summaryrefslogtreecommitdiff
path: root/source4/scripting/libjs
diff options
context:
space:
mode:
Diffstat (limited to 'source4/scripting/libjs')
-rw-r--r--source4/scripting/libjs/provision.js1254
-rw-r--r--source4/scripting/libjs/samr.js170
-rw-r--r--source4/scripting/libjs/winreg.js291
3 files changed, 0 insertions, 1715 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
deleted file mode 100644
index 51e2785762..0000000000
--- a/source4/scripting/libjs/provision.js
+++ /dev/null
@@ -1,1254 +0,0 @@
-/*
- backend code for provisioning a Samba4 server
- Copyright Andrew Tridgell 2005
- Released under the GNU GPL version 3 or later
-*/
-
-sys = sys_init();
-
-/*
- return true if the current install seems to be OK
-*/
-function install_ok(session_info, credentials)
-{
- var lp = loadparm_init();
- var ldb = ldb_init();
- ldb.session_info = session_info;
- ldb.credentials = credentials;
- if (lp.get("realm") == "") {
- return false;
- }
- var ok = ldb.connect(lp.get("sam database"));
- if (!ok) {
- return false;
- }
- var res = ldb.search("(cn=Administrator)");
- if (res.error != 0 || res.msgs.length != 1) {
- return false;
- }
- return true;
-}
-
-/*
- find a user or group from a list of possibilities
-*/
-function findnss()
-{
- var i;
- assert(arguments.length >= 2);
- var nssfn = arguments[0];
- for (i=1;i<arguments.length;i++) {
- if (nssfn(arguments[i]) != undefined) {
- return arguments[i];
- }
- }
- printf("Unable to find user/group for %s\n", arguments[1]);
- assert(i<arguments.length);
-}
-
-/*
- add a foreign security principle
- */
-function add_foreign(ldb, subobj, sid, desc)
-{
- var add = sprintf("
-dn: CN=%s,CN=ForeignSecurityPrincipals,%s
-objectClass: top
-objectClass: foreignSecurityPrincipal
-description: %s
-",
- sid, subobj.DOMAINDN, desc);
- /* deliberately ignore errors from this, as the records may
- already exist */
- ldb.add(add);
-}
-
-
-/*
- setup a mapping between a sam name and a unix name
- */
-function setup_name_mapping(info, ldb, sid, unixname)
-{
- var attrs = new Array("dn");
- var res = ldb.search(sprintf("objectSid=%s", sid),
- info.subobj.DOMAINDN, ldb.SCOPE_SUBTREE, attrs);
- if (res.error != 0 || res.msgs.length != 1) {
- info.message("Failed to find record for objectSid %s\n", sid);
- return false;
- }
- var mod = sprintf("
-dn: %s
-changetype: modify
-replace: unixName
-unixName: %s
-",
- res.msgs[0].dn, unixname);
- var ok = ldb.modify(mod);
- if (ok.error != 0) {
- info.message("name mapping for %s failed - %s\n",
- sid, ldb.errstring());
- return false;
- }
- return true;
-}
-
-/*
- return current time as a nt time string
-*/
-function nttime()
-{
- return "" + sys.nttime();
-}
-
-/*
- return current time as a ldap time string
-*/
-function ldaptime()
-{
- return sys.ldaptime(sys.nttime());
-}
-
-/*
- return a date string suitable for a dns zone serial number
-*/
-function datestring()
-{
- var t = sys.ntgmtime(sys.nttime());
- return sprintf("%04u%02u%02u%02u",
- t.tm_year+1900, t.tm_mon+1, t.tm_mday, t.tm_hour);
-}
-
-/*
- return first host IP
-*/
-function hostip()
-{
- var list = sys.interfaces();
- return list[0];
-}
-
-
-/*
- return first part of hostname
-*/
-function hostname()
-{
- var s = split(".", sys.hostname());
- return s[0];
-}
-
-/* the ldb is in bad shape, possibly due to being built from an
- incompatible previous version of the code, so delete it
- completely */
-function ldb_delete(info, ldb)
-{
- info.message("Deleting " + ldb.filename + "\n");
- var lp = loadparm_init();
- sys.unlink(sprintf("%s/%s", lp.get("private dir"), ldb.filename));
- ldb.transaction_cancel();
- ldb.close();
- var ok = ldb.connect(ldb.filename);
- ldb.transaction_start();
- assert(ok);
-}
-
-/*
- erase an ldb, removing all records
-*/
-function ldb_erase(info, ldb)
-{
- var res;
-
- /* delete the specials */
- ldb.del("@INDEXLIST");
- ldb.del("@ATTRIBUTES");
- ldb.del("@OPTIONS");
- ldb.del("@MODULES");
- ldb.del("@PARTITION");
- ldb.del("@KLUDGEACL");
-
- /* and the rest */
- attrs = new Array("dn");
- var basedn = "";
- var res = ldb.search("(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))", basedn, ldb.SCOPE_SUBTREE, attrs);
- var i;
- if (res.error != 0) {
- ldb_delete(info, ldb);
- return;
- }
- for (i=0;i<res.msgs.length;i++) {
- ldb.del(res.msgs[i].dn);
- }
-
- var res = ldb.search("(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))", basedn, ldb.SCOPE_SUBTREE, attrs);
- if (res.error != 0 || res.msgs.length != 0) {
- ldb_delete(info, ldb);
- return;
- }
- assert(res.msgs.length == 0);
-}
-
-/*
- erase an ldb, removing all records
-*/
-function ldb_erase_partitions(info, ldb, ldapbackend)
-{
- var rootDSE_attrs = new Array("namingContexts");
- var lp = loadparm_init();
- var j;
-
- var res = ldb.search("(objectClass=*)", "", ldb.SCOPE_BASE, rootDSE_attrs);
- if (res.error != 0) {
- info.message("rootdse search failed: " + res.errstr + "\n");
- assert(res.error == 0);
- }
- assert(res.msgs.length == 1);
- if (typeof(res.msgs[0].namingContexts) == "undefined") {
- return;
- }
- for (j=0; j<res.msgs[0].namingContexts.length; j++) {
- var anything = "(|(objectclass=*)(distinguishedName=*))";
- var attrs = new Array("distinguishedName");
- var basedn = res.msgs[0].namingContexts[j];
- var k;
- var previous_remaining = 1;
- var current_remaining = 0;
-
- if (ldapbackend && (basedn == info.subobj.DOMAINDN)) {
- /* Only delete objects that were created by provision */
- anything = "(objectcategory=*)";
- }
