reactos/rosapps/sysutils/regexpl/ShellCommandSACL.cpp

/* $Id$
 *
 * regexpl - Console Registry Explorer
 *
 * Copyright (C) 2000-2005 Nedko Arnaudov <nedko@users.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */

// ShellCommandSACL.cpp: implementation of the CShellCommandSACL class.
//
//////////////////////////////////////////////////////////////////////

#include "ph.h"
#include "ShellCommandSACL.h"
#include "RegistryExplorer.h"
#include "SecurityDescriptor.h"

#define SACL_CMD			_T("SACL")
#define SACL_CMD_LENGTH		COMMAND_LENGTH(SACL_CMD)
#define SACL_CMD_SHORT_DESC	SACL_CMD _T(" command is used to view")/*"/edit"*/_T(" key's SACL.\n")

//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////

CShellCommandSACL::CShellCommandSACL(CRegistryTree& rTree):m_rTree(rTree)
{

}

CShellCommandSACL::~CShellCommandSACL()
{

}

BOOL CShellCommandSACL::Match(const TCHAR *pchCommand)
{
	if (_tcsicmp(pchCommand,SACL_CMD) == 0)
		return TRUE;
	if (_tcsnicmp(pchCommand,SACL_CMD _T(".."),SACL_CMD_LENGTH+2*sizeof(TCHAR)) == 0)
		return TRUE;
	if (_tcsnicmp(pchCommand,SACL_CMD _T("/") ,SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0)
		return TRUE;
	if (_tcsnicmp(pchCommand,SACL_CMD _T("\\"),SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0)
		return TRUE;
	return FALSE;
}

int CShellCommandSACL::Execute(CConsole &rConsole, CArgumentParser& rArguments)
{
#define ERROR_MSG_BUFFER_SIZE 1024
  TCHAR pszError_msg[ERROR_MSG_BUFFER_SIZE];
  pszError_msg[ERROR_MSG_BUFFER_SIZE-1] = 0;
  
  rArguments.ResetArgumentIteration();

  const TCHAR *pszKey = NULL;
  BOOL blnDo = TRUE;
  BOOL blnBadParameter = FALSE;
  BOOL blnHelp = FALSE;
  const TCHAR *pszParameter;
  const TCHAR *pszCommandItself = rArguments.GetNextArgument();
  DWORD dwError;
  PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
  CSecurityDescriptor sd;
  HANDLE hThreadToken = INVALID_HANDLE_VALUE;
  
  if ((_tcsnicmp(pszCommandItself,SACL_CMD _T(".."),SACL_CMD_LENGTH+2*sizeof(TCHAR)) == 0)||
      (_tcsnicmp(pszCommandItself,SACL_CMD _T("\\"),SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0))
  {
    pszKey = pszCommandItself + SACL_CMD_LENGTH;
  }
  else if (_tcsnicmp(pszCommandItself,SACL_CMD _T("/"),SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0)
  {
    pszParameter = pszCommandItself + SACL_CMD_LENGTH;
    goto CheckSACLArgument;
  }
  
  while((pszParameter = rArguments.GetNextArgument()) != NULL)
  {
CheckSACLArgument:
    blnBadParameter = FALSE;
    if ((_tcsicmp(pszParameter,_T("/?")) == 0)||
        (_tcsicmp(pszParameter,_T("-?")) == 0))
    {
      blnHelp = TRUE;
      blnDo = pszKey != NULL;
    }
    else if (!pszKey)
    {
      pszKey = pszParameter;
      blnDo = TRUE;
    }
    else
    {
      blnBadParameter = TRUE;
    }
    if (blnBadParameter)
    {
      rConsole.Write(_T("Bad parameter: "));
      rConsole.Write(pszParameter);
      rConsole.Write(_T("\n"));
    }
  }

  CRegistryKey Key;

  ASSERT(hThreadToken == INVALID_HANDLE_VALUE);
  
  // Open thread token
  if (!OpenThreadToken(GetCurrentThread(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,FALSE,&hThreadToken))
  {	// OpenThreadToken failed
    dwError = GetLastError();
    if (dwError != ERROR_NO_TOKEN)
    {
      _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot open thread token.\nOpenThreadToken fails with error: %u\n"),(unsigned int)dwError);
      goto Error;
    }
    
    // If the thread does not have an access token, we'll examine the
    // access token associated with the process.
    if (!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hThreadToken))
    {
      _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot open process token.\nOpenProcessToken fails with error: %u\n"),(unsigned int)GetLastError());
      goto Error;
    }
  }
  
  ASSERT(hThreadToken != INVALID_HANDLE_VALUE);

