From d140d68537225b6a6a99be3d9b09354e3f6ad8c9 Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Tue, 6 Nov 2007 00:50:47 +0100 Subject: [PATCH] When deleting a key from the registry make sure the non-default security descriptor gets deleted as well. Guenther --- source/registry/reg_api.c | 11 +++++++---- source/registry/reg_db.c | 15 +++++++++++++++ source/registry/reg_frontend.c | 10 ---------- source/registry/reg_frontend_hilvl.c | 10 ++++++++++ 4 files changed, 32 insertions(+), 14 deletions(-) diff --git a/source/registry/reg_api.c b/source/registry/reg_api.c index 17a0efe0078..b3d024d7b4f 100644 --- a/source/registry/reg_api.c +++ b/source/registry/reg_api.c @@ -498,7 +498,7 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path) TALLOC_CTX *mem_ctx; char *name, *end; int num_subkeys; - struct registry_key *tmp_key; + struct registry_key *tmp_key, *key; if (!(mem_ctx = talloc_init("reg_createkey"))) return WERR_NOMEM; @@ -508,14 +508,14 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path) } /* check if the key has subkeys */ - err = reg_openkey(mem_ctx, parent, name, REG_KEY_READ, &tmp_key); + err = reg_openkey(mem_ctx, parent, name, REG_KEY_READ, &key); if (!W_ERROR_IS_OK(err)) { goto error; } - if (!W_ERROR_IS_OK(err = fill_subkey_cache(tmp_key))) { + if (!W_ERROR_IS_OK(err = fill_subkey_cache(key))) { goto error; } - if (tmp_key->subkeys->num_subkeys > 0) { + if (key->subkeys->num_subkeys > 0) { err = WERR_ACCESS_DENIED; goto error; } @@ -556,7 +556,10 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path) goto error; } + regkey_set_secdesc(key->key, NULL); + err = WERR_OK; + error: TALLOC_FREE(mem_ctx); return err; diff --git a/source/registry/reg_db.c b/source/registry/reg_db.c index 8dd61fcdffb..4947b2ad523 100644 --- a/source/registry/reg_db.c +++ b/source/registry/reg_db.c @@ -788,6 +788,21 @@ static WERROR regdb_set_secdesc(const char *key, } normalize_dbkey(tdbkey); + if (secdesc == NULL) { + /* assuming a delete */ + int tdb_ret; + + tdb_ret = tdb_trans_delete(tdb_reg->tdb, + string_term_tdb_data(tdbkey)); + if (tdb_ret == -1) { + err = ntstatus_to_werror(map_nt_error_from_unix(errno)); + } else { + err = WERR_OK; + } + + goto done; + } + err = ntstatus_to_werror(marshall_sec_desc(mem_ctx, secdesc, &tdbdata.dptr, &tdbdata.dsize)); diff --git a/source/registry/reg_frontend.c b/source/registry/reg_frontend.c index 00972390bdf..577df1c3d4e 100644 --- a/source/registry/reg_frontend.c +++ b/source/registry/reg_frontend.c @@ -101,16 +101,6 @@ WERROR regkey_open_internal( TALLOC_CTX *ctx, REGISTRY_KEY **regkey, return WERR_OK; } -WERROR regkey_set_secdesc(REGISTRY_KEY *key, - struct security_descriptor *psecdesc) -{ - if (key->hook && key->hook->ops && key->hook->ops->set_secdesc) { - return key->hook->ops->set_secdesc(key->name, psecdesc); - } - - return WERR_ACCESS_DENIED; -} - /* * Utility function to create a registry key without opening the hive * before. Assumes the hive already exists. diff --git a/source/registry/reg_frontend_hilvl.c b/source/registry/reg_frontend_hilvl.c index 08429c6dfe3..a4b78b24c0e 100644 --- a/source/registry/reg_frontend_hilvl.c +++ b/source/registry/reg_frontend_hilvl.c @@ -204,3 +204,13 @@ WERROR regkey_get_secdesc(TALLOC_CTX *mem_ctx, REGISTRY_KEY *key, *psecdesc = secdesc; return WERR_OK; } + +WERROR regkey_set_secdesc(REGISTRY_KEY *key, + struct security_descriptor *psecdesc) +{ + if (key->hook && key->hook->ops && key->hook->ops->set_secdesc) { + return key->hook->ops->set_secdesc(key->name, psecdesc); + } + + return WERR_ACCESS_DENIED; +} -- 2.11.4.GIT