From 094166151b950e0c1f1fb12f4320d6bcb3673988 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Thu, 31 Oct 2002 17:27:47 +0000 Subject: Add a small utility that can print out the SEC DESCs in NTUSER.DAT. This is an early, messy version of the code, but it illustrates what can be done. It currently only prints the Owner SID, Group SID, and Perms and SID from each ACE. Once more work is done, it could actually walk the SEC DESCs and ACEs and change the SIDS ... (This used to be commit 322151509c255aa288627ae239661154ab0c83d5) --- source3/utils/profiles.c | 250 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 250 insertions(+) create mode 100644 source3/utils/profiles.c (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c new file mode 100644 index 0000000000..f14bcf8d85 --- /dev/null +++ b/source3/utils/profiles.c @@ -0,0 +1,250 @@ +#include "includes.h" +#include +#include +#include +#include +#include +#include + +typedef unsigned int DWORD; +typedef unsigned short WORD; + +#define REG_REGF_ID 0x66676572 + +typedef struct regf_block { + DWORD REGF_ID; /* regf */ + DWORD uk1; + DWORD uk2; + DWORD tim1, tim2; + DWORD uk3; /* 1 */ + DWORD uk4; /* 3 */ + DWORD uk5; /* 0 */ + DWORD uk6; /* 1 */ + DWORD first_key; /* offset */ + unsigned int dblk_size; + DWORD uk7[116]; /* 1 */ + DWORD chksum; +} REGF_HDR; + +typedef struct hbin_sub_struct { + DWORD dblocksize; + char data[1]; +} HBIN_SUB_HDR; + +#define REG_HBIN_ID 0x6E696268 + +typedef struct hbin_struct { + DWORD HBIN_ID; /* hbin */ + DWORD next_off; + DWORD prev_off; + DWORD uk1; + DWORD uk2; + DWORD uk3; + DWORD uk4; + DWORD blk_size; + HBIN_SUB_HDR hbin_sub_hdr; +} HBIN_HDR; + +#define REG_NK_ID 0x6B6E + +typedef struct nk_struct { + WORD NK_ID; + WORD type; + DWORD t1, t2; + DWORD uk1; + DWORD own_off; + DWORD subk_num; + DWORD uk2; + DWORD lf_off; + DWORD uk3; + DWORD val_cnt; + DWORD val_off; + DWORD sk_off; + DWORD clsnam_off; +} NK_HDR; + +#define REG_SK_ID 0x6B73 + +typedef struct sk_struct { + WORD SK_ID; + WORD uk1; + DWORD prev_off; + DWORD next_off; + DWORD ref_cnt; + DWORD rec_size; + char sec_desc[1]; +} SK_HDR; + +typedef struct sec_desc_rec { + WORD rev; + WORD type; + DWORD owner_off; + DWORD group_off; + DWORD sacl_off; + DWORD dacl_off; +} MY_SEC_DESC; + +typedef struct ace_struct { + unsigned char type; + unsigned char flags; + unsigned short length; + unsigned int perms; + DOM_SID trustee; +} ACE; + +typedef struct acl_struct { + WORD rev; + WORD size; + DWORD num_aces; + ACE *aces; /* One or more ACEs */ +} ACL; + +#define OFF(f) (0x1000 + (f) + 4) + +void print_sid(DOM_SID *sid) +{ + int i, comps = sid->num_auths; + fprintf(stdout, "S-%u-%u", sid->sid_rev_num, sid->id_auth[5]); + + for (i = 0; i < comps; i++) { + + fprintf(stdout, "-%u", sid->sub_auths[i]); + + } + fprintf(stdout, "\n"); +} + +void print_acl(ACL *acl, char *prefix) +{ + int ace_cnt, i; + ACE *ace; + + ace_cnt = acl->num_aces; + ace = &acl->aces; + fprintf(stdout, "%sACEs: %u\n", prefix, ace_cnt); + for (i=0; iperms); + print_sid(&ace->trustee); + ace = (ACE *)((char *)ace + ace->length); + } +} + +int main(int argc, char *argv[]) +{ + int i, fd, aces, start = 0; + void *base; + struct stat sbuf; + fstring sid_str; + REGF_HDR *regf_hdr; + HBIN_HDR *hbin_hdr; + NK_HDR *nk_hdr; + SK_HDR *sk_hdr; + WORD first_sk_off, sk_off; + MY_SEC_DESC *sec_desc; + int *ptr; + + if (argc < 2) { + fprintf(stderr, "Usage: profiles profile-file\n"); + exit(1); + } + + fd = open(argv[1], O_RDWR, 0000); + + if (fd < 0) { + fprintf(stderr, "Could not open %s: %s\n", argv[1], + strerror(errno)); + exit(2); + } + + if (fstat(fd, &sbuf) < 0) { + fprintf(stderr, "Could not stat file %s, %s\n", argv[1], + strerror(errno)); + exit(3); + } + + /* + * Now, mmap the file into memory, check the header and start + * dealing with the records. We are interested in the sk record + */ + start = 0; + base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); + + if ((int)base == -1) { + fprintf(stderr, "Could not mmap file: %s, %s\n", argv[1], + strerror(errno)); + exit(4); + } + + regf_hdr = (REGF_HDR *)base; + + fprintf(stdout, "Registry file size: %u\n", sbuf.st_size); + + if (regf_hdr->REGF_ID != REG_REGF_ID) { + fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[1]); + exit(5); + } + + fprintf(stdout, "First Key Off: %u, Data Block Size: %u\n", + regf_hdr->first_key, regf_hdr->dblk_size); + + hbin_hdr = (HBIN_HDR *)(base + 0x1000); + + /* + * This should be the hbin_hdr + */ + + if (hbin_hdr->HBIN_ID != REG_HBIN_ID) { + fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[1]); + exit(6); + } + + fprintf(stdout, "Next Off: %u, Prev Off: %u\n", + hbin_hdr->next_off, hbin_hdr->prev_off); + + nk_hdr = (NK_HDR *)(base + 0x1000 + regf_hdr->first_key + 4); + + if (nk_hdr->NK_ID != REG_NK_ID) { + fprintf(stderr, "Incorrect NK Header: %s\n", argv[1]); + exit(7); + } + + fprintf(stdout, "Type: %0x\n", nk_hdr->type); + fprintf(stdout, "SK Off : %o\n", (0x1000 + nk_hdr->sk_off + 4)); + + sk_hdr = (SK_HDR *)(base + 0x1000 + nk_hdr->sk_off + 4); + sk_off = first_sk_off = nk_hdr->sk_off; + + do { + DOM_SID *owner_sid, *group_sid; + ACL *sacl, *dacl; + if (sk_hdr->SK_ID != REG_SK_ID) { + fprintf(stderr, "Incorrect SK Header format: %08X\n", + (0x1000 + nk_hdr->sk_off + 4)); + exit(8); + } + ptr = (int *)sk_hdr; + fprintf(stdout, "Off: %08X, Refs: %u, Size: %u\n", + sk_off, sk_hdr->ref_cnt, sk_hdr->rec_size); + sec_desc = &(sk_hdr->sec_desc[0]); + owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + sec_desc->owner_off); + group_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + sec_desc->group_off); + sacl = (ACL *)(&sk_hdr->sec_desc[0] + sec_desc->sacl_off); + dacl = (ACL *)(&sk_hdr->sec_desc[0] + sec_desc->dacl_off); + fprintf(stdout, " Owner SID: "); print_sid(owner_sid); + fprintf(stdout, " Group SID: "); print_sid(group_sid); + fprintf(stdout, " SACL: "); + if (!sec_desc->sacl_off) + fprintf(stdout, "NONE\n"); + else + print_acl(sacl, " "); + fprintf(stdout, " DACL: "); + if (!sec_desc->dacl_off) + fprintf(stdout, "NONE\n"); + else + print_acl(dacl, " "); + sk_off = sk_hdr->prev_off; + sk_hdr = (SK_HDR *)(base + OFF(sk_hdr->prev_off)); + } while (sk_off != first_sk_off); + +} + -- cgit From 689d510ef6b071ed220e41293c64a36ea79597b7 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Fri, 1 Nov 2002 05:06:19 +0000 Subject: Add more code to the profiles program and add Makefile.in support. (This used to be commit daefe52a56a7b977b8e561f8f668c42183de413b) --- source3/utils/profiles.c | 365 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 353 insertions(+), 12 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index f14bcf8d85..fcf01d71df 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -1,3 +1,293 @@ +/* + Samba Unix/Linux SMB client utility profiles.c + Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +/************************************************************************* + + A utility to report and change SIDs in registry files + + Many of the ideas in here come from other people and software. + I first looked in Wine in misc/registry.c and was also influenced by + http://www.wednesday.demon.co.uk/dosreg.html + + Which seems to contain comments from someone else. I reproduce them here + incase the site above disappears. It actually comes from + http://home.eunet.no/~pnordahl/ntpasswd/WinReg.txt. + +The windows NT registry has 2 different blocks, where one can occure many +times... + +the "regf"-Block +================ + +"regf" is obviosly the abbreviation for "Registry file". "regf" is the +signature of the header-block which is always 4kb in size, although only +the first 64 bytes seem to be used and a checksum is calculated over +the first 0x200 bytes only! + +Offset Size Contents +0x00000000 D-Word ID: ASCII-"regf" = 0x66676572 +0x00000004 D-Word ???? //see struct REGF +0x00000008 D-Word ???? Always the same value as at 0x00000004 +0x0000000C Q-Word last modify date in WinNT date-format +0x00000014 D-Word 1 +0x00000018 D-Word 3 +0x0000001C D-Word 0 +0x00000020 D-Word 1 +0x00000024 D-Word Offset of 1st key record +0x00000028 D-Word Size of the data-blocks (Filesize-4kb) +0x0000002C D-Word 1 +0x000001FC D-Word Sum of all D-Words from 0x00000000 to +0x000001FB //XOR of all words. Nigel + +I have analyzed more registry files (from multiple machines running +NT 4.0 german version) and could not find an explanation for the values +marked with ???? the rest of the first 4kb page is not important... + +the "hbin"-Block +================ +I don't know what "hbin" stands for, but this block is always a multiple +of 4kb in size. + +Inside these hbin-blocks the different records are placed. The memory- +management looks like a C-compiler heap management to me... + +hbin-Header +=========== +Offset Size Contents +0x0000 D-Word ID: ASCII-"hbin" = 0x6E696268 +0x0004 D-Word Offset from the 1st hbin-Block +0x0008 D-Word Offset to the next hbin-Block +0x001C D-Word Block-size + +The values in 0x0008 and 0x001C should be the same, so I don't know +if they are correct or swapped... + +From offset 0x0020 inside a hbin-block data is stored with the following +format: + +Offset Size Contents +0x0000 D-Word Data-block size //this size must be a +multiple of 8. Nigel +0x0004 ???? Data + +If the size field is negative (bit 31 set), the corresponding block +is free and has a size of -blocksize! + +The data is stored as one record per block. Block size is a multiple +of 4 and the last block reaches the next hbin-block, leaving no room. + +Records in the hbin-blocks +========================== + +nk-Record + + The nk-record can be treated as a kombination of tree-record and + key-record of the win 95 registry. + +lf-Record + + The lf-record is the counterpart to the RGKN-record (the + hash-function) + +vk-Record + + The vk-record consists information to a single value. + +sk-Record + + sk (? Security Key ?) is the ACL of the registry. + +Value-Lists + + The value-lists contain information about which values are inside a + sub-key and don't have a header. + +Datas + + The datas of the registry are (like the value-list) stored without a + header. + +All offset-values are relative to the first hbin-block and point to the +block-size field of the record-entry. to get the file offset, you have to add +the header size (4kb) and the size field (4 bytes)... + +the nk-Record +============= +Offset Size Contents +0x0000 Word ID: ASCII-"nk" = 0x6B6E +0x0002 Word for the root-key: 0x2C, otherwise 0x20 //key symbolic links 0x10. Nigel +0x0004 Q-Word write-date/time in windows nt notation +0x0010 D-Word Offset of Owner/Parent key +0x0014 D-Word number of sub-Keys +0x001C D-Word Offset of the sub-key lf-Records +0x0024 D-Word number of values +0x0028 D-Word Offset of the Value-List +0x002C D-Word Offset of the sk-Record + +0x0030 D-Word Offset of the Class-Name //see NK structure for the use of these fields. Nigel +0x0044 D-Word Unused (data-trash) //some kind of run time index. Does not appear to be important. Nigel +0x0048 Word name-length +0x004A Word class-name length +0x004C ???? key-name + +the Value-List +============== +Offset Size Contents +0x0000 D-Word Offset 1st Value +0x0004 D-Word Offset 2nd Value +0x???? D-Word Offset nth Value + +To determine the number of values, you have to look at the owner-nk-record! + +Der vk-Record +============= +Offset Size Contents +0x0000 Word ID: ASCII-"vk" = 0x6B76 +0x0002 Word name length +0x0004 D-Word length of the data //if top bit is set when offset contains data. Nigel +0x0008 D-Word Offset of Data +0x000C D-Word Type of value +0x0010 Word Flag +0x0012 Word Unused (data-trash) +0x0014 ???? Name + +If bit 0 of the flag-word is set, a name is present, otherwise the value has no name (=default) + +If the data-size is lower 5, the data-offset value is used to store the data itself! + +The data-types +============== +Wert Beteutung +0x0001 RegSZ: character string (in UNICODE!) +0x0002 ExpandSZ: string with "%var%" expanding (UNICODE!) +0x0003 RegBin: raw-binary value +0x0004 RegDWord: Dword +0x0007 RegMultiSZ: multiple strings, seperated with 0 + (UNICODE!) + +The "lf"-record +=============== +Offset Size Contents +0x0000 Word ID: ASCII-"lf" = 0x666C +0x0002 Word number of keys +0x0004 ???? Hash-Records + +Hash-Record +=========== +Offset Size Contents +0x0000 D-Word Offset of corresponding "nk"-Record +0x0004 D-Word ASCII: the first 4 characters of the key-name, padded with 0's. Case sensitiv! + +Keep in mind, that the value at 0x0004 is used for checking the data-consistency! If you change the +key-name you have to change the hash-value too! + +//These hashrecords must be sorted low to high within the lf record. Nigel. + +The "sk"-block +============== +(due to the complexity of the SAM-info, not clear jet) + +Offset Size Contents +0x0000 Word ID: ASCII-"sk" = 0x6B73 +0x0002 Word Unused +0x0004 D-Word Offset of previous "sk"-Record +0x0008 D-Word Offset of next "sk"-Record +0x000C D-Word usage-counter +0x0010 D-Word Size of "sk"-record in bytes +???? //standard self +relative security desciptor. Nigel +???? ???? Security and auditing settings... +???? + +The usage counter counts the number of references to this +"sk"-record. You can use one "sk"-record for the entire registry! + +Windows nt date/time format +=========================== +The time-format is a 64-bit integer which is incremented every +0,0000001 seconds by 1 (I don't know how accurate it realy is!) +It starts with 0 at the 1st of january 1601 0:00! All values are +stored in GMT time! The time-zone is important to get the real +time! + +Common values for win95 and win-nt +================================== +Offset values marking an "end of list", are either 0 or -1 (0xFFFFFFFF). +If a value has no name (length=0, flag(bit 0)=0), it is treated as the +"Default" entry... +If a value has no data (length=0), it is displayed as empty. + +simplyfied win-3.?? registry: +============================= + ++-----------+ +| next rec. |---+ +----->+------------+ +| first sub | | | | Usage cnt. | +| name | | +-->+------------+ | | length | +| value | | | | next rec. | | | text |------->+-------+ ++-----------+ | | | name rec. |--+ +------------+ | xxxxx | + +------------+ | | value rec. |-------->+------------+ +-------+ + v | +------------+ | Usage cnt. | ++-----------+ | | length | +| next rec. | | | text |------->+-------+ +| first sub |------+ +------------+ | xxxxx | +| name | +-------+ +| value | ++-----------+ + +Greatly simplyfied structure of the nt-registry: +================================================ + ++---------------------------------------------------------------+ +| | +v | ++---------+ +---------->+-----------+ +----->+---------+ | +| "nk" | | | lf-rec. | | | nk-rec. | | +| ID | | | # of keys | | | parent |---+ +| Date | | | 1st key |--+ | .... | +| parent | | +-----------+ +---------+ +| suk-keys|-----+ +| values |--------------------->+----------+ +| SK-rec. |---------------+ | 1. value |--> +----------+ +| class |--+ | +----------+ | vk-rec. | ++---------+ | | | .... | + v | | data |--> +-------+ + +------------+ | +----------+ | xxxxx | + | Class name | | +-------+ + +------------+ | + v + +---------+ +---------+ + +----->| next sk |--->| Next sk |--+ + | +---| prev sk |<---| prev sk | | + | | | .... | | ... | | + | | +---------+ +---------+ | + | | ^ | | + | +----------+ | + +-------------------------------+ + +--------------------------------------------------------------------------- + +Hope this helps.... (Although it was "fun" for me to uncover this things, + it took me several sleepless nights ;) + + B.D. + +*************************************************************************/ #include "includes.h" #include #include @@ -101,6 +391,36 @@ typedef struct acl_struct { #define OFF(f) (0x1000 + (f) + 4) +/* Compare two SIDs for equality */ +int compare_sid(DOM_SID *s1, DOM_SID *s2) +{ + int sa1, sa2; + + if (s1->sid_rev_num != s2->sid_rev_num) return 0; + + sa1 = s1->num_auths; sa2 = s2->num_auths; + + if (sa1 != sa2) return 0; + + return !bcmp((char *)&s1->id_auth, (char *)&s2->id_auth, + 6 + sa1 * 4); + +} + +/* + * Replace SID1, component by component with SID2 + * Assumes will never be called with unequal length SIDS + * so only touches 21-x-y-z-rid portion + */ +void change_sid(DOM_SID *s1, DOM_SID *s2) +{ + int i; + + for (i=0; inum_auths; i++) { + s1->sub_auths[i] = s2->sub_auths[i]; + } +} + void print_sid(DOM_SID *sid) { int i, comps = sid->num_auths; @@ -120,7 +440,7 @@ void print_acl(ACL *acl, char *prefix) ACE *ace; ace_cnt = acl->num_aces; - ace = &acl->aces; + ace = (ACE *)&acl->aces; fprintf(stdout, "%sACEs: %u\n", prefix, ace_cnt); for (i=0; iperms); @@ -129,9 +449,23 @@ void print_acl(ACL *acl, char *prefix) } } +void usage(voi) +{ + fprintf(stderr, "usage: profiles [-c -n ] \n"); + fprintf(stderr, "Version: %s\n", VERSION); + fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid provides SID to change"); + fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid provides SID to change to"); + fprintf(stderr, "\n\t\tBoth must be present if the other is."); + fprintf(stderr, "\n\t\tIf neither present, just report the SIDs found\n"); +} + +DOM_SID old_sid, new_sid; + int main(int argc, char *argv[]) { int i, fd, aces, start = 0; + int verbose = 0; + int process_sids = 0; void *base; struct stat sbuf; fstring sid_str; @@ -144,10 +478,14 @@ int main(int argc, char *argv[]) int *ptr; if (argc < 2) { - fprintf(stderr, "Usage: profiles profile-file\n"); + usage(); exit(1); } + /* + * Now, process the arguments + */ + fd = open(argv[1], O_RDWR, 0000); if (fd < 0) { @@ -177,15 +515,15 @@ int main(int argc, char *argv[]) regf_hdr = (REGF_HDR *)base; - fprintf(stdout, "Registry file size: %u\n", sbuf.st_size); + if (verbose) fprintf(stdout, "Registry file size: %u\n", sbuf.st_size); if (regf_hdr->REGF_ID != REG_REGF_ID) { fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[1]); exit(5); } - fprintf(stdout, "First Key Off: %u, Data Block Size: %u\n", - regf_hdr->first_key, regf_hdr->dblk_size); + if (verbose) fprintf(stdout, "First Key Off: %u, Data Block Size: %u\n", + regf_hdr->first_key, regf_hdr->dblk_size); hbin_hdr = (HBIN_HDR *)(base + 0x1000); @@ -198,8 +536,8 @@ int main(int argc, char *argv[]) exit(6); } - fprintf(stdout, "Next Off: %u, Prev Off: %u\n", - hbin_hdr->next_off, hbin_hdr->prev_off); + if (verbose) fprintf(stdout, "Next Off: %u, Prev Off: %u\n", + hbin_hdr->next_off, hbin_hdr->prev_off); nk_hdr = (NK_HDR *)(base + 0x1000 + regf_hdr->first_key + 4); @@ -208,8 +546,10 @@ int main(int argc, char *argv[]) exit(7); } - fprintf(stdout, "Type: %0x\n", nk_hdr->type); - fprintf(stdout, "SK Off : %o\n", (0x1000 + nk_hdr->sk_off + 4)); + if (verbose) { + fprintf(stdout, "Type: %0x\n", nk_hdr->type); + fprintf(stdout, "SK Off : %o\n", (0x1000 + nk_hdr->sk_off + 4)); + } sk_hdr = (SK_HDR *)(base + 0x1000 + nk_hdr->sk_off + 4); sk_off = first_sk_off = nk_hdr->sk_off; @@ -223,9 +563,10 @@ int main(int argc, char *argv[]) exit(8); } ptr = (int *)sk_hdr; - fprintf(stdout, "Off: %08X, Refs: %u, Size: %u\n", - sk_off, sk_hdr->ref_cnt, sk_hdr->rec_size); - sec_desc = &(sk_hdr->sec_desc[0]); + if (verbose) fprintf(stdout, "Off: %08X, Refs: %u, Size: %u\n", + sk_off, sk_hdr->ref_cnt, sk_hdr->rec_size); + + sec_desc = (MY_SEC_DESC *)&(sk_hdr->sec_desc[0]); owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + sec_desc->owner_off); group_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + sec_desc->group_off); sacl = (ACL *)(&sk_hdr->sec_desc[0] + sec_desc->sacl_off); -- cgit From 38e7a103da05926eb8ffb95b5ffaee061f799824 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Fri, 1 Nov 2002 05:24:38 +0000 Subject: Fix small typo ... (This used to be commit 59735a5aac88b076320874f06056d50947396fb3) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index fcf01d71df..e5c00cf6e4 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -449,7 +449,7 @@ void print_acl(ACL *acl, char *prefix) } } -void usage(voi) +void usage(void) { fprintf(stderr, "usage: profiles [-c -n ] \n"); fprintf(stderr, "Version: %s\n", VERSION); -- cgit From cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Fri, 1 Nov 2002 07:43:54 +0000 Subject: Add more. Parse SIDs on the command line ... soon will actually mod the SecDescs in the NTUSER.DAT ... (This used to be commit dbc608ba7e591175cd02f4adfdcfecd1350526a5) --- source3/utils/profiles.c | 99 ++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 88 insertions(+), 11 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index e5c00cf6e4..d12ddbe331 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -391,6 +391,8 @@ typedef struct acl_struct { #define OFF(f) (0x1000 + (f) + 4) +void print_sid(DOM_SID *sid); + /* Compare two SIDs for equality */ int compare_sid(DOM_SID *s1, DOM_SID *s2) { @@ -407,6 +409,45 @@ int compare_sid(DOM_SID *s1, DOM_SID *s2) } +/* + * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and + * construct a DOM_SID + */ +int get_sid(DOM_SID *sid, char *sid_str) +{ + int i = 0, auth; + char *lstr; + + if (strncmp(sid_str, "S-1-5", 5)) { + fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str); + return 0; + } + + /* We only allow strings of form S-1-5... */ + + sid->sid_rev_num = 1; + sid->id_auth[5] = 5; + + lstr = sid_str + 5; + + while (1) { + if (!lstr || !lstr[0] || sscanf(lstr, "-%d", &auth) == 0) { + if (i < 4) { + fprintf(stderr, "Not of form -d-d...: %s, %u\n", lstr, i); + return 0; + } + sid->num_auths=i; + print_sid(sid); + return 1; + } + + sid->sub_auths[i++] = auth; + lstr = strchr(lstr + 1, '-'); + } + + return 1; +} + /* * Replace SID1, component by component with SID2 * Assumes will never be called with unequal length SIDS @@ -449,12 +490,12 @@ void print_acl(ACL *acl, char *prefix) } } -void usage(void) +void usage(voi) { fprintf(stderr, "usage: profiles [-c -n ] \n"); fprintf(stderr, "Version: %s\n", VERSION); - fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid provides SID to change"); - fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid provides SID to change to"); + fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid - provides SID to change"); + fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid - provides SID to change to"); fprintf(stderr, "\n\t\tBoth must be present if the other is."); fprintf(stderr, "\n\t\tIf neither present, just report the SIDs found\n"); } @@ -463,7 +504,10 @@ DOM_SID old_sid, new_sid; int main(int argc, char *argv[]) { - int i, fd, aces, start = 0; + extern char *optarg; + extern int optind; + int opt; + int i, fd, aces, start = 0, change = 0, new = 0; int verbose = 0; int process_sids = 0; void *base; @@ -486,16 +530,49 @@ int main(int argc, char *argv[]) * Now, process the arguments */ - fd = open(argv[1], O_RDWR, 0000); + while ((opt = getopt(argc, argv, "c:n:")) != EOF) { + switch (opt) { + case 'c': + change = 1; + if (!get_sid(&old_sid, optarg)) { + fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n"); + usage(); + exit(254); + } + break; + + case 'n': + new = 1; + if (!get_sid(&new_sid, optarg)) { + fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); + usage(); + exit(253); + } + + break; + + default: + usage(); + exit(255); + } + } + + if ((!change & new) || (change & !new)) { + fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); + usage(); + exit(252); + } + + fd = open(argv[optind], O_RDWR, 0000); if (fd < 0) { - fprintf(stderr, "Could not open %s: %s\n", argv[1], + fprintf(stderr, "Could not open %s: %s\n", argv[optind], strerror(errno)); exit(2); } if (fstat(fd, &sbuf) < 0) { - fprintf(stderr, "Could not stat file %s, %s\n", argv[1], + fprintf(stderr, "Could not stat file %s, %s\n", argv[optind], strerror(errno)); exit(3); } @@ -508,7 +585,7 @@ int main(int argc, char *argv[]) base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); if ((int)base == -1) { - fprintf(stderr, "Could not mmap file: %s, %s\n", argv[1], + fprintf(stderr, "Could not mmap file: %s, %s\n", argv[optind], strerror(errno)); exit(4); } @@ -518,7 +595,7 @@ int main(int argc, char *argv[]) if (verbose) fprintf(stdout, "Registry file size: %u\n", sbuf.st_size); if (regf_hdr->REGF_ID != REG_REGF_ID) { - fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[1]); + fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[optind]); exit(5); } @@ -532,7 +609,7 @@ int main(int argc, char *argv[]) */ if (hbin_hdr->HBIN_ID != REG_HBIN_ID) { - fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[1]); + fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[optind]); exit(6); } @@ -542,7 +619,7 @@ int main(int argc, char *argv[]) nk_hdr = (NK_HDR *)(base + 0x1000 + regf_hdr->first_key + 4); if (nk_hdr->NK_ID != REG_NK_ID) { - fprintf(stderr, "Incorrect NK Header: %s\n", argv[1]); + fprintf(stderr, "Incorrect NK Header: %s\n", argv[optind]); exit(7); } -- cgit From b6a34f656c26b57d69c4b28a0062f8a031a70d95 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Fri, 1 Nov 2002 08:53:28 +0000 Subject: Add the changes to change the SIDs ... You must make two passes over NTUSER.DAT, one for the OWNER SID and one for GROUP SID. I have not tested this yet ... that is, I have not tried to use this on a Win2K etc server. (This used to be commit 7eb89ba467a66190775943834683a42b693d2e3b) --- source3/utils/profiles.c | 64 ++++++++++++++++++++++++++++++++++-------------- 1 file changed, 45 insertions(+), 19 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index d12ddbe331..c8d875dfab 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -393,8 +393,12 @@ typedef struct acl_struct { void print_sid(DOM_SID *sid); +int verbose = 1; +DOM_SID old_sid, new_sid; +int change = 0, new = 0; + /* Compare two SIDs for equality */ -int compare_sid(DOM_SID *s1, DOM_SID *s2) +int my_sid_equal(DOM_SID *s1, DOM_SID *s2) { int sa1, sa2; @@ -475,16 +479,32 @@ void print_sid(DOM_SID *sid) fprintf(stdout, "\n"); } -void print_acl(ACL *acl, char *prefix) +void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) +{ + int i; + if (my_sid_equal(sid, o_sid)) { + + for (i=0; inum_auths; i++) { + sid->sub_auths[i] = n_sid->sub_auths[i]; + + } + + } + +} + +void process_acl(ACL *acl, char *prefix) { int ace_cnt, i; ACE *ace; ace_cnt = acl->num_aces; ace = (ACE *)&acl->aces; - fprintf(stdout, "%sACEs: %u\n", prefix, ace_cnt); + if (verbose) fprintf(stdout, "%sACEs: %u\n", prefix, ace_cnt); for (i=0; iperms); + if (verbose) fprintf(stdout, "%s Perms: %08X, SID: ", prefix, ace->perms); + if (change) + process_sid(&ace->trustee, &old_sid, &new_sid); print_sid(&ace->trustee); ace = (ACE *)((char *)ace + ace->length); } @@ -500,15 +520,12 @@ void usage(voi) fprintf(stderr, "\n\t\tIf neither present, just report the SIDs found\n"); } -DOM_SID old_sid, new_sid; - int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int opt; - int i, fd, aces, start = 0, change = 0, new = 0; - int verbose = 0; + int i, fd, aces, start = 0; int process_sids = 0; void *base; struct stat sbuf; @@ -582,7 +599,7 @@ int main(int argc, char *argv[]) * dealing with the records. We are interested in the sk record */ start = 0; - base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); + base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); if ((int)base == -1) { fprintf(stderr, "Could not mmap file: %s, %s\n", argv[optind], @@ -648,21 +665,30 @@ int main(int argc, char *argv[]) group_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + sec_desc->group_off); sacl = (ACL *)(&sk_hdr->sec_desc[0] + sec_desc->sacl_off); dacl = (ACL *)(&sk_hdr->sec_desc[0] + sec_desc->dacl_off); - fprintf(stdout, " Owner SID: "); print_sid(owner_sid); - fprintf(stdout, " Group SID: "); print_sid(group_sid); + if (verbose)fprintf(stdout, " Owner SID: "); + if (change) process_sid(owner_sid, &old_sid, &new_sid); + if (verbose) print_sid(owner_sid); + if (verbose) fprintf(stdout, " Group SID: "); + if (change) process_sid(group_sid, &old_sid, &new_sid); + if (verbose) print_sid(group_sid); fprintf(stdout, " SACL: "); - if (!sec_desc->sacl_off) - fprintf(stdout, "NONE\n"); + if (!sec_desc->sacl_off) { + if (verbose) fprintf(stdout, "NONE\n"); + } else - print_acl(sacl, " "); - fprintf(stdout, " DACL: "); - if (!sec_desc->dacl_off) - fprintf(stdout, "NONE\n"); + process_acl(sacl, " "); + if (verbose) fprintf(stdout, " DACL: "); + if (!sec_desc->dacl_off) { + if (verbose) fprintf(stdout, "NONE\n"); + } else - print_acl(dacl, " "); + process_acl(dacl, " "); sk_off = sk_hdr->prev_off; sk_hdr = (SK_HDR *)(base + OFF(sk_hdr->prev_off)); } while (sk_off != first_sk_off); -} + munmap(base, sbuf.st_size); + close(fd); + +} -- cgit From 949133f5f232622b5dd8ec6a03b6287a7b59853d Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Sat, 2 Nov 2002 06:21:10 +0000 Subject: Make sure that %u is used for SID elements ... (This used to be commit 82f6b264037a2f1b882dc75bc43c6c8b41477270) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index c8d875dfab..c939af276d 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -435,7 +435,7 @@ int get_sid(DOM_SID *sid, char *sid_str) lstr = sid_str + 5; while (1) { - if (!lstr || !lstr[0] || sscanf(lstr, "-%d", &auth) == 0) { + if (!lstr || !lstr[0] || sscanf(lstr, "-%u", &auth) == 0) { if (i < 4) { fprintf(stderr, "Not of form -d-d...: %s, %u\n", lstr, i); return 0; -- cgit From fd59cd42833c0bce9460d40ba6437eb04d48405c Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Tue, 5 Nov 2002 01:29:29 +0000 Subject: Start handling Big Endian machines as well as little endian. (This used to be commit 8f45315b913a9574dfeedaadf5560d143b38ca05) --- source3/utils/profiles.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index c939af276d..fabc118d81 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -445,7 +445,7 @@ int get_sid(DOM_SID *sid, char *sid_str) return 1; } - sid->sub_auths[i++] = auth; + SIVAL(&sid->sub_auths[i++], 0, auth); lstr = strchr(lstr + 1, '-'); } @@ -473,7 +473,7 @@ void print_sid(DOM_SID *sid) for (i = 0; i < comps; i++) { - fprintf(stdout, "-%u", sid->sub_auths[i]); + fprintf(stdout, "-%u", IVAL(&sid->sub_auths[i],0)); } fprintf(stdout, "\n"); -- cgit From 48e10c116d2ae79ef2e56aab89a706a76948a171 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Tue, 5 Nov 2002 02:11:42 +0000 Subject: Make all of the required (I think) changes to make this code work for big endian and little endian systems. (This used to be commit f50051120f93b5f95f72dcb3df201979e6302f5b) --- source3/utils/profiles.c | 86 ++++++++++++++++++++++++++++++++++-------------- 1 file changed, 61 insertions(+), 25 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index fabc118d81..96ab6d612c 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -456,6 +456,8 @@ int get_sid(DOM_SID *sid, char *sid_str) * Replace SID1, component by component with SID2 * Assumes will never be called with unequal length SIDS * so only touches 21-x-y-z-rid portion + * This routine does not need to deal with endianism as + * long as the incoming SIDs are both in the same (LE) format. */ void change_sid(DOM_SID *s1, DOM_SID *s2) { @@ -498,15 +500,16 @@ void process_acl(ACL *acl, char *prefix) int ace_cnt, i; ACE *ace; - ace_cnt = acl->num_aces; + ace_cnt = IVAL(&acl->num_aces, 0); ace = (ACE *)&acl->aces; if (verbose) fprintf(stdout, "%sACEs: %u\n", prefix, ace_cnt); for (i=0; iperms); + if (verbose) fprintf(stdout, "%s Perms: %08X, SID: ", prefix, + IVAL(&ace->perms, 0)); if (change) process_sid(&ace->trustee, &old_sid, &new_sid); print_sid(&ace->trustee); - ace = (ACE *)((char *)ace + ace->length); + ace = (ACE *)((char *)ace + SVAL(&ace->length, 0)); } } @@ -514,6 +517,7 @@ void usage(voi) { fprintf(stderr, "usage: profiles [-c -n ] \n"); fprintf(stderr, "Version: %s\n", VERSION); + fprintf(stderr, "\n\t-v\t sets verbose mode"); fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid - provides SID to change"); fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid - provides SID to change to"); fprintf(stderr, "\n\t\tBoth must be present if the other is."); @@ -547,7 +551,7 @@ int main(int argc, char *argv[]) * Now, process the arguments */ - while ((opt = getopt(argc, argv, "c:n:")) != EOF) { + while ((opt = getopt(argc, argv, "c:n:v")) != EOF) { switch (opt) { case 'c': change = 1; @@ -568,6 +572,10 @@ int main(int argc, char *argv[]) break; + case 'v': + verbose++; + break; + default: usage(); exit(255); @@ -607,64 +615,92 @@ int main(int argc, char *argv[]) exit(4); } + /* + * In what follows, and in places above, in order to work on both LE and + * BE platforms, we have to use the Samba macros to extract SHORT, LONG + * and associated UNSIGNED quantities from the data in the mmap'd file. + * NOTE, however, that we do not need to do anything with memory + * addresses that we construct from pointers in our address space. + * For example, + * + * sec_desc = (MY_SEC_DESC *)&(sk_hdr->sec_desc[0]); + * + * is simply taking the address of a structure we already have the address + * of in our address space, while, the fields within it, will have to + * be accessed with the macros: + * + * owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + + * IVAL(&sec_desc->owner_off, 0)); + * + * Which is pulling out an offset and adding it to an existing pointer. + * + */ + regf_hdr = (REGF_HDR *)base; if (verbose) fprintf(stdout, "Registry file size: %u\n", sbuf.st_size); - if (regf_hdr->REGF_ID != REG_REGF_ID) { + if (IVAL(®f_hdr->REGF_ID, 0) != REG_REGF_ID) { fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[optind]); exit(5); } if (verbose) fprintf(stdout, "First Key Off: %u, Data Block Size: %u\n", - regf_hdr->first_key, regf_hdr->dblk_size); + IVAL(®f_hdr->first_key, 0), + IVAL(®f_hdr->dblk_size, 0)); - hbin_hdr = (HBIN_HDR *)(base + 0x1000); + hbin_hdr = (HBIN_HDR *)(base + 0x1000); /* No need for Endian stuff */ /* * This should be the hbin_hdr */ - if (hbin_hdr->HBIN_ID != REG_HBIN_ID) { + if (IVAL(&hbin_hdr->HBIN_ID, 0) != REG_HBIN_ID) { fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[optind]); exit(6); } if (verbose) fprintf(stdout, "Next Off: %u, Prev Off: %u\n", - hbin_hdr->next_off, hbin_hdr->prev_off); + IVAL(&hbin_hdr->next_off, 0), + IVAL(&hbin_hdr->prev_off, 0)); - nk_hdr = (NK_HDR *)(base + 0x1000 + regf_hdr->first_key + 4); + nk_hdr = (NK_HDR *)(base + 0x1000 + IVAL(®f_hdr->first_key, 0) + 4); - if (nk_hdr->NK_ID != REG_NK_ID) { + if (SVAL(&nk_hdr->NK_ID, 0) != REG_NK_ID) { fprintf(stderr, "Incorrect NK Header: %s\n", argv[optind]); exit(7); } + sk_off = first_sk_off = IVAL(&nk_hdr->sk_off, 0); if (verbose) { - fprintf(stdout, "Type: %0x\n", nk_hdr->type); - fprintf(stdout, "SK Off : %o\n", (0x1000 + nk_hdr->sk_off + 4)); + fprintf(stdout, "Type: %0x\n", SVAL(&nk_hdr->type, 0)); + fprintf(stdout, "SK Off : %o\n", (0x1000 + sk_off + 4)); } - sk_hdr = (SK_HDR *)(base + 0x1000 + nk_hdr->sk_off + 4); - sk_off = first_sk_off = nk_hdr->sk_off; + sk_hdr = (SK_HDR *)(base + 0x1000 + sk_off + 4); do { DOM_SID *owner_sid, *group_sid; ACL *sacl, *dacl; - if (sk_hdr->SK_ID != REG_SK_ID) { + if (SVAL(&sk_hdr->SK_ID, 0) != REG_SK_ID) { fprintf(stderr, "Incorrect SK Header format: %08X\n", - (0x1000 + nk_hdr->sk_off + 4)); + (0x1000 + sk_off + 4)); exit(8); } ptr = (int *)sk_hdr; if (verbose) fprintf(stdout, "Off: %08X, Refs: %u, Size: %u\n", - sk_off, sk_hdr->ref_cnt, sk_hdr->rec_size); + sk_off, IVAL(&sk_hdr->ref_cnt, 0), + IVAL(&sk_hdr->rec_size, 0)); sec_desc = (MY_SEC_DESC *)&(sk_hdr->sec_desc[0]); - owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + sec_desc->owner_off); - group_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + sec_desc->group_off); - sacl = (ACL *)(&sk_hdr->sec_desc[0] + sec_desc->sacl_off); - dacl = (ACL *)(&sk_hdr->sec_desc[0] + sec_desc->dacl_off); + owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + + IVAL(&sec_desc->owner_off, 0)); + group_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + + IVAL(&sec_desc->group_off, 0)); + sacl = (ACL *)(&sk_hdr->sec_desc[0] + + IVAL(&sec_desc->sacl_off, 0)); + dacl = (ACL *)(&sk_hdr->sec_desc[0] + + IVAL(&sec_desc->dacl_off, 0)); if (verbose)fprintf(stdout, " Owner SID: "); if (change) process_sid(owner_sid, &old_sid, &new_sid); if (verbose) print_sid(owner_sid); @@ -672,7 +708,7 @@ int main(int argc, char *argv[]) if (change) process_sid(group_sid, &old_sid, &new_sid); if (verbose) print_sid(group_sid); fprintf(stdout, " SACL: "); - if (!sec_desc->sacl_off) { + if (!sec_desc->sacl_off) { /* LE zero == BE zero */ if (verbose) fprintf(stdout, "NONE\n"); } else @@ -683,8 +719,8 @@ int main(int argc, char *argv[]) } else process_acl(dacl, " "); - sk_off = sk_hdr->prev_off; - sk_hdr = (SK_HDR *)(base + OFF(sk_hdr->prev_off)); + sk_off = IVAL(&sk_hdr->prev_off, 0); + sk_hdr = (SK_HDR *)(base + OFF(IVAL(&sk_hdr->prev_off, 0))); } while (sk_off != first_sk_off); munmap(base, sbuf.st_size); -- cgit From 03d4866ecd27e45b03f3c5f797802a49f8259b4f Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Tue, 5 Nov 2002 04:23:48 +0000 Subject: See if char * makes the Irix C compiler happier than void *? (This used to be commit 6b218da6453032339f2451a434d14894050dd1b5) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 96ab6d612c..70ac8ffcc0 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -531,7 +531,7 @@ int main(int argc, char *argv[]) int opt; int i, fd, aces, start = 0; int process_sids = 0; - void *base; + char *base; struct stat sbuf; fstring sid_str; REGF_HDR *regf_hdr; -- cgit From 31124420b7aa712adb478053894a14efde0a7c97 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Tue, 5 Nov 2002 20:40:55 +0000 Subject: A small fix by Andy Thomas. Now that incrementing the Auth index has been pushed into a macro, things do not work so well. Move the increment out of the array index. (This used to be commit 39136827d135c91e42ec2b36f420262b1b18093c) --- source3/utils/profiles.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 70ac8ffcc0..e7ffab9101 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -445,7 +445,8 @@ int get_sid(DOM_SID *sid, char *sid_str) return 1; } - SIVAL(&sid->sub_auths[i++], 0, auth); + SIVAL(&sid->sub_auths[i], 0, auth); + i++; lstr = strchr(lstr + 1, '-'); } -- cgit From 47955b2f6cd10ac690705d322a8862c23f18072c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 7 Nov 2002 02:38:42 +0000 Subject: Merge of scalable printing code fix... Needs testing. Also tidied up some of Richard's code (I don't think he uses the compiler flags -g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual like I do :-) :-). Jeremy. (This used to be commit 10024ed06e9d91f24fdc78d59eef2f76bf395438) --- source3/utils/profiles.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index e7ffab9101..c7356a7323 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -514,7 +514,7 @@ void process_acl(ACL *acl, char *prefix) } } -void usage(voi) +void usage(void) { fprintf(stderr, "usage: profiles [-c -n ] \n"); fprintf(stderr, "Version: %s\n", VERSION); @@ -530,11 +530,9 @@ int main(int argc, char *argv[]) extern char *optarg; extern int optind; int opt; - int i, fd, aces, start = 0; - int process_sids = 0; + int fd, start = 0; char *base; struct stat sbuf; - fstring sid_str; REGF_HDR *regf_hdr; HBIN_HDR *hbin_hdr; NK_HDR *nk_hdr; @@ -639,7 +637,7 @@ int main(int argc, char *argv[]) regf_hdr = (REGF_HDR *)base; - if (verbose) fprintf(stdout, "Registry file size: %u\n", sbuf.st_size); + if (verbose) fprintf(stdout, "Registry file size: %u\n", (unsigned int)sbuf.st_size); if (IVAL(®f_hdr->REGF_ID, 0) != REG_REGF_ID) { fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[optind]); @@ -727,5 +725,5 @@ int main(int argc, char *argv[]) munmap(base, sbuf.st_size); close(fd); - + return 0; } -- cgit From ee90b48633f0300628e71249aa0648b3e92a22ab Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 20 Nov 2002 03:00:32 +0000 Subject: Spelling fix. (This used to be commit 43cd6e5a702bb1004b36a5845e0765851395ebf2) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index c7356a7323..de18bd0534 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -177,7 +177,7 @@ Wert Beteutung 0x0002 ExpandSZ: string with "%var%" expanding (UNICODE!) 