summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/include/privileges.h24
-rw-r--r--source3/include/rpc_reg.h8
-rw-r--r--source3/lib/privileges.c124
-rw-r--r--source3/registry/reg_db.c14
-rw-r--r--source3/registry/reg_frontend.c3
-rw-r--r--source3/registry/reg_objects.c10
-rw-r--r--source3/registry/reg_printing.c55
-rw-r--r--source3/rpc_client/cli_reg.c14
-rw-r--r--source3/rpc_parse/parse_reg.c12
-rw-r--r--source3/rpc_server/srv_lsa_nt.c2
-rw-r--r--source3/rpc_server/srv_reg.c14
-rw-r--r--source3/rpc_server/srv_reg_nt.c26
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c7
13 files changed, 159 insertions, 154 deletions
diff --git a/source3/include/privileges.h b/source3/include/privileges.h
index 38edee84e8..052cbb6c5f 100644
--- a/source3/include/privileges.h
+++ b/source3/include/privileges.h
@@ -82,25 +82,22 @@ extern const SE_PRIV se_restore;
#define PR_LOG_ON_SERVICE 0x0010
-#ifndef _BOOL
-typedef int BOOL;
-#define _BOOL /* So we don't typedef BOOL again in vfs.h */
-#endif
-
-typedef struct LUID
-{
- uint32 low;
+typedef struct {
uint32 high;
+ uint32 low;
} LUID;
-typedef struct LUID_ATTR
-{
+typedef struct {
LUID luid;
uint32 attr;
} LUID_ATTR;
-typedef struct privilege_set
-{
+#ifndef _BOOL
+typedef int BOOL;
+#define _BOOL /* So we don't typedef BOOL again in vfs.h */
+#endif
+
+typedef struct {
TALLOC_CTX *mem_ctx;
BOOL ext_ctx;
uint32 count;
@@ -108,10 +105,11 @@ typedef struct privilege_set
LUID_ATTR *set;
} PRIVILEGE_SET;
-typedef struct _PRIVS {
+typedef struct {
SE_PRIV se_priv;
const char *name;
const char *description;
+ LUID luid;
} PRIVS;
#endif /* PRIVILEGES_H */
diff --git a/source3/include/rpc_reg.h b/source3/include/rpc_reg.h
index 7d6469bc8e..a35e534952 100644
--- a/source3/include/rpc_reg.h
+++ b/source3/include/rpc_reg.h
@@ -34,7 +34,7 @@
#define REG_OPEN_HKPD 0x03
#define REG_OPEN_HKU 0x04
#define REG_CLOSE 0x05
-#define REG_CREATE_KEY 0x06
+#define REG_CREATE_KEY_EX 0x06
#define REG_DELETE_KEY 0x07
#define REG_DELETE_VALUE 0x08
#define REG_ENUM_KEY 0x09
@@ -225,13 +225,13 @@ typedef struct {
uint32 ptr3;
SEC_DESC_BUF *data;
uint32 unknown_2; /* 0x0000 0000 */
-} REG_Q_CREATE_KEY;
+} REG_Q_CREATE_KEY_EX;
typedef struct {
POLICY_HND handle;
- uint32 unknown;
+ uint32 disposition;
WERROR status;
-} REG_R_CREATE_KEY;
+} REG_R_CREATE_KEY_EX;
/***********************************************/
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index ae98d8940f..30db2fc2bb 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -25,8 +25,6 @@
#define PRIVPREFIX "PRIV_"
-#define GENERATE_LUID_LOW(x) (x)+1;
-
static const SE_PRIV se_priv_all = SE_ALL_PRIVS;
static const SE_PRIV se_priv_end = SE_END;
@@ -43,60 +41,65 @@ const SE_PRIV se_restore = SE_RESTORE;
/********************************************************************
This is a list of privileges reported by a WIndows 2000 SP4 AD DC
- just for reference purposes:
-
- SeCreateTokenPrivilege Create a token object
- SeAssignPrimaryTokenPrivilege Replace a process level token
- SeLockMemoryPrivilege Lock pages in memory
- SeIncreaseQuotaPrivilege Increase quotas
- SeMachineAccountPrivilege Add workstations to domain
- SeTcbPrivilege Act as part of the operating system
- SeSecurityPrivilege Manage auditing and security log
- SeTakeOwnershipPrivilege Take ownership of files or other objects
