source: releases/0.4.0/include/regfi.h@ 293

Last change on this file since 293 was 84, checked in by tim, 18 years ago

rearranged structure contents to reduce fragmentation on 64 bit systems.

make regfi interface return const structures to help enforce separation

removed a little cruft from some parsing functions
  • Property svn:keywords set to Id
File size: 9.6 KB
Line 
1/*
2 * Branched from Samba project, Subversion repository version #6903:
3 * http://viewcvs.samba.org/cgi-bin/viewcvs.cgi/trunk/source/include/regfio.h?rev=6903&view=auto
4 *
5 * Unix SMB/CIFS implementation.
6 * Windows NT registry I/O library
7 *
8 * Copyright (C) 2005-2007 Timothy D. Morgan
9 * Copyright (C) 2005 Gerald (Jerry) Carter
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; version 2 of the License.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 *
24 * $Id: regfi.h 84 2007-01-19 14:52:25Z tim $
25 */
26
27/************************************************************
28 * Most of this information was obtained from
29 * http://www.wednesday.demon.co.uk/dosreg.html
30 * Thanks Nigel!
31 ***********************************************************/
32
33#ifndef _REGFI_H
34#define _REGFI_H
35
36#include <stdlib.h>
37#include <stdio.h>
38#include <stdbool.h>
39#include <string.h>
40#include <errno.h>
41#include <time.h>
42#include <fcntl.h>
43#include <sys/stat.h>
44#include <sys/types.h>
45#include <unistd.h>
46#include <assert.h>
47
48#include "smb_deps.h"
49#include "void_stack.h"
50
51/******************************************************************************/
52/* Macros */
53
54/* Registry data types */
55#define REG_NONE 0
56#define REG_SZ 1
57#define REG_EXPAND_SZ 2
58#define REG_BINARY 3
59#define REG_DWORD 4
60#define REG_DWORD_LE 4 /* DWORD, little endian */
61#define REG_DWORD_BE 5 /* DWORD, big endian */
62#define REG_LINK 6
63#define REG_MULTI_SZ 7
64#define REG_RESOURCE_LIST 8
65#define REG_FULL_RESOURCE_DESCRIPTOR 9
66#define REG_RESOURCE_REQUIREMENTS_LIST 10
67#define REG_QWORD 11 /* 64-bit little endian */
68/* XXX: Has MS defined a REG_QWORD_BE? */
69/* Not a real type in the registry */
70#define REG_KEY 0x7FFFFFFF
71
72
73#define REGF_BLOCKSIZE 0x1000
74#define REGF_ALLOC_BLOCK 0x1000
75#define REGF_MAX_DEPTH 512
76
77/* header sizes for various records */
78
79#define REGF_HDR_SIZE 4
80#define HBIN_HDR_SIZE 4
81#define HBIN_HEADER_REC_SIZE 0x24
82#define REC_HDR_SIZE 2
83
84#define REGF_OFFSET_NONE 0xffffffff
85
86/* Flags for the vk records */
87
88#define VK_FLAG_NAME_PRESENT 0x0001
89#define VK_DATA_IN_OFFSET 0x80000000
90#define VK_MAX_DATA_LENGTH 1024*1024
91
92/* NK record macros */
93
94#define NK_TYPE_LINKKEY 0x0010
95#define NK_TYPE_NORMALKEY 0x0020
96#define NK_TYPE_ROOTKEY 0x002c
97
98#define HBIN_STORE_REF(x, y) { x->hbin = y; y->ref_count++ };
99/* if the count == 0; we can clean up */
100#define HBIN_REMOVE_REF(x, y){ x->hbin = NULL; y->ref_count-- };
101
102
103/* HBIN block */
104struct regf_hbin;
105typedef struct regf_hbin {
106 struct regf_hbin* prev;
107 struct regf_hbin* next;
108 uint32 file_off; /* my offset in the registry file */
109 uint32 free_off; /* offset to free space within the hbin record */
110 uint32 free_size; /* amount of data left in the block */
111 uint32 ref_count; /* how many active records are pointing to this
112 * block (not used currently)
113 */
114
115 uint32 first_hbin_off; /* offset from first hbin block */
116 uint32 block_size; /* block size of this block is
117 * usually a multiple of 4096Kb
118 */
119 uint8 header[HBIN_HDR_SIZE]; /* "hbin" */
120 prs_struct ps; /* data */
121 bool dirty; /* has this hbin block been modified? */
