search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
nfs4acl_xattr: identifiers are XDR encoded as integers
[Samba.git] / libgpo / gpext / gpext.c
blob73bebf1879fbfd8601c4f64ab5219d738417f068
1 /*
2 * Unix SMB/CIFS implementation.
3 * Group Policy Support
4 * Copyright (C) Guenther Deschner 2007-2008
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "../libgpo/gpo.h"
22 #include "../libgpo/gpext/gpext.h"
23 #include "librpc/gen_ndr/ndr_misc.h"
24 #include "lib/util/dlinklist.h"
25 #include "../libcli/registry/util_reg.h"
26 #include "libgpo/gpo_proto.h"
27 #include "registry.h"
28 #include "registry/reg_api.h"
29 #include "lib/util/util_paths.h"
30
31 static struct gp_extension *extensions = NULL;
32
33 /****************************************************************
34 ****************************************************************/
35
36 struct gp_extension *gpext_get_gp_extension_list(void)
37 {
38 return extensions;
39 }
40
41 /****************************************************************
42 ****************************************************************/
43
44
45 struct gp_extension_reg_table gpext_reg_vals[] = {
46 {
47 .val = "DllName",
48 .type = REG_EXPAND_SZ,
49 },
50 {
51 .val = "ProcessGroupPolicy",
52 .type = REG_SZ,
53 },
54 {
55 .val = "NoMachinePolicy",
56 .type = REG_DWORD,
57 },
58 {
59 .val = "NoUserPolicy",
60 .type = REG_DWORD,
61 },
62 {
63 .val = "NoSlowLink",
64 .type = REG_DWORD,
65 },
66 {
67 .val = "NoBackgroundPolicy",
68 .type = REG_DWORD,
69 },
70 {
71 .val = "NoGPOListChanges",
72 .type = REG_DWORD,
73 },
74 {
75 .val = "PerUserLocalSettings",
76 .type = REG_DWORD,
77 },
78 {
79 .val = "RequiresSuccessfulRegistry",
80 .type = REG_DWORD,
81 },
82 {
83 .val = "EnableAsynchronousProcessing",
84 .type = REG_DWORD,
85 },
86 {
87 .val = "ExtensionDebugLevel",
88 .type = REG_DWORD,
89 },
90 /* new */
91 {
92 .val = "GenerateGroupPolicy", /* not supported on w2k */
93 .type = REG_SZ,
94 },
95 {
96 .val = "NotifyLinkTransition",
97 .type = REG_DWORD,
98 },
99 {
100 .val = "ProcessGroupPolicyEx", /* not supported on w2k */
101 .type = REG_SZ,
102 },
103 {
104 .val = "ExtensionEventSource", /* not supported on w2k */
105 .type = REG_MULTI_SZ,
106 },
107 {
108 .val = "MaxNoGPOListChangesInterval",
109 .type = REG_DWORD,
110 },
111 { .type = REG_NONE }
112 };
113
114 /****************************************************************
115 ****************************************************************/
116
117 static struct gp_extension *get_extension_by_name(struct gp_extension *be,
118 const char *name)
119 {
120 struct gp_extension *b;
121
122 for (b = be; b; b = b->next) {
123 if (strequal(b->name, name)) {
124 return b;
125 }
126 }
127
128 return NULL;
129 }
130
131 /****************************************************************
132 ****************************************************************/
133
134 static struct gp_extension_methods *get_methods_by_name(struct gp_extension *be,
135 const char *name)
136 {
137 struct gp_extension *b;
138
139 for (b = be; b; b = b->next) {
140 if (strequal(b->name, name)) {
141 return b->methods;
142 }
143 }
144
145 return NULL;
146 }
147
148 /****************************************************************
