From 575845ccbeb2acc5dcb5133b80fd19b1d80169f2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 30 Nov 2006 07:38:40 +0000 Subject: r19963: Add 'registry shares = yes' and registry key security descriptors. (This used to be commit 6cab254c49e07b11c170511ec613f0f33914c3e6) --- source3/rpc_server/srv_winreg_nt.c | 38 +++++++++++++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 3 deletions(-) (limited to 'source3/rpc_server/srv_winreg_nt.c') diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index 16c271427e..847bc967c5 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -1478,6 +1478,10 @@ WERROR _winreg_DeleteValue(pipes_struct *p, struct policy_handle *handle, struct WERROR _winreg_GetKeySecurity(pipes_struct *p, struct policy_handle *handle, uint32_t sec_info, struct KeySecurityData *sd) { REGISTRY_KEY *key = find_regkey_by_hnd(p, handle); + WERROR err; + struct security_descriptor *secdesc; + uint8 *data; + size_t len; if ( !key ) return WERR_BADFID; @@ -1486,8 +1490,28 @@ WERROR _winreg_GetKeySecurity(pipes_struct *p, struct policy_handle *handle, uin if ( !(key->access_granted & STD_RIGHT_READ_CONTROL_ACCESS) ) return WERR_ACCESS_DENIED; + + err = regkey_get_secdesc(p->mem_ctx, key, &secdesc); + if (!W_ERROR_IS_OK(err)) { + return err; + } + + err = ntstatus_to_werror(marshall_sec_desc(p->mem_ctx, secdesc, + &data, &len)); + if (!W_ERROR_IS_OK(err)) { + return err; + } + + if (len > sd->size) { + sd->size = len; + return WERR_INSUFFICIENT_BUFFER; + } + + sd->size = len; + sd->len = len; + sd->data = data; - return WERR_ACCESS_DENIED; + return WERR_OK; } /******************************************************************* @@ -1496,6 +1520,8 @@ WERROR _winreg_GetKeySecurity(pipes_struct *p, struct policy_handle *handle, uin WERROR _winreg_SetKeySecurity(pipes_struct *p, struct policy_handle *handle, uint32_t access_mask, struct KeySecurityData *sd) { REGISTRY_KEY *key = find_regkey_by_hnd(p, handle); + struct security_descriptor *secdesc; + WERROR err; if ( !key ) return WERR_BADFID; @@ -1504,8 +1530,14 @@ WERROR _winreg_SetKeySecurity(pipes_struct *p, struct policy_handle *handle, uin if ( !(key->access_granted & STD_RIGHT_WRITE_DAC_ACCESS) ) return WERR_ACCESS_DENIED; - - return WERR_ACCESS_DENIED; + + err = ntstatus_to_werror(unmarshall_sec_desc(p->mem_ctx, sd->data, + sd->len, &secdesc)); + if (!W_ERROR_IS_OK(err)) { + return err; + } + + return regkey_set_secdesc(key, secdesc); } /******************************************************************* -- cgit