summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/librpc/idl/winreg.idl148
-rw-r--r--source4/torture/rpc/winreg.c239
2 files changed, 334 insertions, 53 deletions
diff --git a/source4/librpc/idl/winreg.idl b/source4/librpc/idl/winreg.idl
index 84250a61a5..f8b47cb819 100644
--- a/source4/librpc/idl/winreg.idl
+++ b/source4/librpc/idl/winreg.idl
@@ -15,60 +15,72 @@
unistr_noterm *name;
} winreg_String;
+ typedef struct {
+ uint16 unknown0;
+ uint16 unknown1;
+ } winreg_OpenUnknown;
+
/******************/
/* Function: 0x00 */
- NTSTATUS winreg_OpenHKCR(
+ WERROR winreg_OpenHKCR(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x01 */
- NTSTATUS winreg_OpenHKCU(
+ WERROR winreg_OpenHKCU(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
- typedef struct {
- uint16 unknown0;
- uint16 unknown1;
- } winreg_OpenHKLMUnknown;
-
/******************/
/* Function: 0x02 */
- NTSTATUS winreg_OpenHKLM(
- [in] winreg_OpenHKLMUnknown *unknown,
+ WERROR winreg_OpenHKLM(
+ [in] winreg_OpenUnknown *unknown,
[in] uint32 access_required,
[out,ref] policy_handle *handle
);
/******************/
/* Function: 0x03 */
- NTSTATUS winreg_OpenHKPD(
+ WERROR winreg_OpenHKPD(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x04 */
- NTSTATUS winreg_OpenHKU(
+ WERROR winreg_OpenHKU(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x05 */
- NTSTATUS winreg_CloseKey(
+ WERROR winreg_CloseKey(
[in,out,ref] policy_handle *handle
);
/******************/
/* Function: 0x06 */
- NTSTATUS winreg_CreateKey(
+ WERROR winreg_CreateKey(
);
/******************/
/* Function: 0x07 */
- NTSTATUS winreg_DeleteKey(
+ WERROR winreg_DeleteKey(
[in,ref] policy_handle *handle,
[in] winreg_String key
);
/******************/
/* Function: 0x08 */
- NTSTATUS winreg_DeleteValue(
+ WERROR winreg_DeleteValue(
[in,ref] policy_handle *handle,
[in] winreg_String value
);
@@ -78,136 +90,190 @@
uint32 high;
} winreg_Time;
+ typedef struct {
+ uint32 unknown;
+ winreg_String key_name;
+ } winreg_EnumKeyNameRequest;
+
+ typedef struct {
+ uint32 unknown1;
+ uint32 unknown2;
+ lstring name;
+ } winreg_EnumKeyNameResponse;
+
/******************/
/* Function: 0x09 */
- NTSTATUS winreg_EnumKey(
+ WERROR winreg_EnumKey(
+ [in,ref] policy_handle *handle,
+ [in] uint32 key_index,
+ [in,out] uint16 key_name_len,
+ [in,out] uint16 unknown,
+ [in] winreg_EnumKeyNameRequest *name,
+ [out] winreg_EnumKeyNameResponse *name,
+ [in,out] winreg_String *class,
+ [in,out] winreg_Time *last_changed_time
);
/******************/
/* Function: 0x0a */
- NTSTATUS winreg_EnumValue(
+ WERROR winreg_EnumValue(
+ [in,ref] policy_handle *handle,
+ [in] uint32 val_index,
+ [in,out,ref] winreg_String *name,
+ [in,out] uint32 *type,
+ [in,out] unistr *value,
+ [in,out] uint32 *value1,
+ [in,out] uint32 *value2
);
/******************/
/* Function: 0x0b */
- NTSTATUS winreg_FlushKey(
+ WERROR winreg_FlushKey(
[in,ref] policy_handle *handle
);
/******************/
/* Function: 0x0c */
- NTSTATUS winreg_GetKeySecurity(
+ WERROR winreg_GetKeySecurity(
);
/******************/
/* Function: 0x0d */
- NTSTATUS winreg_LoadKey(
+ WERROR winreg_LoadKey(
);
/******************/
/* Function: 0x0e */
- NTSTATUS winreg_NotifyChangeKeyValue(
+ WERROR winreg_NotifyChangeKeyValue(
);