149 ****************************************************************/
150
151 NTSTATUS gpext_unregister_gp_extension(const char *name)
152 {
153 struct gp_extension *ext;
154
155 ext = get_extension_by_name(extensions, name);
156 if (!ext) {
157 return NT_STATUS_OK;
158 }
159
160 DLIST_REMOVE(extensions, ext);
161 talloc_free(ext);
162
163 DEBUG(2,("Successfully removed GP extension '%s'\n", name));
164
165 return NT_STATUS_OK;
166 }
167
168 /****************************************************************
169 ****************************************************************/
170
171 NTSTATUS gpext_register_gp_extension(TALLOC_CTX *gpext_ctx,
172 int version,
173 const char *name,
174 const char *guid,
175 struct gp_extension_methods *methods)
176 {
177 struct gp_extension_methods *test;
178 struct gp_extension *entry;
179 NTSTATUS status;
180
181 if (!gpext_ctx) {
182 return NT_STATUS_INTERNAL_DB_ERROR;
183 }
184
185 if ((version != SMB_GPEXT_INTERFACE_VERSION)) {
186 DEBUG(0,("Failed to register gp extension.\n"
187 "The module was compiled against "
188 "SMB_GPEXT_INTERFACE_VERSION %d,\n"
189 "current SMB_GPEXT_INTERFACE_VERSION is %d.\n"
190 "Please recompile against the current "
191 "version of samba!\n",
192 version, SMB_GPEXT_INTERFACE_VERSION));
193 return NT_STATUS_OBJECT_TYPE_MISMATCH;
194 }
195
196 if (!guid || !name || !name[0] || !methods) {
197 DEBUG(0,("Called with NULL pointer or empty name!\n"));
198 return NT_STATUS_INVALID_PARAMETER;
199 }
200
201 test = get_methods_by_name(extensions, name);
202 if (test) {
203 DEBUG(0,("GP extension module %s already registered!\n",
204 name));
205 return NT_STATUS_OBJECT_NAME_COLLISION;
206 }
207
208 entry = talloc_zero(gpext_ctx, struct gp_extension);
209 NT_STATUS_HAVE_NO_MEMORY(entry);
210
211 entry->name = talloc_strdup(gpext_ctx, name);
212 NT_STATUS_HAVE_NO_MEMORY(entry->name);
213
214 entry->guid = talloc_zero(gpext_ctx, struct GUID);
215 NT_STATUS_HAVE_NO_MEMORY(entry->guid);
216 status = GUID_from_string(guid, entry->guid);
217 NT_STATUS_NOT_OK_RETURN(status);
218
219 entry->methods = methods;
220 DLIST_ADD(extensions, entry);
221
222 DEBUG(2,("Successfully added GP extension '%s' %s\n",
223 name, GUID_string2(gpext_ctx, entry->guid)));
224
225 return NT_STATUS_OK;
226 }
227
228 /****************************************************************
229 ****************************************************************/
230
231 static NTSTATUS gp_extension_init_module(TALLOC_CTX *mem_ctx,
232 const char *name,
233 struct gp_extension **gpext)
234 {
235 NTSTATUS status;
236 struct gp_extension *ext = NULL;
237
238 ext = talloc_zero(mem_ctx, struct gp_extension);
239 NT_STATUS_HAVE_NO_MEMORY(gpext);
240
241 ext->methods = get_methods_by_name(extensions, name);
242 if (!ext->methods) {
243
244 status = smb_probe_module(SAMBA_SUBSYSTEM_GPEXT,
245 name);
246 if (!NT_STATUS_IS_OK(status)) {
247 return status;
248 }
249
250 ext->methods = get_methods_by_name(extensions, name);
251 if (!ext->methods) {
252 return NT_STATUS_DLL_INIT_FAILED;
253 }
254 }
255
256 *gpext = ext;
257
258 return NT_STATUS_OK;
259 }
260
261 /****************************************************************
