*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
+#include "services/services.h"
+#include "registry.h"
+#include "registry/reg_util_legacy.h"
+#include "registry/reg_dispatcher.h"
+#include "registry/reg_objects.h"
+#include "registry/reg_api_util.h"
struct rcinit_file_information {
char *description;
const char *description;
};
-struct service_display_info builtin_svcs[] = {
+struct service_display_info builtin_svcs[] = {
{ "Spooler", "smbd", "Print Spooler", "Internal service for spooling files to print devices" },
{ "NETLOGON", "smbd", "Net Logon", "File service providing access to policy and profile data (not remotely manageable)" },
{ "RemoteRegistry", "smbd", "Remote Registry Service", "Internal service providing remote access to "
{ NULL, NULL, NULL, NULL }
};
-struct service_display_info common_unix_svcs[] = {
+struct service_display_info common_unix_svcs[] = {
{ "cups", NULL, "Common Unix Printing System","Provides unified printing support for all operating systems" },
{ "postfix", NULL, "Internet Mail Service", "Provides support for sending and receiving electonic mail" },
{ "sendmail", NULL, "Internet Mail Service", "Provides support for sending and receiving electonic mail" },
{ NULL, NULL, NULL, NULL }
};
+static WERROR svcctl_set_secdesc_internal(struct registry_key *key,
+ struct security_descriptor *sec_desc);
/********************************************************************
********************************************************************/
-static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx )
+static struct security_descriptor* construct_service_sd( TALLOC_CTX *ctx )
{
- SEC_ACE ace[4];
- SEC_ACCESS mask;
+ struct security_ace ace[4];
size_t i = 0;
- SEC_DESC *sd;
- SEC_ACL *acl;
+ struct security_descriptor *sd = NULL;
+ struct security_acl *theacl = NULL;
size_t sd_size;
-
+
/* basic access for Everyone */
-
- init_sec_access(&mask, SERVICE_READ_ACCESS );
- init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-
- init_sec_access(&mask,SERVICE_EXECUTE_ACCESS );
- init_sec_ace(&ace[i++], &global_sid_Builtin_Power_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-
- init_sec_access(&mask,SERVICE_ALL_ACCESS );
- init_sec_ace(&ace[i++], &global_sid_Builtin_Server_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
- init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-
+
+ init_sec_ace(&ace[i++], &global_sid_World,
+ SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_READ_ACCESS, 0);
+
+ init_sec_ace(&ace[i++], &global_sid_Builtin_Power_Users,
+ SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_EXECUTE_ACCESS, 0);
+
+ init_sec_ace(&ace[i++], &global_sid_Builtin_Server_Operators,
+ SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0);
+ init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
+ SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0);
+
/* create the security descriptor */
-
- if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
+
+ theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace);
+ if (theacl == NULL) {
return NULL;
+ }
- if ( !(sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, acl, &sd_size)) )
+ sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+ theacl, &sd_size);
+ if (sd == NULL) {
return NULL;
+ }
return sd;
}
static char *get_common_service_dispname( const char *servicename )
{
- static fstring dispname;
int i;
-
+
for ( i=0; common_unix_svcs[i].servicename; i++ ) {
- if ( strequal( servicename, common_unix_svcs[i].servicename ) ) {
- fstr_sprintf( dispname, "%s (%s)",
+ if (strequal(servicename, common_unix_svcs[i].servicename)) {
+ char *dispname;
+ if (asprintf(&dispname,
+ "%s (%s)",
common_unix_svcs[i].dispname,
- common_unix_svcs[i].servicename );
-
+ common_unix_svcs[i].servicename) < 0) {
+ return NULL;
+ }
return dispname;
}
- }
-
- fstrcpy( dispname, servicename );
-
- return dispname;
+ }
+
+ return SMB_STRDUP(servicename );
}
/********************************************************************
********************************************************************/
-static char* cleanup_string( const char *string )
+static char *cleanup_string( const char *string )
{
- static pstring clean;
+ char *clean = NULL;
char *begin, *end;
+ TALLOC_CTX *ctx = talloc_tos();
- pstrcpy( clean, string );
+ clean = talloc_strdup(ctx, string);
+ if (!clean) {
+ return NULL;
+ }
begin = clean;
-
+
/* trim any beginning whilespace */
-
- while ( isspace(*begin) )
+
+ while (isspace(*begin)) {
begin++;
+ }
- if ( *begin == '\0' )
+ if (*begin == '\0') {
return NULL;
-
+ }
+
/* trim any trailing whitespace or carriage returns.