/******************/
/* Function: 0x0f */
- NTSTATUS winreg_OpenKey(
+ WERROR winreg_OpenKey(
+ [in,ref] policy_handle *handle,
+ [in] winreg_String keyname,
+ [in] uint32 unknown,
+ [in] uint32 access_mask,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x10 */
- NTSTATUS winreg_QueryInfoKey(
+ WERROR winreg_QueryInfoKey(
+ [in,ref] policy_handle *handle,
+ [in] winreg_String class,
+ [out,ref] winreg_String class,
+ [out] uint32 num_subkeys,
+ [out] uint32 max_subkeylen,
+ [out] uint32 max_subkeysize,
+ [out] uint32 num_values,
+ [out] uint32 max_valnamelen,
+ [out] uint32 max_valbufsize,
+ [out] uint32 secdescsize,
+ [out] winreg_Time last_changed_time
);
/******************/
/* Function: 0x11 */
- NTSTATUS winreg_QueryValue(
+ WERROR winreg_QueryValue(
);
/******************/
/* Function: 0x12 */
- NTSTATUS winreg_ReplaceKey(
+ WERROR winreg_ReplaceKey(
);
/******************/
/* Function: 0x13 */
- NTSTATUS winreg_RestoreKey(
+ WERROR winreg_RestoreKey(
);
/******************/
/* Function: 0x14 */
- NTSTATUS winreg_SaveKey(
+ WERROR winreg_SaveKey(
);
/******************/
/* Function: 0x15 */
- NTSTATUS winreg_SetKeySecurity(
+ WERROR winreg_SetKeySecurity(
);
/******************/
/* Function: 0x16 */
- NTSTATUS winreg_SetValue(
+ WERROR winreg_SetValue(
);
/******************/
/* Function: 0x17 */
- NTSTATUS winreg_UnLoadKey(
+ WERROR winreg_UnLoadKey(
);
/******************/
/* Function: 0x18 */
- NTSTATUS winreg_InitiateSystemShutdown(
+ WERROR winreg_InitiateSystemShutdown(
);
/******************/
/* Function: 0x19 */
- NTSTATUS winreg_AbortSystemShutdown(
+ WERROR winreg_AbortSystemShutdown(
);
/******************/
/* Function: 0x1a */
- NTSTATUS winreg_GetVersion(
+ WERROR winreg_GetVersion(
[in,ref] policy_handle *handle,
[out] uint32 version
);
/******************/
/* Function: 0x1b */
- NTSTATUS winreg_OpenHKCC(
+ WERROR winreg_OpenHKCC(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x1c */
- NTSTATUS winreg_OpenHKDD(
+ WERROR winreg_OpenHKDD(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x1d */
- NTSTATUS winreg_QueryMultipleValues(
+ WERROR winreg_QueryMultipleValues(
);
/******************/
/* Function: 0x1e */
- NTSTATUS winreg_InitiateSystemShutdownEx(
+ WERROR winreg_InitiateSystemShutdownEx(
);
/******************/
/* Function: 0x1f */
- NTSTATUS winreg_SaveKeyEx(
+ WERROR winreg_SaveKeyEx(
);
/******************/
/* Function: 0x20 */
- NTSTATUS winreg_OpenHKPT(
+ WERROR winreg_OpenHKPT(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x21 */
- NTSTATUS winreg_OpenHKPN(
+ WERROR winreg_OpenHKPN(
+ [in] winreg_OpenUnknown *unknown,
+ [in] uint32 access_required,
+ [out,ref] policy_handle *handle
);
/******************/
/* Function: 0x21 */
- NTSTATUS winreg_QueryMultipleValues2(
+ WERROR winreg_QueryMultipleValues2(
);
}
diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c
index 88a450e52c..7ca63f722e 100644
--- a/source4/torture/rpc/winreg.c
+++ b/source4/torture/rpc/winreg.c
@@ -88,6 +88,31 @@ static BOOL test_FlushKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return True;
}
+static BOOL test_OpenKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *hive_handle,
+ char *keyname, struct policy_handle *key_handle)
+{
+ NTSTATUS status;
+ struct winreg_OpenKey r;
