diff options
39 files changed, 1327 insertions, 4911 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index f039690b05..6e045300ee 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -128,10 +128,6 @@ BIN_PROGS3 = bin/smbpasswd@EXEEXT@ bin/rpcclient@EXEEXT@ bin/smbcacls@EXEEXT@ \ bin/profiles@EXEEXT@ bin/ntlm_auth@EXEEXT@ \ bin/smbcquotas@EXEEXT@ -# editreg removed from standard build until it is portable. It needs a major rewrite to -# achieve this (tridge) -# bin/editreg@EXEEXT@ - TORTURE_PROGS = bin/smbtorture@EXEEXT@ bin/msgtest@EXEEXT@ \ bin/masktest@EXEEXT@ bin/locktest@EXEEXT@ \ bin/locktest2@EXEEXT@ bin/nsstest@EXEEXT@ bin/vfstest@EXEEXT@ @@ -161,7 +157,7 @@ TDBBASE_OBJ = tdb/tdb.o tdb/spinlock.o TDB_OBJ = $(TDBBASE_OBJ) tdb/tdbutil.o tdb/tdbback.o -SMBLDAP_OBJ = @SMBLDAP@ +SMBLDAP_OBJ = @SMBLDAP@ @SMBLDAPUTIL@ VERSION_OBJ = lib/version.o diff --git a/source3/VERSION b/source3/VERSION index 242e3be7a1..96acc9a178 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -19,7 +19,7 @@ ######################################################## SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=0 -SAMBA_VERSION_RELEASE=15 +SAMBA_VERSION_RELEASE=20 ######################################################## # For 'pre' releases the version will be # @@ -29,7 +29,7 @@ SAMBA_VERSION_RELEASE=15 # e.g. SAMBA_VERSION_PRE_RELEASE=1 # # -> "2.2.9pre1" # ######################################################## -SAMBA_VERSION_PRE_RELEASE=3 +SAMBA_VERSION_PRE_RELEASE=1 ######################################################## # For 'rc' releases the version will be # diff --git a/source3/client/smbspool.c b/source3/client/smbspool.c index b41a41aa28..1efdc12a1b 100644 --- a/source3/client/smbspool.c +++ b/source3/client/smbspool.c @@ -160,12 +160,12 @@ static int smb_print(struct cli_state *, char *, FILE *); if ((password = strchr_m(username, ':')) != NULL) *password++ = '\0'; else - password = CONST_DISCARD(char *, ""); + password = ""; } else { username = ""; - password = CONST_DISCARD(char *, ""); + password = ""; server = uri + 6; } diff --git a/source3/configure.in b/source3/configure.in index b86d3f2501..7de65981eb 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -2576,6 +2576,8 @@ AC_MSG_RESULT($with_ldap_support) SMBLDAP="" AC_SUBST(SMBLDAP) +SMBLDAPUTIL="" +AC_SUBST(SMBLDAPUTIL) if test x"$with_ldap_support" != x"no"; then ################################################################## @@ -2632,6 +2634,7 @@ if test x"$with_ldap_support" != x"no"; then AC_DEFINE(HAVE_LDAP,1,[Whether ldap is available]) default_static_modules="$default_static_modules pdb_ldap idmap_ldap"; SMBLDAP="lib/smbldap.o" + SMBLDAPUTIL="lib/smbldap_util.o" with_ldap_support=yes AC_MSG_CHECKING(whether LDAP support is used) AC_MSG_RESULT(yes) diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 8eaf68a234..fe444bfdd1 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -46,11 +46,11 @@ #define LSA_CLEARAUDITLOG 0x09 #define LSA_CREATEACCOUNT 0x0a #define LSA_ENUM_ACCOUNTS 0x0b -#define LSA_CREATETRUSTDOM 0x0c +#define LSA_CREATETRUSTDOM 0x0c /* TODO: implement this one -- jerry */ #define LSA_ENUMTRUSTDOM 0x0d #define LSA_LOOKUPNAMES 0x0e #define LSA_LOOKUPSIDS 0x0f -#define LSA_CREATESECRET 0x10 +#define LSA_CREATESECRET 0x10 /* TODO: implement this one -- jerry */ #define LSA_OPENACCOUNT 0x11 #define LSA_ENUMPRIVSACCOUNT 0x12 #define LSA_ADDPRIVS 0x13 @@ -59,16 +59,16 @@ #define LSA_SETQUOTAS 0x16 #define LSA_GETSYSTEMACCOUNT 0x17 #define LSA_SETSYSTEMACCOUNT 0x18 -#define LSA_OPENTRUSTDOM 0x19 +#define LSA_OPENTRUSTDOM 0x19 /* TODO: implement this one -- jerry */ #define LSA_QUERYTRUSTDOM 0x1a #define LSA_SETINFOTRUSTDOM 0x1b -#define LSA_OPENSECRET 0x1c -#define LSA_SETSECRET 0x1d +#define LSA_OPENSECRET 0x1c /* TODO: implement this one -- jerry */ +#define LSA_SETSECRET 0x1d /* TODO: implement this one -- jerry */ #define LSA_QUERYSECRET 0x1e #define LSA_LOOKUPPRIVVALUE 0x1f #define LSA_LOOKUPPRIVNAME 0x20 #define LSA_PRIV_GET_DISPNAME 0x21 -#define LSA_DELETEOBJECT 0x22 +#define LSA_DELETEOBJECT 0x22 /* TODO: implement this one -- jerry */ #define LSA_ENUMACCTWITHRIGHT 0x23 /* TODO: implement this one -- jerry */ #define LSA_ENUMACCTRIGHTS 0x24 #define LSA_ADDACCTRIGHTS 0x25 @@ -475,25 +475,6 @@ typedef struct lsa_r_lookup_names NTSTATUS status; /* return code */ } LSA_R_LOOKUP_NAMES; -/* This is probably a policy handle but at the moment we - never read it - so use a dummy struct. */ - -typedef struct lsa_q_open_secret -{ - uint32 dummy; -} LSA_Q_OPEN_SECRET; - -/* We always return "not found" at present - so just marshal the minimum. */ - -typedef struct lsa_r_open_secret -{ - uint32 dummy1; - uint32 dummy2; - uint32 dummy3; - uint32 dummy4; - NTSTATUS status; -} LSA_R_OPEN_SECRET; - typedef struct lsa_enum_priv_entry { UNIHDR hdr_name; @@ -742,4 +723,92 @@ typedef struct lsa_r_removeprivs NTSTATUS status; } LSA_R_REMOVEPRIVS; +/*******************************************************/ + +typedef struct { + POLICY_HND handle; + uint32 count; /* ??? this is what ethereal calls it */ + DOM_SID sid; +} LSA_Q_OPEN_TRUSTED_DOMAIN; + +typedef struct { + POLICY_HND handle; + NTSTATUS status; +} LSA_R_OPEN_TRUSTED_DOMAIN; + + +/*******************************************************/ + +typedef struct { + POLICY_HND handle; + UNISTR4 secretname; + uint32 access; +} LSA_Q_OPEN_SECRET; + +typedef struct { + POLICY_HND handle; + NTSTATUS status; +} LSA_R_OPEN_SECRET; + + +/*******************************************************/ + +typedef struct { + POLICY_HND handle; +} LSA_Q_DELETE_OBJECT; + +typedef struct { + NTSTATUS status; +} LSA_R_DELETE_OBJECT; + + +/*******************************************************/ + +typedef struct { + POLICY_HND handle; + UNISTR4 secretname; + uint32 access; +} LSA_Q_CREATE_SECRET; + +typedef struct { + POLICY_HND handle; + NTSTATUS status; +} LSA_R_CREATE_SECRET; + + +/*******************************************************/ + +typedef struct { + POLICY_HND handle; + UNISTR4 secretname; + uint32 access; +} LSA_Q_CREATE_TRUSTED_DOMAIN; + +typedef struct { + POLICY_HND handle; + NTSTATUS status; +} LSA_R_CREATE_TRUSTED_DOMAIN; + + +/*******************************************************/ + +typedef struct { + uint32 size; /* size is written on the wire twice so I + can only assume that one is supposed to + be a max length and one is a size */ + UNISTR2 *data; /* not really a UNICODE string but the parsing + is the same */ +} LSA_DATA_BLOB; + +typedef struct { + POLICY_HND handle; + LSA_DATA_BLOB *old_value; + LSA_DATA_BLOB *new_value; +} LSA_Q_SET_SECRET; + +typedef struct { + NTSTATUS status; +} LSA_R_SET_SECRET; + + #endif /* _RPC_LSA_H */ diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index dcc0ecc554..9f35450d95 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -129,17 +129,20 @@ typedef struct { * Buffer Headers -- use by SEC_DESC_BUF in winreg and netlogon code **********************************************************************/ +/* TODO: replace this with an encompassing buffer structure */ typedef struct { uint32 buf_max_len; uint32 buf_len; } BUFHDR; +/* this is a BUFHDR + a pointer to a buffer */ typedef struct { uint32 info_level; uint32 length; /* uint8 chars */ uint32 buffer; } BUFHDR2; +/* generic buffer ? wrapped around void*? */ typedef struct { uint32 size; uint32 buffer; @@ -152,7 +155,8 @@ typedef struct { /* buffer used by \winreg\ calls to fill in arbitrary REG_XXX values. It *may* look like a UNISTR2 but it is *not*. This is not a goof - by the winreg developers. It is a generic buffer */ + by the winreg developers. It is a generic buffer. buffer length + is stored in bytes (not # of uint16's) */ typedef struct { uint32 buf_max_len; @@ -215,10 +219,12 @@ typedef struct { /* UNISTR2 - unicode string size (in should include the NULL character */ } UNISTR2; +/* i think this is the same as a BUFFER5 used in the spoolss code --jerry */ +/* not sure about how the termination matches between the uint16 buffers thought */ + typedef struct { /* UNISTR3 - XXXX not sure about this structure */ uint32 uni_str_len; UNISTR str; - } UNISTR3; typedef struct { /* Buffer wrapped around a UNISTR2 */ diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h index 6812358575..b3fe16ba2b 100644 --- a/source3/include/rpc_netlogon.h +++ b/source3/include/rpc_netlogon.h @@ -4,7 +4,7 @@ Copyright (C) Andrew Tridgell 1992-1997 Copyright (C) Luke Kenneth Casson Leighton 1996-1997 Copyright (C) Paul Ashton 1997 - Copyright (C) Jean François Micouleau 2002 + Copyright (C) Jean François Micouleau 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -68,11 +68,22 @@ #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */ #define SAM_DATABASE_PRIVS 0x02 /* Privileges */ +/* flags use when sending a NETLOGON_CONTROL request */ + +#define NETLOGON_CONTROL_SYNC 0x2 #define NETLOGON_CONTROL_REDISCOVER 0x5 #define NETLOGON_CONTROL_TC_QUERY 0x6 #define NETLOGON_CONTROL_TRANSPORT_NOTIFY 0x7 #define NETLOGON_CONTROL_SET_DBFLAG 0xfffe +/* Some flag values reverse engineered from NLTEST.EXE */ +/* used in the NETLOGON_CONTROL[2] reply */ + +#define NL_CTRL_IN_SYNC 0x0000 +#define NL_CTRL_REPL_NEEDED 0x0001 +#define NL_CTRL_REPL_IN_PROGRESS 0x0002 +#define NL_CTRL_FULL_SYNC 0x0004 + #if 0 /* I think this is correct - it's what gets parsed on the wire. JRA. */ /* NET_USER_INFO_2 */ diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 7e90f01b5f..d798d4395e 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -43,7 +43,7 @@ * @note You are explicitly allowed to pass NULL pointers -- they will * always be ignored. **/ -#define SAFE_FREE(x) do { if ((x) != NULL) {free(CONST_DISCARD(void *, (x))); x=NULL;} } while(0) +#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0) #endif /* zero a structure */ @@ -87,6 +87,7 @@ * extern struct current_user current_user; */ #define FSP_BELONGS_CONN(fsp,conn) do {\ + extern struct current_user current_user;\ if (!((fsp) && (conn) && ((conn)==(fsp)->conn) && (current_user.vuid==(fsp)->vuid))) \ return(ERROR_DOS(ERRDOS,ERRbadfid));\ } while(0) @@ -97,6 +98,7 @@ * extern struct current_user current_user; */ #define CHECK_FSP(fsp,conn) do {\ + extern struct current_user current_user;\ if (!FNUM_OK(fsp,conn)) \ return(ERROR_DOS(ERRDOS,ERRbadfid)); \ else if((fsp)->fd == -1) \ @@ -289,6 +291,9 @@ copy an IP address from one buffer to another #define TALLOC_REALLOC_ARRAY(ctx, ptr, type, count) (type *)_talloc_realloc_array(ctx, ptr, sizeof(type), count, #type) #define talloc_destroy(ctx) talloc_free(ctx) +/* only define PARANOID_MALLOC_CHECKER with --enable-developer and not compiling + the smbmount utils */ + #if defined(DEVELOPER) && !defined(SMBMOUNT_MALLOC) # define PARANOID_MALLOC_CHECKER 1 #endif diff --git a/source3/intl/lang_tdb.c b/source3/intl/lang_tdb.c index d8f7fc8c93..d3422f0d78 100644 --- a/source3/intl/lang_tdb.c +++ b/source3/intl/lang_tdb.c @@ -231,7 +231,7 @@ const char *lang_msg(const char *msgid) void lang_msg_free(const char *msgstr) { if (!tdb) return; - free(CONST_DISCARD(void *, msgstr)); + free((void *)msgstr); } @@ -248,7 +248,7 @@ const char *lang_msg_rotate(const char *msgid) static pstring bufs[NUM_LANG_BUFS]; static int next; - msgstr = CONST_DISCARD(char *, lang_msg(msgid)); + msgstr = (char *)lang_msg(msgid); if (!msgstr) return msgid; pstrcpy(bufs[next], msgstr); diff --git a/source3/lib/access.c b/source3/lib/access.c index d8e40c99f7..fcc795d1f2 100644 --- a/source3/lib/access.c +++ b/source3/lib/access.c @@ -133,7 +133,7 @@ static BOOL string_match(const char *tok,const char *s, char *invalid_char) /* client_match - match host name and address against token */ static BOOL client_match(const char *tok, const char *item) { - const char **client = CONST_ADD(const char **, item); + const char **client = (const char **)item; BOOL match; char invalid_char = '\0'; diff --git a/source3/lib/iconv.c b/source3/lib/iconv.c index f23e4351c0..d58165fed0 100644 --- a/source3/lib/iconv.c +++ b/source3/lib/iconv.c @@ -135,7 +135,7 @@ static size_t sys_iconv(void *cd, { #ifdef HAVE_NATIVE_ICONV size_t ret = iconv((iconv_t)cd, - CONST_DISCARD(char **, inbuf), inbytesleft, + (char **)inbuf, inbytesleft, outbuf, outbytesleft); if (ret == (size_t)-1) { int saved_errno = errno; diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index e2d78e0ecc..4a8ef63806 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. LDAP protocol helper functions for SAMBA - Copyright (C) Jean François Micouleau 1998 + Copyright (C) Jean François Micouleau 1998 Copyright (C) Gerald Carter 2001-2003 Copyright (C) Shahms King 2001 Copyright (C) Andrew Bartlett 2002-2003 @@ -275,71 +275,6 @@ ATTRIB_MAP_ENTRY sidmap_attr_list[] = { } /******************************************************************* - find the ldap password -******************************************************************/ -static BOOL fetch_ldap_pw(char **dn, char** pw) -{ - char *key = NULL; - size_t size; - - *dn = smb_xstrdup(lp_ldap_admin_dn()); - - if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) { - SAFE_FREE(*dn); - DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n")); - } - - *pw=secrets_fetch(key, &size); - SAFE_FREE(key); - - if (!size) { - /* Upgrade 2.2 style entry */ - char *p; - char* old_style_key = SMB_STRDUP(*dn); - char *data; - fstring old_style_pw; - - if (!old_style_key) { - DEBUG(0, ("fetch_ldap_pw: strdup failed!\n")); - return False; - } - - for (p=old_style_key; *p; p++) - if (*p == ',') *p = '/'; - - data=secrets_fetch(old_style_key, &size); - if (!size && size < sizeof(old_style_pw)) { - DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n")); - SAFE_FREE(old_style_key); - SAFE_FREE(*dn); - return False; - } - - size = MIN(size, sizeof(fstring)-1); - strncpy(old_style_pw, data, size); - old_style_pw[size] = 0; - - SAFE_FREE(data); - - if (!secrets_store_ldap_pw(*dn, old_style_pw)) { - DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n")); - SAFE_FREE(old_style_key); - SAFE_FREE(*dn); - return False; - } - if (!secrets_delete(old_style_key)) { - DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n")); - } - - SAFE_FREE(old_style_key); - - *pw = smb_xstrdup(old_style_pw); - } - - return True; -} - -/******************************************************************* Search an attribute and return the first value found. ******************************************************************/ @@ -402,7 +337,7 @@ static BOOL fetch_ldap_pw(char **dn, char** pw) } #if 0 /* commented out after discussion with abartlet. Do not reenable. - left here so other so re-add similar code --jerry */ + left here so other do not re-add similar code --jerry */ if (value == NULL || *value == '\0') return; #endif @@ -877,8 +812,8 @@ static int smbldap_open(struct smbldap_state *ldap_state) { int rc, opt_rc; BOOL reopen = False; - SMB_ASSERT(ldap_state); + #ifndef NO_LDAP_SECURITY if (geteuid() != 0) { DEBUG(0, ("smbldap_open: cannot access LDAP when not root..\n")); @@ -1383,181 +1318,6 @@ NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx, const char *location, struct smbldap_ return NT_STATUS_OK; } -/********************************************************************** - Add the sambaDomain to LDAP, so we don't have to search for this stuff - again. This is a once-add operation for now. - - TODO: Add other attributes, and allow modification. -*********************************************************************/ -static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, - const char *domain_name) -{ - fstring sid_string; - fstring algorithmic_rid_base_string; - pstring filter, dn; - LDAPMod **mods = NULL; - int rc; - int ldap_op; - LDAPMessage *result = NULL; - int num_result; - const char **attr_list; - uid_t u_low, u_high; - gid_t g_low, g_high; - uint32 rid_low, rid_high; - - slprintf (filter, sizeof (filter) - 1, "(&(%s=%s)(objectclass=%s))", - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - domain_name, LDAP_OBJ_DOMINFO); - - attr_list = get_attr_list( dominfo_attr_list ); - rc = smbldap_search_suffix(ldap_state, filter, attr_list, &result); - free_attr_list( attr_list ); - - if (rc != LDAP_SUCCESS) { - return NT_STATUS_UNSUCCESSFUL; - } - - num_result = ldap_count_entries(ldap_state->ldap_struct, result); - - if (num_result > 1) { - DEBUG (0, ("More than domain with that name exists: bailing out!\n")); - ldap_msgfree(result); - return NT_STATUS_UNSUCCESSFUL; - } - - /* Check if we need to add an entry */ - DEBUG(3,("Adding new domain\n")); - ldap_op = LDAP_MOD_ADD; - - pstr_sprintf(dn, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - domain_name, lp_ldap_suffix()); - - /* Free original search */ - ldap_msgfree(result); - - /* make the changes - the entry *must* not already have samba attributes */ - smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - domain_name); - - /* If we don't have an entry, then ask secrets.tdb for what it thinks. - It may choose to make it up */ - - sid_to_string(sid_string, get_global_sam_sid()); - smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOM_SID), sid_string); - - slprintf(algorithmic_rid_base_string, sizeof(algorithmic_rid_base_string) - 1, "%i", algorithmic_rid_base()); - smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_ALGORITHMIC_RID_BASE), - algorithmic_rid_base_string); - smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_DOMINFO); - - /* add the sambaNext[User|Group]Rid attributes if the idmap ranges are set. - TODO: fix all the places where the line between idmap and normal operations - needed by smbd gets fuzzy --jerry 2003-08-11 */ - - if ( lp_idmap_uid(&u_low, &u_high) && lp_idmap_gid(&g_low, &g_high) - && get_free_rid_range(&rid_low, &rid_high) ) - { - fstring rid_str; - - fstr_sprintf( rid_str, "%i", rid_high|USER_RID_TYPE ); - DEBUG(10,("setting next available user rid [%s]\n", rid_str)); - smbldap_set_mod(&mods, LDAP_MOD_ADD, - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_USERRID), - rid_str); - - fstr_sprintf( rid_str, "%i", rid_high|GROUP_RID_TYPE ); - DEBUG(10,("setting next available group rid [%s]\n", rid_str)); - smbldap_set_mod(&mods, LDAP_MOD_ADD, - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_GROUPRID), - rid_str); - - } - - - switch(ldap_op) - { - case LDAP_MOD_ADD: - rc = smbldap_add(ldap_state, dn, mods); - break; - case LDAP_MOD_REPLACE: - rc = smbldap_modify(ldap_state, dn, mods); - break; - default: - DEBUG(0,("Wrong LDAP operation type: %d!\n", ldap_op)); - return NT_STATUS_INVALID_PARAMETER; - } - - if (rc!=LDAP_SUCCESS) { - char *ld_error = NULL; - ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error); - DEBUG(1,("failed to %s domain dn= %s with: %s\n\t%s\n", - ldap_op == LDAP_MOD_ADD ? "add" : "modify", - dn, ldap_err2string(rc), - ld_error?ld_error:"unknown")); - SAFE_FREE(ld_error); - - ldap_mods_free(mods, True); - return NT_STATUS_UNSUCCESSFUL; - } - - DEBUG(2,("added: domain = %s in the LDAP database\n", domain_name)); - ldap_mods_free(mods, True); - return NT_STATUS_OK; -} - -/********************************************************************** -Search for the domain info entry -*********************************************************************/ -NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, - LDAPMessage ** result, const char *domain_name, - BOOL try_add) -{ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - pstring filter; - int rc; - const char **attr_list; - int count; - - pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))", - LDAP_OBJ_DOMINFO, - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - domain_name); - - DEBUG(2, ("Searching for:[%s]\n", filter)); - - - attr_list = get_attr_list( dominfo_attr_list ); - rc = smbldap_search_suffix(ldap_state, filter, attr_list , result); - free_attr_list( attr_list ); - - if (rc != LDAP_SUCCESS) { - DEBUG(2,("Problem during LDAPsearch: %s\n", ldap_err2string (rc))); - DEBUG(2,("Query was: %s, %s\n", lp_ldap_suffix(), filter)); - } else if (ldap_count_entries(ldap_state->ldap_struct, *result) < 1) { - DEBUG(3, ("Got no domain info entries for domain\n")); - ldap_msgfree(*result); - *result = NULL; - if (try_add && NT_STATUS_IS_OK(ret = add_new_domain_info(ldap_state, domain_name))) { - return smbldap_search_domain_info(ldap_state, result, domain_name, False); - } - else { - DEBUG(0, ("Adding domain info for %s failed with %s\n", - domain_name, nt_errstr(ret))); - return ret; - } - } else if ((count = ldap_count_entries(ldap_state->ldap_struct, *result)) > 1) { - DEBUG(0, ("Got too many (%d) domain info entries for domain %s\n", - count, domain_name)); - ldap_msgfree(*result); - *result = NULL; - return ret; - } else { - return NT_STATUS_OK; - } - - return ret; -} - /******************************************************************* Return a copy of the DN for a LDAPMessage. Convert from utf8 to CH_UNIX. ********************************************************************/ @@ -1597,14 +1357,14 @@ static BOOL smbldap_check_root_dse(struct smbldap_state *ldap_state, const char } if (!strequal(attrs[0], "supportedExtension") && - !strequal(attrs[0], "supportedControl")) { + !strequal(attrs[0], "supportedControl") && + !strequal(attrs[0], "namingContexts")) { DEBUG(3,("smbldap_check_root_dse: no idea what to query root-dse for: %s ?\n", attrs[0])); return False; } rc = ldap_search_s(ldap_state->ldap_struct, "", LDAP_SCOPE_BASE, - "(objectclass=*)", CONST_DISCARD(char **, attrs), - 0 , &msg); + "(objectclass=*)", attrs, 0 , &msg); if (rc != LDAP_SUCCESS) { DEBUG(3,("smbldap_check_root_dse: Could not search rootDSE\n")); @@ -1652,6 +1412,7 @@ static BOOL smbldap_check_root_dse(struct smbldap_state *ldap_state, const char ldap_msgfree(msg); return result; + } /******************************************************************* @@ -1673,3 +1434,13 @@ BOOL smbldap_has_extension(struct smbldap_state *ldap_state, const char *extensi const char *attrs[] = { "supportedExtension", NULL }; return smbldap_check_root_dse(ldap_state, attrs, extension); } + +/******************************************************************* + Check if LDAP-Server holds a given namingContext +********************************************************************/ + +BOOL smbldap_has_naming_context(struct smbldap_state *ldap_state, const char *naming_context) +{ + const char *attrs[] = { "namingContexts", NULL }; + return smbldap_check_root_dse(ldap_state, attrs, naming_context); +} diff --git a/source3/lib/smbldap_util.c b/source3/lib/smbldap_util.c new file mode 100644 index 0000000000..46ea5b7bfc --- /dev/null +++ b/source3/lib/smbldap_util.c @@ -0,0 +1,203 @@ +/* + Unix SMB/CIFS mplementation. + LDAP protocol helper functions for SAMBA + Copyright (C) Jean François Micouleau 1998 + Copyright (C) Gerald Carter 2001-2003 + Copyright (C) Shahms King 2001 + Copyright (C) Andrew Bartlett 2002-2003 + Copyright (C) Stefan (metze) Metzmacher 2002-2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +*/ + +#include "includes.h" +#include "smbldap.h" + +/********************************************************************** + Add the sambaDomain to LDAP, so we don't have to search for this stuff + again. This is a once-add operation for now. + + TODO: Add other attributes, and allow modification. +*********************************************************************/ +static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, + const char *domain_name) +{ + fstring sid_string; + fstring algorithmic_rid_base_string; + pstring filter, dn; + LDAPMod **mods = NULL; + int rc; + int ldap_op; + LDAPMessage *result = NULL; + int num_result; + const char **attr_list; + uid_t u_low, u_high; + gid_t g_low, g_high; + uint32 rid_low, rid_high; + + slprintf (filter, sizeof (filter) - 1, "(&(%s=%s)(objectclass=%s))", + get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), + domain_name, LDAP_OBJ_DOMINFO); + + attr_list = get_attr_list( dominfo_attr_list ); + rc = smbldap_search_suffix(ldap_state, filter, attr_list, &result); + free_attr_list( attr_list ); + + if (rc != LDAP_SUCCESS) { + return NT_STATUS_UNSUCCESSFUL; + } + + num_result = ldap_count_entries(ldap_state->ldap_struct, result); + + if (num_result > 1) { + DEBUG (0, ("More than domain with that name exists: bailing out!\n")); + ldap_msgfree(result); + return NT_STATUS_UNSUCCESSFUL; + } + + /* Check if we need to add an entry */ + DEBUG(3,("Adding new domain\n")); + ldap_op = LDAP_MOD_ADD; + + pstr_sprintf(dn, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), + domain_name, lp_ldap_suffix()); + + /* Free original search */ + ldap_msgfree(result); + + /* make the changes - the entry *must* not already have samba attributes */ + smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), + domain_name); + + /* If we don't have an entry, then ask secrets.tdb for what it thinks. + It may choose to make it up */ + + sid_to_string(sid_string, get_global_sam_sid()); + smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOM_SID), sid_string); + + slprintf(algorithmic_rid_base_string, sizeof(algorithmic_rid_base_string) - 1, "%i", algorithmic_rid_base()); + smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_ALGORITHMIC_RID_BASE), + algorithmic_rid_base_string); + smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_DOMINFO); + + /* add the sambaNext[User|Group]Rid attributes if the idmap ranges are set. + TODO: fix all the places where the line between idmap and normal operations + needed by smbd gets fuzzy --jerry 2003-08-11 */ + + if ( lp_idmap_uid(&u_low, &u_high) && lp_idmap_gid(&g_low, &g_high) + && get_free_rid_range(&rid_low, &rid_high) ) + { + fstring rid_str; + + fstr_sprintf( rid_str, "%i", rid_high|USER_RID_TYPE ); + DEBUG(10,("setting next available user rid [%s]\n", rid_str)); + smbldap_set_mod(&mods, LDAP_MOD_ADD, + get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_USERRID), + rid_str); + + fstr_sprintf( rid_str, "%i", rid_high|GROUP_RID_TYPE ); + DEBUG(10,("setting next available group rid [%s]\n", rid_str)); + smbldap_set_mod(&mods, LDAP_MOD_ADD, + get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_GROUPRID), + rid_str); + + } + + + switch(ldap_op) + { + case LDAP_MOD_ADD: + rc = smbldap_add(ldap_state, dn, mods); + break; + case LDAP_MOD_REPLACE: + rc = smbldap_modify(ldap_state, dn, mods); + break; + default: + DEBUG(0,("Wrong LDAP operation type: %d!\n", ldap_op)); + return NT_STATUS_INVALID_PARAMETER; + } + + if (rc!