diff options
-rw-r--r-- | source3/include/proto.h | 10 | ||||
-rw-r--r-- | source3/include/rpc_lsa.h | 2 | ||||
-rw-r--r-- | source3/include/rpc_reg.h | 38 | ||||
-rw-r--r-- | source3/libsmb/nmblib.c | 2 | ||||
-rw-r--r-- | source3/lsarpcd/srv_lsa.c | 52 | ||||
-rw-r--r-- | source3/nmbd/nmbd_processlogon.c | 2 | ||||
-rw-r--r-- | source3/rpc_client/cli_reg.c | 7 | ||||
-rw-r--r-- | source3/rpc_parse/parse_reg.c | 123 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa.c | 52 | ||||
-rw-r--r-- | source3/rpc_server/srv_reg.c | 6 | ||||
-rw-r--r-- | source3/rpcclient/cmd_reg.c | 86 | ||||
-rw-r--r-- | source3/rpcclient/rpcclient.c | 6 |
12 files changed, 262 insertions, 124 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index f9a83e4d94..b84b6ef26d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1873,7 +1873,8 @@ BOOL do_reg_query_key(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, uint32 *sec_desc, NTTIME *mod_time); BOOL do_reg_unknown_1a(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, uint32 *unk); BOOL do_reg_query_info(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, - char *type, uint32 *unk_0, uint32 *unk_1); + const char* val_name, + char *type); BOOL do_reg_set_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, uint32 sec_buf_size, SEC_DESC *sec_buf); BOOL do_reg_get_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, @@ -2494,11 +2495,11 @@ BOOL make_reg_q_get_key_sec(REG_Q_GET_KEY_SEC *q_i, POLICY_HND *pol, uint32 buf_len, SEC_DESC_BUF *sec_buf); BOOL reg_io_q_get_key_sec(char *desc, REG_Q_GET_KEY_SEC *r_q, prs_struct *ps, int depth); BOOL reg_io_r_get_key_sec(char *desc, REG_R_GET_KEY_SEC *r_q, prs_struct *ps, int depth); -BOOL make_reg_q_info(REG_Q_INFO *q_i, POLICY_HND *pol, char *product_type, - time_t unix_time, uint8 major, uint8 minor); +BOOL make_reg_q_info(REG_Q_INFO *q_i, POLICY_HND *pol, const char *val_name, + uint8 major, uint8 minor); BOOL reg_io_q_info(char *desc, REG_Q_INFO *r_q, prs_struct *ps, int depth); BOOL make_reg_r_info(REG_R_INFO *r_r, - uint32 level, char *os_type, + uint32 type, char *buf, uint32 status); BOOL reg_io_r_info(char *desc, REG_R_INFO *r_r, prs_struct *ps, int depth); BOOL make_reg_q_enum_val(REG_Q_ENUM_VALUE *q_i, POLICY_HND *pol, @@ -3403,6 +3404,7 @@ BOOL msrpc_reg_enum_key(struct cli_state *cli, const char* full_keyname, REG_KEY_FN(reg_key_fn), REG_VAL_FN(reg_val_fn)); void cmd_reg_enum(struct client_info *info); +void cmd_reg_query_info(struct client_info *info); void cmd_reg_query_key(struct client_info *info); void cmd_reg_create_val(struct client_info *info); void cmd_reg_delete_val(struct client_info *info); diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 7c27df0238..f4d36fef9c 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -132,7 +132,7 @@ typedef struct lsa_r_open_pol2_info typedef struct lsa_query_info { POLICY_HND pol; /* policy handle */ - uint16 info_class; /* info class */ + uint16 info_class; /* info class */ } LSA_Q_QUERY_INFO; diff --git a/source3/include/rpc_reg.h b/source3/include/rpc_reg.h index f74856193d..b00b7a5a90 