archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/base/remoteboot/imirror/regtool.c

713 lines
18 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. regtool.c
  9. Abstract:
  11. This file contains functions for supporting the registry tools
  12. REGINI, REGDMP, REGDIR and REGFIND
  14. Author:
  16. Steve Wood (stevewo) 15-Nov-1995
  18. Revision History:
  20. --*/
  22. #include "precomp.h"
  23. #pragma hdrstop
  25. LONG
  26. RegLoadHive(
  27. IN PREG_CONTEXT RegistryContext,
  28. IN PWSTR HiveFileName,
  29. IN PWSTR HiveRootName
  30. );
  32. void
  33. RegUnloadHive(
  34. IN PREG_CONTEXT RegistryContext
  35. );
  37. BOOLEAN PrivilegeEnabled;
  38. BOOLEAN RestoreWasEnabled;
  39. BOOLEAN BackupWasEnabled;
  41. BOOLEAN
  42. RTEnableBackupRestorePrivilege( void )
  43. {
  44. NTSTATUS Status;
  46. //
  47. // Try to enable backup and restore privileges
  48. //
  49. Status = RtlAdjustPrivilege( SE_RESTORE_PRIVILEGE,
  50. TRUE, // Enable
  51. FALSE, // Not impersonating
  52. &RestoreWasEnabled // previous state
  53. );
  54. if (!NT_SUCCESS( Status )) {
  55. return FALSE;
  56. }
  58. Status = RtlAdjustPrivilege( SE_BACKUP_PRIVILEGE,
  59. TRUE, // Enable
  60. FALSE, // Not impersonating
  61. &BackupWasEnabled // previous state
  62. );
  63. if (!NT_SUCCESS( Status )) {
  64. return FALSE;
  65. }
  67. PrivilegeEnabled = TRUE;
  68. return TRUE;
  69. }
  72. void
  73. RTDisableBackupRestorePrivilege( void )
  74. {
  75. //
  76. // Restore privileges to what they were
  77. //
  79. RtlAdjustPrivilege( SE_RESTORE_PRIVILEGE,
  80. RestoreWasEnabled,
  81. FALSE,
  82. &RestoreWasEnabled
  83. );
  85. RtlAdjustPrivilege( SE_BACKUP_PRIVILEGE,
  86. BackupWasEnabled,
  87. FALSE,
  88. &BackupWasEnabled
  89. );
  91. PrivilegeEnabled = FALSE;
  92. return;
  93. }
  96. LONG
  97. RTConnectToRegistry(
  98. IN PWSTR MachineName,
  99. IN PWSTR HiveFileName,
  100. IN PWSTR HiveRootName,
  101. OUT PWSTR *DefaultRootKeyName,
  102. OUT PREG_CONTEXT RegistryContext
  103. )
  104. {
  105. LONG Error;
  107. if (MachineName != NULL) {
  108. if (HiveRootName || HiveFileName ) {
  109. return ERROR_INVALID_PARAMETER;
  110. }
  112. Error = RegConnectRegistry( MachineName, HKEY_LOCAL_MACHINE, (PHKEY)&RegistryContext->MachineRoot );
  113. if (Error == NO_ERROR) {
  114. Error = RegConnectRegistry( MachineName, HKEY_USERS, (PHKEY)&RegistryContext->UsersRoot );
  115. if (Error == NO_ERROR) {
  116. Error = RegOpenKey( RegistryContext->UsersRoot, L".Default", &RegistryContext->CurrentUserRoot );
  117. }
  118. }
  120. if (Error != NO_ERROR) {
  121. if (RegistryContext->MachineRoot != NULL) {
  122. RegCloseKey( RegistryContext->MachineRoot );
  123. RegistryContext->MachineRoot = NULL;
  124. }
  126. if (RegistryContext->UsersRoot != NULL) {
  127. RegCloseKey( RegistryContext->UsersRoot );