=LDAP_SUCCESS) { + char *ld_error = NULL; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error); + DEBUG(1,("failed to %s domain dn= %s with: %s\n\t%s\n", + ldap_op == LDAP_MOD_ADD ? "add" : "modify", + dn, ldap_err2string(rc), + ld_error?ld_error:"unknown")); + SAFE_FREE(ld_error); + + ldap_mods_free(mods, True); + return NT_STATUS_UNSUCCESSFUL; + } + + DEBUG(2,("added: domain = %s in the LDAP database\n", domain_name)); + ldap_mods_free(mods, True); + return NT_STATUS_OK; +} + +/********************************************************************** +Search for the domain info entry +*********************************************************************/ +NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, + LDAPMessage ** result, const char *domain_name, + BOOL try_add) +{ + NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; + pstring filter; + int rc; + const char **attr_list; + int count; + + pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))", + LDAP_OBJ_DOMINFO, + get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), + domain_name); + + DEBUG(2, ("Searching for:[%s]\n", filter)); + + + attr_list = get_attr_list( dominfo_attr_list ); + rc = smbldap_search_suffix(ldap_state, filter, attr_list , result); + free_attr_list( attr_list ); + + if (rc != LDAP_SUCCESS) { + DEBUG(2,("Problem during LDAPsearch: %s\n", ldap_err2string (rc))); + DEBUG(2,("Query was: %s, %s\n", lp_ldap_suffix(), filter)); + } else if (ldap_count_entries(ldap_state->ldap_struct, *result) < 1) { + DEBUG(3, ("Got no domain info entries for domain\n")); + ldap_msgfree(*result); + *result = NULL; + if ( try_add && NT_STATUS_IS_OK(ret = add_new_domain_info(ldap_state, domain_name)) ) { + return smbldap_search_domain_info(ldap_state, result, domain_name, False); + } + else { + DEBUG(0, ("Adding domain info for %s failed with %s\n", + domain_name, nt_errstr(ret))); + return ret; + } + } else if ((count = ldap_count_entries(ldap_state->ldap_struct, *result)) > 1) { + DEBUG(0, ("Got too many (%d) domain info entries for domain %s\n", + count, domain_name)); + ldap_msgfree(*result); + *result = NULL; + return ret; + } else { + return NT_STATUS_OK; + } + + return ret; +} + diff --git a/source3/lib/time.c b/source3/lib/time.c index 9f94791b58..f7b0aefe4f 100644 --- a/source3/lib/time.c +++ b/source3/lib/time.c @@ -786,7 +786,7 @@ BOOL nt_time_is_zero(NTTIME *nt) Return a timeval difference in usec. ****************************************************************************/ -SMB_BIG_INT usec_time_diff(struct timeval *larget, struct timeval *smallt) +SMB_BIG_INT usec_time_diff(const struct timeval *larget, const struct timeval *smallt) { SMB_BIG_INT sec_diff = larget->tv_sec - smallt->tv_sec; return (sec_diff * 1000000) + (SMB_BIG_INT)(larget->tv_usec - smallt->tv_usec); diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index 12ee3dc162..b13ec1f0da 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -45,7 +45,7 @@ BOOL next_token(const char **ptr,char *buff, const char *sep, size_t bufsize) if (!ptr) return(False); - s = CONST_DISCARD(char *, *ptr); + s = (char *)*ptr; /* default to simple separators */ if (!sep) @@ -109,7 +109,7 @@ void set_first_token(char *ptr) char **toktocliplist(int *ctok, const char *sep) { - char *s = CONST_DISCARD(char *, last_ptr); + char *s=(char *)last_ptr; int ictok=0; char **ret, **iret; @@ -132,7 +132,7 @@ char **toktocliplist(int *ctok, const char *sep) } while(*s); *ctok=ictok; - s = CONST_DISCARD(char *, last_ptr); + s=(char *)last_ptr; if (!(ret=iret=SMB_MALLOC_ARRAY(char *,ictok+1))) return NULL; @@ -1221,7 +1221,7 @@ char *strchr_m(const char *src, char c) for (s = src; *s && !(((unsigned char)s[0]) & 0x80); s++) { if (*s == c) - return CONST_DISCARD(char *, s); + return (char *)s; } if (!*s) @@ -1238,7 +1238,7 @@ char *strchr_m(const char *src, char c) return NULL; *p = 0; pull_ucs2_pstring(s2, ws); - return CONST_DISCARD(char *, (s+strlen(s2))); + return (char *)(s+strlen(s2)); } char *strrchr_m(const char *s, char c) @@ -1275,7 +1275,7 @@ char *strrchr_m(const char *s, char c) break; } /* No - we have a match ! */ - return CONST_DISCARD(char *, cp); + return (char *)cp; } } while (cp-- != s); if (!got_mb) @@ -1294,7 +1294,7 @@ char *strrchr_m(const char *s, char c) return NULL; *p = 0; pull_ucs2_pstring(s2, ws); - return CONST_DISCARD(char *, (s+strlen(s2))); + return (char *)(s+strlen(s2)); } } @@ -1315,7 +1315,7 @@ char *strnrchr_m(const char *s, char c, unsigned int n) return NULL; *p = 0; pull_ucs2_pstring(s2, ws); - return CONST_DISCARD(char *, (s+strlen(s2))); + return (char *)(s+strlen(s2)); } /*********************************************************************** @@ -1334,7 +1334,7 @@ char *strstr_m(const char *src, const char *findstr) /* for correctness */ if (!findstr[0]) { - return CONST_DISCARD(char *, src); + return (char*)src; } /* Samba does single character findstr calls a *lot*. */ @@ -1351,7 +1351,7 @@ char *strstr_m(const char *src, const char *findstr) findstr_len = strlen(findstr); if (strncmp(s, findstr, findstr_len) == 0) { - return CONST_DISCARD(char *, s); + return (char *)s; } } } @@ -1392,7 +1392,7 @@ char *strstr_m(const char *src, const char *findstr) DEBUG(0,("strstr_m: dest malloc fail\n")); return NULL; } - retp = CONST_DISCARD(char *, (s+strlen(s2))); + retp = (char *)(s+strlen(s2)); SAFE_FREE(src_w); SAFE_FREE(find_w); SAFE_FREE(s2); diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c index 89639423bb..678eb22d2c 100644 --- a/source3/lib/util_unistr.c +++ b/source3/lib/util_unistr.c @@ -382,10 +382,10 @@ size_t strnlen_w(const smb_ucs2_t *src, size_t max) smb_ucs2_t *strchr_w(const smb_ucs2_t *s, smb_ucs2_t c) { while (*s != 0) { - if (c == *s) return CONST_DISCARD(smb_ucs2_t *, s); + if (c == *s) return (smb_ucs2_t *)s; s++; } - if (c == *s) return CONST_DISCARD(smb_ucs2_t *, s); + if (c == *s) return (smb_ucs2_t *)s; return NULL; } @@ -406,7 +406,7 @@ smb_ucs2_t *strrchr_w(const smb_ucs2_t *s, smb_ucs2_t c) if (len == 0) return NULL; p += (len - 1); do { - if (c == *p) return CONST_DISCARD(smb_ucs2_t *, p); + if (c == *p) return (smb_ucs2_t *)p; } while (p-- != s); return NULL; } @@ -427,7 +427,7 @@ smb_ucs2_t *strnrchr_w(const smb_ucs2_t *s, smb_ucs2_t c, unsigned int n) n--; if (!n) - return CONST_DISCARD(smb_ucs2_t *, p); + return (smb_ucs2_t *)p; } while (p-- != s); return NULL; } @@ -445,7 +445,7 @@ smb_ucs2_t *strstr_w(const smb_ucs2_t *s, const smb_ucs2_t *ins) return NULL; inslen = strlen_w(ins); - r = CONST_DISCARD(smb_ucs2_t *, s); + r = (smb_ucs2_t *)s; while ((r = strchr_w(r, *ins))) { if (strncmp_w(r, ins, inslen) == 0) @@ -716,7 +716,7 @@ smb_ucs2_t *strpbrk_wa(const smb_ucs2_t *s, const char *p) int i; for (i=0; p[i] && *s != UCS2_CHAR(p[i]); i++) ; - if (p[i]) return CONST_DISCARD(smb_ucs2_t *, s); + if (p[i]) return (smb_ucs2_t *)s; s++; } return NULL; @@ -731,7 +731,7 @@ smb_ucs2_t *strstr_wa(const smb_ucs2_t *s, const char *ins) return NULL; inslen = strlen(ins); - r = CONST_DISCARD(smb_ucs2_t *, s); + r = (smb_ucs2_t *)s; while ((r = strchr_w(r, UCS2_CHAR(*ins)))) { if (strncmp_wa(r, ins, inslen) == 0) diff --git a/source3/lib/util_uuid.c b/source3/lib/util_uuid.c index 8b8e70a36e..df70740b33 100644 --- a/source3/lib/util_uuid.c +++ b/source3/lib/util_uuid.c @@ -94,7 +94,7 @@ BOOL smb_string_to_uuid(const char *in, struct uuid* uu) { BOOL ret = False; const char *ptr = in; - char *end = CONST_DISCARD(char *, in); + char *end = (char *)in; int i; unsigned v1, v2; diff --git a/source3/libads/ldap_printer.c b/source3/libads/ldap_printer.c index 61275e40d1..68e6735891 100644 --- a/source3/libads/ldap_printer.c +++ b/source3/libads/ldap_printer.c @@ -61,10 +61,8 @@ ADS_STATUS ads_find_printers(ADS_STRUCT *ads, void **res) /* For the moment only display all printers */ - ldap_expr = - CONST_DISCARD(char *, - "(&(!(showInAdvancedViewOnly=TRUE))(uncName=*)" - "(objectCategory=printQueue))"); + ldap_expr = "(&(!(showInAdvancedViewOnly=TRUE))(uncName=*)" + "(objectCategory=printQueue))"; return ads_search(ads, res, ldap_expr, attrs); } diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index e657f2114e..0164b0c740 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -18,8 +18,6 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#define KRB5_PRIVATE 1 /* this file uses PRIVATE interfaces! */ - #include "includes.h" #ifdef HAVE_LDAP @@ -287,8 +285,7 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads) ENCTYPE_DES_CBC_MD5, ENCTYPE_NULL}; gss_OID_desc nt_principal = - {10, CONST_DISCARD(char *, - "\052\206\110\206\367\022\001\002\002\002")}; + {10, "\052\206\110\206\367\022\001\002\002\002"}; /* we need to fetch a service ticket as the ldap user in the servers realm, regardless of our realm */ diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index 5d07999bc3..85b7bd9e1e 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -338,8 +338,7 @@ int spnego_gen_negTokenTarg(const char *principal, int time_offset, return retval; /* wrap that up in a nice GSS-API wrapping */ - tkt_wrapped = spnego_gen_krb5_wrap( - tkt, CONST_ADD(const uint8 *, TOK_ID_KRB_AP_REQ)); + tkt_wrapped = spnego_gen_krb5_wrap(tkt, TOK_ID_KRB_AP_REQ); /* and wrap that in a shiny SPNEGO wrapper */ *targ = gen_negTokenTarg(krb_mechs, tkt_wrapped); diff --git a/source3/libsmb/spnego.c b/source3/libsmb/spnego.c index 0387e8f67d..a0f5565d4f 100644 --- a/source3/libsmb/spnego.c +++ b/source3/libsmb/spnego.c @@ -42,14 +42,12 @@ static BOOL read_negTokenInit(ASN1_DATA *asn1, negTokenInit_t *token) asn1_start_tag(asn1, ASN1_CONTEXT(0)); asn1_start_tag(asn1, ASN1_SEQUENCE(0)); - token->mechTypes = SMB_MALLOC_P(const char *); + token->mechTypes = SMB_MALLOC_P(char *); for (i = 0; !asn1->has_error && 0 < asn1_tag_remaining(asn1); i++) { token->mechTypes = - SMB_REALLOC_ARRAY(token->mechTypes, const char *, i + 2); - asn1_read_OID(asn1, - CONST_DISCARD(char **, - (token->mechTypes + i))); + SMB_REALLOC_ARRAY(token->mechTypes, char *, i + 2); + asn1_read_OID(asn1, token->mechTypes + i); } token->mechTypes[i] = NULL; @@ -184,7 +182,7 @@ static BOOL read_negTokenTarg(ASN1_DATA *asn1, negTokenTarg_t *token) break; case ASN1_CONTEXT(1): asn1_start_tag(asn1, ASN1_CONTEXT(1)); - asn1_read_OID(asn1, CONST_DISCARD(char **, &token->supportedMech)); + asn1_read_OID(asn1, &token->supportedMech); asn1_end_tag(asn1); break; case ASN1_CONTEXT(2): @@ -319,8 +317,7 @@ BOOL free_spnego_data(SPNEGO_DATA *spnego) if (spnego->negTokenInit.mechTypes) { int i; for (i = 0; spnego->negTokenInit.mechTypes[i]; i++) { - free(CONST_DISCARD(void *, - spnego->negTokenInit.mechTypes[i])); + free(spnego->negTokenInit.mechTypes[i]); } free(spnego->negTokenInit.mechTypes); } @@ -329,7 +326,7 @@ BOOL free_spnego_data(SPNEGO_DATA *spnego) break; case SPNEGO_NEG_TOKEN_TARG: if (spnego->negTokenTarg.supportedMech) { - free(CONST_DISCARD(void *, spnego->negTokenTarg.supportedMech)); + free(spnego->negTokenTarg.supportedMech); } data_blob_free(&spnego->negTokenTarg.responseToken); data_blob_free(&spnego->negTokenTarg.mechListMIC); diff --git a/source3/modules/getdate.c b/source3/modules/getdate.c index 2ce07f898c..491c51294e 100644 --- a/source3/modules/getdate.c +++ b/source3/modules/getdate.c @@ -120,10 +120,11 @@ the right thing about local DST. Unlike previous versions, this version is reentrant. */ -#include <config.h> - -#ifdef HAVE_ALLOCA_H -# include <alloca.h> +#ifdef HAVE_CONFIG_H +# include <config.h> +# ifdef HAVE_ALLOCA_H +# include <alloca.h> +# endif #endif /* Since the code of getdate.y is not included in the Emacs executable diff --git a/source3/modules/getdate.y b/source3/modules/getdate.y index ecae7311ac..aab37f4d23 100644 --- a/source3/modules/getdate.y +++ b/source3/modules/getdate.y @@ -25,10 +25,11 @@ the right thing about local DST. Unlike previous versions, this version is reentrant. */ -#include <config.h> - -#ifdef HAVE_ALLOCA_H -# include <alloca.h> +#ifdef HAVE_CONFIG_H +# include <config.h> +# ifdef HAVE_ALLOCA_H +# include <alloca.h> +# endif #endif /* Since the code of getdate.y is not included in the Emacs executable diff --git a/source3/modules/weird.c b/source3/modules/weird.c index e4809a64c4..3c59fd9d61 100644 --- a/source3/modules/weird.c +++ b/source3/modules/weird.c @@ -26,8 +26,8 @@ static struct { char *to; int len; } weird_table[] = { - {'q', CONST_DISCARD(char *, "^q^"), 3}, - {'Q', CONST_DISCARD(char *, "^Q^"), 3}, + {'q', "^q^", 3}, + {'Q', "^Q^", 3}, {0, NULL} }; diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h index 618ef79a0b..88645e093b 100644 --- a/source3/nsswitch/winbindd_nss.h +++ b/source3/nsswitch/winbindd_nss.h @@ -20,7 +20,7 @@ #endif #ifndef SAFE_FREE -#define SAFE_FREE(x) do { if(x) {free(CONST_DISCARD(void *, (x))); x=NULL;} } while(0) +#define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0) #endif #ifndef _WINBINDD_NTDOM_H @@ -101,16 +101,6 @@ enum winbindd_cmd { WINBINDD_WINS_BYIP, WINBINDD_WINS_BYNAME, - /* account management commands */ - - WINBINDD_CREATE_USER, - WINBINDD_CREATE_GROUP, - WINBINDD_ADD_USER_TO_GROUP, - WINBINDD_REMOVE_USER_FROM_GROUP, - WINBINDD_SET_USER_PRIMARY_GROUP, - WINBINDD_DELETE_USER, - WINBINDD_DELETE_GROUP, - /* this is like GETGRENT but gives an empty group list */ WINBINDD_GETGRLST, diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index d1dcc694e8..6144037200 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -540,6 +540,71 @@ BOOL secrets_store_ldap_pw(const char* dn, char* pw) return ret; } +/******************************************************************* + find the ldap password +******************************************************************/ +BOOL fetch_ldap_pw(char **dn, char** pw) +{ + char *key = NULL; + size_t size; + + *dn = smb_xstrdup(lp_ldap_admin_dn()); + + if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) { + SAFE_FREE(*dn); + DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n")); + } + + *pw=secrets_fetch(key, &size); + SAFE_FREE(key); + + if (!size) { + /* Upgrade 2.2 style entry */ + char *p; + char* old_style_key = SMB_STRDUP(*dn); + char *data; + fstring old_style_pw; + + if (!old_style_key) { + DEBUG(0, ("fetch_ldap_pw: strdup failed!\n")); + return False; + } + + for (p=old_style_key; *p; p++) + if (*p == ',') *p = '/'; + + data=secrets_fetch(old_style_key, &size); + if (!size && size < sizeof(old_style_pw)) { + DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n")); + SAFE_FREE(old_style_key); + SAFE_FREE(*dn); + return False; + } + + size = MIN(size, sizeof(fstring)-1); + strncpy(old_style_pw, data, size); + old_style_pw[size] = 0; + + SAFE_FREE(data); + + if (!secrets_store_ldap_pw(*dn, old_style_pw)) { + DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n")); + SAFE_FREE(old_style_key); + SAFE_FREE(*dn); + return False; + } + if (!secrets_delete(old_style_key)) { + DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n")); + } + + SAFE_FREE(old_style_key); + + *pw = smb_xstrdup(old_style_pw); + } + + return True; +} + /** * Get trusted domains info from secrets.tdb. diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index ab3d3fcfe8..6d0a0bfc51 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -73,8 +73,7 @@ static BOOL lsa_io_trans_name(const char *desc, LSA_TRANS_NAME *trn, prs_struct Reads or writes a DOM_R_REF structure. ********************************************************************/ -static BOOL lsa_io_dom_r_ref(const char *desc, DOM_R_REF *r_r, prs_struct *ps, - int depth) +static BOOL lsa_io_dom_r_ref(const char *desc, DOM_R_REF *dom, prs_struct *ps, int depth) { unsigned int i; @@ -84,48 +83,48 @@ static BOOL lsa_io_dom_r_ref(const char *desc, DOM_R_REF *r_r, prs_struct *ps, if(!prs_align(ps)) return False; - if(!prs_uint32("num_ref_doms_1", ps, depth, &r_r->num_ref_doms_1)) /* num referenced domains? */ + if(!prs_uint32("num_ref_doms_1", ps, depth, &dom->num_ref_doms_1)) /* num referenced domains? */ return False; - if(!prs_uint32("ptr_ref_dom ", ps, depth, &r_r->ptr_ref_dom)) /* undocumented buffer pointer. */ + if(!prs_uint32("ptr_ref_dom ", ps, depth, &dom->ptr_ref_dom)) /* undocumented buffer pointer. */ return False; - if(!prs_uint32("max_entries ", ps, depth, &r_r->max_entries)) /* 32 - max number of entries */ + if(!prs_uint32("max_entries ", ps, depth, &dom->max_entries)) /* 32 - max number of entries */ return False; - SMB_ASSERT_ARRAY(r_r->hdr_ref_dom, r_r->num_ref_doms_1); + SMB_ASSERT_ARRAY(dom->hdr_ref_dom, dom->num_ref_doms_1); - if (r_r->ptr_ref_dom != 0) { + if (dom->ptr_ref_dom != 0) { - if(!prs_uint32("num_ref_doms_2", ps, depth, &r_r->num_ref_doms_2)) /* 4 - num referenced domains? */ + if(!prs_uint32("num_ref_doms_2", ps, depth, &dom->num_ref_doms_2)) /* 4 - num referenced domains? */ return False; - SMB_ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2); + SMB_ASSERT_ARRAY(dom->ref_dom, dom->num_ref_doms_2); - for (i = 0; i < r_r->num_ref_doms_1; i++) { + for (i = 0; i < dom->num_ref_doms_1; i++) { fstring t; slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i); - if(!smb_io_unihdr(t, &r_r->hdr_ref_dom[i].hdr_dom_name, ps, depth)) + if(!smb_io_unihdr(t, &dom->hdr_ref_dom[i].hdr_dom_name, ps, depth)) return False; slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i); - if(!prs_uint32(t, ps, depth, &r_r->hdr_ref_dom[i].ptr_dom_sid)) + if(!prs_uint32(t, ps, depth, &dom->hdr_ref_dom[i].ptr_dom_sid)) return False; } - for (i = 0; i < r_r->num_ref_doms_2; i++) { + for (i = 0; i < dom->num_ref_doms_2; i++) { fstring t; - if (r_r->hdr_ref_dom[i].hdr_dom_name.buffer != 0) { + if (dom->hdr_ref_dom[i].hdr_dom_name.buffer != 0) { slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i); - if(!smb_io_unistr2(t, &r_r->ref_dom[i].uni_dom_name, True, ps, depth)) /* domain name unicode string */ + if(!smb_io_unistr2(t, &dom->ref_dom[i].uni_dom_name, True, ps, depth)) /* domain name unicode string */ return False; if(!prs_align(ps)) return False; } - if (r_r->hdr_ref_dom[i].ptr_dom_sid != 0) { + if (dom->hdr_ref_dom[i].ptr_dom_sid != 0) { slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i); - if(!smb_io_dom_sid2(t, &r_r->ref_dom[i].ref_dom, ps, depth)) /* referenced domain SIDs */ + if(!smb_io_dom_sid2(t, &dom->ref_dom[i].ref_dom, ps, depth)) /* referenced domain SIDs */ return False; } } @@ -254,42 +253,42 @@ static BOOL lsa_io_obj_attr(const char *desc, LSA_OBJ_ATTR *attr, prs_struct *ps Inits an LSA_Q_OPEN_POL structure. ********************************************************************/ -void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name, +void init_q_open_pol(LSA_Q_OPEN_POL *in, uint16 system_name, uint32 attributes, uint32 desired_access, LSA_SEC_QOS *qos) { DEBUG(5, ("init_open_pol: attr:%d da:%d\n", attributes, desired_access)); - r_q->ptr = 1; /* undocumented pointer */ + in->ptr = 1; /* undocumented pointer */ - r_q->des_access = desired_access; + in->des_access = desired_access; - r_q->system_name = system_name; - init_lsa_obj_attr(&r_q->attr, attributes, qos); + in->system_name = system_name; + init_lsa_obj_attr(&in->attr, attributes, qos); } /******************************************************************* Reads or writes an LSA_Q_OPEN_POL structure. ********************************************************************/ -BOOL lsa_io_q_open_pol(const char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, +BOOL lsa_io_q_open_pol(const char *desc, LSA_Q_OPEN_POL *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_open_pol"); depth++; - if(!prs_uint32("ptr ", ps, depth, &r_q->ptr)) + if(!prs_uint32("ptr ", ps, depth, &in->ptr)) return False; - if(!prs_uint16("system_name", ps, depth, &r_q->system_name)) + if(!prs_uint16("system_name", ps, depth, &in->system_name)) return False; if(!prs_align( ps )) return False; - if(!lsa_io_obj_attr("", &r_q->attr, ps, depth)) + if(!lsa_io_obj_attr("", &in->attr, ps, depth)) return False; - if(!prs_uint32("des_access", ps, depth, &r_q->des_access)) + if(!prs_uint32("des_access", ps, depth, &in->des_access)) return False; return True; @@ -299,16 +298,16 @@ BOOL lsa_io_q_open_pol(const char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, Reads or writes an LSA_R_OPEN_POL structure. ********************************************************************/ -BOOL lsa_io_r_open_pol(const char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, +BOOL lsa_io_r_open_pol(const char *desc, LSA_R_OPEN_POL *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_open_pol"); depth++; - if(!smb_io_pol_hnd("", &r_p->pol, ps, depth)) + if(!smb_io_pol_hnd("", &out->pol, ps, depth)) return False; - if(!prs_ntstatus("status", ps, depth, &r_p->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -318,41 +317,41 @@ BOOL lsa_io_r_open_pol(const char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, Inits an LSA_Q_OPEN_POL2 structure. ********************************************************************/ -void init_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, const char *server_name, +void init_q_open_pol2(LSA_Q_OPEN_POL2 *in, const char *server_name, uint32 attributes, uint32 desired_access, LSA_SEC_QOS *qos) { DEBUG(5, ("init_q_open_pol2: attr:%d da:%d\n", attributes, desired_access)); - r_q->ptr = 1; /* undocumented pointer */ + in->ptr = 1; /* undocumented pointer */ - r_q->des_access = desired_access; + in->des_access = desired_access; - init_unistr2(&r_q->uni_server_name, server_name, UNI_STR_TERMINATE); + init_unistr2(&in->uni_server_name, server_name, UNI_STR_TERMINATE); - init_lsa_obj_attr(&r_q->attr, attributes, qos); + init_lsa_obj_attr(&in->attr, attributes, qos); } /******************************************************************* Reads or writes an LSA_Q_OPEN_POL2 structure. ********************************************************************/ -BOOL lsa_io_q_open_pol2(const char *desc, LSA_Q_OPEN_POL2 *r_q, prs_struct *ps, +BOOL lsa_io_q_open_pol2(const char *desc, LSA_Q_OPEN_POL2 *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_open_pol2"); depth++; - if(!prs_uint32("ptr ", ps, depth, &r_q->ptr)) + if(!prs_uint32("ptr ", ps, depth, &in->ptr)) return False; - if(!smb_io_unistr2 ("", &r_q->uni_server_name, r_q->ptr, ps, depth)) + if(!smb_io_unistr2 ("", &in->uni_server_name, in->ptr, ps, depth)) return False; - if(!lsa_io_obj_attr("", &r_q->attr, ps, depth)) + if(!lsa_io_obj_attr("", &in->attr, ps, depth)) return False; - if(!prs_uint32("des_access", ps, depth, &r_q->des_access)) + if(!prs_uint32("des_access", ps, depth, &in->des_access)) return False; return True; @@ -362,16 +361,16 @@ BOOL lsa_io_q_open_pol2(const char *desc, LSA_Q_OPEN_POL2 *r_q, prs_struct *ps, Reads or writes an LSA_R_OPEN_POL2 structure. ********************************************************************/ -BOOL lsa_io_r_open_pol2(const char *desc, LSA_R_OPEN_POL2 *r_p, prs_struct *ps, +BOOL lsa_io_r_open_pol2(const char *desc, LSA_R_OPEN_POL2 *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_open_pol2"); depth++; - if(!smb_io_pol_hnd("", &r_p->pol, ps, depth)) + if(!smb_io_pol_hnd("", &out->pol, ps, depth)) return False; - if(!prs_ntstatus("status", ps, depth, &r_p->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -381,13 +380,13 @@ BOOL lsa_io_r_open_pol2(const char *desc, LSA_R_OPEN_POL2 *r_p, prs_struct *ps, makes an LSA_Q_QUERY_SEC_OBJ structure. ********************************************************************/ -void init_q_query_sec_obj(LSA_Q_QUERY_SEC_OBJ *q_q, const POLICY_HND *hnd, +void init_q_query_sec_obj(LSA_Q_QUERY_SEC_OBJ *in, const POLICY_HND *hnd, uint32 sec_info) { DEBUG(5, ("init_q_query_sec_obj\n")); - q_q->pol = *hnd; - q_q->sec_info = sec_info; + in->pol = *hnd; + in->sec_info = sec_info; return; } @@ -396,16 +395,16 @@ void init_q_query_sec_obj(LSA_Q_QUERY_SEC_OBJ *q_q, const POLICY_HND *hnd, Reads or writes an LSA_Q_QUERY_SEC_OBJ structure. ********************************************************************/ -BOOL lsa_io_q_query_sec_obj(const char *desc, LSA_Q_QUERY_SEC_OBJ *q_q, +BOOL lsa_io_q_query_sec_obj(const char *desc, LSA_Q_QUERY_SEC_OBJ *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_query_sec_obj"); depth++; - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if (!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if (!prs_uint32("sec_info", ps, depth, &q_q->sec_info)) + if (!prs_uint32("sec_info", ps, depth, &in->sec_info)) return False; return True; @@ -415,8 +414,7 @@ BOOL lsa_io_q_query_sec_obj(const char *desc, LSA_Q_QUERY_SEC_OBJ *q_q, Reads or writes a LSA_R_QUERY_SEC_OBJ structure. ********************************************************************/ -BOOL lsa_io_r_query_sec_obj(const char *desc, LSA_R_QUERY_SEC_OBJ *r_u, - prs_struct *ps, int depth) +BOOL lsa_io_r_query_sec_obj(const char *desc, LSA_R_QUERY_SEC_OBJ *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_query_sec_obj"); depth++; @@ -424,15 +422,15 @@ BOOL lsa_io_r_query_sec_obj(const char *desc, LSA_R_QUERY_SEC_OBJ *r_u, if (!prs_align(ps)) return False; - if (!prs_uint32("ptr", ps, depth, &r_u->ptr)) + if (!prs_uint32("ptr", ps, depth, &out->ptr)) return False; - if (r_u->ptr != 0) { - if (!sec_io_desc_buf("sec", &r_u->buf, ps, depth)) + if (out->ptr != 0) { + if (!sec_io_desc_buf("sec", &out->buf, ps, depth)) return False; } - if (!prs_ntstatus("status", ps, depth, &r_u->status)) + if (!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -442,29 +440,29 @@ BOOL lsa_io_r_query_sec_obj(const char *desc, LSA_R_QUERY_SEC_OBJ *r_u, Inits an LSA_Q_QUERY_INFO structure. ********************************************************************/ -void init_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class) +void init_q_query(LSA_Q_QUERY_INFO *in, POLICY_HND *hnd, uint16 info_class) { DEBUG(5, ("init_q_query\n")); - memcpy(&q_q->pol, hnd, sizeof(q_q->pol)); + memcpy(&in->pol, hnd, sizeof(in->pol)); - q_q->info_class = info_class; + in->info_class = info_class; } /******************************************************************* Reads or writes an LSA_Q_QUERY_INFO structure. ********************************************************************/ -BOOL lsa_io_q_query(const char *desc, LSA_Q_QUERY_INFO *q_q, prs_struct *ps, +BOOL lsa_io_q_query(const char *desc, LSA_Q_QUERY_INFO *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_query"); depth++; - if(!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if(!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if(!prs_uint16("info_class", ps, depth, &q_q->info_class)) + if(!prs_uint16("info_class", ps, depth, &in->info_class)) return False; return True; @@ -510,40 +508,40 @@ BOOL lsa_io_q_enum_trust_dom(const char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, Inits an LSA_R_ENUM_TRUST_DOM structure. ********************************************************************/ -void init_r_enum_trust_dom(TALLOC_CTX *ctx, LSA_R_ENUM_TRUST_DOM *r_e, uint32 enum_context, +void init_r_enum_trust_dom(TALLOC_CTX *ctx, LSA_R_ENUM_TRUST_DOM *out, uint32 enum_context, uint32 req_num_domains, uint32 num_domains, TRUSTDOM **td) { unsigned int i; DEBUG(5, ("init_r_enum_trust_dom\n")); - r_e->enum_context = enum_context; - r_e->count = num_domains; + out->enum_context = enum_context; + out->count = num_domains; if ( num_domains != 0 ) { /* allocate container memory */ - r_e->domlist = TALLOC_P( ctx, DOMAIN_LIST ); - r_e->domlist->domains = TALLOC_ARRAY( ctx, DOMAIN_INFO, r_e->count ); + out->domlist = TALLOC_P( ctx, DOMAIN_LIST ); + out->domlist->domains = TALLOC_ARRAY( ctx, DOMAIN_INFO, out->count ); - if ( !r_e->domlist || !r_e->domlist->domains ) { - r_e->status = NT_STATUS_NO_MEMORY; + if ( !out->domlist || !out->domlist->domains ) { + out->status = NT_STATUS_NO_MEMORY; return; } - r_e->domlist->count = r_e->count; + out->domlist->count = out->count; /* initialize the list of domains and their sid */ for (i = 0; i < num_domains; i++) { - if ( !(r_e->domlist->domains[i].sid = TALLOC_P(ctx, DOM_SID2)) ) { - r_e->status = NT_STATUS_NO_MEMORY; + if ( !