3 * Unix SMB/CIFS implementation.
4 * Virtual Windows Registry Layer
5 * Copyright (C) Marcin Krzysztof Porwit 2005,
6 * Copyright (C) Brian Moran 2005.
7 * Copyright (C) Gerald (Jerry) Carter 2005.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 /**********************************************************************
27 for an eventlog, add in the default values
28 *********************************************************************/
30 BOOL eventlog_init_keys( void )
32 /* Find all of the eventlogs, add keys for each of them */
33 const char **elogs = lp_eventlog_list( );
36 REGSUBKEY_CTR *subkeys;
40 uint32 uiCategoryCount;
43 while ( elogs && *elogs ) {
44 if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
45 DEBUG( 0, ( "talloc() failure!\n" ) );
48 regdb_fetch_keys( KEY_EVENTLOG, subkeys );
49 regsubkey_ctr_addkey( subkeys, *elogs );
50 if ( !regdb_store_keys( KEY_EVENTLOG, subkeys ) ) {
54 TALLOC_FREE( subkeys );
56 /* add in the key of form KEY_EVENTLOG/Application */
58 ( "Adding key of [%s] to path of [%s]\n", *elogs,
61 slprintf( evtlogpath, sizeof( evtlogpath ) - 1, "%s\\%s",
62 KEY_EVENTLOG, *elogs );
63 /* add in the key of form KEY_EVENTLOG/Application/Application */
65 ( "Adding key of [%s] to path of [%s]\n", *elogs,
67 if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
68 DEBUG( 0, ( "talloc() failure!\n" ) );
71 regdb_fetch_keys( evtlogpath, subkeys );
72 regsubkey_ctr_addkey( subkeys, *elogs );
74 if ( !regdb_store_keys( evtlogpath, subkeys ) ) {
78 TALLOC_FREE( subkeys );
80 /* now add the values to the KEY_EVENTLOG/Application form key */
81 if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
82 DEBUG( 0, ( "talloc() failure!\n" ) );
86 ( "Storing values to eventlog path of [%s]\n",
88 regdb_fetch_values( evtlogpath, values );
91 if ( !regval_ctr_key_exists( values, "MaxSize" ) ) {
93 /* assume we have none, add them all */
95 /* hard code some initial values */
97 /* uiDisplayNameId = 0x00000100; */
98 uiMaxSize = 0x00080000;
99 uiRetention = 0x93A80;
101 regval_ctr_addvalue( values, "MaxSize", REG_DWORD,
102 ( char * ) &uiMaxSize,
105 regval_ctr_addvalue( values, "Retention", REG_DWORD,
106 ( char * ) &uiRetention,
108 init_unistr2( &data, *elogs, UNI_STR_TERMINATE );
110 regval_ctr_addvalue( values, "PrimaryModule", REG_SZ,
111 ( char * ) data.buffer,
114 init_unistr2( &data, *elogs, UNI_STR_TERMINATE );
116 regval_ctr_addvalue( values, "Sources", REG_MULTI_SZ,
117 ( char * ) data.buffer,
121 pstr_sprintf( evtfilepath, "%%SystemRoot%%\\system32\\config\\%s.tdb", *elogs );
122 init_unistr2( &data, evtfilepath, UNI_STR_TERMINATE );
123 regval_ctr_addvalue( values, "File", REG_EXPAND_SZ, ( char * ) data.buffer,
124 data.uni_str_len * sizeof( uint16 ) );
125 regdb_store_values( evtlogpath, values );
129 TALLOC_FREE( values );
131 /* now do the values under KEY_EVENTLOG/Application/Application */
132 slprintf( evtlogpath, sizeof( evtlogpath ) - 1, "%s\\%s\\%s",
133 KEY_EVENTLOG, *elogs, *elogs );
134 if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
135 DEBUG( 0, ( "talloc() failure!\n" ) );
139 ( "Storing values to eventlog path of [%s]\n",
141 regdb_fetch_values( evtlogpath, values );
142 if ( !regval_ctr_key_exists( values, "CategoryCount" ) ) {
144 /* hard code some initial values */
146 uiCategoryCount = 0x00000007;
147 regval_ctr_addvalue( values, "CategoryCount",
149 ( char * ) &uiCategoryCount,
152 "%SystemRoot%\\system32\\eventlog.dll",
155 regval_ctr_addvalue( values, "CategoryMessageFile",
157 ( char * ) data.buffer,
160 regdb_store_values( evtlogpath, values );
162 TALLOC_FREE( values );
170 /*********************************************************************
171 for an eventlog, add in a source name. If the eventlog doesn't
172 exist (not in the list) do nothing. If a source for the log
173 already exists, change the information (remove, replace)
174 *********************************************************************/
176 BOOL eventlog_add_source( const char *eventlog, const char *sourcename,
