s3:services_db: rewrite svcctl_set_secdesc to use tmp talloc ctx

[amitay/samba.git] / source3 / services / services_db.c
diff --git a/source3/services/services_db.c b/source3/services/services_db.c

index ae83e726977292bfdc871e74e50568a00e75d163..cd05b0e5860028871e41fb49837c11806b948a33 100644 (file)
--- a/source3/services/services_db.c
+++ b/source3/services/services_db.c
@@ -21,6 +21,12 @@
   */
  
  #include "includes.h"
+#include "services/services.h"
+#include "registry.h"
+#include "registry/reg_util_legacy.h"
+#include "registry/reg_dispatcher.h"
+#include "registry/reg_objects.h"
+#include "registry/reg_api_util.h"
  
  struct rcinit_file_information {
         char *description;
@@ -86,36 +92,40 @@ struct service_display_info common_unix_svcs[] = {
  /********************************************************************
  ********************************************************************/
  
-static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx )
+static struct security_descriptor* construct_service_sd( TALLOC_CTX *ctx )
  {
-       SEC_ACE ace[4];
-       SEC_ACCESS mask;
+       struct security_ace ace[4];
         size_t i = 0;
-       SEC_DESC *sd;
-       SEC_ACL *acl;
+       struct security_descriptor *sd = NULL;
+       struct security_acl *theacl = NULL;
         size_t sd_size;
  
         /* basic access for Everyone */
  
-       init_sec_access(&mask, SERVICE_READ_ACCESS );
-       init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
+       init_sec_ace(&ace[i++], &global_sid_World,
+               SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_READ_ACCESS, 0);
  
-       init_sec_access(&mask,SERVICE_EXECUTE_ACCESS );
-       init_sec_ace(&ace[i++], &global_sid_Builtin_Power_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
+       init_sec_ace(&ace[i++], &global_sid_Builtin_Power_Users,
+                       SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_EXECUTE_ACCESS, 0);
  
-       init_sec_access(&mask,SERVICE_ALL_ACCESS );
-       init_sec_ace(&ace[i++], &global_sid_Builtin_Server_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-       init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
+       init_sec_ace(&ace[i++], &global_sid_Builtin_Server_Operators,
+               SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0);
+       init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
+               SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0);
  
         /* create the security descriptor */
  
-       if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
+       theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace);
+       if (theacl == NULL) {
                 return NULL;
+       }
  
-       if ( !(sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
-                                 SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
-                                 acl, &sd_size)) )
+       sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+                          SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+                          theacl, &sd_size);
+       if (sd == NULL) {
                 return NULL;
+       }
  
         return sd;
  }
@@ -188,24 +198,27 @@ static char *cleanup_string( const char *string )
  
  static bool read_init_file( const char *servicename, struct rcinit_file_information **service_info )
  {
-       struct rcinit_file_information *info;
+       struct rcinit_file_information *info = NULL;
         char *filepath = NULL;
         char str[1024];
-       XFILE *f;
-       char *p;
+       XFILE *f = NULL;
+       char *p = NULL;
  
-       if ( !(info = TALLOC_ZERO_P( NULL, struct rcinit_file_information ) ) )
+       info = TALLOC_ZERO_P( NULL, struct rcinit_file_information );
+       if (info == NULL) {
                 return False;
+       }
  
         /* attempt the file open */
  
-       filepath = talloc_asprintf(info, "%s/%s/%s", get_dyn_LIBDIR(),
+       filepath = talloc_asprintf(info, "%s/%s/%s", get_dyn_MODULESDIR(),
                                 SVCCTL_SCRIPT_DIR, servicename);
         if (!filepath) {
                 TALLOC_FREE(info);
                 return false;
         }
-       if (!(f = x_fopen( filepath, O_RDONLY, 0 ))) {
+       f = x_fopen( filepath, O_RDONLY, 0 );
+       if (f == NULL) {
                 DEBUG(0,("read_init_file: failed to open [%s]\n", filepath));
                 TALLOC_FREE(info);
                 return false;
@@ -220,14 +233,16 @@ static bool read_init_file( const char *servicename, struct rcinit_file_informat
  
                 /* Look for a line like '^#.*Description:' */
  
-               if ( (p = strstr( str, "Description:" )) != NULL ) {
+               p = strstr( str, "Description:" );
+               if (p != NULL) {
                         char *desc;
  
                         p += strlen( "Description:" ) + 1;
                         if ( !p )
                                 break;
  
