
(*(register_name_fail_function)rrec->fail_fn)(subrec, rrec, question_name);
/* Remove the name. */
- standard_fail_register( subrec, rrec, question_name);
+ standard_fail_register( subrec, &qname);
}
/* Ensure we don't retry. */
}
if (address[0].ss.ss_family != AF_INET) {
free(address);
+ free(ret);
return NULL;
}
*ret = ((struct sockaddr_in *)&address[0].ss)->sin_addr;
filter = talloc_asprintf(talloc_tos(), "(&%s%s)", "(uid=%u)",
get_objclass_filter(ldap_state->schema_ver));
if (!filter) {
+ SAFE_FREE(escape_user);
return LDAP_NO_MEMORY;
}
/*
filter = talloc_all_string_sub(talloc_tos(),
filter, "%u", escape_user);
+ SAFE_FREE(escape_user);
if (!filter) {
return LDAP_NO_MEMORY;
}
- SAFE_FREE(escape_user);
ret = smbldap_search_suffix(ldap_state->smbldap_state,
filter, attr, result);
#include "includes.h"
-WERROR rpccli_srvsvc_net_srv_get_info(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- uint32 switch_value, SRV_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SRV_Q_NET_SRV_GET_INFO q;
- SRV_R_NET_SRV_GET_INFO r;
- WERROR result = W_ERROR(ERRgeneral);
- fstring server;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
- strupper_m(server);
-
- init_srv_q_net_srv_get_info(&q, server, switch_value);
- r.ctr = ctr;
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SRV_GET_INFO,
- q, r,
- qbuf, rbuf,
- srv_io_q_net_srv_get_info,
- srv_io_r_net_srv_get_info,
- WERR_GENERAL_FAILURE);
-
- result = r.status;
- return result;
-}
-
WERROR rpccli_srvsvc_net_share_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
uint32 info_level, SRV_SHARE_INFO_CTR *ctr,
int preferred_len, ENUM_HND *hnd)
return result;
}
-WERROR rpccli_srvsvc_net_remote_tod(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- char *server, TIME_OF_DAY_INFO *tod)
-{
- prs_struct qbuf, rbuf;
- SRV_Q_NET_REMOTE_TOD q;
- SRV_R_NET_REMOTE_TOD r;
- WERROR result = W_ERROR(ERRgeneral);
- fstring server_slash;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(server_slash, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
- strupper_m(server_slash);
-
- init_srv_q_net_remote_tod(&q, server_slash);
- r.tod = tod;
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_REMOTE_TOD,
- q, r,
- qbuf, rbuf,
- srv_io_q_net_remote_tod,
- srv_io_r_net_remote_tod,
- WERR_GENERAL_FAILURE);
-
- result = r.status;
- return result;
-}
-
WERROR rpccli_srvsvc_net_file_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
uint32 file_level, const char *user_name,
SRV_FILE_INFO_CTR *ctr, int preferred_len,
--- /dev/null
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (C) Guenther Deschner 2008.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+/*******************************************************************
+ inits a srvsvc_NetSrvInfo102 structure
+********************************************************************/
+
+void init_srvsvc_NetSrvInfo102(struct srvsvc_NetSrvInfo102 *r,
+ enum srvsvc_PlatformId platform_id,
+ const char *server_name,
+ uint32_t version_major,
+ uint32_t version_minor,
+ uint32_t server_type,
+ const char *comment,
+ uint32_t users,
+ uint32_t disc,
+ uint32_t hidden,
+ uint32_t announce,
+ uint32_t anndelta,
+ uint32_t licenses,
+ const char *userpath)
+{
+ r->platform_id = platform_id;
+ r->server_name = server_name;
+ r->version_major = version_major;
+ r->version_minor = version_minor;
+ r->server_type = server_type;
+ r->comment = comment;
+ r->users = users;
+ r->disc = disc;
+ r->hidden = hidden;
+ r->announce = announce;
+ r->anndelta = anndelta;
+ r->licenses = licenses;
+ r->userpath = userpath;
+}
+
+/*******************************************************************
+ inits a srvsvc_NetSrvInfo101 structure
+********************************************************************/
+
+void init_srvsvc_NetSrvInfo101(struct srvsvc_NetSrvInfo101 *r,
+ enum srvsvc_PlatformId platform_id,
+ const char *server_name,
+ uint32_t version_major,
+ uint32_t version_minor,
+ uint32_t server_type,
+ const char *comment)
+{
+ r->platform_id = platform_id;
+ r->server_name = server_name;
+ r->version_major = version_major;
+ r->version_minor = version_minor;
+ r->server_type = server_type;
+ r->comment = comment;
+}
+
+/*******************************************************************
+ inits a srvsvc_NetSrvInfo100 structure
+********************************************************************/
+
+void init_srvsvc_NetSrvInfo100(struct srvsvc_NetSrvInfo100 *r,
+ enum srvsvc_PlatformId platform_id,
+ const char *server_name)
+{
+ r->platform_id = platform_id;
+ r->server_name = server_name;
+}
+
+/*******************************************************************
+ inits a srvsvc_NetRemoteTODInfo structure
+ ********************************************************************/
+
+void init_srvsvc_NetRemoteTODInfo(struct srvsvc_NetRemoteTODInfo *r,
+ uint32_t elapsed,
+ uint32_t msecs,
+ uint32_t hours,
+ uint32_t mins,
+ uint32_t secs,
+ uint32_t hunds,
+ int32_t ttimezone,
+ uint32_t tinterval,
+ uint32_t day,
+ uint32_t month,
+ uint32_t year,
+ uint32_t weekday)
+{
+ r->elapsed = elapsed;
+ r->msecs = msecs;
+ r->hours = hours;
+ r->mins = mins;
+ r->secs = secs;
+ r->hunds = hunds;
+ r->timezone = ttimezone;
+ r->tinterval = tinterval;
+ r->day = day;
+ r->month = month;
+ r->year = year;
+ r->weekday = weekday;
+}
+
return True;
}
-/*******************************************************************
- Inits a SRV_INFO_100 structure.
- ********************************************************************/
-
-void init_srv_info_100(SRV_INFO_100 *sv100, uint32 platform_id, const char *name)
-{
- DEBUG(5,("init_srv_info_100\n"));
-
- sv100->platform_id = platform_id;
- init_buf_unistr2(&sv100->uni_name, &sv100->ptr_name, name);
-}
-
-/*******************************************************************
- Reads or writes a SRV_INFO_101 structure.
- ********************************************************************/
-
-static bool srv_io_info_100(const char *desc, SRV_INFO_100 *sv100, prs_struct *ps, int depth)
-{
- if (sv100 == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_info_100");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("platform_id ", ps, depth, &sv100->platform_id))
- return False;
- if(!prs_uint32("ptr_name ", ps, depth, &sv100->ptr_name))
- return False;
-
- if(!smb_io_unistr2("uni_name ", &sv100->uni_name, True, ps, depth))
- return False;
-
- return True;
-}
-
-
-/*******************************************************************
- Inits a SRV_INFO_101 structure.
