-/* @(#) $Id$ */
+/* @(#) $Id: ./src/win32/win_service.c, 2011/09/08 dcid Exp $
+ */
/* Copyright (C) 2009 Trend Micro Inc.
* All rights reserved.
* License (version 2) as published by the FSF - Free Software
* Foundation.
*
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or
* online at: http://www.ossec.net/en/licensing.html
*/
#endif
static LPTSTR g_lpszServiceName = "OssecSvc";
-static LPTSTR g_lpszServiceDisplayName = "OSSEC Hids";
-static LPTSTR g_lpszServiceDescription = "OSSEC Hids Windows Agent";
+static LPTSTR g_lpszServiceDisplayName = "OSSEC HIDS";
+static LPTSTR g_lpszServiceDescription = "OSSEC HIDS Windows Agent";
static SERVICE_STATUS ossecServiceStatus;
static SERVICE_STATUS_HANDLE ossecServiceStatusHandle;
SC_HANDLE schSCManager, schService;
- /* Removing from the services database */
+ /* Start the database */
schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if (schSCManager)
{
SC_MANAGER_ALL_ACCESS);
if(schService)
{
-
if(StartService(schService, 0, NULL))
{
rc = 1;
rc = -1;
}
}
-
+
CloseServiceHandle(schService);
}
}
-/* os_start_service: Starts ossec service */
+/* os_stop_service: Stops ossec service */
int os_stop_service()
{
int rc = 0;
SC_HANDLE schSCManager, schService;
- /* Removing from the services database */
+ /* Stop the service database */
schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if (schSCManager)
{
if(schService)
{
SERVICE_STATUS lpServiceStatus;
-
- if(ControlService(schService,
- SERVICE_CONTROL_STOP, &lpServiceStatus))
+
+ if(ControlService(schService, SERVICE_CONTROL_STOP, &lpServiceStatus))
{
rc = 1;
}
-
+
CloseServiceHandle(schService);
}
}
-/* int QueryService(): Checks if service is running. */
+/* int CheckServiceRunning(): Checks if service is running. */
int CheckServiceRunning()
{
int rc = 0;
SC_HANDLE schSCManager, schService;
- /* Removing from the services database */
+ /* Checking service status */
schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
if (schSCManager)
{
{
/* Checking status */
SERVICE_STATUS lpServiceStatus;
-
+
if(QueryServiceStatus(schService, &lpServiceStatus))
{
if(lpServiceStatus.dwCurrentState == SERVICE_RUNNING)
}
CloseServiceHandle(schService);
}
-
+
CloseServiceHandle(schSCManager);
}
return(rc);
}
-
+
/* int InstallService()
* Install the OSSEC HIDS agent service.
*/
int InstallService(char *path)
{
- char buffer[MAX_PATH+1];
+ int ret;
SC_HANDLE schSCManager, schService;
LPCTSTR lpszBinaryPathName = NULL;
SERVICE_DESCRIPTION sdBuf;
-
- /* Cleaning up some variables */
- buffer[MAX_PATH] = '\0';
-
-
+
+ /* Uninstall service (if it exists) */
+ if (!UninstallService())
+ {
+ verbose("%s: ERROR: Failure running UninstallService().", ARGV0);
+ return(0);
+ }
+
+
/* Executable path -- it must be called with the
* full path
*/
lpszBinaryPathName = path;
-
- /* Opening the services database */
+
+ /* Opening the service database */
schSCManager = OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
if (schSCManager == NULL)
}
/* Creating the service */
- schService = CreateService(schSCManager,
+ schService = CreateService(schSCManager,
g_lpszServiceName,
g_lpszServiceDisplayName,
SERVICE_ALL_ACCESS,
SERVICE_ERROR_NORMAL,
lpszBinaryPathName,
NULL, NULL, NULL, NULL, NULL);
-
+
if (schService == NULL)
{
+ CloseServiceHandle(schSCManager);
goto install_error;
}
/* Setting description */
sdBuf.lpDescription = g_lpszServiceDescription;
- if(!ChangeServiceConfig2(schService, SERVICE_CONFIG_DESCRIPTION, &sdBuf))
+ ret = ChangeServiceConfig2(schService, SERVICE_CONFIG_DESCRIPTION, &sdBuf);
+
+ CloseServiceHandle(schService);
+ CloseServiceHandle(schSCManager);
+
+ /* Check for errors */
+ if (!ret)
{
goto install_error;
}
-
- CloseServiceHandle(schService);
- CloseServiceHandle(schSCManager);
- printf(" [%s] Successfully added to the Services database.\n", ARGV0);
+
+ verbose("%s: INFO: Successfully added to the service database.", ARGV0);
return(1);
{
char local_msg[1025];
LPVOID lpMsgBuf;
-
+
memset(local_msg, 0, 1025);
FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER |
0,
NULL);
- merror(local_msg, 1024, "[%s] Unable to create registry "
- "entry: %s", ARGV0,(LPCTSTR)lpMsgBuf);
+ verbose("%s: ERROR: Unable to create service entry: %s", ARGV0, (LPCTSTR)lpMsgBuf);
return(0);
}
}
/* int UninstallService()
* Uninstall the OSSEC HIDS agent service.
