From 0bf72b6e330a76bee502cb36c1cb80c46d47d33c Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 6 Oct 2005 17:48:03 +0000 Subject: r10781: merging eventlog and svcctl code from trunk (This used to be commit f10aa9fb84bfac4f1a22b74d63999668700ffaac) --- source3/rpc_server/srv_eventlog_lib.c | 620 ++++++++++++++++++++++++++++++++++ 1 file changed, 620 insertions(+) create mode 100644 source3/rpc_server/srv_eventlog_lib.c (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c new file mode 100644 index 0000000000..a8c1ad51d2 --- /dev/null +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -0,0 +1,620 @@ + +/* + * Unix SMB/CIFS implementation. + * Eventlog utility routines + * Copyright (C) Marcin Krzysztof Porwit 2005, + * Copyright (C) Gerald (Jerry) Carter 2005. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" + + +/**************************************************************** +Init an Eventlog TDB, and return it. If null, something bad happened. +****************************************************************/ +TDB_CONTEXT *init_eventlog_tdb( char *tdbfilename ) +{ + TDB_CONTEXT *the_tdb; + + unlink( tdbfilename ); + + the_tdb = + tdb_open_log( tdbfilename, 0, TDB_DEFAULT, O_RDWR | O_CREAT, + 0664 ); + if ( the_tdb == NULL ) { + DEBUG( 1, ( "Can't open tdb for [%s]\n", tdbfilename ) ); + return NULL; + } + tdb_store_int32( the_tdb, VN_oldest_entry, 1 ); + tdb_store_int32( the_tdb, VN_next_record, 1 ); + + /* initialize with defaults, copy real values in here from registry */ + + tdb_store_int32( the_tdb, VN_maxsize, 0x80000 ); + tdb_store_int32( the_tdb, VN_retention, 0x93A80 ); + + tdb_store_int32( the_tdb, VN_version, EVENTLOG_DATABASE_VERSION_V1 ); + return the_tdb; +} + +/* make the tdb file name for an event log, given destination buffer and size */ +char *mk_tdbfilename( char *dest_buffer, char *eventlog_name, int size_dest ) +{ + if ( !dest_buffer ) + return NULL; + pstring ondisk_name; + + pstrcpy( ondisk_name, "EV" ); + pstrcat( ondisk_name, eventlog_name ); + pstrcat( ondisk_name, ".tdb" ); + + memset( dest_buffer, 0, size_dest ); + + /* BAD things could happen if the dest_buffer is not large enough... */ + if ( strlen( ondisk_name ) > size_dest ) { + DEBUG( 3, ( "Buffer not big enough for filename\n" ) ); + return NULL; + } + + strncpy( dest_buffer, ondisk_name, size_dest ); + + return dest_buffer; +} + + +/* count the number of bytes in the TDB */ + +/* Arg! Static Globals! */ + +static int eventlog_tdbcount; +static int eventlog_tdbsize; + +/* this function is used to count up the number of bytes in a particular TDB */ +int eventlog_tdb_size_fn( TDB_CONTEXT * tdb, TDB_DATA key, TDB_DATA data, + void *state ) +{ + eventlog_tdbsize += data.dsize; + eventlog_tdbcount++; + return 0; +} + +/* returns the size of the eventlog, and if MaxSize is a non-null ptr, puts + the MaxSize there. This is purely a way not to have yet another function that solely + reads the maxsize of the eventlog. Yeah, that's it. */ + +int eventlog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention ) +{ + if ( !tdb ) + return 0; + eventlog_tdbcount = 0; + eventlog_tdbsize = 0; + + tdb_traverse( tdb, eventlog_tdb_size_fn, NULL ); + + if ( MaxSize != NULL ) { + *MaxSize = tdb_fetch_int32( tdb, VN_maxsize ); + } + + if ( Retention != NULL ) { + *Retention = tdb_fetch_int32( tdb, VN_retention ); + } + + DEBUG( 1, + ( "eventlog size: [%d] for [%d] records\n", eventlog_tdbsize, + eventlog_tdbcount ) ); + return eventlog_tdbsize; +} + + +/* + Discard early event logs until we have enough for 'needed' bytes... + NO checking done beforehand to see that we actually need to do this, and + it's going to pluck records one-by-one. So, it's best to determine that this + needs to be done before doing it. + + Setting whack_by_date to True indicates that eventlogs falling outside of the + retention range need to go... + +*/ + +/* return True if we made enough room to accommodate needed bytes */ + +BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, + BOOL whack_by_date ) +{ + int start_record, i, new_start; + int end_record; + int nbytes, reclen, len, Retention, MaxSize; + + int tresv1, trecnum, timegen, timewr; + + TDB_DATA key, ret; + TALLOC_CTX *mem_ctx = NULL; + + time_t current_time, exp_time; + + /* discard some eventlogs */ + + /* read eventlogs from oldest_entry -- there can't be any discontinuity in recnos, + although records not necessarily guaranteed to have successive times */ + /* */ + mem_ctx = talloc_init( "make_way_for_eventlogs" ); /* Homage to BPG */ + + if ( mem_ctx == NULL ) + return False; /* can't allocate memory indicates bigger problems */ + /* lock */ + tdb_lock_bystring( the_tdb, VN_next_record, 1 ); + /* read */ + end_record = tdb_fetch_int32( the_tdb, VN_next_record ); + start_record = tdb_fetch_int32( the_tdb, VN_oldest_entry ); + Retention = tdb_fetch_int32( the_tdb, VN_retention ); + MaxSize = tdb_fetch_int32( the_tdb, VN_maxsize ); + + time( ¤t_time ); + + /* calculate ... */ + exp_time = current_time - Retention; /* discard older than exp_time */ + + /* todo - check for sanity in next_record */ + nbytes = 0; + + DEBUG( 3, + ( "MaxSize [%d] Retention [%d] Current Time [%d] exp_time [%d]\n", + MaxSize, Retention, (uint32)current_time, (uint32)exp_time ) ); + DEBUG( 3, + ( "Start Record [%d] End Record [%d]\n", start_record, + end_record ) ); + + for ( i = start_record; i < end_record; i++ ) { + /* read a record, add the amt to nbytes */ + key.dsize = sizeof( int32 ); + key.dptr = ( char * ) ( int32 * ) & i; + ret = tdb_fetch( the_tdb, key ); + if ( ret.dsize == 0 ) { + DEBUG( 8, + ( "Can't find a record for the key, record [%d]\n", + i ) ); + tdb_unlock_bystring( the_tdb, VN_next_record ); + return False; + } + nbytes += ret.dsize; /* note this includes overhead */ + + len = tdb_unpack( ret.dptr, ret.dsize, "ddddd", &reclen, + &tresv1, &trecnum, &timegen, &timewr ); + DEBUG( 8, + ( "read record %d, record size is [%d], total so far [%d]\n", + i, reclen, nbytes ) ); + + SAFE_FREE( ret.dptr ); + + /* note that other servers may just stop writing records when the size limit + is reached, and there are no records older than 'retention'. This doesn't + like a very useful thing to do, so instead we whack (as in sleeps with the + fishes) just enough records to fit the what we need. This behavior could + be changed to 'match', if the need arises. */ + + if ( !whack_by_date && ( nbytes >= needed ) ) + break; /* done */ + if ( whack_by_date && ( timegen >= exp_time ) ) + break; /* done */ + } + + DEBUG( 3, + ( "nbytes [%d] needed [%d] start_record is [%d], should be set to [%d]\n", + nbytes, needed, start_record, i ) ); + /* todo - remove eventlog entries here and set starting record to start_record... */ + new_start = i; + if ( start_record != new_start ) { + for ( i = start_record; i < new_start; i++ ) { + key.dsize = sizeof( int32 ); + key.dptr = ( char * ) ( int32 * ) & i; + tdb_delete( the_tdb, key ); + } + + tdb_store_int32( the_tdb, VN_oldest_entry, new_start ); + } + tdb_unlock_bystring( the_tdb, VN_next_record ); + return True; +} + +/* + some hygiene for an eventlog - see how big it is, and then + calculate how many bytes we need to remove +*/ + +BOOL prune_eventlog( TDB_CONTEXT * tdb ) +{ + int MaxSize, Retention, CalcdSize; + + if ( !tdb ) { + DEBUG( 4, ( "No eventlog tdb handle\n" ) ); + return False; + } + + CalcdSize = eventlog_tdb_size( tdb, &MaxSize, &Retention ); + DEBUG( 3, + ( "Calculated size [%d] MaxSize [%d]\n", CalcdSize, + MaxSize ) ); + + if ( CalcdSize > MaxSize ) { + return make_way_for_eventlogs( tdb, CalcdSize - MaxSize, + False ); + } + + return make_way_for_eventlogs( tdb, 0, True ); +} + +BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) +{ + int calcd_size; + int MaxSize, Retention; + + /* see if we can write to the eventlog -- do a policy enforcement */ + if ( !tdb ) + return False; /* tdb is null, so we can't write to it */ + + + if ( needed < 0 ) + return False; + MaxSize = 0; + Retention = 0; + + calcd_size = eventlog_tdb_size( tdb, &MaxSize, &Retention ); + + if ( calcd_size <= MaxSize ) + return True; /* you betcha */ + if ( calcd_size + needed < MaxSize ) + return True; + + if ( Retention == 0xffffffff ) { + return False; /* see msdn - we can't write no room, discard */ + } + /* + note don't have to test, but always good to show intent, in case changes needed + later + */ + + if ( Retention == 0x00000000 ) { + /* discard record(s) */ + /* todo - decide when to remove a bunch vs. just what we need... */ + return make_way_for_eventlogs( tdb, calcd_size - MaxSize, + True ); + } + + return make_way_for_eventlogs( tdb, calcd_size - MaxSize, False ); +} + +TDB_CONTEXT *open_eventlog_tdb( char *tdbfilename ) +{ + TDB_CONTEXT *the_tdb; + + the_tdb = + tdb_open_log( tdbfilename, 0, TDB_DEFAULT, O_RDWR | O_CREAT, + 0664 ); + if ( the_tdb == NULL ) { + return init_eventlog_tdb( tdbfilename ); + } + if ( EVENTLOG_DATABASE_VERSION_V1 != + tdb_fetch_int32( the_tdb, VN_version ) ) { + tdb_close( the_tdb ); + return init_eventlog_tdb( tdbfilename ); + } + return the_tdb; +} + +/* write an eventlog entry. Note that we have to lock, read next eventlog, increment, write, write the record, unlock */ + +/* coming into this, ee has the eventlog record, and the auxilliary date (computer name, etc.) + filled into the other structure. Before packing into a record, this routine will calc the + appropriate padding, etc., and then blast out the record in a form that can be read back in */ +int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) +{ + int32 next_record; + uint8 *packed_ee; + TALLOC_CTX *mem_ctx = NULL; + TDB_DATA kbuf, ebuf; + uint32 n_packed; + + if ( !ee ) + return 0; + + mem_ctx = talloc_init( "write_eventlog_tdb" ); + + if ( mem_ctx == NULL ) + return 0; + + if ( !ee ) + return 0; + /* discard any entries that have bogus time, which usually indicates a bogus entry as well. */ + if ( ee->record.time_generated == 0 ) + return 0; + +#define MARGIN 512 + + /* todo - check for sanity in next_record */ + + fixup_eventlog_entry( ee ); + + if ( !can_write_to_eventlog( the_tdb, ee->record.length ) ) { + DEBUG( 3, ( "Can't write to Eventlog, no room \n" ) ); + talloc_destroy( mem_ctx ); + return 0; + } + + /* alloc mem for the packed version */ + packed_ee = TALLOC( mem_ctx, ee->record.length + MARGIN ); + if ( !packed_ee ) { + talloc_destroy( mem_ctx ); + return 0; + } + + /* need to read the record number and insert it into the entry here */ + + /* lock */ + tdb_lock_bystring( the_tdb, VN_next_record, 1 ); + /* read */ + next_record = tdb_fetch_int32( the_tdb, VN_next_record ); + + n_packed = + tdb_pack( packed_ee, ee->record.length + MARGIN, + "ddddddwwwwddddddBBdBBBd", ee->record.length, + ee->record.reserved1, next_record, + ee->record.time_generated, ee->record.time_written, + ee->record.event_id, ee->record.event_type, + ee->record.num_strings, ee->record.event_category, + ee->record.reserved2, + ee->record.closing_record_number, + ee->record.string_offset, + ee->record.user_sid_length, + ee->record.user_sid_offset, ee->record.data_length, + ee->record.data_offset, + ee->data_record.source_name_len, + ee->data_record.source_name, + ee->data_record.computer_name_len, + ee->data_record.computer_name, + ee->data_record.sid_padding, + ee->record.user_sid_length, ee->data_record.sid, + ee->data_record.strings_len, + ee->data_record.strings, + ee->data_record.user_data_len, + ee->data_record.user_data, + ee->data_record.data_padding ); + + /*DEBUG(3,("write_eventlog_tdb: packed into %d\n",n_packed)); */ + + /* increment the record count */ + + kbuf.dsize = sizeof( int32 ); + kbuf.dptr = ( uint8 * ) & next_record; + + ebuf.dsize = n_packed; + ebuf.dptr = packed_ee; + + if ( tdb_store( the_tdb, kbuf, ebuf, 0 ) ) { + /* DEBUG(1,("write_eventlog_tdb: Can't write record %d to eventlog\n",next_record)); */ + tdb_unlock_bystring( the_tdb, VN_next_record ); + talloc_destroy( mem_ctx ); + return 0; + } + next_record++; + tdb_store_int32( the_tdb, VN_next_record, next_record ); + tdb_unlock_bystring( the_tdb, VN_next_record ); + talloc_destroy( mem_ctx ); + return ( next_record - 1 ); +} + +/* calculate the correct fields etc for an eventlog entry */ + +void fixup_eventlog_entry( Eventlog_entry * ee ) +{ + /* fix up the eventlog entry structure as necessary */ + + ee->data_record.sid_padding = + ( ( 4 - + ( ( ee->data_record.source_name_len + + ee->data_record.computer_name_len ) % 4 ) ) % 4 ); + ee->data_record.data_padding = + ( 4 - + ( ( ee->data_record.strings_len + + ee->data_record.user_data_len ) % 4 ) ) % 4; + ee->record.length = sizeof( Eventlog_record ); + ee->record.length += ee->data_record.source_name_len; + ee->record.length += ee->data_record.computer_name_len; + if ( ee->record.user_sid_length == 0 ) { + /* Should not pad to a DWORD boundary for writing out the sid if there is + no SID, so just propagate the padding to pad the data */ + ee->data_record.data_padding += ee->data_record.sid_padding; + ee->data_record.sid_padding = 0; + } + /* DEBUG(10, ("sid_padding is [%d].\n", ee->data_record.sid_padding)); */ + /* DEBUG(10, ("data_padding is [%d].\n", ee->data_record.data_padding)); */ + + ee->record.length += ee->data_record.sid_padding; + ee->record.length += ee->record.user_sid_length; + ee->record.length += ee->data_record.strings_len; + ee->record.length += ee->data_record.user_data_len; + ee->record.length += ee->data_record.data_padding; + /* need another copy of length at the end of the data */ + ee->record.length += sizeof( ee->record.length ); +} + +/******************************************************************** +Note that it's a pretty good idea to initialize the Eventlog_entry structure to zero's before +calling parse_logentry on an batch of lines that may resolve to a record. +ALSO, it's a good idea to remove any linefeeds (that's EOL to you and me) on the lines going in. + +********************************************************************/ + +BOOL parse_logentry( char *line, Eventlog_entry * entry, BOOL * eor ) +{ + char *start = NULL, *stop = NULL; + pstring temp; + int temp_len = 0; + + start = line; + + /* empty line signyfiying record delimeter, or we're at the end of the buffer */ + if ( start == NULL || strlen( start ) == 0 ) { + DEBUG( 6, + ( "parse_logentry: found end-of-record indicator.\n" ) ); + *eor = True; + return True; + } + if ( !( stop = strchr( line, ':' ) ) ) { + return False; + } + + DEBUG( 6, ( "parse_logentry: trying to parse [%s].\n", line ) ); + + if ( 0 == strncmp( start, "LEN", stop - start ) ) { + /* This will get recomputed later anyway -- probably not necessary */ + entry->record.length = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "RS1", stop - start ) ) { + /* For now all these reserved entries seem to have the same value, + which can be hardcoded to int(1699505740) for now */ + entry->record.reserved1 = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "RCN", stop - start ) ) { + entry->record.record_number = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "TMG", stop - start ) ) { + entry->record.time_generated = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "TMW", stop - start ) ) { + entry->record.time_written = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "EID", stop - start ) ) { + entry->record.event_id = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "ETP", stop - start ) ) { + if ( strstr( start, "ERROR" ) ) { + entry->record.event_type = EVENTLOG_ERROR_TYPE; + } else if ( strstr( start, "WARNING" ) ) { + entry->record.event_type = EVENTLOG_WARNING_TYPE; + } else if ( strstr( start, "INFO" ) ) { + entry->record.event_type = EVENTLOG_INFORMATION_TYPE; + } else if ( strstr( start, "AUDIT_SUCCESS" ) ) { + entry->record.event_type = EVENTLOG_AUDIT_SUCCESS; + } else if ( strstr( start, "AUDIT_FAILURE" ) ) { + entry->record.event_type = EVENTLOG_AUDIT_FAILURE; + } else if ( strstr( start, "SUCCESS" ) ) { + entry->record.event_type = EVENTLOG_SUCCESS; + } else { + /* some other eventlog type -- currently not defined in MSDN docs, so error out */ + return False; + } + } + +/* + else if(0 == strncmp(start, "NST", stop - start)) + { + entry->record.num_strings = atoi(stop + 1); + } +*/ + else if ( 0 == strncmp( start, "ECT", stop - start ) ) { + entry->record.event_category = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "RS2", stop - start ) ) { + entry->record.reserved2 = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "CRN", stop - start ) ) { + entry->record.closing_record_number = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "USL", stop - start ) ) { + entry->record.user_sid_length = atoi( stop + 1 ); + } else if ( 0 == strncmp( start, "SRC", stop - start ) ) { + memset( temp, 0, sizeof( temp ) ); + stop++; + while ( isspace( stop[0] ) ) { + stop++; + } + temp_len = strlen( stop ); + strncpy( temp, stop, temp_len ); + rpcstr_push( ( void * ) ( entry->data_record.source_name ), + temp, sizeof( entry->data_record.source_name ), + STR_TERMINATE ); + entry->data_record.source_name_len = + ( strlen_w( entry->data_record.source_name ) * 2 ) + + 2; + } else if ( 0 == strncmp( start, "SRN", stop - start ) ) { + memset( temp, 0, sizeof( temp ) ); + stop++; + while ( isspace( stop[0] ) ) { + stop++; + } + temp_len = strlen( stop ); + strncpy( temp, stop, temp_len ); + rpcstr_push( ( void * ) ( entry->data_record.computer_name ), + temp, sizeof( entry->data_record.computer_name ), + STR_TERMINATE ); + entry->data_record.computer_name_len = + ( strlen_w( entry->data_record.computer_name ) * 2 ) + + 2; + } else if ( 0 == strncmp( start, "SID", stop - start ) ) { + memset( temp, 0, sizeof( temp ) ); + stop++; + while ( isspace( stop[0] ) ) { + stop++; + } + temp_len = strlen( stop ); + strncpy( temp, stop, temp_len ); + rpcstr_push( ( void * ) ( entry->data_record.sid ), temp, + sizeof( entry->data_record.sid ), + STR_TERMINATE ); + entry->record.user_sid_length = + ( strlen_w( entry->data_record.sid ) * 2 ) + 2; + } else if ( 0 == strncmp( start, "STR", stop - start ) ) { + /* skip past initial ":" */ + stop++; + /* now skip any other leading whitespace */ + while ( isspace( stop[0] ) ) { + stop++; + } + temp_len = strlen( stop ); + memset( temp, 0, sizeof( temp ) ); + strncpy( temp, stop, temp_len ); + rpcstr_push( ( void * ) ( entry->data_record.strings + + entry->data_record.strings_len ), + temp, + sizeof( entry->data_record.strings ) - + entry->data_record.strings_len, STR_TERMINATE ); + entry->data_record.strings_len += temp_len + 1; + entry->record.num_strings++; + } else if ( 0 == strncmp( start, "DAT", stop - start ) ) { + /* Now that we're done processing the STR data, adjust the length to account for + unicode, then proceed with the DAT data. */ + entry->data_record.strings_len *= 2; + /* skip past initial ":" */ + stop++; + /* now skip any other leading whitespace */ + while ( isspace( stop[0] ) ) { + stop++; + } + entry->data_record.user_data_len = strlen( stop ); + memset( entry->data_record.user_data, 0, + sizeof( entry->data_record.user_data ) ); + if ( entry->data_record.user_data_len > 0 ) { + /* copy no more than the first 1024 bytes */ + if ( entry->data_record.user_data_len > + sizeof( entry->data_record.user_data ) ) + entry->data_record.user_data_len = + sizeof( entry->data_record. + user_data ); + memcpy( entry->data_record.user_data, stop, + entry->data_record.user_data_len ); + } + } else { + /* some other eventlog entry -- not implemented, so dropping on the floor */ + DEBUG( 10, ( "Unknown entry [%s]. Ignoring.\n", line ) ); + /* For now return true so that we can keep on parsing this mess. Eventually + we will return False here. */ + return True; + } + return True; +} -- cgit From c226b7d4beaa9239b8790889aa0a8d3c23eac73c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 7 Oct 2005 01:52:48 +0000 Subject: r10795: Fix code before decl error. Jeremy. (This used to be commit 30bd894ee63e5be266b6069533138ccb3c0fbccb) --- source3/rpc_server/srv_eventlog_lib.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index a8c1ad51d2..8c7ce4a648 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -54,9 +54,10 @@ TDB_CONTEXT *init_eventlog_tdb( char *tdbfilename ) /* make the tdb file name for an event log, given destination buffer and size */ char *mk_tdbfilename( char *dest_buffer, char *eventlog_name, int size_dest ) { + pstring ondisk_name; + if ( !dest_buffer ) return NULL; - pstring ondisk_name; pstrcpy( ondisk_name, "EV" ); pstrcat( ondisk_name, eventlog_name ); -- cgit From 01a1e5cdb0339a7cb3a85280b118985562bb2d7f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 7 Oct 2005 12:14:25 +0000 Subject: r10819: merging a couple of fixes from trunk * only keep the registry,tdb file open when we have an open key handle * tpot's setup.py fix * removing files that no longer exist in trunk and copying some that were missing in 3.0 (This used to be commit 6c6bf6ca5fd430a7a20bf20ed08050328660e570) --- source3/rpc_server/srv_eventlog_lib.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 8c7ce4a648..3b7a32dac2 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -304,8 +304,7 @@ TDB_CONTEXT *open_eventlog_tdb( char *tdbfilename ) TDB_CONTEXT *the_tdb; the_tdb = - tdb_open_log( tdbfilename, 0, TDB_DEFAULT, O_RDWR | O_CREAT, - 0664 ); + tdb_open_log( tdbfilename, 0, TDB_DEFAULT, O_RDONLY,0664 ); if ( the_tdb == NULL ) { return init_eventlog_tdb( tdbfilename ); } -- cgit From bb68761a500fc5d426c75e53700fa793e016135f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 14 Oct 2005 16:07:00 +0000 Subject: r11060: merging new eventlog code from trunk (This used to be commit 1bcf7e82ede63a851a244162a3b939373787b693) --- source3/rpc_server/srv_eventlog_lib.c | 348 ++++++++++++++++++++++------------ 1 file changed, 232 insertions(+), 116 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 3b7a32dac2..495ad8e58c 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -1,8 +1,8 @@ - /* * Unix SMB/CIFS implementation. * Eventlog utility routines * Copyright (C) Marcin Krzysztof Porwit 2005, + * Copyright (C) Brian Moran 2005. * Copyright (C) Gerald (Jerry) Carter 2005. * * This program is free software; you can redistribute it and/or modify @@ -22,117 +22,132 @@ #include "includes.h" +/* maintain a list of open eventlog tdbs with reference counts */ -/**************************************************************** -Init an Eventlog TDB, and return it. If null, something bad happened. -****************************************************************/ -TDB_CONTEXT *init_eventlog_tdb( char *tdbfilename ) -{ - TDB_CONTEXT *the_tdb; - - unlink( tdbfilename ); +struct elog_open_tdb { + struct elog_open_tdb *prev, *next; + char *name; + TDB_CONTEXT *tdb; + int ref_count; +}; - the_tdb = - tdb_open_log( tdbfilename, 0, TDB_DEFAULT, O_RDWR | O_CREAT, - 0664 ); - if ( the_tdb == NULL ) { - DEBUG( 1, ( "Can't open tdb for [%s]\n", tdbfilename ) ); - return NULL; - } - tdb_store_int32( the_tdb, VN_oldest_entry, 1 ); - tdb_store_int32( the_tdb, VN_next_record, 1 ); +static struct elog_open_tdb *open_elog_list; - /* initialize with defaults, copy real values in here from registry */ - - tdb_store_int32( the_tdb, VN_maxsize, 0x80000 ); - tdb_store_int32( the_tdb, VN_retention, 0x93A80 ); - - tdb_store_int32( the_tdb, VN_version, EVENTLOG_DATABASE_VERSION_V1 ); - return the_tdb; -} +/******************************************************************** + Init an Eventlog TDB, and return it. If null, something bad + happened. +********************************************************************/ -/* make the tdb file name for an event log, given destination buffer and size */ -char *mk_tdbfilename( char *dest_buffer, char *eventlog_name, int size_dest ) +TDB_CONTEXT *elog_init_tdb( char *tdbfilename ) { - pstring ondisk_name; - - if ( !dest_buffer ) - return NULL; + TDB_CONTEXT *tdb; - pstrcpy( ondisk_name, "EV" ); - pstrcat( ondisk_name, eventlog_name ); - pstrcat( ondisk_name, ".tdb" ); + DEBUG(10,("elog_init_tdb: Initializing eventlog tdb (%s)\n", + tdbfilename)); - memset( dest_buffer, 0, size_dest ); + tdb = tdb_open_log( tdbfilename, 0, TDB_DEFAULT, + O_RDWR|O_CREAT|O_TRUNC, 0600 ); - /* BAD things could happen if the dest_buffer is not large enough... */ - if ( strlen( ondisk_name ) > size_dest ) { - DEBUG( 3, ( "Buffer not big enough for filename\n" ) ); + if ( !tdb ) { + DEBUG( 0, ( "Can't open tdb for [%s]\n", tdbfilename ) ); return NULL; } - strncpy( dest_buffer, ondisk_name, size_dest ); + /* initialize with defaults, copy real values in here from registry */ + + tdb_store_int32( tdb, EVT_OLDEST_ENTRY, 1 ); + tdb_store_int32( tdb, EVT_NEXT_RECORD, 1 ); + tdb_store_int32( tdb, EVT_MAXSIZE, 0x80000 ); + tdb_store_int32( tdb, EVT_RETENTION, 0x93A80 ); + + tdb_store_int32( tdb, EVT_VERSION, EVENTLOG_DATABASE_VERSION_V1 ); - return dest_buffer; + return tdb; } +/******************************************************************** + make the tdb file name for an event log, given destination buffer + and size. Caller must free memory. +********************************************************************/ -/* count the number of bytes in the TDB */ +char *elog_tdbname( const char *name ) +{ + fstring path; + char *tdb_fullpath; + char *eventlogdir = lock_path( "eventlog" ); + + pstr_sprintf( path, "%s/%s.tdb", eventlogdir, name ); + strlower_m( path ); + tdb_fullpath = SMB_STRDUP( path ); + + return tdb_fullpath; +} -/* Arg! Static Globals! */ -static int eventlog_tdbcount; -static int eventlog_tdbsize; +/******************************************************************** + this function is used to count up the number of bytes in a + particular TDB +********************************************************************/ + +struct trav_size_struct { + int size; + int rec_count; +}; -/* this function is used to count up the number of bytes in a particular TDB */ -int eventlog_tdb_size_fn( TDB_CONTEXT * tdb, TDB_DATA key, TDB_DATA data, +static int eventlog_tdb_size_fn( TDB_CONTEXT * tdb, TDB_DATA key, TDB_DATA data, void *state ) { - eventlog_tdbsize += data.dsize; - eventlog_tdbcount++; + struct trav_size_struct *tsize = state; + + tsize->size += data.dsize; + tsize->rec_count++; + return 0; } -/* returns the size of the eventlog, and if MaxSize is a non-null ptr, puts - the MaxSize there. This is purely a way not to have yet another function that solely - reads the maxsize of the eventlog. Yeah, that's it. */ +/******************************************************************** + returns the size of the eventlog, and if MaxSize is a non-null + ptr, puts the MaxSize there. This is purely a way not to have yet + another function that solely reads the maxsize of the eventlog. + Yeah, that's it. +********************************************************************/ -int eventlog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention ) +int elog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention ) { + struct trav_size_struct tsize; + if ( !tdb ) return 0; - eventlog_tdbcount = 0; - eventlog_tdbsize = 0; + + ZERO_STRUCT( tsize ); - tdb_traverse( tdb, eventlog_tdb_size_fn, NULL ); + tdb_traverse( tdb, eventlog_tdb_size_fn, &tsize ); if ( MaxSize != NULL ) { - *MaxSize = tdb_fetch_int32( tdb, VN_maxsize ); + *MaxSize = tdb_fetch_int32( tdb, EVT_MAXSIZE ); } if ( Retention != NULL ) { - *Retention = tdb_fetch_int32( tdb, VN_retention ); + *Retention = tdb_fetch_int32( tdb, EVT_RETENTION ); } DEBUG( 1, - ( "eventlog size: [%d] for [%d] records\n", eventlog_tdbsize, - eventlog_tdbcount ) ); - return eventlog_tdbsize; + ( "eventlog size: [%d] for [%d] records\n", tsize.size, + tsize.rec_count ) ); + return tsize.size; } - -/* - Discard early event logs until we have enough for 'needed' bytes... - NO checking done beforehand to see that we actually need to do this, and - it's going to pluck records one-by-one. So, it's best to determine that this - needs to be done before doing it. - - Setting whack_by_date to True indicates that eventlogs falling outside of the - retention range need to go... - -*/ - -/* return True if we made enough room to accommodate needed bytes */ +/******************************************************************** + Discard early event logs until we have enough for 'needed' bytes... + NO checking done beforehand to see that we actually need to do + this, and it's going to pluck records one-by-one. So, it's best + to determine that this needs to be done before doing it. + + Setting whack_by_date to True indicates that eventlogs falling + outside of the retention range need to go... + + return True if we made enough room to accommodate needed bytes +********************************************************************/ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, BOOL whack_by_date ) @@ -140,12 +155,9 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, int start_record, i, new_start; int end_record; int nbytes, reclen, len, Retention, MaxSize; - int tresv1, trecnum, timegen, timewr; - TDB_DATA key, ret; TALLOC_CTX *mem_ctx = NULL; - time_t current_time, exp_time; /* discard some eventlogs */ @@ -158,12 +170,12 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, if ( mem_ctx == NULL ) return False; /* can't allocate memory indicates bigger problems */ /* lock */ - tdb_lock_bystring( the_tdb, VN_next_record, 1 ); + tdb_lock_bystring( the_tdb, EVT_NEXT_RECORD, 1 ); /* read */ - end_record = tdb_fetch_int32( the_tdb, VN_next_record ); - start_record = tdb_fetch_int32( the_tdb, VN_oldest_entry ); - Retention = tdb_fetch_int32( the_tdb, VN_retention ); - MaxSize = tdb_fetch_int32( the_tdb, VN_maxsize ); + end_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD ); + start_record = tdb_fetch_int32( the_tdb, EVT_OLDEST_ENTRY ); + Retention = tdb_fetch_int32( the_tdb, EVT_RETENTION ); + MaxSize = tdb_fetch_int32( the_tdb, EVT_MAXSIZE ); time( ¤t_time ); @@ -189,7 +201,7 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, DEBUG( 8, ( "Can't find a record for the key, record [%d]\n", i ) ); - tdb_unlock_bystring( the_tdb, VN_next_record ); + tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD ); return False; } nbytes += ret.dsize; /* note this includes overhead */ @@ -226,16 +238,16 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, tdb_delete( the_tdb, key ); } - tdb_store_int32( the_tdb, VN_oldest_entry, new_start ); + tdb_store_int32( the_tdb, EVT_OLDEST_ENTRY, new_start ); } - tdb_unlock_bystring( the_tdb, VN_next_record ); + tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD ); return True; } -/* +/******************************************************************** some hygiene for an eventlog - see how big it is, and then calculate how many bytes we need to remove -*/ +********************************************************************/ BOOL prune_eventlog( TDB_CONTEXT * tdb ) { @@ -246,7 +258,7 @@ BOOL prune_eventlog( TDB_CONTEXT * tdb ) return False; } - CalcdSize = eventlog_tdb_size( tdb, &MaxSize, &Retention ); + CalcdSize = elog_tdb_size( tdb, &MaxSize, &Retention ); DEBUG( 3, ( "Calculated size [%d] MaxSize [%d]\n", CalcdSize, MaxSize ) ); @@ -259,6 +271,9 @@ BOOL prune_eventlog( TDB_CONTEXT * tdb ) return make_way_for_eventlogs( tdb, 0, True ); } +/******************************************************************** +********************************************************************/ + BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) { int calcd_size; @@ -274,7 +289,7 @@ BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) MaxSize = 0; Retention = 0; - calcd_size = eventlog_tdb_size( tdb, &MaxSize, &Retention ); + calcd_size = elog_tdb_size( tdb, &MaxSize, &Retention ); if ( calcd_size <= MaxSize ) return True; /* you betcha */ @@ -299,28 +314,128 @@ BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) return make_way_for_eventlogs( tdb, calcd_size - MaxSize, False ); } -TDB_CONTEXT *open_eventlog_tdb( char *tdbfilename ) +/******************************************************************* +*******************************************************************/ + +TDB_CONTEXT *elog_open_tdb( char *logname ) { - TDB_CONTEXT *the_tdb; + TDB_CONTEXT *tdb; + uint32 vers_id; + struct elog_open_tdb *ptr; + char *tdbfilename; + pstring tdbpath; + struct elog_open_tdb *tdb_node; + char *eventlogdir; + + /* first see if we have an open context */ + + for ( ptr=open_elog_list; ptr; ptr=ptr->next ) { + if ( strequal( ptr->name, logname ) ) { + ptr->ref_count++; + return ptr->tdb; + } + } + + /* make sure that the eventlog dir exists */ + + eventlogdir = lock_path( "eventlog" ); + if ( !directory_exist( eventlogdir, NULL ) ) + mkdir( eventlogdir, 0755 ); + + /* get the path on disk */ + + tdbfilename = elog_tdbname( logname ); + pstrcpy( tdbpath, tdbfilename ); + SAFE_FREE( tdbfilename ); + + DEBUG(7,("elog_open_tdb: Opening %s...\n", tdbpath )); + + tdb = tdb_open_log( tdbpath, 0, TDB_DEFAULT, O_RDWR , 0 ); + if ( tdb ) { + vers_id = tdb_fetch_int32( tdb, EVT_VERSION ); + + if ( vers_id != EVENTLOG_DATABASE_VERSION_V1 ) { + DEBUG(1,("elog_open_tdb: Invalid version [%d] on file [%s].\n", + vers_id, tdbpath)); + tdb_close( tdb ); + tdb = elog_init_tdb( tdbpath ); + } + } + else { + tdb = elog_init_tdb( tdbpath ); + } + + /* if we got a valid context, then add it to the list */ + + if ( tdb ) { + if ( !(tdb_node = TALLOC_ZERO_P( NULL, struct elog_open_tdb )) ) { + DEBUG(0,("elog_open_tdb: talloc() failure!