(out->domlist->domains[i].sid = TALLOC_P(ctx, DOM_SID2)) ) { + out->status = NT_STATUS_NO_MEMORY; return; } - init_dom_sid2(r_e->domlist->domains[i].sid, &(td[i])->sid); - init_unistr4_w(ctx, &r_e->domlist->domains[i].name, (td[i])->name); + init_dom_sid2(out->domlist->domains[i].sid, &(td[i])->sid); + init_unistr4_w(ctx, &out->domlist->domains[i].name, (td[i])->name); } } @@ -595,22 +593,22 @@ BOOL lsa_io_domain_list( const char *desc, prs_struct *ps, int depth, DOMAIN_LIS Reads or writes an LSA_R_ENUM_TRUST_DOM structure. ********************************************************************/ -BOOL lsa_io_r_enum_trust_dom(const char *desc, LSA_R_ENUM_TRUST_DOM *r_e, +BOOL lsa_io_r_enum_trust_dom(const char *desc, LSA_R_ENUM_TRUST_DOM *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_enum_trust_dom"); depth++; - if(!prs_uint32("enum_context", ps, depth, &r_e->enum_context)) + if(!prs_uint32("enum_context", ps, depth, &out->enum_context)) return False; - if(!prs_uint32("count", ps, depth, &r_e->count)) + if(!prs_uint32("count", ps, depth, &out->count)) return False; - if ( !prs_pointer("trusted_domains", ps, depth, (void**)&r_e->domlist, sizeof(DOMAIN_LIST), (PRS_POINTER_CAST)lsa_io_domain_list)) + if ( !prs_pointer("trusted_domains", ps, depth, (void**)&out->domlist, sizeof(DOMAIN_LIST), (PRS_POINTER_CAST)lsa_io_domain_list)) return False; - if(!prs_ntstatus("status", ps, depth, &r_e->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -738,37 +736,36 @@ static BOOL lsa_io_dom_query_6(const char *desc, DOM_QUERY_6 *d_q, prs_struct *p Reads or writes an LSA_R_QUERY_INFO structure. ********************************************************************/ -BOOL lsa_io_r_query(const char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, - int depth) +BOOL lsa_io_r_query(const char *desc, LSA_R_QUERY_INFO *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_query"); depth++; - if(!prs_uint32("undoc_buffer", ps, depth, &r_q->undoc_buffer)) + if(!prs_uint32("undoc_buffer", ps, depth, &out->undoc_buffer)) return False; - if (r_q->undoc_buffer != 0) { - if(!prs_uint16("info_class", ps, depth, &r_q->info_class)) + if (out->undoc_buffer != 0) { + if(!prs_uint16("info_class", ps, depth, &out->info_class)) return False; if(!prs_align(ps)) return False; - switch (r_q->info_class) { + switch (out->info_class) { case 2: - if(!lsa_io_dom_query_2("", &r_q->dom.id2, ps, depth)) + if(!lsa_io_dom_query_2("", &out->dom.id2, ps, depth)) return False; break; case 3: - if(!lsa_io_dom_query_3("", &r_q->dom.id3, ps, depth)) + if(!lsa_io_dom_query_3("", &out->dom.id3, ps, depth)) return False; break; case 5: - if(!lsa_io_dom_query_5("", &r_q->dom.id5, ps, depth)) + if(!lsa_io_dom_query_5("", &out->dom.id5, ps, depth)) return False; break; case 6: - if(!lsa_io_dom_query_6("", &r_q->dom.id6, ps, depth)) + if(!lsa_io_dom_query_6("", &out->dom.id6, ps, depth)) return False; break; default: @@ -780,7 +777,7 @@ BOOL lsa_io_r_query(const char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_q->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1132,8 +1129,7 @@ BOOL lsa_io_q_lookup_names(const char *desc, LSA_Q_LOOKUP_NAMES *q_r, reads or writes a structure. ********************************************************************/ -BOOL lsa_io_r_lookup_names(const char *desc, LSA_R_LOOKUP_NAMES *r_r, - prs_struct *ps, int depth) +BOOL lsa_io_r_lookup_names(const char *desc, LSA_R_LOOKUP_NAMES *out, prs_struct *ps, int depth) { unsigned int i; @@ -1143,44 +1139,44 @@ BOOL lsa_io_r_lookup_names(const char *desc, LSA_R_LOOKUP_NAMES *r_r, if(!prs_align(ps)) return False; - if(!prs_uint32("ptr_dom_ref", ps, depth, &r_r->ptr_dom_ref)) + if(!prs_uint32("ptr_dom_ref", ps, depth, &out->ptr_dom_ref)) return False; - if (r_r->ptr_dom_ref != 0) - if(!lsa_io_dom_r_ref("", r_r->dom_ref, ps, depth)) + if (out->ptr_dom_ref != 0) + if(!lsa_io_dom_r_ref("", out->dom_ref, ps, depth)) return False; - if(!prs_uint32("num_entries", ps, depth, &r_r->num_entries)) + if(!prs_uint32("num_entries", ps, depth, &out->num_entries)) return False; - if(!prs_uint32("ptr_entries", ps, depth, &r_r->ptr_entries)) + if(!prs_uint32("ptr_entries", ps, depth, &out->ptr_entries)) return False; - if (r_r->ptr_entries != 0) { - if(!prs_uint32("num_entries2", ps, depth, &r_r->num_entries2)) + if (out->ptr_entries != 0) { + if(!prs_uint32("num_entries2", ps, depth, &out->num_entries2)) return False; - if (r_r->num_entries2 != r_r->num_entries) { + if (out->num_entries2 != out->num_entries) { /* RPC fault */ return False; } if (UNMARSHALLING(ps)) { - if ((r_r->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID2, r_r->num_entries2)) + if ((out->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID2, out->num_entries2)) == NULL) { DEBUG(3, ("lsa_io_r_lookup_names(): out of memory\n")); return False; } } - for (i = 0; i < r_r->num_entries2; i++) - if(!smb_io_dom_rid2("", &r_r->dom_rid[i], ps, depth)) /* domain RIDs being looked up */ + for (i = 0; i < out->num_entries2; i++) + if(!smb_io_dom_rid2("", &out->dom_rid[i], ps, depth)) /* domain RIDs being looked up */ return False; } - if(!prs_uint32("mapped_count", ps, depth, &r_r->mapped_count)) + if(!prs_uint32("mapped_count", ps, depth, &out->mapped_count)) return False; - if(!prs_ntstatus("status ", ps, depth, &r_r->status)) + if(!prs_ntstatus("status ", ps, depth, &out->status)) return False; return True; @@ -1191,23 +1187,23 @@ BOOL lsa_io_r_lookup_names(const char *desc, LSA_R_LOOKUP_NAMES *r_r, Inits an LSA_Q_CLOSE structure. ********************************************************************/ -void init_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd) +void init_lsa_q_close(LSA_Q_CLOSE *in, POLICY_HND *hnd) { DEBUG(5, ("init_lsa_q_close\n")); - memcpy(&q_c->pol, hnd, sizeof(q_c->pol)); + memcpy(&in->pol, hnd, sizeof(in->pol)); } /******************************************************************* Reads or writes an LSA_Q_CLOSE structure. ********************************************************************/ -BOOL lsa_io_q_close(const char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth) +BOOL lsa_io_q_close(const char *desc, LSA_Q_CLOSE *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_close"); depth++; - if(!smb_io_pol_hnd("", &q_c->pol, ps, depth)) + if(!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; return True; @@ -1217,15 +1213,15 @@ BOOL lsa_io_q_close(const char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int dept Reads or writes an LSA_R_CLOSE structure. ********************************************************************/ -BOOL lsa_io_r_close(const char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_close(const char *desc, LSA_R_CLOSE *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_close"); depth++; - if(!smb_io_pol_hnd("", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("", &out->pol, ps, depth)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1235,12 +1231,25 @@ BOOL lsa_io_r_close(const char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int dep Reads or writes an LSA_Q_OPEN_SECRET structure. ********************************************************************/ -BOOL lsa_io_q_open_secret(const char *desc, LSA_Q_OPEN_SECRET *q_c, prs_struct *ps, int depth) +BOOL lsa_io_q_open_secret(const char *desc, LSA_Q_OPEN_SECRET *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_open_secret"); depth++; - /* Don't bother to read or write at present... */ + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("", &in->handle, ps, depth)) + return False; + + if(!prs_unistr4 ("secretname", ps, depth, &in->secretname)) + return False; + if(!prs_align(ps)) + return False; + + if(!prs_uint32("access", ps, depth, &in->access)) + return False; + return True; } @@ -1248,7 +1257,7 @@ BOOL lsa_io_q_open_secret(const char *desc, LSA_Q_OPEN_SECRET *q_c, prs_struct * Reads or writes an LSA_R_OPEN_SECRET structure. ********************************************************************/ -BOOL lsa_io_r_open_secret(const char *desc, LSA_R_OPEN_SECRET *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_open_secret(const char *desc, LSA_R_OPEN_SECRET *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_open_secret"); depth++; @@ -1256,15 +1265,10 @@ BOOL lsa_io_r_open_secret(const char *desc, LSA_R_OPEN_SECRET *r_c, prs_struct * if(!prs_align(ps)) return False; - if(!prs_uint32("dummy1", ps, depth, &r_c->dummy1)) - return False; - if(!prs_uint32("dummy2", ps, depth, &r_c->dummy2)) + if(!smb_io_pol_hnd("", &out->handle, ps, depth)) return False; - if(!prs_uint32("dummy3", ps, depth, &r_c->dummy3)) - return False; - if(!prs_uint32("dummy4", ps, depth, &r_c->dummy4)) - return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1274,33 +1278,33 @@ BOOL lsa_io_r_open_secret(const char *desc, LSA_R_OPEN_SECRET *r_c, prs_struct * Inits an LSA_Q_ENUM_PRIVS structure. ********************************************************************/ -void init_q_enum_privs(LSA_Q_ENUM_PRIVS *q_q, POLICY_HND *hnd, uint32 enum_context, uint32 pref_max_length) +void init_q_enum_privs(LSA_Q_ENUM_PRIVS *in, POLICY_HND *hnd, uint32 enum_context, uint32 pref_max_length) { DEBUG(5, ("init_q_enum_privs\n")); - memcpy(&q_q->pol, hnd, sizeof(q_q->pol)); + memcpy(&in->pol, hnd, sizeof(in->pol)); - q_q->enum_context = enum_context; - q_q->pref_max_length = pref_max_length; + in->enum_context = enum_context; + in->pref_max_length = pref_max_length; } /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL lsa_io_q_enum_privs(const char *desc, LSA_Q_ENUM_PRIVS *q_q, prs_struct *ps, int depth) +BOOL lsa_io_q_enum_privs(const char *desc, LSA_Q_ENUM_PRIVS *in, prs_struct *ps, int depth) { - if (q_q == NULL) + if (in == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_q_enum_privs"); depth++; - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if (!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if(!prs_uint32("enum_context ", ps, depth, &q_q->enum_context)) + if(!prs_uint32("enum_context ", ps, depth, &in->enum_context)) return False; - if(!prs_uint32("pref_max_length", ps, depth, &q_q->pref_max_length)) + if(!prs_uint32("pref_max_length", ps, depth, &in->pref_max_length)) return False; return True; @@ -1342,31 +1346,31 @@ static BOOL lsa_io_priv_entries(const char *desc, LSA_PRIV_ENTRY *entries, uint3 Inits an LSA_R_ENUM_PRIVS structure. ********************************************************************/ -void init_lsa_r_enum_privs(LSA_R_ENUM_PRIVS *r_u, uint32 enum_context, +void init_lsa_r_enum_privs(LSA_R_ENUM_PRIVS *out, uint32 enum_context, uint32 count, LSA_PRIV_ENTRY *entries) { DEBUG(5, ("init_lsa_r_enum_privs\n")); - r_u->enum_context=enum_context; - r_u->count=count; + out->enum_context=enum_context; + out->count=count; if (entries!=NULL) { - r_u->ptr=1; - r_u->count1=count; - r_u->privs=entries; + out->ptr=1; + out->count1=count; + out->privs=entries; } else { - r_u->ptr=0; - r_u->count1=0; - r_u->privs=NULL; + out->ptr=0; + out->count1=0; + out->privs=NULL; } } /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL lsa_io_r_enum_privs(const char *desc, LSA_R_ENUM_PRIVS *r_q, prs_struct *ps, int depth) +BOOL lsa_io_r_enum_privs(const char *desc, LSA_R_ENUM_PRIVS *out, prs_struct *ps, int depth) { - if (r_q == NULL) + if (out == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_r_enum_privs"); @@ -1375,29 +1379,29 @@ BOOL lsa_io_r_enum_privs(const char *desc, LSA_R_ENUM_PRIVS *r_q, prs_struct *ps if(!prs_align(ps)) return False; - if(!prs_uint32("enum_context", ps, depth, &r_q->enum_context)) + if(!prs_uint32("enum_context", ps, depth, &out->enum_context)) return False; - if(!prs_uint32("count", ps, depth, &r_q->count)) + if(!prs_uint32("count", ps, depth, &out->count)) return False; - if(!prs_uint32("ptr", ps, depth, &r_q->ptr)) + if(!prs_uint32("ptr", ps, depth, &out->ptr)) return False; - if (r_q->ptr) { - if(!prs_uint32("count1", ps, depth, &r_q->count1)) + if (out->ptr) { + if(!prs_uint32("count1", ps, depth, &out->count1)) return False; if (UNMARSHALLING(ps)) - if (!(r_q->privs = PRS_ALLOC_MEM(ps, LSA_PRIV_ENTRY, r_q->count1))) + if (!(out->privs = PRS_ALLOC_MEM(ps, LSA_PRIV_ENTRY, out->count1))) return False; - if (!lsa_io_priv_entries("", r_q->privs, r_q->count1, ps, depth)) + if (!lsa_io_priv_entries("", out->privs, out->count1, ps, depth)) return False; } if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_q->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1416,9 +1420,9 @@ void init_lsa_priv_get_dispname(LSA_Q_PRIV_GET_DISPNAME *trn, POLICY_HND *hnd, c /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL lsa_io_q_priv_get_dispname(const char *desc, LSA_Q_PRIV_GET_DISPNAME *q_q, prs_struct *ps, int depth) +BOOL lsa_io_q_priv_get_dispname(const char *desc, LSA_Q_PRIV_GET_DISPNAME *in, prs_struct *ps, int depth) { - if (q_q == NULL) + if (in == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_q_priv_get_dispname"); @@ -1427,18 +1431,18 @@ BOOL lsa_io_q_priv_get_dispname(const char *desc, LSA_Q_PRIV_GET_DISPNAME *q_q, if(!prs_align(ps)) return False; - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if (!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if (!smb_io_unihdr("hdr_name", &q_q->hdr_name, ps, depth)) + if (!smb_io_unihdr("hdr_name", &in->hdr_name, ps, depth)) return False; - if (!smb_io_unistr2("name", &q_q->name, q_q->hdr_name.buffer, ps, depth)) + if (!smb_io_unistr2("name", &in->name, in->hdr_name.buffer, ps, depth)) return False; - if(!prs_uint16("lang_id ", ps, depth, &q_q->lang_id)) + if(!prs_uint16("lang_id ", ps, depth, &in->lang_id)) return False; - if(!prs_uint16("lang_id_sys", ps, depth, &q_q->lang_id_sys)) + if(!prs_uint16("lang_id_sys", ps, depth, &in->lang_id_sys)) return False; return True; @@ -1447,9 +1451,9 @@ BOOL lsa_io_q_priv_get_dispname(const char *desc, LSA_Q_PRIV_GET_DISPNAME *q_q, /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL lsa_io_r_priv_get_dispname(const char *desc, LSA_R_PRIV_GET_DISPNAME *r_q, prs_struct *ps, int depth) +BOOL lsa_io_r_priv_get_dispname(const char *desc, LSA_R_PRIV_GET_DISPNAME *out, prs_struct *ps, int depth) { - if (r_q == NULL) + if (out == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_r_priv_get_dispname"); @@ -1458,26 +1462,26 @@ BOOL lsa_io_r_priv_get_dispname(const char *desc, LSA_R_PRIV_GET_DISPNAME *r_q, if (!prs_align(ps)) return False; - if (!prs_uint32("ptr_info", ps, depth, &r_q->ptr_info)) + if (!prs_uint32("ptr_info", ps, depth, &out->ptr_info)) return False; - if (r_q->ptr_info){ - if (!smb_io_unihdr("hdr_name", &r_q->hdr_desc, ps, depth)) + if (out->ptr_info){ + if (!smb_io_unihdr("hdr_name", &out->hdr_desc, ps, depth)) return False; - if (!smb_io_unistr2("desc", &r_q->desc, r_q->hdr_desc.buffer, ps, depth)) + if (!smb_io_unistr2("desc", &out->desc, out->hdr_desc.buffer, ps, depth)) return False; } /* if(!prs_align(ps)) return False; */ - if(!prs_uint16("lang_id", ps, depth, &r_q->lang_id)) + if(!prs_uint16("lang_id", ps, depth, &out->lang_id)) return False; if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_q->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1497,20 +1501,20 @@ void init_lsa_q_enum_accounts(LSA_Q_ENUM_ACCOUNTS *trn, POLICY_HND *hnd, uint32 /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL lsa_io_q_enum_accounts(const char *desc, LSA_Q_ENUM_ACCOUNTS *q_q, prs_struct *ps, int depth) +BOOL lsa_io_q_enum_accounts(const char *desc, LSA_Q_ENUM_ACCOUNTS *in, prs_struct *ps, int depth) { - if (q_q == NULL) + if (in == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_q_enum_accounts"); depth++; - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if (!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if(!prs_uint32("enum_context ", ps, depth, &q_q->enum_context)) + if(!prs_uint32("enum_context ", ps, depth, &in->enum_context)) return False; - if(!prs_uint32("pref_max_length", ps, depth, &q_q->pref_max_length)) + if(!prs_uint32("pref_max_length", ps, depth, &in->pref_max_length)) return False; return True; @@ -1521,28 +1525,28 @@ BOOL lsa_io_q_enum_accounts(const char *desc, LSA_Q_ENUM_ACCOUNTS *q_q, prs_stru Inits an LSA_R_ENUM_PRIVS structure. ********************************************************************/ -void init_lsa_r_enum_accounts(LSA_R_ENUM_ACCOUNTS *r_u, uint32 enum_context) +void init_lsa_r_enum_accounts(LSA_R_ENUM_ACCOUNTS *out, uint32 enum_context) { DEBUG(5, ("init_lsa_r_enum_accounts\n")); - r_u->enum_context=enum_context; - if (r_u->enum_context!=0) { - r_u->sids.num_entries=enum_context; - r_u->sids.ptr_sid_enum=1; - r_u->sids.num_entries2=enum_context; + out->enum_context=enum_context; + if (out->enum_context!=0) { + out->sids.num_entries=enum_context; + out->sids.ptr_sid_enum=1; + out->sids.num_entries2=enum_context; } else { - r_u->sids.num_entries=0; - r_u->sids.ptr_sid_enum=0; - r_u->sids.num_entries2=0; + out->sids.num_entries=0; + out->sids.ptr_sid_enum=0; + out->sids.num_entries2=0; } } /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL lsa_io_r_enum_accounts(const char *desc, LSA_R_ENUM_ACCOUNTS *r_q, prs_struct *ps, int depth) +BOOL lsa_io_r_enum_accounts(const char *desc, LSA_R_ENUM_ACCOUNTS *out, prs_struct *ps, int depth) { - if (r_q == NULL) + if (out == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_r_enum_accounts"); @@ -1551,16 +1555,16 @@ BOOL lsa_io_r_enum_accounts(const char *desc, LSA_R_ENUM_ACCOUNTS *r_q, prs_stru if (!prs_align(ps)) return False; - if(!prs_uint32("enum_context", ps, depth, &r_q->enum_context)) + if(!prs_uint32("enum_context", ps, depth, &out->enum_context)) return False; - if (!lsa_io_sid_enum("sids", &r_q->sids, ps, depth)) + if (!lsa_io_sid_enum("sids", &out->sids, ps, depth)) return False; if (!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_q->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1571,7 +1575,7 @@ BOOL lsa_io_r_enum_accounts(const char *desc, LSA_R_ENUM_ACCOUNTS *r_q, prs_stru Reads or writes an LSA_Q_UNK_GET_CONNUSER structure. ********************************************************************/ -BOOL lsa_io_q_unk_get_connuser(const char *desc, LSA_Q_UNK_GET_CONNUSER *q_c, prs_struct *ps, int depth) +BOOL lsa_io_q_unk_get_connuser(const char *desc, LSA_Q_UNK_GET_CONNUSER *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_unk_get_connuser"); depth++; @@ -1579,20 +1583,20 @@ BOOL lsa_io_q_unk_get_connuser(const char *desc, LSA_Q_UNK_GET_CONNUSER *q_c, pr if(!prs_align(ps)) return False; - if(!prs_uint32("ptr_srvname", ps, depth, &q_c->ptr_srvname)) + if(!prs_uint32("ptr_srvname", ps, depth, &in->ptr_srvname)) return False; - if(!smb_io_unistr2("uni2_srvname", &q_c->uni2_srvname, q_c->ptr_srvname, ps, depth)) /* server name to be looked up */ + if(!smb_io_unistr2("uni2_srvname", &in->uni2_srvname, in->ptr_srvname, ps, depth)) /* server name to be looked up */ return False; if (!prs_align(ps)) return False; - if(!prs_uint32("unk1", ps, depth, &q_c->unk1)) + if(!prs_uint32("unk1", ps, depth, &in->unk1)) return False; - if(!prs_uint32("unk2", ps, depth, &q_c->unk2)) + if(!prs_uint32("unk2", ps, depth, &in->unk2)) return False; - if(!prs_uint32("unk3", ps, depth, &q_c->unk3)) + if(!prs_uint32("unk3", ps, depth, &in->unk3)) return False; /* Don't bother to read or write at present... */ @@ -1603,7 +1607,7 @@ BOOL lsa_io_q_unk_get_connuser(const char *desc, LSA_Q_UNK_GET_CONNUSER *q_c, pr Reads or writes an LSA_R_UNK_GET_CONNUSER structure. ********************************************************************/ -BOOL lsa_io_r_unk_get_connuser(const char *desc, LSA_R_UNK_GET_CONNUSER *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_unk_get_connuser(const char *desc, LSA_R_UNK_GET_CONNUSER *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_unk_get_connuser"); depth++; @@ -1611,30 +1615,30 @@ BOOL lsa_io_r_unk_get_connuser(const char *desc, LSA_R_UNK_GET_CONNUSER *r_c, pr if(!prs_align(ps)) return False; - if(!prs_uint32("ptr_user_name", ps, depth, &r_c->ptr_user_name)) + if(!prs_uint32("ptr_user_name", ps, depth, &out->ptr_user_name)) return False; - if(!smb_io_unihdr("hdr_user_name", &r_c->hdr_user_name, ps, depth)) + if(!smb_io_unihdr("hdr_user_name", &out->hdr_user_name, ps, depth)) return False; - if(!smb_io_unistr2("uni2_user_name", &r_c->uni2_user_name, r_c->ptr_user_name, ps, depth)) + if(!smb_io_unistr2("uni2_user_name", &out->uni2_user_name, out->ptr_user_name, ps, depth)) return False; if (!prs_align(ps)) return False; - if(!prs_uint32("unk1", ps, depth, &r_c->unk1)) + if(!prs_uint32("unk1", ps, depth, &out->unk1)) return False; - if(!prs_uint32("ptr_dom_name", ps, depth, &r_c->ptr_dom_name)) + if(!prs_uint32("ptr_dom_name", ps, depth, &out->ptr_dom_name)) return False; - if(!smb_io_unihdr("hdr_dom_name", &r_c->hdr_dom_name, ps, depth)) + if(!smb_io_unihdr("hdr_dom_name", &out->hdr_dom_name, ps, depth)) return False; - if(!smb_io_unistr2("uni2_dom_name", &r_c->uni2_dom_name, r_c->ptr_dom_name, ps, depth)) + if(!smb_io_unistr2("uni2_dom_name", &out->uni2_dom_name, out->ptr_dom_name, ps, depth)) return False; if (!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1653,7 +1657,7 @@ void init_lsa_q_create_account(LSA_Q_CREATEACCOUNT *trn, POLICY_HND *hnd, DOM_SI Reads or writes an LSA_Q_CREATEACCOUNT structure. ********************************************************************/ -BOOL lsa_io_q_create_account(const char *desc, LSA_Q_CREATEACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_create_account(const char *desc, LSA_Q_CREATEACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_create_account"); depth++; @@ -1661,13 +1665,13 @@ BOOL lsa_io_q_create_account(const char *desc, LSA_Q_CREATEACCOUNT *r_c, prs_str if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!smb_io_dom_sid2("sid", &r_c->sid, ps, depth)) /* domain SID */ + if(!smb_io_dom_sid2("sid", &out->sid, ps, depth)) /* domain SID */ return False; - if(!prs_uint32("access", ps, depth, &r_c->access)) + if(!prs_uint32("access", ps, depth, &out->access)) return False; return True; @@ -1677,7 +1681,7 @@ BOOL lsa_io_q_create_account(const char *desc, LSA_Q_CREATEACCOUNT *r_c, prs_str Reads or writes an LSA_R_CREATEACCOUNT structure. ********************************************************************/ -BOOL lsa_io_r_create_account(const char *desc, LSA_R_CREATEACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_create_account(const char *desc, LSA_R_CREATEACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_open_account"); depth++; @@ -1685,10 +1689,10 @@ BOOL lsa_io_r_create_account(const char *desc, LSA_R_CREATEACCOUNT *r_c, prs_st if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1707,7 +1711,7 @@ void init_lsa_q_open_account(LSA_Q_OPENACCOUNT *trn, POLICY_HND *hnd, DOM_SID *s Reads or writes an LSA_Q_OPENACCOUNT structure. ********************************************************************/ -BOOL lsa_io_q_open_account(const char *desc, LSA_Q_OPENACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_open_account(const char *desc, LSA_Q_OPENACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_open_account"); depth++; @@ -1715,13 +1719,13 @@ BOOL lsa_io_q_open_account(const char *desc, LSA_Q_OPENACCOUNT *r_c, prs_struct if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!smb_io_dom_sid2("sid", &r_c->sid, ps, depth)) /* domain SID */ + if(!smb_io_dom_sid2("sid", &out->sid, ps, depth)) /* domain SID */ return False; - if(!prs_uint32("access", ps, depth, &r_c->access)) + if(!prs_uint32("access", ps, depth, &out->access)) return False; return True; @@ -1731,7 +1735,7 @@ BOOL lsa_io_q_open_account(const char *desc, LSA_Q_OPENACCOUNT *r_c, prs_struct Reads or writes an LSA_R_OPENACCOUNT structure. ********************************************************************/ -BOOL lsa_io_r_open_account(const char *desc, LSA_R_OPENACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_open_account(const char *desc, LSA_R_OPENACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_open_account"); depth++; @@ -1739,10 +1743,10 @@ BOOL lsa_io_r_open_account(const char *desc, LSA_R_OPENACCOUNT *r_c, prs_struct if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1759,7 +1763,7 @@ void init_lsa_q_enum_privsaccount(LSA_Q_ENUMPRIVSACCOUNT *trn, POLICY_HND *hnd) Reads or writes an LSA_Q_ENUMPRIVSACCOUNT structure. ********************************************************************/ -BOOL lsa_io_q_enum_privsaccount(const char *desc, LSA_Q_ENUMPRIVSACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_enum_privsaccount(const char *desc, LSA_Q_ENUMPRIVSACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_enum_privsaccount"); depth++; @@ -1767,7 +1771,7 @@ BOOL lsa_io_q_enum_privsaccount(const char *desc, LSA_Q_ENUMPRIVSACCOUNT *r_c, p if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; return True; @@ -1777,7 +1781,7 @@ BOOL lsa_io_q_enum_privsaccount(const char *desc, LSA_Q_ENUMPRIVSACCOUNT *r_c, p Reads or writes an LUID structure. ********************************************************************/ -static BOOL lsa_io_luid(const char *desc, LUID *r_c, prs_struct *ps, int depth) +static BOOL lsa_io_luid(const char *desc, LUID *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_luid"); depth++; @@ -1785,10 +1789,10 @@ static BOOL lsa_io_luid(const char *desc, LUID *r_c, prs_struct *ps, int depth) if(!prs_align(ps)) return False; - if(!prs_uint32("low", ps, depth, &r_c->low)) + if(!prs_uint32("low", ps, depth, &out->low)) return False; - if(!prs_uint32("high", ps, depth, &r_c->high)) + if(!prs_uint32("high", ps, depth, &out->high)) return False; return True; @@ -1798,7 +1802,7 @@ static BOOL lsa_io_luid(const char *desc, LUID *r_c, prs_struct *ps, int depth) Reads or writes an LUID_ATTR structure. ********************************************************************/ -static BOOL lsa_io_luid_attr(const char *desc, LUID_ATTR *r_c, prs_struct *ps, int depth) +static BOOL lsa_io_luid_attr(const char *desc, LUID_ATTR *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_luid_attr"); depth++; @@ -1806,10 +1810,10 @@ static BOOL lsa_io_luid_attr(const char *desc, LUID_ATTR *r_c, prs_struct *ps, i if(!prs_align(ps)) return False; - if (!lsa_io_luid(desc, &r_c->luid, ps, depth)) + if (!lsa_io_luid(desc, &out->luid, ps, depth)) return False; - if(!prs_uint32("attr", ps, depth, &r_c->attr)) + if(!prs_uint32("attr", ps, depth, &out->attr)) return False; return True; @@ -1819,7 +1823,7 @@ static BOOL lsa_io_luid_attr(const char *desc, LUID_ATTR *r_c, prs_struct *ps, i Reads or writes an PRIVILEGE_SET structure. ********************************************************************/ -static BOOL lsa_io_privilege_set(const char *desc, PRIVILEGE_SET *r_c, prs_struct *ps, int depth) +static BOOL lsa_io_privilege_set(const char *desc, PRIVILEGE_SET *out, prs_struct *ps, int depth) { uint32 i; @@ -1829,35 +1833,35 @@ static BOOL lsa_io_privilege_set(const char *desc, PRIVILEGE_SET *r_c, prs_struc if(!prs_align(ps)) return False; - if(!prs_uint32("count", ps, depth, &r_c->count)) + if(!prs_uint32("count", ps, depth, &out->count)) return False; - if(!prs_uint32("control", ps, depth, &r_c->control)) + if(!prs_uint32("control", ps, depth, &out->control)) return False; - for (i=0; i<r_c->count; i++) { - if (!lsa_io_luid_attr(desc, &r_c->set[i], ps, depth)) + for (i=0; i<out->count; i++) { + if (!lsa_io_luid_attr(desc, &out->set[i], ps, depth)) return False; } return True; } -NTSTATUS init_lsa_r_enum_privsaccount(TALLOC_CTX *mem_ctx, LSA_R_ENUMPRIVSACCOUNT *r_u, LUID_ATTR *set, uint32 count, uint32 control) +NTSTATUS init_lsa_r_enum_privsaccount(TALLOC_CTX *mem_ctx, LSA_R_ENUMPRIVSACCOUNT *out, LUID_ATTR *set, uint32 count, uint32 control) { NTSTATUS ret = NT_STATUS_OK; - r_u->ptr = 1; - r_u->count = count; + out->ptr = 1; + out->count = count; - if ( !NT_STATUS_IS_OK(ret = privilege_set_init_by_ctx(mem_ctx, &(r_u->set))) ) + if ( !NT_STATUS_IS_OK(ret = privilege_set_init_by_ctx(mem_ctx, &(out->set))) ) return ret; - r_u->set.count = count; + out->set.count = count; - if (!NT_STATUS_IS_OK(ret = dup_luid_attr(r_u->set.mem_ctx, &(r_u->set.set), set, count))) + if (!NT_STATUS_IS_OK(ret = dup_luid_attr(out->set.mem_ctx, &(out->set.set), set, count))) return ret; - DEBUG(10,("init_lsa_r_enum_privsaccount: %d privileges\n", r_u->count)); + DEBUG(10,("init_lsa_r_enum_privsaccount: %d privileges\n", out->count)); return ret; } @@ -1866,7 +1870,7 @@ NTSTATUS init_lsa_r_enum_privsaccount(TALLOC_CTX *mem_ctx, LSA_R_ENUMPRIVSACCOUN Reads or writes an LSA_R_ENUMPRIVSACCOUNT structure. ********************************************************************/ -BOOL lsa_io_r_enum_privsaccount(const char *desc, LSA_R_ENUMPRIVSACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_enum_privsaccount(const char *desc, LSA_R_ENUMPRIVSACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_enum_privsaccount"); depth++; @@ -1874,29 +1878,29 @@ BOOL lsa_io_r_enum_privsaccount(const char *desc, LSA_R_ENUMPRIVSACCOUNT *r_c, p if(!prs_align(ps)) return False; - if(!prs_uint32("ptr", ps, depth, &r_c->ptr)) + if(!prs_uint32("ptr", ps, depth, &out->ptr)) return False; - if (r_c->ptr!