262 ****************************************************************/
263
264 static bool add_gp_extension_reg_entry_to_array(TALLOC_CTX *mem_ctx,
265 struct gp_extension_reg_entry *entry,
266 struct gp_extension_reg_entry **entries,
267 size_t *num)
268 {
269 *entries = talloc_realloc(mem_ctx, *entries,
270 struct gp_extension_reg_entry,
271 (*num)+1);
272 if (*entries == NULL) {
273 *num = 0;
274 return false;
275 }
276
277 (*entries)[*num].value = entry->value;
278 (*entries)[*num].data = entry->data;
279
280 *num += 1;
281 return true;
282 }
283
284 /****************************************************************
285 ****************************************************************/
286
287 static bool add_gp_extension_reg_info_entry_to_array(TALLOC_CTX *mem_ctx,
288 struct gp_extension_reg_info_entry *entry,
289 struct gp_extension_reg_info_entry **entries,
290 size_t *num)
291 {
292 *entries = talloc_realloc(mem_ctx, *entries,
293 struct gp_extension_reg_info_entry,
294 (*num)+1);
295 if (*entries == NULL) {
296 *num = 0;
297 return false;
298 }
299
300 (*entries)[*num].guid = entry->guid;
301 (*entries)[*num].num_entries = entry->num_entries;
302 (*entries)[*num].entries = entry->entries;
303
304 *num += 1;
305 return true;
306 }
307
308 /****************************************************************
309 ****************************************************************/
310
311 static NTSTATUS gp_ext_info_add_reg(TALLOC_CTX *mem_ctx,
312 struct gp_extension_reg_info_entry *entry,
313 const char *value,
314 enum winreg_Type type,
315 const char *data_s)
316 {
317 struct gp_extension_reg_entry *reg_entry = NULL;
318 struct registry_value *data = NULL;
319
320 reg_entry = talloc_zero(mem_ctx, struct gp_extension_reg_entry);
321 NT_STATUS_HAVE_NO_MEMORY(reg_entry);
322
323 data = talloc_zero(mem_ctx, struct registry_value);
324 NT_STATUS_HAVE_NO_MEMORY(data);
325
326 data->type = type;
327
328 switch (type) {
329 case REG_SZ:
330 case REG_EXPAND_SZ:
331 if (!push_reg_sz(mem_ctx, &data->data, data_s)) {
332 return NT_STATUS_NO_MEMORY;
333 }
334 break;
335 case REG_DWORD: {
336 uint32_t v = atoi(data_s);
337 data->data = data_blob_talloc(mem_ctx, NULL, 4);
338 SIVAL(data->data.data, 0, v);
339 break;
340 }
341 default:
342 return NT_STATUS_NOT_SUPPORTED;
343 }
344
345 reg_entry->value = value;
346 reg_entry->data = data;
347
348 if (!add_gp_extension_reg_entry_to_array(mem_ctx, reg_entry,
349 &entry->entries,
350 &entry->num_entries)) {
351 return NT_STATUS_NO_MEMORY;
352 }
353
354 return NT_STATUS_OK;
355 }
356
357 /****************************************************************
358 ****************************************************************/
359
360 static NTSTATUS gp_ext_info_add_reg_table(TALLOC_CTX *mem_ctx,
361 const char *module,
362 struct gp_extension_reg_info_entry *entry,
363 struct gp_extension_reg_table *table)
364 {
365 NTSTATUS status;
366 const char *module_name = NULL;
367 int i;
368
369 module_name = talloc_asprintf(mem_ctx, "%s.%s", module, shlib_ext());
370 NT_STATUS_HAVE_NO_MEMORY(module_name);
371
372 status = gp_ext_info_add_reg(mem_ctx, entry,
373 "DllName", REG_EXPAND_SZ, module_name);
374 NT_STATUS_NOT_OK_RETURN(status);
