From: Michael Adam Date: Thu, 8 May 2008 15:44:02 +0000 (+0200) Subject: Revert "Add "registry" Group Policy extension." X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=097e911eb608016c6c25ddcf631bd3698354ecf9;p=thirdparty%2Fsamba.git Revert "Add "registry" Group Policy extension." This reverts commit 4e93301ca4931908a7d1994be45c57002f8c6fea. --- diff --git a/source/Makefile.in b/source/Makefile.in index 809c73e5b17..d1a18026775 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -103,7 +103,6 @@ NSSINFOLIBDIR = $(LIBDIR)/nss_info CHARSETLIBDIR = $(LIBDIR)/charset AUTHLIBDIR = $(LIBDIR)/auth CONFIGLIBDIR = $(LIBDIR)/config -GPEXTLIBDIR = $(LIBDIR)/gpext CONFIGDIR = @configdir@ VARDIR = @localstatedir@ MANDIR = @mandir@ @@ -234,10 +233,8 @@ IDMAP_MODULES = @IDMAP_MODULES@ CHARSET_MODULES = @CHARSET_MODULES@ AUTH_MODULES = @AUTH_MODULES@ NSS_INFO_MODULES = @NSS_INFO_MODULES@ -GPEXT_MODULES = @GPEXT_MODULES@ MODULES = $(VFS_MODULES) $(PDB_MODULES) $(RPC_MODULES) $(IDMAP_MODULES) \ - $(CHARSET_MODULES) $(AUTH_MODULES) $(NSS_INFO_MODULES) \ - $(GPEXT_MODULES) + $(CHARSET_MODULES) $(AUTH_MODULES) $(NSS_INFO_MODULES) ###################################################################### # object file lists @@ -1143,8 +1140,6 @@ nss_modules : $(NSS_MODULES) pam_modules : $(PAM_MODULES) -gpext_modules : SHOWFLAGS $(GPEXT_MODULES) - pam_smbpass : SHOWFLAGS bin/pam_smbpass.@SHLIBEXT@ pam_winbind : SHOWFLAGS bin/pam_winbind.@SHLIBEXT@ @@ -1981,10 +1976,6 @@ bin/aio_fork.@SHLIBEXT@: $(BINARY_PREREQS) $(VFS_AIO_FORK_OBJ) @echo "Building plugin $@" @$(SHLD_MODULE) $(VFS_AIO_FORK_OBJ) -bin/registry.@SHLIBEXT@: $(BINARY_PREREQS) libgpo/gpext/registry.o - @echo "Building plugin $@" - @$(SHLD_MODULE) libgpo/gpext/registry.o - ######################################################### ## IdMap NSS plugins @@ -2095,7 +2086,6 @@ installmodules: modules installdirs @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(NSSINFOLIBDIR) $(NSS_INFO_MODULES) @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(CHARSETLIBDIR) $(CHARSET_MODULES) @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(AUTHLIBDIR) $(AUTH_MODULES) - @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(GPEXTLIBDIR) $(GPEXT_MODULES) @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam.@SHLIBEXT@ @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam_compat.@SHLIBEXT@ @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ ldapsam_compat.@SHLIBEXT@ @@ -2218,7 +2208,6 @@ uninstallmodules: @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(IDMAPLIBDIR) $(IDMAP_MODULES) @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(CHARSETLIBDIR) $(CHARSET_MODULES) @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(AUTHLIBDIR) $(AUTH_MODULES) - @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(GPEXTLIBDIR) $(GPEXT_MODULES) uninstallscripts: @$(SHELL) $(srcdir)/script/uninstallscripts.sh $(INSTALLPERMS_BIN) $(DESTDIR)$(BINDIR) $(SCRIPTS) diff --git a/source/configure.in b/source/configure.in index cab4db65896..5db81b48e83 100644 --- a/source/configure.in +++ b/source/configure.in @@ -110,7 +110,6 @@ AC_SUBST(IDMAP_LIBS) AC_SUBST(KRB5_LIBS) AC_SUBST(UUID_LIBS) AC_SUBST(LDAP_LIBS) -AC_SUBST(GPEXT_LIBS) AC_SUBST(PAM_MODULES) AC_SUBST(INSTALL_PAM_MODULES) AC_SUBST(UNINSTALL_PAM_MODULES) @@ -6154,7 +6153,6 @@ SMB_MODULE(vfs_notify_fam, \$(VFS_NOTIFY_FAM_OBJ), "bin/notify_fam.$SHLIBEXT", V SMB_SUBSYSTEM(VFS,smbd/vfs.o) -SMB_MODULE(gpext_registry, libgpo/gpext/registry.o, "bin/registry.