mirror of
https://github.com/samba-team/samba.git
synced 2025-01-03 01:18:10 +03:00
Make gpo_ldap.c compatible with samba 4. Add ads_get_ldap_server_name() function to samba 3. Move prototypes to root libgpo where appropriate.
gpo_ldap.c now compiles for both samba 3 and 4. Signed-off-by: Günther Deschner <gd@samba.org>
This commit is contained in:
parent
c441b7dda8
commit
248554370a
@ -1,4 +1,6 @@
|
||||
[SUBSYSTEM::LIBGPO]
|
||||
PRIVATE_DEPENDENCIES = LIBLDB LIBSAMBA-NET
|
||||
|
||||
LIBGPO_OBJ_FILES = ../libgpo/gpo_util.o ../libgpo/gpo_sec.o \
|
||||
../libgpo/gpext/gpext.o ../libgpo/gpo_fetch.o
|
||||
../libgpo/gpext/gpext.o ../libgpo/gpo_fetch.o \
|
||||
$(libgpodir)/ads_convenience.o
|
||||
|
@ -83,4 +83,44 @@ struct gp_extension_methods {
|
||||
NTSTATUS (*shutdown)(void);
|
||||
};
|
||||
|
||||
/* The following definitions come from libgpo/gpext/gpext.c */
|
||||
|
||||
struct gp_extension *get_gp_extension_list(void);
|
||||
NTSTATUS unregister_gp_extension(const char *name);
|
||||
NTSTATUS register_gp_extension(TALLOC_CTX *gpext_ctx,
|
||||
int version,
|
||||
const char *name,
|
||||
const char *guid,
|
||||
struct gp_extension_methods *methods);
|
||||
NTSTATUS gp_ext_info_add_entry(TALLOC_CTX *mem_ctx,
|
||||
const char *module,
|
||||
const char *ext_guid,
|
||||
struct gp_extension_reg_table *table,
|
||||
struct gp_extension_reg_info *info);
|
||||
NTSTATUS shutdown_gp_extensions(void);
|
||||
NTSTATUS init_gp_extensions(TALLOC_CTX *mem_ctx);
|
||||
NTSTATUS free_gp_extensions(void);
|
||||
void debug_gpext_header(int lvl,
|
||||
const char *name,
|
||||
uint32_t flags,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const struct nt_user_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const struct nt_user_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
|
||||
|
||||
#endif /* __GPEXT_H__ */
|
||||
|
114
libgpo/gpo.h
114
libgpo/gpo.h
@ -20,6 +20,10 @@
|
||||
#ifndef __GPO_H__
|
||||
#define __GPO_H__
|
||||
|
||||
#if _SAMBA_BUILD_ == 4
|
||||
#include "source4/libgpo/ads_convenience.h"
|
||||
#endif
|
||||
|
||||
enum GPO_LINK_TYPE {
|
||||
GP_LINK_UNKOWN = 0,
|
||||
GP_LINK_MACHINE = 1,
|
||||
@ -160,6 +164,116 @@ struct gp_registry_context {
|
||||
#define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY "edacfd8f-ffb3-11d1-b41d-00a0c968f939"
|
||||
|
||||
|
||||
struct cli_state;
|
||||
|
||||
/* The following definitions come from libgpo/gpo_fetch.c */
|
||||
|
||||
NTSTATUS gpo_explode_filesyspath(TALLOC_CTX *mem_ctx,
|
||||
const char *file_sys_path,
|
||||
char **server,
|
||||
char **service,
|
||||
char **nt_path,
|
||||
char **unix_path);
|
||||
NTSTATUS gpo_fetch_files(TALLOC_CTX *mem_ctx,
|
||||
struct cli_state *cli,
|
||||
struct GROUP_POLICY_OBJECT *gpo);
|
||||
NTSTATUS gpo_get_sysvol_gpt_version(TALLOC_CTX *mem_ctx,
|
||||
const char *unix_path,
|
||||
uint32_t *sysvol_version,
|
||||
char **display_name);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_ldap.c */
|
||||
|
||||
bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
|
||||
const char *extension_raw,
|
||||
struct GP_EXT **gp_ext);
|
||||
ADS_STATUS ads_get_gpo_link(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *link_dn,
|
||||
struct GP_LINK *gp_link_struct);
|
||||
ADS_STATUS ads_add_gpo_link(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *link_dn,
|
||||
const char *gpo_dn,
|
||||
uint32_t gpo_opt);
|
||||