- SeLoadDriverPrivilege Load and unload device drivers
- SeSystemProfilePrivilege Profile system performance
- SeSystemtimePrivilege Change the system time
- SeProfileSingleProcessPrivilege Profile single process
- SeIncreaseBasePriorityPrivilege Increase scheduling priority
- SeCreatePagefilePrivilege Create a pagefile
- SeCreatePermanentPrivilege Create permanent shared objects
- SeBackupPrivilege Back up files and directories
- SeRestorePrivilege Restore files and directories
- SeShutdownPrivilege Shut down the system
- SeDebugPrivilege Debug programs
- SeAuditPrivilege Generate security audits
- SeSystemEnvironmentPrivilege Modify firmware environment values
- SeChangeNotifyPrivilege Bypass traverse checking
- SeRemoteShutdownPrivilege Force shutdown from a remote system
- SeUndockPrivilege Remove computer from docking station
- SeSyncAgentPrivilege Synchronize directory service data
- SeEnableDelegationPrivilege Enable computer and user accounts to be trusted for delegation
- SeManageVolumePrivilege Perform volume maintenance tasks
- SeImpersonatePrivilege Impersonate a client after authentication
- SeCreateGlobalPrivilege Create global objects
-
-********************************************************************/
-
-
+ just for reference purposes (and I know the LUID is not guaranteed
+ across reboots):
+
+ SeCreateTokenPrivilege Create a token object ( 0x0, 0x2 )
+ SeAssignPrimaryTokenPrivilege Replace a process level token ( 0x0, 0x3 )
+ SeLockMemoryPrivilege Lock pages in memory ( 0x0, 0x4 )
+ SeIncreaseQuotaPrivilege Increase quotas ( 0x0, 0x5 )
+ SeMachineAccountPrivilege Add workstations to domain ( 0x0, 0x6 )
+ SeTcbPrivilege Act as part of the operating system ( 0x0, 0x7 )
+ SeSecurityPrivilege Manage auditing and security log ( 0x0, 0x8 )
+ SeTakeOwnershipPrivilege Take ownership of files or other objects ( 0x0, 0x9 )
+ SeLoadDriverPrivilege Load and unload device drivers ( 0x0, 0xa )
+ SeSystemProfilePrivilege Profile system performance ( 0x0, 0xb )
+ SeSystemtimePrivilege Change the system time ( 0x0, 0xc )
+ SeProfileSingleProcessPrivilege Profile single process ( 0x0, 0xd )
+ SeIncreaseBasePriorityPrivilege Increase scheduling priority ( 0x0, 0xe )
+ SeCreatePagefilePrivilege Create a pagefile ( 0x0, 0xf )
+ SeCreatePermanentPrivilege Create permanent shared objects ( 0x0, 0x10 )
+ SeBackupPrivilege Back up files and directories ( 0x0, 0x11 )
+ SeRestorePrivilege Restore files and directories ( 0x0, 0x12 )
+ SeShutdownPrivilege Shut down the system ( 0x0, 0x13 )
+ SeDebugPrivilege Debug programs ( 0x0, 0x14 )
+ SeAuditPrivilege Generate security audits ( 0x0, 0x15 )
+ SeSystemEnvironmentPrivilege Modify firmware environment values ( 0x0, 0x16 )
+ SeChangeNotifyPrivilege Bypass traverse checking ( 0x0, 0x17 )
+ SeRemoteShutdownPrivilege Force shutdown from a remote system ( 0x0, 0x18 )
+ SeUndockPrivilege Remove computer from docking station ( 0x0, 0x19 )
+ SeSyncAgentPrivilege Synchronize directory service data ( 0x0, 0x1a )
+ SeEnableDelegationPrivilege Enable computer and user accounts to be trusted for delegation ( 0x0, 0x1b )
+ SeManageVolumePrivilege Perform volume maintenance tasks ( 0x0, 0x1c )
+ SeImpersonatePrivilege Impersonate a client after authentication ( 0x0, 0x1d )
+ SeCreateGlobalPrivilege Create global objects ( 0x0, 0x1e )
