2005-10-17 15:53:12 +00:00
2005-03-23 23:26:33 +00:00
/*
* Unix SMB / CIFS implementation .
2005-05-23 16:25:31 +00:00
* Virtual Windows Registry Layer
2005-09-30 17:13:37 +00:00
* Copyright ( C ) Marcin Krzysztof Porwit 2005 ,
2005-10-06 17:48:03 +00:00
* Copyright ( C ) Brian Moran 2005.
2005-09-30 17:13:37 +00:00
* Copyright ( C ) Gerald ( Jerry ) Carter 2005.
2005-03-23 23:26:33 +00:00
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
2007-07-09 19:25:36 +00:00
* the Free Software Foundation ; either version 3 of the License , or
2005-03-23 23:26:33 +00:00
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2007-07-10 05:23:25 +00:00
* along with this program ; if not , see < http : //www.gnu.org/licenses/>.
2005-03-23 23:26:33 +00:00
*/
2005-10-06 17:48:03 +00:00
2005-03-23 23:26:33 +00:00
# include "includes.h"
2009-10-02 00:17:06 +02:00
# include "registry.h"
2010-05-24 22:42:00 +02:00
# include "reg_backend_db.h"
2010-05-24 23:06:27 +02:00
# include "reg_eventlog.h"
2010-05-25 01:00:37 +02:00
# include "reg_objects.h"
2005-03-23 23:26:33 +00:00
2007-09-28 23:05:52 +00:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_REGISTRY
2005-09-30 17:13:37 +00:00
2005-03-23 23:26:33 +00:00
/**********************************************************************
2005-10-06 17:48:03 +00:00
for an eventlog , add in the default values
2005-09-30 17:13:37 +00:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-11-26 17:24:56 -08:00
bool eventlog_init_keys ( void )
2005-03-23 23:26:33 +00:00
{
2005-10-06 17:48:03 +00:00
/* Find all of the eventlogs, add keys for each of them */
2007-11-26 17:24:56 -08:00
const char * * elogs = lp_eventlog_list ( ) ;
char * evtlogpath = NULL ;
char * evtfilepath = NULL ;
2009-02-24 15:19:18 +01:00
struct regsubkey_ctr * subkeys ;
2009-03-23 18:14:17 +01:00
struct regval_ctr * values ;
2005-10-06 17:48:03 +00:00
uint32 uiMaxSize ;
uint32 uiRetention ;
uint32 uiCategoryCount ;
2009-09-23 20:46:08 +02:00
DATA_BLOB data ;
2007-11-26 17:24:56 -08:00
TALLOC_CTX * ctx = talloc_tos ( ) ;
2009-02-24 23:28:48 +01:00
WERROR werr ;
2005-10-06 17:48:03 +00:00
2007-11-26 17:24:56 -08:00
while ( elogs & & * elogs ) {
2009-02-24 23:28:48 +01:00
werr = regsubkey_ctr_init ( ctx , & subkeys ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2005-10-06 17:48:03 +00:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
2005-09-30 17:13:37 +00:00
}
2007-11-26 17:24:56 -08:00
regdb_fetch_keys ( KEY_EVENTLOG , subkeys ) ;
2005-10-06 17:48:03 +00:00
regsubkey_ctr_addkey ( subkeys , * elogs ) ;
2006-12-16 09:33:17 +00:00
if ( ! regdb_store_keys ( KEY_EVENTLOG , subkeys ) ) {
TALLOC_FREE ( subkeys ) ;
2005-10-06 17:48:03 +00:00
return False ;
2006-12-16 09:33:17 +00:00
}
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( subkeys ) ;
2005-10-06 17:48:03 +00:00
/* add in the key of form KEY_EVENTLOG/Application */
DEBUG ( 5 ,
( " Adding key of [%s] to path of [%s] \n " , * elogs ,
KEY_EVENTLOG ) ) ;
2007-11-26 17:24:56 -08:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s " ,
KEY_EVENTLOG , * elogs ) ;
