/*
Samba Unix/Linux SMB client library
Distributed SMB/CIFS Server Management Utility
Copyright (C) Gerald (Jerry) Carter 2005-2006
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see . */
#include "includes.h"
#include "utils/net.h"
#include "utils/net_registry_util.h"
#include "regfio.h"
#include "reg_objects.h"
static bool reg_hive_key(TALLOC_CTX *ctx, const char *fullname,
uint32 *reg_type, const char **key_name)
{
WERROR werr;
char *hivename = NULL;
char *tmp_keyname = NULL;
bool ret = false;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
werr = split_hive_key(tmp_ctx, fullname, &hivename, &tmp_keyname);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
*key_name = talloc_strdup(ctx, tmp_keyname);
if (*key_name == NULL) {
goto done;
}
if (strequal(hivename, "HKLM") ||
strequal(hivename, "HKEY_LOCAL_MACHINE"))
{
(*reg_type) = HKEY_LOCAL_MACHINE;
} else if (strequal(hivename, "HKCR") ||
strequal(hivename, "HKEY_CLASSES_ROOT"))
{
(*reg_type) = HKEY_CLASSES_ROOT;
} else if (strequal(hivename, "HKU") ||
strequal(hivename, "HKEY_USERS"))
{
(*reg_type) = HKEY_USERS;
} else if (strequal(hivename, "HKCU") ||
strequal(hivename, "HKEY_CURRENT_USER"))
{
(*reg_type) = HKEY_CURRENT_USER;
} else if (strequal(hivename, "HKPD") ||
strequal(hivename, "HKEY_PERFORMANCE_DATA"))
{
(*reg_type) = HKEY_PERFORMANCE_DATA;
} else {
DEBUG(10,("reg_hive_key: unrecognised hive key %s\n",
fullname));
goto done;
}
ret = true;
done:
TALLOC_FREE(tmp_ctx);
return ret;
}
static NTSTATUS registry_openkey(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *pipe_hnd,
const char *name, uint32 access_mask,
struct policy_handle *hive_hnd,
struct policy_handle *key_hnd)
{
uint32 hive;
NTSTATUS status;
struct winreg_String key;
ZERO_STRUCT(key);
if (!reg_hive_key(mem_ctx, name, &hive, &key.name)) {
return NT_STATUS_INVALID_PARAMETER;
}
status = rpccli_winreg_Connect(pipe_hnd, mem_ctx, hive, access_mask,
hive_hnd);
if (!(NT_STATUS_IS_OK(status))) {
return status;
}
status = rpccli_winreg_OpenKey(pipe_hnd, mem_ctx, hive_hnd, key, 0,
access_mask, key_hnd, NULL);
if (!(NT_STATUS_IS_OK(status))) {
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, hive_hnd, NULL);
return status;
}
return NT_STATUS_OK;
}
static NTSTATUS registry_enumkeys(TALLOC_CTX *ctx,
struct rpc_pipe_client *pipe_hnd,
struct policy_handle *key_hnd,
uint32 *pnum_keys, char ***pnames,
char ***pclasses, NTTIME ***pmodtimes)
{
TALLOC_CTX *mem_ctx;
NTSTATUS status;
uint32 num_subkeys, max_subkeylen, max_classlen;
uint32 num_values, max_valnamelen, max_valbufsize;
uint32 i;
NTTIME last_changed_time;
uint32 secdescsize;
struct winreg_String classname;
char **names, **classes;
NTTIME **modtimes;
if (!(mem_ctx = talloc_new(ctx))) {
return NT_STATUS_NO_MEMORY;
}
ZERO_STRUCT(classname);
status = rpccli_winreg_QueryInfoKey(
pipe_hnd, mem_ctx, key_hnd, &classname, &num_subkeys,
&max_subkeylen, &max_classlen, &num_values, &max_valnamelen,
&max_valbufsize, &secdescsize, &last_changed_time, NULL );
if (!NT_STATUS_IS_OK(status)) {
goto error;
}
if (num_subkeys == 0) {
*pnum_keys = 0;
TALLOC_FREE(mem_ctx);
return NT_STATUS_OK;
}
if ((!(names = TALLOC_ZERO_ARRAY(mem_ctx, char *, num_subkeys))) ||
(!(classes = TALLOC_ZERO_ARRAY(mem_ctx, char *, num_subkeys))) ||
(!(modtimes = TALLOC_ZERO_ARRAY(mem_ctx, NTTIME *,
num_subkeys)))) {
status = NT_STATUS_NO_MEMORY;
goto error;
}
for (i=0; itype,
blob.data, blob.length, NULL);
