source: trunk/include/regfio.h @ 41

Last change on this file since 41 was 41, checked in by tim, 19 years ago

Added full printing of values, as with old code.

renamed type conversion functions to follow precedent.
  • Property svn:keywords set to Id
File size: 7.4 KB
Line 
1/*
2 * Branched from Samba project, Subversion repository version #6903:
3 *   http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/source/include/regfio.h
4 *
5 * Unix SMB/CIFS implementation.
6 * Windows NT registry I/O library
7 *
8 * Copyright (C) 2005 Timothy D. Morgan
9 * Copyright (C) 2005 Gerald (Jerry) Carter
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; version 2 of the License.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 *
24 * $Id: regfio.h 41 2005-08-01 01:13:15Z tim $
25 */
26
27/************************************************************
28 * Most of this information was obtained from
29 * http://www.wednesday.demon.co.uk/dosreg.html
30 * Thanks Nigel!
31 ***********************************************************/
32
33#ifndef _REGFIO_H
34#define _REGFIO_H
35
36#include <stdlib.h>
37#include <stdio.h>
38#include <stdbool.h>
39#include <string.h>
40#include <errno.h>
41#include <time.h>
42#include <fcntl.h>
43#include <sys/stat.h>
44#include <sys/types.h>
45#include <unistd.h>
46#include <assert.h>
47
48#include "smb_deps.h"
49
50/******************************************************************************/
51/* Macros */
52 
53/* Registry data types */
54#define REG_NONE                       0
55#define REG_SZ                         1
56#define REG_EXPAND_SZ                  2
57#define REG_BINARY                     3
58#define REG_DWORD                      4
59#define REG_DWORD_LE                   4        /* DWORD, little endian */
60#define REG_DWORD_BE                   5        /* DWORD, big endian */
61#define REG_LINK                       6
62#define REG_MULTI_SZ                   7
63#define REG_RESOURCE_LIST              8
64#define REG_FULL_RESOURCE_DESCRIPTOR   9
65#define REG_RESOURCE_REQUIREMENTS_LIST 10
66/* Not a real type in the registry */
67#define REG_KEY                        255
68
69typedef struct _val_str { 
70  unsigned int val;
71  const char * str;
72} VAL_STR;
73
74#define REGF_BLOCKSIZE          0x1000
75#define REGF_ALLOC_BLOCK        0x1000
76
77/* header sizes for various records */
78
79#define REGF_HDR_SIZE           4
80#define HBIN_HDR_SIZE           4
81#define HBIN_HEADER_REC_SIZE    0x24
82#define REC_HDR_SIZE            2
83
84#define REGF_OFFSET_NONE        0xffffffff
85
86/* Flags for the vk records */
87
88#define VK_FLAG_NAME_PRESENT    0x0001
89#define VK_DATA_IN_OFFSET       0x80000000
90
91/* NK record macros */
92
93#define NK_TYPE_LINKKEY         0x0010
94#define NK_TYPE_NORMALKEY       0x0020
95#define NK_TYPE_ROOTKEY         0x002c
96
97#define HBIN_STORE_REF(x, y)    { x->hbin = y; y->ref_count++ };
98#define HBIN_REMOVE_REF(x, y)   { x->hbin = NULL; y->ref_count-- /* if the count == 0; we can clean up */ };
99
100
101/* HBIN block */
102struct regf_hbin;
103typedef struct regf_hbin {
104        struct regf_hbin *prev, *next;
105        uint32 file_off;                /* my offset in the registry file */
106        uint32 free_off;                /* offset to free space within the hbin record */
107        uint32 free_size;               /* amount of data left in the block */
108        int ref_count;                  /* how many active records are pointing to this block (not used currently) */
109       
110        char   header[HBIN_HDR_SIZE];   /* "hbin" */
111        uint32 first_hbin_off;          /* offset from first hbin block */
112        uint32 block_size;              /* block size of this blockually a multiple of 4096Kb) */
113
114        prs_struct ps;                  /* data */
115
116        bool dirty;                     /* has this hbin block been modified? */
117} REGF_HBIN;
118
119/* ??? List -- list of key offsets and hashed names for consistency */
120
121typedef struct {
122        uint32 nk_off;
123        uint8 keycheck[sizeof(uint32)];
124} REGF_HASH_REC;
125
126typedef struct {
127        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
128        uint32 hbin_off;        /* offset from beginning of this hbin block */
129        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
130
131        char header[REC_HDR_SIZE];
132        uint16 num_keys;
133        REGF_HASH_REC *hashes;
134} REGF_LF_REC;
135
136/* Key Value */
137
138typedef struct {
