[SCM] Samba Shared Repository - branch master updated

Jelmer Vernooij jelmer at samba.org
Sun Jun 20 09:19:54 MDT 2010


The branch, master has been updated
       via  52307a1... libpolicy: Fix the build.
       via  e18a172... Add preliminary support for storing changed Group Policies.
       via  0413322... Refactor policy filesystem code.
       via  b9b85d6... Fix memory allocation with error handling.
       via  9b5e0fe... Add talloc_frees in error cases in net_gpo.c
       via  c09922c... Code cleanups: GUID generation, lp_dnsdomain instead of lp_realm, missing spaces.
       via  5c2c8df... Set inherit flag type to bool.
       via  d61f024... Fix 'magic' numbers to be strlen(something)
       via  e86ef68... Change talloc_steal to strdup because function might not expect it.
       via  674d559... Add GP ini functions.
       via  3fe793f... Remove iconv convenience in used functions, which were deleted in commit f9ca9e46ad24036bf00cb361a6cef4b2e7e98d7d
       via  e1f2217... Fix net gpo list to use the dsdb with extended DN's. Fixes memberOf group memberships.
       via  3895b8f... Revert "Add old functionality back which was removed in commit 589a42e2."
       via  8f74ee0... Add ini parser for GPO's.
       via  c36bd5d... Add net gpo setacl support. Create gp_set_acl function. Show ACL in net gpo show.
       via  5434171... Fix set GPT security descriptor to match windows' behaviour.
       via  31aeddf... Fix crash when get_gpo_info returns incorrect data.
       via  299531c... Add preliminary NT ACL support for GPT (GPO on filesystem).
       via  60bc5fe... samba4: Add python bindings for samba.policy.get_gplink_options.
       via  381e824... policy: Add samba.policy.get_gpo_flags binding.
       via  41fae89... Add gpo create functionality. Also fix gPLink handling bugs
       via  32ee6f8... Fix mode_t in mkdir.
       via  2941d2e... Finish net gpo fetch function. Reorder arguments to make them more understandable. Rename getgpo to show.
       via  2b761c3... Optimize the backslash logic in the path traversal.
       via  f24f472... Fix error in logic, making recursion work past the first level.
       via  3b11a53... Add fetch function for GPO which fetches all relevant files from the sysvol share.
       via  6981448... Add getinheritance and setinheritance to net gpo util and library.
       via  a4cb727... Implemented delete group policy link function and corresponding feature in net gpo.
       via  f0353fd... Changed add_gplink to set_gplink, so we can change gPLink options as well.
       via  40d7181... Add add gPLink function and corresponding net gpo linkadd call.
       via  a1fceac... Rename files to reflect the libpolicy naming convention. Also fix the GNU make build.
       via  b025715... Rename libgpo to lib/policy to avoid confusion with samba3 and add waf build
       via  626db5c... Add old functionality back which was removed in commit 589a42e2.
       via  08a7bb4... Add gpo list function for listing applicable GPO's for users/machines.
       via  6478a1e... Add gPLink and getgpo functionality to net gpo.
       via  8d5f8f5... Created net gpo and new libgpo for samba 4. This adds the init function which finds a DC and connects to its LDAP. It also can return information on all group policy objects on a DC.
      from  cfee179... s3: Attempt to fix the build on NetBSD

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 52307a11e1f0019f8fbdcce51676282aee21aa39
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Jun 20 15:50:12 2010 +0200

    libpolicy: Fix the build.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit e18a172207b433a3f027541d4d5e98cea73dbcb6
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon Jun 7 15:21:53 2010 +0200

    Add preliminary support for storing changed Group Policies.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 04133225c1c3ab53191da50cae39f2019e7f7f01
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Tue May 25 01:21:45 2010 +0200

    Refactor policy filesystem code.
    
