search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
docs: ldbdel.1.xml: Correct meta data.
[Samba/gebeck_regimport.git] / source4 / lib / registry / regf.c
blobb6a586cf78bd6edad3909761c43edbd219683583
1 /*
2 Samba CIFS implementation
3 Registry backend for REGF files
4 Copyright (C) 2005-2007 Jelmer Vernooij, jelmer@samba.org
5 Copyright (C) 2006-2010 Wilco Baan Hofman, wilco@baanhofman.nl
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>. */
19
20 #include "includes.h"
21 #include "system/filesys.h"
22 #include "system/time.h"
23 #include "lib/registry/tdr_regf.h"
24 #include "librpc/gen_ndr/ndr_security.h"
25 #include "librpc/gen_ndr/winreg.h"
26 #include "lib/registry/registry.h"
27 #include "libcli/security/security.h"
28
29
30 static struct hive_operations reg_backend_regf;
31
32 /**
33 * There are several places on the web where the REGF format is explained;
34 *
35 * TODO: Links
36 */
37
38 /* TODO:
39 * - Return error codes that make more sense
40 * - Locking
41 * - do more things in-memory
42 */
43
44 /*
45 * Read HBIN blocks into memory
46 */
47
48 struct regf_data {
49 int fd;
50 struct hbin_block **hbins;
51 struct regf_hdr *header;
52 time_t last_write;
53 };
54
55 static WERROR regf_save_hbin(struct regf_data *data, bool flush);
56
57 struct regf_key_data {
58 struct hive_key key;
59 struct regf_data *hive;
60 uint32_t offset;
61 struct nk_block *nk;
62 };
63
64 static struct hbin_block *hbin_by_offset(const struct regf_data *data,
65 uint32_t offset, uint32_t *rel_offset)
66 {
67 unsigned int i;
68
69 for (i = 0; data->hbins[i]; i++) {
70 if (offset >= data->hbins[i]->offset_from_first &&
71 offset < data->hbins[i]->offset_from_first+
72 data->hbins[i]->offset_to_next) {
73 if (rel_offset != NULL)
74 *rel_offset = offset - data->hbins[i]->offset_from_first - 0x20;
75 return data->hbins[i];
76 }
77 }
78
79 return NULL;
80 }
81
82 /**
83 * Validate a regf header
84 * For now, do nothing, but we should check the checksum
85 */
86 static uint32_t regf_hdr_checksum(const uint8_t *buffer)
87 {
88 uint32_t checksum = 0, x;
89 unsigned int i;
90
91 for (i = 0; i < 0x01FB; i+= 4) {
92 x = IVAL(buffer, i);
93 checksum ^= x;
94 }
95
96 return checksum;
97 }
98
99 /**
100 * Obtain the contents of a HBIN block
101 */
102 static DATA_BLOB hbin_get(const struct regf_data *data, uint32_t offset)
103 {
104 DATA_BLOB ret;
105 struct hbin_block *hbin;
106 uint32_t rel_offset;
107
108 ret.data = NULL;
109 ret.length = 0;
110
111 hbin = hbin_by_offset(data, offset, &rel_offset);
112
113 if (hbin == NULL) {
114 DEBUG(1, ("Can't find HBIN at 0x%04x\n", offset));
115 return ret;
116 }
117
118 ret.length = IVAL(hbin->data, rel_offset);
119 if (!(ret.length & 0x80000000)) {
120 DEBUG(0, ("Trying to use dirty block at 0x%04x\n", offset));
121 return ret;
122 }
123
124 /* remove high bit */
125 ret.length = (ret.length ^ 0xffffffff) + 1;
126
127 ret.length -= 4; /* 4 bytes for the length... */
128 ret.data = hbin->data +
129 (offset - hbin->offset_from_first - 0x20) + 4;
130
131 return ret;
132 }
133
134 static bool hbin_get_tdr(struct regf_data *regf, uint32_t offset,
135 TALLOC_CTX *ctx, tdr_pull_fn_t pull_fn, void *p)
136 {
137 struct tdr_pull *pull = tdr_pull_init(regf);
138
139 pull->data = hbin_get(regf, offset);
140 if (!pull->data.data) {
141 DEBUG(1, ("Unable to get data at 0x%04x\n", offset));
142 talloc_free(pull);
143 return false;
144 }
145
146 if (NT_STATUS_IS_ERR(pull_fn(pull, ctx, p))) {
147 DEBUG(1, ("Error parsing record at 0x%04x using tdr\n",
148 offset));
149 talloc_free(pull);
150 return false;
151 }
152 talloc_free(pull);
153
154 return true;
155 }
156
157 /* Allocate some new data */
158 static DATA_BLOB hbin_alloc(struct regf_data *data, uint32_t size,
159 uint32_t *offset)
160 {
161 DATA_BLOB ret;
162 uint32_t rel_offset = (uint32_t) -1; /* Relative offset ! */
163 struct hbin_block *hbin = NULL;
164 unsigned int i;
165
166 *offset = 0;
167
168 if (size == 0)
169 return data_blob(NULL, 0);
170
171 size += 4; /* Need to include int32 for the length */
172
173 /* Allocate as a multiple of 8 */
174 size = (size + 7) & ~7;
175
176 ret.data = NULL;
177 ret.length = 0;
178
179 for (i = 0; (hbin = data->hbins[i]); i++) {
180 int j;
181 int32_t my_size;
182 for (j = 0; j < hbin->offset_to_next-0x20; j+= my_size) {
183 my_size = IVALS(hbin->data, j);
184
185 if (my_size == 0x0) {
186 DEBUG(0, ("Invalid zero-length block! File is corrupt.\n"));
187 return ret;
188 }
189
190 if (my_size % 8 != 0) {
191 DEBUG(0, ("Encountered non-aligned block!\n"));
192 }
193
194 if (my_size < 0) { /* Used... */
195 my_size = -my_size;
196 } else if (my_size == size) { /* exact match */
197 rel_offset = j;
198 DEBUG(4, ("Found free block of exact size %d in middle of HBIN\n",
199 size));
200 break;
201 } else if (my_size > size) { /* data will remain */
202 rel_offset = j;
203 /* Split this block and mark the next block as free */
204 SIVAL(hbin->data, rel_offset+size, my_size-size);
205 DEBUG(4, ("Found free block of size %d (needing %d) in middle of HBIN\n",
206 my_size, size));
207 break;
208 }
209 }
210
211 if (rel_offset != -1)
212 break;
213 }
214
215 /* No space available in previous hbins,
216 * allocate new one */
217 if (data->hbins[i] == NULL) {
218 DEBUG(4, ("No space available in other HBINs for block of size %d, allocating new HBIN\n",
219 size));
220
221 /* Add extra hbin block */
222 data->hbins = talloc_realloc(data, data->hbins,
223 struct hbin_block *, i+2);
224 hbin = talloc(data->hbins, struct hbin_block);
225 SMB_ASSERT(hbin != NULL);
226
227 data->hbins[i] = hbin;
228 data->hbins[i+1] = NULL;
229
230 /* Set hbin data */
231 hbin->HBIN_ID = talloc_strdup(hbin, "hbin");
232 hbin->offset_from_first = (i == 0?0:data->hbins[i-1]->offset_from_first+data->hbins[i-1]->offset_to_next);
233 hbin->offset_to_next = 0x1000;
234 hbin->unknown[0] = 0;
235 hbin->unknown[1] = 0;
236 unix_to_nt_time(&hbin->last_change, time(NULL));
237 hbin->block_size = hbin->offset_to_next;
238 hbin->data = talloc_zero_array(hbin, uint8_t, hbin->block_size - 0x20);
239 /* Update the regf header */
240 data->header->last_block += hbin->offset_to_next;
241
242 /* Set the next block to it's proper size and set the
243 * rel_offset for this block */
244 SIVAL(hbin->data, size, hbin->block_size - size - 0x20);
245 rel_offset = 0x0;
246 }
247
248 /* Set size and mark as used */
249 SIVAL(hbin->data, rel_offset, -size);
250
251 ret.data = hbin->data + rel_offset + 0x4; /* Skip past length */
252 ret.length = size - 0x4;
253 if (offset) {
254 uint32_t new_rel_offset;
255 *offset = hbin->offset_from_first + rel_offset + 0x20;
256 SMB_ASSERT(hbin_by_offset(data, *offset, &new_rel_offset) == hbin);
257 SMB_ASSERT(new_rel_offset == rel_offset);
258 }
259
260 return ret;
261 }
262
263 /* Store a data blob. Return the offset at which it was stored */
264 static uint32_t hbin_store (struct regf_data *data, DATA_BLOB blob)
265 {
266 uint32_t ret;
267 DATA_BLOB dest = hbin_alloc(data, blob.length, &ret);
268
269 memcpy(dest.data, blob.data, blob.length);
270
271 /* Make sure that we have no tailing garbage in the block */
272 if (dest.length > blob.length) {
273 memset(dest.data + blob.length, 0, dest.length - blob.length);
274 }
275
276 return ret;
277 }
278
279 static uint32_t hbin_store_tdr(struct regf_data *data,
280 tdr_push_fn_t push_fn, void *p)
281 {
282 struct tdr_push *push = tdr_push_init(data);
283 uint32_t ret;
284
285 if (NT_STATUS_IS_ERR(push_fn(push, p))) {
286 DEBUG(0, ("Error during push\n"));
287 return -1;
288 }
289
290 ret = hbin_store(data, push->data);
291
292 talloc_free(push);
293
294 return ret;
295 }
296
297
298 /* Free existing data */
299 static void hbin_free (struct regf_data *data, uint32_t offset)
300 {
301 int32_t size;
302 uint32_t rel_offset;
303 int32_t next_size;
304 struct hbin_block *hbin;
305
306 SMB_ASSERT (offset > 0);
307
308 hbin = hbin_by_offset(data, offset, &rel_offset);
309
310 if (hbin == NULL)
311 return;
312
313 /* Get original size */
314 size = IVALS(hbin->data, rel_offset);
315
316 if (size > 0) {
317 DEBUG(1, ("Trying to free already freed block at 0x%04x\n",
318 offset));
319 return;
320 }
321 /* Mark as unused */
322 size = -size;
323
324 /* If the next block is free, merge into big free block */
325 if (rel_offset + size < hbin->offset_to_next - 0x20) {
326 next_size = IVALS(hbin->data, rel_offset+size);