TALLOC_FREE(blob.data);
return result;
}
static NTSTATUS rpc_registry_setvalue_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv )
{
struct policy_handle hive_hnd, key_hnd;
NTSTATUS status;
struct registry_value value;
status = registry_openkey(mem_ctx, pipe_hnd, argv[0],
SEC_RIGHTS_MAXIMUM_ALLOWED,
&hive_hnd, &key_hnd);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_openkey failed: %s\n",
nt_errstr(status));
return status;
}
if (!strequal(argv[2], "multi_sz") && (argc != 4)) {
d_fprintf(stderr, "Too many args for type %s\n", argv[2]);
return NT_STATUS_NOT_IMPLEMENTED;
}
if (strequal(argv[2], "dword")) {
value.type = REG_DWORD;
value.v.dword = strtoul(argv[3], NULL, 10);
}
else if (strequal(argv[2], "sz")) {
value.type = REG_SZ;
value.v.sz.len = strlen(argv[3])+1;
value.v.sz.str = CONST_DISCARD(char *, argv[3]);
}
else {
d_fprintf(stderr, "type \"%s\" not implemented\n", argv[2]);
status = NT_STATUS_NOT_IMPLEMENTED;
goto error;
}
status = registry_setvalue(mem_ctx, pipe_hnd, &key_hnd,
argv[1], &value);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_setvalue failed: %s\n",
nt_errstr(status));
}
error:
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd, NULL);
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
return NT_STATUS_OK;
}
static int rpc_registry_setvalue(struct net_context *c, int argc,
const char **argv )
{
if (argc < 4) {
d_fprintf(stderr, "usage: net rpc registry setvalue "
" []+\n");
return -1;
}
return run_rpc_command(c, NULL, PI_WINREG, 0,
rpc_registry_setvalue_internal, argc, argv );
}
static NTSTATUS rpc_registry_deletevalue_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv )
{
struct policy_handle hive_hnd, key_hnd;
NTSTATUS status;
struct winreg_String valuename;
ZERO_STRUCT(valuename);
status = registry_openkey(mem_ctx, pipe_hnd, argv[0],
SEC_RIGHTS_MAXIMUM_ALLOWED,
&hive_hnd, &key_hnd);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_openkey failed: %s\n",
nt_errstr(status));
return status;
}
valuename.name = argv[1];
status = rpccli_winreg_DeleteValue(pipe_hnd, mem_ctx, &key_hnd,
valuename, NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_deletevalue failed: %s\n",
nt_errstr(status));
}
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd, NULL);
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
return status;
}
static int rpc_registry_deletevalue(struct net_context *c, int argc,
const char **argv )
{
if (argc != 2) {
d_fprintf(stderr, "usage: net rpc registry deletevalue "
"\n");
return -1;
}
return run_rpc_command(c, NULL, PI_WINREG, 0,
rpc_registry_deletevalue_internal, argc, argv );
}
static NTSTATUS rpc_registry_getvalue_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
struct policy_handle hive_hnd, key_hnd;
NTSTATUS status;
WERROR werr;
struct winreg_String valuename;
struct registry_value *value = NULL;
enum winreg_Type type = REG_NONE;
uint8_t *data = NULL;
uint32_t data_size = 0;
uint32_t value_length = 0;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
ZERO_STRUCT(valuename);
status = registry_openkey(tmp_ctx, pipe_hnd, argv[0],
SEC_RIGHTS_MAXIMUM_ALLOWED,
&hive_hnd, &key_hnd);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_openkey failed: %s\n",
nt_errstr(status));
return status;
}
valuename.name = argv[1];
/*
* call QueryValue once with data == NULL to get the
* needed memory size to be allocated, then allocate
* data buffer and call again.
