diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2006-03-21 01:30:22 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:58:59 -0500 |
commit | d64ccc01769ce274c74d8458f9ef81cdcc8986f6 (patch) | |
tree | 27c1b92cf2c0d482fdab208f33b876314cacb13e | |
parent | b556df32a849eefa2f2f34868eee02f05451878d (diff) | |
download | samba-d64ccc01769ce274c74d8458f9ef81cdcc8986f6.tar.gz samba-d64ccc01769ce274c74d8458f9ef81cdcc8986f6.tar.bz2 samba-d64ccc01769ce274c74d8458f9ef81cdcc8986f6.zip |
r14599: Pass ACLs down the registry layer.
(This used to be commit 6cdefd8945eee5513a6993350ea71f12d4dbd6fa)
-rw-r--r-- | source4/gtk/tools/gregedit.c | 9 | ||||
-rw-r--r-- | source4/lib/ldb/common/ldb.c | 2 | ||||
-rw-r--r-- | source4/lib/registry/common/reg_interface.c | 4 | ||||
-rw-r--r-- | source4/lib/registry/reg_backend_ldb.c | 4 | ||||
-rw-r--r-- | source4/lib/registry/reg_backend_rpc.c | 2 | ||||
-rw-r--r-- | source4/lib/registry/reg_samba.c | 6 | ||||
-rw-r--r-- | source4/lib/registry/regf.idl | 1 | ||||
-rw-r--r-- | source4/lib/registry/registry.h | 6 | ||||
-rw-r--r-- | source4/lib/registry/tools/regdiff.c | 8 | ||||
-rw-r--r-- | source4/lib/registry/tools/regpatch.c | 4 | ||||
-rw-r--r-- | source4/lib/registry/tools/regshell.c | 6 | ||||
-rw-r--r-- | source4/lib/registry/tools/regtree.c | 6 | ||||
-rw-r--r-- | source4/rpc_server/winreg/rpc_winreg.c | 2 | ||||
-rw-r--r-- | source4/torture/local/registry.c | 3 |
14 files changed, 38 insertions, 25 deletions
diff --git a/source4/gtk/tools/gregedit.c b/source4/gtk/tools/gregedit.c index 76c7dfa08a..58e2f2ad88 100644 --- a/source4/gtk/tools/gregedit.c +++ b/source4/gtk/tools/gregedit.c @@ -349,7 +349,7 @@ static void on_open_file_activate (GtkMenuItem *menuitem, gpointer user_data) switch(result) { case GTK_RESPONSE_OK: filename = strdup(gtk_file_selection_get_filename(GTK_FILE_SELECTION(openfilewin))); - error = reg_open_hive(NULL, user_data, filename, NULL, &root); + error = reg_open_hive(NULL, user_data, filename, NULL, NULL, &root); if(!W_ERROR_IS_OK(error)) { gtk_show_werror(mainwin, "Error while opening hive", error); break; @@ -371,7 +371,7 @@ static void on_open_file_activate (GtkMenuItem *menuitem, gpointer user_data) static void on_open_gconf_activate(GtkMenuItem *menuitem, gpointer user_data) { struct registry_key *root; - WERROR error = reg_open_hive(NULL, "gconf", NULL, NULL, &root); + WERROR error = reg_open_hive(NULL, "gconf", NULL, NULL, NULL, &root); if(!W_ERROR_IS_OK(error)) { gtk_show_werror(mainwin, "Error while opening GConf", error); return; @@ -385,7 +385,7 @@ static void on_open_gconf_activate(GtkMenuItem *menuitem, gpointer user_data) static void on_open_local_activate(GtkMenuItem *menuitem, gpointer user_data) { - WERROR error = reg_open_local(®istry); + WERROR error = reg_open_local(®istry, NULL, NULL); if(!W_ERROR_IS_OK(error)) { gtk_show_werror(mainwin, "Error while opening local registry", error); return; @@ -412,6 +412,7 @@ static void on_open_remote_activate(GtkMenuItem *menuitem, gpointer user_data) cli_credentials_set_gtk_callbacks(creds); error = reg_open_remote(®istry, + NULL, creds, gtk_rpc_binding_dialog_get_binding_string(GTK_RPC_BINDING_DIALOG(rpcwin), mem_ctx), NULL); @@ -952,7 +953,7 @@ static GtkWidget* create_savefilewin (void) static int gregedit_load_defaults(void) { - WERROR error = reg_open_local(®istry); + WERROR error = reg_open_local(®istry, NULL, NULL); if(!W_ERROR_IS_OK(error)) { gtk_show_werror(mainwin, "Error while loading local registry", error); return -1; diff --git a/source4/lib/ldb/common/ldb.c b/source4/lib/ldb/common/ldb.c index 6e1f6f5cde..0d424ad601 100644 --- a/source4/lib/ldb/common/ldb.c +++ b/source4/lib/ldb/common/ldb.c @@ -106,7 +106,7 @@ int ldb_connect(struct ldb_context *ldb, const char *url, unsigned int flags, co ldb_connect_fn fn; if (strchr(url, ':') != NULL) { - backend = talloc_strndup(ldb, url, strchr(url, ':')-url-1); + backend = talloc_strndup(ldb, url, strchr(url, ':')-url); } else { /* Default to tdb */ backend = talloc_strdup(ldb, "tdb"); diff --git a/source4/lib/registry/common/reg_interface.c b/source4/lib/registry/common/reg_interface.c index 7af0616ce0..42535d835d 100644 --- a/source4/lib/registry/common/reg_interface.c +++ b/source4/lib/registry/common/reg_interface.c @@ -161,7 +161,7 @@ _PUBLIC_ WERROR reg_get_predefined_key(struct registry_context *ctx, uint32_t hk } /** Open a registry file/host/etc */ -_PUBLIC_ WERROR reg_open_hive(TALLOC_CTX *parent_ctx, const char *backend, const char *location, const char *credentials, struct registry_key **root) +_PUBLIC_ WERROR reg_open_hive(TALLOC_CTX *parent_ctx, const char *backend, const char *location, struct auth_session_info *session_info, struct cli_credentials *credentials, struct registry_key **root) { struct registry_hive *rethive; struct registry_key *retkey = NULL; @@ -181,6 +181,8 @@ _PUBLIC_ WERROR reg_open_hive(TALLOC_CTX *parent_ctx, const char *backend, const rethive = talloc(parent_ctx, struct registry_hive); rethive->location = location?talloc_strdup(rethive, location):NULL; + rethive->session_info = talloc_reference(rethive, session_info); + rethive->credentials = talloc_reference(rethive, credentials); rethive->functions = entry->hive_functions; rethive->backend_data = NULL; diff --git a/source4/lib/registry/reg_backend_ldb.c b/source4/lib/registry/reg_backend_ldb.c index 6c668d7b48..ec185cd65b 100644 --- a/source4/lib/registry/reg_backend_ldb.c +++ b/source4/lib/registry/reg_backend_ldb.c @@ -262,8 +262,8 @@ static WERROR ldb_open_hive(struct registry_hive *hive, struct registry_key **k) struct ldb_context *wrap; if (!hive->location) return WERR_INVALID_PARAM; - /* TODO: Support remoting with credentials and ACLs with session tokens */ - wrap = ldb_wrap_connect(hive, hive->location, NULL, NULL, 0, NULL); + + wrap = ldb_wrap_connect(hive, hive->location, hive->session_info, hive->credentials, 0, NULL); if(!wrap) { DEBUG(1, ("ldb_open_hive: unable to connect\n")); diff --git a/source4/lib/registry/reg_backend_rpc.c b/source4/lib/registry/reg_backend_rpc.c index c4d9c28d9d..eb98565554 100644 --- a/source4/lib/registry/reg_backend_rpc.c +++ b/source4/lib/registry/reg_backend_rpc.c @@ -356,7 +356,7 @@ static struct hive_operations reg_backend_rpc = { .num_values = rpc_num_values, }; -_PUBLIC_ WERROR reg_open_remote(struct registry_context **ctx, struct cli_credentials *credentials, +_PUBLIC_ WERROR reg_open_remote(struct registry_context **ctx, struct auth_session_info *session_info, struct cli_credentials *credentials, const