- ********************************************************************/
-
-void init_srv_info_101(SRV_INFO_101 *sv101, uint32 platform_id, const char *name,
- uint32 ver_major, uint32 ver_minor,
- uint32 srv_type, const char *comment)
-{
- DEBUG(5,("init_srv_info_101\n"));
-
- sv101->platform_id = platform_id;
- init_buf_unistr2(&sv101->uni_name, &sv101->ptr_name, name);
- sv101->ver_major = ver_major;
- sv101->ver_minor = ver_minor;
- sv101->srv_type = srv_type;
- init_buf_unistr2(&sv101->uni_comment, &sv101->ptr_comment, comment);
-}
-
-/*******************************************************************
- Reads or writes a SRV_INFO_101 structure.
- ********************************************************************/
-
-static bool srv_io_info_101(const char *desc, SRV_INFO_101 *sv101, prs_struct *ps, int depth)
-{
- if (sv101 == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_info_101");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("platform_id ", ps, depth, &sv101->platform_id))
- return False;
- if(!prs_uint32("ptr_name ", ps, depth, &sv101->ptr_name))
- return False;
- if(!prs_uint32("ver_major ", ps, depth, &sv101->ver_major))
- return False;
- if(!prs_uint32("ver_minor ", ps, depth, &sv101->ver_minor))
- return False;
- if(!prs_uint32("srv_type ", ps, depth, &sv101->srv_type))
- return False;
- if(!prs_uint32("ptr_comment ", ps, depth, &sv101->ptr_comment))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!smb_io_unistr2("uni_name ", &sv101->uni_name, True, ps, depth))
- return False;
- if(!smb_io_unistr2("uni_comment ", &sv101->uni_comment, True, ps, depth))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Inits a SRV_INFO_102 structure.
- ********************************************************************/
-
-void init_srv_info_102(SRV_INFO_102 *sv102, uint32 platform_id, const char *name,
- const char *comment, uint32 ver_major, uint32 ver_minor,
- uint32 srv_type, uint32 users, uint32 disc, uint32 hidden,
- uint32 announce, uint32 ann_delta, uint32 licenses,
- const char *usr_path)
-{
- DEBUG(5,("init_srv_info_102\n"));
-
- sv102->platform_id = platform_id;
- init_buf_unistr2(&sv102->uni_name, &sv102->ptr_name, name);
- sv102->ver_major = ver_major;
- sv102->ver_minor = ver_minor;
- sv102->srv_type = srv_type;
- init_buf_unistr2(&sv102->uni_comment, &sv102->ptr_comment, comment);
-
- /* same as 101 up to here */
-
- sv102->users = users;
- sv102->disc = disc;
- sv102->hidden = hidden;
- sv102->announce = announce;
- sv102->ann_delta = ann_delta;
- sv102->licenses = licenses;
- init_buf_unistr2(&sv102->uni_usr_path, &sv102->ptr_usr_path, usr_path);
-}
-
-
-/*******************************************************************
- Reads or writes a SRV_INFO_102 structure.
- ********************************************************************/
-
-static bool srv_io_info_102(const char *desc, SRV_INFO_102 *sv102, prs_struct *ps, int depth)
-{
- if (sv102 == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_info102");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("platform_id ", ps, depth, &sv102->platform_id))
- return False;
- if(!prs_uint32("ptr_name ", ps, depth, &sv102->ptr_name))
- return False;
- if(!prs_uint32("ver_major ", ps, depth, &sv102->ver_major))
- return False;
- if(!prs_uint32("ver_minor ", ps, depth, &sv102->ver_minor))
- return False;
- if(!prs_uint32("srv_type ", ps, depth, &sv102->srv_type))
- return False;
- if(!prs_uint32("ptr_comment ", ps, depth, &sv102->ptr_comment))
- return False;
-
- /* same as 101 up to here */
-
- if(!prs_uint32("users ", ps, depth, &sv102->users))
- return False;
- if(!prs_uint32("disc ", ps, depth, &sv102->disc))
- return False;
- if(!prs_uint32("hidden ", ps, depth, &sv102->hidden))
- return False;
- if(!prs_uint32("announce ", ps, depth, &sv102->announce))
- return False;
- if(!prs_uint32("ann_delta ", ps, depth, &sv102->ann_delta))
- return False;
- if(!prs_uint32("licenses ", ps, depth, &sv102->licenses))
- return False;
- if(!prs_uint32("ptr_usr_path", ps, depth, &sv102->ptr_usr_path))
- return False;
-
- if(!smb_io_unistr2("uni_name ", &sv102->uni_name, True, ps, depth))
- return False;
- if(!prs_align(ps))
- return False;
- if(!smb_io_unistr2("uni_comment ", &sv102->uni_comment, True, ps, depth))
- return False;
- if(!prs_align(ps))
- return False;
- if(!smb_io_unistr2("uni_usr_path", &sv102->uni_usr_path, True, ps, depth))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a SRV_INFO_102 structure.
- ********************************************************************/
-
-static bool srv_io_info_ctr(const char *desc, SRV_INFO_CTR *ctr, prs_struct *ps, int depth)
-{
- if (ctr == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_info_ctr");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("switch_value", ps, depth, &ctr->switch_value))
- return False;
- if(!prs_uint32("ptr_srv_ctr ", ps, depth, &ctr->ptr_srv_ctr))
- return False;
-
- if (ctr->ptr_srv_ctr != 0 && ctr->switch_value != 0 && ctr != NULL) {
- switch (ctr->switch_value) {
- case 100:
- if(!srv_io_info_100("sv100", &ctr->srv.sv100, ps, depth))
- return False;
- break;
- case 101:
- if(!srv_io_info_101("sv101", &ctr->srv.sv101, ps, depth))
- return False;
- break;
- case 102:
- if(!srv_io_info_102("sv102", &ctr->srv.sv102, ps, depth))
- return False;
- break;
- default:
- DEBUG(5,("%s no server info at switch_value %d\n",
- tab_depth(5,depth), ctr->switch_value));
- break;
- }
- if(!prs_align(ps))
- return False;
- }
-
- return True;
-}
-
-/*******************************************************************
- Inits a SRV_Q_NET_SRV_GET_INFO structure.
- ********************************************************************/
-
-void init_srv_q_net_srv_get_info(SRV_Q_NET_SRV_GET_INFO *srv,
- const char *server_name, uint32 switch_value)
-{
- DEBUG(5,("init_srv_q_net_srv_get_info\n"));
-
- init_buf_unistr2(&srv->uni_srv_name, &srv->ptr_srv_name, server_name);
-
- srv->switch_value = switch_value;
-}
-
-/*******************************************************************
- Reads or writes a structure.
-********************************************************************/
-
-bool srv_io_q_net_srv_get_info(const char *desc, SRV_Q_NET_SRV_GET_INFO *q_n, prs_struct *ps, int depth)
-{
- if (q_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_q_net_srv_get_info");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_srv_name ", ps, depth, &q_n->ptr_srv_name))
- return False;
- if(!smb_io_unistr2("", &q_n->uni_srv_name, True, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("switch_value ", ps, depth, &q_n->switch_value))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Inits a SRV_R_NET_SRV_GET_INFO structure.
- ********************************************************************/
-
-void init_srv_r_net_srv_get_info(SRV_R_NET_SRV_GET_INFO *srv,
- uint32 switch_value, SRV_INFO_CTR *ctr, WERROR status)
-{
- DEBUG(5,("init_srv_r_net_srv_get_info\n"));
-
- srv->ctr = ctr;
-
- if (W_ERROR_IS_OK(status)) {
- srv->ctr->switch_value = switch_value;
- srv->ctr->ptr_srv_ctr = 1;
- } else {
- srv->ctr->switch_value = 0;
- srv->ctr->ptr_srv_ctr = 0;
- }
-
- srv->status = status;
-}
-
-/*******************************************************************
- Inits a SRV_R_NET_SRV_SET_INFO structure.
