From 597c5a6caa871b724ee1337f14467950b0707b34 Mon Sep 17 00:00:00 2001
From: Luke Leighton <lkcl@samba.org>
Date: Thu, 12 Nov 1998 19:21:20 +0000
Subject: jean-f. sent me some S-1-3-0,1,2,3 SIDs and names.  S-1-3 doesn't
 exist.

security descriptor testing.  hey wow, you can get a SD then send it back!
(This used to be commit 7466c3113ef8f8a89b8496efadfeb611c9f3e069)
---
 source3/rpcclient/cmd_reg.c   | 96 ++++++++++++++++++++++++++++++++++++++++++-
 source3/rpcclient/rpcclient.c |  1 +
 2 files changed, 96 insertions(+), 1 deletion(-)

(limited to 'source3/rpcclient')

diff --git a/source3/rpcclient/cmd_reg.c b/source3/rpcclient/cmd_reg.c
index fd5fc71828..ada125e448 100644
--- a/source3/rpcclient/cmd_reg.c
+++ b/source3/rpcclient/cmd_reg.c
@@ -717,7 +717,7 @@ void cmd_reg_create_key(struct client_info *info)
 /****************************************************************************
 nt registry security info
 ****************************************************************************/
-void cmd_reg_get_key_sec(struct client_info *info)
+void cmd_reg_test_key_sec(struct client_info *info)
 {
 	BOOL res = True;
 	BOOL res3 = True;
@@ -779,6 +779,10 @@ void cmd_reg_get_key_sec(struct client_info *info)
 		display_sec_desc(out_hnd, ACTION_HEADER   , sec_buf.sec);
 		display_sec_desc(out_hnd, ACTION_ENUMERATE, sec_buf.sec);
 		display_sec_desc(out_hnd, ACTION_FOOTER   , sec_buf.sec);
+
+		res4 = res4 ? do_reg_set_key_sec(smb_cli, &key_pol,
+				sec_buf_size, sec_buf.sec) : False;
+
 		free(sec_buf.sec);
 	}
 
@@ -805,3 +809,93 @@ void cmd_reg_get_key_sec(struct client_info *info)
 	}
 }
 
+/****************************************************************************
+nt registry security info
+****************************************************************************/
+void cmd_reg_get_key_sec(struct client_info *info)
+{
+	BOOL res = True;
+	BOOL res3 = True;
+	BOOL res4 = True;
+
+	POLICY_HND key_pol;
+	fstring full_keyname;
+	fstring key_name;
+
+	/*
+	 * security info
+	 */
+
+	uint32 sec_buf_size;
+	SEC_DESC_BUF sec_buf;
+
+	DEBUG(5, ("cmd_reg_get_key_sec: smb_cli->fd:%d\n", smb_cli->fd));
+
+	if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname)))
+	{
+		fprintf(out_hnd, "reggetsec <key_name>\n");
+		return;
+	}
+
+	/* open WINREG session. */
+	res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False;
+
+	/* open registry receive a policy handle */
+	res = res ? do_reg_connect(smb_cli, full_keyname, key_name,
+				&info->dom.reg_pol_connect) : False;
+
+	if ((*key_name) != 0)
+	{
+		/* open an entry */
+		res3 = res  ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect,
+					 key_name, 0x02000000, &key_pol) : False;
+	}
+	else
+	{
+		memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol));
+	}
+
+	/* open an entry */
+	res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect,
+				 key_name, 0x02000000, &key_pol) : False;
+
+	/* query key sec info.  first call sets sec_buf_size. */
+	sec_buf_size = 0;
+	sec_buf.sec = NULL;
+
+	res4 = res3 ? do_reg_get_key_sec(smb_cli, &key_pol,
+				&sec_buf_size, &sec_buf) : False;
+	
+	res4 = res4 ? do_reg_get_key_sec(smb_cli, &key_pol,
+				&sec_buf_size, &sec_buf) : False;
+
+	if (res4 && sec_buf.len > 0 && sec_buf.sec != NULL)
+	{
+		display_sec_desc(out_hnd, ACTION_HEADER   , sec_buf.sec);
+		display_sec_desc(out_hnd, ACTION_ENUMERATE, sec_buf.sec);
+		display_sec_desc(out_hnd, ACTION_FOOTER   , sec_buf.sec);
+		free(sec_buf.sec);
+	}
+
+	/* close the key handle */
+	if ((*key_name) != 0)
+	{
+		res3 = res3 ? do_reg_close(smb_cli, &key_pol) : False;
+	}
+
+	/* close the registry handles */
+	res  = res  ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False;
+
+	/* close the session */
+	cli_nt_session_close(smb_cli);
+
+	if (res && res3 && res4)
+	{
+		DEBUG(5,("cmd_reg_get_key_sec: query succeeded\n"));
+	}
+	else
+	{
+		DEBUG(5,("cmd_reg_get_key_sec: query failed\n"));
+	}
+}
+
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 5fbd8e1cbc..bf003893bc 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -112,6 +112,7 @@ struct
   {"regdeleteval",cmd_reg_delete_val,  "<valname> Registry Value Delete"},
   {"regcreateval",cmd_reg_create_val,  "<valname> <valtype> <value> Registry Key Create"},
   {"reggetsec",  cmd_reg_get_key_sec,  "<keyname> Registry Key Security"},
+  {"regtestsec", cmd_reg_test_key_sec, "<keyname> Test Registry Key Security"},
   {"ntlogin",    cmd_netlogon_login_test, "[username] [password] NT Domain login test"},
   {"wksinfo",    cmd_wks_query_info,   "Workstation Query Info"},
   {"srvinfo",    cmd_srv_query_info,   "Server Query Info"},
-- 
cgit