+
+ printf("\ntesting OpenKey\n");
+
+ r.in.handle = hive_handle;
+ init_winreg_String(&r.in.keyname, keyname);
+ r.in.unknown = 0x00000000;
+ r.in.access_mask = 0x02000000;
+ r.out.handle = key_handle;
+
+ status = dcerpc_winreg_OpenKey(p, mem_ctx, &r);
+
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("OpenKey failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
+ return True;
+}
+
static BOOL test_DeleteKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct policy_handle *handle, char *key)
{
@@ -109,12 +134,107 @@ static BOOL test_DeleteKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return True;
}
-static BOOL test_OpenHKLM(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
+static BOOL test_QueryInfoKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle, char *class)
+{
+ NTSTATUS status;
+ struct winreg_QueryInfoKey r;
+
+ printf("\ntesting QueryInfoKey\n");
+
+ r.in.handle = handle;
+ init_winreg_String(&r.in.class, class);
+
+ status = dcerpc_winreg_QueryInfoKey(p, mem_ctx, &r);
+
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("QueryInfoKey failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
+ return True;
+}
+
+static BOOL test_EnumKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
+{
+ NTSTATUS status;
+ struct winreg_EnumKey r;
+ struct winreg_EnumKeyNameRequest keyname;
+ struct winreg_String classname;
+ struct winreg_Time tm;
+
+ printf("\ntesting EnumKey\n");
+
+ r.in.handle = handle;
+ r.in.key_index = 0;
+ r.in.key_name_len = r.out.key_name_len = 0;
+ r.in.unknown = r.out.unknown = 0x0414;
+ keyname.unknown = 0x0000020a;
+ init_winreg_String(&keyname.key_name, NULL);
+ init_winreg_String(&classname, NULL);
+ r.in.name = &keyname;
+ r.in.class = &classname;
+ tm.low = tm.high = 0x7fffffff;
+ r.in.last_changed_time = &tm;
+
+ do {
+ status = dcerpc_winreg_EnumKey(p, mem_ctx, &r);
+ r.in.key_index++;
+ } while (W_ERROR_IS_OK(r.out.result));
+
+ return True;
+}
+
+static BOOL test_EnumValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
+{
+ NTSTATUS status;
+ struct winreg_QueryInfoKey qik;
+ struct winreg_EnumValue r;
+ struct winreg_String name;
+ uint32 type;
+ uint32 value1, value2;
+
+
+ printf("\ntesting EnumValue\n");
+
+ qik.in.handle = handle;
+ init_winreg_String(&qik.in.class, NULL);
+
+ status = dcerpc_winreg_QueryInfoKey(p, mem_ctx, &qik);
+
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("QueryInfoKey failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
+ r.in.handle = handle;
+ r.in.val_index = 0;
+ init_winreg_String(&name, "");
+ r.in.name = &name;
+ type = 0;
+ r.in.type = r.out.type = &type;
+ r.in.value = NULL;
+ value1 = 0;
+ value2 = 0;
+ r.in.value1 = &value1;
+ r.in.value2 = &value2;
+
+ do {
+ status = dcerpc_winreg_EnumValue(p, mem_ctx, &r);
+ r.in.val_index++;
+ } while (W_ERROR_IS_OK(r.out.result));
+
+ return True;
+}
+
+static BOOL test_OpenHKLM(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
{
NTSTATUS status;
struct winreg_OpenHKLM r;
- struct winreg_OpenHKLMUnknown unknown;
- struct policy_handle handle;
+ struct winreg_OpenUnknown unknown;
BOOL ret = True;
printf("\ntesting OpenHKLM\n");
@@ -123,7 +243,7 @@ static BOOL test_OpenHKLM(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
