diff --git a/source/include/proto.h b/source/include/proto.h index 05dbf3e6109..7eb4f4e49d4 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -281,6 +281,8 @@ char *tab_depth(int depth); int str_checksum(const char *s); void zero_free(void *p, size_t size); int set_maxfiles(int requested_max); +void reg_get_subkey(char *full_keyname, char *key_name, char *subkey_name); +BOOL reg_split_key(char *full_keyname, uint32 *reg_type, char *key_name); /*The following definitions come from lib/util_file.c */ @@ -358,6 +360,7 @@ BOOL string_init(char **dest,char *src); void string_free(char **s); BOOL string_set(char **dest,char *src); BOOL string_sub(char *s,char *pattern,char *insert); +void split_at_last_component(char *path, char *front, char sep, char *back); /*The following definitions come from lib/util_unistr.c */ @@ -1267,10 +1270,11 @@ BOOL do_lsa_lookup_sids(struct cli_state *cli, POLICY_HND *hnd, int num_sids, DOM_SID **sids, - char **names); + char ***names, + int *num_names); BOOL do_lsa_query_info_pol(struct cli_state *cli, POLICY_HND *hnd, uint16 info_class, - fstring domain_name, fstring domain_sid); + fstring domain_name, DOM_SID *domain_sid); BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd); /*The following definitions come from rpc_client/cli_netlogon.c */ @@ -1295,9 +1299,8 @@ void cli_nt_session_close(struct cli_state *cli); /*The following definitions come from rpc_client/cli_reg.c */ -BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, - POLICY_HND *reg_hnd, - POLICY_HND *key_hnd); +BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, char *key_name, + POLICY_HND *reg_hnd); BOOL do_reg_open_hklm(struct cli_state *cli, uint16 unknown_0, uint32 level, POLICY_HND *hnd); BOOL do_reg_open_hku(struct cli_state *cli, uint16 unknown_0, uint32 level, @@ -2095,7 +2098,6 @@ void cmd_netlogon_login_test(struct client_info *info); void cmd_reg_enum(struct client_info *info); void cmd_reg_query_key(struct client_info *info); -void cmd_reg_test2(struct client_info *info); void cmd_reg_create_val(struct client_info *info); void cmd_reg_delete_val(struct client_info *info); void cmd_reg_delete_key(struct client_info *info); diff --git a/source/include/rpc_reg.h b/source/include/rpc_reg.h index 9166134c274..4eff16c3f4a 100644 --- a/source/include/rpc_reg.h +++ b/source/include/rpc_reg.h @@ -42,6 +42,8 @@ #define REG_INFO 0x11 #define REG_CLOSE 0x05 +#define HKEY_LOCAL_MACHINE 0x80000000 +#define HKEY_USERS 0x80000003 /* REG_Q_OPEN_HKLM */ typedef struct q_reg_open_policy_info diff --git a/source/include/rpcclient.h b/source/include/rpcclient.h index eab4d207033..dc2be5d2b85 100644 --- a/source/include/rpcclient.h +++ b/source/include/rpcclient.h @@ -60,15 +60,14 @@ struct nt_client_info /************** \PIPE\winreg stuff ********************/ POLICY_HND reg_pol_connect; - POLICY_HND reg_pol_unk_4; /************** \PIPE\lsarpc stuff ********************/ POLICY_HND lsa_info_pol; /* domain member */ - fstring level3_sid; - fstring level5_sid; + DOM_SID level3_sid; + DOM_SID level5_sid; /* domain controller */ fstring level3_dom; diff --git a/source/lib/util.c b/source/lib/util.c index 5db404196ba..f1fae9155c8 100644 --- a/source/lib/util.c +++ b/source/lib/util.c @@ -924,20 +924,9 @@ static void expand_one(char *Mask,int len) /**************************************************************************** parse out a directory name from a path name. Assumes dos style filenames. ****************************************************************************/ -static char *dirname_dos(char *path,char *buf) +static void dirname_dos(char *path,char *buf) { - char *p = strrchr(path,'\\'); - - if (!p) - pstrcpy(buf,path); - else - { - *p = 0; - pstrcpy(buf,path); - *p = '\\'; - } - - return(buf); + split_at_last_component(path, buf, '\\', NULL); } @@ -3053,3 +3042,56 @@ int set_maxfiles(int requested_max) return requested_max; #endif } + + +/***************************************************************** + splits out the last subkey of a key + *****************************************************************/ +void reg_get_subkey(char *full_keyname, char *key_name, char *subkey_name) +{ + split_at_last_component(full_keyname, key_name, '\\', subkey_name); +} + +/***************************************************************** + splits out the start of the key (HKLM or HKU) and the rest of the key + *****************************************************************/ +BOOL reg_split_key(char *full_keyname, uint32 *reg_type, char *key_name) +{ + pstring tmp; + + if (!next_token(&full_keyname, tmp, "\\", sizeof(tmp))) + { + return False; + } + + (*reg_type) = 0; + + DEBUG(10, ("reg_split_key: hive %s\n", tmp)); + + if (strequal(tmp, "HKLM") || strequal(tmp, "HKEY_LOCAL_MACHINE")) + { + (*reg_type) = HKEY_LOCAL_MACHINE; + } + else if (strequal(tmp, "HKU") || strequal(tmp, "HKEY_USERS")) + { + (*reg_type) = HKEY_USERS; + } + else + { + DEBUG(10,("reg_split_key: unrecognised hive key %s\n", tmp)); + return False; + } + + if (next_token(NULL, tmp, "\n\r", sizeof(tmp))) + { + fstrcpy(key_name, tmp); + } + else + { + key_name[0] = 0; + } + + DEBUG(10, ("reg_split_key: name %s\n", key_name)); + + return True; +} diff --git a/source/lib/util_str.c b/source/lib/util_str.c index 15eefb00013..996273bf3ad 100644 --- a/source/lib/util_str.c +++ b/source/lib/util_str.c @@ -1024,3 +1024,34 @@ BOOL string_sub(char *s,char *pattern,char *insert) return(ret); } +/**************************************************************************** + splits out the front and back at a separator. +****************************************************************************/ +void split_at_last_component(char *path, char *front, char sep, char *back) +{ + char *p = strrchr(path, sep); + + if (p != NULL) + { + *p = 0; + } + if (front != NULL) + { + pstrcpy(front, path); + } + if (p != NULL) + { + if (back != NULL) + { + pstrcpy(back, p+1); + } + *p = '\\'; + } + else + { + if (back != NULL) + { + back[0] = 0; + } + } +} diff --git a/source/rpc_client/cli_lsarpc.c b/source/rpc_client/cli_lsarpc.c index c2809294179..079d3e935b7 100644 --- a/source/rpc_client/cli_lsarpc.c +++ b/source/rpc_client/cli_lsarpc.c @@ -105,7 +105,8 @@ BOOL do_lsa_lookup_sids(struct cli_state *cli, POLICY_HND *hnd, int num_sids, DOM_SID **sids, - char **names) + char ***names, + int *num_names) { prs_struct rbuf; prs_struct buf; @@ -150,8 +151,53 @@ BOOL do_lsa_lookup_sids(struct cli_state *cli, if (p) { - valid_response = True; - *names = NULL; + if (t_names.ptr_trans_names != 0 && ref.undoc_buffer != 0) + { + valid_response = True; + } + } + + if (num_names != NULL && valid_response) + { + (*num_names) = t_names.num_entries; + } + if (valid_response) + { + int i; + for (i = 0; i < t_names.num_entries; i++) + { + if (t_names.name[i].domain_idx >= ref.num_ref_doms_1) + { + DEBUG(0,("LSA_LOOKUP_SIDS: domain index out of bounds\n")); + valid_response = False; + break; + } + } + } + + if (names != NULL && valid_response && t_names.num_entries != 0) + { + (*names) = (char**)malloc((*num_names) * sizeof(char*)); + } + + if (names != NULL && (*names) != NULL) + { + int i; + /* take each name, construct a \DOMAIN\name string */ + for (i = 0; i < (*num_names); i++) + { + fstring name; + fstring dom_name; + fstring full_name; + uint32 dom_idx = t_names.name[i].domain_idx; + fstrcpy(dom_name, unistr2(ref.ref_dom[dom_idx].uni_dom_name.buffer)); + fstrcpy(name , unistr2(t_names.uni_name[i].buffer)); + + snprintf(full_name, sizeof(full_name), "\\%s\\%s", + dom_name, name); + + (*names)[i] = strdup(full_name); + } } } @@ -166,13 +212,16 @@ do a LSA Query Info Policy ****************************************************************************/ BOOL do_lsa_query_info_pol(struct cli_state *cli, POLICY_HND *hnd, uint16 info_class, - fstring domain_name, fstring domain_sid) + fstring domain_name, DOM_SID *domain_sid) { prs_struct rbuf; prs_struct buf; LSA_Q_QUERY_INFO q_q; BOOL valid_response = False; + ZERO_STRUCTP(domain_sid); + domain_name[0] = 0; + if (hnd == NULL || domain_name == NULL || domain_sid == NULL) return False; prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); @@ -214,25 +263,38 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli, if (p) { + fstring sid_str; /* ok, at last: we're happy. */ switch (r_q.info_class) { case 3: { - char *dom_name = unistrn2(r_q.dom.id3.uni_domain_name.buffer, - r_q.dom.id3.uni_domain_name.uni_str_len); - fstrcpy(domain_name, dom_name); - sid_to_string(domain_sid, &(r_q.dom.id3.dom_sid.sid)); + if (r_q.dom.id3.buffer_dom_name != 0) + { + char *dom_name = unistrn2(r_q.dom.id3.uni_domain_name.buffer, + r_q.dom.id3.uni_domain_name.uni_str_len); + fstrcpy(domain_name, dom_name); + } + if (r_q.dom.id3.buffer_dom_sid != 