100644 --- a/source3/include/rpc_reg.h +++ b/source3/include/rpc_reg.h @@ -421,39 +421,37 @@ typedef struct q_reg_info_info { POLICY_HND pol; /* policy handle */ - UNIHDR hdr_type; /* unicode product type header */ - UNISTR2 uni_type; /* unicode product type - "ProductType" */ + UNIHDR hdr_val; /* unicode product type header */ + UNISTR2 uni_val; /* unicode product type - "ProductType" */ - uint32 ptr1; /* pointer */ - NTTIME time; /* current time? */ - uint8 major_version1; /* 0x4 - os major version? */ - uint8 minor_version1; /* 0x1 - os minor version? */ - uint8 pad1[10]; /* padding - zeros */ + uint32 ptr_type; /* pointer */ + uint32 type; /* type of buffer */ - uint32 ptr2; /* pointer */ - uint8 major_version2; /* 0x4 - os major version? */ - uint8 minor_version2; /* 0x1 - os minor version? */ - uint8 pad2[2]; /* padding - zeros */ + uint32 ptr_uni_type; /* pointer to o/s type */ + BUFFER2 uni_type; /* unicode string o/s type - "LanmanNT" */ - uint32 ptr3; /* pointer */ - uint32 unknown; /* 0x0000 0000 */ + uint32 ptr_max_len; /* pointer to unknown_0 */ + uint32 buf_max_len; /* 0x12 */ + + uint32 ptr_len; /* pointer to unknown_1 */ + uint32 buf_len; /* 0x12 */ } REG_Q_INFO; /* REG_R_INFO */ typedef struct r_reg_info_info { - uint32 ptr1; /* buffer pointer */ - uint32 level; /* 0x1 - info level? */ + uint32 ptr_type; /* buffer pointer */ + uint32 type; /* 0x1 - info level? */ - uint32 ptr_type; /* pointer to o/s type */ + uint32 ptr_uni_type; /* pointer to o/s type */ BUFFER2 uni_type; /* unicode string o/s type - "LanmanNT" */ - uint32 ptr2; /* pointer to unknown_0 */ - uint32 unknown_0; /* 0x12 */ + uint32 ptr_max_len; /* pointer to unknown_0 */ + uint32 buf_max_len; /* 0x12 */ - uint32 ptr3; /* pointer to unknown_1 */ - uint32 unknown_1; /* 0x12 */ + uint32 ptr_len; /* pointer to unknown_1 */ + uint32 buf_len; /* 0x12 */ uint32 status; /* return status */ diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c index 54b1779f44..9dca4731ad 100644 --- a/source3/libsmb/nmblib.c +++ b/source3/libsmb/nmblib.c @@ -742,7 +742,7 @@ static int build_dgram(char *buf,struct packet_struct *p) /* put in the header */ ubuf[0] = dgram->header.msg_type; - ubuf[1] = (((int)dgram->header.flags.node_type)<<2); + ubuf[1] = (((unsigned int)dgram->header.flags.node_type)<<2); if (dgram->header.flags.more) ubuf[1] |= 1; if (dgram->header.flags.first) ubuf[1] |= 2; RSSVAL(ubuf,2,dgram->header.dgm_id); diff --git a/source3/lsarpcd/srv_lsa.c b/source3/lsarpcd/srv_lsa.c index 36259477da..7bc5841cfc 100644 --- a/source3/lsarpcd/srv_lsa.c +++ b/source3/lsarpcd/srv_lsa.c @@ -39,18 +39,19 @@ lsa_reply_open_policy2 ***************************************************************************/ static void lsa_reply_open_policy2(prs_struct *rdata) { - int i; LSA_R_OPEN_POL2 r_o; ZERO_STRUCT(r_o); /* set up the LSA QUERY INFO response */ - for (i = 4; i < POL_HND_SIZE; i++) + r_o.status = 0x0; + + /* get a (unique) handle. open a policy on it. */ + if (!open_lsa_policy_hnd(&r_o.pol)) { - r_o.pol.data[i] = i; + r_o.