\n")); + tdb_close( tdb ); + return NULL; + } + + tdb_node->name = talloc_strdup( tdb_node, logname ); + tdb_node->tdb = tdb; + tdb_node->ref_count = 1; + + DLIST_ADD( open_elog_list, tdb_node ); + } + + return tdb; +} + +/******************************************************************* + Wrapper to handle reference counts to the tdb +*******************************************************************/ - the_tdb = - tdb_open_log( tdbfilename, 0, TDB_DEFAULT, O_RDONLY,0664 ); - if ( the_tdb == NULL ) { - return init_eventlog_tdb( tdbfilename ); +int elog_close_tdb( TDB_CONTEXT *tdb ) +{ + struct elog_open_tdb *ptr; + + if ( !tdb ) + return 0; + + /* See if we can just decrement the ref_count. + Just compare pointer values (not names ) */ + + for ( ptr=open_elog_list; ptr; ptr=ptr->next ) { + if ( tdb == ptr->tdb ) { + ptr->ref_count--; + break; + } } - if ( EVENTLOG_DATABASE_VERSION_V1 != - tdb_fetch_int32( the_tdb, VN_version ) ) { - tdb_close( the_tdb ); - return init_eventlog_tdb( tdbfilename ); + + /* if we have a NULL pointer; it means we are trying to + close a tdb not in the list of open eventlogs */ + + SMB_ASSERT( ptr != NULL ); + if ( !ptr ) + return tdb_close( tdb ); + + SMB_ASSERT( ptr->ref_count >= 0 ); + + if ( ptr->ref_count == 0 ) { + DLIST_REMOVE( open_elog_list, ptr ); + TALLOC_FREE( ptr ); + return tdb_close( tdb ); } - return the_tdb; + + return 0; } -/* write an eventlog entry. Note that we have to lock, read next eventlog, increment, write, write the record, unlock */ -/* coming into this, ee has the eventlog record, and the auxilliary date (computer name, etc.) - filled into the other structure. Before packing into a record, this routine will calc the - appropriate padding, etc., and then blast out the record in a form that can be read back in */ +/******************************************************************* + write an eventlog entry. Note that we have to lock, read next + eventlog, increment, write, write the record, unlock + + coming into this, ee has the eventlog record, and the auxilliary date + (computer name, etc.) filled into the other structure. Before packing + into a record, this routine will calc the appropriate padding, etc., + and then blast out the record in a form that can be read back in +*******************************************************************/ + +#define MARGIN 512 + int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) { int32 next_record; @@ -343,8 +458,6 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) if ( ee->record.time_generated == 0 ) return 0; -#define MARGIN 512 - /* todo - check for sanity in next_record */ fixup_eventlog_entry( ee ); @@ -365,9 +478,9 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) /* need to read the record number and insert it into the entry here */ /* lock */ - tdb_lock_bystring( the_tdb, VN_next_record, 1 ); + tdb_lock_bystring( the_tdb, EVT_NEXT_RECORD, 1 ); /* read */ - next_record = tdb_fetch_int32( the_tdb, VN_next_record ); + next_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD ); n_packed = tdb_pack( packed_ee, ee->record.length + MARGIN, @@ -406,18 +519,20 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) if ( tdb_store( the_tdb, kbuf, ebuf, 0 ) ) { /* DEBUG(1,("write_eventlog_tdb: Can't write record %d to eventlog\n",next_record)); */ - tdb_unlock_bystring( the_tdb, VN_next_record ); + tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD ); talloc_destroy( mem_ctx ); return 0; } next_record++; - tdb_store_int32( the_tdb, VN_next_record, next_record ); - tdb_unlock_bystring( the_tdb, VN_next_record ); + tdb_store_int32( the_tdb, EVT_NEXT_RECORD, next_record ); + tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD ); talloc_destroy( mem_ctx ); return ( next_record - 1 ); } -/* calculate the correct fields etc for an eventlog entry */ +/******************************************************************* + calculate the correct fields etc for an eventlog entry +*******************************************************************/ void fixup_eventlog_entry( Eventlog_entry * ee ) { @@ -453,10 +568,11 @@ void fixup_eventlog_entry( Eventlog_entry * ee ) } /******************************************************************** -Note that it's a pretty good idea to initialize the Eventlog_entry structure to zero's before -calling parse_logentry on an batch of lines that may resolve to a record. -ALSO, it's a good idea to remove any linefeeds (that's EOL to you and me) on the lines going in. - + Note that it's a pretty good idea to initialize the Eventlog_entry + structure to zero's before calling parse_logentry on an batch of + lines that may resolve to a record. ALSO, it's a good idea to + remove any linefeeds (that's EOL to you and me) on the lines + going in. ********************************************************************/ BOOL parse_logentry( char *line, Eventlog_entry * entry, BOOL * eor ) -- cgit From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Oct 2005 03:24:00 +0000 Subject: r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208) --- source3/rpc_server/srv_eventlog_lib.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 495ad8e58c..b21c2a2529 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -483,7 +483,7 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) next_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD ); n_packed = - tdb_pack( packed_ee, ee->record.length + MARGIN, + tdb_pack( (char *)packed_ee, ee->record.length + MARGIN, "ddddddwwwwddddddBBdBBBd", ee->record.length, ee->record.reserved1, next_record, ee->record.time_generated, ee->record.time_written, @@ -512,10 +512,10 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) /* increment the record count */ kbuf.dsize = sizeof( int32 ); - kbuf.dptr = ( uint8 * ) & next_record; + kbuf.dptr = (char * ) & next_record; ebuf.dsize = n_packed; - ebuf.dptr = packed_ee; + ebuf.dptr = (char *)packed_ee; if ( tdb_store( the_tdb, kbuf, ebuf, 0 ) ) { /* DEBUG(1,("write_eventlog_tdb: Can't write record %d to eventlog\n",next_record)); */ -- cgit From 5251618c7fff7635a4b64072f88eaf5e4e25761e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 17 Nov 2005 20:08:59 +0000 Subject: r11761: * fix clearing of event logs by truncating the tdb. This feature got broken in some of the other updates. Now each open handle stores an pointer to an open tdb data structure (not the tdb pointer itself). Clearing can be done with a simple elog_close_tdb( elog, True ) to force a close and then calling elog_open_tdb( logname, True ) to force an tdb truncate. Permissions on existing tdbs are maintained which is important. * We don't currently handle backup. Haven't looked at the format of a backuped up eventlog to know what the deal is. (This used to be commit 2df34c9403446d12f1ceeac38cbda5d3ba805b02) --- source3/rpc_server/srv_eventlog_lib.c | 107 +++++++++++++++++++--------------- 1 file changed, 59 insertions(+), 48 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index b21c2a2529..ec5edf2f34 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -24,14 +24,7 @@ /* maintain a list of open eventlog tdbs with reference counts */ -struct elog_open_tdb { - struct elog_open_tdb *prev, *next; - char *name; - TDB_CONTEXT *tdb; - int ref_count; -}; - -static struct elog_open_tdb *open_elog_list; +static ELOG_TDB *open_elog_list; /******************************************************************** Init an Eventlog TDB, and return it. If null, something bad @@ -317,14 +310,14 @@ BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) /******************************************************************* *******************************************************************/ -TDB_CONTEXT *elog_open_tdb( char *logname ) +ELOG_TDB *elog_open_tdb( char *logname, BOOL force_clear ) { - TDB_CONTEXT *tdb; + TDB_CONTEXT *tdb = NULL; uint32 vers_id; - struct elog_open_tdb *ptr; + ELOG_TDB *ptr; char *tdbfilename; pstring tdbpath; - struct elog_open_tdb *tdb_node; + ELOG_TDB *tdb_node = NULL; char *eventlogdir; /* first see if we have an open context */ @@ -332,7 +325,19 @@ TDB_CONTEXT *elog_open_tdb( char *logname ) for ( ptr=open_elog_list; ptr; ptr=ptr->next ) { if ( strequal( ptr->name, logname ) ) { ptr->ref_count++; - return ptr->tdb; + + /* trick to alow clearing of the eventlog tdb. + The force_clear flag should imply that someone + has done a force close. So make sure the tdb + is NULL. If this is a normal open, then just + return the existing reference */ + + if ( force_clear ) { + SMB_ASSERT( ptr->tdb == NULL ); + break; + } + else + return ptr; } } @@ -348,27 +353,41 @@ TDB_CONTEXT *elog_open_tdb( char *logname ) pstrcpy( tdbpath, tdbfilename ); SAFE_FREE( tdbfilename ); - DEBUG(7,("elog_open_tdb: Opening %s...\n", tdbpath )); + DEBUG(7,("elog_open_tdb: Opening %s...(force_clear == %s)\n", + tdbpath, force_clear?"True":"False" )); + + /* the tdb wasn't already open or this is a forced clear open */ - tdb = tdb_open_log( tdbpath, 0, TDB_DEFAULT, O_RDWR , 0 ); - if ( tdb ) { - vers_id = tdb_fetch_int32( tdb, EVT_VERSION ); + if ( !force_clear ) { - if ( vers_id != EVENTLOG_DATABASE_VERSION_V1 ) { - DEBUG(1,("elog_open_tdb: Invalid version [%d] on file [%s].\n", - vers_id, tdbpath)); - tdb_close( tdb ); - tdb = elog_init_tdb( tdbpath ); + tdb = tdb_open_log( tdbpath, 0, TDB_DEFAULT, O_RDWR , 0 ); + if ( tdb ) { + vers_id = tdb_fetch_int32( tdb, EVT_VERSION ); + + if ( vers_id != EVENTLOG_DATABASE_VERSION_V1 ) { + DEBUG(1,("elog_open_tdb: Invalid version [%d] on file [%s].\n", + vers_id, tdbpath)); + tdb_close( tdb ); + tdb = elog_init_tdb( tdbpath ); + } } } - else { + + if ( !tdb ) tdb = elog_init_tdb( tdbpath ); - } /* if we got a valid context, then add it to the list */ if ( tdb ) { - if ( !