$SHLIBEXT", GPEXT) SMB_SUBSYSTEM(GPEXT, libgpo/gpext/gpext.o) AC_DEFINE_UNQUOTED(STRING_STATIC_MODULES, "$string_static_modules", [String list of builtin modules]) diff --git a/source/libgpo/gpext/registry.c b/source/libgpo/gpext/registry.c deleted file mode 100644 index 6cad8c796cd..00000000000 --- a/source/libgpo/gpext/registry.c +++ /dev/null @@ -1,634 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * Group Policy Support - * Copyright (C) Guenther Deschner 2007-2008 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see . - */ - -#include "includes.h" - -#define GP_EXT_NAME "registry" - -/* more info can be found at: - * http://msdn2.microsoft.com/en-us/library/aa374407.aspx */ - -#define GP_REGPOL_FILE "Registry.pol" - -#define GP_REGPOL_FILE_SIGNATURE 0x67655250 /* 'PReg' */ -#define GP_REGPOL_FILE_VERSION 1 - -static TALLOC_CTX *ctx = NULL; - -struct gp_registry_file_header { - uint32_t signature; - uint32_t version; -}; - -struct gp_registry_file_entry { - UNISTR key; - UNISTR value; - enum winreg_Type type; - size_t size; - uint8_t *data; -}; - -struct gp_registry_file { - struct gp_registry_file_header header; - size_t num_entries; - struct gp_registry_entry *entries; -}; - -/**************************************************************** -****************************************************************/ - -static bool reg_parse_header(const char *desc, - struct gp_registry_file_header *header, - prs_struct *ps, - int depth) -{ - if (!header) - return false; - - prs_debug(ps, depth, desc, "reg_parse_header"); - depth++; - - if (!prs_uint32("signature", ps, depth, &header->signature)) - return false; - - if (!prs_uint32("version", ps, depth, &header->version)) - return false; - - return true; -} - -/**************************************************************** -****************************************************************/ - -static bool reg_parse_and_verify_ucs2_char(const char *desc, - char character, - prs_struct *ps, - int depth) -{ - uint16_t tmp; - - if (!prs_uint16(desc, ps, depth, &tmp)) - return false; - - if (tmp != UCS2_CHAR(character)) - return false; - - return true; -} - -/**************************************************************** -****************************************************************/ - -static bool reg_parse_init(prs_struct *ps, int depth) -{ - return reg_parse_and_verify_ucs2_char("initiator '['", '[', - ps, depth); -} - -/**************************************************************** -****************************************************************/ - -static bool reg_parse_sep(prs_struct *ps, int depth) -{ - return reg_parse_and_verify_ucs2_char("separator ';'", ';', - ps, depth); -} - -/**************************************************************** -****************************************************************/ - -static bool reg_parse_term(prs_struct *ps, int depth) -{ - return reg_parse_and_verify_ucs2_char("terminator ']'", ']', - ps, depth); -} - - -/**************************************************************** -* [key;value;type;size;data] -****************************************************************/ - -static bool reg_parse_entry(TALLOC_CTX *mem_ctx, - const char *desc, - struct gp_registry_file_entry *entry, - prs_struct *ps, - int depth) -{ - uint32_t size = 0; - - if (!entry) - return false; - - prs_debug(ps, depth, desc, "reg_parse_entry"); - depth++; - - ZERO_STRUCTP(entry); - - if (!reg_parse_init(ps, depth)) - return false; - - if (!prs_unistr("key", ps, depth, &entry->key)) - return false; - - if (!reg_parse_sep(ps, depth)) - return false; - - if (!prs_unistr("value", ps, depth, &entry->value)) - return false; - - if (!reg_parse_sep(ps, depth)) - return false; - - if (!prs_uint32("type", ps, depth, &entry->type)) - return false; - - if (!reg_parse_sep(ps, depth)) - return false; - - if (!prs_uint32("size", ps, depth, &size)) - return false; - - entry->size = size; - - if (!reg_parse_sep(ps, depth)) - return false; - - if (entry->size) { - entry->data = TALLOC_ZERO_ARRAY(mem_ctx, uint8, entry->size); - if (!entry->data) - return false; - } - - if (!prs_uint8s(false, "data", ps, depth, entry->data, entry->size)) - return false; - - if (!reg_parse_term(ps, depth)) - return false; - - return true; -} - -/**************************************************************** -****************************************************************/ - -static bool reg_parse_value(TALLOC_CTX *mem_ctx, - char **value, - enum gp_reg_action *action) -{ - if (!