summaryrefslogtreecommitdiffstats
path: root/source/rpc_server/srv_reg_nt.c
diff options
context:
space:
mode:
Diffstat (limited to 'source/rpc_server/srv_reg_nt.c')
-rw-r--r--source/rpc_server/srv_reg_nt.c205
1 files changed, 63 insertions, 142 deletions
diff --git a/source/rpc_server/srv_reg_nt.c b/source/rpc_server/srv_reg_nt.c
index f031a3213f2..c11e0d59a05 100644
--- a/source/rpc_server/srv_reg_nt.c
+++ b/source/rpc_server/srv_reg_nt.c
@@ -5,7 +5,7 @@
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997.
* Copyright (C) Paul Ashton 1997.
* Copyright (C) Jeremy Allison 2001.
- * Copyright (C) Gerald Carter 2002-2005.
+ * Copyright (C) Gerald Carter 2002.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -291,7 +291,7 @@ WERROR _reg_close(pipes_struct *p, REG_Q_CLOSE *q_u, REG_R_CLOSE *r_u)
/*******************************************************************
********************************************************************/
-WERROR _reg_open_hklm(pipes_struct *p, REG_Q_OPEN_HIVE *q_u, REG_R_OPEN_HIVE *r_u)
+WERROR _reg_open_hklm(pipes_struct *p, REG_Q_OPEN_HKLM *q_u, REG_R_OPEN_HKLM *r_u)
{
return open_registry_key( p, &r_u->pol, NULL, KEY_HKLM, 0x0 );
}
@@ -299,7 +299,7 @@ WERROR _reg_open_hklm(pipes_struct *p, REG_Q_OPEN_HIVE *q_u, REG_R_OPEN_HIVE *r_
/*******************************************************************
********************************************************************/
-WERROR _reg_open_hkcr(pipes_struct *p, REG_Q_OPEN_HIVE *q_u, REG_R_OPEN_HIVE *r_u)
+WERROR _reg_open_hkcr(pipes_struct *p, REG_Q_OPEN_HKCR *q_u, REG_R_OPEN_HKCR *r_u)
{
return open_registry_key( p, &r_u->pol, NULL, KEY_HKCR, 0x0 );
}
@@ -307,7 +307,7 @@ WERROR _reg_open_hkcr(pipes_struct *p, REG_Q_OPEN_HIVE *q_u, REG_R_OPEN_HIVE *r_
/*******************************************************************
********************************************************************/
-WERROR _reg_open_hku(pipes_struct *p, REG_Q_OPEN_HIVE *q_u, REG_R_OPEN_HIVE *r_u)
+WERROR _reg_open_hku(pipes_struct *p, REG_Q_OPEN_HKU *q_u, REG_R_OPEN_HKU *r_u)
{
return open_registry_key( p, &r_u->pol, NULL, KEY_HKU, 0x0 );
}
@@ -328,7 +328,7 @@ WERROR _reg_open_entry(pipes_struct *p, REG_Q_OPEN_ENTRY *q_u, REG_R_OPEN_ENTRY
if ( !key )
return WERR_BADFID; /* This will be reported as an RPC fault anyway. */
- rpcstr_pull( name, q_u->name.string->buffer, sizeof(name), q_u->name.string->uni_str_len*2, 0 );
+ rpcstr_pull(name,q_u->uni_name.buffer,sizeof(name),q_u->uni_name.uni_str_len*2,0);
result = open_registry_key( p, &pol, key, name, 0x0 );
@@ -362,7 +362,7 @@ WERROR _reg_info(pipes_struct *p, REG_Q_INFO *q_u, REG_R_INFO *r_u)
DEBUG(7,("_reg_info: policy key name = [%s]\n", regkey->name));
- rpcstr_pull(name, q_u->name.string->buffer, sizeof(name), q_u->name.string->uni_str_len*2, 0);
+ rpcstr_pull(name, q_u->uni_type.buffer, sizeof(name), q_u->uni_type.uni_str_len*2, 0);
DEBUG(5,("reg_info: looking up value: [%s]\n", name));
@@ -439,7 +439,7 @@ WERROR _reg_info(pipes_struct *p, REG_Q_INFO *q_u, REG_R_INFO *r_u)