Start at the end and move backwards */
-
+
end = begin + strlen(begin) - 1;
-
+
while ( isspace(*end) || *end=='\n' || *end=='\r' ) {
*end = '\0';
end--;
/********************************************************************
********************************************************************/
-static BOOL read_init_file( const char *servicename, struct rcinit_file_information **service_info )
+static bool read_init_file( const char *servicename, struct rcinit_file_information **service_info )
{
- struct rcinit_file_information *info;
- pstring filepath, str;
- XFILE *f;
- char *p;
-
- if ( !(info = TALLOC_ZERO_P( NULL, struct rcinit_file_information ) ) )
+ struct rcinit_file_information *info = NULL;
+ char *filepath = NULL;
+ char str[1024];
+ XFILE *f = NULL;
+ char *p = NULL;
+
+ info = TALLOC_ZERO_P( NULL, struct rcinit_file_information );
+ if (info == NULL) {
return False;
-
+ }
+
/* attempt the file open */
-
- pstr_sprintf( filepath, "%s/%s/%s", dyn_LIBDIR, SVCCTL_SCRIPT_DIR, servicename );
- if ( !(f = x_fopen( filepath, O_RDONLY, 0 )) ) {
+
+ filepath = talloc_asprintf(info, "%s/%s/%s", get_dyn_MODULESDIR(),
+ SVCCTL_SCRIPT_DIR, servicename);
+ if (!filepath) {
+ TALLOC_FREE(info);
+ return false;
+ }
+ f = x_fopen( filepath, O_RDONLY, 0 );
+ if (f == NULL) {
DEBUG(0,("read_init_file: failed to open [%s]\n", filepath));
TALLOC_FREE(info);
- return False;
+ return false;
}
-
+
while ( (x_fgets( str, sizeof(str)-1, f )) != NULL ) {
- /* ignore everything that is not a full line
+ /* ignore everything that is not a full line
comment starting with a '#' */
-
+
if ( str[0] != '#' )
continue;
-
+
/* Look for a line like '^#.*Description:' */
-
- if ( (p = strstr( str, "Description:" )) != NULL ) {
+
+ p = strstr( str, "Description:" );
+ if (p != NULL) {
char *desc;
p += strlen( "Description:" ) + 1;
- if ( !p )
+ if ( !p )
break;
-
- if ( (desc = cleanup_string(p)) != NULL )
+
+ desc = cleanup_string(p);
+ if (desc != NULL)
info->description = talloc_strdup( info, desc );
}
}
-
+
x_fclose( f );
-
+
if ( !info->description )
info->description = talloc_strdup( info, "External Unix Service" );
-
+
*service_info = info;
-
+ TALLOC_FREE(filepath);
+
return True;
}
Display name, Description, etc...
