2 Samba CIFS implementation
3 Registry backend for REGF files
4 Copyright (C) 2005-2007 Jelmer Vernooij, jelmer@samba.org
5 Copyright (C) 2006 Wilco Baan Hofman, wilco@baanhofman.nl
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>. */
21 #include "system/filesys.h"
22 #include "system/time.h"
23 #include "lib/registry/tdr_regf.h"
24 #include "librpc/gen_ndr/ndr_security.h"
25 #include "librpc/gen_ndr/winreg.h"
26 #include "lib/registry/registry.h"
27 #include "libcli/security/security.h"
30 static struct hive_operations reg_backend_regf
;
33 * There are several places on the web where the REGF format is explained;
39 * - Return error codes that make more sense
41 * - do more things in-memory
45 * Read HBIN blocks into memory
50 struct hbin_block
**hbins
;
51 struct regf_hdr
*header
;
52 struct smb_iconv_convenience
*iconv_convenience
;
55 static WERROR
regf_save_hbin(struct regf_data
*data
);
57 struct regf_key_data
{
59 struct regf_data
*hive
;
64 static struct hbin_block
*hbin_by_offset(const struct regf_data
*data
,
65 uint32_t offset
, uint32_t *rel_offset
)
69 for (i
= 0; data
->hbins
[i
]; i
++) {
70 if (offset
>= data
->hbins
[i
]->offset_from_first
&&
71 offset
< data
->hbins
[i
]->offset_from_first
+
72 data
->hbins
[i
]->offset_to_next
) {
73 if (rel_offset
!= NULL
)
74 *rel_offset
= offset
- data
->hbins
[i
]->offset_from_first
- 0x20;
75 return data
->hbins
[i
];
83 * Validate a regf header
84 * For now, do nothing, but we should check the checksum
86 static uint32_t regf_hdr_checksum(const uint8_t *buffer
)
88 uint32_t checksum
= 0, x
;
91 for (i
= 0; i
< 0x01FB; i
+= 4) {
100 * Obtain the contents of a HBIN block
102 static DATA_BLOB
hbin_get(const struct regf_data
*data
, uint32_t offset
)
105 struct hbin_block
*hbin
;
111 hbin
= hbin_by_offset(data
, offset
, &rel_offset
);
114 DEBUG(1, ("Can't find HBIN containing 0x%04x\n", offset
));
118 ret
.length
= IVAL(hbin
->data
, rel_offset
);
119 if (!(ret
.length
& 0x80000000)) {
120 DEBUG(0, ("Trying to use dirty block at 0x%04x\n", offset
));
124 /* remove high bit */
125 ret
.length
= (ret
.length
^ 0xffffffff) + 1;
127 ret
.length
-= 4; /* 4 bytes for the length... */
128 ret
.data
= hbin
->data
+
129 (offset
- hbin
->offset_from_first
- 0x20) + 4;
134 static bool hbin_get_tdr(struct regf_data
*regf
, uint32_t offset
,
135 TALLOC_CTX
*ctx
, tdr_pull_fn_t pull_fn
, void *p
)
137 struct tdr_pull
*pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
139 pull
->data
= hbin_get(regf
, offset
);
140 if (!pull
->data
.data
) {
141 DEBUG(1, ("Unable to get data at 0x%04x\n", offset
));
146 if (NT_STATUS_IS_ERR(pull_fn(pull
, ctx
, p
))) {
147 DEBUG(1, ("Error parsing record at 0x%04x using tdr\n",
157 /* Allocate some new data */
158 static DATA_BLOB
hbin_alloc(struct regf_data
*data
, uint32_t size
,
162 uint32_t rel_offset
= -1; /* Relative offset ! */
163 struct hbin_block
*hbin
= NULL
;
169 return data_blob(NULL
, 0);
171 size
+= 4; /* Need to include int32 for the length */
173 /* Allocate as a multiple of 8 */
174 size
= (size
+ 7) & ~7;
179 for (i
= 0; (hbin
= data
->hbins
[i
]); i
++) {
182 for (j
= 0; j
< hbin
->offset_to_next
-0x20; j
+= my_size
) {
183 my_size
= IVALS(hbin
->data
, j
);
185 if (my_size
== 0x0) {
186 DEBUG(0, ("Invalid zero-length block! File is corrupt.\n"));
190 if (my_size
% 8 != 0) {
191 DEBUG(0, ("Encountered non-aligned block!\n"));
194 if (my_size
< 0) { /* Used... */
196 } else if (my_size
== size
) { /* exact match */
198 DEBUG(4, ("Found free block of exact size %d in middle of HBIN\n",
201 } else if (my_size
> size
) { /* data will remain */
203 /* Split this block and mark the next block as free */
204 SIVAL(hbin
->data
, rel_offset
+size
, my_size
-size
);
205 DEBUG(4, ("Found free block of size %d (needing %d) in middle of HBIN\n",
211 if (rel_offset
!= -1)
215 /* No space available in previous hbins,
216 * allocate new one */
217 if (data
->hbins
[i
] == NULL
) {
218 DEBUG(4, ("No space available in other HBINs for block of size %d, allocating new HBIN\n",
220 data
->hbins
= talloc_realloc(data
, data
->hbins
,
221 struct hbin_block
*, i
+2);
222 hbin
= talloc(data
->hbins
, struct hbin_block
);
223 SMB_ASSERT(hbin
!= NULL
);
225 data
->hbins
[i
] = hbin
;
226 data
->hbins
[i
+1] = NULL
;
228 hbin
->HBIN_ID
= talloc_strdup(hbin
, "hbin");
229 hbin
->offset_from_first
= (i
== 0?0:data
->hbins
[i
-1]->offset_from_first
+data
->hbins
[i
-1]->offset_to_next
);
230 hbin
->offset_to_next
= 0x1000;
231 hbin
->unknown
[0] = 0;
232 hbin
->unknown
[0] = 0;
233 unix_to_nt_time(&hbin
->last_change
, time(NULL
));
234 hbin
->block_size
= hbin
->offset_to_next
;
235 hbin
->data
= talloc_zero_array(hbin
, uint8_t, hbin
->block_size
- 0x20);
238 SIVAL(hbin
->data
, size
, hbin
->block_size
- size
- 0x20);
241 /* Set size and mark as used */
242 SIVAL(hbin
->data
, rel_offset
, -size
);
244 ret
.data
= hbin
->data
+ rel_offset
+ 0x4; /* Skip past length */
245 ret
.length
= size
- 0x4;
247 uint32_t new_rel_offset
;
248 *offset
= hbin
->offset_from_first
+ rel_offset
+ 0x20;
249 SMB_ASSERT(hbin_by_offset(data
, *offset
, &new_rel_offset
) == hbin
);
250 SMB_ASSERT(new_rel_offset
== rel_offset
);
256 /* Store a data blob. Return the offset at which it was stored */
257 static uint32_t hbin_store (struct regf_data
*data
, DATA_BLOB blob
)
260 DATA_BLOB dest
= hbin_alloc(data
, blob
.length
, &ret
);
262 memcpy(dest
.data
, blob
.data
, blob
.length
);
264 /* Make sure that we have no tailing garbage in the block */
265 if (dest
.length
> blob
.length
) {
266 memset(dest
.data
+ blob
.length
, 0, dest
.length
- blob
.length
);
272 static uint32_t hbin_store_tdr(struct regf_data
*data
,
273 tdr_push_fn_t push_fn
, void *p
)
275 struct tdr_push
*push
= tdr_push_init(data
, data
->iconv_convenience
);
278 if (NT_STATUS_IS_ERR(push_fn(push
, p
))) {
279 DEBUG(0, ("Error during push\n"));
283 ret
= hbin_store(data
, push
->data
);
291 /* Free existing data */
292 static void hbin_free (struct regf_data
*data
, uint32_t offset
)
297 struct hbin_block
*hbin
;
299 SMB_ASSERT (offset
> 0);
301 hbin
= hbin_by_offset(data
, offset
, &rel_offset
);
306 /* Get original size */
307 size
= IVALS(hbin
->data
, rel_offset
);
310 DEBUG(1, ("Trying to free already freed block at 0x%04x\n",
317 /* If the next block is free, merge into big free block */
318 if (rel_offset
+ size
< hbin
->offset_to_next
) {
319 next_size
= IVALS(hbin
->data
, rel_offset
+size
);
325 /* Write block size */
326 SIVALS(hbin
->data
, rel_offset
, size
);
330 * Store a data blob data was already stored, but has changed in size