unknown.unknown1 = 0x0000;
r.in.unknown = &unknown;
r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
- r.out.handle = &handle;
+ r.out.handle = handle;
status = dcerpc_winreg_OpenHKLM(p, mem_ctx, &r);
@@ -132,27 +252,98 @@ static BOOL test_OpenHKLM(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
return False;
}
- if (!test_GetVersion(p, mem_ctx, &handle)) {
- ret = False;
+ return ret;
+}
+
+static BOOL test_OpenHKU(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
+{
+ NTSTATUS status;
+ struct winreg_OpenHKU r;
+ struct winreg_OpenUnknown unknown;
+ BOOL ret = True;
+
+ printf("\ntesting OpenHKU\n");
+
+ unknown.unknown0 = 0x84e0;
+ unknown.unknown1 = 0x0000;
+ r.in.unknown = &unknown;
+ r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.out.handle = handle;
+
+ status = dcerpc_winreg_OpenHKU(p, mem_ctx, &r);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("OpenHKU failed - %s\n", nt_errstr(status));
+ return False;
}
- if (!test_DeleteKey(p, mem_ctx, &handle, "spottyfoot")) {
- ret = False;
+ return ret;
+}
+
+static BOOL test_OpenHKCR(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
+{
+ NTSTATUS status;
+ struct winreg_OpenHKCR r;
+ struct winreg_OpenUnknown unknown;
+ BOOL ret = True;
+
+ printf("\ntesting OpenHKCR\n");
+
+ unknown.unknown0 = 0x84e0;
+ unknown.unknown1 = 0x0000;
+ r.in.unknown = &unknown;
+ r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.out.handle = handle;
+
+ status = dcerpc_winreg_OpenHKCR(p, mem_ctx, &r);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("OpenHKCR failed - %s\n", nt_errstr(status));
+ return False;
}
- if (!test_CloseKey(p, mem_ctx, &handle)) {
- ret = False;
+ return ret;
+}
+
+static BOOL test_OpenHKCU(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
+{
+ NTSTATUS status;
+ struct winreg_OpenHKCU r;
+ struct winreg_OpenUnknown unknown;
+ BOOL ret = True;
+
+ printf("\ntesting OpenHKCU\n");
+
+ unknown.unknown0 = 0x84e0;
+ unknown.unknown1 = 0x0000;
+ r.in.unknown = &unknown;
+ r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.out.handle = handle;
+
+ status = dcerpc_winreg_OpenHKCU(p, mem_ctx, &r);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("OpenHKCU failed - %s\n", nt_errstr(status));
+ return False;
}
return ret;
}
+typedef BOOL (*winreg_open_fn)(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle);
+
BOOL torture_rpc_winreg(int dummy)
{
NTSTATUS status;
struct dcerpc_pipe *p;
TALLOC_CTX *mem_ctx;
BOOL ret = True;
+ winreg_open_fn open_fns[] = { test_OpenHKLM };
+ int i;
mem_ctx = talloc_init("torture_rpc_winreg");
@@ -166,8 +357,32 @@ BOOL torture_rpc_winreg(int dummy)
p->flags |= DCERPC_DEBUG_PRINT_BOTH;
- if (!test_OpenHKLM(p, mem_ctx)) {
- ret = False;
+ for (i = 0; i < ARRAY_SIZE(open_fns); i++) {
+ struct policy_handle handle;
+
+ if (!open_fns[i](p, mem_ctx, &handle))
+ ret = False;
+
+#if 0
+ if (!test_GetVersion(p, mem_ctx, &handle)) {
+ ret = False;
+ }
+
+ if (!test_DeleteKey(p, mem_ctx, &handle, "spottyfoot")) {
+ ret = False;
+ }
+#endif
+ if (!test_EnumKey(p, mem_ctx, &handle)) {
+ ret = False;
+ }
+
+ if (!test_EnumValue(p, mem_ctx, &handle)) {
+ ret = False;
+ }
+
+ if (!test_CloseKey(p, mem_ctx, &handle)) {
+ ret = False;
+ }
}
torture_rpc_close(p);