svn commit: samba r5829 - in trunk/source/rpc_server: .
jerry at samba.org
jerry at samba.org
Wed Mar 16 14:31:36 GMT 2005
Author: jerry
Date: 2005-03-16 14:31:36 +0000 (Wed, 16 Mar 2005)
New Revision: 5829
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=5829
Log:
event log read fixups from Marcin Porwit <mporwit at centeris.com>
Modified:
trunk/source/rpc_server/srv_eventlog_nt.c
Changeset:
Modified: trunk/source/rpc_server/srv_eventlog_nt.c
===================================================================
--- trunk/source/rpc_server/srv_eventlog_nt.c 2005-03-16 09:25:52 UTC (rev 5828)
+++ trunk/source/rpc_server/srv_eventlog_nt.c 2005-03-16 14:31:36 UTC (rev 5829)
@@ -71,7 +71,7 @@
handle->data5[4]);
}
-/*
+/**
* Callout to open the specified event log
*
* smbrun calling convention --
@@ -176,7 +176,7 @@
return WERR_OK;
}
-/*
+/**
* Callout to get the number of records in the specified event log
*
* smbrun calling convention --
@@ -252,7 +252,7 @@
return WERR_OK;
}
-/*
+/**
* Callout to find the oldest record in the log
*
* smbrun calling convention --
@@ -330,7 +330,7 @@
return WERR_OK;
}
-/*
+/**
* Callout to close the specified event log
*
* smbrun calling convention --
@@ -419,8 +419,8 @@
{
char *start = NULL, *stop = NULL;
pstring temp;
- int temp_len = 0;
-
+ int temp_len = 0, i;
+
start = line;
if(start == NULL || strlen(start) == 0)
@@ -528,7 +528,6 @@
rpcstr_push((void *)(entry->data_record.computer_name), temp,
sizeof(entry->data_record.computer_name), STR_TERMINATE);
entry->data_record.computer_name_len = (strlen_w(entry->data_record.computer_name)* 2) + 2;
- entry->record.num_strings++;
}
else if(0 == strncmp(start, "SID", stop - start))
{
@@ -546,15 +545,27 @@
/* now skip any other leading whitespace */
while(isspace(stop[0]))
stop++;
+ temp_len = strlen(stop);
memset(temp, 0, sizeof(temp));
- temp_len = strlen(stop);
strncpy(temp, stop, temp_len);
- rpcstr_push((void *)(entry->data_record.strings), temp,
- sizeof(entry->data_record.strings), STR_TERMINATE);
- entry->data_record.strings_len = (strlen_w(entry->data_record.strings) * 2) + 2;
+ rpcstr_push((void *)(entry->data_record.strings + entry->data_record.strings_len),
+ temp,
+ sizeof(entry->data_record.strings) - entry->data_record.strings_len,
+ STR_TERMINATE);
+ entry->data_record.strings_len += temp_len + 1;
+ fprintf(stderr, "Dumping strings:\n");
+ for(i = 0; i < entry->data_record.strings_len; i++)
+ {
+ fputc((char)entry->data_record.strings[i], stderr);
+ }
+ fprintf(stderr, "\nDone\n");
+ entry->record.num_strings++;
}
else if(0 == strncmp(start, "DAT", stop - start))
{
+ /* Now that we're done processing the STR data, adjust the length to account for
+ unicode, then proceed with the DAT data. */
+ entry->data_record.strings_len *= 2;
/* skip past initial ":" */
stop++;
/* now skip any other leading whitespace */
@@ -577,7 +588,7 @@
}
return True;
}
-/*
+/**
* Callout to read entries from the specified event log
*
* smbrun calling convention --
@@ -594,7 +605,6 @@
* TMW:(uint32) - time written, seconds since January 1, 1970, 0000 UTC
* EID:(uint32) - eventlog source defined event identifier. If there's a stringfile for the event, it is an index into that
* ETP:(uint16) - eventlog type - one of ERROR, WARNING, INFO, AUDIT_SUCCESS, AUDIT_FAILURE
- * NST:(uint16) - number of strings in this log entry -- for now we only handle one string, so 0 or 1
* ECT:(uint16) - event category - depends on the eventlog generator...
* RS2:(uint16) - reserved, make it 0000
* CRN:(uint32) - reserved, make it 00000000 for now
@@ -602,9 +612,8 @@
* SRC:[(uint8)] - Name of the source, for example ccPwdSvc, in hex bytes. Can not be multiline.
* SRN:[(uint8)] - Name of the computer on which this is generated, the short hostname usually.
* SID:[(uint8)] - User sid if one exists. Must be present even if there is no SID.
- * STR:[(uint8)] - String data. First WORD specifies which string this is. Would be nice for this to ascend by one each time, maybe start from zero?
- * followed by the actual string information, encoded into hex8 characters... If two-plus consecutive lines have same #, it's means string concats.
- * If two have same #, but not consecutive, that's an error. If there is no String Data (and NST==0), must include the specifier.
+ * STR:[(uint8)] - String data. One string per line. Multiple strings can be specified using consecutive "STR" lines,
+ * up to a total aggregate string length of 1024 characters.
* DAT:[(uint8)] - The user-defined data portion of the event log. Can not be multiple lines.
*/
static BOOL _eventlog_read_eventlog_hook(Eventlog_info *info, Eventlog_entry *entry, const char *direction, int starting_record, int buffer_size, BOOL *eof)
@@ -672,7 +681,7 @@
Eventlog_entry *entry)
{
uint8 *offset;
- Eventlog_entry *new = NULL;
+ Eventlog_entry *new = NULL, *insert_point = NULL;
new = PRS_ALLOC_MEM(ps, Eventlog_entry, 1);
if(new == NULL)
@@ -726,10 +735,24 @@
memcpy(offset, &(entry->data_record.user_data), entry->data_record.user_data_len);
offset += entry->data_record.user_data_len;
/* Now that we've massaged the current entry, copy it into the new entry and add it
- to the list */
- new->next = r_u->entry;
- r_u->entry = new;
-
+ to end of the list */
+ insert_point=r_u->entry;
+
+ if (NULL == insert_point)
+ {
+ r_u->entry = new;
+ new->next = NULL;
+ }
+ else
+ {
+ while ((NULL != insert_point->next))
+ {
+ insert_point=insert_point->next;
+ }
+ new->next = NULL;
+ insert_point->next = new;
+ }
+
memcpy(&(new->record), &entry->record, sizeof(Eventlog_record));
memcpy(&(new->data_record), &entry->data_record, sizeof(Eventlog_data_record));
new->data = entry->data;
@@ -791,7 +814,7 @@
return WERR_OK;
}
-/*
+/**
* Callout to clear (and optionally backup) a specified event log
*
* smbrun calling convention --
More information about the samba-cvs
mailing list