summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libgpo/config.mk3
-rw-r--r--libgpo/gpo.h2
-rw-r--r--libgpo/gpo_sec.c (renamed from source3/libgpo/gpo_sec.c)19
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/include/ads.h2
-rw-r--r--source4/main.mk2
6 files changed, 17 insertions, 13 deletions
diff --git a/libgpo/config.mk b/libgpo/config.mk
index ebfcafd024..10cd238285 100644
--- a/libgpo/config.mk
+++ b/libgpo/config.mk
@@ -1,3 +1,4 @@
[SUBSYSTEM::LIBGPO]
-LIBGPO_OBJ_FILES = ../libgpo/gpo_util.o
+LIBGPO_OBJ_FILES = ../libgpo/gpo_util.o ../libgpo/gpo_sec.o \
+ ../libgpo/gpext/gpext.o
diff --git a/libgpo/gpo.h b/libgpo/gpo.h
index 9abf526e14..c34dc4c750 100644
--- a/libgpo/gpo.h
+++ b/libgpo/gpo.h
@@ -157,6 +157,8 @@ struct gp_registry_context {
#define GP_EXT_GUID_SECURITY "827D319E-6EAC-11D2-A4EA-00C04F79F83A"
#define GP_EXT_GUID_REGISTRY "35378EAC-683F-11D2-A89A-00C04FBBCFA2"
#define GP_EXT_GUID_SCRIPTS "42B5FAAE-6536-11D2-AE5A-0000F87571E3"
+#define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY "edacfd8f-ffb3-11d1-b41d-00a0c968f939"
+
#include "../libgpo/gpext/gpext.h"
diff --git a/source3/libgpo/gpo_sec.c b/libgpo/gpo_sec.c
index c72bb26732..15bd2881d5 100644
--- a/source3/libgpo/gpo_sec.c
+++ b/libgpo/gpo_sec.c
@@ -18,6 +18,9 @@
*/
#include "includes.h"
+#include "librpc/gen_ndr/security.h"
+#include "librpc/gen_ndr/ndr_misc.h"
+#include "../libgpo/gpo.h"
/****************************************************************
****************************************************************/
@@ -41,12 +44,12 @@ static bool gpo_sd_check_agp_object_guid(const struct security_ace_object *objec
case SEC_ACE_OBJECT_TYPE_PRESENT:
if (GUID_equal(&object->type.type,
&ext_right_apg_guid)) {
- return True;
+ return true;
}
case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT:
if (GUID_equal(&object->inherited_type.inherited_type,
&ext_right_apg_guid)) {
- return True;
+ return true;
}
default:
break;
@@ -58,7 +61,7 @@ static bool gpo_sd_check_agp_object_guid(const struct security_ace_object *objec
/****************************************************************
****************************************************************/
-static bool gpo_sd_check_agp_object(const SEC_ACE *ace)
+static bool gpo_sd_check_agp_object(const struct security_ace *ace)
{
if (!sec_ace_object(ace->type)) {
return false;
@@ -92,7 +95,7 @@ static bool gpo_sd_check_read_access_bits(uint32_t access_mask)
/****************************************************************
****************************************************************/
-static NTSTATUS gpo_sd_check_ace_denied_object(const SEC_ACE *ace,
+static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
const struct nt_user_token *token)
{
if (gpo_sd_check_agp_object(ace) &&
@@ -110,7 +113,7 @@ static NTSTATUS gpo_sd_check_ace_denied_object(const SEC_ACE *ace,
/****************************************************************
****************************************************************/
-static NTSTATUS gpo_sd_check_ace_allowed_object(const SEC_ACE *ace,
+static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace,
const struct nt_user_token *token)
{
if (gpo_sd_check_agp_object(ace) &&
@@ -128,7 +131,7 @@ static NTSTATUS gpo_sd_check_ace_allowed_object(const SEC_ACE *ace,
/****************************************************************
****************************************************************/
-static NTSTATUS gpo_sd_check_ace(const SEC_ACE *ace,
+static NTSTATUS gpo_sd_check_ace(const struct security_ace *ace,
const struct nt_user_token *token)
{
switch (ace->type) {
@@ -147,8 +150,8 @@ static NTSTATUS gpo_sd_check_ace(const SEC_ACE *ace,
NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo,
const struct nt_user_token *token)
{
- SEC_DESC *sd = gpo->security_descriptor;
- SEC_ACL *dacl = NULL;
+ struct security_descriptor *sd = gpo->security_descriptor;
+ struct security_acl *dacl = NULL;
NTSTATUS status = NT_STATUS_ACCESS_DENIED;
int i;
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 425d5f1c3b..adc36dda2c 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -412,7 +412,7 @@ LIBADDNS_OBJ = $(LIBADDNS_OBJ0) $(SOCKET_WRAPPER_OBJ)
GPEXT_OBJ = ../libgpo/gpext/gpext.o @GPEXT_STATIC@
LIBGPO_OBJ0 = libgpo/gpo_ldap.o libgpo/gpo_ini.o ../libgpo/gpo_util.o \
- libgpo/gpo_fetch.o libgpo/gpo_filesync.o libgpo/gpo_sec.o \
+ libgpo/gpo_fetch.o libgpo/gpo_filesync.o ../libgpo/gpo_sec.o \
libgpo/gpo_reg.o \
$(GPEXT_OBJ)
LIBGPO_OBJ = $(LIBGPO_OBJ0)
diff --git a/source3/include/ads.h b/source3/include/ads.h
index 0fa19b55a6..afa4e12175 100644
--- a/source3/include/ads.h
+++ b/source3/include/ads.h
@@ -409,8 +409,6 @@ typedef struct {
int critical;
} ads_control;
-#define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY "edacfd8f-ffb3-11d1-b41d-00a0c968f939"
-
#define ADS_IGNORE_PRINCIPAL "not_defined_in_RFC4178@please_ignore"
/* Settings for the domainFunctionality attribute in the rootDSE */
diff --git a/source4/main.mk b/source4/main.mk
index aaae329ed8..d9e0254c1f 100644
--- a/source4/main.mk
+++ b/source4/main.mk
@@ -56,4 +56,4 @@ mkinclude ../libcli/ldap/config.mk
mkinclude ../libcli/auth/config.mk
mkinclude ../libcli/drsuapi/config.mk
mkinclude ../libcli/samsync/config.mk
-
+mkinclude ../libgpo/config.mk