  // enable SeSecurityPrivilege privilege
  TOKEN_PRIVILEGES priv;
  priv.PrivilegeCount = 1;
  priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
  if (!LookupPrivilegeValue(
      NULL,							// lookup privilege on local system
      SE_SECURITY_NAME,				// privilege to lookup 
      &(priv.Privileges[0].Luid)))	// receives LUID of privilege
  {
    _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot retrieve the locally unique identifier for %s privilege.\nLookupPrivilegeValue error: %u\n"),SE_SECURITY_NAME,(unsigned int)GetLastError());
    goto Error;
  }

  BOOL blnAdjRet;
  blnAdjRet = AdjustTokenPrivileges(
      hThreadToken,
      FALSE,
      &priv,
      sizeof(TOKEN_PRIVILEGES),
      (PTOKEN_PRIVILEGES)NULL,
      (PDWORD)NULL);
  dwError = GetLastError();
  if (!blnAdjRet)
  {
    _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot enable %s privilege.\nAdjustTokenPrivileges fails with error: %u%s\n"),SE_SECURITY_NAME,(unsigned int)dwError,(dwError == 5)?_T(" (Access denied)"):_T(""));
    goto Error;
  }
  
  if (dwError != ERROR_SUCCESS)
  {
    if (dwError == ERROR_NOT_ALL_ASSIGNED)
    {
      _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot enable %s privilege.\nThe token does not have the %s privilege\n"),SE_SECURITY_NAME,SE_SECURITY_NAME);
    }
    else
    {
      _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot enable %s privilege.\nAdjustTokenPrivileges succeds with error: %u\n"),SE_SECURITY_NAME,(unsigned int)dwError);
    }
    
    goto Error;
  }
  
  if (!m_rTree.GetKey(pszKey?pszKey:_T("."),KEY_QUERY_VALUE|READ_CONTROL|ACCESS_SYSTEM_SECURITY,Key))
  {
    rConsole.Write(m_rTree.GetLastErrorDescription());
    blnDo = FALSE;
  }
  
  if (blnHelp)
  {
    rConsole.Write(GetHelpString());
  }

  if (blnDo&&blnHelp)
    rConsole.Write(_T("\n"));

  if (!blnDo)
    return 0;
  
  if (Key.IsRoot())
  {
    _tcsncpy(pszError_msg,SACL_CMD COMMAND_NA_ON_ROOT,ERROR_MSG_BUFFER_SIZE-1);
    goto Error;
  }
      
  DWORD dwSecurityDescriptorLength;
  rConsole.Write(_T("Key : "));
  rConsole.Write(_T("\\"));
  
  rConsole.Write(Key.GetKeyName());
  rConsole.Write(_T("\n"));
  dwError = Key.GetSecurityDescriptorLength(&dwSecurityDescriptorLength);
  if (dwError != ERROR_SUCCESS)
  {
    _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot get security descriptor's length for current key.\nError: %u\n"),(unsigned int)dwError);
    goto Error;
  }
  
  pSecurityDescriptor = (PSECURITY_DESCRIPTOR) new unsigned char [dwSecurityDescriptorLength];
  if (!pSecurityDescriptor)
  {
      _tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);
      goto Error;
  }
  
  DWORD dwSecurityDescriptorLength1;
  dwSecurityDescriptorLength1 = dwSecurityDescriptorLength;
  dwError = Key.GetSecurityDescriptor((SECURITY_INFORMATION)SACL_SECURITY_INFORMATION,pSecurityDescriptor,&dwSecurityDescriptorLength1);
  if (dwError != ERROR_SUCCESS)
  {
    _sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot get security descriptor for current key.\nError: %u%s\n"),(unsigned int)dwError,(dwError == 1314)?_T("(A required privilege is not held by the client.)\n"):_T(""));
    goto Error;
  }
  
  sd.AssociateDescriptor(pSecurityDescriptor);
  sd.BeginSACLInteration();
  
  if ((!sd.DescriptorContainsSACL())||(sd.HasNULLSACL()))
  {
    _tcsncpy(pszError_msg,_T("Key has not SACL.\n"),ERROR_MSG_BUFFER_SIZE-1);
    goto Error;
  }
  
  if (!sd.HasValidSACL())
  {
    _tcsncpy(pszError_msg,_T("Invalid SACL.\n"),ERROR_MSG_BUFFER_SIZE-1);
    goto Error;
  }
  