-
- for (k=0; k < 10 && (previous_remaining != current_remaining); k++) {
- /* and the rest */
- var res2 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs);
- var i;
- if (res2.error != 0) {
- if (res2.error == 32) {
- break;
- } else {
- info.message("ldb search(2) failed: " + res2.errstr + "\n");
- continue;
- }
- }
- previous_remaining = current_remaining;
- current_remaining = res2.msgs.length;
- for (i=0;i<res2.msgs.length;i++) {
- ldb.del(res2.msgs[i].dn);
- }
-
- var res3 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs);
- if (res3.error != 0) {
- info.message("ldb search(3) failed: " + res3.errstr + "\n");
- continue;
- }
- if (res3.msgs.length != 0) {
- info.message("Failed to delete all records under " + basedn + ", " + res3.msgs.length + " records remaining\n");
- }
- }
- }
-}
-
-function open_ldb(info, dbname, erase)
-{
- var ldb = ldb_init();
- ldb.session_info = info.session_info;
- ldb.credentials = info.credentials;
- ldb.filename = dbname;
-
- var connect_ok = ldb.connect(dbname);
- if (!connect_ok) {
- var lp = loadparm_init();
- sys.unlink(sprintf("%s/%s", lp.get("private dir"), dbname));
- connect_ok = ldb.connect(dbname);
- assert(connect_ok);
- }
-
- ldb.transaction_start();
-
- if (erase) {
- ldb_erase(info, ldb);
- }
- return ldb;
-}
-
-
-/*
- setup a ldb in the private dir
- */
-function setup_add_ldif(ldif, info, ldb, failok)
-{
- var lp = loadparm_init();
- var src = lp.get("setup directory") + "/" + ldif;
-
- var data = sys.file_load(src);
- data = substitute_var(data, info.subobj);
-
- var add_res = ldb.add(data);
- if (add_res.error != 0) {
- info.message("ldb load failed: " + add_res.errstr + "\n");
- if (!failok) {
- assert(add_res.error == 0);
- }
- }
- return (add_res.error == 0);
-}
-
-function setup_modify_ldif(ldif, info, ldb, failok)
-{
- var lp = loadparm_init();
- var src = lp.get("setup directory") + "/" + ldif;
-
- var data = sys.file_load(src);
- data = substitute_var(data, info.subobj);
-
- var mod_res = ldb.modify(data);
- if (mod_res.error != 0) {
- info.message("ldb load failed: " + mod_res.errstr + "\n");
- if (!failok) {
- assert(mod_res.error == 0);
- }
- }
- return (mod_res.error == 0);
-}
-
-
-function setup_ldb(ldif, info, dbname)
-{
- var erase = true;
- var failok = false;
-
- if (arguments.length >= 4) {
- erase = arguments[3];
- }
- if (arguments.length == 5) {
- failok = arguments[4];
- }
- var ldb = open_ldb(info, dbname, erase);
- if (setup_add_ldif(ldif, info, ldb, failok)) {
- var commit_ok = ldb.transaction_commit();
- if (!commit_ok) {
- info.message("ldb commit failed: " + ldb.errstring() + "\n");
- assert(commit_ok);
- }
- }
-}
-
-/*
- setup a ldb in the private dir
- */
-function setup_ldb_modify(ldif, info, ldb)
-{
- var lp = loadparm_init();
-
- var src = lp.get("setup directory") + "/" + ldif;
-
- var data = sys.file_load(src);
- data = substitute_var(data, info.subobj);
-
- var mod_res = ldb.modify(data);
- if (mod_res.error != 0) {
- info.message("ldb load failed: " + mod_res.errstr + "\n");
- return (mod_res.error == 0);
- }
- return (mod_res.error == 0);
-}
-
-/*
- setup a file in the private dir
- */
-function setup_file(template, message, fname, subobj)
-{
- var lp = loadparm_init();
- var f = fname;
- var src = lp.get("setup directory") + "/" + template;
-
- if (! sys.stat(src)) {
- message("Template file not found: %s\n",src);
- assert(0);
- }
-
- sys.unlink(f);
-
- var data = sys.file_load(src);
- data = substitute_var(data, subobj);
-
- ok = sys.file_save(f, data);
- if (!ok) {
- message("failed to create file: " + f + "\n");
- assert(ok);
- }
-}
-
-function provision_default_paths(subobj)
-{
- /* subobj.DNSDOMAIN isn't available at this point */
- var dnsdomain = strlower(subobj.REALM);
- var lp = loadparm_init();
- var paths = new Object();
- paths.smbconf = lp.filename()
- paths.shareconf = lp.get("private dir") + "/" + "share.ldb";
- paths.samdb = lp.get("sam database");
- paths.idmapdb = lp.get("idmap database");
- paths.secrets = lp.get("secrets database");
- paths.templates = lp.get("private dir") + "/" + "templates.ldb";
- paths.keytab = "secrets.keytab";
- paths.dns_keytab = "dns.keytab";
- paths.dns_keytab_abs = lp.get("private dir") + "/" + paths.dns_keytab;
- paths.dns = lp.get("private dir") + "/" + dnsdomain + ".zone";
- paths.named_conf = lp.get("private dir") + "/named.conf";
- paths.winsdb = "wins.ldb";
- paths.ldapdir = lp.get("private dir") + "/ldap";
-
- paths.s4_ldapi_socket = lp.get("private dir") + "/ldapi";
- paths.phpldapadminconfig = lp.get("private dir") + "/phpldapadmin-config.php";
-
- paths.sysvol = lp.get("sysvol", "path");
-
- if (paths.sysvol == undefined) {
- paths.sysvol = lp.get("lock dir") + "/sysvol";
- }
-
- paths.netlogon = lp.get("netlogon", "path");
-
- if (paths.netlogon == undefined) {
- paths.netlogon = paths.sysvol + "/" + dnsdomain + "/scripts";
- }
-
- return paths;
-}
-
-
-/*
- setup reasonable name mappings for sam names to unix names
-*/
-function setup_name_mappings(info, ldb)
-{
- var lp = loadparm_init();
- var attrs = new Array("objectSid");
- var subobj = info.subobj;
-
- res = ldb.search("objectSid=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs);
- assert(res.error == 0);
- assert(res.msgs.length == 1 && res.msgs[0].objectSid != undefined);
- var sid = res.msgs[0].objectSid;
-
- /* add some foreign sids if they are not present already */
- add_foreign(ldb, subobj, "S-1-5-7", "Anonymous");
