diff options
author | Gerald Carter <jerry@samba.org> | 2005-05-23 16:25:31 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:56:57 -0500 |
commit | f0c650a38286c07b9f3e83139c15bfbadc70ad5f (patch) | |
tree | 2c63cd42bf12e46c94628a82a40b19db47fd0aae /source3/rpc_server/srv_reg_nt.c | |
parent | e2404c81295fe3468c9b635b549f1b16f5c5f323 (diff) | |
download | samba-f0c650a38286c07b9f3e83139c15bfbadc70ad5f.tar.gz samba-f0c650a38286c07b9f3e83139c15bfbadc70ad5f.tar.bz2 samba-f0c650a38286c07b9f3e83139c15bfbadc70ad5f.zip |
r6942: * merging the registry changes back to the 3.0 tree
* removing the testprns tool
(This used to be commit 81ffb0dbbbd244623507880c323a3c37e2b8dc4d)
Diffstat (limited to 'source3/rpc_server/srv_reg_nt.c')
-rw-r--r-- | source3/rpc_server/srv_reg_nt.c | 237 |
1 files changed, 217 insertions, 20 deletions
diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index f031a3213f..4211e9b9f4 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -25,6 +25,7 @@ /* Implementation of registry functions. */ #include "includes.h" +#include "regfio.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV @@ -38,6 +39,10 @@ ((unsigned int)IVAL((hnd)->data5,4)),((unsigned int)sys_getpid()) +/* no idea if this is correct, just use the file access bits for now */ + +struct generic_mapping reg_map = { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL }; + static REGISTRY_KEY *regkeys_list; @@ -534,7 +539,7 @@ WERROR _reg_enum_key(pipes_struct *p, REG_Q_ENUM_KEY *q_u, REG_R_ENUM_KEY *r_u) /* subkey has the string name now */ - init_reg_r_enum_key( r_u, subkey, q_u->unknown_1, q_u->unknown_2 ); + init_reg_r_enum_key( r_u, subkey ); DEBUG(5,("_reg_enum_key: Exit\n")); @@ -625,6 +630,7 @@ WERROR _reg_shutdown_ex(pipes_struct *p, REG_Q_SHUTDOWN_EX *q_u, REG_R_SHUTDOWN_ int ret; BOOL can_shutdown; + pstrcpy(shutdown_script, lp_shutdown_script()); if ( !*shutdown_script ) @@ -635,7 +641,7 @@ WERROR _reg_shutdown_ex(pipes_struct *p, REG_Q_SHUTDOWN_EX *q_u, REG_R_SHUTDOWN_ pstrcpy( message, "" ); if ( q_u->message ) { UNISTR2 *msg_string = q_u->message->string; - + rpcstr_pull( message, msg_string->buffer, sizeof(message), msg_string->uni_str_len*2, 0 ); } alpha_strcpy (chkmsg, message, NULL, sizeof(message)); @@ -650,7 +656,7 @@ WERROR _reg_shutdown_ex(pipes_struct *p, REG_Q_SHUTDOWN_EX *q_u, REG_R_SHUTDOWN_ all_string_sub( shutdown_script, "%r", r, sizeof(shutdown_script) ); all_string_sub( shutdown_script, "%f", f, sizeof(shutdown_script) ); all_string_sub( shutdown_script, "%x", reason, sizeof(shutdown_script) ); - + can_shutdown = user_has_privileges( p->pipe_user.nt_user_token, &se_remote_shutdown ); /* IF someone has privs, run the shutdown script as root. OTHERWISE run it as not root @@ -667,7 +673,7 @@ WERROR _reg_shutdown_ex(pipes_struct *p, REG_Q_SHUTDOWN_EX *q_u, REG_R_SHUTDOWN_ unbecome_root(); /********** END SeRemoteShutdownPrivilege BLOCK **********/ - + DEBUG(3,("_reg_shutdown_ex: Running the command `%s' gave %d\n", shutdown_script, ret)); @@ -717,18 +723,56 @@ WERROR _reg_abort_shutdown(pipes_struct *p, REG_Q_ABORT_SHUTDOWN *q_u, REG_R_ABO /******************************************************************* ********************************************************************/ +static int validate_reg_filename( pstring fname ) +{ + char *p; + int num_services = lp_numservices(); + int snum; + pstring share_path; + pstring unix_fname; + + /* convert to a unix path, stripping the C:\ along the way */ + + if ( !