139        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
140        uint32 hbin_off;        /* offset from beginning of this hbin block */
141        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
142        uint32 rec_off;         /* offset stored in the value list */
143       
144        char header[REC_HDR_SIZE];
145        char *valuename;
146        uint32 data_size;
147        uint32 data_off;
148        uint8  *data;
149        uint32 type;
150        uint16 flag;
151} REGF_VK_REC;
152
153
154/* Key Security */
155struct _regf_sk_rec;
156
157typedef struct _regf_sk_rec {
158        struct _regf_sk_rec *next, *prev;
159        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
160        uint32 hbin_off;        /* offset from beginning of this hbin block */
161        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
162
163        uint32 sk_off;          /* offset parsed from NK record used as a key
164                                   to lookup reference to this SK record */
165
166        char header[REC_HDR_SIZE];
167        uint32 prev_sk_off;
168        uint32 next_sk_off;
169        uint32 ref_count;
170        uint32 size;
171        SEC_DESC *sec_desc;
172} REGF_SK_REC;
173
174/* Key Name */ 
175
176typedef struct {
177        REGF_HBIN *hbin;        /* pointer to HBIN record (in memory) containing this nk record */
178        uint32 hbin_off;        /* offset from beginning of this hbin block */
179        uint32 subkey_index;    /* index to next subkey record to return */
180        uint32 rec_size;        /* ((start_offset - end_offset) & 0xfffffff8) */
181       
182        /* header information */
183       
184        char header[REC_HDR_SIZE];
185        uint16 key_type;
186        NTTIME mtime;
187        uint32 parent_off;      /* back pointer in registry hive */
188        uint32 classname_off;   
189        char *classname;
190        char *keyname;
191
192        /* max lengths */
193
194        uint32 max_bytes_subkeyname;            /* max subkey name * 2 */
195        uint32 max_bytes_subkeyclassname;       /* max subkey classname length (as if) */
196        uint32 max_bytes_valuename;             /* max valuename * 2 */
197        uint32 max_bytes_value;                 /* max value data size */
198
199        /* unknowns */
200
201        uint32 unk_index;                       /* nigel says run time index ? */
202       
203        /* children */
204       
205        uint32 num_subkeys;
206        uint32 subkeys_off;     /* hash records that point to NK records */     
207        uint32 num_values;
208        uint32 values_off;      /* value lists which point to VK records */
209        uint32 sk_off;          /* offset to SK record */
210       
211        /* link in the other records here */
212       
213        REGF_LF_REC subkeys;
214        REGF_VK_REC *values;
215        REGF_SK_REC *sec_desc;
216       
217} REGF_NK_REC;
218
219/* REGF block */
220 
221typedef struct {
222        /* run time information */
223
224        int fd;                         /* file descriptor */
225        int open_flags;                 /* flags passed to the open() call */
226        void *mem_ctx;          /* memory context for run-time file access information */
227        REGF_HBIN *block_list;          /* list of open hbin blocks */
228
229        /* file format information */
230
231        char   header[REGF_HDR_SIZE];   /* "regf" */
232        uint32 data_offset;             /* offset to record in the first (or any?) hbin block */
233        uint32 last_block;              /* offset to last hbin block in file */
234        uint32 checksum;                /* XOR of bytes 0x0000 - 0x01FB */
235        NTTIME mtime;
236       
237        REGF_SK_REC *sec_desc_list;     /* list of security descriptors referenced by NK records */
238
239        /* unknowns used to simply writing */
240       
241        uint32 unknown1;
242        uint32 unknown2;
243        uint32 unknown3;
244        uint32 unknown4;
245        uint32 unknown5;
246        uint32 unknown6;
247       
248} REGF_FILE;
249
250/* Function Declarations */
251 
252const char*   regfio_type_val2str(unsigned int val);
253int           regfio_type_str2val(const char* str);
254
255REGF_FILE*    regfio_open( const char *filename );
256int           regfio_close( REGF_FILE *r );
257
258REGF_NK_REC*  regfio_rootkey( REGF_FILE *file );
259REGF_NK_REC*  regfio_fetch_subkey( REGF_FILE *file, REGF_NK_REC *nk );
260
261#endif  /* _REGFIO_H */
Note: See TracBrowser for help on using the repository browser.