- add_foreign(ldb, subobj, "S-1-1-0", "World");
- add_foreign(ldb, subobj, "S-1-5-2", "Network");
- add_foreign(ldb, subobj, "S-1-5-18", "System");
- add_foreign(ldb, subobj, "S-1-5-11", "Authenticated Users");
-
- /* some well known sids */
- setup_name_mapping(info, ldb, "S-1-5-7", subobj.NOBODY);
- setup_name_mapping(info, ldb, "S-1-1-0", subobj.NOGROUP);
- setup_name_mapping(info, ldb, "S-1-5-2", subobj.NOGROUP);
- setup_name_mapping(info, ldb, "S-1-5-18", subobj.ROOT);
- setup_name_mapping(info, ldb, "S-1-5-11", subobj.USERS);
- setup_name_mapping(info, ldb, "S-1-5-32-544", subobj.WHEEL);
- setup_name_mapping(info, ldb, "S-1-5-32-545", subobj.USERS);
- setup_name_mapping(info, ldb, "S-1-5-32-546", subobj.NOGROUP);
- setup_name_mapping(info, ldb, "S-1-5-32-551", subobj.BACKUP);
-
- /* and some well known domain rids */
- setup_name_mapping(info, ldb, sid + "-500", subobj.ROOT);
- setup_name_mapping(info, ldb, sid + "-518", subobj.WHEEL);
- setup_name_mapping(info, ldb, sid + "-519", subobj.WHEEL);
- setup_name_mapping(info, ldb, sid + "-512", subobj.WHEEL);
- setup_name_mapping(info, ldb, sid + "-513", subobj.USERS);
- setup_name_mapping(info, ldb, sid + "-520", subobj.WHEEL);
-
- return true;
-}
-
-function provision_fix_subobj(subobj, paths)
-{
- var ldb = ldb_init();
-
- subobj.REALM = strupper(subobj.REALM);
- subobj.HOSTNAME = strlower(subobj.HOSTNAME);
- subobj.DOMAIN = strupper(subobj.DOMAIN);
- subobj.NETBIOSNAME = strupper(subobj.HOSTNAME);
- subobj.DNSDOMAIN = strlower(subobj.REALM);
- subobj.DNSNAME = sprintf("%s.%s",
- strlower(subobj.HOSTNAME),
- subobj.DNSDOMAIN);
- var rdn_list = split(".", subobj.DNSDOMAIN);
- subobj.DOMAINDN = "DC=" + join(",DC=", rdn_list);
- subobj.ROOTDN = subobj.DOMAINDN;
- subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN;
- subobj.SCHEMADN = "CN=Schema," + subobj.CONFIGDN;
-
- subobj.MACHINEPASS_B64 = ldb.encode(subobj.MACHINEPASS);
- subobj.KRBTGTPASS_B64 = ldb.encode(subobj.KRBTGTPASS);
- subobj.ADMINPASS_B64 = ldb.encode(subobj.ADMINPASS);
- subobj.DNSPASS_B64 = ldb.encode(subobj.DNSPASS);
-
- subobj.SAM_LDB = "tdb://" + paths.samdb;
- subobj.SECRETS_KEYTAB = paths.keytab;
- subobj.DNS_KEYTAB = paths.dns_keytab;
- subobj.DNS_KEYTAB_ABS = paths.dns_keytab_abs;
-
- subobj.LDAPDIR = paths.ldapdir;
- var ldap_path_list = split("/", paths.ldapdir);
- subobj.LDAPI_URI = "ldapi://" + join("%2F", ldap_path_list) + "%2Fldapi";
-
- var s4ldap_path_list = split("/", paths.s4_ldapi_socket);
- subobj.S4_LDAPI_URI = "ldapi://" + join("%2F", s4ldap_path_list);
-
- subobj.LDAPMANAGERDN = "cn=Manager," + subobj.DOMAINDN;
-
- subobj.NETLOGONPATH = paths.netlogon;
- subobj.SYSVOLPATH = paths.sysvol;
-
- if (subobj.DOMAIN_CONF == undefined) {
- subobj.DOMAIN_CONF = subobj.DOMAIN;
- }
- if (subobj.REALM_CONF == undefined) {
- subobj.REALM_CONF = subobj.REALM;
- }
- if (strlower(subobj.SERVERROLE) != strlower("domain controller")) {
- subobj.REALM = subobj.HOSTNAME;
- subobj.DOMAIN = subobj.HOSTNAME;
- }
-
- return true;
-}
-
-function provision_become_dc(subobj, message, erase, paths, session_info)
-{
- var lp = loadparm_init();
- var sys = sys_init();
- var info = new Object();
-
- var ok = provision_fix_subobj(subobj, paths);
- assert(ok);
-
- if (subobj.BACKEND_MOD == undefined) {
- subobj.BACKEND_MOD = "repl_meta_data";
- }
-
- info.subobj = subobj;
- info.message = message;
- info.session_info = session_info;
-
- message("Setting up templates into " + paths.templates + "\n");
- setup_ldb("provision_templates.ldif", info, paths.templates);
-
- /* Also wipes the database */
- message("Setting up " + paths.samdb + " partitions\n");
- setup_ldb("provision_partitions.ldif", info, paths.samdb);
-
- var samdb = open_ldb(info, paths.samdb, false);
-
- message("Setting up " + paths.samdb + " attributes\n");
- setup_add_ldif("provision_init.ldif", info, samdb, false);
-
- message("Setting up " + paths.samdb + " rootDSE\n");
- setup_add_ldif("provision_rootdse_add.ldif", info, samdb, false);
-
- if (erase) {
- message("Erasing data from partitions\n");
- ldb_erase_partitions(info, samdb, undefined);
- }
-
- message("Setting up " + paths.samdb + " indexes\n");
- setup_add_ldif("provision_index.ldif", info, samdb, false);
-
- ok = samdb.transaction_commit();
- assert(ok);
-
- message("Setting up " + paths.secrets + "\n");
- setup_ldb("secrets_init.ldif", info, paths.secrets);
-
- setup_ldb("secrets.ldif", info, paths.secrets, false);
-
- setup_ldb("secrets_dc.ldif", info, paths.secrets, false);
-
- return true;
-}
-
-function load_schema(subobj, message, samdb)
-{
- var lp = loadparm_init();
- var src = lp.get("setup directory") + "/" + "schema.ldif";
-
- if (! sys.stat(src)) {
- message("Template file not found: %s\n",src);
- assert(0);
- }
-
- var schema_data = sys.file_load(src);
-
- src = lp.get("setup directory") + "/" + "schema_samba4.ldif";
-
- if (! sys.stat(src)) {
- message("Template file not found: %s\n",src);
- assert(0);
- }
-
- schema_data = schema_data + sys.file_load(src);
-
- schema_data = substitute_var(schema_data, subobj);
-
- src = lp.get("setup directory") + "/" + "provision_schema_basedn_modify.ldif";
-
- if (! sys.stat(src)) {
- message("Template file not found: %s\n",src);
- assert(0);
- }
-
- var head_data = sys.file_load(src);
- head_data = substitute_var(head_data, subobj);
-
- var ok = samdb.attach_dsdb_schema_from_ldif(head_data, schema_data);
- return ok;
-}
-
-
-/*
- provision samba4 - caution, this wipes all existing data!
