/*
* Unix SMB/CIFS implementation.
- * RPC Pipe client / server routines
- * Copyright (C) Gerald Carter 2002.
+ * Virtual Windows Registry Layer
+ * Copyright (C) Gerald Carter 2002-2005
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-/* Implementation of registry database functions. */
+/* Implementation of registry frontend view functions. */
#include "includes.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_SRV
+extern REGISTRY_OPS printing_ops;
+extern REGISTRY_OPS eventlog_ops;
+extern REGISTRY_OPS shares_reg_ops;
+extern REGISTRY_OPS regdb_ops; /* these are the default */
+/* array of REGISTRY_HOOK's which are read into a tree for easy access */
+/* #define REG_TDB_ONLY 1 */
-static TDB_CONTEXT *tdb_reg;
+REGISTRY_HOOK reg_hooks[] = {
+#ifndef REG_TDB_ONLY
+ { KEY_PRINTING, &printing_ops },
+ { KEY_PRINTING_2K, &printing_ops },
+ { KEY_PRINTING_PORTS, &printing_ops },
+ { KEY_EVENTLOG, &eventlog_ops },
+ { KEY_SHARES, &shares_reg_ops },
+#endif
+ { NULL, NULL }
+};
-/***********************************************************************
- Open the registry database
- ***********************************************************************/
-
-static BOOL init_registry_data( void )
+static struct generic_mapping reg_generic_map =
+ { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL };
+
+/********************************************************************
+********************************************************************/
+
+static NTSTATUS registry_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
+ uint32 access_desired, uint32 *access_granted )
{
- pstring keyname;
- char *subkeys[3];
+ NTSTATUS result;
- /* HKEY_LOCAL_MACHINE */
-
- pstrcpy( keyname, KEY_HKLM );
- subkeys[0] = "SYSTEM";
- if ( !store_reg_keys( keyname, subkeys, 1 ))
- return False;
-
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM" );
- subkeys[0] = "CurrentControlSet";
- if ( !store_reg_keys( keyname, subkeys, 1 ))
- return False;
-
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM/CurrentControlSet" );
- subkeys[0] = "Control";
- subkeys[1] = "services";
- if ( !store_reg_keys( keyname, subkeys, 2 ))
- return False;
+ if ( geteuid() == sec_initial_uid() ) {
+ DEBUG(5,("registry_access_check: using root's token\n"));
+ token = get_root_nt_token();
+ }
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM/CurrentControlSet/Control" );
- subkeys[0] = "Print";
- subkeys[1] = "ProduceOptions";
- if ( !store_reg_keys( keyname, subkeys, 2 ))
- return False;
+ se_map_generic( &access_desired, ®_generic_map );
+ se_access_check( sec_desc, token, access_desired, access_granted, &result );
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM/CurrentControlSet/Control/Print" );
- subkeys[0] = "Environments";
- subkeys[1] = "Forms";
- subkeys[2] = "Printers";
- if ( !store_reg_keys( keyname, subkeys, 3 ))
- return False;
+ return result;
+}
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM/CurrentControlSet/Control/ProductOptions" );
- if ( !store_reg_keys( keyname, subkeys, 0 ))
- return False;
+/********************************************************************
+********************************************************************/
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM/CurrentControlSet/services" );
- subkeys[0] = "Netlogon";
- if ( !store_reg_keys( keyname, subkeys, 1 ))
- return False;
-
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM/CurrentControlSet/services/Netlogon" );
- subkeys[0] = "parameters";
- if ( !store_reg_keys( keyname, subkeys, 1 ))
- return False;
-
- pstrcpy( keyname, KEY_HKLM );
- pstrcat( keyname, "/SYSTEM/CurrentControlSet/services/Netlogon/parameters" );
- if ( !store_reg_keys( keyname, subkeys, 0 ))
- return False;
+static SEC_DESC* construct_registry_sd( TALLOC_CTX *ctx )
