Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

377 lines
12 KiB

  1. //
  2. // ============================================================================
  3. // FREQUENTLY USED REGISTRY KEYS
  4. // ============================================================================
  5. //
  6. //
  7. // registry keys and hive names.
  8. //
  9. #define REG_SAM_KEY "\\REGISTRY\\MACHINE\\SAM"
  10. #define REG_SECURITY_KEY "\\REGISTRY\\MACHINE\\SECURITY"
  11. #define REG_SOFTWARE_KEY "\\REGISTRY\\MACHINE\\SOFTWARE"
  12. #define REG_SYSTEM_KEY "\\REGISTRY\\MACHINE\\SYSTEM"
  13. #define REG_SAM_HIVE "\\SYSTEMROOT\\SYSTEM32\\CONFIG\\SAM"
  14. #define REG_SECURITY_HIVE "\\SYSTEMROOT\\SYSTEM32\\CONFIG\\SECURITY"
  15. #define REG_SOFTWARE_HIVE "\\SYSTEMROOT\\SYSTEM32\\CONFIG\\SOFTWARE"
  16. #define REG_SYSTEM_HIVE "\\SYSTEMROOT\\SYSTEM32\\CONFIG\\SYSTEM"
  17. #define REG_SAM_DOMAINS "\\REGISTRY\\MACHINE\\SAM\\SAM\\DOMAINS"
  18. #define REG_SECURITY_POLICY "\\REGISTRY\\MACHINE\\SECURITY\\POLICY"
  19. #define REG_SECURITY_POLACDMS "\\REGISTRY\\MACHINE\\SECURITY\\POLICY\\POLACDMS"
  20. #define REG_SOFTWARE_PROFILELIST "\\REGISTRY\\MACHINE\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\PROFILELIST"
  21. #define REG_SOFTWARE_SECEDIT "\\REGISTRY\\MACHINE\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\SECEDIT"
  22. #define REG_SOFTWARE_EFS "\\REGISTRY\\MACHINE\\SOFTWARE\\POLICIES\\MICROSOFT\\SYSTEMCERTIFICATES\\EFS"
  23. #define REG_SYSTEM_SERVICES "\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\SERVICES"
  24. #define REG_SYSTEM_CONTROL "\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL"
  25. #define REG_SYSTEM_CONTROL_PRINT "\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\PRINT"
  26. #define REG_SYSTEM_SETUP "\\REGISTRY\\MACHINE\\SYSTEM\\SETUP"
  27. #define REG_SYSTEM_SESSIONMANAGER "\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\SESSION MANAGER"
  28. #define REG_SYSTEM_HIVELIST "\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\HIVELIST"
  29. //
  30. // Repair hives
  31. //
  32. #define REPAIR_SAM_KEY "\\REGISTRY\\MACHINE\\RSAM"
  33. #define REPAIR_SECURITY_KEY "\\REGISTRY\\MACHINE\\RSECURITY"
  34. #define REPAIR_SOFTWARE_KEY "\\REGISTRY\\MACHINE\\RSOFTWARE"
  35. #define REPAIR_SYSTEM_KEY "\\REGISTRY\\MACHINE\\RSYSTEM"
  36. #define REPAIR_SAM_HIVE "\\SYSTEMROOT\\REPAIR\\SAM"
  37. #define REPAIR_SECURITY_HIVE "\\SYSTEMROOT\\REPAIR\\SECURITY"
  38. #define REPAIR_SOFTWARE_HIVE "\\SYSTEMROOT\\REPAIR\\SOFTWARE"
  39. #define REPAIR_SYSTEM_HIVE "\\SYSTEMROOT\\REPAIR\\SYSTEM"
  40. #define R_REG_SAM_DOMAINS "\\REGISTRY\\MACHINE\\RSAM\\SAM\\DOMAINS"
  41. #define R_REG_SECURITY_POLICY "\\REGISTRY\\MACHINE\\RSECURITY\\POLICY"
  42. #define R_REG_SOFTWARE_PROFILELIST "\\REGISTRY\\MACHINE\\RSOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\PROFILELIST"
  43. #define R_REG_SOFTWARE_SECEDIT "\\REGISTRY\\MACHINE\\RSOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\SECEDIT"
  44. #define R_REG_SOFTWARE_EFS "\\REGISTRY\\MACHINE\\RSOFTWARE\\POLICIES\\MICROSOFT\\SYSTEMCERTIFICATES\\EFS"
  45. #define R_REG_SYSTEM_CONTROL_PRINT "\\REGISTRY\\MACHINE\\RSYSTEM\\CURRENTCONTROLSET\\CONTROL\\PRINT"
  46. #define R_REG_SYSTEM_SERVICES "\\REGISTRY\\MACHINE\\RSYSTEM\\CURRENTCONTROLSET\\SERVICES"
  47. #define R_REG_SETUP_KEYNAME "\\REGISTRY\\MACHINE\\RSYSTEM\\SETUP"
  48. #define BACKUP_REPAIR_SAM_HIVE "\\SYSTEMROOT\\REPAIR\\DS_SAM"
  49. #define BACKUP_REPAIR_SECURITY_HIVE "\\SYSTEMROOT\\REPAIR\\DS_SECURITY"
  50. #define BACKUP_REPAIR_SOFTWARE_HIVE "\\SYSTEMROOT\\REPAIR\\DS_SOFTWARE"
  51. #define BACKUP_REPAIR_SYSTEM_HIVE "\\SYSTEMROOT\\REPAIR\\DS_SYSTEM"
