/release/src/router/samba3/source/utils/profiles.c

/* 
   Samba Unix/Linux SMB client utility profiles.c 
   
   Copyright (C) Richard Sharpe, <rsharpe@richardsharpe.com>   2002 
   Copyright (C) Jelmer Vernooij (conversion to popt)          2003 
   Copyright (C) Gerald (Jerry) Carter                         2005 

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
   
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
   
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.  
*/
                                  
#include "includes.h"
#include "regfio.h"

/* GLOBAL VARIABLES */

DOM_SID old_sid, new_sid;
int change = 0, new_val = 0;
BOOL opt_verbose = False;

/********************************************************************
********************************************************************/

static void verbose_output(const char *format, ...) PRINTF_ATTRIBUTE(1,2);
static void verbose_output(const char *format, ...)
{
	va_list args;
	char *var = NULL;

	if (!opt_verbose) {
		return;
	}

	va_start(args, format);
	if ((vasprintf(&var, format, args)) == -1) {
		va_end(args);
		return;
	}

	fprintf(stdout, var);
	va_end(args);
	SAFE_FREE(var);
}

/********************************************************************
********************************************************************/

static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 )
{
	SEC_ACL *acl;
	int i;
	BOOL update = False;

	verbose_output("  Owner SID: %s\n", sid_string_static(sd->owner_sid));
	if ( sid_equal( sd->owner_sid, s1 ) ) {
		sid_copy( sd->owner_sid, s2 );
		update = True;
		verbose_output("  New Owner SID: %s\n", 
			sid_string_static(sd->owner_sid));

	}

	verbose_output("  Group SID: %s\n", sid_string_static(sd->group_sid));
	if ( sid_equal( sd->group_sid, s1 ) ) {
		sid_copy( sd->group_sid, s2 );
		update = True;
		verbose_output("  New Group SID: %s\n", 
			sid_string_static(sd->group_sid));
	}

	acl = sd->dacl;
	verbose_output("  DACL: %d entries:\n", acl->num_aces);
	for ( i=0; i<acl->num_aces; i++ ) {
		verbose_output("    Trustee SID: %s\n", 
			sid_string_static(&acl->aces[i].trustee));
		if ( sid_equal( &acl->aces[i].trustee, s1 ) ) {
			sid_copy( &acl->aces[i].trustee, s2 );
			update = True;
			verbose_output("    New Trustee SID: %s\n", 
				sid_string_static(&acl->aces[i].trustee));
		}
	}

#if 0
	acl = sd->sacl;
	verbose_output("  SACL: %d entries: \n", acl->num_aces);
	for ( i=0; i<acl->num_aces; i++ ) {
		verbose_output("    Trustee SID: %s\n", 
			sid_string_static(&acl->aces[i].trustee));
		if ( sid_equal( &acl->aces[i].trustee, s1 ) ) {
			sid_copy( &acl->aces[i].trustee, s2 );
			update = True;
			verbose_output("    New Trustee SID: %s\n", 
				sid_string_static(&acl->aces[i].trustee));
		}
	}
#endif
	return update;
}

/********************************************************************
********************************************************************/

static BOOL copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
                                REGF_NK_REC *parent, REGF_FILE *outfile,
                                const char *parentpath  )
{
	REGF_NK_REC *key, *subkey;
	SEC_DESC *new_sd;
	REGVAL_CTR *values;
	REGSUBKEY_CTR *subkeys;
	int i;
	pstring path;

	/* swap out the SIDs in the security descriptor */

	if ( !(new_sd = dup_sec_desc( outfile->mem_ctx, nk->sec_desc->sec_desc )) ) {
		fprintf( stderr, "Failed to copy security descriptor!\n" );
		return False;
	}

	verbose_output("ACL for %s%s%s\n", parentpath, parent ? "\\" : "", nk->keyname);
	swap_sid_in_acl( new_sd, &old_sid, &new_sid );

	if ( !(subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR )) ) {
		DEBUG(0,("copy_registry_tree: talloc() failure!\n"));
		return False;
	}

	if ( !(values = TALLOC_ZERO_P( subkeys, REGVAL_CTR )) ) {
		DEBUG(0,("copy_registry_tree: talloc() failure!\n"));
		return False;
	}