ADS_STATUS ads_delete_gpo_link(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *link_dn,
|
||||
const char *gpo_dn);
|
||||
ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *gpo_dn,
|
||||
const char *display_name,
|
||||
const char *guid_name,
|
||||
struct GROUP_POLICY_OBJECT *gpo);
|
||||
ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
struct nt_user_token **token);
|
||||
ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
uint32_t flags,
|
||||
const struct nt_user_token *token,
|
||||
struct GROUP_POLICY_OBJECT **gpo_list);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_sec.c */
|
||||
|
||||
NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo,
|
||||
const struct nt_user_token *token);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_util.c */
|
||||
|
||||
const char *cse_gpo_guid_string_to_name(const char *guid);
|
||||
const char *cse_gpo_name_to_guid_string(const char *name);
|
||||
const char *cse_snapin_gpo_guid_string_to_name(const char *guid);
|
||||
void dump_gp_ext(struct GP_EXT *gp_ext, int debuglevel);
|
||||
void dump_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
int debuglevel);
|
||||
void dump_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
int debuglevel);
|
||||
void dump_gplink(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GP_LINK *gp_link);
|
||||
ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const struct nt_user_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid_filter,
|
||||
uint32_t flags);
|
||||
ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const struct nt_user_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extensions_guid_filter,
|
||||
uint32_t flags);
|
||||
NTSTATUS check_refresh_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
struct cli_state **cli_out);
|
||||
NTSTATUS check_refresh_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list);
|
||||
NTSTATUS gpo_get_unix_path(TALLOC_CTX *mem_ctx,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
char **unix_path);
|
||||
char *gpo_flag_str(uint32_t flags);
|
||||
NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const char *filename,
|
||||
const char *suffix,
|
||||
const char **filename_out);
|
||||
ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
struct nt_user_token **token);
|
||||
|
||||
|
||||
#include "../libgpo/gpext/gpext.h"
|
||||
|
||||
#endif
|
||||
|
@ -19,6 +19,7 @@
|
||||
|
||||
#include "includes.h"
|
||||
#if _SAMBA_BUILD_ == 4
|
||||
#include "libgpo/gpo.h"
|
||||
#include "source4/libgpo/ads_convenience.h"
|
||||
#endif
|
||||
|
||||
@ -42,12 +43,12 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
|
||||
|
||||
DEBUG(20,("ads_parse_gp_ext: %s\n", extension_raw));
|
||||
|
||||
ext = TALLOC_ZERO_P(mem_ctx, struct GP_EXT);
|
||||
ext = talloc_zero(mem_ctx, struct GP_EXT);
|
||||
if (!ext) {
|
||||
goto parse_error;
|
||||
}
|
||||
|
||||
ext_list = str_list_make_v3(mem_ctx, extension_raw, "]");
|
||||
ext_list = str_list_make(mem_ctx, extension_raw, "]");
|
||||
if (!ext_list) {
|
||||
goto parse_error;
|
||||
}
|
||||
@ -59,13 +60,13 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
|
||||
ext->num_exts = i;
|
||||
|
||||
if (ext->num_exts) {
|
||||
ext->extensions = TALLOC_ZERO_ARRAY(mem_ctx, char *,
|
||||
ext->extensions = talloc_zero_array(mem_ctx, char *,
|
||||
ext->num_exts);
|
||||
ext->extensions_guid = TALLOC_ZERO_ARRAY(mem_ctx, char *,
|
||||
