archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/sdktools/regini/regback.c

460 lines
14 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*
  3. regback.c - registry backup program
  5. this program allows the user to back up active registry hives,
  6. while the system is running.
  8. basic structure:
  10. DoFullBackup ennumerate entries in HiveList, computes which
  11. ones to save and where, and calls DoSpecificBackup for each.
  13. Three argument case of app is just a call to DoSpecificBackup.
  15. */
  17. #include "regutil.h"
  19. #define MACH_NAME L"machine"
  20. #define USERS_NAME L"users"
  22. BOOLEAN DumpUserHive;
  23. PWSTR DirectoryPath;
  24. PWSTR UserHiveFileName;
  25. PWSTR HivePath;
  26. HKEY HiveRoot;
  27. PWSTR HiveName;
  29. LONG
  30. DoFullBackup(
  31. PWSTR DirectoryPath,
  32. PWSTR UserHiveFileName
  33. );
  35. LONG
  36. DoSpecificBackup(
  37. PWSTR HivePath,
  38. HKEY HiveRoot,
  39. PWSTR HiveName
  40. );
  43. BOOL
  44. CtrlCHandler(
  45. IN ULONG CtrlType
  46. )
  47. {
  48. RTDisconnectFromRegistry( &RegistryContext );
  49. return FALSE;
  50. }
  53. int
  54. __cdecl
  55. main(
  56. int argc,
  57. char *argv[]
  58. )
  59. {
  60. char *s;
  61. LONG Error;
  62. PWSTR w;
  64. if (!RTEnableBackupRestorePrivilege()) {
  65. FatalError( "Unable to enable backup/restore priviledge.", 0, 0 );
  66. }
  68. InitCommonCode( CtrlCHandler,
  69. "REGBACK",
  70. "directoryPath [-u | -U outputFile]",
  71. "directoryPath specifies where to save the output files.\n"
  72. "\n"
  73. "-u specifies to dump the logged on user's profile. Default name is\n"
  74. " username.dat User -U with a file name to save it under a different name.\n"
  75. "\n"
  76. "outputFile specifies the file name to use for the user profile\n"
  77. "\n"
  78. "If the -m switch is specified to backup the registry of a remote machine\n"
  79. " then the directoryPath is relative to that machine.\n"
  80. );
  82. DirectoryPath = NULL;
  83. UserHiveFileName = NULL;
  84. HivePath = NULL;
  85. HiveRoot = NULL;
  86. HiveName = NULL;
  87. while (--argc) {
  88. s = *++argv;
  89. if (*s == '-' || *s == '/') {
  90. while (*++s) {
  91. switch( tolower( *s ) ) {
  92. case 'u':
  93. DumpUserHive = TRUE;
  94. if (*s == 'U') {
  95. if (!--argc) {
  96. Usage( "Missing argument to -U switch", 0 );
  97. }
  99. UserHiveFileName = GetArgAsUnicode( *++argv );
  100. }
  102. break;
  104. default:
  105. CommonSwitchProcessing( &argc, &argv, *s );
  106. break;
  107. }
  108. }
  109. }
  110. else
  111. if (DirectoryPath == NULL) {
  112. HivePath = DirectoryPath = GetArgAsUnicode( s );
  113. }
  114. else
  115. if (HivePath != NULL) {
  116. if (HiveRoot == NULL) {
  117. w = GetArgAsUnicode( s );
  118. if (!_wcsicmp( w, MACH_NAME )) {
  119. HiveRoot = HKEY_LOCAL_MACHINE;
  120. }
  121. else
  122. if (!_wcsicmp( w, USERS_NAME )) {
  123. HiveRoot = HKEY_USERS;
  124. }
  125. else {
  126. Usage( "Invalid hive type specified (%ws)", (ULONG_PTR)w );
  127. }
  128. }
  129. else
  130. if (HiveName == NULL) {
  131. HiveName = GetArgAsUnicode( s );
  132. }
  133. else {
  134. Usage( "Too many arguments specified.", 0 );
  135. }
  136. }
  137. else {
  138. Usage( NULL, 0 );
  139. }
  140. }
  142. if (DirectoryPath == NULL) {
  143. Usage( NULL, 0 );
  144. }
  146. Error = RTConnectToRegistry( MachineName,
  147. HiveFileName,
  148. HiveRootName,
  149. Win95Path,
  150. Win95UserPath,
  151. NULL,
  152. &RegistryContext
  153. );
  154. if (Error != NO_ERROR) {
  155. FatalError( "Unable to access registry specifed (%u)", Error, 0 );
  156. }
  158. if (HiveRoot == NULL) {
  159. Error = DoFullBackup( DirectoryPath, UserHiveFileName );
  160. }
  161. else {
  162. Error = DoSpecificBackup( HivePath, HiveRoot, HiveName );
  163. }
  165. RTDisconnectFromRegistry( &RegistryContext );
  166. return Error;
  167. }
  169. typedef BOOL (*PFNGETPROFILESDIRECTORYW)(LPWSTR lpProfile, LPDWORD dwSize);
  172. LONG
  173. DoFullBackup(
  174. PWSTR DirectoryPath,
  175. PWSTR UserHiveFileName
  176. )