+{
+ SEC_ACE ace[2];
+ SEC_ACCESS mask;
+ size_t i = 0;
+ SEC_DESC *sd;
+ SEC_ACL *acl;
+ size_t sd_size;
+ /* basic access for Everyone */
- /* HKEY_USER */
-
- pstrcpy( keyname, KEY_HKU );
- if ( !store_reg_keys( keyname, subkeys, 0 ) )
- return False;
-
- return True;
+ init_sec_access(&mask, REG_KEY_READ );
+ init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
+
+ /* Full Access 'BUILTIN\Administrators' */
+
+ init_sec_access(&mask, REG_KEY_ALL );
+ init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
+
+
+ /* create the security descriptor */
+
+ if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
+ return NULL;
+
+ if ( !(sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, acl, &sd_size)) )
+ return NULL;
+
+ return sd;
}
/***********************************************************************
- Open the registry database
+ Open the registry database and initialize the REGISTRY_HOOK cache
***********************************************************************/
BOOL init_registry( void )
{
- static pid_t local_pid;
+ int i;
- if (tdb_reg && local_pid == sys_getpid())
- return True;
+ if ( !init_registry_db() ) {
+ DEBUG(0,("init_registry: failed to initialize the registry tdb!\n"));
+ return False;
+ }
- /*
- * try to open first without creating so we can determine
- * if we need to init the data in the registry
- */
+ /* build the cache tree of registry hooks */
- tdb_reg = tdb_open_log(lock_path("registry.tdb"), 0, TDB_DEFAULT, O_RDWR, 0600);
- if ( !tdb_reg )
- {
- tdb_reg = tdb_open_log(lock_path("registry.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
- if ( !tdb_reg ) {
- DEBUG(0,("init_registry: Failed to open registry %s (%s)\n",
- lock_path("registry.tdb"), strerror(errno) ));
- return False;
- }
-
- DEBUG(10,("init_registry: Successfully created registry tdb\n"));
-
- /* create the registry here */
- if ( !init_registry_data() ) {
- DEBUG(0,("init_registry: Failed to initiailize data in registry!\n"));
+ reghook_cache_init();
+
+ for ( i=0; reg_hooks[i].keyname; i++ ) {
+ if ( !reghook_cache_add(®_hooks[i]) )
return False;
- }
}
- local_pid = sys_getpid();
-
+ if ( DEBUGLEVEL >= 20 )
+ reghook_dump_cache(20);
+
+ /* inform the external eventlog machinery of the change */
+
+ eventlog_refresh_external_parameters( get_root_nt_token() );
+
+ /* add any services keys */
+
+ svcctl_init_keys();
+
return True;
}
/***********************************************************************
- Add subkey strings to the registry tdb under a defined key
- fmt is the same format as tdb_pack except this function only supports
- fstrings
+ High level wrapper function for storing registry subkeys
***********************************************************************/
-BOOL store_reg_keys( char *keyname, char **subkeys, uint32 num_subkeys )
+BOOL store_reg_keys( REGISTRY_KEY *key, REGSUBKEY_CTR *subkeys )
{
- TDB_DATA kbuf, dbuf;
- char *buffer, *tmpbuf;
- int i = 0;
- uint32 len, buflen;
- BOOL ret = True;
-
- if ( !keyname )
- return False;
-
- /* allocate some initial memory */
+ if ( key->hook && key->hook->ops && key->hook->ops->store_subkeys )
+ return key->hook->ops->store_subkeys( key->name, subkeys );
- buffer = malloc(sizeof(pstring));
- buflen = sizeof(pstring);
- len = 0;
-
- /* store the number of subkeys */
-
- len += tdb_pack(buffer+len, buflen-len, "d", num_subkeys);
-
- /* pack all the strings */
-
- for (i=0; i<num_subkeys; i++) {
- len += tdb_pack(buffer+len, buflen-len, "f", subkeys[i]);
- if ( len > buflen ) {
- /* allocate some extra space */
- if ((tmpbuf = Realloc( buffer, len*2 )) == NULL) {
- DEBUG(0,("store_reg_keys: Failed to realloc memory of size [%d]\n", len*2));
- ret = False;
- goto done;
- }
- buffer = tmpbuf;
- buflen = len*2;
-
- len = tdb_pack(buffer+len, buflen-len, "f", subkeys[i]);