375
376 for (i=0; table[i].val; i++) {
377 status = gp_ext_info_add_reg(mem_ctx, entry,
378 table[i].val,
379 table[i].type,
380 table[i].data);
381 NT_STATUS_NOT_OK_RETURN(status);
382 }
383
384 return status;
385 }
386
387 /****************************************************************
388 ****************************************************************/
389
390 NTSTATUS gpext_info_add_entry(TALLOC_CTX *mem_ctx,
391 const char *module,
392 const char *ext_guid,
393 struct gp_extension_reg_table *table,
394 struct gp_extension_reg_info *info)
395 {
396 NTSTATUS status;
397 struct gp_extension_reg_info_entry *entry = NULL;
398
399 entry = talloc_zero(mem_ctx, struct gp_extension_reg_info_entry);
400 NT_STATUS_HAVE_NO_MEMORY(entry);
401
402 status = GUID_from_string(ext_guid, &entry->guid);
403 NT_STATUS_NOT_OK_RETURN(status);
404
405 status = gp_ext_info_add_reg_table(mem_ctx, module, entry, table);
406 NT_STATUS_NOT_OK_RETURN(status);
407
408 if (!add_gp_extension_reg_info_entry_to_array(mem_ctx, entry,
409 &info->entries,
410 &info->num_entries)) {
411 return NT_STATUS_NO_MEMORY;
412 }
413
414 return NT_STATUS_OK;
415 }
416
417 /****************************************************************
418 ****************************************************************/
419
420 static bool gp_extension_reg_info_verify_entry(struct gp_extension_reg_entry *entry)
421 {
422 int i;
423
424 for (i=0; gpext_reg_vals[i].val; i++) {
425
426 if ((strequal(entry->value, gpext_reg_vals[i].val)) &&
427 (entry->data->type == gpext_reg_vals[i].type)) {
428 return true;
429 }
430 }
431
432 return false;
433 }
434
435 /****************************************************************
436 ****************************************************************/
437
438 static bool gp_extension_reg_info_verify(struct gp_extension_reg_info_entry *entry)
439 {
440 int i;
441
442 for (i=0; i < entry->num_entries; i++) {
443 if (!gp_extension_reg_info_verify_entry(&entry->entries[i])) {
444 return false;
445 }
446 }
447
448 return true;
449 }
450
451 /****************************************************************
452 ****************************************************************/
453
454 static WERROR gp_extension_store_reg_vals(TALLOC_CTX *mem_ctx,
455 struct registry_key *key,
456 struct gp_extension_reg_info_entry *entry)
457 {
458 WERROR werr = WERR_OK;
459 size_t i;
460
461 for (i=0; i < entry->num_entries; i++) {
462
463 werr = reg_setvalue(key,
464 entry->entries[i].value,
465 entry->entries[i].data);
466 W_ERROR_NOT_OK_RETURN(werr);
467 }
468
469 return werr;
470 }
471
472 /****************************************************************
473 ****************************************************************/
474
475 static WERROR gp_extension_store_reg_entry(TALLOC_CTX *mem_ctx,
476 struct gp_registry_context *reg_ctx,
477 struct gp_extension_reg_info_entry *entry)
478 {
479 WERROR werr;
480 struct registry_key *key = NULL;
481 const char *subkeyname = NULL;
482
483 if (!gp_extension_reg_info_verify(entry)) {
484 return WERR_INVALID_PARAMETER;
485 }
486
487 subkeyname = GUID_string2(mem_ctx, &entry->guid);
488 W_ERROR_HAVE_NO_MEMORY(subkeyname);
489
