summaryrefslogtreecommitdiff
path: root/libgpo
Commit message (Collapse)AuthorAgeFilesLines
* lib: gpo: Put enforced GPOs at the end of the list.Lutz Justen2017-10-251-8/+57
| | | | | | | | | | | | | | | | Enforced GPOs should be applied on top of all non-enforced GPOs, so that they override policies set in non-enforced GPOs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen <ljusten@google.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Sat Sep 23 05:25:19 CEST 2017 on sn-devel-144 (cherry picked from commit 5f2576a9af4f3c33121ad2b27a621b5f3bb34374)
* lib: gpo: Fixes issue with GPOPTIONS_BLOCK_INHERITANCE.Lutz Justen2017-10-251-63/+77
| | | | | | | | | | | | | | GP links with the GPOPTIONS_BLOCK_INHERITANCE option set were blocking GPOs from the same link (i.e. an OU with the flag set would block its own GPOs). This patch makes sure the GPOs from the link are added to the list. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen <ljusten@google.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 69410c0a02f7b4d7d20eadf4b4fda8ea064e4a0e)
* lib: gpo: Changes order to match GPO application order.Lutz Justen2017-10-251-12/+12
| | | | | | | | | | | | | | | The order of GPOs in a gpo_list generated by ads_get_gpo_list did not match the order of application. Since GPOs are pushed to the FRONT of gpo_list, GPOs have to be pushed in the opposite order of application. (Pushing to front is useful to get inheritance blocking right). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen <ljusten@google.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 6a531773b841f6b713226d1166a1e7d4dbc9b282)
* CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()Stefan Metzmacher2017-09-201-1/+1
| | | | | | | | It's important that we use a signed connection to get the GPOs! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* lib: Give util_paths.c its own headerVolker Lendecke2017-06-241-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: libgpo: Allow skipping GPO objects that don't have the expected LDAP ↵Jeremy Allison2017-03-161-6/+21
| | | | | | | | | | | | | | | | | | | | | attributes. We expect the following attributes to be present in an LDAP GPO object: displayName flags gPCFileSysPath name ntSecurityDescriptor versionNumber and fail if a result is returned without them. Change this to skip results that don't contain these attributes instead. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12695 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* libgpo: Fix error check in gp_inifile_init_context_direct()Günther Deschner2017-01-201-2/+2
| | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: allow empty values in gp inifile parsing code.Günther Deschner2017-01-061-4/+5
| | | | | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jan 6 16:16:02 CET 2017 on sn-devel-144
* libgpo: default to empty values if none are thereGünther Deschner2017-01-061-1/+1
| | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: deal with non utf16-le ini files.Günther Deschner2017-01-061-14/+18
| | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: apply some const.Günther Deschner2017-01-062-7/+7
| | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: add gp_inifile_enum_section()Günther Deschner2017-01-062-0/+79
| | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: add gp_inifile_init_context_direct()Günther Deschner2017-01-062-1/+56
| | | | | | | | | | This varient ignores the group policy flags and does not try to find the right unix path. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in ↵Günther Deschner2016-09-281-2/+2
| | | | | | | | | libgpo/gpext/gpext.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: accept more boolean matches in gp_inifile_getbool().Günther Deschner2016-09-111-2/+4
| | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libgpo: Correctly use the 'server' parameter after parsing it out of the GPO ↵Jeremy Allison2016-08-101-1/+1
| | | | | | | | | path. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12135 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* libgpo: Fix compiler errors when building with --address-sanitizerAndrew Bartlett2016-06-161-1/+1
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* Fix various spelling errorsMathieu Parent2015-11-061-1/+1
| | | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 6 13:43:45 CET 2015 on sn-devel-104
* samba: pass down size_t instead of int to add_string_to_array().Günther Deschner2014-11-171-1/+1
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Mon Nov 17 19:53:22 CET 2014 on sn-devel-104
* libgpo: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-1/+7
| | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Remove a number of NT_STATUS_HAVE_NO_MEMORY_AND_FREE macros from the codebase.Garming Sam2014-03-051-8/+32
| | | | | | | | | | | Following the current coding guidelines, it is considered bad practice to return from within a macro and change control flow as they look like normal function calls. Change-Id: I133eb5a699757ae57b87d3bd3ebbcf5b556b0268 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: apply some const.Günther Deschner2014-01-075-13/+13
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Jan 7 18:52:42 CET 2014 on sn-devel-104
* libgpo: only use libgpo/gpext/gpext.h where really needed.Günther Deschner2014-01-072-2/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: allow to pass down a list of deleted GPOs in gpo_process_gpo_list().Günther Deschner2014-01-072-4/+6
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove some unused code and remove that important FIXME note.Günther Deschner2014-01-071-93/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: directly call gpext_process_extension() from gpo_process_gpo_list.Günther Deschner2014-01-071-41/+5
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: implement CSE filtering in gpext_process_extension().Günther Deschner2014-01-073-6/+18
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove gpext_process_gpo_list_with_extension in favor of ↵Günther Deschner2014-01-072-19/+0
| | | | | | | | | | | gpext_process_extension. gpext_preocess_extension properly deals with GPO lists now. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove extension_guid and snapin_guid (the tool guid) from the ↵Günther Deschner2014-01-072-6/+2
| | | | | | | | | process callback. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: allow to pass down deleted and changed gpo list to CSE plugins.Günther Deschner2014-01-073-39/+71
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo/gpext: add new gpext_check_gpo_for_gpext_presence() helper function.Günther Deschner2014-01-071-0/+46
| | | | | | | | | It will be used to inspect single members of a gpo list for the presence of a CSE guid. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: add gpo_copy().Günther Deschner2014-01-072-0/+55
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: make gpo_get_gp_ext_from_gpo public.Günther Deschner2014-01-072-4/+8
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: make gpo_process_a_gpo() static to the util code.Günther Deschner2014-01-072-12/+6
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove unused gp_registry_entry2 struct.Günther Deschner2014-01-071-7/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove ads reference from dump calls and make them take const structs.Günther Deschner2014-01-073-41/+19
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: prefix some more calls with gpext_.Günther Deschner2014-01-073-50/+51
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: rename debug_gpext_header to gpext_debug_header.Günther Deschner2014-01-072-2/+2
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove unused process_group_policy2 callback from CSE module API.Günther Deschner2013-12-181-6/+0
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Dec 18 16:45:20 CET 2013 on sn-devel-104
* libgpo: remove some unnecessary usage of ADS_STATUS.Günther Deschner2013-12-182-43/+43
| | | | | | | | | Use NTSTATUS instead. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove unrequired references to ads_struct.Günther Deschner2013-12-182-12/+7
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: clean up CSE api, remove unrequired references to ads_struct.Günther Deschner2013-12-183-7/+5
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: clean up CSE module api, remove unrequired references to ads_struct.Günther Deschner2013-12-182-6/+3
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: support probing for parameters in gp_inifile_get functions.Günther Deschner2013-12-181-4/+12
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: check for talloc failures in ini file parsing routines.Günther Deschner2013-12-181-0/+18
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: add gp_inifile_getbool().Günther Deschner2013-12-122-0/+25
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: fix segfault in gpo_process_gpo_list().Günther Deschner2013-12-121-6/+4
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove use of deprecated talloc functions.Günther Deschner2013-12-121-10/+15
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: remove unused libgpo wscript_build.Günther Deschner2013-12-121-8/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libgpo: use existing connection to the ds for the sysvol queries.Günther Deschner2013-12-121-1/+2
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
View Lorry Controller Status