const char *svcctl_get_string_value(TALLOC_CTX *mem_ctx,
struct messaging_context *msg_ctx,
const struct auth_session_info *session_info,
const char *key_name,
const char *value_name)
{
struct dcerpc_binding_handle *h = NULL;
uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
struct policy_handle hive_hnd, key_hnd;
const char *data = NULL;
char *path = NULL;
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
WERROR result = WERR_OK;
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
return NULL;
}
path = talloc_asprintf(tmp_ctx, "%s\\%s",
TOP_LEVEL_SERVICES_KEY, key_name);
if (path == NULL) {
goto done;
}
status = dcerpc_winreg_int_hklm_openkey(tmp_ctx,
session_info,
msg_ctx,
&h,
path,
false,
access_mask,
&hive_hnd,
&key_hnd,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(2, ("svcctl_get_string_value: Could not open %s - %s\n",
path, nt_errstr(status)));
goto done;
}
if (!W_ERROR_IS_OK(result)) {
DEBUG(2, ("svcctl_get_string_value: Could not open %s - %s\n",
path, win_errstr(result)));
goto done;
}
status = dcerpc_winreg_query_sz(mem_ctx,
h,
&key_hnd,
value_name,
&data,
&result);
done:
talloc_free(tmp_ctx);
return data;
}
bool svcctl_init_winreg(struct messaging_context *msg_ctx)
{
struct dcerpc_binding_handle *h = NULL;
uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
struct policy_handle hive_hnd, key_hnd;
const char **service_list = lp_svcctl_list();
const char **subkeys = NULL;
uint32_t num_subkeys = 0;
char *key = NULL;
uint32_t i;
NTSTATUS status;
WERROR result = WERR_OK;
bool ok = false;
TALLOC_CTX *tmp_ctx;
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
return false;
}
DEBUG(3, ("Initialise the svcctl registry keys if needed.\n"));
ZERO_STRUCT(hive_hnd);
ZERO_STRUCT(key_hnd);
key = talloc_strdup(tmp_ctx, TOP_LEVEL_SERVICES_KEY);
if (key == NULL) {
goto done;
}
result = regdb_open();
if (!W_ERROR_IS_OK(result)) {
DEBUG(10, ("regdb_open failed: %s\n",
win_errstr(result)));
goto done;
}
result = regdb_transaction_start();
if (!W_ERROR_IS_OK(result)) {
DEBUG(10, ("regdb_transaction_start failed: %s\n",
win_errstr(result)));
goto done;
}
status = dcerpc_winreg_int_hklm_openkey(tmp_ctx,
get_session_info_system(),
msg_ctx,
&h,
key,
false,
access_mask,
&hive_hnd,
&key_hnd,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("svcctl_init_winreg: Could not open %s - %s\n",
key, nt_errstr(status)));
goto done;
}
if (!W_ERROR_IS_OK(result)) {
DEBUG(0, ("svcctl_init_winreg: Could not open %s - %s\n",
key, win_errstr(result)));
goto done;
}
/* get all subkeys */
status = dcerpc_winreg_enum_keys(tmp_ctx,
h,
&key_hnd,
&num_subkeys,
&subkeys,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("svcctl_init_winreg: Could enum keys at %s - %s\n",
key, nt_errstr(status)));
goto done;
}
if (!W_ERROR_IS_OK(result)) {
DEBUG(0, ("svcctl_init_winreg: Could enum keys at %s - %s\n",
key, win_errstr(result)));
goto done;
}
for (i = 0; builtin_svcs[i].servicename != NULL; i++) {
uint32_t j;
bool skip = false;
for (j = 0; j < num_subkeys; j++) {
if (strequal(subkeys[i], builtin_svcs[i].servicename)) {
skip = true;
}
}
if (skip) {
continue;
}
ok = svcctl_add_service(tmp_ctx,
h,
&hive_hnd,
key,
access_mask,
builtin_svcs[i].servicename);
if (!ok) {
goto done;
}
}
for (i = 0; service_list && service_list[i]; i++) {
uint32_t j;
bool skip = false;
for (j = 0; j < num_subkeys; j++) {
if (strequal(subkeys[i], service_list[i])) {
skip = true;
}
}
if (skip) {
continue;
}
ok = svcctl_add_service(tmp_ctx,
