summaryrefslogtreecommitdiff
path: root/libgpo/gpo_util.c
diff options
context:
space:
mode:
Diffstat (limited to 'libgpo/gpo_util.c')
-rw-r--r--libgpo/gpo_util.c90
1 files changed, 38 insertions, 52 deletions
diff --git a/libgpo/gpo_util.c b/libgpo/gpo_util.c
index 720db5a2e5..2dd7c496c8 100644
--- a/libgpo/gpo_util.c
+++ b/libgpo/gpo_util.c
@@ -16,17 +16,22 @@
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
-
+#define TALLOC_DEPRECATED 1
#include "includes.h"
#include "librpc/gen_ndr/ndr_misc.h"
#if _SAMBA_BUILD_ == 4
+#include "system/filesys.h"
+#include "auth/auth.h"
#include "../libgpo/gpo.h"
+#include "../lib/talloc/talloc.h"
#include "source4/libgpo/ads_convenience.h"
#endif
#undef strdup
+#if 0
#define DEFAULT_DOMAIN_POLICY "Default Domain Policy"
#define DEFAULT_DOMAIN_CONTROLLERS_POLICY "Default Domain Controllers Policy"
+#endif
/* should we store a parsed guid ? */
struct gp_table {
@@ -571,7 +576,7 @@ ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
}
#endif
if (!W_ERROR_IS_OK(werr)) {
- gp_free_reg_ctx(reg_ctx);
+ talloc_free(reg_ctx);
return ADS_ERROR_NT(werror_to_ntstatus(werr));
}
@@ -606,7 +611,7 @@ ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
}
done:
- gp_free_reg_ctx(reg_ctx);
+ talloc_free(reg_ctx);
talloc_free(root_key);
free_gp_extensions();
@@ -622,9 +627,9 @@ ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
NTSTATUS check_refresh_gpo(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *cache_path,
+ struct loadparm_context *lp_ctx,
uint32_t flags,
- struct GROUP_POLICY_OBJECT *gpo,
- struct cli_state **cli_out)
+ struct GROUP_POLICY_OBJECT *gpo)
{
NTSTATUS result;
char *server = NULL;
@@ -633,7 +638,6 @@ NTSTATUS check_refresh_gpo(ADS_STRUCT *ads,
char *unix_path = NULL;
uint32_t sysvol_gpt_version = 0;
char *display_name = NULL;
- struct cli_state *cli = NULL;
result = gpo_explode_filesyspath(mem_ctx, cache_path, gpo->file_sys_path,
&server, &share, &nt_path, &unix_path);
@@ -663,32 +667,7 @@ NTSTATUS check_refresh_gpo(ADS_STRUCT *ads,
DEBUG(1,("check_refresh_gpo: need to refresh GPO\n"));
-#if _SAMBA_BUILD == 3
- if (*cli_out == NULL) {
- result = cli_full_connection(&cli,
- global_myname(),
- ads_get_ldap_server_name(ads),
- /* server */
- NULL, 0,
- share, "A:",
- ads->auth.user_name, NULL,
- ads->auth.password,
- CLI_FULL_CONNECTION_USE_KERBEROS |
- CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS,
- Undefined, NULL);
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(10,("check_refresh_gpo: "
- "failed to connect: %s\n",
- nt_errstr(result)));
- goto out;
- }
- *cli_out = cli;
- }
-#else
- /* TODO Implement */
-#endif
-
- result = gpo_fetch_files(mem_ctx, cache_path, *cli_out, gpo);
+ result = gpo_fetch_files(mem_ctx, ads, lp_ctx, cache_path, gpo);
if (!NT_STATUS_IS_OK(result)) {
goto out;
}
@@ -735,11 +714,11 @@ NTSTATUS check_refresh_gpo(ADS_STRUCT *ads,
NTSTATUS check_refresh_gpo_list(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *cache_path,
+ struct loadparm_context *lp_ctx,
uint32_t flags,
struct GROUP_POLICY_OBJECT *gpo_list)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- struct cli_state *cli = NULL;
struct GROUP_POLICY_OBJECT *gpo;
if (!gpo_list) {
@@ -748,7 +727,7 @@ NTSTATUS check_refresh_gpo_list(ADS_STRUCT *ads,
for (gpo = gpo_list; gpo; gpo = gpo->next) {