0) + { + *domain_sid = r_q.dom.id3.dom_sid.sid; + } valid_response = True; break; } case 5: { - char *dom_name = unistrn2(r_q.dom.id5.uni_domain_name.buffer, - r_q.dom.id5.uni_domain_name.uni_str_len); - fstrcpy(domain_name, dom_name); - sid_to_string(domain_sid, &(r_q.dom.id5.dom_sid.sid)); + if (r_q.dom.id5.buffer_dom_name != 0) + { + char *dom_name = unistrn2(r_q.dom.id5.uni_domain_name.buffer, + r_q.dom.id5.uni_domain_name.uni_str_len); + fstrcpy(domain_name, dom_name); + } + if (r_q.dom.id5.buffer_dom_sid != 0) + { + *domain_sid = r_q.dom.id5.dom_sid.sid; + } valid_response = True; break; @@ -241,13 +303,14 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli, { DEBUG(3,("LSA_QUERYINFOPOLICY: unknown info class\n")); domain_name[0] = 0; - domain_sid [0] = 0; break; } } + + sid_to_string(sid_str, domain_sid); DEBUG(3,("LSA_QUERYINFOPOLICY (level %x): domain:%s domain sid:%s\n", - r_q.info_class, domain_name, domain_sid)); + r_q.info_class, domain_name, sid_str)); } } diff --git a/source/rpc_client/cli_reg.c b/source/rpc_client/cli_reg.c index 240a1fbb67d..27c1c8e7605 100644 --- a/source/rpc_client/cli_reg.c +++ b/source/rpc_client/cli_reg.c @@ -31,62 +31,57 @@ extern int DEBUGLEVEL; - /**************************************************************************** do a REG Open Policy ****************************************************************************/ -BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, - POLICY_HND *reg_hnd, - POLICY_HND *key_hnd) +BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, char *key_name, + POLICY_HND *reg_hnd) { - fstring key_name; - char *srch; - BOOL res1; - BOOL res = False; - BOOL hklm = False; - BOOL hku = False; + BOOL res = True; + uint32 reg_type = 0; if (full_keyname == NULL) { return False; } - srch = "HKLM"; - if (strnequal(full_keyname, srch, strlen(srch))) + ZERO_STRUCTP(reg_hnd); + + /* + * open registry receive a policy handle + */ + + if (!reg_split_key(full_keyname, ®_type, key_name)) { - full_keyname += strlen(srch); - if (*full_keyname == '\\') + DEBUG(0,("do_reg_connect: unrecognised key name %s\n", full_keyname)); + return False; + } + + switch (reg_type) + { + case HKEY_LOCAL_MACHINE: { - full_keyname++; - fstrcpy(key_name, full_keyname); + res = res ? do_reg_open_hklm(cli, + 0x84E0, 0x02000000, + reg_hnd) : False; + break; } - else if (*full_keyname != 0) + + case HKEY_USERS: { + res = res ? do_reg_open_hku(cli, + 0x84E0, 0x02000000, + reg_hnd) : False; + break; + } + default: + { + DEBUG(0,("do_reg_connect: unrecognised hive key\n")); return False; } } - /* open registry receive a policy handle */ - - if (hklm) - { - res = do_reg_open_hklm(cli, - 0x84E0, 0x02000000, - reg_hnd); - } - - if (hku) - { - res = do_reg_open_hku(cli, - 0x84E0, 0x02000000, - reg_hnd); - } - - /* open an entry */ - res1 = res ? do_reg_open_entry(cli, reg_hnd, - key_name, 0x02000000, key_hnd) : False; - - return res1 && res; + return res; } /**************************************************************************** diff --git a/source/rpcclient/cmd_lsarpc.c b/source/rpcclient/cmd_lsarpc.c index 6dc50c5c225..a23e7a650b7 100644 --- a/source/rpcclient/cmd_lsarpc.c +++ b/source/rpcclient/cmd_lsarpc.c @@ -49,9 +49,9 @@ void cmd_lsa_query_info(struct client_info *info) BOOL res = True; fstrcpy(info->dom.level3_dom, ""); - fstrcpy(info->dom.level3_sid, ""); fstrcpy(info->dom.level5_dom, ""); - fstrcpy(info->dom.level5_sid, ""); + ZERO_STRUCT(info->dom.level3_sid); + ZERO_STRUCT(info->dom.level5_sid); fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->myhostname); @@ -71,15 +71,15 @@ void cmd_lsa_query_info(struct client_info *info) /* send client info query, level 3. receive domain name and sid */ res = res ? do_lsa_query_info_pol(smb_cli, - &info->dom.lsa_info_pol, 0x03, - info->dom.level3_dom, - info->dom.level3_sid) : False; + &info->dom.lsa_info_pol, 0x03, + info->dom.level3_dom, + &info->dom.level3_sid) : False; /* send client info query, level 5. receive domain name and sid */ res = res ? do_lsa_query_info_pol(smb_cli, - &info->dom.lsa_info_pol, 0x05, + &info->dom.lsa_info_pol, 0x05, info->dom.level5_dom, - info->dom.level5_sid) : False; + &info->dom.level5_sid) : False; res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False; @@ -89,20 +89,23 @@ void cmd_lsa_query_info(struct client_info *info) if (res) { BOOL domain_something = False; + fstring