     * It now uses reusable code to download the GPT.
     * It creates a list before copying for better error handling.
     * String_replace is now used instead of manually replacing '\\' with '/'
       for local paths.
     * A security check has been added for file names with "../".
     * It adheres to the 80 column rule, if at all possible.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit b9b85d6b0e23e042d60c83fef477fd4006a20c14
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon May 24 21:36:49 2010 +0200

    Fix memory allocation with error handling.
    
    Also moved pypolicy.c headers around so as not to generate compile warnings
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 9b5e0fe6bb363aaaba513b0604476616d6cc9fd8
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon May 24 20:11:15 2010 +0200

    Add talloc_frees in error cases in net_gpo.c
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit c09922cfae1364f2ce8736ae59053805a337658b
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon May 24 20:05:42 2010 +0200

    Code cleanups: GUID generation, lp_dnsdomain instead of lp_realm, missing spaces.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 5c2c8dfc5a90eddcaab2d78379d898a00e865ec2
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon May 24 19:56:07 2010 +0200

    Set inherit flag type to bool.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit d61f0240eefc3c96a36c16a9bf83167eb01dfe94
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon May 24 19:53:12 2010 +0200

    Fix 'magic' numbers to be strlen(something)
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit e86ef688ee4c65fc5dd06910fd61222c195c1dc9
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon May 24 19:47:27 2010 +0200

    Change talloc_steal to strdup because function might not expect it.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 674d559f37a1e553be3e01ade04936ff9662baa3
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon May 24 17:07:48 2010 +0200

    Add GP ini functions.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 3fe793fce7060c785576bb5f3d7039df60bc7b1d
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri May 21 23:51:28 2010 +0200

    Remove iconv convenience in used functions, which were deleted in commit f9ca9e46ad24036bf00cb361a6cef4b2e7e98d7d
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit e1f22174e172971ef8b0460da076a138b1fa73e4
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri May 21 23:49:45 2010 +0200

    Fix net gpo list to use the dsdb with extended DN's. Fixes memberOf group memberships.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 3895b8fbf84764ff603af91644198e518af97e74
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri May 21 14:56:15 2010 +0200

    Revert "Add old functionality back which was removed in commit 589a42e2."
    
    This reverts commit 94e3b4a0d8b714c101803886d60ae6c484740d2f.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 8f74ee01d9bb93872c5cd5471084c8bd2da0d17f
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri May 21 14:41:02 2010 +0200

    Add ini parser for GPO's.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit c36bd5de6a479b87baeb1632af2304c049079703
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Thu May 20 16:56:40 2010 +0200

    Add net gpo setacl support. Create gp_set_acl function. Show ACL in net gpo show.
    
    Cleanup memory allocation of gp_create_gpo
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 5434171296e33ffe493995589ae41b123a12d9aa
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Wed May 19 18:58:54 2010 +0200

    Fix set GPT security descriptor to match windows' behaviour.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 31aeddfa4354cbf0e0b562d0dcfe1f41cd95e0f9
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Wed May 19 18:31:19 2010 +0200

    Fix crash when get_gpo_info returns incorrect data.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 299531ce327340937e72530a96991c33fcd48e48
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Wed May 19 17:22:48 2010 +0200

    Add preliminary NT ACL support for GPT (GPO on filesystem).
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 60bc5fe0ed1aae43c3931eae2a765dae765c85e5
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Thu May 6 11:16:27 2010 +0200

    samba4: Add python bindings for samba.policy.get_gplink_options.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 381e82465842c7d1195ca81db40a0c5d9f9e9c57
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Thu May 6 11:10:21 2010 +0200

    policy: Add samba.policy.get_gpo_flags binding.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 41fae89daf41128debbef4097e8646596441adfb
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Thu May 6 18:42:14 2010 +0200

    Add gpo create functionality. Also fix gPLink handling bugs
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 32ee6f8cfddefff92e59e230c5920afec16ffd7d
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Wed May 5 10:12:20 2010 +0200

    Fix mode_t in mkdir.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 2941d2ebc353f16b6eb63985a8a71f454f16212e
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Wed Apr 28 11:34:31 2010 +0200

    Finish net gpo fetch function. Reorder arguments to make them more understandable. Rename getgpo to show.
    