327 if (next_size > 0) {
328 size += next_size;
329 }
330 }
331
332 /* Write block size */
333 SIVALS(hbin->data, rel_offset, size);
334 }
335
336 /**
337 * Store a data blob data was already stored, but has changed in size
338 * Will try to save it at the current location if possible, otherwise
339 * does a free + store */
340 static uint32_t hbin_store_resize(struct regf_data *data,
341 uint32_t orig_offset, DATA_BLOB blob)
342 {
343 uint32_t rel_offset;
344 struct hbin_block *hbin = hbin_by_offset(data, orig_offset,
345 &rel_offset);
346 int32_t my_size;
347 int32_t orig_size;
348 int32_t needed_size;
349 int32_t possible_size;
350 unsigned int i;
351
352 SMB_ASSERT(orig_offset > 0);
353
354 if (!hbin)
355 return hbin_store(data, blob);
356
357 /* Get original size */
358 orig_size = -IVALS(hbin->data, rel_offset);
359
360 needed_size = blob.length + 4; /* Add int32 containing length */
361 needed_size = (needed_size + 7) & ~7; /* Align */
362
363 /* Fits into current allocated block */
364 if (orig_size >= needed_size) {
365 memcpy(hbin->data + rel_offset + 0x4, blob.data, blob.length);
366 /* If the difference in size is greater than 0x4, split the block
367 * and free/merge it */
368 if (orig_size - needed_size > 0x4) {
369 SIVALS(hbin->data, rel_offset, -needed_size);
370 SIVALS(hbin->data, rel_offset + needed_size,
371 needed_size-orig_size);
372 hbin_free(data, orig_offset + needed_size);
373 }
374 return orig_offset;
375 }
376
377 possible_size = orig_size;
378
379 /* Check if it can be combined with the next few free records */
380 for (i = rel_offset; i < hbin->offset_to_next - 0x20; i += my_size) {
381 if (IVALS(hbin->data, i) < 0) /* Used */
382 break;
383
384 my_size = IVALS(hbin->data, i);
385
386 if (my_size == 0x0) {
387 DEBUG(0, ("Invalid zero-length block! File is corrupt.\n"));
388 break;
389 } else {
390 possible_size += my_size;
391 }
392
393 if (possible_size >= blob.length) {
394 SIVAL(hbin->data, rel_offset, -possible_size);
395 memcpy(hbin->data + rel_offset + 0x4,
396 blob.data, blob.length);
397 return orig_offset;
398 }
399 }
400
401 hbin_free(data, orig_offset);
402 return hbin_store(data, blob);
403 }
404
405 static uint32_t hbin_store_tdr_resize(struct regf_data *regf,
406 tdr_push_fn_t push_fn,
407 uint32_t orig_offset, void *p)
408 {
409 struct tdr_push *push = tdr_push_init(regf);
410 uint32_t ret;
411
412 if (NT_STATUS_IS_ERR(push_fn(push, p))) {
413 DEBUG(0, ("Error during push\n"));
414 return -1;
415 }
416
417 ret = hbin_store_resize(regf, orig_offset, push->data);
418
419 talloc_free(push);
420
421 return ret;
422 }
423
424 static uint32_t regf_create_lh_hash(const char *name)
425 {
426 char *hash_name;
427 uint32_t ret = 0;
428 uint16_t i;
429
430 hash_name = strupper_talloc(NULL, name);
431 for (i = 0; *(hash_name + i) != 0; i++) {
432 ret *= 37;
433 ret += *(hash_name + i);
434 }
435 talloc_free(hash_name);
436 return ret;
437 }
438
439 static WERROR regf_get_info(TALLOC_CTX *mem_ctx,
440 const struct hive_key *key,
441 const char **classname,
442 uint32_t *num_subkeys,
443 uint32_t *num_values,
444 NTTIME *last_mod_time,
445 uint32_t *max_subkeynamelen,
446 uint32_t *max_valnamelen,
447 uint32_t *max_valbufsize)
448 {
449 const struct regf_key_data *private_data =
450 (const struct regf_key_data *)key;
451
452 if (num_subkeys != NULL)
453 *num_subkeys = private_data->nk->num_subkeys;
454
455 if (num_values != NULL)
456 *num_values = private_data->nk->num_values;
457
458 if (classname != NULL) {
459 if (private_data->nk->clsname_offset != -1) {
460 DATA_BLOB data = hbin_get(private_data->hive,
461 private_data->nk->clsname_offset);
462 *classname = talloc_strndup(mem_ctx,
463 (char*)data.data,
464 private_data->nk->clsname_length);
465 W_ERROR_HAVE_NO_MEMORY(*classname);
466 } else
467 *classname = NULL;
468 }
469
470 /* TODO: Last mod time */
471
472 /* TODO: max valnamelen */
473
474 /* TODO: max valbufsize */
475
476 /* TODO: max subkeynamelen */
477
478 return WERR_OK;
479 }
480
481 static struct regf_key_data *regf_get_key(TALLOC_CTX *ctx,
482 struct regf_data *regf,
483 uint32_t offset)
484 {
485 struct nk_block *nk;
486 struct regf_key_data *ret;
487
488 ret = talloc_zero(ctx, struct regf_key_data);
489 ret->key.ops = &reg_backend_regf;
490 ret->hive = talloc_reference(ret, regf);
491 ret->offset = offset;
492 nk = talloc(ret, struct nk_block);
493 if (nk == NULL)
494 return NULL;
495
496 ret->nk = nk;
497
498 if (!hbin_get_tdr(regf, offset, nk,
499 (tdr_pull_fn_t)tdr_pull_nk_block, nk)) {
500 DEBUG(0, ("Unable to find HBIN data for offset 0x%x\n", offset));
501 return NULL;
502 }
503
504 if (strcmp(nk->header, "nk") != 0) {
505 DEBUG(0, ("Expected nk record, got %s\n", nk->header));
506 talloc_free(ret);
507 return NULL;
508 }
509
510 return ret;
511 }
512
513
514 static WERROR regf_get_value(TALLOC_CTX *ctx, struct hive_key *key,
515 uint32_t idx, const char **name,
516 uint32_t *data_type, DATA_BLOB *data)
517 {
518 const struct regf_key_data *private_data =
519 (const struct regf_key_data *)key;
520 struct vk_block *vk;
521 struct regf_data *regf = private_data->hive;
522 uint32_t vk_offset;
523 DATA_BLOB tmp;
524
525 if (idx >= private_data->nk->num_values)
526 return WERR_NO_MORE_ITEMS;
527
528 tmp = hbin_get(regf, private_data->nk->values_offset);
529 if (!tmp.data) {
530 DEBUG(0, ("Unable to find value list at 0x%x\n",
531 private_data->nk->values_offset));
532 return WERR_GENERAL_FAILURE;
533 }
534
535 if (tmp.length < private_data->nk->num_values * 4) {
536 DEBUG(1, ("Value counts mismatch\n"));
537 }
538
539 vk_offset = IVAL(tmp.data, idx * 4);
540
541 vk = talloc(NULL, struct vk_block);
542 W_ERROR_HAVE_NO_MEMORY(vk);
543
544 if (!hbin_get_tdr(regf, vk_offset, vk,
545 (tdr_pull_fn_t)tdr_pull_vk_block, vk)) {
546 DEBUG(0, ("Unable to get VK block at 0x%x\n", vk_offset));
547 talloc_free(vk);
548 return WERR_GENERAL_FAILURE;
549 }
550
551 /* FIXME: name character set ?*/
552 if (name != NULL) {
553 *name = talloc_strndup(ctx, vk->data_name, vk->name_length);
554 W_ERROR_HAVE_NO_MEMORY(*name);
555 }
556
557 if (data_type != NULL)
558 *data_type = vk->data_type;
559
560 if (vk->data_length & 0x80000000) {
561 /* this is data of type "REG_DWORD" or "REG_DWORD_BIG_ENDIAN" */
562 data->data = talloc_size(ctx, sizeof(uint32_t));
563 W_ERROR_HAVE_NO_MEMORY(data->data);
564 SIVAL(data->data, 0, vk->data_offset);
565 data->length = sizeof(uint32_t);
566 } else {
567 *data = hbin_get(regf, vk->data_offset);
568 }
569
570 if (data->length < vk->data_length) {
571 DEBUG(1, ("Read data less than indicated data length!\n"));
572 }
573
574 talloc_free(vk);
575
576 return WERR_OK;
577 }
578
579 static WERROR regf_get_value_by_name(TALLOC_CTX *mem_ctx,
580 struct hive_key *key, const char *name,
581 uint32_t *type, DATA_BLOB *data)
582 {
583 unsigned int i;
584 const char *vname;
585 WERROR error;
586
587 /* FIXME: Do binary search? Is this list sorted at all? */
588
589 for (i = 0; W_ERROR_IS_OK(error = regf_get_value(mem_ctx, key, i,
590 &vname, type, data));
591 i++) {
592 if (!strcmp(vname, name))
593 return WERR_OK;
594 }
595
596 if (W_ERROR_EQUAL(error, WERR_NO_MORE_ITEMS))
597 return WERR_BADFILE;
598
599 return error;
600 }
601
602
603 static WERROR regf_get_subkey_by_index(TALLOC_CTX *ctx,
604 const struct hive_key *key,
605 uint32_t idx, const char **name,
606 const char **classname,
607 NTTIME *last_mod_time)
608 {
609 DATA_BLOB data;
610 struct regf_key_data *ret;
611 const struct regf_key_data *private_data = (const struct regf_key_data *)key;
612 struct nk_block *nk = private_data->nk;
613 uint32_t key_off=0;
614
615 if (idx >= nk->num_subkeys)
616 return WERR_NO_MORE_ITEMS;
617
618 /* Make sure that we don't crash if the key is empty */
619 if (nk->subkeys_offset == -1) {
620 return WERR_NO_MORE_ITEMS;
621 }
622
623 data = hbin_get(private_data->hive, nk->subkeys_offset);
624 if (!data.data) {
625 DEBUG(0, ("Unable to find subkey list at 0x%x\n",
626 nk->subkeys_offset));
627 return WERR_GENERAL_FAILURE;
628 }
629
630 if (!strncmp((char *)data.data, "li", 2)) {
631 struct li_block li;
632 struct tdr_pull *pull = tdr_pull_init(private_data->hive);
633
634 DEBUG(10, ("Subkeys in LI list\n"));
635 pull->data = data;
636
637 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull, nk, &li))) {
638 DEBUG(0, ("Error parsing LI list\n"));
639 talloc_free(pull);