  128. RegistryContext->UsersRoot = NULL;
  129. }
  131. return Error;
  132. }
  134. wcscpy( RegistryContext->MachinePath, L"\\Registry\\Machine" );
  135. wcscpy( RegistryContext->UsersPath, L"\\Registry\\Users" );
  136. wcscpy( RegistryContext->CurrentUserPath, L"\\Registry\\Users\\.Default" );
  137. RegistryContext->Target = REG_TARGET_REMOTE_REGISTRY;
  138. }
  139. else if (HiveRootName != NULL || HiveFileName != NULL) {
  140. if (HiveRootName == NULL || HiveFileName == NULL ) {
  141. return ERROR_INVALID_PARAMETER;
  142. }
  144. if (!PrivilegeEnabled && !RTEnableBackupRestorePrivilege()) {
  145. return ERROR_PRIVILEGE_NOT_HELD;
  146. }
  148. RegistryContext->MachineRoot = NULL;
  149. RegistryContext->UsersRoot = NULL;
  150. RegistryContext->CurrentUserRoot = NULL;
  152. Error = RegLoadHive( RegistryContext, HiveFileName, HiveRootName );
  153. if (Error != NO_ERROR) {
  154. return Error;
  155. }
  157. if (DefaultRootKeyName != NULL && *DefaultRootKeyName == NULL) {
  158. *DefaultRootKeyName = HiveRootName;
  159. }
  160. RegistryContext->Target = REG_TARGET_HIVE_REGISTRY;
  161. }
  162. else {
  163. NTSTATUS Status;
  164. UNICODE_STRING CurrentUserKeyPath;
  166. RegistryContext->MachineRoot = HKEY_LOCAL_MACHINE;
  167. RegistryContext->UsersRoot = HKEY_USERS;
  168. RegistryContext->CurrentUserRoot = HKEY_CURRENT_USER;
  170. wcscpy( RegistryContext->MachinePath, L"\\Registry\\Machine" );
  171. wcscpy( RegistryContext->UsersPath, L"\\Registry\\Users" );
  172. Status = RtlFormatCurrentUserKeyPath( &CurrentUserKeyPath );
  173. if (!NT_SUCCESS( Status )) {
  174. SetLastError( RtlNtStatusToDosError( Status ) );
  175. return FALSE;
  176. }
  178. wcscpy( RegistryContext->CurrentUserPath, CurrentUserKeyPath.Buffer );
  179. RtlFreeUnicodeString( &CurrentUserKeyPath );
  181. RegistryContext->Target = REG_TARGET_LOCAL_REGISTRY;
  182. }
  184. if (DefaultRootKeyName != NULL && *DefaultRootKeyName == NULL) {
  185. *DefaultRootKeyName = L"\\Registry";
  186. }
  187. RegistryContext->MachinePathLength = wcslen( RegistryContext->MachinePath );
  188. RegistryContext->UsersPathLength = wcslen( RegistryContext->UsersPath );
  189. RegistryContext->CurrentUserPathLength = wcslen( RegistryContext->CurrentUserPath );
  190. return NO_ERROR;
  191. }
  194. LONG
  195. RTDisconnectFromRegistry(
  196. IN PREG_CONTEXT RegistryContext
  197. )
  198. {
  199. switch( RegistryContext->Target ) {
  200. case REG_TARGET_DISCONNECTED:
  201. break;
  203. case REG_TARGET_LOCAL_REGISTRY:
  204. break;
  206. case REG_TARGET_REMOTE_REGISTRY:
  207. break;
  209. case REG_TARGET_HIVE_REGISTRY:
  210. RegUnloadHive( RegistryContext );
  211. break;
  212. }
  214. if (PrivilegeEnabled) {
  215. RTDisableBackupRestorePrivilege();
  216. }
  218. RegistryContext->Target = REG_TARGET_DISCONNECTED;
