2 Samba CIFS implementation
3 Registry backend for REGF files
4 Copyright (C) 2005 Jelmer Vernooij, jelmer@samba.org
5 Copyright (C) 2006 Wilco Baan Hofman, wilco@baanhofman.nl
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
22 #include "lib/registry/registry.h"
23 #include "system/filesys.h"
24 #include "system/time.h"
25 #include "lib/registry/tdr_regf.h"
26 #include "librpc/gen_ndr/ndr_security.h"
29 * - Return error codes that make more sense
34 * Read HBIN blocks into memory
39 struct hbin_block **hbins;
40 struct regf_hdr *header;
43 static struct hbin_block *hbin_by_offset (const struct regf_data *data, uint32_t offset, uint32_t *rel_offset)
47 for (i = 0; data->hbins[i]; i++) {
48 if (offset >= data->hbins[i]->offset_from_first &&
49 offset < data->hbins[i]->offset_from_first+
50 data->hbins[i]->offset_to_next) {
52 *rel_offset = offset - data->hbins[i]->offset_from_first - 0x20;
53 return data->hbins[i];
61 * Validate a regf header
62 * For now, do nothing, but we should check the checksum
64 static uint32_t regf_hdr_checksum(const uint8_t *buffer)
66 uint32_t checksum = 0, x;
69 for (i = 0; i < 0x01FB; i+= 4) {
77 static DATA_BLOB hbin_get(const struct regf_data *data, uint32_t offset)
80 struct hbin_block *hbin;
85 hbin = hbin_by_offset(data, offset, &rel_offset);
88 DEBUG(1, ("Can't find HBIN containing 0x%04x\n", offset));
92 ret.length = IVAL(hbin->data, rel_offset);
93 if (!(ret.length & 0x80000000)) {
94 DEBUG(0, ("Trying to use dirty block at 0x%04x\n", offset));
99 ret.length = (ret.length ^ 0xffffffff) + 1;
101 ret.length -= 4; /* 4 bytes for the length... */
102 ret.data = hbin->data +
103 (offset - hbin->offset_from_first - 0x20) + 4;
108 static BOOL hbin_get_tdr (struct regf_data *regf, uint32_t offset, TALLOC_CTX *ctx, tdr_pull_fn_t pull_fn, void *p)
110 struct tdr_pull pull;
114 pull.data = hbin_get(regf, offset);
115 if (!pull.data.data) {
116 DEBUG(1, ("Unable to get data at 0x%04x\n", offset));
120 if (NT_STATUS_IS_ERR(pull_fn(&pull, ctx, p))) {
121 DEBUG(1, ("Error parsing record at 0x%04x using tdr\n", offset));
128 /* Allocate some new data */
129 static DATA_BLOB hbin_alloc (struct regf_data *data, uint32_t size, uint32_t *offset)
132 uint32_t rel_offset = -1; /* Relative offset ! */
133 struct hbin_block *hbin = NULL;
137 return data_blob(NULL, 0);
139 size += 4; /* Need to include uint32 for the length */
141 /* Allocate as a multiple of 8 */
142 size = (size + 7) & ~7;
147 for (i = 0; (hbin = data->hbins[i]); i++) {
150 for (j = 0; j < hbin->offset_to_next-0x20; j+= my_size) {
151 uint32_t header = IVAL(hbin->data, j + 4);
152 my_size = IVAL(hbin->data, j);
154 if (my_size == 0x0) {
155 DEBUG(0, ("Invalid zero-length block! File is corrupt.\n"));
159 if (my_size % 8 != 0) {
160 DEBUG(0, ("Encountered non-aligned block!\n"));
163 if (my_size & 0x80000000) { /* Used... */
164 my_size = (my_size ^ 0xffffffff) + 1;
165 } else if (my_size == size) { /* exact match */
167 DEBUG(4, ("Found free block of exact size %d in middle of HBIN\n", size));
169 } else if (my_size > size) { /* data will remain */
171 SIVAL(hbin->data, rel_offset+size, my_size-size);