0x0003 RegBin: raw-binary value 0x0004 RegDWord: Dword -0x0007 RegMultiSZ: multiple strings, seperated with 0 +0x0007 RegMultiSZ: multiple strings, separated with 0 (UNICODE!) The "lf"-record -- cgit From 6d66fb308ab85bd9691d541764e683e6040cf724 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 2 Jan 2003 09:07:17 +0000 Subject: BIG patch... This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index de18bd0534..9424233e11 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -496,7 +496,7 @@ void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) } -void process_acl(ACL *acl, char *prefix) +void process_acl(ACL *acl, const char *prefix) { int ace_cnt, i; ACE *ace; -- cgit From 54828099625180eae718d544ec7ce4c91f6e0448 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Mon, 6 Jan 2003 05:34:18 +0000 Subject: Add profiles utility support to Samba 3.0.x (This used to be commit 2636b2231cfa6cdfc22181225e2b409bbbb75f7c) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 9424233e11..de18bd0534 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -496,7 +496,7 @@ void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) } -void process_acl(ACL *acl, const char *prefix) +void process_acl(ACL *acl, char *prefix) { int ace_cnt, i; ACE *ace; -- cgit From 5df19f71d1a2a65c5915020062c2dc0aecb2581e Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 6 Jan 2003 05:47:18 +0000 Subject: Some more profiles merges from HEAD (cvsignore and a stray const). (This used to be commit 71b09408efc7f4e01b028f65b3b945296a369d9c) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index de18bd0534..9424233e11 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -496,7 +496,7 @@ void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) } -void process_acl(ACL *acl, char *prefix) +void process_acl(ACL *acl, const char *prefix) { int ace_cnt, i; ACE *ace; -- cgit From da0603c0c34c716b7c9eb089388462d52ad1c60b Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Thu, 16 Jan 2003 23:29:14 +0000 Subject: Merge the fix from head about short variables. (This used to be commit e408bf329163e45e60ebd1aef648f79aaeef1c13) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 9424233e11..14b480cd16 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -537,7 +537,7 @@ int main(int argc, char *argv[]) HBIN_HDR *hbin_hdr; NK_HDR *nk_hdr; SK_HDR *sk_hdr; - WORD first_sk_off, sk_off; + DWORD first_sk_off, sk_off; MY_SEC_DESC *sec_desc; int *ptr; -- cgit From 824bcb885cc5c1bf9261a9f4cbeac434a8e774c1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 3 Feb 2003 20:38:01 +0000 Subject: Grrr. Kill all BSD-isms... Spotted by Paul Green . Jeremy. (This used to be commit e96978954b830d83880f03b6825bce6e7b53b5d7) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 14b480cd16..2ed102b677 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -408,7 +408,7 @@ int my_sid_equal(DOM_SID *s1, DOM_SID *s2) if (sa1 != sa2) return 0; - return !bcmp((char *)&s1->id_auth, (char *)&s2->id_auth, + return !memcmp((char *)&s1->id_auth, (char *)&s2->id_auth, 6 + sa1 * 4); } -- cgit From 5f82e261c664707a57c94424b7db20040c65237d Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 14 Apr 2003 03:59:04 +0000 Subject: Merge: - Jelmer's latest popt changes (This used to be commit 6a54d9a0a77c71664dc6cdbed1adf492c28c0cce) --- source3/utils/profiles.c | 126 ++++++++++++++++++++++++----------------------- 1 file changed, 64 insertions(+), 62 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 2ed102b677..7c2d820c81 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -1,6 +1,7 @@ /* Samba Unix/Linux SMB client utility profiles.c Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com + Copyright (C) 2003 Jelmer Vernooij (conversion to popt) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -34,7 +35,7 @@ times... the "regf"-Block ================ -"regf" is obviosly the abbreviation for "Registry file". "regf" is the +"regf" is obviously the abbreviation for "Registry file". "regf" is the signature of the header-block which is always 4kb in size, although only the first 64 bytes seem to be used and a checksum is calculated over the first 0x200 bytes only! @@ -391,14 +392,14 @@ typedef struct acl_struct { #define OFF(f) (0x1000 + (f) + 4) -void print_sid(DOM_SID *sid); +static void print_sid(DOM_SID *sid); int verbose = 1; DOM_SID old_sid, new_sid; int change = 0, new = 0; /* Compare two SIDs for equality */ -int my_sid_equal(DOM_SID *s1, DOM_SID *s2) +static int my_sid_equal(DOM_SID *s1, DOM_SID *s2) { int sa1, sa2; @@ -417,7 +418,7 @@ int my_sid_equal(DOM_SID *s1, DOM_SID *s2) * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and * construct a DOM_SID */ -int get_sid(DOM_SID *sid, char *sid_str) +static int get_sid(DOM_SID *sid, char *sid_str) { int i = 0, auth; char *lstr; @@ -460,7 +461,7 @@ int get_sid(DOM_SID *sid, char *sid_str) * This routine does not need to deal with endianism as * long as the incoming SIDs are both in the same (LE) format. */ -void change_sid(DOM_SID *s1, DOM_SID *s2) +static void change_sid(DOM_SID *s1, DOM_SID *s2) { int i; @@ -469,7 +470,7 @@ void change_sid(DOM_SID *s1, DOM_SID *s2) } } -void print_sid(DOM_SID *sid) +static void print_sid(DOM_SID *sid) { int i, comps = sid->num_auths; fprintf(stdout, "S-%u-%u", sid->sid_rev_num, sid->id_auth[5]); @@ -482,7 +483,7 @@ void print_sid(DOM_SID *sid) fprintf(stdout, "\n"); } -void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) +static void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) { int i; if (my_sid_equal(sid, o_sid)) { @@ -496,7 +497,7 @@ void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) } -void process_acl(ACL *acl, const char *prefix) +static void process_acl(ACL *acl, const char *prefix) { int ace_cnt, i; ACE *ace; @@ -514,21 +515,8 @@ void process_acl(ACL *acl, const char *prefix) } } -void usage(void) -{ - fprintf(stderr, "usage: profiles [-c -n ] \n"); - fprintf(stderr, "Version: %s\n", VERSION); - fprintf(stderr, "\n\t-v\t sets verbose mode"); - fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid - provides SID to change"); - fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid - provides SID to change to"); - fprintf(stderr, "\n\t\tBoth must be present if the other is."); - fprintf(stderr, "\n\t\tIf neither present, just report the SIDs found\n"); -} - int main(int argc, char *argv[]) { - extern char *optarg; - extern int optind; int opt; int fd, start = 0; char *base; @@ -540,63 +528,75 @@ int main(int argc, char *argv[]) DWORD first_sk_off, sk_off; MY_SEC_DESC *sec_desc; int *ptr; + struct poptOption long_options[] = { + POPT_AUTOHELP + { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "Sets verbose mode" }, + { "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" }, + { "new-sid", 'n', POPT_ARG_STRING, NULL, 'n', "Provides SID to change to" }, + { 0, 0, 0, 0 } + }; - if (argc < 2) { - usage(); - exit(1); - } + poptContext pc; + + pc = poptGetContext("profiles", argc, (const char **)argv, long_options, + POPT_CONTEXT_KEEP_FIRST); + + poptSetOtherOptionHelp(pc, ""); /* * Now, process the arguments */ - while ((opt = getopt(argc, argv, "c:n:v")) != EOF) { + while ((opt = poptGetNextOpt(pc)) != -1) { switch (opt) { - case 'c': - change = 1; - if (!get_sid(&old_sid, optarg)) { - fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n"); - usage(); - exit(254); - } - break; - - case 'n': - new = 1; - if (!get_sid(&new_sid, optarg)) { - fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); - usage(); - exit(253); - } - - break; - - case 'v': - verbose++; - break; + case 'c': + change = 1; + if (!get_sid(&old_sid, poptGetOptArg(pc))) { + fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n"); + poptPrintUsage(pc, stderr, 0); + exit(254); + } + break; + + case 'n': + new = 1; + if (!get_sid(&new_sid, poptGetOptArg(pc))) { + fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); + poptPrintUsage(pc, stderr, 0); + exit(253); + } + + break; + + case 'v': + verbose++; + break; + } + } - default: - usage(); - exit(255); - } + if (!poptPeekArg(pc)) { + poptPrintUsage(pc, stderr, 0); + exit(1); } if ((!change & new) || (change & !new)) { - fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); - usage(); - exit(252); + fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); + poptPrintUsage(pc, stderr, 0); + exit(252); } - fd = open(argv[optind], O_RDWR, 0000); + poptGetArg(pc); /* To get argv[0] */ + + fd = open(poptPeekArg(pc), O_RDWR, 0000); if (fd < 0) { - fprintf(stderr, "Could not open %s: %s\n", argv[optind], + fprintf(stderr, "Could not open %s: %s\n", poptPeekArg(pc), strerror(errno)); exit(2); } if (fstat(fd, &sbuf) < 0) { - fprintf(stderr, "Could not stat file %s, %s\n", argv[optind], + fprintf(stderr, "Could not stat file %s, %s\n", poptPeekArg(pc), strerror(errno)); exit(3); } @@ -609,7 +609,7 @@ int main(int argc, char *argv[]) base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); if ((int)base == -1) { - fprintf(stderr, "Could not mmap file: %s, %s\n", argv[optind], + fprintf(stderr, "Could not mmap file: %s, %s\n", poptPeekArg(pc), strerror(errno)); exit(4); } @@ -640,7 +640,7 @@ int main(int argc, char *argv[]) if (verbose) fprintf(stdout, "Registry file size: %u\n", (unsigned int)sbuf.st_size); if (IVAL(®f_hdr->REGF_ID, 0) != REG_REGF_ID) { - fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[optind]); + fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", poptPeekArg(pc)); exit(5); } @@ -655,7 +655,7 @@ int main(int argc, char *argv[]) */ if (IVAL(&hbin_hdr->HBIN_ID, 0) != REG_HBIN_ID) { - fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[optind]); + fprintf(stderr, "Incorrect hbin hdr: %s\n", poptPeekArg(pc)); exit(6); } @@ -666,7 +666,7 @@ int main(int argc, char *argv[]) nk_hdr = (NK_HDR *)(base + 0x1000 + IVAL(®f_hdr->first_key, 0) + 4); if (SVAL(&nk_hdr->NK_ID, 0) != REG_NK_ID) { - fprintf(stderr, "Incorrect NK Header: %s\n", argv[optind]); + fprintf(stderr, "Incorrect NK Header: %s\n", poptPeekArg(pc)); exit(7); } @@ -724,6 +724,8 @@ int main(int argc, char *argv[]) munmap(base, sbuf.st_size); + poptFreeContext(pc); + close(fd); return 0; } -- cgit From c507ebe56741d773bf6e7ad547863a2da1aee687 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 10 May 2003 10:53:48 +0000 Subject: Patch from metze and me that adds dummy smb_register_*() functions so that is now possible to, for example, load a module which contains an auth method into a binary without the auth/ subsystem built in. (This used to be commit 74d9ecfe2dd7364643d32acb62ade957bd71cd0d) --- source3/utils/profiles.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 7c2d820c81..8abdfd6f77 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -297,6 +297,8 @@ Hope this helps.... (Although it was "fun" for me to uncover this things, #include #include +#include "module_dummy.h" + typedef unsigned int DWORD; typedef unsigned short WORD; -- cgit From 0914e541f5480834c1b0ddc98b5f71f7f7abf9cb Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 10 May 2003 11:49:51 +0000 Subject: Reverse previous patch from Stefan and me after comments by Andrew Bartlett (This used to be commit d817eaf0ecca2d878ab1ffcf7a747a02d71c811e) --- source3/utils/profiles.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 8abdfd6f77..7c2d820c81 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -297,8 +297,6 @@ Hope this helps.... (Although it was "fun" for me to uncover this things, #include #include -#include "module_dummy.h" - typedef unsigned int DWORD; typedef unsigned short WORD; -- cgit From c823b191ab476fc2583d6d6aaa1e2edb09cbb88e Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 12 May 2003 18:12:31 +0000 Subject: And finally IDMAP in 3_0 We really need idmap_ldap to have a good solution with ldapsam, porting it from the prvious code is beeing made, the code is really simple to do so I am confident it is not a problem to commit this code in. Not committing it would have been worst. I really would have been able to finish also the group code, maybe we can put it into a followin release after 3.0.0 even if it may be an upgrade problem. The code has been tested and seem to work right, more testing is needed for corner cases. Currently winbind pdc (working only for users and not for groups) is disabled as I was not able to make a complete group code replacement that works somewhat in a week (I have a complete patch, but there are bugs) Simo. (This used to be commit 0e58085978f984436815114a2ec347cf7899a89d) --- source3/utils/profiles.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 7c2d820c81..afaa83f638 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -418,10 +418,10 @@ static int my_sid_equal(DOM_SID *s1, DOM_SID *s2) * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and * construct a DOM_SID */ -static int get_sid(DOM_SID *sid, char *sid_str) +static int get_sid(DOM_SID *sid, const unsigned char *sid_str) { int i = 0, auth; - char *lstr; + const unsigned char *lstr; if (strncmp(sid_str, "S-1-5", 5)) { fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str); -- cgit From 8a8243b4fe436865f23a87274816bd626bdb6a03 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 2 Jul 2003 01:09:17 +0000 Subject: #ifdef out apparently unused function. (This used to be commit 9324703066cfdcb65208420a12e4ab8f358ccc09) --- source3/utils/profiles.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index afaa83f638..23df26d150 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -454,6 +454,8 @@ static int get_sid(DOM_SID *sid, const unsigned char *sid_str) return 1; } +#if 0 + /* * Replace SID1, component by component with SID2 * Assumes will never be called with unequal length SIDS @@ -470,6 +472,8 @@ static void change_sid(DOM_SID *s1, DOM_SID *s2) } } +#endif + static void print_sid(DOM_SID *sid) { int i, comps = sid->num_auths; -- cgit From aa39cc37dab9c4f8c3295d872bb8cc143890b378 Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Fri, 15 Aug 2003 04:42:05 +0000 Subject: get rid of more compiler warnings (This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 23df26d150..3230eb21fc 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -448,7 +448,7 @@ static int get_sid(DOM_SID *sid, const unsigned char *sid_str) SIVAL(&sid->sub_auths[i], 0, auth); i++; - lstr = strchr(lstr + 1, '-'); + lstr = (const unsigned char *)strchr(lstr + 1, '-'); } return 1; -- cgit From 19953ff72e96694568f981fad40584774312ce6e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 2 Oct 2003 18:22:51 +0000 Subject: Portability fixes from schmitz@hp.com (Joachim Schmitz). Bug #549. Jeremy. (This used to be commit 93669f329eccec34d4a1da6239ae9759f067fb8b) --- source3/utils/profiles.