********************************************************************/
-static void fill_service_values( const char *name, REGVAL_CTR *values )
+static WERROR svcctl_setvalue(struct registry_key *key,
+ const char *name,
+ struct registry_value *value)
+{
+ WERROR wresult;
+
+ wresult = reg_setvalue(key, name, value);
+ if (!W_ERROR_IS_OK(wresult)) {
+ DEBUG(0, ("reg_setvalue failed for %s in key %s: %s\n",
+ name, key->key->name, win_errstr(wresult)));
+ }
+
+ return wresult;
+}
+
+static WERROR svcctl_setvalue_dword(struct registry_key *key,
+ const char *name,
+ uint32_t dword)
+{
+ struct registry_value value;
+
+ value.type = REG_DWORD;
+ value.data.length = sizeof(uint32_t);
+ value.data.data = (uint8_t *)&dword;
+
+ return svcctl_setvalue(key, name, &value);
+}
+
+static WERROR svcctl_setvalue_sz(struct registry_key *key,
+ const char *name,
+ const char *sz)
+{
+ struct registry_value value;
+ WERROR wresult;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+
+ if (!push_reg_sz(mem_ctx, &value.data, sz)) {
+ DEBUG(0, ("push_reg_sz failed\n"));
+ wresult = WERR_NOMEM;
+ goto done;
+ }
+ value.type = REG_SZ;
+
+ wresult = svcctl_setvalue(key, name, &value);
+done:
+ talloc_free(mem_ctx);
+ return wresult;
+}
+
+static void fill_service_values(struct registry_key *key)
{
- UNISTR2 data, dname, ipath, description;
- uint32 dword;
- pstring pstr;
+ char *dname, *ipath, *description;
int i;
-
+ WERROR wresult;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+ char *name = NULL;
+
+ name = strrchr(key->key->name, '\\');
+ if (name == NULL) {
+ name = key->key->name;
+ } else {
+ name++;
+ }
+
/* These values are hardcoded in all QueryServiceConfig() replies.
I'm just storing them here for cosmetic purposes */
-
- dword = SVCCTL_AUTO_START;
- regval_ctr_addvalue( values, "Start", REG_DWORD, (char*)&dword, sizeof(uint32));
-
- dword = SVCCTL_WIN32_OWN_PROC;
- regval_ctr_addvalue( values, "Type", REG_DWORD, (char*)&dword, sizeof(uint32));
-
- dword = SVCCTL_SVC_ERROR_NORMAL;
- regval_ctr_addvalue( values, "ErrorControl", REG_DWORD, (char*)&dword, sizeof(uint32));
-
+
+ wresult = svcctl_setvalue_dword(key, "Start", SVCCTL_AUTO_START);
+ if (!W_ERROR_IS_OK(wresult)) {
+ goto done;
+ }
+
+ wresult = svcctl_setvalue_dword(key, "Type", SERVICE_TYPE_WIN32_OWN_PROCESS);
+ if (!W_ERROR_IS_OK(wresult)) {
+ goto done;
+ }
+
+ wresult = svcctl_setvalue_dword(key, "ErrorControl", SVCCTL_SVC_ERROR_NORMAL);
+ if (!W_ERROR_IS_OK(wresult)) {
+ goto done;
+ }
+
/* everything runs as LocalSystem */
-
- init_unistr2( &data, "LocalSystem", UNI_STR_TERMINATE );
- regval_ctr_addvalue( values, "ObjectName", REG_SZ, (char*)data.buffer, data.uni_str_len*2);
-
+
+ wresult = svcctl_setvalue_sz(key, "ObjectName", "LocalSystem");
+ if (!W_ERROR_IS_OK(wresult)) {
+ goto done;
+ }
+
/* special considerations for internal services and the DisplayName value */
-
+
for ( i=0; builtin_svcs[i].servicename; i++ ) {
if ( strequal( name, builtin_svcs[i].servicename ) ) {
- pstr_sprintf( pstr, "%s/%s/%s",dyn_LIBDIR, SVCCTL_SCRIPT_DIR, builtin_svcs[i].daemon );
- init_unistr2( &ipath, pstr, UNI_STR_TERMINATE );
- init_unistr2( &description, builtin_svcs[i].description, UNI_STR_TERMINATE );
- init_unistr2( &dname, builtin_svcs[i].dispname, UNI_STR_TERMINATE );
+ ipath = talloc_asprintf(mem_ctx, "%s/%s/%s",
+ get_dyn_MODULESDIR(),
+ SVCCTL_SCRIPT_DIR,
+ builtin_svcs[i].daemon);
+ description = talloc_strdup(mem_ctx, builtin_svcs[i].description);
+ dname = talloc_strdup(mem_ctx, builtin_svcs[i].dispname);
break;
}
- }
-
+ }
+
/* default to an external service if we haven't found a match */
-
+
if ( builtin_svcs[i].servicename == NULL ) {