-*/
-function provision(subobj, message, blank, paths, session_info, credentials, ldapbackend)
-{
- var lp = loadparm_init();
- var sys = sys_init();
- var info = new Object();
- random_init(local);
-
- var ok = provision_fix_subobj(subobj, paths);
- assert(ok);
-
- if (strlower(subobj.SERVERROLE) == strlower("domain controller")) {
- if (subobj.BACKEND_MOD == undefined) {
- subobj.BACKEND_MOD = "repl_meta_data";
- }
- } else {
- if (subobj.BACKEND_MOD == undefined) {
- subobj.BACKEND_MOD = "objectguid";
- }
- }
-
- if (subobj.DOMAINGUID != undefined) {
- subobj.DOMAINGUID_MOD = sprintf("replace: objectGUID\nobjectGUID: %s\n-", subobj.DOMAINGUID);
- } else {
- subobj.DOMAINGUID_MOD = "";
- }
-
- if (subobj.HOSTGUID != undefined) {
- subobj.HOSTGUID_ADD = sprintf("objectGUID: %s", subobj.HOSTGUID);
- } else {
- subobj.HOSTGUID_ADD = "";
- }
-
- info.subobj = subobj;
- info.message = message;
- info.credentials = credentials;
- info.session_info = session_info;
-
- /* only install a new smb.conf if there isn't one there already */
- var st = sys.stat(paths.smbconf);
- if (st == undefined) {
- var smbconfsuffix;
- if (strlower(subobj.SERVERROLE) == strlower("domain controller")) {
- smbconfsuffix = "dc";
- } else if (strlower(subobj.SERVERROLE) == strlower("member server")) {
- smbconfsuffix = "member";
- } else {
- smbconfsuffix = subobj.SERVERROLE;
- }
- message("Setting up " + paths.smbconf +"\n");
- setup_file("provision.smb.conf." + smbconfsuffix, info.message, paths.smbconf, subobj);
- lp.reload();
- }
- /* only install a new shares config db if there is none */
- st = sys.stat(paths.shareconf);
- if (st == undefined) {
- message("Setting up share.ldb\n");
- setup_ldb("share.ldif", info, paths.shareconf);
- }
-
- message("Setting up " + paths.secrets + "\n");
- setup_ldb("secrets_init.ldif", info, paths.secrets);
- setup_ldb("secrets.ldif", info, paths.secrets, false);
-
- message("Setting up the registry\n");
- var reg = reg_open();
- reg.apply_patchfile(lp.get("setup directory") + "/provision.reg")
-
- message("Setting up templates into " + paths.templates + "\n");
- setup_ldb("provision_templates.ldif", info, paths.templates);
-
- message("Setting up " + paths.idmapdb +"\n");
- setup_ldb("idmap_init.ldif", info, paths.idmapdb);
-
- message("Setting up sam.ldb partitions\n");
- /* Also wipes the database */
- setup_ldb("provision_partitions.ldif", info, paths.samdb);
-
- var samdb = open_ldb(info, paths.samdb, false);
-
- message("Setting up sam.ldb attributes\n");
- setup_add_ldif("provision_init.ldif", info, samdb, false);
-
- message("Setting up sam.ldb rootDSE\n");
- setup_add_ldif("provision_rootdse_add.ldif", info, samdb, false);
-
- message("Erasing data from partitions\n");
- ldb_erase_partitions(info, samdb, ldapbackend);
-
- // (hack) Reload, now we have the partitions and rootdse loaded.
- var commit_ok = samdb.transaction_commit();
- if (!commit_ok) {
- info.message("samdb commit failed: " + samdb.errstring() + "\n");
- assert(commit_ok);
- }
- samdb.close();
-
- message("Pre-loading the Samba4 and AD schema\n");
-
- samdb = open_ldb(info, paths.samdb, false);
-
- samdb.set_domain_sid(subobj.DOMAINSID);
-
- if (strlower(subobj.SERVERROLE) == strlower("domain controller")) {
- if (subobj.INVOCATIONID == undefined) {
- subobj.INVOCATIONID = randguid();
- }
- samdb.set_ntds_invocationId(subobj.INVOCATIONID);
- if (subobj.BACKEND_MOD == undefined) {
- subobj.BACKEND_MOD = "repl_meta_data";
- }
- } else {
- if (subobj.BACKEND_MOD == undefined) {
- subobj.BACKEND_MOD = "objectguid";
- }
- }
-
- var load_schema_ok = load_schema(subobj, message, samdb);
- assert(load_schema_ok.is_ok);
-
- message("Adding DomainDN: " + subobj.DOMAINDN + " (permitted to fail)\n");
- var add_ok = setup_add_ldif("provision_basedn.ldif", info, samdb, true);
- message("Modifying DomainDN: " + subobj.DOMAINDN + "\n");
- var modify_basedn_ok = setup_ldb_modify("provision_basedn_modify.ldif", info, samdb);
- if (!modify_basedn_ok) {
- if (!add_ok) {
- message("%s", "Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.DOMAINDN_LDB + ": " + samdb.errstring() + "\n");
- message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
- };
- assert(modify_basedn_ok);
- };
-
- message("Adding configuration container (permitted to fail)\n");
- var add_config_ok = setup_add_ldif("provision_configuration_basedn.ldif", info, samdb, true);
- message("Modifying configuration container\n");
- var modify_config_ok = setup_ldb_modify("provision_configuration_basedn_modify.ldif", info, samdb);
- if (!modify_config_ok) {
- if (!add_config_ok) {
- message("%s", "Failed to both add and modify " + subobj.CONFIGDN + " in target " + subobj.CONFIGDN_LDB + ": " + samdb.errstring() + "\n");
- message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
- }
- assert(modify_config_ok);
- }
-
- message("Adding schema container (permitted to fail)\n");
- var add_schema_ok = setup_add_ldif("provision_schema_basedn.ldif", info, samdb, true);
- message("Modifying schema container\n");
- var modify_schema_ok = setup_ldb_modify("provision_schema_basedn_modify.ldif", info, samdb);
- if (!modify_schema_ok) {
- if (!add_schema_ok) {
- message("%s", "Failed to both add and modify " + subobj.SCHEMADN + " in target " + subobj.SCHEMADN_LDB + ": " + samdb.errstring() + "\n");
- message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
- }
- message("Failed to modify the schema container: " + samdb.errstring() + "\n");
- assert(modify_schema_ok);
- }
-
- message("Setting up sam.ldb Samba4 schema\n");
- setup_add_ldif("schema_samba4.ldif", info, samdb, false);
- message("Setting up sam.ldb AD schema\n");
- setup_add_ldif("schema.ldif", info, samdb, false);
-
- message("Setting up sam.ldb configuration data\n");
- setup_add_ldif("provision_configuration.ldif", info, samdb, false);
-
- message("Setting up display specifiers\n");
- setup_add_ldif("display_specifiers.ldif", info, samdb, false);
-
- message("Adding users container (permitted to fail)\n");
- var add_users_ok = setup_add_ldif("provision_users_add.ldif", info, samdb, true);
- message("Modifying users container\n");
- var modify_users_ok = setup_ldb_modify("provision_users_modify.ldif", info, samdb);
- if (!modify_users_ok) {
- if (!add_users_ok) {
- message("Failed to both add and modify the users container\n");
- }
- assert(modify_users_ok);
- }
- message("Adding computers container (permitted to fail)\n");
- var add_computers_ok = setup_add_ldif("provision_computers_add.ldif", info, samdb, true);
- message("Modifying computers container\n");
- var modify_computers_ok = setup_ldb_modify("provision_computers_modify.ldif", info, samdb);
- if (!modify_computers_ok) {
- if (!add_computers_ok) {
- message("Failed to both add and modify the computers container\n");
- }
- assert(modify_computers_ok);
- }
-
- message("Setting up sam.ldb data\n");
- setup_add_ldif("provision.ldif", info, samdb, false);
-
- if (blank != false) {
- message("Setting up sam.ldb index\n");
- setup_add_ldif("provision_index.ldif", info, samdb, false);
-
- message("Setting up sam.ldb rootDSE marking as syncronized\n");
- setup_modify_ldif("provision_rootdse_modify.ldif", info, samdb, false);
-
- var commit_ok = samdb.transaction_commit();
- if (!commit_ok) {
- info.message("ldb commit failed: " + samdb.errstring() + "\n");
- assert(commit_ok);
- }
- return true;
- }
-
-// message("Activate schema module");
-// setup_modify_ldif("schema_activation.ldif", info, samdb, false);
-//
-// // (hack) Reload, now we have the schema loaded.
