2007-08-14 19:17:50 +04:00
/*
2006-09-29 05:27:54 +04:00
* Unix SMB / CIFS implementation .
* Group Policy Object Support
* Copyright ( C ) Guenther Deschner 2005 - 2006
2007-08-14 19:17:50 +04:00
*
2006-09-29 05:27:54 +04:00
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
* the Free Software Foundation ; either version 3 of the License , or
2006-09-29 05:27:54 +04:00
* ( at your option ) any later version .
2007-08-14 19:17:50 +04:00
*
2006-09-29 05:27:54 +04:00
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
2007-08-14 19:17:50 +04:00
*
2006-09-29 05:27:54 +04:00
* You should have received a copy of the GNU General Public License
2007-07-10 09:23:25 +04:00
* along with this program ; if not , see < http : //www.gnu.org/licenses/>.
2006-09-29 05:27:54 +04:00
*/
# include "includes.h"
2009-03-01 04:53:42 +03:00
# include "system/filesys.h"
# include "../libgpo/gpo.h"
2009-04-20 18:51:33 +04:00
# include "../libgpo/gpo_ini.h"
2006-09-29 05:27:54 +04:00
2010-05-10 02:07:10 +04:00
# include "libgpo/gpo_proto.h"
2011-05-06 13:47:43 +04:00
# include "libsmb/libsmb.h"
2009-03-15 06:40:12 +03:00
2006-09-29 05:27:54 +04:00
/****************************************************************
explode the GPO CIFS URI into their components
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-08-14 19:17:50 +04:00
NTSTATUS gpo_explode_filesyspath ( TALLOC_CTX * mem_ctx ,
2009-03-15 22:34:59 +03:00
const char * cache_dir ,
2007-08-14 19:17:50 +04:00
const char * file_sys_path ,
char * * server ,
char * * service ,
2007-07-09 19:48:17 +04:00
char * * nt_path ,
char * * unix_path )
2006-09-29 05:27:54 +04:00
{
2007-11-16 05:27:26 +03:00
char * path = NULL ;
2006-09-29 05:27:54 +04:00
* server = NULL ;
* service = NULL ;
* nt_path = NULL ;
* unix_path = NULL ;
2007-07-09 19:48:17 +04:00
if ( ! file_sys_path ) {
return NT_STATUS_OK ;
}
2007-12-08 04:32:32 +03:00
if ( ! next_token_talloc ( mem_ctx , & file_sys_path , server , " \\ " ) ) {
2006-09-29 05:27:54 +04:00
return NT_STATUS_INVALID_PARAMETER ;
}
2008-02-29 16:51:37 +03:00
NT_STATUS_HAVE_NO_MEMORY ( * server ) ;
2006-09-29 05:27:54 +04:00
2007-12-08 04:32:32 +03:00
if ( ! next_token_talloc ( mem_ctx , & file_sys_path , service , " \\ " ) ) {
2006-09-29 05:27:54 +04:00
return NT_STATUS_INVALID_PARAMETER ;
}
2008-02-29 16:51:37 +03:00
NT_STATUS_HAVE_NO_MEMORY ( * service ) ;
2006-09-29 05:27:54 +04:00
2007-08-14 19:17:50 +04:00
if ( ( * nt_path = talloc_asprintf ( mem_ctx , " \\ %s " , file_sys_path ) )
= = NULL ) {
2006-09-29 05:27:54 +04:00
return NT_STATUS_NO_MEMORY ;
}
2008-02-29 16:51:37 +03:00
NT_STATUS_HAVE_NO_MEMORY ( * nt_path ) ;
2006-09-29 05:27:54 +04:00
2007-11-16 05:27:26 +03:00
if ( ( path = talloc_asprintf ( mem_ctx ,
" %s/%s " ,
2009-03-15 22:34:59 +03:00
cache_dir ,
2007-11-16 05:27:26 +03:00
file_sys_path ) ) = = NULL ) {
return NT_STATUS_NO_MEMORY ;
}
path = talloc_string_sub ( mem_ctx , path , " \\ " , " / " ) ;
if ( ! path ) {
return NT_STATUS_NO_MEMORY ;
}
2006-09-29 05:27:54 +04:00
