[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-196-gd140d68
Günther Deschner
gd at samba.org
Mon Nov 5 23:55:45 GMT 2007
The branch, v3-2-test has been updated
via d140d68537225b6a6a99be3d9b09354e3f6ad8c9 (commit)
from bf23c4ddff617dd3cd1e2d5cedb1b5c023356dc3 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit d140d68537225b6a6a99be3d9b09354e3f6ad8c9
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 6 00:50:47 2007 +0100
When deleting a key from the registry make sure the non-default
security descriptor gets deleted as well.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/registry/reg_api.c | 11 +++++++----
source/registry/reg_db.c | 15 +++++++++++++++
source/registry/reg_frontend.c | 10 ----------
source/registry/reg_frontend_hilvl.c | 10 ++++++++++
4 files changed, 32 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/registry/reg_api.c b/source/registry/reg_api.c
index 17a0efe..b3d024d 100644
--- a/source/registry/reg_api.c
+++ b/source/registry/reg_api.c
@@ -498,7 +498,7 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path)
TALLOC_CTX *mem_ctx;
char *name, *end;
int num_subkeys;
- struct registry_key *tmp_key;
+ struct registry_key *tmp_key, *key;
if (!(mem_ctx = talloc_init("reg_createkey"))) return WERR_NOMEM;
@@ -508,14 +508,14 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path)
}
/* check if the key has subkeys */
- err = reg_openkey(mem_ctx, parent, name, REG_KEY_READ, &tmp_key);
+ err = reg_openkey(mem_ctx, parent, name, REG_KEY_READ, &key);
if (!W_ERROR_IS_OK(err)) {
goto error;
}
- if (!W_ERROR_IS_OK(err = fill_subkey_cache(tmp_key))) {
+ if (!W_ERROR_IS_OK(err = fill_subkey_cache(key))) {
goto error;
}
- if (tmp_key->subkeys->num_subkeys > 0) {
+ if (key->subkeys->num_subkeys > 0) {
err = WERR_ACCESS_DENIED;
goto error;
}
@@ -556,7 +556,10 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path)
goto error;
}
+ regkey_set_secdesc(key->key, NULL);
+
err = WERR_OK;
+
error:
TALLOC_FREE(mem_ctx);
return err;
diff --git a/source/registry/reg_db.c b/source/registry/reg_db.c
index 8dd61fc..4947b2a 100644
--- a/source/registry/reg_db.c
+++ b/source/registry/reg_db.c
@@ -788,6 +788,21 @@ static WERROR regdb_set_secdesc(const char *key,
}
normalize_dbkey(tdbkey);
+ if (secdesc == NULL) {
+ /* assuming a delete */
+ int tdb_ret;
+
+ tdb_ret = tdb_trans_delete(tdb_reg->tdb,
+ string_term_tdb_data(tdbkey));
+ if (tdb_ret == -1) {
+ err = ntstatus_to_werror(map_nt_error_from_unix(errno));
+ } else {
+ err = WERR_OK;
+ }
+
+ goto done;
+ }
+
err = ntstatus_to_werror(marshall_sec_desc(mem_ctx, secdesc,
&tdbdata.dptr,
&tdbdata.dsize));
diff --git a/source/registry/reg_frontend.c b/source/registry/reg_frontend.c
index 0097239..577df1c 100644
--- a/source/registry/reg_frontend.c
+++ b/source/registry/reg_frontend.c
@@ -101,16 +101,6 @@ WERROR regkey_open_internal( TALLOC_CTX *ctx, REGISTRY_KEY **regkey,
return WERR_OK;
}
-WERROR regkey_set_secdesc(REGISTRY_KEY *key,
- struct security_descriptor *psecdesc)
-{
- if (key->hook && key->hook->ops && key->hook->ops->set_secdesc) {
- return key->hook->ops->set_secdesc(key->name, psecdesc);
- }
-
- return WERR_ACCESS_DENIED;
-}
-
/*
* Utility function to create a registry key without opening the hive
* before. Assumes the hive already exists.
diff --git a/source/registry/reg_frontend_hilvl.c b/source/registry/reg_frontend_hilvl.c
index 08429c6..a4b78b2 100644
--- a/source/registry/reg_frontend_hilvl.c
+++ b/source/registry/reg_frontend_hilvl.c
@@ -204,3 +204,13 @@ WERROR regkey_get_secdesc(TALLOC_CTX *mem_ctx, REGISTRY_KEY *key,
*psecdesc = secdesc;
return WERR_OK;
}
+
+WERROR regkey_set_secdesc(REGISTRY_KEY *key,
+ struct security_descriptor *psecdesc)
+{
+ if (key->hook && key->hook->ops && key->hook->ops->set_secdesc) {
+ return key->hook->ops->set_secdesc(key->name, psecdesc);
+ }
+
+ return WERR_ACCESS_DENIED;
+}
--
Samba Shared Repository
More information about the samba-cvs
mailing list