source: trunk-3.0/source/registry/reg_frontend.c@ 102

Last change on this file since 102 was 1, checked in by Paul Smedley, 18 years ago

Initial code import
File size: 11.6 KB
Line 
1/*
2 * Unix SMB/CIFS implementation.
3 * Virtual Windows Registry Layer
4 * Copyright (C) Gerald Carter 2002-2005
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 */
20
21/* Implementation of registry frontend view functions. */
22
23#include "includes.h"
24
25#undef DBGC_CLASS
26#define DBGC_CLASS DBGC_RPC_SRV
27
28extern REGISTRY_OPS printing_ops;
29extern REGISTRY_OPS eventlog_ops;
30extern REGISTRY_OPS shares_reg_ops;
31extern REGISTRY_OPS regdb_ops; /* these are the default */
32
33/* array of REGISTRY_HOOK's which are read into a tree for easy access */
34/* #define REG_TDB_ONLY 1 */
35
36REGISTRY_HOOK reg_hooks[] = {
37#ifndef REG_TDB_ONLY
38 { KEY_PRINTING, &printing_ops },
39 { KEY_PRINTING_2K, &printing_ops },
40 { KEY_PRINTING_PORTS, &printing_ops },
41 { KEY_SHARES, &shares_reg_ops },
42#endif
43 { NULL, NULL }
44};
45
46
47static struct generic_mapping reg_generic_map =
48 { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL };
49
50/********************************************************************
51********************************************************************/
52
53static NTSTATUS registry_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
54 uint32 access_desired, uint32 *access_granted )
55{
56 NTSTATUS result;
57
58 if ( geteuid() == sec_initial_uid() ) {
59 DEBUG(5,("registry_access_check: using root's token\n"));
60 token = get_root_nt_token();
61 }
62
63 se_map_generic( &access_desired, &reg_generic_map );
64 se_access_check( sec_desc, token, access_desired, access_granted, &result );
65
66 return result;
67}
68
69/********************************************************************
70********************************************************************/
71
72static SEC_DESC* construct_registry_sd( TALLOC_CTX *ctx )
73{
74 SEC_ACE ace[2];
75 SEC_ACCESS mask;
76 size_t i = 0;
77 SEC_DESC *sd;
78 SEC_ACL *acl;
79 size_t sd_size;
80
81 /* basic access for Everyone */
82
83 init_sec_access(&mask, REG_KEY_READ );
84 init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
85
86 /* Full Access 'BUILTIN\Administrators' */
87
88 init_sec_access(&mask, REG_KEY_ALL );
89 init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
90
91
92 /* create the security descriptor */
93
94 if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
95 return NULL;
96
97 if ( !(sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, acl, &sd_size)) )
98 return NULL;
99
100 return sd;
101}
102
103
104/***********************************************************************
105 Open the registry database and initialize the REGISTRY_HOOK cache
106 ***********************************************************************/
107
108BOOL init_registry( void )
109{
110 int i;
111
112
113 if ( !regdb_init() ) {
114 DEBUG(0,("init_registry: failed to initialize the registry tdb!\n"));
115 return False;
116 }
117
118 /* build the cache tree of registry hooks */
119
120 reghook_cache_init();
121
122 for ( i=0; reg_hooks[i].keyname; i++ ) {
123 if ( !reghook_cache_add(&reg_hooks[i]) )
124 return False;
125 }
126
127 if ( DEBUGLEVEL >= 20 )
128 reghook_dump_cache(20);
129
130 /* add any keys for other services */
131
132 svcctl_init_keys();
133 eventlog_init_keys();
134 perfcount_init_keys();
135
136 /* close and let each smbd open up as necessary */
137
138 regdb_close();
139
140 return True;
141}
142
143/***********************************************************************
144 High level wrapper function for storing registry subkeys
145 ***********************************************************************/
146
147BOOL store_reg_keys( REGISTRY_KEY *key, REGSUBKEY_CTR *subkeys )
148{
149 if ( key->hook && key->hook->ops && key->hook->ops->store_subkeys )
150 return key->hook->ops->store_subkeys( key->name, subkeys );
151
152 return False;
153
154}
155
156/***********************************************************************