2008-02-29 16:51:37 +03:00
* unix_path = talloc_strdup ( mem_ctx , path ) ;
NT_STATUS_HAVE_NO_MEMORY ( * unix_path ) ;
2006-09-29 05:27:54 +04:00
2009-03-01 04:53:42 +03:00
talloc_free ( path ) ;
2006-09-29 05:27:54 +04:00
return NT_STATUS_OK ;
}
/****************************************************************
prepare the local disc storage for " unix_path "
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-08-14 19:17:50 +04:00
static NTSTATUS gpo_prepare_local_store ( TALLOC_CTX * mem_ctx ,
2009-03-15 22:34:59 +03:00
const char * cache_dir ,
2007-07-09 19:48:17 +04:00
const char * unix_path )
2006-09-29 05:27:54 +04:00
{
char * current_dir ;
2007-12-08 04:32:32 +03:00
char * tok ;
2006-09-29 05:27:54 +04:00
2009-03-15 22:34:59 +03:00
current_dir = talloc_strdup ( mem_ctx , cache_dir ) ;
2006-09-29 05:27:54 +04:00
NT_STATUS_HAVE_NO_MEMORY ( current_dir ) ;
2009-03-15 22:34:59 +03:00
if ( ( mkdir ( cache_dir , 0644 ) ) < 0 & & errno ! = EEXIST ) {
2006-09-29 05:27:54 +04:00
return NT_STATUS_ACCESS_DENIED ;
}
2007-12-08 04:32:32 +03:00
while ( next_token_talloc ( mem_ctx , & unix_path , & tok , " / " ) ) {
2009-04-20 21:15:32 +04:00
if ( strequal ( tok , GPO_CACHE_DIR ) ) {
2006-09-29 05:27:54 +04:00
break ;
}
}
2007-12-08 04:32:32 +03:00
while ( next_token_talloc ( mem_ctx , & unix_path , & tok , " / " ) ) {
2007-09-14 21:42:10 +04:00
current_dir = talloc_asprintf_append_buffer ( current_dir , " /%s " , tok ) ;
2006-09-29 05:27:54 +04:00
NT_STATUS_HAVE_NO_MEMORY ( current_dir ) ;
if ( ( mkdir ( current_dir , 0644 ) ) < 0 & & errno ! = EEXIST ) {
return NT_STATUS_ACCESS_DENIED ;
}
}
return NT_STATUS_OK ;
}
2013-12-10 21:26:51 +04:00
static NTSTATUS gpo_connect_server ( ADS_STRUCT * ads ,
2009-03-15 06:40:12 +03:00
const char * server , const char * service , void * ret_cli )
{
NTSTATUS result ;
struct cli_state * cli ;
result = cli_full_connection ( & cli ,
2011-06-09 09:31:03 +04:00
lp_netbios_name ( ) ,
2009-03-15 06:40:12 +03:00
server ,
NULL , 0 ,
service , " A: " ,
ads - > auth . user_name , NULL ,
ads - > auth . password ,
CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS ,
2016-12-12 07:49:46 +03:00
SMB_SIGNING_REQUIRED ) ;
2009-03-15 06:40:12 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
DEBUG ( 10 , ( " check_refresh_gpo: "
" failed to connect: %s \n " ,
nt_errstr ( result ) ) ) ;
2009-03-15 22:34:59 +03:00
return result ;
2009-03-15 06:40:12 +03:00
}
* ( struct cli_state * * ) ret_cli = cli ;
return NT_STATUS_OK ;
}
2006-09-29 05:27:54 +04:00
/****************************************************************
download a full GPO via CIFS
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-08-14 19:17:50 +04:00
NTSTATUS gpo_fetch_files ( TALLOC_CTX * mem_ctx ,
2009-03-15 06:40:12 +03:00
ADS_STRUCT * ads ,
2009-03-15 22:34:59 +03:00
const char * cache_dir ,
2013-12-20 01:23:44 +04:00
const struct GROUP_POLICY_OBJECT * gpo )
2006-09-29 05:27:54 +04:00
{
NTSTATUS result ;
2007-08-14 19:17:50 +04:00
char * server , * service , * nt_path , * unix_path ;