char *location, struct event_context *ev) { NTSTATUS status; diff --git a/source4/lib/registry/reg_samba.c b/source4/lib/registry/reg_samba.c index 71f7160686..4a88d96042 100644 --- a/source4/lib/registry/reg_samba.c +++ b/source4/lib/registry/reg_samba.c @@ -61,16 +61,18 @@ static WERROR reg_samba_get_predef (struct registry_context *ctx, uint32_t hkey, /* FIXME: HKEY_LOCAL_MACHINE\Security\SAM is an alias for HKEY_LOCAL_MACHINE\SAM */ - error = reg_open_hive(ctx, backend, location, NULL, k); + error = reg_open_hive(ctx, backend, location, ctx->session_info, ctx->credentials, k); talloc_free(backend); return error; } -_PUBLIC_ WERROR reg_open_local (struct registry_context **ctx) +_PUBLIC_ WERROR reg_open_local (struct registry_context **ctx, struct auth_session_info *session_info, struct cli_credentials *credentials) { *ctx = talloc(NULL, struct registry_context); + (*ctx)->credentials = talloc_reference(*ctx, credentials); + (*ctx)->session_info = talloc_reference(*ctx, session_info); (*ctx)->get_predefined_key = reg_samba_get_predef; return WERR_OK; diff --git a/source4/lib/registry/regf.idl b/source4/lib/registry/regf.idl index dcb1df039b..8f5db8c236 100644 --- a/source4/lib/registry/regf.idl +++ b/source4/lib/registry/regf.idl @@ -17,6 +17,7 @@ interface regf /* * Registry version number + * 1.2.0.1 for WinNT 3.51 * 1.3.0.1 for WinNT 4 * 1.5.0.1 for WinXP */ diff --git a/source4/lib/registry/registry.h b/source4/lib/registry/registry.h index 87a23db93d..d6b4e5b08c 100644 --- a/source4/lib/registry/registry.h +++ b/source4/lib/registry/registry.h @@ -125,6 +125,8 @@ struct registry_hive { const struct hive_operations *functions; struct registry_key *root; + struct auth_session_info *session_info; + struct cli_credentials *credentials; void *backend_data; const char *location; }; @@ -133,6 +135,8 @@ struct registry_hive * contains zero or more hives */ struct registry_context { void *backend_data; + struct cli_credentials *credentials; + struct auth_session_info *session_info; WERROR (*get_predefined_key) (struct registry_context *, uint32_t hkey, struct registry_key **); }; @@ -164,6 +168,8 @@ struct reg_diff struct reg_diff_key *keys; }; +struct auth_session_info; + #include "lib/registry/registry_proto.h" #endif /* _REGISTRY_H */ diff --git a/source4/lib/registry/tools/regdiff.c b/source4/lib/registry/tools/regdiff.c index ae617bbe84..c7e6f87792 100644 --- a/source4/lib/registry/tools/regdiff.c +++ b/source4/lib/registry/tools/regdiff.c @@ -54,14 +54,14 @@ int main(int argc, char **argv) error = WERR_OK; switch(opt) { case 'L': - if (!h1 && !from_null) error = reg_open_local(&h1); - else if (!h2) error = reg_open_local(&h2); + if (!h1 && !from_null) error = reg_open_local(&h1, NULL, cmdline_credentials); + else if (!h2) error = reg_open_local(&h2, NULL, cmdline_credentials); break; case 'R': if (!h1 && !from_null) - error = reg_open_remote(&h1, cmdline_credentials, + error = reg_open_remote(&h1, NULL, cmdline_credentials, poptGetOptArg(pc), NULL); - else if (!h2) error = reg_open_remote(&h2, cmdline_credentials, + else if (!h2) error = reg_open_remote(&h2, NULL, cmdline_credentials, poptGetOptArg(pc), NULL); break; } diff --git a/source4/lib/registry/tools/regpatch.c b/source4/lib/registry/tools/regpatch.c