  178. /*++
  180. Routine Description:
  182. Scan the hivelist, for each hive which has a file (i.e. not hardware)
  183. if the file is in the config dir (e.g. not some remote profile) call
  184. DoSpecificBackup to save the hive out.
  186. Arguments:
  188. DirectoryPath - specifies where to write the output files.
  190. UserHiveFileName - optional parameter that specifies the name of the file
  191. to use when saving the user profile. If NULL, then
  192. username.dat is used.
  194. Return Value:
  196. 0 for success, otherwise, non-zero error code.
  198. --*/
  199. {
  200. PWSTR w;
  201. LONG Error;
  202. HKEY HiveListKey;
  203. PWSTR KeyName;
  204. PWSTR FileName;
  205. PWSTR Name;
  206. DWORD ValueIndex;
  207. DWORD ValueType;
  208. DWORD ValueNameLength;
  209. DWORD ValueDataLength;
  210. WCHAR ConfigPath[ MAX_PATH ];
  211. WCHAR ProfilePath[ MAX_PATH ];
  212. WCHAR MyHiveName[ MAX_PATH ];
  213. WCHAR MyHivePath[ MAX_PATH ];
  214. WCHAR FilePath[ MAX_PATH ];
  215. DWORD dwSize;
  216. HANDLE hInstDll;
  217. PFNGETPROFILESDIRECTORYW pfnGetProfilesDirectory;
  220. hInstDll = LoadLibrary (TEXT("userenv.dll"));
  222. if (!hInstDll) {
  223. return (GetLastError());
  224. }
  226. pfnGetProfilesDirectory = (PFNGETPROFILESDIRECTORYW)GetProcAddress (hInstDll,
  227. "GetProfilesDirectoryW");
  229. if (!pfnGetProfilesDirectory) {
  230. FreeLibrary (hInstDll);
  231. return (GetLastError());
  232. }
  234. dwSize = MAX_PATH;
  235. if (!pfnGetProfilesDirectory(ProfilePath, &dwSize)) {
  236. FreeLibrary (hInstDll);
  237. return (GetLastError());
  238. }
  240. FreeLibrary (hInstDll);
  244. //
  245. // get handle to hivelist key
  246. //
  247. KeyName = L"HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Hivelist";
  248. Error = RTOpenKey( &RegistryContext,
  249. NULL,
  250. KeyName,
  251. MAXIMUM_ALLOWED,
  252. 0,
  253. &HiveListKey
  254. );
  256. if (Error != NO_ERROR) {
  257. FatalError( "Unable to open key '%ws' (%u)\n",
  258. (ULONG_PTR)KeyName,
  259. (ULONG)Error
  260. );
  261. return Error;
  262. }
  264. //
  265. // get path data for system hive, which will allow us to compute
  266. // path name to config dir in form that hivelist uses.
  267. // (an NT internal form of path) this is NOT the way the path to
  268. // the config directory should generally be computed.
  269. //
  271. ValueDataLength = sizeof( ConfigPath );
  272. Error = RTQueryValueKey( &RegistryContext,
  273. HiveListKey,
  274. L"\\Registry\\Machine\\System",
  275. &ValueType,
  276. &ValueDataLength,
  277. ConfigPath
  278. );
  279. if (Error != NO_ERROR) {
  280. FatalError( "Unable to query 'SYSTEM' hive path.", 0, Error );
  281. }
  282. w = wcsrchr( ConfigPath, L'\\' );
  283. if (w) {
  284. *w = UNICODE_NULL;
  285. }
  288. //
  289. // ennumerate entries in hivelist. for each entry, find it's hive file
  290. // path. if it's file path matches ConfigPath, then save it.
