source: trunk/include/regfio.h @ 37

Last change on this file since 37 was 32, checked in by tim, 19 years ago

Added key name retrieval to test utility

Code formatting changes to regfio.c

Added type<->string mapping functions to regfio library

  • Property svn:keywords set to Id
File size: 7.3 KB
RevLine 
[30]1/*
2 * Branched from Samba project, Subversion repository version #6903:
3 *   http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/source/include/regfio.h
4 *
5 * Unix SMB/CIFS implementation.
6 * Windows NT registry I/O library
7 *
8 * Copyright (C) 2005 Timothy D. Morgan
9 * Copyright (C) 2005 Gerald (Jerry) Carter
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; version 2 of the License.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 *
24 * $Id: regfio.h 32 2005-07-16 23:16:17Z tim $
25 */
26
27/************************************************************
28 * Most of this information was obtained from
29 * http://www.wednesday.demon.co.uk/dosreg.html
30 * Thanks Nigel!
31 ***********************************************************/
32
33#ifndef _REGFIO_H
34#define _REGFIO_H
35
[31]36#include <stdlib.h>
37#include <stdio.h>
[30]38#include <stdbool.h>
[31]39#include <string.h>
[30]40#include <errno.h>
[31]41#include <time.h>
[30]42#include <fcntl.h>
43#include <sys/stat.h>
44#include <sys/types.h>
45#include <unistd.h>
46#include <assert.h>
47
48#include "smb_deps.h"
49
50/******************************************************************************/
51/* Macros */
52 
[32]53/* Registry data types */
54#define REG_NONE                       0
55#define REG_SZ                         1
56#define REG_EXPAND_SZ                  2
57#define REG_BINARY                     3
58#define REG_DWORD                      4
59#define REG_DWORD_LE                   4        /* DWORD, little endian */
60#define REG_DWORD_BE                   5        /* DWORD, big endian */
61#define REG_LINK                       6
62#define REG_MULTI_SZ                   7
63#define REG_RESOURCE_LIST              8
64#define REG_FULL_RESOURCE_DESCRIPTOR   9
65#define REG_RESOURCE_REQUIREMENTS_LIST 10
66/* Not a real type in the registry */
67#define REG_KEY                        255
68
69typedef struct _val_str { 
70  unsigned int val;
71  const char * str;
72} VAL_STR;
73
[30]74#define REGF_BLOCKSIZE          0x1000
75#define REGF_ALLOC_BLOCK        0x1000
76
77/* header sizes for various records */
78
79#define REGF_HDR_SIZE           4
80#define HBIN_HDR_SIZE           4
81#define HBIN_HEADER_REC_SIZE    0x24
82#define REC_HDR_SIZE            2
83
84#define REGF_OFFSET_NONE        0xffffffff
85
86/* Flags for the vk records */
87
88#define VK_FLAG_NAME_PRESENT    0x0001
89#define VK_DATA_IN_OFFSET       0x80000000
90
91/* NK record macros */
92
93#define NK_TYPE_LINKKEY         0x0010
94#define NK_TYPE_NORMALKEY       0x0020
95#define NK_TYPE_ROOTKEY         0x002c
96
97#define HBIN_STORE_REF(x, y)    { x->hbin = y; y->ref_count++ };
98#define HBIN_REMOVE_REF(x, y)   { x->hbin = NULL; y->ref_count-- /* if the count == 0; we can clean up */ };
99
100
101/* HBIN block */
102struct regf_hbin;
103typedef struct regf_hbin {
104        struct regf_hbin *prev, *next;
105        uint32 file_off;                /* my offset in the registry file */
106        uint32 free_off;                /* offset to free space within the hbin record */
107        uint32 free_size;               /* amount of data left in the block */
108        int ref_count;                  /* how many active records are pointing to this block (not used currently) */
109       
110        char   header[HBIN_HDR_SIZE];   /* "hbin" */
111        uint32 first_hbin_off;          /* offset from first hbin block */
112        uint32 block_size;              /* block size of this blockually a multiple of 4096Kb) */
113
114        prs_struct ps;                  /* data */
115
116        bool dirty;                     /* has this hbin block been modified? */
117} REGF_HBIN;
118
119/* ??? List -- list of key offsets and hashed names for consistency */
120
121typedef struct {
122        uint32 nk_off;
123        uint8 keycheck[sizeof(uint32)];
124} REGF_HASH_REC;
125
126typedef struct {
127        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
128        uint32 hbin_off;        /* offset from beginning of this hbin block */
129        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
130
131        char header[REC_HDR_SIZE];
132        uint16 num_keys;
133        REGF_HASH_REC *hashes;
134} REGF_LF_REC;