ext->extensions_guid = talloc_zero_array(mem_ctx, char *,
|
||||
ext->num_exts);
|
||||
ext->snapins = TALLOC_ZERO_ARRAY(mem_ctx, char *,
|
||||
ext->snapins = talloc_zero_array(mem_ctx, char *,
|
||||
ext->num_exts);
|
||||
ext->snapins_guid = TALLOC_ZERO_ARRAY(mem_ctx, char *,
|
||||
ext->snapins_guid = talloc_zero_array(mem_ctx, char *,
|
||||
ext->num_exts);
|
||||
}
|
||||
|
||||
@ -90,7 +91,7 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
|
||||
p++;
|
||||
}
|
||||
|
||||
ext_strings = str_list_make_v3(mem_ctx, p, "}");
|
||||
ext_strings = str_list_make(mem_ctx, p, "}");
|
||||
if (ext_strings == NULL) {
|
||||
goto parse_error;
|
||||
}
|
||||
@ -140,8 +141,8 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
|
||||
ret = true;
|
||||
|
||||
parse_error:
|
||||
TALLOC_FREE(ext_list);
|
||||
TALLOC_FREE(ext_strings);
|
||||
talloc_free(ext_list);
|
||||
talloc_free(ext_strings);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@ -178,9 +179,9 @@ static ADS_STATUS gpo_parse_gplink(TALLOC_CTX *mem_ctx,
|
||||
gp_link->num_links = i;
|
||||
|
||||
if (gp_link->num_links) {
|
||||
gp_link->link_names = TALLOC_ZERO_ARRAY(mem_ctx, char *,
|
||||
gp_link->link_names = talloc_zero_array(mem_ctx, char *,
|
||||
gp_link->num_links);
|
||||
gp_link->link_opts = TALLOC_ZERO_ARRAY(mem_ctx, uint32_t,
|
||||
gp_link->link_opts = talloc_zero_array(mem_ctx, uint32_t,
|
||||
gp_link->num_links);
|
||||
}
|
||||
|
||||
@ -225,7 +226,7 @@ static ADS_STATUS gpo_parse_gplink(TALLOC_CTX *mem_ctx,
|
||||
status = ADS_SUCCESS;
|
||||
|
||||
parse_error:
|
||||
TALLOC_FREE(link_list);
|
||||
talloc_free(link_list);
|
||||
|
||||
return status;
|
||||
}
|
||||
@ -595,7 +596,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
|
||||
DEBUG(10,("skipping GPO \"%s\" as object "
|
||||
"has no access to it\n",
|
||||
new_gpo->display_name));
|
||||
TALLOC_FREE(new_gpo);
|
||||
talloc_free(new_gpo);
|
||||
continue;
|
||||
}
|
||||
|
||||
|
@ -18,7 +18,11 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
#include "librpc/gen_ndr/ndr_misc.h"
|
||||
#if _SAMBA_BUILD_ == 4
|
||||
#include "../libgpo/gpo.h"
|
||||
#include "source4/libgpo/ads_convenience.h"
|
||||
#endif
|
||||
#undef strdup
|
||||
|
||||
#define DEFAULT_DOMAIN_POLICY "Default Domain Policy"
|
||||
@ -601,7 +605,7 @@ ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
|
||||
|
||||
done:
|
||||
gp_free_reg_ctx(reg_ctx);
|
||||
TALLOC_FREE(root_key);
|
||||
talloc_free(root_key);
|
||||
free_gp_extensions();
|
||||
|
||||
return status;
|
||||
@ -660,7 +664,7 @@ NTSTATUS check_refresh_gpo(ADS_STRUCT *ads,
|
||||
|
||||
result = cli_full_connection(&cli,
|
||||
global_myname(),
|
||||
ads->config.ldap_server_name,
|
||||
ads_get_ldap_server_name(ads),
|
||||
/* server */
|
||||
NULL, 0,
|
||||
share, "A:",
|
||||
@ -834,7 +838,7 @@ NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
|
||||
path, suffix);
|
||||
NT_STATUS_HAVE_NO_MEMORY(tmp);
|
||||
|
||||
if (sys_stat(tmp, &sbuf) == 0) {
|
||||
if (stat(tmp, &sbuf) == 0) {
|
||||
*filename_out = tmp;
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
@ -1676,6 +1676,7 @@ uint32 ads_uf2acb(uint32 uf);
|
||||
uint32 ads_uf2atype(uint32 uf);
|
||||
uint32 ads_gtype2atype(uint32 gtype);
|
||||
enum lsa_SidType ads_atype_map(uint32 atype);
|
||||
const char *ads_get_ldap_server_name(ADS_STRUCT *ads);
|
||||
|
||||
/* The following definitions come from libads/authdata.c */