if ( ! evtlogpath ) {
return false ;
}
2005-10-06 17:48:03 +00:00
/* add in the key of form KEY_EVENTLOG/Application/Application */
DEBUG ( 5 ,
( " Adding key of [%s] to path of [%s] \n " , * elogs ,
evtlogpath ) ) ;
2009-02-24 23:28:48 +01:00
werr = regsubkey_ctr_init ( ctx , & subkeys ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2005-10-06 17:48:03 +00:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
regdb_fetch_keys ( evtlogpath , subkeys ) ;
regsubkey_ctr_addkey ( subkeys , * elogs ) ;
2005-03-23 23:26:33 +00:00
2006-12-16 09:33:17 +00:00
if ( ! regdb_store_keys ( evtlogpath , subkeys ) ) {
TALLOC_FREE ( subkeys ) ;
2005-10-06 17:48:03 +00:00
return False ;
2006-12-16 09:33:17 +00:00
}
2005-10-06 17:48:03 +00:00
TALLOC_FREE ( subkeys ) ;
2005-09-30 17:13:37 +00:00
2005-10-06 17:48:03 +00:00
/* now add the values to the KEY_EVENTLOG/Application form key */
2010-05-23 23:59:34 +02:00
werr = regval_ctr_init ( ctx , & values ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2005-10-06 17:48:03 +00:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
DEBUG ( 5 ,
( " Storing values to eventlog path of [%s] \n " ,
evtlogpath ) ) ;
regdb_fetch_values ( evtlogpath , values ) ;
2005-10-18 03:21:59 +00:00
2007-11-26 17:24:56 -08:00
if ( ! regval_ctr_key_exists ( values , " MaxSize " ) ) {
2005-10-17 15:53:12 +00:00
2005-10-06 17:48:03 +00:00
/* assume we have none, add them all */
/* hard code some initial values */
2006-06-28 18:18:23 +00:00
/* uiDisplayNameId = 0x00000100; */
2005-10-06 17:48:03 +00:00
uiMaxSize = 0x00080000 ;
uiRetention = 0x93A80 ;
2007-11-26 17:24:56 -08:00
regval_ctr_addvalue ( values , " MaxSize " , REG_DWORD ,
2010-05-24 22:19:17 +02:00
( uint8 * ) & uiMaxSize ,
2007-11-26 17:24:56 -08:00
sizeof ( uint32 ) ) ;
2005-12-01 23:10:27 +00:00
2007-11-26 17:24:56 -08:00
regval_ctr_addvalue ( values , " Retention " , REG_DWORD ,
2010-05-24 22:19:17 +02:00
( uint8 * ) & uiRetention ,
2007-11-26 17:24:56 -08:00
sizeof ( uint32 ) ) ;
2005-12-01 23:10:27 +00:00
2009-09-24 15:01:32 +02:00
regval_ctr_addvalue_sz ( values , " PrimaryModule " , * elogs ) ;
2010-05-10 00:42:06 +02:00
push_reg_sz ( talloc_tos ( ) , & data , * elogs ) ;
2005-10-06 17:48:03 +00:00
2007-11-26 17:24:56 -08:00
regval_ctr_addvalue ( values , " Sources " , REG_MULTI_SZ ,
2010-05-24 22:19:17 +02:00
data . data ,
2009-09-23 20:46:08 +02:00
data . length ) ;
2005-12-01 23:10:27 +00:00
2007-11-26 17:24:56 -08:00
evtfilepath = talloc_asprintf ( ctx ,
" %%SystemRoot%% \\ system32 \\ config \\ %s.tdb " ,
* elogs ) ;
if ( ! evtfilepath ) {
TALLOC_FREE ( values ) ;
}
2010-05-10 00:42:06 +02:00
push_reg_sz ( talloc_tos ( ) , & data , evtfilepath ) ;
2010-05-24 22:19:17 +02:00
regval_ctr_addvalue ( values , " File " , REG_EXPAND_SZ , data . data ,
2009-09-23 20:46:08 +02:00
data . length ) ;
2007-11-26 17:24:56 -08:00
regdb_store_values ( evtlogpath , values ) ;
2005-03-23 23:26:33 +00:00
2005-10-06 17:48:03 +00:00
}
2005-09-30 17:13:37 +00:00
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( values ) ;
2005-03-23 23:26:33 +00:00