640 return WERR_GENERAL_FAILURE;
641 }
642 talloc_free(pull);
643 SMB_ASSERT(!strncmp(li.header, "li", 2));
644
645 if (li.key_count != nk->num_subkeys) {
646 DEBUG(0, ("Subkey counts don't match\n"));
647 return WERR_GENERAL_FAILURE;
648 }
649 key_off = li.nk_offset[idx];
650
651 } else if (!strncmp((char *)data.data, "lf", 2)) {
652 struct lf_block lf;
653 struct tdr_pull *pull = tdr_pull_init(private_data->hive);
654
655 DEBUG(10, ("Subkeys in LF list\n"));
656 pull->data = data;
657
658 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull, nk, &lf))) {
659 DEBUG(0, ("Error parsing LF list\n"));
660 talloc_free(pull);
661 return WERR_GENERAL_FAILURE;
662 }
663 talloc_free(pull);
664 SMB_ASSERT(!strncmp(lf.header, "lf", 2));
665
666 if (lf.key_count != nk->num_subkeys) {
667 DEBUG(0, ("Subkey counts don't match\n"));
668 return WERR_GENERAL_FAILURE;
669 }
670
671 key_off = lf.hr[idx].nk_offset;
672 } else if (!strncmp((char *)data.data, "lh", 2)) {
673 struct lh_block lh;
674 struct tdr_pull *pull = tdr_pull_init(private_data->hive);
675
676 DEBUG(10, ("Subkeys in LH list\n"));
677 pull->data = data;
678
679 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull, nk, &lh))) {
680 DEBUG(0, ("Error parsing LH list\n"));
681 talloc_free(pull);
682 return WERR_GENERAL_FAILURE;
683 }
684 talloc_free(pull);
685 SMB_ASSERT(!strncmp(lh.header, "lh", 2));
686
687 if (lh.key_count != nk->num_subkeys) {
688 DEBUG(0, ("Subkey counts don't match\n"));
689 return WERR_GENERAL_FAILURE;
690 }
691 key_off = lh.hr[idx].nk_offset;
692 } else if (!strncmp((char *)data.data, "ri", 2)) {
693 struct ri_block ri;
694 struct tdr_pull *pull = tdr_pull_init(ctx);
695 uint16_t i;
696 uint16_t sublist_count = 0;
697
698 DEBUG(10, ("Subkeys in RI list\n"));
699 pull->data = data;
700
701 if (NT_STATUS_IS_ERR(tdr_pull_ri_block(pull, nk, &ri))) {
702 DEBUG(0, ("Error parsing RI list\n"));
703 talloc_free(pull);
704 return WERR_GENERAL_FAILURE;
705 }
706 SMB_ASSERT(!strncmp(ri.header, "ri", 2));
707
708 for (i = 0; i < ri.key_count; i++) {
709 DATA_BLOB list_data;
710
711 /* Get sublist data blob */
712 list_data = hbin_get(private_data->hive, ri.offset[i]);
713 if (!list_data.data) {
714 DEBUG(0, ("Error getting RI list."));
715 talloc_free(pull);
716 return WERR_GENERAL_FAILURE;
717 }
718
719 pull->data = list_data;
720
721 if (!strncmp((char *)list_data.data, "li", 2)) {
722 struct li_block li;
723
724 DEBUG(10, ("Subkeys in RI->LI list\n"));
725
726 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull,
727 nk,
728 &li))) {
729 DEBUG(0, ("Error parsing LI list from RI\n"));
730 talloc_free(pull);
731 return WERR_GENERAL_FAILURE;
732 }
733 SMB_ASSERT(!strncmp(li.header, "li", 2));
734
735 /* Advance to next sublist if necessary */
736 if (idx >= sublist_count + li.key_count) {
737 sublist_count += li.key_count;
738 continue;
739 }
740 key_off = li.nk_offset[idx - sublist_count];
741 sublist_count += li.key_count;
742 break;
743 } else if (!strncmp((char *)list_data.data, "lh", 2)) {
744 struct lh_block lh;
745
746 DEBUG(10, ("Subkeys in RI->LH list\n"));
747
748 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull,
749 nk,
750 &lh))) {
751 DEBUG(0, ("Error parsing LH list from RI\n"));
752 talloc_free(pull);
753 return WERR_GENERAL_FAILURE;
754 }
755 SMB_ASSERT(!strncmp(lh.header, "lh", 2));
756
757 /* Advance to next sublist if necessary */
758 if (idx >= sublist_count + lh.key_count) {
759 sublist_count += lh.key_count;
760 continue;
761 }
762 key_off = lh.hr[idx - sublist_count].nk_offset;
763 sublist_count += lh.key_count;
764 break;
765 } else {
766 DEBUG(0,("Unknown sublist in ri block\n"));
767 talloc_free(pull);
768
769 return WERR_GENERAL_FAILURE;
770 }
771
772 }
773 talloc_free(pull);
774
775
776 if (idx > sublist_count) {
777 return WERR_NO_MORE_ITEMS;
778 }
779
780 } else {
781 DEBUG(0, ("Unknown type for subkey list (0x%04x): %c%c\n",
782 nk->subkeys_offset, data.data[0], data.data[1]));
783 return WERR_GENERAL_FAILURE;
784 }
785
786 ret = regf_get_key (ctx, private_data->hive, key_off);
787
788 if (classname != NULL) {
789 if (ret->nk->clsname_offset != -1) {
790 DATA_BLOB db = hbin_get(ret->hive,
791 ret->nk->clsname_offset);
792 *classname = talloc_strndup(ctx,
793 (char*)db.data,
794 ret->nk->clsname_length);
795 W_ERROR_HAVE_NO_MEMORY(*classname);
796 } else
797 *classname = NULL;
798 }
799
800 if (last_mod_time != NULL)
801 *last_mod_time = ret->nk->last_change;
802
803 if (name != NULL)
804 *name = talloc_steal(ctx, ret->nk->key_name);
805
806 talloc_free(ret);
807
808 return WERR_OK;
809 }
810
811 static WERROR regf_match_subkey_by_name(TALLOC_CTX *ctx,
812 const struct hive_key *key,
813 uint32_t offset,
814 const char *name, uint32_t *ret)
815 {
816 DATA_BLOB subkey_data;
817 struct nk_block subkey;
818 struct tdr_pull *pull;
819 const struct regf_key_data *private_data =
820 (const struct regf_key_data *)key;
821
822 subkey_data = hbin_get(private_data->hive, offset);
823 if (!subkey_data.data) {
824 DEBUG(0, ("Unable to retrieve subkey HBIN\n"));
825 return WERR_GENERAL_FAILURE;
826 }
827
828 pull = tdr_pull_init(ctx);
829
830 pull->data = subkey_data;
831
832 if (NT_STATUS_IS_ERR(tdr_pull_nk_block(pull, ctx, &subkey))) {
833 DEBUG(0, ("Error parsing NK structure.\n"));
834 talloc_free(pull);
835 return WERR_GENERAL_FAILURE;
836 }
837 talloc_free(pull);
838
839 if (strncmp(subkey.header, "nk", 2)) {
840 DEBUG(0, ("Not an NK structure.\n"));
841 return WERR_GENERAL_FAILURE;
842 }
843
844 if (!strcasecmp(subkey.key_name, name)) {
845 *ret = offset;
846 } else {
847 *ret = 0;
848 }
849 return WERR_OK;
850 }
851
852 static WERROR regf_get_subkey_by_name(TALLOC_CTX *ctx,
853 const struct hive_key *key,
854 const char *name,
855 struct hive_key **ret)
856 {
857 DATA_BLOB data;
858 const struct regf_key_data *private_data =
859 (const struct regf_key_data *)key;
860 struct nk_block *nk = private_data->nk;
861 uint32_t key_off = 0;
862
863 /* Make sure that we don't crash if the key is empty */
864 if (nk->subkeys_offset == -1) {
865 return WERR_BADFILE;
866 }
867
868 data = hbin_get(private_data->hive, nk->subkeys_offset);
869 if (!data.data) {
870 DEBUG(0, ("Unable to find subkey list\n"));
871 return WERR_GENERAL_FAILURE;
872 }
873
874 if (!strncmp((char *)data.data, "li", 2)) {
875 struct li_block li;
876 struct tdr_pull *pull = tdr_pull_init(ctx);
877 uint16_t i;
878
879 DEBUG(10, ("Subkeys in LI list\n"));
880 pull->data = data;
881
882 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull, nk, &li))) {
883 DEBUG(0, ("Error parsing LI list\n"));
884 talloc_free(pull);
885 return WERR_GENERAL_FAILURE;
886 }
887 talloc_free(pull);
888 SMB_ASSERT(!strncmp(li.header, "li", 2));
889
890 if (li.key_count != nk->num_subkeys) {
891 DEBUG(0, ("Subkey counts don't match\n"));
892 return WERR_GENERAL_FAILURE;
893 }
894
895 for (i = 0; i < li.key_count; i++) {
896 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key,
897 li.nk_offset[i],
898 name,
899 &key_off));
900 if (key_off != 0)
901 break;
902 }
903 if (key_off == 0)
904 return WERR_BADFILE;
905 } else if (!strncmp((char *)data.data, "lf", 2)) {
906 struct lf_block lf;
907 struct tdr_pull *pull = tdr_pull_init(ctx);
908 uint16_t i;
909
910 DEBUG(10, ("Subkeys in LF list\n"));
911 pull->data = data;
912
913 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull, nk, &lf))) {
914 DEBUG(0, ("Error parsing LF list\n"));
915 talloc_free(pull);
916 return WERR_GENERAL_FAILURE;
917 }
918 talloc_free(pull);
919 SMB_ASSERT(!strncmp(lf.header, "lf", 2));
920
921 if (lf.key_count != nk->num_subkeys) {
922 DEBUG(0, ("Subkey counts don't match\n"));
923 return WERR_GENERAL_FAILURE;
924 }
925
926 for (i = 0; i < lf.key_count; i++) {
927 if (strncmp(lf.hr[i].hash, name, 4)) {
928 continue;
929 }
930 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk,
931 key,
932 lf.hr[i].nk_offset,
933 name,
934 &key_off));
935 if (key_off != 0)
936 break;
937 }
938 if (key_off == 0)
939 return WERR_BADFILE;
940 } else if (!strncmp((char *)data.data, "lh", 2)) {
941 struct lh_block lh;
942 struct tdr_pull *pull = tdr_pull_init(ctx);
943 uint16_t i;
944 uint32_t hash;
945
946 DEBUG(10, ("Subkeys in LH list\n"));
947 pull->data = data;
948
949 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull, nk, &lh))) {
950 DEBUG(0, ("Error parsing LH list\n"));
951 talloc_free(pull);
952 return WERR_GENERAL_FAILURE;
