svn commit: samba r10016 - in branches/SAMBA_4_0/source/lib/registry: . common tools

Sat Sep 3 23:23:15 GMT 2005

Author: jelmer
Date: 2005-09-03 23:23:14 +0000 (Sat, 03 Sep 2005)
New Revision: 10016

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10016

Log:
Support reading security descriptors on keys.

Modified:
   branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c
   branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c
   branches/SAMBA_4_0/source/lib/registry/regf.idl
   branches/SAMBA_4_0/source/lib/registry/tools/regtree.c


Changeset:
Modified: branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c
===================================================================

--- branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c	2005-09-03 22:58:04 UTC (rev 10015)
+++ branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c	2005-09-03 23:23:14 UTC (rev 10016)
@@ -427,7 +427,16 @@
 }
 
 
+WERROR reg_get_sec_desc(TALLOC_CTX *ctx, struct registry_key *key, struct security_descriptor **secdesc)
+{
+	/* A 'real' set function has preference */
+	if (key->hive->functions->key_get_sec_desc) 
+		return key->hive->functions->key_get_sec_desc(ctx, key, secdesc);
 
+	DEBUG(1, ("Backend '%s' doesn't support method get_sec_desc\n", key->hive->functions->name));
+	return WERR_NOT_SUPPORTED;
+}
+
 WERROR reg_del_value(struct registry_key *key, const char *valname)
 {
 	WERROR ret = WERR_OK;

Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c
===================================================================
--- branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c	2005-09-03 22:58:04 UTC (rev 10015)
+++ branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c	2005-09-03 23:23:14 UTC (rev 10016)
@@ -21,6 +21,7 @@
 #include "registry.h"
 #include "system/filesys.h"
 #include "lib/registry/tdr_regf.h"
+#include "librpc/gen_ndr/ndr_security.h"
 
 /*
  * Read HBIN blocks into memory
@@ -251,6 +252,51 @@
 	return WERR_OK;
 }
 
+static WERROR regf_get_sec_desc(TALLOC_CTX *ctx, struct registry_key *key, struct security_descriptor **sd)
+{
+	struct nk_block *nk = key->backend_data;
+	struct tdr_pull *tdr;
+	struct sk_block sk;
+	DATA_BLOB data;
+
+	data = regf_get_data(key->hive->backend_data, nk->sk_offset);
+	if (!data.data) {
+		DEBUG(0, ("Unable to find security descriptor\n"));
+		return WERR_GENERAL_FAILURE;
+	}
+
+	tdr = talloc_zero(ctx, struct tdr_pull);
+	if (!tdr)
+		return WERR_NOMEM;
+
+	tdr->data = data;
+
+	if (NT_STATUS_IS_ERR(tdr_pull_sk_block(tdr, &sk))) {
+		DEBUG(0, ("Error parsing SK block\n"));
+		return WERR_GENERAL_FAILURE;
+	}
+
+	if (strcmp(sk.header, "sk") != 0) {
+		DEBUG(0, ("Expected 'sk', got '%s'\n", sk.header));
+		return WERR_GENERAL_FAILURE;
+	}
+
+	*sd = talloc(ctx, struct security_descriptor);
+	if (!*sd)
+		return WERR_NOMEM;
+
+	data.data = sk.sec_desc;
+	data.length = sk.rec_size;
+	if (NT_STATUS_IS_ERR(ndr_pull_struct_blob(&data, ctx, *sd, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor))) {
+		DEBUG(0, ("Error parsing security descriptor\n"));
+		return WERR_GENERAL_FAILURE;
+	}
+
+	talloc_free(tdr);
+
+	return WERR_OK;
+}
+
 static WERROR nt_open_hive (struct registry_hive *h, struct registry_key **key)
 {
 	struct regf_data *regf;
@@ -342,6 +388,7 @@
 	.num_values = regf_num_values,
 	.get_subkey_by_index = regf_get_subkey,
 	.get_value_by_index = regf_get_value,
+	.key_get_sec_desc = regf_get_sec_desc,
 };
 
 NTSTATUS registry_nt4_init(void)

Modified: branches/SAMBA_4_0/source/lib/registry/regf.idl
===================================================================
--- branches/SAMBA_4_0/source/lib/registry/regf.idl	2005-09-03 22:58:04 UTC (rev 10015)
+++ branches/SAMBA_4_0/source/lib/registry/regf.idl	2005-09-03 23:23:14 UTC (rev 10016)
@@ -100,9 +100,9 @@
 	} nk_block;
 
 	/* sk (? Security Key ?) is the ACL of the registry. */
-	typedef [noprint,nopush,nopull] struct {
+	typedef [noprint,public] struct {
 		[charset(DOS)] uint8 header[2];
-		uint16 uk1;
+		uint16 tag;
 		uint32 prev_offset;
 		uint32 next_offset;
 		uint32 ref_cnt;

Modified: branches/SAMBA_4_0/source/lib/registry/tools/regtree.c
===================================================================
--- branches/SAMBA_4_0/source/lib/registry/tools/regtree.c	2005-09-03 22:58:04 UTC (rev 10015)
+++ branches/SAMBA_4_0/source/lib/registry/tools/regtree.c	2005-09-03 23:23:14 UTC (rev 10016)
@@ -28,6 +28,7 @@
 {
 	struct registry_key *subkey;
 	struct registry_value *value;
+	struct security_descriptor *sec_desc;
 	WERROR error;
 	int i;
 	TALLOC_CTX *mem_ctx;
@@ -68,9 +69,15 @@
 			DEBUG(0, ("Error occured while fetching values for '%s': %s\n", p->path, win_errstr(error)));
 		}
 	}
+
+	mem_ctx = talloc_init("sec_desc");
+	if (NT_STATUS_IS_ERR(reg_get_sec_desc(mem_ctx, p, &sec_desc))) {
+		DEBUG(0, ("Error getting security descriptor\n"));
+	}
+	talloc_free(mem_ctx);
 }
 
- int main(int argc, char **argv)
+int main(int argc, char **argv)
 {
 	int opt, i;
 	const char *backend = NULL;

