summaryrefslogtreecommitdiff
path: root/libgpo
Commit message (Collapse)AuthorAgeFilesLines
* make some auth functions return an NTSTATUS like other similar functions for ↵Kristján Valur2019-04-021-4/+7
| | | | | | | | | | | better diagnostics. Signed-off-by: Kristján Valur <kristjan@rvx.is> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Apr 2 02:12:48 UTC 2019 on sn-devel-144
* build: Remove bld.gen_python_environments()Andrew Bartlett2019-03-211-6/+5
| | | | | | | This was part of --extra-python support. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* pygpo: take ownership of password pointerKristján Valur2019-03-071-3/+3
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org> Autobuild-User(master): Noel Power <npower@samba.org> Autobuild-Date(master): Thu Mar 7 15:08:19 UTC 2019 on sn-devel-144
* pygpo: Safer handling of memory for ads_ptr.Kristján Valur2019-03-071-27/+37
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* pygpo: Fix module initialization.Kristján Valur2019-03-071-16/+19
| | | | | | | | | | | | | * Add reference count to type. * Add error checking. * Remove unnecessary tp_new method. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* pygpo: keep a reference to python credentials in the ADS struct to keep the ↵Kristján Valur2019-03-071-5/+8
| | | | | | | | | internal pointer valid. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* pygpo: More python exception cleanup.Kristján Valur2019-03-071-52/+51
| | | | | | | | | | | | | | | * Don't override existing exceptions. * Careful with talloc contexts. * Return NULL on error. * Add more information to exception messages from internal functions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* pygpo: Fix error handing when getting gpo unix path.Kristján Valur2019-03-071-6/+4
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* pygpo: Proper exception exit in py_ads_connect().Kristján Valur2019-03-071-17/+18
| | | | | | | | | connect() now succeeds or raises an exception. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* pygpo: Replace the use of SystemError with RuntimeError.Kristján Valur2019-03-071-12/+12
| | | | | | | | | SystemError is reserved for internal errors in the interpreter. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13822 Signed-off-by: Kristján Valur Jónsson <kristjan@rvx.is> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* utils:libgpo: re-add libgpo as library, it should not be part of gpextGünther Deschner2019-01-281-4/+11
| | | | | | | | | | | It was initially removed in 78fd02cf31dfe72d596030f342aebefba1e72263 but is needed by the inf file parsing. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Bjoern Jacke <bjacke@samba.org>
* libgpo: remove 404 link in commentDouglas Bagnall2019-01-281-1/+0
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove duplicate entry in value tableDouglas Bagnall2019-01-281-4/+0
| | | | | | | previously added a few lines up. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: Use C99 initializer for gp_extension_reg_tableAndreas Schneider2019-01-281-18/+69
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* Fix typos and ban the rams from sambatdb-1.3.17Swen Schillig2019-01-101-2/+2
| | | | | | Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
* libgpo: Use dom_sid_str_bufVolker Lendecke2018-12-111-4/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: Align integer typesVolker Lendecke2018-11-271-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: Use dom_sid_str_bufVolker Lendecke2018-11-271-3/+15
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: Make sure status is intializedAndreas Schneider2018-11-141-1/+1
| | | | | | | | | Found by cppcheck. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libgpo: Use dom_sid_str_bufVolker Lendecke2018-11-091-11/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Pass mem_ctx to cache_path()Volker Lendecke2018-08-171-1/+1
| | | | | | | | | | | Fix a confusing API: Many places TALLOC_FREE the path where it's not clear you have to do it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Aug 17 14:28:51 CEST 2018 on sn-devel-144
* pygpo: Fix a talloc_tos() leak in py_gpo_get_unix_pathVolker Lendecke2018-08-171-4/+3
| | | | | | | | | | | | | | cache_path() implicitly puts its result on talloc_tos(). As in py_gpo_get_unix_path the talloc_stackframe() is only created after the cache_path() call, we leak the result of cache_path() on talloc_tos() (which might or might not exist). This converts the function to the pattern used elsewhere: Create the stackframe as the very first action and remove it as the very last action in the function. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* python.gpo.ADS_STRUCT: check type of loadparm argumentDouglas Bagnall2018-05-031-1/+8
| | | | | | | And add a test showning the segfault. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* wscript_build: make sure we link extra-python versions of librariesNoel Power2018-04-131-2/+3
| | | | | | Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* libgpo: gpo_copy_file() shouldn't explicitly call smb1David Mulder2018-04-121-1/+1
| | | | | | | | | | | Don't call cli_openx directly to open a file this calls smb1 code explicitly, which fails if we did a multi-protocol negotiate and negotiated smb2+. Use the higher level cli_open() instead. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pygpo: Fix CID 1422263 Resource leakVolker Lendecke2018-04-041-2/+1