172 DEBUG(4, ("Found free block of size %d (needing %d) in middle of HBIN\n", my_size, size));
176 if (header == 0xffffffff &&
177 hbin->offset_to_next-rel_offset >= size) {
180 DEBUG(4, ("Found free block of size %d at end of HBIN\n", size));
181 /* Mark new free block size */
182 SIVAL(hbin->data, rel_offset+size,hbin->offset_to_next - rel_offset - size - 0x20);
183 SIVAL(hbin->data, rel_offset+size+0x4, 0xffffffff);
187 if (header == 0xffffffff) {
192 if (rel_offset != -1)
196 /* No space available in previous hbins,
197 * allocate new one */
198 if (data->hbins[i] == NULL) {
199 DEBUG(4, ("No space available in other HBINs for block of size %d, allocating new HBIN\n", size));
200 data->hbins = talloc_realloc(data, data->hbins, struct hbin_block *, i+2);
201 hbin = talloc(data->hbins, struct hbin_block);
202 data->hbins[i] = hbin;
203 data->hbins[i+1] = NULL;
205 hbin->HBIN_ID = talloc_strdup(hbin, "hbin");
206 hbin->offset_from_first = (i == 0?0:data->hbins[i-1]->offset_from_first+data->hbins[i-1]->offset_to_next);
207 hbin->offset_to_next = 0x1000;
208 hbin->unknown[0] = 0;
209 hbin->unknown[0] = 0;
210 unix_to_nt_time(&hbin->last_change, time(NULL));
211 hbin->block_size = hbin->offset_to_next;
212 hbin->data = talloc_zero_array(hbin, uint8_t, hbin->block_size - 0x20);
215 SIVAL(hbin->data, size, hbin->block_size - size - 0x20);
216 SIVAL(hbin->data, size + 0x4, 0xffffffff);
219 /* Set size and mark as used */
220 SIVAL(hbin->data, rel_offset, size | 0x80000000);
222 ret.data = hbin->data + rel_offset + 0x4; /* Skip past length */
223 ret.length = size - 0x4;
225 uint32_t new_rel_offset;
226 *offset = hbin->offset_from_first + rel_offset + 0x20;
227 SMB_ASSERT(hbin_by_offset(data, *offset, &new_rel_offset) == hbin);
228 SMB_ASSERT(new_rel_offset == rel_offset);
234 /* Store a data blob. Return the offset at which it was stored */
235 static uint32_t hbin_store (struct regf_data *data, DATA_BLOB blob)
238 DATA_BLOB dest = hbin_alloc(data, blob.length, &ret);
240 memcpy(dest.data, blob.data, blob.length);
245 static uint32_t hbin_store_tdr (struct regf_data *data, tdr_push_fn_t push_fn, void *p)
247 struct tdr_push *push = talloc_zero(data, struct tdr_push);
250 if (NT_STATUS_IS_ERR(push_fn(push, p))) {
251 DEBUG(0, ("Error during push\n"));
255 ret = hbin_store(data, push->data);
263 /* Free existing data */
264 static void hbin_free (struct regf_data *data, uint32_t offset)
268 struct hbin_block *hbin;
270 SMB_ASSERT (offset > 0);
272 hbin = hbin_by_offset(data, offset, &rel_offset);
277 /* Get original size */
278 size = IVAL(hbin->data, rel_offset);
280 if (!(size & 0x80000000)) {
281 DEBUG(1, ("Trying to free already freed block at 0x%04x\n", offset));
285 /* Mark block as free */
286 SIVAL(hbin->data, rel_offset, size &~ 0x80000000);
289 /* Store a data blob data was already stored, but hsa changed in size
290 * Will try to save it at the current location if possible, otherwise
291 * does a free + store */
292 static uint32_t hbin_store_resize (struct regf_data *data, uint32_t orig_offset, DATA_BLOB blob)
295 struct hbin_block *hbin = hbin_by_offset(data, orig_offset, &rel_offset);