out:
- init_reg_r_info(q_u->ptr_buf, r_u, val, status);
+ new_init_reg_r_info(q_u->ptr_buf, r_u, val, status);
regval_ctr_destroy( &regvals );
free_registry_value( val );
@@ -485,22 +485,22 @@ WERROR _reg_query_key(pipes_struct *p, REG_Q_QUERY_KEY *q_u, REG_R_QUERY_KEY *r_
/*****************************************************************************
- Implementation of REG_GETVERSION
+ Implementation of REG_UNKNOWN_1A
****************************************************************************/
-WERROR _reg_getversion(pipes_struct *p, REG_Q_GETVERSION *q_u, REG_R_GETVERSION *r_u)
+WERROR _reg_unknown_1a(pipes_struct *p, REG_Q_UNKNOWN_1A *q_u, REG_R_UNKNOWN_1A *r_u)
{
WERROR status = WERR_OK;
REGISTRY_KEY *regkey = find_regkey_index_by_hnd( p, &q_u->pol );
- DEBUG(5,("_reg_getversion: Enter\n"));
+ DEBUG(5,("_reg_unknown_1a: Enter\n"));
if ( !regkey )
return WERR_BADFID; /* This will be reported as an RPC fault anyway. */
r_u->unknown = 0x00000005; /* seems to be consistent...no idea what it means */
- DEBUG(5,("_reg_getversion: Exit\n"));
+ DEBUG(5,("_reg_unknown_1a: Exit\n"));
return status;
}
@@ -561,7 +561,8 @@ WERROR _reg_enum_value(pipes_struct *p, REG_Q_ENUM_VALUE *q_u, REG_R_ENUM_VALUE
DEBUG(8,("_reg_enum_key: enumerating values for key [%s]\n", regkey->name));
- if ( !fetch_reg_values_specific( regkey, &val, q_u->val_index ) ) {
+ if ( !fetch_reg_values_specific( regkey, &val, q_u->val_index ) )
+ {
status = WERR_NO_MORE_ITEMS;
goto done;
}
@@ -586,190 +587,110 @@ done:
reg_shutdwon
********************************************************************/
-WERROR _reg_shutdown(pipes_struct *p, REG_Q_SHUTDOWN *q_u, REG_R_SHUTDOWN *r_u)
-{
- REG_Q_SHUTDOWN_EX q_u_ex;
- REG_R_SHUTDOWN_EX r_u_ex;
-
- /* copy fields (including stealing memory) */
-
- q_u_ex.server = q_u->server;
- q_u_ex.message = q_u->message;
- q_u_ex.timeout = q_u->timeout;
- q_u_ex.force = q_u->force;
- q_u_ex.reboot = q_u->reboot;
- q_u_ex.reason = 0x0; /* don't care for now */
-
- /* thunk down to _reg_shutdown_ex() (just returns a status) */
-
- return _reg_shutdown_ex( p, &q_u_ex, &r_u_ex );
-}
-
-/*******************************************************************
- reg_shutdown_ex
- ********************************************************************/
-
#define SHUTDOWN_R_STRING "-r"
#define SHUTDOWN_F_STRING "-f"
-WERROR _reg_shutdown_ex(pipes_struct *p, REG_Q_SHUTDOWN_EX *q_u, REG_R_SHUTDOWN_EX *r_u)
+WERROR _reg_shutdown(pipes_struct *p, REG_Q_SHUTDOWN *q_u, REG_R_SHUTDOWN *r_u)
{
+ WERROR status = WERR_OK;
pstring shutdown_script;
+ UNISTR2 unimsg = q_u->uni_msg;
pstring message;
pstring chkmsg;
fstring timeout;
- fstring reason;
fstring r;
fstring f;
- int ret;
- BOOL can_shutdown;
-
- pstrcpy(shutdown_script, lp_shutdown_script());
- if ( !*shutdown_script )
- return WERR_ACCESS_DENIED;
-
- /* pull the message string and perform necessary sanity checks on it */
-
- pstrcpy( message, "" );
- if ( q_u->message ) {
- UNISTR2 *msg_string = q_u->message->string;
-
