static WERROR gp_reg_store_groupmembership(TALLOC_CTX *mem_ctx,
struct gp_registry_context *reg_ctx,
const struct security_token *token,
uint32_t flags)
{
struct registry_key *key = NULL;
WERROR werr;
int i = 0;
const char *valname = NULL;
const char *path = NULL;
const char *val = NULL;
int count = 0;
path = gp_reg_groupmembership_path(mem_ctx, &token->sids[0],
flags);
W_ERROR_HAVE_NO_MEMORY(path);
gp_reg_del_groupmembership(mem_ctx, reg_ctx->curr_key, token, flags);
werr = gp_store_reg_subkey(mem_ctx, path,
reg_ctx->curr_key, &key);
W_ERROR_NOT_OK_RETURN(werr);
for (i=0; i<token->num_sids; i++) {
valname = talloc_asprintf(mem_ctx, "Group%d", count++);
W_ERROR_HAVE_NO_MEMORY(valname);
val = sid_string_talloc(mem_ctx, &token->sids[i]);
W_ERROR_HAVE_NO_MEMORY(val);
werr = gp_store_reg_val_sz(mem_ctx, key, valname, val);
W_ERROR_NOT_OK_RETURN(werr);
}
werr = gp_store_reg_val_dword(mem_ctx, key, "Count", count);
W_ERROR_NOT_OK_RETURN(werr);
return WERR_OK;
}
static WERROR scripts_apply(TALLOC_CTX *mem_ctx,
const struct security_token *token,
struct registry_key *root_key,
uint32_t flags,
const char *section,
const struct GROUP_POLICY_OBJECT *gpo,
struct gp_registry_entry *entries,
size_t num_entries)
{
struct gp_registry_context *reg_ctx = NULL;
WERROR werr;
size_t i;
const char *keystr = NULL;
int count = 0;
if (num_entries == 0) {
return WERR_OK;
}
#if 0
if (flags & GPO_INFO_FLAG_MACHINE) {
struct security_token *tmp_token;
tmp_token = registry_create_system_token(mem_ctx);
W_ERROR_HAVE_NO_MEMORY(tmp_token);
werr = gp_init_reg_ctx(mem_ctx, KEY_HKLM, REG_KEY_WRITE,
tmp_token,
®_ctx);
} else {
werr = gp_init_reg_ctx(mem_ctx, KEY_HKCU, REG_KEY_WRITE,
token,
®_ctx);
}
W_ERROR_NOT_OK_RETURN(werr);
#endif
keystr = talloc_asprintf(mem_ctx, "%s\\%s\\%d", KEY_GP_SCRIPTS,
section, count++);
W_ERROR_HAVE_NO_MEMORY(keystr);
reg_deletekey_recursive(root_key, keystr);
werr = gp_store_reg_subkey(mem_ctx, keystr,
root_key, &root_key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
werr = scripts_store_reg_gpovals(mem_ctx, root_key, gpo);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
for (i=0; i<num_entries; i++) {
werr = reg_apply_registry_entry(mem_ctx, root_key, reg_ctx,
&(entries)[i],
token, flags);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to apply registry: %s\n",
win_errstr(werr)));
goto done;
}
}
done:
gp_free_reg_ctx(reg_ctx);
return werr;
}
WERROR gp_reg_state_store(TALLOC_CTX *mem_ctx,
uint32_t flags,
const char *dn,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list)
{
struct gp_registry_context *reg_ctx = NULL;
WERROR werr = WERR_GENERAL_FAILURE;
const char *subkeyname = NULL;
struct GROUP_POLICY_OBJECT *gpo;
int count = 0;
struct registry_key *key;
werr = gp_init_reg_ctx(mem_ctx, KEY_GROUP_POLICY, REG_KEY_WRITE,
token, ®_ctx);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_secure_key(mem_ctx, flags, reg_ctx->curr_key,
&token->sids[0]);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to secure key: %s\n", win_errstr(werr)));
goto done;
}
werr = gp_reg_store_groupmembership(mem_ctx, reg_ctx, token, flags);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to store group membership: %s\n", win_errstr(werr)));
goto done;
}
subkeyname = gp_req_state_path(mem_ctx, &token->sids[0], flags);
if (!subkeyname) {
werr = WERR_NOMEM;
goto done;
}
werr = gp_del_reg_state(mem_ctx, reg_ctx->curr_key, subkeyname);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to delete old state: %s\n", win_errstr(werr)));
/* goto done; */
}
werr = gp_store_reg_subkey(mem_ctx, subkeyname,
reg_ctx->curr_key, ®_ctx->curr_key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
werr = gp_store_reg_val_sz(mem_ctx, reg_ctx->curr_key,
"Distinguished-Name", dn);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
/* store link list */
werr = gp_store_reg_subkey(mem_ctx, "GPLink-List",
reg_ctx->curr_key, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
/* store gpo list */
werr = gp_store_reg_subkey(mem_ctx, "GPO-List",
reg_ctx->curr_key, ®_ctx->curr_key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
for (gpo = gpo_list; gpo; gpo = gpo->next) {
subkeyname = talloc_asprintf(mem_ctx, "%d", count++);
if (!subkeyname) {
werr = WERR_NOMEM;
goto done;
}
werr = gp_store_reg_subkey(mem_ctx, subkeyname,
reg_ctx->curr_key, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
werr = gp_store_reg_gpovals(mem_ctx, key, gpo);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("gp_reg_state_store: "
"gpo_store_reg_gpovals failed for %s: %s\n",
gpo->display_name, win_errstr(werr)));
goto done;
}
}
done:
gp_free_reg_ctx(reg_ctx);
return werr;
}