*/
status = rpccli_winreg_QueryValue(pipe_hnd, tmp_ctx, &key_hnd,
&valuename,
&type,
data,
&data_size,
&value_length,
NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_queryvalue failed: %s\n",
nt_errstr(status));
goto done;
}
data = (uint8 *)TALLOC(tmp_ctx, data_size);
value_length = 0;
status = rpccli_winreg_QueryValue(pipe_hnd, tmp_ctx, &key_hnd,
&valuename,
&type,
data,
&data_size,
&value_length,
NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_queryvalue failed: %s\n",
nt_errstr(status));
goto done;
}
werr = registry_pull_value(tmp_ctx, &value, type, data,
data_size, value_length);
if (!W_ERROR_IS_OK(werr)) {
status = werror_to_ntstatus(werr);
goto done;
}
print_registry_value(value, false);
done:
rpccli_winreg_CloseKey(pipe_hnd, tmp_ctx, &key_hnd, NULL);
rpccli_winreg_CloseKey(pipe_hnd, tmp_ctx, &hive_hnd, NULL);
TALLOC_FREE(tmp_ctx);
return status;
}
static int rpc_registry_getvalue(struct net_context *c, int argc,
const char **argv)
{
if (argc != 2) {
d_fprintf(stderr, "usage: net rpc registry deletevalue "
"\n");
return -1;
}
return run_rpc_command(c, NULL, PI_WINREG, 0,
rpc_registry_getvalue_internal, argc, argv);
}
static NTSTATUS rpc_registry_createkey_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv )
{
uint32 hive;
struct policy_handle hive_hnd, key_hnd;
struct winreg_String key, keyclass;
enum winreg_CreateAction action;
NTSTATUS status;
ZERO_STRUCT(key);
ZERO_STRUCT(keyclass);
if (!reg_hive_key(mem_ctx, argv[0], &hive, &key.name)) {
return NT_STATUS_INVALID_PARAMETER;
}
status = rpccli_winreg_Connect(pipe_hnd, mem_ctx, hive,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&hive_hnd);
if (!(NT_STATUS_IS_OK(status))) {
return status;
}
action = REG_ACTION_NONE;
keyclass.name = "";
status = rpccli_winreg_CreateKey(pipe_hnd, mem_ctx, &hive_hnd, key,
keyclass, 0, REG_KEY_READ, NULL,
&key_hnd, &action, NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "createkey returned %s\n",
nt_errstr(status));
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
return status;
}
switch (action) {
case REG_ACTION_NONE:
d_printf("createkey did nothing -- huh?\n");
break;
case REG_CREATED_NEW_KEY:
d_printf("createkey created %s\n", argv[0]);
break;
case REG_OPENED_EXISTING_KEY:
d_printf("createkey opened existing %s\n", argv[0]);
break;
}
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &key_hnd, NULL);
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
return status;
}
static int rpc_registry_createkey(struct net_context *c, int argc,
const char **argv )
{
if (argc != 1) {
d_fprintf(stderr, "usage: net rpc registry createkey \n");
return -1;
}
return run_rpc_command(c, NULL, PI_WINREG, 0,
rpc_registry_createkey_internal, argc, argv );
}
static NTSTATUS rpc_registry_deletekey_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv )
{
uint32 hive;
struct policy_handle hive_hnd;
struct winreg_String key;
NTSTATUS status;
ZERO_STRUCT(key);
if (!reg_hive_key(mem_ctx, argv[0], &hive, &key.name)) {
return NT_STATUS_INVALID_PARAMETER;
}
status = rpccli_winreg_Connect(pipe_hnd, mem_ctx, hive,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&hive_hnd);
if (!(NT_STATUS_IS_OK(status))) {
return status;
}
status = rpccli_winreg_DeleteKey(pipe_hnd, mem_ctx, &hive_hnd, key, NULL);
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &hive_hnd, NULL);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "deletekey returned %s\n",
nt_errstr(status));
}
return status;
}
