registry/reg_eventlog.c

説明を見る。
00001 
00002 /* 
00003  *  Unix SMB/CIFS implementation.
00004  *  Virtual Windows Registry Layer
00005  *  Copyright (C) Marcin Krzysztof Porwit    2005,
00006  *  Copyright (C) Brian Moran                2005.
00007  *  Copyright (C) Gerald (Jerry) Carter      2005.
00008  *  
00009  *  This program is free software; you can redistribute it and/or modify
00010  *  it under the terms of the GNU General Public License as published by
00011  *  the Free Software Foundation; either version 2 of the License, or
00012  *  (at your option) any later version.
00013  *  
00014  *  This program is distributed in the hope that it will be useful,
00015  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00016  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00017  *  GNU General Public License for more details.
00018  *  
00019  *  You should have received a copy of the GNU General Public License
00020  *  along with this program; if not, write to the Free Software
00021  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
00022  */
00023 
00024 #include "includes.h"
00025 
00026 
00027 /**********************************************************************
00028  for an eventlog, add in the default values
00029 *********************************************************************/
00030 
00031 BOOL eventlog_init_keys( void )
00032 {
00033         /* Find all of the eventlogs, add keys for each of them */
00034         const char **elogs = lp_eventlog_list(  );
00035         pstring evtlogpath;
00036         pstring evtfilepath;
00037         REGSUBKEY_CTR *subkeys;
00038         REGVAL_CTR *values;
00039         uint32 uiMaxSize;
00040         uint32 uiRetention;
00041         uint32 uiCategoryCount;
00042         UNISTR2 data;
00043 
00044         while ( elogs && *elogs ) {
00045                 if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
00046                         DEBUG( 0, ( "talloc() failure!\n" ) );
00047                         return False;
00048                 }
00049                 regdb_fetch_keys( KEY_EVENTLOG, subkeys );
00050                 regsubkey_ctr_addkey( subkeys, *elogs );
00051                 if ( !regdb_store_keys( KEY_EVENTLOG, subkeys ) )
00052                         return False;
00053                 TALLOC_FREE( subkeys );
00054 
00055                 /* add in the key of form KEY_EVENTLOG/Application */
00056                 DEBUG( 5,
00057                        ( "Adding key of [%s] to path of [%s]\n", *elogs,
00058                          KEY_EVENTLOG ) );
00059 
00060                 slprintf( evtlogpath, sizeof( evtlogpath ) - 1, "%s\\%s",
00061                           KEY_EVENTLOG, *elogs );
00062                 /* add in the key of form KEY_EVENTLOG/Application/Application */
00063                 DEBUG( 5,
00064                        ( "Adding key of [%s] to path of [%s]\n", *elogs,
00065                          evtlogpath ) );
00066                 if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
00067                         DEBUG( 0, ( "talloc() failure!\n" ) );
00068                         return False;
00069                 }
00070                 regdb_fetch_keys( evtlogpath, subkeys );
00071                 regsubkey_ctr_addkey( subkeys, *elogs );
00072 
00073                 if ( !regdb_store_keys( evtlogpath, subkeys ) )
00074                         return False;
00075                 TALLOC_FREE( subkeys );
00076 
00077                 /* now add the values to the KEY_EVENTLOG/Application form key */
00078                 if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
00079                         DEBUG( 0, ( "talloc() failure!\n" ) );
00080                         return False;
00081                 }
00082                 DEBUG( 5,
00083                        ( "Storing values to eventlog path of [%s]\n",
00084                          evtlogpath ) );
00085                 regdb_fetch_values( evtlogpath, values );
00086 
00087 
00088                 if ( !regval_ctr_key_exists( values, "MaxSize" ) ) {
00089 
00090                         /* assume we have none, add them all */
00091 
00092                         /* hard code some initial values */
00093 
00094                         /* uiDisplayNameId = 0x00000100; */
00095                         uiMaxSize = 0x00080000;
00096                         uiRetention = 0x93A80;
00097 
00098                         regval_ctr_addvalue( values, "MaxSize", REG_DWORD,
00099                                              ( char * ) &uiMaxSize,
00100                                              sizeof( uint32 ) );
00101 
00102                         regval_ctr_addvalue( values, "Retention", REG_DWORD,
00103                                              ( char * ) &uiRetention,
00104                                              sizeof( uint32 ) );
00105                         init_unistr2( &data, *elogs, UNI_STR_TERMINATE );
00106 
00107                         regval_ctr_addvalue( values, "PrimaryModule", REG_SZ,
00108                                              ( char * ) data.buffer,
00109                                              data.uni_str_len *
00110                                              sizeof( uint16 ) );
00111                         init_unistr2( &data, *elogs, UNI_STR_TERMINATE );
00112 
00113                         regval_ctr_addvalue( values, "Sources", REG_MULTI_SZ,