    This makes the net gpo break for it's samba 3 origins, but makes the syntax more intuitive.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 2b761c3defdadb2566a23ce58e62b9571c02ed25
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Wed Apr 28 11:27:43 2010 +0200

    Optimize the backslash logic in the path traversal.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit f24f472d445f67654126fc5de6b680709f2fe843
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Tue Apr 27 22:41:25 2010 +0200

    Fix error in logic, making recursion work past the first level.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 3b11a53304df29ebe2f2bfdeb5a6f0bf66553013
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Tue Apr 27 21:06:11 2010 +0200

    Add fetch function for GPO which fetches all relevant files from the sysvol share.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 698144851a07f66e7b786f5e1eb08d4670ddb619
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Mon Apr 26 17:26:51 2010 +0200

    Add getinheritance and setinheritance to net gpo util and library.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit a4cb72790cfc8f267f8574de3eea8634aed62e57
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri Apr 23 19:12:01 2010 +0200

    Implemented delete group policy link function and corresponding feature in net gpo.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit f0353fddde4a0b8aab448db779cc2c1cc419b4a0
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri Apr 23 18:10:43 2010 +0200

    Changed add_gplink to set_gplink, so we can change gPLink options as well.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 40d71815072b5258cbe3ed0f1de62be68625e25e
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri Apr 23 17:31:21 2010 +0200

    Add add gPLink function and corresponding net gpo linkadd call.
    
    Also added some definitions for future functions in policy.h
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit a1fceac844a0a7690ab985fa08e6a08127e770bf
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri Apr 23 11:58:26 2010 +0200

    Rename files to reflect the libpolicy naming convention. Also fix the GNU make build.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit b02571541998f2698a92be8729f4f0da869a0f99
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri Apr 23 11:53:04 2010 +0200

    Rename libgpo to lib/policy to avoid confusion with samba3 and add waf build
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 626db5c3b5854a895b79ab186a36d1b5cbb769b5
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri Apr 23 11:10:11 2010 +0200

    Add old functionality back which was removed in commit 589a42e2.
    
    Andrew, please review!
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 08a7bb4abc6e59bc109ac38c164ad3f0b63b2439
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Fri Apr 23 09:32:01 2010 +0200

    Add gpo list function for listing applicable GPO's for users/machines.
    
    Implements:
     * Hierarchical listing through all parent containers
     * security ACL checking on the GPO
     * User/computer disabled flags on the GPO
     * gPLink disabled
     * gPLink enforced
     * Block inheritance on the container
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 6478a1edb70a60cfd318292478781a665b022887
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Wed Apr 7 21:22:36 2010 +0200

    Add gPLink and getgpo functionality to net gpo.
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

commit 8d5f8f577f2e906cd80a6a11b76114922182cb99
Author: Wilco Baan Hofman <wilco at baanhofman.nl>
Date:   Tue Apr 6 20:15:38 2010 +0200

    Created net gpo and new libgpo for samba 4. This adds the init function which finds a DC and connects to its LDAP. It also can return information on all group policy objects on a DC.
    
    Aborted earlier attempt at reconciliation with samba 3.
    Did not work out due to lack of ldb support in samba 3, also the
    different registry libraries and different libnet did not help..
    
