From 9bda5ab39fc3429191e2272a8be62e230677ecb1 Mon Sep 17 00:00:00 2001
From: Yassir Elley <yelley@redhat.com>
Date: Aug 13 2014 12:36:04 +0000
Subject: AD-GPO: sysdb_gpo changes for offline gpo support


Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

---

diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index addf131..3cef1e6 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -870,7 +870,8 @@ errno_t sysdb_search_object_by_sid(TALLOC_CTX *mem_ctx,
 #define SYSDB_GPO_CONTAINER "cn=gpos,cn=ad,cn=custom"
 
 #define SYSDB_GPO_OC "gpo"
-#define SYSDB_GPO_FILTER "(&(objectClass="SYSDB_GPO_OC")("SYSDB_GPO_GUID_ATTR"=%s))"
+#define SYSDB_GPO_FILTER "(objectClass="SYSDB_GPO_OC")"
+#define SYSDB_GPO_GUID_FILTER "(&(objectClass="SYSDB_GPO_OC")("SYSDB_GPO_GUID_ATTR"=%s))"
 #define SYSDB_GPO_GUID_ATTR "gpoGUID"
 #define SYSDB_GPO_VERSION_ATTR "gpoVersion"
 #define SYSDB_GPO_TIMEOUT_ATTR "gpoPolicyFileTimeout"
@@ -896,4 +897,8 @@ errno_t sysdb_gpo_get_gpo_by_guid(TALLOC_CTX *mem_ctx,
                                   const char *gpo_guid,
                                   struct ldb_result **_result);
 
+errno_t sysdb_gpo_get_gpos(TALLOC_CTX *mem_ctx,
+                           struct sss_domain_info *domain,
+                           struct ldb_result **_result);
+
 #endif /* __SYS_DB_H__ */
diff --git a/src/db/sysdb_gpo.c b/src/db/sysdb_gpo.c
index 228f131..7dd31d8 100644
--- a/src/db/sysdb_gpo.c
+++ b/src/db/sysdb_gpo.c
@@ -265,7 +265,7 @@ sysdb_gpo_get_gpo_by_guid(TALLOC_CTX *mem_ctx,
     }
 
     lret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, base_dn,
-                      LDB_SCOPE_SUBTREE, attrs, SYSDB_GPO_FILTER, gpo_guid);
+                      LDB_SCOPE_SUBTREE, attrs, SYSDB_GPO_GUID_FILTER, gpo_guid);
     if (lret) {
         DEBUG(SSSDBG_MINOR_FAILURE,
               "Could not locate GPO: [%s]\n",
@@ -296,3 +296,59 @@ done:
     talloc_free(tmp_ctx);
     return ret;
 }
+
+errno_t
+sysdb_gpo_get_gpos(TALLOC_CTX *mem_ctx,
+                   struct sss_domain_info *domain,
+                   struct ldb_result **_result)
+{
+    errno_t ret;
+    int lret;
+    struct ldb_dn *base_dn;
+    TALLOC_CTX *tmp_ctx;
+    struct ldb_result *res;
+
+    const char *attrs[] = SYSDB_GPO_ATTRS;
+
+    tmp_ctx = talloc_new(NULL);
+    if (!tmp_ctx) return ENOMEM;
+
+    DEBUG(SSSDBG_TRACE_FUNC, SYSDB_TMPL_GPO_BASE"\n", domain->name);
+
+    base_dn = ldb_dn_new_fmt(tmp_ctx, domain->sysdb->ldb,
+                             SYSDB_TMPL_GPO_BASE,
+                             domain->name);
+    if (!base_dn) {
+        ret = ENOMEM;
+        goto done;
+    }
+
+    lret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, base_dn,
+                      LDB_SCOPE_SUBTREE, attrs, SYSDB_GPO_FILTER);
+    if (lret) {
+        DEBUG(SSSDBG_MINOR_FAILURE,
+              "Could not locate GPOs: [%s]\n",
+              ldb_strerror(lret));
+        ret = sysdb_error_to_errno(lret);
+        goto done;
+    }
+
+    if (res->count == 0) {
+        ret = ENOENT;
+        goto done;
+    }
+
+    *_result = talloc_steal(mem_ctx, res);
+    ret = EOK;
+
+done:
+
+    if (ret == ENOENT) {
+        DEBUG(SSSDBG_TRACE_ALL, "No GPO entries.\n");
+    } else if (ret) {
+        DEBUG(SSSDBG_OP_FAILURE, "Error: %d (%s)\n", ret, strerror(ret));
+    }
+
+    talloc_free(tmp_ctx);
+    return ret;
+}