-                       if ( (desc = cleanup_string(p)) != NULL )
+                       desc = cleanup_string(p);
+                       if (desc != NULL)
                                 info->description = talloc_strdup( info, desc );
                 }
         }
@@ -248,9 +263,9 @@ static bool read_init_file( const char *servicename, struct rcinit_file_informat
   Display name, Description, etc...
  ********************************************************************/
  
-static void fill_service_values( const char *name, REGVAL_CTR *values )
+static void fill_service_values(const char *name, struct regval_ctr *values)
  {
-       UNISTR2 data, dname, ipath, description;
+       char *dname, *ipath, *description;
         uint32 dword;
         int i;
  
@@ -258,34 +273,27 @@ static void fill_service_values( const char *name, REGVAL_CTR *values )
            I'm just storing them here for cosmetic purposes */
  
         dword = SVCCTL_AUTO_START;
-       regval_ctr_addvalue( values, "Start", REG_DWORD, (char*)&dword, sizeof(uint32));
+       regval_ctr_addvalue( values, "Start", REG_DWORD, (uint8 *)&dword, sizeof(uint32));
  
-       dword = SVCCTL_WIN32_OWN_PROC;
-       regval_ctr_addvalue( values, "Type", REG_DWORD, (char*)&dword, sizeof(uint32));
+       dword = SERVICE_TYPE_WIN32_OWN_PROCESS;
+       regval_ctr_addvalue( values, "Type", REG_DWORD, (uint8 *)&dword, sizeof(uint32));
  
         dword = SVCCTL_SVC_ERROR_NORMAL;
-       regval_ctr_addvalue( values, "ErrorControl", REG_DWORD, (char*)&dword, sizeof(uint32));
+       regval_ctr_addvalue( values, "ErrorControl", REG_DWORD, (uint8 *)&dword, sizeof(uint32));
  
         /* everything runs as LocalSystem */
  
-       init_unistr2( &data, "LocalSystem", UNI_STR_TERMINATE );
-       regval_ctr_addvalue( values, "ObjectName", REG_SZ, (char*)data.buffer, data.uni_str_len*2);
+       regval_ctr_addvalue_sz(values, "ObjectName", "LocalSystem");
  
         /* special considerations for internal services and the DisplayName value */
  
         for ( i=0; builtin_svcs[i].servicename; i++ ) {
                 if ( strequal( name, builtin_svcs[i].servicename ) ) {
-                       char *pstr = NULL;
-                       if (asprintf(&pstr, "%s/%s/%s",
-                                       get_dyn_LIBDIR(), SVCCTL_SCRIPT_DIR,
-                                       builtin_svcs[i].daemon) > 0) {
-                               init_unistr2( &ipath, pstr, UNI_STR_TERMINATE );
-                               SAFE_FREE(pstr);
-                       } else {
-                               init_unistr2( &ipath, "", UNI_STR_TERMINATE );
-                       }
-                       init_unistr2( &description, builtin_svcs[i].description, UNI_STR_TERMINATE );
-                       init_unistr2( &dname, builtin_svcs[i].dispname, UNI_STR_TERMINATE );
+                       ipath = talloc_asprintf(talloc_tos(), "%s/%s/%s",
+                                       get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR,
+                                       builtin_svcs[i].daemon);
+                       description = talloc_strdup(talloc_tos(), builtin_svcs[i].description);
+                       dname = talloc_strdup(talloc_tos(), builtin_svcs[i].dispname);
                         break;
                 }
         }
@@ -293,38 +301,37 @@ static void fill_service_values( const char *name, REGVAL_CTR *values )
         /* default to an external service if we haven't found a match */
  
         if ( builtin_svcs[i].servicename == NULL ) {
-               char *pstr = NULL;
                 char *dispname = NULL;
                 struct rcinit_file_information *init_info = NULL;
  
-               if (asprintf(&pstr, "%s/%s/%s",get_dyn_LIBDIR(),
-                                       SVCCTL_SCRIPT_DIR, name) > 0) {
-                       init_unistr2( &ipath, pstr, UNI_STR_TERMINATE );
-                       SAFE_FREE(pstr);
-               } else {
-                       init_unistr2( &ipath, "", UNI_STR_TERMINATE );
-               }
+               ipath = talloc_asprintf(talloc_tos(), "%s/%s/%s",
+                                       get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR,
+                                       name);
  
