diff options
| -rw-r--r-- | source3/include/privileges.h | 24 | ||||
| -rw-r--r-- | source3/include/rpc_reg.h | 8 | ||||
| -rw-r--r-- | source3/lib/privileges.c | 124 | ||||
| -rw-r--r-- | source3/registry/reg_db.c | 14 | ||||
| -rw-r--r-- | source3/registry/reg_frontend.c | 3 | ||||
| -rw-r--r-- | source3/registry/reg_objects.c | 10 | ||||
| -rw-r--r-- | source3/registry/reg_printing.c | 55 | ||||
| -rw-r--r-- | source3/rpc_client/cli_reg.c | 14 | ||||
| -rw-r--r-- | source3/rpc_parse/parse_reg.c | 12 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 2 | ||||
| -rw-r--r-- | source3/rpc_server/srv_reg.c | 14 | ||||
| -rw-r--r-- | source3/rpc_server/srv_reg_nt.c | 26 | ||||
| -rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 7 |
13 files changed, 159 insertions, 154 deletions
diff --git a/source3/include/privileges.h b/source3/include/privileges.h index 38edee84e8..052cbb6c5f 100644 --- a/source3/include/privileges.h +++ b/source3/include/privileges.h @@ -82,25 +82,22 @@ extern const SE_PRIV se_restore; #define PR_LOG_ON_SERVICE 0x0010 -#ifndef _BOOL -typedef int BOOL; -#define _BOOL /* So we don't typedef BOOL again in vfs.h */ -#endif - -typedef struct LUID -{ - uint32 low; +typedef struct { uint32 high; + uint32 low; } LUID; -typedef struct LUID_ATTR -{ +typedef struct { LUID luid; uint32 attr; } LUID_ATTR; -typedef struct privilege_set -{ +#ifndef _BOOL +typedef int BOOL; +#define _BOOL /* So we don't typedef BOOL again in vfs.h */ +#endif + +typedef struct { TALLOC_CTX *mem_ctx; BOOL ext_ctx; uint32 count; @@ -108,10 +105,11 @@ typedef struct privilege_set LUID_ATTR *set; } PRIVILEGE_SET; -typedef struct _PRIVS { +typedef struct { SE_PRIV se_priv; const char *name; const char *description; + LUID luid; } PRIVS; #endif /* PRIVILEGES_H */ diff --git a/source3/include/rpc_reg.h b/source3/include/rpc_reg.h index 7d6469bc8e..a35e534952 100644 --- a/source3/include/rpc_reg.h +++ b/source3/include/rpc_reg.h @@ -34,7 +34,7 @@ #define REG_OPEN_HKPD 0x03 #define REG_OPEN_HKU 0x04 #define REG_CLOSE 0x05 -#define REG_CREATE_KEY 0x06 +#define REG_CREATE_KEY_EX 0x06 #define REG_DELETE_KEY 0x07 #define REG_DELETE_VALUE 0x08 #define REG_ENUM_KEY 0x09 @@ -225,13 +225,13 @@ typedef struct { uint32 ptr3; SEC_DESC_BUF *data; uint32 unknown_2; /* 0x0000 0000 */ -} REG_Q_CREATE_KEY; +} REG_Q_CREATE_KEY_EX; typedef struct { POLICY_HND handle; - uint32 unknown; + uint32 disposition; WERROR status; -} REG_R_CREATE_KEY; +} REG_R_CREATE_KEY_EX; /***********************************************/ diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index ae98d8940f..30db2fc2bb 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -25,8 +25,6 @@ #define PRIVPREFIX "PRIV_" -#define GENERATE_LUID_LOW(x) (x)+1; - static const SE_PRIV se_priv_all = SE_ALL_PRIVS; static const SE_PRIV se_priv_end = SE_END; @@ -43,60 +41,65 @@ const SE_PRIV se_restore = SE_RESTORE; /******************************************************************** This is a list of privileges reported by a WIndows 2000 SP4 AD DC - just for reference purposes: - - SeCreateTokenPrivilege Create a token object - SeAssignPrimaryTokenPrivilege Replace a process level token - SeLockMemoryPrivilege Lock pages in memory - SeIncreaseQuotaPrivilege Increase quotas - SeMachineAccountPrivilege Add workstations to domain - SeTcbPrivilege Act as part of the operating system - SeSecurityPrivilege Manage auditing and security log - SeTakeOwnershipPrivilege Take ownership of files or other objects - SeLoadDriverPrivilege Load and unload device drivers - SeSystemProfilePrivilege Profile system performance - SeSystemtimePrivilege Change the system time - SeProfileSingleProcessPrivilege Profile single process - SeIncreaseBasePriorityPrivilege Increase scheduling priority - SeCreatePagefilePrivilege Create a pagefile - SeCreatePermanentPrivilege Create permanent shared objects - SeBackupPrivilege Back up files and directories - SeRestorePrivilege Restore files and directories - SeShutdownPrivilege Shut down the system - SeDebugPrivilege Debug programs - SeAuditPrivilege Generate security audits - SeSystemEnvironmentPrivilege Modify firmware environment values - SeChangeNotifyPrivilege Bypass traverse checking - SeRemoteShutdownPrivilege Force shutdown from a remote system - SeUndockPrivilege Remove computer from docking station - SeSyncAgentPrivilege Synchronize directory service data - SeEnableDelegationPrivilege Enable computer and user accounts to be trusted for delegation - SeManageVolumePrivilege Perform volume maintenance tasks - SeImpersonatePrivilege Impersonate a client after authentication - SeCreateGlobalPrivilege Create global objects - -********************************************************************/ - - + just for reference purposes (and I know the LUID is not guaranteed + across reboots): + + SeCreateTokenPrivilege Create a token object ( 0x0, 0x2 ) + SeAssignPrimaryTokenPrivilege Replace a process level token ( 0x0, 0x3 ) + SeLockMemoryPrivilege Lock pages in memory ( 0x0, 0x4 ) + SeIncreaseQuotaPrivilege Increase quotas ( 0x0, 0x5 ) + SeMachineAccountPrivilege Add workstations to domain ( 0x0, 0x6 ) + SeTcbPrivilege Act as part of the operating system ( 0x0, 0x7 ) + SeSecurityPrivilege Manage auditing and security log ( 0x0, 0x8 ) + SeTakeOwnershipPrivilege Take ownership of files or other objects ( 0x0, 0x9 ) + SeLoadDriverPrivilege Load and unload device drivers ( 0x0, 0xa ) + SeSystemProfilePrivilege Profile system performance ( 0x0, 0xb ) + SeSystemtimePrivilege Change the system time ( 0x0, 0xc ) + SeProfileSingleProcessPrivilege Profile single process ( 0x0, 0xd ) + SeIncreaseBasePriorityPrivilege Increase scheduling priority ( 0x0, 0xe ) + SeCreatePagefilePrivilege Create a pagefile ( 0x0, 0xf ) + SeCreatePermanentPrivilege Create permanent shared objects ( 0x0, 0x10 ) + SeBackupPrivilege Back up files and directories ( 0x0, 0x11 ) + SeRestorePrivilege Restore files and directories ( 0x0, 0x12 ) + SeShutdownPrivilege Shut down the system ( 0x0, 0x13 ) + SeDebugPrivilege Debug programs ( 0x0, 0x14 ) + SeAuditPrivilege Generate security audits ( 0x0, 0x15 ) + SeSystemEnvironmentPrivilege Modify firmware environment values ( 0x0, 0x16 ) + SeChangeNotifyPrivilege Bypass traverse checking ( 0x0, 0x17 ) + SeRemoteShutdownPrivilege Force shutdown from a remote system ( 0x0, 0x18 ) + SeUndockPrivilege Remove computer from docking station ( 0x0, 0x19 ) + SeSyncAgentPrivilege Synchronize directory service data ( 0x0, 0x1a ) + SeEnableDelegationPrivilege