- }
- }
-
- /* finally write out the data */
+ return False;
+
+}
+
+/***********************************************************************
+ High level wrapper function for storing registry values
+ ***********************************************************************/
+
+BOOL store_reg_values( REGISTRY_KEY *key, REGVAL_CTR *val )
+{
+ if ( check_dynamic_reg_values( key ) )
+ return False;
+
+ if ( key->hook && key->hook->ops && key->hook->ops->store_values )
+ return key->hook->ops->store_values( key->name, val );
+
+ return False;
+}
+
+
+/***********************************************************************
+ High level wrapper function for enumerating registry subkeys
+ Initialize the TALLOC_CTX if necessary
+ ***********************************************************************/
+
+int fetch_reg_keys( REGISTRY_KEY *key, REGSUBKEY_CTR *subkey_ctr )
+{
+ int result = -1;
- kbuf.dptr = keyname;
- kbuf.dsize = strlen(keyname)+1;
- dbuf.dptr = buffer;
- dbuf.dsize = len;
- if ( tdb_store( tdb_reg, kbuf, dbuf, TDB_REPLACE ) == -1) {
- ret = False;
- goto done;
- }
+ if ( key->hook && key->hook->ops && key->hook->ops->fetch_subkeys )
+ result = key->hook->ops->fetch_subkeys( key->name, subkey_ctr );
-done:
- SAFE_FREE( buffer );
- return ret;
+ return result;
}
/***********************************************************************
- Retrieve an array of strings containing subkeys. Memory should be
- released by the caller. The subkeys are stored in a catenated string
- of null terminated character strings
+ retreive a specific subkey specified by index. Caller is
+ responsible for freeing memory
***********************************************************************/
-int fetch_reg_keys( char* key, char **subkeys )
+BOOL fetch_reg_keys_specific( REGISTRY_KEY *key, char** subkey, uint32 key_index )
{
- pstring path;
- uint32 num_items;
- TDB_DATA dbuf;
- char *buf;
- uint32 buflen, len;
- int i;
+ static REGSUBKEY_CTR *ctr = NULL;
+ static pstring save_path;
char *s;
-
-
- pstrcpy( path, key );
- /* convert to key format */
- pstring_sub( path, "\\", "/" );
+ *subkey = NULL;
- dbuf = tdb_fetch_by_string( tdb_reg, path );
-
- buf = dbuf.dptr;
- buflen = dbuf.dsize;
+ /* simple caching for performance; very basic heuristic */
+
+ DEBUG(8,("fetch_reg_keys_specific: Looking for key [%d] of [%s]\n", key_index, key->name));
- if ( !buf ) {
- DEBUG(5,("fetch_reg_keys: Failed to fetch any subkeys for [%s]\n", key));
- return 0;
+ if ( !ctr ) {
+ DEBUG(8,("fetch_reg_keys_specific: Initializing cache of subkeys for [%s]\n", key->name));
+
+ if ( !(ctr = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR )) ) {
+ DEBUG(0,("fetch_reg_keys_specific: talloc() failed!\n"));
+ return False;
+ }
+
+ pstrcpy( save_path, key->name );
+
+ if ( fetch_reg_keys( key, ctr) == -1 )
+ return False;
+
}
-
- len = tdb_unpack( buf, buflen, "d", &num_items);
- if (num_items) {
- if ( (*subkeys = (char*)malloc(sizeof(fstring)*num_items)) == NULL ) {
- DEBUG(0,("fetch_reg_keys: Failed to malloc memory for subkey array containing [%d] items!\n",
- num_items));
- num_items = -1;
- goto done;
+ /* clear the cache when key_index == 0 or the path has changed */
+ else if ( !key_index || StrCaseCmp( save_path, key->name) ) {
+
+ DEBUG(8,("fetch_reg_keys_specific: Updating cache of subkeys for [%s]\n", key->name));
+
+ TALLOC_FREE( ctr );
+
+ if ( !(ctr = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR )) ) {
+ DEBUG(0,("fetch_reg_keys_specific: talloc() failed!\n"));
+ return False;
}
+
+ pstrcpy( save_path, key->name );
+
+ if ( fetch_reg_keys( key, ctr) == -1 )
+ return False;
}
- s = *subkeys;
- for (i=0; i<num_items; i++) {
- len += tdb_unpack( buf+len, buflen-len, "f", s );
- s += strlen(s) + 1;
- }
+ if ( !(s = regsubkey_ctr_specific_key( ctr, key_index )) )