    Signed-off-by: Jelmer Vernooij <jelmer at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source4/Makefile.in                         |    4 +-
 source4/configure.ac                        |    1 +
 source4/lib/policy/config.mk                |    6 +
 source4/lib/policy/gp_filesys.c             |  645 +++++++++++++++++
 source4/lib/policy/gp_ini.c                 |  133 ++++
 source4/lib/policy/gp_ldap.c                | 1036 +++++++++++++++++++++++++++
 source4/lib/policy/gp_manage.c              |  295 ++++++++
 source4/lib/policy/policy.h                 |  127 ++++
 source4/lib/policy/policy.pc.in             |   12 +
 source4/lib/policy/pypolicy.c               |  133 ++++
 source4/lib/policy/tests/python/bindings.py |   35 +
 source4/lib/policy/wscript_build            |   15 +
 source4/libgpo/ads_convenience.c            |  284 --------
 source4/libgpo/ads_convenience.h            |  103 ---
 source4/libgpo/gpo_filesync.c               |  241 -------
 source4/libgpo/gpo_s4.h                     |   40 -
 source4/main.mk                             |    2 +-
 source4/selftest/tests.sh                   |    1 +
 source4/utils/net/config.mk                 |    4 +-
 source4/utils/net/net.c                     |    1 +
 source4/utils/net/net_gpo.c                 |  618 ++++++++++++++++
 source4/utils/net/wscript_build             |    4 +-
 source4/wscript_build                       |    2 +-
 23 files changed, 3067 insertions(+), 675 deletions(-)
 create mode 100644 source4/lib/policy/config.mk
 create mode 100644 source4/lib/policy/gp_filesys.c
 create mode 100644 source4/lib/policy/gp_ini.c
 create mode 100644 source4/lib/policy/gp_ldap.c
 create mode 100644 source4/lib/policy/gp_manage.c
 create mode 100644 source4/lib/policy/policy.h
 create mode 100644 source4/lib/policy/policy.pc.in
 create mode 100644 source4/lib/policy/pypolicy.c
 create mode 100644 source4/lib/policy/tests/python/bindings.py
 create mode 100644 source4/lib/policy/wscript_build
 delete mode 100644 source4/libgpo/ads_convenience.c
 delete mode 100644 source4/libgpo/ads_convenience.h
 delete mode 100644 source4/libgpo/gpo_filesync.c
 delete mode 100644 source4/libgpo/gpo_s4.h
 create mode 100644 source4/utils/net/net_gpo.c


Changeset truncated at 500 lines:

diff --git a/source4/Makefile.in b/source4/Makefile.in
index 40ea286..40f35e0 100644
--- a/source4/Makefile.in
+++ b/source4/Makefile.in
@@ -46,7 +46,7 @@ ALL_PREDEP = basics
 .NOTPARALLEL:
 endif
 
-base_srcdirs = $(srcdir) ../librpc/ ../lib/ ../libcli ../libgpo ../nsswitch ../libds
+base_srcdirs = $(srcdir) ../librpc/ ../lib/ ../libcli ../nsswitch ../libds
 
 include $(srcdir)/build/make/rules.mk
 include $(srcdir)/build/make/python.mk
@@ -109,7 +109,7 @@ ntp_signdsrcdir := ntp_signd
 wmisrcdir := lib/wmi
 tallocsrcdir := ../lib/talloc
 comsrcdir := $(srcdir)/lib/com
-libgpodir := libgpo
+policydir := lib/policy
 
 include data.mk
 
diff --git a/source4/configure.ac b/source4/configure.ac
index acc0a8a..91d7a3b 100644
--- a/source4/configure.ac
+++ b/source4/configure.ac
@@ -34,6 +34,7 @@ m4_include(../nsswitch/nsstest.m4)
 m4_include(../pidl/config.m4)
 
