X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=source3%2Futils%2Fnet_registry.c;h=7f97278c8e6953dc0b1ef09edb4b1ad52d86b123;hb=345589d92fd6d6b980f8fa513c1e0ecb3d693644;hp=2378fd3cf8080f2cac009e15b6be3dc82924cb49;hpb=0ae652a5cfa8e13aabd1b943f67e603e78a3b4b0;p=obnox%2Fsamba-ctdb.git diff --git a/source3/utils/net_registry.c b/source3/utils/net_registry.c index 2378fd3cf8..7f97278c8e 100644 --- a/source3/utils/net_registry.c +++ b/source3/utils/net_registry.c @@ -22,7 +22,8 @@ #include "includes.h" #include "utils/net.h" #include "utils/net_registry_util.h" - +#include "include/g_lock.h" +#include "registry/reg_import.h" /* * @@ -411,6 +412,102 @@ done: return ret; } +struct net_registry_increment_state { + const char *keyname; + const char *valuename; + uint32_t increment; + uint32_t newvalue; + WERROR werr; +}; + +static void net_registry_increment_fn(void *private_data) +{ + struct net_registry_increment_state *state = + (struct net_registry_increment_state *)private_data; + struct registry_value *value; + struct registry_key *key = NULL; + + state->werr = open_key(talloc_tos(), state->keyname, + REG_KEY_READ|REG_KEY_WRITE, &key); + if (!W_ERROR_IS_OK(state->werr)) { + d_fprintf(stderr, "open_key failed: %s\n", + win_errstr(state->werr)); + goto done; + } + + state->werr = reg_queryvalue(key, key, state->valuename, &value); + if (!W_ERROR_IS_OK(state->werr)) { + d_fprintf(stderr, "reg_queryvalue failed: %s\n", + win_errstr(state->werr)); + goto done; + } + + if (value->type != REG_DWORD) { + d_fprintf(stderr, "value not a DWORD: %s\n", + reg_type_lookup(value->type)); + goto done; + } + + value->v.dword += state->increment; + state->newvalue = value->v.dword; + + state->werr = reg_setvalue(key, state->valuename, value); + if (!W_ERROR_IS_OK(state->werr)) { + d_fprintf(stderr, "reg_setvalue failed: %s\n", + win_errstr(state->werr)); + goto done; + } + +done: + TALLOC_FREE(key); + return; +} + +static int net_registry_increment(struct net_context *c, int argc, + const char **argv) +{ + struct net_registry_increment_state state; + NTSTATUS status; + int ret = -1; + + if (argc < 2 || c->display_usage) { + d_fprintf(stderr, "%s\n%s", + "Usage:", + "net registry increment " + "[]\n"); + goto done; + } + + state.keyname = argv[0]; + state.valuename = argv[1]; + + state.increment = 1; + if (argc == 3) { + state.increment = strtoul(argv[2], NULL, 10); + } + + status = g_lock_do("registry_increment_lock", G_LOCK_WRITE, + timeval_set(600, 0), + net_registry_increment_fn, &state); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "g_lock_do failed: %s\n", + nt_errstr(status)); + goto done; + } + if (!W_ERROR_IS_OK(state.werr)) { + d_fprintf(stderr, "increment failed: %s\n", + win_errstr(state.werr)); + goto done; + } + + d_printf("new value: %u\n", (unsigned)state.newvalue); + + ret = 0; + +done: + return ret; +} + static int net_registry_deletevalue(struct net_context *c, int argc, const char **argv) { @@ -445,13 +542,13 @@ done: return ret; } -static int net_registry_getsd(struct net_context *c, int argc, - const char **argv) +static WERROR net_registry_getsd_internal(struct net_context *c, + TALLOC_CTX *mem_ctx, + const char *keyname, + struct security_descriptor **sd) { WERROR werr; - int ret = -1; struct registry_key *key = NULL; - struct security_descriptor *secdesc = NULL; TALLOC_CTX *ctx = talloc_stackframe(); uint32_t access_mask = REG_KEY_READ | SEC_FLAG_MAXIMUM_ALLOWED | @@ -463,31 +560,163 @@ static int net_registry_getsd(struct net_context *c, int argc, */ access_mask = REG_KEY_READ; + if (sd == NULL) { + d_fprintf(stderr, "internal error: invalid argument\n"); + werr = WERR_INVALID_PARAM; + goto done; + } + + if (strlen(keyname) == 0) { + d_fprintf(stderr, "error: zero length key name given\n"); + werr = WERR_INVALID_PARAM; + goto done; + } + + werr = open_key(ctx, keyname, access_mask, &key); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "open_key failed: %s\n", win_errstr(werr)); + goto done; + } + + werr = reg_getkeysecurity(mem_ctx, key, sd); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "reg_getkeysecurity failed: %s\n", + win_errstr(werr)); + goto done; + } + + werr = WERR_OK; + +done: + TALLOC_FREE(ctx); + return werr; +} + +static int net_registry_getsd(struct net_context *c, int