331 * Will try to save it at the current location if possible, otherwise
332 * does a free + store */
333 static uint32_t hbin_store_resize(struct regf_data
*data
,
334 uint32_t orig_offset
, DATA_BLOB blob
)
337 struct hbin_block
*hbin
= hbin_by_offset(data
, orig_offset
,
342 int32_t possible_size
;
345 SMB_ASSERT(orig_offset
> 0);
348 return hbin_store(data
, blob
);
350 /* Get original size */
351 orig_size
= -IVALS(hbin
->data
, rel_offset
);
353 needed_size
= blob
.length
+ 4; /* Add int32 containing length */
354 needed_size
= (needed_size
+ 7) & ~7; /* Align */
356 /* Fits into current allocated block */
357 if (orig_size
>= needed_size
) {
358 memcpy(hbin
->data
+ rel_offset
+ 0x4, blob
.data
, blob
.length
);
359 /* If the difference in size is greater than 0x4, split the block
360 * and free/merge it */
361 if (orig_size
- needed_size
> 0x4) {
362 SIVALS(hbin
->data
, rel_offset
, -needed_size
);
363 SIVALS(hbin
->data
, rel_offset
+ needed_size
,
364 needed_size
-orig_size
);
365 hbin_free(data
, orig_offset
+ needed_size
);
370 possible_size
= orig_size
;
372 /* Check if it can be combined with the next few free records */
373 for (i
= rel_offset
; i
< hbin
->offset_to_next
- 0x20; i
+= my_size
) {
374 if (IVALS(hbin
->data
, i
) < 0) /* Used */
377 my_size
= IVALS(hbin
->data
, i
);
379 if (my_size
== 0x0) {
380 DEBUG(0, ("Invalid zero-length block! File is corrupt.\n"));
383 possible_size
+= my_size
;
386 if (possible_size
>= blob
.length
) {
387 SIVAL(hbin
->data
, rel_offset
, -possible_size
);
388 memcpy(hbin
->data
+ rel_offset
+ 0x4,
389 blob
.data
, blob
.length
);
394 hbin_free(data
, orig_offset
);
395 return hbin_store(data
, blob
);
398 static uint32_t hbin_store_tdr_resize(struct regf_data
*regf
,
399 tdr_push_fn_t push_fn
,
400 uint32_t orig_offset
, void *p
)
402 struct tdr_push
*push
= tdr_push_init(regf
, regf
->iconv_convenience
);
405 if (NT_STATUS_IS_ERR(push_fn(push
, p
))) {
406 DEBUG(0, ("Error during push\n"));
410 ret
= hbin_store_resize(regf
, orig_offset
, push
->data
);
417 static uint32_t regf_create_lh_hash(const char *name
)
423 hash_name
= strupper_talloc(NULL
, name
);
424 for (i
= 0; *(hash_name
+ i
) != 0; i
++) {
426 ret
+= *(hash_name
+ i
);
428 talloc_free(hash_name
);
432 static WERROR
regf_get_info(TALLOC_CTX
*mem_ctx
,
433 const struct hive_key
*key
,
434 const char **classname
,
435 uint32_t *num_subkeys
,
436 uint32_t *num_values
,
437 NTTIME
*last_mod_time
,
438 uint32_t *max_subkeynamelen
,
439 uint32_t *max_valnamelen
,
440 uint32_t *max_valbufsize
)
442 const struct regf_key_data
*private_data
=
443 (const struct regf_key_data
*)key
;
445 if (num_subkeys
!= NULL
)
446 *num_subkeys
= private_data
->nk
->num_subkeys
;
448 if (num_values
!= NULL
)
449 *num_values
= private_data
->nk
->num_values
;
451 if (classname
!= NULL
) {
452 if (private_data
->nk
->clsname_offset
!= -1) {
453 DATA_BLOB data
= hbin_get(private_data
->hive
,
454 private_data
->nk
->clsname_offset
);
455 *classname
= talloc_strndup(mem_ctx
,
457 private_data
->nk
->clsname_length
);
462 /* TODO: Last mod time */
464 /* TODO: max valnamelen */
466 /* TODO: max valbufsize */
468 /* TODO: max subkeynamelen */
473 static struct regf_key_data
*regf_get_key(TALLOC_CTX
*ctx
,
474 struct regf_data
*regf
,
478 struct regf_key_data
*ret
;
480 ret
= talloc_zero(ctx
, struct regf_key_data
);
481 ret
->key
.ops
= ®_backend_regf
;
482 ret
->hive
= talloc_reference(ret
, regf
);
483 ret
->offset
= offset
;
484 nk
= talloc(ret
, struct nk_block
);
490 if (!hbin_get_tdr(regf
, offset
, nk
,
491 (tdr_pull_fn_t
)tdr_pull_nk_block
, nk
)) {
492 DEBUG(0, ("Unable to find HBIN data for offset %d\n", offset
));
496 if (strcmp(nk
->header
, "nk") != 0) {
497 DEBUG(0, ("Expected nk record, got %s\n", nk
->header
));
506 static WERROR
regf_get_value(TALLOC_CTX
*ctx
, struct hive_key
*key
,
507 uint32_t idx
, const char **name
,
508 uint32_t *data_type
, DATA_BLOB
*data
)
510 const struct regf_key_data
*private_data
=
511 (const struct regf_key_data
*)key
;
513 struct regf_data
*regf
= private_data
->hive
;
517 if (idx
>= private_data
->nk
->num_values
)
518 return WERR_NO_MORE_ITEMS
;
520 tmp
= hbin_get(regf
, private_data
->nk
->values_offset
);
522 DEBUG(0, ("Unable to find value list\n"));
523 return WERR_GENERAL_FAILURE
;
526 if (tmp
.length
< private_data
->nk
->num_values
* 4) {
527 DEBUG(1, ("Value counts mismatch\n"));
530 vk_offset
= IVAL(tmp
.data
, idx
* 4);
532 vk
= talloc(NULL
, struct vk_block
);
533 W_ERROR_HAVE_NO_MEMORY(vk
);
535 if (!hbin_get_tdr(regf
, vk_offset
, vk
,
536 (tdr_pull_fn_t
)tdr_pull_vk_block
, vk
)) {
537 DEBUG(0, ("Unable to get VK block at %d\n", vk_offset
));
539 return WERR_GENERAL_FAILURE
;
542 /* FIXME: name character set ?*/
544 *name
= talloc_strndup(ctx
, vk
->data_name
, vk
->name_length
);
546 if (data_type
!= NULL
)
547 *data_type
= vk
->data_type
;
549 if (vk
->data_length
& 0x80000000) {
550 vk
->data_length
&=~0x80000000;
551 data
->data
= (uint8_t *)talloc_memdup(ctx
, (uint8_t *)&vk
->data_offset
, vk
->data_length
);
552 data
->length
= vk
->data_length
;
554 *data
= hbin_get(regf
, vk
->data_offset
);
557 if (data
->length
< vk
->data_length
) {
558 DEBUG(1, ("Read data less than indicated data length!\n"));
566 static WERROR
regf_get_value_by_name(TALLOC_CTX
*mem_ctx
,
567 struct hive_key
*key
, const char *name
,
568 uint32_t *type
, DATA_BLOB
*data
)
574 /* FIXME: Do binary search? Is this list sorted at all? */
576 for (i
= 0; W_ERROR_IS_OK(error
= regf_get_value(mem_ctx
, key
, i
,
577 &vname
, type
, data
));
579 if (!strcmp(vname
, name
))
583 if (W_ERROR_EQUAL(error
, WERR_NO_MORE_ITEMS
))
590 static WERROR
regf_get_subkey_by_index(TALLOC_CTX
*ctx
,
591 const struct hive_key
*key
,
592 uint32_t idx
, const char **name
,
593 const char **classname
,
594 NTTIME
*last_mod_time
)
597 struct regf_key_data
*ret
;
598 const struct regf_key_data
*private_data
= (const struct regf_key_data
*)key
;
599 struct nk_block
*nk
= private_data
->nk
;
602 if (idx
>= nk
->num_subkeys
)
603 return WERR_NO_MORE_ITEMS
;
605 data
= hbin_get(private_data
->hive
, nk
->subkeys_offset
);
607 DEBUG(0, ("Unable to find subkey list\n"));
608 return WERR_GENERAL_FAILURE
;
611 if (!strncmp((char *)data
.data
, "li", 2)) {
613 struct tdr_pull
*pull
= tdr_pull_init(private_data
->hive
, private_data
->hive
->iconv_convenience
);
615 DEBUG(10, ("Subkeys in LI list\n"));
618 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull
, nk
, &li
))) {
619 DEBUG(0, ("Error parsing LI list\n"));
621 return WERR_GENERAL_FAILURE
;
624 SMB_ASSERT(!strncmp(li
.header
, "li", 2));
626 if (li
