EventLog.cpp

Go to the documentation of this file.

//#include "atlbase.h"

#include "EventLog.h"
#include "PKIFLog.h"
#include "PKIFException.h"
#include "components.h"
#include "PKIFCommonErrors.h"

#include "boost/numeric/conversion/cast.hpp"

using boost::numeric_cast;
using boost::bad_numeric_cast;

CEventLog::CEventLog()
{
    m_bSourceAdded = false;
}
CEventLog::~CEventLog()
{
}

bool CEventLog::m_bSourceAdded = false;

#ifdef _DEBUG
char* CEventLog::m_cstrEventSource = "PKIFd";
#else
char* CEventLog::m_cstrEventSource = "PKIF";
#endif

bool CEventLog::AddEventSource()
{
    //USES_CONVERSION;

    HKEY hk = NULL; 
    DWORD dwData = EVENTLOG_ERROR_TYPE | EVENTLOG_WARNING_TYPE | EVENTLOG_INFORMATION_TYPE; 

    // Add your source name as a subkey under the Application key in the EventLog registry key. 
    char regKeyName[MAX_PATH] = "SYSTEM\\CurrentControlSet\\Services\\EventLog\\Application\\";

    //reviewed 4/25 - buffer large enough to accomodate string literal plus PKIF or PKIFd
    strcat(regKeyName,m_cstrEventSource);
    if (RegCreateKey(HKEY_LOCAL_MACHINE, regKeyName/*A2T(regKeyName)*/, &hk)) 
    {
        OutputDebugString( "\nCould not create the logging registry key."); 
        return false;
    }

    // Set the name of the message file.
    #ifdef _DEBUG
    HINSTANCE hInstance = GetModuleHandle("PKIFd");
    if(!hInstance)
    {
        OutputDebugString( "\nCould not get module handle"); 
        return false;
    }
    #else
    HINSTANCE hInstance = GetModuleHandle("PKIF");
    if(!hInstance)
    {
        OutputDebugString( "\nCould not get module handle"); 
        return false;
    }
    #endif
    char szBuffer[MAX_PATH];
    if (!GetModuleFileName(hInstance,szBuffer,sizeof(szBuffer)))
    {
        OutputDebugString( "\nCould not get module filename"); 
        return false;
    }
    std::string cstrBuf = szBuffer;

    const char* pCstrBuf = cstrBuf.c_str();

    //reviewed 4/25 - size limited to above string literal plus m_cstrEventSource (which is either PKIF or PKIFd)

    DWORD pCstrBufLen = 0;
    try 
    {
        pCstrBufLen = numeric_cast<DWORD>(cstrBuf.size());
    }
    catch(bad_numeric_cast &) 
    {
        throw CPKIFException(TOOLKIT_PATH, COMMON_INVALID_INPUT, "Buffer size is an impossibly long number.");
    }

    // Add the name to the EventMessageFile subkey. 
    if (RegSetValueEx(hk,             // subkey handle 
        "EventMessageFile",       // value name 
        0,                        // must be zero 
        REG_EXPAND_SZ,            // value type 
        (BYTE*)pCstrBuf,           // pointer to value data 
        pCstrBufLen + 1))           // length of value data 
    {

        OutputDebugString( "\nCould not set the event message file."); 
        return false;
    }

    if (RegSetValueEx(hk,      // subkey handle 
        "TypesSupported",  // value name 
        0, // must be zero 
        REG_DWORD,         // value type 
        (LPBYTE) &dwData,  // pointer to value data 
        sizeof(DWORD)))    // length of value data 
    {
        OutputDebugString( "\nCould not set the supported types."); 
        return false;
    }

    dwData = 7;
    if (RegSetValueEx(hk,      // subkey handle 
        "CategoryCount",  // value name 
        0,  
        REG_DWORD,         // value type 
        (LPBYTE) &dwData,  // pointer to value data 
        sizeof(DWORD)))    // length of value data 
    {
        OutputDebugString( "\nCould not set the supported types."); 
        return false;
    }

    if (RegSetValueEx(hk,             // subkey handle 
        "CategoryMessageFile",       // value name 
        0,                        // must be zero 
        REG_EXPAND_SZ,            // value type 
        (BYTE*)pCstrBuf,           // pointer to value data 
        pCstrBufLen + 1))           // length of value data 
    {

        OutputDebugString( "\nCould not set the event message file."); 
        return false;
    }

    RegCloseKey(hk); 
    m_bSourceAdded = true;
    return true;

    m_bSourceAdded = false;
    return false;
}
DWORD GetUserSid(PSID& sid)
{
    int sts;
    DWORD len, sidLen;
    TCHAR *refDomain, *userName;
    SID_NAME_USE sidNameUse;
    unsigned long userLen = 128;

    // Fetch user name
    // if(!m TNetAvail.m bNetAvail)
    //  return ERROR NO NETWORK;

    userName = ( TCHAR*) new  TCHAR[userLen];
    if(!GetUserName(userName,&userLen)) { 
        delete [] userName;
        return GetLastError(); 
    }

    // Fetch length of SID a user account first.
    sidLen = len = 0;
    sts = LookupAccountName(NULL,      // Look at local machine
        userName,      // User name
        NULL,      // Point to SID
        &sidLen,     // Length of SID
        NULL,      // Ignore Referenced Domain name
        &len,      // Ignore Referenced Domain name length
        &sidNameUse);    // SID name use

    // Allocate required storage
    sid = (void*) new char[sidLen]; 
    refDomain = (TCHAR*) new TCHAR[len];

    // Now, with buffers in hand fetch SID for a user account
    sts = LookupAccountName(NULL,      // Look at local machine
        userName,      // User name
        sid,      // Point to SID
        &sidLen,     // Length of SID
        refDomain,     // Ignore Referenced Domain name
        &len,      // Ignore Referenced Domain name length
        &sidNameUse);    // SID name use            

    if (!sts) {
        int error = GetLastError();
        if (!error) error = ERROR_NO_NETWORK; // cover up a Microsoft bug
        delete [] sid;
        delete [] refDomain;
        delete [] userName;
        return error;
    }
//  delete [] sid;  - moved to CEventLog::Write 11/9/2003
    delete [] refDomain;
    delete [] userName;
    return ERROR_SUCCESS;
}
void CEventLog::Write(
    int intEventType, 
    int intEventCat, 
    int eventID, 
    const char* cstrMessage)
{
    HANDLE h; 
    if( m_bSourceAdded == false )
        CEventLog::AddEventSource();

    h = RegisterEventSource(NULL,  // uses local computer 
        m_cstrEventSource);    // source name
    if (h == NULL) 
    {
        OutputDebugString( "\nCould not register the event source.");
        return;
    }

    PSID sid = NULL;
    if(PKIF_UNLOAD != eventID && PKIF_LOAD != eventID)
    {
        GetUserSid(sid);
    }

    //  USES_CONVERSION;
    int err = 0;
    //  LPCSTR lp = A2T( const_cast<char*>(cstrMessage));
    if (!ReportEvent(h,           // event log handle 
        intEventType,  // event type (info, success, failure, etc)
        intEventCat,                    // category 
        eventID,        // event identifier 
        sid,                 // no user security identifier 
        1,                    // one substitution string 
        0,                    // no data 
        &cstrMessage,         // pointer to string array 
        NULL))                // pointer to data 
    {
        OutputDebugString("\nCould not report the event.");
        err = GetLastError();
        //      return;
    }
    if(sid) delete[] sid; //moved to here 11/9/2003
    DeregisterEventSource(h); 
}