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } - r_o.status = 0x0; /* store the response in the SMB stream */ lsa_io_r_open_pol2("", &r_o, rdata, 0); @@ -61,18 +62,19 @@ lsa_reply_open_policy ***************************************************************************/ static void lsa_reply_open_policy(prs_struct *rdata) { - int i; LSA_R_OPEN_POL r_o; ZERO_STRUCT(r_o); /* set up the LSA QUERY INFO response */ - for (i = 4; i < POL_HND_SIZE; i++) + r_o.status = 0x0; + + /* get a (unique) handle. open a policy on it. */ + if (!open_lsa_policy_hnd(&r_o.pol)) { - r_o.pol.data[i] = i; + r_o.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } - r_o.status = 0x0; /* store the response in the SMB stream */ lsa_io_r_open_pol("", &r_o, rdata, 0); @@ -128,15 +130,22 @@ static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata, ZERO_STRUCT(r_q); - /* set up the LSA QUERY INFO response */ - - r_q.undoc_buffer = 0x22000000; /* bizarre */ - r_q.info_class = q_q->info_class; + /* get a (unique) handle. open a policy on it. */ + if (r_q.status == 0x0 && !open_lsa_policy_hnd(&q_q->pol)) + { + r_q.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + else + { + /* set up the LSA QUERY INFO response */ - make_dom_query(&r_q.dom.id5, dom_name, dom_sid); + r_q.undoc_buffer = 0x1; /* bizarre */ + r_q.info_class = q_q->info_class; - r_q.status = 0x0; + make_dom_query(&r_q.dom.id5, dom_name, dom_sid); + r_q.status = 0x0; + } /* store the response in the SMB stream */ lsa_io_r_query("", &r_q, rdata, 0); } @@ -572,9 +581,24 @@ static void api_lsa_close( pipes_struct *p, prs_struct *data, prs_struct *rdata) { LSA_R_CLOSE r_c; + LSA_Q_CLOSE q_c; + + lsa_io_q_close("", &q_c, data, 0); ZERO_STRUCT(r_c); + r_c.status = 0x0; + + /* find the connection policy handle. */ + if (r_c.status == 0x0 && (find_lsa_policy_by_hnd(&(q_c.pol)) == -1)) + { + r_c.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; + } + if (r_c.status == 0x0) + { + close_lsa_policy_hnd(&(q_c.pol)); + } + /* store the response in the SMB stream */ lsa_io_r_close("", &r_c, rdata, 0); } diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c index 6ddf47fc5f..0c9450b7a2 100644 --- a/source3/nmbd/nmbd_processlogon.c +++ b/source3/nmbd/nmbd_processlogon.c @@ -146,6 +146,8 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); q = ascii_to_unibuf(q, my_name, outbuf+sizeof(outbuf)-q-2); q = ascii_to_unibuf(q, global_myworkgroup, outbuf+sizeof(outbuf)-q-2); + ntversion = 0x01; + SIVAL(q, 0, ntversion); q += 4; SSVAL(q, 0, lmnttoken); diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c index 38d7e6ebc8..53d17bdefa 100644 --- a/source3/rpc_client/cli_reg.c +++ b/source3/rpc_client/cli_reg.c @@ -450,7 +450,8 @@ BOOL do_reg_unknown_1a(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, uint do a REG Query Info ****************************************************************************/ BOOL do_reg_query_info(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, - char *type, uint32 *unk_0, uint32 *unk_1) + const char* val_name, + char *type) { prs_struct rbuf; prs_struct buf; @@ -466,7 +467,7 @@ BOOL