=0) { - if(!prs_uint32("count", ps, depth, &r_c->count)) + if (out->ptr!=0) { + if(!prs_uint32("count", ps, depth, &out->count)) return False; /* malloc memory if unmarshalling here */ - if (UNMARSHALLING(ps) && r_c->count != 0) { - if (!NT_STATUS_IS_OK(privilege_set_init_by_ctx(ps->mem_ctx, &(r_c->set)))) + if (UNMARSHALLING(ps) && out->count != 0) { + if (!NT_STATUS_IS_OK(privilege_set_init_by_ctx(ps->mem_ctx, &(out->set)))) return False; - if (!(r_c->set.set = PRS_ALLOC_MEM(ps,LUID_ATTR,r_c->count))) + if (!(out->set.set = PRS_ALLOC_MEM(ps,LUID_ATTR,out->count))) return False; } - if(!lsa_io_privilege_set(desc, &r_c->set, ps, depth)) + if(!lsa_io_privilege_set(desc, &out->set, ps, depth)) return False; } - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1908,7 +1912,7 @@ BOOL lsa_io_r_enum_privsaccount(const char *desc, LSA_R_ENUMPRIVSACCOUNT *r_c, p Reads or writes an LSA_Q_GETSYSTEMACCOUNTstructure. ********************************************************************/ -BOOL lsa_io_q_getsystemaccount(const char *desc, LSA_Q_GETSYSTEMACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_getsystemaccount(const char *desc, LSA_Q_GETSYSTEMACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_getsystemaccount"); depth++; @@ -1916,7 +1920,7 @@ BOOL lsa_io_q_getsystemaccount(const char *desc, LSA_Q_GETSYSTEMACCOUNT *r_c, p if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; return True; @@ -1926,7 +1930,7 @@ BOOL lsa_io_q_getsystemaccount(const char *desc, LSA_Q_GETSYSTEMACCOUNT *r_c, p Reads or writes an LSA_R_GETSYSTEMACCOUNTstructure. ********************************************************************/ -BOOL lsa_io_r_getsystemaccount(const char *desc, LSA_R_GETSYSTEMACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_getsystemaccount(const char *desc, LSA_R_GETSYSTEMACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_getsystemaccount"); depth++; @@ -1934,10 +1938,10 @@ BOOL lsa_io_r_getsystemaccount(const char *desc, LSA_R_GETSYSTEMACCOUNT *r_c, p if(!prs_align(ps)) return False; - if(!prs_uint32("access", ps, depth, &r_c->access)) + if(!prs_uint32("access", ps, depth, &out->access)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -1948,7 +1952,7 @@ BOOL lsa_io_r_getsystemaccount(const char *desc, LSA_R_GETSYSTEMACCOUNT *r_c, p Reads or writes an LSA_Q_SETSYSTEMACCOUNT structure. ********************************************************************/ -BOOL lsa_io_q_setsystemaccount(const char *desc, LSA_Q_SETSYSTEMACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_setsystemaccount(const char *desc, LSA_Q_SETSYSTEMACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_setsystemaccount"); depth++; @@ -1956,10 +1960,10 @@ BOOL lsa_io_q_setsystemaccount(const char *desc, LSA_Q_SETSYSTEMACCOUNT *r_c, p if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!prs_uint32("access", ps, depth, &r_c->access)) + if(!prs_uint32("access", ps, depth, &out->access)) return False; return True; @@ -1969,7 +1973,7 @@ BOOL lsa_io_q_setsystemaccount(const char *desc, LSA_Q_SETSYSTEMACCOUNT *r_c, p Reads or writes an LSA_R_SETSYSTEMACCOUNT structure. ********************************************************************/ -BOOL lsa_io_r_setsystemaccount(const char *desc, LSA_R_SETSYSTEMACCOUNT *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_setsystemaccount(const char *desc, LSA_R_SETSYSTEMACCOUNT *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_setsystemaccount"); depth++; @@ -1977,7 +1981,7 @@ BOOL lsa_io_r_setsystemaccount(const char *desc, LSA_R_SETSYSTEMACCOUNT *r_c, p if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -2013,7 +2017,7 @@ BOOL smb_io_lsa_string( const char *desc, LSA_STRING *string, prs_struct *ps, in Reads or writes an LSA_Q_LOOKUP_PRIV_VALUE structure. ********************************************************************/ -BOOL lsa_io_q_lookup_priv_value(const char *desc, LSA_Q_LOOKUP_PRIV_VALUE *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_lookup_priv_value(const char *desc, LSA_Q_LOOKUP_PRIV_VALUE *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_lookup_priv_value"); depth++; @@ -2021,9 +2025,9 @@ BOOL lsa_io_q_lookup_priv_value(const char *desc, LSA_Q_LOOKUP_PRIV_VALUE *r_c, if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!smb_io_lsa_string("privname", &r_c->privname, ps, depth)) + if(!smb_io_lsa_string("privname", &out->privname, ps, depth)) return False; return True; @@ -2033,7 +2037,7 @@ BOOL lsa_io_q_lookup_priv_value(const char *desc, LSA_Q_LOOKUP_PRIV_VALUE *r_c, Reads or writes an LSA_R_LOOKUP_PRIV_VALUE structure. ********************************************************************/ -BOOL lsa_io_r_lookup_priv_value(const char *desc, LSA_R_LOOKUP_PRIV_VALUE *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_lookup_priv_value(const char *desc, LSA_R_LOOKUP_PRIV_VALUE *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_lookup_priv_value"); depth++; @@ -2041,10 +2045,10 @@ BOOL lsa_io_r_lookup_priv_value(const char *desc, LSA_R_LOOKUP_PRIV_VALUE *r_c, if(!prs_align(ps)) return False; - if(!lsa_io_luid("luid", &r_c->luid, ps, depth)) + if(!lsa_io_luid("luid", &out->luid, ps, depth)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -2055,7 +2059,7 @@ BOOL lsa_io_r_lookup_priv_value(const char *desc, LSA_R_LOOKUP_PRIV_VALUE *r_c, Reads or writes an LSA_Q_ADDPRIVS structure. ********************************************************************/ -BOOL lsa_io_q_addprivs(const char *desc, LSA_Q_ADDPRIVS *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_addprivs(const char *desc, LSA_Q_ADDPRIVS *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_addprivs"); depth++; @@ -2063,21 +2067,21 @@ BOOL lsa_io_q_addprivs(const char *desc, LSA_Q_ADDPRIVS *r_c, prs_struct *ps, in if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!prs_uint32("count", ps, depth, &r_c->count)) + if(!prs_uint32("count", ps, depth, &out->count)) return False; - if (UNMARSHALLING(ps) && r_c->count!=0) { - if (!NT_STATUS_IS_OK(privilege_set_init_by_ctx(ps->mem_ctx, &(r_c->set)))) + if (UNMARSHALLING(ps) && out->count!=0) { + if (!NT_STATUS_IS_OK(privilege_set_init_by_ctx(ps->mem_ctx, &(out->set)))) return False; - if (!(r_c->set.set = PRS_ALLOC_MEM(ps, LUID_ATTR, r_c->count))) + if (!(out->set.set = PRS_ALLOC_MEM(ps, LUID_ATTR, out->count))) return False; } - if(!lsa_io_privilege_set(desc, &r_c->set, ps, depth)) + if(!lsa_io_privilege_set(desc, &out->set, ps, depth)) return False; return True; @@ -2087,7 +2091,7 @@ BOOL lsa_io_q_addprivs(const char *desc, LSA_Q_ADDPRIVS *r_c, prs_struct *ps, in Reads or writes an LSA_R_ADDPRIVS structure. ********************************************************************/ -BOOL lsa_io_r_addprivs(const char *desc, LSA_R_ADDPRIVS *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_addprivs(const char *desc, LSA_R_ADDPRIVS *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_addprivs"); depth++; @@ -2095,7 +2099,7 @@ BOOL lsa_io_r_addprivs(const char *desc, LSA_R_ADDPRIVS *r_c, prs_struct *ps, in if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -2105,7 +2109,7 @@ BOOL lsa_io_r_addprivs(const char *desc, LSA_R_ADDPRIVS *r_c, prs_struct *ps, in Reads or writes an LSA_Q_REMOVEPRIVS structure. ********************************************************************/ -BOOL lsa_io_q_removeprivs(const char *desc, LSA_Q_REMOVEPRIVS *r_c, prs_struct *ps, int depth) +BOOL lsa_io_q_removeprivs(const char *desc, LSA_Q_REMOVEPRIVS *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_removeprivs"); depth++; @@ -2113,13 +2117,13 @@ BOOL lsa_io_q_removeprivs(const char *desc, LSA_Q_REMOVEPRIVS *r_c, prs_struct * if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &out->pol, ps, depth)) return False; - if(!prs_uint32("allrights", ps, depth, &r_c->allrights)) + if(!prs_uint32("allrights", ps, depth, &out->allrights)) return False; - if(!prs_uint32("ptr", ps, depth, &r_c->ptr)) + if(!prs_uint32("ptr", ps, depth, &out->ptr)) return False; /* @@ -2127,19 +2131,19 @@ BOOL lsa_io_q_removeprivs(const char *desc, LSA_Q_REMOVEPRIVS *r_c, prs_struct * * never seen one with ptr=0 */ - if (r_c->ptr!=0) { - if(!prs_uint32("count", ps, depth, &r_c->count)) + if (out->ptr!=0) { + if(!prs_uint32("count", ps, depth, &out->count)) return False; - if (UNMARSHALLING(ps) && r_c->count!=0) { - if (!NT_STATUS_IS_OK(privilege_set_init_by_ctx(ps->mem_ctx, &(r_c->set)))) + if (UNMARSHALLING(ps) && out->count!=0) { + if (!NT_STATUS_IS_OK(privilege_set_init_by_ctx(ps->mem_ctx, &(out->set)))) return False; - if (!(r_c->set.set = PRS_ALLOC_MEM(ps, LUID_ATTR, r_c->count))) + if (!(out->set.set = PRS_ALLOC_MEM(ps, LUID_ATTR, out->count))) return False; } - if(!lsa_io_privilege_set(desc, &r_c->set, ps, depth)) + if(!lsa_io_privilege_set(desc, &out->set, ps, depth)) return False; } @@ -2150,7 +2154,7 @@ BOOL lsa_io_q_removeprivs(const char *desc, LSA_Q_REMOVEPRIVS *r_c, prs_struct * Reads or writes an LSA_R_REMOVEPRIVS structure. ********************************************************************/ -BOOL lsa_io_r_removeprivs(const char *desc, LSA_R_REMOVEPRIVS *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_removeprivs(const char *desc, LSA_R_REMOVEPRIVS *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_removeprivs"); depth++; @@ -2158,7 +2162,7 @@ BOOL lsa_io_r_removeprivs(const char *desc, LSA_R_REMOVEPRIVS *r_c, prs_struct * if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -2222,21 +2226,20 @@ BOOL lsa_io_dns_dom_info(const char *desc, LSA_DNS_DOM_INFO *info, Inits an LSA_Q_QUERY_INFO2 structure. ********************************************************************/ -void init_q_query2(LSA_Q_QUERY_INFO2 *q_q, POLICY_HND *hnd, uint16 info_class) +void init_q_query2(LSA_Q_QUERY_INFO2 *in, POLICY_HND *hnd, uint16 info_class) { DEBUG(5, ("init_q_query2\n")); - memcpy(&q_q->pol, hnd, sizeof(q_q->pol)); + memcpy(&in->pol, hnd, sizeof(in->pol)); - q_q->info_class = info_class; + in->info_class = info_class; } /******************************************************************* Reads or writes an LSA_Q_QUERY_DNSDOMINFO structure. ********************************************************************/ -BOOL lsa_io_q_query_info2(const char *desc, LSA_Q_QUERY_INFO2 *q_c, - prs_struct *ps, int depth) +BOOL lsa_io_q_query_info2(const char *desc, LSA_Q_QUERY_INFO2 *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_query_info2"); depth++; @@ -2244,10 +2247,10 @@ BOOL lsa_io_q_query_info2(const char *desc, LSA_Q_QUERY_INFO2 *q_c, if(!prs_align(ps)) return False; - if(!smb_io_pol_hnd("pol", &q_c->pol, ps, depth)) + if(!smb_io_pol_hnd("pol", &in->pol, ps, depth)) return False; - if(!prs_uint16("info_class", ps, depth, &q_c->info_class)) + if(!prs_uint16("info_class", ps, depth, &in->info_class)) return False; return True; @@ -2257,7 +2260,7 @@ BOOL lsa_io_q_query_info2(const char *desc, LSA_Q_QUERY_INFO2 *q_c, Reads or writes an LSA_R_QUERY_DNSDOMINFO structure. ********************************************************************/ -BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c, +BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_query_info2"); @@ -2266,25 +2269,25 @@ BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c, if(!prs_align(ps)) return False; - if(!prs_uint32("ptr", ps, depth, &r_c->ptr)) + if(!prs_uint32("ptr", ps, depth, &out->ptr)) return False; - if(!prs_uint16("info_class", ps, depth, &r_c->info_class)) + if(!prs_uint16("info_class", ps, depth, &out->info_class)) return False; - switch(r_c->info_class) { + switch(out->info_class) { case 0x000c: - if (!lsa_io_dns_dom_info("info12", &r_c->info.dns_dom_info, + if (!lsa_io_dns_dom_info("info12", &out->info.dns_dom_info, ps, depth)) return False; break; default: DEBUG(0,("lsa_io_r_query_info2: unknown info class %d\n", - r_c->info_class)); + out->info_class)); return False; } if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -2293,20 +2296,20 @@ BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c, /******************************************************************* Inits an LSA_Q_ENUM_ACCT_RIGHTS structure. ********************************************************************/ -void init_q_enum_acct_rights(LSA_Q_ENUM_ACCT_RIGHTS *q_q, +void init_q_enum_acct_rights(LSA_Q_ENUM_ACCT_RIGHTS *in, POLICY_HND *hnd, uint32 count, DOM_SID *sid) { DEBUG(5, ("init_q_enum_acct_rights\n")); - q_q->pol = *hnd; - init_dom_sid2(&q_q->sid, sid); + in->pol = *hnd; + init_dom_sid2(&in->sid, sid); } /******************************************************************* ********************************************************************/ -NTSTATUS init_r_enum_acct_rights( LSA_R_ENUM_ACCT_RIGHTS *r_u, PRIVILEGE_SET *privileges ) +NTSTATUS init_r_enum_acct_rights( LSA_R_ENUM_ACCT_RIGHTS *out, PRIVILEGE_SET *privileges ) { uint32 i; char *privname; @@ -2322,12 +2325,12 @@ NTSTATUS init_r_enum_acct_rights( LSA_R_ENUM_ACCT_RIGHTS *r_u, PRIVILEGE_SET *pr } if ( num_priv ) { - r_u->rights = TALLOC_P( get_talloc_ctx(), UNISTR4_ARRAY ); + out->rights = TALLOC_P( get_talloc_ctx(), UNISTR4_ARRAY ); - if ( !init_unistr4_array( r_u->rights, num_priv, privname_array ) ) + if ( !init_unistr4_array( out->rights, num_priv, privname_array ) ) return NT_STATUS_NO_MEMORY; - r_u->count = num_priv; + out->count = num_priv; } return NT_STATUS_OK; @@ -2336,19 +2339,19 @@ NTSTATUS init_r_enum_acct_rights( LSA_R_ENUM_ACCT_RIGHTS *r_u, PRIVILEGE_SET *pr /******************************************************************* reads or writes a LSA_Q_ENUM_ACCT_RIGHTS structure. ********************************************************************/ -BOOL lsa_io_q_enum_acct_rights(const char *desc, LSA_Q_ENUM_ACCT_RIGHTS *q_q, prs_struct *ps, int depth) +BOOL lsa_io_q_enum_acct_rights(const char *desc, LSA_Q_ENUM_ACCT_RIGHTS *in, prs_struct *ps, int depth) { - if (q_q == NULL) + if (in == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_q_enum_acct_rights"); depth++; - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if (!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if(!smb_io_dom_sid2("sid", &q_q->sid, ps, depth)) + if(!smb_io_dom_sid2("sid", &in->sid, ps, depth)) return False; return True; @@ -2358,21 +2361,21 @@ BOOL lsa_io_q_enum_acct_rights(const char *desc, LSA_Q_ENUM_ACCT_RIGHTS *q_q, pr /******************************************************************* reads or writes a LSA_R_ENUM_ACCT_RIGHTS structure. ********************************************************************/ -BOOL lsa_io_r_enum_acct_rights(const char *desc, LSA_R_ENUM_ACCT_RIGHTS *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_enum_acct_rights(const char *desc, LSA_R_ENUM_ACCT_RIGHTS *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_enum_acct_rights"); depth++; - if(!prs_uint32("count ", ps, depth, &r_c->count)) + if(!prs_uint32("count ", ps, depth, &out->count)) return False; - if ( !prs_pointer("rights", ps, depth, (void**)&r_c->rights, sizeof(UNISTR4_ARRAY), (PRS_POINTER_CAST)prs_unistr4_array) ) + if ( !prs_pointer("rights", ps, depth, (void**)&out->rights, sizeof(UNISTR4_ARRAY), (PRS_POINTER_CAST)prs_unistr4_array) ) return False; if(!prs_align(ps)) return False; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -2382,39 +2385,39 @@ BOOL lsa_io_r_enum_acct_rights(const char *desc, LSA_R_ENUM_ACCT_RIGHTS *r_c, pr /******************************************************************* Inits an LSA_Q_ADD_ACCT_RIGHTS structure. ********************************************************************/ -void init_q_add_acct_rights( LSA_Q_ADD_ACCT_RIGHTS *q_q, POLICY_HND *hnd, +void init_q_add_acct_rights( LSA_Q_ADD_ACCT_RIGHTS *in, POLICY_HND *hnd, DOM_SID *sid, uint32 count, const char **rights ) { DEBUG(5, ("init_q_add_acct_rights\n")); - q_q->pol = *hnd; - init_dom_sid2(&q_q->sid, sid); + in->pol = *hnd; + init_dom_sid2(&in->sid, sid); - q_q->rights = TALLOC_P( get_talloc_ctx(), UNISTR4_ARRAY ); - init_unistr4_array( q_q->rights, count, rights ); + in->rights = TALLOC_P( get_talloc_ctx(), UNISTR4_ARRAY ); + init_unistr4_array( in->rights, count, rights ); - q_q->count = count; + in->count = count; } /******************************************************************* reads or writes a LSA_Q_ADD_ACCT_RIGHTS structure. ********************************************************************/ -BOOL lsa_io_q_add_acct_rights(const char *desc, LSA_Q_ADD_ACCT_RIGHTS *q_q, prs_struct *ps, int depth) +BOOL lsa_io_q_add_acct_rights(const char *desc, LSA_Q_ADD_ACCT_RIGHTS *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_add_acct_rights"); depth++; - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if (!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if(!smb_io_dom_sid2("sid", &q_q->sid, ps, depth)) + if(!smb_io_dom_sid2("sid", &in->sid, ps, depth)) return False; - if(!prs_uint32("count", ps, depth, &q_q->count)) + if(!prs_uint32("count", ps, depth, &in->count)) return False; - if ( !prs_pointer("rights", ps, depth, (void**)&q_q->rights, sizeof(UNISTR4_ARRAY), (PRS_POINTER_CAST)prs_unistr4_array) ) + if ( !prs_pointer("rights", ps, depth, (void**)&in->rights, sizeof(UNISTR4_ARRAY), (PRS_POINTER_CAST)prs_unistr4_array) ) return False; return True; @@ -2423,12 +2426,12 @@ BOOL lsa_io_q_add_acct_rights(const char *desc, LSA_Q_ADD_ACCT_RIGHTS *q_q, prs_ /******************************************************************* reads or writes a LSA_R_ENUM_ACCT_RIGHTS structure. ********************************************************************/ -BOOL lsa_io_r_add_acct_rights(const char *desc, LSA_R_ADD_ACCT_RIGHTS *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_add_acct_rights(const char *desc, LSA_R_ADD_ACCT_RIGHTS *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_add_acct_rights"); depth++; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; @@ -2438,7 +2441,7 @@ BOOL lsa_io_r_add_acct_rights(const char *desc, LSA_R_ADD_ACCT_RIGHTS *r_c, prs_ /******************************************************************* Inits an LSA_Q_REMOVE_ACCT_RIGHTS structure. ********************************************************************/ -void init_q_remove_acct_rights(LSA_Q_REMOVE_ACCT_RIGHTS *q_q, +void init_q_remove_acct_rights(LSA_Q_REMOVE_ACCT_RIGHTS *in, POLICY_HND *hnd, DOM_SID *sid, uint32 removeall, @@ -2447,39 +2450,39 @@ void init_q_remove_acct_rights(LSA_Q_REMOVE_ACCT_RIGHTS *q_q, { DEBUG(5, ("init_q_remove_acct_rights\n")); - q_q->pol = *hnd; + in->pol = *hnd; - init_dom_sid2(&q_q->sid, sid); + init_dom_sid2(&in->sid, sid); - q_q->removeall = removeall; - q_q->count = count; + in->removeall = removeall; + in->count = count; - q_q->rights = TALLOC_P( get_talloc_ctx(), UNISTR4_ARRAY ); - init_unistr4_array( q_q->rights, count, rights ); + in->rights = TALLOC_P( get_talloc_ctx(), UNISTR4_ARRAY ); + init_unistr4_array( in->rights, count, rights ); } /******************************************************************* reads or writes a LSA_Q_REMOVE_ACCT_RIGHTS structure. ********************************************************************/ -BOOL lsa_io_q_remove_acct_rights(const char *desc, LSA_Q_REMOVE_ACCT_RIGHTS *q_q, prs_struct *ps, int depth) +BOOL lsa_io_q_remove_acct_rights(const char *desc, LSA_Q_REMOVE_ACCT_RIGHTS *in, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_q_remove_acct_rights"); depth++; - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + if (!smb_io_pol_hnd("", &in->pol, ps, depth)) return False; - if(!smb_io_dom_sid2("sid", &q_q->sid, ps, depth)) + if(!smb_io_dom_sid2("sid", &in->sid, ps, depth)) return False; - if(!prs_uint32("removeall", ps, depth, &q_q->removeall)) + if(!prs_uint32("removeall", ps, depth, &in->removeall)) return False; - if(!prs_uint32("count", ps, depth, &q_q->count)) + if(!prs_uint32("count", ps, depth, &in->count)) return False; - if ( !prs_pointer("rights", ps, depth, (void**)&q_q->rights, sizeof(UNISTR4_ARRAY), (PRS_POINTER_CAST)prs_unistr4_array) ) + if ( !prs_pointer("rights", ps, depth, (void**)&in->rights, sizeof(UNISTR4_ARRAY), (PRS_POINTER_CAST)prs_unistr4_array) ) return False; return True; @@ -2488,12 +2491,237 @@ BOOL lsa_io_q_remove_acct_rights(const char *desc, LSA_Q_REMOVE_ACCT_RIGHTS *q_q /******************************************************************* reads or writes a LSA_R_ENUM_ACCT_RIGHTS structure. ********************************************************************/ -BOOL lsa_io_r_remove_acct_rights(const char *desc, LSA_R_REMOVE_ACCT_RIGHTS *r_c, prs_struct *ps, int depth) +BOOL lsa_io_r_remove_acct_rights(const char *desc, LSA_R_REMOVE_ACCT_RIGHTS *out, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "lsa_io_r_remove_acct_rights"); depth++; - if(!prs_ntstatus("status", ps, depth, &r_c->status)) + if(!prs_ntstatus("status", ps, depth, &out->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_q_open_trusted_domain(const char *desc, LSA_Q_OPEN_TRUSTED_DOMAIN *in, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_open_trusted_domain"); + depth++; + + if(!prs_align(ps)) + return False; + + if (!smb_io_pol_hnd("", &in->handle, ps, depth)) + return False; + + if(!prs_uint32("count", ps, depth, &in->count)) + return False; + + if(!smb_io_dom_sid("sid", &in->sid, ps, depth)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_r_open_trusted_domain(const char *desc, LSA_R_OPEN_TRUSTED_DOMAIN *out, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_open_trusted_domain"); + depth++; + + if(!prs_align(ps)) + return False; + + if (!smb_io_pol_hnd("", &out->handle, ps, depth)) + return False; + + if(!prs_ntstatus("status", ps, depth, &out->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_q_create_trusted_domain(const char *desc, LSA_Q_CREATE_TRUSTED_DOMAIN *in, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_create_trusted_domain"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("", &in->handle, ps, depth)) + return False; + + if(!prs_unistr4 ("secretname", ps, depth, &in->secretname)) + return False; + if(!prs_align(ps)) + return False; + + if(!prs_uint32("access", ps, depth, &in->access)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_r_create_trusted_domain(const char *desc, LSA_R_CREATE_TRUSTED_DOMAIN *out, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_create_trusted_domain"); + depth++; + + if(!prs_align(ps)) + return False; + + if (!smb_io_pol_hnd("", &out->handle, ps, depth)) + return False; + + if(!prs_ntstatus("status", ps, depth, &out->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_q_create_secret(const char *desc, LSA_Q_CREATE_SECRET *in, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_create_secret"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("", &in->handle, ps, depth)) + return False; + + if(!prs_unistr4 ("secretname", ps, depth, &in->secretname)) + return False; + if(!prs_align(ps)) + return False; + + if(!prs_uint32("access", ps, depth, &in->access)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_r_create_secret(const char *desc, LSA_R_CREATE_SECRET *out, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_create_secret"); + depth++; + + if(!prs_align(ps)) + return False; + + if (!smb_io_pol_hnd("", &out->handle, ps, depth)) + return False; + + if(!prs_ntstatus("status", ps, depth, &out->status)) + return False; + + return True; +} + + + +/******************************************************************* +********************************************************************/ + +static BOOL lsa_io_data_blob( const char *desc, prs_struct *ps, int depth, LSA_DATA_BLOB *blob ) +{ + prs_debug(ps, depth, desc, "lsa_io_data_blob"); + depth++; + + if ( !prs_uint32("size", ps, depth, &blob->size) ) + return False; + if ( !prs_uint32("size", ps, depth, &blob->size) ) + return False; + + if ( !prs_io_unistr2_p(desc, ps, depth, &blob->data) ) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_q_set_secret(const char *desc, LSA_Q_SET_SECRET *in, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_set_secret"); + depth++; + + if ( !prs_align(ps) ) + return False; + + if ( !smb_io_pol_hnd("", &in->handle, ps, depth) ) + return False; + + if ( !prs_pointer( "old_value", ps, depth, (void*)&in->old_value, sizeof(LSA_DATA_BLOB), (PRS_POINTER_CAST)lsa_io_data_blob )) + return False; + + if( !prs_align(ps) ) + return False; + if ( !prs_pointer( "old_value", ps, depth, (void*)&in->old_value, sizeof(LSA_DATA_BLOB), (PRS_POINTER_CAST)lsa_io_data_blob )) + return False; + + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_r_set_secret(const char *desc, LSA_R_SET_SECRET *out, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_set_secret"); + depth++; + + if(!prs_ntstatus("status", ps, depth, &out->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_q_delete_object(const char *desc, LSA_Q_DELETE_OBJECT *in, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_delete_object"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("", &in->handle, ps, depth)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL lsa_io_r_delete_object(const char *desc, LSA_R_DELETE_OBJECT *out, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_delete_object"); + depth++; + + if(!prs_ntstatus("status", ps, depth, &out->status)) return False; return True; diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index dbd5d8c0bf..fc84dbe923 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -6,6 +6,7 @@ * Copyright (C) Paul Ashton 1997, * Copyright (C) Jeremy Allison 2001, * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002-2003. + * Copyright (C) Gerald (Jerry) Carter 2005 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -765,6 +766,156 @@ static BOOL api_lsa_lookup_priv_value(pipes_struct *p) return True; } +/*************************************************************************** + ***************************************************************************/ + +static BOOL api_lsa_open_trust_dom(pipes_struct *p) +{ + LSA_Q_OPEN_TRUSTED_DOMAIN q_u; + LSA_R_OPEN_TRUSTED_DOMAIN r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!lsa_io_q_open_trusted_domain("", &q_u, data, 0)) { + DEBUG(0,("api_lsa_open_trust_dom: failed to unmarshall LSA_Q_OPEN_TRUSTED_DOMAIN .\n")); + return False; + } + + r_u.status = _lsa_open_trusted_domain(p, &q_u, &r_u); + + /* store the response in the SMB stream */ + if(!lsa_io_r_open_trusted_domain("", &r_u, rdata, 0)) { + DEBUG(0,("api_lsa_open_trust_dom: Failed to marshall LSA_R_OPEN_TRUSTED_DOMAIN.