953 }
954 talloc_free(pull);
955 SMB_ASSERT(!strncmp(lh.header, "lh", 2));
956
957 if (lh.key_count != nk->num_subkeys) {
958 DEBUG(0, ("Subkey counts don't match\n"));
959 return WERR_GENERAL_FAILURE;
960 }
961
962 hash = regf_create_lh_hash(name);
963 for (i = 0; i < lh.key_count; i++) {
964 if (lh.hr[i].base37 != hash) {
965 continue;
966 }
967 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk,
968 key,
969 lh.hr[i].nk_offset,
970 name,
971 &key_off));
972 if (key_off != 0)
973 break;
974 }
975 if (key_off == 0)
976 return WERR_BADFILE;
977 } else if (!strncmp((char *)data.data, "ri", 2)) {
978 struct ri_block ri;
979 struct tdr_pull *pull = tdr_pull_init(ctx);
980 uint16_t i, j;
981
982 DEBUG(10, ("Subkeys in RI list\n"));
983 pull->data = data;
984
985 if (NT_STATUS_IS_ERR(tdr_pull_ri_block(pull, nk, &ri))) {
986 DEBUG(0, ("Error parsing RI list\n"));
987 talloc_free(pull);
988 return WERR_GENERAL_FAILURE;
989 }
990 SMB_ASSERT(!strncmp(ri.header, "ri", 2));
991
992 for (i = 0; i < ri.key_count; i++) {
993 DATA_BLOB list_data;
994
995 /* Get sublist data blob */
996 list_data = hbin_get(private_data->hive, ri.offset[i]);
997 if (list_data.data == NULL) {
998 DEBUG(0, ("Error getting RI list."));
999 talloc_free(pull);
1000 return WERR_GENERAL_FAILURE;
1001 }
1002
1003 pull->data = list_data;
1004
1005 if (!strncmp((char *)list_data.data, "li", 2)) {
1006 struct li_block li;
1007
1008 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull,
1009 nk,
1010 &li))) {
1011 DEBUG(0, ("Error parsing LI list from RI\n"));
1012 talloc_free(pull);
1013 return WERR_GENERAL_FAILURE;
1014 }
1015 SMB_ASSERT(!strncmp(li.header, "li", 2));
1016
1017 for (j = 0; j < li.key_count; j++) {
1018 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key,
1019 li.nk_offset[j],
1020 name,
1021 &key_off));
1022 if (key_off)
1023 break;
1024 }
1025 } else if (!strncmp((char *)list_data.data, "lh", 2)) {
1026 struct lh_block lh;
1027 uint32_t hash;
1028
1029 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull,
1030 nk,
1031 &lh))) {
1032 DEBUG(0, ("Error parsing LH list from RI\n"));
1033 talloc_free(pull);
1034 return WERR_GENERAL_FAILURE;
1035 }
1036 SMB_ASSERT(!strncmp(lh.header, "lh", 2));
1037
1038 hash = regf_create_lh_hash(name);
1039 for (j = 0; j < lh.key_count; j++) {
1040 if (lh.hr[j].base37 != hash) {
1041 continue;
1042 }
1043 W_ERROR_NOT_OK_RETURN(regf_match_subkey_by_name(nk, key,
1044 lh.hr[j].nk_offset,
1045 name,
1046 &key_off));
1047 if (key_off)
1048 break;
1049 }
1050 }
1051 if (key_off)
1052 break;
1053 }
1054 talloc_free(pull);
1055 if (!key_off)
1056 return WERR_BADFILE;
1057 } else {
1058 DEBUG(0, ("Unknown subkey list type.\n"));
1059 return WERR_GENERAL_FAILURE;
1060 }
1061
1062 *ret = (struct hive_key *)regf_get_key(ctx, private_data->hive,
1063 key_off);
1064 return WERR_OK;
1065 }
1066
1067 static WERROR regf_set_sec_desc(struct hive_key *key,
1068 const struct security_descriptor *sec_desc)
1069 {
1070 const struct regf_key_data *private_data =
1071 (const struct regf_key_data *)key;
1072 struct sk_block cur_sk, sk, new_sk;
1073 struct regf_data *regf = private_data->hive;
1074 struct nk_block root;
1075 DATA_BLOB data;
1076 uint32_t sk_offset, cur_sk_offset;
1077 bool update_cur_sk = false;
1078
1079 /* Get the root nk */
1080 hbin_get_tdr(regf, regf->header->data_offset, regf,
1081 (tdr_pull_fn_t) tdr_pull_nk_block, &root);
1082
1083 /* Push the security descriptor to a blob */
1084 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_push_struct_blob(&data, regf,
1085 sec_desc, (ndr_push_flags_fn_t)ndr_push_security_descriptor))) {
1086 DEBUG(0, ("Unable to push security descriptor\n"));
1087 return WERR_GENERAL_FAILURE;
1088 }
1089
1090 /* Get the current security descriptor for the key */
1091 if (!hbin_get_tdr(regf, private_data->nk->sk_offset, regf,
1092 (tdr_pull_fn_t) tdr_pull_sk_block, &cur_sk)) {
1093 DEBUG(0, ("Unable to find security descriptor for current key\n"));
1094 return WERR_BADFILE;
1095 }
1096 /* If there's no change, change nothing. */
1097 if (memcmp(data.data, cur_sk.sec_desc,
1098 MIN(data.length, cur_sk.rec_size)) == 0) {
1099 return WERR_OK;
1100 }
1101
1102 /* Delete the current sk if only this key is using it */
1103 if (cur_sk.ref_cnt == 1) {
1104 /* Get the previous security descriptor for the key */
1105 if (!hbin_get_tdr(regf, cur_sk.prev_offset, regf,
1106 (tdr_pull_fn_t) tdr_pull_sk_block, &sk)) {
1107 DEBUG(0, ("Unable to find prev security descriptor for current key\n"));
1108 return WERR_BADFILE;
1109 }
1110 /* Change and store the previous security descriptor */
1111 sk.next_offset = cur_sk.next_offset;
1112 hbin_store_tdr_resize(regf, (tdr_push_fn_t) tdr_push_sk_block,
1113 cur_sk.prev_offset, &sk);
1114
1115 /* Get the next security descriptor for the key */
1116 if (!hbin_get_tdr(regf, cur_sk.next_offset, regf,
1117 (tdr_pull_fn_t) tdr_pull_sk_block, &sk)) {
1118 DEBUG(0, ("Unable to find next security descriptor for current key\n"));
1119 return WERR_BADFILE;
1120 }
1121 /* Change and store the next security descriptor */
1122 sk.prev_offset = cur_sk.prev_offset;
1123 hbin_store_tdr_resize(regf, (tdr_push_fn_t) tdr_push_sk_block,
1124 cur_sk.next_offset, &sk);
1125
1126 hbin_free(regf, private_data->nk->sk_offset);
1127 } else {
1128 /* This key will no longer be referring to this sk */
1129 cur_sk.ref_cnt--;
1130 update_cur_sk = true;
1131 }
1132
1133 sk_offset = root.sk_offset;
1134
1135 do {
1136 cur_sk_offset = sk_offset;
1137 if (!hbin_get_tdr(regf, sk_offset, regf,
1138 (tdr_pull_fn_t) tdr_pull_sk_block, &sk)) {
1139 DEBUG(0, ("Unable to find security descriptor\n"));
1140 return WERR_BADFILE;
1141 }
1142 if (memcmp(data.data, sk.sec_desc, MIN(data.length, sk.rec_size)) == 0) {
1143 private_data->nk->sk_offset = sk_offset;
1144 sk.ref_cnt++;
1145 hbin_store_tdr_resize(regf,
1146 (tdr_push_fn_t) tdr_push_sk_block,
1147 sk_offset, &sk);
1148 hbin_store_tdr_resize(regf,
1149 (tdr_push_fn_t) tdr_push_nk_block,
1150 private_data->offset,
1151 private_data->nk);
1152 return WERR_OK;
1153 }
1154 sk_offset = sk.next_offset;
1155 } while (sk_offset != root.sk_offset);
1156
1157 ZERO_STRUCT(new_sk);
1158 new_sk.header = "sk";
1159 new_sk.prev_offset = cur_sk_offset;
1160 new_sk.next_offset = root.sk_offset;
1161 new_sk.ref_cnt = 1;
1162 new_sk.rec_size = data.length;
1163 new_sk.sec_desc = data.data;
1164
1165 sk_offset = hbin_store_tdr(regf,
1166 (tdr_push_fn_t) tdr_push_sk_block,
1167 &new_sk);
1168 if (sk_offset == -1) {
1169 DEBUG(0, ("Error storing sk block\n"));
1170 return WERR_GENERAL_FAILURE;
1171 }
1172 private_data->nk->sk_offset = sk_offset;
1173
1174 if (update_cur_sk) {
1175 hbin_store_tdr_resize(regf,
1176 (tdr_push_fn_t) tdr_push_sk_block,
1177 private_data->nk->sk_offset, &cur_sk);
1178 }
1179
1180 /* Get the previous security descriptor for the key */
1181 if (!hbin_get_tdr(regf, new_sk.prev_offset, regf,
1182 (tdr_pull_fn_t) tdr_pull_sk_block, &sk)) {
1183 DEBUG(0, ("Unable to find security descriptor for previous key\n"));
1184 return WERR_BADFILE;
1185 }
1186 /* Change and store the previous security descriptor */
1187 sk.next_offset = sk_offset;
1188 hbin_store_tdr_resize(regf,
1189 (tdr_push_fn_t) tdr_push_sk_block,
1190 cur_sk.prev_offset, &sk);
1191
1192 /* Get the next security descriptor for the key (always root, as we append) */
1193 if (!hbin_get_tdr(regf, new_sk.next_offset, regf,
1194 (tdr_pull_fn_t) tdr_pull_sk_block, &sk)) {
1195 DEBUG(0, ("Unable to find security descriptor for current key\n"));
1196 return WERR_BADFILE;
1197 }
1198 /* Change and store the next security descriptor (always root, as we append) */
1199 sk.prev_offset = sk_offset;
1200 hbin_store_tdr_resize(regf,
1201 (tdr_push_fn_t) tdr_push_sk_block,
1202 root.sk_offset, &sk);
1203
1204
1205 /* Store the nk. */
1206 hbin_store_tdr_resize(regf,
1207 (tdr_push_fn_t) tdr_push_sk_block,
1208 private_data->offset, private_data->nk);
1209 return WERR_OK;
1210 }
1211
1212 static WERROR regf_get_sec_desc(TALLOC_CTX *ctx, const struct hive_key *key,
1213 struct security_descriptor **sd)
1214 {
1215 const struct regf_key_data *private_data =
1216 (const struct regf_key_data *)key;
1217 struct sk_block sk;
1218 struct regf_data *regf = private_data->hive;
1219 DATA_BLOB data;
1220
1221 if (!hbin_get_tdr(regf, private_data->nk->sk_offset, ctx,
1222 (tdr_pull_fn_t) tdr_pull_sk_block, &sk)) {
