static bool test_lp_service(struct torture_context *tctx) { struct loadparm_context *lp_ctx = loadparm_init(tctx); struct loadparm_service *service = lpcfg_add_service(lp_ctx, lpcfg_default_service(lp_ctx), "foo"); torture_assert(tctx, service == lpcfg_service(lp_ctx, "foo"), "invalid service"); return true; }
static PyObject *py_lp_ctx_getitem(py_talloc_Object *self, PyObject *name) { struct loadparm_service *service; if (!PyString_Check(name)) { PyErr_SetString(PyExc_TypeError, "Only string subscripts are supported"); return NULL; } service = lpcfg_service(PyLoadparmContext_AsLoadparmContext(self), PyString_AsString(name)); if (service == NULL) { PyErr_SetString(PyExc_KeyError, "No such section"); return NULL; } return PyLoadparmService_FromService(service); }
static PyObject *py_lp_dump_a_parameter(PyObject *self, PyObject *args) { PyObject *py_stream; char *param_name; const char *section_name = NULL; FILE *f; struct loadparm_context *lp_ctx = PyLoadparmContext_AsLoadparmContext(self); struct loadparm_service *service; bool ret; if (!PyArg_ParseTuple(args, "Os|z", &py_stream, ¶m_name, §ion_name)) return NULL; f = PyFile_AsFile(py_stream); if (f == NULL) { return NULL; } if (section_name != NULL && strwicmp(section_name, GLOBAL_NAME) && strwicmp(section_name, GLOBAL_NAME2)) { /* it's a share parameter */ service = lpcfg_service(lp_ctx, section_name); if (service == NULL) { PyErr_Format(PyExc_RuntimeError, "Unknown section %s", section_name); return NULL; } } else { /* it's global */ service = NULL; section_name = "global"; } ret = lpcfg_dump_a_parameter(lp_ctx, service, param_name, f); if (!ret) { PyErr_Format(PyExc_RuntimeError, "Parameter %s unknown for section %s", param_name, section_name); return NULL; } Py_RETURN_NONE; }
static PyObject *py_lp_ctx_get_helper(struct loadparm_context *lp_ctx, const char *service_name, const char *param_name) { struct parm_struct *parm = NULL; void *parm_ptr = NULL; int i; if (service_name != NULL && strwicmp(service_name, GLOBAL_NAME) && strwicmp(service_name, GLOBAL_NAME2)) { struct loadparm_service *service; /* its a share parameter */ service = lpcfg_service(lp_ctx, service_name); if (service == NULL) { return NULL; } if (strchr(param_name, ':')) { /* its a parametric option on a share */ const char *type = talloc_strndup(lp_ctx, param_name, strcspn(param_name, ":")); const char *option = strchr(param_name, ':') + 1; const char *value; if (type == NULL || option == NULL) { return NULL; } value = lpcfg_get_parametric(lp_ctx, service, type, option); if (value == NULL) { return NULL; } return PyString_FromString(value); } parm = lpcfg_parm_struct(param_name); if (parm == NULL || parm->p_class == P_GLOBAL) { return NULL; } parm_ptr = lpcfg_parm_ptr(lp_ctx, service, parm); } else if (strchr(param_name, ':')) { /* its a global parametric option */ const char *type = talloc_strndup(lp_ctx, param_name, strcspn(param_name, ":")); const char *option = strchr(param_name, ':') + 1; const char *value; if (type == NULL || option == NULL) { return NULL; } value = lpcfg_get_parametric(lp_ctx, NULL, type, option); if (value == NULL) return NULL; return PyString_FromString(value); } else { /* its a global parameter */ parm = lpcfg_parm_struct(param_name); if (parm == NULL) { return NULL; } parm_ptr = lpcfg_parm_ptr(lp_ctx, NULL, parm); } if (parm == NULL || parm_ptr == NULL) { return NULL; } /* construct and return the right type of python object */ switch (parm->type) { case P_STRING: case P_USTRING: return PyString_FromString(*(char **)parm_ptr); case P_BOOL: return PyBool_FromLong(*(bool *)parm_ptr); case P_INTEGER: case P_OCTAL: case P_BYTES: return PyLong_FromLong(*(int *)parm_ptr); case P_ENUM: for (i=0; parm->enum_list[i].name; i++) { if (*(int *)parm_ptr == parm->enum_list[i].value) { return PyString_FromString(parm->enum_list[i].name); } } return NULL; case P_CMDLIST: case P_LIST: { int j; const char **strlist = *(const char ***)parm_ptr; PyObject *pylist; if(strlist == NULL) { return PyList_New(0); } pylist = PyList_New(str_list_length(strlist)); for (j = 0; strlist[j]; j++) PyList_SetItem(pylist, j, PyString_FromString(strlist[j])); return pylist; } break; } return NULL; }