+ char *dispname = NULL;
struct rcinit_file_information *init_info = NULL;
- pstr_sprintf( pstr, "%s/%s/%s",dyn_LIBDIR, SVCCTL_SCRIPT_DIR, name );
- init_unistr2( &ipath, pstr, UNI_STR_TERMINATE );
-
+ ipath = talloc_asprintf(mem_ctx, "%s/%s/%s",
+ get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR,
+ name);
+
/* lookup common unix display names */
- init_unistr2( &dname, get_common_service_dispname( name ), UNI_STR_TERMINATE );
+ dispname = get_common_service_dispname(name);
+ dname = talloc_strdup(mem_ctx, dispname ? dispname : "");
+ SAFE_FREE(dispname);
- /* get info from init file itself */
+ /* get info from init file itself */
if ( read_init_file( name, &init_info ) ) {
- init_unistr2( &description, init_info->description, UNI_STR_TERMINATE );
+ description = talloc_strdup(mem_ctx, init_info->description);
TALLOC_FREE( init_info );
}
else {
- init_unistr2( &description, "External Unix Service", UNI_STR_TERMINATE );
+ description = talloc_strdup(mem_ctx, "External Unix Service");
}
}
-
+
/* add the new values */
-
- regval_ctr_addvalue( values, "DisplayName", REG_SZ, (char*)dname.buffer, dname.uni_str_len*2);
- regval_ctr_addvalue( values, "ImagePath", REG_SZ, (char*)ipath.buffer, ipath.uni_str_len*2);
- regval_ctr_addvalue( values, "Description", REG_SZ, (char*)description.buffer, description.uni_str_len*2);
-
+
+ wresult = svcctl_setvalue_sz(key, "DisplayName", dname);
+ if (!W_ERROR_IS_OK(wresult)) {
+ goto done;
+ }
+
+ wresult = svcctl_setvalue_sz(key, "ImagePath", ipath);
+ if (!W_ERROR_IS_OK(wresult)) {
+ goto done;
+ }
+
+ wresult = svcctl_setvalue_sz(key, "Description", description);
+
+done:
+ talloc_free(mem_ctx);
return;
}
/********************************************************************
********************************************************************/
-static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
- const char *name )
+static void add_new_svc_name(struct registry_key *key_parent,
+ const char *name)
{
- REGISTRY_KEY *key_service, *key_secdesc;
+ struct registry_key *key_service = NULL, *key_secdesc = NULL;
WERROR wresult;
- pstring path;
- REGVAL_CTR *values;
- REGSUBKEY_CTR *svc_subkeys;
- SEC_DESC *sd;
- prs_struct ps;
-
- /* add to the list and create the subkey path */
-
- regsubkey_ctr_addkey( subkeys, name );
- store_reg_keys( key_parent, subkeys );
-
- /* open the new service key */
-
- pstr_sprintf( path, "%s\\%s", KEY_SERVICES, name );
- wresult = regkey_open_internal( NULL, &key_service, path,
- get_root_nt_token(), REG_KEY_ALL );
- if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("add_new_svc_name: key lookup failed! [%s] (%s)\n",
- path, dos_errstr(wresult)));
- return;
- }
-
- /* add the 'Security' key */
-
- if ( !(svc_subkeys = TALLOC_ZERO_P( key_service, REGSUBKEY_CTR )) ) {
- DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
- TALLOC_FREE( key_service );
- return;
+ struct security_descriptor *sd = NULL;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+ enum winreg_CreateAction action = REG_ACTION_NONE;
+
+ wresult = reg_createkey(mem_ctx, key_parent, name, REG_KEY_ALL,
+ &key_service, &action);
+
+ if (!W_ERROR_IS_OK(wresult)) {
+ DEBUG(0, ("add_new_svc_name: reg_createkey failed for %s\\%s: "
+ "%s\n", key_parent->key->name, name,
+ win_errstr(wresult)));
+ goto done;
}
-
- fetch_reg_keys( key_service, svc_subkeys );
- regsubkey_ctr_addkey( svc_subkeys, "Security" );
- store_reg_keys( key_service, svc_subkeys );
/* now for the service values */
-
- if ( !(values = TALLOC_ZERO_P( key_service, REGVAL_CTR )) ) {
- DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
- TALLOC_FREE( key_service );
- return;
- }
-