177 const char *messagefile )
179 /* Find all of the eventlogs, add keys for each of them */
180 /* need to add to the value KEY_EVENTLOG/<eventlog>/Sources string (Creating if necessary)
181 need to add KEY of source to KEY_EVENTLOG/<eventlog>/<source> */
183 const char **elogs = lp_eventlog_list( );
184 char **wrklist, **wp;
186 REGSUBKEY_CTR *subkeys;
188 REGISTRY_VALUE *rval;
200 for ( i = 0; elogs[i]; i++ ) {
201 if ( strequal( elogs[i], eventlog ) )
207 ( "Eventlog [%s] not found in list of valid event logs\n",
209 return False; /* invalid named passed in */
212 /* have to assume that the evenlog key itself exists at this point */
213 /* add in a key of [sourcename] under the eventlog key */
215 /* todo add to Sources */
217 if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
218 DEBUG( 0, ( "talloc() failure!\n" ) );
222 pstr_sprintf( evtlogpath, "%s\\%s", KEY_EVENTLOG, eventlog );
224 regdb_fetch_values( evtlogpath, values );
227 if ( !( rval = regval_ctr_getvalue( values, "Sources" ) ) ) {
228 DEBUG( 0, ( "No Sources value for [%s]!\n", eventlog ) );
231 /* perhaps this adding a new string to a multi_sz should be a fn? */
232 /* check to see if it's there already */
234 if ( rval->type != REG_MULTI_SZ ) {
236 ( "Wrong type for Sources, should be REG_MULTI_SZ\n" ) );
239 /* convert to a 'regulah' chars to do some comparisons */
243 dump_data( 1, rval->data_p, rval->size );
245 regval_convert_multi_sz( ( uint16 * ) rval->data_p, rval->size,
249 /* see if it's in there already */
252 while ( ii && wp && *wp ) {
253 if ( strequal( *wp, sourcename ) ) {
255 ( "Source name [%s] already in list for [%s] \n",
256 sourcename, eventlog ) );
264 if ( numsources < 0 ) {
265 DEBUG( 3, ( "problem in getting the sources\n" ) );
269 ( "Nothing in the sources list, this might be a problem\n" ) );
275 /* make a new list with an additional entry; copy values, add another */
276 wp = TALLOC_ARRAY( NULL, char *, numsources + 2 );
279 DEBUG( 0, ( "talloc() failed \n" ) );
282 memcpy( wp, wrklist, sizeof( char * ) * numsources );
283 *( wp + numsources ) = ( char * ) sourcename;
284 *( wp + numsources + 1 ) = NULL;
285 mbytes = regval_build_multi_sz( wp, &msz_wp );
286 dump_data( 1, ( uint8 * ) msz_wp, mbytes );
287 regval_ctr_addvalue( values, "Sources", REG_MULTI_SZ,
288 ( char * ) msz_wp, mbytes );
289 regdb_store_values( evtlogpath, values );
290 TALLOC_FREE( msz_wp );
293 ( "Source name [%s] found in existing list of sources\n",
296 TALLOC_FREE( values );
297 TALLOC_FREE( wrklist ); /* */
299 if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
300 DEBUG( 0, ( "talloc() failure!\n" ) );
303 pstr_sprintf( evtlogpath, "%s\\%s", KEY_EVENTLOG, eventlog );
305 regdb_fetch_keys( evtlogpath, subkeys );
307 if ( !regsubkey_ctr_key_exists( subkeys, sourcename ) ) {
309 ( " Source name [%s] for eventlog [%s] didn't exist, adding \n",
310 sourcename, eventlog ) );
311 regsubkey_ctr_addkey( subkeys, sourcename );
312 if ( !regdb_store_keys( evtlogpath, subkeys ) )
315 TALLOC_FREE( subkeys );
317 /* at this point KEY_EVENTLOG/<eventlog>/<sourcename> key is in there. Now need to add EventMessageFile */
319 /* now allocate room for the source's subkeys */
321 if ( !( subkeys = TALLOC_ZERO_P( NULL, REGSUBKEY_CTR ) ) ) {
322 DEBUG( 0, ( "talloc() failure!\n" ) );
325 slprintf( evtlogpath, sizeof( evtlogpath ) - 1, "%s\\%s\\%s",
326 KEY_EVENTLOG, eventlog, sourcename );
328 regdb_fetch_keys( evtlogpath, subkeys );
330 /* now add the values to the KEY_EVENTLOG/Application form key */
331 if ( !( values = TALLOC_ZERO_P( NULL, REGVAL_CTR ) ) ) {
332 DEBUG( 0, ( "talloc() failure!\n" ) );
336 ( "Storing EventMessageFile [%s] to eventlog path of [%s]\n",
337 messagefile, evtlogpath ) );
339 regdb_fetch_values( evtlogpath, values );
341 init_unistr2( &data, messagefile, UNI_STR_TERMINATE );
343 regval_ctr_addvalue( values, "EventMessageFile", REG_SZ,
344 ( char * ) data.buffer,
345 data.uni_str_len * sizeof( uint16 ) );
346 regdb_store_values( evtlogpath, values );
348 TALLOC_FREE( values );