\n")); + return False; + } + + return True; +} + +/*************************************************************************** + ***************************************************************************/ + +static BOOL api_lsa_create_trust_dom(pipes_struct *p) +{ + LSA_Q_CREATE_TRUSTED_DOMAIN q_u; + LSA_R_CREATE_TRUSTED_DOMAIN r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!lsa_io_q_create_trusted_domain("", &q_u, data, 0)) { + DEBUG(0,("api_lsa_create_trust_dom: failed to unmarshall LSA_Q_CREATE_TRUSTED_DOMAIN .\n")); + return False; + } + + r_u.status = _lsa_create_trusted_domain(p, &q_u, &r_u); + + /* store the response in the SMB stream */ + if(!lsa_io_r_create_trusted_domain("", &r_u, rdata, 0)) { + DEBUG(0,("api_lsa_create_trust_dom: Failed to marshall LSA_R_CREATE_TRUSTED_DOMAIN.\n")); + return False; + } + + return True; +} + +/*************************************************************************** + ***************************************************************************/ + +static BOOL api_lsa_create_secret(pipes_struct *p) +{ + LSA_Q_CREATE_SECRET q_u; + LSA_R_CREATE_SECRET r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!lsa_io_q_create_secret("", &q_u, data, 0)) { + DEBUG(0,("api_lsa_create_secret: failed to unmarshall LSA_Q_CREATE_SECRET.\n")); + return False; + } + + r_u.status = _lsa_create_secret(p, &q_u, &r_u); + + /* store the response in the SMB stream */ + if(!lsa_io_r_create_secret("", &r_u, rdata, 0)) { + DEBUG(0,("api_lsa_create_secret: Failed to marshall LSA_R_CREATE_SECRET.\n")); + return False; + } + + return True; +} + +/*************************************************************************** + ***************************************************************************/ + +static BOOL api_lsa_set_secret(pipes_struct *p) +{ + LSA_Q_SET_SECRET q_u; + LSA_R_SET_SECRET r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!lsa_io_q_set_secret("", &q_u, data, 0)) { + DEBUG(0,("api_lsa_set_secret: failed to unmarshall LSA_Q_SET_SECRET.\n")); + return False; + } + + r_u.status = _lsa_set_secret(p, &q_u, &r_u); + + /* store the response in the SMB stream */ + if(!lsa_io_r_set_secret("", &r_u, rdata, 0)) { + DEBUG(0,("api_lsa_set_secret: Failed to marshall LSA_R_SET_SECRET.\n")); + return False; + } + + return True; +} + +/*************************************************************************** + ***************************************************************************/ + +static BOOL api_lsa_delete_object(pipes_struct *p) +{ + LSA_Q_DELETE_OBJECT q_u; + LSA_R_DELETE_OBJECT r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!lsa_io_q_delete_object("", &q_u, data, 0)) { + DEBUG(0,("api_lsa_delete_object: failed to unmarshall LSA_Q_DELETE_OBJECT.\n")); + return False; + } + + r_u.status = _lsa_delete_object(p, &q_u, &r_u); + + /* store the response in the SMB stream */ + if(!lsa_io_r_delete_object("", &r_u, rdata, 0)) { + DEBUG(0,("api_lsa_delete_object: Failed to marshall LSA_R_DELETE_OBJECT.\n")); + return False; + } + + return True; +} + #if 0 /* AD DC work in ongoing in Samba 4 */ /*************************************************************************** @@ -827,7 +978,13 @@ static struct api_struct api_lsa_cmds[] = { "LSA_REMOVEACCTRIGHTS", LSA_REMOVEACCTRIGHTS, api_lsa_remove_acct_rights }, { "LSA_ENUMACCTRIGHTS" , LSA_ENUMACCTRIGHTS , api_lsa_enum_acct_rights }, { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, - { "LSA_LOOKUPPRIVVALUE" , LSA_LOOKUPPRIVVALUE , api_lsa_lookup_priv_value } + { "LSA_LOOKUPPRIVVALUE" , LSA_LOOKUPPRIVVALUE , api_lsa_lookup_priv_value }, + { "LSA_OPENTRUSTDOM" , LSA_OPENTRUSTDOM , api_lsa_open_trust_dom }, + { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, + { "LSA_CREATETRUSTDOM" , LSA_CREATETRUSTDOM , api_lsa_create_trust_dom }, + { "LSA_CREATSECRET" , LSA_CREATESECRET , api_lsa_create_secret }, + { "LSA_SETSECRET" , LSA_SETSECRET , api_lsa_set_secret }, + { "LSA_DELETEOBJECT" , LSA_DELETEOBJECT , api_lsa_delete_object } #if 0 /* AD DC work in ongoing in Samba 4 */ /* be careful of the adding of new RPC's. See commentrs below about ADS DC capabilities */ diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 4d79589e59..b724508e0b 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -749,7 +749,6 @@ NTSTATUS _lsa_close(pipes_struct *p, LSA_Q_CLOSE *q_u, LSA_R_CLOSE *r_u) } /*************************************************************************** - "No more secrets Marty...." :-). ***************************************************************************/ NTSTATUS _lsa_open_secret(pipes_struct *p, LSA_Q_OPEN_SECRET *q_u, LSA_R_OPEN_SECRET *r_u) @@ -758,6 +757,46 @@ NTSTATUS _lsa_open_secret(pipes_struct *p, LSA_Q_OPEN_SECRET *q_u, LSA_R_OPEN_SE } /*************************************************************************** + ***************************************************************************/ + +NTSTATUS _lsa_open_trusted_domain(pipes_struct *p, LSA_Q_OPEN_TRUSTED_DOMAIN *q_u, LSA_R_OPEN_TRUSTED_DOMAIN *r_u) +{ + return NT_STATUS_OBJECT_NAME_NOT_FOUND; +} + +/*************************************************************************** + ***************************************************************************/ + +NTSTATUS _lsa_create_trusted_domain(pipes_struct *p, LSA_Q_CREATE_TRUSTED_DOMAIN *q_u, LSA_R_CREATE_TRUSTED_DOMAIN *r_u) +{ + return NT_STATUS_ACCESS_DENIED; +} + +/*************************************************************************** + ***************************************************************************/ + +NTSTATUS _lsa_create_secret(pipes_struct *p, LSA_Q_CREATE_SECRET *q_u, LSA_R_CREATE_SECRET *r_u) +{ + return NT_STATUS_ACCESS_DENIED; +} + +/*************************************************************************** + ***************************************************************************/ + +NTSTATUS _lsa_set_secret(pipes_struct *p, LSA_Q_SET_SECRET *q_u, LSA_R_SET_SECRET *r_u) +{ + return NT_STATUS_ACCESS_DENIED; +} + +/*************************************************************************** + ***************************************************************************/ + +NTSTATUS _lsa_delete_object(pipes_struct *p, LSA_Q_DELETE_OBJECT *q_u, LSA_R_DELETE_OBJECT *r_u) +{ + return NT_STATUS_ACCESS_DENIED; +} + +/*************************************************************************** _lsa_enum_privs. ***************************************************************************/ diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index c8ffa18c5a..eb6bd2ac0a 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -56,12 +56,6 @@ static void init_net_r_req_chal(NET_R_REQ_CHAL *r_c, net_reply_logon_ctrl: *************************************************************************/ -/* Some flag values reverse engineered from NLTEST.EXE */ - -#define LOGON_CTRL_IN_SYNC 0x00 -#define LOGON_CTRL_REPL_NEEDED 0x01 -#define LOGON_CTRL_REPL_IN_PROGRESS 0x02 - NTSTATUS _net_logon_ctrl(pipes_struct *p, NET_Q_LOGON_CTRL *q_u, NET_R_LOGON_CTRL *r_u) { diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 2fee1972ab..39c294fa45 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2355,7 +2355,7 @@ static WERROR getprinterdata_printer_server(TALLOC_CTX *ctx, fstring value, uint if ( !(*data = TALLOC_ZERO_ARRAY(ctx, uint8, *needed)) ) return WERR_NOMEM; - + SIVAL(*data, 0, *needed); /* size */ SIVAL(*data, 4, 5); /* Windows 2000 == 5.0 */ SIVAL(*data, 8, 0); @@ -7247,18 +7247,19 @@ static void fill_port_2(PORT_INFO_2 *port, const char *name) port->reserved=0x0; } + /**************************************************************************** wrapper around the enumer ports command ****************************************************************************/ WERROR enumports_hook( int *count, char ***lines ) { - char *cmd = lp_enumports_cmd(); - char **qlines; - pstring command; - int numlines; - int ret; - int fd; + char *cmd = lp_enumports_cmd(); + char **qlines; + pstring command; + int numlines; + int ret; + int fd; /* if no hook then just fill in the default port */ @@ -7310,24 +7311,24 @@ static WERROR enumports_level_1(RPC_BUFFER *buffer, uint32 offered, uint32 *need if ( !W_ERROR_IS_OK(result = enumports_hook( &numlines, &qlines )) ) return result; - - if(numlines) { - if((ports=SMB_MALLOC_ARRAY( PORT_INFO_1, numlines )) == NULL) { - DEBUG(10,("Returning WERR_NOMEM [%s]\n", - dos_errstr(WERR_NOMEM))); - file_lines_free(qlines); - return WERR_NOMEM; - } - - for (i=0; i<numlines; i++) { - DEBUG(6,("Filling port number [%d] with port [%s]\n", i, qlines[i])); - fill_port_1(&ports[i], qlines[i]); - } - + + if(numlines) { + if((ports=SMB_MALLOC_ARRAY( PORT_INFO_1, numlines )) == NULL) { + DEBUG(10,("Returning WERR_NOMEM [%s]\n", + dos_errstr(WERR_NOMEM))); file_lines_free(qlines); + return WERR_NOMEM; + } + + for (i=0; i<numlines; i++) { + DEBUG(6,("Filling port number [%d] with port [%s]\n", i, qlines[i])); + fill_port_1(&ports[i], qlines[i]); } - *returned = numlines; + file_lines_free(qlines); + } + + *returned = numlines; /* check the required size. */ for (i=0; i<*returned; i++) { @@ -7369,28 +7370,28 @@ static WERROR enumports_level_2(RPC_BUFFER *buffer, uint32 offered, uint32 *need PORT_INFO_2 *ports=NULL; int i=0; WERROR result = WERR_OK; - char **qlines; - int numlines; + char **qlines; + int numlines; if ( !W_ERROR_IS_OK(result = enumports_hook( &numlines, &qlines )) ) return result; - - - if(numlines) { - if((ports=SMB_MALLOC_ARRAY( PORT_INFO_2, numlines)) == NULL) { - file_lines_free(qlines); - return WERR_NOMEM; - } - - for (i=0; i<numlines; i++) { - DEBUG(6,("Filling port number [%d] with port [%s]\n", i, qlines[i])); - fill_port_2(&(ports[i]), qlines[i]); - } - + + + if(numlines) { + if((ports=SMB_MALLOC_ARRAY( PORT_INFO_2, numlines)) == NULL) { file_lines_free(qlines); + return WERR_NOMEM; } - *returned = numlines; + for (i=0; i<numlines; i++) { + DEBUG(6,("Filling port number [%d] with port [%s]\n", i, qlines[i])); + fill_port_2(&(ports[i]), qlines[i]); + } + + file_lines_free(qlines); + } + + *returned = numlines; /* check the required size. */ for (i=0; i<*returned; i++) { diff --git a/source3/smbd/notify_kernel.c b/source3/smbd/notify_kernel.c index 5c9d885eed..b2ccfc2796 100644 --- a/source3/smbd/notify_kernel.c +++ b/source3/smbd/notify_kernel.c @@ -101,9 +101,8 @@ static BOOL kernel_check_notify(connection_struct *conn, uint16 vuid, char *path close((int)fd_pending_array[i]); fd_pending_array[i] = (SIG_ATOMIC_T)-1; if (signals_received - i - 1) { - memmove(CONST_DISCARD(void *, &fd_pending_array[i]), - CONST_DISCARD(void *, &fd_pending_array[i+1]), - sizeof(SIG_ATOMIC_T)*(signals_received-i-1)); + memmove((void *)&fd_pending_array[i], (void *)&fd_pending_array[i+1], + sizeof(SIG_ATOMIC_T)*(signals_received-i-1)); } data->directory_handle = -1; signals_received--; @@ -130,9 +129,8 @@ static void kernel_remove_notify(void *datap) if (fd == (int)fd_pending_array[i]) { fd_pending_array[i] = (SIG_ATOMIC_T)-1; if (signals_received - i - 1) { - memmove(CONST_DISCARD(void *, &fd_pending_array[i]), - CONST_DISCARD(void *, &fd_pending_array[i+1]), - sizeof(SIG_ATOMIC_T)*(signals_received-i-1)); + memmove((void *)&fd_pending_array[i], (void *)&fd_pending_array[i+1], + sizeof(SIG_ATOMIC_T)*(signals_received-i-1)); } data->directory_handle = -1; signals_received--; diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 1708c51ff9..c63a43bac0 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -362,7 +362,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, conn->service = snum; conn->used = True; conn->printer = (strncmp(dev,"LPT",3) == 0); - conn->ipc = ((strncmp(dev,"IPC",3) == 0) || strequal(dev,"ADMIN$")); + conn->ipc = ( (strncmp(dev,"IPC",3) == 0) || ( lp_enable_asu_support() && strequal(dev,"ADMIN$")) ); conn->dirptr = NULL; /* Case options for the share. */ @@ -783,7 +783,9 @@ connection_struct *make_connection(const char *service_in, DATA_BLOB password, snum = find_service(service); if (snum < 0) { - if (strequal(service,"IPC$") || strequal(service,"ADMIN$")) { + if (strequal(service,"IPC$") + || (lp_enable_asu_support() && strequal(service,"ADMIN$"))) + { DEBUG(3,("refusing IPC connection to %s\n", service)); *status = NT_STATUS_ACCESS_DENIED; return NULL; diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 9fbf0b1d51..48524b472d 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -25,12 +25,6 @@ uint32 global_client_caps = 0; -extern BOOL global_encrypted_passwords_negotiated; -extern BOOL global_spnego_negotiated; -extern enum protocol_types Protocol; -extern int max_send; -extern struct auth_context *negprot_global_auth_context; - static struct auth_ntlmssp_state *global_ntlmssp_state; /* @@ -319,9 +313,7 @@ static int reply_spnego_kerberos(connection_struct *conn, /* wrap that up in a nice GSS-API wrapping */ if (NT_STATUS_IS_OK(ret)) { - ap_rep_wrapped = spnego_gen_krb5_wrap( - ap_rep, - CONST_ADD(const uint8 *, TOK_ID_KRB_AP_REP)); + ap_rep_wrapped = spnego_gen_krb5_wrap(ap_rep, TOK_ID_KRB_AP_REP); } else { ap_rep_wrapped = data_blob(NULL, 0); } @@ -643,8 +635,13 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf, fstring native_lanman; fstring primary_domain; static BOOL done_sesssetup = False; + extern BOOL global_encrypted_passwords_negotiated; + extern BOOL global_spnego_negotiated; + extern enum protocol_types Protocol; + extern int max_send; auth_usersupplied_info *user_info = NULL; + extern struct auth_context *negprot_global_auth_context; auth_serversupplied_info *server_info = NULL; NTSTATUS nt_status; diff --git a/source3/tdb/tdb.c b/source3/tdb/tdb.c index e03e571ca1..d91e6e4efc 100644 --- a/source3/tdb/tdb.c +++ b/source3/tdb/tdb.c @@ -128,7 +128,7 @@ /* free memory if the pointer is valid and zero the pointer */ #ifndef SAFE_FREE -#define SAFE_FREE(x) do { if ((x) != NULL) {free(CONST_DISCARD(void *, (x))); (x)=NULL;} } while(0) +#define SAFE_FREE(x) do { if ((x) != NULL) {free((x)); (x)=NULL;} } while(0) #endif #define BUCKET(hash) ((hash) % tdb->header.hash_size) diff --git a/source3/tdb/tdbutil.c b/source3/tdb/tdbutil.c index 4fcfb6185a..47f1bb2dc2 100644 --- a/source3/tdb/tdbutil.c +++ b/source3/tdb/tdbutil.c @@ -390,9 +390,8 @@ BOOL tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr, uint32 *oldv integers and strings. ****************************************************************************/ -size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) +size_t tdb_pack_va(char *buf, int bufsize, const char *fmt, va_list ap) { - va_list ap; uint8 bt; uint16 w; uint32 d; @@ -405,8 +404,6 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) const char *fmt0 = fmt; int bufsize0 = bufsize; - va_start(ap, fmt); - while (*fmt) { switch ((c = *fmt++)) { case 'b': /* unsigned 8-bit integer */ @@ -471,14 +468,54 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) bufsize = 0; } - va_end(ap); - - DEBUG(18,("tdb_pack(%s, %d) -> %d\n", + DEBUG(18,("tdb_pack_va(%s, %d) -> %d\n", fmt0, bufsize0, (int)PTR_DIFF(buf, buf0))); return PTR_DIFF(buf, buf0); } +size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) +{ + va_list ap; + size_t result; + + va_start(ap, fmt); + result = tdb_pack_va(buf, bufsize, fmt, ap); + va_end(ap); + return result; +} + +BOOL tdb_pack_append(TALLOC_CTX *mem_ctx, uint8_t **buf, size_t *len, + const char *fmt, ...) +{ + va_list ap; + size_t len1, len2; + + va_start(ap, fmt); + len1 = tdb_pack_va(NULL, 0, fmt, ap); + va_end(ap); + + if (mem_ctx != NULL) + *buf = TALLOC_REALLOC_ARRAY(mem_ctx, *buf, uint8_t, + (*len) + len1); + else + *buf = SMB_REALLOC_ARRAY(*buf, uint8_t, (*len) + len1); + + if (*buf == NULL) + return False; + + va_start(ap, fmt); + len2 = tdb_pack_va((*buf)+(*len), len1, fmt, ap); + va_end(ap); + + if (len1 != len2) + return False; + + *len += len2; + + return True; +} + /**************************************************************************** Useful pair of routines for packing/unpacking data consisting of integers and strings. diff --git a/source3/utils/editreg.c b/source3/utils/editreg.c index 9123de18c8..e69de29bb2 100644 --- a/source3/utils/editreg.c +++ b/source3/utils/editreg.c @@ -1,4150 +0,0 @@ -/* - Samba Unix/Linux SMB client utility editreg.c - Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -/************************************************************************* - - A utility to edit a Windows NT/2K etc registry file. - - Many of the ideas in here come from other people and software. - I first looked in Wine in misc/registry.c and was also influenced by - http://www.wednesday.demon.co.uk/dosreg.html - - Which seems to contain comments from someone else. I reproduce them here - incase the site above disappears. It actually comes from - http://home.eunet.no/~pnordahl/ntpasswd/WinReg.txt. - - The goal here is to read the registry into memory, manipulate it, and then - write it out if it was changed by any actions of the user. - -The windows NT registry has 2 different blocks, where one can occur many -times... - -the "regf"-Block -================ - -"regf" is obviosly the abbreviation for "Registry file". "regf" is the -signature of the header-block which is always 4kb in size, although only -the first 64 bytes seem to be used and a checksum is calculated over -the first 0x200 bytes only! - -Offset Size Contents -0x00000000 D-Word ID: ASCII-"regf" = 0x66676572 -0x00000004 D-Word ???? //see struct REGF -0x00000008 D-Word ???? Always the same value as at 0x00000004 -0x0000000C Q-Word last modify date in WinNT date-format -0x00000014 D-Word 1 -0x00000018 D-Word 3 -0x0000001C D-Word 0 -0x00000020 D-Word 1 -0x00000024 D-Word Offset of 1st key record -0x00000028 D-Word Size of the data-blocks (Filesize-4kb) -0x0000002C D-Word 1 -0x000001FC D-Word Sum of all D-Words from 0x00000000 to -0x000001FB //XOR of all words. Nigel - -I have analyzed more registry files (from multiple machines running -NT 4.0 german version) and could not find an explanation for the values -marked with ???? the rest of the first 4kb page is not important... - -the "hbin"-Block -================ -I don't know what "hbin" stands for, but this block is always a multiple -of 4kb in size. - -Inside these hbin-blocks the different records are placed. The memory- -management looks like a C-compiler heap management to me... - -hbin-Header -=========== -Offset Size Contents -0x0000 D-Word ID: ASCII-"hbin" = 0x6E696268 -0x0004 D-Word Offset from the 1st hbin-Block -0x0008 D-Word Offset to the next hbin-Block -0x001C D-Word Block-size - -The values in 0x0008 and 0x001C should be the same, so I don't know -if they are correct or swapped... - -From offset 0x0020 inside a hbin-block data is stored with the following -format: - -Offset Size Contents -0x0000 D-Word Data-block size //this size must be a -multiple of 8. Nigel -0x0004 ???? Data - -If the size field is negative (bit 31 set), the corresponding block -is free and has a size of -blocksize! - -That does not seem to be true. All block lengths seem to be negative! -(Richard Sharpe) - -The data is stored as one record per block. Block size is a multiple -of 4 and the last block reaches the next hbin-block, leaving no room. - -(That also seems incorrect, in that the block size if a multiple of 8. -That is, the block, including the 4 byte header, is always a multiple of -8 bytes. Richard Sharpe.) - -Records in the hbin-blocks -========================== - -nk-Record - - The nk-record can be treated as a kombination of tree-record and - key-record of the win 95 registry. - -lf-Record - - The lf-record is the counterpart to the RGKN-record (the - hash-function) - -vk-Record - - The vk-record consists information to a single value. - -sk-Record - - sk (? Security Key ?) is the ACL of the registry. - -Value-Lists - - The value-lists contain information about which values are inside a - sub-key and don't have a header. - -Datas - - The datas of the registry are (like the value-list) stored without a - header. - -All offset-values are relative to the first hbin-block and point to the -block-size field of the record-entry. to get the file offset, you have to add -the header size (4kb) and the size field (4 bytes)... - -the nk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"nk" = 0x6B6E -0x0002 Word for the root-key: 0x2C, otherwise 0x20 //key symbolic links 0x10. Nigel -0x0004 Q-Word write-date/time in windows nt notation -0x0010 D-Word Offset of Owner/Parent key -0x0014 D-Word number of sub-Keys -0x001C D-Word Offset of the sub-key lf-Records -0x0024 D-Word number of values -0x0028 D-Word Offset of the Value-List -0x002C D-Word Offset of the sk-Record - -0x0030 D-Word Offset of the Class-Name //see NK structure for the use of these fields. Nigel -0x0044 D-Word Unused (data-trash) //some kind of run time index. Does not appear to be important. Nigel -0x0048 Word name-length -0x004A Word class-name length -0x004C ???? key-name - -the Value-List -============== -Offset Size Contents -0x0000 D-Word Offset 1st Value -0x0004 D-Word Offset 2nd Value -0x???? D-Word Offset nth Value - -To determine the number of values, you have to look at the owner-nk-record! - -Der vk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"vk" = 0x6B76 -0x0002 Word name length -0x0004 D-Word length of the data //if top bit is set when offset contains data. Nigel -0x0008 D-Word Offset of Data -0x000C D-Word Type of value -0x0010 Word Flag -0x0012 Word Unused (data-trash) -0x0014 ???? Name - -If bit 0 of the flag-word is set, a name is present, otherwise the value has no name (=default) - -If the data-size is lower 5, the data-offset value is used to store the data itself! - -The data-types -============== -Wert Beteutung -0x0001 RegSZ: character string (in UNICODE!) -0x0002 ExpandSZ: string with "%var%" expanding (UNICODE!) -0x0003 RegBin: raw-binary value -0x0004 RegDWord: Dword -0x0007 RegMultiSZ: multiple strings, seperated with 0 - (UNICODE!) - -The "lf"-record -=============== -Offset Size Contents -0x0000 Word ID: ASCII-"lf" = 0x666C -0x0002 Word number of keys -0x0004 ???? Hash-Records - -Hash-Record -=========== -Offset Size Contents -0x0000 D-Word Offset of corresponding "nk"-Record -0x0004 D-Word ASCII: the first 4 characters of the key-name, padded with 0's. Case sensitiv! - -Keep in mind, that the value at 0x0004 is used for checking the data-consistency! If you change the -key-name you have to change the hash-value too! - -//These hashrecords must be sorted low to high within the lf record. Nigel. - -The "sk"-block -============== -(due to the complexity of the SAM-info, not clear jet) -(This is just a self-relative security descriptor in the data. R Sharpe.) - - -Offset Size Contents -0x0000 Word ID: ASCII-"sk" = 0x6B73 -0x0002 Word Unused -0x0004 D-Word Offset of previous "sk"-Record -0x0008 D-Word Offset of next "sk"-Record -0x000C D-Word usage-counter -0x0010 D-Word Size of "sk"-record in bytes -???? //standard self -relative security desciptor. Nigel -???? ???? Security and auditing settings... -???? - -The usage counter counts the number of references to this -"sk"-record. You can use one "sk"-record for the entire registry! - -Windows nt date/time format -=========================== -The time-format is a 64-bit integer which is incremented every -0,0000001 seconds by 1 (I don't know how accurate it realy is!) -It starts with 0 at the 1st of january 1601 0:00! All values are -stored in GMT time! The time-zone is important to get the real -time! - -Common values for win95 and win-nt -================================== -Offset values marking an "end of list", are either 0 or -1 (0xFFFFFFFF). -If a value has no name (length=0, flag(bit 0)=0), it is treated as the -"Default" entry... -If a value has no data (length=0), it is displayed as empty. - -simplyfied win-3.?? registry: -============================= - -+-----------+ -| next rec. |---+ +----->+------------+ -| first sub | | | | Usage cnt. | -| name | | +-->+------------+ | | length | -| value | | | | next rec. | | | text |------->+-------+ -+-----------+ | | | name rec. |--+ +------------+ | xxxxx | - +------------+ | | value rec. |-------->+------------+ +-------+ - v | +------------+ | Usage cnt. | -+-----------+ | | length | -| next rec. | | | text |------->+-------+ -| first sub |------+ +------------+ | xxxxx | -| name | +-------+ -| value | -+-----------+ - -Greatly simplyfied structure of the nt-registry: -================================================ - -+---------------------------------------------------------------+ -| | -v | -+---------+ +---------->+-----------+ +----->+---------+ | -| "nk" | | | lf-rec. | | | nk-rec. | | -| ID | | | # of keys | | | parent |---+ -| Date | | | 1st key |--+ | .... | -| parent | | +-----------+ +---------+ -| suk-keys|-----+ -| values |--------------------->+----------+ -| SK-rec. |---------------+ | 1. value |--> +----------+ -| class |--+ | +----------+ | vk-rec. | -+---------+ | | | .... | - v | | data |--> +-------+ - +------------+ | +----------+ | xxxxx | - | Class name | | +-------+ - +------------+ | - v - +---------+ +---------+ - +----->| next sk |--->| Next sk |--+ - | +---| prev sk |<---| prev sk | | - | | | .... | | ... | | - | | +---------+ +---------+ | - | | ^ | - | | | | - | +--------------------+ | - +----------------------------------+ - ---------------------------------------------------------------------------- - -Hope this helps.... (Although it was "fun" for me to uncover this things, - it took me several sleepless nights ;) - - B.D. - -*************************************************************************/ - -#ifdef STANDALONE -#include <stdio.h> -#include <stdlib.h> -#include <errno.h> -#include <assert.