- fill_service_values( name, values );
- store_reg_values( key_service, values );
- /* cleanup the service key*/
-
- TALLOC_FREE( key_service );
+ fill_service_values(key_service);
/* now add the security descriptor */
- pstr_sprintf( path, "%s\\%s\\%s", KEY_SERVICES, name, "Security" );
- wresult = regkey_open_internal( NULL, &key_secdesc, path,
- get_root_nt_token(), REG_KEY_ALL );
- if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("add_new_svc_name: key lookup failed! [%s] (%s)\n",
- path, dos_errstr(wresult)));
- TALLOC_FREE( key_secdesc );
- return;
- }
-
- if ( !(values = TALLOC_ZERO_P( key_secdesc, REGVAL_CTR )) ) {
- DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
- TALLOC_FREE( key_secdesc );
- return;
- }
-
- if ( !(sd = construct_service_sd(key_secdesc)) ) {
- DEBUG(0,("add_new_svc_name: Failed to create default sec_desc!\n"));
- TALLOC_FREE( key_secdesc );
- return;
- }
-
- /* stream the printer security descriptor */
-
- prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key_secdesc, MARSHALL);
-
- if ( sec_io_desc("sec_desc", &sd, &ps, 0 ) ) {
- uint32 offset = prs_offset( &ps );
- regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&ps), offset );
- store_reg_values( key_secdesc, values );
- }
-
- /* finally cleanup the Security key */
-
- prs_mem_free( &ps );
- TALLOC_FREE( key_secdesc );
+ sd = construct_service_sd(key_secdesc);
+ if (sd == NULL) {
+ DEBUG(0, ("add_new_svc_name: Failed to create default "
+ "sec_desc!\n"));
+ goto done;
+ }
+ wresult = svcctl_set_secdesc_internal(key_service, sd);
+
+done:
+ talloc_free(mem_ctx);
return;
}
{
const char **service_list = lp_svcctl_list();
int i;
- REGSUBKEY_CTR *subkeys;
- REGISTRY_KEY *key = NULL;
+ struct registry_key *key = NULL;
+ struct registry_key *subkey = NULL;
WERROR wresult;
-
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+
/* bad mojo here if the lookup failed. Should not happen */
-
- wresult = regkey_open_internal( NULL, &key, KEY_SERVICES,
- get_root_nt_token(), REG_KEY_ALL );
+
+ wresult = reg_open_path(mem_ctx, KEY_SERVICES, REG_KEY_ALL, get_root_nt_token(), &key);
if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("init_services_keys: key lookup failed! (%s)\n",
- dos_errstr(wresult)));
- return;
- }
-
- /* lookup the available subkeys */
-
- if ( !(subkeys = TALLOC_ZERO_P( key, REGSUBKEY_CTR )) ) {
- DEBUG(0,("init_services_keys: talloc() failed!\n"));
- TALLOC_FREE( key );
- return;
- }
-
- fetch_reg_keys( key, subkeys );
-
- /* the builting services exist */
-
+ DEBUG(0,("svcctl_init_keys: key lookup failed! (%s)\n",
+ win_errstr(wresult)));
+ goto done;
+ }
+
+ /* the builtin services exist */
+
for ( i=0; builtin_svcs[i].servicename; i++ )
- add_new_svc_name( key, subkeys, builtin_svcs[i].servicename );
-
+ add_new_svc_name(key, builtin_svcs[i].servicename);
+
for ( i=0; service_list && service_list[i]; i++ ) {
-
+
/* only add new services */
- if ( regsubkey_ctr_key_exists( subkeys, service_list[i] ) )
+
+ wresult = reg_openkey(mem_ctx, key, service_list[i], REG_KEY_ALL, &subkey);
+ if (W_ERROR_IS_OK(wresult)) {
continue;
+ }
/* Add the new service key and initialize the appropriate values */
- add_new_svc_name( key, subkeys, service_list[i] );
+ add_new_svc_name(key, service_list[i]);
}
- TALLOC_FREE( key );
-
/* initialize the control hooks */
init_service_op_table();
+done:
+ talloc_free(mem_ctx);
return;
}
/********************************************************************
This is where we do the dirty work of filling in things like the
- Display name, Description, etc...Always return a default secdesc
+ Display name, Description, etc...Always return a default secdesc
in case of any failure.