157 High level wrapper function for storing registry values
158 ***********************************************************************/
159
160BOOL store_reg_values( REGISTRY_KEY *key, REGVAL_CTR *val )
161{
162 if ( check_dynamic_reg_values( key ) )
163 return False;
164
165 if ( key->hook && key->hook->ops && key->hook->ops->store_values )
166 return key->hook->ops->store_values( key->name, val );
167
168 return False;
169}
170
171
172/***********************************************************************
173 High level wrapper function for enumerating registry subkeys
174 Initialize the TALLOC_CTX if necessary
175 ***********************************************************************/
176
177int fetch_reg_keys( REGISTRY_KEY *key, REGSUBKEY_CTR *subkey_ctr )
178{
179 int result = -1;
180
181 if ( key->hook && key->hook->ops && key->hook->ops->fetch_subkeys )
182 result = key->hook->ops->fetch_subkeys( key->name, subkey_ctr );
183
184 return result;
185}
186
187/***********************************************************************
188 retreive a specific subkey specified by index. Caller is
189 responsible for freeing memory
190 ***********************************************************************/
191
192BOOL fetch_reg_keys_specific( REGISTRY_KEY *key, char** subkey, uint32 key_index )
193{
194 static REGSUBKEY_CTR *ctr = NULL;
195 static pstring save_path;
196 char *s;
197
198 *subkey = NULL;
199
200 /* simple caching for performance; very basic heuristic */
201
202 DEBUG(8,("fetch_reg_keys_specific: Looking for key [%d] of [%s]\n", key_index, key->name));
203
204 if ( !ctr ) {
205 DEBUG(8,("fetch_reg_keys_specific: Initializing cache of subkeys for [%s]\n", key->name));
206
207 if ( !(ctr = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR )) ) {
208 DEBUG(0,("fetch_reg_keys_specific: talloc() failed!\n"));
209 return False;
210 }
211
212 pstrcpy( save_path, key->name );
213
214 if ( fetch_reg_keys( key, ctr) == -1 )
215 return False;
216
217 }
218 /* clear the cache when key_index == 0 or the path has changed */
219 else if ( !key_index || StrCaseCmp( save_path, key->name) ) {
220
221 DEBUG(8,("fetch_reg_keys_specific: Updating cache of subkeys for [%s]\n", key->name));
222
223 TALLOC_FREE( ctr );
224
225 if ( !(ctr = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR )) ) {
226 DEBUG(0,("fetch_reg_keys_specific: talloc() failed!\n"));
227 return False;
228 }
229
230 pstrcpy( save_path, key->name );
231
232 if ( fetch_reg_keys( key, ctr) == -1 )
233 return False;
234 }
235
236 if ( !(s = regsubkey_ctr_specific_key( ctr, key_index )) )
237 return False;
238
239 *subkey = SMB_STRDUP( s );
240
241 return True;
242}
243
244/***********************************************************************
245 High level wrapper function for enumerating registry values
246 ***********************************************************************/
247
248int fetch_reg_values( REGISTRY_KEY *key, REGVAL_CTR *val )
249{
250 int result = -1;
251
252 if ( key->hook && key->hook->ops && key->hook->ops->fetch_values )
253 result = key->hook->ops->fetch_values( key->name, val );
254
255 /* if the backend lookup returned no data, try the dynamic overlay */
256
257 if ( result == 0 ) {
258 result = fetch_dynamic_reg_values( key, val );
259
260 return ( result != -1 ) ? result : 0;
261 }
262
263 return result;
264}
265
266
267/***********************************************************************
268 retreive a specific subkey specified by index. Caller is
269 responsible for freeing memory
270 ***********************************************************************/
271
272BOOL fetch_reg_values_specific( REGISTRY_KEY *key, REGISTRY_VALUE **val, uint32 val_index )
273{
274 static REGVAL_CTR *ctr = NULL;
275 static pstring save_path;
276 REGISTRY_VALUE *v;
277
278 *val = NULL;
279
280 /* simple caching for performance; very basic heuristic */
281
282 if ( !ctr ) {
283 DEBUG(8,("fetch_reg_values_specific: Initializing cache of values for [%s]\n", key->name));
284
285 if ( !(ctr = TALLOC_ZERO_P( NULL, REGVAL_CTR )) ) {