char * nt_ini_path , * unix_ini_path ;
2016-06-07 06:42:23 +03:00
struct cli_state * cli = NULL ;
2009-03-15 06:40:12 +03:00
2006-09-29 05:27:54 +04:00
2009-03-15 22:34:59 +03:00
result = gpo_explode_filesyspath ( mem_ctx , cache_dir , gpo - > file_sys_path ,
2007-08-14 19:17:50 +04:00
& server , & service , & nt_path ,
& unix_path ) ;
2008-02-29 16:51:37 +03:00
NT_STATUS_NOT_OK_RETURN ( result ) ;
2006-09-29 05:27:54 +04:00
2013-12-11 01:50:47 +04:00
/* for now reuse the existing ds connection */
2009-03-15 06:40:12 +03:00
2016-08-09 21:57:20 +03:00
result = gpo_connect_server ( ads , server , service , & cli ) ;
2009-04-20 21:15:32 +04:00
NT_STATUS_NOT_OK_RETURN ( result ) ;
2009-03-15 06:40:12 +03:00
2009-03-15 22:34:59 +03:00
result = gpo_prepare_local_store ( mem_ctx , cache_dir , unix_path ) ;
2008-02-29 16:51:37 +03:00
NT_STATUS_NOT_OK_RETURN ( result ) ;
2006-09-29 05:27:54 +04:00
unix_ini_path = talloc_asprintf ( mem_ctx , " %s/%s " , unix_path , GPT_INI ) ;
nt_ini_path = talloc_asprintf ( mem_ctx , " %s \\ %s " , nt_path , GPT_INI ) ;
2008-02-29 16:51:37 +03:00
NT_STATUS_HAVE_NO_MEMORY ( unix_ini_path ) ;
NT_STATUS_HAVE_NO_MEMORY ( nt_ini_path ) ;
2006-09-29 05:27:54 +04:00
2006-09-29 20:36:03 +04:00
result = gpo_copy_file ( mem_ctx , cli , nt_ini_path , unix_ini_path ) ;
2008-02-29 16:51:37 +03:00
NT_STATUS_NOT_OK_RETURN ( result ) ;
2006-09-29 05:27:54 +04:00
2006-09-29 20:36:03 +04:00
result = gpo_sync_directories ( mem_ctx , cli , nt_path , unix_path ) ;
2008-02-29 16:51:37 +03:00
NT_STATUS_NOT_OK_RETURN ( result ) ;
2006-09-29 05:27:54 +04:00
2008-02-29 16:51:37 +03:00
return NT_STATUS_OK ;
2006-09-29 05:27:54 +04:00
}
/****************************************************************
get the locally stored gpt . ini version number
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-08-14 19:17:50 +04:00
NTSTATUS gpo_get_sysvol_gpt_version ( TALLOC_CTX * mem_ctx ,
const char * unix_path ,
uint32_t * sysvol_version ,
2007-07-09 19:48:17 +04:00
char * * display_name )
2006-09-29 05:27:54 +04:00
{
NTSTATUS status ;
2007-08-14 19:17:50 +04:00
uint32_t version = 0 ;
2006-09-29 05:27:54 +04:00
char * local_path = NULL ;
char * name = NULL ;
2007-07-09 19:48:17 +04:00
if ( ! unix_path ) {
return NT_STATUS_OK ;
}
2006-09-29 05:27:54 +04:00
local_path = talloc_asprintf ( mem_ctx , " %s/%s " , unix_path , GPT_INI ) ;
NT_STATUS_HAVE_NO_MEMORY ( local_path ) ;
status = parse_gpt_ini ( mem_ctx , local_path , & version , & name ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2007-08-14 19:17:50 +04:00
DEBUG ( 10 , ( " gpo_get_sysvol_gpt_version: "
" failed to parse ini [%s]: %s \n " ,
2007-07-17 12:14:45 +04:00
local_path , nt_errstr ( status ) ) ) ;
2006-09-29 05:27:54 +04:00
return status ;
}
if ( sysvol_version ) {
* sysvol_version = version ;
}
if ( name & & * display_name ) {
* display_name = talloc_strdup ( mem_ctx , name ) ;
2007-04-23 14:04:15 +04:00
NT_STATUS_HAVE_NO_MEMORY ( * display_name ) ;
2006-09-29 05:27:54 +04:00
}
return NT_STATUS_OK ;
}