diff --git a/source/include/proto.h b/source/include/proto.h index e16f79028c4..05dbf3e6109 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -1314,6 +1314,7 @@ BOOL do_reg_query_info(struct cli_state *cli, POLICY_HND *hnd, char *type, uint32 *unk_0, uint32 *unk_1); BOOL do_reg_get_key_sec(struct cli_state *cli, POLICY_HND *hnd, uint32 *sec_buf_size, SEC_DESC_BUF *sec_buf); +BOOL do_reg_delete_val(struct cli_state *cli, POLICY_HND *hnd, char *val_name); BOOL do_reg_delete_key(struct cli_state *cli, POLICY_HND *hnd, char *key_name); BOOL do_reg_create_key(struct cli_state *cli, POLICY_HND *hnd, char *key_name, char *key_class, @@ -1624,6 +1625,10 @@ void make_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd, SEC_INFO *sam_access); void reg_io_q_create_key(char *desc, REG_Q_CREATE_KEY *r_q, prs_struct *ps, int depth); void reg_io_r_create_key(char *desc, REG_R_CREATE_KEY *r_r, prs_struct *ps, int depth); +void make_reg_q_delete_val(REG_Q_DELETE_VALUE *q_c, POLICY_HND *hnd, + char *name); +void reg_io_q_delete_val(char *desc, REG_Q_DELETE_VALUE *r_q, prs_struct *ps, int depth); +void reg_io_r_delete_val(char *desc, REG_R_DELETE_VALUE *r_r, prs_struct *ps, int depth); void make_reg_q_delete_key(REG_Q_DELETE_KEY *q_c, POLICY_HND *hnd, char *name); void reg_io_q_delete_key(char *desc, REG_Q_DELETE_KEY *r_q, prs_struct *ps, int depth); @@ -2092,6 +2097,7 @@ void cmd_reg_enum(struct client_info *info); void cmd_reg_query_key(struct client_info *info); void cmd_reg_test2(struct client_info *info); void cmd_reg_create_val(struct client_info *info); +void cmd_reg_delete_val(struct client_info *info); void cmd_reg_delete_key(struct client_info *info); void cmd_reg_create_key(struct client_info *info); void cmd_reg_get_key_sec(struct client_info *info); diff --git a/source/include/rpc_reg.h b/source/include/rpc_reg.h index 1a64866f037..9166134c274 100644 --- a/source/include/rpc_reg.h +++ b/source/include/rpc_reg.h @@ -34,6 +34,7 @@ #define REG_ENUM_KEY 0x09 #define REG_CREATE_KEY 0x06 #define REG_DELETE_KEY 0x07 +#define REG_DELETE_VALUE 0x08 #define REG_CREATE_VALUE 0x16 #define REG_GET_KEY_SEC 0x0c #define REG_ENUM_VALUE 0x0a @@ -245,12 +246,30 @@ typedef struct q_reg_delete_key_info typedef struct r_reg_delete_key_info { POLICY_HND key_pol; /* policy handle */ - uint32 unknown; /* 0x0000 0000 */ uint32 status; /* return status */ } REG_R_DELETE_KEY; +/* REG_Q_DELETE_VALUE */ +typedef struct q_reg_delete_val_info +{ + POLICY_HND pnt_pol; /* parent key policy handle */ + + UNIHDR hdr_name; + UNISTR2 uni_name; + +} REG_Q_DELETE_VALUE; + +/* REG_R_DELETE_VALUE */ +typedef struct r_reg_delete_val_info +{ + POLICY_HND key_pol; /* policy handle */ + + uint32 status; /* return status */ + +} REG_R_DELETE_VALUE; + /* REG_Q_QUERY_KEY */ typedef struct q_reg_query_info { diff --git a/source/rpc_client/cli_reg.c b/source/rpc_client/cli_reg.c index e1872bbd799..9ded3c4e678 100644 --- a/source/rpc_client/cli_reg.c +++ b/source/rpc_client/cli_reg.c @@ -507,6 +507,60 @@ BOOL do_reg_get_key_sec(struct cli_state *cli, POLICY_HND *hnd, return valid_query; } +/**************************************************************************** +do a REG Delete Value +****************************************************************************/ +BOOL do_reg_delete_val(struct cli_state *cli, POLICY_HND *hnd, char *val_name) +{ + prs_struct rbuf; + prs_struct buf; + REG_Q_DELETE_VALUE q_o; + BOOL valid_delete = False; + + if (hnd == NULL) return False; + + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True ); + + /* create and send a MSRPC command with api REG_DELETE_VALUE */ + + DEBUG(4,("REG Delete Value: %s\n", val_name)); + + make_reg_q_delete_val(&q_o, hnd, val_name); + + /* turn parameters into data stream */ + reg_io_q_delete_val("", &q_o, &buf, 0); + + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, REG_DELETE_VALUE, &buf, &rbuf)) + { + REG_R_DELETE_VALUE r_o; + BOOL p; + + ZERO_STRUCT(r_o); + + reg_io_r_delete_val("", &r_o, &rbuf, 0); + p = rbuf.offset != 0; + + if (p && r_o.status != 0) + { + /* report error code */ + DEBUG(0,("REG_DELETE_VALUE: %s\n", get_nt_error_msg(r_o.status))); + p = False; + } + + if (p) + { + valid_delete = True; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_delete; +} + /**************************************************************************** do a REG Delete Key ****************************************************************************/ diff --git a/source/rpc_parse/parse_reg.c b/source/rpc_parse/parse_reg.c index 9d816d0062e..fa63717e5b4 100644 --- a/source/rpc_parse/parse_reg.c +++ b/source/rpc_parse/parse_reg.c @@ -237,6 +237,57 @@ void reg_io_r_create_key(char *desc, REG_R_CREATE_KEY *r_r, prs_struct *ps, int } +/******************************************************************* +creates a structure. +********************************************************************/ +void make_reg_q_delete_val(REG_Q_DELETE_VALUE *q_c, POLICY_HND *hnd, + char *name) +{ + int len_name = name != NULL ? strlen(name ) + 1: 0; + ZERO_STRUCTP(q_c); + + memcpy(&(q_c->pnt_pol), hnd, sizeof(q_c->pnt_pol)); + + make_uni_hdr(&(q_c->hdr_name), len_name, len_name, 1); + make_unistr2(&(q_c->uni_name), name, len_name); +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void reg_io_q_delete_val(char *desc, REG_Q_DELETE_VALUE *r_q, prs_struct *ps, int depth) +{ + if (r_q == NULL) return; + + prs_debug(ps, depth, desc, "reg_io_q_delete_val"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("", &(r_q->pnt_pol), ps, depth); + + smb_io_unihdr ("", &(r_q->hdr_name), ps, depth); + smb_io_unistr2("", &(r_q->uni_name), r_q->hdr_name.buffer, ps, depth); + prs_align(ps); +} + + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void reg_io_r_delete_val(char *desc, REG_R_DELETE_VALUE *r_r, prs_struct *ps, int depth) +{ + if (r_r == NULL) return; + + prs_debug(ps, depth, desc, "reg_io_r_delete_val"); + depth++; + + prs_align(ps); + + prs_uint32("status", ps, depth, &(r_r->status)); +} + + /******************************************************************* creates a structure. ********************************************************************/ diff --git a/source/rpcclient/cmd_reg.c b/source/rpcclient/cmd_reg.c index 28e511fa034..f36a42699d9 100644 --- a/source/rpcclient/cmd_reg.c +++ b/source/rpcclient/cmd_reg.c @@ -512,6 +512,71 @@ void cmd_reg_create_val(struct client_info *info) } } +/**************************************************************************** +nt registry delete value +****************************************************************************/ +void cmd_reg_delete_val(struct client_info *info) +{ + BOOL res = True; + BOOL res3 = True; + BOOL res4 = True; + + POLICY_HND parent_pol; + fstring parent_name; + fstring val_name; + + DEBUG(5, ("cmd_reg_delete_val: smb_cli->fd:%d\n", smb_cli->fd)); + + if (!next_token(NULL, parent_name, NULL, sizeof(parent_name))) + { + fprintf(out_hnd, "regcreate \n"); + return; + } + + if (!next_token(NULL, val_name , NULL, sizeof(val_name ))) + { + fprintf(out_hnd, "regcreate \n"); + return; + } + + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; + + /* open registry receive a policy handle */ + res = res ? do_reg_open_hklm(smb_cli, + 0x84E0, 0x02000000, + &info->dom.reg_pol_connect) : False; + + /* open an entry */ + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, + parent_name, 0x02000000, &parent_pol) : False; + + /* create an entry */ + res4 = res3 ? do_reg_delete_val(smb_cli, &parent_pol, val_name) : False; + + /* flush the modified key */ + res4 = res4 ? do_reg_flush_key(smb_cli, &parent_pol) : False; + + /* close the key handle */ + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; + + /* close the registry handles */ + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); + + if (res && res3 && res4) + { + DEBUG(5,("cmd_reg_delete_val: query succeeded\n")); + fprintf(out_hnd,"OK\n"); + } + else + { + DEBUG(5,("cmd_reg_delete_val: query failed\n")); + } +} + /**************************************************************************** nt registry delete key ****************************************************************************/ diff --git a/source/rpcclient/rpcclient.c b/source/rpcclient/rpcclient.c index 234569acc12..d65b392fcd2 100644 --- a/source/rpcclient/rpcclient.c +++ b/source/rpcclient/rpcclient.c @@ -109,6 +109,7 @@ struct {"regdeletekey",cmd_reg_delete_key, " Registry Key Delete"}, {"regcreatekey",cmd_reg_create_key, " [keyclass] Registry Key Create"}, {"regquerykey",cmd_reg_query_key, " Registry Key Query"}, + {"regdeleteval",cmd_reg_delete_val, " Registry Value Delete"}, {"regcreateval",cmd_reg_create_val, " Registry Key Create"}, {"regtest2", cmd_reg_test2, "Registry Testing No 2"}, {"reggetsec", cmd_reg_get_key_sec, " | Registry Key Security"},