+
+ ********************************************************************/
+
+/* we have to define the LUID here due to a horrible check by printmig.exe
+ that requires the SeBackupPrivilege match what is in Windows. So match
+ those that we implement and start Samba privileges at 0x1001 */
+
PRIVS privs[] = {
#if 0 /* usrmgr will display these twice if you include them. We don't
use them but we'll keep the bitmasks reserved in privileges.h anyways */
- {SE_NETWORK_LOGON, "SeNetworkLogonRight", "Access this computer from network"},
- {SE_INTERACTIVE_LOGON, "SeInteractiveLogonRight", "Log on locally"},
- {SE_BATCH_LOGON, "SeBatchLogonRight", "Log on as a batch job"},
- {SE_SERVICE_LOGON, "SeServiceLogonRight", "Log on as a service"},
+ {SE_NETWORK_LOGON, "SeNetworkLogonRight", "Access this computer from network", { 0x0, 0x0 }},
+ {SE_INTERACTIVE_LOGON, "SeInteractiveLogonRight", "Log on locally", { 0x0, 0x0 }},
+ {SE_BATCH_LOGON, "SeBatchLogonRight", "Log on as a batch job", { 0x0, 0x0 }},
+ {SE_SERVICE_LOGON, "SeServiceLogonRight", "Log on as a service", { 0x0, 0x0 }},
#endif
- {SE_MACHINE_ACCOUNT, "SeMachineAccountPrivilege", "Add machines to domain"},
- {SE_PRINT_OPERATOR, "SePrintOperatorPrivilege", "Manage printers"},
- {SE_ADD_USERS, "SeAddUsersPrivilege", "Add users and groups to the domain"},
- {SE_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system"},
- {SE_DISK_OPERATOR, "SeDiskOperatorPrivilege", "Manage disk shares"},
- {SE_BACKUP, "SeBackupPrivilege", "Back up files and directories"},
- {SE_RESTORE, "SeRestorePrivilege", "Restore files and directories"},
- {SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects"},
-
- {SE_END, "", ""}
+ {SE_MACHINE_ACCOUNT, "SeMachineAccountPrivilege", "Add machines to domain", { 0x0, 0x0006 }},
+ {SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects",{ 0x0, 0x0009 }},
+ {SE_BACKUP, "SeBackupPrivilege", "Back up files and directories", { 0x0, 0x0011 }},
+ {SE_RESTORE, "SeRestorePrivilege", "Restore files and directories", { 0x0, 0x0012 }},
+ {SE_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system", { 0x0, 0x0018 }},
+
+ {SE_PRINT_OPERATOR, "SePrintOperatorPrivilege", "Manage printers", { 0x0, 0x1001 }},
+ {SE_ADD_USERS, "SeAddUsersPrivilege", "Add users and groups to the domain", { 0x0, 0x1002 }},
+ {SE_DISK_OPERATOR, "SeDiskOperatorPrivilege", "Manage disk shares", { 0x0, 0x1003 }},
+
+ {SE_END, "", "", { 0x0, 0x0 }}
};
typedef struct {
@@ -109,7 +112,6 @@ typedef struct {
SID_LIST sids;
} PRIV_SID_LIST;
-
/***************************************************************************
copy an SE_PRIV structure
****************************************************************************/
@@ -402,7 +404,7 @@ LUID_ATTR get_privilege_luid( SE_PRIV *mask )
for ( i=0; !se_priv_equal(&privs[i].se_priv, &se_priv_end); i++ ) {
if ( se_priv_equal( &privs[i].se_priv, mask ) ) {
- priv_luid.luid.low = GENERATE_LUID_LOW(i);
+ priv_luid.luid = privs[i].luid;
break;
}
}
@@ -746,17 +748,19 @@ BOOL user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege)
char* luid_to_privilege_name(const LUID *set)
{
static fstring name;
- int max = count_all_privileges();
+ int i;
if (set->high != 0)
return NULL;
- if ( set->low > max )
- return NULL;
-
- fstrcpy( name, privs[set->low - 1].name );
