Author: jelmer Date: 2005-09-03 23:23:14 +0000 (Sat, 03 Sep 2005) New Revision: 10016
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10016 Log: Support reading security descriptors on keys. Modified: branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c branches/SAMBA_4_0/source/lib/registry/regf.idl branches/SAMBA_4_0/source/lib/registry/tools/regtree.c Changeset: Modified: branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c =================================================================== --- branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c 2005-09-03 22:58:04 UTC (rev 10015) +++ branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c 2005-09-03 23:23:14 UTC (rev 10016) @@ -427,7 +427,16 @@ } +WERROR reg_get_sec_desc(TALLOC_CTX *ctx, struct registry_key *key, struct security_descriptor **secdesc) +{ + /* A 'real' set function has preference */ + if (key->hive->functions->key_get_sec_desc) + return key->hive->functions->key_get_sec_desc(ctx, key, secdesc); + DEBUG(1, ("Backend '%s' doesn't support method get_sec_desc\n", key->hive->functions->name)); + return WERR_NOT_SUPPORTED; +} + WERROR reg_del_value(struct registry_key *key, const char *valname) { WERROR ret = WERR_OK; Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c =================================================================== --- branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c 2005-09-03 22:58:04 UTC (rev 10015) +++ branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c 2005-09-03 23:23:14 UTC (rev 10016) @@ -21,6 +21,7 @@ #include "registry.h" #include "system/filesys.h" #include "lib/registry/tdr_regf.h" +#include "librpc/gen_ndr/ndr_security.h" /* * Read HBIN blocks into memory @@ -251,6 +252,51 @@ return WERR_OK; } +static WERROR regf_get_sec_desc(TALLOC_CTX *ctx, struct registry_key *key, struct security_descriptor **sd) +{ + struct nk_block *nk = key->backend_data; + struct tdr_pull *tdr; + struct sk_block sk; + DATA_BLOB data; + + data = regf_get_data(key->hive->backend_data, nk->sk_offset); + if (!data.data) { + DEBUG(0, ("Unable to find security descriptor\n")); + return WERR_GENERAL_FAILURE; + } + + tdr = talloc_zero(ctx, struct tdr_pull); + if (!tdr) + return WERR_NOMEM; + + tdr->data = data; + + if (NT_STATUS_IS_ERR(tdr_pull_sk_block(tdr, &sk))) { + DEBUG(0, ("Error parsing SK block\n")); + return WERR_GENERAL_FAILURE; + } + + if (strcmp(sk.header, "sk") != 0) { + DEBUG(0, ("Expected 'sk', got '%s'\n", sk.header)); + return WERR_GENERAL_FAILURE; + } + + *sd = talloc(ctx, struct security_descriptor); + if (!*sd) + return WERR_NOMEM; + + data.data = sk.sec_desc; + data.length = sk.rec_size; + if (NT_STATUS_IS_ERR(ndr_pull_struct_blob(&data, ctx, *sd, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor))) { + DEBUG(0, ("Error parsing security descriptor\n")); + return WERR_GENERAL_FAILURE; + } + + talloc_free(tdr); + + return WERR_OK; +} + static WERROR nt_open_hive (struct registry_hive *h, struct registry_key **key) { struct regf_data *regf; @@ -342,6 +388,7 @@ .num_values = regf_num_values, .get_subkey_by_index = regf_get_subkey, .get_value_by_index = regf_get_value, + .key_get_sec_desc = regf_get_sec_desc, }; NTSTATUS registry_nt4_init(void) Modified: branches/SAMBA_4_0/source/lib/registry/regf.idl =================================================================== --- branches/SAMBA_4_0/source/lib/registry/regf.idl 2005-09-03 22:58:04 UTC (rev 10015) +++ branches/SAMBA_4_0/source/lib/registry/regf.idl 2005-09-03 23:23:14 UTC (rev 10016) @@ -100,9 +100,9 @@ } nk_block; /* sk (? Security Key ?) is the ACL of the registry. */ - typedef [noprint,nopush,nopull] struct { + typedef [noprint,public] struct { [charset(DOS)] uint8 header[2]; - uint16 uk1; + uint16 tag; uint32 prev_offset; uint32 next_offset; uint32 ref_cnt; Modified: branches/SAMBA_4_0/source/lib/registry/tools/regtree.c =================================================================== --- branches/SAMBA_4_0/source/lib/registry/tools/regtree.c 2005-09-03 22:58:04 UTC (rev 10015) +++ branches/SAMBA_4_0/source/lib/registry/tools/regtree.c 2005-09-03 23:23:14 UTC (rev 10016) @@ -28,6 +28,7 @@ { struct registry_key *subkey; struct registry_value *value; + struct security_descriptor *sec_desc; WERROR error; int i; TALLOC_CTX *mem_ctx; @@ -68,9 +69,15 @@ DEBUG(0, ("Error occured while fetching values for '%s': %s\n", p->path, win_errstr(error))); } } + + mem_ctx = talloc_init("sec_desc"); + if (NT_STATUS_IS_ERR(reg_get_sec_desc(mem_ctx, p, &sec_desc))) { + DEBUG(0, ("Error getting security descriptor\n")); + } + talloc_free(mem_ctx); } - int main(int argc, char **argv) +int main(int argc, char **argv) { int opt, i; const char *backend = NULL;