do_reg_query_info(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, DEBUG(4,("REG Query Info\n")); - make_reg_q_info(&q_o, hnd, "ProductType", time(NULL), 4, 1); + make_reg_q_info(&q_o, hnd, val_name, 4, 0); /* turn parameters into data stream */ reg_io_q_info("", &q_o, &buf, 0); @@ -494,8 +495,6 @@ BOOL do_reg_query_info(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, valid_query = True; unibuf_to_ascii(type, (const char*)r_o.uni_type.buffer, MIN(r_o.uni_type.buf_len, sizeof(fstring)-1)); - (*unk_0) = r_o.unknown_0; - (*unk_1) = r_o.unknown_1; } } diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c index 01776974fd..1a0168f21d 100644 --- a/source3/rpc_parse/parse_reg.c +++ b/source3/rpc_parse/parse_reg.c @@ -818,31 +818,31 @@ BOOL reg_io_r_get_key_sec(char *desc, REG_R_GET_KEY_SEC *r_q, prs_struct *ps, i /******************************************************************* makes a structure. ********************************************************************/ -BOOL make_reg_q_info(REG_Q_INFO *q_i, POLICY_HND *pol, char *product_type, - time_t unix_time, uint8 major, uint8 minor) +BOOL make_reg_q_info(REG_Q_INFO *q_i, POLICY_HND *pol, const char *val_name, + uint8 major, uint8 minor) { - int len_type = strlen(product_type); + int len_type = val_name != NULL ? strlen(val_name) + 1 : 0; if (q_i == NULL) return False; memcpy(&(q_i->pol), pol, sizeof(q_i->pol)); - make_uni_hdr(&(q_i->hdr_type), len_type); - make_unistr2(&(q_i->uni_type), product_type, len_type); + make_uni_hdr(&(q_i->hdr_val), len_type); + make_unistr2(&(q_i->uni_val), val_name, len_type); - q_i->ptr1 = 1; - unix_to_nt_time(&(q_i->time), unix_time); - q_i->major_version1 = major; - q_i->minor_version1 = minor; - memset(q_i->pad1, 0, sizeof(q_i->pad1)); + q_i->ptr_type = 1; + q_i->type = 0x77872314; - q_i->ptr2 = 1; - q_i->major_version2 = major; - q_i->minor_version2 = minor; - memset(q_i->pad2, 0, sizeof(q_i->pad2)); + q_i->ptr_uni_type = 0x1; + q_i->uni_type.buf_max_len = 0x104; + q_i->uni_type.buf_len = 0x0; + q_i->uni_type.undoc = 0; - q_i->ptr3 = 1; - q_i->unknown = 0x00000000; + q_i->ptr_max_len = 1; + q_i->buf_max_len = 0x104; + + q_i->ptr_len = 1; + q_i->buf_len = 0x0; return True; } @@ -860,35 +860,32 @@ BOOL reg_io_q_info(char *desc, REG_Q_INFO *r_q, prs_struct *ps, int depth) prs_align(ps); smb_io_pol_hnd("", &(r_q->pol), ps, depth); - smb_io_unihdr ("", &(r_q->hdr_type), ps, depth); - smb_io_unistr2("", &(r_q->uni_type), r_q->hdr_type.buffer, ps, depth); + smb_io_unihdr ("", &(r_q->hdr_val), ps, depth); + smb_io_unistr2("", &(r_q->uni_val), r_q->hdr_val.buffer, ps, depth); prs_align(ps); - prs_uint32("ptr1", ps, depth, &(r_q->ptr1)); - - if (r_q->ptr1 != 0) + prs_uint32("ptr_type", ps, depth, &(r_q->ptr_type)); + if (r_q->ptr_type != 0) { - smb_io_time("", &(r_q->time), ps, depth); - prs_uint8 ("major_version1", ps, depth, &(r_q->major_version1)); - prs_uint8 ("minor_version1", ps, depth, &(r_q->minor_version1)); - prs_uint8s(False, "pad1", ps, depth, r_q->pad1, sizeof(r_q->pad1)); + prs_uint32("type", ps, depth, &(r_q->type)); } - prs_uint32("ptr2", ps, depth, &(r_q->ptr2)); + prs_uint32("ptr_uni_type", ps, depth, &(r_q->ptr_uni_type)); - if (r_q->ptr2 != 0) + smb_io_buffer2("uni_type", &(r_q->uni_type), r_q->ptr_uni_type, ps, depth); + prs_align(ps); + + prs_uint32("ptr_max_len", ps, depth, &(r_q->ptr_max_len)); + if (r_q->ptr_max_len != 0) { - prs_uint8 ("major_version2", ps, depth, &(r_q->major_version2)); - prs_uint8 ("minor_version2", ps, depth, &(r_q->minor_version2)); - prs_uint8s(False, "pad2", ps, depth, r_q->pad2, sizeof(r_q->pad2)); + prs_uint32("buf_max_len", ps, depth, &(r_q->buf_max_len)); } - prs_uint32("ptr3", ps, depth, &(r_q->ptr3)); - - if (r_q->ptr3 != 0) + prs_uint32("ptr_len", ps, depth, &(r_q->ptr_len)); + if (r_q->ptr_len != 0) { - prs_uint32("unknown", ps, depth, &(r_q->unknown)); + prs_uint32("buf_len", ps, depth, &(r_q->buf_len)); } return True; @@ -899,23 +896,26 @@ BOOL reg_io_q_info(char *desc, REG_Q_INFO *r_q, prs_struct *ps, int depth) creates a structure. ********************************************************************/ BOOL make_reg_r_info(REG_R_INFO *r_r, - uint32 level, char *os_type, + uint32 type, char *buf, uint32 status) { int len; - if (r_r == NULL || os_type == NULL) return False; + if (r_r == NULL || buf == NULL) return False; - len = strlen(os_type); + len = strlen(buf); - r_r->ptr1 = 1; - r_r->level = level; + r_r->ptr_type = type; + r_r->type = type; - r_r->ptr_type = 1; - make_buffer2(&(r_r->uni_type), os_type, len); + r_r->ptr_uni_type = 1; + make_buffer2(&(r_r->uni_type), buf, len); - r_r->ptr2 = r_r->ptr3 = 1; - r_r->unknown_0 = r_r->unknown_1 = len * 2; + r_r->ptr_max_len = 1; + r_r->buf_max_len = r_r->uni_type.buf_max_len; + + r_r->ptr_len = 1; + r_r->buf_len = r_r->uni_type.buf_len; r_r->status = status; @@ -934,31 +934,28 @@ BOOL reg_io_r_info(char *desc, REG_R_INFO *r_r, prs_struct *ps, int depth) prs_align(ps); - prs_uint32("ptr1", ps, depth, &(r_r->ptr1)); - - if (r_r->ptr1 != 0) + prs_uint32("ptr_type", ps, depth, &(r_r->ptr_type)); + if (r_r->ptr_type != 0) { - prs_uint32("level", ps, depth, &(r_r->level)); - prs_uint32("ptr_type", ps, depth, &(r_r->ptr_type)); - - smb_io_buffer2("uni_type", &(r_r->uni_type), r_r->ptr_type, ps, depth); - prs_align(ps); - - prs_uint32("ptr2", ps, depth, &(r_r->ptr2)); - - if (r_r->ptr2 != 0) - { - prs_uint32("unknown_0", ps, depth, &(r_r->unknown_0)); - } + prs_uint32("type", ps, depth, &(r_r->type)); + } - prs_uint32("ptr3", ps, depth, &(r_r->ptr3)); + prs_uint32("ptr_uni_type", ps, depth, &(r_r->ptr_uni_type)); + smb_io_buffer2("uni_type", &(r_r->uni_type), r_r->ptr_uni_type, ps, depth); + prs_align(ps); - if (r_r->ptr3 != 0) - { - prs_uint32("unknown_1", ps, depth, &(r_r->unknown_1)); - } + prs_uint32("ptr_max_len", ps, depth, &(r_r->ptr_max_len)); + if (r_r->ptr_max_len != 0) + { + prs_uint32("buf_max_len", ps, depth, &(r_r->buf_max_len)); + } + prs_uint32("ptr_len", ps, depth, &(r_r->ptr_len)); + if (r_r->ptr_len != 0) + { + prs_uint32("buf_len", ps, depth, &(r_r->buf_len)); } + prs_uint32("status", ps, depth, &(r_r->status)); return True; diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index 36259477da..7bc5841cfc 