mirror of
https://github.com/samba-team/samba.git
synced 2025-01-24 02:04:21 +03:00
f24f472d44
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
264 lines
7.1 KiB
C
264 lines
7.1 KiB
C
/*
|
|
* Unix SMB/CIFS implementation.
|
|
* Group Policy Object Support
|
|
* Copyright (C) Wilco Baan Hofman 2008-2010
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
#include "includes.h"
|
|
#include "lib/policy/policy.h"
|
|
#include "libcli/raw/smb.h"
|
|
#include "libcli/libcli.h"
|
|
#include "param/param.h"
|
|
#include "libcli/resolve/resolve.h"
|
|
#include <sys/stat.h>
|
|
#include <fcntl.h>
|
|
|
|
#define GP_MAX_DEPTH 25
|
|
|
|
struct gp_list_state {
|
|
struct gp_context *gp_ctx;
|
|
uint8_t depth;
|
|
const char *cur_rel_path;
|
|
const char *share_path;
|
|
const char *local_path;
|
|
};
|
|
|
|
static NTSTATUS gp_do_list(const char *, struct gp_list_state *);
|
|
|
|
/* Create a temporary policy directory */
|
|
static const char *gp_tmpdir(TALLOC_CTX *mem_ctx)
|
|
{
|
|
const char *gp_dir = talloc_asprintf(mem_ctx, "%s/policy", tmpdir());
|
|
struct stat st;
|
|
|
|
if (stat(gp_dir, &st) != 0) {
|
|
mkdir(gp_dir, 0755);
|
|
}
|
|
|
|
return gp_dir;
|
|
}
|
|
|
|
/* This function is called by the smbcli_list function */
|
|
static void gp_list_helper (struct clilist_file_info *info, const char *mask, void *list_state_ptr)
|
|
{
|
|
struct gp_list_state *state = list_state_ptr;
|
|
const char *rel_path, *full_remote_path;
|
|
char *local_rel_path, *full_local_path;
|
|
unsigned int i;
|
|
int fh_remote, fh_local;
|
|
uint8_t *buf;
|
|
size_t nread = 0;
|
|
size_t buf_size = 1024;
|
|
|
|
/* If the relative path is empty, then avoid the extra slash */
|
|
if (state->cur_rel_path[0] != '\0') {
|
|
/* Get local path by replacing backslashes with slashes */
|
|
local_rel_path = talloc_strdup(state, state->cur_rel_path);
|
|
for (i = 0; local_rel_path[i] != '\0'; i++) {
|
|
if (local_rel_path[i] == '\\') {
|
|
local_rel_path[i] = '/';
|
|
}
|
|
}
|
|
full_local_path = talloc_asprintf(state, "%s/%s/%s", state->local_path, local_rel_path, info->name);
|
|
} else {
|
|
full_local_path = talloc_asprintf(state, "%s/%s", state->local_path, info->name);
|
|
}
|
|
|
|
/* Directory */
|
|
if (info->attrib & FILE_ATTRIBUTE_DIRECTORY) {
|
|
if (state->depth >= GP_MAX_DEPTH)
|
|
return;
|
|
if (strcmp(info->name, ".") == 0 || strcmp(info->name, "..") == 0)
|
|
return;
|
|
|
|
mkdir(full_local_path, 0755);
|
|
|
|
/* If the relative path is empty, then avoid the extra backslash */
|
|
if (state->cur_rel_path[0] == '\0') {
|
|
rel_path = info->name;
|
|
} else {
|
|
rel_path = talloc_asprintf(state, "%s\\%s", state->cur_rel_path, info->name);
|
|
}
|
|
|
|
/* Recurse into this directory */
|
|
gp_do_list(rel_path, state);
|
|
return;
|
|
}
|
|
|
|
/* If the relative path is empty, then avoid the extra backslash */
|
|
if (state->cur_rel_path[0] != '\0') {
|
|
full_remote_path = talloc_asprintf(state, "%s\\%s\\%s", state->share_path, state->cur_rel_path, info->name);
|
|
} else {
|
|
full_remote_path = talloc_asprintf(state, "%s\\%s", state->share_path, info->name);
|
|
}
|
|
|
|
/* Open the remote file */
|
|
fh_remote = smbcli_open(state->gp_ctx->cli->tree, full_remote_path, O_RDONLY, DENY_NONE);
|
|
if (fh_remote == -1) {
|
|
DEBUG(0, ("Failed to open remote file: %s\n", full_remote_path));
|
|
return;
|
|
}
|
|
|
|
/* Open the local file */
|
|
fh_local = open(full_local_path, O_WRONLY | O_CREAT | O_TRUNC, 0644);
|
|
if (fh_local == -1) {
|
|
DEBUG(0, ("Failed to open local file: %s\n", full_local_path));
|
|
return;
|
|
}
|
|
|
|
/* Copy the contents of the file */
|
|
buf = talloc_zero_array(state, uint8_t, buf_size);
|
|
while (1) {
|
|
int n = smbcli_read(state->gp_ctx->cli->tree, fh_remote, buf, nread, buf_size);
|
|
if (n <= 0) {