2005-10-06 17:48:03 +00:00
/* now do the values under KEY_EVENTLOG/Application/Application */
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( evtlogpath ) ;
2007-11-27 18:01:56 +01:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s \\ %s " ,
2007-11-26 17:24:56 -08:00
KEY_EVENTLOG , * elogs , * elogs ) ;
if ( ! evtlogpath ) {
return false ;
}
2010-05-23 23:59:34 +02:00
werr = regval_ctr_init ( ctx , & values ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2005-10-06 17:48:03 +00:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
DEBUG ( 5 ,
( " Storing values to eventlog path of [%s] \n " ,
2007-11-26 17:24:56 -08:00
evtlogpath ) ) ;
regdb_fetch_values ( evtlogpath , values ) ;
if ( ! regval_ctr_key_exists ( values , " CategoryCount " ) ) {
2005-10-06 17:48:03 +00:00
/* hard code some initial values */
uiCategoryCount = 0x00000007 ;
regval_ctr_addvalue ( values , " CategoryCount " ,
REG_DWORD ,
2010-05-24 22:19:17 +02:00
( uint8 * ) & uiCategoryCount ,
2005-10-06 17:48:03 +00:00
sizeof ( uint32 ) ) ;
2010-05-10 00:42:06 +02:00
push_reg_sz ( talloc_tos ( ) , & data ,
2009-09-23 20:46:08 +02:00
" %SystemRoot% \\ system32 \\ eventlog.dll " ) ;
2005-10-06 17:48:03 +00:00
regval_ctr_addvalue ( values , " CategoryMessageFile " ,
REG_EXPAND_SZ ,
2010-05-24 22:19:17 +02:00
data . data ,
2009-09-23 20:46:08 +02:00
data . length ) ;
2005-10-06 17:48:03 +00:00
regdb_store_values ( evtlogpath , values ) ;
}
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( values ) ;
2005-10-06 17:48:03 +00:00
elogs + + ;
}
2005-10-17 15:53:12 +00:00
2007-11-26 17:24:56 -08:00
return true ;
2005-10-17 15:53:12 +00:00
}
/*********************************************************************
2007-11-26 17:24:56 -08:00
for an eventlog , add in a source name . If the eventlog doesn ' t
exist ( not in the list ) do nothing . If a source for the log
2005-10-17 15:53:12 +00:00
already exists , change the information ( remove , replace )
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-18 17:40:25 -07:00
bool eventlog_add_source ( const char * eventlog , const char * sourcename ,
2005-10-17 15:53:12 +00:00
const char * messagefile )
{
/* Find all of the eventlogs, add keys for each of them */
/* need to add to the value KEY_EVENTLOG/<eventlog>/Sources string (Creating if necessary)
need to add KEY of source to KEY_EVENTLOG / < eventlog > / < source > */
const char * * elogs = lp_eventlog_list ( ) ;
2009-09-25 00:36:43 +02:00
const char * * wrklist , * * wp ;
2007-11-26 17:24:56 -08:00
char * evtlogpath = NULL ;
2009-02-24 15:19:18 +01:00
struct regsubkey_ctr * subkeys ;
2009-03-23 18:14:17 +01:00
struct regval_ctr * values ;
2009-03-23 22:27:59 +01:00
struct regval_blob * rval ;
2009-09-25 00:55:56 +02:00
int ii = 0 ;
2007-10-18 17:40:25 -07:00
bool already_in ;
2005-10-17 15:53:12 +00:00
int i ;
2009-09-25 00:55:56 +02:00
int numsources = 0 ;
2007-11-26 17:24:56 -08:00
TALLOC_CTX * ctx = talloc_tos ( ) ;
2009-02-24 23:28:48 +01:00
WERROR werr ;
2009-09-25 00:55:56 +02:00
DATA_BLOB blob ;
2005-10-17 15:53:12 +00:00
2007-06-22 19:33:46 +00:00
