#include "includes.h"
#include "utils/net.h"
+#include "utils/net_registry_util.h"
#include "regfio.h"
#include "reg_objects.h"
-static BOOL reg_hive_key(const char *fullname, uint32 *reg_type,
- const char **key_name)
+static bool reg_hive_key(TALLOC_CTX *ctx, const char *fullname,
+ uint32 *reg_type, const char **key_name)
{
- const char *sep;
- ptrdiff_t len;
+ WERROR werr;
+ char *hivename = NULL;
+ char *tmp_keyname = NULL;
+ bool ret = false;
+ TALLOC_CTX *tmp_ctx = talloc_stackframe();
- sep = strchr_m(fullname, '\\');
-
- if (sep != NULL) {
- len = sep - fullname;
- *key_name = sep+1;
+ werr = split_hive_key(tmp_ctx, fullname, &hivename, &tmp_keyname);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
}
- else {
- len = strlen(fullname);
- *key_name = "";
+
+ *key_name = talloc_strdup(ctx, tmp_keyname);
+ if (*key_name == NULL) {
+ goto done;
}
- if (strnequal(fullname, "HKLM", len) ||
- strnequal(fullname, "HKEY_LOCAL_MACHINE", len))
+ if (strequal(hivename, "HKLM") ||
+ strequal(hivename, "HKEY_LOCAL_MACHINE"))
+ {
(*reg_type) = HKEY_LOCAL_MACHINE;
- else if (strnequal(fullname, "HKCR", len) ||
- strnequal(fullname, "HKEY_CLASSES_ROOT", len))
+ } else if (strequal(hivename, "HKCR") ||
+ strequal(hivename, "HKEY_CLASSES_ROOT"))
+ {
(*reg_type) = HKEY_CLASSES_ROOT;
- else if (strnequal(fullname, "HKU", len) ||
- strnequal(fullname, "HKEY_USERS", len))
+ } else if (strequal(hivename, "HKU") ||
+ strequal(hivename, "HKEY_USERS"))
+ {
(*reg_type) = HKEY_USERS;
- else if (strnequal(fullname, "HKCU", len) ||
- strnequal(fullname, "HKEY_CURRENT_USER", len))
+ } else if (strequal(hivename, "HKCU") ||
+ strequal(hivename, "HKEY_CURRENT_USER"))
+ {
(*reg_type) = HKEY_CURRENT_USER;
- else if (strnequal(fullname, "HKPD", len) ||
- strnequal(fullname, "HKEY_PERFORMANCE_DATA", len))
+ } else if (strequal(hivename, "HKPD") ||
+ strequal(hivename, "HKEY_PERFORMANCE_DATA"))
+ {
(*reg_type) = HKEY_PERFORMANCE_DATA;
- else {
+ } else {
DEBUG(10,("reg_hive_key: unrecognised hive key %s\n",
fullname));
- return False;
+ goto done;
}
- return True;
+ ret = true;
+
+done:
+ TALLOC_FREE(tmp_ctx);
+ return ret;
}
static NTSTATUS registry_openkey(TALLOC_CTX *mem_ctx,
ZERO_STRUCT(key);
- if (!reg_hive_key(name, &hive, &key.name)) {
+ if (!reg_hive_key(mem_ctx, name, &hive, &key.name)) {
return NT_STATUS_INVALID_PARAMETER;
}
}
status = rpccli_winreg_OpenKey(pipe_hnd, mem_ctx, hive_hnd, key, 0,
- access_mask, key_hnd);
+ access_mask, key_hnd, NULL);
if (!(NT_STATUS_IS_OK(status))) {
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, hive_hnd);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, hive_hnd, NULL);
return status;
}
status = rpccli_winreg_QueryInfoKey(
pipe_hnd, mem_ctx, key_hnd, &classname, &num_subkeys,
&max_subkeylen, &max_classlen, &num_values, &max_valnamelen,
- &max_valbufsize, &secdescsize, &last_changed_time );
+ &max_valbufsize, &secdescsize, &last_changed_time, NULL );
if (!NT_STATUS_IS_OK(status)) {
goto error;
struct winreg_StringBuf class_buf;
struct winreg_StringBuf name_buf;
NTTIME modtime;
+ WERROR werr;
c = '\0';
class_buf.name = &c;
status = rpccli_winreg_EnumKey(pipe_hnd, mem_ctx, key_hnd,
i, &name_buf, &class_buf,
- &modtime);
+ &modtime, &werr);
- if (W_ERROR_EQUAL(ntstatus_to_werror(status),
+ if (W_ERROR_EQUAL(werr,
WERR_NO_MORE_ITEMS) ) {
status = NT_STATUS_OK;
break;
status = rpccli_winreg_QueryInfoKey(
pipe_hnd, mem_ctx, key_hnd, &classname, &num_subkeys,
&max_subkeylen, &max_classlen, &num_values, &max_valnamelen,
- &max_valbufsize, &secdescsize, &last_changed_time );
+ &max_valbufsize, &secdescsize, &last_changed_time, NULL );
if (!NT_STATUS_IS_OK(status)) {
goto error;
status = rpccli_winreg_EnumValue(pipe_hnd, mem_ctx, key_hnd,
i, &name_buf, &type,
data, &data_size,
- &value_length );
+ &value_length, &err);