(tdb_node = TALLOC_ZERO_P( NULL, struct elog_open_tdb )) ) { + /* on a forced clear, just reset the tdb context if we already + have an open entry in the list */ + + if ( ptr ) { + ptr->tdb = tdb; + return ptr; + } + + if ( !(tdb_node = TALLOC_ZERO_P( NULL, ELOG_TDB)) ) { DEBUG(0,("elog_open_tdb: talloc() failure!\n")); tdb_close( tdb ); return NULL; @@ -381,42 +400,34 @@ TDB_CONTEXT *elog_open_tdb( char *logname ) DLIST_ADD( open_elog_list, tdb_node ); } - return tdb; + return tdb_node; } /******************************************************************* Wrapper to handle reference counts to the tdb *******************************************************************/ -int elog_close_tdb( TDB_CONTEXT *tdb ) +int elog_close_tdb( ELOG_TDB *etdb, BOOL force_close ) { - struct elog_open_tdb *ptr; + TDB_CONTEXT *tdb; - if ( !tdb ) + if ( !etdb ) return 0; - /* See if we can just decrement the ref_count. - Just compare pointer values (not names ) */ - - for ( ptr=open_elog_list; ptr; ptr=ptr->next ) { - if ( tdb == ptr->tdb ) { - ptr->ref_count--; - break; - } - } + etdb->ref_count--; - /* if we have a NULL pointer; it means we are trying to - close a tdb not in the list of open eventlogs */ - - SMB_ASSERT( ptr != NULL ); - if ( !ptr ) + SMB_ASSERT( etdb->ref_count >= 0 ); + + if ( etdb->ref_count == 0 ) { + tdb = etdb->tdb; + DLIST_REMOVE( open_elog_list, etdb ); + TALLOC_FREE( etdb ); return tdb_close( tdb ); + } - SMB_ASSERT( ptr->ref_count >= 0 ); - - if ( ptr->ref_count == 0 ) { - DLIST_REMOVE( open_elog_list, ptr ); - TALLOC_FREE( ptr ); + if ( force_close ) { + tdb = etdb->tdb; + etdb->tdb = NULL; return tdb_close( tdb ); } -- cgit From a2327fc68848a1352fed5273969d4c674b1dbd73 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 1 Mar 2006 03:10:21 +0000 Subject: r13766: Patch from Arek Glabek : * Fix parsing error in eventlogadm caused by log entries with no DAT: line. (This used to be commit f0a8f438793a806e8cf73e1e695b09e540a4239e) --- source3/rpc_server/srv_eventlog_lib.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index ec5edf2f34..b3d94901ba 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -707,16 +707,13 @@ BOOL parse_logentry( char *line, Eventlog_entry * entry, BOOL * eor ) memset( temp, 0, sizeof( temp ) ); strncpy( temp, stop, temp_len ); rpcstr_push( ( void * ) ( entry->data_record.strings + - entry->data_record.strings_len ), + ( entry->data_record.strings_len / 2 ) ), temp, sizeof( entry->data_record.strings ) - - entry->data_record.strings_len, STR_TERMINATE ); - entry->data_record.strings_len += temp_len + 1; + ( entry->data_record.strings_len / 2 ), STR_TERMINATE ); + entry->data_record.strings_len += ( temp_len * 2 ) + 2; entry->record.num_strings++; } else if ( 0 == strncmp( start, "DAT", stop - start ) ) { - /* Now that we're done processing the STR data, adjust the length to account for - unicode, then proceed with the DAT data. */ - entry->data_record.strings_len *= 2; /* skip past initial ":" */ stop++; /* now skip any other leading whitespace */ -- cgit From e17302200c138eec7df504a7f4b2bde46073a810 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 17 Apr 2006 11:49:06 +0000 Subject: r15101: Little step towards getting Samba4 tdb into 3: tdb_lock_bystring does not have the timeout argument in Samba4. Add a new routine tdb_lock_bystring_with_timeout. Volker (This used to be commit b9c6e3f55602fa505859a4b2cd137b74105d685f) --- source3/rpc_server/srv_eventlog_lib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index b3d94901ba..acae1c94e9 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -163,7 +163,7 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, if ( mem_ctx == NULL ) return False; /* can't allocate memory indicates bigger problems */ /* lock */ - tdb_lock_bystring( the_tdb, EVT_NEXT_RECORD, 1 ); + tdb_lock_bystring_with_timeout( the_tdb, EVT_NEXT_RECORD, 1 ); /* read */ end_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD ); start_record = tdb_fetch_int32( the_tdb, EVT_OLDEST_ENTRY ); @@ -489,7 +489,7 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) /* need to read the record number and insert it into the entry here */ /* lock */ - tdb_lock_bystring( the_tdb, EVT_NEXT_RECORD, 1 ); + tdb_lock_bystring_with_timeout( the_tdb, EVT_NEXT_RECORD, 1 ); /* read */ next_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD ); -- cgit From 2bdbd3fa6dd351f393f4972578e382da73ebcc18 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 1 May 2006 18:54:53 +0000 Subject: r15380: default eventlog tdbs to mode 0660 to allow easier access by BUILTIN\Administrators (This used to be commit a02933c9589e34488f289cbc40f77f6864a58367) --- source3/rpc_server/srv_eventlog_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index acae1c94e9..e04aefa7e1 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -39,7 +39,7 @@ TDB_CONTEXT *elog_init_tdb( char *tdbfilename ) tdbfilename)); tdb = tdb_open_log( tdbfilename, 0, TDB_DEFAULT, - O_RDWR|O_CREAT|O_TRUNC, 0600 ); + O_RDWR|O_CREAT|O_TRUNC, 0660 ); if ( !tdb ) { DEBUG( 0, ( "Can't open tdb for [%s]\n", tdbfilename ) ); -- cgit From 429cd6db0b32ee0e91a12548d83e82a7f7b6571c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 27 Jun 2006 00:42:24 +0000 Subject: r16542: Fix #3863, reported by jason@ncac.gwu.edu Jeremy. (This used to be commit cde8323fdc4d4ddaa30e8c59bec89dc130fe26a6) --- source3/rpc_server/srv_eventlog_lib.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index e04aefa7e1..66be1dc34f 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -201,6 +201,12 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, len = tdb_unpack( ret.dptr, ret.dsize, "ddddd", &reclen, &tresv1, &trecnum, &timegen, &timewr ); + if (len == -1) { + DEBUG( 10,("make_way_for_eventlogs: tdb_unpack failed.\n")); + tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD ); + return False; + } + DEBUG( 8, ( "read record %d, record size is [%d], total so far [%d]\n", i, reclen, nbytes ) ); -- cgit From e23781b3b304d1e69ad80af5ae9c0ed8d02cf996 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 30 Jul 2006 16:36:56 +0000 Subject: r17316: More C++ warnings -- 456 left (This used to be commit 1e4ee728df7eeafc1b4d533240acb032f73b4f5c) --- source3/rpc_server/srv_eventlog_lib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 66be1dc34f..c853f932ae 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -90,7 +90,7 @@ struct trav_size_struct { static int eventlog_tdb_size_fn( TDB_CONTEXT * tdb, TDB_DATA key, TDB_DATA data, void *state ) { - struct trav_size_struct *tsize = state; + struct trav_size_struct *tsize = (struct trav_size_struct *)state; tsize->size += data.dsize; tsize->rec_count++; @@ -486,7 +486,7 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) } /* alloc mem for the packed version */ - packed_ee = TALLOC( mem_ctx, ee->record.length + MARGIN ); + packed_ee = (uint8 *)TALLOC( mem_ctx, ee->record.length + MARGIN ); if ( !packed_ee ) { talloc_destroy( mem_ctx ); return 0; -- cgit From bc2b6436d0f5f3e9ffdfaeb7f1b32996a83d5478 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 29 Mar 2007 09:35:51 +0000 Subject: r22009: change TDB_DATA from char * to unsigned char * and fix all compiler warnings in the users metze (This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f) --- source3/rpc_server/srv_eventlog_lib.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index c853f932ae..c780cf910c 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -188,7 +188,7 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, for ( i = start_record; i < end_record; i++ ) { /* read a record, add the amt to nbytes */ key.dsize = sizeof( int32 ); - key.dptr = ( char * ) ( int32 * ) & i; + key.dptr = ( uint8 * ) ( int32 * ) & i; ret = tdb_fetch( the_tdb, key ); if ( ret.dsize == 0 ) { DEBUG( 8, @@ -233,7 +233,7 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, if ( start_record != new_start ) { for ( i = start_record; i < new_start; i++ ) { key.dsize = sizeof( int32 ); - key.dptr = ( char * ) ( int32 * ) & i; + key.dptr = ( uint8 * ) ( int32 * ) & i; tdb_delete( the_tdb, key ); } @@ -500,7 +500,7 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) next_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD ); n_packed = - tdb_pack( (char *)packed_ee, ee->record.length + MARGIN, + tdb_pack( (uint8 *)packed_ee, ee->record.length + MARGIN, "ddddddwwwwddddddBBdBBBd", ee->record.length, ee->record.reserved1, next_record, ee->record.time_generated, ee->record.time_written, @@ -529,10 +529,10 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) /* increment the record count */ kbuf.dsize = sizeof( int32 ); - kbuf.dptr = (char * ) & next_record; + kbuf.dptr = (uint8 * ) & next_record; ebuf.dsize = n_packed; - ebuf.dptr = (char *)packed_ee; + ebuf.dptr = (uint8 *)packed_ee; if ( tdb_store( the_tdb, kbuf, ebuf, 0 ) ) { /* DEBUG(1,("write_eventlog_tdb: Can't write record %d to eventlog\n",next_record)); */ -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/rpc_server/srv_eventlog_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index c780cf910c..7061df650f 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -7,7 +7,7 @@ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or + * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, -- cgit From 153cfb9c83534b09f15cc16205d7adb19b394928 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 05:23:25 +0000 Subject: r23801: The FSF has moved around a lot. This fixes their Mass Ave address. (This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227) --- source3/rpc_server/srv_eventlog_lib.