diff options
-rw-r--r-- | source3/include/proto.h | 4 | ||||
-rw-r--r-- | source3/include/rpc_reg.h | 16 | ||||
-rw-r--r-- | source3/rpc_client/cli_reg.c | 56 | ||||
-rw-r--r-- | source3/rpc_parse/parse_reg.c | 40 | ||||
-rw-r--r-- | source3/rpcclient/cmd_reg.c | 6 |
5 files changed, 122 insertions, 0 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 61394c9ad9..5a17ec2181 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1299,6 +1299,7 @@ BOOL do_reg_open_policy(struct cli_state *cli, uint16 unknown_0, uint32 level, POLICY_HND *hnd); BOOL do_reg_open_unk_4(struct cli_state *cli, uint16 unknown_0, uint32 level, POLICY_HND *hnd); +BOOL do_reg_unk_b(struct cli_state *cli, POLICY_HND *hnd); BOOL do_reg_query_key(struct cli_state *cli, POLICY_HND *hnd, char *class, uint32 *class_len, uint32 *num_subkeys, uint32 *max_subkeylen, @@ -1611,6 +1612,9 @@ void make_reg_q_open_pol(REG_Q_OPEN_POLICY *q_o, uint16 unknown_0, uint32 level); void reg_io_q_open_policy(char *desc, REG_Q_OPEN_POLICY *r_q, prs_struct *ps, int depth); void reg_io_r_open_policy(char *desc, REG_R_OPEN_POLICY *r_r, prs_struct *ps, int depth); +void make_reg_q_unk_b(REG_Q_UNK_B *q_u, POLICY_HND *pol); +void reg_io_q_unk_b(char *desc, REG_Q_UNK_B *r_q, prs_struct *ps, int depth); +void reg_io_r_unk_b(char *desc, REG_R_UNK_B *r_r, prs_struct *ps, int depth); void make_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd, char *name, char *class, SEC_INFO *sam_access); diff --git a/source3/include/rpc_reg.h b/source3/include/rpc_reg.h index 9334810866..475661e833 100644 --- a/source3/include/rpc_reg.h +++ b/source3/include/rpc_reg.h @@ -28,6 +28,7 @@ /* winreg pipe defines */ #define REG_OPEN_POLICY 0x02 #define REG_OPEN_UNK_4 0x04 +#define REG_UNK_B 0x0B #define REG_UNK_1A 0x1a #define REG_QUERY_KEY 0x10 #define REG_ENUM_KEY 0x09 @@ -78,6 +79,21 @@ typedef struct r_reg_open_unk4_info } REG_R_OPEN_UNK_4; +/* REG_Q_UNK_B */ +typedef struct q_reg_open_unkb_info +{ + POLICY_HND pol; /* policy handle */ + +} REG_Q_UNK_B; + +/* REG_R_UNK_B */ +typedef struct r_reg_open_unkb_info +{ + uint32 status; /* return status */ + +} REG_R_UNK_B; + + /* REG_Q_GET_KEY_SEC */ typedef struct q_reg_get_key_sec_info { diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c index da92ab90bb..459a865fc0 100644 --- a/source3/rpc_client/cli_reg.c +++ b/source3/rpc_client/cli_reg.c @@ -147,6 +147,62 @@ BOOL do_reg_open_unk_4(struct cli_state *cli, uint16 unknown_0, uint32 level, } /**************************************************************************** +do a REG Unknown 0xB command. sent after a create key or create value. +this might be some sort of "sync" or "refresh" command, sent after +modification of the registry... +****************************************************************************/ +BOOL do_reg_unk_b(struct cli_state *cli, POLICY_HND *hnd) +{ + prs_struct rbuf; + prs_struct buf; + REG_Q_UNK_B q_o; + BOOL valid_query = False; + + if (hnd == NULL) return False; + + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True ); + + /* create and send a MSRPC command with api REG_UNK_B */ + + DEBUG(4,("REG Unknown 0xB\n")); + + make_reg_q_unk_b(&q_o, hnd); + + /* turn parameters into data stream */ + reg_io_q_unk_b("", &q_o, &buf, 0); + + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, REG_UNK_B, &buf, &rbuf)) + { + REG_R_UNK_B r_o; + BOOL p; + + ZERO_STRUCT(r_o); + + reg_io_r_unk_b("", &r_o, &rbuf, 0); + p = rbuf.offset != 0; + + if (p && r_o.status != 0) + { + /* report error code */ + DEBUG(0,("REG_UNK_B: %s\n", get_nt_error_msg(r_o.status))); + p = False; + } + + if (p) + { + valid_query = True; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_query; +} + +/**************************************************************************** do a REG Query Key ****************************************************************************/ BOOL do_reg_query_key(struct cli_state *cli, POLICY_HND *hnd, diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c index 2c871ab873..d2f670188b 100644 --- a/source3/rpc_parse/parse_reg.c +++ b/source3/rpc_parse/parse_reg.c @@ -79,6 +79,46 @@ void reg_io_r_open_policy(char *desc, REG_R_OPEN_POLICY *r_r, prs_struct *ps, i } +/******************************************************************* +creates a structure. +********************************************************************/ +void make_reg_q_unk_b(REG_Q_UNK_B *q_u, POLICY_HND *pol) +{ + memcpy(&(q_u->pol), pol, sizeof(q_u->pol)); +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void reg_io_q_unk_b(char *desc, REG_Q_UNK_B *r_q, prs_struct *ps, int depth) +{ + if (r_q == NULL) return; + + prs_debug(ps, depth, desc, "reg_io_q_unk_b"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("", &(r_q->pol), ps, depth); +} + + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void reg_io_r_unk_b(char *desc, REG_R_UNK_B *r_r, prs_struct *ps, int depth) +{ + if (r_r == NULL) return; + + prs_debug(ps, depth, desc, "reg_io_r_unk_b"); + depth++; + + prs_align(ps); + + prs_uint32("status", ps, depth, &(r_r->status)); +} + + /******************************************************************* creates a structure. diff --git a/source3/rpcclient/cmd_reg.c b/source3/rpcclient/cmd_reg.c index 6430db2627..7c640a9a52 100644 --- a/source3/rpcclient/cmd_reg.c +++ b/source3/rpcclient/cmd_reg.c @@ -489,6 +489,9 @@ void cmd_reg_create_val(struct client_info *info) res4 = res3 ? do_reg_create_val(smb_cli, &parent_pol, val_name, val_type, &value) : False; + /* some sort of "sync" or "refresh" on the parent key? */ + res4 = res4 ? do_reg_unk_b(smb_cli, &parent_pol) : False; + /* close the val handle */ res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; @@ -571,6 +574,9 @@ void cmd_reg_create_key(struct client_info *info) res4 = res3 ? do_reg_create_key(smb_cli, &parent_pol, key_name, key_class, &sam_access, &key_pol) : False; + /* some sort of "sync" or "refresh" on the parent key? */ + res4 = res4 ? do_reg_unk_b(smb_cli, &parent_pol) : False; + /* close the key handle */ res4 = res4 ? do_reg_close(smb_cli, &key_pol) : False; |