|
||||
|
||||
@ -1992,61 +1993,6 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip
|
||||
ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads,
|
||||
char **returned_principal);
|
||||
|
||||
/* The following definitions come from libgpo/gpext/gpext.c */
|
||||
|
||||
struct gp_extension *get_gp_extension_list(void);
|
||||
NTSTATUS unregister_gp_extension(const char *name);
|
||||
NTSTATUS register_gp_extension(TALLOC_CTX *gpext_ctx,
|
||||
int version,
|
||||
const char *name,
|
||||
const char *guid,
|
||||
struct gp_extension_methods *methods);
|
||||
NTSTATUS gp_ext_info_add_entry(TALLOC_CTX *mem_ctx,
|
||||
const char *module,
|
||||
const char *ext_guid,
|
||||
struct gp_extension_reg_table *table,
|
||||
struct gp_extension_reg_info *info);
|
||||
NTSTATUS shutdown_gp_extensions(void);
|
||||
NTSTATUS init_gp_extensions(TALLOC_CTX *mem_ctx);
|
||||
NTSTATUS free_gp_extensions(void);
|
||||
void debug_gpext_header(int lvl,
|
||||
const char *name,
|
||||
uint32_t flags,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const struct nt_user_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const struct nt_user_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_fetch.c */
|
||||
|
||||
NTSTATUS gpo_explode_filesyspath(TALLOC_CTX *mem_ctx,
|
||||
const char *file_sys_path,
|
||||
char **server,
|
||||
char **service,
|
||||
char **nt_path,
|
||||
char **unix_path);
|
||||
NTSTATUS gpo_fetch_files(TALLOC_CTX *mem_ctx,
|
||||
struct cli_state *cli,
|
||||
struct GROUP_POLICY_OBJECT *gpo);
|
||||
NTSTATUS gpo_get_sysvol_gpt_version(TALLOC_CTX *mem_ctx,
|
||||
const char *unix_path,
|
||||
uint32_t *sysvol_version,
|
||||
char **display_name);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_filesync.c */
|
||||
|
||||
NTSTATUS gpo_copy_file(TALLOC_CTX *mem_ctx,
|
||||
@ -2065,41 +2011,6 @@ NTSTATUS parse_gpt_ini(TALLOC_CTX *mem_ctx,
|
||||
uint32_t *version,
|
||||
char **display_name);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_ldap.c */
|
||||
|
||||
bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
|
||||
const char *extension_raw,
|
||||
struct GP_EXT **gp_ext);
|
||||
ADS_STATUS ads_get_gpo_link(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *link_dn,
|
||||
struct GP_LINK *gp_link_struct);
|
||||
ADS_STATUS ads_add_gpo_link(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *link_dn,
|
||||
const char *gpo_dn,
|
||||
uint32_t gpo_opt);
|
||||
ADS_STATUS ads_delete_gpo_link(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *link_dn,
|
||||
const char *gpo_dn);
|
||||
ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *gpo_dn,
|
||||
const char *display_name,
|
||||
const char *guid_name,
|
||||
struct GROUP_POLICY_OBJECT *gpo);
|
||||
ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
struct nt_user_token **token);
|
||||
ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
uint32_t flags,
|
||||
const struct nt_user_token *token,
|
||||
struct GROUP_POLICY_OBJECT **gpo_list);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_reg.c */
|
||||
|
||||
struct nt_user_token *registry_create_system_token(TALLOC_CTX *mem_ctx);
|
||||
@ -2159,61 +2070,6 @@ WERROR reg_apply_registry_entry(TALLOC_CTX *mem_ctx,
|
||||
const struct nt_user_token *token,
|
||||
uint32_t flags);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_sec.c */
|
||||
|
||||
NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo,