  219. return NO_ERROR;
  220. }
  222. UNICODE_STRING RegHiveRootName;
  224. LONG
  225. RegLoadHive(
  226. IN PREG_CONTEXT RegistryContext,
  227. IN PWSTR HiveFileName,
  228. IN PWSTR HiveRootName
  229. )
  230. {
  231. NTSTATUS Status;
  232. UNICODE_STRING NtFileName;
  233. OBJECT_ATTRIBUTES File;
  235. if (!RtlDosPathNameToNtPathName_U( HiveFileName,
  236. &NtFileName,
  237. NULL,
  238. NULL
  239. )
  240. ) {
  241. return ERROR_BAD_PATHNAME;
  242. }
  243. InitializeObjectAttributes( &File,
  244. &NtFileName,
  245. OBJ_CASE_INSENSITIVE,
  246. NULL,
  247. NULL
  248. );
  250. RtlInitUnicodeString( &RegHiveRootName, L"\\Registry");
  251. InitializeObjectAttributes( &RegistryContext->HiveRootKey,
  252. &RegHiveRootName,
  253. OBJ_CASE_INSENSITIVE,
  254. NULL,
  255. NULL
  256. );
  257. Status = NtOpenKey( &RegistryContext->HiveRootHandle,
  258. MAXIMUM_ALLOWED,
  259. &RegistryContext->HiveRootKey
  260. );
  262. RtlFreeHeap(RtlProcessHeap(), 0, NtFileName.Buffer);
  264. if (!NT_SUCCESS(Status)) {
  265. return RtlNtStatusToDosError( Status );
  266. }
  268. RtlInitUnicodeString( &RegHiveRootName, HiveRootName );
  269. InitializeObjectAttributes( &RegistryContext->HiveRootKey,
  270. &RegHiveRootName,
  271. OBJ_CASE_INSENSITIVE,
  272. RegistryContext->HiveRootHandle,
  273. NULL
  274. );
  275. NtUnloadKey( &RegistryContext->HiveRootKey );
  276. Status = NtLoadKey( &RegistryContext->HiveRootKey, &File );
  277. if (!NT_SUCCESS( Status )) {
  278. return RtlNtStatusToDosError( Status );
  279. }
  281. return NO_ERROR;
  283. }
  285. void
  286. RegUnloadHive(
  287. IN PREG_CONTEXT RegistryContext
  288. )
  289. {
  290. NTSTATUS Status;
  291. HANDLE Handle;
  292. PREG_CONTEXT_OPEN_HIVE_KEY p, p1;
  294. Status = NtOpenKey( &Handle,
  295. MAXIMUM_ALLOWED,
  296. &RegistryContext->HiveRootKey
  297. );
  298. if (NT_SUCCESS( Status )) {
  299. NtFlushKey( Handle );
  300. NtClose( Handle );
  301. }
  303. p = RegistryContext->OpenHiveKeys;
  304. while (p) {
  305. RegCloseKey( p->KeyHandle );
  306. p1 = p;
  307. p = p->Next;
  308. HeapFree( GetProcessHeap(), 0, p1 );
  309. };
  311. do {
  312. Status = NtUnloadKey( &RegistryContext->HiveRootKey );
  313. }
  314. while (NT_SUCCESS( Status ) );
  316. NtClose( RegistryContext->HiveRootHandle );
  317. return;
  318. }
  321. void
  322. RegRememberOpenKey(
  323. IN PREG_CONTEXT RegistryContext,
  324. IN HKEY KeyHandle
  325. )
  326. {
  327. PREG_CONTEXT_OPEN_HIVE_KEY p, *pp;
  329. pp = &RegistryContext->OpenHiveKeys;
  330. while ((p = *pp) != NULL) {
  331. if (p->KeyHandle == KeyHandle) {
  332. p->ReferenceCount += 1;
  333. return;
  334. }
  335. else {
  336. pp = &p->Next;
  337. }
  338. }
  340. p = HeapAlloc( GetProcessHeap(), 0, sizeof( *p ) );
  341. if (p != NULL) {
  342. p->KeyHandle = KeyHandle;