490 if (!strupper_m(discard_const_p(char, subkeyname))) {
491 return WERR_INVALID_PARAMETER;
492 }
493
494 werr = gp_store_reg_subkey(mem_ctx,
495 subkeyname,
496 reg_ctx->curr_key,
497 &key);
498 W_ERROR_NOT_OK_RETURN(werr);
499
500 werr = gp_extension_store_reg_vals(mem_ctx,
501 key,
502 entry);
503 W_ERROR_NOT_OK_RETURN(werr);
504
505 return werr;
506 }
507
508 /****************************************************************
509 ****************************************************************/
510
511 static WERROR gp_extension_store_reg(TALLOC_CTX *mem_ctx,
512 struct gp_registry_context *reg_ctx,
513 struct gp_extension_reg_info *info)
514 {
515 WERROR werr = WERR_OK;
516 int i;
517
518 if (!info) {
519 return WERR_OK;
520 }
521
522 for (i=0; i < info->num_entries; i++) {
523 werr = gp_extension_store_reg_entry(mem_ctx,
524 reg_ctx,
525 &info->entries[i]);
526 W_ERROR_NOT_OK_RETURN(werr);
527 }
528
529 return werr;
530 }
531
532 /****************************************************************
533 ****************************************************************/
534
535 static NTSTATUS gp_glob_ext_list(TALLOC_CTX *mem_ctx,
536 const char ***ext_list,
537 size_t *ext_list_len)
538 {
539 DIR *dir = NULL;
540 struct dirent *dirent = NULL;
541
542 dir = opendir(modules_path(talloc_tos(),
543 SAMBA_SUBSYSTEM_GPEXT));
544 if (!dir) {
545 return map_nt_error_from_unix_common(errno);
546 }
547
548 while ((dirent = readdir(dir))) {
549
550 fstring name; /* forgive me... */
551 char *p;
552
553 if ((strequal(dirent->d_name, ".")) ||
554 (strequal(dirent->d_name, ".."))) {
555 continue;
556 }
557
558 p = strrchr(dirent->d_name, '.');
559 if (!p) {
560 closedir(dir);
561 return NT_STATUS_NO_MEMORY;
562 }
563
564 if (!strcsequal(p+1, shlib_ext())) {
565 DEBUG(10,("gp_glob_ext_list: not a *.so file: %s\n",
566 dirent->d_name));
567 continue;
568 }
569
570 fstrcpy(name, dirent->d_name);
571 name[PTR_DIFF(p, dirent->d_name)] = 0;
572
573 if (!add_string_to_array(mem_ctx, name, ext_list,
574 ext_list_len)) {
575 closedir(dir);
576 return NT_STATUS_NO_MEMORY;
577 }
578 }
579
580 closedir(dir);
581
582 return NT_STATUS_OK;
583 }
584
585 /****************************************************************
586 ****************************************************************/
587
588 NTSTATUS gpext_shutdown_gp_extensions(void)
589 {
590 struct gp_extension *ext = NULL;
591
592 for (ext = extensions; ext; ext = ext->next) {
593 if (ext->methods && ext->methods->shutdown) {
594 ext->methods->shutdown();
595 }
596 }
597
598 return NT_STATUS_OK;
599 }
600
601 /****************************************************************
602 ****************************************************************/
603
604 NTSTATUS gpext_init_gp_extensions(TALLOC_CTX *mem_ctx)
605 {
606 NTSTATUS status;
607 WERROR werr;
608 int i = 0;
609 const char **ext_array = NULL;
610 size_t ext_array_len = 0;
611 struct gp_extension *gpext = NULL;
612 struct gp_registry_context *reg_ctx = NULL;
613
614 if (gpext_get_gp_extension_list()) {
615 return NT_STATUS_OK;
616 }
617
618 status = gp_glob_ext_list(mem_ctx, &ext_array, &ext_array_len);
619 NT_STATUS_NOT_OK_RETURN(status);
620
621 for (i=0; i<ext_array_len; i++) {
622