 AC_CONFIG_FILES(lib/registry/registry.pc)
+AC_CONFIG_FILES(lib/policy/policy.pc)
 AC_CONFIG_FILES(librpc/dcerpc.pc)
 AC_CONFIG_FILES(../librpc/ndr.pc)
 AC_CONFIG_FILES(../librpc/ndr_standard.pc)
diff --git a/source4/lib/policy/config.mk b/source4/lib/policy/config.mk
new file mode 100644
index 0000000..bc87644
--- /dev/null
+++ b/source4/lib/policy/config.mk
@@ -0,0 +1,6 @@
+[SUBSYSTEM::policy]
+PRIVATE_DEPENDENCIES = LIBLDB LIBSAMBA-NET
+
+policy_OBJ_FILES = $(policydir)/gp_ldap.o $(policydir)/gp_filesys.c $(policydir)/gp_manage.c $(policydir)/gp_ini.c
+
+PC_FILES += $(policydir)/policy.pc
diff --git a/source4/lib/policy/gp_filesys.c b/source4/lib/policy/gp_filesys.c
new file mode 100644
index 0000000..78b5c33
--- /dev/null
+++ b/source4/lib/policy/gp_filesys.c
@@ -0,0 +1,645 @@
+/*
+ *  Unix SMB/CIFS implementation.
+ *  Group Policy Object Support
+ *  Copyright (C) Wilco Baan Hofman 2008-2010
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+#include "includes.h"
+#include "lib/policy/policy.h"
+#include "libcli/raw/smb.h"
+#include "libcli/libcli.h"
+#include "param/param.h"
+#include "libcli/resolve/resolve.h"
+#include "libcli/raw/libcliraw.h"
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <dirent.h>
+#include <errno.h>
+
+#define GP_MAX_DEPTH 25
+
+struct gp_file_entry {
+	bool is_directory;
+	const char *rel_path;
+};
+struct gp_file_list {
+	uint32_t num_files;
+	struct gp_file_entry *files;
+};
+struct gp_list_state {
+	struct smbcli_tree *tree;
+	uint8_t depth;
+	const char *cur_rel_path;
+	const char *share_path;
+
+	struct gp_file_list list;
+};
+
+static NTSTATUS gp_do_list(const char *, struct gp_list_state *);
+
+/* Create a temporary policy directory */
+static const char *gp_tmpdir(TALLOC_CTX *mem_ctx)
+{
+	char *gp_dir = talloc_asprintf(mem_ctx, "%s/policy", tmpdir());
+	struct stat st;
+	int rv;
+
+	if (gp_dir == NULL) return NULL;
+
+	if (stat(gp_dir, &st) != 0) {
+		rv = mkdir(gp_dir, 0755);
+		if (rv < 0) {
+			DEBUG(0, ("Failed to create directory %s: %s\n",
+					gp_dir, strerror(errno)));
+			talloc_free(gp_dir);
+			return NULL;
+		}
+	}
+
+	return gp_dir;
+}
+
+/* This function is called by the smbcli_list function */
+static void gp_list_helper (struct clilist_file_info *info, const char *mask,
+                            void *list_state_ptr)
+{
+	struct gp_list_state *state = list_state_ptr;
+	const char *rel_path;
+
+	/* Ignore . and .. directory entries */
+	if (strcmp(info->name, ".") == 0 || strcmp(info->name, "..") == 0) {
+		return;
+	}
+
+	/* Safety check against ../.. in filenames which may occur on non-POSIX
+	 * platforms */
+	if (strstr(info->name, "../")) {
+		return;
+	}
+
+	rel_path = talloc_asprintf(state, "%s\\%s", state->cur_rel_path, info->name);
+	if (rel_path == NULL) return;
+
+	/* Append entry to file list */
+	state->list.files = talloc_realloc(state, state->list.files,
+			struct gp_file_entry,
+			state->list.num_files + 1);
+	if (state->list.files == NULL) return;
+
+	state->list.files[state->list.num_files].rel_path = rel_path;
+
+	/* Directory */
+	if (info->attrib & FILE_ATTRIBUTE_DIRECTORY) {
+		state->list.files[state->list.num_files].is_directory = true;
+		state->list.num_files++;
+
+		/* Recurse into this directory if the depth is below the maximum */