  343. p->ReferenceCount = 1;
  344. p->Next = NULL;
  345. *pp = p;
  346. }
  348. return;
  349. }
  352. void
  353. RegForgetOpenKey(
  354. IN PREG_CONTEXT RegistryContext,
  355. IN HKEY KeyHandle
  356. )
  357. {
  358. PREG_CONTEXT_OPEN_HIVE_KEY p, *pp;
  360. pp = &RegistryContext->OpenHiveKeys;
  361. while ((p = *pp) != NULL) {
  362. if (p->KeyHandle == KeyHandle) {
  363. p->ReferenceCount -= 1;
  364. if (p->ReferenceCount == 0) {
  365. *pp = p->Next;
  366. HeapFree( GetProcessHeap(), 0, p );
  367. return;
  368. }
  369. }
  370. else {
  371. pp = &p->Next;
  372. }
  373. }
  375. return;
  376. }
  378. BOOLEAN
  379. RegCheckPrefix(
  380. IN OUT PCWSTR *s,
  381. IN PCWSTR Prefix,
  382. IN ULONG PrefixLength
  383. )
  384. {
  385. if (PrefixLength == 0) {
  386. return FALSE;
  387. }
  389. if (!_wcsnicmp( *s, Prefix, PrefixLength )) {
  390. *s += PrefixLength;
  391. return TRUE;
  392. }
  394. return FALSE;
  395. }
  398. BOOLEAN
  399. RegValidateKeyPath(
  400. IN PREG_CONTEXT RegistryContext,
  401. IN OUT PHKEY RootKeyHandle,
  402. IN OUT PCWSTR *SubKeyName
  403. )
  404. {
  405. PCWSTR s;
  407. s = *SubKeyName;
  408. if (*RootKeyHandle == NULL) {
  409. if (RegCheckPrefix( &s, L"USER:", 5 ) ||
  410. RegCheckPrefix( &s, L"HKEY_CURRENT_USER", 17 )
  411. ) {
  412. if (RegistryContext->CurrentUserRoot == NULL) {
  413. SetLastError( ERROR_BAD_PATHNAME );
  414. return FALSE;
  415. }
  417. if (*s == L'\\') {
  418. s += 1;
  419. }
  420. else
  421. if (s[-1] != L':' && *s != UNICODE_NULL) {
  422. SetLastError( ERROR_BAD_PATHNAME );
  423. return FALSE;
  424. }
  426. *RootKeyHandle = RegistryContext->CurrentUserRoot;
  427. }
  428. else
  429. if (RegCheckPrefix( &s, L"HKEY_LOCAL_MACHINE", 18 )) {
  430. if (*s == L'\\') {
  431. s += 1;
  432. }
  433. else
  434. if (*s != UNICODE_NULL) {
  435. SetLastError( ERROR_BAD_PATHNAME );
  436. return FALSE;
  437. }
  439. *RootKeyHandle = RegistryContext->MachineRoot;
  440. }
  441. else
  442. if (RegCheckPrefix( &s, L"HKEY_USERS", 10 )) {
  443. if (*s == L'\\') {
  444. s += 1;
  445. }
  446. else
  447. if (*s != UNICODE_NULL) {
  448. SetLastError( ERROR_BAD_PATHNAME );
  449. return FALSE;
  450. }
  452. *RootKeyHandle = RegistryContext->UsersRoot;
  453. }
  454. else
  455. if (*s != L'\\') {
  456. SetLastError( ERROR_BAD_PATHNAME );
  457. return FALSE;
  458. }
  459. else
  460. if (RegCheckPrefix( &s, RegistryContext->MachinePath, RegistryContext->MachinePathLength )) {
  461. *RootKeyHandle = RegistryContext->MachineRoot;
  462. if (*s == L'\\') {
  463. s += 1;
  464. }
  465. }
  466. else
  467. if (RegCheckPrefix( &s, RegistryContext->UsersPath, RegistryContext->UsersPathLength )) {
  468. *RootKeyHandle = RegistryContext->UsersRoot;
  469. if (*s == L'\\') {
  470. s += 1;
  471. }
  472. }
  473. else