+ return False;
-done:
- SAFE_FREE(dbuf.dptr);
- return num_items;
+ *subkey = SMB_STRDUP( s );
+
+ return True;
}
/***********************************************************************
- count the number of subkeys dtored in the registry
+ High level wrapper function for enumerating registry values
***********************************************************************/
-int fetch_reg_keys_count( char* key )
+int fetch_reg_values( REGISTRY_KEY *key, REGVAL_CTR *val )
{
- pstring path;
- uint32 num_items;
- TDB_DATA dbuf;
- char *buf;
- uint32 buflen, len;
+ int result = -1;
+ if ( key->hook && key->hook->ops && key->hook->ops->fetch_values )
+ result = key->hook->ops->fetch_values( key->name, val );
- pstrcpy( path, key );
+ /* if the backend lookup returned no data, try the dynamic overlay */
- /* convert to key format */
- pstring_sub( path, "\\", "/" );
+ if ( result == 0 ) {
+ result = fetch_dynamic_reg_values( key, val );
+
+ return ( result != -1 ) ? result : 0;
+ }
+
+ return result;
+}
+
+
+/***********************************************************************
+ retreive a specific subkey specified by index. Caller is
+ responsible for freeing memory
+ ***********************************************************************/
+
+BOOL fetch_reg_values_specific( REGISTRY_KEY *key, REGISTRY_VALUE **val, uint32 val_index )
+{
+ static REGVAL_CTR *ctr = NULL;
+ static pstring save_path;
+ REGISTRY_VALUE *v;
- dbuf = tdb_fetch_by_string( tdb_reg, path );
+ *val = NULL;
- buf = dbuf.dptr;
- buflen = dbuf.dsize;
+ /* simple caching for performance; very basic heuristic */
- if ( !buf ) {
- DEBUG(5,("fetch_reg_keys: Failed to fetch any subkeys for [%s]\n", key));
- return 0;
+ if ( !ctr ) {
+ DEBUG(8,("fetch_reg_values_specific: Initializing cache of values for [%s]\n", key->name));
+
+ if ( !(ctr = TALLOC_ZERO_P( NULL, REGVAL_CTR )) ) {
+ DEBUG(0,("fetch_reg_values_specific: talloc() failed!\n"));
+ return False;
+ }
+
+ pstrcpy( save_path, key->name );
+
+ if ( fetch_reg_values( key, ctr) == -1 )
+ return False;
+ }
+ /* clear the cache when val_index == 0 or the path has changed */
+ else if ( !val_index || !strequal(save_path, key->name) ) {
+
+ DEBUG(8,("fetch_reg_values_specific: Updating cache of values for [%s]\n", key->name));
+
+ TALLOC_FREE( ctr );
+
+ if ( !(ctr = TALLOC_ZERO_P( NULL, REGVAL_CTR )) ) {
+ DEBUG(0,("fetch_reg_values_specific: talloc() failed!\n"));
+ return False;
+ }
+
+ pstrcpy( save_path, key->name );
+
+ if ( fetch_reg_values( key, ctr) == -1 )
+ return False;
}
- len = tdb_unpack( buf, buflen, "d", &num_items);
+ if ( !(v = regval_ctr_specific_value( ctr, val_index )) )
+ return False;
+
+ *val = dup_registry_value( v );
+
+ return True;
+}
+
+/***********************************************************************
+ High level access check for passing the required access mask to the
+ underlying registry backend
+ ***********************************************************************/
+
+BOOL regkey_access_check( REGISTRY_KEY *key, uint32 requested, uint32 *granted, NT_USER_TOKEN *token )
+{
+ /* use the default security check if the backend has not defined its own */
- SAFE_FREE( buf );
+ if ( !(key->hook && key->hook->ops && key->hook->ops->reg_access_check) ) {
+ SEC_DESC *sec_desc;
+ NTSTATUS status;
+
+ if ( !(sec_desc = construct_registry_sd( get_talloc_ctx() )) )
+ return False;
+
+ status = registry_access_check( sec_desc, token, requested, granted );
+
+ return NT_STATUS_IS_OK(status);
+ }
- return num_items;
+ return key->hook->ops->reg_access_check( key->name, requested, granted, token );
}
/***********************************************************************
- retreive a specific subkey specified by index. The subkey parameter
- is assumed to be an fstring.
