3 * Unix SMB/CIFS implementation.
4 * Virtual Windows Registry Layer
5 * Copyright (C) Marcin Krzysztof Porwit 2005,
6 * Copyright (C) Brian Moran 2005.
7 * Copyright (C) Gerald (Jerry) Carter 2005.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 #define DBGC_CLASS DBGC_REGISTRY
28 /**********************************************************************
29 for an eventlog, add in the default values
30 *********************************************************************/
32 bool eventlog_init_keys(void)
34 /* Find all of the eventlogs, add keys for each of them */
35 const char **elogs = lp_eventlog_list();
36 char *evtlogpath = NULL;
37 char *evtfilepath = NULL;
38 struct regsubkey_ctr *subkeys;
39 struct regval_ctr *values;
42 uint32 uiCategoryCount;
44 TALLOC_CTX *ctx = talloc_tos();
47 while (elogs && *elogs) {
48 werr = regsubkey_ctr_init(ctx, &subkeys);
49 if (!W_ERROR_IS_OK(werr)) {
50 DEBUG( 0, ( "talloc() failure!\n" ) );
53 regdb_fetch_keys(KEY_EVENTLOG, subkeys);
54 regsubkey_ctr_addkey( subkeys, *elogs );
55 if ( !regdb_store_keys( KEY_EVENTLOG, subkeys ) ) {
61 /* add in the key of form KEY_EVENTLOG/Application */
63 ( "Adding key of [%s] to path of [%s]\n", *elogs,
66 evtlogpath = talloc_asprintf(ctx, "%s\\%s",
67 KEY_EVENTLOG, *elogs);
71 /* add in the key of form KEY_EVENTLOG/Application/Application */
73 ( "Adding key of [%s] to path of [%s]\n", *elogs,
75 werr = regsubkey_ctr_init(ctx, &subkeys);
76 if (!W_ERROR_IS_OK(werr)) {
77 DEBUG( 0, ( "talloc() failure!\n" ) );
80 regdb_fetch_keys( evtlogpath, subkeys );
81 regsubkey_ctr_addkey( subkeys, *elogs );
83 if ( !regdb_store_keys( evtlogpath, subkeys ) ) {
87 TALLOC_FREE( subkeys );
89 /* now add the values to the KEY_EVENTLOG/Application form key */
90 if (!(values = TALLOC_ZERO_P(ctx, struct regval_ctr))) {
91 DEBUG( 0, ( "talloc() failure!\n" ) );
95 ( "Storing values to eventlog path of [%s]\n",
97 regdb_fetch_values( evtlogpath, values );
100 if (!regval_ctr_key_exists(values, "MaxSize")) {
102 /* assume we have none, add them all */
104 /* hard code some initial values */
106 /* uiDisplayNameId = 0x00000100; */
107 uiMaxSize = 0x00080000;
108 uiRetention = 0x93A80;
110 regval_ctr_addvalue(values, "MaxSize", REG_DWORD,
114 regval_ctr_addvalue(values, "Retention", REG_DWORD,
115 (char *)&uiRetention,
117 init_unistr2(&data, *elogs, UNI_STR_TERMINATE);
119 regval_ctr_addvalue(values, "PrimaryModule", REG_SZ,
123 init_unistr2(&data, *elogs, UNI_STR_TERMINATE);
125 regval_ctr_addvalue(values, "Sources", REG_MULTI_SZ,
130 evtfilepath = talloc_asprintf(ctx,
131 "%%SystemRoot%%\\system32\\config\\%s.tdb",
136 init_unistr2(&data, evtfilepath, UNI_STR_TERMINATE);
137 regval_ctr_addvalue(values, "File", REG_EXPAND_SZ, (char *)data.buffer,
138 data.uni_str_len * sizeof(uint16));
139 regdb_store_values(evtlogpath, values);
145 /* now do the values under KEY_EVENTLOG/Application/Application */
146 TALLOC_FREE(evtlogpath);
147 evtlogpath = talloc_asprintf(ctx, "%s\\%s\\%s",
148 KEY_EVENTLOG, *elogs, *elogs);
152 if (!(values = TALLOC_ZERO_P(ctx, struct regval_ctr))) {
153 DEBUG( 0, ( "talloc() failure!\n" ) );
157 ( "Storing values to eventlog path of [%s]\n",
159 regdb_fetch_values(evtlogpath, values);
160 if (!regval_ctr_key_exists( values, "CategoryCount")) {
162 /* hard code some initial values */
164 uiCategoryCount = 0x00000007;
165 regval_ctr_addvalue( values, "CategoryCount",
167 ( char * ) &uiCategoryCount,
170 "%SystemRoot%\\system32\\eventlog.dll",
173 regval_ctr_addvalue( values, "CategoryMessageFile",
175 ( char * ) data.buffer,
178 regdb_store_values( evtlogpath, values );
187 /*********************************************************************
188 for an eventlog, add in a source name. If the eventlog doesn't
189 exist (not in the list) do nothing. If a source for the log
190 already exists, change the information (remove, replace)
191 *********************************************************************/
193 bool eventlog_add_source( const char *eventlog, const char *sourcename,
194 const char *messagefile )
196 /* Find all of the eventlogs, add keys for each of them */