122} REGF_HBIN;
123
124/* ??? List -- list of key offsets and hashed names for consistency */
125typedef struct {
126 uint32 nk_off;
127 uint8 keycheck[sizeof(uint32)];
128} REGF_HASH_REC;
129
130typedef struct {
131 REGF_HBIN* hbin; /* pointer to HBIN record (in memory) containing
132 * this nk record
133 */
134 REGF_HASH_REC* hashes;
135 uint32 hbin_off; /* offset from beginning of this hbin block */
136 uint32 rec_size; /* ((start_offset - end_offset) & 0xfffffff8) */
137
138 uint8 header[REC_HDR_SIZE];
139 uint16 num_keys;
140} REGF_LF_REC;
141
142/* Key Value */
143
144typedef struct {
145 REGF_HBIN* hbin; /* pointer to HBIN record (in memory) containing
146 * this nk record
147 */
148 char* valuename;
149 uint8* data;
150 uint32 hbin_off; /* offset from beginning of this hbin block */
151 uint32 rec_size; /* ((start_offset - end_offset) & 0xfffffff8) */
152 uint32 rec_off; /* offset stored in the value list */
153
154 uint32 data_size;
155 uint32 data_off;
156 uint32 type;
157 uint8 header[REC_HDR_SIZE];
158 uint16 flag;
159} REGF_VK_REC;
160
161
162/* Key Security */
163struct _regf_sk_rec;
164
165typedef struct _regf_sk_rec {
166 struct _regf_sk_rec* next;
167 struct _regf_sk_rec* prev;
168 REGF_HBIN* hbin; /* pointer to HBIN record (in memory) containing
169 * this nk record
170 */
171 SEC_DESC* sec_desc;
172 uint32 hbin_off; /* offset from beginning of this hbin block */
173 uint32 rec_size; /* ((start_offset - end_offset) & 0xfffffff8) */
174
175 uint32 sk_off; /* offset parsed from NK record used as a key
176 * to lookup reference to this SK record
177 */
178
179 uint32 prev_sk_off;
180 uint32 next_sk_off;
181 uint32 ref_count;
182 uint32 size;
183 uint8 header[REC_HDR_SIZE];
184} REGF_SK_REC;
185
186
187/* Key Name */
188typedef struct {
189 uint32 hbin_off; /* offset from beginning of this hbin block */
190 uint32 rec_size; /* ((start_offset - end_offset) & 0xfffffff8) */
191 REGF_HBIN *hbin; /* pointer to HBIN record (in memory) containing
192 * this nk record */
193
194 /* link in the other records here */
195 REGF_VK_REC* values;
196 REGF_SK_REC* sec_desc;
197 REGF_LF_REC subkeys;
198
199 /* header information */
200 /* XXX: should we be looking for types other than the root key type? */
201 uint16 key_type;
202 uint8 header[REC_HDR_SIZE];
203 NTTIME mtime;
204 char* classname;
205 char* keyname;
206 uint32 parent_off; /* back pointer in registry hive */
207 uint32 classname_off;
208
209 /* max lengths */
210 uint32 max_bytes_subkeyname; /* max subkey name * 2 */
211 uint32 max_bytes_subkeyclassname; /* max subkey classname length (as if) */
212 uint32 max_bytes_valuename; /* max valuename * 2 */
213 uint32 max_bytes_value; /* max value data size */
214
215 /* unknowns */
216 uint32 unk_index; /* nigel says run time index ? */
217
218 /* children */
219 uint32 num_subkeys;
220 uint32 subkeys_off; /* hash records that point to NK records */
221 uint32 num_values;
222 uint32 values_off; /* value lists which point to VK records */
223 uint32 sk_off; /* offset to SK record */
224
225} REGF_NK_REC;
226
227
228/* REGF block */
229typedef struct {
230 /* run time information */
231 int fd; /* file descriptor */
232 int open_flags; /* flags passed to the open() call */
233 void* mem_ctx; /* memory context for run-time file access information */
234 REGF_HBIN* block_list; /* list of open hbin blocks */
235
236 /* file format information */
237 REGF_SK_REC* sec_desc_list; /* list of security descriptors referenced
238 * by NK records
239 */
240
241 uint8 header[REGF_HDR_SIZE]; /* "regf" */
242 NTTIME mtime;
243 uint32 data_offset; /* offset to record in the first (or any?)
