diff options
-rw-r--r-- | source3/include/proto.h | 1 | ||||
-rw-r--r-- | source3/rpc_server/srv_eventlog_lib.c | 40 |
2 files changed, 41 insertions, 0 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 5c68e12566..0b58460beb 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6263,6 +6263,7 @@ int elog_close_tdb( ELOG_TDB *etdb, bool force_close ); int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ); void fixup_eventlog_entry( Eventlog_entry * ee ); bool parse_logentry( TALLOC_CTX *mem_ctx, char *line, Eventlog_entry * entry, bool * eor ); +size_t fixup_eventlog_record_tdb(struct eventlog_Record_tdb *r); struct eventlog_Record_tdb *evlog_pull_record_tdb(TALLOC_CTX *mem_ctx, TDB_CONTEXT *tdb, uint32_t record_number); diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 9d61307aaa..73aa5f94aa 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -749,6 +749,46 @@ bool parse_logentry( TALLOC_CTX *mem_ctx, char *line, Eventlog_entry * entry, bo return true; } +/******************************************************************* + calculate the correct fields etc for an eventlog entry +*******************************************************************/ + +size_t fixup_eventlog_record_tdb(struct eventlog_Record_tdb *r) +{ + size_t size = 56; /* static size of integers before buffers start */ + + r->source_name_len = strlen_m_term(r->source_name) * 2; + r->computer_name_len = strlen_m_term(r->computer_name) * 2; + r->strings_len = ndr_size_string_array(r->strings, + r->num_of_strings, LIBNDR_FLAG_STR_NULLTERM) * 2; + + /* fix up the eventlog entry structure as necessary */ + r->sid_padding = ( ( 4 - ( ( r->source_name_len + r->computer_name_len ) % 4 ) ) % 4 ); + r->padding = ( 4 - ( ( r->strings_len + r->data_length ) % 4 ) ) % 4; + + if (r->sid_length == 0) { + /* Should not pad to a DWORD boundary for writing out the sid if there is + no SID, so just propagate the padding to pad the data */ + r->padding += r->sid_padding; + r->sid_padding = 0; + } + + size += r->source_name_len; + size += r->computer_name_len; + size += r->sid_padding; + size += r->sid_length; + size += r->strings_len; + size += r->data_length; + size += r->padding; + /* need another copy of length at the end of the data */ + size += sizeof(r->size); + + r->size = size; + + return size; +} + + /******************************************************************** ********************************************************************/ |