                 /* lookup common unix display names */
                 dispname = get_common_service_dispname(name);
-               init_unistr2( &dname, dispname ? dispname : "", UNI_STR_TERMINATE );
+               dname = talloc_strdup(talloc_tos(), dispname ? dispname : "");
                 SAFE_FREE(dispname);
  
                 /* get info from init file itself */
                 if ( read_init_file( name, &init_info ) ) {
-                       init_unistr2( &description, init_info->description, UNI_STR_TERMINATE );
+                       description = talloc_strdup(talloc_tos(), init_info->description);
                         TALLOC_FREE( init_info );
                 }
                 else {
-                       init_unistr2( &description, "External Unix Service", UNI_STR_TERMINATE );
+                       description = talloc_strdup(talloc_tos(), "External Unix Service");
                 }
         }
  
         /* add the new values */
  
-       regval_ctr_addvalue( values, "DisplayName", REG_SZ, (char*)dname.buffer, dname.uni_str_len*2);
-       regval_ctr_addvalue( values, "ImagePath", REG_SZ, (char*)ipath.buffer, ipath.uni_str_len*2);
-       regval_ctr_addvalue( values, "Description", REG_SZ, (char*)description.buffer, description.uni_str_len*2);
+       regval_ctr_addvalue_sz(values, "DisplayName", dname);
+       regval_ctr_addvalue_sz(values, "ImagePath", ipath);
+       regval_ctr_addvalue_sz(values, "Description", description);
+
+       TALLOC_FREE(dname);
+       TALLOC_FREE(ipath);
+       TALLOC_FREE(description);
  
         return;
  }
@@ -332,15 +339,16 @@ static void fill_service_values( const char *name, REGVAL_CTR *values )
  /********************************************************************
  ********************************************************************/
  
-static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
-                              const char *name )
+static void add_new_svc_name(struct registry_key_handle *key_parent,
+                            struct regsubkey_ctr *subkeys,
+                            const char *name )
  {
-       REGISTRY_KEY *key_service, *key_secdesc;
+       struct registry_key_handle *key_service = NULL, *key_secdesc = NULL;
         WERROR wresult;
         char *path = NULL;
-       REGVAL_CTR *values;
-       REGSUBKEY_CTR *svc_subkeys;
-       SEC_DESC *sd;
+       struct regval_ctr *values = NULL;
+       struct regsubkey_ctr *svc_subkeys = NULL;
+       struct security_descriptor *sd = NULL;
         DATA_BLOB sd_blob;
         NTSTATUS status;
  
@@ -358,7 +366,7 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
                                         get_root_nt_token(), REG_KEY_ALL );
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("add_new_svc_name: key lookup failed! [%s] (%s)\n",
-                       path, dos_errstr(wresult)));
+                       path, win_errstr(wresult)));
                 SAFE_FREE(path);
                 return;
         }
@@ -366,7 +374,8 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
  
         /* add the 'Security' key */
  
-       if ( !(svc_subkeys = TALLOC_ZERO_P( key_service, REGSUBKEY_CTR )) ) {
+       wresult = regsubkey_ctr_init(key_service, &svc_subkeys);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
                 TALLOC_FREE( key_service );
                 return;
@@ -378,7 +387,8 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
  
         /* now for the service values */
  
-       if ( !(values = TALLOC_ZERO_P( key_service, REGVAL_CTR )) ) {
+       wresult = regval_ctr_init(key_service, &values);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
                 TALLOC_FREE( key_service );
                 return;
@@ -400,14 +410,15 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
                                         get_root_nt_token(), REG_KEY_ALL );
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("add_new_svc_name: key lookup failed! [%s] (%s)\n",
-                       path, dos_errstr(wresult)));
+                       path, win_errstr(wresult)));
                 TALLOC_FREE( key_secdesc );
                 SAFE_FREE(path);
                 return;
         }
         SAFE_FREE(path);
  
-       if ( !(values = TALLOC_ZERO_P( key_secdesc, REGVAL_CTR )) ) {
+       wresult = regval_ctr_init(key_secdesc, &values);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
                 TALLOC_FREE( key_secdesc );
                 return;
@@ -429,7 +440,7 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
         }
  
         regval_ctr_addvalue(values, "Security", REG_BINARY,
-                           (const char *)sd_blob.data, sd_blob.length);
+                           sd_blob.data, sd_blob.length);
         store_reg_values( key_secdesc, values );
  