- result = check_refresh_gpo(ads, mem_ctx, cache_path, flags, gpo, &cli);
+ result = check_refresh_gpo(ads, mem_ctx, cache_path, lp_ctx, flags, gpo);
if (!NT_STATUS_IS_OK(result)) {
goto out;
}
@@ -757,9 +736,7 @@ NTSTATUS check_refresh_gpo_list(ADS_STRUCT *ads,
result = NT_STATUS_OK;
out:
- if (cli) {
- cli_shutdown(cli);
- }
+ /* FIXME close cli connection */
return result;
}
@@ -768,45 +745,46 @@ NTSTATUS check_refresh_gpo_list(ADS_STRUCT *ads,
****************************************************************/
NTSTATUS gpo_get_unix_path(TALLOC_CTX *mem_ctx,
+ const char *cache_path,
struct GROUP_POLICY_OBJECT *gpo,
char **unix_path)
{
char *server, *share, *nt_path;
- return gpo_explode_filesyspath(mem_ctx, gpo->file_sys_path,
+ return gpo_explode_filesyspath(mem_ctx, cache_path, gpo->file_sys_path,
&server, &share, &nt_path, unix_path);
}
/****************************************************************
****************************************************************/
-char *gpo_flag_str(uint32_t flags)
+char *gpo_flag_str(TALLOC_CTX *ctx, uint32_t flags)
{
- fstring str = "";
+ char *str = NULL;
if (flags == 0) {
return NULL;
}
if (flags & GPO_INFO_FLAG_SLOWLINK)
- fstrcat(str, "GPO_INFO_FLAG_SLOWLINK ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_SLOWLINK ");
if (flags & GPO_INFO_FLAG_VERBOSE)
- fstrcat(str, "GPO_INFO_FLAG_VERBOSE ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_VERBOSE ");
if (flags & GPO_INFO_FLAG_SAFEMODE_BOOT)
- fstrcat(str, "GPO_INFO_FLAG_SAFEMODE_BOOT ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_SAFEMODE_BOOT ");
if (flags & GPO_INFO_FLAG_NOCHANGES)
- fstrcat(str, "GPO_INFO_FLAG_NOCHANGES ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_NOCHANGES ");
if (flags & GPO_INFO_FLAG_MACHINE)
- fstrcat(str, "GPO_INFO_FLAG_MACHINE ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_MACHINE ");
if (flags & GPO_INFO_FLAG_LOGRSOP_TRANSITION)
- fstrcat(str, "GPO_INFO_FLAG_LOGRSOP_TRANSITION ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_LOGRSOP_TRANSITION ");
if (flags & GPO_INFO_FLAG_LINKTRANSITION)
- fstrcat(str, "GPO_INFO_FLAG_LINKTRANSITION ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_LINKTRANSITION ");
if (flags & GPO_INFO_FLAG_FORCED_REFRESH)
- fstrcat(str, "GPO_INFO_FLAG_FORCED_REFRESH ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_FORCED_REFRESH ");
if (flags & GPO_INFO_FLAG_BACKGROUND)
- fstrcat(str, "GPO_INFO_FLAG_BACKGROUND ");
+ str = talloc_append_string(ctx, str, "GPO_INFO_FLAG_BACKGROUND ");
- return strdup(str);
+ return str;
}
/****************************************************************
@@ -857,12 +835,17 @@ NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
const char *dn,
NT_USER_TOKEN **token)
{
NT_USER_TOKEN *ad_token = NULL;
ADS_STATUS status;
+#if _SAMBA_BUILD_ == 4
+ struct auth_session_info *info;
+#else
NTSTATUS ntstatus;
+#endif
#ifndef HAVE_ADS
return ADS_ERROR_NT(NT_STATUS_NOT_SUPPORTED);
@@ -871,12 +854,15 @@ ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
if (!ADS_ERR_OK(status)) {
return status;
}
-
+#if _SAMBA_BUILD_ == 4
+ info = system_session(mem_ctx, lp_ctx);
+ *token = info->security_token;
+#else
ntstatus = merge_nt_token(mem_ctx, ad_token, get_system_token(),
token);
if (!NT_STATUS_IS_OK(ntstatus)) {
return ADS_ERROR_NT(ntstatus);
}
-
+#endif
return ADS_SUCCESS;
}