if ( ! elogs ) {
return False ;
}
2005-10-18 03:21:59 +00:00
for ( i = 0 ; elogs [ i ] ; i + + ) {
2005-10-17 15:53:12 +00:00
if ( strequal ( elogs [ i ] , eventlog ) )
break ;
}
if ( ! elogs [ i ] ) {
DEBUG ( 0 ,
( " Eventlog [%s] not found in list of valid event logs \n " ,
eventlog ) ) ;
2007-11-26 17:24:56 -08:00
return false ; /* invalid named passed in */
2005-10-17 15:53:12 +00:00
}
/* have to assume that the evenlog key itself exists at this point */
/* add in a key of [sourcename] under the eventlog key */
/* todo add to Sources */
2010-05-23 23:59:34 +02:00
werr = regval_ctr_init ( ctx , & values ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2007-11-26 17:24:56 -08:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return false ;
2005-10-17 15:53:12 +00:00
}
2007-11-27 18:01:56 +01:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s " , KEY_EVENTLOG , eventlog ) ;
2007-11-26 17:24:56 -08:00
if ( ! evtlogpath ) {
TALLOC_FREE ( values ) ;
return false ;
}
2005-10-17 15:53:12 +00:00
regdb_fetch_values ( evtlogpath , values ) ;
2005-10-18 03:21:59 +00:00
2005-10-17 15:53:12 +00:00
if ( ! ( rval = regval_ctr_getvalue ( values , " Sources " ) ) ) {
DEBUG ( 0 , ( " No Sources value for [%s]! \n " , eventlog ) ) ;
return False ;
}
/* perhaps this adding a new string to a multi_sz should be a fn? */
/* check to see if it's there already */
2010-05-23 23:59:34 +02:00
if ( regval_type ( rval ) ! = REG_MULTI_SZ ) {
2005-10-17 15:53:12 +00:00
DEBUG ( 0 ,
( " Wrong type for Sources, should be REG_MULTI_SZ \n " ) ) ;
return False ;
}
/* convert to a 'regulah' chars to do some comparisons */
already_in = False ;
wrklist = NULL ;
2010-05-23 23:59:34 +02:00
dump_data ( 1 , regval_data_p ( rval ) , regval_size ( rval ) ) ;
2005-10-17 15:53:12 +00:00
2010-05-23 23:59:34 +02:00
blob = data_blob_const ( regval_data_p ( rval ) , regval_size ( rval ) ) ;
2010-05-10 00:42:06 +02:00
if ( ! pull_reg_multi_sz ( talloc_tos ( ) , & blob , & wrklist ) ) {
2009-09-25 00:55:56 +02:00
return false ;
}
for ( ii = 0 ; wrklist [ ii ] ; ii + + ) {
numsources + + ;
}
if ( numsources > 0 ) {
2005-10-17 15:53:12 +00:00
/* see if it's in there already */
wp = wrklist ;
2005-10-18 03:21:59 +00:00
2009-09-25 00:55:56 +02:00
while ( wp & & * wp ) {
2005-10-17 15:53:12 +00:00
if ( strequal ( * wp , sourcename ) ) {
DEBUG ( 5 ,
2005-10-18 03:21:59 +00:00
( " Source name [%s] already in list for [%s] \n " ,
sourcename , eventlog ) ) ;
2005-10-17 15:53:12 +00:00
already_in = True ;
break ;
}
wp + + ;
}
} else {
DEBUG ( 3 ,
( " Nothing in the sources list, this might be a problem \n " ) ) ;
}
wp = wrklist ;
if ( ! already_in ) {
/* make a new list with an additional entry; copy values, add another */
2009-09-25 00:36:43 +02:00
wp = TALLOC_ARRAY ( ctx , const char * , numsources + 2 ) ;
2005-10-17 15:53:12 +00:00
if ( ! wp ) {
DEBUG ( 0 , ( " talloc() failed \n " ) ) ;
return False ;
}
memcpy ( wp , wrklist , sizeof ( char * ) * numsources ) ;
* ( wp + numsources ) = ( char * ) sourcename ;
* ( wp + numsources + 1 ) = NULL ;
2010-05-10 00:42:06 +02:00