-// var commit_ok = samdb.transaction_commit();
-// if (!commit_ok) {
-// info.message("samdb commit failed: " + samdb.errstring() + "\n");
-// assert(commit_ok);
-// }
-// samdb.close();
-//
-// samdb = open_ldb(info, paths.samdb, false);
-//
- message("Setting up sam.ldb users and groups\n");
- setup_add_ldif("provision_users.ldif", info, samdb, false);
-
- if (strlower(subobj.SERVERROLE) == strlower("domain controller")) {
- message("Setting up self join\n");
- setup_add_ldif("provision_self_join.ldif", info, samdb, false);
- setup_add_ldif("provision_group_policy.ldif", info, samdb, false);
-
- sys.mkdir(paths.sysvol, 0755);
- sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN, 0755);
- sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies", 0755);
- sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}", 0755);
- sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/Machine", 0755);
- sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/User", 0755);
-
- sys.mkdir(paths.netlogon, 0755);
-
- setup_ldb("secrets_dc.ldif", info, paths.secrets, false);
-
- }
-
- if (setup_name_mappings(info, samdb) == false) {
- return false;
- }
-
- message("Setting up sam.ldb index\n");
- setup_add_ldif("provision_index.ldif", info, samdb, false);
-
- message("Setting up sam.ldb rootDSE marking as syncronized\n");
- setup_modify_ldif("provision_rootdse_modify.ldif", info, samdb, false);
-
- var commit_ok = samdb.transaction_commit();
- if (!commit_ok) {
- info.message("samdb commit failed: " + samdb.errstring() + "\n");
- assert(commit_ok);
- }
-
- message("Setting up phpLDAPadmin configuration\n");
- setup_file("phpldapadmin-config.php", info.message, paths.phpldapadminconfig, subobj);
- message("Please install the phpLDAPadmin configuration located at " + paths.phpldapadminconfig + " into /etc/phpldapadmin/config.php\n");
-
- return true;
-}
-
-/*
- provision just the schema into a temporary ldb, so we can run ad2oLschema on it
-*/
-function provision_schema(subobj, message, tmp_schema_path, paths)
-{
- var lp = loadparm_init();
- var sys = sys_init();
- var info = new Object();
-
- var ok = provision_fix_subobj(subobj, paths);
- assert(ok);
-
- info.subobj = subobj;
- info.message = message;
-
- message("Setting up sam.ldb partitions\n");
-
- /* This will erase anything in the tmp db */
- var samdb = open_ldb(info, tmp_schema_path, true);
-
- message("Setting up sam.ldb attributes\n");
- setup_add_ldif("provision_init.ldif", info, samdb, false);
-
- message("Setting up sam.ldb rootDSE\n");
- setup_add_ldif("provision_rootdse_add.ldif", info, samdb, false);
-
- message("Adding schema container (permitted to fail)\n");
- var add_ok = setup_add_ldif("provision_schema_basedn.ldif", info, samdb, true);
- message("Modifying schema container\n");
- var modify_ok = setup_ldb_modify("provision_schema_basedn_modify.ldif", info, samdb);
- if (!modify_ok) {
- if (!add_ok) {
- message("Failed to both add and modify schema dn: " + samdb.errstring() + "\n");
- message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
- assert(modify_ok);
- }
- message("Failed to modify the schema container: " + samdb.errstring() + "\n");
- assert(modify_ok);
- }
-
- message("Setting up sam.ldb Samba4 schema\n");
- setup_add_ldif("schema_samba4.ldif", info, samdb, false);
- message("Setting up sam.ldb AD schema\n");
- setup_add_ldif("schema.ldif", info, samdb, false);
-
- var commit_ok = samdb.transaction_commit();
- if (!commit_ok) {
- info.message("samdb commit failed: " + samdb.errstring() + "\n");
- assert(commit_ok);
- }
- samdb.close();
-}
-
-/* Write out a DNS zone file, from the info in the current database */
-function provision_dns(subobj, message, paths, session_info, credentials)
-{
- var lp = loadparm_init();
- if (strlower(subobj.SERVERROLE) != strlower("domain controller")) {
- message("No DNS zone required for role %s\n", subobj.SERVERROLE);
- return;
- }
- message("Setting up DNS zone: " + subobj.DNSDOMAIN + " \n");
- var ldb = ldb_init();
- ldb.session_info = session_info;
- ldb.credentials = credentials;
-
- /* connect to the sam */
- var ok = ldb.connect(paths.samdb);
- assert(ok);
-
- /* These values may have changed, due to an incoming SamSync,
- or may not have been specified, so fetch them from the database */
-
- var attrs = new Array("objectGUID");
- res = ldb.search("objectGUID=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs);
- assert(res.error == 0);
- assert(res.msgs.length == 1);
- assert(res.msgs[0].objectGUID != undefined);
- subobj.DOMAINGUID = res.msgs[0].objectGUID;
-
- subobj.HOSTGUID = searchone(ldb, subobj.DOMAINDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID");
- assert(subobj.HOSTGUID != undefined);
-
- setup_file("provision.zone",
- message, paths.dns,
- subobj);
-
- setup_file("named.conf",
- message, paths.named_conf,
- subobj);
-
- message("Please install the zone located in " + paths.dns + " into your DNS server. A sample BIND configuration snippit is at " + paths.named_conf + "\n");
-}
-
-
-/*
- guess reasonably default options for provisioning
-*/
-function provision_guess()
-{
- var subobj = new Object();
- var nss = nss_init();
- var lp = loadparm_init();
- var rdn_list;
- random_init(local);
-
- subobj.SERVERROLE = strlower(lp.get("server role"));
- subobj.REALM = strupper(lp.get("realm"));