  DWORD nACECount;
  nACECount = sd.GetSACLEntriesCount();
  rConsole.Write(_T("SACL has "));
  TCHAR Buffer[256];
  rConsole.Write(_itoa(nACECount,Buffer,10));
  rConsole.Write(_T(" ACEs.\n"));
  ASSERT(sizeof(ACL) == 8);
  rConsole.Write(_T("\n"));
  for (DWORD i = 0 ; i < nACECount ; i++)
  {
    rConsole.Write(_T("\n"));
    rConsole.Write(_T("\tACE Index: "));
    rConsole.Write(_itoa(i,Buffer,10));
    rConsole.Write(_T("\n"));
    rConsole.Write(_T("\tAudit Type: "));
    BOOL blnFailed, blnSuccessful;
    if (sd.GetSACLEntry(i,blnFailed,blnSuccessful) != CSecurityDescriptor::SystemAudit)
    {
      rConsole.Write(_T("Unknown ACE type.\nCannot continue ACE list dump.\n"));
      goto AbortDumpSACL;
    }
    
    if (blnFailed)
      rConsole.Write(_T("Failed access"));
    
    if (blnFailed && blnSuccessful)
      rConsole.Write(_T(" & "));
    if (blnSuccessful)
      rConsole.Write(_T("Successful access"));
    rConsole.Write(_T("\n"));
    
    PSID pSID = sd.GetCurrentACE_SID();
    if ((pSID == NULL)||(!IsValidSid(pSID)))
    {
      rConsole.Write(_T("\tInvalid SID.\n"));
    }
    
    DWORD dwSIDStringSize = 0;
    BOOL blnRet = GetTextualSid(pSID,NULL,&dwSIDStringSize);
    ASSERT(!blnRet);
    ASSERT(GetLastError() == ERROR_INSUFFICIENT_BUFFER);
    TCHAR *pszSID = new TCHAR[dwSIDStringSize];

    if (!pszSID)
    {
      _tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);
      goto Error;
    }
    
    if(!GetTextualSid(pSID,pszSID,&dwSIDStringSize))
    {
      dwError = GetLastError();
      ASSERT(dwError != ERROR_INSUFFICIENT_BUFFER);
      rConsole.Write(_T("Error "));
      TCHAR Buffer[256];
      rConsole.Write(_itoa(dwError,Buffer,10));
      rConsole.Write(_T("\nGetting string representation of SID\n"));
    }
    else
    {
      rConsole.Write(_T("\tSID: "));
      rConsole.Write(pszSID);
      rConsole.Write(_T("\n"));
    }
    delete pszSID;
    
    TCHAR *pszName, *pszDomainName;
    DWORD dwNameBufferLength, dwDomainNameBufferLength;
    dwNameBufferLength = 1024;
    dwDomainNameBufferLength = 1024;
    
    pszName = new TCHAR [dwNameBufferLength];
    if (!pszName)
    {
      _tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);
      goto Error;
    }
    
    pszDomainName = new TCHAR [dwDomainNameBufferLength];
    if (!pszDomainName)
    {
      _tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);
      goto Error;
    }
    
    DWORD dwNameLength = dwNameBufferLength, dwDomainNameLength = dwDomainNameBufferLength;
    SID_NAME_USE Use;
    if (!LookupAccountSid(NULL,pSID,pszName,&dwNameLength,pszDomainName,&dwDomainNameLength,&Use))
    {
      rConsole.Write(_T("Error "));
      TCHAR Buffer[256];
      rConsole.Write(_itoa(GetLastError(),Buffer,10));
      rConsole.Write(_T("\n"));
    }
    else
    {
      rConsole.Write(_T("\tTrustee Domain: "));
      rConsole.Write(pszDomainName);
      rConsole.Write(_T("\n"));
      rConsole.Write(_T("\tTrustee Name: "));
      rConsole.Write(pszName);
      rConsole.Write(_T("\n\tSID type: "));
      rConsole.Write(GetSidTypeName(Use));
      rConsole.Write(_T("\n"));
    }
    DWORD dwAccessMask;
    sd.GetCurrentACE_AccessMask(dwAccessMask);
    wsprintf(Buffer,_T("\tAccess Mask: 0x%08lX\n"),dwAccessMask);
    rConsole.Write(Buffer);
    if (dwAccessMask & GENERIC_READ)
    {
      rConsole.Write(_T("\t\tGENERIC_READ\n"));
    }
    if (dwAccessMask & GENERIC_WRITE)
    {
      rConsole.Write(_T("\t\tGENERIC_WRITE\n"));
    }
    if (dwAccessMask & GENERIC_EXECUTE)
    {
      rConsole.Write(_T("\t\tGENERIC_EXECUTE\n"));
    }
    if (dwAccessMask & GENERIC_ALL)
    {
      rConsole.Write(_T("\t\tGENERIC_ALL\n"));
    }
    if (dwAccessMask & SYNCHRONIZE)
    {
      rConsole.Write(_T("\t\tSYNCHRONIZE\n"));
    }
    if (dwAccessMask & WRITE_OWNER)
    {
      rConsole.Write(_T("\t\tWRITE_OWNER\n"));
    }
    if (dwAccessMask & WRITE_DAC)
    {
      rConsole.Write(_T("\t\tWRITE_DAC\n"));
    }
    if (dwAccessMask & READ_CONTROL)
    {
      rConsole.Write(_T("\t\tREAD_CONTROL\n"));
    }
    if (dwAccessMask & DELETE)
    {
      rConsole.Write(_T("\t\tDELETE\n"));
    }
    if (dwAccessMask & KEY_CREATE_LINK)
    {
      rConsole.Write(_T("\t\tKEY_CREATE_LINK\n"));
    }
    if (dwAccessMask & KEY_NOTIFY)
    {
      rConsole.Write(_T("\t\tKEY_NOTIFY\n"));
    }
    if (dwAccessMask & KEY_ENUMERATE_SUB_KEYS)
    {
      rConsole.Write(_T("\t\tKEY_ENUMERATE_SUB_KEYS\n"));
    }
    if (dwAccessMask & KEY_CREATE_SUB_KEY)
    {
      rConsole.Write(_T("\t\tKEY_CREATE_SUB_KEY\n"));
    }
    if (dwAccessMask & KEY_SET_VALUE)
    {
      rConsole.Write(_T("\t\tKEY_SET_VALUE\n"));
    }
    if (dwAccessMask & KEY_QUERY_VALUE)
    {
      rConsole.Write(_T("\t\tKEY_QUERY_VALUE\n"));
    }
  }	// for
  