static int rpc_registry_deletekey(struct net_context *c, int argc, const char **argv )
{
if (argc != 1) {
d_fprintf(stderr, "usage: net rpc registry deletekey \n");
return -1;
}
return run_rpc_command(c, NULL, PI_WINREG, 0,
rpc_registry_deletekey_internal, argc, argv );
}
/********************************************************************
********************************************************************/
static NTSTATUS rpc_registry_enumerate_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv )
{
POLICY_HND pol_hive, pol_key;
NTSTATUS status;
uint32 num_subkeys = 0;
uint32 num_values = 0;
char **names = NULL, **classes = NULL;
NTTIME **modtimes = NULL;
uint32 i;
struct registry_value **values = NULL;
if (argc != 1 ) {
d_printf("Usage: net rpc registry enumerate \n");
d_printf("Example: net rpc registry enumerate 'HKLM\\Software\\Samba'\n");
return NT_STATUS_INVALID_PARAMETER;
}
status = registry_openkey(mem_ctx, pipe_hnd, argv[0], REG_KEY_READ,
&pol_hive, &pol_key);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_openkey failed: %s\n",
nt_errstr(status));
return status;
}
status = registry_enumkeys(mem_ctx, pipe_hnd, &pol_key, &num_subkeys,
&names, &classes, &modtimes);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "enumerating keys failed: %s\n",
nt_errstr(status));
return status;
}
for (i=0; i \n");
return NT_STATUS_INVALID_PARAMETER;
}
status = registry_openkey(mem_ctx, pipe_hnd, argv[0], REG_KEY_ALL,
&pol_hive, &pol_key);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_openkey failed: %s\n",
nt_errstr(status));
return status;
}
filename.name = argv[1];
status = rpccli_winreg_SaveKey( pipe_hnd, mem_ctx, &pol_key, &filename, NULL, NULL);
if ( !W_ERROR_IS_OK(result) ) {
d_fprintf(stderr, "Unable to save [%s] to %s:%s\n", argv[0], cli->desthost, argv[1]);
}
/* cleanup */
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_key, NULL);
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_hive, NULL);
return status;
}
/********************************************************************
********************************************************************/
static int rpc_registry_save(struct net_context *c, int argc, const char **argv )
{
return run_rpc_command(c, NULL, PI_WINREG, 0,
rpc_registry_save_internal, argc, argv );
}
/********************************************************************
********************************************************************/
static void dump_values( REGF_NK_REC *nk )
{
int i, j;
char *data_str = NULL;
uint32 data_size, data;
if ( !nk->values )
return;
for ( i=0; inum_values; i++ ) {
d_printf( "\"%s\" = ", nk->values[i].valuename ? nk->values[i].valuename : "(default)" );
d_printf( "(%s) ", reg_type_lookup( nk->values[i].type ) );
data_size = nk->values[i].data_size & ~VK_DATA_IN_OFFSET;
switch ( nk->values[i].type ) {
case REG_SZ:
rpcstr_pull_talloc(talloc_tos(),
&data_str,
nk->values[i].data,
-1,
STR_TERMINATE);
if (!data_str) {
break;
}
d_printf( "%s", data_str );
break;
case REG_MULTI_SZ:
case REG_EXPAND_SZ:
for ( j=0; jvalues[i].data[j] );
}
break;
case REG_DWORD:
data = IVAL( nk->values[i].data, 0 );
d_printf("0x%x", data );
break;
case REG_BINARY:
for ( j=0; jvalues[i].data[j] );
}
break;
default:
d_printf("unknown");
break;
}
d_printf( "\n" );
}
}
/********************************************************************
********************************************************************/
static bool dump_registry_tree( REGF_FILE *file, REGF_NK_REC *nk, const char *parent )
{
REGF_NK_REC *key;