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <unistd.h> -#include <sys/mman.h> -#include <string.h> -#include <fcntl.h> - -#define False 0 -#define True 1 -#else /* STANDALAONE */ -#include "includes.h" -#endif /* STANDALONE */ - -#define REG_KEY_LIST_SIZE 10 - -/* - * Structures for dealing with the on-disk format of the registry - */ - -#define IVAL(buf) ((unsigned int) \ - (unsigned int)*((unsigned char *)(buf)+3)<<24| \ - (unsigned int)*((unsigned char *)(buf)+2)<<16| \ - (unsigned int)*((unsigned char *)(buf)+1)<<8| \ - (unsigned int)*((unsigned char *)(buf)+0)) - -#define SVAL(buf) ((unsigned short) \ - (unsigned short)*((unsigned char *)(buf)+1)<<8| \ - (unsigned short)*((unsigned char *)(buf)+0)) - -#define CVAL(buf) ((unsigned char)*((unsigned char *)(buf))) - -#define SIVAL(buf, val) \ - ((((unsigned char *)(buf))[0])=(unsigned char)((val)&0xFF),\ - (((unsigned char *)(buf))[1])=(unsigned char)(((val)>>8)&0xFF),\ - (((unsigned char *)(buf))[2])=(unsigned char)(((val)>>16)&0xFF),\ - (((unsigned char *)(buf))[3])=(unsigned char)((val)>>24)) - -#define SSVAL(buf, val) \ - ((((unsigned char *)(buf))[0])=(unsigned char)((val)&0xFF),\ - (((unsigned char *)(buf))[1])=(unsigned char)((val)>>8)) - -static int verbose = 0; -static int print_security = 0; -static int full_print = 0; -static const char *def_owner_sid_str = NULL; - -/* - * These definitions are for the in-memory registry structure. - * It is a tree structure that mimics what you see with tools like regedit - */ - -/* - * DateTime struct for Windows - */ - -typedef struct date_time_s { - unsigned int low, high; -} NTTIME; - -/* - * Definition of a Key. It has a name, classname, date/time last modified, - * sub-keys, values, and a security descriptor - */ - -#define REG_ROOT_KEY 1 -#define REG_SUB_KEY 2 -#define REG_SYM_LINK 3 - -typedef struct key_sec_desc_s KEY_SEC_DESC; - -typedef struct reg_key_s { - char *name; /* Name of the key */ - char *class_name; - int type; /* One of REG_ROOT_KEY or REG_SUB_KEY */ - NTTIME last_mod; /* Time last modified */ - struct reg_key_s *owner; - struct key_list_s *sub_keys; - struct val_list_s *values; - KEY_SEC_DESC *security; - unsigned int offset; /* Offset of the record in the file */ -} REG_KEY; - -/* - * The KEY_LIST struct lists sub-keys. - */ - -typedef struct key_list_s { - int key_count; - int max_keys; - REG_KEY *keys[1]; -} KEY_LIST; - -typedef struct val_key_s { - char *name; - int has_name; - int data_type; - int data_len; - void *data_blk; /* Might want a separate block */ -} VAL_KEY; - -typedef struct val_list_s { - int val_count; - int max_vals; - VAL_KEY *vals[1]; -} VAL_LIST; - -#ifndef MAXSUBAUTHS -#define MAXSUBAUTHS 15 -#endif - -typedef struct sid_s { - unsigned char ver, auths; - unsigned char auth[6]; - unsigned int sub_auths[MAXSUBAUTHS]; -} sid_t; - -typedef struct ace_struct_s { - unsigned char type, flags; - unsigned int perms; /* Perhaps a better def is in order */ - sid_t *trustee; -} ACE; - -typedef struct acl_struct_s { - unsigned short rev, refcnt; - unsigned short num_aces; - ACE *aces[1]; -} ACL; - -typedef struct sec_desc_s { - unsigned int rev, type; - sid_t *owner, *group; - ACL *sacl, *dacl; -} SEC_DESC; - -#define SEC_DESC_NON 0 -#define SEC_DESC_RES 1 -#define SEC_DESC_OCU 2 -#define SEC_DESC_NBK 3 -typedef struct sk_struct SK_HDR; -struct key_sec_desc_s { - struct key_sec_desc_s *prev, *next; - int ref_cnt; - int state; - int offset; - SK_HDR *sk_hdr; /* This means we must keep the registry in memory */ - SEC_DESC *sec_desc; -}; - -/* - * All of the structures below actually have a four-byte length before them - * which always seems to be negative. The following macro retrieves that - * size as an integer - */ - -#define BLK_SIZE(b) ((int)*(int *)(((int *)b)-1)) - -typedef unsigned int DWORD; -typedef unsigned short WORD; - -#define REG_REGF_ID 0x66676572 - -typedef struct regf_block { - DWORD REGF_ID; /* regf */ - DWORD uk1; - DWORD uk2; - DWORD tim1, tim2; - DWORD uk3; /* 1 */ - DWORD uk4; /* 3 */ - DWORD uk5; /* 0 */ - DWORD uk6; /* 1 */ - DWORD first_key; /* offset */ - unsigned int dblk_size; - DWORD uk7[116]; /* 1 */ - DWORD chksum; -} REGF_HDR; - -typedef struct hbin_sub_struct { - DWORD dblocksize; - char data[1]; -} HBIN_SUB_HDR; - -#define REG_HBIN_ID 0x6E696268 - -typedef struct hbin_struct { - DWORD HBIN_ID; /* hbin */ - DWORD off_from_first; - DWORD off_to_next; - DWORD uk1; - DWORD uk2; - DWORD uk3; - DWORD uk4; - DWORD blk_size; - HBIN_SUB_HDR hbin_sub_hdr; -} HBIN_HDR; - -#define REG_NK_ID 0x6B6E - -typedef struct nk_struct { - WORD NK_ID; - WORD type; - DWORD t1, t2; - DWORD uk1; - DWORD own_off; - DWORD subk_num; - DWORD uk2; - DWORD lf_off; - DWORD uk3; - DWORD val_cnt; - DWORD val_off; - DWORD sk_off; - DWORD clsnam_off; - DWORD unk4[4]; - DWORD unk5; - WORD nam_len; - WORD clsnam_len; - char key_nam[1]; /* Actual length determined by nam_len */ -} NK_HDR; - -#define REG_SK_ID 0x6B73 - -struct sk_struct { - WORD SK_ID; - WORD uk1; - DWORD prev_off; - DWORD next_off; - DWORD ref_cnt; - DWORD rec_size; - char sec_desc[1]; -}; - -typedef struct ace_struct { - unsigned char type; - unsigned char flags; - unsigned short length; - unsigned int perms; - sid_t trustee; -} REG_ACE; - -typedef struct acl_struct { - WORD rev; - WORD size; - DWORD num_aces; - REG_ACE *aces; /* One or more ACEs */ -} REG_ACL; - -typedef struct sec_desc_rec { - WORD rev; - WORD type; - DWORD owner_off; - DWORD group_off; - DWORD sacl_off; - DWORD dacl_off; -} REG_SEC_DESC; - -typedef struct hash_struct { - DWORD nk_off; - char hash[4]; -} HASH_REC; - -#define REG_LF_ID 0x666C - -typedef struct lf_struct { - WORD LF_ID; - WORD key_count; - struct hash_struct hr[1]; /* Array of hash records, depending on key_count */ -} LF_HDR; - -typedef DWORD VL_TYPE[1]; /* Value list is an array of vk rec offsets */ - -#define REG_VK_ID 0x6B76 - -typedef struct vk_struct { - WORD VK_ID; - WORD nam_len; - DWORD dat_len; /* If top-bit set, offset contains the data */ - DWORD dat_off; - DWORD dat_type; - WORD flag; /* =1, has name, else no name (=Default). */ - WORD unk1; - char dat_name[1]; /* Name starts here ... */ -} VK_HDR; - -#define REG_TYPE_DELETE -1 -#define REG_TYPE_NONE 0 -#define REG_TYPE_REGSZ 1 -#define REG_TYPE_EXPANDSZ 2 -#define REG_TYPE_BIN 3 -#define REG_TYPE_DWORD 4 -#define REG_TYPE_MULTISZ 7 - -typedef struct _val_str { - unsigned int val; - const char * str; -} VAL_STR; - -/* A map of sk offsets in the regf to KEY_SEC_DESCs for quick lookup etc */ -typedef struct sk_map_s { - int sk_off; - KEY_SEC_DESC *key_sec_desc; -} SK_MAP; - -/* - * This structure keeps track of the output format of the registry - */ -#define REG_OUTBLK_HDR 1 -#define REG_OUTBLK_HBIN 2 - -typedef struct hbin_blk_s { - int type, size; - struct hbin_blk_s *next; - char *data; /* The data block */ - unsigned int file_offset; /* Offset in file */ - unsigned int free_space; /* Amount of free space in block */ - unsigned int fsp_off; /* Start of free space in block */ - int complete, stored; -} HBIN_BLK; - -/* - * This structure keeps all the registry stuff in one place - */ -typedef struct regf_struct_s { - int reg_type; - char *regfile_name, *outfile_name; - int fd; - struct stat sbuf; - char *base; - int modified; - NTTIME last_mod_time; - REG_KEY *root; /* Root of the tree for this file */ - int sk_count, sk_map_size; - SK_MAP *sk_map; - const char *owner_sid_str; - SEC_DESC *def_sec_desc; - /* - * These next pointers point to the blocks used to contain the - * keys when we are preparing to write them to a file - */ - HBIN_BLK *blk_head, *blk_tail, *free_space; -} REGF; - -/* - * An API for accessing/creating/destroying items above - */ - -/* - * Iterate over the keys, depth first, calling a function for each key - * and indicating if it is terminal or non-terminal and if it has values. - * - * In addition, for each value in the list, call a value list function - */ - -typedef int (*key_print_f)(const char *path, char *key_name, char *class_name, - int root, int terminal, int values); - -typedef int (*val_print_f)(const char *path, char *val_name, int val_type, - int data_len, void *data_blk, int terminal, - int first, int last); - -typedef int (*sec_print_f)(SEC_DESC *sec_desc); - -static -int nt_key_iterator(REGF *regf, REG_KEY *key_tree, int bf, const char *path, - key_print_f key_print, sec_print_f sec_print, - val_print_f val_print); - -static -int nt_val_list_iterator(REGF *regf, VAL_LIST *val_list, int bf, char *path, - int terminal, val_print_f val_print) -{ - int i; - - if (!val_list) return 1; - - if (!val_print) return 1; - - for (i=0; i<val_list->val_count; i++) { - if (!val_print(path, val_list->vals[i]->name, val_list->vals[i]->data_type, - val_list->vals[i]->data_len, val_list->vals[i]->data_blk, - terminal, - (i == 0), - (i == val_list->val_count))) { - - return 0; - - } - } - - return 1; -} - -static -int nt_key_list_iterator(REGF *regf, KEY_LIST *key_list, int bf, - const char *path, - key_print_f key_print, sec_print_f sec_print, - val_print_f val_print) -{ - int i; - - if (!key_list) return 1; - - for (i=0; i< key_list->key_count; i++) { - if (!nt_key_iterator(regf, key_list->keys[i], bf, path, key_print, - sec_print, val_print)) { - return 0; - } - } - return 1; -} - -static -int nt_key_iterator(REGF *regf, REG_KEY *key_tree, int bf, const char *path, - key_print_f key_print, sec_print_f sec_print, - val_print_f val_print) -{ - int path_len = strlen(path); - char *new_path; - - if (!regf || !key_tree) - return -1; - - /* List the key first, then the values, then the sub-keys */ - - if (key_print) { - - if (!(*key_print)(path, key_tree->name, - key_tree->class_name, - (key_tree->type == REG_ROOT_KEY), - (key_tree->sub_keys == NULL), - (key_tree->values?(key_tree->values->val_count):0))) - return 0; - } - - /* - * If we have a security print routine, call it - * If the security print routine returns false, stop. - */ - if (sec_print) { - if (key_tree->security && !(*sec_print)(key_tree->security->sec_desc)) - return 0; - } - - new_path = (char *)SMB_MALLOC(path_len + 1 + strlen(key_tree->name) + 1); - if (!new_path) return 0; /* Errors? */ - new_path[0] = '\0'; - strcat(new_path, path); - strcat(new_path, key_tree->name); - strcat(new_path, "\\"); - - /* - * Now, iterate through the values in the val_list - */ - - if (key_tree->values && - !nt_val_list_iterator(regf, key_tree->values, bf, new_path, - (key_tree->values!=NULL), - val_print)) { - - free(new_path); - return 0; - } - - /* - * Now, iterate through the keys in the key list - */ - - if (key_tree->sub_keys && - !nt_key_list_iterator(regf, key_tree->sub_keys, bf, new_path, key_print, - sec_print, val_print)) { - free(new_path); - return 0; - } - - free(new_path); - return 1; -} - -static -REG_KEY *nt_find_key_by_name(REG_KEY *tree, char *key); - -/* - * Find key by name in a list ... - * Take the first component and search for that in the list - */ -static -REG_KEY *nt_find_key_in_list_by_name(KEY_LIST *list, char *key) -{ - int i; - REG_KEY *res = NULL; - - if (!list || !key || !*key) return NULL; - - for (i = 0; i < list->key_count; i++) - if ((res = nt_find_key_by_name(list->keys[i], key))) - return res; - - return NULL; -} - -/* - * Find key by name in a tree ... We will assume absolute names here, but we - * need the root of the tree ... - */ -static -REG_KEY *nt_find_key_by_name(REG_KEY *tree, char *key) -{ - char *lname = NULL, *c1, *c2; - REG_KEY *tmp; - - if (!tree || !key || !*key) return NULL; - - lname = SMB_STRDUP(key); - if (!lname) return NULL; - - /* - * Make sure that the first component is correct ... - */ - c1 = lname; - c2 = strchr(c1, '\\'); - if (c2) { /* Split here ... */ - *c2 = 0; - c2++; - } - if (strcmp(c1, tree->name) != 0) goto error; - - if (c2) { - tmp = nt_find_key_in_list_by_name(tree->sub_keys, c2); - free(lname); - return tmp; - } - else { - if (lname) free(lname); - return tree; - } - error: - if (lname) free(lname); - return NULL; -} - -/* Make, delete keys */ -static -int nt_delete_val_key(VAL_KEY *val_key) -{ - - if (val_key) { - if (val_key->name) free(val_key->name); - if (val_key->data_blk) free(val_key->data_blk); - free(val_key); - }; - return 1; -} - -static -int nt_delete_val_list(VAL_LIST *vl) -{ - int i; - - if (vl) { - for (i=0; i<vl->val_count; i++) - nt_delete_val_key(vl->vals[i]); - free(vl); - } - return 1; -} - -static -int nt_delete_reg_key(REG_KEY *key, int delete_name); - -static -int nt_delete_key_list(KEY_LIST *key_list, int delete_name) -{ - int i; - - if (key_list) { - for (i=0; i<key_list->key_count; i++) - nt_delete_reg_key(key_list->keys[i], False); - free(key_list); - } - return 1; -} - -/* - * Find the key, and if it exists, delete it ... - */ -static -int nt_delete_key_by_name(REGF *regf, char *name) -{ - REG_KEY *key; - - if (!name || !*name) return 0; - - key = nt_find_key_by_name(regf->root, name); - - if (key) { - if (key == regf->root) regf->root = NULL; - return nt_delete_reg_key(key, True); - } - - return 0; - -} - -static -int nt_delete_sid(sid_t *sid) -{ - - if (sid) free(sid); - return 1; - -} - -static -int nt_delete_ace(ACE *ace) -{ - - if (ace) { - nt_delete_sid(ace->trustee); - free(ace); - } - return 1; - -} - -static -int nt_delete_acl(ACL *acl) -{ - - if (acl) { - int i; - - for (i=0; i<acl->num_aces; i++) - nt_delete_ace(acl->aces[i]); - - free(acl); - } - return 1; -} - -static -int nt_delete_sec_desc(SEC_DESC *sec_desc) -{ - - if (sec_desc) { - - nt_delete_sid(sec_desc->owner); - nt_delete_sid(sec_desc->group); - nt_delete_acl(sec_desc->sacl); - nt_delete_acl(sec_desc->dacl); - free(sec_desc); - - } - return 1; -} - -static -int nt_delete_key_sec_desc(KEY_SEC_DESC *key_sec_desc) -{ - - if (key_sec_desc) { - key_sec_desc->ref_cnt--; - if (key_sec_desc->ref_cnt<=0) { - /* - * There should always be a next and prev, even if they point to us - */ - key_sec_desc->next->prev = key_sec_desc->prev; - key_sec_desc->prev->next = key_sec_desc->next; - nt_delete_sec_desc(key_sec_desc->sec_desc); - } - } - return 1; -} - -static -int nt_delete_reg_key(REG_KEY *key, int delete_name) -{ - - if (key) { - if (key->name) free(key->name); - if (key->class_name) free(key->class_name); - - /* - * We will delete the owner if we are not the root and told to ... - */ - - if (key->owner && key->owner->sub_keys && delete_name) { - REG_KEY *own; - KEY_LIST *kl; - int i; - /* Find our owner, look in keylist for us and shuffle up */ - /* Perhaps should be a function */ - - own = key->owner; - kl = own->sub_keys; - - for (i=0; i < kl->key_count && kl->keys[i] != key ; i++) { - /* Just find the entry ... */ - } - - if (i == kl->key_count) { - fprintf(stderr, "Bad data structure. Key not found in key list of owner\n"); - } - else { - int j; - - /* - * Shuffle up. Works for the last one also - */ - for (j = i + 1; j < kl->key_count; j++) { - kl->keys[j - 1] = kl->keys[j]; - } - - kl->key_count--; - } - } - - if (key->sub_keys) nt_delete_key_list(key->sub_keys, False); - if (key->values) nt_delete_val_list(key->values); - if (key->security) nt_delete_key_sec_desc(key->security); - free(key); - } - return 1; -} - -/* - * Convert a string to a value ... - * FIXME: Error handling and convert this at command parse time ... - */ -static -void *str_to_val(int type, char *val, int *len) -{ - unsigned int *dwordp = NULL; - - if (!len || !val) return NULL; - - switch (type) { - case REG_TYPE_REGSZ: - *len = strlen(val); - return (void *)val; - - case REG_TYPE_DWORD: - dwordp = SMB_MALLOC_P(unsigned int); - if (!dwordp) return NULL; - /* Allow for ddddd and 0xhhhhh and 0ooooo */ - if (strncmp(val, "0x", 2) == 0 || strncmp(val, "0X", 2) == 0) { - sscanf(&val[2], "%X", dwordp); - } - else if (*val == '0') { - sscanf(&val[1], "%o", dwordp); - } - else { - sscanf(val, "%d", dwordp); - } - *len = sizeof(unsigned int); - return (void *)dwordp; - - /* FIXME: Implement more of these */ - - default: - return NULL; - } - - return NULL; -} - -/* - * Add a value to the key specified ... We have to parse the value some more - * based on the type to get it in the correct internal form - * An empty name will be converted to "<No Name>" before here - * Hmmm, maybe not. has_name is for that - */ -static -VAL_KEY *nt_add_reg_value(REG_KEY *key, char *name, int type, char *value) -{ - int i; - VAL_KEY *tmp = NULL; - - if (!key || !key->values || !name || !*name) return NULL; - - assert(type != REG_TYPE_DELETE); /* We never process deletes here */ - - for (i = 0; i < key->values->val_count; i++) { - if ((!key->values->vals[i]->has_name && !*name) || - (key->values->vals[i]->has_name && - strcmp(name, key->values->vals[i]->name) == 0)){ /* Change the value */ - free(key->values->vals[i]->data_blk); - key->values->vals[i]->data_blk = str_to_val(type, value, & - key->values->vals[i]->data_len); - return key->values->vals[i]; - } - } - - /* - * If we get here, the name was not found, so insert it - */ - - tmp = SMB_MALLOC_P(VAL_KEY); - if (!tmp) goto error; - - memset(tmp, 0, sizeof(VAL_KEY)); - tmp->name = SMB_STRDUP(name); - tmp->has_name = True; - if (!tmp->name) goto error; - tmp->data_type = type; - tmp->data_blk = str_to_val(type, value, &tmp->data_len); - - /* Now, add to val list */ - - if (key->values->val_count >= key->values->max_vals) { - /* - * Allocate some more space - */ - - if ((key->values = (VAL_LIST *)SMB_REALLOC_ARRAY(key->values, sizeof(VAL_LIST) + - key->values->val_count - 1 + - REG_KEY_LIST_SIZE))) { - key->values->max_vals += REG_KEY_LIST_SIZE; - } - else goto error; - } - - i = key->values->val_count; - key->values->val_count++; - key->values->vals[i] = tmp; - return tmp; - - error: - if (tmp) nt_delete_val_key(tmp); - return NULL; -} - -/* - * Delete a value. We return the value and let the caller deal with it. - */ -static -VAL_KEY *nt_delete_reg_value(REG_KEY *key, char *name) -{ - int i, j; - - if (!key || !key->values || !name || !*name) return NULL; - - /* FIXME: Allow empty value name */ - for (i = 0; i< key->values->val_count; i++) { - if ((!key->values->vals[i]->has_name && !*name) || - (key->values->vals[i]->has_name && - strcmp(name, key->values->vals[i]->name) == 0)) { - VAL_KEY *val; - - val = key->values->vals[i]; - - /* Shuffle down */ - for (j = i + 1; j < key->values->val_count; j++) - key->values->vals[j - 1] = key->values->vals[j]; - - key->values->val_count--; - - return val; - } - } - return NULL; -} - -/* - * Add a key to the tree ... We walk down the components matching until - * we don't find any. There must be a match on the first component ... - * We return the key structure for the final component as that is - * often where we want to add values ... - */ - -/* - * Convert a string of the form S-1-5-x[-y-z-r] to a SID - */ -static -int sid_string_to_sid(sid_t **sid, const char *sid_str) -{ - int i = 0, auth; - const char *lstr; - - *sid = SMB_MALLOC_P(sid_t); - if (!*sid) return 0; - - memset(*sid, 0, sizeof(sid_t)); - - if (strncmp(sid_str, "S-1-5", 5)) { - fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str); - return 0; - } - - /* We only allow strings of form S-1-5... */ - - (*sid)->ver = 1; - (*sid)->auth[5] = 5; - - lstr = sid_str + 5; - - while (1) { - if (!lstr || !lstr[0] || sscanf(lstr, "-%u", &auth) == 0) { - if (i < 1) { - fprintf(stderr, "Not of form -d-d...: %s, %u\n", lstr, i); - return 0; - } - (*sid)->auths=i; - return 1; - } - - (*sid)->sub_auths[i] = auth; - i++; - lstr = strchr(lstr + 1, '-'); - } - - /*return 1; */ /* Not Reached ... */ -} - -/* - * Create an ACE - */ -static -ACE *nt_create_ace(int type, int flags, unsigned int perms, const char *sid) -{ - ACE *ace; - - ace = SMB_MALLOC_P(ACE); - if (!ace) goto error; - ace->type = type; - ace->flags = flags; - ace->perms = perms; - if (!sid_string_to_sid(&ace->trustee, sid)) - goto error; - return ace; - - error: - if (ace) nt_delete_ace(ace); - return NULL; -} - -/* - * Create a default ACL - */ -static -ACL *nt_create_default_acl(REGF *regf) -{ - ACL *acl; - - acl = (ACL *)SMB_MALLOC(sizeof(ACL) + 7*sizeof(ACE *)); - if (!acl) goto error; - - acl->rev = 2; - acl->refcnt = 1; - acl->num_aces = 8; - - acl->aces[0] = nt_create_ace(0x00, 0x0, 0xF003F, regf->owner_sid_str); - if (!acl->aces[0]) goto error; - acl->aces[1] = nt_create_ace(0x00, 0x0, 0xF003F, "S-1-5-18"); - if (!acl->aces[1]) goto error; - acl->aces[2] = nt_create_ace(0x00, 0x0, 0xF003F, "S-1-5-32-544"); - if (!acl->aces[2]) goto error; - acl->aces[3] = nt_create_ace(0x00, 0x0, 0x20019, "S-1-5-12"); - if (!acl->aces[3]) goto error; - acl->aces[4] = nt_create_ace(0x00, 0x0B, 0x10000000, regf->owner_sid_str); - if (!acl->aces[4]) goto error; - acl->aces[5] = nt_create_ace(0x00, 0x0B, 0x10000000, "S-1-5-18"); - if (!acl->aces[5]) goto error; - acl->aces[6] = nt_create_ace(0x00, 0x0B, 0x10000000, "S-1-5-32-544"); - if (!acl->aces[6]) goto error; - acl->aces[7] = nt_create_ace(0x00, 0x0B, 0x80000000, "S-1-5-12"); - if (!acl->aces[7]) goto error; - return acl; - - error: - if (acl) nt_delete_acl(acl); - return NULL; -} - -/* - * Create a default security descriptor. We pull in things from env - * if need be - */ -static -SEC_DESC *nt_create_def_sec_desc(REGF *regf) -{ - SEC_DESC *tmp; - - tmp = SMB_MALLOC_P(SEC_DESC); - if (!tmp) return NULL; - - tmp->rev = 1; - tmp->type = 0x8004; - if (!sid_string_to_sid(&tmp->owner, "S-1-5-32-544")) goto error; - if (!sid_string_to_sid(&tmp->group, "S-1-5-18")) goto error; - tmp->sacl = NULL; - tmp->dacl = nt_create_default_acl(regf); - - return tmp; - - error: - if (tmp) nt_delete_sec_desc(tmp); - return NULL; -} - -/* - * We will implement inheritence that is based on what the parent's SEC_DESC - * says, but the Owner and Group SIDs can be overwridden from the command line - * and additional ACEs can be applied from the command line etc. - */ -static -KEY_SEC_DESC *nt_inherit_security(REG_KEY *key) -{ - - if (!key) return NULL; - return key->security; -} - -/* - * Create an initial security descriptor and init other structures, if needed - * We assume that the initial security stuff is empty ... - */ -static -KEY_SEC_DESC *nt_create_init_sec(REGF *regf) -{ - KEY_SEC_DESC *tsec = NULL; - - tsec = SMB_MALLOC_P(KEY_SEC_DESC); - if (!tsec) return NULL; - - tsec->ref_cnt = 1; - tsec->state = SEC_DESC_NBK; - tsec->offset = 0; - - tsec->sec_desc = regf->def_sec_desc; - - return tsec; -} - -/* - * Add a sub-key - */ -static -REG_KEY *nt_add_reg_key_list(REGF *regf, REG_KEY *key, char * name, int create) -{ - int i; - REG_KEY *ret = NULL, *tmp = NULL; - KEY_LIST *list; - char *lname, *c1, *c2; - - if (!key || !name || !*name) return NULL; - - list = key->sub_keys; - if (!list) { /* Create an empty list */ - - list = (KEY_LIST *)SMB_MALLOC(sizeof(KEY_LIST) + (REG_KEY_LIST_SIZE - 1) * sizeof(REG_KEY *)); - list->key_count = 0; - list->max_keys = REG_KEY_LIST_SIZE; - - } - - lname = SMB_STRDUP(name); - if (!lname) return NULL; - - c1 = lname; - c2 = strchr(c1, '\\'); - if (c2) { /* Split here ... */ - *c2 = 0; - c2++; - } - - for (i = 0; i < list->key_count; i++) { - if (strcmp(list->keys[i]->name, c1) == 0) { - ret = nt_add_reg_key_list(regf, list->keys[i], c2, create); - free(lname); - return ret; - } - } - - /* - * If we reach here we could not find the the first component - * so create it ... - */ - - if (list->key_count < list->max_keys){ - list->key_count++; - } - else { /* Create more space in the list ... */ - if (!(list = (KEY_LIST *)SMB_REALLOC(list, sizeof(KEY_LIST) + - (list->max_keys + REG_KEY_LIST_SIZE - 1) - * sizeof(REG_KEY *)))) - goto error; - - list->max_keys += REG_KEY_LIST_SIZE; - list->key_count++; - } - - /* - * add the new key at the new slot - * FIXME: Sort the list someday - */ - - /* - * We want to create the key, and then do the rest - */ - - tmp = SMB_MALLOC_P(REG_KEY); - - memset(tmp, 0, sizeof(REG_KEY)); - - tmp->name = SMB_STRDUP(c1); - if (!tmp->name) goto error; - tmp->owner = key; - tmp->type = REG_SUB_KEY; - /* - * Next, pull security from the parent, but override with - * anything passed in on the command line - */ - tmp->security = nt_inherit_security(key); - - list->keys[list->key_count - 1] = tmp; - - if (c2) { - ret = nt_add_reg_key_list(regf, key, c2, True); - } - - if (lname) free(lname); - - return ret; - - error: - if (tmp) free(tmp); - if (lname) free(lname); - return NULL; -} - -/* - * This routine only adds a key from the root down. - * It calls helper functions to handle sub-key lists and sub-keys - */ -static -REG_KEY *nt_add_reg_key(REGF *regf, char *name, int create) -{ - char *lname = NULL, *c1, *c2; - REG_KEY * tmp = NULL; - - /* - * Look until we hit the first component that does not exist, and - * then add from there. However, if the first component does not - * match and the path we are given is the root, then it must match - */ - if (!regf || !name || !*name) return NULL; - - lname = SMB_STRDUP(name); - if (!lname) return NULL; - - c1 = lname; - c2 = strchr(c1, '\\'); - if (c2) { /* Split here ... */ - *c2 = 0; - c2++; - } - - /* - * If the root does not exist, create it and make it equal to the - * first component ... - */ - - if (!regf->root) { - - tmp = SMB_MALLOC_P(REG_KEY); - if (!tmp) goto error; - memset(tmp, 0, sizeof(REG_KEY)); - tmp->name = SMB_STRDUP(c1); - if (!tmp->name) goto error; - tmp->security = nt_create_init_sec(regf); - if (!tmp->security) goto error; - regf->root = tmp; - - } - else { - /* - * If we don't match, then we have to return error ... - * If we do match on this component, check the next one in the - * list, and if not found, add it ... short circuit, add all the - * way down - */ - - if (strcmp(c1, regf->root->name) != 0) - goto error; - } - - tmp = nt_add_reg_key_list(regf, regf->root, c2, True); - free(lname); - return tmp; - - error: - if (tmp) free(tmp); - if (lname) free(lname); - return NULL; -} - -/* - * Load and unload a registry file. - * - * Load, loads it into memory as a tree, while unload sealizes/flattens it - */ - -/* - * Get the starting record for NT Registry file - */ - -/* - * Where we keep all the regf stuff for one registry. - * This is the structure that we use to tie the in memory tree etc - * together. By keeping separate structs, we can operate on different - * registries at the same time. - * Currently, the SK_MAP is an array of mapping structure. - * Since we only need this on input and output, we fill in the structure - * as we go on input. On output, we know how many SK items we have, so - * we can allocate the structure as we need to. - * If you add stuff here that is dynamically allocated, add the - * appropriate free statements below. - */ - -#define REGF_REGTYPE_NONE 0 -#define REGF_REGTYPE_NT 1 -#define REGF_REGTYPE_W9X 2 - -#define TTTONTTIME(r, t1, t2) (r)->last_mod_time.low = (t1); \ - (r)->last_mod_time.high = (t2); - -#define REGF_HDR_BLKSIZ 0x1000 - -#define OFF(f) ((f) + REGF_HDR_BLKSIZ + 4) -#define LOCN(base, f) ((base) + OFF(f)) - -const VAL_STR reg_type_names[] = { - { REG_TYPE_REGSZ, "REG_SZ" }, - { REG_TYPE_EXPANDSZ, "REG_EXPAND_SZ" }, - { REG_TYPE_BIN, "REG_BIN" }, - { REG_TYPE_DWORD, "REG_DWORD" }, - { REG_TYPE_MULTISZ, "REG_MULTI_SZ" }, - { 0, NULL }, -}; - -static -const char *val_to_str(unsigned int val, const VAL_STR *val_array) -{ - int i = 0; - - if (!val_array) return NULL; - - while (val_array[i].val && val_array[i].str) { - - if (val_array[i].val == val) return val_array[i].str; - i++; - - } - - return NULL; - -} - -/* - * Convert from UniCode to Ascii ... Does not take into account other lang - * Restrict by ascii_max if > 0 - */ -static -int uni_to_ascii(unsigned char *uni, unsigned char *ascii, int ascii_max, - int uni_max) -{ - int i = 0; - - while (i < ascii_max && !