source: trunk/include/regfio.h @ 53

Last change on this file since 53 was 53, checked in by tim, 19 years ago

Moved security descriptor parsing functions into regfio.c

Improved malloc() mode of failure.

Eliminated some warnings in regfio.c
  • Property svn:keywords set to Id
File size: 7.7 KB
Line 
1/*
2 * Branched from Samba project, Subversion repository version #6903:
3 *   http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/source/include/regfio.h
4 *
5 * Unix SMB/CIFS implementation.
6 * Windows NT registry I/O library
7 *
8 * Copyright (C) 2005 Timothy D. Morgan
9 * Copyright (C) 2005 Gerald (Jerry) Carter
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; version 2 of the License.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 *
24 * $Id: regfio.h 53 2005-09-04 21:04:58Z tim $
25 */
26
27/************************************************************
28 * Most of this information was obtained from
29 * http://www.wednesday.demon.co.uk/dosreg.html
30 * Thanks Nigel!
31 ***********************************************************/
32
33#ifndef _REGFIO_H
34#define _REGFIO_H
35
36#include <stdlib.h>
37#include <stdio.h>
38#include <stdbool.h>
39#include <string.h>
40#include <errno.h>
41#include <time.h>
42#include <fcntl.h>
43#include <sys/stat.h>
44#include <sys/types.h>
45#include <unistd.h>
46#include <assert.h>
47
48#include "smb_deps.h"
49
50/******************************************************************************/
51/* Macros */
52 
53/* Registry data types */
54#define REG_NONE                       0
55#define REG_SZ                         1
56#define REG_EXPAND_SZ                  2
57#define REG_BINARY                     3
58#define REG_DWORD                      4
59#define REG_DWORD_LE                   4        /* DWORD, little endian */
60#define REG_DWORD_BE                   5        /* DWORD, big endian */
61#define REG_LINK                       6
62#define REG_MULTI_SZ                   7
63#define REG_RESOURCE_LIST              8
64#define REG_FULL_RESOURCE_DESCRIPTOR   9
65#define REG_RESOURCE_REQUIREMENTS_LIST 10
66/* Not a real type in the registry */
67#define REG_KEY                        255
68
69typedef struct _val_str { 
70  unsigned int val;
71  const char * str;
72} VAL_STR;
73
74#define REGF_BLOCKSIZE          0x1000
75#define REGF_ALLOC_BLOCK        0x1000
76
77/* header sizes for various records */
78
79#define REGF_HDR_SIZE           4
80#define HBIN_HDR_SIZE           4
81#define HBIN_HEADER_REC_SIZE    0x24
82#define REC_HDR_SIZE            2
83
84#define REGF_OFFSET_NONE        0xffffffff
85
86/* Flags for the vk records */
87
88#define VK_FLAG_NAME_PRESENT    0x0001
89#define VK_DATA_IN_OFFSET       0x80000000
90
91/* NK record macros */
92
93#define NK_TYPE_LINKKEY         0x0010
94#define NK_TYPE_NORMALKEY       0x0020
95#define NK_TYPE_ROOTKEY         0x002c
96
97#define HBIN_STORE_REF(x, y)    { x->hbin = y; y->ref_count++ };
98#define HBIN_REMOVE_REF(x, y)   { x->hbin = NULL; y->ref_count-- /* if the count == 0; we can clean up */ };
99
100
101/* HBIN block */
102struct regf_hbin;
103typedef struct regf_hbin {
104  struct regf_hbin* prev;
105  struct regf_hbin* next;
106  uint32 file_off;       /* my offset in the registry file */
107  uint32 free_off;       /* offset to free space within the hbin record */
108  uint32 free_size;      /* amount of data left in the block */
109  int    ref_count;      /* how many active records are pointing to this block (not used currently) */
110       
111  uint8  header[HBIN_HDR_SIZE]; /* "hbin" */
112  uint32 first_hbin_off; /* offset from first hbin block */
113  uint32 block_size;     /* block size of this blockually a multiple of 4096Kb) */
114  prs_struct ps;               /* data */
115  bool dirty;            /* has this hbin block been modified? */
116} REGF_HBIN;
117
118/* ??? List -- list of key offsets and hashed names for consistency */
119
120typedef struct {
121  uint32 nk_off;
122  uint8 keycheck[sizeof(uint32)];
123} REGF_HASH_REC;
124
125typedef struct {
126  REGF_HBIN *hbin;      /* pointer to HBIN record (in memory) containing this nk record */
127  uint32 hbin_off;      /* offset from beginning of this hbin block */
128  uint32 rec_size;      /* ((start_offset - end_offset) & 0xfffffff8) */
129 
130  uint8 header[REC_HDR_SIZE];
131  uint16 num_keys;
132  REGF_HASH_REC *hashes;
133} REGF_LF_REC;
134
135/* Key Value */
136
137typedef struct {
