2005-10-17 19:53:12 +04:00
2005-03-24 02:26:33 +03:00
/*
* Unix SMB / CIFS implementation .
2005-05-23 20:25:31 +04:00
* Virtual Windows Registry Layer
2005-09-30 21:13:37 +04:00
* Copyright ( C ) Marcin Krzysztof Porwit 2005 ,
2005-10-06 21:48:03 +04:00
* Copyright ( C ) Brian Moran 2005.
2005-09-30 21:13:37 +04:00
* Copyright ( C ) Gerald ( Jerry ) Carter 2005.
2005-03-24 02:26:33 +03:00
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
* the Free Software Foundation ; either version 3 of the License , or
2005-03-24 02:26:33 +03:00
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2007-07-10 09:23:25 +04:00
* along with this program ; if not , see < http : //www.gnu.org/licenses/>.
2005-03-24 02:26:33 +03:00
*/
2005-10-06 21:48:03 +04:00
2005-03-24 02:26:33 +03:00
# include "includes.h"
2007-09-29 03:05:52 +04:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_REGISTRY
2005-09-30 21:13:37 +04:00
2005-03-24 02:26:33 +03:00
/**********************************************************************
2005-10-06 21:48:03 +04:00
for an eventlog , add in the default values
2005-09-30 21:13:37 +04:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-11-27 04:24:56 +03:00
bool eventlog_init_keys ( void )
2005-03-24 02:26:33 +03:00
{
2005-10-06 21:48:03 +04:00
/* Find all of the eventlogs, add keys for each of them */
2007-11-27 04:24:56 +03:00
const char * * elogs = lp_eventlog_list ( ) ;
char * evtlogpath = NULL ;
char * evtfilepath = NULL ;
2005-10-06 21:48:03 +04:00
REGSUBKEY_CTR * subkeys ;
REGVAL_CTR * values ;
uint32 uiMaxSize ;
uint32 uiRetention ;
uint32 uiCategoryCount ;
2005-09-30 21:13:37 +04:00
UNISTR2 data ;
2007-11-27 04:24:56 +03:00
TALLOC_CTX * ctx = talloc_tos ( ) ;
2005-10-06 21:48:03 +04:00
2007-11-27 04:24:56 +03:00
while ( elogs & & * elogs ) {
if ( ! ( subkeys = TALLOC_ZERO_P ( ctx , REGSUBKEY_CTR ) ) ) {
2005-10-06 21:48:03 +04:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
2005-09-30 21:13:37 +04:00
}
2007-11-27 04:24:56 +03:00
regdb_fetch_keys ( KEY_EVENTLOG , subkeys ) ;
2005-10-06 21:48:03 +04:00
regsubkey_ctr_addkey ( subkeys , * elogs ) ;
2006-12-16 12:33:17 +03:00
if ( ! regdb_store_keys ( KEY_EVENTLOG , subkeys ) ) {
TALLOC_FREE ( subkeys ) ;
2005-10-06 21:48:03 +04:00
return False ;
2006-12-16 12:33:17 +03:00
}
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( subkeys ) ;
2005-10-06 21:48:03 +04:00
/* add in the key of form KEY_EVENTLOG/Application */
DEBUG ( 5 ,
( " Adding key of [%s] to path of [%s] \n " , * elogs ,
KEY_EVENTLOG ) ) ;
2007-11-27 04:24:56 +03:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s " ,
KEY_EVENTLOG , * elogs ) ;
if ( ! evtlogpath ) {
return false ;
}
2005-10-06 21:48:03 +04:00
/* add in the key of form KEY_EVENTLOG/Application/Application */
DEBUG ( 5 ,
( " Adding key of [%s] to path of [%s] \n " , * elogs ,
evtlogpath ) ) ;
2007-11-27 04:24:56 +03:00
if ( ! ( subkeys = TALLOC_ZERO_P ( ctx , REGSUBKEY_CTR ) ) ) {
2005-10-06 21:48:03 +04:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
regdb_fetch_keys ( evtlogpath , subkeys ) ;
regsubkey_ctr_addkey ( subkeys , * elogs ) ;
2005-03-24 02:26:33 +03:00
2006-12-16 12:33:17 +03:00
if ( ! regdb_store_keys ( evtlogpath , subkeys ) ) {
TALLOC_FREE ( subkeys ) ;
2005-10-06 21:48:03 +04:00
return False ;
2006-12-16 12:33:17 +03:00
}
2005-10-06 21:48:03 +04:00
TALLOC_FREE ( subkeys ) ;
2005-09-30 21:13:37 +04:00
2005-10-06 21:48:03 +04:00
/* now add the values to the KEY_EVENTLOG/Application form key */
2007-11-27 04:24:56 +03:00