298 uint32_t needed_size;
299 uint32_t possible_size;
302 SMB_ASSERT(orig_offset > 0);
305 return hbin_store(data, blob);
307 /* Get original size */
308 orig_size = IVAL(hbin->data, rel_offset);
310 needed_size = blob.length + 4; /* Add uint32 containing length */
311 needed_size = (needed_size + 7) & ~7; /* Align */
313 /* Fits into current allocated block */
314 if (orig_size >= needed_size) {
315 memcpy(hbin->data + rel_offset + 0x4, blob.data, blob.length);
319 possible_size = orig_size;
321 /* Check if it can be combined with the next few free records */
323 i < hbin->offset_to_next - 0x20;
326 if (IVAL(hbin->data, i) & 0x80000000) /* Used */
329 my_size = IVAL(hbin->data, i);
330 header = IVAL(hbin->data, i + 4);
331 if (header == 0xffffffff) {
332 possible_size = hbin->offset_to_next - 0x20 - rel_offset;
333 } else if (my_size == 0x0) {
334 DEBUG(0, ("Invalid zero-length block! File is corrupt.\n"));
337 possible_size += my_size;
340 if (possible_size >= blob.length) {
341 SIVAL(hbin->data, rel_offset, possible_size);
342 memcpy(hbin->data + rel_offset + 0x4, blob.data, blob.length);
346 if (header == 0xffffffff)
350 hbin_free(data, orig_offset);
351 return hbin_store(data, blob);
354 static uint32_t hbin_store_tdr_resize (struct regf_data *regf, tdr_push_fn_t push_fn, uint32_t orig_offset, void *p)
356 struct tdr_push *push = talloc_zero(regf, struct tdr_push);
359 if (NT_STATUS_IS_ERR(push_fn(push, p))) {
360 DEBUG(0, ("Error during push\n"));
364 ret = hbin_store_resize(regf, orig_offset, push->data);
371 static WERROR regf_num_subkeys (const struct registry_key *key, uint32_t *count)
373 struct nk_block *nk = key->backend_data;
375 *count = nk->num_subkeys;
380 static WERROR regf_num_values (const struct registry_key *key, uint32_t *count)
382 struct nk_block *nk = key->backend_data;
384 *count = nk->num_values;
389 static struct registry_key *regf_get_key (TALLOC_CTX *ctx, struct regf_data *regf, uint32_t offset)
391 struct registry_key *ret;
394 ret = talloc_zero(ctx, struct registry_key);
395 nk = talloc(ret, struct nk_block);
396 if (!hbin_get_tdr(regf, offset, nk, (tdr_pull_fn_t)tdr_pull_nk_block, nk)) {
397 DEBUG(0, ("Unable to find HBIN data for offset %d\n", offset));
401 if (strcmp(nk->header, "nk") != 0) {
402 DEBUG(0, ("Expected nk record, got %s\n", nk->header));
407 ret->name = talloc_steal(ret, nk->key_name);
408 ret->last_mod = nk->last_change;
410 if (nk->clsname_offset != -1) {
411 DATA_BLOB data = hbin_get(regf, nk->clsname_offset);
412 ret->class_name = talloc_strndup(ret, (char*)data.data, nk->clsname_length);
414 ret->backend_data = nk;
419 static WERROR regf_get_value (TALLOC_CTX *ctx, const struct registry_key *key, int idx, struct registry_value **ret)
421 struct nk_block *nk = key->backend_data;
423 struct regf_data *regf = key->hive->backend_data;
427 if (idx >= nk->num_values)
428 return WERR_NO_MORE_ITEMS;
430 data = hbin_get(regf, nk->values_offset);
432 DEBUG(0, ("Unable to find value list\n"));
433 return WERR_GENERAL_FAILURE;
436 if (data.length < nk->num_values * 4) {
437 DEBUG(1, ("Value counts mismatch\n"));
