diff options
-rw-r--r-- | source3/include/proto.h | 8 | ||||
-rw-r--r-- | source3/include/rpc_reg.h | 32 | ||||
-rw-r--r-- | source3/lib/util.c | 10 | ||||
-rw-r--r-- | source3/rpc_client/cli_reg.c | 65 | ||||
-rw-r--r-- | source3/rpc_parse/parse_reg.c | 58 |
5 files changed, 166 insertions, 7 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index e83e0320de..74d81ad7f1 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1816,6 +1816,8 @@ void cli_nt_session_close(struct cli_state *cli, uint16 nt_pipe_fnum); BOOL do_reg_connect(struct cli_state *cli, uint16 fnum, char *full_keyname, char *key_name, POLICY_HND *reg_hnd); +BOOL do_reg_open_hkcr(struct cli_state *cli, uint16 fnum, uint16 unknown_0, uint32 level, + POLICY_HND *hnd); BOOL do_reg_open_hklm(struct cli_state *cli, uint16 fnum, uint16 unknown_0, uint32 level, POLICY_HND *hnd); BOOL do_reg_open_hku(struct cli_state *cli, uint16 fnum, uint16 unknown_0, uint32 level, @@ -2334,6 +2336,10 @@ BOOL _prs_uint32_post(char *name, prs_struct *ps, int depth, uint32 *data32, /*The following definitions come from rpc_parse/parse_reg.c */ +BOOL make_reg_q_open_hkcr(REG_Q_OPEN_HKCR *q_o, + uint16 unknown_0, uint32 level); +BOOL reg_io_q_open_hkcr(char *desc, REG_Q_OPEN_HKCR *r_q, prs_struct *ps, int depth); +BOOL reg_io_r_open_hkcr(char *desc, REG_R_OPEN_HKCR *r_r, prs_struct *ps, int depth); BOOL make_reg_q_open_hklm(REG_Q_OPEN_HKLM *q_o, uint16 unknown_0, uint32 level); BOOL reg_io_q_open_hklm(char *desc, REG_Q_OPEN_HKLM *r_q, prs_struct *ps, int depth); @@ -3245,7 +3251,7 @@ BOOL sam_query_groupmem(struct cli_state *cli, uint16 fnum, uint32 msrpc_sam_enum_groups(struct client_info *info, struct acct_info **sam, uint32 *num_sam_entries, - BOOL request_member_info, + void(*grp_mem_fn)(uint32, char*, uint32, uint32*, char**, uint32*), BOOL request_group_info); void cmd_sam_enum_groups(struct client_info *info); diff --git a/source3/include/rpc_reg.h b/source3/include/rpc_reg.h index cc163540d7..f74856193d 100644 --- a/source3/include/rpc_reg.h +++ b/source3/include/rpc_reg.h @@ -26,6 +26,7 @@ /* winreg pipe defines */ +#define REG_OPEN_HKCR 0x00 #define REG_OPEN_HKLM 0x02 #define REG_OPEN_HKU 0x04 #define REG_FLUSH_KEY 0x0B @@ -44,11 +45,32 @@ #define REG_CLOSE 0x05 #define REG_SHUTDOWN 0x18 -#define HKEY_LOCAL_MACHINE 0x80000000 +#define HKEY_CLASSES_ROOT 0x80000000 +#define HKEY_CURRENT_USER 0x80000001 +#define HKEY_LOCAL_MACHINE 0x80000002 #define HKEY_USERS 0x80000003 +/* REG_Q_OPEN_HKCR */ +typedef struct q_reg_open_hkcr_info +{ + uint32 ptr; + uint16 unknown_0; /* 0x5428 - 16 bit unknown */ + uint16 unknown_1; /* random. changes */ + uint32 level; /* 0x0200 0000 */ + +} REG_Q_OPEN_HKCR; + +/* REG_R_OPEN_HKCR */ +typedef struct r_reg_open_hkcr_info +{ + POLICY_HND pol; /* policy handle */ + uint32 status; /* return status */ + +} REG_R_OPEN_HKCR; + + /* REG_Q_OPEN_HKLM */ -typedef struct q_reg_open_policy_info +typedef struct q_reg_open_hklm_info { uint32 ptr; uint16 unknown_0; /* 0xE084 - 16 bit unknown */ @@ -58,7 +80,7 @@ typedef struct q_reg_open_policy_info } REG_Q_OPEN_HKLM ; /* REG_R_OPEN_HKLM */ -typedef struct r_reg_open_policy_info +typedef struct r_reg_open_hklm_info { POLICY_HND pol; /* policy handle */ uint32 status; /* return status */ @@ -67,7 +89,7 @@ typedef struct r_reg_open_policy_info /* REG_Q_OPEN_HKU */ -typedef struct q_reg_open_unk4_info +typedef struct q_reg_open_hku_info { uint32 ptr; uint16 unknown_0; /* 0xE084 - 16 bit unknown */ @@ -77,7 +99,7 @@ typedef struct q_reg_open_unk4_info } REG_Q_OPEN_HKU; /* REG_R_OPEN_HKU */ -typedef struct r_reg_open_unk4_info +typedef struct r_reg_open_hku_info { POLICY_HND pol; /* policy handle */ uint32 status; /* return status */ diff --git a/source3/lib/util.c b/source3/lib/util.c index 8afa2f8c01..bd93b01341 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -3139,7 +3139,15 @@ BOOL reg_split_key(char *full_keyname, uint32 *reg_type, char *key_name) DEBUG(10, ("reg_split_key: hive %s\n", tmp)); - if (strequal(tmp, "HKLM") || strequal(tmp, "HKEY_LOCAL_MACHINE")) + if (strequal(tmp, "HKCR") || strequal(tmp, "HKEY_CLASSES_ROOT")) + { + (*reg_type) = HKEY_CLASSES_ROOT; + } + else