bool torture_gpo_system_access_policies(struct torture_context *tctx) { TALLOC_CTX *ctx = talloc_new(tctx); int ret, vers = 0, i; const char *sysvol_path = NULL, *gpo_dir = NULL; const char *gpo_file = NULL, *gpt_file = NULL; struct ldb_context *samdb = NULL; struct ldb_result *result; const char *attrs[] = { "minPwdAge", "maxPwdAge", "minPwdLength", "pwdProperties", NULL }; FILE *fp = NULL; const char **gpo_update_cmd; char **gpo_unapply_cmd; int minpwdcases[] = { 0, 1, 998 }; int maxpwdcases[] = { 0, 1, 999 }; int pwdlencases[] = { 0, 1, 14 }; int pwdpropcases[] = { 0, 1, 1 }; struct ldb_message *old_message = NULL; const char **itr; int gpo_update_len = 0; sysvol_path = lpcfg_path(lpcfg_service(tctx->lp_ctx, "sysvol"), lpcfg_default_service(tctx->lp_ctx), tctx); torture_assert(tctx, sysvol_path, "Failed to fetch the sysvol path"); /* Ensure the sysvol path exists */ gpo_dir = talloc_asprintf(ctx, "%s/%s", sysvol_path, GPODIR); mkdir_p(gpo_dir, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH); gpo_file = talloc_asprintf(ctx, "%s/%s", gpo_dir, GPOFILE); /* Get the gpo update command */ gpo_update_cmd = lpcfg_gpo_update_command(tctx->lp_ctx); torture_assert(tctx, gpo_update_cmd && gpo_update_cmd[0], "Failed to fetch the gpo update command"); /* Open and read the samba db and store the initial password settings */ samdb = samdb_connect(ctx, tctx->ev, tctx->lp_ctx, system_session(tctx->lp_ctx), NULL, 0); torture_assert(tctx, samdb, "Failed to connect to the samdb"); ret = ldb_search(samdb, ctx, &result, ldb_get_default_basedn(samdb), LDB_SCOPE_BASE, attrs, NULL); torture_assert(tctx, ret == LDB_SUCCESS && result->count == 1, "Searching the samdb failed"); old_message = result->msgs[0]; for (i = 0; i < 3; i++) { /* Write out the sysvol */ if ( (fp = fopen(gpo_file, "w")) ) { fputs(talloc_asprintf(ctx, GPTTMPL, minpwdcases[i], maxpwdcases[i], pwdlencases[i], pwdpropcases[i]), fp); fclose(fp); } /* Update the version in the GPT.INI */ gpt_file = talloc_asprintf(ctx, "%s/%s", sysvol_path, GPTINI); if ( (fp = fopen(gpt_file, "r")) ) { char line[256]; while (fgets(line, 256, fp)) { if (strncasecmp(line, "Version=", 8) == 0) { vers = atoi(line+8); break; } } fclose(fp); } if ( (fp = fopen(gpt_file, "w")) ) { char *data = talloc_asprintf(ctx, "[General]\nVersion=%d\n", ++vers); fputs(data, fp); fclose(fp); } /* Run the gpo update command */ ret = exec_wait(discard_const_p(char *, gpo_update_cmd)); torture_assert(tctx, ret == 0, "Failed to execute the gpo update command"); ret = ldb_search(samdb, ctx, &result, ldb_get_default_basedn(samdb), LDB_SCOPE_BASE, attrs, NULL); torture_assert(tctx, ret == LDB_SUCCESS && result->count == 1, "Searching the samdb failed"); /* minPwdAge */ torture_assert_int_equal(tctx, unix2nttime( ldb_msg_find_attr_as_string( result->msgs[0], attrs[0], "")), minpwdcases[i], "The minPwdAge was not applied"); /* maxPwdAge */ torture_assert_int_equal(tctx, unix2nttime( ldb_msg_find_attr_as_string( result->msgs[0], attrs[1], "")), maxpwdcases[i], "The maxPwdAge was not applied"); /* minPwdLength */ torture_assert_int_equal(tctx, ldb_msg_find_attr_as_int( result->msgs[0], attrs[2], -1), pwdlencases[i], "The minPwdLength was not applied"); /* pwdProperties */ torture_assert_int_equal(tctx, ldb_msg_find_attr_as_int( result->msgs[0], attrs[3], -1), pwdpropcases[i], "The pwdProperties were not applied"); } /* Unapply the settings and verify they are removed */ for (itr = gpo_update_cmd; *itr != NULL; itr++) { gpo_update_len++; } gpo_unapply_cmd = talloc_array(ctx, char*, gpo_update_len+2); for (i = 0; i < gpo_update_len; i++) { gpo_unapply_cmd[i] = talloc_strdup(gpo_unapply_cmd, gpo_update_cmd[i]); } gpo_unapply_cmd[i] = talloc_asprintf(gpo_unapply_cmd, "--unapply"); gpo_unapply_cmd[i+1] = NULL; ret = exec_wait(gpo_unapply_cmd); torture_assert(tctx, ret == 0, "Failed to execute the gpo unapply command"); ret = ldb_search(samdb, ctx, &result, ldb_get_default_basedn(samdb), LDB_SCOPE_BASE, attrs, NULL); torture_assert(tctx, ret == LDB_SUCCESS && result->count == 1, "Searching the samdb failed"); /* minPwdAge */ torture_assert_int_equal(tctx, unix2nttime(ldb_msg_find_attr_as_string( result->msgs[0], attrs[0], "")), unix2nttime(ldb_msg_find_attr_as_string(old_message, attrs[0], "") ), "The minPwdAge was not unapplied"); /* maxPwdAge */ torture_assert_int_equal(tctx, unix2nttime(ldb_msg_find_attr_as_string( result->msgs[0], attrs[1], "")), unix2nttime(ldb_msg_find_attr_as_string(old_message, attrs[1], "") ), "The maxPwdAge was not unapplied"); /* minPwdLength */ torture_assert_int_equal(tctx, ldb_msg_find_attr_as_int( result->msgs[0], attrs[2], -1), ldb_msg_find_attr_as_int( old_message, attrs[2], -2), "The minPwdLength was not unapplied"); /* pwdProperties */ torture_assert_int_equal(tctx, ldb_msg_find_attr_as_int( result->msgs[0], attrs[3], -1), ldb_msg_find_attr_as_int( old_message, attrs[3], -2), "The pwdProperties were not unapplied"); talloc_free(ctx); return true; }