440 vk_offset = IVAL(data.data, idx * 4);
442 *ret = talloc_zero(ctx, struct registry_value);
446 vk = talloc(*ret, struct vk_block);
450 if (!hbin_get_tdr(regf, vk_offset, vk, (tdr_pull_fn_t)tdr_pull_vk_block, vk)) {
451 DEBUG(0, ("Unable to get VK block at %d\n", vk_offset));
452 return WERR_GENERAL_FAILURE;
455 (*ret)->name = talloc_steal(*ret, vk->data_name);
456 (*ret)->data_type = vk->data_type;
457 if (vk->data_length & 0x80000000) {
458 vk->data_length &=~0x80000000;
459 (*ret)->data.data = (uint8_t *)&vk->data_offset;
460 (*ret)->data.length = vk->data_length;
462 (*ret)->data = hbin_get(regf, vk->data_offset);
465 if ((*ret)->data.length < vk->data_length) {
466 DEBUG(1, ("Read data less then indicated data length!\n"));
472 static WERROR regf_get_subkey_by_index (TALLOC_CTX *ctx, const struct registry_key *key, int idx, struct registry_key **ret)
475 struct nk_block *nk = key->backend_data;
478 if (idx >= nk->num_subkeys)
479 return WERR_NO_MORE_ITEMS;
481 data = hbin_get(key->hive->backend_data, nk->subkeys_offset);
483 DEBUG(0, ("Unable to find subkey list\n"));
484 return WERR_GENERAL_FAILURE;
487 if (!strncmp((char *)data.data, "li", 2)) {
489 struct tdr_pull pull;
491 DEBUG(10, ("Subkeys in LI list\n"));
495 if (NT_STATUS_IS_ERR(tdr_pull_li_block(&pull, nk, &li))) {
496 DEBUG(0, ("Error parsing LI list\n"));
497 return WERR_GENERAL_FAILURE;
499 SMB_ASSERT(!strncmp(li.header, "li",2));
501 if (li.key_count != nk->num_subkeys) {
502 DEBUG(0, ("Subkey counts don't match\n"));
503 return WERR_GENERAL_FAILURE;
505 key_off = li.nk_offset[idx];
507 } else if (!strncmp((char *)data.data, "lf", 2)) {
509 struct tdr_pull pull;
511 DEBUG(10, ("Subkeys in LF list\n"));
515 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(&pull, nk, &lf))) {
516 DEBUG(0, ("Error parsing LF list\n"));
517 return WERR_GENERAL_FAILURE;
519 SMB_ASSERT(!strncmp(lf.header, "lf",2));
521 if (lf.key_count != nk->num_subkeys) {
522 DEBUG(0, ("Subkey counts don't match\n"));
523 return WERR_GENERAL_FAILURE;
526 key_off = lf.hr[idx].nk_offset;
527 } else if (!strncmp((char *)data.data, "lh", 2)) {
529 struct tdr_pull pull;
531 DEBUG(10, ("Subkeys in LH list"));
535 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(&pull, nk, &lh))) {
536 DEBUG(0, ("Error parsing LH list\n"));
537 return WERR_GENERAL_FAILURE;
539 SMB_ASSERT(!strncmp(lh.header, "lh",2));
541 if (lh.key_count != nk->num_subkeys) {
542 DEBUG(0, ("Subkey counts don't match\n"));
543 return WERR_GENERAL_FAILURE;
545 key_off = lh.hr[idx].nk_offset;
546 } else if (!strncmp((char *)data.data, "ri", 2)) {
548 struct tdr_pull pull;
550 uint16_t sublist_count = 0;
555 if (NT_STATUS_IS_ERR(tdr_pull_ri_block(&pull, nk, &ri))) {
556 DEBUG(0, ("Error parsing RI list\n"));
557 return WERR_GENERAL_FAILURE;
559 SMB_ASSERT(!strncmp(ri.header, "ri",2));
561 for (i = 0; i < ri.key_count; i++) {
564 /* Get sublist data blob */
565 list_data = hbin_get(key->hive->backend_data, ri.offset[i]);
566 if (!list_data.data) {
567 DEBUG(0, ("Error getting RI list."));
568 return WERR_GENERAL_FAILURE;
572 pull.data = list_data;
574 if (!strncmp((char *)list_data.data, "li", 2)) {
