Changeset 988 for vendor/current/source4/lib/policy
- Timestamp:
- Nov 24, 2016, 1:14:11 PM (9 years ago)
- Location:
- vendor/current/source4/lib/policy
- Files:
-
- 1 added
- 2 deleted
- 7 edited
-
gp_filesys.c (modified) (13 diffs)
-
gp_ini.c (modified) (1 diff)
-
gp_ldap.c (modified) (33 diffs)
-
gp_manage.c (modified) (7 diffs)
-
policy.h (modified) (4 diffs)
-
policy.pc.in (deleted)
-
pypolicy.c (modified) (2 diffs)
-
samba-policy.pc.in (added)
-
tests (deleted)
-
wscript_build (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source4/lib/policy/gp_filesys.c
r740 r988 18 18 */ 19 19 #include "includes.h" 20 #include "system/filesys.h" 20 21 #include "lib/policy/policy.h" 21 22 #include "libcli/raw/smb.h" … … 24 25 #include "libcli/resolve/resolve.h" 25 26 #include "libcli/raw/libcliraw.h" 26 #include <sys/stat.h>27 #include <fcntl.h>28 #include <unistd.h>29 27 #include <dirent.h> 30 28 #include <errno.h> … … 165 163 lpcfg_smbcli_session_options(gp_ctx->lp_ctx, &session_options); 166 164 167 168 165 return smbcli_full_connection(gp_ctx, 169 166 &gp_ctx->cli, 170 gp_ctx->active_dc .name,167 gp_ctx->active_dc->name, 171 168 lpcfg_smb_ports(gp_ctx->lp_ctx), 172 169 "sysvol", … … 255 252 "%s (remote %zu, local %zu).\n", 256 253 remote_src, file_size, nread)); 254 close(fh_local); 257 255 talloc_free(buf); 258 256 return NT_STATUS_UNSUCCESSFUL; … … 283 281 /* Get local path by replacing backslashes with slashes */ 284 282 local_rel_path = talloc_strdup(mem_ctx, list->files[i].rel_path); 285 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(local_rel_path, mem_ctx); 283 if (local_rel_path == NULL) { 284 TALLOC_FREE(mem_ctx); 285 return NT_STATUS_NO_MEMORY; 286 } 286 287 string_replace(local_rel_path, '\\', '/'); 287 288 288 289 full_local_path = talloc_asprintf(mem_ctx, "%s%s", local_path, 289 290 local_rel_path); 290 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(full_local_path, mem_ctx); 291 if (full_local_path == NULL) { 292 TALLOC_FREE(mem_ctx); 293 return NT_STATUS_NO_MEMORY; 294 } 291 295 292 296 /* If the entry is a directory, create it. */ … … 304 308 full_remote_path = talloc_asprintf(mem_ctx, "%s%s", share_path, 305 309 list->files[i].rel_path); 306 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(full_remote_path, mem_ctx); 310 if (full_remote_path == NULL) { 311 TALLOC_FREE(mem_ctx); 312 return NT_STATUS_NO_MEMORY; 313 } 307 314 308 315 /* Get the file */ … … 343 350 /* Get the remote path to copy from */ 344 351 share_path = gp_get_share_path(mem_ctx, gpo->file_sys_path); 345 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(share_path, mem_ctx); 352 if (share_path == NULL) { 353 TALLOC_FREE(mem_ctx); 354 return NT_STATUS_NO_MEMORY; 355 } 346 356 347 357 /* Get the local path to copy to */ 348 358 local_path = talloc_asprintf(gp_ctx, "%s/%s", gp_tmpdir(mem_ctx), gpo->name); 349 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(local_path, mem_ctx); 359 if (local_path == NULL) { 360 TALLOC_FREE(mem_ctx); 361 return NT_STATUS_NO_MEMORY; 362 } 350 363 351 364 /* Prepare the state structure */ 352 365 state = talloc_zero(mem_ctx, struct gp_list_state); 353 