1223 DEBUG(0, ("Unable to find security descriptor\n"));
1224 return WERR_GENERAL_FAILURE;
1225 }
1226
1227 if (strcmp(sk.header, "sk") != 0) {
1228 DEBUG(0, ("Expected 'sk', got '%s'\n", sk.header));
1229 return WERR_GENERAL_FAILURE;
1230 }
1231
1232 *sd = talloc(ctx, struct security_descriptor);
1233 W_ERROR_HAVE_NO_MEMORY(*sd);
1234
1235 data.data = sk.sec_desc;
1236 data.length = sk.rec_size;
1237 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_pull_struct_blob(&data, ctx, *sd,
1238 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor))) {
1239 DEBUG(0, ("Error parsing security descriptor\n"));
1240 return WERR_GENERAL_FAILURE;
1241 }
1242
1243 return WERR_OK;
1244 }
1245
1246 static WERROR regf_sl_add_entry(struct regf_data *regf, uint32_t list_offset,
1247 const char *name,
1248 uint32_t key_offset, uint32_t *ret)
1249 {
1250 DATA_BLOB data;
1251
1252 /* Create a new key if necessary */
1253 if (list_offset == -1) {
1254 if (regf->header->version.major != 1) {
1255 DEBUG(0, ("Can't store keys in unknown registry format\n"));
1256 return WERR_NOT_SUPPORTED;
1257 }
1258 if (regf->header->version.minor < 3) {
1259 /* Store LI */
1260 struct li_block li;
1261 ZERO_STRUCT(li);
1262 li.header = "li";
1263 li.key_count = 1;
1264
1265 li.nk_offset = talloc_array(regf, uint32_t, 1);
1266 W_ERROR_HAVE_NO_MEMORY(li.nk_offset);
1267 li.nk_offset[0] = key_offset;
1268
1269 *ret = hbin_store_tdr(regf,
1270 (tdr_push_fn_t) tdr_push_li_block,
1271 &li);
1272
1273 talloc_free(li.nk_offset);
1274 } else if (regf->header->version.minor == 3 ||
1275 regf->header->version.minor == 4) {
1276 /* Store LF */
1277 struct lf_block lf;
1278 ZERO_STRUCT(lf);
1279 lf.header = "lf";
1280 lf.key_count = 1;
1281
1282 lf.hr = talloc_array(regf, struct hash_record, 1);
1283 W_ERROR_HAVE_NO_MEMORY(lf.hr);
1284 lf.hr[0].nk_offset = key_offset;
1285 lf.hr[0].hash = talloc_strndup(lf.hr, name, 4);
1286 W_ERROR_HAVE_NO_MEMORY(lf.hr[0].hash);
1287
1288 *ret = hbin_store_tdr(regf,
1289 (tdr_push_fn_t) tdr_push_lf_block,
1290 &lf);
1291
1292 talloc_free(lf.hr);
1293 } else if (regf->header->version.minor == 5) {
1294 /* Store LH */
1295 struct lh_block lh;
1296 ZERO_STRUCT(lh);
1297 lh.header = "lh";
1298 lh.key_count = 1;
1299
1300 lh.hr = talloc_array(regf, struct lh_hash, 1);
1301 W_ERROR_HAVE_NO_MEMORY(lh.hr);
1302 lh.hr[0].nk_offset = key_offset;
1303 lh.hr[0].base37 = regf_create_lh_hash(name);
1304
1305 *ret = hbin_store_tdr(regf,
1306 (tdr_push_fn_t) tdr_push_lh_block,
1307 &lh);
1308
1309 talloc_free(lh.hr);
1310 }
1311 return WERR_OK;
1312 }
1313
1314 data = hbin_get(regf, list_offset);
1315 if (!data.data) {
1316 DEBUG(0, ("Unable to find subkey list\n"));
1317 return WERR_BADFILE;
1318 }
1319
1320 if (!strncmp((char *)data.data, "li", 2)) {
1321 struct tdr_pull *pull = tdr_pull_init(regf);
1322 struct li_block li;
1323 struct nk_block sub_nk;
1324 int32_t i, j;
1325
1326 pull->data = data;
1327
1328 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull, regf, &li))) {
1329 DEBUG(0, ("Error parsing LI list\n"));
1330 talloc_free(pull);
1331 return WERR_BADFILE;
1332 }
1333 talloc_free(pull);
1334
1335 if (strncmp(li.header, "li", 2) != 0) {
1336 abort();
1337 DEBUG(0, ("LI header corrupt\n"));
1338 return WERR_BADFILE;
1339 }
1340
1341 /*
1342 * Find the position to store the pointer
1343 * Extensive testing reveils that at least on windows 7 subkeys
1344 * *MUST* be stored in alphabetical order
1345 */
1346 for (i = 0; i < li.key_count; i++) {
1347 /* Get the nk */
1348 hbin_get_tdr(regf, li.nk_offset[i], regf,
1349 (tdr_pull_fn_t) tdr_pull_nk_block, &sub_nk);
1350 if (strcasecmp(name, sub_nk.key_name) < 0) {
1351 break;
1352 }
1353 }
1354
1355 li.nk_offset = talloc_realloc(regf, li.nk_offset,
1356 uint32_t, li.key_count+1);
1357 W_ERROR_HAVE_NO_MEMORY(li.nk_offset);
1358
1359 /* Move everything behind this offset */
1360 for (j = li.key_count - 1; j >= i; j--) {
1361 li.nk_offset[j+1] = li.nk_offset[j];
1362 }
1363
1364 li.nk_offset[i] = key_offset;
1365 li.key_count++;
1366 *ret = hbin_store_tdr_resize(regf,
1367 (tdr_push_fn_t)tdr_push_li_block,
1368 list_offset, &li);
1369
1370 talloc_free(li.nk_offset);
1371 } else if (!strncmp((char *)data.data, "lf", 2)) {
1372 struct tdr_pull *pull = tdr_pull_init(regf);
1373 struct lf_block lf;
1374 struct nk_block sub_nk;
1375 int32_t i, j;
1376
1377 pull->data = data;
1378
1379 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull, regf, &lf))) {
1380 DEBUG(0, ("Error parsing LF list\n"));
1381 talloc_free(pull);
1382 return WERR_BADFILE;
1383 }
1384 talloc_free(pull);
1385 SMB_ASSERT(!strncmp(lf.header, "lf", 2));
1386
1387 /*
1388 * Find the position to store the hash record
1389 * Extensive testing reveils that at least on windows 7 subkeys
1390 * *MUST* be stored in alphabetical order
1391 */
1392 for (i = 0; i < lf.key_count; i++) {
1393 /* Get the nk */
1394 hbin_get_tdr(regf, lf.hr[i].nk_offset, regf,
1395 (tdr_pull_fn_t) tdr_pull_nk_block, &sub_nk);
1396 if (strcasecmp(name, sub_nk.key_name) < 0) {
1397 break;
1398 }
1399 }
1400
1401 lf.hr = talloc_realloc(regf, lf.hr, struct hash_record,
1402 lf.key_count+1);
1403 W_ERROR_HAVE_NO_MEMORY(lf.hr);
1404
1405 /* Move everything behind this hash record */
1406 for (j = lf.key_count - 1; j >= i; j--) {
1407 lf.hr[j+1] = lf.hr[j];
1408 }
1409
1410 lf.hr[i].nk_offset = key_offset;
1411 lf.hr[i].hash = talloc_strndup(lf.hr, name, 4);
1412 W_ERROR_HAVE_NO_MEMORY(lf.hr[lf.key_count].hash);
1413 lf.key_count++;
1414 *ret = hbin_store_tdr_resize(regf,
1415 (tdr_push_fn_t)tdr_push_lf_block,
1416 list_offset, &lf);
1417
1418 talloc_free(lf.hr);
1419 } else if (!strncmp((char *)data.data, "lh", 2)) {
1420 struct tdr_pull *pull = tdr_pull_init(regf);
1421 struct lh_block lh;
1422 struct nk_block sub_nk;
1423 int32_t i, j;
1424
1425 pull->data = data;
1426
1427 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull, regf, &lh))) {
1428 DEBUG(0, ("Error parsing LH list\n"));
1429 talloc_free(pull);
1430 return WERR_BADFILE;
1431 }
1432 talloc_free(pull);
1433 SMB_ASSERT(!strncmp(lh.header, "lh", 2));
1434
1435 /*
1436 * Find the position to store the hash record
1437 * Extensive testing reveils that at least on windows 7 subkeys
1438 * *MUST* be stored in alphabetical order
1439 */
1440 for (i = 0; i < lh.key_count; i++) {
1441 /* Get the nk */
1442 hbin_get_tdr(regf, lh.hr[i].nk_offset, regf,
1443 (tdr_pull_fn_t) tdr_pull_nk_block, &sub_nk);
1444 if (strcasecmp(name, sub_nk.key_name) < 0) {
1445 break;
1446 }
1447 }
1448
1449 lh.hr = talloc_realloc(regf, lh.hr, struct lh_hash,
1450 lh.key_count+1);
1451 W_ERROR_HAVE_NO_MEMORY(lh.hr);
1452
1453 /* Move everything behind this hash record */
1454 for (j = lh.key_count - 1; j >= i; j--) {
1455 lh.hr[j+1] = lh.hr[j];
1456 }
1457
1458 lh.hr[i].nk_offset = key_offset;
1459 lh.hr[i].base37 = regf_create_lh_hash(name);
1460 lh.key_count++;
1461 *ret = hbin_store_tdr_resize(regf,
1462 (tdr_push_fn_t)tdr_push_lh_block,
1463 list_offset, &lh);
1464
1465 talloc_free(lh.hr);
1466 } else if (!strncmp((char *)data.data, "ri", 2)) {
1467 /* FIXME */
1468 DEBUG(0, ("Adding to 'ri' subkey list is not supported yet.\n"));
1469 return WERR_NOT_SUPPORTED;
1470 } else {
1471 DEBUG(0, ("Cannot add to unknown subkey list\n"));
1472 return WERR_BADFILE;
1473 }
1474
1475 return WERR_OK;
1476 }
1477
1478 static WERROR regf_sl_del_entry(struct regf_data *regf, uint32_t list_offset,
1479 uint32_t key_offset, uint32_t *ret)
1480 {
1481 DATA_BLOB data;
1482
1483 data = hbin_get(regf, list_offset);
1484 if (!data.data) {
1485 DEBUG(0, ("Unable to find subkey list\n"));
1486 return WERR_BADFILE;
1487 }
1488
1489 if (strncmp((char *)data.data, "li", 2) == 0) {
1490 struct li_block li;
1491 struct tdr_pull *pull = tdr_pull_init(regf);
1492 uint16_t i;
1493 bool found_offset = false;
1494
1495 DEBUG(10, ("Subkeys in LI list\n"));
1496
1497 pull->data = data;
1498
1499 if (NT_STATUS_IS_ERR(tdr_pull_li_block(pull, regf, &li))) {
1500 DEBUG(0, ("Error parsing LI list\n"));
1501 talloc_free(pull);
1502 return WERR_BADFILE;
1503 }
1504 talloc_free(pull);
1505
1506 SMB_ASSERT(!strncmp(li.header, "li", 2));
1507
1508 for (i = 0; i < li.key_count; i++) {
1509 if (found_offset) {
1510 li.nk_offset[i-1] = li.nk_offset[i];
1511 }
1512 if (li.nk_offset[i] == key_offset) {
1513 found_offset = true;
1514 continue;
1515 }
1516 }
1517 if (!found_offset) {