+		if (state->depth < GP_MAX_DEPTH) {
+			gp_do_list(rel_path, state);
+		}
+
+		return;
+	}
+
+	state->list.files[state->list.num_files].is_directory = false;
+	state->list.num_files++;
+
+	return;
+}
+
+static NTSTATUS gp_do_list (const char *rel_path, struct gp_list_state *state)
+{
+	uint16_t attributes;
+	int rv;
+	char *mask;
+	const char *old_rel_path;
+
+	attributes = FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN |
+	             FILE_ATTRIBUTE_DIRECTORY;
+
+	/* Update the relative paths, while buffering the parent */
+	old_rel_path = state->cur_rel_path;
+	state->cur_rel_path = rel_path;
+	state->depth++;
+
+	/* Get the current mask */
+	mask = talloc_asprintf(state, "%s%s\\*", state->share_path, rel_path);
+	NT_STATUS_HAVE_NO_MEMORY(mask);
+	rv = smbcli_list(state->tree, mask, attributes, gp_list_helper, state);
+	talloc_free(mask);
+
+	/* Go back to the state of the parent */
+	state->cur_rel_path = old_rel_path;
+	state->depth--;
+
+	if (rv == -1)
+		return NT_STATUS_UNSUCCESSFUL;
+
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS gp_cli_connect(struct gp_context *gp_ctx)
+{
+	struct smbcli_options options;
+        struct smbcli_session_options session_options;
+
+	if (gp_ctx->cli != NULL)
+		return NT_STATUS_OK;
+
+	gp_ctx->cli = smbcli_state_init(gp_ctx);
+
+	lp_smbcli_options(gp_ctx->lp_ctx, &options);
+	lp_smbcli_session_options(gp_ctx->lp_ctx, &session_options);
+
+
+	return smbcli_full_connection(gp_ctx,
+			&gp_ctx->cli,
+			gp_ctx->active_dc.name,
+			lp_smb_ports(gp_ctx->lp_ctx),
+			"sysvol",
+			NULL,
+			lp_socket_options(gp_ctx->lp_ctx),
+			gp_ctx->credentials,
+			lp_resolve_context(gp_ctx->lp_ctx),
+			gp_ctx->ev_ctx,
+			&options,
+			&session_options,
+			lp_gensec_settings(gp_ctx, gp_ctx->lp_ctx));
+
+	return NT_STATUS_OK;
+}
+
+static char * gp_get_share_path(TALLOC_CTX *mem_ctx, const char *file_sys_path)
+{
+	unsigned int i, bkslash_cnt;
+
+	/* Get the path from the share down (\\..\..\(this\stuff) */
+	for (i = 0, bkslash_cnt = 0; file_sys_path[i] != '\0'; i++) {
+		if (file_sys_path[i] == '\\')
+			bkslash_cnt++;
+
+		if (bkslash_cnt == 4) {
+			return talloc_strdup(mem_ctx, &file_sys_path[i]);
+		}
+	}
+
+	return NULL;
+}
+
+static NTSTATUS gp_get_file (struct smbcli_tree *tree, const char *remote_src,
+                             const char *local_dst)
+{
+	int fh_remote, fh_local;
+	uint8_t *buf;
+	size_t nread = 0;
+	size_t buf_size = 1024;
+	size_t file_size;
+	uint16_t attr;
+
+	/* Open the remote file */
+	fh_remote = smbcli_open(tree, remote_src, O_RDONLY, DENY_NONE);
+	if (fh_remote == -1) {
+		DEBUG(0, ("Failed to open remote file: %s\n", remote_src));
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	/* Open the local file */
+	fh_local = open(local_dst, O_WRONLY | O_CREAT | O_TRUNC, 0644);
+	if (fh_local == -1) {
+		DEBUG(0, ("Failed to open local file: %s\n", local_dst));
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	/* Get the remote file size for error checking */
+	if (NT_STATUS_IS_ERR(smbcli_qfileinfo(tree, fh_remote,
+				&attr, &file_size, NULL, NULL, NULL, NULL, NULL)) &&
+			NT_STATUS_IS_ERR(smbcli_getattrE(tree, fh_remote,
+				&attr, &file_size, NULL, NULL, NULL))) {
+		DEBUG(0, ("Failed to get remote file size: %s\n", smbcli_errstr(tree)));