.key_count
!= nk
->num_subkeys
) {
627 DEBUG(0, ("Subkey counts don't match\n"));
628 return WERR_GENERAL_FAILURE
;
630 key_off
= li
.nk_offset
[idx
];
632 } else if (!strncmp((char *)data
.data
, "lf", 2)) {
634 struct tdr_pull
*pull
= tdr_pull_init(private_data
->hive
, private_data
->hive
->iconv_convenience
);
636 DEBUG(10, ("Subkeys in LF list\n"));
639 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull
, nk
, &lf
))) {
640 DEBUG(0, ("Error parsing LF list\n"));
642 return WERR_GENERAL_FAILURE
;
645 SMB_ASSERT(!strncmp(lf
.header
, "lf", 2));
647 if (lf
.key_count
!= nk
->num_subkeys
) {
648 DEBUG(0, ("Subkey counts don't match\n"));
649 return WERR_GENERAL_FAILURE
;
652 key_off
= lf
.hr
[idx
].nk_offset
;
653 } else if (!strncmp((char *)data
.data
, "lh", 2)) {
655 struct tdr_pull
*pull
= tdr_pull_init(private_data
->hive
, private_data
->hive
->iconv_convenience
);
657 DEBUG(10, ("Subkeys in LH list\n"));
660 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull
, nk
, &lh
))) {
661 DEBUG(0, ("Error parsing LH list\n"));
663 return WERR_GENERAL_FAILURE
;
666 SMB_ASSERT(!strncmp(lh
.header
, "lh", 2));
668 if (lh
.key_count
!= nk
->num_subkeys
) {
669 DEBUG(0, ("Subkey counts don't match\n"));
670 return WERR_GENERAL_FAILURE
;
672 key_off
= lh
.hr
[idx
].nk_offset
;
673 } else if (!strncmp((char *)data
.data
, "ri", 2)) {
675 struct tdr_pull
*pull
= tdr_pull_init(ctx
, private_data
->hive
->iconv_convenience
);
677 uint16_t sublist_count
= 0;
679 DEBUG(10, ("Subkeys in RI list\n"));
682 if (NT_STATUS_IS_ERR(tdr_pull_ri_block(pull
, nk
, &ri
))) {
683 DEBUG(0, ("Error parsing RI list\n"));
685 return WERR_GENERAL_FAILURE
;
687 SMB_ASSERT(!strncmp(ri
.header
, "ri", 2));
689 for (i
= 0; i
< ri
.key_count
; i
++) {
692 /* Get sublist data blob */
693 list_data
= hbin_get(private_data
->hive
, ri
.offset
[i
]);
694 if (!list_data
.data
) {
695 DEBUG(0, ("Error getting RI list."));
697 return WERR_GENERAL_FAILURE
;
700 pull
->data
= list_data
;
702 if (!strncmp((char *)list_data
.data
, "li", 2)) {
705 DEBUG(10, ("Subkeys in RI->LI list\n"));
707 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull
,
710 DEBUG(0, ("Error parsing LI list from RI\n"));
712 return WERR_GENERAL_FAILURE
;
714 SMB_ASSERT(!strncmp(li
.header
, "li", 2));
716 /* Advance to next sublist if necessary */
717 if (idx
>= sublist_count
+ li
.key_count
) {
718 sublist_count
+= li
.key_count
;
721 key_off
= li
.nk_offset
[idx
- sublist_count
];
722 sublist_count
+= li
.key_count
;
724 } else if (!strncmp((char *)list_data
.data
, "lh", 2)) {
727 DEBUG(10, ("Subkeys in RI->LH list\n"));
729 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull
,
732 DEBUG(0, ("Error parsing LH list from RI\n"));
734 return WERR_GENERAL_FAILURE
;
736 SMB_ASSERT(!strncmp(lh
.header
, "lh", 2));
738 /* Advance to next sublist if necessary */
739 if (idx
>= sublist_count
+ lh
.key_count
) {
740 sublist_count
+= lh
.key_count
;
743 key_off
= lh
.hr
[idx
- sublist_count
].nk_offset
;
744 sublist_count
+= lh
.key_count
;
747 DEBUG(0,("Unknown sublist in ri block\n"));
750 return WERR_GENERAL_FAILURE
;
757 if (idx
> sublist_count
) {
758 return WERR_NO_MORE_ITEMS
;
762 DEBUG(0, ("Unknown type for subkey list (0x%04x): %c%c\n",
763 nk
->subkeys_offset
, data
.data
[0], data
.data
[1]));
764 return WERR_GENERAL_FAILURE
;
767 ret
= regf_get_key (ctx
, private_data
->hive
, key_off
);
769 if (classname
!= NULL
) {
770 if (ret
->nk
->clsname_offset
!= -1) {
771 DATA_BLOB db
= hbin_get(ret
->hive
,
772 ret
->nk
->clsname_offset
);
773 *classname
= talloc_strndup(ctx
,
775 ret
->nk
->clsname_length
);
780 if (last_mod_time
!= NULL
)
781 *last_mod_time
= ret
->nk
->last_change
;
784 *name
= talloc_steal(ctx
, ret
->nk
->key_name
);
791 static WERROR
regf_match_subkey_by_name(TALLOC_CTX
*ctx
,
792 const struct hive_key
*key
,
794 const char *name
, uint32_t *ret
)
796 DATA_BLOB subkey_data
;
797 struct nk_block subkey
;
798 struct tdr_pull
*pull
;
799 const struct regf_key_data
*private_data
=
800 (const struct regf_key_data
*)key
;
802 subkey_data
= hbin_get(private_data
->hive
, offset
);
803 if (!subkey_data
.data
) {
804 DEBUG(0, ("Unable to retrieve subkey HBIN\n"));
805 return WERR_GENERAL_FAILURE
;
808 pull
= tdr_pull_init(ctx
, private_data
->hive
->iconv_convenience
);
810 pull
->data
= subkey_data
;
812 if (NT_STATUS_IS_ERR(tdr_pull_nk_block(pull
, ctx
, &subkey
))) {
813 DEBUG(0, ("Error parsing NK structure.\n"));
815 return WERR_GENERAL_FAILURE
;
819 if (strncmp(subkey
.header
, "nk", 2)) {
820 DEBUG(0, ("Not an NK structure.\n"));
821 return WERR_GENERAL_FAILURE
;
824 if (!strcasecmp(subkey
.key_name
, name
)) {
832 static WERROR
regf_get_subkey_by_name(TALLOC_CTX
*ctx
,
833 const struct hive_key
*key
,
835 struct hive_key
**ret
)
838 const struct regf_key_data
*private_data
=
839 (const struct regf_key_data
*)key
;
840 struct nk_block
*nk
= private_data
->nk
;
841 uint32_t key_off
= 0;
843 data
= hbin_get(private_data
->hive
, nk
->subkeys_offset
);
845 DEBUG(0, ("Unable to find subkey list\n"));
846 return WERR_GENERAL_FAILURE
;
849 if (!strncmp((char *)data
.data
, "li", 2)) {
851 struct tdr_pull
*pull
= tdr_pull_init(ctx
, private_data
->hive
->iconv_convenience
);
854 DEBUG(10, ("Subkeys in LI list\n"));
857 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull
, nk
, &li
))) {
858 DEBUG(0, ("Error parsing LI list\n"));
860 return WERR_GENERAL_FAILURE
;
863 SMB_ASSERT(!strncmp(li
.header
, "li", 2));
865 if (li
.key_count
!= nk
->num_subkeys
) {
866 DEBUG(0, ("Subkey counts don't match\n"));
867 return WERR_GENERAL_FAILURE
;
870 for (i
= 0; i
< li
.key_count
; i
++) {
871 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk
, key
,
880 } else if (!strncmp((char *)data
.data
, "lf", 2)) {
882 struct tdr_pull
*pull
= tdr_pull_init(ctx
, private_data
->hive
->iconv_convenience
);
885 DEBUG(10, ("Subkeys in LF list\n"));
888 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull
, nk
, &lf
))) {
889 DEBUG(0, ("Error parsing LF list\n"));
891 return WERR_GENERAL_FAILURE
;
894 SMB_ASSERT(!strncmp(lf
.header
, "lf", 2));
896 if (lf
.key_count
!= nk
->num_subkeys
) {
897 DEBUG(0, ("Subkey counts don't match\n"));
898 return WERR_GENERAL_FAILURE
;
901 for (i
= 0; i
< lf
.key_count
; i
++) {
902 if (strncmp(lf
.hr
[i
].hash
, name
, 4)) {
905 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk
,
915 } else if (!strncmp((char *)data
.data
, "lh", 2)) {
917 struct tdr_pull
*pull
= tdr_pull_init(ctx
, private_data
->hive
->iconv_convenience
);
921 DEBUG(10, ("Subkeys in LH list\n"));
924 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull
, nk
, &lh
))) {
925 DEBUG(0, ("Error parsing LH list\n"));
927 return WERR_GENERAL_FAILURE
;
930 SMB_ASSERT(!strncmp(lh
.header
, "lh", 2));
932 if (lh
.key_count
!= nk
->num_subkeys
) {
933 DEBUG(0, ("Subkey counts don't match\n"));
934 return WERR_GENERAL_FAILURE
;
937 hash
= regf_create_lh_hash(name
);
938 for (i
= 0; i
< lh
.key_count
; i
++) {
939 if (lh
.hr
[i
].base37
!= hash
) {
942 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk
,
952 } else if (!strncmp((char *)data
.data
, "ri", 2)) {
954 struct tdr_pull
*pull
= tdr_pull_init(ctx
, private_data
->hive
->iconv_convenience
);
957 DEBUG(10, ("Subkeys in RI list\n"));
960 if (NT_STATUS_IS_ERR(tdr_pull_ri_block(pull
, nk
, &ri
))) {
961 DEBUG(0, ("Error parsing RI list\n"));
963 return WERR_GENERAL_FAILURE
;
965 SMB_ASSERT(!strncmp(ri
.header
, "ri", 2));
967 for (i
= 0; i
< ri
.key_count
; i
++) {
970 /* Get sublist data blob */
971 list_data
= hbin_get(private_data
->hive
, ri
.offset
[i
]);
972 if (list_data
.data
== NULL
) {
973 DEBUG(0, ("Error getting RI list."));
975 return WERR_GENERAL_FAILURE
;
978 pull
->data
= list_data
;
980 if (!strncmp((char *)list_data
.data
, "li", 2)) {
983 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull
,
986 DEBUG(0, ("Error parsing LI list from RI\n"));
988 return WERR_GENERAL_FAILURE
;
990 SMB_ASSERT(!strncmp(li
.header
, "li", 2));
992 for (j
= 0; j
< li
.key_count
; j
++) {
993 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk
, key
,
1000 } else if (!strncmp((char *)list_data
.data
, "lh", 2)) {
1004 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull
,
1007 DEBUG(0, ("Error parsing LH list from RI\n"));
1009 return WERR_GENERAL_FAILURE
;
1011 SMB_ASSERT(!strncmp(lh
.header
, "lh", 2));
1013 hash
= regf_create_lh_hash(name
);
1014 for (j
= 0; j
< lh
.key_count
; j
++) {
1015 if (lh
.hr
[j
].base37
!= hash
) {
1018 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk
, key
,
1031 return WERR_BADFILE
;
1033 DEBUG(0, ("Unknown subkey list type.\n"));
1034 return WERR_GENERAL_FAILURE
;
1037 *ret
= (struct hive_key
*)regf_get_key(ctx
, private_data
->hive
,
1042 static WERROR
regf_set_sec_desc(struct hive_key
*key
,
1043 const struct security_descriptor
*sec_desc
)
1045 const struct regf_key_data
*private_data
=
1046 (const struct regf_key_data
*)key
;
1047 struct sk_block cur_sk
, sk
, new_sk
;
1048 struct regf_data
*regf
= private_data
->hive
;
1049 struct nk_block root
;
1051 uint32_t sk_offset
, cur_sk_offset
;
1052 bool update_cur_sk
= false;
1054 /* Get the root nk */
1055 hbin_get_tdr(regf
, regf
->header
->data_offset
, regf
,
1056 (tdr_pull_fn_t
) tdr_pull_nk_block
, &root
);
1058 /* Push the security descriptor to a blob */
1059 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_push_struct_blob(&data
, regf
, NULL
,
1060 sec_desc
, (ndr_push_flags_fn_t
)ndr_push_security_descriptor
))) {
1061 DEBUG(0, ("Unable to push security descriptor\n"));
1062 return WERR_GENERAL_FAILURE
;
1065 /* Get the current security descriptor for the key */
1066 if (!hbin_get_tdr(regf
, private_data
->nk
->sk_offset
, regf
,
1067 (tdr_pull_fn_t
) tdr_pull_sk_block
, &cur_sk
)) {
1068 DEBUG(0, ("Unable to find security descriptor for current key\n"));
1069 return WERR_BADFILE
;
1071 /* If there's no change, change nothing. */
1072 if (memcmp(data
.data
, cur_sk
.sec_desc
,
1073 MIN(data
.length
, cur_sk
.rec_size
)) == 0) {
1077 /* Delete the current sk if only this key is using it */
1078 if (cur_sk
.ref_cnt
== 1) {
1079 /* Get the previous security descriptor for the key */
1080 if (!hbin_get_tdr(regf
, cur_sk
.prev_offset
, regf
,
1081 (tdr_pull_fn_t
) tdr_pull_sk_block
, &sk
)) {
1082 DEBUG(0, ("Unable to find prev security descriptor for current key\n"));
1083 return WERR_BADFILE
;
1085 /* Change and store the previous security descriptor */
1086 sk
.next_offset
= cur_sk
.next_offset
;
1087 hbin_store_tdr_resize(regf
, (tdr_push_fn_t
) tdr_push_sk_block
,
1088 cur_sk
.prev_offset
, &sk
);
1090 /* Get the next security descriptor for the key */
1091 if (!hbin_get_tdr(regf
, cur_sk
.next_offset
, regf
,
1092 (tdr_pull_fn_t
) tdr_pull_sk_block
, &sk
)) {
1093 DEBUG(0, ("Unable to find next security descriptor for current key\n"));
1094 return WERR_BADFILE
;
1096 /* Change and store the next security descriptor */
1097 sk
.prev_offset
= cur_sk
.prev_offset
;
1098 hbin_store_tdr_resize(regf
, (tdr_push_fn_t
) tdr_push_sk_block
,
1099 cur_sk
.next_offset
, &sk
);
1101 hbin_free(regf
, private_data
->nk
->sk_offset
);
1103 /* This key will no longer be referring to this sk */
1105 update_cur_sk
= true;
1108 sk_offset
= root
.sk_offset
;
1111 cur_sk_offset
= sk_offset
;
1112 if (!hbin_get_tdr(regf
, sk_offset
, regf
,
1113 (tdr_pull_fn_t
) tdr_pull_sk_block
, &sk
)) {
1114 DEBUG(0, ("Unable to find security descriptor\n"));
1115 return WERR_BADFILE
;
1117 if (memcmp(data
.data
, sk
.sec_desc
, MIN(data
.length
, sk
.rec_size
)) == 0) {
1118 private_data
->nk
->sk_offset
= sk_offset
;
1120 hbin_store_tdr_resize(regf
,
1121 (tdr_push_fn_t
) tdr_push_sk_block
,
1123 hbin_store_tdr_resize(regf
,
1124 (tdr_push_fn_t
) tdr_push_nk_block
,
1125 private_data
->offset
,
1129 sk_offset
= sk
.next_offset
;
1130 } while (sk_offset
!= root
.sk_offset
);
1132 ZERO_STRUCT(new_sk
);
1133 new_sk
.header
= "sk";
1134 new_sk
.prev_offset
= cur_sk_offset
;
1135 new_sk
.next_offset
= root
.sk_offset
;
1137 new_sk
.rec_size
= data
.length
;
1138 new_sk
.sec_desc
= data
.data
;
1140 sk_offset
= hbin_store_tdr(regf
,
1141 (tdr_push_fn_t
) tdr_push_sk_block
,
1143 if (sk_offset
== -1) {
1144 DEBUG(0, ("Error storing sk block\n"));
1145 return WERR_GENERAL_FAILURE
;
1147 private_data
->nk
->sk_offset
= sk_offset
;
1149 if (update_cur_sk
) {
1150 hbin_store_tdr_resize(regf
,
1151 (tdr_push_fn_t
) tdr_push_sk_block
,
1152 private_data
->nk
->sk_offset
, &cur_sk
);
1155 /* Get the previous security descriptor for the key */
1156 if (!hbin_get_tdr(regf
, new_sk
.prev_offset
, regf
,
1157 (tdr_pull_fn_t
) tdr_pull_sk_block
, &sk
)) {
1158 DEBUG(0, ("Unable to find security descriptor for previous key\n"));
1159 return WERR_BADFILE
;
1161 /* Change and store the previous security descriptor */
1162 sk
.next_offset
= sk_offset
;
1163 hbin_store_tdr_resize(regf
,
1164 (tdr_push_fn_t
) tdr_push_sk_block
,
1165 cur_sk
.prev_offset
, &sk
);
1167 /* Get the next security descriptor for the key (always root, as we append) */
1168 if (!hbin_get_tdr(regf
, new_sk
.next_offset
, regf
,
1169 (tdr_pull_fn_t
) tdr_pull_sk_block
, &sk
)) {
1170 DEBUG(0, ("Unable to find security descriptor for current key\n"));