|
||||
const struct nt_user_token *token);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_util.c */
|
||||
|
||||
const char *cse_gpo_guid_string_to_name(const char *guid);
|
||||
const char *cse_gpo_name_to_guid_string(const char *name);
|
||||
const char *cse_snapin_gpo_guid_string_to_name(const char *guid);
|
||||
void dump_gp_ext(struct GP_EXT *gp_ext, int debuglevel);
|
||||
void dump_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
int debuglevel);
|
||||
void dump_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
int debuglevel);
|
||||
void dump_gplink(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GP_LINK *gp_link);
|
||||
ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const struct nt_user_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid_filter,
|
||||
uint32_t flags);
|
||||
ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const struct nt_user_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extensions_guid_filter,
|
||||
uint32_t flags);
|
||||
NTSTATUS check_refresh_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
struct cli_state **cli_out);
|
||||
NTSTATUS check_refresh_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list);
|
||||
NTSTATUS gpo_get_unix_path(TALLOC_CTX *mem_ctx,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
char **unix_path);
|
||||
char *gpo_flag_str(uint32_t flags);
|
||||
NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const char *filename,
|
||||
const char *suffix,
|
||||
const char **filename_out);
|
||||
ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
struct nt_user_token **token);
|
||||
|
||||
#include "librpc/gen_ndr/ndr_dfs.h"
|
||||
#include "librpc/gen_ndr/ndr_dssetup.h"
|
||||
|
@ -148,3 +148,8 @@ enum lsa_SidType ads_atype_map(uint32 atype)
|
||||
}
|
||||
return SID_NAME_UNKNOWN;
|
||||
}
|
||||
|
||||
const char *ads_get_ldap_server_name(ADS_STRUCT *ads)
|
||||
{
|
||||
return ads->config.ldap_server_name;
|
||||
}
|
||||
|
@ -106,6 +106,7 @@ ntp_signdsrcdir := ntp_signd
|
||||
wmisrcdir := lib/wmi
|
||||
tallocsrcdir := ../lib/talloc
|
||||
comsrcdir := $(srcdir)/lib/com
|
||||
libgpodir := libgpo
|
||||
|
||||
include data.mk
|
||||
|
||||
|
@ -25,38 +25,43 @@
|
||||
#include "includes.h"
|
||||
#include "libnet/libnet.h"
|
||||
#include "librpc/gen_ndr/ndr_security.h"
|
||||
#include "libgpo/source/ads_convenience.h"
|
||||
#include "libgpo/ads_convenience.h"
|
||||
#include "param/param.h"
|
||||
#include "libcli/libcli.h"
|
||||
#include "ldb_wrap.h"
|
||||
|
||||
static ADS_STATUS ads_connect(ADS_STRUCT *ads);
|
||||
|
||||
WERROR ads_startup (struct libnet_context *netctx, ADS_STRUCT **ads)
|
||||
{
|
||||
*ads = talloc(netctx, ADS_STRUCT);
|
||||
*ads->netctx = netctx;
|
||||
(*ads)->netctx = netctx;
|
||||
|
||||
ads_connect(*ads);
|
||||
|
||||
return WERR_OK;
|
||||
}
|
||||
|
||||
ADS_STATUS ads_connect(ADS_STRUCT *ads)
|
||||
static ADS_STATUS ads_connect(ADS_STRUCT *ads)
|
||||
{
|
||||
struct libnet_lookup_DCs *io;
|
||||
struct libnet_LookupDCs *io;
|
||||
char *url;
|
||||
|
||||
io = talloc_zero(ads, struct libnet_lookup_DCs);
|
||||
io = talloc_zero(ads, struct libnet_LookupDCs);
|
||||
|
||||
/* We are looking for the PDC of the active domain. */
|
||||
io->in.name_type = NBT_NAME_PDC;
|
||||
io->in.domain_name = lp_workgroup(ads->netctx->lp_ctx);
|
||||
libnet_lookupDCs(ads->netctx, ads, io);
|
||||
libnet_LookupDCs(ads->netctx, ads, io);