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	buf = talloc_zero_array(tree, uint8_t, buf_size);
+	NT_STATUS_HAVE_NO_MEMORY(buf);
+
+	/* Copy the contents of the file */
+	while (1) {
+		int n = smbcli_read(tree, fh_remote, buf, nread, buf_size);
+
+		if (n <= 0) {
+			break;
+		}
+
+		if (write(fh_local, buf, n) != n) {
+			DEBUG(0, ("Short write while copying file.\n"));
+			talloc_free(buf);
+			return NT_STATUS_UNSUCCESSFUL;
+		}
+		nread += n;
+	}
+
+	/* Bytes read should match the file size, or the copy was incomplete */
+	if (nread != file_size) {
+		DEBUG(0, ("Remote/local file size mismatch after copying file: "
+		          "%s (remote %ld, local %ld).\n",
+		          remote_src, file_size, nread));
+		talloc_free(buf);
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	/* Close the files */
+	smbcli_close(tree, fh_remote);
+	close(fh_local);
+
+	talloc_free(buf);
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS gp_get_files(struct smbcli_tree *tree, const char *share_path,
+                             const char *local_path, struct gp_file_list *list)
+{
+	uint32_t i;
+	int rv;
+	char *local_rel_path, *full_local_path, *full_remote_path;
+	TALLOC_CTX *mem_ctx;
+	NTSTATUS status;
+
+	mem_ctx = talloc_new(tree);
+	NT_STATUS_HAVE_NO_MEMORY(mem_ctx);
+
+	for (i = 0; i < list->num_files; i++) {
+
+		/* Get local path by replacing backslashes with slashes */
+		local_rel_path = talloc_strdup(mem_ctx, list->files[i].rel_path);
+		NT_STATUS_HAVE_NO_MEMORY_AND_FREE(local_rel_path, mem_ctx);
+		string_replace(local_rel_path, '\\', '/');
+
+		full_local_path = talloc_asprintf(mem_ctx, "%s%s", local_path,
+				local_rel_path);
+		NT_STATUS_HAVE_NO_MEMORY_AND_FREE(full_local_path, mem_ctx);
+
+		/* If the entry is a directory, create it. */
+		if (list->files[i].is_directory == true) {
+			rv = mkdir(full_local_path, 0755);
+			if (rv < 0) {
+				DEBUG(0, ("Failed to create directory %s: %s\n",
+						full_local_path, strerror(errno)));
+				talloc_free(mem_ctx);
+				return NT_STATUS_UNSUCCESSFUL;
+			}
+			continue;
+		}
+
+		full_remote_path = talloc_asprintf(mem_ctx, "%s%s", share_path,
+				list->files[i].rel_path);
+		NT_STATUS_HAVE_NO_MEMORY_AND_FREE(full_remote_path, mem_ctx);
+
+		/* Get the file */
+		status = gp_get_file(tree, full_remote_path, full_local_path);
+		if (!NT_STATUS_IS_OK(status)) {
+			DEBUG(0, ("Error getting file.\n"));
+			talloc_free(mem_ctx);
+			return status;
+		}
+	}
+
+	return NT_STATUS_OK;
+}
+
+NTSTATUS gp_fetch_gpt (struct gp_context *gp_ctx, struct gp_object *gpo,
+                       const char **ret_local_path)
+{
+	TALLOC_CTX *mem_ctx;
+	struct gp_list_state *state;
+	NTSTATUS status;
+	struct stat st;
+	int rv;
+	const char *local_path, *share_path;
+
+	/* Create a forked memory context, as a base for everything here */
+	mem_ctx = talloc_new(gp_ctx);
+	NT_STATUS_HAVE_NO_MEMORY(mem_ctx);
+
+	if (gp_ctx->cli == NULL) {
+		status = gp_cli_connect(gp_ctx);
+		if (!NT_STATUS_IS_OK(status)) {
+			DEBUG(0, ("Failed to create cli connection to DC\n"));
+			talloc_free(mem_ctx);
+			return status;
+		}
+	}
+
+	/* Get the remote path to copy from */
+	share_path = gp_get_share_path(mem_ctx, gpo->file_sys_path);
+	NT_STATUS_HAVE_NO_MEMORY_AND_FREE(share_path, mem_ctx);
+
+	/* Get the local path to copy to */