(p = valid_share_pathname( fname ) )) + return -1; + + /* has to exist within a valid file share */ + + for ( snum=0; snum<num_services; snum++ ) { + + if ( !lp_snum_ok(snum) || lp_print_ok(snum) ) + continue; + + pstrcpy( share_path, lp_pathname(snum) ); + + /* make sure we have a path (e.g. [homes] ) */ + + if ( strlen( share_path ) == 0 ) + continue; + + if ( strncmp( share_path, p, strlen( share_path )) == 0 ) + break; + } + + /* p and fname are overlapping memory so copy out and back in again */ + + pstrcpy( unix_fname, p ); + pstrcpy( fname, unix_fname ); + + return (snum < num_services) ? snum : -1; +} + +/******************************************************************* + ********************************************************************/ + WERROR _reg_restore_key(pipes_struct *p, REG_Q_RESTORE_KEY *q_u, REG_R_RESTORE_KEY *r_u) { REGISTRY_KEY *regkey = find_regkey_index_by_hnd( p, &q_u->pol ); pstring filename; + int snum; DEBUG(5,("_reg_restore_key: Enter\n")); - /* - * basically this is a no op function which just verifies - * that the client gave us a valid registry key handle - */ - if ( !regkey ) return WERR_BADFID; @@ -736,14 +780,169 @@ WERROR _reg_restore_key(pipes_struct *p, REG_Q_RESTORE_KEY *q_u, REG_R_RESTORE_ DEBUG(8,("_reg_restore_key: verifying restore of key [%s] from \"%s\"\n", regkey->name, filename)); + if ( (snum = validate_reg_filename( filename )) == -1 ) + return WERR_OBJECT_PATH_INVALID; + + DEBUG(2,("_reg_restore_key: Restoring [%s] from %s in share %s\n", regkey->name, filename, lp_servicename(snum) )); + #if 0 - validate_reg_filemame( filename ); return restore_registry_key( regkey, filename ); #endif return WERR_OK; } +/******************************************************************** +********************************************************************/ + +static WERROR reg_write_tree( REGF_FILE *regfile, const char *keypath, + REGF_NK_REC *parent, SEC_DESC *sec_desc ) +{ + REGF_NK_REC *key; + REGVAL_CTR values; + REGSUBKEY_CTR subkeys; + int i, num_subkeys; + pstring key_tmp; + char *keyname, *parentpath; + pstring subkeypath; + char *subkeyname; + REGISTRY_KEY registry_key; + WERROR result = WERR_OK; + + if ( !regfile ) + return WERR_GENERAL_FAILURE; + + if ( !keypath ) + return WERR_OBJECT_PATH_INVALID; + + /* split up the registry key path */ + + pstrcpy( key_tmp, keypath ); + if ( !reg_split_key( key_tmp, &parentpath, &keyname ) ) + return WERR_OBJECT_PATH_INVALID; + + if ( !keyname ) + keyname = parentpath; + + /* we need a REGISTRY_KEY object here to enumerate subkeys and values */ + + ZERO_STRUCT( registry_key ); + pstrcpy( registry_key.name, keypath ); + if ( !(registry_key.hook = reghook_cache_find( registry_key.name )) ) + return WERR_BADFILE; + + + /* lookup the values and subkeys */ + + ZERO_STRUCT( values ); + ZERO_STRUCT( subkeys ); + + regsubkey_ctr_init( &subkeys ); + regval_ctr_init( &values ); + + fetch_reg_keys( ®istry_key, &subkeys ); + fetch_reg_values( ®istry_key, &values ); + + /* write out this key */ + + if ( !