Enable computer and user accounts to be trusted for delegation ( 0x0, 0x1b ) + SeManageVolumePrivilege Perform volume maintenance tasks ( 0x0, 0x1c ) + SeImpersonatePrivilege Impersonate a client after authentication ( 0x0, 0x1d ) + SeCreateGlobalPrivilege Create global objects ( 0x0, 0x1e ) + + ********************************************************************/ + +/* we have to define the LUID here due to a horrible check by printmig.exe + that requires the SeBackupPrivilege match what is in Windows. So match + those that we implement and start Samba privileges at 0x1001 */ + PRIVS privs[] = { #if 0 /* usrmgr will display these twice if you include them. We don't use them but we'll keep the bitmasks reserved in privileges.h anyways */ - {SE_NETWORK_LOGON, "SeNetworkLogonRight", "Access this computer from network"}, - {SE_INTERACTIVE_LOGON, "SeInteractiveLogonRight", "Log on locally"}, - {SE_BATCH_LOGON, "SeBatchLogonRight", "Log on as a batch job"}, - {SE_SERVICE_LOGON, "SeServiceLogonRight", "Log on as a service"}, + {SE_NETWORK_LOGON, "SeNetworkLogonRight", "Access this computer from network", { 0x0, 0x0 }}, + {SE_INTERACTIVE_LOGON, "SeInteractiveLogonRight", "Log on locally", { 0x0, 0x0 }}, + {SE_BATCH_LOGON, "SeBatchLogonRight", "Log on as a batch job", { 0x0, 0x0 }}, + {SE_SERVICE_LOGON, "SeServiceLogonRight", "Log on as a service", { 0x0, 0x0 }}, #endif - {SE_MACHINE_ACCOUNT, "SeMachineAccountPrivilege", "Add machines to domain"}, - {SE_PRINT_OPERATOR, "SePrintOperatorPrivilege", "Manage printers"}, - {SE_ADD_USERS, "SeAddUsersPrivilege", "Add users and groups to the domain"}, - {SE_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system"}, - {SE_DISK_OPERATOR, "SeDiskOperatorPrivilege", "Manage disk shares"}, - {SE_BACKUP, "SeBackupPrivilege", "Back up files and directories"}, - {SE_RESTORE, "SeRestorePrivilege", "Restore files and directories"}, - {SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects"}, - - {SE_END, "", ""} + {SE_MACHINE_ACCOUNT, "SeMachineAccountPrivilege", "Add machines to domain", { 0x0, 0x0006 }}, + {SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects",{ 0x0, 0x0009 }}, + {SE_BACKUP, "SeBackupPrivilege", "Back up files and directories", { 0x0, 0x0011 }}, + {SE_RESTORE, "SeRestorePrivilege", "Restore files and directories", { 0x0, 0x0012 }}, + {SE_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system", { 0x0, 0x0018 }}, + + {SE_PRINT_OPERATOR, "SePrintOperatorPrivilege", "Manage printers", { 0x0, 0x1001 }}, + {SE_ADD_USERS, "SeAddUsersPrivilege", "Add users and groups to the domain", { 0x0, 0x1002 }}, + {SE_DISK_OPERATOR, "SeDiskOperatorPrivilege", "Manage disk shares", { 0x0, 0x1003 }}, + + {SE_END, "", "", { 0x0, 0x0 }} }; typedef struct { @@ -109,7 +112,6 @@ typedef struct { SID_LIST sids; } PRIV_SID_LIST; - /*************************************************************************** copy an SE_PRIV structure ****************************************************************************/ @@ -402,7 +404,7 @@ LUID_ATTR get_privilege_luid( SE_PRIV *mask ) for ( i=0; !se_priv_equal(&privs[i].se_priv, &se_priv_end); i++ ) { if ( se_priv_equal( &privs[i].se_priv, mask ) ) { - priv_luid.luid.low = GENERATE_LUID_LOW(i); + priv_luid.luid = privs[i].luid; break; } } @@ -746,17 +748,19 @@ BOOL user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege) char* luid_to_privilege_name(const LUID *set) { static fstring name; - int max = count_all_privileges(); + int i; if (set->high != 0) return NULL; - if ( set->low > max ) - return NULL; - - fstrcpy( name, privs[set->low - 1].name ); + for ( i=0; !se_priv_equal(&privs[i].se_priv, &se_priv_end); i++ ) { + if ( set->low == privs[i].luid.low ) { + fstrcpy( name, privs[set->low - 1].name ); + return name; + } + } - return name; + return NULL; } /******************************************************************* @@ -792,7 +796,7 @@ BOOL se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask ) if ( !is_privilege_assigned(mask, &privs[i].se_priv) ) continue; - luid.luid.low = GENERATE_LUID_LOW(i); + luid.luid = privs[i].luid; if ( !privilege_set_add( set, luid ) ) return False; diff --git a/source3/registry/reg_db.c b/source3/registry/reg_db.c index 884949375b..741bc4127b 100644 --- a/source3/registry/reg_db.c +++ b/source3/registry/reg_db.c @@ -399,7 +399,7 @@ static int regdb_unpack_values(REGVAL_CTR *values, char *buf, int buflen) int len = 0; uint32 type; pstring valuename; - int size; + uint32 size; uint8 *data_p; uint32 num_values = 0; int i; @@ -413,17 +413,21 @@ static int regdb_unpack_values(REGVAL_CTR *values, char *buf, int buflen) for ( i=0; i<num_values; i++ ) { /* unpack the next regval */ + type = REG_NONE; + size = 0; + data_p = NULL; len += tdb_unpack(buf+len, buflen-len, "fdB", valuename, &type, &size, &data_p); - /* add the new value */ - - regval_ctr_addvalue( values, valuename, type, (const char *)data_p, size ); + /* add the new value. Paranoid protective code -- make sure data_p is valid */ - SAFE_FREE(data_p); /* 'B' option to tdbpack does a malloc() */ + if ( size && data_p ) { + regval_ctr_addvalue( values, valuename, type, (const char *)data_p, size ); + SAFE_FREE(data_p); /* 'B' option to tdb_unpack does a malloc() */ + } DEBUG(8,("specific: [%s], len: %d\n", valuename, size)); } diff --git a/source3/registry/reg_frontend.c b/source3/registry/reg_frontend.c index 440f108cc9..51ad23b498 100644 --- a/source3/registry/reg_frontend.c +++ b/source3/registry/reg_frontend.c @@ -31,13 +31,16 @@ extern REGISTRY_OPS shares_reg_ops; extern REGISTRY_OPS regdb_ops; /* these are the default */ /* array of REGISTRY_HOOK's which are read into a tree for easy access */ +/* #define REG_TDB_ONLY 1 */ REGISTRY_HOOK reg_hooks[] = { +#ifndef REG_TDB_ONLY { KEY_PRINTING, &printing_ops }, { KEY_PRINTING_2K, &printing_ops }, { KEY_PRINTING_PORTS, &printing_ops }, { KEY_EVENTLOG, &eventlog_ops }, { KEY_SHARES, &shares_reg_ops }, +#endif { NULL, NULL } }; diff --git a/source3/registry/reg_objects.c b/source3/registry/reg_objects.c index 7ee2cd8414..b3b47ae0e1 100644 --- a/source3/registry/reg_objects.c +++ b/source3/registry/reg_objects.c @@ -94,7 +94,7 @@ int regsubkey_ctr_delkey( REGSUBKEY_CTR *ctr, const char *keyname ) /* update if we have any keys left */ ctr->num_subkeys--; - if ( ctr->num_subkeys ) + if ( i < ctr->num_subkeys ) memmove( &ctr->subkeys[i], &ctr->subkeys[i+1], sizeof(char*) * (ctr->num_subkeys-i) ); return ctr->num_subkeys; @@ -232,7 +232,7 @@ uint8* regval_data_p( REGISTRY_VALUE *val ) /********************************************************************** *********************************************************************/ -int regval_size( REGISTRY_VALUE *val ) +uint32 regval_size( REGISTRY_VALUE *val ) { return val->size; } @@ -392,10 +392,10 @@ int regval_ctr_delvalue( REGVAL_CTR *ctr, const char *name ) if ( i == ctr->num_values ) return ctr->num_values; - /* just shift everything down one */ + /* If 'i' was not the last element, just shift everything down one */ ctr->num_values--; - if ( ctr->num_values ) - memmove( ctr->values[i], ctr->values[i+1], sizeof(REGISTRY_VALUE)*(ctr->num_values-i) ); + if ( i < ctr->num_values ) + memmove( ctr->values[i], ctr->values[i+1], sizeof(REGISTRY_VALUE*)*(ctr->num_values-i) ); return ctr->num_values; } diff --git a/source3/registry/reg_printing.c b/source3/registry/reg_printing.c index 30f2d74660..6fedb524d6 100644 --- a/source3/registry/reg_printing.c +++ b/source3/registry/reg_printing.c @@ -38,7 +38,6 @@ static const char *top_level_keys[MAX_TOP_LEVEL_KEYS] = { "Forms", "Printers" }; - /********************************************************************** It is safe to assume that every registry path passed into on of @@ -832,6 +831,7 @@ static int handle_printing_subpath( char *key, REGSUBKEY_CTR *subkeys, REGVAL_CT return result; } + /********************************************************************** Enumerate registry subkey names given a registry path. Caller is responsible for freeing memory to **subkeys @@ -840,7 +840,6 @@ static int handle_printing_subpath( char *key, REGSUBKEY_CTR *subkeys, REGVAL_CT static int printing_subkey_info( const char *key, REGSUBKEY_CTR *subkey_ctr ) { char *path; - BOOL top_level = False; int num_subkeys = 0; DEBUG(10,("printing_subkey_info: key=>[%s]\n", key)); @@ -849,25 +848,22 @@ static int printing_subkey_info( const char *key, REGSUBKEY_CTR *subkey_ctr ) /* check to see if we are dealing with the top level key */ - if ( !path ) - top_level = True; - - if ( top_level ) { - /* check between the two top level keys here */ - - if ( strequal( KEY_PRINTING, key ) ) { - regsubkey_ctr_addkey( subkey_ctr, "Environments" ); - regsubkey_ctr_addkey( subkey_ctr, "Forms" ); - } - else if ( strequal( KEY_PRINTING_2K, key ) ) { - regsubkey_ctr_addkey( subkey_ctr, "Printers" ); - } - } - else + if ( path ) { num_subkeys = handle_printing_subpath( path, subkey_ctr, NULL ); + SAFE_FREE( path ); + return num_subkeys; + } - SAFE_FREE( path ); - + /* handle top level keys here */ + + if ( strequal( KEY_PRINTING, key ) ) { + regsubkey_ctr_addkey( subkey_ctr, "Environments" ); + regsubkey_ctr_addkey( subkey_ctr, "Forms" ); + } + else if ( strequal( KEY_PRINTING_2K, key ) ) { + regsubkey_ctr_addkey( subkey_ctr, "Printers" ); + } + return num_subkeys; } @@ -879,25 +875,22 @@ static int printing_subkey_info( const char *key, REGSUBKEY_CTR *subkey_ctr ) static int printing_value_info( const char *key, REGVAL_CTR *val ) { char *path; - BOOL top_level = False; int num_values = 0; DEBUG(10,("printing_value_info: key=>[%s]\n", key)); path = trim_reg_path( key ); + + if ( path ) { + num_values = handle_printing_subpath( path, NULL, val ); + SAFE_FREE( path ); + return num_values; + } - /* check to see if we are