- ********************************************************************/
-
-void init_srv_r_net_srv_set_info(SRV_R_NET_SRV_SET_INFO *srv,
- uint32 switch_value, WERROR status)
-{
- DEBUG(5,("init_srv_r_net_srv_set_info\n"));
-
- srv->switch_value = switch_value;
- srv->status = status;
-}
-
-/*******************************************************************
- Reads or writes a structure.
-********************************************************************/
-
-bool srv_io_q_net_srv_set_info(const char *desc, SRV_Q_NET_SRV_SET_INFO *q_n,
- prs_struct *ps, int depth)
-{
- prs_debug(ps, depth, desc, "srv_io_q_net_srv_set_info");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_srv_name ", ps, depth, &q_n->ptr_srv_name))
- return False;
- if(!smb_io_unistr2("", &q_n->uni_srv_name, True, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("switch_value ", ps, depth, &q_n->switch_value))
- return False;
-
- if (UNMARSHALLING(ps)) {
- q_n->ctr = PRS_ALLOC_MEM(ps, SRV_INFO_CTR, 1);
-
- if (!q_n->ctr)
- return False;
- }
-
- if(!srv_io_info_ctr("ctr", q_n->ctr, ps, depth))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a structure.
- ********************************************************************/
-
-bool srv_io_r_net_srv_get_info(const char *desc, SRV_R_NET_SRV_GET_INFO *r_n, prs_struct *ps, int depth)
-{
- if (r_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_r_net_srv_get_info");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!srv_io_info_ctr("ctr", r_n->ctr, ps, depth))
- return False;
-
- if(!prs_werror("status", ps, depth, &r_n->status))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a structure.
- ********************************************************************/
-
-bool srv_io_r_net_srv_set_info(const char *desc, SRV_R_NET_SRV_SET_INFO *r_n,
- prs_struct *ps, int depth)
-{
- prs_debug(ps, depth, desc, "srv_io_r_net_srv_set_info");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("switch value ", ps, depth, &r_n->switch_value))
- return False;
-
- if(!prs_werror("status", ps, depth, &r_n->status))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a structure.
- ********************************************************************/
-
-bool srv_io_q_net_remote_tod(const char *desc, SRV_Q_NET_REMOTE_TOD *q_n, prs_struct *ps, int depth)
-{
- if (q_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_q_net_remote_tod");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_srv_name ", ps, depth, &q_n->ptr_srv_name))
- return False;
- if(!smb_io_unistr2("", &q_n->uni_srv_name, True, ps, depth))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a TIME_OF_DAY_INFO structure.
- ********************************************************************/
-
-static bool srv_io_time_of_day_info(const char *desc, TIME_OF_DAY_INFO *tod, prs_struct *ps, int depth)
-{
- if (tod == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_time_of_day_info");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("elapsedt ", ps, depth, &tod->elapsedt))
- return False;
- if(!prs_uint32("msecs ", ps, depth, &tod->msecs))
- return False;
- if(!prs_uint32("hours ", ps, depth, &tod->hours))
- return False;
- if(!prs_uint32("mins ", ps, depth, &tod->mins))
- return False;
- if(!prs_uint32("secs ", ps, depth, &tod->secs))
- return False;
- if(!prs_uint32("hunds ", ps, depth, &tod->hunds))
- return False;
- if(!prs_uint32("timezone ", ps, depth, &tod->zone))
- return False;
- if(!prs_uint32("tintervals ", ps, depth, &tod->tintervals))
- return False;
- if(!prs_uint32("day ", ps, depth, &tod->day))
- return False;
- if(!prs_uint32("month ", ps, depth, &tod->month))
- return False;
- if(!prs_uint32("year ", ps, depth, &tod->year))
- return False;
- if(!prs_uint32("weekday ", ps, depth, &tod->weekday))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Inits a TIME_OF_DAY_INFO structure.
- ********************************************************************/
-
-void init_time_of_day_info(TIME_OF_DAY_INFO *tod, uint32 elapsedt, uint32 msecs,
- uint32 hours, uint32 mins, uint32 secs, uint32 hunds,
- uint32 zone, uint32 tintervals, uint32 day,
- uint32 month, uint32 year, uint32 weekday)
-{
- DEBUG(5,("init_time_of_day_info\n"));
-
- tod->elapsedt = elapsedt;
- tod->msecs = msecs;
- tod->hours = hours;
- tod->mins = mins;
- tod->secs = secs;
- tod->hunds = hunds;
- tod->zone = zone;
- tod->tintervals = tintervals;
- tod->day = day;
- tod->month = month;
- tod->year = year;
- tod->weekday = weekday;
-}
-
-
-/*******************************************************************
- Reads or writes a structure.
- ********************************************************************/
-
-bool srv_io_r_net_remote_tod(const char *desc, SRV_R_NET_REMOTE_TOD *r_n, prs_struct *ps, int depth)
-{
- if (r_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_r_net_remote_tod");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_srv_tod ", ps, depth, &r_n->ptr_srv_tod))
- return False;
-
- if(!srv_io_time_of_day_info("tod", r_n->tod, ps, depth))
- return False;
-
- if(!prs_werror("status", ps, depth, &r_n->status))
- return False;
-
- return True;
-}
-
/*******************************************************************
initialises a structure.
********************************************************************/
return True;
}
-
-/*******************************************************************
- Inits a structure
-********************************************************************/
-
-void init_srv_q_net_remote_tod(SRV_Q_NET_REMOTE_TOD *q_u, const char *server)
-{
- q_u->ptr_srv_name = 1;
- init_unistr2(&q_u->uni_srv_name, server, UNI_STR_TERMINATE);
-}
-
struct api_struct *fns;
int n_fns;
- lsarpc_get_pipe_fns(&fns, &n_fns);
+ srvsvc_get_pipe_fns(&fns, &n_fns);
if (opnum >= n_fns)
return False;
if (fns[opnum].opnum != opnum) {
- smb_panic("LSA function table not sorted\n");
+ smb_panic("SRVSVC function table not sorted\n");
}
return fns[opnum].fn(p);
static bool api_srv_net_srv_get_info(pipes_struct *p)
{
- SRV_Q_NET_SRV_GET_INFO q_u;
- SRV_R_NET_SRV_GET_INFO r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- /* grab the net server get info */
- if (!srv_io_q_net_srv_get_info("", &q_u, data, 0))
- return False;
-
- r_u.status = _srv_net_srv_get_info(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if (!srv_io_r_net_srv_get_info("", &r_u, rdata, 0))
- return False;
-
- return True;
+ return proxy_srvsvc_call(p, NDR_SRVSVC_NETSRVGETINFO);
}
/*******************************************************************
static bool api_srv_net_srv_set_info(pipes_struct *p)
{
- SRV_Q_NET_SRV_SET_INFO q_u;
- SRV_R_NET_SRV_SET_INFO r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- /* grab the net server set info */
- if (!srv_io_q_net_srv_set_info("", &q_u, data, 0))
- return False;
-
- r_u.status = _srv_net_srv_set_info(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if (!srv_io_r_net_srv_set_info("", &r_u, rdata, 0))
- return False;
-
- return True;
+ return proxy_srvsvc_call(p, NDR_SRVSVC_NETSRVSETINFO);
}
/*******************************************************************
static bool api_srv_net_share_set_info(pipes_struct *p)
{
- SRV_Q_NET_SHARE_SET_INFO q_u;
- SRV_R_NET_SHARE_SET_INFO r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- /* Unmarshall the net server set info. */
- if(!srv_io_q_net_share_set_info("", &q_u, data, 0)) {
- DEBUG(0,("api_srv_net_share_set_info: Failed to unmarshall SRV_Q_NET_SHARE_SET_INFO.\n"));
- return False;
- }
-
- r_u.status = _srv_net_share_set_info(p, &q_u, &r_u);
-
- if(!srv_io_r_net_share_set_info("", &r_u, rdata, 0)) {
- DEBUG(0,("api_srv_net_share_set_info: Failed to marshall SRV_R_NET_SHARE_SET_INFO.\n"));
- return False;
- }
-
- return True;
+ return proxy_srvsvc_call(p, NDR_SRVSVC_NETSHARESETINFO);
}
/*******************************************************************
static bool api_srv_net_remote_tod(pipes_struct *p)
{
- SRV_Q_NET_REMOTE_TOD q_u;
- SRV_R_NET_REMOTE_TOD r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- /* grab the net server get enum */
- if(!srv_io_q_net_remote_tod("", &q_u, data, 0))
- return False;
-
- r_u.status = _srv_net_remote_tod(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!srv_io_r_net_remote_tod("", &r_u, rdata, 0))
- return False;
-
- return True;
+ return proxy_srvsvc_call(p, NDR_SRVSVC_NETREMOTETOD);
}
/*******************************************************************
-/*
+/*
* Unix SMB/CIFS implementation.