- subobj.DOMAIN = lp.get("workgroup");
- subobj.HOSTNAME = hostname();
-
- assert(subobj.REALM);
- assert(subobj.DOMAIN);
- assert(subobj.HOSTNAME);
-
- subobj.VERSION = version();
- subobj.HOSTIP = hostip();
- subobj.DOMAINSID = randsid();
- subobj.POLICYGUID = randguid();
- subobj.KRBTGTPASS = randpass(12);
- subobj.MACHINEPASS = randpass(12);
- subobj.DNSPASS = randpass(12);
- subobj.ADMINPASS = randpass(12);
- subobj.LDAPMANAGERPASS = randpass(12);
- subobj.DEFAULTSITE = "Default-First-Site-Name";
- subobj.DATESTRING = datestring;
- subobj.ROOT = findnss(nss.getpwnam, "root");
- subobj.NOBODY = findnss(nss.getpwnam, "nobody");
- subobj.NOGROUP = findnss(nss.getgrnam, "nogroup", "nobody");
- subobj.WHEEL = findnss(nss.getgrnam, "wheel", "root", "staff", "adm");
- subobj.BACKUP = findnss(nss.getgrnam, "backup", "wheel", "root", "staff");
- subobj.USERS = findnss(nss.getgrnam, "users", "guest", "other", "unknown", "usr");
-
- //Add modules to the list to activate them by default
- //beware often order is important
- //
- // Some Known ordering constraints:
- // - rootdse must be first, as it makes redirects from "" -> cn=rootdse
- // - objectclass must be before password_hash, because password_hash checks
- // that the objectclass is of type person (filled in by the objectclass
- // module when expanding the objectclass list)
- // - partition must be last
- // - each partition has its own module list then
- var modules_list = new Array("rootdse",
- "paged_results",
- "ranged_results",
- "anr",
- "server_sort",
- "extended_dn",
- "asq",
- "samldb",
- "rdn_name",
- "objectclass",
- "kludge_acl",
- "operational");
- var tdb_modules_list = new Array("subtree_rename",
- "subtree_delete",
- "linked_attributes");
- var modules_list2 = new Array("show_deleted",
- "partition");
- subobj.MODULES_LIST = join(",", modules_list);
- subobj.TDB_MODULES_LIST = "," + join(",", tdb_modules_list);
- subobj.MODULES_LIST2 = join(",", modules_list2);
- subobj.DOMAINDN_LDB = "users.ldb";
- subobj.CONFIGDN_LDB = "configuration.ldb";
- subobj.SCHEMADN_LDB = "schema.ldb";
- subobj.DOMAINDN_MOD = "pdc_fsmo,password_hash,instancetype";
- subobj.CONFIGDN_MOD = "naming_fsmo,instancetype";
- subobj.SCHEMADN_MOD = "schema_fsmo,instancetype";
-
- subobj.ACI = "# no aci for local ldb";
-
- return subobj;
-}
-
-/*
- search for one attribute as a string
- */
-function searchone(ldb, basedn, expression, attribute)
-{
- var attrs = new Array(attribute);
- res = ldb.search(expression, basedn, ldb.SCOPE_SUBTREE, attrs);
- if (res.error != 0 ||
- res.msgs.length != 1 ||
- res.msgs[0][attribute] == undefined) {
- return undefined;
- }
- return res.msgs[0][attribute];
-}
-
-/*
- modify an account to remove the
-*/
-function enable_account(ldb, user_dn)
-{
- var attrs = new Array("userAccountControl");
- var res = ldb.search(NULL, user_dn, ldb.SCOPE_ONELEVEL, attrs);
- assert(res.error == 0);
- assert(res.msgs.length == 1);
- var userAccountControl = res.msgs[0].userAccountControl;
- userAccountControl = userAccountControl - 2; /* remove disabled bit */
- var mod = sprintf("
-dn: %s
-changetype: modify
-replace: userAccountControl
-userAccountControl: %u
-",
- user_dn, userAccountControl);
- var ok = ldb.modify(mod);
- return (ok.error == 0);
-}
-
-
-/*
- add a new user record
-*/
-function newuser(username, unixname, password, message, session_info, credentials)
-{
- var lp = loadparm_init();
- var samdb = lp.get("sam database");
- var ldb = ldb_init();
- random_init(local);
- ldb.session_info = session_info;
- ldb.credentials = credentials;
-
- /* connect to the sam */
- var ok = ldb.connect(samdb);
- assert(ok);
-
- ldb.transaction_start();
-
- /* find the DNs for the domain and the domain users group */
- var attrs = new Array("defaultNamingContext");
- res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, attrs);
- assert(res.error == 0);
- assert(res.msgs.length == 1 && res.msgs[0].defaultNamingContext != undefined);
- var domain_dn = res.msgs[0].defaultNamingContext;
- assert(domain_dn != undefined);
- var dom_users = searchone(ldb, domain_dn, "name=Domain Users", "dn");
- assert(dom_users != undefined);
-
- var user_dn = sprintf("CN=%s,CN=Users,%s", username, domain_dn);
-
-
- /*
- the new user record. note the reliance on the samdb module to fill
- in a sid, guid etc
- */
- var ldif = sprintf("
-dn: %s
-sAMAccountName: %s
-unixName: %s
-sambaPassword: %s
-objectClass: user
-",
- user_dn, username,
- unixname, password);
- /*
- add the user to the users group as well
- */
- var modgroup = sprintf("
-dn: %s
-changetype: modify
-add: member
-member: %s
-",
- dom_users, user_dn);
-
-
- /*
- now the real work
- */
- message("Adding user %s\n", user_dn);
- ok = ldb.add(ldif);
- if (ok.error != 0) {
- message("Failed to add %s - %s\n", user_dn, ok.errstr);
- return false;
- }
-
- message("Modifying group %s\n", dom_users);
- ok = ldb.modify(modgroup);
- if (ok.error != 0) {
- message("Failed to modify %s - %s\n", dom_users, ok.errstr);
- return false;
- }
-
- /*
- modify the userAccountControl to remove the disabled bit
- */
- ok = enable_account(ldb, user_dn);
- if (ok) {
- ldb.transaction_commit();
- }
- return ok;
-}
-
-// Check whether a name is valid as a NetBIOS name.
-// FIXME: There are probably more constraints here.