argc, + const char **argv) +{ + WERROR werr; + int ret = -1; + struct security_descriptor *secdesc = NULL; + TALLOC_CTX *ctx = talloc_stackframe(); + if (argc != 1 || c->display_usage) { d_printf("Usage: net registry getsd \n"); d_printf("Example: net registry getsd " "'HKLM\\Software\\Samba'\n"); goto done; } - if (strlen(argv[0]) == 0) { + + werr = net_registry_getsd_internal(c, ctx, argv[0], &secdesc); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + display_sec_desc(secdesc); + + ret = 0; + +done: + TALLOC_FREE(ctx); + return ret; +} + +static int net_registry_getsd_sddl(struct net_context *c, + int argc, const char **argv) +{ + WERROR werr; + int ret = -1; + struct security_descriptor *secdesc = NULL; + TALLOC_CTX *ctx = talloc_stackframe(); + + if (argc != 1 || c->display_usage) { + d_printf("Usage: net registry getsd_sddl \n"); + d_printf("Example: net registry getsd_sddl 'HKLM\\Software\\Samba'\n"); + goto done; + } + + werr = net_registry_getsd_internal(c, ctx, argv[0], &secdesc); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + d_printf("%s\n", sddl_encode(ctx, secdesc, get_global_sam_sid())); + + ret = 0; + +done: + TALLOC_FREE(ctx); + return ret; +} + +static WERROR net_registry_setsd_internal(struct net_context *c, + TALLOC_CTX *mem_ctx, + const char *keyname, + struct security_descriptor *sd) +{ + WERROR werr; + struct registry_key *key = NULL; + TALLOC_CTX *ctx = talloc_stackframe(); + uint32_t access_mask = REG_KEY_WRITE | + SEC_FLAG_MAXIMUM_ALLOWED | + SEC_FLAG_SYSTEM_SECURITY; + + /* + * net_rpc_regsitry uses SEC_FLAG_SYSTEM_SECURITY, but access + * is denied with these perms right now... + */ + access_mask = REG_KEY_WRITE; + + if (strlen(keyname) == 0) { d_fprintf(stderr, "error: zero length key name given\n"); + werr = WERR_INVALID_PARAM; goto done; } - werr = open_key(ctx, argv[0], access_mask, &key); + werr = open_key(ctx, keyname, access_mask, &key); if (!W_ERROR_IS_OK(werr)) { d_fprintf(stderr, "open_key failed: %s\n", win_errstr(werr)); goto done; } - werr = reg_getkeysecurity(ctx, key, &secdesc); + werr = reg_setkeysecurity(key, sd); if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, "reg_getkeysecurity failed: %s\n", + d_fprintf(stderr, "reg_setkeysecurity failed: %s\n", win_errstr(werr)); goto done; } - display_sec_desc(secdesc); + werr = WERR_OK; + +done: + TALLOC_FREE(ctx); + return werr; +} + +static int net_registry_setsd_sddl(struct net_context *c, + int argc, const char **argv) +{ + WERROR werr; + int ret = -1; + struct security_descriptor *secdesc = NULL; + TALLOC_CTX *ctx = talloc_stackframe(); + + if (argc != 2 || c->display_usage) { + d_printf("Usage: net registry setsd_sddl \n"); + d_printf("Example:\n" + "net registry setsd_sddl 'HKLM\\Software\\Samba'\n"); + goto done; + } + + secdesc = sddl_decode(ctx, argv[1], get_global_sam_sid()); + if (secdesc == NULL) { + goto done; + } + + werr = net_registry_setsd_internal(c, ctx, argv[0], secdesc); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } ret = 0; @@ -496,6 +725,198 @@ done: return ret; } +/******************************************************************************/ +/** + * @defgroup net_registry net registry + */ + +/** + * @defgroup net_registry_import Import + * @ingroup net_registry + * @{ + */ + +struct import_ctx { + TALLOC_CTX *mem_ctx; +}; + + +static WERROR import_create_key(struct import_ctx* ctx, + struct registry_key* parent, + const char* name, void** pkey, bool* existing) +{ + WERROR werr; + void* mem_ctx = talloc_new(ctx->mem_ctx); + + struct registry_key* key = NULL; + enum winreg_CreateAction action; + + if (parent == NULL) { + char* subkeyname = NULL; + werr = open_hive(mem_ctx, name, REG_KEY_WRITE, + &parent, &subkeyname); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "open_hive failed: %s\n", + win_errstr(werr)); + goto done; + } + name = subkeyname; + } + + action = REG_ACTION_NONE; + werr = reg_createkey(mem_ctx, parent, name, REG_KEY_WRITE, + &key, &action); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "reg_createkey failed: %s\n", + win_errstr(werr)); + goto done; + } + + if (action == REG_ACTION_NONE) { + d_fprintf(stderr, "createkey did nothing -- huh?\n"); + werr = WERR_FOOBAR; + goto done; + } + + if (existing != NULL) { + *existing = (action == REG_OPENED_EXISTING_KEY); + } + + if (pkey!