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 3230eb21fc..20b1222e72 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -295,7 +295,6 @@ Hope this helps.... (Although it was "fun" for me to uncover this things, #include #include #include -#include typedef unsigned int DWORD; typedef unsigned short WORD; @@ -610,7 +609,12 @@ int main(int argc, char *argv[]) * dealing with the records. We are interested in the sk record */ start = 0; + +#ifdef HAVE_MMAP base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); +#else + base = (char *)-1; +#endif if ((int)base == -1) { fprintf(stderr, "Could not mmap file: %s, %s\n", poptPeekArg(pc), @@ -726,7 +730,9 @@ int main(int argc, char *argv[]) sk_hdr = (SK_HDR *)(base + OFF(IVAL(&sk_hdr->prev_off, 0))); } while (sk_off != first_sk_off); +#ifdef HAVE_MMAP munmap(base, sbuf.st_size); +#endif poptFreeContext(pc); -- cgit From ddb71188cf7562c80ab38544b9588e66f924130e Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 14 Oct 2003 03:38:24 +0000 Subject: Set errno = ENOSYS if mmap not supported. From Joachim Schmitz (This used to be commit 22655a65ab73576557487e73c550b45296e534ec) --- source3/utils/profiles.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 20b1222e72..a31674dfb2 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -614,6 +614,7 @@ int main(int argc, char *argv[]) base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); #else base = (char *)-1; + errno = ENOSYS; #endif if ((int)base == -1) { -- cgit From c3d7096d18f8fe4d1d0cf366605fe3cc5261acc2 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 7 Feb 2005 22:20:03 +0000 Subject: r5269: BUG 858: fix order of popt args evalution so we don't crash when given no command line args (This used to be commit aff2fb7a65a9fc40220d971fba8ba3cf1eeeee9f) --- source3/utils/profiles.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index a31674dfb2..6911341708 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -577,6 +577,8 @@ int main(int argc, char *argv[]) } } + poptGetArg(pc); /* To get argv[0] */ + if (!poptPeekArg(pc)) { poptPrintUsage(pc, stderr, 0); exit(1); @@ -588,8 +590,6 @@ int main(int argc, char *argv[]) exit(252); } - poptGetArg(pc); /* To get argv[0] */ - fd = open(poptPeekArg(pc), O_RDWR, 0000); if (fd < 0) { -- cgit From 5ba4fb5eb9da77d313b88f1437cedc30679bdd95 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Thu, 10 Feb 2005 18:27:23 +0000 Subject: r5318: Fix a small problem in where we ignore the response from a SamrGetGroupsForUser that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs. The printing that there are no groups the user is a member of might be overkill in that it might upset existing scripts that don't expect that output. (This used to be commit d3482e118f99002c0460291d41708fdf7708c41f) --- source3/utils/profiles.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 6911341708..5b5cb7f07b 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -521,7 +521,7 @@ static void process_acl(ACL *acl, const char *prefix) int main(int argc, char *argv[]) { int opt; - int fd, start = 0; + int fd; char *base; struct stat sbuf; REGF_HDR *regf_hdr; @@ -608,10 +608,9 @@ int main(int argc, char *argv[]) * Now, mmap the file into memory, check the header and start * dealing with the records. We are interested in the sk record */ - start = 0; #ifdef HAVE_MMAP - base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + base = mmap(NULL, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); #else base = (char *)-1; errno = ENOSYS; -- cgit From 3b0b5f628893c9e03ee483e30af849839b557f41 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Fri, 17 Jun 2005 21:52:58 +0000 Subject: r7703: Fix the problem with MAP_PRIVATE not updating the file. (This used to be commit 55038d931863a1c44794a7df4c8badbecfb382c7) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 5b5cb7f07b..0830d6b74b 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -610,7 +610,7 @@ int main(int argc, char *argv[]) */ #ifdef HAVE_MMAP - base = mmap(NULL, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); + base = mmap(NULL, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); #else base = (char *)-1; errno = ENOSYS; -- cgit From 19ca97a70f6b7b41d251eaa76e4d3c980c6eedff Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 24 Jun 2005 20:25:18 +0000 Subject: r7882: Looks like a large patch - but what it actually does is make Samba safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a) --- source3/utils/profiles.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 0830d6b74b..b718770ba3 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -395,7 +395,7 @@ static void print_sid(DOM_SID *sid); int verbose = 1; DOM_SID old_sid, new_sid; -int change = 0, new = 0; +int change = 0, new_val = 0; /* Compare two SIDs for equality */ static int my_sid_equal(DOM_SID *s1, DOM_SID *s2) @@ -562,7 +562,7 @@ int main(int argc, char *argv[]) break; case 'n': - new = 1; + new_val = 1; if (!get_sid(&new_sid, poptGetOptArg(pc))) { fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); poptPrintUsage(pc, stderr, 0); @@ -584,7 +584,7 @@ int main(int argc, char *argv[]) exit(1); } - if ((!change & new) || (change & !new)) { + if ((!change & new_val) || (change & !new_val)) { fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); poptPrintUsage(pc, stderr, 0); exit(252); -- cgit From 921faa5bf79a81bb5fdc0be280237fad4d8813bf Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 12 Aug 2005 21:43:07 +0000 Subject: r9277: Another unused variable. Bugzilla #2985. (This used to be commit 5e91d6450b320bb4585169c6805f292f855492a9) --- source3/utils/profiles.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index b718770ba3..bada6578b2 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -530,7 +530,6 @@ int main(int argc, char *argv[]) SK_HDR *sk_hdr; DWORD first_sk_off, sk_off; MY_SEC_DESC *sec_desc; - int *ptr; struct poptOption long_options[] = { POPT_AUTOHELP { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "Sets verbose mode" }, @@ -694,7 +693,6 @@ int main(int argc, char *argv[]) (0x1000 + sk_off + 4)); exit(8); } - ptr = (int *)sk_hdr; if (verbose) fprintf(stdout, "Off: %08X, Refs: %u, Size: %u\n", sk_off, IVAL(&sk_hdr->ref_cnt, 0), IVAL(&sk_hdr->rec_size, 0)); -- cgit From 83f44fc1871e8edc5514b47b81fcb4a841447c9b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 26 Aug 2005 03:40:24 +0000 Subject: r9628: rewrite profiles tool to use the regfio code. Still have one bug to track down in it though.... (This used to be commit e69df2d2051d0e7e12b6a11f9c77490f619ba792) --- source3/utils/profiles.c | 856 +++++++++-------------------------------------- 1 file changed, 164 insertions(+), 692 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index bada6578b2..ac46f2eb00 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -1,7 +1,9 @@ /* Samba Unix/Linux SMB client utility profiles.c - Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com - Copyright (C) 2003 Jelmer Vernooij (conversion to popt) + + Copyright (C) Richard Sharpe, 2002 + Copyright (C) Jelmer Vernooij (conversion to popt) 2003 + Copyright (C) Gerald (Jerry) Carter 2005 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -15,725 +17,195 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -/************************************************************************* - - A utility to report and change SIDs in registry files - - Many of the ideas in here come from other people and software. - I first looked in Wine in misc/registry.c and was also influenced by - http://www.wednesday.demon.co.uk/dosreg.html - - Which seems to contain comments from someone else. I reproduce them here - incase the site above disappears. It actually comes from - http://home.eunet.no/~pnordahl/ntpasswd/WinReg.txt. - -The windows NT registry has 2 different blocks, where one can occure many -times... - -the "regf"-Block -================ - -"regf" is obviously the abbreviation for "Registry file". "regf" is the -signature of the header-block which is always 4kb in size, although only -the first 64 bytes seem to be used and a checksum is calculated over -the first 0x200 bytes only! - -Offset Size Contents -0x00000000 D-Word ID: ASCII-"regf" = 0x66676572 -0x00000004 D-Word ???? //see struct REGF -0x00000008 D-Word ???? Always the same value as at 0x00000004 -0x0000000C Q-Word last modify date in WinNT date-format -0x00000014 D-Word 1 -0x00000018 D-Word 3 -0x0000001C D-Word 0 -0x00000020 D-Word 1 -0x00000024 D-Word Offset of 1st key record -0x00000028 D-Word Size of the data-blocks (Filesize-4kb) -0x0000002C D-Word 1 -0x000001FC D-Word Sum of all D-Words from 0x00000000 to -0x000001FB //XOR of all words. Nigel - -I have analyzed more registry files (from multiple machines running -NT 4.0 german version) and could not find an explanation for the values -marked with ???? the rest of the first 4kb page is not important... - -the "hbin"-Block -================ -I don't know what "hbin" stands for, but this block is always a multiple -of 4kb in size. - -Inside these hbin-blocks the different records are placed. The memory- -management looks like a C-compiler heap management to me... - -hbin-Header -=========== -Offset Size Contents -0x0000 D-Word ID: ASCII-"hbin" = 0x6E696268 -0x0004 D-Word Offset from the 1st hbin-Block -0x0008 D-Word Offset to the next hbin-Block -0x001C D-Word Block-size - -The values in 0x0008 and 0x001C should be the same, so I don't know -if they are correct or swapped... - -From offset 0x0020 inside a hbin-block data is stored with the following -format: - -Offset Size Contents -0x0000 D-Word Data-block size //this size must be a -multiple of 8. Nigel -0x0004 ???? Data - -If the size field is negative (bit 31 set), the corresponding block -is free and has a size of -blocksize! - -The data is stored as one record per block. Block size is a multiple -of 4 and the last block reaches the next hbin-block, leaving no room. - -Records in the hbin-blocks -========================== - -nk-Record - - The nk-record can be treated as a kombination of tree-record and - key-record of the win 95 registry. - -lf-Record - - The lf-record is the counterpart to the RGKN-record (the - hash-function) - -vk-Record - - The vk-record consists information to a single value. - -sk-Record - - sk (? Security Key ?) is the ACL of the registry. - -Value-Lists - - The value-lists contain information about which values are inside a - sub-key and don't have a header. - -Datas - - The datas of the registry are (like the value-list) stored without a - header. - -All offset-values are relative to the first hbin-block and point to the -block-size field of the record-entry. to get the file offset, you have to add -the header size (4kb) and the size field (4 bytes)... - -the nk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"nk" = 0x6B6E -0x0002 Word for the root-key: 0x2C, otherwise 0x20 //key symbolic links 0x10. Nigel -0x0004 Q-Word write-date/time in windows nt notation -0x0010 D-Word Offset of Owner/Parent key -0x0014 D-Word number of sub-Keys -0x001C D-Word Offset of the sub-key lf-Records -0x0024 D-Word number of values -0x0028 D-Word Offset of the Value-List -0x002C D-Word Offset of the sk-Record - -0x0030 D-Word Offset of the Class-Name //see NK structure for the use of these fields. Nigel -0x0044 D-Word Unused (data-trash) //some kind of run time index. Does not appear to be important. Nigel -0x0048 Word name-length -0x004A Word class-name length -0x004C ???? key-name - -the Value-List -============== -Offset Size Contents -0x0000 D-Word Offset 1st Value -0x0004 D-Word Offset 2nd Value -0x???? D-Word Offset nth Value - -To determine the number of values, you have to look at the owner-nk-record! - -Der vk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"vk" = 0x6B76 -0x0002 Word name length -0x0004 D-Word length of the data //if top bit is set when offset contains data. Nigel -0x0008 D-Word Offset of Data -0x000C D-Word Type of value -0x0010 Word Flag -0x0012 Word Unused (data-trash) -0x0014 ???? Name - -If bit 0 of the flag-word is set, a name is present, otherwise the value has no name (=default) - -If the data-size is lower 5, the data-offset value is used to store the data itself! - -The data-types -============== -Wert Beteutung -0x0001 RegSZ: character string (in UNICODE!) -0x0002 ExpandSZ: string with "%var%" expanding (UNICODE!) -0x0003 RegBin: raw-binary value -0x0004 RegDWord: Dword -0x0007 RegMultiSZ: multiple strings, separated with 0 - (UNICODE!) - -The "lf"-record -=============== -Offset Size Contents -0x0000 Word ID: ASCII-"lf" = 0x666C -0x0002 Word number of keys -0x0004 ???? Hash-Records - -Hash-Record -=========== -Offset Size Contents -0x0000 D-Word Offset of corresponding "nk"-Record -0x0004 D-Word ASCII: the first 4 characters of the key-name, padded with 0's. Case sensitiv! - -Keep in mind, that the value at 0x0004 is used for checking the data-consistency! If you change the -key-name you have to change the hash-value too! - -//These hashrecords must be sorted low to high within the lf record. Nigel. - -The "sk"-block -============== -(due to the complexity of the SAM-info, not clear jet) - -Offset Size Contents -0x0000 Word ID: ASCII-"sk" = 0x6B73 -0x0002 Word Unused -0x0004 D-Word Offset of previous "sk"-Record -0x0008 D-Word Offset of next "sk"-Record -0x000C D-Word usage-counter -0x0010 D-Word Size of "sk"-record in bytes -???? //standard self -relative security desciptor. Nigel -???? ???? Security and auditing settings... -???? - -The usage counter counts the number of references to this -"sk"-record. You can use one "sk"-record for the entire registry! - -Windows nt