* RPC Pipe client / server routines
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Jeremy Allison 2001.
* Copyright (C) Nigel Williams 2001.
* Copyright (C) Gerald (Jerry) Carter 2006.
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
********************************************************************/
static WERROR net_enum_pipes( TALLOC_CTX *ctx, const char *username,
- FILE_INFO_3 **info,
+ FILE_INFO_3 **info,
uint32 *count, uint32 resume )
{
struct file_enum_count fenum;
-
+
fenum.ctx = ctx;
fenum.username = username;
fenum.count = *count;
********************************************************************/
static WERROR net_enum_files( TALLOC_CTX *ctx, const char *username,
- FILE_INFO_3 **info,
+ FILE_INFO_3 **info,
uint32 *count, uint32 resume )
{
struct file_enum_count f_enum_cnt;
f_enum_cnt.username = username;
f_enum_cnt.count = *count;
f_enum_cnt.info = *info;
-
+
share_mode_forall( enum_file_fn, (void *)&f_enum_cnt );
-
+
*info = f_enum_cnt.info;
*count = f_enum_cnt.count;
-
+
return WERR_OK;
}
{
SRV_SHARE_INFO_501 *info501 = TALLOC_ARRAY(ctx, SRV_SHARE_INFO_501, num_entries);
int i = 0;
-
+
if (!info501) {
return False;
}
init_srv_share_info_501(p, &info501[i++], snum);
}
}
-
+
ctr->share.info501 = info501;
break;
}
}
/* here for completeness but not currently used with enum (1004 - 1501)*/
-
+
case 1004:
{
SRV_SHARE_INFO_1004 *info1004 = TALLOC_ARRAY(ctx, SRV_SHARE_INFO_1004, num_entries);
********************************************************************/
static void init_srv_r_net_share_enum(pipes_struct *p, SRV_R_NET_SHARE_ENUM *r_n,
- uint32 info_level, uint32 resume_hnd, bool all)
+ uint32 info_level, uint32 resume_hnd, bool all)
{
DEBUG(5,("init_srv_r_net_share_enum: %d\n", __LINE__));
ss0->num_entries_read = num_entries;
ss0->ptr_sess_info = num_entries > 0 ? 1 : 0;
ss0->num_entries_read2 = num_entries;
-
+
if ((*snum) >= (*stot)) {
(*snum) = 0;
}
/*******************************************************************
********************************************************************/
-static void sess_file_fn( const struct share_mode_entry *e,
+static void sess_file_fn( const struct share_mode_entry *e,
const char *sharepath, const char *fname,
void *data )
{
struct sess_file_count *sess = (struct sess_file_count *)data;
-
+
if ( procid_equal(&e->pid, &sess->pid) && (sess->uid == e->uid) ) {
sess->count++;
}
-
+
return;
}
s_file_cnt.count = 0;
s_file_cnt.uid = uid;
s_file_cnt.pid = pid;
-
+
share_mode_forall( sess_file_fn, &s_file_cnt );
-
+
return s_file_cnt.count;
}
ss1->num_entries_read = 0;
ss1->ptr_sess_info = 0;
ss1->num_entries_read2 = 0;
-
+
(*stot) = 0;
return;
}
-
+
if (ss1 == NULL) {
(*snum) = 0;
return;
}
(*stot) = list_sessions(p->mem_ctx, &session_list);
-
+
for (; (*snum) < (*stot) && num_entries < MAX_SESS_ENTRIES; (*snum)++) {
uint32 num_files;
uint32 connect_time;
struct passwd *pw = sys_getpwnam(session_list[*snum].username);
bool guest;
-
+
if ( !pw ) {
DEBUG(10,("init_srv_sess_info_1: failed to find owner: %s\n",
session_list[*snum].username));
continue;
}
-
+
connect_time = (uint32)(now - session_list[*snum].connect_start);
num_files = net_count_files(pw->pw_uid, session_list[*snum].pid);
guest = strequal( session_list[*snum].username, lp_guestaccount() );
-
- init_srv_sess_info1( &ss1->info_1[num_entries],
+
+ init_srv_sess_info1( &ss1->info_1[num_entries],
session_list[*snum].remote_machine,
- session_list[*snum].username,
+ session_list[*snum].username,
num_files,
connect_time,
- 0,
+ 0,
guest);
num_entries++;
}
ss1->num_entries_read = num_entries;
ss1->ptr_sess_info = num_entries > 0 ? 1 : 0;
ss1->num_entries_read2 = num_entries;
-
+
if ((*snum) >= (*stot)) {
(*snum) = 0;
}
********************************************************************/
static void init_srv_r_net_sess_enum(pipes_struct *p, SRV_R_NET_SESS_ENUM *r_n,
- uint32 resume_hnd, int sess_level, int switch_value)
+ uint32 resume_hnd, int sess_level, int switch_value)
{
DEBUG(5,("init_srv_r_net_sess_enum: %d\n", __LINE__));
ss0->num_entries_read = num_entries;
ss0->ptr_conn_info = num_entries > 0 ? 1 : 0;
ss0->num_entries_read2 = num_entries;
-
+
if ((*snum) >= (*stot)) {
(*snum) = 0;
}
ss1->num_entries_read = num_entries;
ss1->ptr_conn_info = num_entries > 0 ? 1 : 0;
ss1->num_entries_read2 = num_entries;
-
+
if ((*snum) >= (*stot)) {
(*snum) = 0;
ss1->num_entries_read = 0;
ss1->ptr_conn_info = 0;
ss1->num_entries_read2 = 0;
-
+
(*stot) = 0;
}
}
********************************************************************/
static void init_srv_r_net_conn_enum(SRV_R_NET_CONN_ENUM *r_n,
- uint32 resume_hnd, int conn_level, int switch_value)
+ uint32 resume_hnd, int conn_level, int switch_value)
{
DEBUG(5,("init_srv_r_net_conn_enum: %d\n", __LINE__));
TALLOC_CTX *ctx = talloc_tos();
SRV_FILE_INFO_CTR *ctr = &r->ctr;
- /* TODO -- Windows enumerates
+ /* TODO -- Windows enumerates
(b) active pipes
(c) open directories and files */
&ctr->num_entries, resume_hnd );
if ( !W_ERROR_IS_OK(r->status))
goto done;
-
+
r->status = net_enum_pipes( ctx, username, &ctr->file.info3,
&ctr->num_entries, resume_hnd );
if ( !W_ERROR_IS_OK(r->status))
goto done;
-
+
r->level = ctr->level = 3;
r->total_entries = ctr->num_entries;
