// This can be called when a DB lock and active key list lock are both held NTSTATUS SqliteDeleteKeyInternal_inlock_inDblock( IN HANDLE handle, IN PCWSTR pwszKeyName ) { NTSTATUS status = STATUS_SUCCESS; PWSTR pwszParentKeyName = NULL; PREG_KEY_HANDLE pKeyHandle = NULL; // Do not free PREG_KEY_CONTEXT pKeyCtx = NULL; status = SqliteDeleteActiveKey_inlock((PCWSTR)pwszKeyName); BAIL_ON_NT_STATUS(status); status = SqliteOpenKeyInternal_inlock_inDblock(handle, pwszKeyName, 0, &pKeyHandle); BAIL_ON_NT_STATUS(status); BAIL_ON_NT_INVALID_POINTER(pKeyHandle); pKeyCtx = pKeyHandle->pKey; BAIL_ON_INVALID_KEY_CONTEXT(pKeyCtx); // Delete all the values of this key status = RegDbDeleteKey_inlock(ghCacheConnection, pKeyCtx->qwId, pKeyCtx->qwSdId, pwszKeyName); BAIL_ON_NT_STATUS(status); status = SqliteGetParentKeyName(pwszKeyName, '\\',&pwszParentKeyName); BAIL_ON_NT_STATUS(status); if (!LW_IS_NULL_OR_EMPTY_STR(pwszParentKeyName)) { SqliteCacheResetParentKeySubKeyInfo_inlock(pwszParentKeyName); } cleanup: SqliteSafeFreeKeyHandle_inlock(pKeyHandle); LWREG_SAFE_FREE_MEMORY(pwszParentKeyName); return status; error: goto cleanup; }
NTSTATUS SqliteCreateKeyHandle( IN PACCESS_TOKEN pToken, IN ACCESS_MASK AccessDesired, IN PREG_KEY_CONTEXT pKey, OUT PREG_KEY_HANDLE* ppKeyHandle ) { NTSTATUS status = STATUS_SUCCESS; PREG_KEY_HANDLE pKeyHandle = NULL; ACCESS_MASK AccessGranted = 0; BAIL_ON_INVALID_KEY_CONTEXT(pKey); status = RegSrvAccessCheckKey(pToken, pKey->pSecurityDescriptor, pKey->ulSecDescLength, AccessDesired, &AccessGranted); if (STATUS_NO_TOKEN == status) { status = 0; AccessGranted = 0; } BAIL_ON_NT_STATUS(status); status = LW_RTL_ALLOCATE((PVOID*)&pKeyHandle, REG_KEY_HANDLE, sizeof(*pKeyHandle)); BAIL_ON_NT_STATUS(status); pKeyHandle->AccessGranted = AccessGranted; pKeyHandle->pKey = pKey; *ppKeyHandle = pKeyHandle; cleanup: return status; error: LWREG_SAFE_FREE_MEMORY(pKeyHandle); goto cleanup; }
/* Create a new key, if the key exists already, * open the existing key */ NTSTATUS SqliteCreateKeyInternal( IN OPTIONAL HANDLE handle, IN PREG_KEY_CONTEXT pParentKeyCtx, IN PWSTR pwszFullKeyName, // Full Key Path IN ACCESS_MASK AccessDesired, IN OPTIONAL PSECURITY_DESCRIPTOR_RELATIVE pSecDescRel, IN ULONG ulSecDescLength, OUT OPTIONAL PREG_KEY_HANDLE* ppKeyHandle, OUT OPTIONAL PDWORD pdwDisposition ) { NTSTATUS status = STATUS_SUCCESS; PREG_DB_KEY pRegEntry = NULL; PREG_KEY_HANDLE pKeyHandle = NULL; PREG_KEY_CONTEXT pKeyCtx = NULL; BOOLEAN bInLock = FALSE; PREG_SRV_API_STATE pServerState = (PREG_SRV_API_STATE)handle; PSECURITY_DESCRIPTOR_RELATIVE pSecDescRelToSet = NULL; ULONG ulSecDescLengthToSet = 0; DWORD dwDisposition = 0; // Full key path BAIL_ON_NT_INVALID_STRING(pwszFullKeyName); // when starting up lwregd pServerState is NULL and // creating root key can skip ACL