- rpcstr_pull( message, msg_string->buffer, sizeof(message), msg_string->uni_str_len*2, 0 );
- }
+ /* message */
+ rpcstr_pull (message, unimsg.buffer, sizeof(message), unimsg.uni_str_len*2,0);
+ /* security check */
alpha_strcpy (chkmsg, message, NULL, sizeof(message));
-
+ /* timeout */
fstr_sprintf(timeout, "%d", q_u->timeout);
+ /* reboot */
fstr_sprintf(r, (q_u->reboot) ? SHUTDOWN_R_STRING : "");
+ /* force */
fstr_sprintf(f, (q_u->force) ? SHUTDOWN_F_STRING : "");
- fstr_sprintf( reason, "%d", q_u->reason );
- all_string_sub( shutdown_script, "%z", chkmsg, sizeof(shutdown_script) );
- all_string_sub( shutdown_script, "%t", timeout, sizeof(shutdown_script) );
- all_string_sub( shutdown_script, "%r", r, sizeof(shutdown_script) );
- all_string_sub( shutdown_script, "%f", f, sizeof(shutdown_script) );
- all_string_sub( shutdown_script, "%x", reason, sizeof(shutdown_script) );
-
- can_shutdown = user_has_privileges( p->pipe_user.nt_user_token, &se_remote_shutdown );
-
- /* IF someone has privs, run the shutdown script as root. OTHERWISE run it as not root
- Take the error return from the script and provide it as the Windows return code. */
-
- /********** BEGIN SeRemoteShutdownPrivilege BLOCK **********/
-
- if ( can_shutdown )
- become_root();
+ pstrcpy(shutdown_script, lp_shutdown_script());
- ret = smbrun( shutdown_script, NULL );
+ if(*shutdown_script) {
+ int shutdown_ret;
+ SE_PRIV se_shutdown = SE_REMOTE_SHUTDOWN;
+ BOOL can_shutdown;
- if ( can_shutdown )
- unbecome_root();
-
- /********** END SeRemoteShutdownPrivilege BLOCK **********/
-
- DEBUG(3,("_reg_shutdown_ex: Running the command `%s' gave %d\n",
- shutdown_script, ret));
+ can_shutdown = user_has_privileges( p->pipe_user.nt_user_token, &se_shutdown );
+ /********** BEGIN SeRemoteShutdownPrivilege BLOCK **********/
+ if ( can_shutdown )
+ become_root();
+ all_string_sub(shutdown_script, "%m", chkmsg, sizeof(shutdown_script));
+ all_string_sub(shutdown_script, "%t", timeout, sizeof(shutdown_script));
+ all_string_sub(shutdown_script, "%r", r, sizeof(shutdown_script));
+ all_string_sub(shutdown_script, "%f", f, sizeof(shutdown_script));
+ shutdown_ret = smbrun(shutdown_script,NULL);
+ DEBUG(3,("_reg_shutdown: Running the command `%s' gave %d\n",shutdown_script,shutdown_ret));
+ if ( can_shutdown )
+ unbecome_root();
+ /********** END SeRemoteShutdownPrivilege BLOCK **********/
+ }
- return (ret == 0) ? WERR_OK : WERR_ACCESS_DENIED;
+ return status;
}
-
-
-
/*******************************************************************
reg_abort_shutdwon
********************************************************************/
WERROR _reg_abort_shutdown(pipes_struct *p, REG_Q_ABORT_SHUTDOWN *q_u, REG_R_ABORT_SHUTDOWN *r_u)
{
+ WERROR status = WERR_OK;
pstring abort_shutdown_script;
- int ret;
- BOOL can_shutdown;
pstrcpy(abort_shutdown_script, lp_abort_shutdown_script());
- if ( !*abort_shutdown_script )
- return WERR_ACCESS_DENIED;
-
- can_shutdown = user_has_privileges( p->pipe_user.nt_user_token, &se_remote_shutdown );
-
