Difference between revisions of "Winreg"

(Registry links)
(history)
Line 48: Line 48:
  
 
--[[User:Obnox|obnox]] 07:44, 12 May 2010 (CDT)
 
--[[User:Obnox|obnox]] 07:44, 12 May 2010 (CDT)
 +
 +
--[[User:gladiac|GlaDiaC]] 18:21, 17 May 2010 (CEST)

Revision as of 16:22, 17 May 2010

WINREG Todos

  • add broader smbtorture tests (maybe also win32 tests)
  • fix invalid winreg IDL where [size_is(*unique_ptr)] and [length_is(*unique_ptr)] (also in pidl if possible)
  • avoid unique NULL pointer derref in various winreg server calls
  • handle SEC_FLAG_MAXIMUM_ALLOWED request access_mask mapping
  • handle sec_initial_uid() == geteuid() root free-pass
  • think about avoiding data normalisation
  • merge underlying registry implementations from s3 and s4 (possibly by first using the s3 backend code as one backend in the s4 registry library)

Backend cleanup

  • remove remaining calls to reg_dispatcher calls (store_reg_key, fetch_reg_keys etc) from the code (e.g. services/services_db.c) so that only reg_api.c is used to locally access the registry, and make reg_dispatcher and friends private (obnox)
  • create an api layer that uses the winreg rpc_client stubs with a local rpc binding (rpc_pipe_open_internal()) to call out directly to the server code. this will unify the local and remote access to registry in the code. (obnox)

Registry Secrets

REG_LINK

The MSDN docs describes REG_LINK as: "A null-terminated Unicode string that contains the target path of a symbolic link that was created by calling the RegCreateKeyEx function with REG_OPTION_CREATE_LINK."

Here’s the part that is not documented:

You have to set a special value called "SymbolicLinkValue" of type REG_LINK in the symbolic link key. The data associated with this special value is the target registry key to link to. The target registry key needs to be in kernel-mode registry syntax.

User-mode keys converted to kernel-mode:

   * HKEY_LOCAL_MACHINE is converted to \\registry\machine.
   * HKEY_USERS is converted to \\registry\user.
   * HKEY_CURRENT_USER is converted to \\registry\user\user_sid, where user_sid is the Security ID associated with the user.
   * HKEY_CLASSES_ROOT is converted to \\registry\machine\software\classes.

Registry links

Original:

 SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Print\\Printers
 SYSTEM\\CurrentControlSet001

Links:

 SYSTEM\\CurrentControlSet -> SYSTEM\\CurrentControlSet001
 SYSTEM\\CurrentControlSet001\\Control\\Print\\Printers -> SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Print\\Printers

history

--gd 04:00, 10 March 2010 (CST)

--obnox 07:44, 12 May 2010 (CDT)

--GlaDiaC 18:21, 17 May 2010 (CEST)