138  REGF_HBIN *hbin;      /* pointer to HBIN record (in memory) containing this nk record */
139  uint32 hbin_off;      /* offset from beginning of this hbin block */
140  uint32 rec_size;      /* ((start_offset - end_offset) & 0xfffffff8) */
141  uint32 rec_off;               /* offset stored in the value list */
142 
143  uint8  header[REC_HDR_SIZE];
144  char*  valuename;
145  uint32 data_size;
146  uint32 data_off;
147  uint8* data;
148  uint32 type;
149  uint16 flag;
150} REGF_VK_REC;
151
152
153/* Key Security */
154struct _regf_sk_rec;
155
156typedef struct _regf_sk_rec {
157  struct _regf_sk_rec *next, *prev;
158  REGF_HBIN *hbin;      /* pointer to HBIN record (in memory) containing this nk record */
159  uint32 hbin_off;      /* offset from beginning of this hbin block */
160  uint32 rec_size;      /* ((start_offset - end_offset) & 0xfffffff8) */
161 
162  uint32 sk_off;                /* offset parsed from NK record used as a key
163                                   to lookup reference to this SK record */
164 
165  uint8  header[REC_HDR_SIZE];
166  uint32 prev_sk_off;
167  uint32 next_sk_off;
168  uint32 ref_count;
169  uint32 size;
170  SEC_DESC *sec_desc;
171} REGF_SK_REC;
172
173/* Key Name */ 
174
175typedef struct {
176  REGF_HBIN *hbin;      /* pointer to HBIN record (in memory) containing this nk record */
177  uint32 hbin_off;      /* offset from beginning of this hbin block */
178  uint32 subkey_index;  /* index to next subkey record to return */
179  uint32 rec_size;      /* ((start_offset - end_offset) & 0xfffffff8) */
180 
181  /* header information */
182 
183  uint8  header[REC_HDR_SIZE];
184  uint16 key_type;
185  NTTIME mtime;
186  uint32 parent_off;    /* back pointer in registry hive */
187  uint32 classname_off; 
188  char *classname;
189  char *keyname;
190 
191  /* max lengths */
192 
193  uint32 max_bytes_subkeyname;          /* max subkey name * 2 */
194  uint32 max_bytes_subkeyclassname;     /* max subkey classname length (as if) */
195  uint32 max_bytes_valuename;           /* max valuename * 2 */
196  uint32 max_bytes_value;                       /* max value data size */
197 
198  /* unknowns */
199 
200  uint32 unk_index;                     /* nigel says run time index ? */
201 
202  /* children */
203 
204  uint32 num_subkeys;
205  uint32 subkeys_off;   /* hash records that point to NK records */     
206  uint32 num_values;
207  uint32 values_off;    /* value lists which point to VK records */
208  uint32 sk_off;                /* offset to SK record */
209 
210  /* link in the other records here */
211 
212  REGF_LF_REC subkeys;
213  REGF_VK_REC *values;
214  REGF_SK_REC *sec_desc;
215       
216} REGF_NK_REC;
217
218/* REGF block */
219 
220typedef struct {
221  /* run time information */
222 
223  int fd;                               /* file descriptor */
224  int open_flags;                       /* flags passed to the open() call */
225  void *mem_ctx;                /* memory context for run-time file access information */
226  REGF_HBIN *block_list;                /* list of open hbin blocks */
227 
228  /* file format information */
229 
230  uint8  header[REGF_HDR_SIZE]; /* "regf" */
231  uint32 data_offset;           /* offset to record in the first (or any?) hbin block */
232  uint32 last_block;            /* offset to last hbin block in file */
233  uint32 checksum;              /* XOR of bytes 0x0000 - 0x01FB */
234  NTTIME mtime;
235 
236  REGF_SK_REC *sec_desc_list;   /* list of security descriptors referenced by NK records */
237 
238  /* unknowns used to simply writing */
239 
240  uint32 unknown1;
241  uint32 unknown2;
242  uint32 unknown3;
243  uint32 unknown4;
244  uint32 unknown5;
245  uint32 unknown6;
246} REGF_FILE;
247
248
249/* Function Declarations */
250 
251const char*   regfio_type_val2str(unsigned int val);
252int           regfio_type_str2val(const char* str);
253
254char*         regfio_get_sacl(SEC_DESC *sec_desc);
255char*         regfio_get_dacl(SEC_DESC *sec_desc);
256char*         regfio_get_owner(SEC_DESC *sec_desc);
257char*         regfio_get_group(SEC_DESC *sec_desc);
258
259REGF_FILE*    regfio_open( const char *filename );
260int           regfio_close( REGF_FILE *r );
261
262REGF_NK_REC*  regfio_rootkey( REGF_FILE *file );
263REGF_NK_REC*  regfio_fetch_subkey( REGF_FILE *file, REGF_NK_REC *nk );
264
265#endif  /* _REGFIO_H */
Note: See TracBrowser for help on using the repository browser.