(key = regfio_write_key( regfile, keyname, &values, &subkeys, sec_desc, parent )) ) { + result = WERR_CAN_NOT_COMPLETE; + goto done; + } + + /* write each one of the subkeys out */ + + num_subkeys = regsubkey_ctr_numkeys( &subkeys ); + for ( i=0; i<num_subkeys; i++ ) { + subkeyname = regsubkey_ctr_specific_key( &subkeys, i ); + pstr_sprintf( subkeypath, "%s\\%s", keypath, subkeyname ); + result = reg_write_tree( regfile, subkeypath, key, sec_desc ); + if ( !W_ERROR_IS_OK(result) ) + goto done; + } + + DEBUG(6,("reg_write_tree: wrote key [%s]\n", keypath )); + +done: + regval_ctr_destroy( &values ); + regsubkey_ctr_destroy( &subkeys ); + + return result; +} + +/******************************************************************* + ********************************************************************/ + +static WERROR make_default_reg_sd( TALLOC_CTX *ctx, SEC_DESC **psd ) +{ + DOM_SID adm_sid, owner_sid; + SEC_ACE ace[2]; /* at most 2 entries */ + SEC_ACCESS mask; + SEC_ACL *psa = NULL; + uint32 sd_size; + + /* set the owner to BUILTIN\Administrator */ + + sid_copy(&owner_sid, &global_sid_Builtin); + sid_append_rid(&owner_sid, DOMAIN_USER_RID_ADMIN ); + + + /* basic access for Everyone */ + + init_sec_access(&mask, reg_map.generic_execute | reg_map.generic_read ); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + /* add Full Access 'BUILTIN\Administrators' */ + + init_sec_access(&mask, reg_map.generic_all); + sid_copy(&adm_sid, &global_sid_Builtin); + sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + /* create the security descriptor */ + + if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 2, ace)) == NULL) + return WERR_NOMEM; + + if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, &owner_sid, NULL, NULL, psa, &sd_size)) == NULL) + return WERR_NOMEM; + + return WERR_OK; +} + +/******************************************************************* + ********************************************************************/ + +static WERROR backup_registry_key ( REGISTRY_KEY *krecord, const char *fname ) +{ + REGF_FILE *regfile; + WERROR result; + SEC_DESC *sd = NULL; + + /* open the registry file....fail if the file already exists */ + + if ( !(regfile = regfio_open( fname, (O_RDWR|O_CREAT|O_EXCL), (S_IREAD|S_IWRITE) )) ) { + DEBUG(0,("backup_registry_key: failed to open \"%s\" (%s)\n", + fname, strerror(errno) )); + return ( ntstatus_to_werror(map_nt_error_from_unix( errno )) ); + } + + if ( !W_ERROR_IS_OK(result = make_default_reg_sd( regfile->mem_ctx, &sd )) ) { + regfio_close( regfile ); + return result; + } + + /* write the registry tree to the file */ + + result = reg_write_tree( regfile, krecord->name, NULL, sd ); + + /* cleanup */ + + regfio_close( regfile ); + + return result; +} + /******************************************************************* ********************************************************************/ @@ -751,25 +950,23 @@ WERROR _reg_save_key(pipes_struct *p, REG_Q_SAVE_KEY *q_u, REG_R_SAVE_KEY *r_u) { REGISTRY_KEY *regkey = find_regkey_index_by_hnd( p, &q_u->pol ); pstring filename; + int snum; DEBUG(5,("_reg_save_key: Enter\n")); - - /* - * basically this is a no op function which just verifies - * that the client gave us a valid registry key handle - */ - + if ( !regkey ) return WERR_BADFID; rpcstr_pull(filename, q_u->filename.string->buffer, sizeof(filename), q_u->filename.string->uni_str_len*2, STR_TERMINATE); DEBUG(8,("_reg_save_key: verifying backup of key [%s] to \"%s\"\n", regkey->name, filename)); - -#if 0 - validate_reg_filemame( filename ); + + if ( (snum = validate_reg_filename( filename )) == -1 ) + return WERR_OBJECT_PATH_INVALID; + + DEBUG(2,("_reg_save_key: Saving [%s] to %s in share %s\n", regkey->name, filename, lp_servicename(snum) )); + return backup_registry_key( regkey, filename ); -#endif return WERR_OK; } |