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(state, mem_ctx); 366 if (state == NULL) { 367 TALLOC_FREE(mem_ctx); 368 return NT_STATUS_NO_MEMORY; 369 } 354 370 355 371 state->tree = gp_ctx->cli->tree; … … 396 412 DIR *dir; 397 413 struct dirent *dirent; 398 char *entry_local_path ;399 char *entry_remote_path ;414 char *entry_local_path = NULL; 415 char *entry_remote_path = NULL; 400 416 int local_fd, remote_fd; 401 417 int buf[1024]; 402 418 int nread, total_read; 403 419 struct stat s; 420 NTSTATUS status; 404 421 405 422 dir = opendir(local_path); … … 412 429 entry_local_path = talloc_asprintf(gp_ctx, "%s/%s", local_path, 413 430 dirent->d_name); 414 NT_STATUS_HAVE_NO_MEMORY(entry_local_path); 431 if (entry_local_path == NULL) { 432 status = NT_STATUS_NO_MEMORY; 433 goto done; 434 } 415 435 416 436 entry_remote_path = talloc_asprintf(gp_ctx, "%s\\%s", 417 437 remote_path, dirent->d_name); 418 NT_STATUS_HAVE_NO_MEMORY(entry_remote_path); 419 420 if (stat(dirent->d_name, &s) != 0) { 421 return NT_STATUS_UNSUCCESSFUL; 438 if (entry_remote_path == NULL) { 439 status = NT_STATUS_NO_MEMORY; 440 goto done; 441 } 442 443 if (stat(entry_local_path, &s) != 0) { 444 status = NT_STATUS_UNSUCCESSFUL; 445 goto done; 422 446 } 423 447 if (s.st_mode & S_IFDIR) { … … 437 461 0); 438 462 if (remote_fd < 0) { 439 talloc_free(entry_local_path);440 talloc_free(entry_remote_path);441 463 DEBUG(0, ("Failed to create remote file: %s\n", 442 464 entry_remote_path)); 443 return NT_STATUS_UNSUCCESSFUL; 465 status = NT_STATUS_UNSUCCESSFUL; 466 goto done; 444 467 } 445 468 local_fd = open(entry_local_path, O_RDONLY); 446 469 if (local_fd < 0) { 447 talloc_free(entry_local_path);448 talloc_free(entry_remote_path);449 470 DEBUG(0, ("Failed to open local file: %s\n", 450 471 entry_local_path)); 451 return NT_STATUS_UNSUCCESSFUL; 472 status = NT_STATUS_UNSUCCESSFUL; 473 goto done; 452 474 } 453 475 total_read = 0; … … 461 483 smbcli_close(gp_ctx->cli->tree, remote_fd); 462 484 } 463 talloc_free(entry_local_path); 464 talloc_free(entry_remote_path); 465 } 485 TALLOC_FREE(entry_local_path); 486 TALLOC_FREE(entry_remote_path); 487 } 488 489 status = NT_STATUS_OK; 490 done: 491 talloc_free(entry_local_path); 492 talloc_free(entry_remote_path); 493 466 494 closedir(dir); 467 495 468 return NT_STATUS_OK;496 return status; 469 497 } 470 498 … … 554 582 555 583 rv = write(fd, file_content, strlen(file_content)); 584 close(fd); 556 585 if (rv != strlen(file_content)) { 557 586 DEBUG(0, ("Short write in GPT.INI\n")); … … 559 588 return NT_STATUS_UNSUCCESSFUL; 560 589 } 561 562 close(fd);563 590 564 591 /* Upload the GPT to the sysvol share on a DC */ -
vendor/current/source4/lib/policy/gp_ini.c
r740 r988 19 19 */ 20 20 #include "includes.h" 21 #include "lib/util/ util.h"21 #include "lib/util/samba_util.h" 22 22 #include "lib/policy/policy.h" 23 23 -
vendor/current/source4/lib/policy/gp_ldap.c