********************************************************************/
-SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
- REGISTRY_KEY *key;
- prs_struct ps;
- REGVAL_CTR *values;
- REGISTRY_VALUE *val;
- SEC_DESC *sd = NULL;
- SEC_DESC *ret_sd = NULL;
- pstring path;
+ struct registry_key *key = NULL;
+ struct registry_value *value;
+ struct security_descriptor *ret_sd = NULL;
+ char *path= NULL;
WERROR wresult;
-
- /* now add the security descriptor */
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
- pstr_sprintf( path, "%s\\%s\\%s", KEY_SERVICES, name, "Security" );
- wresult = regkey_open_internal( NULL, &key, path, token,
- REG_KEY_ALL );
+ path = talloc_asprintf(mem_ctx, "%s\\%s\\%s", KEY_SERVICES, name,
+ "Security");
+ if (path == NULL) {
+ goto done;
+ }
+
+ wresult = reg_open_path(mem_ctx, path, REG_KEY_ALL, token, &key);
if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n",
- path, dos_errstr(wresult)));
- return NULL;
+ DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n",
+ path, win_errstr(wresult)));
+ goto done;
}
- if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
- DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
- TALLOC_FREE( key );
- return NULL;
+ wresult = reg_queryvalue(mem_ctx, key, "Security", &value);
+ if (W_ERROR_EQUAL(wresult, WERR_BADFILE)) {
+ goto fallback_to_default_sd;
+ } else if (!W_ERROR_IS_OK(wresult)) {
+ DEBUG(0, ("svcctl_get_secdesc: error getting value 'Security': "
+ "%s\n", win_errstr(wresult)));
+ goto done;
}
- fetch_reg_values( key, values );
-
- if ( !(val = regval_ctr_getvalue( values, "Security" )) ) {
- DEBUG(6,("svcctl_get_secdesc: constructing default secdesc for service [%s]\n",
- name));
- TALLOC_FREE( key );
- return construct_service_sd( ctx );
- }
-
-
- /* stream the printer security descriptor */
-
- prs_init( &ps, 0, key, UNMARSHALL);
- prs_give_memory( &ps, (char *)regval_data_p(val), regval_size(val), False );
-
- if ( !sec_io_desc("sec_desc", &sd, &ps, 0 ) ) {
- TALLOC_FREE( key );
- return construct_service_sd( ctx );
- }
-
- ret_sd = dup_sec_desc( ctx, sd );
-
- /* finally cleanup the Security key */
-
- prs_mem_free( &ps );
- TALLOC_FREE( key );
+ status = unmarshall_sec_desc(ctx, value->data.data,
+ value->data.length, &ret_sd);
+ if (NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+fallback_to_default_sd:
+ DEBUG(6, ("svcctl_get_secdesc: constructing default secdesc for "
+ "service [%s]\n", name));
+ ret_sd = construct_service_sd(ctx);
+
+done:
+ talloc_free(mem_ctx);
return ret_sd;
}
Wrapper to make storing a Service sd easier
********************************************************************/
-BOOL svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token )
+static WERROR svcctl_set_secdesc_internal(struct registry_key *key,
+ struct security_descriptor *sec_desc)
{
- REGISTRY_KEY *key;
+ struct registry_key *key_security = NULL;
WERROR wresult;
- pstring path;
- REGVAL_CTR *values;
- prs_struct ps;
- BOOL ret = False;
-
- /* now add the security descriptor */
+ struct registry_value value;
+ NTSTATUS status;
+ enum winreg_CreateAction action = REG_ACTION_NONE;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+
+ wresult = reg_createkey(mem_ctx, key, "Security", REG_KEY_ALL, &key_security, &action);
+ if (!W_ERROR_IS_OK(wresult)) {
+ DEBUG(0, ("svcctl_set_secdesc: reg_createkey failed: "
+ "[%s\\Security] (%s)\n", key->key->name,