-// crh has a paragraph on this in his book (1.4.1.1)
-function valid_netbios_name(name)
-{
- if (strlen(name) > 15) return false;
- return true;
-}
-
-function provision_validate(subobj, message)
-{
- var lp = loadparm_init();
-
- if (!valid_netbios_name(subobj.DOMAIN)) {
- message("Invalid NetBIOS name for domain\n");
- return false;
- }
-
- if (!valid_netbios_name(subobj.NETBIOSNAME)) {
- message("Invalid NetBIOS name for host\n");
- return false;
- }
-
-
- if (strupper(lp.get("workgroup")) != strupper(subobj.DOMAIN_CONF)) {
- message("workgroup '%s' in smb.conf must match chosen domain '%s'\n",
- lp.get("workgroup"), subobj.DOMAIN_CONF);
- return false;
- }
-
- if (strupper(lp.get("realm")) != strupper(subobj.REALM_CONF)) {
- message("realm '%s' in smb.conf must match chosen realm '%s'\n",
- lp.get("realm"), subobj.REALM_CONF);
- return false;
- }
-
- if (strlower(lp.get("server role")) != strlower(subobj.SERVERROLE)) {
- message("server role '%s' in smb.conf must match chosen role '%s'\n",
- lp.get("server role"), subobj.SERVERROLE);
- return false;
- }
-
- return true;
-}
-
-function join_domain(domain, netbios_name, join_type, creds, message)
-{
- var ctx = NetContext(creds);
- var joindom = new Object();
- joindom.domain = domain;
- joindom.join_type = join_type;
- joindom.netbios_name = netbios_name;
- if (!ctx.JoinDomain(joindom)) {
- message("Domain Join failed: " + joindom.error_string);
- return false;
- }
- return true;
-}
-
-/* Vampire a remote domain. Session info and credentials are required for for
- * access to our local database (might be remote ldap)
- */
-
-function vampire(domain, session_info, credentials, message) {
- var ctx = NetContext(credentials);
- var vampire_ctx = new Object();
- var machine_creds = credentials_init();
- machine_creds.set_domain(form.DOMAIN);
- if (!machine_creds.set_machine_account()) {
- message("Failed to access domain join information!");
- return false;
- }
- vampire_ctx.machine_creds = machine_creds;
- vampire_ctx.session_info = session_info;
- if (!ctx.SamSyncLdb(vampire_ctx)) {
- message("Migration of remote domain to Samba failed: " + vampire_ctx.error_string);
- return false;
- }
-
- return true;
-}
-
-return 0;
diff --git a/source4/scripting/libjs/samr.js b/source4/scripting/libjs/samr.js
deleted file mode 100644
index 6e8c70af3c..0000000000
--- a/source4/scripting/libjs/samr.js
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- samr rpc utility functions
- Copyright Andrew Tridgell 2005
- released under the GNU GPL version 3 or later
-*/
-
-if (global["HAVE_SAMR_JS"] != undefined) {
- return;
-}
-HAVE_SAMR_JS=1
-
-/*
- return a list of names and indexes from a samArray
-*/
-function samArray(output)
-{
- var list = new Array(output.num_entries);
- if (output.sam == NULL) {
- return list;
- }
- var i, entries = output.sam.entries;
- for (i=0;i<output.num_entries;i++) {
- list[i] = new Object();
- list[i].name = entries[i].name;
- list[i].idx = entries[i].idx;
- }
- return list;
-}
-
-/*
- connect to the sam database
-*/
-function samrConnect(conn)
-{
- security_init(conn);
- var io = irpcObj();
- io.input.system_name = NULL;
- io.input.access_mask = conn.SEC_FLAG_MAXIMUM_ALLOWED;
- var status = conn.samr_Connect2(io);
- check_status_ok(status);
- return io.output.connect_handle;
-}
-
-/*
- close a handle
-*/
-function samrClose(conn, handle)
-{
- var io = irpcObj();
- io.input.handle = handle;
- var status = conn.samr_Close(io);
- check_status_ok(status);
-}
-
-/*
- get the sid for a domain
-*/
-function samrLookupDomain(conn, handle, domain)
-{
- var io = irpcObj();
- io.input.connect_handle = handle;
- io.input.domain_name = domain;
- var status = conn.samr_LookupDomain(io);
- check_status_ok(status);
- return io.output.sid;
-}
-
-/*
- open a domain by sid
-*/
-function samrOpenDomain(conn, handle, sid)
-{
- var io = irpcObj();
- io.input.connect_handle = handle;
- io.input.access_mask = conn.SEC_FLAG_MAXIMUM_ALLOWED;
- io.input.sid = sid;
- var status = conn.samr_OpenDomain(io);
- check_status_ok(status);
- return io.output.domain_handle;
-}
-
-/*
- open a user by rid
-*/
-function samrOpenUser(conn, handle, rid)
-{
- var io = irpcObj();
- io.input.domain_handle = handle;
- io.input.access_mask = conn.SEC_FLAG_MAXIMUM_ALLOWED;
- io.input.rid = rid;
- var status = conn.samr_OpenUser(io);
- check_status_ok(status);
- return io.output.user_handle;
-}
-
-/*
- return a list of all users
-*/
-function samrEnumDomainUsers(conn, dom_handle)
-{
- var io = irpcObj();
- io.input.domain_handle = dom_handle;
- io.input.resume_handle = 0;
- io.input.acct_flags = 0;
- io.input.max_size = -1;
- var status = conn.samr_EnumDomainUsers(io);
- check_status_ok(status);
- return samArray(io.output);
-}
-
-/*
- return a list of all groups
-*/
-function samrEnumDomainGroups(conn, dom_handle)
-{
- var io = irpcObj();
- io.input.domain_handle = dom_handle;
- io.input.resume_handle = 0;
- io.input.acct_flags = 0;
- io.input.max_size = -1;
- var status = conn.samr_EnumDomainGroups(io);
- check_status_ok(status);
- return samArray(io.output);
-}
-
-/*
- return a list of domains
-*/
-function samrEnumDomains(conn, handle)
-{
- var io = irpcObj();
- io.input.connect_handle = handle;
- io.input.resume_handle = 0;
- io.input.buf_size = -1;
- var status = conn.samr_EnumDomains(io);
- check_status_ok(status);
- return samArray(io.output);
-}
-
-/*
- return information about a user
-*/
-function samrQueryUserInfo(conn, user_handle, level)
-{
- var r, io = irpcObj();
- io.input.user_handle = user_handle;
- io.input.level = level;
- var status = conn.samr_QueryUserInfo(io);
- check_status_ok(status);
- return io.output.info.info3;
-}
-
-
-/*
- fill a user array with user information from samrQueryUserInfo
-*/
-function samrFillUserInfo(conn, dom_handle, users, level)
-{
- var i;
- for (i=0;i<users.length;i++) {
- var r, user_handle, info;
- user_handle = samrOpenUser(conn, dom_handle, users[i].idx);
- info = samrQueryUserInfo(conn, user_handle, level);
- info.name = users[i].name;
- info.idx = users[i].idx;
- users[i] = info;
- samrClose(conn, user_handle);
- }
-}
-
diff --git a/source4/scripting/libjs/winreg.js b/source4/scripting/libjs/winreg.js
deleted file mode 100644