dealing with the top level key */ - - if ( !path ) - top_level = True; + /* top level key */ - /* fill in values from the getprinterdata_printer_server() */ - if ( top_level ) { - if ( strequal( key, KEY_PRINTING_PORTS ) ) - num_values = fill_ports_values( val ); - } else - num_values = handle_printing_subpath( path, NULL, val ); - + if ( strequal( key, KEY_PRINTING_PORTS ) ) + num_values = fill_ports_values( val ); return num_values; } diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c index c3a1aba90d..97ae8b29e7 100644 --- a/source3/rpc_client/cli_reg.c +++ b/source3/rpc_client/cli_reg.c @@ -438,12 +438,12 @@ WERROR cli_reg_delete_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Create Key ****************************************************************************/ -WERROR cli_reg_create_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR cli_reg_create_key_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *key_name, char *key_class, uint32 access_desired, POLICY_HND *key) { - REG_Q_CREATE_KEY in; - REG_R_CREATE_KEY out; + REG_Q_CREATE_KEY_EX in; + REG_R_CREATE_KEY_EX out; prs_struct qbuf, rbuf; SEC_DESC *sec; SEC_DESC_BUF *sec_buf; @@ -461,13 +461,13 @@ WERROR cli_reg_create_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, if ( !(sec_buf = make_sec_desc_buf(mem_ctx, sec_len, sec)) ) return WERR_GENERAL_FAILURE; - init_reg_q_create_key(&in, hnd, key_name, key_class, access_desired, sec_buf); + init_reg_q_create_key_ex(&in, hnd, key_name, key_class, access_desired, sec_buf); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_CREATE_KEY, + CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_CREATE_KEY_EX, in, out, qbuf, rbuf, - reg_io_q_create_key, - reg_io_r_create_key, + reg_io_q_create_key_ex, + reg_io_r_create_key_ex, WERR_GENERAL_FAILURE ); diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c index 9048f0f58f..c46eef1300 100644 --- a/source3/rpc_parse/parse_reg.c +++ b/source3/rpc_parse/parse_reg.c @@ -206,7 +206,7 @@ static BOOL reg_io_hdrbuf_sec(uint32 ptr, uint32 *ptr3, BUFHDR *hdr_sec, Inits a registry key create request ********************************************************************/ -void init_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd, +void init_reg_q_create_key_ex(REG_Q_CREATE_KEY_EX *q_c, POLICY_HND *hnd, char *name, char *key_class, uint32 access_desired, SEC_DESC_BUF *sec_buf) { @@ -234,13 +234,13 @@ void init_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd, Marshalls a registry key create request ********************************************************************/ -BOOL reg_io_q_create_key(const char *desc, REG_Q_CREATE_KEY *q_u, +BOOL reg_io_q_create_key_ex(const char *desc, REG_Q_CREATE_KEY_EX *q_u, prs_struct *ps, int depth) { if ( !q_u ) return False; - prs_debug(ps, depth, desc, "reg_io_q_create_key"); + prs_debug(ps, depth, desc, "reg_io_q_create_key_ex"); depth++; if(!prs_align(ps)) @@ -285,13 +285,13 @@ BOOL reg_io_q_create_key(const char *desc, REG_Q_CREATE_KEY *q_u, Unmarshalls a registry key create response ********************************************************************/ -BOOL reg_io_r_create_key(const char *desc, REG_R_CREATE_KEY *r_u, +BOOL reg_io_r_create_key_ex(const char *desc, REG_R_CREATE_KEY_EX *r_u, prs_struct *ps, int depth) { if ( !r_u ) return False; - prs_debug(ps, depth, desc, "reg_io_r_create_key"); + prs_debug(ps, depth, desc, "reg_io_r_create_key_ex"); depth++; if(!prs_align(ps)) @@ -299,7 +299,7 @@ BOOL reg_io_r_create_key(const char *desc, REG_R_CREATE_KEY *r_u, if(!smb_io_pol_hnd("", &r_u->handle, ps, depth)) return False; - if(!prs_uint32("unknown", ps, depth, &r_u->unknown)) + if(!prs_uint32("disposition", ps, depth, &r_u->disposition)) return False; if(!prs_werror("status", ps, depth, &r_u->status)) diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index b724508e0b..15d420538e 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -1544,7 +1544,7 @@ NTSTATUS _lsa_lookup_priv_value(pipes_struct *p, LSA_Q_LOOKUP_PRIV_VALUE *q_u, L unistr2_to_ascii(name, &q_u->privname.unistring, sizeof(name)); - DEBUG(10,("_lsa_priv_get_dispname: name = %s\n", name)); + DEBUG(10,("_lsa_lookup_priv_value: name = %s\n", name)); if ( !se_priv_from_name( name, &mask ) ) return NT_STATUS_NO_SUCH_PRIVILEGE; diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c index efff8e6722..871b1a9f12 100644 --- a/source3/rpc_server/srv_reg.c +++ b/source3/rpc_server/srv_reg.c @@ -419,22 +419,22 @@ static BOOL api_reg_save_key(pipes_struct *p) /******************************************************************* ******************************************************************/ -static BOOL api_reg_create_key(pipes_struct *p) +static BOOL api_reg_create_key_ex(pipes_struct *p) { - REG_Q_CREATE_KEY q_u; - REG_R_CREATE_KEY r_u; + REG_Q_CREATE_KEY_EX q_u; + REG_R_CREATE_KEY_EX r_u; prs_struct *data = &p->in_data.data; prs_struct *rdata = &p->out_data.rdata; ZERO_STRUCT(q_u); ZERO_STRUCT(r_u); - if(!reg_io_q_create_key("", &q_u, data, 0)) + if(!reg_io_q_create_key_ex("", &q_u, data, 0)) return False; - r_u.status = _reg_create_key(p, &q_u, &r_u); + r_u.status = _reg_create_key_ex(p, &q_u, &r_u); - if(!reg_io_r_create_key("", &r_u, rdata, 0)) + if(!reg_io_r_create_key_ex("", &r_u, rdata, 0)) return False; return True; @@ -584,7 +584,7 @@ static struct api_struct api_reg_cmds[] = { "REG_GETVERSION" , REG_GETVERSION , api_reg_getversion }, { "REG_SAVE_KEY" , REG_SAVE_KEY , api_reg_save_key }, { "REG_RESTORE_KEY" , REG_RESTORE_KEY , api_reg_restore_key }, - { "REG_CREATE_KEY" , REG_CREATE_KEY , api_reg_create_key }, + { "REG_CREATE_KEY_EX" , REG_CREATE_KEY_EX , api_reg_create_key_ex }, { "REG_SET_VALUE" , REG_SET_VALUE , api_reg_set_value }, { "REG_DELETE_KEY" , REG_DELETE_KEY , api_reg_delete_key }, { "REG_DELETE_VALUE" , REG_DELETE_VALUE , api_reg_delete_value }, diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 158888967b..7170c0a301 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -30,17 +30,10 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV -#define REGSTR_PRODUCTTYPE "ProductType" -#define REG_PT_WINNT "WinNT" -#define REG_PT_LANMANNT "LanmanNT" -#define REG_PT_SERVERNT "ServerNT" - #define OUR_HANDLE(hnd) (((hnd)==NULL)?"NULL":(IVAL((hnd)->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER")), \ ((unsigned int)IVAL((hnd)->data5,4)),((unsigned int)sys_getpid()) -/* no idea if this is correct, just use the file access bits for now */ - static struct generic_mapping reg_generic_map = { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL }; /******************************************************************** @@ -266,9 +259,7 @@ static BOOL get_subkey_information( REGISTRY_KEY *key, uint32 *maxnum, uint32 *m } /******************************************************************** - retrieve information about the values. We don't store values - here. The registry tdb is intended to be a frontend to oether - Samba tdb's (such as ntdrivers.tdb). + retrieve information about the values. *******************************************************************/ static BOOL get_value_information( REGISTRY_KEY *key, uint32 *maxnum, @@ -294,7 +285,7 @@ static BOOL get_value_information( REGISTRY_KEY *key, uint32 *maxnum, for ( i=0; i<num_values && val; i++ ) { - lenmax = MAX(lenmax, strlen(val->valuename)+1 ); + lenmax = MAX(lenmax, val->valuename ? strlen(val->valuename)+1 : 0 ); sizemax = MAX(sizemax, val->size ); val = regval_ctr_specific_value( &values, i ); @@ -1106,7 +1097,7 @@ WERROR _reg_save_key(pipes_struct *p, REG_Q_SAVE_KEY *q_u, REG_R_SAVE_KEY *r_u) /******************************************************************* ********************************************************************/ -WERROR _reg_create_key(pipes_struct *p, REG_Q_CREATE_KEY *q_u, REG_R_CREATE_KEY *r_u) +WERROR _reg_create_key_ex(pipes_struct *p, REG_Q_CREATE_KEY_EX *q_u, REG_R_CREATE_KEY_EX *r_u) { REGISTRY_KEY *parent = find_regkey_index_by_hnd(p, &q_u->handle); REGISTRY_KEY *newparent; @@ -1223,6 +1214,12 @@ WERROR _reg_set_value(pipes_struct *p, REG_Q_SET_VALUE *q_u, REG_R_SET_VALUE *r rpcstr_pull( valuename, q_u->name.string->buffer, sizeof(valuename), q_u->name.string->uni_str_len*2, 0 ); + /* verify the name */ + + if ( !*valuename ) + return WERR_INVALID_PARAM; + + DEBUG(8,("_reg_set_value: Setting value for [%s:%s]\n", key->name, valuename)); regval_ctr_init( &values ); @@ -1357,6 +1354,11 @@ WERROR _reg_delete_value(pipes_struct *p, REG_Q_DELETE_VALUE *q_u, REG_R_DELETE rpcstr_pull( valuename, q_u->name.string->buffer, sizeof(valuename), q_u->name.string->uni_str_len*2, 0 ); + if ( !*valuename ) + return WERR_INVALID_PARAM; + + DEBUG(8,("_reg_delete_value: Setting value for [%s:%s]\n", key->name, valuename)); + regval_ctr_init( &values ); /* lookup the current values and add the new one */ diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index e05bfa1eaa..12e8e2bd41 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2211,7 +2211,8 @@ static WERROR get_printer_dataex( TALLOC_CTX *ctx, NT_PRINTER_INFO_LEVEL *printe uint32 *needed, uint32 in_size ) { REGISTRY_VALUE *val; - int size, data_len; + uint32 size; + int data_len; if ( !(val = get_printer_data( printer->info_2, key, value)) ) return WERR_BADFILE; @@ -8030,7 +8031,7 @@ WERROR _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S result = WERR_NOMEM; goto done; } - data_len = (size_t)regval_size(val); + data_len = regval_size(val); memcpy( *data_out, regval_data_p(val), data_len ); *out_data_len = data_len; } @@ -9250,7 +9251,7 @@ WERROR _spoolss_enumprinterdataex(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATAEX *q_ int i; REGISTRY_VALUE *val; char *value_name; - int data_len; + uint32 data_len; DEBUG(4,("_spoolss_enumprinterdataex\n")); |