|
||||
|
||||
url = talloc_asprintf(ads, "ldap://%s", io->out.dcs[0]);
|
||||
url = talloc_asprintf(ads, "ldap://%s", io->out.dcs[0].name);
|
||||
ads->ldbctx = ldb_wrap_connect(ads, ads->netctx->event_ctx, ads->netctx->lp_ctx,
|
||||
url, NULL, ads->netctx->cred, 0, NULL);
|
||||
if (ads->ldbctx == NULL) {
|
||||
return ADS_STATUS_NT(NT_STATUS_UNSUCCESSFUL);
|
||||
return ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
return ADS_STATUS_NT(NT_STATUS_OK);
|
||||
return ADS_ERROR_NT(NT_STATUS_OK);
|
||||
}
|
||||
|
||||
ADS_STATUS ads_search_dn(ADS_STRUCT *ads, LDAPMessage **res,
|
||||
@ -64,7 +69,7 @@ ADS_STATUS ads_search_dn(ADS_STRUCT *ads, LDAPMessage **res,
|
||||
{
|
||||
ADS_STATUS status;
|
||||
|
||||
status.err_state = ldb_search(ads->ldbctx, ads, res,
|
||||
status.err.rc = ldb_search(ads->ldbctx, ads, res,
|
||||
ldb_dn_new(ads, ads->ldbctx, dn),
|
||||
LDB_SCOPE_BASE,
|
||||
attrs,
|
||||
@ -81,8 +86,8 @@ const char * ads_get_dn(ADS_STRUCT *ads, LDAPMessage *res)
|
||||
|
||||
bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *ctx, LDAPMessage *res, const char *field, struct security_descriptor **sd)
|
||||
{
|
||||
struct ldb_val *val;
|
||||
struct ndr_err_code ndr_err;
|
||||
const struct ldb_val *val;
|
||||
enum ndr_err_code ndr_err;
|
||||
|
||||
val = ldb_msg_find_ldb_val(res->msgs[0], field);
|
||||
|
||||
@ -103,18 +108,18 @@ bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *ctx, LDAPMessage *res, const char
|
||||
ADS_STATUS ads_search_retry_dn_sd_flags(ADS_STRUCT *ads, LDAPMessage **res, uint32_t sd_flags,
|
||||
const char *dn, const char **attrs)
|
||||
{
|
||||
return ads_search_sd_flags(ads, dn, LDB_SCOPE_BASE, "(objectclass=*)", attrs, sd_flags, res);
|
||||
return ads_do_search_all_sd_flags(ads, dn, LDB_SCOPE_BASE, "(objectclass=*)", attrs, sd_flags, res);
|
||||
}
|
||||
|
||||
static ADS_STATUS ads_do_search_all_sd_flags (ADS_STRUCT *ads, const char *dn, int scope,
|
||||
ADS_STATUS ads_do_search_all_sd_flags (ADS_STRUCT *ads, const char *dn, int scope,
|
||||
const char *filter, const char **attrs,
|
||||
uint32_t sd_flags, LDAPMessage **res)
|
||||
{
|
||||
int count = 3;
|
||||
int rv;
|
||||
struct ldb_request *req;
|
||||
struct ldb_control **controls;
|
||||
struct ldb_parse_tree *tree;
|
||||
struct ldb_dn *ldb_dn;
|
||||
|
||||
controls = talloc_zero_array(ads, struct ldb_control *, 2);
|
||||
controls[0] = talloc(ads, struct ldb_control);
|
||||
@ -124,13 +129,15 @@ static ADS_STATUS ads_do_search_all_sd_flags (ADS_STRUCT *ads, const char *dn, i
|
||||
|
||||
tree = ldb_parse_tree(ads, filter);
|
||||
|
||||
rv = ldb_build_search_req_ex(&req, ads->ldbctx, ads, res, dn, scope, tree, attrs, controls,
|
||||
ldb_dn = ldb_dn_new(ads, ads->ldbctx, dn);
|
||||
|
||||
rv = ldb_build_search_req_ex(&req, ads->ldbctx, (TALLOC_CTX *)res, ldb_dn, scope, tree, attrs, controls,
|
||||
res, ldb_search_default_callback, NULL);
|
||||
if (rv != LDB_SUCCESS) {
|
||||
talloc_free(*res);
|
||||
talloc_free(req);
|
||||
talloc_free(tree);
|
||||
return ADS_STATUS(irv);
|
||||
return ADS_ERROR(rv);
|
||||
}
|
||||
rv = ldb_request(ads->ldbctx, req);
|
||||
if (rv == LDB_SUCCESS) {
|
||||
@ -139,7 +146,7 @@ static ADS_STATUS ads_do_search_all_sd_flags (ADS_STRUCT *ads, const char *dn, i
|
||||
|
||||
talloc_free(req);
|
||||
talloc_free(tree);
|
||||
return ADS_STATUS(rv);
|
||||
return ADS_ERROR(rv);
|
||||
|
