diff options
-rw-r--r-- | libgpo/config.mk | 3 | ||||
-rw-r--r-- | libgpo/gpo.h | 2 | ||||
-rw-r--r-- | libgpo/gpo_sec.c (renamed from source3/libgpo/gpo_sec.c) | 19 | ||||
-rw-r--r-- | source3/Makefile.in | 2 | ||||
-rw-r--r-- | source3/include/ads.h | 2 | ||||
-rw-r--r-- | source4/main.mk | 2 |
6 files changed, 17 insertions, 13 deletions
diff --git a/libgpo/config.mk b/libgpo/config.mk index ebfcafd024..10cd238285 100644 --- a/libgpo/config.mk +++ b/libgpo/config.mk @@ -1,3 +1,4 @@ [SUBSYSTEM::LIBGPO] -LIBGPO_OBJ_FILES = ../libgpo/gpo_util.o +LIBGPO_OBJ_FILES = ../libgpo/gpo_util.o ../libgpo/gpo_sec.o \ + ../libgpo/gpext/gpext.o diff --git a/libgpo/gpo.h b/libgpo/gpo.h index 9abf526e14..c34dc4c750 100644 --- a/libgpo/gpo.h +++ b/libgpo/gpo.h @@ -157,6 +157,8 @@ struct gp_registry_context { #define GP_EXT_GUID_SECURITY "827D319E-6EAC-11D2-A4EA-00C04F79F83A" #define GP_EXT_GUID_REGISTRY "35378EAC-683F-11D2-A89A-00C04FBBCFA2" #define GP_EXT_GUID_SCRIPTS "42B5FAAE-6536-11D2-AE5A-0000F87571E3" +#define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY "edacfd8f-ffb3-11d1-b41d-00a0c968f939" + #include "../libgpo/gpext/gpext.h" diff --git a/source3/libgpo/gpo_sec.c b/libgpo/gpo_sec.c index c72bb26732..15bd2881d5 100644 --- a/source3/libgpo/gpo_sec.c +++ b/libgpo/gpo_sec.c @@ -18,6 +18,9 @@ */ #include "includes.h" +#include "librpc/gen_ndr/security.h" +#include "librpc/gen_ndr/ndr_misc.h" +#include "../libgpo/gpo.h" /**************************************************************** ****************************************************************/ @@ -41,12 +44,12 @@ static bool gpo_sd_check_agp_object_guid(const struct security_ace_object *objec case SEC_ACE_OBJECT_TYPE_PRESENT: if (GUID_equal(&object->type.type, &ext_right_apg_guid)) { - return True; + return true; } case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT: if (GUID_equal(&object->inherited_type.inherited_type, &ext_right_apg_guid)) { - return True; + return true; } default: break; @@ -58,7 +61,7 @@ static bool gpo_sd_check_agp_object_guid(const struct security_ace_object *objec /**************************************************************** ****************************************************************/ -static bool gpo_sd_check_agp_object(const SEC_ACE *ace) +static bool gpo_sd_check_agp_object(const struct security_ace *ace) { if (!sec_ace_object(ace->type)) { return false; @@ -92,7 +95,7 @@ static bool gpo_sd_check_read_access_bits(uint32_t access_mask) /**************************************************************** ****************************************************************/ -static NTSTATUS gpo_sd_check_ace_denied_object(const SEC_ACE *ace, +static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace, const struct nt_user_token *token) { if (gpo_sd_check_agp_object(ace) && @@ -110,7 +113,7 @@ static NTSTATUS gpo_sd_check_ace_denied_object(const SEC_ACE *ace, /**************************************************************** ****************************************************************/ -static NTSTATUS gpo_sd_check_ace_allowed_object(const SEC_ACE *ace, +static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace, const struct nt_user_token *token) { if (gpo_sd_check_agp_object(ace) && @@ -128,7 +131,7 @@ static NTSTATUS gpo_sd_check_ace_allowed_object(const SEC_ACE *ace, /**************************************************************** ****************************************************************/ -static NTSTATUS gpo_sd_check_ace(const SEC_ACE *ace, +static NTSTATUS gpo_sd_check_ace(const struct security_ace *ace, const struct nt_user_token *token) { switch (ace->type) { @@ -147,8 +150,8 @@ static NTSTATUS gpo_sd_check_ace(const SEC_ACE *ace, NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo, const struct nt_user_token *token) { - SEC_DESC *sd = gpo->security_descriptor; - SEC_ACL *dacl = NULL; + struct security_descriptor *sd = gpo->security_descriptor; + struct security_acl *dacl = NULL; NTSTATUS status = NT_STATUS_ACCESS_DENIED; int i; diff --git a/source3/Makefile.in b/source3/Makefile.in index 425d5f1c3b..adc36dda2c 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -412,7 +412,7 @@ LIBADDNS_OBJ = $(LIBADDNS_OBJ0) $(SOCKET_WRAPPER_OBJ) GPEXT_OBJ = ../libgpo/gpext/gpext.o @GPEXT_STATIC@ LIBGPO_OBJ0 = libgpo/gpo_ldap.o libgpo/gpo_ini.o ../libgpo/gpo_util.o \ - libgpo/gpo_fetch.o libgpo/gpo_filesync.o libgpo/gpo_sec.o \ + libgpo/gpo_fetch.o libgpo/gpo_filesync.o ../libgpo/gpo_sec.o \ libgpo/gpo_reg.o \ $(GPEXT_OBJ) LIBGPO_OBJ = $(LIBGPO_OBJ0) diff --git a/source3/include/ads.h b/source3/include/ads.h index 0fa19b55a6..afa4e12175 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -409,8 +409,6 @@ typedef struct { int critical; } ads_control; -#define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY "edacfd8f-ffb3-11d1-b41d-00a0c968f939" - #define ADS_IGNORE_PRINCIPAL "not_defined_in_RFC4178@please_ignore" /* Settings for the domainFunctionality attribute in the rootDSE */ diff --git a/source4/main.mk b/source4/main.mk index aaae329ed8..d9e0254c1f 100644 --- a/source4/main.mk +++ b/source4/main.mk @@ -56,4 +56,4 @@ mkinclude ../libcli/ldap/config.mk mkinclude ../libcli/auth/config.mk mkinclude ../libcli/drsuapi/config.mk mkinclude ../libcli/samsync/config.mk - +mkinclude ../libgpo/config.mk |