AbortDumpSACL:
  ASSERT(pSecurityDescriptor);
  delete pSecurityDescriptor;

  VERIFY(CloseHandle(hThreadToken));

	return 0;
Error:
  if (pSecurityDescriptor)
    delete pSecurityDescriptor;

  if (hThreadToken != INVALID_HANDLE_VALUE)
    VERIFY(CloseHandle(hThreadToken));
  
  rConsole.Write(pszError_msg);
  return 0;
}

const TCHAR * CShellCommandSACL::GetHelpString()
{
	return SACL_CMD_SHORT_DESC
			_T("Syntax: ") SACL_CMD _T(" [<KEY>] [/?]\n\n")
			_T("    <KEY> - Optional relative path of desired key.\n")
			_T("    /?    - This help.\n\n")
			_T("Without parameters, command displays SACL of current key.\n");
}

const TCHAR * CShellCommandSACL::GetHelpShortDescriptionString()
{
	return SACL_CMD_SHORT_DESC;
}
Fix personal info. svn path=/trunk/; revision=12803 2005-01-04 21:40:25 +00:00			`/* $Id$`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00			`*`
			`* regexpl - Console Registry Explorer`
			`*`
Fix personal info. svn path=/trunk/; revision=12803 2005-01-04 21:40:25 +00:00			`* Copyright (C) 2000-2005 Nedko Arnaudov <nedko@users.sourceforge.net>`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00			`*`
GPL sync + delete value implemented svn path=/trunk/; revision=1419 2000-10-24 20:17:42 +00:00			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation; either version 2 of the License, or`
			`* (at your option) any later version.`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00			`*`
GPL sync + delete value implemented svn path=/trunk/; revision=1419 2000-10-24 20:17:42 +00:00			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; see the file COPYING. If not, write to`
			`* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,`
			`* Boston, MA 02111-1307, USA.`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00			`*/`

			`// ShellCommandSACL.cpp: implementation of the CShellCommandSACL class.`
			`//`
			`//////////////////////////////////////////////////////////////////////`

			`#include "ph.h"`
			`#include "ShellCommandSACL.h"`
			`#include "RegistryExplorer.h"`
			`#include "SecurityDescriptor.h"`

			`#define SACL_CMD _T("SACL")`
			`#define SACL_CMD_LENGTH COMMAND_LENGTH(SACL_CMD)`
			`#define SACL_CMD_SHORT_DESC SACL_CMD _T(" command is used to view")/"/edit"/_T(" key's SACL.\n")`

			`//////////////////////////////////////////////////////////////////////`
			`// Construction/Destruction`
			`//////////////////////////////////////////////////////////////////////`

			`CShellCommandSACL::CShellCommandSACL(CRegistryTree& rTree):m_rTree(rTree)`
			`{`

