X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Fwin32%2Fwin_service.c;h=c2463d51dd18e56d84eb1e27ab1f72433660aba0;hb=789cbc8e52da68eba3517b920ef22e000cf3c9fd;hp=749abade6ee3b987fd8e4d253eaf68518652c07d;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a;p=ossec-hids.git diff --git a/src/win32/win_service.c b/src/win32/win_service.c index 749abad..c2463d5 100755 --- a/src/win32/win_service.c +++ b/src/win32/win_service.c @@ -1,14 +1,15 @@ -/* @(#) $Id: win_service.c,v 1.13 2009/06/24 18:53:10 dcid Exp $ */ +/* @(#) $Id: ./src/win32/win_service.c, 2011/09/08 dcid Exp $ + */ /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. * * This program is a free software; you can redistribute it * and/or modify it under the terms of the GNU General Public - * License (version 3) as published by the FSF - Free Software + * License (version 2) as published by the FSF - Free Software * Foundation. * - * License details at the LICENSE file included with OSSEC or + * License details at the LICENSE file included with OSSEC or * online at: http://www.ossec.net/en/licensing.html */ @@ -24,8 +25,8 @@ #endif static LPTSTR g_lpszServiceName = "OssecSvc"; -static LPTSTR g_lpszServiceDisplayName = "OSSEC Hids"; -static LPTSTR g_lpszServiceDescription = "OSSEC Hids Windows Agent"; +static LPTSTR g_lpszServiceDisplayName = "OSSEC HIDS"; +static LPTSTR g_lpszServiceDescription = "OSSEC HIDS Windows Agent"; static SERVICE_STATUS ossecServiceStatus; static SERVICE_STATUS_HANDLE ossecServiceStatusHandle; @@ -42,7 +43,7 @@ int os_start_service() SC_HANDLE schSCManager, schService; - /* Removing from the services database */ + /* Start the database */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); if (schSCManager) { @@ -50,7 +51,6 @@ int os_start_service() SC_MANAGER_ALL_ACCESS); if(schService) { - if(StartService(schService, 0, NULL)) { rc = 1; @@ -62,7 +62,7 @@ int os_start_service() rc = -1; } } - + CloseServiceHandle(schService); } @@ -73,14 +73,14 @@ int os_start_service() } -/* os_start_service: Starts ossec service */ +/* os_stop_service: Stops ossec service */ int os_stop_service() { int rc = 0; SC_HANDLE schSCManager, schService; - /* Removing from the services database */ + /* Stop the service database */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); if (schSCManager) { @@ -89,13 +89,12 @@ int os_stop_service() if(schService) { SERVICE_STATUS lpServiceStatus; - - if(ControlService(schService, - SERVICE_CONTROL_STOP, &lpServiceStatus)) + + if(ControlService(schService, SERVICE_CONTROL_STOP, &lpServiceStatus)) { rc = 1; } - + CloseServiceHandle(schService); } @@ -106,14 +105,14 @@ int os_stop_service() } -/* int QueryService(): Checks if service is running. */ +/* int CheckServiceRunning(): Checks if service is running. */ int CheckServiceRunning() { int rc = 0; SC_HANDLE schSCManager, schService; - /* Removing from the services database */ + /* Checking service status */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); if (schSCManager) { @@ -123,7 +122,7 @@ int CheckServiceRunning() { /* Checking status */ SERVICE_STATUS lpServiceStatus; - + if(QueryServiceStatus(schService, &lpServiceStatus)) { if(lpServiceStatus.dwCurrentState == SERVICE_RUNNING) @@ -133,36 +132,40 @@ int CheckServiceRunning() } CloseServiceHandle(schService); } - + CloseServiceHandle(schSCManager); } return(rc); } - + /* int InstallService() * Install the OSSEC HIDS agent service. */ int InstallService(char *path) { - char buffer[MAX_PATH+1]; + int ret; SC_HANDLE schSCManager, schService; LPCTSTR lpszBinaryPathName = NULL; SERVICE_DESCRIPTION sdBuf; - - /* Cleaning up some variables */ - buffer[MAX_PATH] = '\0'; - - + + /* Uninstall service (if it exists) */ + if (!UninstallService()) + { + verbose("%s: ERROR: Failure running UninstallService().", ARGV0); + return(0); + } + + /* Executable path -- it must be called with the * full path */ lpszBinaryPathName = path; - - /* Opening the services database */ + + /* Opening the service database */ schSCManager = OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS); if (schSCManager == NULL) @@ -171,7 +174,7 @@ int InstallService(char *path) } /* Creating the service */ - schService = CreateService(schSCManager, + schService = CreateService(schSCManager, g_lpszServiceName, g_lpszServiceDisplayName, SERVICE_ALL_ACCESS, @@ -180,23 +183,28 @@ int InstallService(char *path) SERVICE_ERROR_NORMAL, lpszBinaryPathName, NULL, NULL, NULL, NULL, NULL); - + if (schService == NULL) { + CloseServiceHandle(schSCManager); goto install_error; } /* Setting description */ sdBuf.lpDescription = g_lpszServiceDescription; - if(!ChangeServiceConfig2(schService, SERVICE_CONFIG_DESCRIPTION, &sdBuf)) + ret = ChangeServiceConfig2(schService, SERVICE_CONFIG_DESCRIPTION, &sdBuf); + + CloseServiceHandle(schService); + CloseServiceHandle(schSCManager); + + /* Check for errors */ + if (!ret) { goto install_error; } - - CloseServiceHandle(schService); - CloseServiceHandle(schSCManager); - printf(" [%s] Successfully added to the Services database.