+ win_errstr(wresult)));
+ goto done;
+ }
- pstr_sprintf( path, "%s\\%s\\%s", KEY_SERVICES, name, "Security" );
- wresult = regkey_open_internal( NULL, &key, path, token,
- REG_KEY_ALL );
- if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n",
- path, dos_errstr(wresult)));
- return False;
+ status = marshall_sec_desc(mem_ctx, sec_desc, &value.data.data,
+ &value.data.length);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("svcctl_set_secdesc: marshall_sec_desc() failed: %s\n",
+ nt_errstr(status)));
+ wresult = ntstatus_to_werror(status);
+ goto done;
}
- if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
- DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
- TALLOC_FREE( key );
- return False;
+ value.type = REG_BINARY;
+
+ wresult = reg_setvalue(key_security, "Security", &value);
+ if (!W_ERROR_IS_OK(wresult)) {
+ DEBUG(0, ("svcctl_set_secdesc: reg_setvalue failed: %s\n",
+ win_errstr(wresult)));
}
-
- /* stream the printer security descriptor */
-
- prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key, MARSHALL);
-
- if ( sec_io_desc("sec_desc", &sec_desc, &ps, 0 ) ) {
- uint32 offset = prs_offset( &ps );
- regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&ps), offset );
- ret = store_reg_values( key, values );
- }
-
- /* cleanup */
-
- prs_mem_free( &ps );
- TALLOC_FREE( key);
- return ret;
+done:
+ talloc_free(mem_ctx);
+ return wresult;
}
-/********************************************************************
-********************************************************************/
-
-char* svcctl_lookup_dispname( const char *name, NT_USER_TOKEN *token )
+bool svcctl_set_secdesc(const char *name, struct security_descriptor *sec_desc,
+ struct security_token *token)
{
- static fstring display_name;
- REGISTRY_KEY *key;
- REGVAL_CTR *values;
- REGISTRY_VALUE *val;
- pstring path;
+ struct registry_key *key = NULL;
WERROR wresult;
-
- /* now add the security descriptor */
+ char *path = NULL;
+ bool ret = false;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+
+ path = talloc_asprintf(mem_ctx, "%s\\%s", KEY_SERVICES, name);
+ if (path == NULL) {
+ goto done;
+ }
- pstr_sprintf( path, "%s\\%s", KEY_SERVICES, name );
- wresult = regkey_open_internal( NULL, &key, path, token,
- REG_KEY_READ );
+ wresult = reg_open_path(mem_ctx, path, REG_KEY_ALL, token, &key);
if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("svcctl_lookup_dispname: key lookup failed! [%s] (%s)\n",
- path, dos_errstr(wresult)));
- goto fail;
+ DEBUG(0, ("svcctl_set_secdesc: key lookup failed! [%s] (%s)\n",
+ path, win_errstr(wresult)));
+ goto done;
+ }
+
+ wresult = svcctl_set_secdesc_internal(key, sec_desc);
+
+ ret = W_ERROR_IS_OK(wresult);
+
+done:
+ talloc_free(mem_ctx);
+ return ret;
+}
+
+const char *svcctl_get_string_value(TALLOC_CTX *ctx, const char *key_name,
+ const char *value_name,
+ struct security_token *token)
+{
+ const char *result = NULL;
+ struct registry_key *key = NULL;
+ struct registry_value *value = NULL;
+ char *path = NULL;
+ WERROR wresult;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+
+ path = talloc_asprintf(mem_ctx, "%s\\%s", KEY_SERVICES, key_name);
+ if (path == NULL) {
+ goto done;
}
- if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
- DEBUG(0,("svcctl_lookup_dispname: talloc() failed!\n"));
- TALLOC_FREE( key );
- goto fail;
+ wresult = reg_open_path(mem_ctx, path, REG_KEY_READ, token, &key);
+ if (!W_ERROR_IS_OK(wresult)) {