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -39,18 +39,19 @@ lsa_reply_open_policy2 ***************************************************************************/ static void lsa_reply_open_policy2(prs_struct *rdata) { - int i; LSA_R_OPEN_POL2 r_o; ZERO_STRUCT(r_o); /* set up the LSA QUERY INFO response */ - for (i = 4; i < POL_HND_SIZE; i++) + r_o.status = 0x0; + + /* get a (unique) handle. open a policy on it. */ + if (!open_lsa_policy_hnd(&r_o.pol)) { - r_o.pol.data[i] = i; + r_o.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } - r_o.status = 0x0; /* store the response in the SMB stream */ lsa_io_r_open_pol2("", &r_o, rdata, 0); @@ -61,18 +62,19 @@ lsa_reply_open_policy ***************************************************************************/ static void lsa_reply_open_policy(prs_struct *rdata) { - int i; LSA_R_OPEN_POL r_o; ZERO_STRUCT(r_o); /* set up the LSA QUERY INFO response */ - for (i = 4; i < POL_HND_SIZE; i++) + r_o.status = 0x0; + + /* get a (unique) handle. open a policy on it. */ + if (!open_lsa_policy_hnd(&r_o.pol)) { - r_o.pol.data[i] = i; + r_o.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } - r_o.status = 0x0; /* store the response in the SMB stream */ lsa_io_r_open_pol("", &r_o, rdata, 0); @@ -128,15 +130,22 @@ static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata, ZERO_STRUCT(r_q); - /* set up the LSA QUERY INFO response */ - - r_q.undoc_buffer = 0x22000000; /* bizarre */ - r_q.info_class = q_q->info_class; + /* get a (unique) handle. open a policy on it. */ + if (r_q.status == 0x0 && !open_lsa_policy_hnd(&q_q->pol)) + { + r_q.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + else + { + /* set up the LSA QUERY INFO response */ - make_dom_query(&r_q.dom.id5, dom_name, dom_sid); + r_q.undoc_buffer = 0x1; /* bizarre */ + r_q.info_class = q_q->info_class; - r_q.status = 0x0; + make_dom_query(&r_q.dom.id5, dom_name, dom_sid); + r_q.status = 0x0; + } /* store the response in the SMB stream */ lsa_io_r_query("", &r_q, rdata, 0); } @@ -572,9 +581,24 @@ static void api_lsa_close( pipes_struct *p, prs_struct *data, prs_struct *rdata) { LSA_R_CLOSE r_c; + LSA_Q_CLOSE q_c; + + lsa_io_q_close("", &q_c, data, 0); ZERO_STRUCT(r_c); + r_c.status = 0x0; + + /* find the connection policy handle. */ + if (r_c.status == 0x0 && (find_lsa_policy_by_hnd(&(q_c.pol)) == -1)) + { + r_c.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; + } + if (r_c.status == 0x0) + { + close_lsa_policy_hnd(&(q_c.pol)); + } + /* store the response in the SMB stream */ lsa_io_r_close("", &r_c, rdata, 0); } diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c index fcc22a792a..ab7e4cf3ec 100644 --- a/source3/rpc_server/srv_reg.c +++ b/source3/rpc_server/srv_reg.c @@ -142,8 +142,8 @@ static void reg_reply_open_entry(REG_Q_OPEN_ENTRY *q_u, { DEBUG(5,("reg_open_entry: %s\n", name)); /* lkcl XXXX do a check on the name, here */ - if (!strequal(name, "SYSTEM\\CurrentControlSet\\Control\\ProductOptions") || - !strequal(name, "SYSTEM\\CurrentControlSet\\Services\\NETLOGON\\Parameters")) + if (!strequal(name, "SYSTEM\\CurrentControlSet\\Control\\ProductOptions") && + !strequal(name, "SYSTEM\\CurrentControlSet\\Services\\NETLOGON\\Parameters\\")) { status = 0xC000000 | NT_STATUS_ACCESS_DENIED; } @@ -197,9 +197,9 @@ static void reg_reply_info(REG_Q_INFO *q_u, if (status == 0) { + make_reg_r_info(&r_u, 1, "LanmanNT", status); } - make_reg_r_info(&r_u, 1, "LanmanNT", status); /* store the response in the SMB stream */ reg_io_r_info("", &r_u, rdata, 0); diff --git a/source3/rpcclient/cmd_reg.c b/source3/rpcclient/cmd_reg.c index 31ef8f082b..316b5f6bc1 100644 --- a/source3/rpcclient/cmd_reg.c +++ b/source3/rpcclient/cmd_reg.c @@ -306,6 +306,92 @@ void cmd_reg_enum(struct client_info *info) } /**************************************************************************** +nt registry query value info +****************************************************************************/ +void cmd_reg_query_info(struct client_info *info) +{ + uint16 fnum; + BOOL res = True; + BOOL res1 = True; + + POLICY_HND key_pol; + POLICY_HND pol_con; + fstring full_keyname; + fstring key_name; + fstring keyname; + fstring val_name; + + /* + * query value info + */ + + fstring type; + + type[0] = 0; + DEBUG(5, ("cmd_reg_enum: smb_cli->fd:%d\n", smb_cli->fd)); + + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) + { + report(out_hnd, "regvalinfo value_name\n"); + return; + } + + reg_get_subkey(full_keyname, keyname, val_name); + + if (keyname[0] == 0 || val_name[0] == 0) + { + report(out_hnd, "invalid value name\n"); + return; + } + + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG, &fnum) : False; + + /* open registry receive a policy handle */ + res = res ? do_reg_connect(smb_cli, fnum, keyname, key_name, + &pol_con) : False; + + if ((*key_name) != 0) + { + /* open an entry */ + res1 = res ? do_reg_open_entry(smb_cli, fnum, &pol_con, + key_name, 0x02000000, &key_pol) : False; + } + else + { + memcpy(&key_pol, &pol_con, sizeof(key_pol)); + } + + /* query it */ + res1 = res1 ? do_reg_query_info(smb_cli, fnum, &key_pol, + val_name, type) : False; + + if (res1) + { + report(out_hnd, "type:\t%s\n", type); + } + + /* close the handles */ + if ((*key_name) != 0) + { + res1 = res1 ? do_reg_close(smb_cli, fnum, &key_pol) : False; + } + res = res ? do_reg_close(smb_cli, fnum, &pol_con) : False; + + /* close the session */ + cli_nt_session_close(smb_cli, fnum); + + if (res && res1) + { + DEBUG(5,("cmd_reg_query: query succeeded\n")); + } + else + { + DEBUG(5,("cmd_reg_query: query failed\n")); + } +} + +/**************************************************************************** nt registry query key ****************************************************************************/ void cmd_reg_query_key(struct client_info *info) diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index b1637a3249..6caefa06b2 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -202,6 +202,12 @@ commands[] = {COMPL_NONE, COMPL_NONE} }, { + "regqueryval", + cmd_reg_query_info, + "<valname> Registry Value Query", + {COMPL_REGKEY, COMPL_NONE} + }, + { "regquerykey", cmd_reg_query_key, "<keyname> Registry Key Query", |