- if ( W_ERROR_EQUAL(ntstatus_to_werror(status),
+ if ( W_ERROR_EQUAL(err,
WERR_NO_MORE_ITEMS) ) {
status = NT_STATUS_OK;
break;
return status;
}
+static NTSTATUS registry_getsd(TALLOC_CTX *mem_ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ struct policy_handle *key_hnd,
+ uint32_t sec_info,
+ struct KeySecurityData *sd)
+{
+ return rpccli_winreg_GetKeySecurity(pipe_hnd, mem_ctx, key_hnd,
+ sec_info, sd, NULL);
+}
+
+
static NTSTATUS registry_setvalue(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *pipe_hnd,
struct policy_handle *key_hnd,
name_string.name = name;
result = rpccli_winreg_SetValue(pipe_hnd, blob.data, key_hnd,
name_string, value->type,
- blob.data, blob.length);
+ blob.data, blob.length, NULL);
TALLOC_FREE(blob.data);
return result;
}
}
error:
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd);
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd, NULL);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
return NT_STATUS_OK;
}
valuename.name = argv[1];
status = rpccli_winreg_DeleteValue(pipe_hnd, mem_ctx, &key_hnd,
- valuename);
+ valuename, NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_deletevalue failed: %s\n",
nt_errstr(status));
}
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd);
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd, NULL);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
- return NT_STATUS_OK;
+ return status;
}
static int rpc_registry_deletevalue( int argc, const char **argv )
ZERO_STRUCT(key);
ZERO_STRUCT(keyclass);
- if (!reg_hive_key(argv[0], &hive, &key.name)) {
+ if (!reg_hive_key(mem_ctx, argv[0], &hive, &key.name)) {
return NT_STATUS_INVALID_PARAMETER;
}
status = rpccli_winreg_CreateKey(pipe_hnd, mem_ctx, &hive_hnd, key,
keyclass, 0, REG_KEY_READ, NULL,
- &key_hnd, &action);
+ &key_hnd, &action, NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "createkey returned %s\n",
nt_errstr(status));
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
return status;
}
break;
}
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd);
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd, NULL);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
return status;
}
ZERO_STRUCT(key);
- if (!reg_hive_key(argv[0], &hive, &key.name)) {
+ if (!reg_hive_key(mem_ctx, argv[0], &hive, &key.name)) {
return NT_STATUS_INVALID_PARAMETER;
}
return status;
}
- status = rpccli_winreg_DeleteKey(pipe_hnd, mem_ctx, &hive_hnd, key);
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd);
+ status = rpccli_winreg_DeleteKey(pipe_hnd, mem_ctx, &hive_hnd, key, NULL);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "deletekey returned %s\n",
struct registry_value **values = NULL;
if (argc != 1 ) {
- d_printf("Usage: net rpc enumerate <path> [recurse]\n");
- d_printf("Example: net rpc enumerate 'HKLM\\Software\\Samba'\n");
- return NT_STATUS_OK;
+ d_printf("Usage: net rpc registry enumerate <path> [recurse]\n");
+ d_printf("Example: net rpc registry enumerate 'HKLM\\Software\\Samba'\n");
+ return NT_STATUS_INVALID_PARAMETER;
}
status = registry_openkey(mem_ctx, pipe_hnd, argv[0], REG_KEY_READ,
}
for (i=0; i<num_subkeys; i++) {
- d_printf("Keyname = %s\n", names[i]);
- d_printf("Modtime = %s\n", modtimes[i]
- ? http_timestring(nt_time_to_unix(*modtimes[i]))
- : "None");
- d_printf("\n" );
+ print_registry_key(names[i], modtimes[i]);
}
status = registry_enumvalues(mem_ctx, pipe_hnd, &pol_key, &num_values,
}
for (i=0; i<num_values; i++) {
- struct registry_value *v = values[i];
- d_printf("Valuename = %s\n", names[i]);
- d_printf("Type = %s\n",
- reg_type_lookup(v->type));
- switch(v->type) {
- case REG_DWORD:
- d_printf("Value = %d\n", v->v.dword);
- break;
- case REG_SZ:
- case REG_EXPAND_SZ:
- d_printf("Value = \"%s\"\n", v->v.sz.str);
- break;
- case REG_MULTI_SZ: {