(!uni[i*2] && !uni[i*2+1])) { - if (uni_max > 0 && (i*2) >= uni_max) break; - ascii[i] = uni[i*2]; - i++; - - } - - ascii[i] = '\0'; - - return i; -} - -/* - * Convert a data value to a string for display - */ -static -int data_to_ascii(unsigned char *datap, int len, int type, char *ascii, int ascii_max) -{ - unsigned char *asciip; - int i; - - switch (type) { - case REG_TYPE_REGSZ: - if (verbose) fprintf(stderr, "Len: %d\n", len); - /* FIXME. This has to be fixed. It has to be UNICODE */ - return uni_to_ascii(datap, ascii, len, ascii_max); - break; /*NOTREACHED*/ - - case REG_TYPE_EXPANDSZ: - return uni_to_ascii(datap, ascii, len, ascii_max); - break; - - case REG_TYPE_BIN: - asciip = ascii; - for (i=0; (i<len)&&(i+1)*3<ascii_max; i++) { - int str_rem = ascii_max - ((int)asciip - (int)ascii); - asciip += snprintf(asciip, str_rem, "%02x", *(unsigned char *)(datap+i)); - if (i < len && str_rem > 0) - *asciip = ' '; asciip++; - } - *asciip = '\0'; - return ((int)asciip - (int)ascii); - break; - - case REG_TYPE_DWORD: - if (*(int *)datap == 0) - return snprintf(ascii, ascii_max, "0"); - else - return snprintf(ascii, ascii_max, "0x%x", *(int *)datap); - break; - - case REG_TYPE_MULTISZ: - - break; - - default: - return 0; - break; - } - - return len; - -} - -static -REG_KEY *nt_get_key_tree(REGF *regf, NK_HDR *nk_hdr, int size, REG_KEY *parent); - -static -int nt_set_regf_input_file(REGF *regf, char *filename) -{ - return ((regf->regfile_name = SMB_STRDUP(filename)) != NULL); -} - -static -int nt_set_regf_output_file(REGF *regf, char *filename) -{ - return ((regf->outfile_name = SMB_STRDUP(filename)) != NULL); -} - -/* Create a regf structure and init it */ - -static -REGF *nt_create_regf(void) -{ - REGF *tmp = SMB_MALLOC_P(REGF); - if (!tmp) return tmp; - memset(tmp, 0, sizeof(REGF)); - tmp->owner_sid_str = def_owner_sid_str; - return tmp; -} - -/* Free all the bits and pieces ... Assumes regf was malloc'd */ -/* If you add stuff to REGF, add the relevant free bits here */ -static -int nt_free_regf(REGF *regf) -{ - if (!regf) return 0; - - if (regf->regfile_name) free(regf->regfile_name); - if (regf->outfile_name) free(regf->outfile_name); - - nt_delete_reg_key(regf->root, False); /* Free the tree */ - free(regf->sk_map); - regf->sk_count = regf->sk_map_size = 0; - - free(regf); - - return 1; -} - -/* Get the header of the registry. Return a pointer to the structure - * If the mmap'd area has not been allocated, then mmap the input file - */ -static -REGF_HDR *nt_get_regf_hdr(REGF *regf) -{ - if (!regf) - return NULL; /* What about errors */ - - if (!regf->regfile_name) - return NULL; /* What about errors */ - - if (!regf->base) { /* Try to mmap etc the file */ - - if ((regf->fd = open(regf->regfile_name, O_RDONLY, 0000)) <0) { - return NULL; /* What about errors? */ - } - - if (fstat(regf->fd, ®f->sbuf) < 0) { - return NULL; - } - - regf->base = mmap(0, regf->sbuf.st_size, PROT_READ, MAP_SHARED, regf->fd, 0); - - if ((int)regf->base == 1) { - fprintf(stderr, "Could not mmap file: %s, %s\n", regf->regfile_name, - strerror(errno)); - return NULL; - } - } - - /* - * At this point, regf->base != NULL, and we should be able to read the - * header - */ - - assert(regf->base != NULL); - - return (REGF_HDR *)regf->base; -} - -/* - * Validate a regf header - * For now, do nothing, but we should check the checksum - */ -static -int valid_regf_hdr(REGF_HDR *regf_hdr) -{ - if (!regf_hdr) return 0; - - return 1; -} - -/* - * Process an SK header ... - * Every time we see a new one, add it to the map. Otherwise, just look it up. - * We will do a simple linear search for the moment, since many KEYs have the - * same security descriptor. - * We allocate the map in increments of 10 entries. - */ - -/* - * Create a new entry in the map, and increase the size of the map if needed - */ -static -SK_MAP *alloc_sk_map_entry(REGF *regf, KEY_SEC_DESC *tmp, int sk_off) -{ - if (!regf->sk_map) { /* Allocate a block of 10 */ - regf->sk_map = SMB_MALLOC_ARRAY(SK_MAP, 10); - if (!regf->sk_map) { - free(tmp); - return NULL; - } - regf->sk_map_size = 10; - regf->sk_count = 1; - (regf->sk_map)[0].sk_off = sk_off; - (regf->sk_map)[0].key_sec_desc = tmp; - } - else { /* Simply allocate a new slot, unless we have to expand the list */ - int ndx = regf->sk_count; - if (regf->sk_count >= regf->sk_map_size) { - regf->sk_map = (SK_MAP *)SMB_REALLOC(regf->sk_map, - (regf->sk_map_size + 10)*sizeof(SK_MAP)); - if (!regf->sk_map) { - free(tmp); - return NULL; - } - /* - * ndx already points at the first entry of the new block - */ - regf->sk_map_size += 10; - } - (regf->sk_map)[ndx].sk_off = sk_off; - (regf->sk_map)[ndx].key_sec_desc = tmp; - regf->sk_count++; - } - return regf->sk_map; -} - -/* - * Search for a KEY_SEC_DESC in the sk_map, but don't create one if not - * found - */ -static -KEY_SEC_DESC *lookup_sec_key(SK_MAP *sk_map, int count, int sk_off) -{ - int i; - - if (!sk_map) return NULL; - - for (i = 0; i < count; i++) { - - if (sk_map[i].sk_off == sk_off) - return sk_map[i].key_sec_desc; - - } - - return NULL; - -} - -/* - * Allocate a KEY_SEC_DESC if we can't find one in the map - */ -static -KEY_SEC_DESC *lookup_create_sec_key(REGF *regf, SK_MAP *sk_map, int sk_off) -{ - KEY_SEC_DESC *tmp = lookup_sec_key(regf->sk_map, regf->sk_count, sk_off); - - if (tmp) { - return tmp; - } - else { /* Allocate a new one */ - tmp = SMB_MALLOC_P(KEY_SEC_DESC); - if (!tmp) { - return NULL; - } - memset(tmp, 0, sizeof(KEY_SEC_DESC)); /* Neatly sets offset to 0 */ - tmp->state = SEC_DESC_RES; - if (!alloc_sk_map_entry(regf, tmp, sk_off)) { - return NULL; - } - return tmp; - } -} - -/* - * Allocate storage and duplicate a SID - * We could allocate the SID to be only the size needed, but I am too lazy. - */ -static -sid_t *dup_sid(sid_t *sid) -{ - sid_t *tmp = SMB_MALLOC_P(sid_t); - int i; - - if (!tmp) return NULL; - tmp->ver = sid->ver; - tmp->auths = sid->auths; - for (i=0; i<6; i++) { - tmp->auth[i] = sid->auth[i]; - } - for (i=0; i<tmp->auths&&i<MAXSUBAUTHS; i++) { - tmp->sub_auths[i] = sid->sub_auths[i]; - } - return tmp; -} - -/* - * Allocate space for an ACE and duplicate the registry encoded one passed in - */ -static -ACE *dup_ace(REG_ACE *ace) -{ - ACE *tmp = NULL; - - tmp = SMB_MALLOC_P(ACE); - - if (!tmp) return NULL; - - tmp->type = CVAL(&ace->type); - tmp->flags = CVAL(&ace->flags); - tmp->perms = IVAL(&ace->perms); - tmp->trustee = dup_sid(&ace->trustee); - return tmp; -} - -/* - * Allocate space for an ACL and duplicate the registry encoded one passed in - */ -static -ACL *dup_acl(REG_ACL *acl) -{ - ACL *tmp = NULL; - REG_ACE* ace; - int i, num_aces; - - num_aces = IVAL(&acl->num_aces); - - tmp = (ACL *)SMB_MALLOC(sizeof(ACL) + (num_aces - 1)*sizeof(ACE *)); - if (!tmp) return NULL; - - tmp->num_aces = num_aces; - tmp->refcnt = 1; - tmp->rev = SVAL(&acl->rev); - if (verbose) fprintf(stdout, "ACL: refcnt: %u, rev: %u\n", tmp->refcnt, - tmp->rev); - ace = (REG_ACE *)&acl->aces; - for (i=0; i<num_aces; i++) { - tmp->aces[i] = dup_ace(ace); - ace = (REG_ACE *)((char *)ace + SVAL(&ace->length)); - /* XXX: FIXME, should handle malloc errors */ - } - - return tmp; -} - -static -SEC_DESC *process_sec_desc(REGF *regf, REG_SEC_DESC *sec_desc) -{ - SEC_DESC *tmp = NULL; - - tmp = SMB_MALLOC_P(SEC_DESC); - - if (!tmp) { - return NULL; - } - - tmp->rev = SVAL(&sec_desc->rev); - tmp->type = SVAL(&sec_desc->type); - if (verbose) fprintf(stdout, "SEC_DESC Rev: %0X, Type: %0X\n", - tmp->rev, tmp->type); - if (verbose) fprintf(stdout, "SEC_DESC Owner Off: %0X\n", - IVAL(&sec_desc->owner_off)); - if (verbose) fprintf(stdout, "SEC_DESC Group Off: %0X\n", - IVAL(&sec_desc->group_off)); - if (verbose) fprintf(stdout, "SEC_DESC DACL Off: %0X\n", - IVAL(&sec_desc->dacl_off)); - tmp->owner = dup_sid((sid_t *)((char *)sec_desc + IVAL(&sec_desc->owner_off))); - if (!tmp->owner) { - free(tmp); - return NULL; - } - tmp->group = dup_sid((sid_t *)((char *)sec_desc + IVAL(&sec_desc->group_off))); - if (!tmp->group) { - free(tmp); - return NULL; - } - - /* Now pick up the SACL and DACL */ - - if (sec_desc->sacl_off) - tmp->sacl = dup_acl((REG_ACL *)((char *)sec_desc + IVAL(&sec_desc->sacl_off))); - else - tmp->sacl = NULL; - - if (sec_desc->dacl_off) - tmp->dacl = dup_acl((REG_ACL *)((char *)sec_desc + IVAL(&sec_desc->dacl_off))); - else - tmp->dacl = NULL; - - return tmp; -} - -static -KEY_SEC_DESC *process_sk(REGF *regf, SK_HDR *sk_hdr, int sk_off, int size) -{ - KEY_SEC_DESC *tmp = NULL; - int sk_next_off, sk_prev_off, sk_size; - REG_SEC_DESC *sec_desc; - - if (!sk_hdr) return NULL; - - if (SVAL(&sk_hdr->SK_ID) != REG_SK_ID) { - fprintf(stderr, "Unrecognized SK Header ID: %08X, %s\n", (int)sk_hdr, - regf->regfile_name); - return NULL; - } - - if (-size < (sk_size = IVAL(&sk_hdr->rec_size))) { - fprintf(stderr, "Incorrect SK record size: %d vs %d. %s\n", - -size, sk_size, regf->regfile_name); - return NULL; - } - - /* - * Now, we need to look up the SK Record in the map, and return it - * Since the map contains the SK_OFF mapped to KEY_SEC_DESC, we can - * use that - */ - - if (regf->sk_map && - ((tmp = lookup_sec_key(regf->sk_map, regf->sk_count, sk_off)) != NULL) - && (tmp->state == SEC_DESC_OCU)) { - tmp->ref_cnt++; - return tmp; - } - - /* Here, we have an item in the map that has been reserved, or tmp==NULL. */ - - assert(tmp == NULL || (tmp && tmp->state != SEC_DESC_NON)); - - /* - * Now, allocate a KEY_SEC_DESC, and parse the structure here, and add the - * new KEY_SEC_DESC to the mapping structure, since the offset supplied is - * the actual offset of structure. The same offset will be used by - * all future references to this structure - * We could put all this unpleasantness in a function. - */ - - if (!tmp) { - tmp = SMB_MALLOC_P(KEY_SEC_DESC); - if (!tmp) return NULL; - memset(tmp, 0, sizeof(KEY_SEC_DESC)); - - /* - * Allocate an entry in the SK_MAP ... - * We don't need to free tmp, because that is done for us if the - * sm_map entry can't be expanded when we need more space in the map. - */ - - if (!alloc_sk_map_entry(regf, tmp, sk_off)) { - return NULL; - } - } - - tmp->ref_cnt++; - tmp->state = SEC_DESC_OCU; - - /* - * Now, process the actual sec desc and plug the values in - */ - - sec_desc = (REG_SEC_DESC *)&sk_hdr->sec_desc[0]; - tmp->sec_desc = process_sec_desc(regf, sec_desc); - - /* - * Now forward and back links. Here we allocate an entry in the sk_map - * if it does not exist, and mark it reserved - */ - - sk_prev_off = IVAL(&sk_hdr->prev_off); - tmp->prev = lookup_create_sec_key(regf, regf->sk_map, sk_prev_off); - assert(tmp->prev != NULL); - sk_next_off = IVAL(&sk_hdr->next_off); - tmp->next = lookup_create_sec_key(regf, regf->sk_map, sk_next_off); - assert(tmp->next != NULL); - - return tmp; -} - -/* - * Process a VK header and return a value - */ -static -VAL_KEY *process_vk(REGF *regf, VK_HDR *vk_hdr, int size) -{ - char val_name[1024]; - int nam_len, dat_len, flag, dat_type, dat_off, vk_id; - const char *val_type; - VAL_KEY *tmp = NULL; - - if (!vk_hdr) return NULL; - - if ((vk_id = SVAL(&vk_hdr->VK_ID)) != REG_VK_ID) { - fprintf(stderr, "Unrecognized VK header ID: %0X, block: %0X, %s\n", - vk_id, (int)vk_hdr, regf->regfile_name); - return NULL; - } - - nam_len = SVAL(&vk_hdr->nam_len); - val_name[nam_len] = '\0'; - flag = SVAL(&vk_hdr->flag); - dat_type = IVAL(&vk_hdr->dat_type); - dat_len = IVAL(&vk_hdr->dat_len); /* If top bit, offset contains data */ - dat_off = IVAL(&vk_hdr->dat_off); - - tmp = SMB_MALLOC_P(VAL_KEY); - if (!tmp) { - goto error; - } - memset(tmp, 0, sizeof(VAL_KEY)); - tmp->has_name = flag; - tmp->data_type = dat_type; - - if (flag & 0x01) { - strncpy(val_name, vk_hdr->dat_name, nam_len); - tmp->name = SMB_STRDUP(val_name); - if (!tmp->name) { - goto error; - } - } - else - strncpy(val_name, "<No Name>", 10); - - /* - * Allocate space and copy the data as a BLOB - */ - - if (dat_len) { - - char *dtmp = (char *)SMB_MALLOC(dat_len&0x7FFFFFFF); - - if (!dtmp) { - goto error; - } - - tmp->data_blk = dtmp; - - if ((dat_len&0x80000000) == 0) { /* The data is pointed to by the offset */ - char *dat_ptr = LOCN(regf->base, dat_off); - bcopy(dat_ptr, dtmp, dat_len); - } - else { /* The data is in the offset or type */ - /* - * FIXME. - * Some registry files seem to have wierd fields. If top bit is set, - * but len is 0, the type seems to be the value ... - * Not sure how to handle this last type for the moment ... - */ - dat_len = dat_len & 0x7FFFFFFF; - bcopy(&dat_off, dtmp, dat_len); - } - - tmp->data_len = dat_len; - } - - val_type = val_to_str(dat_type, reg_type_names); - - /* - * We need to save the data area as well - */ - - if (verbose) fprintf(stdout, " %s : %s : \n", val_name, val_type); - - return tmp; - - error: - if (tmp) nt_delete_val_key(tmp); - return NULL; - -} - -/* - * Process a VL Header and return a list of values - */ -static -VAL_LIST *process_vl(REGF *regf, VL_TYPE vl, int count, int size) -{ - int i, vk_off; - VK_HDR *vk_hdr; - VAL_LIST *tmp = NULL; - - if (!vl) return NULL; - - if (-size < (count+1)*sizeof(int)){ - fprintf(stderr, "Error in VL header format. Size less than space required. %d\n", -size); - return NULL; - } - - tmp = (VAL_LIST *)SMB_MALLOC(sizeof(VAL_LIST) + (count - 1) * sizeof(VAL_KEY *)); - if (!tmp) { - goto error; - } - - for (i=0; i<count; i++) { - vk_off = IVAL(&vl[i]); - vk_hdr = (VK_HDR *)LOCN(regf->base, vk_off); - tmp->vals[i] = process_vk(regf, vk_hdr, BLK_SIZE(vk_hdr)); - if (!tmp->vals[i]){ - goto error; - } - } - - tmp->val_count = count; - tmp->max_vals = count; - - return tmp; - - error: - /* XXX: FIXME, free the partially allocated structure */ - return NULL; -} - -/* - * Process an LF Header and return a list of sub-keys - */ -static -KEY_LIST *process_lf(REGF *regf, LF_HDR *lf_hdr, int size, REG_KEY *parent) -{ - int count, i, nk_off; - unsigned int lf_id; - KEY_LIST *tmp; - - if (!lf_hdr) return NULL; - - if ((lf_id = SVAL(&lf_hdr->LF_ID)) != REG_LF_ID) { - fprintf(stderr, "Unrecognized LF Header format: %0X, Block: %0X, %s.\n", - lf_id, (int)lf_hdr, regf->regfile_name); - return NULL; - } - - assert(size < 0); - - count = SVAL(&lf_hdr->key_count); - if (verbose) fprintf(stdout, "Key Count: %u\n", count); - if (count <= 0) return NULL; - - /* Now, we should allocate a KEY_LIST struct and fill it in ... */ - - tmp = (KEY_LIST *)SMB_MALLOC(sizeof(KEY_LIST) + (count - 1) * sizeof(REG_KEY *)); - if (!tmp) { - goto error; - } - - tmp->key_count = count; - tmp->max_keys = count; - - for (i=0; i<count; i++) { - NK_HDR *nk_hdr; - - nk_off = IVAL(&lf_hdr->hr[i].nk_off); - if (verbose) fprintf(stdout, "NK Offset: %0X\n", nk_off); - nk_hdr = (NK_HDR *)LOCN(regf->base, nk_off); - tmp->keys[i] = nt_get_key_tree(regf, nk_hdr, BLK_SIZE(nk_hdr), parent); - if (!tmp->keys[i]) { - goto error; - } - } - - return tmp; - - error: - if (tmp) nt_delete_key_list(tmp, False); - return NULL; -} - -/* - * This routine is passed an NK_HDR pointer and retrieves the entire tree - * from there down. It returns a REG_KEY *. - */ -static -REG_KEY *nt_get_key_tree(REGF *regf, NK_HDR *nk_hdr, int size, REG_KEY *parent) -{ - REG_KEY *tmp = NULL, *own; - int name_len, clsname_len, lf_off, val_off, val_count, sk_off, own_off; - unsigned int nk_id; - LF_HDR *lf_hdr; - VL_TYPE *vl; - SK_HDR *sk_hdr; - char key_name[1024], cls_name[1024]; - - if (!nk_hdr) return NULL; - - if ((nk_id = SVAL(&nk_hdr->NK_ID)) != REG_NK_ID) { - fprintf(stderr, "Unrecognized NK Header format: %08X, Block: %0X. %s\n", - nk_id, (int)nk_hdr, regf->regfile_name); - return NULL; - } - - assert(size < 0); - - name_len = SVAL(&nk_hdr->nam_len); - clsname_len = SVAL(&nk_hdr->clsnam_len); - - /* - * The value of -size should be ge - * (sizeof(NK_HDR) - 1 + name_len) - * The -1 accounts for the fact that we included the first byte of - * the name in the structure. clsname_len is the length of the thing - * pointed to by clsnam_off - */ - - if (-size < (sizeof(NK_HDR) - 1 + name_len)) { - fprintf(stderr, "Incorrect NK_HDR size: %d, %0X\n", -size, (int)nk_hdr); - fprintf(stderr, "Sizeof NK_HDR: %d, name_len %d, clsname_len %d\n", - sizeof(NK_HDR), name_len, clsname_len); - /*return NULL;*/ - } - - if (verbose) fprintf(stdout, "NK HDR: Name len: %d, class name len: %d\n", - name_len, clsname_len); - - /* Fish out the key name and process the LF list */ - - assert(name_len < sizeof(key_name)); - - /* Allocate the key struct now */ - tmp = SMB_MALLOC_P(REG_KEY); - if (!tmp) return tmp; - memset(tmp, 0, sizeof(REG_KEY)); - - tmp->type = (SVAL(&nk_hdr->type)==0x2C?REG_ROOT_KEY:REG_SUB_KEY); - - strncpy(key_name, nk_hdr->key_nam, name_len); - key_name[name_len] = '\0'; - - if (verbose) fprintf(stdout, "Key name: %s\n", key_name); - - tmp->name = SMB_STRDUP(key_name); - if (!tmp->name) { - goto error; - } - - /* - * Fish out the class name, it is in UNICODE, while the key name is - * ASCII :-) - */ - - if (clsname_len) { /* Just print in Ascii for now */ - char *clsnamep; - int clsnam_off; - - clsnam_off = IVAL(&nk_hdr->clsnam_off); - clsnamep = LOCN(regf->base, clsnam_off); - if (verbose) fprintf(stdout, "Class Name Offset: %0X\n", clsnam_off); - - memset(cls_name, 0, clsname_len); - uni_to_ascii(clsnamep, cls_name, sizeof(cls_name), clsname_len); - - /* - * I am keeping class name as an ascii string for the moment. - * That means it needs to be converted on output. - * It will also piss off people who need Unicode/UTF-8 strings. Sorry. - * XXX: FIXME - */ - - tmp->class_name = SMB_STRDUP(cls_name); - if (!tmp->class_name) { - goto error; - } - - if (verbose) fprintf(stdout, " Class Name: %s\n", cls_name); - - } - - /* - * Process the owner offset ... - */ - - own_off = IVAL(&nk_hdr->own_off); - own = (REG_KEY *)LOCN(regf->base, own_off); - if (verbose) fprintf(stdout, "Owner Offset: %0X\n", own_off); - - if (verbose) fprintf(stdout, " Owner locn: %0X, Our locn: %0X\n", - (unsigned int)own, (unsigned int)nk_hdr); - - /* - * We should verify that the owner field is correct ... - * for now, we don't worry ... - */ - - tmp->owner = parent; - - /* - * If there are any values, process them here - */ - - val_count = IVAL(&nk_hdr->val_cnt); - if (verbose) fprintf(stdout, "Val Count: %d\n", val_count); - if (val_count) { - - val_off = IVAL(&nk_hdr->val_off); - vl = (VL_TYPE *)LOCN(regf->base, val_off); - if (verbose) fprintf(stdout, "Val List Offset: %0X\n", val_off); - - tmp->values = process_vl(regf, *vl, val_count, BLK_SIZE(vl)); - if (!tmp->values) { - goto error; - } - - } - - /* - * Also handle the SK header ... - */ - - sk_off = IVAL(&nk_hdr->sk_off); - sk_hdr = (SK_HDR *)LOCN(regf->base, sk_off); - if (verbose) fprintf(stdout, "SK Offset: %0X\n", sk_off); - - if (sk_off != -1) { - - tmp->security = process_sk(regf, sk_hdr, sk_off, BLK_SIZE(sk_hdr)); - - } - - lf_off = IVAL(&nk_hdr->lf_off); - if (verbose) fprintf(stdout, "SubKey list offset: %0X\n", lf_off); - - /* - * No more subkeys if lf_off == -1 - */ - - if (lf_off != -1) { - - lf_hdr = (LF_HDR *)LOCN(regf->base, lf_off); - - tmp->sub_keys = process_lf(regf, lf_hdr, BLK_SIZE(lf_hdr), tmp); - if (!tmp->sub_keys){ - goto error; - } - - } - - return tmp; - - error: - if (tmp) nt_delete_reg_key(tmp, False); - return NULL; -} - -static -int nt_load_registry(REGF *regf) -{ - REGF_HDR *regf_hdr; - unsigned int regf_id, hbin_id; - HBIN_HDR *hbin_hdr; - NK_HDR *first_key; - - /* Get the header */ - - if ((regf_hdr = nt_get_regf_hdr(regf)) == NULL) { - return -1; - } - - /* Now process that header and start to read the rest in */ - - if ((regf_id = IVAL(®f_hdr->REGF_ID)) != REG_REGF_ID) { - fprintf(stderr, "Unrecognized NT registry header id: %0X, %s\n", - regf_id, regf->regfile_name); - return -1; - } - - /* - * Validate the header ... - */ - if (!valid_regf_hdr(regf_hdr)) { - fprintf(stderr, "Registry file header does not validate: %s\n", - regf->regfile_name); - return -1; - } - - /* Update the last mod date, and then go get the first NK record and on */ - - TTTONTTIME(regf, IVAL(®f_hdr->tim1), IVAL(®f_hdr->tim2)); - - /* - * The hbin hdr seems to be just uninteresting garbage. Check that - * it is there, but that is all. - */ - - hbin_hdr = (HBIN_HDR *)(regf->base + REGF_HDR_BLKSIZ); - - if ((hbin_id = IVAL(&hbin_hdr->HBIN_ID)) != REG_HBIN_ID) { - fprintf(stderr, "Unrecognized registry hbin hdr ID: %0X, %s\n", - hbin_id, regf->regfile_name); - return -1; - } - - /* - * Get a pointer to the first key from the hreg_hdr - */ - - if (verbose) fprintf(stdout, "First Key: %0X\n", - IVAL(®f_hdr->first_key)); - - first_key = (NK_HDR *)LOCN(regf->base, IVAL(®f_hdr->first_key)); - if (verbose) fprintf(stdout, "First Key Offset: %0X\n", - IVAL(®f_hdr->first_key)); - - if (verbose) fprintf(stdout, "Data Block Size: %d\n", - IVAL(®f_hdr->dblk_size)); - - if (verbose) fprintf(stdout, "Offset to next hbin block: %0X\n", - IVAL(&hbin_hdr->off_to_next)); - - if (verbose) fprintf(stdout, "HBIN block size: %0X\n", - IVAL(&hbin_hdr->blk_size)); - - /* - * Now, get the registry tree by processing that NK recursively - */ - - regf->root = nt_get_key_tree(regf, first_key, BLK_SIZE(first_key), NULL); - - assert(regf->root != NULL); - - /* - * Unmap the registry file, as we might want to read in another - * tree etc. - */ - - if (regf->base) munmap(regf->base, regf->sbuf.st_size); - regf->base = NULL; - close(regf->fd); /* Ignore the error :-) */ - - return 1; -} - -/* - * Allocate a new hbin block, set up the header for the block etc - */ -static -HBIN_BLK *nt_create_hbin_blk(REGF *regf, int size) -{ - HBIN_BLK *tmp; - HBIN_HDR *hdr; - - if (!regf || !size) return NULL; - - /* Round size up to multiple of REGF_HDR_BLKSIZ */ - - size = (size + (REGF_HDR_BLKSIZ - 1)) & ~(REGF_HDR_BLKSIZ - 1); - - tmp = (HBIN_BLK *)SMB_MALLOC_P(HBIN_BLK); - memset(tmp, 0, sizeof(HBIN_BLK)); - - tmp->data = SMB_MALLOC(size); - if (!tmp->data) goto error; - - memset(tmp->data, 0, size); /* Make it pristine */ - - tmp->size = size; - tmp->file_offset = regf->blk_tail->file_offset + regf->blk_tail->size; - - tmp->free_space = size - (sizeof(HBIN_HDR) - sizeof(HBIN_SUB_HDR)); - tmp->fsp_off = size - tmp->free_space; - - /* - * Now, build the header in the data block - */ - hdr = (HBIN_HDR *)tmp->data; - hdr->HBIN_ID = REG_HBIN_ID; - hdr->off_from_first = tmp->file_offset - REGF_HDR_BLKSIZ; - hdr->off_to_next = tmp->size; - hdr->blk_size = tmp->size; - - /* - * Now link it in - */ - - regf->blk_tail->next = tmp; - regf->blk_tail = tmp; - if (!regf->free_space) regf->free_space = tmp; - - return tmp; - error: - if (tmp) free(tmp); - return NULL; -} - -/* - * Allocate a unit of space ... and return a pointer as function param - * and the block's offset as a side effect - */ -static -void *nt_alloc_regf_space(REGF *regf, int size, unsigned int *off) -{ - int tmp = 0; - void *ret = NULL; - HBIN_BLK *blk; - - if (!regf || !size || !off) return NULL; - - assert(regf->blk_head != NULL); - - /* - * round up size to include header and then to 8-byte boundary - */ - size = (size + 4 + 7) & ~7; - - /* - * Check if there is space, if none, grab a block - */ - if (!regf->free_space) { - if (!nt_create_hbin_blk(regf, REGF_HDR_BLKSIZ)) - return NULL; - } - - /* - * Now, chain down the list of blocks looking for free space - */ - - for (blk = regf->free_space; blk != NULL; blk = blk->next) { - if (blk->free_space <= size) { - tmp = blk->file_offset + blk->fsp_off - REGF_HDR_BLKSIZ; - ret = blk->data + blk->fsp_off; - blk->free_space -= size; - blk->fsp_off += size; - - /* Insert the header */ - ((HBIN_SUB_HDR *)ret)->dblocksize = -size; - - /* - * Fix up the free space ptr - * If it is NULL, we fix it up next time - */ - - if (!blk->free_space) - regf->free_space = blk->next; - - *off = tmp; - return (((char *)ret)+4);/* The pointer needs to be to the data struct */ - } - } - - /* - * If we got here, we need to add another block, which might be - * larger than one block -- deal with that later - */ - if (nt_create_hbin_blk(regf, REGF_HDR_BLKSIZ)) { - blk = regf->free_space; - tmp = blk->file_offset + blk->fsp_off - REGF_HDR_BLKSIZ; - ret = blk->data + blk->fsp_off; - blk->free_space -= size; - blk->fsp_off += size; - - /* Insert the header */ - ((HBIN_SUB_HDR *)ret)->dblocksize = -size; - - /* - * Fix up the free space ptr - * If it is NULL, we fix it up next time - */ - - if (!blk->free_space) - regf->free_space = blk->next; - - *off = tmp; - return (((char *)ret) + 4);/* The pointer needs to be to the data struct */ - } - - return NULL; -} - -/* - * Compute the size of a SID stored ... - */ -static -unsigned int sid_size(sid_t *sid) -{ - unsigned int size; - - if (!sid) return 0; - - size = 8 + (sid->auths * sizeof(unsigned int)); - - return size; -} - -/* - * Compute the size of an ACE on disk from its components - */ -static -unsigned int ace_size(ACE *ace) -{ - unsigned int size; - - if (!ace) return 0; - - size = 8 + sid_size(ace->trustee); - - return size; -} - -/* - * Compute the size of an ACL from its components ... - */ -static -unsigned int acl_size(ACL *acl) -{ - unsigned int size; - int i; - - if (!acl) return 0; - - size = 8; - for (i = 0; i < acl->num_aces; i++) - size += ace_size(acl->aces[i]); - - return size; -} - -/* - * Compute the size of the sec desc as a self-relative SD - */ -static -unsigned int sec_desc_size(SEC_DESC *sd) -{ - unsigned int size; - - if (!sd) return 0; - - size = 20; - - if (sd->owner) size += sid_size(sd->owner); - if (sd->group) size += sid_size(sd->group); - if (sd->sacl) size += acl_size(sd->sacl); - if (sd->dacl) size += acl_size(sd->dacl); - - return size; -} - -/* - * Store a SID at the location provided - */ -static -int nt_store_SID(REGF *regf, sid_t *sid, unsigned char *locn) -{ - int i; - unsigned char *p = locn; - - if (!regf || !sid || !locn) return 0; - - *p = sid->ver; p++; - *p = sid->auths; p++; - - for (i=0; i < 6; i++) { - *p = sid->auth[i]; p++; - } - - for (i=0; i < sid->auths; i++) { - SIVAL(p, sid->sub_auths[i]); p+=4; - } - - return p - locn; - -} - -static -int nt_store_ace(REGF *regf, ACE *ace, unsigned char *locn) -{ - int size = 0; - REG_ACE *reg_ace = (REG_ACE *)locn; - unsigned char *p; - - if (!regf || !ace || !locn) return 0; - - reg_ace->type = ace->type; - reg_ace->flags = ace->flags; - - /* Deal with the length when we have stored the SID */ - - p = (unsigned char *)®_ace->perms; - - SIVAL(p, ace->perms); p += 4; - - size = nt_store_SID(regf, ace->trustee, p); - - size += 8; /* Size of the fixed header */ - - p = (unsigned char *)®_ace->length; - - SSVAL(p, size); - - return size; -} - -/* - * Store an ACL at the location provided - */ -static -int nt_store_acl(REGF *regf, ACL *acl, unsigned char *locn) -{ - int size = 0, i; - unsigned char *p = locn, *s; - - if (!regf || !acl || !locn) return 0; - - /* - * Now store the header and then the ACEs ... - */ - - SSVAL(p, acl->rev); - - p += 2; s = p; /* Save this for the size field */ - - p += 2; - - SIVAL(p, acl->num_aces); - - p += 4; - - for (i = 0; i < acl->num_aces; i++) { - size = nt_store_ace(regf, acl->aces[i], p); - p += size; - } - - size = s - locn; - SSVAL(s, size); - return size; -} - -/* - * Flatten and store the Sec Desc - * Windows lays out the DACL first, but since there is no SACL, it might be - * that first, then the owner, then the group SID. So, we do it that way - * too. - */ -static -unsigned int nt_store_sec_desc(REGF *regf, SEC_DESC *sd, char *locn) -{ - REG_SEC_DESC *rsd = (REG_SEC_DESC *)locn; - unsigned int size = 0, off = 0; - - if (!regf || !sd || !locn) return 0; - - /* - * Now, fill in the first two fields, then lay out the various fields - * as needed - */ - - rsd->rev = 0x01; - /* Self relative, DACL pres, owner and group not defaulted */ - rsd->type = 0x8004; - - off = 4 * sizeof(DWORD) + 4; - - if (sd->sacl){ - size = nt_store_acl(regf, sd->sacl, (char *)(locn + off)); - rsd->sacl_off = off; - } - else - rsd->sacl_off = 0; - - off += size; - - if (sd->dacl) { - rsd->dacl_off = off; - size = nt_store_acl(regf, sd->dacl, (char *)(locn + off)); - } - else { - rsd->dacl_off = 0; - } - - off += size; - - /* Now the owner and group SIDs */ - - if (sd->owner) { - rsd->owner_off = off; - size = nt_store_SID(regf, sd->owner, (char *)(locn + off)); - } - else { - rsd->owner_off = 0; - } - - off += size; - - if (sd->group) { - rsd->group_off = off; - size = nt_store_SID(regf, sd->group, (char *)(locn + off)); - } - else { - rsd->group_off = 0; - } - - off += size; - - return size; -} - -/* - * Store the security information - * - * If it has already been stored, just get its offset from record - * otherwise, store it and record its offset - */ -static -unsigned int nt_store_security(REGF *regf, KEY_SEC_DESC *sec) -{ - int size = 0; - unsigned int sk_off; - SK_HDR *sk_hdr; - - if (sec->offset) return sec->offset; - - /* - * OK, we don't have this one in the file yet. We must compute the - * size taken by the security descriptor as a self-relative SD, which - * means making one pass over each structure and figuring it out - */ - - size = sec_desc_size(sec->sec_desc); - - /* Allocate that much space */ - - sk_hdr = nt_alloc_regf_space(regf, size, &sk_off); - sec->sk_hdr = sk_hdr; - - if (!sk_hdr) return 0; - - /* Now, lay out the sec_desc in the space provided */ - - sk_hdr->SK_ID = REG_SK_ID; - - /* - * We can't deal with the next and prev offset in the SK_HDRs until the - * whole tree has been stored, then we can go and deal with them - */ - - sk_hdr->ref_cnt = sec->ref_cnt; - sk_hdr->rec_size = size; /* Is this correct */ - - /* Now, lay out the sec_desc */ - - if (!nt_store_sec_desc(regf, sec->sec_desc, (char *)&sk_hdr->sec_desc)) - return 0; - - return sk_off; - -} - -/* - * Store a VAL LIST - */ -static -int nt_store_val_list(REGF *regf, VAL_LIST * values) -{ - - return 0; -} - -/* - * Store a KEY in the file ... - * - * We store this depth first, and defer storing the lf struct until - * all the sub-keys have been stored. - * - * We store the NK hdr, any SK header, class name, and VK structure, then - * recurse down the LF structures ... - * - * We return the offset of the NK struct - * FIXME, FIXME, FIXME: Convert to using SIVAL and SSVAL ... - */ -static -int nt_store_reg_key(REGF *regf, REG_KEY *key) -{ - NK_HDR *nk_hdr; - unsigned int nk_off, sk_off, size; - - if (!regf || !key) return 0; - - size = sizeof(NK_HDR) + strlen(key->name) - 1; - nk_hdr = nt_alloc_regf_space(regf, size, &nk_off); - if (!nk_hdr) goto error; - - key->offset = nk_off; /* We will need this later */ - - /* - * Now fill in each field etc ... - */ - - nk_hdr->NK_ID = REG_NK_ID; - if (key->type == REG_ROOT_KEY) - nk_hdr->type = 0x2C; - else - nk_hdr->type = 0x20; - - /* FIXME: Fill in the time of last update */ - - if (key->type != REG_ROOT_KEY) - nk_hdr->own_off = key->owner->offset; - - if (key->sub_keys) - nk_hdr->subk_num = key->sub_keys->key_count; - - /* - * Now, process the Sec Desc and then store its offset - */ - - sk_off = nt_store_security(regf, key->security); - nk_hdr->sk_off = sk_off; - - /* - * Then, store the val list and store its offset - */ - if (key->values) { - nk_hdr->val_cnt = key->values->val_count; - nk_hdr->val_off = nt_store_val_list(regf, key->values); - } - else { - nk_hdr->val_off = -1; - nk_hdr->val_cnt = 0; - } - - /* - * Finally, store the subkeys, and their offsets - */ - - error: - return 0; -} - -/* - * Store the registry header ... - * We actually create the registry header block and link it to the chain - * of output blocks. - */ -static -REGF_HDR *nt_get_reg_header(REGF *regf) -{ - HBIN_BLK *tmp = NULL; - - tmp = SMB_MALLOC_P(HBIN_BLK); - if (!tmp) return 0; - - memset(tmp, 0, sizeof(HBIN_BLK)); - tmp->type = REG_OUTBLK_HDR; - tmp->size = REGF_HDR_BLKSIZ; - tmp->data = SMB_MALLOC(REGF_HDR_BLKSIZ); - if (!tmp->data) goto error; - - memset(tmp->data, 0, REGF_HDR_BLKSIZ); /* Make it pristine, unlike Windows */ - regf->blk_head = regf->blk_tail = tmp; - - return (REGF_HDR *)tmp->data; - - error: - if (tmp) free(tmp); - return NULL; -} - -/* - * Store the registry in the output file - * We write out the header and then each of the keys etc into the file - * We have to flatten the data structure ... - * - * The structures are stored in a depth-first fashion, with all records - * aligned on 8-byte boundaries, with sub-keys and values layed down before - * the lists that contain them. SK records are layed down first, however. - * The lf fields are layed down after all sub-keys have been layed down, it - * seems, including the whole tree associated with each sub-key. - */ -static -int nt_store_registry(REGF *regf) -{ - REGF_HDR *reg; - int fkey, fd; - - /* - * Get a header ... and partially fill it in ... - */ - reg = nt_get_reg_header(regf); - - /* - * Store the first key, which will store the whole thing - */ - fkey = nt_store_reg_key(regf, regf->root); - - /* - * At this point we have the registry as a series of blocks, so - * run down that series of blocks and save them ... - */ - - if (!regf->outfile_name) { - fprintf(stderr, "Cannot write file without a name!