sid; DEBUG(5,("cmd_lsa_query_info: query succeeded\n")); fprintf(out_hnd, "LSA Query Info Policy\n"); - if (info->dom.level3_sid[0] != 0) + if (info->dom.level3_dom[0] != 0) { + sid_to_string(sid, &info->dom.level3_sid); fprintf(out_hnd, "Domain Member - Domain: %s SID: %s\n", - info->dom.level3_dom, info->dom.level3_sid); + info->dom.level3_dom, sid); domain_something = True; } - if (info->dom.level5_sid[0] != 0) + if (info->dom.level5_dom[0] != 0) { + sid_to_string(sid, &info->dom.level5_sid); fprintf(out_hnd, "Domain Controller - Domain: %s SID: %s\n", - info->dom.level5_dom, info->dom.level5_sid); + info->dom.level5_dom, sid); domain_something = True; } if (!domain_something) @@ -123,53 +126,53 @@ nt lsa query void cmd_lsa_lookup_sids(struct client_info *info) { fstring temp; - fstring sid_name; + int i; + pstring sid_name; fstring srv_name; - DOM_SID sid; - DOM_SID *sids[1]; + DOM_SID sid[10]; + DOM_SID *sids[10]; + int num_sids = 0; char **names = NULL; + int num_names = 0; BOOL res = True; - DEBUG(5, ("cmd_lsa_lookup_sids: smb_cli->fd:%d\n", smb_cli->fd)); - fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->myhostname); strupper(srv_name); - fstrcpy(sid_name, info->dom.level5_sid); + DEBUG(4,("cmd_lsa_lookup_sids: server: %s\n", srv_name)); - if (next_token(NULL, temp, NULL, sizeof(temp))) + while (num_sids < 10 && next_token(NULL, temp, NULL, sizeof(temp))) { - if (info->dom.level5_sid[0] == 0) - { - fprintf(out_hnd, "please use lsaquery first or specify a complete SID\n"); - return; - } - if (strnequal("S-", temp, 2)) { fstrcpy(sid_name, temp); } else { + sid_to_string(sid_name, &info->dom.level5_sid); + + if (sid_name[0] == 0) + { + fprintf(out_hnd, "please use lsaquery first or specify a complete SID\n"); + return; + } + fstrcat(sid_name, "-"); fstrcat(sid_name, temp); } + make_dom_sid(&sid[num_sids], sid_name); + sids[num_sids] = &sid[num_sids]; + num_sids++; } - else + + if (num_sids == 0) { - fprintf(out_hnd, "lsalookup RID or SID\n"); + fprintf(out_hnd, "lookupsid RID or SID\n"); return; } - DEBUG(4,("cmd_lsa_lookup_sids: server: %s sid:%s\n", - srv_name, sid_name)); - - make_dom_sid(&sid, sid_name); - - sids[0] = &sid; - /* open LSARPC session. */ res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False; @@ -178,9 +181,11 @@ void cmd_lsa_lookup_sids(struct client_info *info) srv_name, &info->dom.lsa_info_pol, True) : False; - /* send client info query, level 3. receive domain name and sid */ + /* send lsa lookup sids call */ res = res ? do_lsa_lookup_sids(smb_cli, - &info->dom.lsa_info_pol, 1, sids, names) : False; + &info->dom.lsa_info_pol, + num_sids, sids, + &names, &num_names) : False; res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False; @@ -190,11 +195,24 @@ void cmd_lsa_lookup_sids(struct client_info *info) if (res) { DEBUG(5,("cmd_lsa_lookup_sids: query succeeded\n")); - } else { DEBUG(5,("cmd_lsa_lookup_sids: query failed\n")); } + if (names != NULL) + { + fprintf(out_hnd,"Lookup SIDS:\n"); + for (i = 0; i < num_names; i++) + { + sid_to_string(temp, sids[i]); + fprintf(out_hnd, "SID: %s -> %s\n", temp, names[i]); + if (names[i] != NULL) + { + free(names[i]); + } + } + free(names); + } } diff --git a/source/rpcclient/cmd_reg.c b/source/rpcclient/cmd_reg.c index f36a42699d9..4d49d19b3b6 100644 --- a/source/rpcclient/cmd_reg.c +++ b/source/rpcclient/cmd_reg.c @@ -36,6 +36,24 @@ extern int smb_tidx; extern FILE* out_hnd; +/* + * keys. of the form: + * ---- + * + * [HKLM]|[HKU]\[parent_keyname_components]\[subkey]|[value] + * + * reg_getsubkey() splits this down into: + * [HKLM]|[HKU]\[parent_keyname_components] and [subkey]|[value] + * + * do_reg_connect() splits the left side down further into: + * [HKLM]|[HKU] and [parent_keyname_components]. + * + * HKLM is short for HKEY_LOCAL_MACHINE + * HKU is short for HKEY_USERS + * + * oh, and HKEY stands for "Hive Key". + * + */ /**************************************************************************** nt registry enum @@ -48,6 +66,7 @@ void cmd_reg_enum(struct client_info *info) int i; POLICY_HND key_pol; + fstring full_keyname; fstring key_name; /* @@ -73,9 +92,9 @@ void cmd_reg_enum(struct client_info *info) DEBUG(5, ("cmd_reg_enum: smb_cli->fd:%d\n", smb_cli->fd)); - if (!next_token(NULL, key_name, NULL, sizeof(key_name))) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - fprintf(out_hnd, "regenum