         TALLOC_FREE( key_secdesc );
@@ -444,8 +455,8 @@ void svcctl_init_keys( void )
  {
         const char **service_list = lp_svcctl_list();
         int i;
-       REGSUBKEY_CTR *subkeys;
-       REGISTRY_KEY *key = NULL;
+       struct regsubkey_ctr *subkeys = NULL;
+       struct registry_key_handle *key = NULL;
         WERROR wresult;
  
         /* bad mojo here if the lookup failed.  Should not happen */
@@ -455,13 +466,14 @@ void svcctl_init_keys( void )
  
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("svcctl_init_keys: key lookup failed! (%s)\n",
-                       dos_errstr(wresult)));
+                       win_errstr(wresult)));
                 return;
         }
  
         /* lookup the available subkeys */
  
-       if ( !(subkeys = TALLOC_ZERO_P( key, REGSUBKEY_CTR )) ) {
+       wresult = regsubkey_ctr_init(key, &subkeys);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("svcctl_init_keys: talloc() failed!\n"));
                 TALLOC_FREE( key );
                 return;
@@ -500,12 +512,12 @@ void svcctl_init_keys( void )
   in case of any failure.
  ********************************************************************/
  
-SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token )
  {
-       REGISTRY_KEY *key;
-       REGVAL_CTR *values;
-       REGISTRY_VALUE *val;
-       SEC_DESC *ret_sd = NULL;
+       struct registry_key_handle *key = NULL;
+       struct regval_ctr *values = NULL;
+       struct regval_blob *val = NULL;
+       struct security_descriptor *ret_sd = NULL;
         char *path= NULL;
         WERROR wresult;
         NTSTATUS status;
@@ -519,11 +531,12 @@ SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *
                                         REG_KEY_ALL );
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n",
-                       path, dos_errstr(wresult)));
+                       path, win_errstr(wresult)));
                 goto done;
         }
  
-       if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
+       wresult = regval_ctr_init(key, &values);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("svcctl_get_secdesc: talloc() failed!\n"));
                 goto done;
         }
@@ -561,64 +574,69 @@ done:
   Wrapper to make storing a Service sd easier
  ********************************************************************/
  
-bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token )
+bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token )
  {
-       REGISTRY_KEY *key;
+       struct registry_key *key = NULL;
         WERROR wresult;
         char *path = NULL;
-       REGVAL_CTR *values;
-       prs_struct ps;
-       bool ret = False;
+       struct registry_value value;
+       NTSTATUS status;
+       bool ret = false;
+       TALLOC_CTX *mem_ctx = talloc_stackframe();
  
         /* now add the security descriptor */
  
-       if (asprintf(&path, "%s\\%s\\%s", KEY_SERVICES, name, "Security") < 0) {
-               return false;
+       path = talloc_asprintf(mem_ctx, "%s\\%s\\%s", KEY_SERVICES, name,
+                              "Security");
+       if (path == NULL) {
+               goto done;
         }
-       wresult = regkey_open_internal( NULL, &key, path, token,
-                                       REG_KEY_ALL );
+
+       wresult = reg_open_path(mem_ctx, path, REG_KEY_ALL, token, &key);
+
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n",
-                       path, dos_errstr(wresult)));
-               SAFE_FREE(path);
-               return False;
-       }
-       SAFE_FREE(path);
-
-       if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
-               DEBUG(0,("svcctl_set_secdesc: talloc() failed!\n"));
-               TALLOC_FREE( key );
-               return False;
+                       path, win_errstr(wresult)));
+               goto done;
         }
  
         /* stream the printer security descriptor */
-       prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key, MARSHALL);
  
-       if ( sec_io_desc("sec_desc", &sec_desc, &ps, 0 ) ) {
-               uint32 offset = prs_offset( &ps );
-               regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&ps), offset );
-               ret = store_reg_values( key, values );
+       status = marshall_sec_desc(mem_ctx, sec_desc, &value.data.data,
+                                  &value.data.length);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0,("svcctl_set_secdesc: ndr_push_struct_blob() failed!\n"));
+               goto done;
         }
  
-       /* cleanup */
+       value.type = REG_BINARY;
+
+       wresult = reg_setvalue(key, "Security", &value);
+       if (!W_ERROR_IS_OK(wresult)) {
+               DEBUG(0, ("svcctl_set_secdesc: reg_setvalue failed: %s\n",
+                         win_errstr(wresult)));
+               goto done;
+       }
  
-       prs_mem_free( &ps );
-       TALLOC_FREE( key);
+       ret = true;
  