- uint32 j;
- for (j = 0; j < v->v.multi_sz.num_strings; j++) {
- d_printf("Value[%3.3d] = \"%s\"\n", j,
- v->v.multi_sz.strings[j]);
- }
- break;
- }
- case REG_BINARY:
- d_printf("Value = %d bytes\n",
- (int)v->v.binary.length);
- break;
- default:
- d_printf("Value = <unprintable>\n");
- break;
- }
-
- d_printf("\n");
+ print_registry_value(names[i], values[i]);
}
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_key );
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_hive );
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_key, NULL);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_hive, NULL);
return status;
}
struct winreg_String filename;
if (argc != 2 ) {
- d_printf("Usage: net rpc backup <path> <file> \n");
- return NT_STATUS_OK;
+ d_printf("Usage: net rpc registry backup <path> <file> \n");
+ return NT_STATUS_INVALID_PARAMETER;
}
status = registry_openkey(mem_ctx, pipe_hnd, argv[0], REG_KEY_ALL,
}
filename.name = argv[1];
- status = rpccli_winreg_SaveKey( pipe_hnd, mem_ctx, &pol_key, &filename, NULL );
+ status = rpccli_winreg_SaveKey( pipe_hnd, mem_ctx, &pol_key, &filename, NULL, NULL);
if ( !W_ERROR_IS_OK(result) ) {
d_fprintf(stderr, "Unable to save [%s] to %s:%s\n", argv[0], cli->desthost, argv[1]);
}
/* cleanup */
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_key );
- rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_hive );
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_key, NULL);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_hive, NULL);
return status;
}
static void dump_values( REGF_NK_REC *nk )
{
int i, j;
- pstring data_str;
+ char *data_str = NULL;
uint32 data_size, data;
if ( !nk->values )
data_size = nk->values[i].data_size & ~VK_DATA_IN_OFFSET;
switch ( nk->values[i].type ) {
case REG_SZ:
- rpcstr_pull( data_str, nk->values[i].data, sizeof(data_str), -1, STR_TERMINATE );
+ rpcstr_pull_talloc(talloc_tos(),
+ &data_str,
+ nk->values[i].data,
+ -1,
+ STR_TERMINATE);
+ if (!data_str) {
+ break;
+ }
d_printf( "%s", data_str );
break;
case REG_MULTI_SZ:
/********************************************************************
********************************************************************/
-static BOOL dump_registry_tree( REGF_FILE *file, REGF_NK_REC *nk, const char *parent )
+static bool dump_registry_tree( REGF_FILE *file, REGF_NK_REC *nk, const char *parent )
{
REGF_NK_REC *key;
- pstring regpath;
/* depth first dump of the registry tree */
while ( (key = regfio_fetch_subkey( file, nk )) ) {
- pstr_sprintf( regpath, "%s\\%s", parent, key->keyname );
+ char *regpath;
+ if (asprintf(®path, "%s\\%s", parent, key->keyname) < 0) {
+ break;
+ }
d_printf("[%s]\n", regpath );
dump_values( key );
d_printf("\n");
dump_registry_tree( file, key, regpath );
+ SAFE_FREE(regpath);
}
return True;
/********************************************************************
********************************************************************/
-static BOOL write_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
+static bool write_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
REGF_NK_REC *parent, REGF_FILE *outfile,
const char *parentpath )
{
REGF_NK_REC *key, *subkey;
- REGVAL_CTR *values;
- REGSUBKEY_CTR *subkeys;
+ REGVAL_CTR *values = NULL;
+ REGSUBKEY_CTR *subkeys = NULL;
int i;
- pstring path;
+ char *path = NULL;
if ( !( subkeys = TALLOC_ZERO_P( infile->mem_ctx, REGSUBKEY_CTR )) ) {
DEBUG(0,("write_registry_tree: talloc() failed!\n"));
if ( !(values = TALLOC_ZERO_P( subkeys, REGVAL_CTR )) ) {
DEBUG(0,("write_registry_tree: talloc() failed!\n"));
+ TALLOC_FREE(subkeys);
return False;
}
/* copy values into the REGVAL_CTR */
-
+
for ( i=0; i<nk->num_values; i++ ) {
regval_ctr_addvalue( values, nk->values[i].valuename, nk->values[i].type,
(const char *)nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) );