/* depth first dump of the registry tree */
while ( (key = regfio_fetch_subkey( file, nk )) ) {
char *regpath;
if (asprintf(®path, "%s\\%s", parent, key->keyname) < 0) {
break;
}
d_printf("[%s]\n", regpath );
dump_values( key );
d_printf("\n");
dump_registry_tree( file, key, regpath );
SAFE_FREE(regpath);
}
return True;
}
/********************************************************************
********************************************************************/
static bool write_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
REGF_NK_REC *parent, REGF_FILE *outfile,
const char *parentpath )
{
REGF_NK_REC *key, *subkey;
REGVAL_CTR *values = NULL;
REGSUBKEY_CTR *subkeys = NULL;
int i;
char *path = NULL;
if ( !( subkeys = TALLOC_ZERO_P( infile->mem_ctx, REGSUBKEY_CTR )) ) {
DEBUG(0,("write_registry_tree: talloc() failed!\n"));
return False;
}
if ( !(values = TALLOC_ZERO_P( subkeys, REGVAL_CTR )) ) {
DEBUG(0,("write_registry_tree: talloc() failed!\n"));
TALLOC_FREE(subkeys);
return False;
}
/* copy values into the REGVAL_CTR */
for ( i=0; inum_values; i++ ) {
regval_ctr_addvalue( values, nk->values[i].valuename, nk->values[i].type,
(const char *)nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) );
}
/* copy subkeys into the REGSUBKEY_CTR */
while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
regsubkey_ctr_addkey( subkeys, subkey->keyname );
}
key = regfio_write_key( outfile, nk->keyname, values, subkeys, nk->sec_desc->sec_desc, parent );
/* write each one of the subkeys out */
path = talloc_asprintf(subkeys,
"%s%s%s",
parentpath,
parent ? "\\" : "",
nk->keyname);
if (!path) {
TALLOC_FREE(subkeys);
return false;
}
nk->subkey_index = 0;
while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
write_registry_tree( infile, subkey, key, outfile, path );
}
d_printf("[%s]\n", path );
TALLOC_FREE(subkeys);
return True;
}
/********************************************************************
********************************************************************/
static int rpc_registry_dump(struct net_context *c, int argc, const char **argv)
{
REGF_FILE *registry;
REGF_NK_REC *nk;
if (argc != 1 ) {
d_printf("Usage: net rpc registry dump \n");
return -1;
}
d_printf("Opening %s....", argv[0]);
if ( !(registry = regfio_open( argv[0], O_RDONLY, 0)) ) {
d_fprintf(stderr, "Failed to open %s for reading\n", argv[0]);
return 1;
}
d_printf("ok\n");
/* get the root of the registry file */
if ((nk = regfio_rootkey( registry )) == NULL) {
d_fprintf(stderr, "Could not get rootkey\n");
regfio_close( registry );
return 1;
}
d_printf("[%s]\n", nk->keyname);
dump_values( nk );
d_printf("\n");
dump_registry_tree( registry, nk, nk->keyname );
#if 0
talloc_report_full( registry->mem_ctx, stderr );
#endif
d_printf("Closing registry...");
regfio_close( registry );
d_printf("ok\n");
return 0;
}
/********************************************************************
********************************************************************/
static int rpc_registry_copy(struct net_context *c, int argc, const char **argv )
{
REGF_FILE *infile = NULL, *outfile = NULL;
REGF_NK_REC *nk;
int result = 1;
if (argc != 2 ) {
d_printf("Usage: net rpc registry copy \n");
return -1;
}
d_printf("Opening %s....", argv[0]);
if ( !(infile = regfio_open( argv[0], O_RDONLY, 0 )) ) {
d_fprintf(stderr, "Failed to open %s for reading\n", argv[0]);
return 1;
}
d_printf("ok\n");
d_printf("Opening %s....", argv[1]);
if ( !(outfile = regfio_open( argv[1], (O_RDWR|O_CREAT|O_TRUNC), (S_IREAD|S_IWRITE) )) ) {
