summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2007-11-06 00:50:47 +0100
committerGünther Deschner <gd@samba.org>2007-11-06 00:50:47 +0100
commit99d9993fdb9cdf5ac054329ddf5e9c4f258f9049 (patch)
treeae7ed28f3fc736fc72919a47d2479ee7b015c58e
parent3fd2d4ed856bc4fa053e1c03926ca71bb4ab1a9f (diff)
downloadsamba-99d9993fdb9cdf5ac054329ddf5e9c4f258f9049.tar.gz
samba-99d9993fdb9cdf5ac054329ddf5e9c4f258f9049.tar.bz2
samba-99d9993fdb9cdf5ac054329ddf5e9c4f258f9049.zip
When deleting a key from the registry make sure the non-default
security descriptor gets deleted as well. Guenther (This used to be commit d140d68537225b6a6a99be3d9b09354e3f6ad8c9)
-rw-r--r--source3/registry/reg_api.c11
-rw-r--r--source3/registry/reg_db.c15
-rw-r--r--source3/registry/reg_frontend.c10
-rw-r--r--source3/registry/reg_frontend_hilvl.c10
4 files changed, 32 insertions, 14 deletions
diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c
index 17a0efe007..b3d024d7b4 100644
--- a/source3/registry/reg_api.c
+++ b/source3/registry/reg_api.c
@@ -498,7 +498,7 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path)
TALLOC_CTX *mem_ctx;
char *name, *end;
int num_subkeys;
- struct registry_key *tmp_key;
+ struct registry_key *tmp_key, *key;
if (!(mem_ctx = talloc_init("reg_createkey"))) return WERR_NOMEM;
@@ -508,14 +508,14 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path)
}
/* check if the key has subkeys */
- err = reg_openkey(mem_ctx, parent, name, REG_KEY_READ, &tmp_key);
+ err = reg_openkey(mem_ctx, parent, name, REG_KEY_READ, &key);
if (!W_ERROR_IS_OK(err)) {
goto error;
}
- if (!W_ERROR_IS_OK(err = fill_subkey_cache(tmp_key))) {
+ if (!W_ERROR_IS_OK(err = fill_subkey_cache(key))) {
goto error;
}
- if (tmp_key->subkeys->num_subkeys > 0) {
+ if (key->subkeys->num_subkeys > 0) {
err = WERR_ACCESS_DENIED;
goto error;
}
@@ -556,7 +556,10 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path)
goto error;
}
+ regkey_set_secdesc(key->key, NULL);
+
err = WERR_OK;
+
error:
TALLOC_FREE(mem_ctx);
return err;
diff --git a/source3/registry/reg_db.c b/source3/registry/reg_db.c
index 8dd61fcdff..4947b2ad52 100644
--- a/source3/registry/reg_db.c
+++ b/source3/registry/reg_db.c
@@ -788,6 +788,21 @@ static WERROR regdb_set_secdesc(const char *key,
}
normalize_dbkey(tdbkey);
+ if (secdesc == NULL) {
+ /* assuming a delete */
+ int tdb_ret;
+
+ tdb_ret = tdb_trans_delete(tdb_reg->tdb,
+ string_term_tdb_data(tdbkey));
+ if (tdb_ret == -1) {
+ err = ntstatus_to_werror(map_nt_error_from_unix(errno));
+ } else {
+ err = WERR_OK;
+ }
+
+ goto done;
+ }
+
err = ntstatus_to_werror(marshall_sec_desc(mem_ctx, secdesc,
&tdbdata.dptr,
&tdbdata.dsize));
diff --git a/source3/registry/reg_frontend.c b/source3/registry/reg_frontend.c
index 00972390bd..577df1c3d4 100644
--- a/source3/registry/reg_frontend.c
+++ b/source3/registry/reg_frontend.c
@@ -101,16 +101,6 @@ WERROR regkey_open_internal( TALLOC_CTX *ctx, REGISTRY_KEY **regkey,
return WERR_OK;
}
-WERROR regkey_set_secdesc(REGISTRY_KEY *key,
- struct security_descriptor *psecdesc)
-{
- if (key->hook && key->hook->ops && key->hook->ops->set_secdesc) {
- return key->hook->ops->set_secdesc(key->name, psecdesc);
- }
-
- return WERR_ACCESS_DENIED;
-}
-
/*
* Utility function to create a registry key without opening the hive
* before. Assumes the hive already exists.
diff --git a/source3/registry/reg_frontend_hilvl.c b/source3/registry/reg_frontend_hilvl.c
index 08429c6dfe..a4b78b24c0 100644
--- a/source3/registry/reg_frontend_hilvl.c
+++ b/source3/registry/reg_frontend_hilvl.c
@@ -204,3 +204,13 @@ WERROR regkey_get_secdesc(TALLOC_CTX *mem_ctx, REGISTRY_KEY *key,
*psecdesc = secdesc;
return WERR_OK;
}
+
+WERROR regkey_set_secdesc(REGISTRY_KEY *key,
+ struct security_descriptor *psecdesc)
+{
+ if (key->hook && key->hook->ops && key->hook->ops->set_secdesc) {
+ return key->hook->ops->set_secdesc(key->name, psecdesc);
+ }
+
+ return WERR_ACCESS_DENIED;
+}