r740 r988 62 62 63 63 gpo->dn = talloc_strdup(mem_ctx, ldb_dn_get_linearized(msg->dn)); 64 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->dn, gpo); 64 if (gpo->dn == NULL) { 65 TALLOC_FREE(gpo); 66 return NT_STATUS_NO_MEMORY; 67 } 65 68 66 69 DEBUG(9, ("Parsing GPO LDAP data for %s\n", gpo->dn)); 67 70 68 71 gpo->display_name = talloc_strdup(gpo, ldb_msg_find_attr_as_string(msg, "displayName", "")); 69 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->display_name, gpo); 72 if (gpo->display_name == NULL) { 73 TALLOC_FREE(gpo); 74 return NT_STATUS_NO_MEMORY; 75 } 70 76 71 77 gpo->name = talloc_strdup(gpo, ldb_msg_find_attr_as_string(msg, "name", "")); 72 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->name, gpo); 78 if (gpo->name == NULL) { 79 TALLOC_FREE(gpo); 80 return NT_STATUS_NO_MEMORY; 81 } 73 82 74 83 gpo->flags = ldb_msg_find_attr_as_uint(msg, "flags", 0); … … 76 85 77 86 gpo->file_sys_path = talloc_strdup(gpo, ldb_msg_find_attr_as_string(msg, "gPCFileSysPath", "")); 78 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->file_sys_path, gpo); 87 if (gpo->file_sys_path == NULL) { 88 TALLOC_FREE(gpo); 89 return NT_STATUS_NO_MEMORY; 90 } 79 91 80 92 /* Pull the security descriptor through the NDR library */ 81 93 data = ldb_msg_find_ldb_val(msg, "nTSecurityDescriptor"); 82 94 gpo->security_descriptor = talloc(gpo, struct security_descriptor); 83 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->security_descriptor, gpo); 95 if (gpo->security_descriptor == NULL) { 96 TALLOC_FREE(gpo); 97 return NT_STATUS_NO_MEMORY; 98 } 84 99 85 100 ndr_err = ndr_pull_struct_blob(data, … … 178 193 } 179 194 180 181 195 *gp_ctx = talloc_zero(mem_ctx, struct gp_context); 182 196 NT_STATUS_HAVE_NO_MEMORY(gp_ctx); … … 186 200 (*gp_ctx)->ev_ctx = ev_ctx; 187 201 (*gp_ctx)->ldb_ctx = ldb_ctx; 188 (*gp_ctx)->active_dc = io->out.dcs[0];202 (*gp_ctx)->active_dc = talloc_reference(*gp_ctx, &io->out.dcs[0]); 189 203 190 204 /* We don't need to keep the libnet context */ … … 220 234 221 235 attrs = talloc_array(mem_ctx, const char *, 7); 222 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(attrs, mem_ctx); 236 if (attrs == NULL) { 237 TALLOC_FREE(mem_ctx); 238 return NT_STATUS_NO_MEMORY; 239 } 223 240 224 241 attrs[0] = "nTSecurityDescriptor"; … … 238 255 239 256 gpo = talloc_array(gp_ctx, struct gp_object *, result->count+1); 240 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo, mem_ctx); 257 if (gpo == NULL) { 258 TALLOC_FREE(mem_ctx); 259 return NT_STATUS_NO_MEMORY; 260 } 241 261 242 262 gpo[result->count] = NULL; … … 275 295 276 296 attrs = talloc_array(mem_ctx, const char *, 7); 277 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(attrs, mem_ctx); 297 if (attrs == NULL) { 298 TALLOC_FREE(mem_ctx); 299 return NT_STATUS_NO_MEMORY; 300 } 278 301 279 302 attrs[0] = "nTSecurityDescriptor"; … … 343 366 gplink_str + start, 344 367 pos - start); 345 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplinks[idx]->dn, gplinks); 368 if (gplinks[idx]->dn == NULL) { 369 TALLOC_FREE(gplinks); 370 return NT_STATUS_NO_MEMORY; 371 } 346 372 347 373 for (start = pos + 1; gplink_str[pos] != ']'; pos++); 348 374 349 375 buf = talloc_strndup(gplinks, gplink_str + start, pos - start); 350 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(buf, gplinks); 376 if (buf == NULL) { 377 TALLOC_FREE(gplinks); 378 return NT_STATUS_NO_MEMORY; 379 } 351 380 gplinks[idx]->options = (uint32_t) strtoll(buf, &end, 0); 352 381 