+done:
+       talloc_free(mem_ctx);
         return ret;
  }
  
  /********************************************************************
  ********************************************************************/
  
-const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token )
  {
-       char *display_name = NULL;
-       REGISTRY_KEY *key = NULL;
-       REGVAL_CTR *values;
-       REGISTRY_VALUE *val;
+       const char *display_name = NULL;
+       struct registry_key_handle *key = NULL;
+       struct regval_ctr *values = NULL;
+       struct regval_blob *val = NULL;
         char *path = NULL;
         WERROR wresult;
+       DATA_BLOB blob;
  
         /* now add the security descriptor */
  
@@ -629,13 +647,14 @@ const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TO
                                         REG_KEY_READ );
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("svcctl_lookup_dispname: key lookup failed! [%s] (%s)\n", 
-                       path, dos_errstr(wresult)));
+                       path, win_errstr(wresult)));
                 SAFE_FREE(path);
                 goto fail;
         }
         SAFE_FREE(path);
  
-       if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
+       wresult = regval_ctr_init(key, &values);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("svcctl_lookup_dispname: talloc() failed!\n"));
                 TALLOC_FREE( key );
                 goto fail;
@@ -646,7 +665,8 @@ const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TO
         if ( !(val = regval_ctr_getvalue( values, "DisplayName" )) )
                 goto fail;
  
-       rpcstr_pull_talloc(ctx, &display_name, regval_data_p(val), regval_size(val), 0 );
+       blob = data_blob_const(regval_data_p(val), regval_size(val));
+       pull_reg_sz(ctx, &blob, &display_name);
  
         TALLOC_FREE( key );
  
@@ -661,14 +681,15 @@ fail:
  /********************************************************************
  ********************************************************************/
  
-const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token )
  {
-       char *description = NULL;
-       REGISTRY_KEY *key = NULL;
-       REGVAL_CTR *values;
-       REGISTRY_VALUE *val;
+       const char *description = NULL;
+       struct registry_key_handle *key = NULL;
+       struct regval_ctr *values = NULL;
+       struct regval_blob *val = NULL;
         char *path = NULL;
         WERROR wresult;
+       DATA_BLOB blob;
  
         /* now add the security descriptor */
  
@@ -679,13 +700,14 @@ const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER
                                         REG_KEY_READ );
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("svcctl_lookup_description: key lookup failed! [%s] (%s)\n", 
-                       path, dos_errstr(wresult)));
+                       path, win_errstr(wresult)));
                 SAFE_FREE(path);
                 return NULL;
         }
         SAFE_FREE(path);
  
-       if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
+       wresult = regval_ctr_init(key, &values);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("svcctl_lookup_description: talloc() failed!\n"));
                 TALLOC_FREE( key );
                 return NULL;
@@ -697,7 +719,10 @@ const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER
                 TALLOC_FREE( key );
                 return "Unix Service";
         }
-       rpcstr_pull_talloc(ctx, &description, regval_data_p(val), regval_size(val), 0 );
+
+       blob = data_blob_const(regval_data_p(val), regval_size(val));
+       pull_reg_sz(ctx, &blob, &description);
+
         TALLOC_FREE(key);
  
         return description;
@@ -707,10 +732,10 @@ const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER
  /********************************************************************
  ********************************************************************/
  
-REGVAL_CTR *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token )
+struct regval_ctr *svcctl_fetch_regvalues(const char *name, struct security_token *token)
  {
-       REGISTRY_KEY *key = NULL;
-       REGVAL_CTR *values;
+       struct registry_key_handle *key = NULL;
+       struct regval_ctr *values = NULL;
         char *path = NULL;
         WERROR wresult;
  
@@ -723,13 +748,14 @@ REGVAL_CTR *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token )
                                         REG_KEY_READ );
         if ( !W_ERROR_IS_OK(wresult) ) {
                 DEBUG(0,("svcctl_fetch_regvalues: key lookup failed! [%s] (%s)\n",
-                       path, dos_errstr(wresult)));
+                       path, win_errstr(wresult)));
                 SAFE_FREE(path);
                 return NULL;
         }
         SAFE_FREE(path);
  
-       if ( !(values = TALLOC_ZERO_P( NULL, REGVAL_CTR )) ) {
+       wresult = regval_ctr_init(NULL, &values);
+       if (!W_ERROR_IS_OK(wresult)) {
                 DEBUG(0,("svcctl_fetch_regvalues: talloc() failed!\n"));
                 TALLOC_FREE( key );
                 return NULL;