check if (pServerState && !pServerState->pToken) { status = RegSrvCreateAccessToken(pServerState->peerUID, pServerState->peerGID, &pServerState->pToken); BAIL_ON_NT_STATUS(status); } LWREG_LOCK_MUTEX(bInLock, &gActiveKeyList.mutex); status = SqliteOpenKeyInternal_inlock( handle, pwszFullKeyName, // Full Key Path AccessDesired, &pKeyHandle); if (!status) { dwDisposition = REG_OPENED_EXISTING_KEY; goto done; } else if (STATUS_OBJECT_NAME_NOT_FOUND == status) { status = 0; } BAIL_ON_NT_STATUS(status); // Root Key has to be created with a given SD if (!pParentKeyCtx && !pSecDescRel) { status = STATUS_INTERNAL_ERROR; BAIL_ON_NT_STATUS(status); } // ACL check // Get key's security descriptor // Inherit from its direct parent or given by caller if (!pSecDescRel || !ulSecDescLength) { BAIL_ON_INVALID_KEY_CONTEXT(pParentKeyCtx); status = SqliteCacheKeySecurityDescriptor(pParentKeyCtx); BAIL_ON_NT_STATUS(status); pSecDescRelToSet = pParentKeyCtx->pSecurityDescriptor; ulSecDescLengthToSet = pParentKeyCtx->ulSecDescLength; } else { pSecDescRelToSet = pSecDescRel; ulSecDescLengthToSet = ulSecDescLength; } // Make sure SD has at least owner information if (!RtlValidRelativeSecurityDescriptor(pSecDescRelToSet, ulSecDescLengthToSet, OWNER_SECURITY_INFORMATION)) { status = STATUS_INVALID_SECURITY_DESCR; BAIL_ON_NT_STATUS(status); } // Create key with SD status = RegDbCreateKey(ghCacheConnection, pwszFullKeyName, pSecDescRelToSet, ulSecDescLengthToSet, &pRegEntry); BAIL_ON_NT_STATUS(status); if (pParentKeyCtx) { SqliteCacheResetParentKeySubKeyInfo_inlock(pParentKeyCtx->pwszKeyName); } status = SqliteCreateKeyContext(pRegEntry, &pKeyCtx); BAIL_ON_NT_STATUS(status); // Cache this new key in gActiveKeyList status = SqliteCacheInsertActiveKey_inlock(pKeyCtx); BAIL_ON_NT_STATUS(status); status = SqliteCreateKeyHandle(pServerState ? pServerState->pToken : NULL, AccessDesired, pKeyCtx, &pKeyHandle); BAIL_ON_NT_STATUS(status); pKeyCtx = NULL; dwDisposition = REG_CREATED_NEW_KEY; done: if (ppKeyHandle) { *ppKeyHandle = pKeyHandle; } else { SqliteSafeFreeKeyHandle_inlock(pKeyHandle); } if (pdwDisposition) { *pdwDisposition = dwDisposition; } cleanup: SqliteReleaseKeyContext_inlock(pKeyCtx); LWREG_UNLOCK_MUTEX(bInLock, &gActiveKeyList.mutex); RegDbSafeFreeEntryKey(&pRegEntry); return status; error: if (ppKeyHandle) { *ppKeyHandle = NULL; } SqliteSafeFreeKeyHandle_inlock(pKeyHandle); goto cleanup; }