+ for ( i=0; !se_priv_equal(&privs[i].se_priv, &se_priv_end); i++ ) {
+ if ( set->low == privs[i].luid.low ) {
+ fstrcpy( name, privs[set->low - 1].name );
+ return name;
+ }
+ }
- return name;
+ return NULL;
}
/*******************************************************************
@@ -792,7 +796,7 @@ BOOL se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask )
if ( !is_privilege_assigned(mask, &privs[i].se_priv) )
continue;
- luid.luid.low = GENERATE_LUID_LOW(i);
+ luid.luid = privs[i].luid;
if ( !privilege_set_add( set, luid ) )
return False;
diff --git a/source3/registry/reg_db.c b/source3/registry/reg_db.c
index 884949375b..741bc4127b 100644
--- a/source3/registry/reg_db.c
+++ b/source3/registry/reg_db.c
@@ -399,7 +399,7 @@ static int regdb_unpack_values(REGVAL_CTR *values, char *buf, int buflen)
int len = 0;
uint32 type;
pstring valuename;
- int size;
+ uint32 size;
uint8 *data_p;
uint32 num_values = 0;
int i;
@@ -413,17 +413,21 @@ static int regdb_unpack_values(REGVAL_CTR *values, char *buf, int buflen)
for ( i=0; i<num_values; i++ ) {
/* unpack the next regval */
+ type = REG_NONE;
+ size = 0;
+ data_p = NULL;
len += tdb_unpack(buf+len, buflen-len, "fdB",
valuename,
&type,
&size,
&data_p);
- /* add the new value */
-
- regval_ctr_addvalue( values, valuename, type, (const char *)data_p, size );
+ /* add the new value. Paranoid protective code -- make sure data_p is valid */
- SAFE_FREE(data_p); /* 'B' option to tdbpack does a malloc() */
+ if ( size && data_p ) {
+ regval_ctr_addvalue( values, valuename, type, (const char *)data_p, size );
+ SAFE_FREE(data_p); /* 'B' option to tdb_unpack does a malloc() */
+ }
DEBUG(8,("specific: [%s], len: %d\n", valuename, size));
}
diff --git a/source3/registry/reg_frontend.c b/source3/registry/reg_frontend.c
index 440f108cc9..51ad23b498 100644
--- a/source3/registry/reg_frontend.c
+++ b/source3/registry/reg_frontend.c
@@ -31,13 +31,16 @@ extern REGISTRY_OPS shares_reg_ops;
extern REGISTRY_OPS regdb_ops; /* these are the default */
/* array of REGISTRY_HOOK's which are read into a tree for easy access */
+/* #define REG_TDB_ONLY 1 */
REGISTRY_HOOK reg_hooks[] = {
+#ifndef REG_TDB_ONLY
{ KEY_PRINTING, &printing_ops },
{ KEY_PRINTING_2K, &printing_ops },
{ KEY_PRINTING_PORTS, &printing_ops },
{ KEY_EVENTLOG, &eventlog_ops },
{ KEY_SHARES, &shares_reg_ops },
+#endif
{ NULL, NULL }
};
diff --git a/source3/registry/reg_objects.c b/source3/registry/reg_objects.c
index 7ee2cd8414..b3b47ae0e1 100644
--- a/source3/registry/reg_objects.c
+++ b/source3/registry/reg_objects.c
@@ -94,7 +94,7 @@ int regsubkey_ctr_delkey( REGSUBKEY_CTR *ctr, const char *keyname )
/* update if we have any keys left */
ctr->num_subkeys--;
- if ( ctr->num_subkeys )
+ if ( i < ctr->num_subkeys )
memmove( &ctr->subkeys[i], &ctr->subkeys[i+1], sizeof(char*) * (ctr->num_subkeys-i) );
return ctr->num_subkeys;
@@ -232,7 +232,7 @@ uint8* regval_data_p( REGISTRY_VALUE *val )
/**********************************************************************
*********************************************************************/
-int regval_size( REGISTRY_VALUE *val )
+uint32 regval_size( REGISTRY_VALUE *val )
{
return val->size;
}
@@ -392,10 +392,10 @@ int regval_ctr_delvalue( REGVAL_CTR *ctr, const char *name )
if ( i == ctr->num_values )