*/
-int UninstallService()
+int UninstallService()
{
+ int ret;
+ int rc = 0;
SC_HANDLE schSCManager, schService;
+ SERVICE_STATUS lpServiceStatus;
+
-
- /* Removing from the services database */
+ /* Removing from the service database */
schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
- if (schSCManager)
+ if(schSCManager)
{
- schService = OpenService(schSCManager,g_lpszServiceName,DELETE);
+ schService = OpenService(schSCManager,g_lpszServiceName,SERVICE_STOP|DELETE);
if(schService)
{
- if (DeleteService(schService))
-
+ if(CheckServiceRunning())
+ {
+ verbose("%s: INFO: Found (%s) service is running going to try and stop it.", ARGV0, g_lpszServiceName);
+ ret = ControlService(schService, SERVICE_CONTROL_STOP, &lpServiceStatus);
+ if(!ret)
+ {
+ verbose("%s: ERROR: Failure stopping service (%s) before removing it (%ld).", ARGV0, g_lpszServiceName, GetLastError());
+ }
+ else
+ {
+ verbose("%s: INFO: Successfully stopped (%s).", ARGV0, g_lpszServiceName);
+ }
+ }
+ else
{
- CloseServiceHandle(schService);
- CloseServiceHandle(schSCManager);
+ verbose("%s: INFO: Found (%s) service is not running.", ARGV0, g_lpszServiceName);
+ ret = 1;
+ }
- printf(" [%s] Successfully removed from "
- "the Services database.\n", ARGV0);
- return(1);
+ if(ret && DeleteService(schService))
+ {
+ verbose("%s: INFO: Successfully removed (%s) from the service database.", ARGV0, g_lpszServiceName);
+ rc = 1;
}
CloseServiceHandle(schService);
}
+ else
+ {
+ verbose("%s: INFO: Service does not exist (%s) nothing to remove.", ARGV0, g_lpszServiceName);
+ rc = 1;
+ }
CloseServiceHandle(schSCManager);
}
- fprintf(stderr, " [%s] Error removing from "
- "the Services database.\n", ARGV0);
-
- return(0);
+ if(!rc)
+ {
+ verbose("%s: ERROR: Failure removing (%s) from the service database.", ARGV0, g_lpszServiceName);
+ }
+
+ return(rc);
}
ossecServiceStatus.dwCheckPoint = 0;
ossecServiceStatus.dwWaitHint = 0;
- verbose("%s: Received exit signal.", ARGV0);
+ verbose("%s: INFO: Received exit signal.", ARGV0);
SetServiceStatus (ossecServiceStatusHandle, &ossecServiceStatus);
- verbose("%s: Exiting...", ARGV0);
+ verbose("%s: INFO: Exiting...", ARGV0);
return;
default:
break;
}
return;
}
-
+
/** void WinSetError()
- * Sets the error code in the services
+ * Sets the error code in the service
*/
void WinSetError()
{
OssecServiceCtrlHandler(SERVICE_CONTROL_STOP);
}
-
+
/** int os_WinMain(int argc, char **argv)
* Initializes OSSEC dispatcher
*/
-int os_WinMain(int argc, char **argv)
+int os_WinMain(int argc, char **argv)
{
SERVICE_TABLE_ENTRY steDispatchTable[] =
{
if(!StartServiceCtrlDispatcher(steDispatchTable))
{
- merror("%s: Unable to set service information.", ARGV0);
+ verbose("%s: INFO: Unable to set service information.", ARGV0);
return(1);
}
ossecServiceStatus.dwCheckPoint = 0;
ossecServiceStatus.dwWaitHint = 0;
- ossecServiceStatusHandle =
- RegisterServiceCtrlHandler(g_lpszServiceName,
+ ossecServiceStatusHandle =
+ RegisterServiceCtrlHandler(g_lpszServiceName,
OssecServiceCtrlHandler);
if (ossecServiceStatusHandle == (SERVICE_STATUS_HANDLE)0)
{
- merror("%s: RegisterServiceCtrlHandler failed.", ARGV0);
+ verbose("%s: INFO: RegisterServiceCtrlHandler failed.", ARGV0);
return;
}
if (!SetServiceStatus(ossecServiceStatusHandle, &ossecServiceStatus))
{
- merror("%s: SetServiceStatus error.", ARGV0);
+ verbose("%s: INFO: SetServiceStatus error.", ARGV0);
return;
}