623 struct gp_extension_reg_info *info = NULL;
624
625 status = gp_extension_init_module(mem_ctx, ext_array[i],
626 &gpext);
627 if (!NT_STATUS_IS_OK(status)) {
628 goto out;
629 }
630
631 if (gpext->methods->get_reg_config) {
632
633 status = gpext->methods->initialize(mem_ctx);
634 if (!NT_STATUS_IS_OK(status)) {
635 gpext->methods->shutdown();
636 goto out;
637 }
638
639 status = gpext->methods->get_reg_config(mem_ctx,
640 &info);
641 if (!NT_STATUS_IS_OK(status)) {
642 gpext->methods->shutdown();
643 goto out;
644 }
645
646 if (!reg_ctx) {
647 struct security_token *token;
648
649 token = registry_create_system_token(mem_ctx);
650 NT_STATUS_HAVE_NO_MEMORY(token);
651
652 werr = gp_init_reg_ctx(mem_ctx,
653 KEY_WINLOGON_GPEXT_PATH,
654 REG_KEY_WRITE,
655 token,
656 &reg_ctx);
657 if (!W_ERROR_IS_OK(werr)) {
658 status = werror_to_ntstatus(werr);
659 gpext->methods->shutdown();
660 goto out;
661 }
662 }
663
664 werr = gp_extension_store_reg(mem_ctx, reg_ctx, info);
665 if (!W_ERROR_IS_OK(werr)) {
666 DEBUG(1,("gp_extension_store_reg failed: %s\n",
667 win_errstr(werr)));
668 TALLOC_FREE(info);
669 gpext->methods->shutdown();
670 status = werror_to_ntstatus(werr);
671 goto out;
672 }
673 TALLOC_FREE(info);
674 }
675
676 }
677
678 out:
679 TALLOC_FREE(reg_ctx);
680
681 return status;
682 }
683
684 /****************************************************************
685 ****************************************************************/
686
687 NTSTATUS gpext_free_gp_extensions(void)
688 {
689 struct gp_extension *ext, *ext_next = NULL;
690
691 for (ext = extensions; ext; ext = ext_next) {
692 ext_next = ext->next;
693 DLIST_REMOVE(extensions, ext);
694 TALLOC_FREE(ext);
695 }
696
697 extensions = NULL;
698
699 return NT_STATUS_OK;
700 }
701
702 /****************************************************************
703 ****************************************************************/
704
705 void gpext_debug_header(int lvl,
706 const char *name,
707 uint32_t flags,
708 const struct GROUP_POLICY_OBJECT *gpo,
709 const char *extension_guid,
710 const char *snapin_guid)
711 {
712 char *flags_str = NULL;
713
714 DEBUG(lvl,("%s\n", name));
715 DEBUGADD(lvl,("\tgpo: %s (%s)\n", gpo->name,
716 gpo->display_name));
717 DEBUGADD(lvl,("\tcse extension: %s (%s)\n", extension_guid,
718 cse_gpo_guid_string_to_name(extension_guid)));
719 DEBUGADD(lvl,("\tgplink: %s\n", gpo->link));
720 DEBUGADD(lvl,("\tsnapin: %s (%s)\n", snapin_guid,
721 cse_snapin_gpo_guid_string_to_name(snapin_guid)));
722
723 flags_str = gpo_flag_str(NULL, flags);
724 DEBUGADD(lvl,("\tflags: 0x%08x %s\n", flags, flags_str));
725 TALLOC_FREE(flags_str);
726 }
727
728 /****************************************************************
729 ****************************************************************/
730
731 static NTSTATUS gpext_check_gpo_for_gpext_presence(TALLOC_CTX *mem_ctx,
732 uint32_t flags,
733 const struct GROUP_POLICY_OBJECT *gpo,
734 const struct GUID *guid,
735 bool *gpext_guid_present)
736 {
737 struct GP_EXT *gp_ext = NULL;
738 int i;
739 bool ok;
740
741 *gpext_guid_present = false;
742
743
744 if (gpo->link_type == GP_LINK_LOCAL) {
745 return NT_STATUS_OK;
746 }
747
748 ok = gpo_get_gp_ext_from_gpo(mem_ctx, flags, gpo, &gp_ext);