if ( ! ( values = TALLOC_ZERO_P ( ctx , REGVAL_CTR ) ) ) {
2005-10-06 21:48:03 +04:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
DEBUG ( 5 ,
( " Storing values to eventlog path of [%s] \n " ,
evtlogpath ) ) ;
regdb_fetch_values ( evtlogpath , values ) ;
2005-10-18 07:21:59 +04:00
2007-11-27 04:24:56 +03:00
if ( ! regval_ctr_key_exists ( values , " MaxSize " ) ) {
2005-10-17 19:53:12 +04:00
2005-10-06 21:48:03 +04:00
/* assume we have none, add them all */
/* hard code some initial values */
2006-06-28 22:18:23 +04:00
/* uiDisplayNameId = 0x00000100; */
2005-10-06 21:48:03 +04:00
uiMaxSize = 0x00080000 ;
uiRetention = 0x93A80 ;
2007-11-27 04:24:56 +03:00
regval_ctr_addvalue ( values , " MaxSize " , REG_DWORD ,
( char * ) & uiMaxSize ,
sizeof ( uint32 ) ) ;
2005-12-02 02:10:27 +03:00
2007-11-27 04:24:56 +03:00
regval_ctr_addvalue ( values , " Retention " , REG_DWORD ,
( char * ) & uiRetention ,
sizeof ( uint32 ) ) ;
init_unistr2 ( & data , * elogs , UNI_STR_TERMINATE ) ;
2005-12-02 02:10:27 +03:00
2007-11-27 04:24:56 +03:00
regval_ctr_addvalue ( values , " PrimaryModule " , REG_SZ ,
( char * ) data . buffer ,
2005-10-06 21:48:03 +04:00
data . uni_str_len *
2007-11-27 04:24:56 +03:00
sizeof ( uint16 ) ) ;
init_unistr2 ( & data , * elogs , UNI_STR_TERMINATE ) ;
2005-10-06 21:48:03 +04:00
2007-11-27 04:24:56 +03:00
regval_ctr_addvalue ( values , " Sources " , REG_MULTI_SZ ,
( char * ) data . buffer ,
2005-10-06 21:48:03 +04:00
data . uni_str_len *
2007-11-27 04:24:56 +03:00
sizeof ( uint16 ) ) ;
2005-12-02 02:10:27 +03:00
2007-11-27 04:24:56 +03:00
evtfilepath = talloc_asprintf ( ctx ,
" %%SystemRoot%% \\ system32 \\ config \\ %s.tdb " ,
* elogs ) ;
if ( ! evtfilepath ) {
TALLOC_FREE ( values ) ;
}
init_unistr2 ( & data , evtfilepath , UNI_STR_TERMINATE ) ;
regval_ctr_addvalue ( values , " File " , REG_EXPAND_SZ , ( char * ) data . buffer ,
data . uni_str_len * sizeof ( uint16 ) ) ;
regdb_store_values ( evtlogpath , values ) ;
2005-03-24 02:26:33 +03:00
2005-10-06 21:48:03 +04:00
}
2005-09-30 21:13:37 +04:00
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( values ) ;
2005-03-24 02:26:33 +03:00
2005-10-06 21:48:03 +04:00
/* now do the values under KEY_EVENTLOG/Application/Application */
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( evtlogpath ) ;
2007-11-27 20:01:56 +03:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s \\ %s " ,
2007-11-27 04:24:56 +03:00
KEY_EVENTLOG , * elogs , * elogs ) ;
if ( ! evtlogpath ) {
return false ;
}
if ( ! ( values = TALLOC_ZERO_P ( ctx , REGVAL_CTR ) ) ) {
2005-10-06 21:48:03 +04:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
DEBUG ( 5 ,
( " Storing values to eventlog path of [%s] \n " ,
2007-11-27 04:24:56 +03:00
evtlogpath ) ) ;
regdb_fetch_values ( evtlogpath , values ) ;
if ( ! regval_ctr_key_exists ( values , " CategoryCount " ) ) {
2005-10-06 21:48:03 +04:00
/* hard code some initial values */
uiCategoryCount = 0x00000007 ;
regval_ctr_addvalue ( values , " CategoryCount " ,
REG_DWORD ,
( char * ) & uiCategoryCount ,
sizeof ( uint32 ) ) ;
init_unistr2 ( & data ,
" %SystemRoot% \\ system32 \\ eventlog.dll " ,
UNI_STR_TERMINATE ) ;
regval_ctr_addvalue ( values , " CategoryMessageFile " ,
REG_EXPAND_SZ ,
( char * ) data . buffer ,
data . uni_str_len *
sizeof ( uint16 ) ) ;
regdb_store_values ( evtlogpath , values ) ;
}
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( values ) ;
2005-10-06 21:48:03 +04:00
elogs + + ;
}
2005-10-17 19:53:12 +04:00
2007-11-27 04:24:56 +03:00
return true ;
2005-10-17 19:53:12 +04:00