197 /* need to add to the value KEY_EVENTLOG/<eventlog>/Sources string (Creating if necessary)
198 need to add KEY of source to KEY_EVENTLOG/<eventlog>/<source> */
200 const char **elogs = lp_eventlog_list( );
201 char **wrklist, **wp;
202 char *evtlogpath = NULL;
203 struct regsubkey_ctr *subkeys;
204 struct regval_ctr *values;
205 REGISTRY_VALUE *rval;
212 TALLOC_CTX *ctx = talloc_tos();
219 for ( i = 0; elogs[i]; i++ ) {
220 if ( strequal( elogs[i], eventlog ) )
226 ( "Eventlog [%s] not found in list of valid event logs\n",
228 return false; /* invalid named passed in */
231 /* have to assume that the evenlog key itself exists at this point */
232 /* add in a key of [sourcename] under the eventlog key */
234 /* todo add to Sources */
236 if (!( values = TALLOC_ZERO_P(ctx, struct regval_ctr))) {
237 DEBUG( 0, ( "talloc() failure!\n" ));
241 evtlogpath = talloc_asprintf(ctx, "%s\\%s", KEY_EVENTLOG, eventlog);
247 regdb_fetch_values( evtlogpath, values );
250 if ( !( rval = regval_ctr_getvalue( values, "Sources" ) ) ) {
251 DEBUG( 0, ( "No Sources value for [%s]!\n", eventlog ) );
254 /* perhaps this adding a new string to a multi_sz should be a fn? */
255 /* check to see if it's there already */
257 if ( rval->type != REG_MULTI_SZ ) {
259 ( "Wrong type for Sources, should be REG_MULTI_SZ\n" ) );
262 /* convert to a 'regulah' chars to do some comparisons */
266 dump_data( 1, rval->data_p, rval->size );
268 regval_convert_multi_sz( ( uint16 * ) rval->data_p, rval->size,
272 /* see if it's in there already */
275 while ( ii && wp && *wp ) {
276 if ( strequal( *wp, sourcename ) ) {
278 ( "Source name [%s] already in list for [%s] \n",
279 sourcename, eventlog ) );
287 if ( numsources < 0 ) {
288 DEBUG( 3, ( "problem in getting the sources\n" ) );
292 ( "Nothing in the sources list, this might be a problem\n" ) );
298 /* make a new list with an additional entry; copy values, add another */
299 wp = TALLOC_ARRAY(ctx, char *, numsources + 2 );
302 DEBUG( 0, ( "talloc() failed \n" ) );
305 memcpy( wp, wrklist, sizeof( char * ) * numsources );
306 *( wp + numsources ) = ( char * ) sourcename;
307 *( wp + numsources + 1 ) = NULL;
308 mbytes = regval_build_multi_sz( wp, &msz_wp );
309 dump_data( 1, ( uint8 * ) msz_wp, mbytes );
310 regval_ctr_addvalue( values, "Sources", REG_MULTI_SZ,
311 ( char * ) msz_wp, mbytes );
312 regdb_store_values( evtlogpath, values );
316 ( "Source name [%s] found in existing list of sources\n",
320 TALLOC_FREE(wrklist); /* */
322 werr = regsubkey_ctr_init(ctx, &subkeys);
323 if (!W_ERROR_IS_OK(werr)) {
324 DEBUG( 0, ( "talloc() failure!\n" ) );
327 TALLOC_FREE(evtlogpath);
328 evtlogpath = talloc_asprintf(ctx, "%s\\%s", KEY_EVENTLOG, eventlog );
330 TALLOC_FREE(subkeys);
334 regdb_fetch_keys( evtlogpath, subkeys );
336 if ( !regsubkey_ctr_key_exists( subkeys, sourcename ) ) {
338 ( " Source name [%s] for eventlog [%s] didn't exist, adding \n",
339 sourcename, eventlog ) );
340 regsubkey_ctr_addkey( subkeys, sourcename );
341 if ( !regdb_store_keys( evtlogpath, subkeys ) )
344 TALLOC_FREE(subkeys);
346 /* at this point KEY_EVENTLOG/<eventlog>/<sourcename> key is in there. Now need to add EventMessageFile */
348 /* now allocate room for the source's subkeys */
350 werr = regsubkey_ctr_init(ctx, &subkeys);
351 if (!W_ERROR_IS_OK(werr)) {
352 DEBUG( 0, ( "talloc() failure!\n" ) );
355 TALLOC_FREE(evtlogpath);
356 evtlogpath = talloc_asprintf(ctx, "%s\\%s\\%s",
357 KEY_EVENTLOG, eventlog, sourcename);
359 TALLOC_FREE(subkeys);
363 regdb_fetch_keys( evtlogpath, subkeys );
365 /* now add the values to the KEY_EVENTLOG/Application form key */
366 if ( !( values = TALLOC_ZERO_P(ctx, struct regval_ctr ) ) ) {
367 DEBUG( 0, ( "talloc() failure!\n" ) );
371 ( "Storing EventMessageFile [%s] to eventlog path of [%s]\n",
372 messagefile, evtlogpath ) );
374 regdb_fetch_values( evtlogpath, values );
376 init_unistr2( &data, messagefile, UNI_STR_TERMINATE );
378 regval_ctr_addvalue( values, "EventMessageFile", REG_SZ,
379 ( char * ) data.buffer,
380 data.uni_str_len * sizeof( uint16 ) );
381 regdb_store_values( evtlogpath, values );