NTSTATUS SqliteSetValueAttributes( IN HANDLE hRegConnection, IN HKEY hKey, IN OPTIONAL PCWSTR pwszSubKey, IN PCWSTR pValueName, IN PLWREG_VALUE_ATTRIBUTES pValueAttributes ) { NTSTATUS status = STATUS_SUCCESS; PWSTR pwszValueName = NULL; BOOLEAN bIsWrongType = TRUE; wchar16_t wszEmptyValueName[] = REG_EMPTY_VALUE_NAME_W; PWSTR pwszKeyNameWithSubKey = NULL; PREG_KEY_HANDLE pKeyHandle = (PREG_KEY_HANDLE)hKey; PREG_KEY_CONTEXT pKeyCtx = NULL; PREG_KEY_HANDLE pKeyHandleInUse = NULL; PREG_KEY_CONTEXT pKeyCtxInUse = NULL; // Do not free PBYTE pData = NULL; DWORD cbData = 0; BAIL_ON_NT_INVALID_POINTER(pKeyHandle); pKeyCtx = pKeyHandle->pKey; BAIL_ON_INVALID_KEY_CONTEXT(pKeyCtx); if (!RegValidValueAttributes(pValueAttributes)) { status = STATUS_INVALID_PARAMETER; BAIL_ON_NT_STATUS(status); } if (pwszSubKey) { status = LwRtlWC16StringAllocatePrintfW( &pwszKeyNameWithSubKey, L"%ws\\%ws", pKeyCtx->pwszKeyName, pwszSubKey); BAIL_ON_NT_STATUS(status); } status = SqliteOpenKeyInternal(hRegConnection, pwszSubKey ? pwszKeyNameWithSubKey : pKeyCtx->pwszKeyName, KEY_SET_VALUE, &pKeyHandleInUse); BAIL_ON_NT_STATUS(status); status = RegSrvAccessCheckKeyHandle(pKeyHandleInUse, KEY_SET_VALUE); BAIL_ON_NT_STATUS(status); pKeyCtxInUse = pKeyHandleInUse->pKey; BAIL_ON_INVALID_KEY_CONTEXT(pKeyCtxInUse); status = LwRtlWC16StringDuplicate(&pwszValueName, !pValueName ? wszEmptyValueName : pValueName); BAIL_ON_NT_STATUS(status); status = RegDbGetValueAttributes( ghCacheConnection, pKeyCtxInUse->qwId, (PCWSTR)pwszValueName, (REG_DATA_TYPE)pValueAttributes->ValueType, &bIsWrongType, NULL); if (!status) { status = STATUS_DUPLICATE_NAME; BAIL_ON_NT_STATUS(status); } else if (STATUS_OBJECT_NAME_NOT_FOUND == status) { status = 0; } BAIL_ON_NT_STATUS(status); pData = pValueAttributes->pDefaultValue; cbData = pValueAttributes->DefaultValueLen; if (cbData == 0) { goto done; } switch (pValueAttributes->ValueType) { case REG_BINARY: case REG_DWORD: break; case REG_MULTI_SZ: case REG_SZ: if (cbData == 1) { status = STATUS_INTERNAL_ERROR; BAIL_ON_NT_STATUS(status); } if (!pData || pData[cbData-1] != '\0' || pData[cbData-2] != '\0' ) { status = STATUS_INVALID_PARAMETER; BAIL_ON_NT_STATUS(status); } break; default: status = STATUS_NOT_SUPPORTED; BAIL_ON_NT_STATUS(status); } done: status = RegDbSetValueAttributes(ghCacheConnection, pKeyCtxInUse->qwId, pwszValueName, pValueAttributes); BAIL_ON_NT_STATUS(status); SqliteCacheResetKeyValueInfo(pKeyCtxInUse->pwszKeyName); cleanup: LWREG_SAFE_FREE_MEMORY(pwszValueName); LWREG_SAFE_FREE_MEMORY(pwszKeyNameWithSubKey); SqliteSafeFreeKeyHandle(pKeyHandleInUse); return status; error: goto cleanup; }
NTSTATUS SqliteDeleteValueAttributes( IN HANDLE hRegConnection, IN HKEY hKey, IN OPTIONAL PCWSTR pwszSubKey, IN PCWSTR pValueName ) { NTSTATUS status = STATUS_SUCCESS; PWSTR pwszValueName = NULL; wchar16_t wszEmptyValueName[] = REG_EMPTY_VALUE_NAME_W; PWSTR pwszKeyNameWithSubKey = NULL; PREG_KEY_HANDLE pKeyHandle = (PREG_KEY_HANDLE)hKey; PREG_KEY_CONTEXT pKeyCtx = NULL; PREG_KEY_HANDLE pKeyHandleInUse = NULL; PREG_KEY_CONTEXT pKeyCtxInUse = NULL; BAIL_ON_NT_INVALID_POINTER(pKeyHandle); pKeyCtx = pKeyHandle->pKey; BAIL_ON_INVALID_KEY_CONTEXT(pKeyCtx); if (pwszSubKey) { status = LwRtlWC16StringAllocatePrintfW( &pwszKeyNameWithSubKey, L"%ws\\%ws", pKeyCtx->pwszKeyName, pwszSubKey); BAIL_ON_NT_STATUS(status); } status = SqliteOpenKeyInternal(hRegConnection, pwszSubKey ? pwszKeyNameWithSubKey : pKeyCtx->pwszKeyName, KEY_SET_VALUE | DELETE, &pKeyHandleInUse); BAIL_ON_NT_STATUS(status); status = RegSrvAccessCheckKeyHandle(pKeyHandleInUse, KEY_SET_VALUE); BAIL_ON_NT_STATUS(status); pKeyCtxInUse = pKeyHandleInUse->pKey; BAIL_ON_INVALID_KEY_CONTEXT(pKeyCtxInUse); status = LwRtlWC16StringDuplicate(&pwszValueName, !pValueName ? wszEmptyValueName : pValueName); BAIL_ON_NT_STATUS(status); status = RegDbGetValueAttributes( ghCacheConnection, pKeyCtxInUse->qwId, (PCWSTR)pwszValueName, REG_NONE, NULL, NULL); BAIL_ON_NT_STATUS(status); status = RegDbDeleteValueAttributes(ghCacheConnection, pKeyCtxInUse->qwId, (PCWSTR)pwszValueName); BAIL_ON_NT_STATUS(status); SqliteCacheResetKeyValueInfo(pKeyCtxInUse->pwszKeyName); cleanup: SqliteSafeFreeKeyHandle(pKeyHandleInUse); LWREG_SAFE_FREE_MEMORY(pwszValueName); LWREG_SAFE_FREE_MEMORY(pwszKeyNameWithSubKey); return status; error: goto cleanup; }
NTSTATUS SqliteGetValueAttributes_Internal( IN HANDLE hRegConnection, IN HKEY hKey, IN OPTIONAL PCWSTR pwszSubKey, IN PCWSTR pValueName, IN OPTIONAL REG_DATA_TYPE dwType, // Whether bail or not in case there is no value attributes IN BOOLEAN bDoBail, OUT OPTIONAL PLWREG_CURRENT_VALUEINFO* ppCurrentValue, OUT OPTIONAL PLWREG_VALUE_ATTRIBUTES* ppValueAttributes ) { NTSTATUS status = STATUS_SUCCESS; PWSTR pwszValueName = NULL; PREG_DB_VALUE_ATTRIBUTES pRegEntry = NULL; PREG_DB_VALUE pRegValueEntry = NULL; BOOLEAN bIsWrongType = FALSE; wchar16_t wszEmptyValueName[] = REG_EMPTY_VALUE_NAME_W; PWSTR pwszKeyNameWithSubKey = NULL; PREG_KEY_HANDLE pKeyHandle = (PREG_KEY_HANDLE)hKey; PREG_KEY_CONTEXT pKeyCtx = NULL; PREG_KEY_HANDLE pKeyHandleInUse = NULL; PREG_KEY_CONTEXT pKeyCtxInUse = NULL; PLWREG_CURRENT_VALUEINFO pCurrentValue = NULL; BOOLEAN bInDbLock = FALSE; BOOLEAN bInLock = FALSE; PSTR pszError = NULL; PREG_DB_CONNECTION pConn = (PREG_DB_CONNECTION)ghCacheConnection; PREG_SRV_API_STATE pServerState = (PREG_SRV_API_STATE)hRegConnection; BAIL_ON_NT_INVALID_POINTER(pKeyHandle); pKeyCtx = pKeyHandle->pKey; BAIL_ON_INVALID_KEY_CONTEXT(pKeyCtx); if (!ppCurrentValue && !ppValueAttributes) { status = STATUS_INVALID_PARAMETER; BAIL_ON_NT_STATUS(status); } if (pwszSubKey) { status = LwRtlWC16StringAllocatePrintfW( &pwszKeyNameWithSubKey, L"%ws\\%ws", pKeyCtx->pwszKeyName, pwszSubKey); BAIL_ON_NT_STATUS(status); } if (!pServerState->pToken) { status = RegSrvCreateAccessToken(pServerState->peerUID, pServerState->peerGID, &pServerState->pToken); BAIL_ON_NT_STATUS(status); } LWREG_LOCK_MUTEX(bInLock, &gActiveKeyList.mutex); ENTER_SQLITE_LOCK(&pConn->lock, bInDbLock); status = sqlite3_exec( pConn->pDb, "begin;", NULL, NULL, &pszError); BAIL_ON_SQLITE3_ERROR(status, pszError); // pServerState->pToken should be created at this point status = SqliteOpenKeyInternal_inlock_inDblock( hRegConnection, pwszSubKey ? pwszKeyNameWithSubKey : pKeyCtx->pwszKeyName, KEY_QUERY_VALUE, &pKeyHandleInUse); BAIL_ON_NT_STATUS(status); // ACL check status = RegSrvAccessCheckKeyHandle(pKeyHandleInUse, KEY_QUERY_VALUE); BAIL_ON_NT_STATUS(status); pKeyCtxInUse = pKeyHandleInUse->pKey; BAIL_ON_INVALID_KEY_CONTEXT(pKeyCtxInUse); status = LwRtlWC16StringDuplicate(&pwszValueName, !pValueName ? wszEmptyValueName : pValueName); BAIL_ON_NT_STATUS(status); // Optionally get value if (ppCurrentValue) { status = RegDbGetKeyValue_inlock( ghCacheConnection, pKeyCtxInUse->qwId, pwszValueName, dwType, &bIsWrongType, &pRegValueEntry); if (!status) { status = LW_RTL_ALLOCATE((PVOID*)&pCurrentValue, LWREG_CURRENT_VALUEINFO, sizeof(*pCurrentValue)); BAIL_ON_NT_STATUS(status); pCurrentValue->cbData = pRegValueEntry->dwValueLen; pCurrentValue->dwType = pRegValueEntry->type; if (pCurrentValue->cbData) { status = LW_RTL_ALLOCATE((PVOID*)&pCurrentValue->pvData, VOID, pCurrentValue->cbData); BAIL_ON_NT_STATUS(status); memcpy(pCurrentValue->pvData, pRegValueEntry->pValue, pCurrentValue->cbData); } } else if (LW_STATUS_OBJECT_NAME_NOT_FOUND == status) { status = 0; } BAIL_ON_NT_STATUS(status); } // Get value attributes if (ppValueAttributes) { status = RegDbGetValueAttributes_inlock( ghCacheConnection, pKeyCtxInUse->qwId, pwszValueName, REG_NONE, &bIsWrongType, &pRegEntry); if (!bDoBail && LW_STATUS_OBJECT_NAME_NOT_FOUND == status) { status = LW_RTL_ALLOCATE((PVOID*)&pRegEntry, REG_DB_VALUE_ATTRIBUTES, sizeof(*pRegEntry)); BAIL_ON_NT_STATUS(status); } BAIL_ON_NT_STATUS(status); } status = sqlite3_exec( pConn->pDb, "end", NULL, NULL, &pszError); BAIL_ON_SQLITE3_ERROR(status, pszError); REG_LOG_VERBOSE("Registry::sqldb.c SqliteGetValueAttributes_Internal() finished"); if (ppCurrentValue) { *ppCurrentValue = pCurrentValue; pCurrentValue = NULL; } if (ppValueAttributes) { *ppValueAttributes = pRegEntry->pValueAttributes; pRegEntry->pValueAttributes = NULL; } cleanup: LEAVE_SQLITE_LOCK(&pConn->lock, bInDbLock); LWREG_UNLOCK_MUTEX(bInLock, &gActiveKeyList.mutex); SqliteSafeFreeKeyHandle(pKeyHandleInUse); LWREG_SAFE_FREE_MEMORY(pwszValueName); LWREG_SAFE_FREE_MEMORY(pwszKeyNameWithSubKey); RegDbSafeFreeEntryValue(&pRegValueEntry); RegSafeFreeCurrentValueInfo(&pCurrentValue); RegDbSafeFreeEntryValueAttributes(&pRegEntry); return status; error: if (pszError) { sqlite3_free(pszError); } sqlite3_exec(pConn->pDb, "rollback", NULL, NULL, NULL); if (ppCurrentValue) { *ppCurrentValue = NULL; } if (ppValueAttributes) { *ppValueAttributes = NULL; } goto cleanup; }