1518 DEBUG(2, ("Subkey not found\n"));
1519 return WERR_BADFILE;
1520 }
1521 li.key_count--;
1522
1523 /* If the there are no entries left, free the subkey list */
1524 if (li.key_count == 0) {
1525 hbin_free(regf, list_offset);
1526 *ret = -1;
1527 }
1528
1529 /* Store li block */
1530 *ret = hbin_store_tdr_resize(regf,
1531 (tdr_push_fn_t) tdr_push_li_block,
1532 list_offset, &li);
1533 } else if (strncmp((char *)data.data, "lf", 2) == 0) {
1534 struct lf_block lf;
1535 struct tdr_pull *pull = tdr_pull_init(regf);
1536 uint16_t i;
1537 bool found_offset = false;
1538
1539 DEBUG(10, ("Subkeys in LF list\n"));
1540
1541 pull->data = data;
1542
1543 if (NT_STATUS_IS_ERR(tdr_pull_lf_block(pull, regf, &lf))) {
1544 DEBUG(0, ("Error parsing LF list\n"));
1545 talloc_free(pull);
1546 return WERR_BADFILE;
1547 }
1548 talloc_free(pull);
1549
1550 SMB_ASSERT(!strncmp(lf.header, "lf", 2));
1551
1552 for (i = 0; i < lf.key_count; i++) {
1553 if (found_offset) {
1554 lf.hr[i-1] = lf.hr[i];
1555 continue;
1556 }
1557 if (lf.hr[i].nk_offset == key_offset) {
1558 found_offset = 1;
1559 continue;
1560 }
1561 }
1562 if (!found_offset) {
1563 DEBUG(2, ("Subkey not found\n"));
1564 return WERR_BADFILE;
1565 }
1566 lf.key_count--;
1567
1568 /* If the there are no entries left, free the subkey list */
1569 if (lf.key_count == 0) {
1570 hbin_free(regf, list_offset);
1571 *ret = -1;
1572 return WERR_OK;
1573 }
1574
1575 /* Store lf block */
1576 *ret = hbin_store_tdr_resize(regf,
1577 (tdr_push_fn_t) tdr_push_lf_block,
1578 list_offset, &lf);
1579 } else if (strncmp((char *)data.data, "lh", 2) == 0) {
1580 struct lh_block lh;
1581 struct tdr_pull *pull = tdr_pull_init(regf);
1582 uint16_t i;
1583 bool found_offset = false;
1584
1585 DEBUG(10, ("Subkeys in LH list\n"));
1586
1587 pull->data = data;
1588
1589 if (NT_STATUS_IS_ERR(tdr_pull_lh_block(pull, regf, &lh))) {
1590 DEBUG(0, ("Error parsing LF list\n"));
1591 talloc_free(pull);
1592 return WERR_BADFILE;
1593 }
1594 talloc_free(pull);
1595
1596 SMB_ASSERT(!strncmp(lh.header, "lh", 2));
1597
1598 for (i = 0; i < lh.key_count; i++) {
1599 if (found_offset) {
1600 lh.hr[i-1] = lh.hr[i];
1601 continue;
1602 }
1603 if (lh.hr[i].nk_offset == key_offset) {
1604 found_offset = 1;
1605 continue;
1606 }
1607 }
1608 if (!found_offset) {
1609 DEBUG(0, ("Subkey not found\n"));
1610 return WERR_BADFILE;
1611 }
1612 lh.key_count--;
1613
1614 /* If the there are no entries left, free the subkey list */
1615 if (lh.key_count == 0) {
1616 hbin_free(regf, list_offset);
1617 *ret = -1;
1618 return WERR_OK;
1619 }
1620
1621 /* Store lh block */
1622 *ret = hbin_store_tdr_resize(regf,
1623 (tdr_push_fn_t) tdr_push_lh_block,
1624 list_offset, &lh);
1625 } else if (strncmp((char *)data.data, "ri", 2) == 0) {
1626 /* FIXME */
1627 DEBUG(0, ("Sorry, deletion from ri block is not supported yet.\n"));
1628 return WERR_NOT_SUPPORTED;
1629 } else {
1630 DEBUG (0, ("Unknown header found in subkey list.\n"));
1631 return WERR_BADFILE;
1632 }
1633 return WERR_OK;
1634 }
1635
1636 static WERROR regf_del_value(TALLOC_CTX *mem_ctx, struct hive_key *key,
1637 const char *name)
1638 {
1639 struct regf_key_data *private_data = (struct regf_key_data *)key;
1640 struct regf_data *regf = private_data->hive;
1641 struct nk_block *nk = private_data->nk;
1642 struct vk_block vk;
1643 uint32_t vk_offset;
1644 bool found_offset = false;
1645 DATA_BLOB values;
1646 unsigned int i;
1647
1648 if (nk->values_offset == -1) {
1649 return WERR_BADFILE;
1650 }
1651
1652 values = hbin_get(regf, nk->values_offset);
1653
1654 for (i = 0; i < nk->num_values; i++) {
1655 if (found_offset) {
1656 ((uint32_t *)values.data)[i-1] = ((uint32_t *) values.data)[i];
1657 } else {
1658 vk_offset = IVAL(values.data, i * 4);
1659 if (!hbin_get_tdr(regf, vk_offset, private_data,
1660 (tdr_pull_fn_t)tdr_pull_vk_block,
1661 &vk)) {
1662 DEBUG(0, ("Unable to get VK block at %d\n",
1663 vk_offset));
1664 return WERR_BADFILE;
1665 }
1666 if (strcmp(vk.data_name, name) == 0) {
1667 hbin_free(regf, vk_offset);
1668 found_offset = true;
1669 }
1670 }
1671 }
1672 if (!found_offset) {
1673 return WERR_BADFILE;
1674 } else {
1675 nk->num_values--;
1676 values.length = (nk->num_values)*4;
1677 }
1678
1679 /* Store values list and nk */
1680 if (nk->num_values == 0) {
1681 hbin_free(regf, nk->values_offset);
1682 nk->values_offset = -1;
1683 } else {
1684 nk->values_offset = hbin_store_resize(regf,
1685 nk->values_offset,
1686 values);
1687 }
1688 hbin_store_tdr_resize(regf, (tdr_push_fn_t) tdr_push_nk_block,
1689 private_data->offset, nk);
1690
1691 return regf_save_hbin(private_data->hive, 0);
1692 }
1693
1694
1695 static WERROR regf_del_key(TALLOC_CTX *mem_ctx, const struct hive_key *parent,
1696 const char *name)
1697 {
1698 const struct regf_key_data *private_data =
1699 (const struct regf_key_data *)parent;
1700 struct regf_key_data *key;
1701 struct nk_block *parent_nk;
1702 WERROR error;
1703
1704 SMB_ASSERT(private_data);
1705
1706 parent_nk = private_data->nk;
1707
1708 if (parent_nk->subkeys_offset == -1) {
1709 DEBUG(4, ("Subkey list is empty, this key cannot contain subkeys.\n"));
1710 return WERR_BADFILE;
1711 }
1712
1713 /* Find the key */
1714 if (!W_ERROR_IS_OK(regf_get_subkey_by_name(parent_nk, parent, name,
1715 (struct hive_key **)&key))) {
1716 DEBUG(2, ("Key '%s' not found\n", name));
1717 return WERR_BADFILE;
1718 }
1719
1720 if (key->nk->subkeys_offset != -1) {
1721 char *sk_name;
1722 struct hive_key *sk = (struct hive_key *)key;
1723 unsigned int i = key->nk->num_subkeys;
1724 while (i--) {
1725 /* Get subkey information. */
1726 error = regf_get_subkey_by_index(parent_nk, sk, 0,
1727 (const char **)&sk_name,
1728 NULL, NULL);
1729 if (!W_ERROR_IS_OK(error)) {
1730 DEBUG(0, ("Can't retrieve subkey by index.\n"));
1731 return error;
1732 }
1733
1734 /* Delete subkey. */
1735 error = regf_del_key(NULL, sk, sk_name);
1736 if (!W_ERROR_IS_OK(error)) {
1737 DEBUG(0, ("Can't delete key '%s'.\n", sk_name));
1738 return error;
1739 }
1740
1741 talloc_free(sk_name);
1742 }
1743 }
1744
1745 if (key->nk->values_offset != -1) {
1746 char *val_name;
1747 struct hive_key *sk = (struct hive_key *)key;
1748 DATA_BLOB data;
1749 unsigned int i = key->nk->num_values;
1750 while (i--) {
1751 /* Get value information. */
1752 error = regf_get_value(parent_nk, sk, 0,
1753 (const char **)&val_name,
1754 NULL, &data);
1755 if (!W_ERROR_IS_OK(error)) {
1756 DEBUG(0, ("Can't retrieve value by index.\n"));
1757 return error;
1758 }
1759
1760 /* Delete value. */
1761 error = regf_del_value(NULL, sk, val_name);
1762 if (!W_ERROR_IS_OK(error)) {
1763 DEBUG(0, ("Can't delete value '%s'.\n", val_name));
1764 return error;
1765 }
1766
1767 talloc_free(val_name);
1768 }
1769 }
1770
1771 /* Delete it from the subkey list. */
1772 error = regf_sl_del_entry(private_data->hive, parent_nk->subkeys_offset,
1773 key->offset, &parent_nk->subkeys_offset);
1774 if (!W_ERROR_IS_OK(error)) {
1775 DEBUG(0, ("Can't store new subkey list for parent key. Won't delete.\n"));
1776 return error;
1777 }
1778
1779 /* Re-store parent key */
1780 parent_nk->num_subkeys--;
1781 hbin_store_tdr_resize(private_data->hive,
1782 (tdr_push_fn_t) tdr_push_nk_block,
1783 private_data->offset, parent_nk);
1784
1785 if (key->nk->clsname_offset != -1) {
1786 hbin_free(private_data->hive, key->nk->clsname_offset);
1787 }
1788 hbin_free(private_data->hive, key->offset);
1789
1790 return regf_save_hbin(private_data->hive, 0);
1791 }
1792
1793 static WERROR regf_add_key(TALLOC_CTX *ctx, const struct hive_key *parent,
1794 const char *name, const char *classname,
1795 struct security_descriptor *sec_desc,
1796 struct hive_key **ret)
1797 {
1798 const struct regf_key_data *private_data =
1799 (const struct regf_key_data *)parent;
1800 struct nk_block *parent_nk = private_data->nk, nk;
1801 struct nk_block *root;
1802 struct regf_data *regf = private_data->hive;
1803 uint32_t offset;
1804 WERROR error;
1805
1806 nk.header = "nk";
1807 nk.type = REG_SUB_KEY;
1808 unix_to_nt_time(&nk.last_change, time(NULL));
1809 nk.uk1 = 0;
1810 nk.parent_offset = private_data->offset;
1811 nk.num_subkeys = 0;
1812 nk.uk2 = 0;
1813 nk.subkeys_offset = -1;
1814 nk.unknown_offset = -1;
1815 nk.num_values = 0;
1816 nk.values_offset = -1;
1817 memset(nk.unk3, 0, sizeof(nk.unk3));
1818 nk.clsname_offset = -1; /* FIXME: fill in */