+	local_path = talloc_asprintf(gp_ctx, "%s/%s", gp_tmpdir(mem_ctx), gpo->name);
+	NT_STATUS_HAVE_NO_MEMORY_AND_FREE(local_path, mem_ctx);
+
+	/* Prepare the state structure */
+	state = talloc_zero(mem_ctx, struct gp_list_state);
+	NT_STATUS_HAVE_NO_MEMORY_AND_FREE(state, mem_ctx);
+
+	state->tree = gp_ctx->cli->tree;
+	state->share_path = share_path;
+
+	/* Create the GPO dir if it does not exist */
+	if (stat(local_path, &st) != 0) {
+		rv = mkdir(local_path, 0755);
+		if (rv < 0) {
+			DEBUG(0, ("Could not create local path\n"));
+			talloc_free(mem_ctx);
+			return NT_STATUS_UNSUCCESSFUL;
+		}
+	}
+
+	/* Get the file list */
+	status = gp_do_list("", state);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0, ("Could not list GPO files on remote server\n"));
+		talloc_free(mem_ctx);
+		return status;
+	}
+
+	/* If the list has no entries there is a problem. */
+	if (state->list.num_files == 0) {
+		DEBUG(0, ("File list is has no entries. Is the GPT directory empty?\n"));
+		talloc_free(mem_ctx);
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	/* Fetch the files */
+	status = gp_get_files(gp_ctx->cli->tree, share_path, local_path, &state->list);
+
+	/* Return the local path to the gpo */
+	*ret_local_path = local_path;
+
+	talloc_free(mem_ctx);
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS push_recursive (struct gp_context *gp_ctx, const char *local_path,
+                                const char *remote_path, int depth)
+{
+	DIR *dir;
+	struct dirent *dirent;
+	char *entry_local_path;
+	char *entry_remote_path;
+	int local_fd, remote_fd;
+	int buf[1024];
+	int nread, total_read;
+
+	dir = opendir(local_path);
+	while ((dirent = readdir(dir)) != NULL) {
+		if (strcmp(dirent->d_name, ".") == 0 ||
+				strcmp(dirent->d_name, "..") == 0) {
+			continue;
+		}
+
+		entry_local_path = talloc_asprintf(gp_ctx, "%s/%s", local_path,
+		                                   dirent->d_name);
+		NT_STATUS_HAVE_NO_MEMORY(entry_local_path);
+
+		entry_remote_path = talloc_asprintf(gp_ctx, "%s\\%s",
+		                                    remote_path, dirent->d_name);
+		NT_STATUS_HAVE_NO_MEMORY(entry_remote_path);
+
+		if (dirent->d_type == DT_DIR) {
+			DEBUG(6, ("Pushing directory %s to %s on sysvol\n",
+			          entry_local_path, entry_remote_path));
+			smbcli_mkdir(gp_ctx->cli->tree, entry_remote_path);
+			if (depth < GP_MAX_DEPTH) {
+				push_recursive(gp_ctx, entry_local_path,
+				               entry_remote_path, depth+1);
+			}
+		} else {
+			DEBUG(6, ("Pushing file %s to %s on sysvol\n",
+			          entry_local_path, entry_remote_path));
+			remote_fd = smbcli_open(gp_ctx->cli->tree,
+			                        entry_remote_path,
+			                        O_WRONLY | O_CREAT,
+			                        0);
+			if (remote_fd < 0) {
+				talloc_free(entry_local_path);
+				talloc_free(entry_remote_path);
+				DEBUG(0, ("Failed to create remote file: %s\n",
+				          entry_remote_path));
+				return NT_STATUS_UNSUCCESSFUL;
+			}
+			local_fd = open(entry_local_path, O_RDONLY);
+			if (local_fd < 0) {
+				talloc_free(entry_local_path);
+				talloc_free(entry_remote_path);
+				DEBUG(0, ("Failed to open local file: %s\n",
+				          entry_local_path));


-- 
Samba Shared Repository


More information about the samba-cvs mailing list