1171 return WERR_BADFILE
;
1173 /* Change and store the next security descriptor (always root, as we append) */
1174 sk
.prev_offset
= sk_offset
;
1175 hbin_store_tdr_resize(regf
,
1176 (tdr_push_fn_t
) tdr_push_sk_block
,
1177 root
.sk_offset
, &sk
);
1181 hbin_store_tdr_resize(regf
,
1182 (tdr_push_fn_t
) tdr_push_sk_block
,
1183 private_data
->offset
, private_data
->nk
);
1187 static WERROR
regf_get_sec_desc(TALLOC_CTX
*ctx
, const struct hive_key
*key
,
1188 struct security_descriptor
**sd
)
1190 const struct regf_key_data
*private_data
=
1191 (const struct regf_key_data
*)key
;
1193 struct regf_data
*regf
= private_data
->hive
;
1196 if (!hbin_get_tdr(regf
, private_data
->nk
->sk_offset
, ctx
,
1197 (tdr_pull_fn_t
) tdr_pull_sk_block
, &sk
)) {
1198 DEBUG(0, ("Unable to find security descriptor\n"));
1199 return WERR_GENERAL_FAILURE
;
1202 if (strcmp(sk
.header
, "sk") != 0) {
1203 DEBUG(0, ("Expected 'sk', got '%s'\n", sk
.header
));
1204 return WERR_GENERAL_FAILURE
;
1207 *sd
= talloc(ctx
, struct security_descriptor
);
1208 W_ERROR_HAVE_NO_MEMORY(*sd
);
1210 data
.data
= sk
.sec_desc
;
1211 data
.length
= sk
.rec_size
;
1212 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_pull_struct_blob(&data
, ctx
, NULL
, *sd
,
1213 (ndr_pull_flags_fn_t
)ndr_pull_security_descriptor
))) {
1214 DEBUG(0, ("Error parsing security descriptor\n"));
1215 return WERR_GENERAL_FAILURE
;
1221 static WERROR
regf_sl_add_entry(struct regf_data
*regf
, uint32_t list_offset
,
1223 uint32_t key_offset
, uint32_t *ret
)
1227 /* Create a new key if necessary */
1228 if (list_offset
== -1) {
1229 if (regf
->header
->version
.major
!= 1) {
1230 DEBUG(0, ("Can't store keys in unknown registry format\n"));
1231 return WERR_NOT_SUPPORTED
;
1233 if (regf
->header
->version
.minor
< 3) {
1240 li
.nk_offset
= talloc_array(regf
, uint32_t, 1);
1241 W_ERROR_HAVE_NO_MEMORY(li
.nk_offset
);
1242 li
.nk_offset
[0] = key_offset
;
1244 *ret
= hbin_store_tdr(regf
,
1245 (tdr_push_fn_t
) tdr_push_li_block
,
1248 talloc_free(li
.nk_offset
);
1249 } else if (regf
->header
->version
.minor
== 3 ||
1250 regf
->header
->version
.minor
== 4) {
1257 lf
.hr
= talloc_array(regf
, struct hash_record
, 1);
1258 W_ERROR_HAVE_NO_MEMORY(lf
.hr
);
1259 lf
.hr
[0].nk_offset
= key_offset
;
1260 lf
.hr
[0].hash
= talloc_strndup(lf
.hr
, name
, 4);
1261 W_ERROR_HAVE_NO_MEMORY(lf
.hr
[0].hash
);
1263 *ret
= hbin_store_tdr(regf
,
1264 (tdr_push_fn_t
) tdr_push_lf_block
,
1268 } else if (regf
->header
->version
.minor
== 5) {
1275 lh
.hr
= talloc_array(regf
, struct lh_hash
, 1);
1276 W_ERROR_HAVE_NO_MEMORY(lh
.hr
);
1277 lh
.hr
[0].nk_offset
= key_offset
;
1278 lh
.hr
[0].base37
= regf_create_lh_hash(name
);
1280 *ret
= hbin_store_tdr(regf
,
1281 (tdr_push_fn_t
) tdr_push_lh_block
,
1289 data
= hbin_get(regf
, list_offset
);
1291 DEBUG(0, ("Unable to find subkey list\n"));
1292 return WERR_BADFILE
;
1295 if (!strncmp((char *)data
.data
, "li", 2)) {
1296 struct tdr_pull
*pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
1301 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull
, regf
, &li
))) {
1302 DEBUG(0, ("Error parsing LI list\n"));
1304 return WERR_BADFILE
;
1308 if (strncmp(li
.header
, "li", 2) != 0) {
1310 DEBUG(0, ("LI header corrupt\n"));
1311 return WERR_BADFILE
;
1314 li
.nk_offset
= talloc_realloc(regf
, li
.nk_offset
,
1315 uint32_t, li
.key_count
+1);
1316 W_ERROR_HAVE_NO_MEMORY(li
.nk_offset
);
1317 li
.nk_offset
[li
.key_count
] = key_offset
;
1319 *ret
= hbin_store_tdr_resize(regf
,
1320 (tdr_push_fn_t
)tdr_push_li_block
,
1323 talloc_free(li
.nk_offset
);
1324 } else if (!strncmp((char *)data
.data
, "lf", 2)) {
1325 struct tdr_pull
*pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
1330 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull
, regf
, &lf
))) {
1331 DEBUG(0, ("Error parsing LF list\n"));
1333 return WERR_BADFILE
;
1336 SMB_ASSERT(!strncmp(lf
.header
, "lf", 2));
1338 lf
.hr
= talloc_realloc(regf
, lf
.hr
, struct hash_record
,
1340 W_ERROR_HAVE_NO_MEMORY(lf
.hr
);
1341 lf
.hr
[lf
.key_count
].nk_offset
= key_offset
;
1342 lf
.hr
[lf
.key_count
].hash
= talloc_strndup(lf
.hr
, name
, 4);
1343 W_ERROR_HAVE_NO_MEMORY(lf
.hr
[lf
.key_count
].hash
);
1345 *ret
= hbin_store_tdr_resize(regf
,
1346 (tdr_push_fn_t
)tdr_push_lf_block
,
1350 } else if (!strncmp((char *)data
.data
, "lh", 2)) {
1351 struct tdr_pull
*pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
1356 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull
, regf
, &lh
))) {
1357 DEBUG(0, ("Error parsing LH list\n"));
1359 return WERR_BADFILE
;
1362 SMB_ASSERT(!strncmp(lh
.header
, "lh", 2));
1364 lh
.hr
= talloc_realloc(regf
, lh
.hr
, struct lh_hash
,
1366 W_ERROR_HAVE_NO_MEMORY(lh
.hr
);
1367 lh
.hr
[lh
.key_count
].nk_offset
= key_offset
;
1368 lh
.hr
[lh
.key_count
].base37
= regf_create_lh_hash(name
);
1370 *ret
= hbin_store_tdr_resize(regf
,
1371 (tdr_push_fn_t
)tdr_push_lh_block
,
1375 } else if (!strncmp((char *)data
.data
, "ri", 2)) {
1377 DEBUG(0, ("Adding to 'ri' subkey list is not supported yet.\n"));
1378 return WERR_NOT_SUPPORTED
;
1380 DEBUG(0, ("Cannot add to unknown subkey list\n"));
1381 return WERR_BADFILE
;
1387 static WERROR
regf_sl_del_entry(struct regf_data
*regf
, uint32_t list_offset
,
1388 uint32_t key_offset
, uint32_t *ret
)
1392 data
= hbin_get(regf
, list_offset
);
1394 DEBUG(0, ("Unable to find subkey list\n"));
1395 return WERR_BADFILE
;
1398 if (strncmp((char *)data
.data
, "li", 2) == 0) {
1400 struct tdr_pull
*pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
1402 bool found_offset
= false;
1404 DEBUG(10, ("Subkeys in LI list\n"));
1408 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull
, regf
, &li
))) {
1409 DEBUG(0, ("Error parsing LI list\n"));
1411 return WERR_BADFILE
;
1415 SMB_ASSERT(!strncmp(li
.header
, "li", 2));
1417 for (i
= 0; i
< li
.key_count
; i
++) {
1419 li
.nk_offset
[i
-1] = li
.nk_offset
[i
];
1421 if (li
.nk_offset
[i
] == key_offset
) {
1422 found_offset
= true;
1426 if (!found_offset
) {
1427 DEBUG(2, ("Subkey not found\n"));
1428 return WERR_BADFILE
;
1432 /* If the there are no entries left, free the subkey list */
1433 if (li
.key_count
== 0) {
1434 hbin_free(regf
, list_offset
);
1438 /* Store li block */
1439 *ret
= hbin_store_tdr_resize(regf
,
1440 (tdr_push_fn_t
) tdr_push_li_block
,
1442 } else if (strncmp((char *)data
.data
, "lf", 2) == 0) {
1444 struct tdr_pull
*pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
1446 bool found_offset
= false;
1448 DEBUG(10, ("Subkeys in LF list\n"));
1452 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull
, regf
, &lf
))) {
1453 DEBUG(0, ("Error parsing LF list\n"));
1455 return WERR_BADFILE
;
1459 SMB_ASSERT(!strncmp(lf
.header
, "lf", 2));
1461 for (i
= 0; i
< lf
.key_count
; i
++) {
1463 lf
.hr
[i
-1] = lf
.hr
[i
];
1466 if (lf
.hr
[i
].nk_offset
== key_offset
) {
1471 if (!found_offset
) {
1472 DEBUG(2, ("Subkey not found\n"));
1473 return WERR_BADFILE
;
1477 /* If the there are no entries left, free the subkey list */
1478 if (lf
.key_count
== 0) {
1479 hbin_free(regf
, list_offset
);
1484 /* Store lf block */
1485 *ret
= hbin_store_tdr_resize(regf
,
1486 (tdr_push_fn_t
) tdr_push_lf_block
,
1488 } else if (strncmp((char *)data
.data
, "lh", 2) == 0) {
1490 struct tdr_pull
*pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
1492 bool found_offset
= false;
1494 DEBUG(10, ("Subkeys in LH list\n"));
1498 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull
, regf
, &lh
))) {
1499 DEBUG(0, ("Error parsing LF list\n"));
1501 return WERR_BADFILE
;
1505 SMB_ASSERT(!strncmp(lh
.header
, "lh", 2));
1507 for (i
= 0; i
< lh
.key_count
; i
++) {
1509 lh
.hr
[i
-1] = lh
.hr
[i
];
1512 if (lh
.hr
[i
].nk_offset
== key_offset
) {
1517 if (!found_offset
) {
1518 DEBUG(0, ("Subkey not found\n"));
1519 return WERR_BADFILE
;
1523 /* If the there are no entries left, free the subkey list */
1524 if (lh
.key_count
== 0) {
1525 hbin_free(regf
, list_offset
);
1530 /* Store lh block */
1531 *ret
= hbin_store_tdr_resize(regf
,
1532 (tdr_push_fn_t
) tdr_push_lh_block
,
1534 } else if (strncmp((char *)data
.data
, "ri", 2) == 0) {
1536 DEBUG(0, ("Sorry, deletion from ri block is not supported yet.\n"));
1537 return WERR_NOT_SUPPORTED
;
1539 DEBUG (0, ("Unknown header found in subkey list.\n"));
1540 return WERR_BADFILE
;
1545 static WERROR
regf_del_value (struct hive_key
*key
, const char *name
)
1547 struct regf_key_data
*private_data
= (struct regf_key_data
*)key
;
1548 struct regf_data
*regf
= private_data
->hive
;
1549 struct nk_block
*nk
= private_data
->nk
;
1552 bool found_offset
= false;
1556 if (nk
->values_offset
== -1) {
1557 return WERR_BADFILE
;
1560 values
= hbin_get(regf
, nk
->values_offset
);
1562 for (i
= 0; i
< nk
->num_values
; i
++) {
1564 ((uint32_t *)values
.data
)[i
-1] = ((uint32_t *) values
.data
)[i
];
1566 vk_offset
= IVAL(values
.data
, i
* 4);
1567 if (!hbin_get_tdr(regf
, vk_offset
, private_data
,
1568 (tdr_pull_fn_t
)tdr_pull_vk_block
,
1570 DEBUG(0, ("Unable to get VK block at %d\n",
1572 return WERR_BADFILE
;
1574 if (strcmp(vk
.data_name
, name
) == 0) {
1575 hbin_free(regf
, vk_offset
);
1576 found_offset
= true;
1580 if (!found_offset
) {
1581 return WERR_BADFILE
;
1584 values
.length
= (nk
->num_values
)*4;
1587 /* Store values list and nk */
1588 if (nk
->num_values
== 0) {
1589 hbin_free(regf
, nk
->values_offset
);
1590 nk
->values_offset
= -1;
1592 nk
->values_offset
= hbin_store_resize(regf
,
1596 hbin_store_tdr_resize(regf
, (tdr_push_fn_t
) tdr_push_nk_block
,
1597 private_data
->offset
, nk
);
1599 return regf_save_hbin(private_data
->hive
);
1603 static WERROR
regf_del_key(const struct hive_key
*parent
, const char *name
)
1605 const struct regf_key_data
*private_data
=
1606 (const struct regf_key_data
*)parent
;
1607 struct regf_key_data
*key
;
1608 struct nk_block
*parent_nk
;
1611 SMB_ASSERT(private_data
);
1613 parent_nk
= private_data
->nk
;
1615 if (parent_nk
->subkeys_offset
== -1) {
1616 DEBUG(4, ("Subkey list is empty, this key cannot contain subkeys.\n"));
1617 return WERR_BADFILE
;
1621 if (!W_ERROR_IS_OK(regf_get_subkey_by_name(parent_nk
, parent
, name
,
1622 (struct hive_key
**)&key
))) {
1623 DEBUG(2, ("Key '%s' not found\n", name
));
1624 return WERR_BADFILE
;
1627 if (key
->nk
->subkeys_offset
!= -1) {
1629 struct hive_key
*sk
= (struct hive_key
*)key
;
1630 unsigned int i
= key
->nk
->num_subkeys
;
1632 /* Get subkey information. */
1633 error
= regf_get_subkey_by_index(parent_nk
, sk
, 0,
1634 (const char **)&sk_name
,
1636 if (!W_ERROR_IS_OK(error
)) {
1637 DEBUG(0, ("Can't retrieve subkey by index.\n"));
1641 /* Delete subkey. */
1642 error
= regf_del_key(sk
, sk_name
);
1643 if (!W_ERROR_IS_OK(error
)) {
1644 DEBUG(0, ("Can't delete key '%s'.\n", sk_name
));
1648 talloc_free(sk_name
);
1652 if (key
->nk
->values_offset
!= -1) {
1654 struct hive_key
*sk
= (struct hive_key
*)key
;
1656 unsigned int i
= key
->nk
->num_values
;
1658 /* Get value information. */
1659 error
= regf_get_value(parent_nk
, sk
, 0,
1660 (const char **)&val_name
,
1662 if (!W_ERROR_IS_OK(error
)) {
1663 DEBUG(0, ("Can't retrieve value by index.\n"));
1668 error
= regf_del_value(sk
, val_name
);
1669 if (!W_ERROR_IS_OK(error
)) {
1670 DEBUG(0, ("Can't delete value '%s'.\n", val_name
));
1674 talloc_free(val_name
);
1678 /* Delete it from the subkey list. */
1679 error
= regf_sl_del_entry(private_data
->hive
, parent_nk
->subkeys_offset
,
1680 key
->offset
, &parent_nk
->subkeys_offset
);
1681 if (!W_ERROR_IS_OK(error
)) {
1682 DEBUG(0, ("Can't store new subkey list for parent key. Won't delete.\n"));
1686 /* Re-store parent key */
1687 parent_nk
->num_subkeys
--;
1688 hbin_store_tdr_resize(private_data
->hive
,
1689 (tdr_push_fn_t
) tdr_push_nk_block
,
1690 private_data
->offset
, parent_nk
);
1692 if (key
->nk
->clsname_offset
!= -1) {
1693 hbin_free(private_data
->hive
, key
->nk
->clsname_offset
);
1695 hbin_free(private_data
->hive
, key
->offset
);
1697 return regf_save_hbin(private_data
->hive
);
1700 static WERROR
regf_add_key(TALLOC_CTX
*ctx
, const struct hive_key
*parent
,
1701 const char *name
, const char *classname
,
1702 struct security_descriptor
*sec_desc
,
1703 struct hive_key
**ret
)
1705 const struct regf_key_data
*private_data
=
1706 (const struct regf_key_data
*)parent
;
1707 struct nk_block
*parent_nk
= private_data
->nk
, nk
;
1708 struct nk_block
*root
;
1709 struct regf_data
*regf
= private_data
->hive
;
1714 nk
.type
= REG_SUB_KEY
;
1715 unix_to_nt_time(&nk
.last_change
, time(NULL
));
1717 nk
.parent_offset
= private_data
->offset
;
1720 nk
.subkeys_offset
= -1;
1721 nk
.unknown_offset
= -1;
1723 nk
.values_offset
= -1;
1724 memset(nk
.unk3
, 0, 5);
1725 nk
.clsname_offset
= -1; /* FIXME: fill in */
1726 nk
.clsname_length
= 0;
1729 /* Get the security descriptor of the root key */
1730 root
= talloc_zero(ctx
, struct nk_block
);
1731 W_ERROR_HAVE_NO_MEMORY(root
);
1733 if (!hbin_get_tdr(regf
, regf
->header
->data_offset
, root
,
1734 (tdr_pull_fn_t
)tdr_pull_nk_block
, root
)) {
1735 DEBUG(0, ("Unable to find HBIN data for offset %d\n",
1736 regf
->header
->data_offset
));
1737 return WERR_GENERAL_FAILURE