date/time format -=========================== -The time-format is a 64-bit integer which is incremented every -0,0000001 seconds by 1 (I don't know how accurate it realy is!) -It starts with 0 at the 1st of january 1601 0:00! All values are -stored in GMT time! The time-zone is important to get the real -time! - -Common values for win95 and win-nt -================================== -Offset values marking an "end of list", are either 0 or -1 (0xFFFFFFFF). -If a value has no name (length=0, flag(bit 0)=0), it is treated as the -"Default" entry... -If a value has no data (length=0), it is displayed as empty. - -simplyfied win-3.?? registry: -============================= - -+-----------+ -| next rec. |---+ +----->+------------+ -| first sub | | | | Usage cnt. | -| name | | +-->+------------+ | | length | -| value | | | | next rec. | | | text |------->+-------+ -+-----------+ | | | name rec. |--+ +------------+ | xxxxx | - +------------+ | | value rec. |-------->+------------+ +-------+ - v | +------------+ | Usage cnt. | -+-----------+ | | length | -| next rec. | | | text |------->+-------+ -| first sub |------+ +------------+ | xxxxx | -| name | +-------+ -| value | -+-----------+ - -Greatly simplyfied structure of the nt-registry: -================================================ - -+---------------------------------------------------------------+ -| | -v | -+---------+ +---------->+-----------+ +----->+---------+ | -| "nk" | | | lf-rec. | | | nk-rec. | | -| ID | | | # of keys | | | parent |---+ -| Date | | | 1st key |--+ | .... | -| parent | | +-----------+ +---------+ -| suk-keys|-----+ -| values |--------------------->+----------+ -| SK-rec. |---------------+ | 1. value |--> +----------+ -| class |--+ | +----------+ | vk-rec. | -+---------+ | | | .... | - v | | data |--> +-------+ - +------------+ | +----------+ | xxxxx | - | Class name | | +-------+ - +------------+ | - v - +---------+ +---------+ - +----->| next sk |--->| Next sk |--+ - | +---| prev sk |<---| prev sk | | - | | | .... | | ... | | - | | +---------+ +---------+ | - | | ^ | | - | +----------+ | - +-------------------------------+ - ---------------------------------------------------------------------------- - -Hope this helps.... (Although it was "fun" for me to uncover this things, - it took me several sleepless nights ;) - - B.D. - -*************************************************************************/ + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + #include "includes.h" -#include -#include -#include -#include -#include - -typedef unsigned int DWORD; -typedef unsigned short WORD; - -#define REG_REGF_ID 0x66676572 - -typedef struct regf_block { - DWORD REGF_ID; /* regf */ - DWORD uk1; - DWORD uk2; - DWORD tim1, tim2; - DWORD uk3; /* 1 */ - DWORD uk4; /* 3 */ - DWORD uk5; /* 0 */ - DWORD uk6; /* 1 */ - DWORD first_key; /* offset */ - unsigned int dblk_size; - DWORD uk7[116]; /* 1 */ - DWORD chksum; -} REGF_HDR; - -typedef struct hbin_sub_struct { - DWORD dblocksize; - char data[1]; -} HBIN_SUB_HDR; - -#define REG_HBIN_ID 0x6E696268 - -typedef struct hbin_struct { - DWORD HBIN_ID; /* hbin */ - DWORD next_off; - DWORD prev_off; - DWORD uk1; - DWORD uk2; - DWORD uk3; - DWORD uk4; - DWORD blk_size; - HBIN_SUB_HDR hbin_sub_hdr; -} HBIN_HDR; - -#define REG_NK_ID 0x6B6E - -typedef struct nk_struct { - WORD NK_ID; - WORD type; - DWORD t1, t2; - DWORD uk1; - DWORD own_off; - DWORD subk_num; - DWORD uk2; - DWORD lf_off; - DWORD uk3; - DWORD val_cnt; - DWORD val_off; - DWORD sk_off; - DWORD clsnam_off; -} NK_HDR; - -#define REG_SK_ID 0x6B73 - -typedef struct sk_struct { - WORD SK_ID; - WORD uk1; - DWORD prev_off; - DWORD next_off; - DWORD ref_cnt; - DWORD rec_size; - char sec_desc[1]; -} SK_HDR; - -typedef struct sec_desc_rec { - WORD rev; - WORD type; - DWORD owner_off; - DWORD group_off; - DWORD sacl_off; - DWORD dacl_off; -} MY_SEC_DESC; - -typedef struct ace_struct { - unsigned char type; - unsigned char flags; - unsigned short length; - unsigned int perms; - DOM_SID trustee; -} ACE; - -typedef struct acl_struct { - WORD rev; - WORD size; - DWORD num_aces; - ACE *aces; /* One or more ACEs */ -} ACL; - -#define OFF(f) (0x1000 + (f) + 4) - -static void print_sid(DOM_SID *sid); - -int verbose = 1; +#include "regfio.h" + +/* GLOBAL VARIABLES */ + +int verbose = 0; DOM_SID old_sid, new_sid; int change = 0, new_val = 0; -/* Compare two SIDs for equality */ -static int my_sid_equal(DOM_SID *s1, DOM_SID *s2) -{ - int sa1, sa2; - if (s1->sid_rev_num != s2->sid_rev_num) return 0; +/******************************************************************** +********************************************************************/ - sa1 = s1->num_auths; sa2 = s2->num_auths; +static void swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) +{ + SEC_ACL *acl = sd->dacl; + int i; - if (sa1 != sa2) return 0; + if ( sid_equal( sd->owner_sid, s1 ) ) + sid_copy( sd->owner_sid, s2 ); - return !memcmp((char *)&s1->id_auth, (char *)&s2->id_auth, - 6 + sa1 * 4); + if ( sid_equal( sd->grp_sid, s1 ) ) + sid_copy( sd->grp_sid, s2 ); + for ( i=0; inum_aces; i++ ) { + if ( sid_equal( &acl->ace[i].trustee, s1 ) ) + sid_copy( &acl->ace[i].trustee, s2 ); + } } -/* - * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and - * construct a DOM_SID - */ -static int get_sid(DOM_SID *sid, const unsigned char *sid_str) +/******************************************************************** +********************************************************************/ + +static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, + REGF_NK_REC *parent, REGF_FILE *outfile, + const char *parentpath ) { - int i = 0, auth; - const unsigned char *lstr; - - if (strncmp(sid_str, "S-1-5", 5)) { - fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str); - return 0; - } - - /* We only allow strings of form S-1-5... */ - - sid->sid_rev_num = 1; - sid->id_auth[5] = 5; - - lstr = sid_str + 5; - - while (1) { - if (!lstr || !lstr[0] || sscanf(lstr, "-%u", &auth) == 0) { - if (i < 4) { - fprintf(stderr, "Not of form -d-d...: %s, %u\n", lstr, i); - return 0; - } - sid->num_auths=i; - print_sid(sid); - return 1; - } - - SIVAL(&sid->sub_auths[i], 0, auth); - i++; - lstr = (const unsigned char *)strchr(lstr + 1, '-'); - } - - return 1; -} + REGF_NK_REC *key, *subkey; + SEC_DESC *new_sd; + REGVAL_CTR values; + REGSUBKEY_CTR subkeys; + int i; + pstring path; + + /* swap out the SIDs in the security descriptor */ + + if ( !(new_sd = dup_sec_desc( outfile->mem_ctx, nk->sec_desc->sec_desc )) ) { + fprintf( stderr, "Failed to copy security descriptor!\n" ); + return False; + } -#if 0 + swap_sid_in_acl( new_sd, &old_sid, &new_sid ); -/* - * Replace SID1, component by component with SID2 - * Assumes will never be called with unequal length SIDS - * so only touches 21-x-y-z-rid portion - * This routine does not need to deal with endianism as - * long as the incoming SIDs are both in the same (LE) format. - */ -static void change_sid(DOM_SID *s1, DOM_SID *s2) -{ - int i; - - for (i=0; inum_auths; i++) { - s1->sub_auths[i] = s2->sub_auths[i]; - } -} + regsubkey_ctr_init( &subkeys ); + regval_ctr_init( &values ); -#endif + /* copy values into the REGVAL_CTR */ -static void print_sid(DOM_SID *sid) -{ - int i, comps = sid->num_auths; - fprintf(stdout, "S-%u-%u", sid->sid_rev_num, sid->id_auth[5]); + for ( i=0; inum_values; i++ ) { + regval_ctr_addvalue( &values, nk->values[i].valuename, nk->values[i].type, + nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) ); + } - for (i = 0; i < comps; i++) { + /* copy subkeys into the REGSUBKEY_CTR */ - fprintf(stdout, "-%u", IVAL(&sid->sub_auths[i],0)); + while ( (subkey = regfio_fetch_subkey( infile, nk )) ) { + regsubkey_ctr_addkey( &subkeys, subkey->keyname ); + } - } - fprintf(stdout, "\n"); -} + key = regfio_write_key( outfile, nk->keyname, &values, &subkeys, new_sd, parent ); -static void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) -{ - int i; - if (my_sid_equal(sid, o_sid)) { + /* write each one of the subkeys out */ - for (i=0; inum_auths; i++) { - sid->sub_auths[i] = n_sid->sub_auths[i]; + pstr_sprintf( path, "%s%s%s", parentpath, parent ? "\\" : "", nk->keyname ); + + nk->subkey_index = 0; + while ( (subkey = regfio_fetch_subkey( infile, nk )) ) { + if ( !copy_registry_tree( infile, subkey, key, outfile, path ) ) + return False; + } - } + regval_ctr_destroy( &values ); + regsubkey_ctr_destroy( &subkeys ); - } + if ( verbose ) + printf("[%s]\n", path ); + return True; } -static void process_acl(ACL *acl, const char *prefix) -{ - int ace_cnt, i; - ACE *ace; - - ace_cnt = IVAL(&acl->num_aces, 0); - ace = (ACE *)&acl->aces; - if (verbose) fprintf(stdout, "%sACEs: %u\n", prefix, ace_cnt); - for (i=0; iperms, 0)); - if (change) - process_sid(&ace->trustee, &old_sid, &new_sid); - print_sid(&ace->trustee); - ace = (ACE *)((char *)ace + SVAL(&ace->length, 0)); - } -} - -int main(int argc, char *argv[]) +/********************************************************************* +*********************************************************************/ + +int main( int argc, char *argv[] ) { - int opt; - int fd; - char *base; - struct stat sbuf; - REGF_HDR *regf_hdr; - HBIN_HDR *hbin_hdr; - NK_HDR *nk_hdr; - SK_HDR *sk_hdr; - DWORD first_sk_off, sk_off; - MY_SEC_DESC *sec_desc; - struct poptOption long_options[] = { - POPT_AUTOHELP - { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "Sets verbose mode" }, - { "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" }, - { "new-sid", 'n', POPT_ARG_STRING, NULL, 'n', "Provides SID to change to" }, - { 0, 0, 0, 0 } - }; - - poptContext pc; - - pc = poptGetContext("profiles", argc, (const char **)argv, long_options, - POPT_CONTEXT_KEEP_FIRST); - - poptSetOtherOptionHelp(pc, ""); - - /* - * Now, process the arguments - */ - - while ((opt = poptGetNextOpt(pc)) != -1) { - switch (opt) { - case 'c': - change = 1; - if (!get_sid(&old_sid, poptGetOptArg(pc))) { - fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n"); - poptPrintUsage(pc, stderr, 0); - exit(254); - } - break; - - case 'n': - new_val = 1; - if (!get_sid(&new_sid, poptGetOptArg(pc))) { - fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); - poptPrintUsage(pc, stderr, 0); - exit(253); + int opt; + REGF_FILE *infile, *outfile; + REGF_NK_REC *nk; + pstring orig_filename, new_filename; + struct poptOption long_options[] = { + POPT_AUTOHELP + { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "Sets verbose mode" }, + { "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" }, + { "new-sid", 'n', POPT_ARG_STRING, NULL, 'n', "Provides SID to change to" }, + { 0, 0, 0, 0 } + }; + + + poptContext pc; + + pc = poptGetContext("profiles", argc, (const char **)argv, long_options, + POPT_CONTEXT_KEEP_FIRST); + + poptSetOtherOptionHelp(pc, ""); + + /* Now, process the arguments */ + + while ((opt = poptGetNextOpt(pc)) != -1) { + switch (opt) { + case 'c': + change = 1; + if (!string_to_sid(&old_sid, poptGetOptArg(pc))) { + fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n"); + poptPrintUsage(pc, stderr, 0); + exit(254); + } + break; + + case 'n': + new_val = 1; + if (!string_to_sid(&new_sid, poptGetOptArg(pc))) { + fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); + poptPrintUsage(pc, stderr, 0); + exit(253); + } + break; + + case 'v': + verbose++; + break; } + } - break; + poptGetArg(pc); /* To get argv[0] */ - case 'v': - verbose++; - break; + if (!poptPeekArg(pc)) { + poptPrintUsage(pc, stderr, 0); + exit(1); } - } - - poptGetArg(pc); /* To get argv[0] */ - - if (!poptPeekArg(pc)) { - poptPrintUsage(pc, stderr, 0); - exit(1); - } - - if ((!change & new_val) || (change & !new_val)) { - fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); - poptPrintUsage(pc, stderr, 0); - exit(252); - } - - fd = open(poptPeekArg(pc), O_RDWR, 0000); - - if (fd < 0) { - fprintf(stderr, "Could not open %s: %s\n", poptPeekArg(pc), - strerror(errno)); - exit(2); - } - - if (fstat(fd, &sbuf) < 0) { - fprintf(stderr, "Could not stat file %s, %s\n", poptPeekArg(pc), - strerror(errno)); - exit(3); - } - - /* - * Now, mmap the file into memory, check the header and start - * dealing with the records. We are interested in the sk record - */ - -#ifdef HAVE_MMAP - base = mmap(NULL, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); -#else - base = (char *)-1; - errno = ENOSYS; -#endif - - if ((int)base == -1) { - fprintf(stderr, "Could not mmap file: %s, %s\n", poptPeekArg(pc), - strerror(errno)); - exit(4); - } - - /* - * In what follows, and in places above, in order to work on both LE and - * BE platforms, we have to use the Samba macros to extract SHORT, LONG - * and associated UNSIGNED quantities from the data in the mmap'd file. - * NOTE, however, that we do not need to do anything with memory - * addresses that we construct from pointers in our address space. - * For example, - * - * sec_desc = (MY_SEC_DESC *)&(sk_hdr->sec_desc[0]); - * - * is simply taking the address of a structure we already have the address - * of in our address space, while, the fields within it, will have to - * be accessed with the macros: - * - * owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + - * IVAL(&sec_desc->owner_off, 0)); - * - * Which is pulling out an offset and adding it to an existing pointer. - * - */ - - regf_hdr = (REGF_HDR *)base; - - if (verbose) fprintf(stdout, "Registry file size: %u\n", (unsigned int)sbuf.st_size); - - if (IVAL(®f_hdr->REGF_ID, 0) != REG_REGF_ID) { - fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", poptPeekArg(pc)); - exit(5); - } - - if (verbose) fprintf(stdout, "First Key Off: %u, Data Block Size: %u\n", - IVAL(®f_hdr->first_key, 0), - IVAL(®f_hdr->dblk_size, 