index 9db415694d..0000000000
--- a/source4/scripting/libjs/winreg.js
+++ /dev/null
@@ -1,291 +0,0 @@
-/*
- winreg rpc utility functions
- Copyright Andrew Tridgell 2005
- released under the GNU GPL version 3 or later
-*/
-
-libinclude("base.js");
-
-/*
- close a handle
-*/
-function __winreg_close(handle)
-{
- var io = irpcObj();
- io.input.handle = handle;
- this.winreg_CloseKey(io);
-}
-
-
-/*
- open a hive
-*/
-function __winreg_open_hive(hive)
-{
- var io = irpcObj();
- io.input.system_name = NULL;
- io.input.access_mask = this.SEC_FLAG_MAXIMUM_ALLOWED;
- var status;
- if (hive == "HKLM") {
- status = this.winreg_OpenHKLM(io);
- } else if (hive == "HKCR") {
- status = this.winreg_OpenHKCR(io);
- } else if (hive == "HKPD") {
- status = this.winreg_OpenHKPD(io);
- } else if (hive == "HKU") {
- status = this.winreg_OpenHKU(io);
- } else {
- this._last_error = "Unknown hive " + hive;
- return undefined;
- }
- if (!status.is_ok) {
- return undefined;
- }
- return io.output.handle;
-}
-
-/*
- open a handle to a path
-*/
-function __winreg_open_path(path)
-{
- var s = string_init();
- var i, components = s.split('\\', path);
-
- /* cope with a leading slash */
- if (components[0] == '') {
- for (i=0;i<(components.length-1);i++) {
- components[i] = components[i+1];
- }
- delete(components[i]);
- }
-
- if (components.length == 0) {
- return undefined;
- }
-
- var handle = this.open_hive(components[0]);
- if (handle == undefined) {
- return undefined;
- }
-
- if (components.length == 1) {
- return handle;
- }
-
- var hpath = components[1];
-
- for (i=2;i<components.length;i++) {
- hpath = hpath + "\\" + components[i];
- }
-
- io = irpcObj();
- io.input.parent_handle = handle;
- io.input.keyname = hpath;
- io.input.unknown = 0;
- io.input.access_mask = this.SEC_FLAG_MAXIMUM_ALLOWED;
- var status = this.winreg_OpenKey(io);
-
- this.close(handle);
-
- if (!status.is_ok) {
- return undefined;
- }
- if (io.output.result != "WERR_OK") {
- return undefined;
- }
-
- return io.output.handle;
-}
-
-/*
- return a list of keys for a winreg server given a path
- usage:
- list = reg.enum_path(path);
-*/
-function __winreg_enum_path(path)
-{
- var list = new Array(0);
-
- if (path == null || path == "\\" || path == "") {
- return new Array("HKLM", "HKU");
- }
-
- var handle = this.open_path(path);
- if (handle == undefined) {
- return undefined;
- }
-
- var io = irpcObj();
- io.input.handle = handle;
- io.input.name = new Object();
- io.input.name.length = 0;
- io.input.name.size = 32;
- io.input.name.name = NULL;
- io.input.keyclass = new Object();
- io.input.keyclass.length = 0;
- io.input.keyclass.size = 1024;
- io.input.keyclass.name = NULL;
- io.input.last_changed_time = 0;
-
- var idx = 0;
- for (idx=0;idx >= 0;idx++) {
- io.input.enum_index = idx;
- var status = this.winreg_EnumKey(io);
- if (!status.is_ok) {
- this.close(handle);
- return list;
- }
- var out = io.output;
- if (out.result == "WERR_MORE_DATA") {
- io.input.name.size = io.input.name.size * 2;
- idx--;
- if (io.input.name.size > 32000) {
- this.close(handle);
- return list;
- }
- continue;
- }
- if (out.result != "WERR_OK") {
- this.close(handle);
- return list;
- }
- list[list.length] = out.name.name;
- }
-
- this.close(handle);
- return list;
-}
-
-
-/*
- return a list of values for a winreg server given a path
- usage:
- list = reg.enum_values(path);
-
- each returned list element is an object containing a name, a
- type and a value
-*/
-function __winreg_enum_values(path)
-{
- var data = datablob_init();
- var list = new Array(0);
-
- var handle = this.open_path(path);
- if (handle == undefined) {
- return undefined;
- }
-
- var io = irpcObj();
- io.input.handle = handle;
- io.input.name = new Object();
- io.input.name.length = 0;
- io.input.name.size = 128;
- io.input.name.name = "";
- io.input.type = 0;
- io.input.value = new Array(0);
- io.input.size = 1024;
- io.input.length = 0;
-
- var idx;
- for (idx=0;idx >= 0;idx++) {
- io.input.enum_index = idx;
- var status = this.winreg_EnumValue(io);
- if (!status.is_ok) {
- this.close(handle);
- return list;
- }
- var out = io.output;
- if (out.result == "WERR_MORE_DATA") {
- io.input.size = io.input.size * 2;
- io.input.name.size = io.input.name.size * 2;
- idx--;
- /* limit blobs to 1M */
- if (io.input.size > 1000000) {
- this.close(handle);
- return list;
- }
- continue;
- }
- if (out.result != "WERR_OK") {
- this.close(handle);
- return list;
- }
- var el = new Object();
- el.name = out.name.name;
- el.type = out.type;
- el.rawvalue = out.value;
- el.value = data.regToVar(el.rawvalue, el.type);
- el.size = out.size;
- list[list.length] = el;
- }
-
- this.close(handle);
- return list;
-}
-
-
-/*
- create a new key
- ok = reg.create_key(path, key);
-*/
-function __winreg_create_key(path, key)
-{
- var handle = this.open_path(path);
- if (handle == undefined) {
- return undefined;
- }
-
- var io = irpcObj();
- io.input.handle = handle;
- io.input.name = key;
- io.input.keyclass = NULL;
- io.input.options = 0;
- io.input.access_mask = this.SEC_FLAG_MAXIMUM_ALLOWED;
- io.input.secdesc = NULL;
- io.input.action_taken = 0;
-
- var status = this.winreg_CreateKey(io);
- this.close(handle);
- if (!status.is_ok) {
- return false;
- }
- if (io.output.result != "WERR_OK") {
- return false;
- }
- this.close(io.output.new_handle);
- return true;
-}
-
-
-/*
- return a string for a winreg type
-*/
-function __winreg_typestring(type)
-{
- return this.typenames[type];
-}
-
-/*
- initialise the winreg lib, returning an object
-*/
-function winregObj()
-{
- var reg = winreg_init();
- security_init(reg);
-
- reg.typenames = new Array("REG_NONE", "REG_SZ", "REG_EXPAND_SZ", "REG_BINARY",
- "REG_DWORD", "REG_DWORD_BIG_ENDIAN", "REG_LINK", "REG_MULTI_SZ",
- "REG_RESOURCE_LIST", "REG_FULL_RESOURCE_DESCRIPTOR",
- "REG_RESOURCE_REQUIREMENTS_LIST", "REG_QWORD");
-
- reg.close = __winreg_close;
- reg.open_hive = __winreg_open_hive;
- reg.open_path = __winreg_open_path;
- reg.enum_path = __winreg_enum_path;
- reg.enum_values = __winreg_enum_values;
- reg.create_key = __winreg_create_key;
- reg.typestring = __winreg_typestring;
-
- return reg;
-}
generated by cgit (git 2.34.1) at 2025-11-04 14:03:02 +0000