=NULL) { + *pkey = talloc_steal(ctx->mem_ctx, key); + } + +done: + talloc_free(mem_ctx); + return werr; +} + +static WERROR import_close_key(struct import_ctx* ctx, + struct registry_key* key) +{ + return WERR_OK; +} + +static WERROR import_delete_key(struct import_ctx* ctx, + struct registry_key* parent, const char* name) +{ + WERROR werr; + void* mem_ctx = talloc_new(talloc_tos()); + + if (parent == NULL) { + char* subkeyname = NULL; + werr = open_hive(mem_ctx, name, REG_KEY_WRITE, + &parent, &subkeyname); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "open_hive failed: %s\n", + win_errstr(werr)); + goto done; + } + name = subkeyname; + } + + werr = reg_deletekey_recursive(mem_ctx, parent, name); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "reg_deletekey_recursive %s: %s\n", "failed", + win_errstr(werr)); + goto done; + } + +done: + talloc_free(mem_ctx); + return werr; +} + +static WERROR import_create_val (struct import_ctx* ctx, + struct registry_key* parent, const char* name, + const struct registry_value* value) +{ + WERROR werr; + + if (parent == NULL) { + return WERR_INVALID_PARAM; + } + + werr = reg_setvalue(parent, name, value); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "reg_setvalue failed: %s\n", + win_errstr(werr)); + } + return werr; +} + +static WERROR import_delete_val (struct import_ctx* ctx, struct registry_key* parent, const char* name) { + WERROR werr; + + if (parent == NULL) { + return WERR_INVALID_PARAM; + } + + werr = reg_deletevalue(parent, name); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "reg_deletekey failed: %s\n", + win_errstr(werr)); + } + + return werr; +} + + +static int net_registry_import(struct net_context *c, int argc, + const char **argv) +{ + struct import_ctx import_ctx; + struct reg_import_callback import_callback = { + .openkey = NULL, + .closekey = (reg_import_callback_closekey_t)&import_close_key, + .createkey = (reg_import_callback_createkey_t)&import_create_key, + .deletekey = (reg_import_callback_deletekey_t)&import_delete_key, + .deleteval = (reg_import_callback_deleteval_t)&import_delete_val, + .setval.registry_value = (reg_import_callback_setval_registry_value_t) + &import_create_val, + .setval_type = REGISTRY_VALUE, + .data = &import_ctx + }; + + int ret; + + if (argc < 1 || argc > 2 || c->display_usage) { + d_printf("%s\n%s", + "Usage:", + "net registry import [options]\n"); + d_printf("%s\n%s", + "Example:", + "net registry import file.reg enc=CP1252\n"); + return -1; + } + + ZERO_STRUCT(import_ctx); + import_ctx.mem_ctx = talloc_stackframe(); + + regdb_open(); + regdb_transaction_start(); + + ret = reg_parse_file(argv[0], + reg_import_adapter(import_ctx.mem_ctx, + import_callback), + (argc > 1) ? argv[1] : NULL + ); + if (ret < 0) { + d_printf("reg_parse_file failed: transaction canceled\n"); + regdb_transaction_cancel(); + } else{ + regdb_transaction_commit(); + } + + regdb_close(); + talloc_free(import_ctx.mem_ctx); + + return ret; +} +/**@}*/ + +/******************************************************************************/ + int net_registry(struct net_context *c, int argc, const char **argv) { int ret = -1; @@ -557,6 +978,14 @@ int net_registry(struct net_context *c, int argc, const char **argv) "net registry setvalue\n" " Set a new registry value" }, + { + "increment", + net_registry_increment, + NET_TRANSPORT_LOCAL, + "Increment a DWORD registry value under a lock", + "net registry increment\n" + " Increment a DWORD registry value under a lock" + }, { "deletevalue", net_registry_deletevalue, @@ -573,6 +1002,30 @@ int net_registry(struct net_context *c, int argc, const char **argv) "net registry getsd\n" " Get security descriptor" }, + { + "getsd_sddl", + net_registry_getsd_sddl, + NET_TRANSPORT_LOCAL, + "Get security descriptor in sddl format", + "net registry getsd_sddl\n" + " Get security descriptor in sddl format" + }, + { + "setsd_sddl", + net_registry_setsd_sddl, + NET_TRANSPORT_LOCAL, + "Set security descriptor from sddl format string", + "net registry setsd_sddl\n" + " Set security descriptor from sddl format string" + }, + { + "import", + net_registry_import, + NET_TRANSPORT_LOCAL, + "Import .reg file", + "net registry import\n" + " Import .reg file" + }, { NULL, NULL, 0, NULL, NULL } };