talloc_free(buf); … … 399 428 SMB_ASSERT(element->num_values > 0); 400 429 gplink_str = talloc_strdup(mem_ctx, (char *) element->values[0].data); 401 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 430 if (gplink_str == NULL) { 431 TALLOC_FREE(mem_ctx); 432 return NT_STATUS_NO_MEMORY; 433 } 402 434 goto found; 403 435 } … … 405 437 } 406 438 gplink_str = talloc_strdup(mem_ctx, ""); 407 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 439 if (gplink_str == NULL) { 440 TALLOC_FREE(mem_ctx); 441 return NT_STATUS_NO_MEMORY; 442 } 408 443 409 444 found: … … 481 516 482 517 gpos = talloc_array(gp_ctx, const char *, 1); 483 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpos, mem_ctx); 518 if (gpos == NULL) { 519 TALLOC_FREE(mem_ctx); 520 return NT_STATUS_NO_MEMORY; 521 } 484 522 gpos[0] = NULL; 485 523 … … 561 599 /* Add the GPO to the list */ 562 600 gpos = talloc_realloc(gp_ctx, gpos, const char *, count+2); 563 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpos, mem_ctx); 601 if (gpos == NULL) { 602 TALLOC_FREE(mem_ctx); 603 return NT_STATUS_NO_MEMORY; 604 } 564 605 gpos[count] = talloc_strdup(gp_ctx, gplinks[i]->dn); 565 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpos[count], mem_ctx); 606 if (gpos[count] == NULL) { 607 TALLOC_FREE(mem_ctx); 608 return NT_STATUS_NO_MEMORY; 609 } 566 610 gpos[count+1] = NULL; 567 611 count++; … … 626 670 } 627 671 gplink_str = talloc_asprintf(mem_ctx, "%s;%d%s", gplink_str, gplink->options, start); 628 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 672 if (gplink_str == NULL) { 673 TALLOC_FREE(mem_ctx); 674 return NT_STATUS_NO_MEMORY; 675 } 629 676 630 677 } else { 631 678 /* Prepend the new GPO link to the string. This list is backwards in priority. */ 632 679 gplink_str = talloc_asprintf(mem_ctx, "[LDAP://%s;%d]%s", gplink->dn, gplink->options, gplink_str); 633 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 680 if (gplink_str == NULL) { 681 TALLOC_FREE(mem_ctx); 682 return NT_STATUS_NO_MEMORY; 683 } 634 684 } 635 685 … … 637 687 638 688 msg = ldb_msg_new(mem_ctx); 639 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 689 if (msg == NULL) { 690 TALLOC_FREE(mem_ctx); 691 return NT_STATUS_NO_MEMORY; 692 } 640 693 641 694 msg->dn = dn; 642 695 643 696 rv = ldb_msg_add_string(msg, "gPLink", gplink_str); 644 if (rv != 0) {697 if (rv != LDB_SUCCESS) { 645 698 DEBUG(0, ("LDB message add string failed: %s\n", ldb_strerror(rv))); 646 699 talloc_free(mem_ctx); … … 650 703 651 704 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 652 if (rv != 0) {705 if (rv != LDB_SUCCESS) { 653 706 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 654 707 talloc_free(mem_ctx); … … 693 746 /* If this GPO link already exists, alter the options, else add it */ 694 747 search_string = talloc_asprintf(mem_ctx, "[LDAP://%s]", gplink_dn); 695 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(search_string, mem_ctx); 748 if (search_string == NULL) { 749 TALLOC_FREE(mem_ctx); 750 return NT_STATUS_NO_MEMORY; 751 } 696 752 697 753 p = strcasestr(gplink_str, search_string); … … 708 764 p++; 709 765 gplink_str = talloc_asprintf(mem_ctx, "%s%s", gplink_str, p); 710 