}
/* copy subkeys into the REGSUBKEY_CTR */
-
+
while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
regsubkey_ctr_addkey( subkeys, subkey->keyname );
}
-
+
key = regfio_write_key( outfile, nk->keyname, values, subkeys, nk->sec_desc->sec_desc, parent );
/* write each one of the subkeys out */
- pstr_sprintf( path, "%s%s%s", parentpath, parent ? "\\" : "", nk->keyname );
+ path = talloc_asprintf(subkeys,
+ "%s%s%s",
+ parentpath,
+ parent ? "\\" : "",
+ nk->keyname);
+ if (!path) {
+ TALLOC_FREE(subkeys);
+ return false;
+ }
+
nk->subkey_index = 0;
while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
write_registry_tree( infile, subkey, key, outfile, path );
}
- TALLOC_FREE( subkeys );
-
d_printf("[%s]\n", path );
-
+ TALLOC_FREE(subkeys);
+
return True;
}
REGF_NK_REC *nk;
if (argc != 1 ) {
- d_printf("Usage: net rpc dump <file> \n");
- return 0;
+ d_printf("Usage: net rpc registry dump <file> \n");
+ return -1;
}
d_printf("Opening %s....", argv[0]);
int result = 1;
if (argc != 2 ) {
- d_printf("Usage: net rpc copy <srcfile> <newfile>\n");
- return 0;
+ d_printf("Usage: net rpc registry copy <srcfile> <newfile>\n");
+ return -1;
}
d_printf("Opening %s....", argv[0]);
/********************************************************************
********************************************************************/
+static NTSTATUS rpc_registry_getsd_internal(const DOM_SID *domain_sid,
+ const char *domain_name,
+ struct cli_state *cli,
+ struct rpc_pipe_client *pipe_hnd,
+ TALLOC_CTX *mem_ctx,
+ int argc,
+ const char **argv)
+{
+ POLICY_HND pol_hive, pol_key;
+ NTSTATUS status;
+ enum ndr_err_code ndr_err;
+ struct KeySecurityData *sd = NULL;
+ uint32_t sec_info;
+ DATA_BLOB blob;
+ struct security_descriptor sec_desc;
+ uint32_t access_mask = REG_KEY_READ |
+ SEC_RIGHT_MAXIMUM_ALLOWED |
+ SEC_RIGHT_SYSTEM_SECURITY;
+
+ if (argc <1 || argc > 2) {
+ d_printf("Usage: net rpc registry getsd <path> <secinfo>\n");
+ d_printf("Example: net rpc registry getsd 'HKLM\\Software\\Samba'\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ status = registry_openkey(mem_ctx, pipe_hnd, argv[0],
+ access_mask,
+ &pol_hive, &pol_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "registry_openkey failed: %s\n",
+ nt_errstr(status));
+ return status;
+ }
+
+ sd = TALLOC_ZERO_P(mem_ctx, struct KeySecurityData);
+ if (!sd) {
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
+ }
+
+ sd->size = 0x1000;
+
+ if (argc >= 2) {
+ sscanf(argv[1], "%x", &sec_info);
+ } else {
+ sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
+ }
+
+ status = registry_getsd(mem_ctx, pipe_hnd, &pol_key, sec_info, sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "getting sd failed: %s\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ blob.data = sd->data;
+ blob.length = sd->size;
+
+ ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &sec_desc,
+ (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ status = ndr_map_error2ntstatus(ndr_err);
+ goto out;
+ }
+ status = NT_STATUS_OK;
+
+ display_sec_desc(&sec_desc);
+
+ out:
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_key, NULL);
+ rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_hive, NULL);
+
+ return status;
+}
+
+
+static int rpc_registry_getsd(int argc, const char **argv)
+{
+ return run_rpc_command(NULL, PI_WINREG, 0,
+ rpc_registry_getsd_internal, argc, argv);
+}
+
+/********************************************************************
+********************************************************************/
+
int net_rpc_registry(int argc, const char **argv)
{
struct functable2 func[] = {
"Dump a registry file" },
{ "copy", rpc_registry_copy,
"Copy a registry file" },
+ { "getsd", rpc_registry_getsd,
+ "Get security descriptor" },
{NULL, NULL, NULL}
};