244 * hbin block
245 */
246 uint32 last_block; /* offset to last hbin block in file */
247 uint32 checksum; /* XOR of bytes 0x0000 - 0x01FB */
248
249 /* unknowns */
250 uint32 unknown1;
251 uint32 unknown2;
252 uint32 unknown3;
253 uint32 unknown4;
254 uint32 unknown5;
255 uint32 unknown6;
256} REGF_FILE;
257
258
259typedef struct {
260 REGF_FILE* f;
261 void_stack* key_positions;
262 REGF_NK_REC* cur_key;
263 uint32 cur_subkey;
264 uint32 cur_value;
265} REGFI_ITERATOR;
266
267
268typedef struct {
269 REGF_NK_REC* nk;
270 uint32 cur_subkey;
271 /* We could store a cur_value here as well, but didn't see
272 * the use in it right now.
273 */
274} REGFI_ITER_POSITION;
275
276
277/******************************************************************************/
278/* Function Declarations */
279
280const char* regfi_type_val2str(unsigned int val);
281int regfi_type_str2val(const char* str);
282
283char* regfi_get_sacl(SEC_DESC* sec_desc);
284char* regfi_get_dacl(SEC_DESC* sec_desc);
285char* regfi_get_owner(SEC_DESC* sec_desc);
286char* regfi_get_group(SEC_DESC* sec_desc);
287
288REGF_FILE* regfi_open(const char* filename);
289int regfi_close(REGF_FILE* r);
290
291REGFI_ITERATOR* regfi_iterator_new(REGF_FILE* fh);
292void regfi_iterator_free(REGFI_ITERATOR* i);
293bool regfi_iterator_down(REGFI_ITERATOR* i);
294bool regfi_iterator_up(REGFI_ITERATOR* i);
295bool regfi_iterator_to_root(REGFI_ITERATOR* i);
296
297bool regfi_iterator_find_subkey(REGFI_ITERATOR* i,
298 const char* subkey_name);
299bool regfi_iterator_walk_path(REGFI_ITERATOR* i,
300 const char** path);
301const REGF_NK_REC* regfi_iterator_cur_key(REGFI_ITERATOR* i);
302const REGF_NK_REC* regfi_iterator_first_subkey(REGFI_ITERATOR* i);
303const REGF_NK_REC* regfi_iterator_cur_subkey(REGFI_ITERATOR* i);
304const REGF_NK_REC* regfi_iterator_next_subkey(REGFI_ITERATOR* i);
305
306bool regfi_iterator_find_value(REGFI_ITERATOR* i,
307 const char* value_name);
308const REGF_VK_REC* regfi_iterator_first_value(REGFI_ITERATOR* i);
309const REGF_VK_REC* regfi_iterator_cur_value(REGFI_ITERATOR* i);
310const REGF_VK_REC* regfi_iterator_next_value(REGFI_ITERATOR* i);
311
312
313/* Private Functions */
314REGF_NK_REC* regfi_rootkey(REGF_FILE* file);
315void regfi_key_free(REGF_NK_REC* nk);
316
317
318#endif /* _REGFI_H */
Note: See TracBrowser for help on using the repository browser.