577 if (NT_STATUS_IS_ERR(tdr_pull_li_block(&pull, nk, &li))) {
578 DEBUG(0, ("Error parsing LI list from RI\n"));
579 return WERR_GENERAL_FAILURE;
581 SMB_ASSERT(!strncmp(li.header, "li",2));
583 /* Advance to next sublist if necessary */
584 if (idx >= sublist_count + li.key_count) {
585 sublist_count += li.key_count;
588 key_off = li.nk_offset[idx - sublist_count];
589 sublist_count += li.key_count;
591 } else if (!strncmp((char *)list_data.data, "lh", 2)) {
594 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(&pull, nk, &lh))) {
595 DEBUG(0, ("Error parsing LH list from RI\n"));
596 return WERR_GENERAL_FAILURE;
598 SMB_ASSERT(!strncmp(lh.header, "lh",2));
601 /* Advance to next sublist if necessary */
602 if (idx >= sublist_count + lh.key_count) {
603 sublist_count += lh.key_count;
606 key_off = lh.hr[idx - sublist_count].nk_offset;
607 sublist_count += lh.key_count;
610 DEBUG(0,("Unknown sublist in ri block\n"));
616 if (idx > sublist_count) {
617 return WERR_NO_MORE_ITEMS;
621 DEBUG(0, ("Unknown type for subkey list (0x%04x): %c%c\n", nk->subkeys_offset, data.data[0], data.data[1]));
622 return WERR_GENERAL_FAILURE;
625 *ret = regf_get_key (ctx, key->hive->backend_data, key_off);
630 static WERROR regf_match_subkey_by_name (TALLOC_CTX *ctx, const struct registry_key *key, uint32_t offset, const char *name, uint32_t *ret)
632 DATA_BLOB subkey_data;
633 struct nk_block subkey;
634 struct tdr_pull pull;
636 subkey_data = hbin_get(key->hive->backend_data, offset);
637 if (!subkey_data.data) {
638 DEBUG(0, ("Unable to retrieve subkey HBIN\n"));
639 return WERR_GENERAL_FAILURE;
643 pull.data = subkey_data;
645 if (NT_STATUS_IS_ERR(tdr_pull_nk_block(&pull, ctx, &subkey))) {
646 DEBUG(0, ("Error parsing NK structure.\n"));
647 return WERR_GENERAL_FAILURE;
649 if (strncmp(subkey.header, "nk", 2)) {
650 DEBUG(0, ("Not an NK structure.\n"));
651 return WERR_GENERAL_FAILURE;
653 if (!strcasecmp(subkey.key_name, name)) {
661 static WERROR regf_get_subkey_by_name (TALLOC_CTX *ctx, const struct registry_key *key, const char *name, struct registry_key **ret)
664 struct nk_block *nk = key->backend_data;
665 uint32_t key_off = 0;
667 data = hbin_get(key->hive->backend_data, nk->subkeys_offset);
669 DEBUG(0, ("Unable to find subkey list\n"));
670 return WERR_GENERAL_FAILURE;
673 if (!strncmp((char *)data.data, "li",2)) {
675 struct tdr_pull pull;
678 DEBUG(10, ("Subkeys in LI list\n"));
682 if (NT_STATUS_IS_ERR(tdr_pull_li_block(&pull, nk, &li))) {
683 DEBUG(0, ("Error parsing LI list\n"));
684 return WERR_GENERAL_FAILURE;
686 SMB_ASSERT(!strncmp(li.header, "li",2));
688 if (li.key_count != nk->num_subkeys) {
689 DEBUG(0, ("Subkey counts don't match\n"));
690 return WERR_GENERAL_FAILURE;
693 for (i = 0; i < li.key_count; i++) {
694 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key, li.nk_offset[i], name, &key_off));
700 return WERR_DEST_NOT_FOUND;
702 } else if (!strncmp((char *)data.data, "lf",2)) {
704 struct tdr_pull pull;
707 DEBUG(10, ("Subkeys in LF list\n"));
711 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(&pull, nk, &lf))) {
712 DEBUG(0, ("Error parsing LF list\n"));