			`}`

			`CShellCommandSACL::~CShellCommandSACL()`
			`{`

			`}`

			`BOOL CShellCommandSACL::Match(const TCHAR *pchCommand)`
			`{`
			`if (_tcsicmp(pchCommand,SACL_CMD) == 0)`
			`return TRUE;`
			`if (_tcsnicmp(pchCommand,SACL_CMD _T(".."),SACL_CMD_LENGTH+2*sizeof(TCHAR)) == 0)`
			`return TRUE;`
			`if (_tcsnicmp(pchCommand,SACL_CMD _T("/") ,SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0)`
			`return TRUE;`
			`if (_tcsnicmp(pchCommand,SACL_CMD _T("\\"),SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0)`
			`return TRUE;`
			`return FALSE;`
			`}`

			`int CShellCommandSACL::Execute(CConsole &rConsole, CArgumentParser& rArguments)`
			`{`
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`#define ERROR_MSG_BUFFER_SIZE 1024`
			`TCHAR pszError_msg[ERROR_MSG_BUFFER_SIZE];`
			`pszError_msg[ERROR_MSG_BUFFER_SIZE-1] = 0;`

			`rArguments.ResetArgumentIteration();`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`const TCHAR *pszKey = NULL;`
			`BOOL blnDo = TRUE;`
			`BOOL blnBadParameter = FALSE;`
			`BOOL blnHelp = FALSE;`
			`const TCHAR *pszParameter;`
			`const TCHAR *pszCommandItself = rArguments.GetNextArgument();`
			`DWORD dwError;`
			`PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;`
			`CSecurityDescriptor sd;`
			`HANDLE hThreadToken = INVALID_HANDLE_VALUE;`

			`if ((_tcsnicmp(pszCommandItself,SACL_CMD _T(".."),SACL_CMD_LENGTH+2*sizeof(TCHAR)) == 0)\|\|`
			`(_tcsnicmp(pszCommandItself,SACL_CMD _T("\\"),SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0))`
			`{`
			`pszKey = pszCommandItself + SACL_CMD_LENGTH;`
			`}`
			`else if (_tcsnicmp(pszCommandItself,SACL_CMD _T("/"),SACL_CMD_LENGTH+1*sizeof(TCHAR)) == 0)`
			`{`
			`pszParameter = pszCommandItself + SACL_CMD_LENGTH;`
			`goto CheckSACLArgument;`
			`}`

			`while((pszParameter = rArguments.GetNextArgument()) != NULL)`
			`{`
			`CheckSACLArgument:`
			`blnBadParameter = FALSE;`
			`if ((_tcsicmp(pszParameter,_T("/?")) == 0)\|\|`
			`(_tcsicmp(pszParameter,_T("-?")) == 0))`
			`{`
			`blnHelp = TRUE;`
			`blnDo = pszKey != NULL;`
			`}`
			`else if (!pszKey)`
			`{`
			`pszKey = pszParameter;`
			`blnDo = TRUE;`
			`}`
			`else`
			`{`
			`blnBadParameter = TRUE;`
			`}`
			`if (blnBadParameter)`
			`{`
			`rConsole.Write(_T("Bad parameter: "));`
			`rConsole.Write(pszParameter);`
			`rConsole.Write(_T("\n"));`
			`}`
			`}`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`CRegistryKey Key;`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`ASSERT(hThreadToken == INVALID_HANDLE_VALUE);`

			`// Open thread token`
			`if (!OpenThreadToken(GetCurrentThread(),TOKEN_ADJUST_PRIVILEGES\|TOKEN_QUERY,FALSE,&hThreadToken))`
			`{ // OpenThreadToken failed`
			`dwError = GetLastError();`
			`if (dwError != ERROR_NO_TOKEN)`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot open thread token.\nOpenThreadToken fails with error: %u\n"),(unsigned int)dwError);`
			`goto Error;`
			`}`

			`// If the thread does not have an access token, we'll examine the`
			`// access token associated with the process.`
			`if (!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES\|TOKEN_QUERY,&hThreadToken))`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot open process token.\nOpenProcessToken fails with error: %u\n"),(unsigned int)GetLastError());`
			`goto Error;`
			`}`
			`}`

			`ASSERT(hThreadToken != INVALID_HANDLE_VALUE);`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`// enable SeSecurityPrivilege privilege`
			`TOKEN_PRIVILEGES priv;`
			`priv.PrivilegeCount = 1;`
			`priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;`
			`if (!LookupPrivilegeValue(`
			`NULL, // lookup privilege on local system`
			`SE_SECURITY_NAME, // privilege to lookup`
			`&(priv.Privileges[0].Luid))) // receives LUID of privilege`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot retrieve the locally unique identifier for %s privilege.\nLookupPrivilegeValue error: %u\n"),SE_SECURITY_NAME,(unsigned int)GetLastError());`
			`goto Error;`
			`}`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`BOOL blnAdjRet;`
			`blnAdjRet = AdjustTokenPrivileges(`
			`hThreadToken,`
			`FALSE,`
			`&priv,`
			`sizeof(TOKEN_PRIVILEGES),`
			`(PTOKEN_PRIVILEGES)NULL,`
			`(PDWORD)NULL);`
			`dwError = GetLastError();`
			`if (!blnAdjRet)`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot enable %s privilege.\nAdjustTokenPrivileges fails with error: %u%s\n"),SE_SECURITY_NAME,(unsigned int)dwError,(dwError == 5)?_T(" (Access denied)"):_T(""));`
			`goto Error;`
			`}`