- ***********************************************************************/
+***********************************************************************/
-BOOL fetch_reg_keys_specific( char* key, char* subkey, uint32 key_index )
+WERROR regkey_open_internal( REGISTRY_KEY **regkey, const char *path,
+ NT_USER_TOKEN *token, uint32 access_desired )
{
- int num_subkeys, i;
- char *subkeys = NULL;
- char *s;
+ WERROR result = WERR_OK;
+ REGISTRY_KEY *keyinfo;
+ REGSUBKEY_CTR *subkeys = NULL;
+ uint32 access_granted;
- num_subkeys = fetch_reg_keys( key, &subkeys );
- if ( num_subkeys == -1 )
- return False;
+ DEBUG(7,("regkey_open_internal: name = [%s]\n", path));
- s = subkeys;
- for ( i=0; i<num_subkeys; i++ ) {
- /* copy the key if the index matches */
- if ( i == key_index ) {
- fstrcpy( subkey, s );
- break;
- }
+ if ( !(*regkey = TALLOC_ZERO_P(NULL, REGISTRY_KEY)) )
+ return WERR_NOMEM;
+
+ keyinfo = *regkey;
- /* go onto the next string */
- s += strlen(s) + 1;
+ /* initialization */
+
+ keyinfo->type = REG_KEY_GENERIC;
+ keyinfo->name = talloc_strdup( keyinfo, path );
+
+
+ /* Tag this as a Performance Counter Key */
+
+ if( StrnCaseCmp(path, KEY_HKPD, strlen(KEY_HKPD)) == 0 )
+ keyinfo->type = REG_KEY_HKPD;
+
+ /* Look up the table of registry I/O operations */
+
+ if ( !(keyinfo->hook = reghook_cache_find( keyinfo->name )) ) {
+ DEBUG(0,("open_registry_key: Failed to assigned a REGISTRY_HOOK to [%s]\n",
+ keyinfo->name ));
+ result = WERR_BADFILE;
+ goto done;
}
- SAFE_FREE(subkeys);
+ /* check if the path really exists; failed is indicated by -1 */
+ /* if the subkey count failed, bail out */
+
+ if ( !(subkeys = TALLOC_ZERO_P( keyinfo, REGSUBKEY_CTR )) ) {
+ result = WERR_NOMEM;
+ goto done;
+ }
+
+ if ( fetch_reg_keys( keyinfo, subkeys ) == -1 ) {
+ result = WERR_BADFILE;
+ goto done;
+ }
- return True;
-}
+ TALLOC_FREE( subkeys );
+ if ( !regkey_access_check( keyinfo, access_desired, &access_granted, token ) ) {
+ result = WERR_ACCESS_DENIED;
+ goto done;
+ }
+
+ keyinfo->access_granted = access_granted;
-
+done:
+ if ( !W_ERROR_IS_OK(result) ) {
+ TALLOC_FREE( *regkey );
+ }
+ return result;
+}
git.samba.org / vlendec / samba-autobuild / .git / blobdiff