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 766 if (gplink_str == NULL) { 767 TALLOC_FREE(mem_ctx); 768 return NT_STATUS_NO_MEMORY; 769 } 711 770 712 771 713 772 msg = ldb_msg_new(mem_ctx); 714 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 773 if (msg == NULL) { 774 TALLOC_FREE(mem_ctx); 775 return NT_STATUS_NO_MEMORY; 776 } 715 777 716 778 msg->dn = dn; … … 718 780 if (strcmp(gplink_str, "") == 0) { 719 781 rv = ldb_msg_add_empty(msg, "gPLink", LDB_FLAG_MOD_DELETE, NULL); 720 if (rv != 0) {782 if (rv != LDB_SUCCESS) { 721 783 DEBUG(0, ("LDB message add empty element failed: %s\n", ldb_strerror(rv))); 722 784 talloc_free(mem_ctx); … … 725 787 } else { 726 788 rv = ldb_msg_add_string(msg, "gPLink", gplink_str); 727 if (rv != 0) {789 if (rv != LDB_SUCCESS) { 728 790 DEBUG(0, ("LDB message add string failed: %s\n", ldb_strerror(rv))); 729 791 talloc_free(mem_ctx); … … 733 795 } 734 796 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 735 if (rv != 0) {797 if (rv != LDB_SUCCESS) { 736 798 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 737 799 talloc_free(mem_ctx); … … 787 849 788 850 inheritance_string = talloc_asprintf(msg, "%d", inheritance); 789 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(inheritance_string, msg); 851 if (inheritance_string == NULL) { 852 TALLOC_FREE(msg); 853 return NT_STATUS_NO_MEMORY; 854 } 790 855 791 856 rv = ldb_msg_add_string(msg, "gPOptions", inheritance_string); 792 if (rv != 0) {857 if (rv != LDB_SUCCESS) { 793 858 DEBUG(0, ("LDB message add string failed: %s\n", ldb_strerror(rv))); 794 859 talloc_free(msg); … … 798 863 799 864 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 800 if (rv != 0) {865 if (rv != LDB_SUCCESS) { 801 866 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 802 867 talloc_free(msg); … … 821 886 /* CN={GUID} */ 822 887 msg = ldb_msg_new(mem_ctx); 823 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 888 if (msg == NULL) { 889 TALLOC_FREE(mem_ctx); 890 return NT_STATUS_NO_MEMORY; 891 } 824 892 825 893 msg->dn = ldb_get_default_basedn(gp_ctx->ldb_ctx); 826 894 dn_str = talloc_asprintf(mem_ctx, "CN=%s,CN=Policies,CN=System", gpo->name); 827 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(dn_str, mem_ctx); 895 if (dn_str == NULL) { 896 TALLOC_FREE(mem_ctx); 897 return NT_STATUS_NO_MEMORY; 898 } 828 899 829 900 child_dn = ldb_dn_new(mem_ctx, gp_ctx->ldb_ctx, dn_str); … … 832 903 833 904 flags_str = talloc_asprintf(mem_ctx, "%d", gpo->flags); 834 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(flags_str, mem_ctx); 905 if (flags_str == NULL) { 906 TALLOC_FREE(mem_ctx); 907 return NT_STATUS_NO_MEMORY; 908 } 835 909 836 910 version_str = talloc_asprintf(mem_ctx, "%d", gpo->version); 837 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(version_str, mem_ctx); 911 if (version_str == NULL) { 912 TALLOC_FREE(mem_ctx); 913 return NT_STATUS_NO_MEMORY; 914 } 838 915 839 916 rv = ldb_msg_add_string(msg, "objectClass", "top"); … … 871 948 /* CN=User */ 872 949 msg = ldb_msg_new(mem_ctx); 873 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 950 if (msg == NULL) { 951 TALLOC_FREE(mem_ctx); 952 return NT_STATUS_NO_MEMORY; 953 } 874 