			`if (dwError != ERROR_SUCCESS)`
			`{`
			`if (dwError == ERROR_NOT_ALL_ASSIGNED)`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot enable %s privilege.\nThe token does not have the %s privilege\n"),SE_SECURITY_NAME,SE_SECURITY_NAME);`
			`}`
			`else`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot enable %s privilege.\nAdjustTokenPrivileges succeds with error: %u\n"),SE_SECURITY_NAME,(unsigned int)dwError);`
			`}`

			`goto Error;`
			`}`

			`if (!m_rTree.GetKey(pszKey?pszKey:_T("."),KEY_QUERY_VALUE\|READ_CONTROL\|ACCESS_SYSTEM_SECURITY,Key))`
			`{`
			`rConsole.Write(m_rTree.GetLastErrorDescription());`
			`blnDo = FALSE;`
			`}`

			`if (blnHelp)`
			`{`
			`rConsole.Write(GetHelpString());`
			`}`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`if (blnDo&&blnHelp)`
			`rConsole.Write(_T("\n"));`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`if (!blnDo)`
			`return 0;`

			`if (Key.IsRoot())`
			`{`
			`_tcsncpy(pszError_msg,SACL_CMD COMMAND_NA_ON_ROOT,ERROR_MSG_BUFFER_SIZE-1);`
			`goto Error;`
			`}`

			`DWORD dwSecurityDescriptorLength;`
			`rConsole.Write(_T("Key : "));`
			`rConsole.Write(_T("\\"));`

			`rConsole.Write(Key.GetKeyName());`
			`rConsole.Write(_T("\n"));`
			`dwError = Key.GetSecurityDescriptorLength(&dwSecurityDescriptorLength);`
			`if (dwError != ERROR_SUCCESS)`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot get security descriptor's length for current key.\nError: %u\n"),(unsigned int)dwError);`
			`goto Error;`
			`}`

			`pSecurityDescriptor = (PSECURITY_DESCRIPTOR) new unsigned char [dwSecurityDescriptorLength];`
			`if (!pSecurityDescriptor)`
			`{`
			`_tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);`
			`goto Error;`
			`}`

			`DWORD dwSecurityDescriptorLength1;`
			`dwSecurityDescriptorLength1 = dwSecurityDescriptorLength;`
			`dwError = Key.GetSecurityDescriptor((SECURITY_INFORMATION)SACL_SECURITY_INFORMATION,pSecurityDescriptor,&dwSecurityDescriptorLength1);`
			`if (dwError != ERROR_SUCCESS)`
			`{`
			`_sntprintf(pszError_msg,ERROR_MSG_BUFFER_SIZE-1,_T("\nCannot get security descriptor for current key.\nError: %u%s\n"),(unsigned int)dwError,(dwError == 1314)?_T("(A required privilege is not held by the client.)\n"):_T(""));`
			`goto Error;`
			`}`

			`sd.AssociateDescriptor(pSecurityDescriptor);`
			`sd.BeginSACLInteration();`

			`if ((!sd.DescriptorContainsSACL())\|\|(sd.HasNULLSACL()))`
			`{`
			`_tcsncpy(pszError_msg,_T("Key has not SACL.\n"),ERROR_MSG_BUFFER_SIZE-1);`
			`goto Error;`
			`}`

			`if (!sd.HasValidSACL())`
			`{`
			`_tcsncpy(pszError_msg,_T("Invalid SACL.\n"),ERROR_MSG_BUFFER_SIZE-1);`
			`goto Error;`
			`}`