if (strequal(tmp, "HKCU") || strequal(tmp, "HKEY_CURRENT_USER")) + { + (*reg_type) = HKEY_CURRENT_USER; + } + else if (strequal(tmp, "HKLM") || strequal(tmp, "HKEY_LOCAL_MACHINE")) { (*reg_type) = HKEY_LOCAL_MACHINE; } diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c index cbbd6e57bf..49423beaa5 100644 --- a/source3/rpc_client/cli_reg.c +++ b/source3/rpc_client/cli_reg.c @@ -59,6 +59,14 @@ BOOL do_reg_connect(struct cli_state *cli, uint16 fnum, char *full_keyname, char switch (reg_type) { + case HKEY_CLASSES_ROOT: + { + res = res ? do_reg_open_hkcr(cli, fnum, + 0x5428, 0x02000000, + reg_hnd) : False; + break; + } + case HKEY_LOCAL_MACHINE: { res = res ? do_reg_open_hklm(cli, fnum, @@ -87,6 +95,63 @@ BOOL do_reg_connect(struct cli_state *cli, uint16 fnum, char *full_keyname, char /**************************************************************************** do a REG Open Policy ****************************************************************************/ +BOOL do_reg_open_hkcr(struct cli_state *cli, uint16 fnum, uint16 unknown_0, uint32 level, + POLICY_HND *hnd) +{ + prs_struct rbuf; + prs_struct buf; + REG_Q_OPEN_HKCR q_o; + BOOL valid_pol = False; + + if (hnd == NULL) return False; + + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True ); + + /* create and send a MSRPC command with api REG_OPEN_HKCR */ + + DEBUG(4,("REG Open HKCR\n")); + + make_reg_q_open_hkcr(&q_o, unknown_0, level); + + /* turn parameters into data stream */ + reg_io_q_open_hkcr("", &q_o, &buf, 0); + + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, REG_OPEN_HKCR, &buf, &rbuf)) + { + REG_R_OPEN_HKCR r_o; + BOOL p; + + ZERO_STRUCT(r_o); + + reg_io_r_open_hkcr("", &r_o, &rbuf, 0); + p = rbuf.offset != 0; + + if (p && r_o.status != 0) + { + /* report error code */ + DEBUG(0,("REG_OPEN_HKCR: %s\n", get_nt_error_msg(r_o.status))); + p = False; + } + + if (p) + { + /* ok, at last: we're happy. return the policy handle */ + memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); + valid_pol = True; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_pol; +} + +/**************************************************************************** +do a REG Open Policy +****************************************************************************/ BOOL do_reg_open_hklm(struct cli_state *cli, uint16 fnum, uint16 unknown_0, uint32 level, POLICY_HND *hnd) { diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c index 9c6ec61716..01776974fd 100644 --- a/source3/rpc_parse/parse_reg.c +++ b/source3/rpc_parse/parse_reg.c @@ -30,6 +30,64 @@ extern int DEBUGLEVEL; /******************************************************************* creates a structure. ********************************************************************/ +BOOL make_reg_q_open_hkcr(REG_Q_OPEN_HKCR *q_o, + uint16 unknown_0, uint32 level) +{ + q_o->ptr = 1; + q_o->unknown_0 = unknown_0; + q_o->unknown_1 = 0x0; /* random - changes */ + q_o->level = level; + + return True; +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +BOOL reg_io_q_open_hkcr(char *desc, REG_Q_OPEN_HKCR *r_q, prs_struct *ps, int depth) +{ + if (r_q == NULL) return False; + + prs_debug(ps, depth, desc, "reg_io_q_open_hkcr"); + depth++; + + prs_align(ps); + + prs_uint32("ptr ", ps, depth, &(r_q->ptr )); + if (r_q->ptr != 0) + { + prs_uint16("unknown_0", ps, depth, &(r_q->unknown_0)); + prs_uint16("unknown_1", ps, depth, &(r_q->unknown_1)); + prs_uint32("level ", ps, depth, &(r_q->level )); + } + + return True; +} + + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +BOOL reg_io_r_open_hkcr(char *desc, REG_R_OPEN_HKCR *r_r, prs_struct *ps, int depth) +{ + if (r_r == NULL) return False; + + prs_debug(ps, depth, desc, "reg_io_r_open_hkcr"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("", &(r_r->pol), ps, depth); + + prs_uint32("status", ps, depth, &(r_r->status)); + + return True; +} + + +/******************************************************************* +creates a structure. +********************************************************************/ BOOL make_reg_q_open_hklm(REG_Q_OPEN_HKLM *q_o, uint16 unknown_0, uint32 level) { |