;
1739 nk
.sk_offset
= root
->sk_offset
;
1742 /* Store the new nk key */
1743 offset
= hbin_store_tdr(regf
, (tdr_push_fn_t
) tdr_push_nk_block
, &nk
);
1745 error
= regf_sl_add_entry(regf
, parent_nk
->subkeys_offset
, name
, offset
,
1746 &parent_nk
->subkeys_offset
);
1747 if (!W_ERROR_IS_OK(error
)) {
1748 hbin_free(regf
, offset
);
1752 parent_nk
->num_subkeys
++;
1754 /* Since the subkey offset of the parent can change, store it again */
1755 hbin_store_tdr_resize(regf
, (tdr_push_fn_t
) tdr_push_nk_block
,
1756 nk
.parent_offset
, parent_nk
);
1758 *ret
= (struct hive_key
*)regf_get_key(ctx
, regf
, offset
);
1760 return regf_save_hbin(private_data
->hive
);
1763 static WERROR
regf_set_value(struct hive_key
*key
, const char *name
,
1764 uint32_t type
, const DATA_BLOB data
)
1766 struct regf_key_data
*private_data
= (struct regf_key_data
*)key
;
1767 struct regf_data
*regf
= private_data
->hive
;
1768 struct nk_block
*nk
= private_data
->nk
;
1771 uint32_t tmp_vk_offset
, vk_offset
, old_vk_offset
= -1;
1776 /* find the value offset, if it exists */
1777 if (nk
->values_offset
!= -1) {
1778 values
= hbin_get(regf
, nk
->values_offset
);
1780 for (i
= 0; i
< nk
->num_values
; i
++) {
1781 tmp_vk_offset
= IVAL(values
.data
, i
* 4);
1782 if (!hbin_get_tdr(regf
, tmp_vk_offset
, private_data
,
1783 (tdr_pull_fn_t
)tdr_pull_vk_block
,
1785 DEBUG(0, ("Unable to get VK block at %d\n",
1787 return WERR_GENERAL_FAILURE
;
1789 if (strcmp(vk
.data_name
, name
) == 0) {
1790 old_vk_offset
= tmp_vk_offset
;
1796 /* If it's new, create the vk struct, if it's old, free the old data. */
1797 if (old_vk_offset
== -1) {
1799 vk
.name_length
= strlen(name
);
1800 if (name
!= NULL
&& name
[0] != 0) {
1802 vk
.data_name
= name
;
1804 vk
.data_name
= NULL
;
1808 /* Free data, if any */
1809 if (!(vk
.data_length
& 0x80000000)) {
1810 hbin_free(regf
, vk
.data_offset
);
1814 /* Set the type and data */
1815 vk
.data_length
= data
.length
;
1816 vk
.data_type
= type
;
1817 if (type
== REG_DWORD
) {
1818 vk
.data_length
|= 0x80000000;
1819 vk
.data_offset
= IVAL(data
.data
, 0);
1821 /* Store data somewhere */
1822 vk
.data_offset
= hbin_store(regf
, data
);
1824 if (old_vk_offset
== -1) {
1826 vk_offset
= hbin_store_tdr(regf
,
1827 (tdr_push_fn_t
) tdr_push_vk_block
,
1830 /* Store vk at offset */
1831 vk_offset
= hbin_store_tdr_resize(regf
,
1832 (tdr_push_fn_t
) tdr_push_vk_block
,
1833 old_vk_offset
,&vk
);
1836 /* Re-allocate the value list */
1837 if (nk
->values_offset
== -1) {
1838 nk
->values_offset
= hbin_store_tdr(regf
,
1839 (tdr_push_fn_t
) tdr_push_uint32
,
1844 /* Change if we're changing, otherwise we're adding the value */
1845 if (old_vk_offset
!= -1) {
1846 /* Find and overwrite the offset. */
1847 for (i
= 0; i
< nk
->num_values
; i
++) {
1848 if (IVAL(values
.data
, i
* 4) == old_vk_offset
) {
1849 SIVAL(values
.data
, i
* 4, vk_offset
);
1854 /* Create a new value list */
1855 DATA_BLOB value_list
;
1857 value_list
.length
= (nk
->num_values
+1)*4;
1858 value_list
.data
= (uint8_t *)talloc_array(private_data
,
1861 W_ERROR_HAVE_NO_MEMORY(value_list
.data
);
1862 memcpy(value_list
.data
, values
.data
, nk
->num_values
* 4);
1864 SIVAL(value_list
.data
, nk
->num_values
* 4, vk_offset
);
1866 nk
->values_offset
= hbin_store_resize(regf
,
1872 hbin_store_tdr_resize(regf
,
1873 (tdr_push_fn_t
) tdr_push_nk_block
,
1874 private_data
->offset
, nk
);
1875 return regf_save_hbin(private_data
->hive
);
1878 static WERROR
regf_save_hbin(struct regf_data
*regf
)
1880 struct tdr_push
*push
= tdr_push_init(regf
, regf
->iconv_convenience
);
1883 W_ERROR_HAVE_NO_MEMORY(push
);
1885 if (lseek(regf
->fd
, 0, SEEK_SET
) == -1) {
1886 DEBUG(0, ("Error lseeking in regf file\n"));
1887 return WERR_GENERAL_FAILURE
;
1890 /* Recompute checksum */
1891 if (NT_STATUS_IS_ERR(tdr_push_regf_hdr(push
, regf
->header
))) {
1892 DEBUG(0, ("Failed to push regf header\n"));
1893 return WERR_GENERAL_FAILURE
;
1895 regf
->header
->chksum
= regf_hdr_checksum(push
->data
.data
);
1898 if (NT_STATUS_IS_ERR(tdr_push_to_fd(regf
->fd
, regf
->iconv_convenience
,
1899 (tdr_push_fn_t
)tdr_push_regf_hdr
,
1901 DEBUG(0, ("Error writing registry file header\n"));
1902 return WERR_GENERAL_FAILURE
;
1905 if (lseek(regf
->fd
, 0x1000, SEEK_SET
) == -1) {
1906 DEBUG(0, ("Error lseeking to 0x1000 in regf file\n"));
1907 return WERR_GENERAL_FAILURE
;
1910 for (i
= 0; regf
->hbins
[i
]; i
++) {
1911 if (NT_STATUS_IS_ERR(tdr_push_to_fd(regf
->fd
, regf
->iconv_convenience
,
1912 (tdr_push_fn_t
)tdr_push_hbin_block
,
1914 DEBUG(0, ("Error writing HBIN block\n"));
1915 return WERR_GENERAL_FAILURE
;
1922 WERROR
reg_create_regf_file(TALLOC_CTX
*parent_ctx
,
1923 struct smb_iconv_convenience
*iconv_convenience
,
1924 const char *location
,
1925 int minor_version
, struct hive_key
**key
)
1927 struct regf_data
*regf
;
1928 struct regf_hdr
*regf_hdr
;
1933 struct security_descriptor
*sd
;
1936 regf
= (struct regf_data
*)talloc_zero(NULL
, struct regf_data
);
1938 regf
->iconv_convenience
= iconv_convenience
;
1940 W_ERROR_HAVE_NO_MEMORY(regf
);
1942 DEBUG(5, ("Attempting to create registry file\n"));
1944 /* Get the header */
1945 regf
->fd
= creat(location
, 0644);
1947 if (regf
->fd
== -1) {
1948 DEBUG(0,("Could not create file: %s, %s\n", location
,
1951 return WERR_GENERAL_FAILURE
;
1954 regf_hdr
= talloc_zero(regf
, struct regf_hdr
);
1955 W_ERROR_HAVE_NO_MEMORY(regf_hdr
);
1956 regf_hdr
->REGF_ID
= "regf";
1957 unix_to_nt_time(®f_hdr
->modtime
, time(NULL
));
1958 regf_hdr
->version
.major
= 1;
1959 regf_hdr
->version
.minor
= minor_version
;
1960 regf_hdr
->last_block
= 0x1000; /* Block size */
1961 regf_hdr
->description
= talloc_strdup(regf_hdr
,
1962 "Registry created by Samba 4");
1963 W_ERROR_HAVE_NO_MEMORY(regf_hdr
->description
);
1964 regf_hdr
->chksum
= 0;
1966 regf
->header
= regf_hdr
;
1968 /* Create all hbin blocks */
1969 regf
->hbins
= talloc_array(regf
, struct hbin_block
*, 1);
1970 W_ERROR_HAVE_NO_MEMORY(regf
->hbins
);
1971 regf
->hbins
[0] = NULL
;
1974 nk
.type
= REG_SUB_KEY
;
1975 unix_to_nt_time(&nk
.last_change
, time(NULL
));
1977 nk
.parent_offset
= -1;
1980 nk
.subkeys_offset
= -1;
1981 nk
.unknown_offset
= -1;
1983 nk
.values_offset
= -1;
1984 memset(nk
.unk3
, 0, 5);
1985 nk
.clsname_offset
= -1;
1986 nk
.clsname_length
= 0;
1987 nk
.sk_offset
= 0x80;
1988 nk
.key_name
= "SambaRootKey";
1991 * It should be noted that changing the key_name to something shorter
1992 * creates a shorter nk block, which makes the position of the sk block
1993 * change. All Windows registries I've seen have the sk at 0x80.
