libgpo: allow to pass down deleted and changed gpo list to CSE plugins.

Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
author: Günther Deschner <gd@samba.org> 2013-12-18 19:33:28 +0100
committer: Andreas Schneider <asn@samba.org> 2014-01-07 16:59:38 +0100
commit: a9cb3031bcba1e4f39c71e4e09508e4eec0e833e (patch)
tree: e2e3b79a47347fa3ffe3534663f163fdea723e25 /source3/libgpo
parent: 19268c5c2654956e2a45c7f8ce27a699e96c930b (diff)
download: samba-a9cb3031bcba1e4f39c71e4e09508e4eec0e833e.tar.gz
3 files changed, 118 insertions, 63 deletions
diff --git a/source3/libgpo/gpext/registry.c b/source3/libgpo/gpext/registry.c
index ec6dcdf4c22..71e83084481 100644
--- a/source3/libgpo/gpext/registry.c
+++ b/source3/libgpo/gpext/registry.c
@@ -273,7 +273,8 @@ static NTSTATUS registry_process_group_policy(TALLOC_CTX *mem_ctx,
 					      uint32_t flags,
 					      struct registry_key *root_key,
 					      const struct security_token *token,
-					      struct GROUP_POLICY_OBJECT *gpo,
+					      struct GROUP_POLICY_OBJECT *deleted_gpo_list,
+					      struct GROUP_POLICY_OBJECT *changed_gpo_list,
 					      const char *extension_guid,
 					      const char *snapin_guid)
 {
@@ -282,32 +283,48 @@ static NTSTATUS registry_process_group_policy(TALLOC_CTX *mem_ctx,
 	struct gp_registry_entry *entries = NULL;
 	size_t num_entries = 0;
 	char *unix_path = NULL;
+	struct GROUP_POLICY_OBJECT *gpo;
 
-	gpext_debug_header(0, "registry_process_group_policy", flags, gpo,
-			   extension_guid, snapin_guid);
+	/* implementation of the policy callback function, see
+	 * http://msdn.microsoft.com/en-us/library/aa373494%28v=vs.85%29.aspx
+	 * for details - gd */
 
-	status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR), gpo, &unix_path);
-	NT_STATUS_NOT_OK_RETURN(status);
+	/* for now do not process the list of deleted group policies
 
-	status = reg_parse_registry(mem_ctx,
-				    flags,
-				    unix_path,
-				    &entries,
-				    &num_entries);
-	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(0,("failed to parse registry: %s\n",
-			nt_errstr(status)));
-		return status;
+	for (gpo = deleted_gpo_list; gpo; gpo = gpo->next) {
 	}
 
-	dump_reg_entries(flags, "READ", entries, num_entries);
+	*/
+
+	for (gpo = changed_gpo_list; gpo; gpo = gpo->next) {
 
-	werr = reg_apply_registry(mem_ctx, token, root_key, flags,
-				  entries, num_entries);
-	if (!W_ERROR_IS_OK(werr)) {
-		DEBUG(0,("failed to apply registry: %s\n",
-			win_errstr(werr)));
-		return werror_to_ntstatus(werr);
+		gpext_debug_header(0, "registry_process_group_policy", flags,
+				   gpo, extension_guid, snapin_guid);
+
+		status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR),
+					   gpo, &unix_path);
+		NT_STATUS_NOT_OK_RETURN(status);
+
+		status = reg_parse_registry(mem_ctx,
+					    flags,
+					    unix_path,
+					    &entries,
+					    &num_entries);
+		if (!NT_STATUS_IS_OK(status)) {
+			DEBUG(0,("failed to parse registry: %s\n",
+				nt_errstr(status)));
+			return status;
+		}
+
+		dump_reg_entries(flags, "READ", entries, num_entries);
+
+		werr = reg_apply_registry(mem_ctx, token, root_key, flags,
+					  entries, num_entries);
+		if (!W_ERROR_IS_OK(werr)) {
+			DEBUG(0,("failed to apply registry: %s\n",
+				win_errstr(werr)));
+			return werror_to_ntstatus(werr);
+		}
 	}
 