h,
&hive_hnd,
key,
access_mask,
service_list[i]);
if (is_valid_policy_hnd(&key_hnd)) {
dcerpc_winreg_CloseKey(h, tmp_ctx, &key_hnd, &result);
}
ZERO_STRUCT(key_hnd);
if (!ok) {
goto done;
}
}
done:
if (is_valid_policy_hnd(&key_hnd)) {
dcerpc_winreg_CloseKey(h, tmp_ctx, &key_hnd, &result);
}
if (ok) {
result = regdb_transaction_commit();
if (!W_ERROR_IS_OK(result)) {
DEBUG(10, ("regdb_transaction_commit failed: %s\n",
win_errstr(result)));
}
} else {
result = regdb_transaction_cancel();
if (!W_ERROR_IS_OK(result)) {
DEBUG(10, ("regdb_transaction_cancel failed: %s\n",
win_errstr(result)));
}
}
regdb_close();
talloc_free(tmp_ctx);
return ok;
}
static bool sync_eventlog_params(TALLOC_CTX *mem_ctx,
struct messaging_context *msg_ctx,
EVENTLOG_INFO *info)
{
struct dcerpc_binding_handle *h = NULL;
uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
struct policy_handle hive_hnd, key_hnd;
uint32_t uiMaxSize = 0;
uint32_t uiRetention = 0;
char *path = NULL;
NTSTATUS status;
WERROR wresult = WERR_OK;
char *elogname = info->logname;
TALLOC_CTX *ctx;
bool ret = false;
ctx = talloc_stackframe();
if (ctx == NULL) {
return false;
}
DEBUG( 4, ( "sync_eventlog_params with %s\n", elogname ) );
if ( !info->etdb ) {
DEBUG( 4, ( "No open tdb! (%s)\n", info->logname ) );
goto done;
}
/* set resonable defaults. 512Kb on size and 1 week on time */
uiMaxSize = 0x80000;
uiRetention = 604800;
/* the general idea is to internally open the registry
key and retrieve the values. That way we can continue
to use the same fetch/store api that we use in
srv_reg_nt.c */
path = talloc_asprintf(ctx, "%s\\%s", TOP_LEVEL_EVENTLOG_KEY, elogname);
if (!path) {
goto done;
}
status = dcerpc_winreg_int_hklm_openkey(ctx,
get_session_info_system(),
msg_ctx,
&h,
path,
false,
access_mask,
&hive_hnd,
&key_hnd,
&wresult);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(4,("sync_eventlog_params: Failed to open key [%s] (%s)\n",
path, nt_errstr(status)));
goto done;
}
if ( !W_ERROR_IS_OK( wresult ) ) {
DEBUG( 4,
( "sync_eventlog_params: Failed to open key [%s] (%s)\n",
path, win_errstr( wresult ) ) );
goto done;
}
status = dcerpc_winreg_query_dword(ctx,
h,
&key_hnd,
"Retention",
&uiRetention,
&wresult);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(4, ("Failed to query value \"Retention\": %s\n",
nt_errstr(status)));
goto done;
}
if (!W_ERROR_IS_OK(wresult)) {
DEBUG(4, ("Failed to query value \"Retention\": %s\n",
win_errstr(wresult)));
goto done;
}
status = dcerpc_winreg_query_dword(ctx,
h,
&key_hnd,
"MaxSize",
&uiMaxSize,
&wresult);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(4, ("Failed to query value \"Retention\": %s\n",
nt_errstr(status)));
goto done;
}
if (!W_ERROR_IS_OK(wresult)) {
DEBUG(4, ("Failed to query value \"MaxSize\": %s\n",
win_errstr(wresult)));
goto done;
}
tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_MAXSIZE, uiMaxSize );
tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_RETENTION, uiRetention );
ret = true;
done:
if (h != NULL) {
WERROR ignore;
if (is_valid_policy_hnd(&key_hnd)) {
dcerpc_winreg_CloseKey(h, ctx, &key_hnd, &ignore);
}
if (is_valid_policy_hnd(&hive_hnd)) {
dcerpc_winreg_CloseKey(h, ctx, &hive_hnd, &ignore);
}
}
TALLOC_FREE(ctx);
return ret;
}
struct security_descriptor *svcctl_get_secdesc(TALLOC_CTX *mem_ctx,
struct messaging_context *msg_ctx,
const struct auth_session_info *session_info,
const char *name)
{
struct dcerpc_binding_handle *h = NULL;
uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
struct policy_handle hive_hnd, key_hnd;
struct security_descriptor *sd = NULL;
char *key = NULL;
NTSTATUS status;
WERROR result = WERR_OK;
key = talloc_asprintf(mem_ctx,
"%s\\%s\\Security",
TOP_LEVEL_SERVICES_KEY, name);
if (key == NULL) {
return NULL;
}
status = dcerpc_winreg_int_hklm_openkey(mem_ctx,
session_info,
msg_ctx,
&h,
key,
false,
access_mask,
&hive_hnd,
&key_hnd,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(2, ("svcctl_set_secdesc: Could not open %s - %s\n",
key, nt_errstr(status)));
return NULL;
}
if (!W_ERROR_IS_OK(result)) {
DEBUG(2, ("svcctl_set_secdesc: Could not open %s - %s\n",
key, win_errstr(result)));
return NULL;
}
status = dcerpc_winreg_query_sd(mem_ctx,
h,
&key_hnd,
"Security",
&sd,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(2, ("svcctl_get_secdesc: error getting value 'Security': "
"%s\n", nt_errstr(status)));
return NULL;
}
if (W_ERROR_EQUAL(result, WERR_FILE_NOT_FOUND)) {
goto fallback_to_default_sd;
} else if (!W_ERROR_IS_OK(result)) {
DEBUG(2, ("svcctl_get_secdesc: error getting value 'Security': "
"%s\n", win_errstr(result)));
return NULL;
}
goto done;
fallback_to_default_sd:
DEBUG(6, ("svcctl_get_secdesc: constructing default secdesc for "
"service [%s]\n", name));
sd = svcctl_gen_service_sd(mem_ctx);
done:
return sd;
}
bool svcctl_set_secdesc(struct messaging_context *msg_ctx,
const struct auth_session_info *session_info,
const char *name,
struct security_descriptor *sd)
{
struct dcerpc_binding_handle *h = NULL;
uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
struct policy_handle hive_hnd;
struct policy_handle key_hnd = { 0, };
char *key = NULL;
bool ok = false;
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
WERROR result = WERR_OK;
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
return false;
}
key = talloc_asprintf(tmp_ctx, "%s\\%s", TOP_LEVEL_SERVICES_KEY, name);
if (key == NULL) {
goto done;
}
status = dcerpc_winreg_int_hklm_openkey(tmp_ctx,
session_info,
msg_ctx,
&h,
key,
false,
access_mask,
&hive_hnd,
&key_hnd,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("svcctl_set_secdesc: Could not open %s - %s\n",
key, nt_errstr(status)));
goto done;
}
if (!W_ERROR_IS_OK(result)) {
DEBUG(0, ("svcctl_set_secdesc: Could not open %s - %s\n",
key, win_errstr(result)));
goto done;
}
if (is_valid_policy_hnd(&key_hnd)) {
dcerpc_winreg_CloseKey(h, tmp_ctx, &key_hnd, &result);
}
{
enum winreg_CreateAction action = REG_ACTION_NONE;
struct winreg_String wkey = { 0, };
struct winreg_String wkeyclass;
wkey.name = talloc_asprintf(tmp_ctx, "%s\\Security", key);
if (wkey.name == NULL) {
result = WERR_NOT_ENOUGH_MEMORY;
goto done;
}
ZERO_STRUCT(wkeyclass);
wkeyclass.name = "";
status = dcerpc_winreg_CreateKey(h,
tmp_ctx,
&hive_hnd,
wkey,
wkeyclass,
0,
access_mask,
NULL,
&key_hnd,
&action,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(2, ("svcctl_set_secdesc: Could not create key %s: %s\n",
wkey.name, nt_errstr(status)));
goto done;
}
if (!W_ERROR_IS_OK(result)) {
DEBUG(2, ("svcctl_set_secdesc: Could not create key %s: %s\n",
wkey.name, win_errstr(result)));
goto done;
}
status = dcerpc_winreg_set_sd(tmp_ctx,
h,
&key_hnd,
"Security",
sd,
&result);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
if (!W_ERROR_IS_OK(result)) {
goto done;
}
}
ok = true;
done:
if (is_valid_policy_hnd(&key_hnd)) {
dcerpc_winreg_CloseKey(h, tmp_ctx, &key_hnd, &result);
}
talloc_free(tmp_ctx);
return ok;
}