||||
}
|
||||
|
||||
@ -166,6 +173,7 @@ int ads_count_replies(ADS_STRUCT *ads, LDAPMessage *res)
|
||||
ADS_STATUS ads_msgfree(ADS_STRUCT *ads, LDAPMessage *res)
|
||||
{
|
||||
talloc_free(res);
|
||||
return ADS_ERROR_NT(NT_STATUS_OK);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -203,7 +211,7 @@ const char *ads_errstr(ADS_STATUS status)
|
||||
case ENUM_ADS_ERROR_SYSTEM:
|
||||
return strerror(status.err.rc);
|
||||
case ENUM_ADS_ERROR_LDAP:
|
||||
return msg;
|
||||
return ldb_strerror(status.err.rc);
|
||||
case ENUM_ADS_ERROR_NT:
|
||||
return get_friendly_nt_error_msg(ads_ntstatus(status));
|
||||
default:
|
||||
|
@ -22,9 +22,13 @@
|
||||
#ifndef __ADS_CONVENIENCE_H__
|
||||
#define __ADS_CONVENIENCE_H__
|
||||
|
||||
#include "librpc/gen_ndr/security.h"
|
||||
|
||||
#define ADS_ERR_OK(status) ((status.error_type == ENUM_ADS_ERROR_NT) ? NT_STATUS_IS_OK(status.err.nt_status):(status.err.rc == 0))
|
||||
#define ADS_ERROR(rc) ads_build_ldap_error(rc)
|
||||
#define ADS_ERROR_NT(rc) ads_build_nt_error(rc)
|
||||
#define ADS_SUCCESS ADS_ERROR(0)
|
||||
|
||||
#define ADS_ERROR_HAVE_NO_MEMORY(x) do { \
|
||||
if (!(x)) {\
|
||||
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);\
|
||||
@ -44,7 +48,7 @@ typedef struct {
|
||||
} ADS_STRUCT;
|
||||
|
||||
typedef struct ldb_result LDAPMessage;
|
||||
typedef struct void ** ADS_MODLIST;
|
||||
typedef void ** ADS_MODLIST;
|
||||
|
||||
/* there are 3 possible types of errors the ads subsystem can produce */
|
||||
enum ads_error_type { ENUM_ADS_ERROR_LDAP, ENUM_ADS_ERROR_SYSTEM, ENUM_ADS_ERROR_NT};
|
||||
@ -58,4 +62,32 @@ typedef struct {
|
||||
int minor_status;
|
||||
} ADS_STATUS;
|
||||
|
||||
|
||||
/* Prototypes from ads_convenience.c */
|
||||
ADS_STATUS ads_build_nt_error(NTSTATUS);
|
||||
ADS_STATUS ads_build_ldap_error(int);
|
||||
|
||||
ADS_STATUS ads_startup (struct libnet_context *netctx, ADS_STRUCT **ads);
|
||||
const char *ads_errstr(ADS_STATUS status);
|
||||
const char * ads_get_dn(ADS_STRUCT *ads, LDAPMessage *res);
|
||||
bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *ctx, LDAPMessage *res, const char *field, struct security_descriptor **sd);
|
||||
const char * ads_pull_string(ADS_STRUCT *ads, TALLOC_CTX *ctx, LDAPMessage *res, const char *field);
|
||||
bool ads_pull_uint32(ADS_STRUCT *ads, LDAPMessage *res, const char *field, uint32_t *ret);
|
||||
int ads_count_replies(ADS_STRUCT *ads, LDAPMessage *res);
|
||||
ADS_STATUS ads_do_search_all_sd_flags (ADS_STRUCT *ads, const char *dn, int scope,
|
||||
const char *filter, const char **attrs,
|
||||
uint32_t sd_flags, LDAPMessage **res);
|
||||
ADS_STATUS ads_search_dn(ADS_STRUCT *ads, LDAPMessage **res,
|
||||
const char *dn, const char **attrs);
|
||||
ADS_STATUS ads_search_retry_dn_sd_flags(ADS_STRUCT *ads, LDAPMessage **res, uint32_t sd_flags,
|
||||
const char *dn, const char **attrs);
|
||||
ADS_STATUS ads_msgfree(ADS_STRUCT *ads, LDAPMessage *res);
|
||||
NTSTATUS ads_ntstatus(ADS_STATUS status);
|
||||
ADS_STATUS ads_build_ldap_error(int ldb_error);
|
||||
ADS_STATUS ads_build_nt_error(NTSTATUS nt_status);
|
||||
ADS_MODLIST ads_init_mods(TALLOC_CTX *ctx);
|
||||
ADS_STATUS ads_mod_str(TALLOC_CTX *ctx, ADS_MODLIST *mods, const char *name, const char *val);
|
||||
ADS_STATUS ads_gen_mod(ADS_STRUCT *ads, const char *mod_dn, ADS_MODLIST mods);
|
||||
|
||||
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user