/* ctr->num_entries = r->total_entries - resume_hnd; */
r->status = WERR_OK;
done:
- if ( ctr->num_entries > 0 )
+ if ( ctr->num_entries > 0 )
ctr->ptr_entries = 1;
init_enum_hnd(&r->enum_hnd, 0);
default:
return WERR_UNKNOWN_LEVEL;
}
-
+
return WERR_OK;
}
/*******************************************************************
-net server get info
+ _srvsvc_NetSrvGetInfo
********************************************************************/
-WERROR _srv_net_srv_get_info(pipes_struct *p, SRV_Q_NET_SRV_GET_INFO *q_u, SRV_R_NET_SRV_GET_INFO *r_u)
+WERROR _srvsvc_NetSrvGetInfo(pipes_struct *p,
+ struct srvsvc_NetSrvGetInfo *r)
{
WERROR status = WERR_OK;
- SRV_INFO_CTR *ctr = TALLOC_P(p->mem_ctx, SRV_INFO_CTR);
- if (!ctr)
- return WERR_NOMEM;
-
- ZERO_STRUCTP(ctr);
-
- DEBUG(5,("srv_net_srv_get_info: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetSrvGetInfo: %d\n", __LINE__));
if (!pipe_access_check(p)) {
- DEBUG(3, ("access denied to srv_net_srv_get_info\n"));
+ DEBUG(3, ("access denied to _srvsvc_NetSrvGetInfo\n"));
return WERR_ACCESS_DENIED;
}
- switch (q_u->switch_value) {
+ switch (r->in.level) {
/* Technically level 102 should only be available to
Administrators but there isn't anything super-secret
here, as most of it is made up. */
- case 102:
- init_srv_info_102(&ctr->srv.sv102,
- 500, global_myname(),
- string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH),
- lp_major_announce_version(), lp_minor_announce_version(),
- lp_default_server_announce(),
- 0xffffffff, /* users */
- 0xf, /* disc */
- 0, /* hidden */
- 240, /* announce */
- 3000, /* announce delta */
- 100000, /* licenses */
- "c:\\"); /* user path */
+ case 102: {
+ struct srvsvc_NetSrvInfo102 *info102;
+
+ info102 = TALLOC_P(p->mem_ctx, struct srvsvc_NetSrvInfo102);
+ if (!info102) {
+ return WERR_NOMEM;
+ }
+
+ init_srvsvc_NetSrvInfo102(info102,
+ PLATFORM_ID_NT,
+ global_myname(),
+ lp_major_announce_version(),
+ lp_minor_announce_version(),
+ lp_default_server_announce(),
+ string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH),
+ 0xffffffff, /* users */
+ 0xf, /* disc */
+ 0, /* hidden */
+ 240, /* announce */
+ 3000, /* announce delta */
+ 100000, /* licenses */
+ "c:\\"); /* user path */
+ r->out.info->info102 = info102;
break;
- case 101:
- init_srv_info_101(&ctr->srv.sv101,
- 500, global_myname(),
- lp_major_announce_version(), lp_minor_announce_version(),
- lp_default_server_announce(),
- string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH));
+ }
+ case 101: {
+ struct srvsvc_NetSrvInfo101 *info101;
+
+ info101 = TALLOC_P(p->mem_ctx, struct srvsvc_NetSrvInfo101);
+ if (!info101) {
+ return WERR_NOMEM;
+ }
+
+ init_srvsvc_NetSrvInfo101(info101,
+ PLATFORM_ID_NT,
+ global_myname(),
+ lp_major_announce_version(),
+ lp_minor_announce_version(),
+ lp_default_server_announce(),
+ string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH));
+ r->out.info->info101 = info101;
break;
- case 100:
- init_srv_info_100(&ctr->srv.sv100, 500, global_myname());
+ }
+ case 100: {
+ struct srvsvc_NetSrvInfo100 *info100;
+
+ info100 = TALLOC_P(p->mem_ctx, struct srvsvc_NetSrvInfo100);
+ if (!info100) {
+ return WERR_NOMEM;
+ }
+
+ init_srvsvc_NetSrvInfo100(info100,
+ PLATFORM_ID_NT,
+ global_myname());
+ r->out.info->info100 = info100;
+
break;
+ }
default:
status = WERR_UNKNOWN_LEVEL;
break;
}
- /* set up the net server get info structure */
- init_srv_r_net_srv_get_info(r_u, q_u->switch_value, ctr, status);
-
- DEBUG(5,("srv_net_srv_get_info: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetSrvGetInfo: %d\n", __LINE__));
- return r_u->status;
+ return status;
}
/*******************************************************************
-net server set info
+ _srvsvc_NetSrvSetInfo
********************************************************************/
-WERROR _srv_net_srv_set_info(pipes_struct *p, SRV_Q_NET_SRV_SET_INFO *q_u, SRV_R_NET_SRV_SET_INFO *r_u)
+WERROR _srvsvc_NetSrvSetInfo(pipes_struct *p,
+ struct srvsvc_NetSrvSetInfo *r)
{
WERROR status = WERR_OK;
- DEBUG(5,("srv_net_srv_set_info: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetSrvSetInfo: %d\n", __LINE__));
/* Set up the net server set info structure. */
- init_srv_r_net_srv_set_info(r_u, 0x0, status);
-
- DEBUG(5,("srv_net_srv_set_info: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetSrvSetInfo: %d\n", __LINE__));
- return r_u->status;
+ return status;
}
/*******************************************************************
/* fail out now if you are not root or not a domain admin */
- if ((user.ut.uid != sec_initial_uid()) &&
+ if ((user.ut.uid != sec_initial_uid()) &&
( ! nt_token_check_domain_rid(p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS))) {
goto done;
strequal(session_list[snum].remote_machine, machine)) {
NTSTATUS ntstat;
-
+
if (user.ut.uid != sec_initial_uid()) {
not_root = True;
become_root();
ntstat = messaging_send(smbd_messaging_context(),
session_list[snum].pid,
MSG_SHUTDOWN, &data_blob_null);
-
+
if (NT_STATUS_IS_OK(ntstat))
r_u->status = WERR_OK;
- if (not_root)
+ if (not_root)
unbecome_root();
}
}
}
/*******************************************************************
- Net share set info. Modify share details.
+ _srvsvc_NetShareSetInfo. Modify share details.