  474. if (RegCheckPrefix( &s, RegistryContext->CurrentUserPath, RegistryContext->CurrentUserPathLength )) {
  475. *RootKeyHandle = RegistryContext->CurrentUserRoot;
  476. if (*s == L'\\') {
  477. s += 1;
  478. }
  479. }
  480. else
  481. if (!_wcsicmp( *SubKeyName, L"\\Registry" )) {
  482. *RootKeyHandle = NULL;
  483. }
  484. else {
  485. SetLastError( ERROR_BAD_PATHNAME );
  486. return FALSE;
  487. }
  488. }
  489. else
  490. if (*s == L'\\') {
  491. SetLastError( ERROR_BAD_PATHNAME );
  492. return FALSE;
  493. }
  495. *SubKeyName = s;
  496. return TRUE;
  497. }
  499. LONG
  500. RTCreateKey(
  501. IN PREG_CONTEXT RegistryContext,
  502. IN HKEY RootKeyHandle,
  503. IN PCWSTR SubKeyName,
  504. IN ACCESS_MASK DesiredAccess,
  505. IN ULONG CreateOptions,
  506. IN PVOID SecurityDescriptor,
  507. OUT PHKEY ReturnedKeyHandle,
  508. OUT PULONG Disposition
  509. )
  510. {
  511. LONG Error;
  512. SECURITY_ATTRIBUTES SecurityAttributes;
  514. if (!RegValidateKeyPath( RegistryContext, &RootKeyHandle, &SubKeyName )) {
  515. return GetLastError();
  516. }
  518. if (RootKeyHandle == NULL) {
  519. *Disposition = REG_OPENED_EXISTING_KEY;
  520. *ReturnedKeyHandle = HKEY_REGISTRY_ROOT;
  521. return NO_ERROR;
  522. }
  523. else
  524. if (RootKeyHandle == HKEY_REGISTRY_ROOT) {
  525. *ReturnedKeyHandle = NULL;
  526. if (!_wcsicmp( SubKeyName, L"Machine" )) {
  527. *ReturnedKeyHandle = RegistryContext->MachineRoot;
  528. }
  529. else
  530. if (!_wcsicmp( SubKeyName, L"Users" )) {
  531. *ReturnedKeyHandle = RegistryContext->UsersRoot;
  532. }
  535. if (*ReturnedKeyHandle != NULL) {
  536. return NO_ERROR;
  537. }
  538. else {
  539. return ERROR_PATH_NOT_FOUND;
  540. }
  541. }
  543. SecurityAttributes.nLength = sizeof( SecurityAttributes );
  544. SecurityAttributes.lpSecurityDescriptor = SecurityDescriptor;
  545. SecurityAttributes.bInheritHandle = FALSE;
  546. Error = RegCreateKeyEx( RootKeyHandle,
  547. SubKeyName,
  548. 0,
  549. NULL,
  550. CreateOptions,
  551. (REGSAM)DesiredAccess,
  552. &SecurityAttributes,
  553. ReturnedKeyHandle,
  554. Disposition
  555. );
  556. if (Error == NO_ERROR &&
  557. RegistryContext->Target == REG_TARGET_HIVE_REGISTRY
  558. ) {
  559. RegRememberOpenKey( RegistryContext, *ReturnedKeyHandle );
  560. }
  562. if (Error == NO_ERROR &&
  563. *Disposition == REG_OPENED_EXISTING_KEY &&
  564. SecurityDescriptor != NULL
  565. ) {
  566. RegSetKeySecurity( *ReturnedKeyHandle,
  567. DACL_SECURITY_INFORMATION,
  568. SecurityDescriptor
  569. );
  570. }
  572. return Error;
  573. }
  575. LONG
  576. RTOpenKey(
  577. IN PREG_CONTEXT RegistryContext,
  578. IN HKEY RootKeyHandle,
  579. IN PCWSTR SubKeyName,
  580. IN ACCESS_MASK DesiredAccess,
  581. IN ULONG OpenOptions,
  582. OUT PHKEY ReturnedKeyHandle
  583. )
  584. {
  585. LONG Error;