954 875 955 msg->dn = ldb_dn_copy(mem_ctx, gpo_dn); … … 898 978 /* CN=Machine */ 899 979 msg = ldb_msg_new(mem_ctx); 900 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 980 if (msg == NULL) { 981 TALLOC_FREE(mem_ctx); 982 return NT_STATUS_NO_MEMORY; 983 } 901 984 902 985 msg->dn = ldb_dn_copy(mem_ctx, gpo_dn); … … 924 1007 925 1008 gpo->dn = talloc_strdup(gpo, ldb_dn_get_linearized(gpo_dn)); 926 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->dn, mem_ctx); 1009 if (gpo->dn == NULL) { 1010 TALLOC_FREE(mem_ctx); 1011 return NT_STATUS_NO_MEMORY; 1012 } 927 1013 928 1014 talloc_free(mem_ctx); … … 959 1045 /* Create a LDB message */ 960 1046 msg = ldb_msg_new(mem_ctx); 961 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1047 if (msg == NULL) { 1048 TALLOC_FREE(mem_ctx); 1049 return NT_STATUS_NO_MEMORY; 1050 } 962 1051 963 1052 msg->dn = ldb_dn_new(mem_ctx, gp_ctx->ldb_ctx, dn_str); 964 1053 965 1054 rv = ldb_msg_add_value(msg, "nTSecurityDescriptor", &data, NULL); 966 if (rv != 0) {1055 if (rv != LDB_SUCCESS) { 967 1056 DEBUG(0, ("LDB message add element failed for adding nTSecurityDescriptor: %s\n", ldb_strerror(rv))); 968 1057 talloc_free(mem_ctx); … … 972 1061 973 1062 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 974 if (rv != 0) {1063 if (rv != LDB_SUCCESS) { 975 1064 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 976 1065 talloc_free(mem_ctx); … … 993 1082 994 1083 msg = ldb_msg_new(mem_ctx); 995 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1084 if (msg == NULL) { 1085 TALLOC_FREE(mem_ctx); 1086 return NT_STATUS_NO_MEMORY; 1087 } 996 1088 997 1089 msg->dn = ldb_dn_new(mem_ctx, gp_ctx->ldb_ctx, gpo->dn); 998 1090 999 1091 version_str = talloc_asprintf(mem_ctx, "%d", gpo->version); 1000 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1092 if (msg == NULL) { 1093 TALLOC_FREE(mem_ctx); 1094 return NT_STATUS_NO_MEMORY; 1095 } 1001 1096 1002 1097 flags_str = talloc_asprintf(mem_ctx, "%d", gpo->flags); 1003 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1098 if (msg == NULL) { 1099 TALLOC_FREE(mem_ctx); 1100 return NT_STATUS_NO_MEMORY; 1101 } 1004 1102 1005 1103 rv = ldb_msg_add_string(msg, "flags", flags_str); 1006 if (rv != 0) {1104 if (rv != LDB_SUCCESS) { 1007 1105 DEBUG(0, ("LDB message add string failed for flags: %s\n", ldb_strerror(rv))); 1008 1106 talloc_free(mem_ctx); … … 1012 1110 1013 1111 rv = ldb_msg_add_string(msg, "version", version_str); 1014 if (rv != 0) {1112 if (rv != LDB_SUCCESS) { 1015 1113 DEBUG(0, ("LDB message add string failed for version: %s\n", ldb_strerror(rv))); 1016 1114 talloc_free(mem_ctx); … … 1020 1118 1021 1119 rv = ldb_msg_add_string(msg, "displayName", gpo->display_name); 1022 if (rv != 0) {1120 if (rv != LDB_SUCCESS) { 1023 1121 DEBUG(0, ("LDB message add string failed for displayName: %s\n", ldb_strerror(rv))); 1024 1122 talloc_free(mem_ctx); … … 1028 1126 1029 1127 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 1030 if (rv != 0) {1128 if (rv != LDB_SUCCESS) { 1031 1129 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 1032 1130 talloc_free(mem_ctx); -
vendor/current/source4/lib/policy/gp_manage.c