  52. #define REG_CLONETAG_VALUENAME "CLONETAG"
  53. #define EXECUTE "SETUPEXECUTE"
  54. #define REG_SIZE_LIMIT "REGISTRYSIZELIMIT"
  55. #define PROFILEIMAGEPATH "PROFILEIMAGEPATH"
  56. #define TMP_HIVE_NAME "\\REGISTRY\\MACHINE\\TMPHIVE"
  57. //
  58. // ============================================================================
  59. // CONSTANTS
  60. // ============================================================================
  61. //
  62. #define BASIC_INFO_BUFFER_SIZE (sizeof(KEY_VALUE_BASIC_INFORMATION) + 2048)
  63. // #define PARTIAL_INFO_BUFFER_SIZE (sizeof(KEY_VALUE_PARTIAL_INFORMATION) + 1536)
  64. #define FULL_INFO_BUFFER_SIZE (sizeof(KEY_VALUE_FULL_INFORMATION) + 4096)
  65. #define SID_SIZE (0x18)
  66. #define REGISTRY_QUOTA_BUMP (10 * (1024 * 1024))
  67. #define PROGRAM_NAME "setupcl.exe"
  68. //
  69. // ============================================================================
  70. // USEFUL MACROS
  71. // ============================================================================
  72. //
  73. #define AS(x) ( sizeof(x) / sizeof(x[0]) )
  74. //
  75. // Helper macro to make object attribute initialization a little cleaner.
  76. //
  77. #define INIT_OBJA(Obja,UnicodeString,UnicodeText) \
  78. \
  79. RtlInitUnicodeString((UnicodeString),(UnicodeText)); \
  80. \
  81. InitializeObjectAttributes( \
  82. (Obja), \
  83. (UnicodeString), \
  84. OBJ_CASE_INSENSITIVE, \
  85. NULL, \
  86. NULL \
  87. )
  88. #define PRINT_BLOCK( Block, BlockSize ) \
  89. { \
  90. ULONG idx1, idx2, idx3; \
  91. idx1 = 0; \
  92. while( idx1 < BlockSize ) { \
  93. DbgPrint( "\t" ); \
  94. for( idx3 = 0; idx3 < 4; idx3++ ) { \
  95. idx2 = 0; \
  96. while( ( idx1 < BlockSize ) && ( idx2 < 4 ) ) { \
  97. DbgPrint( "%02lx", *(PUCHAR)((PUCHAR)Block + idx1) ); \
  98. idx1++; idx2++; \
  99. } \
  100. DbgPrint( " " ); \
  101. } \
  102. DbgPrint( "\n" ); \
  103. } \
  104. }
  105. //
  106. // Helper macro to test the the Status variable. Print
  107. // a message if it's not NT_SUCCESS
  108. //
  109. #define TEST_STATUS( a ) \
  110. if( !NT_SUCCESS( Status ) ) { \
  111. DbgPrint( "%s (%lx)\n", a, Status ); \
  112. }
  113. //
  114. // Helper macro to test the the Status variable. Print
  115. // a message if it's not NT_SUCCESS, then retun Status to
  116. // our caller.
  117. //
  118. #define TEST_STATUS_RETURN( a ) \
  119. if( !NT_SUCCESS( Status ) ) { \
  120. DbgPrint( "%s (%lx)\n", a, Status ); \
  121. return Status; \
  122. }
  123. //
  124. // Helper macro to print the the Status variable. Print
  125. // a message and the Status
  126. //
  127. #define PRINT_STATUS( a ) \
  128. { \
  129. DbgPrint( "%s (%lx)\n", a, Status ); \
  130. }
  131. //
  132. // ============================================================================
  133. // FUNCTION DECLARATIONS
  134. // ============================================================================
  135. //
  136. extern NTSTATUS
  137. DeleteKey(
  138. PWSTR Key
  139. );
  140. extern NTSTATUS
  141. DeleteKeyRecursive(
  142. HANDLE hKeyRoot,
  143. PWSTR Key
  144. );
  145. extern NTSTATUS
  146. FileDelete(
  147. IN WCHAR *FileName
  148. );
  149. extern NTSTATUS
  150. FileCopy(
  151. IN WCHAR *TargetName,
  152. IN WCHAR *SourceName
  153. );
  154. extern NTSTATUS
  155. SetKey(
  156. IN WCHAR *KeyName,
  157. IN WCHAR *SubKeyName,
  158. IN CHAR *Data,
  159. IN ULONG DataLength,
  160. IN ULONG DATA_TYPE
  161. );
  162. extern NTSTATUS
  163. ReadSetWriteKey(
  164. IN WCHAR *ParentKeyName, OPTIONAL
  165. IN HANDLE ParentKeyHandle, OPTIONAL
  166. IN WCHAR *SubKeyName,
  167. IN CHAR *OldData,
  168. IN CHAR *NewData,
