static WERROR rpc_open_key(TALLOC_CTX *mem_ctx, struct registry_key *h, const char *name, struct registry_key **key) { struct rpc_key *parentkeydata = talloc_get_type(h, struct rpc_key), *mykeydata; struct winreg_OpenKey r; NTSTATUS status; mykeydata = talloc_zero(mem_ctx, struct rpc_key); mykeydata->key.context = parentkeydata->key.context; mykeydata->pipe = talloc_reference(mykeydata, parentkeydata->pipe); mykeydata->num_values = -1; mykeydata->num_subkeys = -1; *key = (struct registry_key *)mykeydata; /* Then, open the handle using the hive */ ZERO_STRUCT(r); r.in.parent_handle = &parentkeydata->pol; r.in.keyname.name = name; r.in.unknown = 0x00000000; r.in.access_mask = 0x02000000; r.out.handle = &mykeydata->pol; status = dcerpc_winreg_OpenKey(mykeydata->pipe, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("OpenKey failed - %s\n", nt_errstr(status))); return ntstatus_to_werror(status); } return r.out.result; }
static WERROR rpc_key_put_rpc_data(TALLOC_CTX *mem_ctx, struct registry_key *k) { struct winreg_OpenKey r; struct rpc_key_data *mykeydata; k->backend_data = mykeydata = talloc_zero(mem_ctx, struct rpc_key_data); mykeydata->num_values = -1; mykeydata->num_subkeys = -1; /* Then, open the handle using the hive */ ZERO_STRUCT(r); r.in.handle = &(((struct rpc_key_data *)k->hive->root->backend_data)->pol); r.in.keyname.name = k->path; r.in.unknown = 0x00000000; r.in.access_mask = 0x02000000; r.out.handle = &mykeydata->pol; dcerpc_winreg_OpenKey((struct dcerpc_pipe *)k->hive->backend_data, mem_ctx, &r); return r.out.result; }
static WERROR cmd_winreg_querymultiplevalues_ex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv, bool multiplevalues2) { NTSTATUS status; WERROR werr; struct policy_handle handle, key_handle; struct winreg_String key_name = { 0, }; struct dcerpc_binding_handle *b = cli->binding_handle; struct QueryMultipleValue *values_in, *values_out; uint32_t num_values; uint8_t *buffer = NULL; int i; if (argc < 2) { printf("usage: %s [key] [value1] [value2] ...\n", argv[0]); return WERR_OK; } status = dcerpc_winreg_OpenHKLM(b, mem_ctx, NULL, SEC_FLAG_MAXIMUM_ALLOWED, &handle, &werr); if (!NT_STATUS_IS_OK(status)) { return ntstatus_to_werror(status); } if (!W_ERROR_IS_OK(werr)) { return werr; } key_name.name = argv[1]; status = dcerpc_winreg_OpenKey(b, mem_ctx, &handle, key_name, 0, /* options */ SEC_FLAG_MAXIMUM_ALLOWED, &key_handle, &werr); if (!NT_STATUS_IS_OK(status)) { return ntstatus_to_werror(status); } if (!W_ERROR_IS_OK(werr)) { return werr; } num_values = argc-2; values_in = talloc_zero_array(mem_ctx, struct QueryMultipleValue, num_values); if (values_in == NULL) { return WERR_NOMEM; } values_out = talloc_zero_array(mem_ctx, struct QueryMultipleValue, num_values); if (values_out == NULL) { return WERR_NOMEM; } for (i=0; i < num_values; i++) { values_in[i].ve_valuename = talloc_zero(values_in, struct winreg_ValNameBuf); if (values_in[i].ve_valuename == NULL) { return WERR_NOMEM; } values_in[i].ve_valuename->name = talloc_strdup(values_in[i].ve_valuename, argv[i+2]); values_in[i].ve_valuename->length = strlen_m_term_null(values_in[i].ve_valuename->name)*2; values_in[i].ve_valuename->size = values_in[i].ve_valuename->length; } if (multiplevalues2) { uint32_t offered = 0, needed = 0; status = dcerpc_winreg_QueryMultipleValues2(b, mem_ctx, &key_handle, values_in, values_out, num_values, buffer, &offered, &needed, &werr); if (!NT_STATUS_IS_OK(status)) { return ntstatus_to_werror(status); } if (W_ERROR_EQUAL(werr, WERR_MORE_DATA)) { offered = needed; buffer = talloc_zero_array(mem_ctx, uint8_t, needed); if (buffer == NULL) { return WERR_NOMEM; } status = dcerpc_winreg_QueryMultipleValues2(b, mem_ctx, &key_handle, values_in, values_out, num_values, buffer, &offered, &needed, &werr); if (!NT_STATUS_IS_OK(status)) { return ntstatus_to_werror(status); } if (!W_ERROR_IS_OK(werr)) { return werr; } } } else { uint32_t buffer_size = 0xff; buffer = talloc_zero_array(mem_ctx, uint8_t, buffer_size); if (buffer == NULL) { return WERR_NOMEM; } status = dcerpc_winreg_QueryMultipleValues(b, mem_ctx, &key_handle, values_in, values_out, num_values, buffer, &buffer_size, &werr); if (!NT_STATUS_IS_OK(status)) { return ntstatus_to_werror(status); } if (!W_ERROR_IS_OK(werr)) { return werr; } } for (i=0; i < num_values; i++) { if (buffer) { display_winreg_data(values_in[i].ve_valuename->name, values_out[i].ve_type, buffer + values_out[i].ve_valueptr, values_out[i].ve_valuelen); } } return WERR_OK; }