 	return NT_STATUS_OK;
diff --git a/source3/libgpo/gpext/scripts.c b/source3/libgpo/gpext/scripts.c
index 2ac11db310e..18914cab3d9 100644
--- a/source3/libgpo/gpext/scripts.c
+++ b/source3/libgpo/gpext/scripts.c
@@ -339,7 +339,8 @@ static NTSTATUS scripts_process_group_policy(TALLOC_CTX *mem_ctx,
 					     uint32_t flags,
 					     struct registry_key *root_key,
 					     const struct security_token *token,
-					     struct GROUP_POLICY_OBJECT *gpo,
+					     struct GROUP_POLICY_OBJECT *deleted_gpo_list,
+					     struct GROUP_POLICY_OBJECT *changed_gpo_list,
 					     const char *extension_guid,
 					     const char *snapin_guid)
 {
@@ -356,44 +357,61 @@ static NTSTATUS scripts_process_group_policy(TALLOC_CTX *mem_ctx,
 		GP_SCRIPTS_INI_LOGON,
 		GP_SCRIPTS_INI_LOGOFF
 	};
+	struct GROUP_POLICY_OBJECT *gpo;
 
-	gpext_debug_header(0, "scripts_process_group_policy", flags, gpo,
-			   extension_guid, snapin_guid);
+	/* implementation of the policy callback function, see
+	 * http://msdn.microsoft.com/en-us/library/aa373494%28v=vs.85%29.aspx
+	 * for details - gd */
 
-	status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR), gpo, &unix_path);
-	NT_STATUS_NOT_OK_RETURN(status);
+	/* for now do not process the list of deleted group policies
 
-	status = gp_inifile_init_context(mem_ctx, flags, unix_path,
-					 GP_SCRIPTS_INI, &ini_ctx);
-	NT_STATUS_NOT_OK_RETURN(status);
+	for (gpo = deleted_gpo_list; gpo; gpo = gpo->next) {
+	}
 
-	for (i = 0; i < ARRAY_SIZE(list); i++) {
+	*/
 
-		TALLOC_FREE(entries);
-		num_entries = 0;
+	for (gpo = changed_gpo_list; gpo; gpo = gpo->next) {
 
-		status = scripts_parse_ini_section(ini_ctx, flags, list[i],
-						   &entries, &num_entries);
-		if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
-			continue;
-		}
+		gpext_debug_header(0, "scripts_process_group_policy", flags,
+				   gpo, extension_guid, snapin_guid);
 
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
+		status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR),
+					   gpo, &unix_path);
+		NT_STATUS_NOT_OK_RETURN(status);
 
-		dump_reg_entries(flags, "READ", entries, num_entries);
+		status = gp_inifile_init_context(mem_ctx, flags, unix_path,
+						 GP_SCRIPTS_INI, &ini_ctx);
+		NT_STATUS_NOT_OK_RETURN(status);
 
-		werr = scripts_apply(ini_ctx->mem_ctx, token, root_key,
-				     flags, list[i], gpo, entries, num_entries);
-		if (!W_ERROR_IS_OK(werr)) {
-			continue; /* FIXME: finally fix storing emtpy strings and REG_QWORD! */
-			TALLOC_FREE(ini_ctx);
-			return werror_to_ntstatus(werr);
+		for (i = 0; i < ARRAY_SIZE(list); i++) {
+
+			TALLOC_FREE(entries);
+			num_entries = 0;
+
+			status = scripts_parse_ini_section(ini_ctx, flags, list[i],
+							   &entries, &num_entries);
+			if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
+				continue;
+			}
+
+			if (!NT_STATUS_IS_OK(status)) {
+				return status;
+			}
+
+			dump_reg_entries(flags, "READ", entries, num_entries);
+
+			werr = scripts_apply(ini_ctx->mem_ctx, token, root_key,
+					     flags, list[i], gpo, entries, num_entries);
+			if (!W_ERROR_IS_OK(werr)) {
+				continue; /* FIXME: finally fix storing emtpy strings and REG_QWORD! */
+				TALLOC_FREE(ini_ctx);
+				return werror_to_ntstatus(werr);
+			}
 		}
+
+		TALLOC_FREE(ini_ctx);
 	}
 