index 9392e66192..74601d73f9 100644 --- a/source4/lib/registry/tools/regpatch.c +++ b/source4/lib/registry/tools/regpatch.c @@ -50,9 +50,9 @@ int main(int argc, char **argv) } if (remote) { - error = reg_open_remote (&h, cmdline_credentials, remote, NULL); + error = reg_open_remote (&h, NULL, cmdline_credentials, remote, NULL); } else { - error = reg_open_local (&h); + error = reg_open_local (&h, NULL, cmdline_credentials); } if (W_ERROR_IS_OK(error)) { diff --git a/source4/lib/registry/tools/regshell.c b/source4/lib/registry/tools/regshell.c index 0812cad73f..19f544bccf 100644 --- a/source4/lib/registry/tools/regshell.c +++ b/source4/lib/registry/tools/regshell.c @@ -426,11 +426,11 @@ static char **reg_completion(const char *text, int start, int end) } if (remote) { - error = reg_open_remote (&h, cmdline_credentials, remote, NULL); + error = reg_open_remote (&h, NULL, cmdline_credentials, remote, NULL); } else if (backend) { - error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, &curkey); + error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, cmdline_credentials, &curkey); } else { - error = reg_open_local(&h); + error = reg_open_local(&h, NULL, cmdline_credentials); } if(!W_ERROR_IS_OK(error)) { diff --git a/source4/lib/registry/tools/regtree.c b/source4/lib/registry/tools/regtree.c index a4fb69f073..fae2c6eacf 100644 --- a/source4/lib/registry/tools/regtree.c +++ b/source4/lib/registry/tools/regtree.c @@ -107,11 +107,11 @@ int main(int argc, char **argv) } if (remote) { - error = reg_open_remote(&h, cmdline_credentials, remote, NULL); + error = reg_open_remote(&h, NULL, cmdline_credentials, remote, NULL); } else if (backend) { - error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, &root); + error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, cmdline_credentials, &root); } else { - error = reg_open_local (&h); + error = reg_open_local (&h, NULL, cmdline_credentials); } if(!W_ERROR_IS_OK(error)) { diff --git a/source4/rpc_server/winreg/rpc_winreg.c b/source4/rpc_server/winreg/rpc_winreg.c index 1c60adb901..ab955abb26 100644 --- a/source4/rpc_server/winreg/rpc_winreg.c +++ b/source4/rpc_server/winreg/rpc_winreg.c @@ -32,7 +32,7 @@ enum handle_types { HTYPE_REGVAL, HTYPE_REGKEY }; static NTSTATUS dcerpc_winreg_bind(struct dcesrv_call_state *dce_call, const struct dcesrv_interface *iface) { struct registry_context *ctx; - reg_open_local(&ctx); + reg_open_local(&ctx, dce_call->conn->auth_state.session_info, NULL); dce_call->context->private = ctx; diff --git a/source4/torture/local/registry.c b/source4/torture/local/registry.c index b1582a4e9e..95f7d3afe7 100644 --- a/source4/torture/local/registry.c +++ b/source4/torture/local/registry.c @@ -22,6 +22,7 @@ #include "includes.h" #include "lib/registry/registry.h" +#include "lib/cmdline/popt_common.h" static BOOL test_hive(TALLOC_CTX *mem_ctx, const char *backend, const char *location) { @@ -34,7 +35,7 @@ static BOOL test_hive(TALLOC_CTX *mem_ctx, const char *backend, const char *loca return True; } - error = reg_open_hive(mem_ctx, backend, location, NULL, &root); + error = reg_open_hive(mem_ctx, backend, location, NULL, cmdline_credentials, &root); if (!W_ERROR_IS_OK(error)) { printf("reg_open_hive() failed\n"); return False; |