return ctr->num_values;
- /* just shift everything down one */
+ /* If 'i' was not the last element, just shift everything down one */
ctr->num_values--;
- if ( ctr->num_values )
- memmove( ctr->values[i], ctr->values[i+1], sizeof(REGISTRY_VALUE)*(ctr->num_values-i) );
+ if ( i < ctr->num_values )
+ memmove( ctr->values[i], ctr->values[i+1], sizeof(REGISTRY_VALUE*)*(ctr->num_values-i) );
return ctr->num_values;
}
diff --git a/source3/registry/reg_printing.c b/source3/registry/reg_printing.c
index 30f2d74660..6fedb524d6 100644
--- a/source3/registry/reg_printing.c
+++ b/source3/registry/reg_printing.c
@@ -38,7 +38,6 @@ static const char *top_level_keys[MAX_TOP_LEVEL_KEYS] = {
"Forms",
"Printers"
};
-
/**********************************************************************
It is safe to assume that every registry path passed into on of
@@ -832,6 +831,7 @@ static int handle_printing_subpath( char *key, REGSUBKEY_CTR *subkeys, REGVAL_CT
return result;
}
+
/**********************************************************************
Enumerate registry subkey names given a registry path.
Caller is responsible for freeing memory to **subkeys
@@ -840,7 +840,6 @@ static int handle_printing_subpath( char *key, REGSUBKEY_CTR *subkeys, REGVAL_CT
static int printing_subkey_info( const char *key, REGSUBKEY_CTR *subkey_ctr )
{
char *path;
- BOOL top_level = False;
int num_subkeys = 0;
DEBUG(10,("printing_subkey_info: key=>[%s]\n", key));
@@ -849,25 +848,22 @@ static int printing_subkey_info( const char *key, REGSUBKEY_CTR *subkey_ctr )
/* check to see if we are dealing with the top level key */
- if ( !path )
- top_level = True;
-
- if ( top_level ) {
- /* check between the two top level keys here */
-
- if ( strequal( KEY_PRINTING, key ) ) {
- regsubkey_ctr_addkey( subkey_ctr, "Environments" );
- regsubkey_ctr_addkey( subkey_ctr, "Forms" );
- }
- else if ( strequal( KEY_PRINTING_2K, key ) ) {
- regsubkey_ctr_addkey( subkey_ctr, "Printers" );
- }
- }
- else
+ if ( path ) {
num_subkeys = handle_printing_subpath( path, subkey_ctr, NULL );
+ SAFE_FREE( path );
+ return num_subkeys;
+ }
- SAFE_FREE( path );
-
+ /* handle top level keys here */
+
+ if ( strequal( KEY_PRINTING, key ) ) {
+ regsubkey_ctr_addkey( subkey_ctr, "Environments" );
+ regsubkey_ctr_addkey( subkey_ctr, "Forms" );
+ }
+ else if ( strequal( KEY_PRINTING_2K, key ) ) {
+ regsubkey_ctr_addkey( subkey_ctr, "Printers" );
+ }
+
return num_subkeys;
}
@@ -879,25 +875,22 @@ static int printing_subkey_info( const char *key, REGSUBKEY_CTR *subkey_ctr )
static int printing_value_info( const char *key, REGVAL_CTR *val )
{
char *path;
- BOOL top_level = False;
int num_values = 0;
DEBUG(10,("printing_value_info: key=>[%s]\n", key));
path = trim_reg_path( key );
+
+ if ( path ) {
+ num_values = handle_printing_subpath( path, NULL, val );
+ SAFE_FREE( path );
+ return num_values;
+ }
- /* check to see if we are dealing with the top level key */
-
- if ( !path )
- top_level = True;
+ /* top level key */
- /* fill in values from the getprinterdata_printer_server() */
- if ( top_level ) {
- if ( strequal( key, KEY_PRINTING_PORTS ) )
- num_values = fill_ports_values( val );
- } else
- num_values = handle_printing_subpath( path, NULL, val );
-
+ if ( strequal( key, KEY_PRINTING_PORTS ) )
+ num_values = fill_ports_values( val );
return num_values;