286 DEBUG(0,("fetch_reg_values_specific: talloc() failed!\n"));
287 return False;
288 }
289
290 pstrcpy( save_path, key->name );
291
292 if ( fetch_reg_values( key, ctr) == -1 )
293 return False;
294 }
295 /* clear the cache when val_index == 0 or the path has changed */
296 else if ( !val_index || !strequal(save_path, key->name) ) {
297
298 DEBUG(8,("fetch_reg_values_specific: Updating cache of values for [%s]\n", key->name));
299
300 TALLOC_FREE( ctr );
301
302 if ( !(ctr = TALLOC_ZERO_P( NULL, REGVAL_CTR )) ) {
303 DEBUG(0,("fetch_reg_values_specific: talloc() failed!\n"));
304 return False;
305 }
306
307 pstrcpy( save_path, key->name );
308
309 if ( fetch_reg_values( key, ctr) == -1 )
310 return False;
311 }
312
313 if ( !(v = regval_ctr_specific_value( ctr, val_index )) )
314 return False;
315
316 *val = dup_registry_value( v );
317
318 return True;
319}
320
321/***********************************************************************
322 High level access check for passing the required access mask to the
323 underlying registry backend
324 ***********************************************************************/
325
326BOOL regkey_access_check( REGISTRY_KEY *key, uint32 requested, uint32 *granted, NT_USER_TOKEN *token )
327{
328 /* use the default security check if the backend has not defined its own */
329
330 if ( !(key->hook && key->hook->ops && key->hook->ops->reg_access_check) ) {
331 SEC_DESC *sec_desc;
332 NTSTATUS status;
333
334 if ( !(sec_desc = construct_registry_sd( get_talloc_ctx() )) )
335 return False;
336
337 status = registry_access_check( sec_desc, token, requested, granted );
338
339 return NT_STATUS_IS_OK(status);
340 }
341
342 return key->hook->ops->reg_access_check( key->name, requested, granted, token );
343}
344
345/***********************************************************************
346***********************************************************************/
347
348WERROR regkey_open_internal( REGISTRY_KEY **regkey, const char *path,
349 NT_USER_TOKEN *token, uint32 access_desired )
350{
351 WERROR result = WERR_OK;
352 REGISTRY_KEY *keyinfo;
353 REGSUBKEY_CTR *subkeys = NULL;
354 uint32 access_granted;
355
356 if ( !(W_ERROR_IS_OK(result = regdb_open()) ) )
357 return result;
358
359 DEBUG(7,("regkey_open_internal: name = [%s]\n", path));
360
361 if ( !(*regkey = TALLOC_ZERO_P(NULL, REGISTRY_KEY)) ) {
362 regdb_close();
363 return WERR_NOMEM;
364 }
365
366 keyinfo = *regkey;
367
368 /* initialization */
369
370 keyinfo->type = REG_KEY_GENERIC;
371 if (!(keyinfo->name = talloc_strdup(keyinfo, path))) {
372 result = WERR_NOMEM;
373 goto done;
374 }
375
376 /* Tag this as a Performance Counter Key */
377
378 if( StrnCaseCmp(path, KEY_HKPD, strlen(KEY_HKPD)) == 0 )
379 keyinfo->type = REG_KEY_HKPD;
380
381 /* Look up the table of registry I/O operations */
382
383 if ( !(keyinfo->hook = reghook_cache_find( keyinfo->name )) ) {
384 DEBUG(0,("open_registry_key: Failed to assigned a REGISTRY_HOOK to [%s]\n",
385 keyinfo->name ));
386 result = WERR_BADFILE;
387 goto done;
388 }
389
390 /* check if the path really exists; failed is indicated by -1 */
391 /* if the subkey count failed, bail out */
392
393 if ( !(subkeys = TALLOC_ZERO_P( keyinfo, REGSUBKEY_CTR )) ) {
394 result = WERR_NOMEM;
395 goto done;
396 }
397
398 if ( fetch_reg_keys( keyinfo, subkeys ) == -1 ) {
399 result = WERR_BADFILE;
400 goto done;
401 }
402
403 TALLOC_FREE( subkeys );
404
405 if ( !regkey_access_check( keyinfo, access_desired, &access_granted, token ) ) {
406 result = WERR_ACCESS_DENIED;
407 goto done;
408 }
409
410 keyinfo->access_granted = access_granted;
411
412done:
413 if ( !W_ERROR_IS_OK(result) ) {
414 regkey_close_internal( *regkey );
415 }
416
417 return result;
418}
419
420/*******************************************************************
421*******************************************************************/
422
423WERROR regkey_close_internal( REGISTRY_KEY *key )
424{
425 TALLOC_FREE( key );
426 regdb_close();
427
428 return WERR_OK;
429}
Note: See TracBrowser for help on using the repository browser.