3.1.5.1 OpenClassesRoot (Opnum 0)

  • Article

The OpenClassesRoot method is called by the client. In response, the server opens the HKEY_CLASSES_ROOT  predefined key.

 error_status_t OpenClassesRoot(
   [in, unique] PREGISTRY_SERVER_NAME ServerName,
   [in] REGSAM samDesired,
   [out] PRPC_HKEY phKey
 );

ServerName: The server name. The ServerName SHOULD be sent as NULL, and MUST be ignored when it is received because binding to the server is already complete at this stage.

samDesired: A bit field that describes the requested security access for the key. It MUST be constructed from one or more of the values specified in section 2.2.3.

phKey: A pointer to an RPC context handle for the root key, HKEY_CLASSES_ROOT, as specified in section 3.1.1.7. The handle is found in the handle table (HANDLETABLE).

Return Values: The method returns 0 (ERROR_SUCCESS) to indicate success; otherwise, it returns a nonzero error code, as specified in [MS-ERREF] section 2.2. The most common error codes are listed in the following table.

Return value/code

Description

0x00000005

ERROR_ACCESS_DENIED

Access is denied.

0x00000013

ERROR_WRITE_PROTECT

A read or write operation was attempted to a volume after it was dismounted. The server can no longer service registry requests because server shutdown has been initiated.

Server Operations

If the registry server can no longer service registry requests because server shutdown has been initiated (SHUTDOWNINPROGRESS is set to TRUE), the server MUST return ERROR_WRITE_PROTECT.

The server then determines which key namespace to operate on (KEYS32 or KEYS64) by inspecting the value of the samDesired parameter.

If server does not support the 64-bit key namespace 3.1.1.4, the server MUST operate on the 32-bit key namespace (KEYS32).

If the server is a 64-bit registry server and supports both the 32-bit and 64-bit key namespaces, as defined in section 3.1.1.4, the server MUST first check if both the KEY_WOW64_64KEY and KEY_WOW64_32KEY bits are set in the samDesired parameter. If both the KEY_WOW64_64KEY and KEY_WOW64_32KEY are set, the server SHOULD<13> fail the method and return ERROR_INVALID_PARAMETER.

Next, the server checks if the KEY_WOW64_32KEY is set in the samDesired parameter. If the KEY_WOW64_32KEY is set in the samDesired parameter, the server MUST open the root key, HKEY_CLASSES_ROOT, in the 32-bit key namespace (KEYS32). If the KEY_WOW64_32KEY is not set in the samDesired parameter, the server MUST open the root key, HKEY_CLASSES_ROOT, in the 64-bit key namespace (KEYS64). If the root key is to be opened in the 32-bit key namespace, the server MUST open the root key in the 32-bit key namespace. The 32-bit key namespace for HKEY_CLASSES_ROOT is stored as a subkey in the 64-bit key namespace in HKEY_CLASSES_ROOT\Wow6432Node.

The server MUST validate the value of the samDesired parameter set by the client. If the value of samDesired includes flags set that are not listed in section 2.2.3, the server MUST return ERROR_INVALID_PARAMETER.

The server attempts to open the root key, HKEY_CLASSES_ROOT, and return a handle to that key in the phKey parameter. The server MUST evaluate the security descriptor that is associated with the key against the requested access that is expressed in the samDesired parameter to determine whether the caller can open this key.

If the caller is permitted to open the key, the server MUST return 0 to indicate success and create a new valid context handle. The server MUST store the context handle value in the handle table (HANDLETABLE) along with a mapping to the HKEY_CLASSES_ROOT key. The server MUST place the context handle in the phKey parameter. If the caller does not have access, the server MUST return ERROR_ACCESS_DENIED (0x00000005).