1819 nk.clsname_length = 0;
1820 nk.key_name = name;
1821
1822 /* Get the security descriptor of the root key */
1823 root = talloc_zero(ctx, struct nk_block);
1824 W_ERROR_HAVE_NO_MEMORY(root);
1825
1826 if (!hbin_get_tdr(regf, regf->header->data_offset, root,
1827 (tdr_pull_fn_t)tdr_pull_nk_block, root)) {
1828 DEBUG(0, ("Unable to find HBIN data for offset 0x%x\n",
1829 regf->header->data_offset));
1830 return WERR_GENERAL_FAILURE;
1831 }
1832 nk.sk_offset = root->sk_offset;
1833 talloc_free(root);
1834
1835 /* Store the new nk key */
1836 offset = hbin_store_tdr(regf, (tdr_push_fn_t) tdr_push_nk_block, &nk);
1837
1838 error = regf_sl_add_entry(regf, parent_nk->subkeys_offset, name, offset,
1839 &parent_nk->subkeys_offset);
1840 if (!W_ERROR_IS_OK(error)) {
1841 hbin_free(regf, offset);
1842 return error;
1843 }
1844
1845 parent_nk->num_subkeys++;
1846
1847 /* Since the subkey offset of the parent can change, store it again */
1848 hbin_store_tdr_resize(regf, (tdr_push_fn_t) tdr_push_nk_block,
1849 nk.parent_offset, parent_nk);
1850
1851 *ret = (struct hive_key *)regf_get_key(ctx, regf, offset);
1852
1853 DEBUG(9, ("Storing key %s\n", name));
1854 return regf_save_hbin(private_data->hive, 0);
1855 }
1856
1857 static WERROR regf_set_value(struct hive_key *key, const char *name,
1858 uint32_t type, const DATA_BLOB data)
1859 {
1860 struct regf_key_data *private_data = (struct regf_key_data *)key;
1861 struct regf_data *regf = private_data->hive;
1862 struct nk_block *nk = private_data->nk;
1863 struct vk_block vk;
1864 uint32_t i;
1865 uint32_t tmp_vk_offset, vk_offset, old_vk_offset = (uint32_t) -1;
1866 DATA_BLOB values;
1867
1868 ZERO_STRUCT(vk);
1869
1870 /* find the value offset, if it exists */
1871 if (nk->values_offset != -1) {
1872 values = hbin_get(regf, nk->values_offset);
1873
1874 for (i = 0; i < nk->num_values; i++) {
1875 tmp_vk_offset = IVAL(values.data, i * 4);
1876 if (!hbin_get_tdr(regf, tmp_vk_offset, private_data,
1877 (tdr_pull_fn_t)tdr_pull_vk_block,
1878 &vk)) {
1879 DEBUG(0, ("Unable to get VK block at 0x%x\n",
1880 tmp_vk_offset));
1881 return WERR_GENERAL_FAILURE;
1882 }
1883 if (strcmp(vk.data_name, name) == 0) {
1884 old_vk_offset = tmp_vk_offset;
1885 break;
1886 }
1887 }
1888 }
1889
1890 /* If it's new, create the vk struct, if it's old, free the old data. */
1891 if (old_vk_offset == -1) {
1892 vk.header = "vk";
1893 vk.name_length = strlen(name);
1894 if (name != NULL && name[0] != 0) {
1895 vk.flag = 1;
1896 vk.data_name = name;
1897 } else {
1898 vk.data_name = NULL;
1899 vk.flag = 0;
1900 }
1901 } else {
1902 /* Free data, if any */
1903 if (!(vk.data_length & 0x80000000)) {
1904 hbin_free(regf, vk.data_offset);
1905 }
1906 }
1907
1908 /* Set the type and data */
1909 vk.data_length = data.length;
1910 vk.data_type = type;
1911 if ((type == REG_DWORD) || (type == REG_DWORD_BIG_ENDIAN)) {
1912 if (vk.data_length != sizeof(uint32_t)) {
1913 DEBUG(0, ("DWORD or DWORD_BIG_ENDIAN value with size other than 4 byte!\n"));
1914 return WERR_NOT_SUPPORTED;
1915 }
1916 vk.data_length |= 0x80000000;
1917 vk.data_offset = IVAL(data.data, 0);
1918 } else {
1919 /* Store data somewhere */
1920 vk.data_offset = hbin_store(regf, data);
1921 }
1922 if (old_vk_offset == -1) {
1923 /* Store new vk */
1924 vk_offset = hbin_store_tdr(regf,
1925 (tdr_push_fn_t) tdr_push_vk_block,
1926 &vk);
1927 } else {
1928 /* Store vk at offset */
1929 vk_offset = hbin_store_tdr_resize(regf,
1930 (tdr_push_fn_t) tdr_push_vk_block,
1931 old_vk_offset ,&vk);
1932 }
1933
1934 /* Re-allocate the value list */
1935 if (nk->values_offset == -1) {
1936 nk->values_offset = hbin_store_tdr(regf,
1937 (tdr_push_fn_t) tdr_push_uint32,
1938 &vk_offset);
1939 nk->num_values = 1;
1940 } else {
1941
1942 /* Change if we're changing, otherwise we're adding the value */
1943 if (old_vk_offset != -1) {
1944 /* Find and overwrite the offset. */
1945 for (i = 0; i < nk->num_values; i++) {
1946 if (IVAL(values.data, i * 4) == old_vk_offset) {
1947 SIVAL(values.data, i * 4, vk_offset);
1948 break;
1949 }
1950 }
1951 } else {
1952 /* Create a new value list */
1953 DATA_BLOB value_list;
1954
1955 value_list.length = (nk->num_values+1)*4;
1956 value_list.data = (uint8_t *)talloc_array(private_data,
1957 uint32_t,
1958 nk->num_values+1);
1959 W_ERROR_HAVE_NO_MEMORY(value_list.data);
1960 memcpy(value_list.data, values.data, nk->num_values * 4);
1961
1962 SIVAL(value_list.data, nk->num_values * 4, vk_offset);
1963 nk->num_values++;
1964 nk->values_offset = hbin_store_resize(regf,
1965 nk->values_offset,
1966 value_list);
1967 }
1968
1969 }
1970 hbin_store_tdr_resize(regf,
1971 (tdr_push_fn_t) tdr_push_nk_block,
1972 private_data->offset, nk);
1973 return regf_save_hbin(private_data->hive, 0);
1974 }
1975
1976 static WERROR regf_save_hbin(struct regf_data *regf, bool flush)
1977 {
1978 struct tdr_push *push = tdr_push_init(regf);
1979 unsigned int i;
1980
1981 W_ERROR_HAVE_NO_MEMORY(push);
1982
1983 /* Only write once every 5 seconds, or when flush is set */
1984 if (!flush && regf->last_write + 5 >= time(NULL)) {
1985 return WERR_OK;
1986 }
1987
1988 regf->last_write = time(NULL);
1989
1990 if (lseek(regf->fd, 0, SEEK_SET) == -1) {
1991 DEBUG(0, ("Error lseeking in regf file\n"));
1992 return WERR_GENERAL_FAILURE;
1993 }
1994
1995 /* Recompute checksum */
1996 if (NT_STATUS_IS_ERR(tdr_push_regf_hdr(push, regf->header))) {
1997 DEBUG(0, ("Failed to push regf header\n"));
1998 return WERR_GENERAL_FAILURE;
1999 }
2000 regf->header->chksum = regf_hdr_checksum(push->data.data);
2001 talloc_free(push);
2002
2003 if (NT_STATUS_IS_ERR(tdr_push_to_fd(regf->fd,
2004 (tdr_push_fn_t)tdr_push_regf_hdr,
2005 regf->header))) {
2006 DEBUG(0, ("Error writing registry file header\n"));
2007 return WERR_GENERAL_FAILURE;
2008 }
2009
2010 if (lseek(regf->fd, 0x1000, SEEK_SET) == -1) {
2011 DEBUG(0, ("Error lseeking to 0x1000 in regf file\n"));
2012 return WERR_GENERAL_FAILURE;
2013 }
2014
2015 for (i = 0; regf->hbins[i]; i++) {
2016 if (NT_STATUS_IS_ERR(tdr_push_to_fd(regf->fd,
2017 (tdr_push_fn_t)tdr_push_hbin_block,
2018 regf->hbins[i]))) {
2019 DEBUG(0, ("Error writing HBIN block\n"));
2020 return WERR_GENERAL_FAILURE;
2021 }
2022 }
2023
2024 return WERR_OK;
2025 }
2026
2027 WERROR reg_create_regf_file(TALLOC_CTX *parent_ctx,
2028 const char *location,
2029 int minor_version, struct hive_key **key)
2030 {
2031 struct regf_data *regf;
2032 struct regf_hdr *regf_hdr;
2033 struct nk_block nk;
2034 struct sk_block sk;
2035 WERROR error;
2036 DATA_BLOB data;
2037 struct security_descriptor *sd;
2038 uint32_t sk_offset;
2039
2040 regf = (struct regf_data *)talloc_zero(NULL, struct regf_data);
2041
2042 W_ERROR_HAVE_NO_MEMORY(regf);
2043
2044 DEBUG(5, ("Attempting to create registry file\n"));
2045
2046 /* Get the header */
2047 regf->fd = creat(location, 0644);
2048
2049 if (regf->fd == -1) {
2050 DEBUG(0,("Could not create file: %s, %s\n", location,
2051 strerror(errno)));
2052 talloc_free(regf);
2053 return WERR_GENERAL_FAILURE;
2054 }
2055
2056 regf_hdr = talloc_zero(regf, struct regf_hdr);
2057 W_ERROR_HAVE_NO_MEMORY(regf_hdr);
2058 regf_hdr->REGF_ID = "regf";
2059 unix_to_nt_time(&regf_hdr->modtime, time(NULL));
2060 regf_hdr->version.major = 1;
2061 regf_hdr->version.minor = minor_version;
2062 regf_hdr->last_block = 0x1000; /* Block size */
2063 regf_hdr->description = talloc_strdup(regf_hdr,
2064 "Registry created by Samba 4");
2065 W_ERROR_HAVE_NO_MEMORY(regf_hdr->description);
2066 regf_hdr->chksum = 0;
2067
2068 regf->header = regf_hdr;
2069
2070 /* Create all hbin blocks */
2071 regf->hbins = talloc_array(regf, struct hbin_block *, 1);
2072 W_ERROR_HAVE_NO_MEMORY(regf->hbins);
2073 regf->hbins[0] = NULL;
2074
2075 nk.header = "nk";
2076 nk.type = REG_ROOT_KEY;
2077 unix_to_nt_time(&nk.last_change, time(NULL));
2078 nk.uk1 = 0;
2079 nk.parent_offset = -1;
2080 nk.num_subkeys = 0;
2081 nk.uk2 = 0;
2082 nk.subkeys_offset = -1;
2083 nk.unknown_offset = -1;
2084 nk.num_values = 0;
2085 nk.values_offset = -1;
2086 memset(nk.unk3, 0, 5);
2087 nk.clsname_offset = -1;
2088 nk.clsname_length = 0;
2089 nk.sk_offset = 0x80;
2090 nk.key_name = "SambaRootKey";
2091
2092 /*
2093 * It should be noted that changing the key_name to something shorter
2094 * creates a shorter nk block, which makes the position of the sk block
2095 * change. All Windows registries I've seen have the sk at 0x80.