}
/*********************************************************************
2007-11-27 04:24:56 +03:00
for an eventlog , add in a source name . If the eventlog doesn ' t
exist ( not in the list ) do nothing . If a source for the log
2005-10-17 19:53:12 +04:00
already exists , change the information ( remove , replace )
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool eventlog_add_source ( const char * eventlog , const char * sourcename ,
2005-10-17 19:53:12 +04:00
const char * messagefile )
{
/* Find all of the eventlogs, add keys for each of them */
/* need to add to the value KEY_EVENTLOG/<eventlog>/Sources string (Creating if necessary)
need to add KEY of source to KEY_EVENTLOG / < eventlog > / < source > */
const char * * elogs = lp_eventlog_list ( ) ;
char * * wrklist , * * wp ;
2007-11-27 04:24:56 +03:00
char * evtlogpath = NULL ;
2005-10-17 19:53:12 +04:00
REGSUBKEY_CTR * subkeys ;
REGVAL_CTR * values ;
REGISTRY_VALUE * rval ;
UNISTR2 data ;
uint16 * msz_wp ;
int mbytes , ii ;
2007-10-19 04:40:25 +04:00
bool already_in ;
2005-10-17 19:53:12 +04:00
int i ;
int numsources ;
2007-11-27 04:24:56 +03:00
TALLOC_CTX * ctx = talloc_tos ( ) ;
2005-10-17 19:53:12 +04:00
2007-06-22 23:33:46 +04:00
if ( ! elogs ) {
return False ;
}
2005-10-18 07:21:59 +04:00
for ( i = 0 ; elogs [ i ] ; i + + ) {
2005-10-17 19:53:12 +04:00
if ( strequal ( elogs [ i ] , eventlog ) )
break ;
}
if ( ! elogs [ i ] ) {
DEBUG ( 0 ,
( " Eventlog [%s] not found in list of valid event logs \n " ,
eventlog ) ) ;
2007-11-27 04:24:56 +03:00
return false ; /* invalid named passed in */
2005-10-17 19:53:12 +04:00
}
/* have to assume that the evenlog key itself exists at this point */
/* add in a key of [sourcename] under the eventlog key */
/* todo add to Sources */
2007-11-27 04:24:56 +03:00
if ( ! ( values = TALLOC_ZERO_P ( ctx , REGVAL_CTR ) ) ) {
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return false ;
2005-10-17 19:53:12 +04:00
}
2007-11-27 20:01:56 +03:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s " , KEY_EVENTLOG , eventlog ) ;
2007-11-27 04:24:56 +03:00
if ( ! evtlogpath ) {
TALLOC_FREE ( values ) ;
return false ;
}
2005-10-17 19:53:12 +04:00
regdb_fetch_values ( evtlogpath , values ) ;
2005-10-18 07:21:59 +04:00
2005-10-17 19:53:12 +04:00
if ( ! ( rval = regval_ctr_getvalue ( values , " Sources " ) ) ) {
DEBUG ( 0 , ( " No Sources value for [%s]! \n " , eventlog ) ) ;
return False ;
}
/* perhaps this adding a new string to a multi_sz should be a fn? */
/* check to see if it's there already */
if ( rval - > type ! = REG_MULTI_SZ ) {
DEBUG ( 0 ,
( " Wrong type for Sources, should be REG_MULTI_SZ \n " ) ) ;
return False ;
}
/* convert to a 'regulah' chars to do some comparisons */
already_in = False ;
wrklist = NULL ;
2007-03-28 17:34:59 +04:00
dump_data ( 1 , rval - > data_p , rval - > size ) ;
2005-10-17 19:53:12 +04:00
if ( ( numsources =
regval_convert_multi_sz ( ( uint16 * ) rval - > data_p , rval - > size ,
& wrklist ) ) > 0 ) {
ii = numsources ;
/* see if it's in there already */
wp = wrklist ;
2005-10-18 07:21:59 +04:00
2005-10-17 19:53:12 +04:00
while ( ii & & wp & & * wp ) {
if ( strequal ( * wp , sourcename ) ) {
DEBUG ( 5 ,
2005-10-18 07:21:59 +04:00
( " Source name [%s] already in list for [%s] \n " ,
sourcename , eventlog ) ) ;
2005-10-17 19:53:12 +04:00
already_in = True ;
break ;
}
wp + + ;
ii - - ;
}
} else {
if ( numsources < 0 ) {
DEBUG ( 3 , ( " problem in getting the sources \n " ) ) ;
return False ;
}
DEBUG ( 3 ,