  169. IN ULONG DataLength,
  170. IN ULONG DATA_TYPE
  171. );
  172. extern NTSTATUS
  173. LoadUnloadHive(
  174. IN PWSTR KeyName,
  175. IN PWSTR FileName
  176. );
  177. extern NTSTATUS
  178. BackupRepairHives(
  179. VOID
  180. );
  181. extern NTSTATUS
  182. CleanupRepairHives(
  183. NTSTATUS RepairHivesSuccess
  184. );
  185. extern NTSTATUS
  186. TestSetSecurityObject(
  187. HANDLE hKey
  188. );
  189. extern NTSTATUS
  190. SetKeySecurityRecursive(
  191. HANDLE hKey
  192. );
  193. extern NTSTATUS
  194. CopyKeyRecursive(
  195. HANDLE hKeyDst,
  196. HANDLE hKeySrc
  197. );
  198. extern NTSTATUS
  199. CopyRegKey(
  200. IN WCHAR *TargetName,
  201. IN WCHAR *SourceName,
  202. IN HANDLE ParentKeyHandle OPTIONAL
  203. );
  204. extern NTSTATUS
  205. MoveRegKey(
  206. IN WCHAR *TargetName,
  207. IN WCHAR *SourceName
  208. );
  209. extern NTSTATUS
  210. FindAndReplaceBlock(
  211. IN PCHAR Block,
  212. IN ULONG BlockLength,
  213. IN PCHAR OldValue,
  214. IN PCHAR NewValue,
  215. IN ULONG ValueLength
  216. );
  217. extern NTSTATUS
  218. StringSwitchString(
  219. PWSTR BaseString,
  220. DWORD cBaseStringLen,
  221. PWSTR OldSubString,
  222. PWSTR NewSubString
  223. );
  224. extern NTSTATUS
  225. SiftKeyRecursive(
  226. HANDLE hKey,
  227. int indent
  228. );
  229. extern NTSTATUS
  230. SiftKey(
  231. PWSTR KeyName
  232. );
  233. extern NTSTATUS
  234. ProcessSAMHive(
  235. VOID
  236. );
  237. extern NTSTATUS
  238. ProcessSECURITYHive(
  239. VOID
  240. );
  241. extern NTSTATUS
  242. ProcessSOFTWAREHive(
  243. VOID
  244. );
  245. extern NTSTATUS
  246. ProcessSYSTEMHive(
  247. VOID
  248. );
  249. extern NTSTATUS
  250. ProcessRepairSAMHive(
  251. VOID
  252. );
  253. extern NTSTATUS
  254. ProcessRepairSECURITYHive(
  255. VOID
  256. );
  257. extern NTSTATUS
  258. ProcessRepairSOFTWAREHive(
  259. VOID
  260. );
  261. extern NTSTATUS
  262. ProcessRepairSYSTEMHive(
  263. VOID
  264. );
  265. extern NTSTATUS
  266. RetrieveOldSid(
  267. VOID
  268. );
  269. extern NTSTATUS
  270. GenerateUniqueSid(
  271. IN DWORD Seed
  272. );
  273. extern NTSTATUS
  274. EnumerateDrives(
  275. VOID
  276. );
  277. extern NTSTATUS
  278. DriveLetterToNTPath(
  279. IN WCHAR DriveLetter,
  280. IN OUT PWSTR NTPath,
  281. IN DWORD cNTPathLen
  282. );
  283. // ============================================================================
  284. // GLOBAL VARIABLES
  285. // ============================================================================
  286. //
  287. // These globals hold the OldSid (the one prior to the clone)
  288. // and the NewSid (the one we generate and spray into the
  289. // registry).
  290. //
  291. PSID G_OldSid,
  292. G_NewSid;
  293. //
  294. // These guys will hold small strings that contain the text character
  295. // versions of the 3 unique numbers that make up the domain SID.
  296. //
  297. WCHAR G_OldSidSubString[MAX_PATH * 4];
  298. WCHAR G_NewSidSubString[MAX_PATH * 4];
  299. WCHAR TmpBuffer[MAX_PATH * 4];
  300. //
  301. // Disable the DbgPrint for non-debug builds
  302. //
  303. #ifndef DBG
  304. #define DbgPrint DbgPrintSub
  305. void DbgPrintSub(char *szBuffer, ...);
  306. #endif
  307. //
  308. // UI related constants and functions.
  309. //
  310. // 14 seconds in 100ns units. (OOBE wanted 15secs, but it seems like it takes ~1-2 sec to initialize setupcl)
  311. //
  312. #define UITIME 140000000
  313. #define UIDOTTIME 30000000 // 3 seconds in 100ns units
  314. extern __inline void
  315. DisplayUI();
  316. extern BOOL
  317. LoadStringResource(
  318. PUNICODE_STRING pUnicodeString,
  319. INT MsgId
  320. );