}
diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c
index c3a1aba90d..97ae8b29e7 100644
--- a/source3/rpc_client/cli_reg.c
+++ b/source3/rpc_client/cli_reg.c
@@ -438,12 +438,12 @@ WERROR cli_reg_delete_key(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/****************************************************************************
do a REG Create Key
****************************************************************************/
-WERROR cli_reg_create_key(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+WERROR cli_reg_create_key_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *hnd, char *key_name, char *key_class,
uint32 access_desired, POLICY_HND *key)
{
- REG_Q_CREATE_KEY in;
- REG_R_CREATE_KEY out;
+ REG_Q_CREATE_KEY_EX in;
+ REG_R_CREATE_KEY_EX out;
prs_struct qbuf, rbuf;
SEC_DESC *sec;
SEC_DESC_BUF *sec_buf;
@@ -461,13 +461,13 @@ WERROR cli_reg_create_key(struct cli_state *cli, TALLOC_CTX *mem_ctx,
if ( !(sec_buf = make_sec_desc_buf(mem_ctx, sec_len, sec)) )
return WERR_GENERAL_FAILURE;
- init_reg_q_create_key(&in, hnd, key_name, key_class, access_desired, sec_buf);
+ init_reg_q_create_key_ex(&in, hnd, key_name, key_class, access_desired, sec_buf);
- CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_CREATE_KEY,
+ CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_CREATE_KEY_EX,
in, out,
qbuf, rbuf,
- reg_io_q_create_key,
- reg_io_r_create_key,
+ reg_io_q_create_key_ex,
+ reg_io_r_create_key_ex,
WERR_GENERAL_FAILURE );
diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c
index 9048f0f58f..c46eef1300 100644
--- a/source3/rpc_parse/parse_reg.c
+++ b/source3/rpc_parse/parse_reg.c
@@ -206,7 +206,7 @@ static BOOL reg_io_hdrbuf_sec(uint32 ptr, uint32 *ptr3, BUFHDR *hdr_sec,
Inits a registry key create request
********************************************************************/
-void init_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd,
+void init_reg_q_create_key_ex(REG_Q_CREATE_KEY_EX *q_c, POLICY_HND *hnd,
char *name, char *key_class, uint32 access_desired,
SEC_DESC_BUF *sec_buf)
{
@@ -234,13 +234,13 @@ void init_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd,
Marshalls a registry key create request
********************************************************************/
-BOOL reg_io_q_create_key(const char *desc, REG_Q_CREATE_KEY *q_u,
+BOOL reg_io_q_create_key_ex(const char *desc, REG_Q_CREATE_KEY_EX *q_u,
prs_struct *ps, int depth)
{
if ( !q_u )
return False;
- prs_debug(ps, depth, desc, "reg_io_q_create_key");
+ prs_debug(ps, depth, desc, "reg_io_q_create_key_ex");
depth++;
if(!prs_align(ps))
@@ -285,13 +285,13 @@ BOOL reg_io_q_create_key(const char *desc, REG_Q_CREATE_KEY *q_u,
Unmarshalls a registry key create response
********************************************************************/
-BOOL reg_io_r_create_key(const char *desc, REG_R_CREATE_KEY *r_u,
+BOOL reg_io_r_create_key_ex(const char *desc, REG_R_CREATE_KEY_EX *r_u,
prs_struct *ps, int depth)
{
if ( !r_u )
return False;
- prs_debug(ps, depth, desc, "reg_io_r_create_key");
+ prs_debug(ps, depth, desc, "reg_io_r_create_key_ex");
depth++;
if(!prs_align(ps))
@@ -299,7 +299,7 @@ BOOL reg_io_r_create_key(const char *desc, REG_R_CREATE_KEY *r_u,
if(!smb_io_pol_hnd("", &r_u->handle, ps, depth))
return False;
- if(!prs_uint32("unknown", ps, depth, &r_u->unknown))