0)); - - hbin_hdr = (HBIN_HDR *)(base + 0x1000); /* No need for Endian stuff */ - - /* - * This should be the hbin_hdr - */ - - if (IVAL(&hbin_hdr->HBIN_ID, 0) != REG_HBIN_ID) { - fprintf(stderr, "Incorrect hbin hdr: %s\n", poptPeekArg(pc)); - exit(6); - } - - if (verbose) fprintf(stdout, "Next Off: %u, Prev Off: %u\n", - IVAL(&hbin_hdr->next_off, 0), - IVAL(&hbin_hdr->prev_off, 0)); - - nk_hdr = (NK_HDR *)(base + 0x1000 + IVAL(®f_hdr->first_key, 0) + 4); - - if (SVAL(&nk_hdr->NK_ID, 0) != REG_NK_ID) { - fprintf(stderr, "Incorrect NK Header: %s\n", poptPeekArg(pc)); - exit(7); - } - - sk_off = first_sk_off = IVAL(&nk_hdr->sk_off, 0); - if (verbose) { - fprintf(stdout, "Type: %0x\n", SVAL(&nk_hdr->type, 0)); - fprintf(stdout, "SK Off : %o\n", (0x1000 + sk_off + 4)); - } - - sk_hdr = (SK_HDR *)(base + 0x1000 + sk_off + 4); - - do { - DOM_SID *owner_sid, *group_sid; - ACL *sacl, *dacl; - if (SVAL(&sk_hdr->SK_ID, 0) != REG_SK_ID) { - fprintf(stderr, "Incorrect SK Header format: %08X\n", - (0x1000 + sk_off + 4)); - exit(8); - } - if (verbose) fprintf(stdout, "Off: %08X, Refs: %u, Size: %u\n", - sk_off, IVAL(&sk_hdr->ref_cnt, 0), - IVAL(&sk_hdr->rec_size, 0)); - - sec_desc = (MY_SEC_DESC *)&(sk_hdr->sec_desc[0]); - owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->owner_off, 0)); - group_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->group_off, 0)); - sacl = (ACL *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->sacl_off, 0)); - dacl = (ACL *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->dacl_off, 0)); - if (verbose)fprintf(stdout, " Owner SID: "); - if (change) process_sid(owner_sid, &old_sid, &new_sid); - if (verbose) print_sid(owner_sid); - if (verbose) fprintf(stdout, " Group SID: "); - if (change) process_sid(group_sid, &old_sid, &new_sid); - if (verbose) print_sid(group_sid); - fprintf(stdout, " SACL: "); - if (!sec_desc->sacl_off) { /* LE zero == BE zero */ - if (verbose) fprintf(stdout, "NONE\n"); - } - else - process_acl(sacl, " "); - if (verbose) fprintf(stdout, " DACL: "); - if (!sec_desc->dacl_off) { - if (verbose) fprintf(stdout, "NONE\n"); - } - else - process_acl(dacl, " "); - sk_off = IVAL(&sk_hdr->prev_off, 0); - sk_hdr = (SK_HDR *)(base + OFF(IVAL(&sk_hdr->prev_off, 0))); - } while (sk_off != first_sk_off); - -#ifdef HAVE_MMAP - munmap(base, sbuf.st_size); -#endif - - poptFreeContext(pc); - - close(fd); - return 0; + + if ((!change & new_val) || (change & !new_val)) { + fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); + poptPrintUsage(pc, stderr, 0); + exit(252); + } + + pstrcpy( orig_filename, poptPeekArg(pc) ); + pstr_sprintf( new_filename, "%s.new", orig_filename ); + + if ( !(infile = regfio_open( orig_filename, O_RDONLY, 0 )) ) { + fprintf( stderr, "Failed to open %s!\n", orig_filename ); + fprintf( stderr, "Error was (%s)\n", strerror(errno) ); + exit (1); + } + + if ( !(outfile = regfio_open( new_filename, (O_RDWR|O_CREAT|O_TRUNC), (S_IREAD|S_IWRITE) )) ) { + fprintf( stderr, "Failed to open new file %s!\n", new_filename ); + fprintf( stderr, "Error was (%s)\n", strerror(errno) ); + exit (1); + } + + /* actually do the update now */ + + nk = regfio_rootkey( infile ); + + if ( !copy_registry_tree( infile, nk, NULL, outfile, "" ) ) { + fprintf(stderr, "Failed to write updated registry file!\n"); + exit(2); + } + + /* cleanup */ + + regfio_close( infile ); + regfio_close( outfile ); + + poptFreeContext(pc); + + exit( 0 ); } -- cgit From 7343eb9172bab6466a5e49cb44f14142287cfa3e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 26 Aug 2005 16:06:17 +0000 Subject: r9653: adding common popt args to profiles tool (needed for debuglevel to regfio lib) (This used to be commit 092ff7062544fba47a38e68aed9d3c9d6962fe2b) --- source3/utils/profiles.c | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index ac46f2eb00..424bc36695 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -25,7 +25,6 @@ /* GLOBAL VARIABLES */ -int verbose = 0; DOM_SID old_sid, new_sid; int change = 0, new_val = 0; @@ -33,21 +32,30 @@ int change = 0, new_val = 0; /******************************************************************** ********************************************************************/ -static void swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) +static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) { SEC_ACL *acl = sd->dacl; int i; + BOOL update = False; - if ( sid_equal( sd->owner_sid, s1 ) ) + if ( sid_equal( sd->owner_sid, s1 ) ) { sid_copy( sd->owner_sid, s2 ); + update = True; + } - if ( sid_equal( sd->grp_sid, s1 ) ) + if ( sid_equal( sd->grp_sid, s1 ) ) { sid_copy( sd->grp_sid, s2 ); + update = True; + } for ( i=0; inum_aces; i++ ) { - if ( sid_equal( &acl->ace[i].trustee, s1 ) ) + if ( sid_equal( &acl->ace[i].trustee, s1 ) ) { sid_copy( &acl->ace[i].trustee, s2 ); + update = True; + } } + + return update; } /******************************************************************** @@ -71,7 +79,8 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, return False; } - swap_sid_in_acl( new_sd, &old_sid, &new_sid ); + if ( swap_sid_in_acl( new_sd, &old_sid, &new_sid ) ) + DEBUG(1,("Updating ACL for %s\n", nk->keyname )); regsubkey_ctr_init( &subkeys ); regval_ctr_init( &values ); @@ -104,8 +113,7 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, regval_ctr_destroy( &values ); regsubkey_ctr_destroy( &subkeys ); - if ( verbose ) - printf("[%s]\n", path ); + DEBUG(2,("[%s]\n", path)); return True; } @@ -121,14 +129,19 @@ int main( int argc, char *argv[] ) pstring orig_filename, new_filename; struct poptOption long_options[] = { POPT_AUTOHELP - { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "Sets verbose mode" }, { "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" }, { "new-sid", 'n', POPT_ARG_STRING, NULL, 'n', "Provides SID to change to" }, - { 0, 0, 0, 0 } + POPT_COMMON_SAMBA + POPT_COMMON_VERSION + POPT_TABLEEND }; + poptContext pc; + /* setup logging options */ - poptContext pc; + setup_logging( "profiles", True ); + dbf = x_stderr; + x_setbuf( x_stderr, NULL ); pc = poptGetContext("profiles", argc, (const char **)argv, long_options, POPT_CONTEXT_KEEP_FIRST); @@ -157,13 +170,10 @@ int main( int argc, char *argv[] ) } break; - case 'v': - verbose++; - break; } } - poptGetArg(pc); /* To get argv[0] */ + poptGetArg(pc); if (!poptPeekArg(pc)) { poptPrintUsage(pc, stderr, 0); -- cgit From 99376ade3540babc51ce2f36b3a2753452b8cb59 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 26 Aug 2005 18:10:55 +0000 Subject: r9658: cleanup a few debug messages (This used to be commit ddd512526c65899de50cafd95b9c64fe623153b3) --- source3/utils/profiles.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 424bc36695..284e15230a 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -80,7 +80,7 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, } if ( swap_sid_in_acl( new_sd, &old_sid, &new_sid ) ) - DEBUG(1,("Updating ACL for %s\n", nk->keyname )); + DEBUG(2,("Updating ACL for %s\n", nk->keyname )); regsubkey_ctr_init( &subkeys ); regval_ctr_init( &values ); @@ -113,7 +113,7 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, regval_ctr_destroy( &values ); regsubkey_ctr_destroy( &subkeys ); - DEBUG(2,("[%s]\n", path)); + DEBUG(1,("[%s]\n", path)); return True; } -- cgit From 44707ad2e00a91f459e80efbe8f362b5853b0a62 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 29 Aug 2005 14:55:40 +0000 Subject: r9739: conver the reg_objects (REGSUBKEY_CTR & REGVAL_CTR) to use the new talloc() features: Note that the REGSUB_CTR and REGVAL_CTR objects *must* be talloc()'d since the methods use the object pointer as the talloc context for internal private data. There is no longer a regXXX_ctr_intit() and regXXX_ctr_destroy() pair of functions. Simply TALLOC_ZERO_P() and TALLOC_FREE() the object. Also had to convert the printer_info_2->NT_PRINTER_DATA field to be talloc()'d as well. This is just a stop on the road to cleaning up the printer memory management. (This used to be commit ef721333ab9639cb5346067497e99fbd0d4425dd) --- source3/utils/profiles.c | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 284e15230a..52970bdffc 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -67,8 +67,8 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, { REGF_NK_REC *key, *subkey; SEC_DESC *new_sd; - REGVAL_CTR values; - REGSUBKEY_CTR subkeys; + REGVAL_CTR *values; + REGSUBKEY_CTR *subkeys; int i; pstring path; @@ -82,23 +82,30 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, if ( swap_sid_in_acl( new_sd, &old_sid, &new_sid ) ) DEBUG(2,("Updating ACL for %s\n", nk->keyname )); - regsubkey_ctr_init( &subkeys ); - regval_ctr_init( &values ); + if ( !(subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR )) ) { + DEBUG(0,("copy_registry_tree: talloc() failure!\n")); + return False; + } + + if ( !(values = TALLOC_ZERO_P( subkeys, REGVAL_CTR )) ) { + DEBUG(0,("copy_registry_tree: talloc() failure!\n")); + return False; + } /* copy values into the REGVAL_CTR */ for ( i=0; inum_values; i++ ) { - regval_ctr_addvalue( &values, nk->values[i].valuename, nk->values[i].type, + regval_ctr_addvalue( values, nk->values[i].valuename, nk->values[i].type, nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) ); } /* copy subkeys into the REGSUBKEY_CTR */ while ( (subkey = regfio_fetch_subkey( infile, nk )) ) { - regsubkey_ctr_addkey( &subkeys, subkey->keyname ); + regsubkey_ctr_addkey( subkeys, subkey->keyname ); } - key = regfio_write_key( outfile, nk->keyname, &values, &subkeys, new_sd, parent ); + key = regfio_write_key( outfile, nk->keyname, values, subkeys, new_sd, parent ); /* write each one of the subkeys out */ @@ -110,8 +117,9 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, return False; } - regval_ctr_destroy( &values ); - regsubkey_ctr_destroy( &subkeys ); + /* values is a talloc()'d child of subkeys here so just throw it all away */ + + TALLOC_FREE( subkeys ); DEBUG(1,("[%s]\n", path)); -- cgit From 8c072021efba737539b46e993df0c21a6438a82a Mon Sep 17 00:00:00 2001 From: James Peach Date: Tue, 30 Aug 2005 06:41:32 +0000 Subject: r9780: Clean up a bunch of compiler warnings. (This used to be commit 623d2e69319ffead31a780a4d6156dae45f386d7) --- source3/utils/profiles.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 52970bdffc..6bf9e44a14 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -188,7 +188,7 @@ int main( int argc, char *argv[] ) exit(1); } - if ((!change & new_val) || (change & !new_val)) { + if ((!change && new_val) || (change && !new_val)) { fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); poptPrintUsage(pc, stderr, 0); exit(252); @@ -225,5 +225,5 @@ int main( int argc, char *argv[] ) poptFreeContext(pc); - exit( 0 ); + return( 0 ); } -- cgit From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Oct 2005 03:24:00 +0000 Subject: r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 6bf9e44a14..05971b0d2e 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -96,7 +96,7 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, for ( i=0; inum_values; i++ ) { regval_ctr_addvalue( values, nk->values[i].valuename, nk->values[i].type, - nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) ); + (const char *)nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) ); } /* copy subkeys into the REGSUBKEY_CTR */ -- cgit From 7461a457d1c83ecb54310f04d9672a2180f5fb87 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 13 Feb 2006 04:58:13 +0000 Subject: r13486: Two more -- fix bug 3503 (This used to be commit 62b02a68438e0ff1119e68347b1ac3495572fa8a) --- source3/utils/profiles.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 05971b0d2e..9629dffaea 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -145,6 +145,8 @@ int main( int argc, char *argv[] ) }; poptContext pc; + load_case_tables(); + /* setup logging options */ setup_logging( "profiles", True ); -- cgit From 3c34f6085af1e168a1fe7602ae01ba643a7781bd Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 20 Jun 2006 09:16:53 +0000 Subject: r16409: Fix Klocwork ID's. 1177 In reg_perfcount.c: 1200 1202 1203 1204 In regfio.c: 1243 1245 1246 1247 1251 Jerry, the reg_perfcount and regfio.c ones, can you take a look please? This is really your code, and I'm not sure I did the right thing to return an error. smbcacls.c: 1377 srv_eventlog_nt.c: 1415 1416 1417 srv_lsa_nt.c: 1420 1421 srv_netlog_nt.c: 1429 srv_samr_nt: 1458 1459 1460 Volker Volker (This used to be commit d6547d12b1c9f9454876665a5bdb010f46b9f5ff) --- source3/utils/profiles.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 9629dffaea..d40a2deea3 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -213,7 +213,10 @@ int main( int argc, char *argv[] ) /* actually do the update now */ - nk = regfio_rootkey( infile ); + if ((nk = regfio_rootkey( infile )) == NULL) { + fprintf(stderr, "Could not get rootkey\n"); + exit(3); + } if ( !copy_registry_tree( infile, nk, NULL, outfile, "" ) ) { fprintf(stderr, "Failed to write updated registry file!\n"); -- cgit From 4db7642caa99c1b054322a8971c4b673556487ce Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 20 Sep 2006 22:23:12 +0000 Subject: r18745: Use the Samba4 data structures for security descriptors and security descriptor buffers. Make security access masks simply a uint32 rather than a structure with a uint32 in it. (This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366) --- source3/utils/profiles.