1994 * I therefore recommend that our regf files share that offset -- Wilco
1997 /* Create a security descriptor. */
1998 sd
= security_descriptor_dacl_create(regf
,
2001 SID_NT_AUTHENTICATED_USERS
,
2002 SEC_ACE_TYPE_ACCESS_ALLOWED
,
2004 SEC_ACE_FLAG_OBJECT_INHERIT
,
2007 /* Push the security descriptor to a blob */
2008 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_push_struct_blob(&data
, regf
, NULL
,
2009 sd
, (ndr_push_flags_fn_t
)ndr_push_security_descriptor
))) {
2010 DEBUG(0, ("Unable to push security descriptor\n"));
2011 return WERR_GENERAL_FAILURE
;
2016 sk
.prev_offset
= 0x80;
2017 sk
.next_offset
= 0x80;
2019 sk
.rec_size
= data
.length
;
2020 sk
.sec_desc
= data
.data
;
2022 /* Store the new nk key */
2023 regf
->header
->data_offset
= hbin_store_tdr(regf
,
2024 (tdr_push_fn_t
)tdr_push_nk_block
,
2026 /* Store the sk block */
2027 sk_offset
= hbin_store_tdr(regf
,
2028 (tdr_push_fn_t
) tdr_push_sk_block
,
2030 if (sk_offset
!= 0x80) {
2031 DEBUG(0, ("Error storing sk block, should be at 0x80, stored at 0x%x\n", nk
.sk_offset
));
2032 return WERR_GENERAL_FAILURE
;
2036 *key
= (struct hive_key
*)regf_get_key(parent_ctx
, regf
,
2037 regf
->header
->data_offset
);
2039 error
= regf_save_hbin(regf
);
2040 if (!W_ERROR_IS_OK(error
)) {
2044 /* We can drop our own reference now that *key will have created one */
2045 talloc_unlink(NULL
, regf
);
2050 WERROR
reg_open_regf_file(TALLOC_CTX
*parent_ctx
, const char *location
,
2051 struct smb_iconv_convenience
*iconv_convenience
, struct hive_key
**key
)
2053 struct regf_data
*regf
;
2054 struct regf_hdr
*regf_hdr
;
2055 struct tdr_pull
*pull
;
2058 regf
= (struct regf_data
*)talloc_zero(parent_ctx
, struct regf_data
);
2060 regf
->iconv_convenience
= iconv_convenience
;
2062 W_ERROR_HAVE_NO_MEMORY(regf
);
2064 DEBUG(5, ("Attempting to load registry file\n"));
2066 /* Get the header */
2067 regf
->fd
= open(location
, O_RDWR
);
2069 if (regf
->fd
== -1) {
2070 DEBUG(0,("Could not load file: %s, %s\n", location
,
2073 return WERR_GENERAL_FAILURE
;
2076 pull
= tdr_pull_init(regf
, regf
->iconv_convenience
);
2078 pull
->data
.data
= (uint8_t*)fd_load(regf
->fd
, &pull
->data
.length
, 0, regf
);
2080 if (pull
->data
.data
== NULL
) {
2081 DEBUG(0, ("Error reading data\n"));
2083 return WERR_GENERAL_FAILURE
;
2086 regf_hdr
= talloc(regf
, struct regf_hdr
);
2087 W_ERROR_HAVE_NO_MEMORY(regf_hdr
);
2089 if (NT_STATUS_IS_ERR(tdr_pull_regf_hdr(pull
, regf_hdr
, regf_hdr
))) {
2091 return WERR_GENERAL_FAILURE
;
2094 regf
->header
= regf_hdr
;
2096 if (strcmp(regf_hdr
->REGF_ID
, "regf") != 0) {
2097 DEBUG(0, ("Unrecognized NT registry header id: %s, %s\n",
2098 regf_hdr
->REGF_ID
, location
));
2100 return WERR_GENERAL_FAILURE
;
2103 /* Validate the header ... */
2104 if (regf_hdr_checksum(pull
->data
.data
) != regf_hdr
->chksum
) {
2105 DEBUG(0, ("Registry file checksum error: %s: %d,%d\n",
2106 location
, regf_hdr
->chksum
,
2107 regf_hdr_checksum(pull
->data
.data
)));
2109 return WERR_GENERAL_FAILURE
;
2112 pull
->offset
= 0x1000;
2115 /* Read in all hbin blocks */
2116 regf
->hbins
= talloc_array(regf
, struct hbin_block
*, 1);
2117 W_ERROR_HAVE_NO_MEMORY(regf
->hbins
);
2119 regf
->hbins
[0] = NULL
;
2121 while (pull
->offset
< pull
->data
.length
&&
2122 pull
->offset
<= regf
->header
->last_block
) {
2123 struct hbin_block
*hbin
= talloc(regf
->hbins
,
2126 W_ERROR_HAVE_NO_MEMORY(hbin
);
2128 if (NT_STATUS_IS_ERR(tdr_pull_hbin_block(pull
, hbin
, hbin
))) {
2129 DEBUG(0, ("[%d] Error parsing HBIN block\n", i
));
2134 if (strcmp(hbin
->HBIN_ID
, "hbin") != 0) {
2135 DEBUG(0, ("[%d] Expected 'hbin', got '%s'\n",
2141 regf
->hbins
[i
] = hbin
;
2143 regf
->hbins
= talloc_realloc(regf
, regf
->hbins
,
2144 struct hbin_block
*, i
+2);
2145 regf
->hbins
[i
] = NULL
;
2150 DEBUG(1, ("%d HBIN blocks read\n", i
));
2152 *key
= (struct hive_key
*)regf_get_key(parent_ctx
, regf
,
2153 regf
->header
->data_offset
);
2155 /* We can drop our own reference now that *key will have created one */
2156 talloc_unlink(parent_ctx
, regf
);
2161 static struct hive_operations reg_backend_regf
= {
2163 .get_key_info
= regf_get_info
,
2164 .enum_key
= regf_get_subkey_by_index
,
2165 .get_key_by_name
= regf_get_subkey_by_name
,
2166 .get_value_by_name
= regf_get_value_by_name
,
2167 .enum_value
= regf_get_value
,
2168 .get_sec_desc
= regf_get_sec_desc
,
2169 .set_sec_desc
= regf_set_sec_desc
,
2170 .add_key
= regf_add_key
,
2171 .set_value
= regf_set_value
,
2172 .del_key
= regf_del_key
,
2173 .delete_value
= regf_del_value
,