135
136/* Key Value */
137
138typedef struct {
139        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
140        uint32 hbin_off;        /* offset from beginning of this hbin block */
141        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
142        uint32 rec_off;         /* offset stored in the value list */
143       
144        char header[REC_HDR_SIZE];
145        char *valuename;
146        uint32 data_size;
147        uint32 data_off;
148        uint8  *data;
149        uint32 type;
150        uint16 flag;
151} REGF_VK_REC;
152
153
154/* Key Security */
155struct _regf_sk_rec;
156
157typedef struct _regf_sk_rec {
158        struct _regf_sk_rec *next, *prev;
159        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
160        uint32 hbin_off;        /* offset from beginning of this hbin block */
161        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
162
163        uint32 sk_off;          /* offset parsed from NK record used as a key
164                                   to lookup reference to this SK record */
165
166        char header[REC_HDR_SIZE];
167        uint32 prev_sk_off;
168        uint32 next_sk_off;
169        uint32 ref_count;
170        uint32 size;
171        SEC_DESC *sec_desc;
172} REGF_SK_REC;
173
174/* Key Name */ 
175
176typedef struct {
177        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
178        uint32 hbin_off;        /* offset from beginning of this hbin block */
179        uint32 subkey_index;    /* index to next subkey record to return */
180        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
181       
182        /* header information */
183       
184        char header[REC_HDR_SIZE];
185        uint16 key_type;
186        NTTIME mtime;
187        uint32 parent_off;      /* back pointer in registry hive */
188        uint32 classname_off;   
189        char *classname;
190        char *keyname;
191
192        /* max lengths */
193
194        uint32 max_bytes_subkeyname;            /* max subkey name * 2 */
195        uint32 max_bytes_subkeyclassname;       /* max subkey classname length (as if) */
196        uint32 max_bytes_valuename;             /* max valuename * 2 */
197        uint32 max_bytes_value;                 /* max value data size */
198
199        /* unknowns */
200
201        uint32 unk_index;                       /* nigel says run time index ? */
202       
203        /* children */
204       
205        uint32 num_subkeys;
206        uint32 subkeys_off;     /* hash records that point to NK records */     
207        uint32 num_values;
208        uint32 values_off;      /* value lists which point to VK records */
209        uint32 sk_off;          /* offset to SK record */
210       
211        /* link in the other records here */
212       
213        REGF_LF_REC subkeys;
214        REGF_VK_REC *values;
215        REGF_SK_REC *sec_desc;
216       
217} REGF_NK_REC;
218
219/* REGF block */
220 
221typedef struct {
222        /* run time information */
223
224        int fd;                         /* file descriptor */
225        int open_flags;                 /* flags passed to the open() call */
226        void *mem_ctx;          /* memory context for run-time file access information */
227        REGF_HBIN *block_list;          /* list of open hbin blocks */
228
229        /* file format information */
230
231        char   header[REGF_HDR_SIZE];   /* "regf" */
232        uint32 data_offset;             /* offset to record in the first (or any?) hbin block */
233        uint32 last_block;              /* offset to last hbin block in file */
234        uint32 checksum;                /* XOR of bytes 0x0000 - 0x01FB */
235        NTTIME mtime;
236       
237        REGF_SK_REC *sec_desc_list;     /* list of security descriptors referenced by NK records */
238
239        /* unknowns used to simply writing */
240       
241        uint32 unknown1;
242        uint32 unknown2;
243        uint32 unknown3;
244        uint32 unknown4;
245        uint32 unknown5;
246        uint32 unknown6;
247       
248} REGF_FILE;
249
250/* Function Declarations */
251 
[32]252const char* type_val2str(unsigned int val);
253int type_str2val(const char* str);
254
[30]255REGF_FILE*    regfio_open( const char *filename );
256int           regfio_close( REGF_FILE *r );
257
258REGF_NK_REC*  regfio_rootkey( REGF_FILE *file );
259REGF_NK_REC*  regfio_fetch_subkey( REGF_FILE *file, REGF_NK_REC *nk );
260
261#endif  /* _REGFIO_H */
Note: See TracBrowser for help on using the repository browser.