  291. // else, print a message telling the user that it must be saved
  292. // manually, unless the file name is of the form ....\username\ntuser.dat
  293. // in which case save it as username.dat
  294. //
  295. for (ValueIndex = 0; TRUE; ValueIndex++) {
  296. ValueType = REG_NONE;
  297. ValueNameLength = sizeof( MyHiveName ) / sizeof( WCHAR );
  298. ValueDataLength = sizeof( MyHivePath );
  299. Error = RTEnumerateValueKey( &RegistryContext,
  300. HiveListKey,
  301. ValueIndex,
  302. &ValueType,
  303. &ValueNameLength,
  304. MyHiveName,
  305. &ValueDataLength,
  306. MyHivePath
  307. );
  308. if (Error == ERROR_NO_MORE_ITEMS) {
  309. break;
  310. }
  311. else
  312. if (Error != NO_ERROR) {
  313. return Error;
  314. }
  316. if (ValueType == REG_SZ && ValueDataLength > sizeof( UNICODE_NULL )) {
  317. //
  318. // there's a file, compute it's path, hive branch, etc
  319. //
  321. if (w = wcsrchr( MyHivePath, L'\\' )) {
  322. *w++ = UNICODE_NULL;
  323. }
  324. FileName = w;
  326. if (w = wcsrchr( MyHiveName, L'\\' )) {
  327. *w++ = UNICODE_NULL;
  328. }
  329. Name = w;
  331. HiveRoot = NULL;
  332. if (w = wcsrchr( MyHiveName, L'\\' )) {
  333. w += 1;
  334. if (!_wcsicmp( w, L"MACHINE" )) {
  335. HiveRoot = HKEY_LOCAL_MACHINE;
  336. }
  337. else
  338. if (!_wcsicmp( w, L"USER" )) {
  339. HiveRoot = HKEY_USERS;
  340. }
  341. else {
  342. Error = ERROR_PATH_NOT_FOUND;
  343. }
  344. }
  346. if (FileName != NULL && Name != NULL && HiveRoot != NULL) {
  347. if (!wcscmp( ConfigPath, MyHivePath )) {
  348. //
  349. // hive's file is in config dir, we can back it up
  350. // without fear of collision
  351. //
  352. swprintf( FilePath, L"%s\\%s", DirectoryPath, FileName );
  353. Error = DoSpecificBackup( FilePath,
  354. HiveRoot,
  355. Name
  356. );
  357. }
  358. else
  359. if (DumpUserHive && !_wcsnicmp( ProfilePath, MyHivePath, wcslen( ProfilePath ) )) {
  360. //
  361. // hive's file is in profile dir, we can back it up
  362. // without fear of collision if we use username.dat
  363. // for the file name.
  364. //
  365. if (UserHiveFileName != NULL) {
  366. FileName = UserHiveFileName;
  367. }
  368. else {
  369. FileName = wcsrchr(MyHivePath, '\\') + 1;
  370. }
  371. swprintf( FilePath, L"%s\\%s.dat", DirectoryPath, FileName );
  373. printf( "%ws %ws %ws\n",
  374. FilePath,
  375. HiveRoot == HKEY_LOCAL_MACHINE ? MACH_NAME : USERS_NAME,
  376. Name
  377. );
  378. Error = DoSpecificBackup( FilePath,
  379. HiveRoot,
  380. Name
  381. );
  382. }
  383. else {
  384. printf( "\n***Hive = '%ws'\\'%ws'\nStored in file '%ws'\\'%ws'\n",
  385. MyHiveName,
  386. Name,
  387. MyHivePath,
  388. FileName
  389. );
  390. printf( "Must be backed up manually\n" );
  391. printf( "regback <filename you choose> %ws %ws\n\n",
  392. HiveRoot == HKEY_LOCAL_MACHINE ? MACH_NAME : USERS_NAME,
  393. Name
  394. );
  395. }
  396. }
  397. }
  398. }
  400. return Error;
  401. }
  404. LONG
  405. DoSpecificBackup(
  406. PWSTR HivePath,
  407. HKEY HiveRoot,
  408. PWSTR HiveName
  409. )
  410. /*
  411. Do backup of one hive to one file. Any valid hive and any
  412. valid file will do. RegSaveKey does all the real work.
  414. Arguments:
  415. HivePath - file name to pass directly to OS
  417. HiveRoot - HKEY_LOCAL_MACHINE or HKEY_USERS
  419. HiveName - 1st level subkey under machine or users
  420. */
  421. {
  422. HKEY HiveKey;
  423. ULONG Disposition;
  424. LONG Error;
  425. char *Reason;
  427. //
  428. // print some status
  429. //
  430. printf( "saving %ws to %ws", HiveName, HivePath );
  432. //
  433. // get a handle to the hive. use special create call what will
  434. // use privileges
  435. //
  437. Reason = "accessing";
  438. Error = RTCreateKey( &RegistryContext,
  439. HiveRoot,
  440. HiveName,
  441. KEY_READ,
  442. REG_OPTION_BACKUP_RESTORE,
  443. NULL,
  444. &HiveKey,
  445. &Disposition
  446. );
  447. if (Error == NO_ERROR) {
  448. Reason = "saving";
  449. Error = RegSaveKey( HiveKey, HivePath, NULL );
  450. RTCloseKey( &RegistryContext, HiveKey );
  451. }
  453. if (Error != NO_ERROR) {
  454. printf( " - error %s (%u)\n", Reason, Error );
  455. }
  456. else {
  457. printf( "\n" );
  458. }
  459. return Error;
  460. }