713 return WERR_GENERAL_FAILURE;
715 SMB_ASSERT(!strncmp(lf.header, "lf",2));
717 if (lf.key_count != nk->num_subkeys) {
718 DEBUG(0, ("Subkey counts don't match\n"));
719 return WERR_GENERAL_FAILURE;
722 for (i = 0; i < lf.key_count; i++) {
723 if (strncmp(lf.hr[i].hash, name, 4)) {
726 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key, lf.hr[i].nk_offset, name, &key_off));
732 return WERR_DEST_NOT_FOUND;
734 } else if (!strncmp((char *)data.data, "lh",2)) {
736 struct tdr_pull pull;
741 DEBUG(10, ("Subkeys in LH list\n"));
745 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(&pull, nk, &lh))) {
746 DEBUG(0, ("Error parsing LH list\n"));
747 return WERR_GENERAL_FAILURE;
749 SMB_ASSERT(!strncmp(lh.header, "lh",2));
751 if (lh.key_count != nk->num_subkeys) {
752 DEBUG(0, ("Subkey counts don't match\n"));
753 return WERR_GENERAL_FAILURE;
756 /* Compute hash for the name */
757 hash_name = strupper_talloc(nk, name);
758 for (i = 0; *(hash_name + i) != 0; i++) {
760 hash += *(hash_name + i);
762 for (i = 0; i < lh.key_count; i++) {
763 if (lh.hr[i].base37 != hash) {
766 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key, lh.hr[i].nk_offset, name, &key_off));
772 return WERR_DEST_NOT_FOUND;
774 } else if (!strncmp((char *)data.data, "ri", 2)) {
776 struct tdr_pull pull;
779 DEBUG(10, ("Subkeys in RI list\n"));
783 if (NT_STATUS_IS_ERR(tdr_pull_ri_block(&pull, nk, &ri))) {
784 DEBUG(0, ("Error parsing RI list\n"));
785 return WERR_GENERAL_FAILURE;
787 SMB_ASSERT(!strncmp(ri.header, "ri",2));
790 for (i = 0; i < ri.key_count; i++) {
793 /* Get sublist data blob */
794 list_data = hbin_get(key->hive->backend_data, ri.offset[i]);
795 if (!list_data.data) {
796 DEBUG(0, ("Error getting RI list."));
797 return WERR_GENERAL_FAILURE;
801 pull.data = list_data;
803 if (!strncmp((char *)list_data.data, "li", 2)) {
806 if (NT_STATUS_IS_ERR(tdr_pull_li_block(&pull, nk, &li))) {
807 DEBUG(0, ("Error parsing LI list from RI\n"));
808 return WERR_GENERAL_FAILURE;
810 SMB_ASSERT(!strncmp(li.header, "li",2));
812 for (j = 0; j < li.key_count; j++) {
813 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key,
814 li.nk_offset[j], name, &key_off));
819 } else if (!strncmp((char *)list_data.data, "lh", 2)) {
824 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(&pull, nk, &lh))) {
825 DEBUG(0, ("Error parsing LH list from RI\n"));
826 return WERR_GENERAL_FAILURE;
828 SMB_ASSERT(!strncmp(lh.header, "lh",2));
830 /* Compute hash for the name */
831 hash_name = strupper_talloc(nk, name);
832 for (j = 0; *(hash_name + j) != 0; j++) {
834 hash += *(hash_name + j);
836 for (j = 0; j < lh.key_count; j++) {
837 if (lh.hr[j].base37 != hash) {
840 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key,
841 lh.hr[j].nk_offset, name, &key_off));
853 return WERR_DEST_NOT_FOUND;
856 DEBUG(0, ("Unknown subkey list type.\n"));
857 return WERR_GENERAL_FAILURE;
860 *ret = regf_get_key (ctx, key->hive->backend_data, key_off);
864 static WERROR regf_set_sec_desc (const struct registry_key *key, const struct security_descriptor *sec_desc)
867 return WERR_NOT_SUPPORTED;