********************************************************************/
-WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, SRV_R_NET_SHARE_SET_INFO *r_u)
+WERROR _srvsvc_NetShareSetInfo(pipes_struct *p,
+ struct srvsvc_NetShareSetInfo *r)
{
struct current_user user;
char *command = NULL;
char *share_name = NULL;
char *comment = NULL;
- char *pathname = NULL;
+ const char *pathname = NULL;
int type;
int snum;
int ret;
bool is_disk_op = False;
int max_connections = 0;
TALLOC_CTX *ctx = p->mem_ctx;
+ union srvsvc_NetShareInfo *info = r->in.info;
- DEBUG(5,("_srv_net_share_set_info: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetShareSetInfo: %d\n", __LINE__));
- share_name = unistr2_to_ascii_talloc(ctx, &q_u->uni_share_name);
+ share_name = talloc_strdup(p->mem_ctx, r->in.share_name);
if (!share_name) {
- return WERR_NET_NAME_NOT_FOUND;
+ return WERR_NOMEM;
}
- r_u->parm_error = 0;
+ *r->out.parm_error = 0;
if ( strequal(share_name,"IPC$")
|| ( lp_enable_asu_support() && strequal(share_name,"ADMIN$") )
if ( user.ut.uid != sec_initial_uid() && !is_disk_op )
return WERR_ACCESS_DENIED;
- switch (q_u->info_level) {
+ switch (r->in.level) {
case 1:
pathname = talloc_strdup(ctx, lp_pathname(snum));
- comment = unistr2_to_ascii_talloc(ctx,
- &q_u->info.share.info2.info_2_str.uni_remark);
- type = q_u->info.share.info2.info_2.type;
+ comment = talloc_strdup(ctx, info->info2->comment);
+ type = info->info2->type;
psd = NULL;
break;
case 2:
- comment = unistr2_to_ascii_talloc(ctx,
- &q_u->info.share.info2.info_2_str.uni_remark);
- pathname = unistr2_to_ascii_talloc(ctx,
- &q_u->info.share.info2.info_2_str.uni_path);
- type = q_u->info.share.info2.info_2.type;
- max_connections = (q_u->info.share.info2.info_2.max_uses == 0xffffffff) ? 0 : q_u->info.share.info2.info_2.max_uses;
+ comment = talloc_strdup(ctx, info->info2->comment);
+ pathname = info->info2->path;
+ type = info->info2->type;
+ max_connections = (info->info2->max_users == 0xffffffff) ?
+ 0 : info->info2->max_users;
psd = NULL;
break;
#if 0
/* not supported on set but here for completeness */
case 501:
- unistr2_to_ascii(comment, &q_u->info.share.info501.info_501_str.uni_remark, sizeof(comment));
- type = q_u->info.share.info501.info_501.type;
+ comment = talloc_strdup(ctx, info->info501->comment);
+ type = info->info501->type;
psd = NULL;
break;
#endif
case 502:
- comment = unistr2_to_ascii_talloc(ctx,
- &q_u->info.share.info502.info_502_str.uni_remark);
- pathname = unistr2_to_ascii_talloc(ctx,
- &q_u->info.share.info502.info_502_str.uni_path);
- type = q_u->info.share.info502.info_502.type;
- psd = q_u->info.share.info502.info_502_str.sd;
+ comment = talloc_strdup(ctx, info->info502->comment);
+ pathname = info->info502->path;
+ type = info->info502->type;
+ psd = info->info502->sd;
map_generic_share_sd_bits(psd);
break;
case 1004:
pathname = talloc_strdup(ctx, lp_pathname(snum));
- comment = unistr2_to_ascii_talloc(ctx,
- &q_u->info.share.info1004.info_1004_str.uni_remark);
+ comment = talloc_strdup(ctx, info->info1004->comment);
type = STYPE_DISKTREE;
break;
case 1005:
user, so we must compare it to see if it's what is set in
smb.conf, so that we can contine other ops like setting
ACLs on a share */
- if (((q_u->info.share.info1005.share_info_flags &
+ if (((info->info1005->dfs_flags &
SHARE_1005_CSC_POLICY_MASK) >>
SHARE_1005_CSC_POLICY_SHIFT) == lp_csc_policy(snum))
return WERR_OK;
else {
- DEBUG(3, ("_srv_net_share_set_info: client is trying to change csc policy from the network; must be done with smb.conf\n"));
+ DEBUG(3, ("_srvsvc_NetShareSetInfo: client is trying to change csc policy from the network; must be done with smb.conf\n"));
return WERR_ACCESS_DENIED;
}
case 1006:
case 1501:
pathname = talloc_strdup(ctx, lp_pathname(snum));
comment = talloc_strdup(ctx, lp_comment(snum));
- psd = q_u->info.share.info1501.sdb->sd;
+ psd = info->info1501->sd;
map_generic_share_sd_bits(psd);
type = STYPE_DISKTREE;
break;
default:
- DEBUG(5,("_srv_net_share_set_info: unsupported switch value %d\n", q_u->info_level));
+ DEBUG(5,("_srvsvc_NetShareSetInfo: unsupported switch value %d\n",
+ r->in.level));
return WERR_UNKNOWN_LEVEL;
}
string_replace(comment, '"', ' ');
}
- DEBUG(10,("_srv_net_share_set_info: change share command = %s\n",
+ DEBUG(10,("_srvsvc_NetShareSetInfo: change share command = %s\n",
lp_change_share_cmd() ? lp_change_share_cmd() : "NULL" ));
/* Only call modify function if something changed. */
if (strcmp(path, lp_pathname(snum)) || strcmp(comment, lp_comment(snum))
|| (lp_max_connections(snum) != max_connections)) {
if (!lp_change_share_cmd() || !*lp_change_share_cmd()) {
- DEBUG(10,("_srv_net_share_set_info: No change share command\n"));
+ DEBUG(10,("_srvsvc_NetShareSetInfo: No change share command\n"));
return WERR_ACCESS_DENIED;
}
return WERR_NOMEM;
}
- DEBUG(10,("_srv_net_share_set_info: Running [%s]\n", command ));
+ DEBUG(10,("_srvsvc_NetShareSetInfo: Running [%s]\n", command ));
/********* BEGIN SeDiskOperatorPrivilege BLOCK *********/
/********* END SeDiskOperatorPrivilege BLOCK *********/
- DEBUG(3,("_srv_net_share_set_info: Running [%s] returned (%d)\n", command, ret ));
+ DEBUG(3,("_srvsvc_NetShareSetInfo: Running [%s] returned (%d)\n",
+ command, ret ));
TALLOC_FREE(command);
if ( ret != 0 )
return WERR_ACCESS_DENIED;
} else {
- DEBUG(10,("_srv_net_share_set_info: No change to share name (%s)\n", share_name ));
+ DEBUG(10,("_srvsvc_NetShareSetInfo: No change to share name (%s)\n",
+ share_name ));
}
/* Replace SD if changed. */
if (old_sd && !sec_desc_equal(old_sd, psd)) {
if (!set_share_security(share_name, psd))
- DEBUG(0,("_srv_net_share_set_info: Failed to change security info in share %s.\n",
+ DEBUG(0,("_srvsvc_NetShareSetInfo: Failed to change security info in share %s.\n",
share_name ));
}
}
