From: Michael Adam <obnox@samba.org>
Date: Mon, 23 Apr 2012 14:44:15 +0000 (+0200)
Subject: s3:registry: replace call to reg_openkey() in reg_createkey() by accesscheck. (cherry... 
X-Git-Url: http://git.samba.org/?p=ddiss%2Fsamba.git;a=commitdiff_plain;h=2b29bfcf593aa8a80e1e4cab1d344f5a70036c6e

s3:registry: replace call to reg_openkey() in reg_createkey() by accesscheck. (cherry picked from commit c1cc15c33be8926ffef173b514d0fb260292d9a3)
---

diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c
index 0363ca4fed7..55e364feae9 100644
--- a/source3/registry/reg_api.c
+++ b/source3/registry/reg_api.c
@@ -557,6 +557,7 @@ WERROR reg_createkey(TALLOC_CTX *ctx, struct registry_key *parent,
 	TALLOC_CTX *mem_ctx;
 	char *path, *end;
 	WERROR err;
+	uint32_t access_granted;
 
 	mem_ctx = talloc_new(ctx);
 	if (mem_ctx == NULL) {
@@ -617,14 +618,15 @@ WERROR reg_createkey(TALLOC_CTX *ctx, struct registry_key *parent,
 	}
 
 	/*
-	 * We have to make a copy of the current key, as we opened it only
-	 * with ENUM_SUBKEY access.
+	 * We may (e.g. in the iteration) have opened the key with ENUM_SUBKEY.
+	 * Instead of re-opening the key with CREATE_SUB_KEY, we simply
+	 * duplicate the access check here and skip the expensive full open.
 	 */
-
-	err = reg_openkey(mem_ctx, key, "", KEY_CREATE_SUB_KEY,
-			  &create_parent);
-	if (!W_ERROR_IS_OK(err)) {
-		goto trans_done;
+	if (!regkey_access_check(key->key, KEY_CREATE_SUB_KEY, &access_granted,
+				 key->token))
+	{
+		err = WERR_ACCESS_DENIED;
+		goto done;
 	}
 
 	/*
@@ -640,7 +642,7 @@ WERROR reg_createkey(TALLOC_CTX *ctx, struct registry_key *parent,
 	 * Now open the newly created key
 	 */
 
-	err = reg_openkey(ctx, create_parent, path, desired_access, pkey);
+	err = reg_openkey(ctx, key, path, desired_access, pkey);
 	if (W_ERROR_IS_OK(err) && (paction != NULL)) {
 		*paction = REG_CREATED_NEW_KEY;
 	}