749 if (!ok) {
750 return NT_STATUS_INVALID_PARAMETER;
751 }
752
753 if (gp_ext == NULL) {
754 return NT_STATUS_OK;
755 }
756
757 for (i = 0; i < gp_ext->num_exts; i++) {
758 struct GUID guid2;
759 NTSTATUS status;
760
761 status = GUID_from_string(gp_ext->extensions_guid[i], &guid2);
762 if (!NT_STATUS_IS_OK(status)) {
763 return status;
764 }
765 if (GUID_equal(guid, &guid2)) {
766 *gpext_guid_present = true;
767 return NT_STATUS_OK;
768 }
769 }
770
771 return NT_STATUS_OK;
772 }
773
774 /****************************************************************
775 ****************************************************************/
776
777 NTSTATUS gpext_process_extension(TALLOC_CTX *mem_ctx,
778 uint32_t flags,
779 const struct security_token *token,
780 struct registry_key *root_key,
781 const struct GROUP_POLICY_OBJECT *deleted_gpo_list,
782 const struct GROUP_POLICY_OBJECT *changed_gpo_list,
783 const char *extension_guid_filter)
784 {
785 NTSTATUS status;
786 struct gp_extension *ext = NULL;
787 const struct GROUP_POLICY_OBJECT *gpo;
788 struct GUID extension_guid_filter_guid;
789
790 status = gpext_init_gp_extensions(mem_ctx);
791 if (!NT_STATUS_IS_OK(status)) {
792 DEBUG(1,("gpext_init_gp_extensions failed: %s\n",
793 nt_errstr(status)));
794 return status;
795 }
796
797 if (extension_guid_filter) {
798 status = GUID_from_string(extension_guid_filter,
799 &extension_guid_filter_guid);
800 if (!NT_STATUS_IS_OK(status)) {
801 return status;
802 }
803 }
804
805 for (ext = extensions; ext; ext = ext->next) {
806
807 struct GROUP_POLICY_OBJECT *deleted_gpo_list_filtered = NULL;
808 struct GROUP_POLICY_OBJECT *changed_gpo_list_filtered = NULL;
809
810 if (extension_guid_filter) {
811 if (!GUID_equal(&extension_guid_filter_guid, ext->guid)) {
812 continue;
813 }
814 }
815
816 for (gpo = deleted_gpo_list; gpo; gpo = gpo->next) {
817
818 bool is_present = false;
819
820 status = gpext_check_gpo_for_gpext_presence(mem_ctx,
821 flags,
822 gpo,
823 ext->guid,
824 &is_present);
825 if (!NT_STATUS_IS_OK(status)) {
826 return status;
827 }
828
829 if (is_present) {
830 struct GROUP_POLICY_OBJECT *new_gpo;
831
832 status = gpo_copy(mem_ctx, gpo, &new_gpo);
833 if (!NT_STATUS_IS_OK(status)) {
834 return status;
835 }
836
837 DLIST_ADD(deleted_gpo_list_filtered, new_gpo);
838 }
839 }
840
841 for (gpo = changed_gpo_list; gpo; gpo = gpo->next) {
842
843 bool is_present = false;
844
845 status = gpext_check_gpo_for_gpext_presence(mem_ctx,
846 flags,
847 gpo,
848 ext->guid,
849 &is_present);
850 if (!NT_STATUS_IS_OK(status)) {
851 return status;
852 }
853
854 if (is_present) {
855 struct GROUP_POLICY_OBJECT *new_gpo;
856
857 status = gpo_copy(mem_ctx, gpo, &new_gpo);
858 if (!NT_STATUS_IS_OK(status)) {
859 return status;
860 }
861
862 DLIST_ADD(changed_gpo_list_filtered, new_gpo);
863 }
864 }
865
866 status = ext->methods->initialize(mem_ctx);
867 NT_STATUS_NOT_OK_RETURN(status);
868
869 status = ext->methods->process_group_policy(mem_ctx,
870 flags,
871 root_key,
872 token,
873 deleted_gpo_list_filtered,
874 changed_gpo_list_filtered);
875 if (!NT_STATUS_IS_OK(status)) {
876 ext->methods->shutdown();
877 }
878 }
879
880 return status;
881 }
Samba GIT mirror