+ if(!prs_uint32("disposition", ps, depth, &r_u->disposition))
return False;
if(!prs_werror("status", ps, depth, &r_u->status))
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index b724508e0b..15d420538e 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1544,7 +1544,7 @@ NTSTATUS _lsa_lookup_priv_value(pipes_struct *p, LSA_Q_LOOKUP_PRIV_VALUE *q_u, L
unistr2_to_ascii(name, &q_u->privname.unistring, sizeof(name));
- DEBUG(10,("_lsa_priv_get_dispname: name = %s\n", name));
+ DEBUG(10,("_lsa_lookup_priv_value: name = %s\n", name));
if ( !se_priv_from_name( name, &mask ) )
return NT_STATUS_NO_SUCH_PRIVILEGE;
diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c
index efff8e6722..871b1a9f12 100644
--- a/source3/rpc_server/srv_reg.c
+++ b/source3/rpc_server/srv_reg.c
@@ -419,22 +419,22 @@ static BOOL api_reg_save_key(pipes_struct *p)
/*******************************************************************
******************************************************************/
-static BOOL api_reg_create_key(pipes_struct *p)
+static BOOL api_reg_create_key_ex(pipes_struct *p)
{
- REG_Q_CREATE_KEY q_u;
- REG_R_CREATE_KEY r_u;
+ REG_Q_CREATE_KEY_EX q_u;
+ REG_R_CREATE_KEY_EX r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- if(!reg_io_q_create_key("", &q_u, data, 0))
+ if(!reg_io_q_create_key_ex("", &q_u, data, 0))
return False;
- r_u.status = _reg_create_key(p, &q_u, &r_u);
+ r_u.status = _reg_create_key_ex(p, &q_u, &r_u);
- if(!reg_io_r_create_key("", &r_u, rdata, 0))
+ if(!reg_io_r_create_key_ex("", &r_u, rdata, 0))
return False;
return True;
@@ -584,7 +584,7 @@ static struct api_struct api_reg_cmds[] =
{ "REG_GETVERSION" , REG_GETVERSION , api_reg_getversion },
{ "REG_SAVE_KEY" , REG_SAVE_KEY , api_reg_save_key },
{ "REG_RESTORE_KEY" , REG_RESTORE_KEY , api_reg_restore_key },
- { "REG_CREATE_KEY" , REG_CREATE_KEY , api_reg_create_key },
+ { "REG_CREATE_KEY_EX" , REG_CREATE_KEY_EX , api_reg_create_key_ex },
{ "REG_SET_VALUE" , REG_SET_VALUE , api_reg_set_value },
{ "REG_DELETE_KEY" , REG_DELETE_KEY , api_reg_delete_key },
{ "REG_DELETE_VALUE" , REG_DELETE_VALUE , api_reg_delete_value },
diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c
index 158888967b..7170c0a301 100644
--- a/source3/rpc_server/srv_reg_nt.c
+++ b/source3/rpc_server/srv_reg_nt.c
@@ -30,17 +30,10 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_SRV
-#define REGSTR_PRODUCTTYPE "ProductType"
-#define REG_PT_WINNT "WinNT"
-#define REG_PT_LANMANNT "LanmanNT"
-#define REG_PT_SERVERNT "ServerNT"
-
#define OUR_HANDLE(hnd) (((hnd)==NULL)?"NULL":(IVAL((hnd)->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER")), \
((unsigned int)IVAL((hnd)->data5,4)),((unsigned int)sys_getpid())
-/* no idea if this is correct, just use the file access bits for now */
-
static struct generic_mapping reg_generic_map = { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL };
/********************************************************************
@@ -266,9 +259,7 @@ static BOOL get_subkey_information( REGISTRY_KEY *key, uint32 *maxnum, uint32 *m
}
/********************************************************************
- retrieve information about the values. We don't store values
- here. The registry tdb is intended to be a frontend to oether
- Samba tdb's (such as ntdrivers.tdb).