870 static WERROR regf_get_sec_desc(TALLOC_CTX *ctx, const struct registry_key *key, struct security_descriptor **sd)
872 struct nk_block *nk = key->backend_data;
874 struct regf_data *regf = key->hive->backend_data;
877 if (!hbin_get_tdr(regf, nk->sk_offset, ctx, (tdr_pull_fn_t) tdr_pull_sk_block, &sk)) {
878 DEBUG(0, ("Unable to find security descriptor\n"));
879 return WERR_GENERAL_FAILURE;
882 if (strcmp(sk.header, "sk") != 0) {
883 DEBUG(0, ("Expected 'sk', got '%s'\n", sk.header));
884 return WERR_GENERAL_FAILURE;
887 *sd = talloc(ctx, struct security_descriptor);
891 data.data = sk.sec_desc;
892 data.length = sk.rec_size;
893 if (NT_STATUS_IS_ERR(ndr_pull_struct_blob(&data, ctx, *sd, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor))) {
894 DEBUG(0, ("Error parsing security descriptor\n"));
895 return WERR_GENERAL_FAILURE;
901 static uint32_t lf_add_entry (struct regf_data *regf, uint32_t list_offset, const char *name, uint32_t key_offset)
906 /* Add to subkeys list */
907 if (list_offset == -1) { /* Need to create subkeys list */
912 if (!hbin_get_tdr(regf, list_offset, regf, (tdr_pull_fn_t)tdr_pull_lf_block, &lf)) {
913 DEBUG(0, ("Can't get subkeys list\n"));
918 lf.hr = talloc_realloc(regf, lf.hr, struct hash_record, lf.key_count+1);
919 lf.hr[lf.key_count].nk_offset = key_offset;
920 lf.hr[lf.key_count].hash = talloc_strndup(regf, name, 4);
923 ret = hbin_store_tdr_resize(regf, (tdr_push_fn_t)tdr_push_lf_block, list_offset, &lf);
930 static WERROR regf_del_value (const struct registry_key *parent, const char *name)
933 return WERR_NOT_SUPPORTED;
937 static WERROR regf_del_key (const struct registry_key *parent, const char *name)
939 struct nk_block *nk = parent->backend_data;
943 if (nk->subkeys_offset == -1)
948 return WERR_NOT_SUPPORTED;
951 static WERROR regf_add_key (TALLOC_CTX *ctx, const struct registry_key *parent, const char *name, uint32_t access_mask, struct security_descriptor *sec_desc, struct registry_key **ret)
953 struct nk_block *parent_nk = parent->backend_data, nk;
954 struct regf_data *regf = parent->hive->backend_data;
958 nk.type = REG_SUB_KEY;
959 unix_to_nt_time(&nk.last_change, time(NULL));
961 nk.parent_offset = 0; /* FIXME */
964 nk.subkeys_offset = -1;
965 nk.unknown_offset = -1;
968 memset(nk.unk3, 0, 5);
969 nk.clsname_offset = -1;
970 nk.clsname_length = 0;
973 offset = hbin_store_tdr(regf, (tdr_push_fn_t) tdr_push_nk_block, &nk);
975 parent_nk->subkeys_offset = lf_add_entry(regf, parent_nk->subkeys_offset, name, nk.parent_offset);
977 parent_nk->num_subkeys++;
979 hbin_store_tdr_resize(regf, (tdr_push_fn_t) tdr_push_nk_block, nk.parent_offset, parent_nk);
981 *ret = regf_get_key(ctx, regf, offset);
983 /* FIXME: Set sec desc ! */
987 static WERROR regf_set_value (const struct registry_key *key, const char *name, uint32_t type, const DATA_BLOB data)
991 return WERR_NOT_SUPPORTED;
996 static WERROR regf_save_hbin(struct registry_hive *hive, struct hbin_block *hbin)
998 struct regf_data *regf = hive->backend_data;
1000 /* go to right offset */
1001 if (lseek(regf->fd, SEEK_SET, regf->header->data_offset + hbin->offset_from_first) == -1) {