- DEBUG(5,("_srv_net_share_set_info: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetShareSetInfo: %d\n", __LINE__));
return WERR_OK;
}
map_generic_share_sd_bits(psd);
break;
- /* none of the following contain share names. NetShareAdd does not have a separate parameter for the share name */
+ /* none of the following contain share names. NetShareAdd does not have a separate parameter for the share name */
case 1004:
case 1005:
}
/*******************************************************************
-time of day
+ _srvsvc_NetRemoteTOD
********************************************************************/
-WERROR _srv_net_remote_tod(pipes_struct *p, SRV_Q_NET_REMOTE_TOD *q_u, SRV_R_NET_REMOTE_TOD *r_u)
+WERROR _srvsvc_NetRemoteTOD(pipes_struct *p,
+ struct srvsvc_NetRemoteTOD *r)
{
- TIME_OF_DAY_INFO *tod;
+ struct srvsvc_NetRemoteTODInfo *tod;
struct tm *t;
time_t unixdate = time(NULL);
uint32 zone = get_time_zone(unixdate)/60;
- DEBUG(5,("_srv_net_remote_tod: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetRemoteTOD: %d\n", __LINE__));
- if ( !(tod = TALLOC_ZERO_P(p->mem_ctx, TIME_OF_DAY_INFO)) )
+ if ( !(tod = TALLOC_ZERO_P(p->mem_ctx, struct srvsvc_NetRemoteTODInfo)) )
return WERR_NOMEM;
- r_u->tod = tod;
- r_u->ptr_srv_tod = 0x1;
- r_u->status = WERR_OK;
+ *r->out.info = tod;
- DEBUG(5,("_srv_net_remote_tod: %d\n", __LINE__));
+ DEBUG(5,("_srvsvc_NetRemoteTOD: %d\n", __LINE__));
t = gmtime(&unixdate);
/* set up the */
- init_time_of_day_info(tod,
- unixdate,
- 0,
- t->tm_hour,
- t->tm_min,
- t->tm_sec,
- 0,
- zone,
- 10000,
- t->tm_mday,
- t->tm_mon + 1,
- 1900+t->tm_year,
- t->tm_wday);
-
- DEBUG(5,("_srv_net_remote_tod: %d\n", __LINE__));
+ init_srvsvc_NetRemoteTODInfo(tod,
+ unixdate,
+ 0,
+ t->tm_hour,
+ t->tm_min,
+ t->tm_sec,
+ 0,
+ zone,
+ 10000,
+ t->tm_mday,
+ t->tm_mon + 1,
+ 1900+t->tm_year,
+ t->tm_wday);
+
+ DEBUG(5,("_srvsvc_NetRemoteTOD: %d\n", __LINE__));
- return r_u->status;
+ return WERR_OK;
}
/***********************************************************************************
r_u->total_entries = init_server_disk_enum(&resume);
- r_u->disk_enum_ctr.unknown = 0;
+ r_u->disk_enum_ctr.unknown = 0;
if(!(r_u->disk_enum_ctr.disk_info = TALLOC_ARRAY(ctx, DISK_INFO, MAX_SERVER_DISK_ENTRIES))) {
return WERR_NOMEM;
/*copy disk name into a unicode string*/
- init_unistr3(&r_u->disk_enum_ctr.disk_info[i].disk_name, disk_name);
+ init_unistr3(&r_u->disk_enum_ctr.disk_info[i].disk_name, disk_name);
}
/* add a terminating null string. Is this there if there is more data to come? */
return WERR_NOT_SUPPORTED;
}
-WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, struct srvsvc_NetShareSetInfo *r)
-{
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
-}
-
WERROR _srvsvc_NetShareDel(pipes_struct *p, struct srvsvc_NetShareDel *r)
{
p->rng_fault_state = True;
return WERR_NOT_SUPPORTED;
}
-WERROR _srvsvc_NetSrvGetInfo(pipes_struct *p, struct srvsvc_NetSrvGetInfo *r)
-{
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
-}
-
-WERROR _srvsvc_NetSrvSetInfo(pipes_struct *p, struct srvsvc_NetSrvSetInfo *r)
-{
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
-}
-
WERROR _srvsvc_NetDiskEnum(pipes_struct *p, struct srvsvc_NetDiskEnum *r)
{
p->rng_fault_state = True;
return WERR_NOT_SUPPORTED;
}
-WERROR _srvsvc_NetRemoteTOD(pipes_struct *p, struct srvsvc_NetRemoteTOD *r)
-{
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
-}
-
WERROR _srvsvc_NetSetServiceBits(pipes_struct *p, struct srvsvc_NetSetServiceBits *r)
{
p->rng_fault_state = True;
/* pull the message string and perform necessary sanity checks on it */
- chkmsg[0] = '\0';
-
if ( r->in.message && r->in.message->name && r->in.message->name->name ) {
if ( (msg = talloc_strdup(p->mem_ctx, r->in.message->name->name )) == NULL ) {
return WERR_NOMEM;
return typestr;
}
-static void display_server(char *sname, uint32 type, const char *comment)
+static void display_server(const char *sname, uint32 type, const char *comment)
{
printf("\t%-15.15s%-20s %s\n", sname, get_server_type_str(type),
comment);
}
-static void display_srv_info_101(SRV_INFO_101 *sv101)
+static void display_srv_info_101(struct srvsvc_NetSrvInfo101 *r)
{
- fstring name;
- fstring comment;
+ display_server(r->server_name, r->server_type, r->comment);
- unistr2_to_ascii(name, &sv101->uni_name, sizeof(name));
- unistr2_to_ascii(comment, &sv101->uni_comment, sizeof(comment));
-
- display_server(name, sv101->srv_type, comment);
-
- printf("\tplatform_id :\t%d\n", sv101->platform_id);
- printf("\tos version :\t%d.%d\n", sv101->ver_major,
- sv101->ver_minor);
-
- printf("\tserver type :\t0x%x\n", sv101->srv_type);
+ printf("\tplatform_id :\t%d\n", r->platform_id);
+ printf("\tos version :\t%d.%d\n",
+ r->version_major, r->version_minor);
+ printf("\tserver type :\t0x%x\n", r->server_type);
}
-static void display_srv_info_102(SRV_INFO_102 *sv102)
+static void display_srv_info_102(struct srvsvc_NetSrvInfo102 *r)
{
- fstring name;
- fstring comment;
- fstring usr_path;
-
- unistr2_to_ascii(name, &sv102->uni_name, sizeof(name));
- unistr2_to_ascii(comment, &sv102->uni_comment, sizeof(comment));
- unistr2_to_ascii(usr_path, &sv102->uni_usr_path, sizeof(usr_path));
-
- display_server(name, sv102->srv_type, comment);
-
- printf("\tplatform_id :\t%d\n", sv102->platform_id);
- printf("\tos version :\t%d.%d\n", sv102->ver_major,
- sv102->ver_minor);
-
- printf("\tusers :\t%x\n", sv102->users);
- printf("\tdisc, hidden :\t%x, %x\n", sv102->disc, sv102->hidden);
- printf("\tannounce, delta :\t%d, %d\n", sv102->announce,
- sv102->ann_delta);
- printf("\tlicenses :\t%d\n", sv102->licenses);
- printf("\tuser path :\t%s\n", usr_path);
+ display_server(r->server_name, r->server_type, r->comment);
+
+ printf("\tplatform_id :\t%d\n", r->platform_id);
+ printf("\tos version :\t%d.%d\n",
+ r->version_major, r->version_minor);
+ printf("\tserver type :\t0x%x\n", r->server_type);