-	TALLOC_FREE(ini_ctx);
 	return NT_STATUS_OK;
 }
 
diff --git a/source3/libgpo/gpext/security.c b/source3/libgpo/gpext/security.c
index 8226491827b..29d57aa4ea8 100644
--- a/source3/libgpo/gpext/security.c
+++ b/source3/libgpo/gpext/security.c
@@ -144,33 +144,53 @@ static NTSTATUS security_process_group_policy(TALLOC_CTX *mem_ctx,
 					      uint32_t flags,
 					      struct registry_key *root_key,
 					      const struct security_token *token,
-					      struct GROUP_POLICY_OBJECT *gpo,
+					      struct GROUP_POLICY_OBJECT *deleted_gpo_list,
+					      struct GROUP_POLICY_OBJECT *changed_gpo_list,
 					      const char *extension_guid,
 					      const char *snapin_guid)
 {
 	NTSTATUS status;
 	char *unix_path = NULL;
 	struct gp_inifile_context *ini_ctx = NULL;
+	struct GROUP_POLICY_OBJECT *gpo;
 
-	gpext_debug_header(0, "security_process_group_policy", flags, gpo,
-			   extension_guid, snapin_guid);
+	/* implementation of the policy callback function, see
+	 * http://msdn.microsoft.com/en-us/library/aa373494%28v=vs.85%29.aspx
+	 * for details - gd */
 
-	/* this handler processes the gpttmpl files and merge output to the
-	 * registry */
+	/* for now do not process the list of deleted group policies
 
-	status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR), gpo, &unix_path);
-	if (!NT_STATUS_IS_OK(status)) {
-		goto out;
+	for (gpo = deleted_gpo_list; gpo; gpo = gpo->next) {
 	}
 
-	status = gpttmpl_init_context(mem_ctx, flags, unix_path, &ini_ctx);
-	if (!NT_STATUS_IS_OK(status)) {
-		goto out;
-	}
+	*/
 
-	status = gpttmpl_process(ini_ctx, root_key, flags);
-	if (!NT_STATUS_IS_OK(status)) {
-		goto out;
+	for (gpo = changed_gpo_list; gpo; gpo = gpo->next) {
+
+		gpext_debug_header(0, "security_process_group_policy", flags,
+				   gpo, extension_guid, snapin_guid);
+
+		/* this handler processes the gpttmpl files and merge output to the
+		 * registry */
+
+		status = gpo_get_unix_path(mem_ctx, cache_path(GPO_CACHE_DIR),
+					   gpo, &unix_path);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto out;
+		}
+
+		status = gpttmpl_init_context(mem_ctx, flags, unix_path,
+					      &ini_ctx);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto out;
+		}
+
+		status = gpttmpl_process(ini_ctx, root_key, flags);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto out;
+		}
+
+		TALLOC_FREE(ini_ctx);
 	}
 
  out:
author	Günther Deschner <gd@samba.org>	2013-12-18 19:33:28 +0100
committer	Andreas Schneider <asn@samba.org>	2014-01-07 16:59:38 +0100
commit	a9cb3031bcba1e4f39c71e4e09508e4eec0e833e (patch)
tree	e2e3b79a47347fa3ffe3534663f163fdea723e25 /source3/libgpo
parent	19268c5c2654956e2a45c7f8ce27a699e96c930b (diff)
download	samba-a9cb3031bcba1e4f39c71e4e09508e4eec0e833e.tar.gz