\n"); - return 0; - } - - if ((fd = open(regf->outfile_name, O_WRONLY, 0666)) < 0) { - fprintf(stderr, "Unable to create file %s: %s\n", regf->outfile_name, - strerror(errno)); - return 0; - } - - return 1; -} - -/* - * Routines to parse a REGEDIT4 file - * - * The file consists of: - * - * REGEDIT4 - * \[[-]key-path\]\n - * <value-spec>* - * - * Format: - * [cmd:]name=type:value - * - * cmd = a|d|c|add|delete|change|as|ds|cs - * - * There can be more than one key-path and value-spec. - * - * Since we want to support more than one type of file format, we - * construct a command-file structure that keeps info about the command file - */ - -#define FMT_UNREC -1 -#define FMT_REGEDIT4 0 -#define FMT_EDITREG1_1 1 - -#define FMT_STRING_REGEDIT4 "REGEDIT4" -#define FMT_STRING_EDITREG1_0 "EDITREG1.0" - -#define CMD_NONE 0 -#define CMD_ADD_KEY 1 -#define CMD_DEL_KEY 2 - -#define CMD_KEY 1 -#define CMD_VAL 2 - -typedef struct val_spec_list { - struct val_spec_list *next; - char *name; - int type; - char *val; /* Kept as a char string, really? */ -} VAL_SPEC_LIST; - -typedef struct command_s { - int cmd; - char *key; - int val_count; - VAL_SPEC_LIST *val_spec_list, *val_spec_last; -} CMD; - -typedef struct cmd_line { - int len, line_len; - char *line; -} CMD_LINE; - -static -void free_val_spec_list(VAL_SPEC_LIST *vl) -{ - if (!vl) return; - if (vl->name) free(vl->name); - if (vl->val) free(vl->val); - free(vl); - -} - -/* - * Some routines to handle lines of info in the command files - */ -static -void skip_to_eol(int fd) -{ - int rc; - char ch = 0; - - while ((rc = read(fd, &ch, 1)) == 1) { - if (ch == 0x0A) return; - } - if (rc < 0) { - fprintf(stderr, "Could not read file descriptor: %d, %s\n", - fd, strerror(errno)); - exit(1); - } -} - -static -void free_cmd(CMD *cmd) -{ - if (!cmd) return; - - while (cmd->val_spec_list) { - VAL_SPEC_LIST *tmp; - - tmp = cmd->val_spec_list; - cmd->val_spec_list = tmp->next; - free(tmp); - } - - free(cmd); - -} - -static -void free_cmd_line(CMD_LINE *cmd_line) -{ - if (cmd_line) { - if (cmd_line->line) free(cmd_line->line); - free(cmd_line); - } -} - -static -void print_line(struct cmd_line *cl) -{ - char *pl; - - if (!cl) return; - - if ((pl = SMB_MALLOC(cl->line_len + 1)) == NULL) { - fprintf(stderr, "Unable to allocate space to print line: %s\n", - strerror(errno)); - exit(1); - } - - strncpy(pl, cl->line, cl->line_len); - pl[cl->line_len] = 0; - - fprintf(stdout, "%s\n", pl); - free(pl); -} - -#define INIT_ALLOC 10 - -/* - * Read a line from the input file. - * NULL returned when EOF and no chars read - * Otherwise we return a cmd_line * - * Exit if other errors - */ -static -struct cmd_line *get_cmd_line(int fd) -{ - struct cmd_line *cl = SMB_MALLOC_P(CMD_LINE); - int i = 0, rc; - unsigned char ch; - - if (!cl) { - fprintf(stderr, "Unable to allocate structure for command line: %s\n", - strerror(errno)); - exit(1); - } - - cl->len = INIT_ALLOC; - - /* - * Allocate some space for the line. We extend later if needed. - */ - - if ((cl->line = (char *)SMB_MALLOC(INIT_ALLOC)) == NULL) { - fprintf(stderr, "Unable to allocate initial space for line: %s\n", - strerror(errno)); - exit(1); - } - - /* - * Now read in the chars to EOL. Don't store the EOL in the - * line. What about CR? - */ - - while ((rc = read(fd, &ch, 1)) == 1 && ch != '\n') { - if (ch == '\r') continue; /* skip CR */ - if (i == cl->len) { - /* - * Allocate some more memory - */ - if ((cl->line = SMB_REALLOC(cl->line, cl->len + INIT_ALLOC)) == NULL) { - fprintf(stderr, "Unable to realloc space for line: %s\n", - strerror(errno)); - exit(1); - } - cl->len += INIT_ALLOC; - } - cl->line[i] = ch; - i++; - } - - /* read 0 and we were at loc'n 0, return NULL */ - if (rc == 0 && i == 0) { - free_cmd_line(cl); - return NULL; - } - - cl->line_len = i; - - return cl; - -} - -/* - * parse_value: parse out a value. We pull it apart as: - * - * <value> ::= <value-name>=<type>:<value-string> - * - * <value-name> ::= char-string-without-spaces | '"' char-string '"' - * - * If it parsed OK, return the <value-name> as a string, and the - * value type and value-string in parameters. - * - * The value name can be empty. There can only be one empty name in - * a list of values. A value of - removes the value entirely. - */ -static -char *dup_str(char *s, int len) -{ - char *nstr; - nstr = (char *)SMB_MALLOC(len + 1); - if (nstr) { - memcpy(nstr, s, len); - nstr[len] = 0; - } - return nstr; -} - -static -char *parse_name(char *nstr) -{ - int len = 0, start = 0; - if (!nstr) return NULL; - - len = strlen(nstr); - - while (len && nstr[len - 1] == ' ') len--; - - nstr[len] = 0; /* Trim any spaces ... if there were none, doesn't matter */ - - /* - * Beginning and end should be '"' or neither should be so - */ - if ((nstr[0] == '"' && nstr[len - 1] != '"') || - (nstr[0] != '"' && nstr[len - 1] == '"')) - return NULL; - - if (nstr[0] == '"') { - start = 1; - len -= 2; - } - - return dup_str(&nstr[start], len); -} - -static -int parse_value_type(char *tstr) -{ - int len = strlen(tstr); - - while (len && tstr[len - 1] == ' ') len--; - tstr[len] = 0; - - if (strcmp(tstr, "REG_DWORD") == 0) - return REG_TYPE_DWORD; - else if (strcmp(tstr, "dword") == 0) - return REG_TYPE_DWORD; - else if (strcmp(tstr, "REG_EXPAND_SZ") == 0) - return REG_TYPE_EXPANDSZ; - else if (strcmp(tstr, "REG_BIN") == 0) - return REG_TYPE_BIN; - else if (strcmp(tstr, "REG_SZ") == 0) - return REG_TYPE_REGSZ; - else if (strcmp(tstr, "REG_MULTI_SZ") == 0) - return REG_TYPE_MULTISZ; - else if (strcmp(tstr, "-") == 0) - return REG_TYPE_DELETE; - - return 0; -} - -static -char *parse_val_str(char *vstr) -{ - - return dup_str(vstr, strlen(vstr)); - -} - -static -char *parse_value(struct cmd_line *cl, int *vtype, char **val) -{ - char *p1 = NULL, *p2 = NULL, *nstr = NULL, *tstr = NULL, *vstr = NULL; - - if (!cl || !vtype || !val) return NULL; - if (!cl->line_len) return NULL; - - p1 = dup_str(cl->line, cl->line_len); - /* FIXME: Better return codes etc ... */ - if (!p1) return NULL; - p2 = strchr(p1, '='); - if (!p2) return NULL; - - *p2 = 0; p2++; /* Split into two strings at p2 */ - - /* Now, parse the name ... */ - - nstr = parse_name(p1); - if (!nstr) goto error; - - /* Now, split the remainder and parse on type and val ... */ - - tstr = p2; - while (*tstr == ' ') tstr++; /* Skip leading white space */ - p2 = strchr(p2, ':'); - - if (p2) { - *p2 = 0; p2++; /* split on the : */ - } - - *vtype = parse_value_type(tstr); - - if (!vtype) goto error; - - if (!p2 || !*p2) return nstr; - - /* Now, parse the value string. It should return a newly malloc'd string */ - - while (*p2 == ' ') p2++; /* Skip leading space */ - vstr = parse_val_str(p2); - - if (!vstr) goto error; - - *val = vstr; - - return nstr; - - error: - if (p1) free(p1); - if (nstr) free(nstr); - if (vstr) free(vstr); - return NULL; -} - -/* - * Parse out a key. Look for a correctly formatted key [...] - * and whether it is a delete or add? A delete is signalled - * by a - in front of the key. - * Assumes that there are no leading and trailing spaces - */ - -static -char *parse_key(struct cmd_line *cl, int *cmd) -{ - int start = 1; - char *tmp; - - if (cl->line[0] != '[' || - cl->line[cl->line_len - 1] != ']') return NULL; - if (cl->line_len == 2) return NULL; - *cmd = CMD_ADD_KEY; - if (cl->line[1] == '-') { - if (cl->line_len == 3) return NULL; - start = 2; - *cmd = CMD_DEL_KEY; - } - tmp = SMB_MALLOC(cl->line_len - 1 - start + 1); - if (!tmp) return tmp; /* Bail out on no mem ... FIXME */ - strncpy(tmp, &cl->line[start], cl->line_len - 1 - start); - tmp[cl->line_len - 1 - start] = 0; - return tmp; -} - -/* - * Parse a line to determine if we have a key or a value - * We only check for key or val ... - */ - -static -int parse_line(struct cmd_line *cl) -{ - - if (!cl || cl->len == 0) return 0; - - if (cl->line[0] == '[') /* No further checking for now */ - return CMD_KEY; - else - return CMD_VAL; -} - -/* - * We seek to offset 0, read in the required number of bytes, - * and compare to the correct value. - * We then seek back to the original location - */ -static -int regedit4_file_type(int fd) -{ - int cur_ofs = 0; - char desc[9]; - - cur_ofs = lseek(fd, 0, SEEK_CUR); /* Get current offset */ - if (cur_ofs < 0) { - fprintf(stderr, "Unable to get current offset: %s\n", strerror(errno)); - exit(1); /* FIXME */ - } - - if (cur_ofs) { - lseek(fd, 0, SEEK_SET); - } - - if (read(fd, desc, 8) < 8) { - fprintf(stderr, "Unable to read command file format\n"); - exit(2); /* FIXME */ - } - - desc[8] = 0; - - if (strcmp(desc, FMT_STRING_REGEDIT4) == 0) { - if (cur_ofs) { - lseek(fd, cur_ofs, SEEK_SET); - } - else { - skip_to_eol(fd); - } - return FMT_REGEDIT4; - } - - return FMT_UNREC; -} - -/* - * Run though the data in the line and strip anything after a comment - * char. - */ -static -void strip_comment(struct cmd_line *cl) -{ - int i; - - if (!cl) return; - - for (i = 0; i < cl->line_len; i++) { - if (cl->line[i] == ';') { - cl->line_len = i; - return; - } - } -} - -/* - * trim leading space - */ - -static -void trim_leading_spaces(struct cmd_line *cl) -{ - int i; - - if (!cl) return; - - for (i = 0; i < cl->line_len; i++) { - if (cl->line[i] != ' '){ - if (i) memcpy(cl->line, &cl->line[i], cl->line_len - i); - return; - } - } -} - -/* - * trim trailing spaces - */ -static -void trim_trailing_spaces(struct cmd_line *cl) -{ - int i; - - if (!cl) return; - - for (i = cl->line_len; i == 0; i--) { - if (cl->line[i-1] != ' ' && - cl->line[i-1] != '\t') { - cl->line_len = i; - } - } -} - -/* - * Get a command ... This consists of possibly multiple lines: - * [key] - * values* - * possibly Empty line - * - * value ::= <value-name>=<value-type>':'<value-string> - * <value-name> is some path, possibly enclosed in quotes ... - * We alctually look for the next key to terminate a previous key - * if <value-type> == '-', then it is a delete type. - */ -static -CMD *regedit4_get_cmd(int fd) -{ - struct command_s *cmd = NULL; - struct cmd_line *cl = NULL; - struct val_spec_list *vl = NULL; - - if ((cmd = SMB_MALLOC_P(struct command_s)) == NULL) { - fprintf(stderr, "Unable to malloc space for command: %s\n", - strerror(errno)); - exit(1); - } - - cmd->cmd = CMD_NONE; - cmd->key = NULL; - cmd->val_count = 0; - cmd->val_spec_list = cmd->val_spec_last = NULL; - while ((cl = get_cmd_line(fd))) { - - /* - * If it is an empty command line, and we already have a key - * then exit from here ... FIXME: Clean up the parser - */ - - if (cl->line_len == 0 && cmd->key) { - free_cmd_line(cl); - break; - } - - strip_comment(cl); /* remove anything beyond a comment char */ - trim_trailing_spaces(cl); - trim_leading_spaces(cl); - - if (cl->line_len == 0) { /* An empty line */ - free_cmd_line(cl); - } - else { /* Else, non-empty ... */ - /* - * Parse out the bits ... - */ - switch (parse_line(cl)) { - case CMD_KEY: - if ((cmd->key = parse_key(cl, &cmd->cmd)) == NULL) { - fprintf(stderr, "Error parsing key from line: "); - print_line(cl); - fprintf(stderr, "\n"); - } - break; - - case CMD_VAL: - /* - * We need to add the value stuff to the list - * There could be a \ on the end which we need to - * handle at some time - */ - vl = SMB_MALLOC_P(struct val_spec_list); - if (!vl) goto error; - vl->next = NULL; - vl->val = NULL; - vl->name = parse_value(cl, &vl->type, &vl->val); - if (!vl->name) goto error; - if (cmd->val_spec_list == NULL) { - cmd->val_spec_list = cmd->val_spec_last = vl; - } - else { - cmd->val_spec_last->next = vl; - cmd->val_spec_last = vl; - } - cmd->val_count++; - break; - - default: - fprintf(stderr, "Unrecognized line in command file: \n"); - print_line(cl); - break; - } - } - - } - if (!cmd->cmd) goto error; /* End of file ... */ - - return cmd; - - error: - if (vl) free(vl); - if (cmd) free_cmd(cmd); - return NULL; -} - -static -int regedit4_exec_cmd(CMD *cmd) -{ - - return 0; -} - -static -int editreg_1_0_file_type(int fd) -{ - int cur_ofs = 0; - char desc[11]; - - cur_ofs = lseek(fd, 0, SEEK_CUR); /* Get current offset */ - if (cur_ofs < 0) { - fprintf(stderr, "Unable to get current offset: %s\n", strerror(errno)); - exit(1); /* FIXME */ - } - - if (cur_ofs) { - lseek(fd, 0, SEEK_SET); - } - - if (read(fd, desc, 10) < 10) { - fprintf(stderr, "Unable to read command file format\n"); - exit(2); /* FIXME */ - } - - desc[10] = 0; - - if (strcmp(desc, FMT_STRING_EDITREG1_0) == 0) { - lseek(fd, cur_ofs, SEEK_SET); - return FMT_REGEDIT4; - } - - return FMT_UNREC; -} - -static -CMD *editreg_1_0_get_cmd(int fd) -{ - return NULL; -} - -static -int editreg_1_0_exec_cmd(CMD *cmd) -{ - - return -1; -} - -typedef struct command_ops_s { - int type; - int (*file_type)(int fd); - CMD *(*get_cmd)(int fd); - int (*exec_cmd)(CMD *cmd); -} CMD_OPS; - -CMD_OPS default_cmd_ops[] = { - {0, regedit4_file_type, regedit4_get_cmd, regedit4_exec_cmd}, - {1, editreg_1_0_file_type, editreg_1_0_get_cmd, editreg_1_0_exec_cmd}, - {-1, NULL, NULL, NULL} -}; - -typedef struct command_file_s { - char *name; - int type, fd; - CMD_OPS cmd_ops; -} CMD_FILE; - -/* - * Create a new command file structure - */ - -static -CMD_FILE *cmd_file_create(char *file) -{ - CMD_FILE *tmp; - struct stat sbuf; - int i = 0; - - /* - * Let's check if the file exists ... - * No use creating the cmd_file structure if the file does not exist - */ - - if (stat(file, &sbuf) < 0) { /* Not able to access file */ - - return NULL; - } - - tmp = SMB_MALLOC_P(CMD_FILE); - if (!tmp) { - return NULL; - } - - /* - * Let's fill in some of the fields; - */ - - tmp->name = SMB_STRDUP(file); - - if ((tmp->fd = open(file, O_RDONLY, 666)) < 0) { - free(tmp); - return NULL; - } - - /* - * Now, try to find the format by indexing through the table - */ - while (default_cmd_ops[i].type != -1) { - if ((tmp->type = default_cmd_ops[i].file_type(tmp->fd)) >= 0) { - tmp->cmd_ops = default_cmd_ops[i]; - return tmp; - } - i++; - } - - /* - * If we got here, return NULL, as we could not figure out the type - * of command file. - * - * What about errors? - */ - - free(tmp); - return NULL; -} - -/* - * Extract commands from the command file, and execute them. - * We pass a table of command callbacks for that - */ - -/* - * Main code from here on ... - */ - -/* - * key print function here ... - */ - -static -int print_key(const char *path, char *name, char *class_name, int root, - int terminal, int vals) -{ - - if (full_print || terminal) fprintf(stdout, "[%s%s]\n", path, name); - - return 1; -} - -/* - * Sec Desc print functions - */ - -static -void print_type(unsigned char type) -{ - switch (type) { - case 0x00: - fprintf(stdout, " ALLOW"); - break; - case 0x01: - fprintf(stdout, " DENY"); - break; - case 0x02: - fprintf(stdout, " AUDIT"); - break; - case 0x03: - fprintf(stdout, " ALARM"); - break; - case 0x04: - fprintf(stdout, "ALLOW CPD"); - break; - case 0x05: - fprintf(stdout, "OBJ ALLOW"); - break; - case 0x06: - fprintf(stdout, " OBJ DENY"); - default: - fprintf(stdout, " UNKNOWN"); - break; - } -} - -static -void print_flags(unsigned char flags) -{ - char flg_output[21]; - int some = 0; - - flg_output[0] = 0; - if (!flags) { - fprintf(stdout, " "); - return; - } - if (flags & 0x01) { - if (some) strcat(flg_output, ","); - some = 1; - strcat(flg_output, "OI"); - } - if (flags & 0x02) { - if (some) strcat(flg_output, ","); - some = 1; - strcat(flg_output, "CI"); - } - if (flags & 0x04) { - if (some) strcat(flg_output, ","); - some = 1; - strcat(flg_output, "NP"); - } - if (flags & 0x08) { - if (some) strcat(flg_output, ","); - some = 1; - strcat(flg_output, "IO"); - } - if (flags & 0x10) { - if (some) strcat(flg_output, ","); - some = 1; - strcat(flg_output, "IA"); - } - if (flags == 0xF) { - if (some) strcat(flg_output, ","); - some = 1; - strcat(flg_output, "VI"); - } - fprintf(stdout, " %s", flg_output); -} - -static -void print_perms(int perms) -{ - fprintf(stdout, " %8X", perms); -} - -static -void print_sid(sid_t *sid) -{ - int i, comps = sid->auths; - fprintf(stdout, "S-%u-%u", sid->ver, sid->auth[5]); - - for (i = 0; i < comps; i++) { - - fprintf(stdout, "-%u", sid->sub_auths[i]); - - } - fprintf(stdout, "\n"); -} - -static -void print_acl(ACL *acl, const char *prefix) -{ - int i; - - for (i = 0; i < acl->num_aces; i++) { - fprintf(stdout, ";;%s", prefix); - print_type(acl->aces[i]->type); - print_flags(acl->aces[i]->flags); - print_perms(acl->aces[i]->perms); - fprintf(stdout, " "); - print_sid(acl->aces[i]->trustee); - } -} - -static -int print_sec(SEC_DESC *sec_desc) -{ - if (!print_security) return 1; - fprintf(stdout, ";; SECURITY\n"); - fprintf(stdout, ";; Owner: "); - print_sid(sec_desc->owner); - fprintf(stdout, ";; Group: "); - print_sid(sec_desc->group); - if (sec_desc->sacl) { - fprintf(stdout, ";; SACL:\n"); - print_acl(sec_desc->sacl, " "); - } - if (sec_desc->dacl) { - fprintf(stdout, ";; DACL:\n"); - print_acl(sec_desc->dacl, " "); - } - return 1; -} - -/* - * Value print function here ... - */ -static -int print_val(const char *path, char *val_name, int val_type, int data_len, - void *data_blk, int terminal, int first, int last) -{ - char data_asc[1024]; - - memset(data_asc, 0, sizeof(data_asc)); - if (!terminal && first) - fprintf(stdout, "%s\n", path); - data_to_ascii((unsigned char *)data_blk, data_len, val_type, data_asc, - sizeof(data_asc) - 1); - fprintf(stdout, " %s = %s : %s\n", (val_name?val_name:"<No Name>"), - val_to_str(val_type, reg_type_names), data_asc); - return 1; -} - -static -void usage(void) -{ - fprintf(stderr, "Usage: editreg [-f] [-v] [-p] [-k] [-s] [-c <command-file>] <registryfile>\n"); - fprintf(stderr, "Version: 0.1\n\n"); - fprintf(stderr, "\n\t-v\t sets verbose mode"); - fprintf(stderr, "\n\t-f\t sets full print mode where non-terminals are printed"); - fprintf(stderr, "\n\t-p\t prints the registry"); - fprintf(stderr, "\n\t-s\t prints security descriptors"); - fprintf(stderr, "\n\t-c <command-file>\t specifies a command file"); - fprintf(stderr, "\n"); -} - -int main(int argc, char *argv[]) -{ - REGF *regf; - extern char *optarg; - extern int optind; - int opt, print_keys = 0; - int regf_opt = 1; /* Command name */ - int commands = 0, modified = 0; - char *cmd_file_name = NULL; - char *out_file_name = NULL; - CMD_FILE *cmd_file = NULL; - sid_t *lsid; - - if (argc < 2) { - usage(); - exit(1); - } - - /* - * Now, process the arguments - */ - - while ((opt = getopt(argc, argv, "fspvko:O:c:")) != EOF) { - switch (opt) { - case 'c': - commands = 1; - cmd_file_name = optarg; - regf_opt += 2; - break; - - case 'f': - full_print = 1; - regf_opt++; - break; - - case 'o': - out_file_name = optarg; - regf_opt += 2; - break; - - case 'O': - def_owner_sid_str = SMB_STRDUP(optarg); - regf_opt += 2; - if (!sid_string_to_sid(&lsid, def_owner_sid_str)) { - fprintf(stderr, "Default Owner SID: %s is incorrectly formatted\n", - def_owner_sid_str); - free(&def_owner_sid_str[0]); - def_owner_sid_str = NULL; - } - else - nt_delete_sid(lsid); - break; - - case 'p': - print_keys++; - regf_opt++; - break; - - case 's': - print_security++; - full_print++; - regf_opt++; - break; - - case 'v': - verbose++; - regf_opt++; - break; - - case 'k': - regf_opt++; - break; - - default: - usage(); - exit(1); - break; - } - } - - /* - * We only want to complain about the lack of a default owner SID if - * we need one. This approximates that need - */ - if (!def_owner_sid_str) { - def_owner_sid_str = "S-1-5-21-1-2-3-4"; - if (out_file_name || verbose) - fprintf(stderr, "Warning, default owner SID not set. Setting to %s\n", - def_owner_sid_str); - } - - if ((regf = nt_create_regf()) == NULL) { - fprintf(stderr, "Could not create registry object: %s\n", strerror(errno)); - exit(2); - } - - if (regf_opt < argc) { /* We have a registry file */ - if (!nt_set_regf_input_file(regf, argv[regf_opt])) { - fprintf(stderr, "Could not set name of registry file: %s, %s\n", - argv[regf_opt], strerror(errno)); - exit(3); - } - - /* Now, open it, and bring it into memory :-) */ - - if (nt_load_registry(regf) < 0) { - fprintf(stderr, "Could not load registry: %s\n", argv[1]); - exit(4); - } - } - - if (out_file_name) { - if (!nt_set_regf_output_file(regf, out_file_name)) { - fprintf(stderr, "Could not set name of output registry file: %s, %s\n", - out_file_name, strerror(errno)); - exit(3); - } - - } - - if (commands) { - CMD *cmd; - - cmd_file = cmd_file_create(cmd_file_name); - - while ((cmd = cmd_file->cmd_ops.get_cmd(cmd_file->fd)) != NULL) { - - /* - * Now, apply the requests to the tree ... - */ - switch (cmd->cmd) { - case CMD_ADD_KEY: { - REG_KEY *tmp = NULL; - - tmp = nt_find_key_by_name(regf->root, cmd->key); - - /* If we found it, apply the other bits, else create such a key */ - - if (!tmp) { - tmp = nt_add_reg_key(regf, cmd->key, True); - modified = 1; - } - - while (cmd->val_count) { - VAL_SPEC_LIST *val = cmd->val_spec_list; - VAL_KEY *reg_val = NULL; - - if (val->type == REG_TYPE_DELETE) { - reg_val = nt_delete_reg_value(tmp, val -> name); - if (reg_val) nt_delete_val_key(reg_val); - modified = 1; - } - else { - reg_val = nt_add_reg_value(tmp, val->name, val->type, - val->val); - modified = 1; - } - - cmd->val_spec_list = val->next; - free_val_spec_list(val); - cmd->val_count--; - } - - break; - } - - case CMD_DEL_KEY: - /* - * Any value does not matter ... - * Find the key if it exists, and delete it ... - */ - - nt_delete_key_by_name(regf, cmd->key); - modified = 1; - break; - } - } - free_cmd(cmd); - } - - /* - * At this point, we should have a registry in memory and should be able - * to iterate over it. - */ - - if (print_keys) { - nt_key_iterator(regf, regf->root, 0, "", print_key, print_sec, print_val); - } - - /* - * If there was an out_file_name and the tree was modified, print it - */ - if (modified && out_file_name) - if (!nt_store_registry(regf)) { - fprintf(stdout, "Error storing registry\n"); - } - - return 0; -} diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index f558c8eafd..efeb34e53d 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -81,7 +81,7 @@ static int net_ads_lookup(int argc, const char **argv) d_printf("Didn't find the cldap server!\n"); return -1; } if (!ads->config.realm) { - ads->config.realm = CONST_DISCARD(char *, opt_target_workgroup); + ads->config.realm = opt_target_workgroup; ads->ldap_port = 389; } @@ -753,7 +753,7 @@ int net_ads_join(int argc, const char **argv) ads_msgfree(ads, res); if (rc.error_type == ENUM_ADS_ERROR_LDAP && rc.err.rc == LDAP_NO_SUCH_OBJECT) { - d_printf("ads_join: organizational unit %s does not exist (dn:%s)\n", + d_printf("ads_join_realm: organizational unit %s does not exist (dn:%s)\n", org_unit, dn); ads_destroy(&ads); return -1; @@ -761,14 +761,14 @@ int net_ads_join(int argc, const char **argv) free(dn); if (!ADS_ERR_OK(rc)) { - d_printf("ads_join: %s\n", ads_errstr(rc)); + d_printf("ads_join_realm: %s\n", ads_errstr(rc)); ads_destroy(&ads); return -1; } rc = ads_join_realm(ads, global_myname(), account_type, org_unit); if (!ADS_ERR_OK(rc)) { - d_printf("ads_join: %s\n", ads_errstr(rc)); + d_printf("ads_join_realm: %s\n", ads_errstr(rc)); ads_destroy(&ads); return -1; } @@ -1172,7 +1172,7 @@ static int net_ads_password(int argc, const char **argv) } if (argv[1]) { - new_password = CONST_DISCARD(char *, argv[1]); + new_password = (char *)argv[1]; } else { asprintf(&prompt, "Enter new password for %s:", user); new_password = getpass(prompt); diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 9aae620f6e..b08673b2bb 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -3,7 +3,8 @@ * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-2000, * Copyright (C) Jean François Micouleau 1998-2001. - * Copyright (C) Gerald Carter 2003. + * Copyright (C) Gerald Carter 2003, + * Copyright (C) Volker Lendecke 2004 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by |