2096 * I therefore recommend that our regf files share that offset -- Wilco
2097 */
2098
2099 /* Create a security descriptor. */
2100 sd = security_descriptor_dacl_create(regf,
2101 0,
2102 NULL, NULL,
2103 SID_NT_AUTHENTICATED_USERS,
2104 SEC_ACE_TYPE_ACCESS_ALLOWED,
2105 SEC_GENERIC_ALL,
2106 SEC_ACE_FLAG_OBJECT_INHERIT,
2107 NULL);
2108
2109 /* Push the security descriptor to a blob */
2110 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_push_struct_blob(&data, regf,
2111 sd, (ndr_push_flags_fn_t)ndr_push_security_descriptor))) {
2112 DEBUG(0, ("Unable to push security descriptor\n"));
2113 return WERR_GENERAL_FAILURE;
2114 }
2115
2116 ZERO_STRUCT(sk);
2117 sk.header = "sk";
2118 sk.prev_offset = 0x80;
2119 sk.next_offset = 0x80;
2120 sk.ref_cnt = 1;
2121 sk.rec_size = data.length;
2122 sk.sec_desc = data.data;
2123
2124 /* Store the new nk key */
2125 regf->header->data_offset = hbin_store_tdr(regf,
2126 (tdr_push_fn_t)tdr_push_nk_block,
2127 &nk);
2128 /* Store the sk block */
2129 sk_offset = hbin_store_tdr(regf,
2130 (tdr_push_fn_t) tdr_push_sk_block,
2131 &sk);
2132 if (sk_offset != 0x80) {
2133 DEBUG(0, ("Error storing sk block, should be at 0x80, stored at 0x%x\n", nk.sk_offset));
2134 return WERR_GENERAL_FAILURE;
2135 }
2136
2137
2138 *key = (struct hive_key *)regf_get_key(parent_ctx, regf,
2139 regf->header->data_offset);
2140
2141 error = regf_save_hbin(regf, 1);
2142 if (!W_ERROR_IS_OK(error)) {
2143 return error;
2144 }
2145
2146 /* We can drop our own reference now that *key will have created one */
2147 talloc_unlink(NULL, regf);
2148
2149 return WERR_OK;
2150 }
2151
2152 static WERROR regf_flush_key(struct hive_key *key)
2153 {
2154 struct regf_key_data *private_data = (struct regf_key_data *)key;
2155 struct regf_data *regf = private_data->hive;
2156 WERROR error;
2157
2158 error = regf_save_hbin(regf, 1);
2159 if (!W_ERROR_IS_OK(error)) {
2160 DEBUG(0, ("Failed to flush regf to disk\n"));
2161 return error;
2162 }
2163
2164 return WERR_OK;
2165 }
2166
2167 static int regf_destruct(struct regf_data *regf)
2168 {
2169 WERROR error;
2170
2171 /* Write to disk */
2172 error = regf_save_hbin(regf, 1);
2173 if (!W_ERROR_IS_OK(error)) {
2174 DEBUG(0, ("Failed to flush registry to disk\n"));
2175 return -1;
2176 }
2177
2178 /* Close file descriptor */
2179 close(regf->fd);
2180
2181 return 0;
2182 }
2183
2184 WERROR reg_open_regf_file(TALLOC_CTX *parent_ctx, const char *location,
2185 struct hive_key **key)
2186 {
2187 struct regf_data *regf;
2188 struct regf_hdr *regf_hdr;
2189 struct tdr_pull *pull;
2190 unsigned int i;
2191
2192 regf = (struct regf_data *)talloc_zero(parent_ctx, struct regf_data);
2193 W_ERROR_HAVE_NO_MEMORY(regf);
2194
2195 talloc_set_destructor(regf, regf_destruct);
2196
2197 DEBUG(5, ("Attempting to load registry file\n"));
2198
2199 /* Get the header */
2200 regf->fd = open(location, O_RDWR);
2201
2202 if (regf->fd == -1) {
2203 DEBUG(0,("Could not load file: %s, %s\n", location,
2204 strerror(errno)));
2205 talloc_free(regf);
2206 return WERR_GENERAL_FAILURE;
2207 }
2208
2209 pull = tdr_pull_init(regf);
2210
2211 pull->data.data = (uint8_t*)fd_load(regf->fd, &pull->data.length, 0, regf);
2212
2213 if (pull->data.data == NULL) {
2214 DEBUG(0, ("Error reading data from file: %s\n", location));
2215 talloc_free(regf);
2216 return WERR_GENERAL_FAILURE;
2217 }
2218
2219 regf_hdr = talloc(regf, struct regf_hdr);
2220 W_ERROR_HAVE_NO_MEMORY(regf_hdr);
2221
2222 if (NT_STATUS_IS_ERR(tdr_pull_regf_hdr(pull, regf_hdr, regf_hdr))) {
2223 DEBUG(0, ("Failed to pull regf header from file: %s\n", location));
2224 talloc_free(regf);
2225 return WERR_GENERAL_FAILURE;
2226 }
2227
2228 regf->header = regf_hdr;
2229
2230 if (strcmp(regf_hdr->REGF_ID, "regf") != 0) {
2231 DEBUG(0, ("Unrecognized NT registry header id: %s, %s\n",
2232 regf_hdr->REGF_ID, location));
2233 talloc_free(regf);
2234 return WERR_GENERAL_FAILURE;
2235 }
2236
2237 /* Validate the header ... */
2238 if (regf_hdr_checksum(pull->data.data) != regf_hdr->chksum) {
2239 DEBUG(0, ("Registry file checksum error: %s: %d,%d\n",
2240 location, regf_hdr->chksum,
2241 regf_hdr_checksum(pull->data.data)));
2242 talloc_free(regf);
2243 return WERR_GENERAL_FAILURE;
2244 }
2245
2246 pull->offset = 0x1000;
2247
2248 i = 0;
2249 /* Read in all hbin blocks */
2250 regf->hbins = talloc_array(regf, struct hbin_block *, 1);
2251 W_ERROR_HAVE_NO_MEMORY(regf->hbins);
2252
2253 regf->hbins[0] = NULL;
2254
2255 while (pull->offset < pull->data.length &&
2256 pull->offset <= regf->header->last_block) {
2257 struct hbin_block *hbin = talloc(regf->hbins,
2258 struct hbin_block);
2259
2260 W_ERROR_HAVE_NO_MEMORY(hbin);
2261
2262 if (NT_STATUS_IS_ERR(tdr_pull_hbin_block(pull, hbin, hbin))) {
2263 DEBUG(0, ("[%d] Error parsing HBIN block\n", i));
2264 talloc_free(regf);
2265 return WERR_FOOBAR;
2266 }
2267
2268 if (strcmp(hbin->HBIN_ID, "hbin") != 0) {
2269 DEBUG(0, ("[%d] Expected 'hbin', got '%s'\n",
2270 i, hbin->HBIN_ID));
2271 talloc_free(regf);
2272 return WERR_FOOBAR;
2273 }
2274
2275 regf->hbins[i] = hbin;
2276 i++;
2277 regf->hbins = talloc_realloc(regf, regf->hbins,
2278 struct hbin_block *, i+2);
2279 regf->hbins[i] = NULL;
2280 }
2281
2282 talloc_free(pull);
2283
2284 DEBUG(1, ("%d HBIN blocks read\n", i));
2285
2286 *key = (struct hive_key *)regf_get_key(parent_ctx, regf,
2287 regf->header->data_offset);
2288
2289 /* We can drop our own reference now that *key will have created one */
2290 talloc_unlink(parent_ctx, regf);
2291
2292 return WERR_OK;
2293 }
2294
2295 static struct hive_operations reg_backend_regf = {
2296 .name = "regf",
2297 .get_key_info = regf_get_info,
2298 .enum_key = regf_get_subkey_by_index,
2299 .get_key_by_name = regf_get_subkey_by_name,
2300 .get_value_by_name = regf_get_value_by_name,
2301 .enum_value = regf_get_value,
2302 .get_sec_desc = regf_get_sec_desc,
2303 .set_sec_desc = regf_set_sec_desc,
2304 .add_key = regf_add_key,
2305 .set_value = regf_set_value,
2306 .del_key = regf_del_key,
2307 .delete_value = regf_del_value,
2308 .flush_key = regf_flush_key
2309 };
reg import