00114                                              ( char * ) data.buffer,
00115                                              data.uni_str_len *
00116                                              sizeof( uint16 ) );
00117 
00118                         pstr_sprintf( evtfilepath, "%%SystemRoot%%\\system32\\config\\%s.tdb", *elogs );
00119                         init_unistr2( &data, evtfilepath, UNI_STR_TERMINATE );
00120                         regval_ctr_addvalue( values, "File", REG_EXPAND_SZ, ( char * ) data.buffer,
00121                                              data.uni_str_len * sizeof( uint16 ) );
00122                         regdb_store_values( evtlogpath, values );
00123 
00124                 }
00125 
00126                 TALLOC_FREE( values );
00127 
00128                 /* now do the values under KEY_EVENTLOG/Application/Application */
00129                 slprintf( evtlogpath, sizeof( evtlogpath ) - 1, "%s\\%s\\%s",
00130                           KEY_EVENTLOG, *elogs, *elogs );
00131                 if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
00132                         DEBUG( 0, ( "talloc() failure!\n" ) );
00133                         return False;
00134                 }
00135                 DEBUG( 5,
00136                        ( "Storing values to eventlog path of [%s]\n",
00137                          evtlogpath ) );
00138                 regdb_fetch_values( evtlogpath, values );
00139                 if ( !regval_ctr_key_exists( values, "CategoryCount" ) ) {
00140 
00141                         /* hard code some initial values */
00142 
00143                         uiCategoryCount = 0x00000007;
00144                         regval_ctr_addvalue( values, "CategoryCount",
00145                                              REG_DWORD,
00146                                              ( char * ) &uiCategoryCount,
00147                                              sizeof( uint32 ) );
00148                         init_unistr2( &data,
00149                                       "%SystemRoot%\\system32\\eventlog.dll",
00150                                       UNI_STR_TERMINATE );
00151 
00152                         regval_ctr_addvalue( values, "CategoryMessageFile",
00153                                              REG_EXPAND_SZ,
00154                                              ( char * ) data.buffer,
00155                                              data.uni_str_len *
00156                                              sizeof( uint16 ) );
00157                         regdb_store_values( evtlogpath, values );
00158                 }
00159                 TALLOC_FREE( values );
00160                 elogs++;
00161         }
00162 
00163         return True;
00164 
00165 }
00166 
00167 /*********************************************************************
00168  for an eventlog, add in a source name. If the eventlog doesn't 
00169  exist (not in the list) do nothing.   If a source for the log 
00170  already exists, change the information (remove, replace)
00171 *********************************************************************/
00172 
00173 BOOL eventlog_add_source( const char *eventlog, const char *sourcename,
00174                           const char *messagefile )
00175 {
00176         /* Find all of the eventlogs, add keys for each of them */
00177         /* need to add to the value KEY_EVENTLOG/<eventlog>/Sources string (Creating if necessary)
00178            need to add KEY of source to KEY_EVENTLOG/<eventlog>/<source> */
00179 
00180         const char **elogs = lp_eventlog_list(  );
00181         char **wrklist, **wp;
00182         pstring evtlogpath;
00183         REGSUBKEY_CTR *subkeys;
00184         REGVAL_CTR *values;
00185         REGISTRY_VALUE *rval;
00186         UNISTR2 data;
00187         uint16 *msz_wp;
00188         int mbytes, ii;
00189         BOOL already_in;
00190         int i;
00191         int numsources;
00192 
00193         if (!elogs) {
00194                 return False;
00195         }
00196 
00197         for ( i = 0; elogs[i]; i++ ) {
00198                 if ( strequal( elogs[i], eventlog ) )
00199                         break;
00200         }
00201 
00202         if ( !elogs[i] ) {
00203                 DEBUG( 0,
00204                        ( "Eventlog [%s] not found in list of valid event logs\n",
00205                          eventlog ) );
00206                 return False;   /* invalid named passed in */
00207         }
00208 
00209         /* have to assume that the evenlog key itself exists at this point */
00210         /* add in a key of [sourcename] under the eventlog key */
00211 
00212         /* todo add to Sources */
00213 
00214         if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
00215                 DEBUG( 0, ( "talloc() failure!\n" ) );
00216                 return False;
00217         }
00218 
00219         pstr_sprintf( evtlogpath, "%s\\%s", KEY_EVENTLOG, eventlog );
00220 
00221         regdb_fetch_values( evtlogpath, values );
00222 
00223 
00224         if ( !( rval = regval_ctr_getvalue( values, "Sources" ) ) ) {
00225                 DEBUG( 0, ( "No Sources value for [%s]!\n", eventlog ) );
00226                 return False;
00227         }
00228         /* perhaps this adding a new string to a multi_sz should be a fn? */
00229         /* check to see if it's there already */