r740 r988 25 25 #include "lib/policy/policy.h" 26 26 27 staticuint32_t gp_ads_to_dir_access_mask(uint32_t access_mask)27 uint32_t gp_ads_to_dir_access_mask(uint32_t access_mask) 28 28 { 29 29 uint32_t fs_mask; … … 68 68 /* Copy the basic information from the directory server security descriptor */ 69 69 fs_sd->owner_sid = talloc_memdup(fs_sd, ds_sd->owner_sid, sizeof(struct dom_sid)); 70 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->owner_sid, fs_sd); 70 if (fs_sd->owner_sid == NULL) { 71 TALLOC_FREE(fs_sd); 72 return NT_STATUS_NO_MEMORY; 73 } 71 74 72 75 fs_sd->group_sid = talloc_memdup(fs_sd, ds_sd->group_sid, sizeof(struct dom_sid)); 73 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->group_sid, fs_sd); 76 if (fs_sd->group_sid == NULL) { 77 TALLOC_FREE(fs_sd); 78 return NT_STATUS_NO_MEMORY; 79 } 74 80 75 81 fs_sd->type = ds_sd->type; … … 78 84 /* Copy the sacl */ 79 85 fs_sd->sacl = security_acl_dup(fs_sd, ds_sd->sacl); 80 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->sacl, fs_sd); 86 if (fs_sd->sacl == NULL) { 87 TALLOC_FREE(fs_sd); 88 return NT_STATUS_NO_MEMORY; 89 } 81 90 82 91 /* Copy the dacl */ 83 92 fs_sd->dacl = talloc_zero(fs_sd, struct security_acl); 84 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->dacl, fs_sd); 93 if (fs_sd->dacl == NULL) { 94 TALLOC_FREE(fs_sd); 95 return NT_STATUS_NO_MEMORY; 96 } 85 97 86 98 for (i = 0; i < ds_sd->dacl->num_aces; i++) { … … 97 109 /* Copy the ace from the directory server security descriptor */ 98 110 ace = talloc_memdup(fs_sd, &ds_sd->dacl->aces[i], sizeof(struct security_ace)); 99 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(ace, fs_sd); 111 if (ace == NULL) { 112 TALLOC_FREE(fs_sd); 113 return NT_STATUS_NO_MEMORY; 114 } 100 115 101 116 /* Set specific inheritance flags for within the GPO */ … … 140 155 /* Create the gpo struct to return later */ 141 156 gpo = talloc(gp_ctx, struct gp_object); 142 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo, mem_ctx); 157 if (gpo == NULL) { 158 TALLOC_FREE(mem_ctx); 159 return NT_STATUS_NO_MEMORY; 160 } 143 161 144 162 /* Generate a GUID */ 145 163 guid_struct = GUID_random(); 146 164 guid_str = GUID_string2(mem_ctx, &guid_struct); 147 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(guid_str, mem_ctx); 165 if (guid_str == NULL) { 166 TALLOC_FREE(mem_ctx); 167 return NT_STATUS_NO_MEMORY; 168 } 148 169 name = strupper_talloc(mem_ctx, guid_str); 149 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(name, mem_ctx); 170 if (name == NULL) { 171 TALLOC_FREE(mem_ctx); 172 return NT_STATUS_NO_MEMORY; 173 } 150 174 151 175 /* Prepare the GPO struct */ … … 155 179 gpo->version = 0; 156 180 gpo->display_name = talloc_strdup(gpo, display_name); 157 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->display_name, mem_ctx); 181 if (gpo->display_name == NULL) { 182 TALLOC_FREE(mem_ctx); 183 return NT_STATUS_NO_MEMORY; 184 } 158 185 159 186 gpo->file_sys_path = talloc_asprintf(gpo, "\\\\%s\\sysvol\\%s\\Policies\\%s", lpcfg_dnsdomain(gp_ctx->lp_ctx), lpcfg_dnsdomain(gp_ctx->lp_ctx), name); 160 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->file_sys_path, mem_ctx); 187 if (gpo->file_sys_path == NULL) { 188 