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libgpo: port samba.gpo to python3David Mulder2018-03-232-13/+26
| | | | | | Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* libgpo: Add FALL_THROUGH statements in gpo_sec.cAndreas Schneider2018-03-011-2/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libgpo: Fix the build --without-adsVolker Lendecke2018-02-061-0/+5
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Tue Feb 6 15:36:01 CET 2018 on sn-devel-144
* libgpo: Remedy some longer linesGarming Sam2017-12-151-23/+41
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: Tidy up some if statementsGarming Sam2017-12-151-16/+32
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: typo credentaials -> credentialsGarming Sam2017-12-151-1/+1
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: Always check for ldap_server argumentGarming Sam2017-12-151-1/+3
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: Fix CID 1422263 Resource leakVolker Lendecke2017-11-221-0/+2
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Nov 22 02:03:17 CET 2017 on sn-devel-144
* libgpo: Fix CID 1422262 Explicit null dereferencedVolker Lendecke2017-11-211-1/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Fix formating of sources to be less than 80 linesGarming Sam2017-11-211-28/+58
| | | | | | | | | Signed-off-by: David Mulder <dmulder@suse.com> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Tue Nov 21 01:51:59 CET 2017 on sn-devel-144
* python: Convert gop.GROUP_POLICY_OBJECT to pytallocAndrew Bartlett2017-11-201-82/+51
| | | | | | | | | | | | This avoids PyCapsule calls not available in Python 2.6 We remove the __init__ function as it is useless, the object is created by py_ads_get_gpo_list() which now returns a python list rather than an iterator. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* python: Remove talloc_stackframe() held in an objectAndrew Bartlett2017-11-201-11/+15
| | | | | | | | | | talloc_stackframe() must not be held after the return from a function. If this causes warnings (talloc_tos() use without a stackframe), this must be fixed in each function. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* libgpo: Setup the stack frame in ads_connectDavid Mulder2017-11-201-0/+9
| | | | | | Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python: Remove Python 2.4 compat macroAndrew Bartlett2017-11-201-4/+0
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* python: Use py_check_dcerpc_type() to safely check for credentialsAndrew Bartlett2017-11-202-4/+16
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* pygpo: Check for errors in gpo.gpo_get_sysvol_gpt_version()Andrew Bartlett2017-11-201-1/+11
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* libgpo: Add libgpo python bindingsDavid Mulder2017-11-201-2/+387
| | | | | | | | Create libgpo python bindings for GROUP_POLICY_OBJECT, ADS_STRUCT, gpo_get_unix_path, ads_connect, and ads_get_gpo_list. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* gpo: fix the building of gpext to only onceGarming Sam2017-11-201-7/+6
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* gpo: Add python libgpo bindingsLuke Morrison2017-11-205-5/+1461
| | | | | | | | Split from "Initial commit for GPO work done by Luke Morrison" by David Mulder Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Luke Morrison <luke@hubtrek.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Revert "libgpo: remove unused libgpo wscript_build."Garming Sam2017-11-201-0/+7
| | | | | | | This reverts commit feffac806800c1740521133e88a7ac777ce8f368. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib: gpo: Put enforced GPOs at the end of the list.Lutz Justen2017-09-231-8/+57
| | | | | | | | | | | | | | Enforced GPOs should be applied on top of all non-enforced GPOs, so that they override policies set in non-enforced GPOs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen <ljusten@google.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Sat Sep 23 05:25:19 CEST 2017 on sn-devel-144
* lib: gpo: Fixes issue with GPOPTIONS_BLOCK_INHERITANCE.Lutz Justen2017-09-231-63/+77
| | | | | | | | | | | | | GP links with the GPOPTIONS_BLOCK_INHERITANCE option set were blocking GPOs from the same link (i.e. an OU with the flag set would block its own GPOs). This patch makes sure the GPOs from the link are added to the list. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen <ljusten@google.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* lib: gpo: Changes order to match GPO application order.Lutz Justen2017-09-231-12/+12
| | | | | | | | | | | | | | The order of GPOs in a gpo_list generated by ads_get_gpo_list did not match the order of application. Since GPOs are pushed to the FRONT of gpo_list, GPOs have to be pushed in the opposite order of application. (Pushing to front is useful to get inheritance blocking right). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen <ljusten@google.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()Stefan Metzmacher2017-09-201-1/+1
| | | | | | | | It's important that we use a signed connection to get the GPOs! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
View Lorry Controller Status