sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-04 08:22:08 +03:00
Code Activity

event log update

Browse Source
This commit is contained in:
Luke Leighton
-
parent 5c974cc4a4
commit bcc1212b07
3 changed files with 26 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
source/rpc_client/cli_eventlog.c
View File

@ -39,7 +39,7 @@ BOOL do_event_open(struct cli_state *cli, uint16 fnum, char *log, POLICY_HND *hn
prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True ); prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
/* store the parameters */ /* store the parameters */
make_eventlog_q_open(&q, log); make_eventlog_q_open(&q, log, NULL);
/* turn parameters into data stream */ /* turn parameters into data stream */
eventlog_io_q_open("", &q, &buf, 0); eventlog_io_q_open("", &q, &buf, 0);

35
source/rpc_parse/parse_eventlog.c
View File

@ -27,21 +27,21 @@ extern int DEBUGLEVEL;
/******************************************************************* /*******************************************************************
********************************************************************/ ********************************************************************/
void make_eventlog_q_open(EVENTLOG_Q_OPEN *q_u, char *journal) void make_eventlog_q_open(EVENTLOG_Q_OPEN *q_u, char *journal, char *unk)
{ {
q_u->ptr0=0x1; int len_journal = journal != NULL ? strlen(journal) : 0;
int len_unk = unk != NULL ? strlen(unk) : 0;
q_u->ptr0=0x1;
q_u->unk0=0x5c; q_u->unk0=0x5c;
q_u->unk1=0x01; q_u->unk1=0x01;
q_u->unk2=2*(strlen(journal)+1); make_uni_hdr(&(q_u->hdr_source), len_journal);
q_u->unk3=2*(strlen(journal)+1); make_unistr2(&(q_u->uni_source), journal, len_journal);
q_u->ptr_source=0x01; make_uni_hdr(&(q_u->hdr_unk), len_unk);
make_buf_unistr2(&(q_u->source), &(q_u->ptr_source), journal); make_unistr2(&(q_u->uni_unk), unk, len_unk);
q_u->unk4=0x00;
q_u->unk5=0x00;
q_u->unk6=0x01; q_u->unk6=0x01;
q_u->unk7=0x01; q_u->unk7=0x01;
} }
@ -59,16 +59,17 @@ void eventlog_io_q_open(char *desc, EVENTLOG_Q_OPEN *q_u, prs_struct *ps, int de
prs_uint16("unk0", ps, depth, &(q_u->unk0)); prs_uint16("unk0", ps, depth, &(q_u->unk0));
prs_uint16("unk1", ps, depth, &(q_u->unk1)); prs_uint16("unk1", ps, depth, &(q_u->unk1));
prs_uint16("unk2", ps, depth, &(q_u->unk2));
prs_uint16("unk3", ps, depth, &(q_u->unk3));
prs_uint32("ptr_source", ps, depth, &(q_u->ptr_source)); smb_io_unihdr("hdr_source", &(q_u->hdr_source), ps, depth);
smb_io_unistr2("uni_source", &(q_u->uni_source),
smb_io_unistr2("", &(q_u->source), q_u->ptr_source, ps, depth); q_u->hdr_source.buffer, ps, depth);
prs_align(ps);
smb_io_unihdr("hdr_unk", &(q_u->hdr_unk), ps, depth);
smb_io_unistr2("uni_unk", &(q_u->uni_unk),
q_u->hdr_unk.buffer, ps, depth);
prs_align(ps); prs_align(ps);
prs_uint32("unk4", ps, depth, &(q_u->unk4));
prs_uint32("unk5", ps, depth, &(q_u->unk5));
prs_uint32("unk6", ps, depth, &(q_u->unk6)); prs_uint32("unk6", ps, depth, &(q_u->unk6));
prs_uint32("unk7", ps, depth, &(q_u->unk7)); prs_uint32("unk7", ps, depth, &(q_u->unk7));
} }
@ -90,7 +91,6 @@ void eventlog_io_r_open(char *desc, EVENTLOG_R_OPEN *r_u, prs_struct *ps, int de
void make_eventlog_q_close(EVENTLOG_Q_CLOSE *q_u, POLICY_HND *pol) void make_eventlog_q_close(EVENTLOG_Q_CLOSE *q_u, POLICY_HND *pol)
{ {
memcpy(&(q_u->pol.data), pol->data, sizeof(q_u->pol.data)); memcpy(&(q_u->pol.data), pol->data, sizeof(q_u->pol.data));
} }
/******************************************************************* /*******************************************************************
@ -102,7 +102,6 @@ void eventlog_io_q_close(char *desc, EVENTLOG_Q_CLOSE *q_u, prs_struct *ps, int
prs_align(ps); prs_align(ps);
smb_io_pol_hnd("", &(q_u->pol), ps, depth); smb_io_pol_hnd("", &(q_u->pol), ps, depth);
} }
/******************************************************************* /*******************************************************************

15
source/rpcclient/cmd_eventlog.c
View File

@ -41,9 +41,10 @@ extern FILE* out_hnd;
void cmd_eventlog(struct client_info *info) void cmd_eventlog(struct client_info *info)
{ {
uint16 nt_pipe_fnum; uint16 nt_pipe_fnum;
BOOL res = True; BOOL res = True;
BOOL res1 = True;
POLICY_HND hnd; POLICY_HND hnd;
uint32 number; uint32 number = 0;
uint32 flags; uint32 flags;
uint32 offset; uint32 offset;
uint32 num_of_bytes; uint32 num_of_bytes;
@ -60,17 +61,17 @@ void cmd_eventlog(struct client_info *info)
} }
/* open scheduler session. */ /* open scheduler session. */
res = res ? cli_nt_session_open(smb_cli, PIPE_EVENTLOG, &nt_pipe_fnum) : False; res1 = res1 ? cli_nt_session_open(smb_cli, PIPE_EVENTLOG, &nt_pipe_fnum) : False;
res = res ? do_event_open(smb_cli, nt_pipe_fnum, journal, &hnd) : False; res1 = res1 ? do_event_open(smb_cli, nt_pipe_fnum, journal, &hnd) : False;
res = res ? do_event_numofeventlogrec(smb_cli, nt_pipe_fnum, &hnd, &number) : False; res = res1 ? do_event_numofeventlogrec(smb_cli, nt_pipe_fnum, &hnd, &number) : False;
fprintf(out_hnd, "Number of events: %d\n", number); fprintf(out_hnd, "Number of events: %d\n", number);
display_eventlog_eventrecord(out_hnd, ACTION_HEADER, &ev); display_eventlog_eventrecord(out_hnd, ACTION_HEADER, &ev);
for (offset=0; offset<number; offset++) for (offset = 0; offset < number && res; offset++)
{ {
num_of_bytes=0; num_of_bytes=0;
@ -87,7 +88,7 @@ void cmd_eventlog(struct client_info *info)
display_eventlog_eventrecord(out_hnd, ACTION_FOOTER, &ev); display_eventlog_eventrecord(out_hnd, ACTION_FOOTER, &ev);
res = res ? do_event_close(smb_cli, nt_pipe_fnum, &hnd): False; res1 = res1 ? do_event_close(smb_cli, nt_pipe_fnum, &hnd): False;
/* close the session */ /* close the session */
cli_nt_session_close(smb_cli, nt_pipe_fnum); cli_nt_session_close(smb_cli, nt_pipe_fnum);