TALLOC_FREE(mem_ctx); 189 return NT_STATUS_NO_MEMORY; 190 } 161 191 162 192 /* Create the GPT */ … … 267 297 /* FIXME: The local file system may be case sensitive */ 268 298 filename = talloc_asprintf(mem_ctx, "%s/%s", local_path, "GPT.INI"); 269 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(filename, mem_ctx); 299 if (filename == NULL) { 300 TALLOC_FREE(mem_ctx); 301 return NT_STATUS_NO_MEMORY; 302 } 270 303 status = gp_parse_ini(mem_ctx, gp_ctx, local_path, &ini); 271 304 if (!NT_STATUS_IS_OK(status)) { -
vendor/current/source4/lib/policy/policy.h
r740 r988 21 21 #ifndef __POLICY_H__ 22 22 #define __POLICY_H__ 23 #include "libcli/libcli.h"24 23 25 24 #define GPLINK_OPT_DISABLE (1 << 0) 26 25 #define GPLINK_OPT_ENFORCE (1 << 1) 27 28 26 29 27 #define GPO_FLAG_USER_DISABLE (1 << 0) … … 31 29 32 30 struct security_token; 31 struct nbt_dc_name; 33 32 34 33 enum gpo_inheritance { … … 43 42 struct tevent_context *ev_ctx; 44 43 struct smbcli_state *cli; 45 struct nbt_dc_name active_dc;44 struct nbt_dc_name *active_dc; 46 45 }; 47 46 … … 124 123 NTSTATUS gp_create_gpt_security_descriptor (TALLOC_CTX *mem_ctx, struct security_descriptor *ds_sd, struct security_descriptor **ret); 125 124 NTSTATUS gp_set_acl (struct gp_context *gp_ctx, const char *dn_str, const struct security_descriptor *sd); 125 uint32_t gp_ads_to_dir_access_mask(uint32_t access_mask); 126 126 127 127 #endif -
vendor/current/source4/lib/policy/pypolicy.c
r740 r988 22 22 #include "policy.h" 23 23 #include "libcli/util/pyerrors.h" 24 25 void initpolicy(void); 24 26 25 27 static PyObject *py_get_gpo_flags(PyObject *self, PyObject *args) … … 107 109 } 108 110 111 static PyObject *py_ads_to_dir_access_mask(PyObject *self, PyObject *args) 112 { 113 uint32_t access_mask, dir_mask; 114 115 if (! PyArg_ParseTuple(args, "I", &access_mask)) 116 return NULL; 117 118 dir_mask = gp_ads_to_dir_access_mask(access_mask); 119 120 return Py_BuildValue("I", dir_mask); 121 } 122 123 109 124 static PyMethodDef py_policy_methods[] = { 110 125 { "get_gpo_flags", (PyCFunction)py_get_gpo_flags, METH_VARARGS, 111 126 "get_gpo_flags(flags) -> list" }, 112 { "get_gplink_options", (PyCFunction)py_get_gplink_options, METH_VARARGS, 113 "get_gplink_options(options) -> list" }, 127 { "get_gplink_options", (PyCFunction)py_get_gplink_options, METH_VARARGS, 128 "get_gplink_options(options) -> list" }, 129 { "ads_to_dir_access_mask", (PyCFunction)py_ads_to_dir_access_mask, METH_VARARGS, 130 "ads_to_dir_access_mask(access_mask) -> dir_mask" }, 114 131 { NULL } 115 132 }; -
vendor/current/source4/lib/policy/wscript_build
r740 r988 1 1 #!/usr/bin/env python 2 2 3 bld.SAMBA_LIBRARY(' policy',3 bld.SAMBA_LIBRARY('samba-policy', 4 4 source='gp_ldap.c gp_filesys.c gp_manage.c gp_ini.c', 5 pc_files=' policy.pc',5 pc_files='samba-policy.pc', 6 6 public_deps='ldb samba-net', 7 7 vnum='0.0.1', 8 pyembed=True 8 pyembed=True, 9 public_headers='policy.h' 9 10 ) 10 11 11 12 bld.SAMBA_PYTHON('py_policy', 12 13 source='pypolicy.c', 13 public_deps=' policy pytalloc-util',14 public_deps='samba-policy pytalloc-util', 14 15 realname='samba/policy.so' 15 16 )
Note:
See TracChangeset
for help on using the changeset viewer.
