2 Samba Unix/Linux SMB client utility libeditreg.c
3 Copyright (C) 2004 Jelmer Vernooij, jelmer@samba.org
5 Backend for Windows '95 registry files. Explanation of file format
6 comes from http://www.cs.mun.ca/~michael/regutils/.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>. */
23 #include "system/filesys.h"
24 #include "system/shmem.h"
27 * The registry starts with a header that contains pointers to
30 * After the main header follows the RGKN header (key index table).
31 * The RGKN keys are listed after each other. They are put into
32 * blocks, the first having a length of 0x2000 bytes, the others
33 * being 0x1000 bytes long.
35 * After the RGKN header follow one or more RGDB blocks. These blocks
36 * contain keys. A key is followed by its name and its values.
38 * Values are followed by their name and then their data.
40 * Basically the idea is that the RGKN contains the associations between
41 * the keys and the RGDB contains the actual data.
44 typedef uint32_t DWORD;
45 typedef unsigned short WORD;
47 typedef struct creg_block {
48 DWORD CREG_ID; /* CREG */
59 typedef struct rgkn_block {
60 DWORD RGKN_ID; /* RGKN */
70 typedef struct reg_id {
75 typedef struct rgkn_key {
76 DWORD type; /* 0x00000000 = normal key, 0x80000000 = free block */
77 DWORD hash; /* Contains either hash or size of free blocks that follows */
80 DWORD first_child_offset;
86 typedef struct rgdb_block {
87 DWORD RGDB_ID; /* RGDB */
92 DWORD free_offset; /* -1 if there is no free space */
99 typedef struct rgdb_key {
108 typedef struct rgdb_value {
115 typedef struct creg_struct_s {
122 RGDB_KEY ***rgdb_keys;
126 #define RGKN_START_SIZE 0x2000
127 #define RGKN_INC_SIZE 0x1000
130 #define LOCN_RGKN(creg, o) ((RGKN_KEY *)((creg)->base + sizeof(CREG_HDR) + o))
131 #define LOCN_RGDB_BLOCK(creg, o) (((creg)->base + (creg)->creg_hdr->rgdb_offset + o))
132 #define LOCN_RGDB_KEY(creg, rgdb, id) ((RGDB_KEY *)((creg)->rgdb_keys[(rgdb)][(id)]))
134 static DWORD str_to_dword(const char *a) {
136 unsigned long ret = 0;
137 for(i = strlen(a)-1; i >= 0; i--) {
138 ret = ret * 0x100 + a[i];
145 static DWORD calc_hash(const char *str) {
148 for(i = 0; str[i] && str[i] != '\\'; i++) {
149 ret+=toupper(str[i]);
154 static void parse_rgkn_block(CREG *creg, off_t start_off, off_t end_off)
157 for(i = start_off; end_off - i > sizeof(RGKN_KEY); i+= sizeof(RGKN_KEY)) {
158 RGKN_KEY *key = (RGKN_KEY *)LOCN_RGKN(creg, i);
160 DEBUG(4,("Regular, id: %d, %d, parent: %x, firstchild: %x, next: %x hash: %lX\n", key->id.id, key->id.rgdb, key->parent_offset, key->first_child_offset, key->next_offset, (long)key->hash));
161 } else if(key->type == 0x80000000) {
165 DEBUG(0,("Invalid key type in RGKN: %0X\n", key->type));
172 static void parse_rgdb_block(CREG *creg, RGDB_HDR *rgdb_hdr)
174 DWORD used_size = rgdb_hdr->size - rgdb_hdr->unused_size;
177 while(offset < used_size) {
178 RGDB_KEY *key = (RGDB_KEY *)(((char *)rgdb_hdr) + sizeof(RGDB_HDR) + offset);
180 if(!(key->id.id == 0xFFFF && key->id.rgdb == 0xFFFF))creg->rgdb_keys[key->id.rgdb][key->id.id] = key;
185 static WERROR w95_open_reg (struct registry_hive *h, struct registry_key **root)
188 DWORD creg_id, rgkn_id;
192 creg = talloc(h, CREG);
193 memset(creg, 0, sizeof(CREG));
194 h->backend_data = creg;
196 if((creg->fd = open(h->location, O_RDONLY, 0000)) < 0) {
200 if (fstat(creg->fd, &creg->sbuf) < 0) {
204 creg->base = mmap(0, creg->sbuf.st_size, PROT_READ, MAP_SHARED, creg->fd, 0);
206 if (creg->base == (void *)-1) {
207 DEBUG(0,("Could not mmap file: %s, %s\n", h->location, strerror(errno)));
211 creg->creg_hdr = (CREG_HDR *)creg->base;
213 if ((creg_id = IVAL(&creg->creg_hdr->CREG_ID,0)) != str_to_dword("CREG")) {
214 DEBUG(0, ("Unrecognized Windows 95 registry header id: 0x%0X, %s\n",
215 creg_id, h->location));
219 creg->rgkn_hdr = (RGKN_HDR *)LOCN_RGKN(creg, 0);