\n", ARGV0); + + verbose("%s: INFO: Successfully added to the service database.", ARGV0); return(1); @@ -204,7 +212,7 @@ int InstallService(char *path) { char local_msg[1025]; LPVOID lpMsgBuf; - + memset(local_msg, 0, 1025); FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | @@ -217,8 +225,7 @@ int InstallService(char *path) 0, NULL); - merror(local_msg, 1024, "[%s] Unable to create registry " - "entry: %s", ARGV0,(LPCTSTR)lpMsgBuf); + verbose("%s: ERROR: Unable to create service entry: %s", ARGV0, (LPCTSTR)lpMsgBuf); return(0); } } @@ -227,37 +234,61 @@ int InstallService(char *path) /* int UninstallService() * Uninstall the OSSEC HIDS agent service. */ -int UninstallService() +int UninstallService() { + int ret; + int rc = 0; SC_HANDLE schSCManager, schService; + SERVICE_STATUS lpServiceStatus; + - - /* Removing from the services database */ + /* Removing from the service database */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (schSCManager) + if(schSCManager) { - schService = OpenService(schSCManager,g_lpszServiceName,DELETE); + schService = OpenService(schSCManager,g_lpszServiceName,SERVICE_STOP|DELETE); if(schService) { - if (DeleteService(schService)) - + if(CheckServiceRunning()) + { + verbose("%s: INFO: Found (%s) service is running going to try and stop it.", ARGV0, g_lpszServiceName); + ret = ControlService(schService, SERVICE_CONTROL_STOP, &lpServiceStatus); + if(!ret) + { + verbose("%s: ERROR: Failure stopping service (%s) before removing it (%ld).", ARGV0, g_lpszServiceName, GetLastError()); + } + else + { + verbose("%s: INFO: Successfully stopped (%s).", ARGV0, g_lpszServiceName); + } + } + else { - CloseServiceHandle(schService); - CloseServiceHandle(schSCManager); + verbose("%s: INFO: Found (%s) service is not running.", ARGV0, g_lpszServiceName); + ret = 1; + } - printf(" [%s] Successfully removed from " - "the Services database.\n", ARGV0); - return(1); + if(ret && DeleteService(schService)) + { + verbose("%s: INFO: Successfully removed (%s) from the service database.", ARGV0, g_lpszServiceName); + rc = 1; } CloseServiceHandle(schService); } + else + { + verbose("%s: INFO: Service does not exist (%s) nothing to remove.", ARGV0, g_lpszServiceName); + rc = 1; + } CloseServiceHandle(schSCManager); } - fprintf(stderr, " [%s] Error removing from " - "the Services database.\n", ARGV0); - - return(0); + if(!rc) + { + verbose("%s: ERROR: Failure removing (%s) from the service database.", ARGV0, g_lpszServiceName); + } + + return(rc); } @@ -275,30 +306,30 @@ VOID WINAPI OssecServiceCtrlHandler(DWORD dwOpcode) ossecServiceStatus.dwCheckPoint = 0; ossecServiceStatus.dwWaitHint = 0; - verbose("%s: Received exit signal.", ARGV0); + verbose("%s: INFO: Received exit signal.", ARGV0); SetServiceStatus (ossecServiceStatusHandle, &ossecServiceStatus); - verbose("%s: Exiting...", ARGV0); + verbose("%s: INFO: Exiting...", ARGV0); return; default: break; } return; } - + /** void WinSetError() - * Sets the error code in the services + * Sets the error code in the service */ void WinSetError() { OssecServiceCtrlHandler(SERVICE_CONTROL_STOP); } - + /** int os_WinMain(int argc, char **argv) * Initializes OSSEC dispatcher */ -int os_WinMain(int argc, char **argv) +int os_WinMain(int argc, char **argv) { SERVICE_TABLE_ENTRY steDispatchTable[] = { @@ -308,7 +339,7 @@ int os_WinMain(int argc, char **argv) if(!StartServiceCtrlDispatcher(steDispatchTable)) { - merror("%s: Unable to set service information.", ARGV0); + verbose("%s: INFO: Unable to set service information.", ARGV0); return(1); } @@ -329,13 +360,13 @@ void WINAPI OssecServiceStart (DWORD argc, LPTSTR *argv) ossecServiceStatus.dwCheckPoint = 0; ossecServiceStatus.dwWaitHint = 0; - ossecServiceStatusHandle = - RegisterServiceCtrlHandler(g_lpszServiceName, + ossecServiceStatusHandle = + RegisterServiceCtrlHandler(g_lpszServiceName, OssecServiceCtrlHandler); if (ossecServiceStatusHandle == (SERVICE_STATUS_HANDLE)0) { - merror("%s: RegisterServiceCtrlHandler failed.", ARGV0); + verbose("%s: INFO: RegisterServiceCtrlHandler failed.", ARGV0); return; } @@ -345,7 +376,7 @@ void WINAPI OssecServiceStart (DWORD argc, LPTSTR *argv) if (!SetServiceStatus(ossecServiceStatusHandle, &ossecServiceStatus)) { - merror("%s: SetServiceStatus error.", ARGV0); + verbose("%s: INFO: SetServiceStatus error.", ARGV0); return; }