+ DEBUG(0, ("svcctl_get_string_value: key lookup failed! "
+ "[%s] (%s)\n", path, win_errstr(wresult)));
+ goto done;
}
- fetch_reg_values( key, values );
-
- if ( !(val = regval_ctr_getvalue( values, "DisplayName" )) )
- goto fail;
+ wresult = reg_queryvalue(mem_ctx, key, value_name, &value);
+ if (!W_ERROR_IS_OK(wresult)) {
+ DEBUG(0, ("svcctl_get_string_value: error getting value "
+ "'%s': %s\n", value_name, win_errstr(wresult)));
+ goto done;
+ }
- rpcstr_pull( display_name, regval_data_p(val), sizeof(display_name), regval_size(val), 0 );
+ if (value->type != REG_SZ) {
+ goto done;
+ }
- TALLOC_FREE( key );
-
- return display_name;
+ pull_reg_sz(ctx, &value->data, &result);
-fail:
- /* default to returning the service name */
- TALLOC_FREE( key );
- fstrcpy( display_name, name );
- return display_name;
+ goto done;
+
+done:
+ talloc_free(mem_ctx);
+ return result;
}
/********************************************************************
********************************************************************/
-char* svcctl_lookup_description( const char *name, NT_USER_TOKEN *token )
+const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
- static fstring description;
- REGISTRY_KEY *key;
- REGVAL_CTR *values;
- REGISTRY_VALUE *val;
- pstring path;
- WERROR wresult;
-
- /* now add the security descriptor */
+ const char *display_name = NULL;
- pstr_sprintf( path, "%s\\%s", KEY_SERVICES, name );
- wresult = regkey_open_internal( NULL, &key, path, token,
- REG_KEY_READ );
- if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("svcctl_lookup_dispname: key lookup failed! [%s] (%s)\n",
- path, dos_errstr(wresult)));
- return NULL;
- }
+ display_name = svcctl_get_string_value(ctx, name, "DisplayName", token);
- if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
- DEBUG(0,("svcctl_lookup_dispname: talloc() failed!\n"));
- TALLOC_FREE( key );
- return NULL;
+ if (display_name == NULL) {
+ display_name = talloc_strdup(ctx, name);
}
- fetch_reg_values( key, values );
-
- if ( !(val = regval_ctr_getvalue( values, "Description" )) )
- fstrcpy( description, "Unix Service");
- else
- rpcstr_pull( description, regval_data_p(val), sizeof(description), regval_size(val), 0 );
-
- TALLOC_FREE( key );
-
- return description;
+ return display_name;
}
-
/********************************************************************
********************************************************************/
-REGVAL_CTR* svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token )
+const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
- REGISTRY_KEY *key;
- REGVAL_CTR *values;
- pstring path;
- WERROR wresult;
-
- /* now add the security descriptor */
+ const char *description = NULL;
- pstr_sprintf( path, "%s\\%s", KEY_SERVICES, name );
- wresult = regkey_open_internal( NULL, &key, path, token,
- REG_KEY_READ );
- if ( !W_ERROR_IS_OK(wresult) ) {
- DEBUG(0,("svcctl_fetch_regvalues: key lookup failed! [%s] (%s)\n",
- path, dos_errstr(wresult)));
- return NULL;
- }
+ description = svcctl_get_string_value(ctx, name, "Description", token);
- if ( !(values = TALLOC_ZERO_P( NULL, REGVAL_CTR )) ) {
- DEBUG(0,("svcctl_fetch_regvalues: talloc() failed!\n"));
- TALLOC_FREE( key );
- return NULL;
+ if (description == NULL) {
+ description = talloc_strdup(ctx, "Unix Service");
}
-
- fetch_reg_values( key, values );
- TALLOC_FREE( key );
-
- return values;
+ return description;
}
-