  587. if (!RegValidateKeyPath( RegistryContext, &RootKeyHandle, &SubKeyName )) {
  588. return GetLastError();
  589. }
  591. if (RootKeyHandle == NULL) {
  592. *ReturnedKeyHandle = HKEY_REGISTRY_ROOT;
  593. return NO_ERROR;
  594. }
  595. else
  596. if (RootKeyHandle == HKEY_REGISTRY_ROOT) {
  597. *ReturnedKeyHandle = NULL;
  598. if (!_wcsicmp( SubKeyName, L"Machine" )) {
  599. *ReturnedKeyHandle = RegistryContext->MachineRoot;
  600. }
  601. else
  602. if (!_wcsicmp( SubKeyName, L"Users" )) {
  603. *ReturnedKeyHandle = RegistryContext->UsersRoot;
  604. }
  606. if (*ReturnedKeyHandle != NULL) {
  607. return NO_ERROR;
  608. }
  609. else {
  610. return ERROR_PATH_NOT_FOUND;
  611. }
  612. }
  614. Error = RegOpenKeyEx( RootKeyHandle,
  615. SubKeyName,
  616. OpenOptions,
  617. DesiredAccess,
  618. ReturnedKeyHandle
  619. );
  620. if (Error == NO_ERROR &&
  621. RegistryContext->Target == REG_TARGET_HIVE_REGISTRY
  622. ) {
  623. RegRememberOpenKey( RegistryContext, *ReturnedKeyHandle );
  624. }
  626. return Error;
  627. }
  629. LONG
  630. RTCloseKey(
  631. IN PREG_CONTEXT RegistryContext,
  632. IN HKEY KeyHandle
  633. )
  634. {
  635. LONG Error;
  637. if (KeyHandle == HKEY_REGISTRY_ROOT) {
  638. return NO_ERROR;
  639. }
  640. else {
  641. Error = RegCloseKey( KeyHandle );
  642. if (Error == NO_ERROR &&
  643. RegistryContext->Target == REG_TARGET_HIVE_REGISTRY
  644. ) {
  645. RegForgetOpenKey( RegistryContext, KeyHandle );
  646. }
  648. return Error;
  649. }
  650. }
  652. LONG
  653. RTEnumerateValueKey(
  654. IN PREG_CONTEXT RegistryContext,
  655. IN HKEY KeyHandle,
  656. IN ULONG Index,
  657. OUT PULONG ValueType,
  658. IN OUT PULONG ValueNameLength,
  659. OUT PWSTR ValueName,
  660. IN OUT PULONG ValueDataLength,
  661. OUT PVOID ValueData
  662. )
  663. {
  664. ULONG Error;
  666. if (KeyHandle == HKEY_REGISTRY_ROOT) {
  667. return ERROR_NO_MORE_ITEMS;
  668. }
  669. else {
  670. Error = RegEnumValue( KeyHandle,
  671. Index,
  672. ValueName,
  673. ValueNameLength,
  674. NULL,
  675. ValueType,
  676. ValueData,
  677. ValueDataLength
  678. );
  679. if (Error == NO_ERROR) {
  680. RtlZeroMemory( (PCHAR)ValueData + *ValueDataLength, 4 - (*ValueDataLength & 3) );
  681. }
  683. return Error;
  684. }
  685. }
  687. LONG
  688. RTQueryValueKey(
  689. IN PREG_CONTEXT RegistryContext,
  690. IN HKEY KeyHandle,
  691. IN PWSTR ValueName,
  692. OUT PULONG ValueType,
  693. IN OUT PULONG ValueDataLength,
  694. OUT PVOID ValueData
  695. )
  696. {
  697. LONG Error;
  699. Error = RegQueryValueEx( KeyHandle,
  700. ValueName,
  701. NULL,
  702. ValueType,
  703. ValueData,
  704. ValueDataLength
  705. );
  707. if (Error == NO_ERROR) {
  708. RtlZeroMemory( (PCHAR)ValueData + *ValueDataLength, 4 - (*ValueDataLength & 3) );
  709. }
  711. return Error;
  712. }