+
+ printf("\tusers :\t%x\n", r->users);
+ printf("\tdisc, hidden :\t%x, %x\n", r->disc, r->hidden);
+ printf("\tannounce, delta :\t%d, %d\n", r->announce,
+ r->anndelta);
+ printf("\tlicenses :\t%d\n", r->licenses);
+ printf("\tuser path :\t%s\n", r->userpath);
}
/* Server query info */
int argc, const char **argv)
{
uint32 info_level = 101;
- SRV_INFO_CTR ctr;
+ union srvsvc_NetSrvInfo info;
WERROR result;
+ NTSTATUS status;
+ const char *server_name;
if (argc > 2) {
printf("Usage: %s [infolevel]\n", argv[0]);
if (argc == 2)
info_level = atoi(argv[1]);
- result = rpccli_srvsvc_net_srv_get_info(cli, mem_ctx, info_level,
- &ctr);
+ server_name = talloc_asprintf_strupper_m(mem_ctx, "\\\\%s",
+ cli->cli->desthost);
+ W_ERROR_HAVE_NO_MEMORY(server_name);
+
+ status = rpccli_srvsvc_NetSrvGetInfo(cli, mem_ctx,
+ server_name,
+ info_level,
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
if (!W_ERROR_IS_OK(result)) {
goto done;
switch (info_level) {
case 101:
- display_srv_info_101(&ctr.srv.sv101);
+ display_srv_info_101(info.info101);
break;
case 102:
- display_srv_info_102(&ctr.srv.sv102);
+ display_srv_info_102(info.info102);
break;
default:
printf("unsupported info level %d\n", info_level);
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- TIME_OF_DAY_INFO tod;
+ struct srvsvc_NetRemoteTODInfo *tod = NULL;
fstring srv_name_slash;
WERROR result;
+ NTSTATUS status;
if (argc > 1) {
printf("Usage: %s\n", argv[0]);
}
fstr_sprintf(srv_name_slash, "\\\\%s", cli->cli->desthost);
- result = rpccli_srvsvc_net_remote_tod(
- cli, mem_ctx, srv_name_slash, &tod);
+ status = rpccli_srvsvc_NetRemoteTOD(cli, mem_ctx,
+ srv_name_slash,
+ &tod,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ result = ntstatus_to_werror(status);
+ goto done;
+ }
if (!W_ERROR_IS_OK(result))
goto done;
basename=`basename $f .idl`
ndr="librpc/gen_ndr/ndr_$basename.c"
- if [ -f $ndr ] ; then
+ if [ -f $ndr ] && false; then
if [ "x`find librpc/idl/$f -newer $ndr -print`" = "xlibrpc/idl/$f" ]; then
list="$list librpc/idl/$f"
fi
$USERNAME-group:x:$GROUPID:
EOF
+MAKE_TEST_BINARY="bin/smbpasswd"
+export MAKE_TEST_BINARY
+
(echo $PASSWORD; echo $PASSWORD) | \
- smbpasswd -c $CONFFILE -L -s -a $USERNAME >/dev/null || exit 1
+ bin/smbpasswd -c $CONFFILE -L -s -a $USERNAME >/dev/null || exit 1
echo "DONE";
+MAKE_TEST_BINARY=""
+
SERVER_TEST_FIFO="$PREFIX/server_test.fifo"
export SERVER_TEST_FIFO
NMBD_TEST_LOG="$PREFIX/nmbd_test.log"
SMBD_TEST_LOG="$PREFIX/smbd_test.log"
export SMBD_TEST_LOG
-MAKE_TEST_BINARY=""
-export MAKE_TEST_BINARY
-
# start off with 0 failures
failed=0
export failed
echo "delaying for nbt name registration"
sleep 10
# This will return quickly when things are up, but be slow if we need to wait for (eg) SSL init
+ MAKE_TEST_BINARY="bin/nmblookup"
bin/nmblookup $CONFIGURATION -U $SERVER_IP __SAMBA__
bin/nmblookup $CONFIGURATION __SAMBA__
bin/nmblookup $CONFIGURATION -U 127.255.255.255 __SAMBA__
bin/nmblookup $CONFIGURATION $SERVER
# make sure smbd is also up set
echo "wait for smbd"
+ MAKE_TEST_BINARY="bin/smbclient"
bin/smbclient $CONFIGURATION -L $SERVER_IP -U% -p 139 | head -2
bin/smbclient $CONFIGURATION -L $SERVER_IP -U% -p 139 | head -2
+ MAKE_TEST_BINARY=""
failed=0
if ( !server_info->ptok ) {
ret = create_local_token( server_info );
if ( !NT_STATUS_IS_OK(ret) ) {
+ DEBUG(10,("failed to create local token: %s\n",
+ nt_errstr(ret)));
SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
goto fail;
}
+ if (!(ctx = talloc_init("net_ads_join"))) {
+ d_fprintf(stderr, "Could not initialise talloc context.\n");
+ werr = WERR_NOMEM;
+ goto fail;
+ }
+
use_in_memory_ccache();
werr = libnet_init_JoinCtx(ctx, &r);
goto fail;
}
- if (!(ctx = talloc_init("net_ads_join"))) {
- d_fprintf(stderr, "Could not initialise talloc context.\n");
- werr = WERR_NOMEM;
- goto fail;
- }
-
/* process additional command line args */
for ( i=0; i<argc; i++ ) {
int columns = 0;
-static int _resume, _recursive, debuglevel;
+static int _resume, _recursive, debuglevel, update;
static char *outputfile;
if(newpath[0] == '/')newpath++;
- /* Open local file and, if necessary, resume */
- if(!send_stdout) {
+ /* Open local file according to the mode */
+ if(update) {
+ /* if it is up-to-date, skip */
+ if(stat(newpath, &localstat) == 0 &&
+ localstat.st_mtime >= remotestat.st_mtime) {
+ if(verbose)
+ printf("%s is up-to-date, skipping\n", newpath);
+ smbc_close(remotehandle);
+ return 0;
+ }
+ /* else open it for writing and truncate if it exists */
+ localhandle = open(newpath, O_CREAT | O_NONBLOCK | O_RDWR | O_TRUNC, 0775);
+ if(localhandle < 0) {
+ fprintf(stderr, "Can't open %s : %s\n", newpath,
+ strerror(errno));
+ smbc_close(remotehandle);
+ return 1;
+ }
+ /* no offset */
+ } else if(!send_stdout) {
localhandle = open(newpath, O_CREAT | O_NONBLOCK | O_RDWR | (!resume?O_EXCL:0), 0755);
if(localhandle < 0) {
fprintf(stderr, "Can't open %s: %s\n", newpath, strerror(errno));
{"guest", 'a', POPT_ARG_NONE, NULL, 'a', "Work as user guest" },
{"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
{"resume", 'r', POPT_ARG_NONE, &_resume, 0, "Automatically resume aborted files" },
+ {"update", 'U', POPT_ARG_NONE, &update, 0, "Download only when remote file is newer than local file or local file is missing"},
{"recursive", 'R', POPT_ARG_NONE, &_recursive, 0, "Recursively download files" },
{"username", 'u', POPT_ARG_STRING, &username, 'u', "Username to use" },
{"password", 'p', POPT_ARG_STRING, &password, 'p', "Password to use" },
}
}
+ if((send_stdout || _resume || outputfile) && update) {
+ fprintf(stderr, "The -o, -R or -O and -U options can not be used together.\n");
+ return 1;
+ }
if((send_stdout || outputfile) && _recursive) {
fprintf(stderr, "The -o or -O and -R options can not be used together.\n");
return 1;
git.samba.org / jra / samba / .git / commitdiff