key_name\n"); + fprintf(out_hnd, "regenum \n"); return; } @@ -83,13 +102,19 @@ void cmd_reg_enum(struct client_info *info) res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, + res = res ? do_reg_connect(smb_cli, full_keyname, key_name, &info->dom.reg_pol_connect) : False; - /* open an entry */ - res1 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, - key_name, 0x02000000, &key_pol) : False; + if ((*key_name) != 0) + { + /* open an entry */ + res1 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + key_name, 0x02000000, &key_pol) : False; + } + else + { + memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol)); + } res1 = res1 ? do_reg_query_key(smb_cli, &key_pol, @@ -98,6 +123,12 @@ void cmd_reg_enum(struct client_info *info) &num_values, &max_valnamelen, &max_valbufsize, &sec_desc, &mod_time) : False; + if (res1 && num_subkeys > 0) + { + fprintf(out_hnd,"Subkeys\n"); + fprintf(out_hnd,"-------\n"); + } + for (i = 0; i < num_subkeys; i++) { /* @@ -133,6 +164,12 @@ void cmd_reg_enum(struct client_info *info) } + if (num_values > 0) + { + fprintf(out_hnd,"Key Values\n"); + fprintf(out_hnd,"----------\n"); + } + for (i = 0; i < num_values; i++) { /* @@ -166,7 +203,10 @@ void cmd_reg_enum(struct client_info *info) } /* close the handles */ - res1 = res1 ? do_reg_close(smb_cli, &key_pol) : False; + if ((*key_name) != 0) + { + res1 = res1 ? do_reg_close(smb_cli, &key_pol) : False; + } res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; /* close the session */ @@ -191,6 +231,7 @@ void cmd_reg_query_key(struct client_info *info) BOOL res1 = True; POLICY_HND key_pol; + fstring full_keyname; fstring key_name; /* @@ -210,7 +251,7 @@ void cmd_reg_query_key(struct client_info *info) DEBUG(5, ("cmd_reg_enum: smb_cli->fd:%d\n", smb_cli->fd)); - if (!next_token(NULL, key_name, NULL, sizeof(key_name))) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { fprintf(out_hnd, "regquery key_name\n"); return; @@ -220,13 +261,19 @@ void cmd_reg_query_key(struct client_info *info) res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, + res = res ? do_reg_connect(smb_cli, full_keyname, key_name, &info->dom.reg_pol_connect) : False; - /* open an entry */ - res1 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, - key_name, 0x02000000, &key_pol) : False; + if ((*key_name) != 0) + { + /* open an entry */ + res1 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + key_name, 0x02000000, &key_pol) : False; + } + else + { + memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol)); + } res1 = res1 ? do_reg_query_key(smb_cli, &key_pol, @@ -256,7 +303,10 @@ void cmd_reg_query_key(struct client_info *info) } /* close the handles */ - res1 = res1 ? do_reg_close(smb_cli, &key_pol) : False; + if ((*key_name) != 0) + { + res1 = res1 ? do_reg_close(smb_cli, &key_pol) : False; + } res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; /* close the session */ @@ -272,113 +322,6 @@ void cmd_reg_query_key(struct client_info *info) } } -/**************************************************************************** -nt registry test -****************************************************************************/ -void cmd_reg_test2(struct client_info *info) -{ - BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - BOOL res3 = True; - int i; - - /* - * query key info - */ - - POLICY_HND key_pol; - fstring key_class; - uint32 max_class_len; - uint32 num_subkeys; - uint32 max_subkeylen; - uint32 max_subkeysize; - uint32 num_values; - uint32 max_valnamelen; - uint32 max_valbufsize; - uint32 sec_desc; - NTTIME mod_time; - - /* - * unknown 0x1a request - */ - - uint32 unk_1a_response; - - /* - * enumerate key - */ - - fstring enum_name; - uint32 enum_unk1; - uint32 enum_unk2; - time_t key_mod_time; - - DEBUG(5, ("cmd_reg_test: smb_cli->fd:%d\n", smb_cli->fd)); - - /* open WINREG session. */ - res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; - - /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, - &info->dom.reg_pol_connect) : False; - - res1 = res ? do_reg_open_hku(smb_cli, - 0x84E0, 0x02000000, - &info->dom.reg_pol_unk_4 ) : False; - - res2 = res1 ? do_reg_query_key(smb_cli, - &key_pol, - key_class, &max_class_len, - &num_subkeys, &max_subkeylen, &max_subkeysize, - &num_values, &max_valnamelen, &max_valbufsize, - &sec_desc, &mod_time) : False; - - for (i = 0; i < num_subkeys; i++) - { - /* unknown 1a it */ - res3 = res2 ? do_reg_unknown_1a(smb_cli, &info->dom.reg_pol_connect, - &unk_1a_response) : False; - - if (res3) - { - fprintf(out_hnd,"Unknown 1a response: %x\n", unk_1a_response); - } - - /* enum key */ - res3 = res3 ? do_reg_enum_key(smb_cli, &info->dom.reg_pol_connect, - i, enum_name, - &enum_unk1, &enum_unk2, - &key_mod_time) : False; - - if (res3) - { - fprintf(out_hnd,"Enum Key: %s ", enum_name); - fprintf(out_hnd,"unk (%08x %08x) ", enum_unk1, enum_unk2); - fprintf(out_hnd,"mod time: %s\n", http_timestring(key_mod_time)); - } - } - - /* close the handles */ - res2 = res2 ? do_reg_close(smb_cli, &key_pol ) : False; - res1 = res1 ? do_reg_close(smb_cli, &info->dom.reg_pol_unk_4 ) : False; - res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; - - /* close the session */ - cli_nt_session_close(smb_cli); - - if (res && res1 && res2) - { - DEBUG(5,("cmd_reg_test2: query succeeded\n")); - fprintf(out_hnd,"Registry Test2\n"); - } - else - { - DEBUG(5,("cmd_reg_test2: query failed\n")); - } -} - /**************************************************************************** nt registry create value ****************************************************************************/ @@ -389,6 +332,8 @@ void cmd_reg_create_val(struct client_info *info) BOOL res4 = True; POLICY_HND parent_pol; + fstring full_keyname; + fstring keyname; fstring parent_name; fstring val_name; fstring tmp; @@ -403,23 +348,25 @@ void cmd_reg_create_val(struct client_info *info) type, &unk_0, &unk_1) : False; #endif - DEBUG(5, ("cmd_reg_get_val_sec: smb_cli->fd:%d\n", smb_cli->fd)); + DEBUG(5, ("cmd_reg_create_val: smb_cli->fd:%d\n", smb_cli->fd)); - if (!next_token(NULL, parent_name, NULL, sizeof(parent_name))) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "regcreate \n"); return; } - if (!next_token(NULL, val_name , NULL, sizeof(val_name ))) + reg_get_subkey(full_keyname, keyname, val_name); + + if (keyname[0] == 0 || val_name[0] == 0) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "invalid key name\n"); return; } - + if (!next_token(NULL, tmp, NULL, sizeof(tmp))) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "regcreate \n"); return; } @@ -433,7 +380,7 @@ void cmd_reg_create_val(struct client_info *info) if (!next_token(NULL, tmp, NULL, sizeof(tmp))) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "regcreate \n"); return; } @@ -477,13 +424,19 @@ void cmd_reg_create_val(struct client_info *info) res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, + res = res ? do_reg_connect(smb_cli, keyname, parent_name, &info->dom.reg_pol_connect) : False; - /* open an entry */ - res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, - parent_name, 0x02000000, &parent_pol) : False; + if ((*val_name) != 0) + { + /* open an entry */ + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + parent_name, 0x02000000, &parent_pol) : False; + } + else + { + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); + } /* create an entry */ res4 = res3 ? do_reg_create_val(smb_cli, &parent_pol, @@ -493,7 +446,10 @@ void cmd_reg_create_val(struct client_info *info) res4 = res4 ? do_reg_flush_key(smb_cli, &parent_pol) : False; /* close the val handle */ - res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; + if ((*val_name) != 0) + { + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; + } /* close the registry handles */ res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; @@ -522,36 +478,46 @@ void cmd_reg_delete_val(struct client_info *info) BOOL res4 = True; POLICY_HND parent_pol; + fstring full_keyname; + fstring keyname; fstring parent_name; fstring val_name; DEBUG(5, ("cmd_reg_delete_val: smb_cli->fd:%d\n", smb_cli->fd)); - if (!next_token(NULL, parent_name, NULL, sizeof(parent_name))) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "regdelete \n"); return; } - if (!next_token(NULL, val_name , NULL, sizeof(val_name ))) + reg_get_subkey(full_keyname, keyname, val_name); + + if (keyname[0] == 0 || val_name[0] == 0) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "invalid key name\n"); return; } - + /* open WINREG session. */ res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, + res = res ? do_reg_connect(smb_cli, keyname, parent_name, &info->dom.reg_pol_connect) : False; - /* open an entry */ - res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, - parent_name, 0x02000000, &parent_pol) : False; + if ((*val_name) != 0) + { + /* open an entry */ + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + parent_name, 0x02000000, &parent_pol) : False; + } + else + { + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); + } - /* create an entry */ + /* delete an entry */ res4 = res3 ? do_reg_delete_val(smb_cli, &parent_pol, val_name) : False; /* flush the modified key */ @@ -587,43 +553,56 @@ void cmd_reg_delete_key(struct client_info *info) BOOL res4 = True; POLICY_HND parent_pol; + fstring full_keyname; fstring parent_name; fstring key_name; + fstring subkey_name; DEBUG(5, ("cmd_reg_delete_key: smb_cli->fd:%d\n", smb_cli->fd)); - if (!next_token(NULL, parent_name, NULL, sizeof(parent_name))) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "regdeletekey \n"); return; } - if (!next_token(NULL, key_name , NULL, sizeof(key_name ))) + reg_get_subkey(full_keyname, parent_name, subkey_name); + + if (parent_name[0] == 0 || subkey_name[0] == 0) { - fprintf(out_hnd, "regcreate \n"); + fprintf(out_hnd, "invalid key name\n"); return; } - + /* open WINREG session. */ res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, + res = res ? do_reg_connect(smb_cli, parent_name, key_name, &info->dom.reg_pol_connect) : False; - /* open an entry */ - res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, - parent_name, 0x02000000, &parent_pol) : False; + if ((*key_name) != 0) + { + /* open an entry */ + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + key_name, 0x02000000, &parent_pol) : False; + } + else + { + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); + } /* create an entry */ - res4 = res3 ? do_reg_delete_key(smb_cli, &parent_pol, key_name) : False; + res4 = res3 ? do_reg_delete_key(smb_cli, &parent_pol, subkey_name) : False; /* flush the modified key */ res4 = res4 ? do_reg_flush_key(smb_cli, &parent_pol) : False; /* close the key handle */ - res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; + if ((*key_name) != 0) + { + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; + } /* close the registry handles */ res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; @@ -653,33 +632,29 @@ void cmd_reg_create_key(struct client_info *info) POLICY_HND parent_pol; POLICY_HND key_pol; + fstring full_keyname; + fstring parent_key; fstring parent_name; fstring key_name; fstring key_class; SEC_INFO sam_access; -#if 0 - uint32 unk_0; - uint32 unk_1; - /* query it */ - res1 = res1 ? do_reg_query_info(smb_cli, &key_pol, - type, &unk_0, &unk_1) : False; -#endif - DEBUG(5, ("cmd_reg_create_key: smb_cli->fd:%d\n", smb_cli->fd)); - if (!next_token(NULL, parent_name, NULL, sizeof(parent_name))) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - fprintf(out_hnd, "regcreate [key_class]\n"); + fprintf(out_hnd, "regcreate [key_class]\n"); return; } - if (!next_token(NULL, key_name , NULL, sizeof(key_name ))) + reg_get_subkey(full_keyname, parent_key, key_name); + + if (parent_key[0] == 0 || key_name[0] == 0) { - fprintf(out_hnd, "regcreate [key_class]\n"); + fprintf(out_hnd, "invalid key name\n"); return; } - + if (!next_token(NULL, key_class, NULL, sizeof(key_class))) { memset(key_class, 0, sizeof(key_class)); @@ -692,13 +667,19 @@ void cmd_reg_create_key(struct client_info *info) res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, + res = res ? do_reg_connect(smb_cli, parent_key, parent_name, &info->dom.reg_pol_connect) : False; - /* open an entry */ - res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, - parent_name, 0x02000000, &parent_pol) : False; + if ((*parent_name) != 0) + { + /* open an entry */ + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + parent_name, 0x02000000, &parent_pol) : False; + } + else + { + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); + } /* create an entry */ res4 = res3 ? do_reg_create_key(smb_cli, &parent_pol, @@ -711,7 +692,10 @@ void cmd_reg_create_key(struct client_info *info) res4 = res4 ? do_reg_close(smb_cli, &key_pol) : False; /* close the key handle */ - res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; + if ((*parent_name) != 0) + { + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; + } /* close the registry handles */ res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; @@ -740,6 +724,7 @@ void cmd_reg_get_key_sec(struct client_info *info) BOOL res4 = True; POLICY_HND key_pol; + fstring full_keyname; fstring key_name; /* @@ -751,9 +736,9 @@ void cmd_reg_get_key_sec(struct client_info *info) DEBUG(5, ("cmd_reg_get_key_sec: smb_cli->fd:%d\n", smb_cli->fd)); - if (!next_token(NULL, key_name, NULL, sizeof(key_name))) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - fprintf(out_hnd, "regtest key_name\n"); + fprintf(out_hnd, "reggetsec \n"); return; } @@ -761,10 +746,20 @@ void cmd_reg_get_key_sec(struct client_info *info) res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? do_reg_open_hklm(smb_cli, - 0x84E0, 0x02000000, + res = res ? do_reg_connect(smb_cli, full_keyname, key_name, &info->dom.reg_pol_connect) : False; + if ((*key_name) != 0) + { + /* open an entry */ + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + key_name, 0x02000000, &key_pol) : False; + } + else + { + memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol)); + } + /* open an entry */ res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &key_pol) : False; @@ -779,15 +774,16 @@ void cmd_reg_get_key_sec(struct client_info *info) if (res4 && sec_buf.len > 0) { - fprintf(out_hnd, "Security Info for %s: (%d)\n", - key_name, sec_buf_size); display_sec_desc(out_hnd, ACTION_HEADER , &sec_buf.sec); display_sec_desc(out_hnd, ACTION_ENUMERATE, &sec_buf.sec); display_sec_desc(out_hnd, ACTION_FOOTER , &sec_buf.sec); } /* close the key handle */ - res3 = res3 ? do_reg_close(smb_cli, &key_pol) : False; + if ((*key_name) != 0) + { + res3 = res3 ? do_reg_close(smb_cli, &key_pol) : False; + } /* close the registry handles */ res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c index fa3253edf9c..eeb34c8f887 100644 --- a/source/rpcclient/cmd_samr.c +++ b/source/rpcclient/cmd_samr.c @@ -57,7 +57,7 @@ void cmd_sam_ntchange_pwd(struct client_info *info) uchar lm_hshhash[16]; uchar lm_oldhash[16]; - fstrcpy(sid , info->dom.level5_sid); + sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); fstrcpy(srv_name, "\\\\"); @@ -125,7 +125,7 @@ void cmd_sam_test(struct client_info *info) fstring sid; BOOL res = True; - fstrcpy(sid , info->dom.level5_sid); + sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); /* @@ -192,7 +192,7 @@ void cmd_sam_enum_users(struct client_info *info) uint32 admin_rid = 0x304; /* absolutely no idea. */ fstring tmp; - fstrcpy(sid , info->dom.level5_sid); + sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); if (strlen(sid) == 0) @@ -366,7 +366,7 @@ void cmd_sam_query_user(struct client_info *info) SAM_USER_INFO_21 usr; - fstrcpy(sid , info->dom.level5_sid); + sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); if (strlen(sid) == 0) @@ -457,7 +457,7 @@ void cmd_sam_query_groups(struct client_info *info) uint32 switch_value = 2; uint32 admin_rid = 0x304; /* absolutely no idea. */ - fstrcpy(sid , info->dom.level5_sid); + sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); if (strlen(sid) == 0) @@ -538,7 +538,7 @@ void cmd_sam_enum_aliases(struct client_info *info) fstring alias_names [3]; uint32 num_als_usrs[3]; - fstrcpy(sid , info->dom.level3_sid); + sid_to_string(sid, &info->dom.level3_sid); fstrcpy(domain, info->dom.level3_dom); #if 0 fstrcpy(sid , "S-1-5-20"); diff --git a/source/rpcclient/rpcclient.c b/source/rpcclient/rpcclient.c index d65b392fcd2..5fbd8e1cbcd 100644 --- a/source/rpcclient/rpcclient.c +++ b/source/rpcclient/rpcclient.c @@ -106,13 +106,12 @@ struct } commands[] = { {"regenum", cmd_reg_enum, " Registry Enumeration (keys, values)"}, - {"regdeletekey",cmd_reg_delete_key, " Registry Key Delete"}, - {"regcreatekey",cmd_reg_create_key, " [keyclass] Registry Key Create"}, + {"regdeletekey",cmd_reg_delete_key, " Registry Key Delete"}, + {"regcreatekey",cmd_reg_create_key, " [keyclass] Registry Key Create"}, {"regquerykey",cmd_reg_query_key, " Registry Key Query"}, - {"regdeleteval",cmd_reg_delete_val, " Registry Value Delete"}, - {"regcreateval",cmd_reg_create_val, " Registry Key Create"}, - {"regtest2", cmd_reg_test2, "Registry Testing No 2"}, - {"reggetsec", cmd_reg_get_key_sec, " | Registry Key Security"}, + {"regdeleteval",cmd_reg_delete_val, " Registry Value Delete"}, + {"regcreateval",cmd_reg_create_val, " Registry Key Create"}, + {"reggetsec", cmd_reg_get_key_sec, " Registry Key Security"}, {"ntlogin", cmd_netlogon_login_test, "[username] [password] NT Domain login test"}, {"wksinfo", cmd_wks_query_info, "Workstation Query Info"}, {"srvinfo", cmd_srv_query_info, "Server Query Info"},