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index d40a2deea3..d5b14fdfb0 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -43,14 +43,14 @@ static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) update = True; } - if ( sid_equal( sd->grp_sid, s1 ) ) { - sid_copy( sd->grp_sid, s2 ); + if ( sid_equal( sd->group_sid, s1 ) ) { + sid_copy( sd->group_sid, s2 ); update = True; } for ( i=0; inum_aces; i++ ) { - if ( sid_equal( &acl->ace[i].trustee, s1 ) ) { - sid_copy( &acl->ace[i].trustee, s2 ); + if ( sid_equal( &acl->aces[i].trustee, s1 ) ) { + sid_copy( &acl->aces[i].trustee, s2 ); update = True; } } -- cgit From dd110c9e7bee1e6de0adf71904faceb21136e04d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 26 Feb 2007 13:07:34 +0000 Subject: r21540: Fix Bug #3713 and readd reporting what the profiles tool does (when called with the -v option). Patch from William Jojo . Guenther (This used to be commit 5889f588ee9bee6ceb6e6d517f6e69e42d55a574) --- source3/utils/profiles.c | 60 ++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 56 insertions(+), 4 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index d5b14fdfb0..3a5c8f517c 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -27,34 +27,85 @@ DOM_SID old_sid, new_sid; int change = 0, new_val = 0; +BOOL opt_verbose = False; +/******************************************************************** +********************************************************************/ + +static void verbose_output(const char *format, ...) PRINTF_ATTRIBUTE(1,2); +static void verbose_output(const char *format, ...) +{ + va_list args; + char *var = NULL; + + if (!opt_verbose) { + return; + } + + va_start(args, format); + if ((vasprintf(&var, format, args)) == -1) { + va_end(args); + return; + } + + fprintf(stdout, var); + va_end(args); + SAFE_FREE(var); +} /******************************************************************** ********************************************************************/ static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) { - SEC_ACL *acl = sd->dacl; + SEC_ACL *acl; int i; BOOL update = False; + verbose_output(" Owner SID: %s\n", sid_string_static(sd->owner_sid)); if ( sid_equal( sd->owner_sid, s1 ) ) { sid_copy( sd->owner_sid, s2 ); update = True; + verbose_output(" New Owner SID: %s\n", + sid_string_static(sd->owner_sid)); + } + verbose_output(" Group SID: %s\n", sid_string_static(sd->group_sid)); if ( sid_equal( sd->group_sid, s1 ) ) { sid_copy( sd->group_sid, s2 ); update = True; + verbose_output(" New Group SID: %s\n", + sid_string_static(sd->group_sid)); } + acl = sd->dacl; + verbose_output(" DACL: %d entries:\n", acl->num_aces); for ( i=0; inum_aces; i++ ) { + verbose_output(" Trustee SID: %s\n", + sid_string_static(&acl->aces[i].trustee)); if ( sid_equal( &acl->aces[i].trustee, s1 ) ) { sid_copy( &acl->aces[i].trustee, s2 ); update = True; + verbose_output(" New Trustee SID: %s\n", + sid_string_static(&acl->aces[i].trustee)); } } +#if 0 + acl = sd->sacl; + verbose_output(" SACL: %d entries: \n", acl->num_aces); + for ( i=0; inum_aces; i++ ) { + verbose_output(" Trustee SID: %s\n", + sid_string_static(&acl->aces[i].trustee)); + if ( sid_equal( &acl->aces[i].trustee, s1 ) ) { + sid_copy( &acl->aces[i].trustee, s2 ); + update = True; + verbose_output(" New Trustee SID: %s\n", + sid_string_static(&acl->aces[i].trustee)); + } + } +#endif return update; } @@ -79,8 +130,8 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, return False; } - if ( swap_sid_in_acl( new_sd, &old_sid, &new_sid ) ) - DEBUG(2,("Updating ACL for %s\n", nk->keyname )); + verbose_output("ACL for %s%s%s\n", parentpath, parent ? "\\" : "", nk->keyname); + swap_sid_in_acl( new_sd, &old_sid, &new_sid ); if ( !(subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR )) ) { DEBUG(0,("copy_registry_tree: talloc() failure!\n")); @@ -121,7 +172,7 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, TALLOC_FREE( subkeys ); - DEBUG(1,("[%s]\n", path)); + verbose_output("[%s]\n", path); return True; } @@ -139,6 +190,7 @@ int main( int argc, char *argv[] ) POPT_AUTOHELP { "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" }, { "new-sid", 'n', POPT_ARG_STRING, NULL, 'n', "Provides SID to change to" }, + { "verbose", 'v', POPT_ARG_NONE, &opt_verbose, 'v', "Verbose output" }, POPT_COMMON_SAMBA POPT_COMMON_VERSION POPT_TABLEEND -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 3a5c8f517c..6ac044f9c4 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -7,7 +7,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/utils/profiles.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 6ac044f9c4..7c7b91adb1 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -16,8 +16,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit From d76717fe150846cb90af58ac1c6e007aeced3df1 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Mon, 15 Oct 2007 07:24:44 +0400 Subject: Correctly free memory in regfio paths (This used to be commit 97f9a90b823887e808cca96eca7a041f121e6111) --- source3/utils/profiles.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 7c7b91adb1..921af56657 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -138,6 +138,7 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, } if ( !(values = TALLOC_ZERO_P( subkeys, REGVAL_CTR )) ) { + TALLOC_FREE( subkeys ); DEBUG(0,("copy_registry_tree: talloc() failure!\n")); return False; } @@ -163,8 +164,10 @@ static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, nk->subkey_index = 0; while ( (subkey = regfio_fetch_subkey( infile, nk )) ) { - if ( !copy_registry_tree( infile, subkey, key, outfile, path ) ) + if ( !copy_registry_tree( infile, subkey, key, outfile, path ) ) { + TALLOC_FREE( subkeys ); return False; + } } /* values is a talloc()'d child of subkeys here so just throw it all away */ -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/utils/profiles.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index 921af56657..d6094f8bae 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -26,7 +26,7 @@ DOM_SID old_sid, new_sid; int change = 0, new_val = 0; -BOOL opt_verbose = False; +bool opt_verbose = False; /******************************************************************** ********************************************************************/ @@ -55,11 +55,11 @@ static void verbose_output(const char *format, ...) /******************************************************************** ********************************************************************/ -static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) +static bool swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) { SEC_ACL *acl; int i; - BOOL update = False; + bool update = False; verbose_output(" Owner SID: %s\n", sid_string_static(sd->owner_sid)); if ( sid_equal( sd->owner_sid, s1 ) ) { @@ -111,7 +111,7 @@ static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) /******************************************************************** ********************************************************************/ -static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, +static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, REGF_NK_REC *parent, REGF_FILE *outfile, const char *parentpath ) { -- cgit From 9a85533914119fb995fb61555c9f6e0018d4d181 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 19 Oct 2007 11:38:36 -0700 Subject: Fix the popt / bool issues. Some places we used BOOL where we meant int. Fix this. Thanks to metze for pointing this out. Jeremy. (This used to be commit 793a9d24a163cb6cf5a3a0aa5ae30e9f8cf4744a) --- source3/utils/profiles.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index d6094f8bae..f9b17d3dcc 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -26,7 +26,7 @@ DOM_SID old_sid, new_sid; int change = 0, new_val = 0; -bool opt_verbose = False; +int opt_verbose = False; /******************************************************************** ********************************************************************/ -- cgit From adf6d848de8ae32a83c7271d8ccd24d2cf8b47f7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 3 Dec 2007 18:48:41 -0800 Subject: Getting to the home stretch for elimination of pstrings... Jeremy. (This used to be commit 041163551194102ca67fef52c57d87020a1d09bc) --- source3/utils/profiles.c | 63 ++++++++++++++++++++++++++++++------------------ 1 file changed, 39 insertions(+), 24 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index f9b17d3dcc..c641429beb 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -120,7 +120,7 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, REGVAL_CTR *values; REGSUBKEY_CTR *subkeys; int i; - pstring path; + char *path; /* swap out the SIDs in the security descriptor */ @@ -160,13 +160,18 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, /* write each one of the subkeys out */ - pstr_sprintf( path, "%s%s%s", parentpath, parent ? "\\" : "", nk->keyname ); - + path = talloc_asprintf(subkeys, "%s%s%s", + parentpath, parent ? "\\" : "",nk->keyname); + if (!path) { + TALLOC_FREE( subkeys ); + return false; + } + nk->subkey_index = 0; - while ( (subkey = regfio_fetch_subkey( infile, nk )) ) { - if ( !copy_registry_tree( infile, subkey, key, outfile, path ) ) { - TALLOC_FREE( subkeys ); - return False; + while ((subkey = regfio_fetch_subkey(infile, nk))) { + if (!copy_registry_tree( infile, subkey, key, outfile, path)) { + TALLOC_FREE(subkeys); + return false; } } @@ -184,10 +189,11 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, int main( int argc, char *argv[] ) { + TALLOC_CTX *frame = talloc_stackframe(); int opt; REGF_FILE *infile, *outfile; REGF_NK_REC *nk; - pstring orig_filename, new_filename; + char *orig_filename, *new_filename; struct poptOption long_options[] = { POPT_AUTOHELP { "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" }, @@ -207,7 +213,7 @@ int main( int argc, char *argv[] ) dbf = x_stderr; x_setbuf( x_stderr, NULL ); - pc = poptGetContext("profiles", argc, (const char **)argv, long_options, + pc = poptGetContext("profiles", argc, (const char **)argv, long_options, POPT_CONTEXT_KEEP_FIRST); poptSetOtherOptionHelp(pc, ""); @@ -237,7 +243,7 @@ int main( int argc, char *argv[] ) } } - poptGetArg(pc); + poptGetArg(pc); if (!poptPeekArg(pc)) { poptPrintUsage(pc, stderr, 0); @@ -250,39 +256,48 @@ int main( int argc, char *argv[] ) exit(252); } - pstrcpy( orig_filename, poptPeekArg(pc) ); - pstr_sprintf( new_filename, "%s.new", orig_filename ); - - if ( !(infile = regfio_open( orig_filename, O_RDONLY, 0 )) ) { + orig_filename = talloc_strdup(frame, poptPeekArg(pc)); + if (!orig_filename) { + exit(ENOMEM); + } + new_filename = talloc_asprintf(frame, + "%s.new", + orig_filename); + if (!new_filename) { + exit(ENOMEM); + } + + if (!(infile = regfio_open( orig_filename, O_RDONLY, 0))) { fprintf( stderr, "Failed to open %s!\n", orig_filename ); fprintf( stderr, "Error was (%s)\n", strerror(errno) ); exit (1); } - + if ( !(outfile = regfio_open( new_filename, (O_RDWR|O_CREAT|O_TRUNC), (S_IREAD|S_IWRITE) )) ) { fprintf( stderr, "Failed to open new file %s!\n", new_filename ); fprintf( stderr, "Error was (%s)\n", strerror(errno) ); exit (1); } - + /* actually do the update now */ - + if ((nk = regfio_rootkey( infile )) == NULL) { fprintf(stderr, "Could not get rootkey\n"); exit(3); } - - if ( !copy_registry_tree( infile, nk, NULL, outfile, "" ) ) { + + if (!copy_registry_tree( infile, nk, NULL, outfile, "")) { fprintf(stderr, "Failed to write updated registry file!\n"); exit(2); } - + /* cleanup */ - - regfio_close( infile ); - regfio_close( outfile ); + + regfio_close(infile); + regfio_close(outfile); poptFreeContext(pc); - return( 0 ); + TALLOC_FREE(frame); + return 0; } -- cgit From 7b01537679d4d4f1408634fe63c64c144f9d9519 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Dec 2007 21:53:26 +0100 Subject: Replace sid_string_static with sid_string_tos In utils/ I was a bit lazy... (This used to be commit 60e830b0f4571bd5d9039f2edd199534f2a4c341) --- source3/utils/profiles.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'source3/utils/profiles.c') diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index c641429beb..0b8a0d4278 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -61,33 +61,33 @@ static bool swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) int i; bool update = False; - verbose_output(" Owner SID: %s\n", sid_string_static(sd->owner_sid)); + verbose_output(" Owner SID: %s\n", sid_string_tos(sd->owner_sid)); if ( sid_equal( sd->owner_sid, s1 ) ) { sid_copy( sd->owner_sid, s2 ); update = True; verbose_output(" New Owner SID: %s\n", - sid_string_static(sd->owner_sid)); + sid_string_tos(sd->owner_sid)); } - verbose_output(" Group SID: %s\n", sid_string_static(sd->group_sid)); + verbose_output(" Group SID: %s\n", sid_string_tos(sd->group_sid)); if ( sid_equal( sd->group_sid, s1 ) ) { sid_copy( sd->group_sid, s2 ); update = True; verbose_output(" New Group SID: %s\n", - sid_string_static(sd->group_sid)); + sid_string_tos(sd->group_sid)); } acl = sd->dacl; verbose_output(" DACL: %d entries:\n", acl->num_aces); for ( i=0; inum_aces; i++ ) { verbose_output(" Trustee SID: %s\n", - sid_string_static(&acl->aces[i].trustee)); + sid_string_tos(&acl->aces[i].trustee)); if ( sid_equal( &acl->aces[i].trustee, s1 ) ) { sid_copy( &acl->aces[i].trustee, s2 ); update = True; verbose_output(" New Trustee SID: %s\n", - sid_string_static(&acl->aces[i].trustee)); + sid_string_tos(&acl->aces[i].trustee)); } } @@ -96,12 +96,12 @@ static bool swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) verbose_output(" SACL: %d entries: \n", acl->num_aces); for ( i=0; inum_aces; i++ ) { verbose_output(" Trustee SID: %s\n", - sid_string_static(&acl->aces[i].trustee)); + sid_string_tos(&acl->aces[i].trustee)); if ( sid_equal( &acl->aces[i].trustee, s1 ) ) { sid_copy( &acl->aces[i].trustee, s2 ); update = True; verbose_output(" New Trustee SID: %s\n", - sid_string_static(&acl->aces[i].trustee)); + sid_string_tos(&acl->aces[i].trustee)); } } #endif -- cgit