221 if ((rgkn_id = IVAL(&creg->rgkn_hdr->RGKN_ID,0)) != str_to_dword("RGKN")) {
222 DEBUG(0, ("Unrecognized Windows 95 registry key index id: 0x%0X, %s\n",
223 rgkn_id, h->location));
228 /* If'ed out because we only need to parse this stuff when allocating new
229 * entries (which we don't do at the moment */
230 /* First parse the 0x2000 long block */
231 parse_rgkn_block(creg, sizeof(RGKN_HDR), 0x2000);
233 /* Then parse the other 0x1000 length blocks */
234 for(offset = 0x2000; offset < creg->rgkn_hdr->size; offset+=0x1000) {
235 parse_rgkn_block(creg, offset, offset+0x1000);
239 creg->rgdb_keys = talloc_array(h, RGDB_KEY **, creg->creg_hdr->num_rgdb);
242 DEBUG(3, ("Reading %d rgdb entries\n", creg->creg_hdr->num_rgdb));
243 for(i = 0; i < creg->creg_hdr->num_rgdb; i++) {
244 RGDB_HDR *rgdb_hdr = (RGDB_HDR *)LOCN_RGDB_BLOCK(creg, offset);
246 if(strncmp((char *)&(rgdb_hdr->RGDB_ID), "RGDB", 4)) {
247 DEBUG(0, ("unrecognized rgdb entry: %4d, %s\n",
248 rgdb_hdr->RGDB_ID, h->location));
251 DEBUG(3, ("Valid rgdb entry, first free id: %d, max id: %d\n", rgdb_hdr->first_free_id, rgdb_hdr->max_id));
255 creg->rgdb_keys[i] = talloc_array(h, RGDB_KEY *, rgdb_hdr->max_id+1);
256 memset(creg->rgdb_keys[i], 0, sizeof(RGDB_KEY *) * (rgdb_hdr->max_id+1));
258 parse_rgdb_block(creg, rgdb_hdr);
260 offset+=rgdb_hdr->size;
263 /* First element in rgkn should be root key */
264 *root = talloc(h, struct registry_key);
265 (*root)->name = NULL;
266 (*root)->backend_data = LOCN_RGKN(creg, sizeof(RGKN_HDR));
271 static WERROR w95_get_subkey_by_index (TALLOC_CTX *mem_ctx, const struct registry_key *parent, int n, struct registry_key **key)
273 CREG *creg = parent->hive->backend_data;
274 RGKN_KEY *rgkn_key = parent->backend_data;
279 /* Get id of first child */
280 child_offset = rgkn_key->first_child_offset;
282 while(child_offset != 0xFFFFFFFF) {
283 child = LOCN_RGKN(creg, child_offset);
285 /* n == cur ? return! */
288 rgdb_key = LOCN_RGDB_KEY(creg, child->id.rgdb, child->id.id);
290 DEBUG(0, ("Can't find %d,%d in RGDB table!\n", child->id.rgdb, child->id.id));
293 *key = talloc(mem_ctx, struct registry_key);
294 (*key)->backend_data = child;
295 (*key)->name = talloc_strndup(mem_ctx, (char *)rgdb_key + sizeof(RGDB_KEY), rgdb_key->name_len);
301 child_offset = child->next_offset;
304 return WERR_NO_MORE_ITEMS;
307 static WERROR w95_num_values(const struct registry_key *k, uint32_t *count)
309 RGKN_KEY *rgkn_key = k->backend_data;
310 RGDB_KEY *rgdb_key = LOCN_RGDB_KEY((CREG *)k->hive->backend_data, rgkn_key->id.rgdb, rgkn_key->id.id);
312 if(!rgdb_key) return WERR_FOOBAR;
314 *count = rgdb_key->num_values;
319 static WERROR w95_get_value_by_id(TALLOC_CTX *mem_ctx, const struct registry_key *k, int idx, struct registry_value **value)
321 RGKN_KEY *rgkn_key = k->backend_data;
324 RGDB_KEY *rgdb_key = LOCN_RGDB_KEY((CREG *)k->hive->backend_data, rgkn_key->id.rgdb, rgkn_key->id.id);
325 RGDB_VALUE *curval = NULL;
327 if(!rgdb_key) return WERR_FOOBAR;
329 if(idx >= rgdb_key->num_values) return WERR_NO_MORE_ITEMS;
331 for(i = 0; i < idx; i++) {
332 curval = (RGDB_VALUE *)(((char *)rgdb_key) + sizeof(RGDB_KEY) + rgdb_key->name_len + offset);
333 offset+=sizeof(RGDB_VALUE) + curval->name_len + curval->data_len;
336 *value = talloc(mem_ctx, struct registry_value);
337 (*value)->name = talloc_strndup(mem_ctx, (char *)curval+sizeof(RGDB_VALUE), curval->name_len);
339 (*value)->data = data_blob_talloc(mem_ctx, curval+sizeof(RGDB_VALUE)+curval->name_len, curval->data_len);
340 (*value)->data_type = curval->type;
345 static struct hive_operations reg_backend_w95 = {
347 .open_hive = w95_open_reg,
348 .get_value_by_index = w95_get_value_by_id,
349 .num_values = w95_num_values,
350 .get_subkey_by_index = w95_get_subkey_by_index,
353 NTSTATUS registry_w95_init(void)
355 return registry_register(®_backend_w95);