			`DWORD nACECount;`
			`nACECount = sd.GetSACLEntriesCount();`
			`rConsole.Write(_T("SACL has "));`
			`TCHAR Buffer[256];`
Make regexpl build again. (I know I really should fix this to be unicode) BTW this is a kick ass tool that does work over the network. I just tested it editing the registry on the wifes box. svn path=/trunk/; revision=11268 2004-10-11 01:24:22 +00:00			`rConsole.Write(_itoa(nACECount,Buffer,10));`
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`rConsole.Write(_T(" ACEs.\n"));`
			`ASSERT(sizeof(ACL) == 8);`
			`rConsole.Write(_T("\n"));`
			`for (DWORD i = 0 ; i < nACECount ; i++)`
			`{`
			`rConsole.Write(_T("\n"));`
			`rConsole.Write(_T("\tACE Index: "));`
Make regexpl build again. (I know I really should fix this to be unicode) BTW this is a kick ass tool that does work over the network. I just tested it editing the registry on the wifes box. svn path=/trunk/; revision=11268 2004-10-11 01:24:22 +00:00			`rConsole.Write(_itoa(i,Buffer,10));`
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`rConsole.Write(_T("\n"));`
			`rConsole.Write(_T("\tAudit Type: "));`
			`BOOL blnFailed, blnSuccessful;`
			`if (sd.GetSACLEntry(i,blnFailed,blnSuccessful) != CSecurityDescriptor::SystemAudit)`
			`{`
			`rConsole.Write(_T("Unknown ACE type.\nCannot continue ACE list dump.\n"));`
			`goto AbortDumpSACL;`
			`}`

			`if (blnFailed)`
			`rConsole.Write(_T("Failed access"));`

			`if (blnFailed && blnSuccessful)`
			`rConsole.Write(_T(" & "));`
			`if (blnSuccessful)`
			`rConsole.Write(_T("Successful access"));`
			`rConsole.Write(_T("\n"));`

			`PSID pSID = sd.GetCurrentACE_SID();`
			`if ((pSID == NULL)\|\|(!IsValidSid(pSID)))`
			`{`
			`rConsole.Write(_T("\tInvalid SID.\n"));`
			`}`

			`DWORD dwSIDStringSize = 0;`
			`BOOL blnRet = GetTextualSid(pSID,NULL,&dwSIDStringSize);`
			`ASSERT(!blnRet);`
			`ASSERT(GetLastError() == ERROR_INSUFFICIENT_BUFFER);`
			`TCHAR *pszSID = new TCHAR[dwSIDStringSize];`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`if (!pszSID)`
			`{`
			`_tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);`
			`goto Error;`
			`}`

			`if(!GetTextualSid(pSID,pszSID,&dwSIDStringSize))`
			`{`
			`dwError = GetLastError();`
			`ASSERT(dwError != ERROR_INSUFFICIENT_BUFFER);`
			`rConsole.Write(_T("Error "));`
			`TCHAR Buffer[256];`
Make regexpl build again. (I know I really should fix this to be unicode) BTW this is a kick ass tool that does work over the network. I just tested it editing the registry on the wifes box. svn path=/trunk/; revision=11268 2004-10-11 01:24:22 +00:00			`rConsole.Write(_itoa(dwError,Buffer,10));`
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`rConsole.Write(_T("\nGetting string representation of SID\n"));`
			`}`
			`else`
			`{`
			`rConsole.Write(_T("\tSID: "));`
			`rConsole.Write(pszSID);`
			`rConsole.Write(_T("\n"));`
			`}`
			`delete pszSID;`

			`TCHAR pszName, pszDomainName;`
			`DWORD dwNameBufferLength, dwDomainNameBufferLength;`
			`dwNameBufferLength = 1024;`
			`dwDomainNameBufferLength = 1024;`

			`pszName = new TCHAR [dwNameBufferLength];`
			`if (!pszName)`
			`{`
			`_tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);`
			`goto Error;`
			`}`

			`pszDomainName = new TCHAR [dwDomainNameBufferLength];`
			`if (!pszDomainName)`
			`{`
			`_tcsncpy(pszError_msg,_T("\nOut of memory.\n"),ERROR_MSG_BUFFER_SIZE-1);`
			`goto Error;`
			`}`