1002 DEBUG(0, ("Error lseeking in regf file\n"));
1003 return WERR_GENERAL_FAILURE;
1006 if (NT_STATUS_IS_ERR(tdr_push_to_fd(regf->fd, (tdr_push_fn_t)tdr_push_hbin_block, hbin))) {
1007 DEBUG(0, ("Error writing HBIN block\n"));
1008 return WERR_GENERAL_FAILURE;
1016 static WERROR nt_open_hive (struct registry_hive *h, struct registry_key **key)
1018 struct regf_data *regf;
1019 struct regf_hdr *regf_hdr;
1020 struct tdr_pull pull;
1023 regf = (struct regf_data *)talloc_zero(h, struct regf_data);
1024 h->backend_data = regf;
1026 DEBUG(5, ("Attempting to load registry file\n"));
1028 /* Get the header */
1029 regf->fd = open(h->location, O_RDWR);
1031 if (regf->fd == -1) {
1032 DEBUG(0,("Could not load file: %s, %s\n", h->location,
1034 return WERR_GENERAL_FAILURE;
1038 pull.data.data = (uint8_t*)fd_load(regf->fd, &pull.data.length, regf);
1040 if (pull.data.data == NULL) {
1041 DEBUG(0, ("Error reading data\n"));
1042 return WERR_GENERAL_FAILURE;
1045 regf_hdr = talloc(regf, struct regf_hdr);
1046 if (NT_STATUS_IS_ERR(tdr_pull_regf_hdr(&pull, regf_hdr, regf_hdr))) {
1047 return WERR_GENERAL_FAILURE;
1050 regf->header = regf_hdr;
1052 if (strcmp(regf_hdr->REGF_ID, "regf") != 0) {
1053 DEBUG(0, ("Unrecognized NT registry header id: %s, %s\n",
1054 regf_hdr->REGF_ID, h->location));
1057 DEBUG(1, ("Registry '%s' read. Version %d.%d.%d.%d\n",
1058 regf_hdr->description, regf_hdr->version.major,
1059 regf_hdr->version.minor, regf_hdr->version.release,
1060 regf_hdr->version.build));
1063 * Validate the header ...
1065 if (regf_hdr_checksum(pull.data.data) != regf_hdr->chksum) {
1066 DEBUG(0, ("Registry file checksum error: %s: %d,%d\n",
1067 h->location, regf_hdr->chksum, regf_hdr_checksum(pull.data.data)));
1068 return WERR_GENERAL_FAILURE;
1071 pull.offset = 0x1000;
1074 /* Read in all hbin blocks */
1075 regf->hbins = talloc_array(regf, struct hbin_block *, 1);
1076 regf->hbins[0] = NULL;
1078 while (pull.offset < pull.data.length && pull.offset < regf->header->last_block) {
1079 struct hbin_block *hbin = talloc(regf->hbins, struct hbin_block);
1081 if (NT_STATUS_IS_ERR(tdr_pull_hbin_block(&pull, hbin, hbin))) {
1082 DEBUG(0, ("[%d] Error parsing HBIN block\n", i));
1086 if (strcmp(hbin->HBIN_ID, "hbin") != 0) {
1087 DEBUG(0, ("[%d] Expected 'hbin', got '%s'\n", i, hbin->HBIN_ID));
1091 regf->hbins[i] = hbin;
1093 regf->hbins = talloc_realloc(regf, regf->hbins, struct hbin_block *, i+2);
1094 regf->hbins[i] = NULL;
1097 DEBUG(1, ("%d HBIN blocks read\n", i));
1099 *key = regf_get_key(h, regf, 0x20);
1104 static struct hive_operations reg_backend_nt4 = {
1106 .open_hive = nt_open_hive,
1107 .num_subkeys = regf_num_subkeys,
1108 .num_values = regf_num_values,
1109 .get_subkey_by_index = regf_get_subkey_by_index,
1110 .get_subkey_by_name = regf_get_subkey_by_name,
1111 .get_value_by_index = regf_get_value,
1112 .key_get_sec_desc = regf_get_sec_desc,
1113 .key_set_sec_desc = regf_set_sec_desc,
1114 .add_key = regf_add_key,
1115 .set_value = regf_set_value,
1116 .del_key = regf_del_key,
1117 .del_value = regf_del_value,
1120 NTSTATUS registry_nt4_init(void)
1122 return registry_register(®_backend_nt4);