+ retrieve information about the values.
*******************************************************************/
static BOOL get_value_information( REGISTRY_KEY *key, uint32 *maxnum,
@@ -294,7 +285,7 @@ static BOOL get_value_information( REGISTRY_KEY *key, uint32 *maxnum,
for ( i=0; i<num_values && val; i++ )
{
- lenmax = MAX(lenmax, strlen(val->valuename)+1 );
+ lenmax = MAX(lenmax, val->valuename ? strlen(val->valuename)+1 : 0 );
sizemax = MAX(sizemax, val->size );
val = regval_ctr_specific_value( &values, i );
@@ -1106,7 +1097,7 @@ WERROR _reg_save_key(pipes_struct *p, REG_Q_SAVE_KEY *q_u, REG_R_SAVE_KEY *r_u)
/*******************************************************************
********************************************************************/
-WERROR _reg_create_key(pipes_struct *p, REG_Q_CREATE_KEY *q_u, REG_R_CREATE_KEY *r_u)
+WERROR _reg_create_key_ex(pipes_struct *p, REG_Q_CREATE_KEY_EX *q_u, REG_R_CREATE_KEY_EX *r_u)
{
REGISTRY_KEY *parent = find_regkey_index_by_hnd(p, &q_u->handle);
REGISTRY_KEY *newparent;
@@ -1223,6 +1214,12 @@ WERROR _reg_set_value(pipes_struct *p, REG_Q_SET_VALUE *q_u, REG_R_SET_VALUE *r
rpcstr_pull( valuename, q_u->name.string->buffer, sizeof(valuename), q_u->name.string->uni_str_len*2, 0 );
+ /* verify the name */
+
+ if ( !*valuename )
+ return WERR_INVALID_PARAM;
+
+ DEBUG(8,("_reg_set_value: Setting value for [%s:%s]\n", key->name, valuename));
regval_ctr_init( &values );
@@ -1357,6 +1354,11 @@ WERROR _reg_delete_value(pipes_struct *p, REG_Q_DELETE_VALUE *q_u, REG_R_DELETE
rpcstr_pull( valuename, q_u->name.string->buffer, sizeof(valuename), q_u->name.string->uni_str_len*2, 0 );
+ if ( !*valuename )
+ return WERR_INVALID_PARAM;
+
+ DEBUG(8,("_reg_delete_value: Setting value for [%s:%s]\n", key->name, valuename));
+
regval_ctr_init( &values );
/* lookup the current values and add the new one */
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index e05bfa1eaa..12e8e2bd41 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -2211,7 +2211,8 @@ static WERROR get_printer_dataex( TALLOC_CTX *ctx, NT_PRINTER_INFO_LEVEL *printe
uint32 *needed, uint32 in_size )
{
REGISTRY_VALUE *val;
- int size, data_len;
+ uint32 size;
+ int data_len;
if ( !(val = get_printer_data( printer->info_2, key, value)) )
return WERR_BADFILE;
@@ -8030,7 +8031,7 @@ WERROR _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S
result = WERR_NOMEM;
goto done;
}
- data_len = (size_t)regval_size(val);
+ data_len = regval_size(val);
memcpy( *data_out, regval_data_p(val), data_len );
*out_data_len = data_len;
}
@@ -9250,7 +9251,7 @@ WERROR _spoolss_enumprinterdataex(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATAEX *q_
int i;
REGISTRY_VALUE *val;
char *value_name;
- int data_len;
+ uint32 data_len;
DEBUG(4,("_spoolss_enumprinterdataex\n"));