	/* copy values into the REGVAL_CTR */

	for ( i=0; i<nk->num_values; i++ ) {
		regval_ctr_addvalue( values, nk->values[i].valuename, nk->values[i].type,
			(const char *)nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) );
	}

	/* copy subkeys into the REGSUBKEY_CTR */

	while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
		regsubkey_ctr_addkey( subkeys, subkey->keyname );
	}

	key = regfio_write_key( outfile, nk->keyname, values, subkeys, new_sd, parent );

	/* write each one of the subkeys out */

	pstr_sprintf( path, "%s%s%s", parentpath, parent ? "\\" : "", nk->keyname );
	
	nk->subkey_index = 0;
	while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
		if ( !copy_registry_tree( infile, subkey, key, outfile, path ) )
			return False;
	}

	/* values is a talloc()'d child of subkeys here so just throw it all away */

	TALLOC_FREE( subkeys );

	verbose_output("[%s]\n", path);

	return True;
}

/*********************************************************************
*********************************************************************/

int main( int argc, char *argv[] )
{
	int opt;
	REGF_FILE *infile, *outfile;
	REGF_NK_REC *nk;
	pstring orig_filename, new_filename;
	struct poptOption long_options[] = {
		POPT_AUTOHELP
		{ "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" },
		{ "new-sid", 'n', POPT_ARG_STRING, NULL, 'n', "Provides SID to change to" },
		{ "verbose", 'v', POPT_ARG_NONE, &opt_verbose, 'v', "Verbose output" },
		POPT_COMMON_SAMBA
		POPT_COMMON_VERSION
		POPT_TABLEEND
	};
	poptContext pc;

	load_case_tables();

	/* setup logging options */

	setup_logging( "profiles", True );
	dbf = x_stderr;
	x_setbuf( x_stderr, NULL );

	pc = poptGetContext("profiles", argc, (const char **)argv, long_options, 
		POPT_CONTEXT_KEEP_FIRST);

	poptSetOtherOptionHelp(pc, "<profilefile>");

	/* Now, process the arguments */

	while ((opt = poptGetNextOpt(pc)) != -1) {
		switch (opt) {
		case 'c':
			change = 1;
			if (!string_to_sid(&old_sid, poptGetOptArg(pc))) {
				fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n");
				poptPrintUsage(pc, stderr, 0);
				exit(254);
			}
			break;

		case 'n':
			new_val = 1;
			if (!string_to_sid(&new_sid, poptGetOptArg(pc))) {
				fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n");
				poptPrintUsage(pc, stderr, 0);
				exit(253);
			}
			break;

		}
	}

	poptGetArg(pc); 

	if (!poptPeekArg(pc)) {
		poptPrintUsage(pc, stderr, 0);
		exit(1);
	}

	if ((!change && new_val) || (change && !new_val)) {
		fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n");
		poptPrintUsage(pc, stderr, 0);
		exit(252);
	}

	pstrcpy( orig_filename, poptPeekArg(pc) );
	pstr_sprintf( new_filename, "%s.new", orig_filename );
	
	if ( !(infile = regfio_open( orig_filename, O_RDONLY, 0 )) ) {
		fprintf( stderr, "Failed to open %s!\n", orig_filename );
		fprintf( stderr, "Error was (%s)\n", strerror(errno) );
		exit (1);
	}
	
	if ( !(outfile = regfio_open( new_filename, (O_RDWR|O_CREAT|O_TRUNC), (S_IREAD|S_IWRITE) )) ) {
		fprintf( stderr, "Failed to open new file %s!\n", new_filename );
		fprintf( stderr, "Error was (%s)\n", strerror(errno) );
		exit (1);
	}
	
	/* actually do the update now */
	
	if ((nk = regfio_rootkey( infile )) == NULL) {
		fprintf(stderr, "Could not get rootkey\n");
		exit(3);
	}
	
	if ( !copy_registry_tree( infile, nk, NULL, outfile, "" ) ) {
		fprintf(stderr, "Failed to write updated registry file!\n");
		exit(2);
	}
	
	/* cleanup */
	
	regfio_close( infile );
	regfio_close( outfile );

	poptFreeContext(pc);

	return( 0 );
}