			`DWORD dwNameLength = dwNameBufferLength, dwDomainNameLength = dwDomainNameBufferLength;`
			`SID_NAME_USE Use;`
			`if (!LookupAccountSid(NULL,pSID,pszName,&dwNameLength,pszDomainName,&dwDomainNameLength,&Use))`
			`{`
			`rConsole.Write(_T("Error "));`
			`TCHAR Buffer[256];`
Make regexpl build again. (I know I really should fix this to be unicode) BTW this is a kick ass tool that does work over the network. I just tested it editing the registry on the wifes box. svn path=/trunk/; revision=11268 2004-10-11 01:24:22 +00:00			`rConsole.Write(_itoa(GetLastError(),Buffer,10));`
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`rConsole.Write(_T("\n"));`
			`}`
			`else`
			`{`
			`rConsole.Write(_T("\tTrustee Domain: "));`
			`rConsole.Write(pszDomainName);`
			`rConsole.Write(_T("\n"));`
			`rConsole.Write(_T("\tTrustee Name: "));`
			`rConsole.Write(pszName);`
			`rConsole.Write(_T("\n\tSID type: "));`
			`rConsole.Write(GetSidTypeName(Use));`
			`rConsole.Write(_T("\n"));`
			`}`
			`DWORD dwAccessMask;`
			`sd.GetCurrentACE_AccessMask(dwAccessMask);`
			`wsprintf(Buffer,_T("\tAccess Mask: 0x%08lX\n"),dwAccessMask);`
			`rConsole.Write(Buffer);`
			`if (dwAccessMask & GENERIC_READ)`
			`{`
			`rConsole.Write(_T("\t\tGENERIC_READ\n"));`
			`}`
			`if (dwAccessMask & GENERIC_WRITE)`
			`{`
			`rConsole.Write(_T("\t\tGENERIC_WRITE\n"));`
			`}`
			`if (dwAccessMask & GENERIC_EXECUTE)`
			`{`
			`rConsole.Write(_T("\t\tGENERIC_EXECUTE\n"));`
			`}`
			`if (dwAccessMask & GENERIC_ALL)`
			`{`
			`rConsole.Write(_T("\t\tGENERIC_ALL\n"));`
			`}`
			`if (dwAccessMask & SYNCHRONIZE)`
			`{`
			`rConsole.Write(_T("\t\tSYNCHRONIZE\n"));`
			`}`
			`if (dwAccessMask & WRITE_OWNER)`
			`{`
			`rConsole.Write(_T("\t\tWRITE_OWNER\n"));`
			`}`
			`if (dwAccessMask & WRITE_DAC)`
			`{`
			`rConsole.Write(_T("\t\tWRITE_DAC\n"));`
			`}`
			`if (dwAccessMask & READ_CONTROL)`
			`{`
			`rConsole.Write(_T("\t\tREAD_CONTROL\n"));`
			`}`
			`if (dwAccessMask & DELETE)`
			`{`
			`rConsole.Write(_T("\t\tDELETE\n"));`
			`}`
			`if (dwAccessMask & KEY_CREATE_LINK)`
			`{`
			`rConsole.Write(_T("\t\tKEY_CREATE_LINK\n"));`
			`}`
			`if (dwAccessMask & KEY_NOTIFY)`
			`{`
			`rConsole.Write(_T("\t\tKEY_NOTIFY\n"));`
			`}`
			`if (dwAccessMask & KEY_ENUMERATE_SUB_KEYS)`
			`{`
			`rConsole.Write(_T("\t\tKEY_ENUMERATE_SUB_KEYS\n"));`
			`}`
			`if (dwAccessMask & KEY_CREATE_SUB_KEY)`
			`{`
			`rConsole.Write(_T("\t\tKEY_CREATE_SUB_KEY\n"));`
			`}`
			`if (dwAccessMask & KEY_SET_VALUE)`
			`{`
			`rConsole.Write(_T("\t\tKEY_SET_VALUE\n"));`
			`}`
			`if (dwAccessMask & KEY_QUERY_VALUE)`
			`{`
			`rConsole.Write(_T("\t\tKEY_QUERY_VALUE\n"));`
			`}`
			`} // for`

Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00			`AbortDumpSACL:`
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`ASSERT(pSecurityDescriptor);`
			`delete pSecurityDescriptor;`

			`VERIFY(CloseHandle(hThreadToken));`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00
			`return 0;`
no message svn path=/trunk/; revision=1500 2001-01-10 01:25:29 +00:00			`Error:`
			`if (pSecurityDescriptor)`
			`delete pSecurityDescriptor;`

			`if (hThreadToken != INVALID_HANDLE_VALUE)`
			`VERIFY(CloseHandle(hThreadToken));`

			`rConsole.Write(pszError_msg);`
			`return 0;`
Registry Explorer (console tool) by Nedko Arnaoudov added to the system utilities subtree. Also here: http://www.geocities.com/registryexplorer/ svn path=/trunk/; revision=1375 2000-10-04 21:04:31 +00:00			`}`

			`const TCHAR * CShellCommandSACL::GetHelpString()`
			`{`
			`return SACL_CMD_SHORT_DESC`
			`_T("Syntax: ") SACL_CMD _T(" [<KEY>] [/?]\n\n")`
			`_T(" <KEY> - Optional relative path of desired key.\n")`
			`_T(" /? - This help.\n\n")`
			`_T("Without parameters, command displays SACL of current key.\n");`
			`}`

			`const TCHAR * CShellCommandSACL::GetHelpShortDescriptionString()`
			`{`
			`return SACL_CMD_SHORT_DESC;`
			`}`