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 7061df650f..f21e983eb7 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -16,8 +16,7 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * along with this program; if not, see . */ #include "includes.h" -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/rpc_server/srv_eventlog_lib.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index f21e983eb7..3f06f0f39f 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -141,8 +141,8 @@ int elog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention ) return True if we made enough room to accommodate needed bytes ********************************************************************/ -BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, - BOOL whack_by_date ) +bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, + bool whack_by_date ) { int start_record, i, new_start; int end_record; @@ -247,7 +247,7 @@ BOOL make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, calculate how many bytes we need to remove ********************************************************************/ -BOOL prune_eventlog( TDB_CONTEXT * tdb ) +bool prune_eventlog( TDB_CONTEXT * tdb ) { int MaxSize, Retention, CalcdSize; @@ -272,7 +272,7 @@ BOOL prune_eventlog( TDB_CONTEXT * tdb ) /******************************************************************** ********************************************************************/ -BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) +bool can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) { int calcd_size; int MaxSize, Retention; @@ -315,7 +315,7 @@ BOOL can_write_to_eventlog( TDB_CONTEXT * tdb, int32 needed ) /******************************************************************* *******************************************************************/ -ELOG_TDB *elog_open_tdb( char *logname, BOOL force_clear ) +ELOG_TDB *elog_open_tdb( char *logname, bool force_clear ) { TDB_CONTEXT *tdb = NULL; uint32 vers_id; @@ -412,7 +412,7 @@ ELOG_TDB *elog_open_tdb( char *logname, BOOL force_clear ) Wrapper to handle reference counts to the tdb *******************************************************************/ -int elog_close_tdb( ELOG_TDB *etdb, BOOL force_close ) +int elog_close_tdb( ELOG_TDB *etdb, bool force_close ) { TDB_CONTEXT *tdb; @@ -591,7 +591,7 @@ void fixup_eventlog_entry( Eventlog_entry * ee ) going in. ********************************************************************/ -BOOL parse_logentry( char *line, Eventlog_entry * entry, BOOL * eor ) +bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ) { char *start = NULL, *stop = NULL; pstring temp; -- cgit From 88ee61625a5de5e443d14c54eab91a90d87cda85 Mon Sep 17 00:00:00 2001 From: "Gerald (Jerry) Carter" Date: Thu, 1 Nov 2007 15:53:44 -0400 Subject: Patch 2 of 3 from Debian Samba packagers: The point is doing the following associations: - non discardable state data (all TDB files that may need to be backed up) go to statedir - shared data (codepage stuff) go to codepagedir The patch *does not change* the default location for these directories. So, there is no behaviour change when applying it. The main change is for samba developers who have to think when dealing with files that previously pertained to libdir whether they: - go in statedir - go in codepagedir - stay in libdir (This used to be commit d6cdbfd875bb2653e831d314726c3240beb0a96b) --- source3/rpc_server/srv_eventlog_lib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 3f06f0f39f..00afe5b05c 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -66,7 +66,7 @@ char *elog_tdbname( const char *name ) { fstring path; char *tdb_fullpath; - char *eventlogdir = lock_path( "eventlog" ); + char *eventlogdir = state_path( "eventlog" ); pstr_sprintf( path, "%s/%s.tdb", eventlogdir, name ); strlower_m( path ); @@ -348,7 +348,7 @@ ELOG_TDB *elog_open_tdb( char *logname, bool force_clear ) /* make sure that the eventlog dir exists */ - eventlogdir = lock_path( "eventlog" ); + eventlogdir = state_path( "eventlog" ); if ( !directory_exist( eventlogdir, NULL ) ) mkdir( eventlogdir, 0755 ); -- cgit From 3a452a15b7185dd4023c7dc8d44004c962f39d98 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 27 Nov 2007 11:22:58 -0800 Subject: Remove pstring from everything in rpc_server except srv_spoolss_nt.c and srv_srvsvc_nt.c. They're next :-). Jeremy. (This used to be commit 55b4f9d003b036af69085f7b64e0df08c5ba440d) --- source3/rpc_server/srv_eventlog_lib.c | 151 +++++++++++++++++----------------- 1 file changed, 75 insertions(+), 76 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 00afe5b05c..b9648283e1 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -62,17 +62,16 @@ TDB_CONTEXT *elog_init_tdb( char *tdbfilename ) and size. Caller must free memory. ********************************************************************/ -char *elog_tdbname( const char *name ) +char *elog_tdbname(TALLOC_CTX *ctx, const char *name ) { - fstring path; - char *tdb_fullpath; - char *eventlogdir = state_path( "eventlog" ); - - pstr_sprintf( path, "%s/%s.tdb", eventlogdir, name ); - strlower_m( path ); - tdb_fullpath = SMB_STRDUP( path ); - - return tdb_fullpath; + char *path = talloc_asprintf(ctx, "%s/%s.tdb", + state_path("eventlog"), + name); + if (!path) { + return NULL; + } + strlower_m(path); + return path; } @@ -320,13 +319,13 @@ ELOG_TDB *elog_open_tdb( char *logname, bool force_clear ) TDB_CONTEXT *tdb = NULL; uint32 vers_id; ELOG_TDB *ptr; - char *tdbfilename; - pstring tdbpath; + char *tdbpath = NULL; ELOG_TDB *tdb_node = NULL; char *eventlogdir; + TALLOC_CTX *ctx = talloc_tos(); /* first see if we have an open context */ - + for ( ptr=open_elog_list; ptr; ptr=ptr->next ) { if ( strequal( ptr->name, logname ) ) { ptr->ref_count++; @@ -345,27 +344,28 @@ ELOG_TDB *elog_open_tdb( char *logname, bool force_clear ) return ptr; } } - + /* make sure that the eventlog dir exists */ - + eventlogdir = state_path( "eventlog" ); if ( !directory_exist( eventlogdir, NULL ) ) - mkdir( eventlogdir, 0755 ); - + mkdir( eventlogdir, 0755 ); + /* get the path on disk */ - - tdbfilename = elog_tdbname( logname ); - pstrcpy( tdbpath, tdbfilename ); - SAFE_FREE( tdbfilename ); - DEBUG(7,("elog_open_tdb: Opening %s...(force_clear == %s)\n", + tdbpath = elog_tdbname(ctx, logname); + if (!tdbpath) { + return NULL; + } + + DEBUG(7,("elog_open_tdb: Opening %s...(force_clear == %s)\n", tdbpath, force_clear?"True":"False" )); - + /* the tdb wasn't already open or this is a forced clear open */ if ( !force_clear ) { - tdb = tdb_open_log( tdbpath, 0, TDB_DEFAULT, O_RDWR , 0 ); + tdb = tdb_open_log( tdbpath, 0, TDB_DEFAULT, O_RDWR , 0 ); if ( tdb ) { vers_id = tdb_fetch_int32( tdb, EVT_VERSION ); @@ -593,9 +593,8 @@ void fixup_eventlog_entry( Eventlog_entry * ee ) bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ) { + TALLOC_CTX *ctx = talloc_tos(); char *start = NULL, *stop = NULL; - pstring temp; - int temp_len = 0; start = line; @@ -661,62 +660,69 @@ bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ) } else if ( 0 == strncmp( start, "USL", stop - start ) ) { entry->record.user_sid_length = atoi( stop + 1 ); } else if ( 0 == strncmp( start, "SRC", stop - start ) ) { - memset( temp, 0, sizeof( temp ) ); stop++; while ( isspace( stop[0] ) ) { stop++; } - temp_len = strlen( stop ); - strncpy( temp, stop, temp_len ); - rpcstr_push( ( void * ) ( entry->data_record.source_name ), - temp, sizeof( entry->data_record.source_name ), - STR_TERMINATE ); - entry->data_record.source_name_len = - ( strlen_w( entry->data_record.source_name ) * 2 ) + - 2; + entry->data_record.source_name_len = rpcstr_push_talloc(ctx, + &entry->data_record.source_name, + stop); + if (entry->data_record.source_name_len == (size_t)-1 || + entry->data_record.source_name == NULL) { + return false; + } } else if ( 0 == strncmp( start, "SRN", stop - start ) ) { - memset( temp, 0, sizeof( temp ) ); stop++; while ( isspace( stop[0] ) ) { stop++; } - temp_len = strlen( stop ); - strncpy( temp, stop, temp_len ); - rpcstr_push( ( void * ) ( entry->data_record.computer_name ), - temp, sizeof( entry->data_record.computer_name ), - STR_TERMINATE ); - entry->data_record.computer_name_len = - ( strlen_w( entry->data_record.computer_name ) * 2 ) + - 2; + entry->data_record.computer_name_len = rpcstr_push_talloc(ctx, + &entry->data_record.computer_name, + stop); + if (entry->data_record.computer_name_len == (size_t)-1 || + entry->data_record.computer_name == NULL) { + return false; + } } else if ( 0 == strncmp( start, "SID", stop - start ) ) { - memset( temp, 0, sizeof( temp ) ); stop++; while ( isspace( stop[0] ) ) { stop++; } - temp_len = strlen( stop ); - strncpy( temp, stop, temp_len ); - rpcstr_push( ( void * ) ( entry->data_record.sid ), temp, - sizeof( entry->data_record.sid ), - STR_TERMINATE ); - entry->record.user_sid_length = - ( strlen_w( entry->data_record.sid ) * 2 ) + 2; + entry->record.user_sid_length = rpcstr_push_talloc(ctx, + &entry->data_record.sid, + stop); + if (entry->record.user_sid_length == (size_t)-1 || + entry->data_record.sid == NULL) { + return false; + } } else if ( 0 == strncmp( start, "STR", stop - start ) ) { + smb_ucs2_t *temp = NULL; + size_t tmp_len; + uint32_t old_len; /* skip past initial ":" */ stop++; /* now skip any other leading whitespace */ - while ( isspace( stop[0] ) ) { + while ( isspace(stop[0])) { stop++; } - temp_len = strlen( stop ); - memset( temp, 0, sizeof( temp ) ); - strncpy( temp, stop, temp_len ); - rpcstr_push( ( void * ) ( entry->data_record.strings + - ( entry->data_record.strings_len / 2 ) ), - temp, - sizeof( entry->data_record.strings ) - - ( entry->data_record.strings_len / 2 ), STR_TERMINATE ); - entry->data_record.strings_len += ( temp_len * 2 ) + 2; + tmp_len = rpcstr_push_talloc(ctx, + &temp, + stop); + if (tmp_len == (size_t)-1 || !temp) { + return false; + } + old_len = entry->data_record.strings_len; + entry->data_record.strings = (smb_ucs2_t *)TALLOC_REALLOC_ARRAY(ctx, + entry->data_record.strings, + char, + old_len + tmp_len); + if (!entry->data_record.strings) { + return false; + } + memcpy(entry->data_record.strings + old_len, + temp, + tmp_len); + entry->data_record.strings_len += tmp_len; entry->record.num_strings++; } else if ( 0 == strncmp( start, "DAT", stop - start ) ) { /* skip past initial ":" */ @@ -725,25 +731,18 @@ bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ) while ( isspace( stop[0] ) ) { stop++; } - entry->data_record.user_data_len = strlen( stop ); - memset( entry->data_record.user_data, 0, - sizeof( entry->data_record.user_data ) ); - if ( entry->data_record.user_data_len > 0 ) { - /* copy no more than the first 1024 bytes */ - if ( entry->data_record.user_data_len > - sizeof( entry->data_record.user_data ) ) - entry->data_record.user_data_len = - sizeof( entry->data_record. - user_data ); - memcpy( entry->data_record.user_data, stop, - entry->data_record.user_data_len ); + entry->data_record.user_data_len = strlen(stop); + entry->data_record.user_data = talloc_strdup(ctx, + stop); + if (!entry->data_record.user_data) { + return false; } } else { /* some other eventlog entry -- not implemented, so dropping on the floor */ DEBUG( 10, ( "Unknown entry [%s]. Ignoring.\n", line ) ); /* For now return true so that we can keep on parsing this mess. Eventually we will return False here. */ - return True; + return true; } - return True; + return true; } -- cgit From f642ae837507e755d5949a61ea5ad70c7b334385 Mon Sep 17 00:00:00 2001 From: Guenther Deschner Date: Tue, 27 Nov 2007 21:53:41 +0100 Subject: fix a obscure compiler warning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Jeremy, I have never seen this warning before: "warning: comparison is always false due to limited range of data type". Guenther - -- Günther Deschner GPG-ID: 8EE11688 Red Hat gdeschner@redhat.com Samba Team gd@samba.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHTIOOSOk3aI7hFogRArxMAJwP0ktE96tHcwn9nXG6AOqonpeDgQCgm/zi 54B6HJZvx6zdUTMFFNWqUb0= =kUJa -----END PGP SIGNATURE----- >From 6a4935ee455adc1251fce2759f97d35f303bd40e Mon Sep 17 00:00:00 2001 From: =?utf-8?q?G=C3=BCnther=20Deschner?= Date: Tue, 27 Nov 2007 21:48:39 +0100 Subject: [PATCH] Getting rid of "comparison is always false due to limited range of data type" warning. Guenther (This used to be commit 951202913956e113841585f7372e8db8f9aeb76a) --- source3/rpc_server/srv_eventlog_lib.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index b9648283e1..4e996ee19b 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -667,7 +667,7 @@ bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ) entry->data_record.source_name_len = rpcstr_push_talloc(ctx, &entry->data_record.source_name, stop); - if (entry->data_record.source_name_len == (size_t)-1 || + if (entry->data_record.source_name_len == (uint32_t)-1 || entry->data_record.source_name == NULL) { return false; } @@ -679,7 +679,7 @@ bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ) entry->data_record.computer_name_len = rpcstr_push_talloc(ctx, &entry->data_record.computer_name, stop); - if (entry->data_record.computer_name_len == (size_t)-1 || + if (entry->data_record.computer_name_len == (uint32_t)-1 || entry->data_record.computer_name == NULL) { return false; } @@ -691,7 +691,7 @@ bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ) entry->record.user_sid_length = rpcstr_push_talloc(ctx, &entry->data_record.sid, stop); - if (entry->record.user_sid_length == (size_t)-1 || + if (entry->record.user_sid_length == (uint32_t)-1 || entry->data_record.sid == NULL) { return false; } -- cgit From cb9029dbf5b4ba5034499eb7dd8e5dd456e0abfe Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Jan 2008 16:46:46 +0100 Subject: Fix a memleak (This used to be commit 252c3130697d1b7fd34a5225d83cef4f32e663b2) --- source3/rpc_server/srv_eventlog_lib.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 4e996ee19b..1d902fe215 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -148,7 +148,6 @@ bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, int nbytes, reclen, len, Retention, MaxSize; int tresv1, trecnum, timegen, timewr; TDB_DATA key, ret; - TALLOC_CTX *mem_ctx = NULL; time_t current_time, exp_time; /* discard some eventlogs */ @@ -156,10 +155,7 @@ bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, /* read eventlogs from oldest_entry -- there can't be any discontinuity in recnos, although records not necessarily guaranteed to have successive times */ /* */ - mem_ctx = talloc_init( "make_way_for_eventlogs" ); /* Homage to BPG */ - if ( mem_ctx == NULL ) - return False; /* can't allocate memory indicates bigger problems */ /* lock */ tdb_lock_bystring_with_timeout( the_tdb, EVT_NEXT_RECORD, 1 ); /* read */ -- cgit From c0aa988e83c16ac7fe9d1a9d6cb51fa989aab1e9 Mon Sep 17 00:00:00 2001 From: "Gerald W. Carter" Date: Tue, 29 Jan 2008 15:08:37 -0600 Subject: Make make_way_for_eventlogs() static (This used to be commit cb6531965b2baab320123d4301ab851c6e22aa58) --- source3/rpc_server/srv_eventlog_lib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 1d902fe215..269e2f318e 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -140,8 +140,8 @@ int elog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention ) return True if we made enough room to accommodate needed bytes ********************************************************************/ -bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, - bool whack_by_date ) +static bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, + bool whack_by_date ) { int start_record, i, new_start; int end_record; -- cgit From bc7a0a9198a6bc26e1ddc7e5f1e52c97a07029a0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 23 Mar 2008 15:58:09 +0100 Subject: Fix Coverity ID 432 (This used to be commit 7070c77ee2a9c3c9ff1b3c7b93008b13b80ac02b) --- source3/rpc_server/srv_eventlog_lib.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/rpc_server/srv_eventlog_lib.c') diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 269e2f318e..e232a30078 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -464,8 +464,6 @@ int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee ) if ( mem_ctx == NULL ) return 0; - if ( !ee ) - return 0; /* discard any entries that have bogus time, which usually indicates a bogus entry as well. */ if ( ee->record.time_generated == 0 ) return 0; -- cgit