|
|
break;
|
|
}
|
|
if (write(fh_local, buf, n) != n) {
|
|
DEBUG(0, ("Short write while copying file.\n"));
|
|
return;
|
|
}
|
|
nread += n;
|
|
}
|
|
/* Close the files */
|
|
smbcli_close(state->gp_ctx->cli->tree, fh_remote);
|
|
close(fh_local);
|
|
|
|
return;
|
|
}
|
|
|
|
static NTSTATUS gp_do_list (const char *rel_path, struct gp_list_state *state)
|
|
{
|
|
uint16_t attributes;
|
|
int success;
|
|
char *mask;
|
|
const char *old_rel_path;
|
|
|
|
attributes = FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_DIRECTORY;
|
|
|
|
/* Update the relative paths, while buffering the parent */
|
|
old_rel_path = state->cur_rel_path;
|
|
state->cur_rel_path = rel_path;
|
|
state->depth++;
|
|
|
|
/* Get the current mask */
|
|
mask = talloc_asprintf(state, "%s\\%s\\*", state->share_path, rel_path);
|
|
success = smbcli_list(state->gp_ctx->cli->tree, mask, attributes, gp_list_helper, state);
|
|
talloc_free(mask);
|
|
|
|
/* Go back to the state of the parent */
|
|
state->cur_rel_path = old_rel_path;
|
|
state->depth--;
|
|
|
|
if (!success)
|
|
return NT_STATUS_UNSUCCESSFUL;
|
|
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
static NTSTATUS gp_cli_connect(struct gp_context *gp_ctx)
|
|
{
|
|
struct smbcli_options options;
|
|
struct smbcli_session_options session_options;
|
|
|
|
if (gp_ctx->cli != NULL)
|
|
return NT_STATUS_OK;
|
|
|
|
gp_ctx->cli = smbcli_state_init(gp_ctx);
|
|
|
|
lp_smbcli_options(gp_ctx->lp_ctx, &options);
|
|
lp_smbcli_session_options(gp_ctx->lp_ctx, &session_options);
|
|
|
|
|
|
return smbcli_full_connection(gp_ctx,
|
|
&gp_ctx->cli,
|
|
gp_ctx->active_dc.name,
|
|
lp_smb_ports(gp_ctx->lp_ctx),
|
|
"sysvol",
|
|
NULL,
|
|
lp_socket_options(gp_ctx->lp_ctx),
|
|
gp_ctx->credentials,
|
|
lp_resolve_context(gp_ctx->lp_ctx),
|
|
gp_ctx->ev_ctx,
|
|
&options,
|
|
&session_options,
|
|
lp_iconv_convenience(gp_ctx->lp_ctx),
|
|
lp_gensec_settings(gp_ctx, gp_ctx->lp_ctx));
|
|
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
NTSTATUS gp_fetch_gpo (struct gp_context *gp_ctx, struct gp_object *gpo, const char **ret_local_path)
|
|
{
|
|
TALLOC_CTX *mem_ctx;
|
|
struct gp_list_state *state;
|
|
NTSTATUS status;
|
|
unsigned int i, bkslash_cnt;
|
|
struct stat st;
|
|
int rv;
|
|
|
|
/* Create a forked memory context, as a base for everything here */
|
|
mem_ctx = talloc_new(gp_ctx);
|
|
|
|
|
|
if (gp_ctx->cli == NULL) {
|
|
status = gp_cli_connect(gp_ctx);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
DEBUG(0, ("Failed to create cli connection to DC\n"));
|
|
talloc_free(mem_ctx);
|
|
return status;
|
|
}
|
|
}
|
|
|
|
/* Prepare the state structure */
|
|
state = talloc_zero(mem_ctx, struct gp_list_state);
|
|
state->gp_ctx = gp_ctx;
|
|
state->local_path = talloc_asprintf(gp_ctx, "%s/%s", gp_tmpdir(mem_ctx), gpo->name);
|
|
|
|
/* Get the path from the share down (\\..\..\(this\stuff) */
|
|
for (i = 0, bkslash_cnt = 0; gpo->file_sys_path[i] != '\0'; i++) {
|
|
if (gpo->file_sys_path[i] == '\\')
|
|
bkslash_cnt++;
|
|
|
|
if (bkslash_cnt == 4) {
|
|
state->share_path = talloc_strdup(mem_ctx, &gpo->file_sys_path[i]);
|
|
break;
|
|
}
|
|
}
|
|
|
|
/* Create the GPO dir if it does not exist */
|
|
if (stat(state->local_path, &st) != 0) {
|
|
rv = mkdir(state->local_path, 755);
|
|
if (rv < 0) {
|
|
DEBUG(0, ("Could not create local path\n"));
|
|
talloc_free(mem_ctx);
|
|
return NT_STATUS_UNSUCCESSFUL;
|
|
}
|
|
}
|
|
|
|
/* Copy the files */
|
|
status = gp_do_list("", state);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
DEBUG(0, ("Could not list GPO files on remote server\n"));
|
|
talloc_free(mem_ctx);
|
|
return status;
|
|
}
|
|
|
|
/* Return the local path to the gpo */
|
|
*ret_local_path = state->local_path;
|
|
|
|
talloc_free(mem_ctx);
|
|
return NT_STATUS_OK;
|
|
}
|