From 7a8d3cf392d4afcc263955192564774d722da466 Mon Sep 17 00:00:00 2001 From: = Date: Thu, 14 Apr 2016 21:22:10 +0100 Subject: [PATCH] Further fixes to support binary data. Added boolean return values and return documentation. --- windows/win_regedit.ps1 | 37 +++++++++++++++++++++++++++++++++++-- windows/win_regedit.py | 13 +++++++++++++ 2 files changed, 48 insertions(+), 2 deletions(-) diff --git a/windows/win_regedit.ps1 b/windows/win_regedit.ps1 index 806cc4ad5e4..1b5c9cf9918 100644 --- a/windows/win_regedit.ps1 +++ b/windows/win_regedit.ps1 @@ -28,6 +28,8 @@ New-PSDrive -PSProvider registry -Root HKEY_CURRENT_CONFIG -Name HCCC -ErrorActi $params = Parse-Args $args; $result = New-Object PSObject; Set-Attr $result "changed" $false; +Set-Attr $result "data_changed" $false; +Set-Attr $result "data_type_changed" $false; $registryKey = Get-Attr -obj $params -name "key" -failifempty $true $registryValue = Get-Attr -obj $params -name "value" -default $null @@ -56,6 +58,31 @@ Function Test-RegistryValueData { } } +# Returns rue if registry data matches. +# Handles binary and string registry data +Function Compare-RegistryData { + Param ( + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()]$ReferenceData, + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()]$DifferenceData + ) + $refType = $ReferenceData.GetType().Name + + if ($refType -eq "String" ) { + if ($ReferenceData -eq $DifferenceData) { + return $true + } else { + return $false + } + } elseif ($refType -eq "Object[]") { + if (@(Compare-Object $ReferenceData $DifferenceData -SyncWindow 0).Length -eq 0) { + return $true + } else { + return $false + } + } +} # Simplified version of Convert-HexStringToByteArray from # https://cyber-defense.sans.org/blog/2010/02/11/powershell-byte-array-hex-convert @@ -64,7 +91,7 @@ Function Test-RegistryValueData { function Convert-RegExportHexStringToByteArray { Param ( - [parameter(Mandatory=$true))] [String] $String + [parameter(Mandatory=$true)] [String] $String ) # remove 'hex:' from the front of the string if present @@ -100,6 +127,9 @@ if($state -eq "present") { { if (Test-RegistryValueData -Path $registryKey -Value $registryValue) { + # handle binary data + $currentRegistryData =(Get-ItemProperty -Path $registryKey | Select-Object -ExpandProperty $registryValue) + if ($registryValue.ToLower() -eq "(default)") { # Special case handling for the key's default property. Because .GetValueKind() doesn't work for the (default) key property $oldRegistryDataType = "String" @@ -116,6 +146,8 @@ if($state -eq "present") { Remove-ItemProperty -Path $registryKey -Name $registryValue New-ItemProperty -Path $registryKey -Name $registryValue -Value $registryData -PropertyType $registryDataType $result.changed = $true + $result.data_changed = $true + $result.data_type_changed = $true } Catch { @@ -123,11 +155,12 @@ if($state -eq "present") { } } # Changes Only Data - elseif ((Get-ItemProperty -Path $registryKey | Select-Object -ExpandProperty $registryValue) -ne $registryData) + elseif (-Not (Compare-RegistryData -ReferenceData $currentRegistryData -DifferenceData $registryData)) { Try { Set-ItemProperty -Path $registryKey -Name $registryValue -Value $registryData $result.changed = $true + $result.data_changed = $true } Catch { diff --git a/windows/win_regedit.py b/windows/win_regedit.py index 3317d6e8dc4..f428d1fcbde 100644 --- a/windows/win_regedit.py +++ b/windows/win_regedit.py @@ -116,3 +116,16 @@ EXAMPLES = ''' value: hello state: absent ''' +RETURN = ''' +data_changed: + description: whether this invocation changed the data in the registry value + returned: always + type: boolean + sample: false +data_type_changed: + description: whether this invocation changed the datatype of the registry value + returned: always + type: boolean + sample: true +''' +