- /********** BEGIN SeRemoteShutdownPrivilege BLOCK **********/
-
- if ( can_shutdown )
- become_root();
+ if(*abort_shutdown_script) {
+ int abort_shutdown_ret;
+ SE_PRIV se_shutdown = SE_REMOTE_SHUTDOWN;
+ BOOL can_shutdown;
- ret = smbrun( abort_shutdown_script, NULL );
-
- if ( can_shutdown )
- unbecome_root();
+ can_shutdown = user_has_privileges( p->pipe_user.nt_user_token, &se_shutdown );
- /********** END SeRemoteShutdownPrivilege BLOCK **********/
-
- DEBUG(3,("_reg_abort_shutdown: Running the command `%s' gave %d\n",
- abort_shutdown_script, ret));
+ /********** BEGIN SeRemoteShutdownPrivilege BLOCK **********/
+ if ( can_shutdown )
+ become_root();
+ abort_shutdown_ret = smbrun(abort_shutdown_script,NULL);
+ DEBUG(3,("_reg_abort_shutdown: Running the command `%s' gave %d\n",abort_shutdown_script,abort_shutdown_ret));
+ if ( can_shutdown )
+ unbecome_root();
+ /********** END SeRemoteShutdownPrivilege BLOCK **********/
+ }
- return (ret == 0) ? WERR_OK : WERR_ACCESS_DENIED;
-}
-
-/*******************************************************************
- ********************************************************************/
-
-WERROR _reg_restore_key(pipes_struct *p, REG_Q_RESTORE_KEY *q_u, REG_R_RESTORE_KEY *r_u)
-{
- REGISTRY_KEY *regkey = find_regkey_index_by_hnd( p, &q_u->pol );
- pstring filename;
-
- DEBUG(5,("_reg_restore_key: Enter\n"));
-
- /*
- * basically this is a no op function which just verifies
- * that the client gave us a valid registry key handle
- */
-
- if ( !regkey )
- return WERR_BADFID;
-
- rpcstr_pull(filename, q_u->filename.string->buffer, sizeof(filename), q_u->filename.string->uni_str_len*2, STR_TERMINATE);
-
- DEBUG(8,("_reg_restore_key: verifying restore of key [%s] from \"%s\"\n", regkey->name, filename));
-
-#if 0
- validate_reg_filemame( filename );
- return restore_registry_key( regkey, filename );
-#endif
-
- return WERR_OK;
+ return status;
}
/*******************************************************************
+ REG_SAVE_KEY (0x14)
********************************************************************/
WERROR _reg_save_key(pipes_struct *p, REG_Q_SAVE_KEY *q_u, REG_R_SAVE_KEY *r_u)
{
REGISTRY_KEY *regkey = find_regkey_index_by_hnd( p, &q_u->pol );
- pstring filename;
DEBUG(5,("_reg_save_key: Enter\n"));
/*
- * basically this is a no op function which just verifies
+ * basically this is a no op function which just gverifies
* that the client gave us a valid registry key handle
*/
if ( !regkey )
- return WERR_BADFID;
-
- rpcstr_pull(filename, q_u->filename.string->buffer, sizeof(filename), q_u->filename.string->uni_str_len*2, STR_TERMINATE);
-
- DEBUG(8,("_reg_save_key: verifying backup of key [%s] to \"%s\"\n", regkey->name, filename));
+ return WERR_BADFID; /* This will be reported as an RPC fault anyway. */
-#if 0
- validate_reg_filemame( filename );
- return backup_registry_key( regkey, filename );
-#endif
+ DEBUG(8,("_reg_save_key: berifying backup of key [%s]\n", regkey->name));
+
return WERR_OK;
}
generated by cgit (git 2.34.1) at 2024-06-09 05:46:03 +0000