*value) { - *action = GP_REG_ACTION_ADD_KEY; - return true; - } - - if (strncmp(*value, "**", 2) != 0) { - *action = GP_REG_ACTION_ADD_VALUE; - return true; - } - - if (strnequal(*value, "**DelVals.", 10)) { - *action = GP_REG_ACTION_DEL_ALL_VALUES; - return true; - } - - if (strnequal(*value, "**Del.", 6)) { - *value = talloc_strdup(mem_ctx, *value + 6); - *action = GP_REG_ACTION_DEL_VALUE; - return true; - } - - if (strnequal(*value, "**SecureKey", 11)) { - if (strnequal(*value, "**SecureKey=1", 13)) { - *action = GP_REG_ACTION_SEC_KEY_SET; - return true; - } - - /*************** not tested from here on ***************/ - if (strnequal(*value, "**SecureKey=0", 13)) { - smb_panic("not supported: **SecureKey=0"); - *action = GP_REG_ACTION_SEC_KEY_RESET; - return true; - } - DEBUG(0,("unknown: SecureKey: %s\n", *value)); - smb_panic("not supported SecureKey method"); - return false; - } - - if (strnequal(*value, "**DeleteValues", strlen("**DeleteValues"))) { - smb_panic("not supported: **DeleteValues"); - *action = GP_REG_ACTION_DEL_VALUES; - return false; - } - - if (strnequal(*value, "**DeleteKeys", strlen("**DeleteKeys"))) { - smb_panic("not supported: **DeleteKeys"); - *action = GP_REG_ACTION_DEL_KEYS; - return false; - } - - DEBUG(0,("unknown value: %s\n", *value)); - smb_panic(*value); - return false; -} - -/**************************************************************** -****************************************************************/ - -static bool gp_reg_entry_from_file_entry(TALLOC_CTX *mem_ctx, - struct gp_registry_file_entry *file_entry, - struct gp_registry_entry **reg_entry) -{ - struct registry_value *data = NULL; - struct gp_registry_entry *entry = NULL; - char *key = NULL; - char *value = NULL; - enum gp_reg_action action = GP_REG_ACTION_NONE; - - ZERO_STRUCTP(*reg_entry); - - data = TALLOC_ZERO_P(mem_ctx, struct registry_value); - if (!data) - return false; - - if (strlen_w((const smb_ucs2_t *)file_entry->key.buffer) <= 0) - return false; - - if (!pull_ucs2_talloc(mem_ctx, &key, file_entry->key.buffer)) - return false; - - if (strlen_w((const smb_ucs2_t *)file_entry->value.buffer) > 0) { - if (!pull_ucs2_talloc(mem_ctx, &value, - file_entry->value.buffer)) - return false; - } - - if (!reg_parse_value(mem_ctx, &value, &action)) - return false; - - data->type = file_entry->type; - - switch (data->type) { - case REG_DWORD: - data->v.dword = atoi((char *)file_entry->data); - break; - case REG_BINARY: - data->v.binary = data_blob_talloc(mem_ctx, - file_entry->data, - file_entry->size); - break; - case REG_NONE: - break; - case REG_SZ: - data->v.sz.len = pull_ucs2_talloc(mem_ctx, - &data->v.sz.str, - (const smb_ucs2_t *)file_entry->data); - break; - case REG_DWORD_BIG_ENDIAN: - case REG_EXPAND_SZ: - case REG_LINK: - case REG_MULTI_SZ: - case REG_QWORD: -/* case REG_DWORD_LITTLE_ENDIAN: */ -/* case REG_QWORD_LITTLE_ENDIAN: */ - printf("not yet implemented: %d\n", data->type); - return false; - default: - printf("invalid reg type defined: %d\n", data->type); - return false; - - } - - entry = TALLOC_ZERO_P(mem_ctx, struct gp_registry_entry); - if (!entry) - return false; - - entry->key = key; - entry->value = value; - entry->data = data; - entry->action = action; - - *reg_entry = entry; - - return true; -} - -/**************************************************************** -* [key;value;type;size;data][key;value;type;size;data]... -****************************************************************/ - -static bool reg_parse_entries(TALLOC_CTX *mem_ctx, - const char *desc, - struct gp_registry_entry **entries, - size_t *num_entries, - prs_struct *ps, - int depth) -{ - - if (!entries || !num_entries) - return false; - - prs_debug(ps, depth, desc, "reg_parse_entries"); - depth++; - - *entries = NULL; - *num_entries = 0; - - while (ps->buffer_size > ps->data_offset) { - - struct gp_registry_file_entry f_entry; - struct gp_registry_entry *r_entry = NULL; - - if (!reg_parse_entry(mem_ctx, desc, &f_entry, - ps, depth)) - return false; - - if (!gp_reg_entry_from_file_entry(mem_ctx, - &f_entry, - &r_entry)) - return false; - - if (!add_gp_registry_entry_to_array(mem_ctx, - r_entry, - entries, - num_entries)) - return false; - } - - return true; -} - -/**************************************************************** -****************************************************************/ - -static NTSTATUS reg_parse_registry(TALLOC_CTX *mem_ctx, - uint32_t flags, - const char *filename, - struct gp_registry_entry **entries, - size_t *num_entries) -{ - uint16_t *buf = NULL; - size_t n = 0; - NTSTATUS status; - prs_struct ps; - struct gp_registry_file *reg_file; - const char *real_filename = NULL; - - reg_file = TALLOC_ZERO_P(mem_ctx, struct gp_registry_file); - NT_STATUS_HAVE_NO_MEMORY(reg_file); - - status = gp_find_file(mem_ctx, - flags, - filename, - GP_REGPOL_FILE, - &real_filename); - if (!NT_STATUS_IS_OK(status)) { - TALLOC_FREE(reg_file); - return status; - } - - buf = (uint16 *)file_load(real_filename, &n, 0); - if (!buf) { - TALLOC_FREE(reg_file); - return NT_STATUS_CANNOT_LOAD_REGISTRY_FILE; - } - - if (!prs_init(&ps, n, mem_ctx, UNMARSHALL)) { - status = NT_STATUS_NO_MEMORY; - goto out; - } - - if (!prs_copy_data_in(&ps, (char *)buf, n)) { - status = NT_STATUS_NO_MEMORY; - goto out; - } - - prs_set_offset(&ps, 0); - - if (!reg_parse_header("header", ®_file->header, &ps, 0)) { - status = NT_STATUS_REGISTRY_IO_FAILED; - goto out; - } - - if (reg_file->header.signature != GP_REGPOL_FILE_SIGNATURE) { - status = NT_STATUS_INVALID_PARAMETER; - goto out; - } - - if (reg_file->header.version != GP_REGPOL_FILE_VERSION) { - status = NT_STATUS_INVALID_PARAMETER; - goto out; - } - - if (!reg_parse_entries(mem_ctx, "entries", ®_file->entries, - ®_file->num_entries, &ps, 0)) { - status = NT_STATUS_REGISTRY_IO_FAILED; - goto out; - } - - *entries = reg_file->entries; - *num_entries = reg_file->num_entries; - - status = NT_STATUS_OK; - - out: - SAFE_FREE(buf); - prs_mem_free(&ps); - - return status; -} - -/**************************************************************** -****************************************************************/ - -static WERROR reg_apply_registry(TALLOC_CTX *mem_ctx, - const struct nt_user_token *token, - struct registry_key *root_key, - uint32_t flags, - struct gp_registry_entry *entries, - size_t num_entries) -{ - struct gp_registry_context *reg_ctx = NULL; - WERROR werr; - size_t i; - - if (num_entries == 0) { - return WERR_OK; - } - -#if 0 - if (flags & GPO_LIST_FLAG_MACHINE) { - werr = gp_init_reg_ctx(mem_ctx, KEY_HKLM, REG_KEY_WRITE, - get_system_token(), - ®_ctx); - } else { - werr = gp_init_reg_ctx(mem_ctx, KEY_HKCU, REG_KEY_WRITE, - token, - ®_ctx); - } - W_ERROR_NOT_OK_RETURN(werr); -#endif - for (i=0; ifile_sys_path, - &server, &share, &nt_path, unix_path); -} - -/**************************************************************** -****************************************************************/ - char *gpo_flag_str(uint32_t flags) { fstring str = "";