d_fprintf(stderr, "Failed to open %s for writing\n", argv[1]);
goto out;
}
d_printf("ok\n");
/* get the root of the registry file */
if ((nk = regfio_rootkey( infile )) == NULL) {
d_fprintf(stderr, "Could not get rootkey\n");
goto out;
}
d_printf("RootKey: [%s]\n", nk->keyname);
write_registry_tree( infile, nk, NULL, outfile, "" );
result = 0;
out:
d_printf("Closing %s...", argv[1]);
if (outfile) {
regfio_close( outfile );
}
d_printf("ok\n");
d_printf("Closing %s...", argv[0]);
if (infile) {
regfio_close( infile );
}
d_printf("ok\n");
return( result);
}
/********************************************************************
********************************************************************/
static NTSTATUS rpc_registry_getsd_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
POLICY_HND pol_hive, pol_key;
NTSTATUS status;
enum ndr_err_code ndr_err;
struct KeySecurityData *sd = NULL;
uint32_t sec_info;
DATA_BLOB blob;
struct security_descriptor sec_desc;
uint32_t access_mask = REG_KEY_READ |
SEC_RIGHT_MAXIMUM_ALLOWED |
SEC_RIGHT_SYSTEM_SECURITY;
if (argc <1 || argc > 2) {
d_printf("Usage: net rpc registry getsd \n");
d_printf("Example: net rpc registry getsd 'HKLM\\Software\\Samba'\n");
return NT_STATUS_INVALID_PARAMETER;
}
status = registry_openkey(mem_ctx, pipe_hnd, argv[0],
access_mask,
&pol_hive, &pol_key);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "registry_openkey failed: %s\n",
nt_errstr(status));
return status;
}
sd = TALLOC_ZERO_P(mem_ctx, struct KeySecurityData);
if (!sd) {
status = NT_STATUS_NO_MEMORY;
goto out;
}
sd->size = 0x1000;
if (argc >= 2) {
sscanf(argv[1], "%x", &sec_info);
} else {
sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
}
status = registry_getsd(mem_ctx, pipe_hnd, &pol_key, sec_info, sd);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "getting sd failed: %s\n",
nt_errstr(status));
goto out;
}
blob.data = sd->data;
blob.length = sd->size;
ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &sec_desc,
(ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
status = ndr_map_error2ntstatus(ndr_err);
goto out;
}
status = NT_STATUS_OK;
display_sec_desc(&sec_desc);
out:
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_key, NULL);
rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &pol_hive, NULL);
return status;
}
static int rpc_registry_getsd(struct net_context *c, int argc, const char **argv)
{
return run_rpc_command(c, NULL, PI_WINREG, 0,
rpc_registry_getsd_internal, argc, argv);
}
/********************************************************************
********************************************************************/
int net_rpc_registry(struct net_context *c, int argc, const char **argv)
{
struct functable2 func[] = {
{ "enumerate", rpc_registry_enumerate,
"Enumerate registry keys and values" },
{ "createkey", rpc_registry_createkey,
"Create a new registry key" },
{ "deletekey", rpc_registry_deletekey,
"Delete a registry key" },
{ "getvalue", rpc_registry_getvalue,
"Print a registry value" },
{ "setvalue", rpc_registry_setvalue,
"Set a new registry value" },
{ "deletevalue", rpc_registry_deletevalue,
"Delete a registry value" },
{ "save", rpc_registry_save,
"Save a registry file" },
{ "dump", rpc_registry_dump,
"Dump a registry file" },
{ "copy", rpc_registry_copy,
"Copy a registry file" },
{ "getsd", rpc_registry_getsd,
"Get security descriptor" },
{NULL, NULL, NULL}
};
return net_run_function2(c, argc, argv, "net rpc registry", func);
}