( " Nothing in the sources list, this might be a problem \n " ) ) ;
}
wp = wrklist ;
if ( ! already_in ) {
/* make a new list with an additional entry; copy values, add another */
2007-11-27 04:24:56 +03:00
wp = TALLOC_ARRAY ( ctx , char * , numsources + 2 ) ;
2005-10-17 19:53:12 +04:00
if ( ! wp ) {
DEBUG ( 0 , ( " talloc() failed \n " ) ) ;
return False ;
}
memcpy ( wp , wrklist , sizeof ( char * ) * numsources ) ;
* ( wp + numsources ) = ( char * ) sourcename ;
* ( wp + numsources + 1 ) = NULL ;
mbytes = regval_build_multi_sz ( wp , & msz_wp ) ;
2007-03-28 17:34:59 +04:00
dump_data ( 1 , ( uint8 * ) msz_wp , mbytes ) ;
2005-10-17 19:53:12 +04:00
regval_ctr_addvalue ( values , " Sources " , REG_MULTI_SZ ,
( char * ) msz_wp , mbytes ) ;
regdb_store_values ( evtlogpath , values ) ;
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( msz_wp ) ;
2005-10-17 19:53:12 +04:00
} else {
2005-10-18 07:21:59 +04:00
DEBUG ( 3 ,
2005-10-17 19:53:12 +04:00
( " Source name [%s] found in existing list of sources \n " ,
sourcename ) ) ;
}
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( values ) ;
TALLOC_FREE ( wrklist ) ; /* */
2005-10-17 19:53:12 +04:00
2007-11-27 04:24:56 +03:00
if ( ! ( subkeys = TALLOC_ZERO_P ( ctx , REGSUBKEY_CTR ) ) ) {
2005-10-17 19:53:12 +04:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( evtlogpath ) ;
2007-11-27 20:01:56 +03:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s " , KEY_EVENTLOG , eventlog ) ;
2007-11-27 04:24:56 +03:00
if ( ! evtlogpath ) {
TALLOC_FREE ( subkeys ) ;
return false ;
}
2005-10-17 19:53:12 +04:00
regdb_fetch_keys ( evtlogpath , subkeys ) ;
if ( ! regsubkey_ctr_key_exists ( subkeys , sourcename ) ) {
DEBUG ( 5 ,
( " Source name [%s] for eventlog [%s] didn't exist, adding \n " ,
sourcename , eventlog ) ) ;
regsubkey_ctr_addkey ( subkeys , sourcename ) ;
if ( ! regdb_store_keys ( evtlogpath , subkeys ) )
return False ;
}
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( subkeys ) ;
2005-10-17 19:53:12 +04:00
2005-10-20 18:29:24 +04:00
/* at this point KEY_EVENTLOG/<eventlog>/<sourcename> key is in there. Now need to add EventMessageFile */
2005-10-17 19:53:12 +04:00
/* now allocate room for the source's subkeys */
2007-11-27 04:24:56 +03:00
if ( ! ( subkeys = TALLOC_ZERO_P ( ctx , REGSUBKEY_CTR ) ) ) {
2005-10-17 19:53:12 +04:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( evtlogpath ) ;
2007-11-27 20:01:56 +03:00
evtlogpath = talloc_asprintf ( ctx , " %s \\ %s \\ %s " ,
2007-11-27 04:24:56 +03:00
KEY_EVENTLOG , eventlog , sourcename ) ;
if ( ! evtlogpath ) {
TALLOC_FREE ( subkeys ) ;
return false ;
}
2005-10-17 19:53:12 +04:00
regdb_fetch_keys ( evtlogpath , subkeys ) ;
/* now add the values to the KEY_EVENTLOG/Application form key */
2007-11-27 04:24:56 +03:00
if ( ! ( values = TALLOC_ZERO_P ( ctx , REGVAL_CTR ) ) ) {
2005-10-17 19:53:12 +04:00
DEBUG ( 0 , ( " talloc() failure! \n " ) ) ;
return False ;
}
DEBUG ( 5 ,
2005-10-20 18:29:24 +04:00
( " Storing EventMessageFile [%s] to eventlog path of [%s] \n " ,
2005-10-17 19:53:12 +04:00
messagefile , evtlogpath ) ) ;
regdb_fetch_values ( evtlogpath , values ) ;
init_unistr2 ( & data , messagefile , UNI_STR_TERMINATE ) ;
2005-10-20 18:29:24 +04:00
regval_ctr_addvalue ( values , " EventMessageFile " , REG_SZ ,
2005-10-17 19:53:12 +04:00
( char * ) data . buffer ,
data . uni_str_len * sizeof ( uint16 ) ) ;
regdb_store_values ( evtlogpath , values ) ;
2007-11-27 04:24:56 +03:00
TALLOC_FREE ( values ) ;
2005-10-17 19:53:12 +04:00
2005-10-06 21:48:03 +04:00
return True ;
}
