summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-06-17 01:57:18 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:57:19 -0500
commit2102f6bff9641eeec3b593529be7bf8d9ec784d4 (patch)
tree2ecf1b3ba859c27a9ff324e0148c2cc21af169fb /source3/rpc_server
parentd9e12b4df7fb8081190910ae25e98d379acda13d (diff)
downloadsamba-2102f6bff9641eeec3b593529be7bf8d9ec784d4.tar.gz
samba-2102f6bff9641eeec3b593529be7bf8d9ec784d4.tar.bz2
samba-2102f6bff9641eeec3b593529be7bf8d9ec784d4.zip
r7664: add access check hooks to _reg_open_entry which are passed off
to the reg_XXX backend. If the backend does not define a regkey_access_check() function, we default to using the standard registry_access_check() (This used to be commit 2f08a904eee772e7d99ae6e3e4c922f74732284f)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_reg_nt.c35
1 files changed, 29 insertions, 6 deletions
diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c
index 2a80594128..95af6c15c9 100644
--- a/source3/rpc_server/srv_reg_nt.c
+++ b/source3/rpc_server/srv_reg_nt.c
@@ -197,6 +197,10 @@ static WERROR open_registry_key(pipes_struct *p, POLICY_HND *hnd, REGISTRY_KEY *
if ( !create_policy_hnd( p, hnd, free_regkey_info, regkey ) )
result = WERR_BADFILE;
}
+
+ /* save the access mask */
+
+ regkey->access_granted = access_granted;
/* clean up */
@@ -402,9 +406,10 @@ WERROR _reg_open_hku(pipes_struct *p, REG_Q_OPEN_HIVE *q_u, REG_R_OPEN_HIVE *r_u
WERROR _reg_open_entry(pipes_struct *p, REG_Q_OPEN_ENTRY *q_u, REG_R_OPEN_ENTRY *r_u)
{
- POLICY_HND pol;
fstring name;
REGISTRY_KEY *key = find_regkey_index_by_hnd(p, &q_u->pol);
+ REGISTRY_KEY *newkey;
+ uint32 access_granted;
WERROR result;
DEBUG(5,("reg_open_entry: Enter\n"));
@@ -414,13 +419,31 @@ WERROR _reg_open_entry(pipes_struct *p, REG_Q_OPEN_ENTRY *q_u, REG_R_OPEN_ENTRY
rpcstr_pull( name, q_u->name.string->buffer, sizeof(name), q_u->name.string->uni_str_len*2, 0 );
- result = open_registry_key( p, &pol, key, name, 0x0 );
-
- init_reg_r_open_entry( r_u, &pol, result );
+ /* check granted access first; what is the correct mask here? */
+
+ if ( !(key->access_granted & SEC_RIGHTS_ENUM_SUBKEYS) )
+ return WERR_ACCESS_DENIED;
+
+ /* open the key first to get the appropriate REGISTRY_HOOK
+ and then check the premissions */
+
+ if ( !W_ERROR_IS_OK(result = open_registry_key( p, &r_u->handle, key, name, 0 )) )
+ return result;
- DEBUG(5,("reg_open_entry: Exit\n"));
+ newkey = find_regkey_index_by_hnd(p, &r_u->handle);
- return r_u->status;
+ /* finally allow the backend to check the access for the requested key */
+
+ if ( !regkey_access_check( newkey, q_u->access, &access_granted, p->pipe_user.nt_user_token ) ) {
+ close_registry_key( p, &r_u->handle );
+ return WERR_ACCESS_DENIED;
+ }
+
+ /* if successful, save the granted access mask */
+
+ newkey->access_granted = access_granted;
+
+ return WERR_OK;
}
/*******************************************************************