if ( ! push_reg_multi_sz ( ctx , & blob , wp ) ) {
2009-09-25 00:36:43 +02:00
return false ;
}
dump_data ( 1 , blob . data , blob . length ) ;
2005-10-17 15:53:12 +00:00
regval_ctr_addvalue ( values , " Sources " , REG_MULTI_SZ ,
2010-05-24 22:19:17 +02:00
blob . data , blob . length ) ;
2005-10-17 15:53:12 +00:00
regdb_store_values ( evtlogpath , values ) ;
2009-09-25 00:36:43 +02:00
data_blob_free ( & blob ) ;
2005-10-17 15:53:12 +00:00
} else {
2005-10-18 03:21:59 +00:00
DEBUG ( 3 ,
2005-10-17 15:53:12 +00:00
( " Source name [%s] found in existing list of sources \n " ,
sourcename ) ) ;
}
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( values ) ;
TALLOC_FREE ( wrklist ) ; /* */
2005-10-17 15:53:12 +00:00
2009-02-24 23:28:48 +01:00
werr = regsubkey_ctr_init ( ctx , & subkeys ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2005-10-17 15:53:12 +00:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( evtlogpath ) ;
2007-11-27 18:01:56 +01:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s " , KEY_EVENTLOG , eventlog ) ;
2007-11-26 17:24:56 -08:00
if ( ! evtlogpath ) {
TALLOC_FREE ( subkeys ) ;
return false ;
}
2005-10-17 15:53:12 +00:00
regdb_fetch_keys ( evtlogpath , subkeys ) ;
if ( ! regsubkey_ctr_key_exists ( subkeys , sourcename ) ) {
DEBUG ( 5 ,
( " Source name [%s] for eventlog [%s] didn't exist, adding \n " ,
sourcename , eventlog ) ) ;
regsubkey_ctr_addkey ( subkeys , sourcename ) ;
if ( ! regdb_store_keys ( evtlogpath , subkeys ) )
return False ;
}
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( subkeys ) ;
2005-10-17 15:53:12 +00:00
2005-10-20 14:29:24 +00:00
/* at this point KEY_EVENTLOG/<eventlog>/<sourcename> key is in there. Now need to add EventMessageFile */
2005-10-17 15:53:12 +00:00
/* now allocate room for the source's subkeys */
2009-02-24 23:28:48 +01:00
werr = regsubkey_ctr_init ( ctx , & subkeys ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2005-10-17 15:53:12 +00:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( evtlogpath ) ;
2007-11-27 18:01:56 +01:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s \\ %s " ,
2007-11-26 17:24:56 -08:00
KEY_EVENTLOG , eventlog , sourcename ) ;
if ( ! evtlogpath ) {
TALLOC_FREE ( subkeys ) ;
return false ;
}
2005-10-17 15:53:12 +00:00
regdb_fetch_keys ( evtlogpath , subkeys ) ;
/* now add the values to the KEY_EVENTLOG/Application form key */
2010-05-23 23:59:34 +02:00
werr = regval_ctr_init ( ctx , & values ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
2005-10-17 15:53:12 +00:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
DEBUG ( 5 ,
2005-10-20 14:29:24 +00:00
( " Storing EventMessageFile [%s] to eventlog path of [%s] \n " ,
2005-10-17 15:53:12 +00:00
messagefile , evtlogpath ) ) ;
regdb_fetch_values ( evtlogpath , values ) ;
2009-09-24 15:01:32 +02:00
regval_ctr_addvalue_sz ( values , " EventMessageFile " , messagefile ) ;
2005-10-17 15:53:12 +00:00
regdb_store_values ( evtlogpath , values ) ;
2007-11-26 17:24:56 -08:00
TALLOC_FREE ( values ) ;
2005-10-17 15:53:12 +00:00
2005-10-06 17:48:03 +00:00
return True ;
}