00230 
00231         if ( rval->type != REG_MULTI_SZ ) {
00232                 DEBUG( 0,
00233                        ( "Wrong type for Sources, should be REG_MULTI_SZ\n" ) );
00234                 return False;
00235         }
00236         /* convert to a 'regulah' chars to do some comparisons */
00237 
00238         already_in = False;
00239         wrklist = NULL;
00240         dump_data( 1, (const char *)rval->data_p, rval->size );
00241         if ( ( numsources =
00242                regval_convert_multi_sz( ( uint16 * ) rval->data_p, rval->size,
00243                                         &wrklist ) ) > 0 ) {
00244 
00245                 ii = numsources;
00246                 /* see if it's in there already */
00247                 wp = wrklist;
00248 
00249                 while ( ii && wp && *wp ) {
00250                         if ( strequal( *wp, sourcename ) ) {
00251                                 DEBUG( 5,
00252                                        ( "Source name [%s] already in list for [%s] \n",
00253                                          sourcename, eventlog ) );
00254                                 already_in = True;
00255                                 break;
00256                         }
00257                         wp++;
00258                         ii--;
00259                 }
00260         } else {
00261                 if ( numsources < 0 ) {
00262                         DEBUG( 3, ( "problem in getting the sources\n" ) );
00263                         return False;
00264                 }
00265                 DEBUG( 3,
00266                        ( "Nothing in the sources list, this might be a problem\n" ) );
00267         }
00268 
00269         wp = wrklist;
00270 
00271         if ( !already_in ) {
00272                 /* make a new list with an additional entry; copy values, add another */
00273                 wp = TALLOC_ARRAY( NULL, char *, numsources + 2 );
00274 
00275                 if ( !wp ) {
00276                         DEBUG( 0, ( "talloc() failed \n" ) );
00277                         return False;
00278                 }
00279                 memcpy( wp, wrklist, sizeof( char * ) * numsources );
00280                 *( wp + numsources ) = ( char * ) sourcename;
00281                 *( wp + numsources + 1 ) = NULL;
00282                 mbytes = regval_build_multi_sz( wp, &msz_wp );
00283                 dump_data( 1, ( char * ) msz_wp, mbytes );
00284                 regval_ctr_addvalue( values, "Sources", REG_MULTI_SZ,
00285                                      ( char * ) msz_wp, mbytes );
00286                 regdb_store_values( evtlogpath, values );
00287                 TALLOC_FREE( msz_wp );
00288         } else {
00289                 DEBUG( 3,
00290                        ( "Source name [%s] found in existing list of sources\n",
00291                          sourcename ) );
00292         }
00293         TALLOC_FREE( values );
00294         if ( wrklist )
00295                 TALLOC_FREE( wrklist ); /*  */
00296 
00297         if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
00298                 DEBUG( 0, ( "talloc() failure!\n" ) );
00299                 return False;
00300         }
00301         pstr_sprintf( evtlogpath, "%s\\%s", KEY_EVENTLOG, eventlog );
00302 
00303         regdb_fetch_keys( evtlogpath, subkeys );
00304 
00305         if ( !regsubkey_ctr_key_exists( subkeys, sourcename ) ) {
00306                 DEBUG( 5,
00307                        ( " Source name [%s] for eventlog [%s] didn't exist, adding \n",
00308                          sourcename, eventlog ) );
00309                 regsubkey_ctr_addkey( subkeys, sourcename );
00310                 if ( !regdb_store_keys( evtlogpath, subkeys ) )
00311                         return False;
00312         }
00313         TALLOC_FREE( subkeys );
00314 
00315         /* at this point KEY_EVENTLOG/<eventlog>/<sourcename> key is in there. Now need to add EventMessageFile */
00316 
00317         /* now allocate room for the source's subkeys */
00318 
00319         if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
00320                 DEBUG( 0, ( "talloc() failure!\n" ) );
00321                 return False;
00322         }
00323         slprintf( evtlogpath, sizeof( evtlogpath ) - 1, "%s\\%s\\%s",
00324                   KEY_EVENTLOG, eventlog, sourcename );
00325 
00326         regdb_fetch_keys( evtlogpath, subkeys );
00327 
00328         /* now add the values to the KEY_EVENTLOG/Application form key */
00329         if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
00330                 DEBUG( 0, ( "talloc() failure!\n" ) );
00331                 return False;
00332         }
00333         DEBUG( 5,
00334                ( "Storing EventMessageFile [%s] to eventlog path of [%s]\n",
00335                  messagefile, evtlogpath ) );
00336 
00337         regdb_fetch_values( evtlogpath, values );
00338 
00339         init_unistr2( &data, messagefile, UNI_STR_TERMINATE );
00340 
00341         regval_ctr_addvalue( values, "EventMessageFile", REG_SZ,
00342                              ( char * ) data.buffer,
00343                              data.uni_str_len * sizeof( uint16 ) );
00344         regdb_store_values( evtlogpath, values );
00345 
00346         TALLOC_FREE( values );
00347 
00348         return True;
00349 }

Sambaに対してSat Aug 29 21:23:15 2009に生成されました。  doxygen 1.4.7