X-Git-Url: http://ftp.carnet.hr/pub/carnet-debian/scm?a=blobdiff_plain;f=src%2Fwin32%2Fwin_service.c;h=b7451f9e30076c1f4acb0c3cd863280e06db99b6;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=d17d7b8a0f1d3c40e328ca1e327bf2746ab2d0d5;hpb=301048b51990573e58a30dc4a5bb4ec285cad554;p=ossec-hids.git diff --git a/src/win32/win_service.c b/src/win32/win_service.c old mode 100755 new mode 100644 index d17d7b8..b7451f9 --- a/src/win32/win_service.c +++ b/src/win32/win_service.c @@ -1,5 +1,3 @@ -/* @(#) $Id$ */ - /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. * @@ -7,12 +5,8 @@ * and/or modify it under the terms of the GNU General Public * License (version 2) as published by the FSF - Free Software * Foundation. - * - * License details at the LICENSE file included with OSSEC or - * online at: http://www.ossec.net/en/licensing.html */ - #ifdef WIN32 #include "shared.h" @@ -24,154 +18,128 @@ #endif static LPTSTR g_lpszServiceName = "OssecSvc"; -static LPTSTR g_lpszServiceDisplayName = "OSSEC Hids"; -static LPTSTR g_lpszServiceDescription = "OSSEC Hids Windows Agent"; +static LPTSTR g_lpszServiceDisplayName = "OSSEC HIDS"; +static LPTSTR g_lpszServiceDescription = "OSSEC HIDS Windows Agent"; static SERVICE_STATUS ossecServiceStatus; static SERVICE_STATUS_HANDLE ossecServiceStatusHandle; -/* ServiceStart */ void WINAPI OssecServiceStart (DWORD argc, LPTSTR *argv); - -/* os_start_service: Starts ossec service */ +/* Start OSSEC-HIDS service */ int os_start_service() { int rc = 0; SC_HANDLE schSCManager, schService; - - /* Removing from the services database */ + /* Start the database */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (schSCManager) - { - schService = OpenService(schSCManager,g_lpszServiceName, + if (schSCManager) { + schService = OpenService(schSCManager, g_lpszServiceName, SC_MANAGER_ALL_ACCESS); - if(schService) - { - - if(StartService(schService, 0, NULL)) - { + if (schService) { + if (StartService(schService, 0, NULL)) { rc = 1; - } - else - { - if(GetLastError() == ERROR_SERVICE_ALREADY_RUNNING) - { + } else { + if (GetLastError() == ERROR_SERVICE_ALREADY_RUNNING) { rc = -1; } } - + CloseServiceHandle(schService); } CloseServiceHandle(schSCManager); } - return(rc); + return (rc); } - -/* os_start_service: Starts ossec service */ +/* Stop OSSEC-HIDS service */ int os_stop_service() { int rc = 0; SC_HANDLE schSCManager, schService; - - /* Removing from the services database */ + /* Stop the service database */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (schSCManager) - { - schService = OpenService(schSCManager,g_lpszServiceName, + if (schSCManager) { + schService = OpenService(schSCManager, g_lpszServiceName, SC_MANAGER_ALL_ACCESS); - if(schService) - { + if (schService) { SERVICE_STATUS lpServiceStatus; - - if(ControlService(schService, - SERVICE_CONTROL_STOP, &lpServiceStatus)) - { + + if (ControlService(schService, SERVICE_CONTROL_STOP, &lpServiceStatus)) { rc = 1; } - + CloseServiceHandle(schService); } CloseServiceHandle(schSCManager); } - return(rc); + return (rc); } - -/* int QueryService(): Checks if service is running. */ +/* Check if the OSSEC-HIDS agent service is running + * Returns 1 on success (running) or 0 if not running + */ int CheckServiceRunning() { int rc = 0; SC_HANDLE schSCManager, schService; - - /* Removing from the services database */ + /* Check service status */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (schSCManager) - { - schService = OpenService(schSCManager,g_lpszServiceName, + if (schSCManager) { + schService = OpenService(schSCManager, g_lpszServiceName, SC_MANAGER_ALL_ACCESS); - if(schService) - { - /* Checking status */ + if (schService) { + /* Check status */ SERVICE_STATUS lpServiceStatus; - - if(QueryServiceStatus(schService, &lpServiceStatus)) - { - if(lpServiceStatus.dwCurrentState == SERVICE_RUNNING) - { + + if (QueryServiceStatus(schService, &lpServiceStatus)) { + if (lpServiceStatus.dwCurrentState == SERVICE_RUNNING) { rc = 1; } } CloseServiceHandle(schService); } - + CloseServiceHandle(schSCManager); } - return(rc); + return (rc); } - -/* int InstallService() - * Install the OSSEC HIDS agent service. - */ +/* Install the OSSEC-HIDS agent service */ int InstallService(char *path) { - char buffer[MAX_PATH+1]; - + int ret; SC_HANDLE schSCManager, schService; LPCTSTR lpszBinaryPathName = NULL; SERVICE_DESCRIPTION sdBuf; - - - /* Cleaning up some variables */ - buffer[MAX_PATH] = '\0'; - - - /* Executable path -- it must be called with the - * full path - */ + + /* Uninstall service (if it exists) */ + if (!UninstallService()) { + verbose("%s: ERROR: Failure running UninstallService().", ARGV0); + return (0); + } + + /* Executable path -- it must be called with the full path */ lpszBinaryPathName = path; - - /* Opening the services database */ - schSCManager = OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS); - if (schSCManager == NULL) - { + /* Opening the service database */ + schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); + + if (schSCManager == NULL) { goto install_error; } - /* Creating the service */ - schService = CreateService(schSCManager, + /* Create the service */ + schService = CreateService(schSCManager, g_lpszServiceName, g_lpszServiceDisplayName, SERVICE_ALL_ACCESS, @@ -180,31 +148,31 @@ int InstallService(char *path) SERVICE_ERROR_NORMAL, lpszBinaryPathName, NULL, NULL, NULL, NULL, NULL); - - if (schService == NULL) - { + + if (schService == NULL) { + CloseServiceHandle(schSCManager); goto install_error; } - /* Setting description */ + /* Set description */ sdBuf.lpDescription = g_lpszServiceDescription; - if(!ChangeServiceConfig2(schService, SERVICE_CONFIG_DESCRIPTION, &sdBuf)) - { - goto install_error; - } - + ret = ChangeServiceConfig2(schService, SERVICE_CONFIG_DESCRIPTION, &sdBuf); + CloseServiceHandle(schService); CloseServiceHandle(schSCManager); - printf(" [%s] Successfully added to the Services database.\n", ARGV0); - return(1); + /* Check for errors */ + if (!ret) { + goto install_error; + } + verbose("%s: INFO: Successfully added to the service database.", ARGV0); + return (1); - install_error: - { +install_error: { char local_msg[1025]; LPVOID lpMsgBuf; - + memset(local_msg, 0, 1025); FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | @@ -217,125 +185,115 @@ int InstallService(char *path) 0, NULL); - merror(local_msg, 1024, "[%s] Unable to create registry " - "entry: %s", ARGV0,(LPCTSTR)lpMsgBuf); - return(0); + verbose("%s: ERROR: Unable to create service entry: %s", ARGV0, (LPCTSTR)lpMsgBuf); + return (0); } } - -/* int UninstallService() - * Uninstall the OSSEC HIDS agent service. - */ -int UninstallService() +/* Uninstall the OSSEC-HIDS agent service */ +int UninstallService() { + int ret; + int rc = 0; SC_HANDLE schSCManager, schService; + SERVICE_STATUS lpServiceStatus; - - /* Removing from the services database */ + /* Remove from the service database */ schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (schSCManager) - { - schService = OpenService(schSCManager,g_lpszServiceName,DELETE); - if(schService) - { - if (DeleteService(schService)) - - { - CloseServiceHandle(schService); - CloseServiceHandle(schSCManager); - - printf(" [%s] Successfully removed from " - "the Services database.\n", ARGV0); - return(1); + if (schSCManager) { + schService = OpenService(schSCManager, g_lpszServiceName, SERVICE_STOP | DELETE); + if (schService) { + if (CheckServiceRunning()) { + verbose("%s: INFO: Found (%s) service is running going to try and stop it.", ARGV0, g_lpszServiceName); + ret = ControlService(schService, SERVICE_CONTROL_STOP, &lpServiceStatus); + if (!ret) { + verbose("%s: ERROR: Failure stopping service (%s) before removing it (%ld).", ARGV0, g_lpszServiceName, GetLastError()); + } else { + verbose("%s: INFO: Successfully stopped (%s).", ARGV0, g_lpszServiceName); + } + } else { + verbose("%s: INFO: Found (%s) service is not running.", ARGV0, g_lpszServiceName); + ret = 1; + } + + if (ret && DeleteService(schService)) { + verbose("%s: INFO: Successfully removed (%s) from the service database.", ARGV0, g_lpszServiceName); + rc = 1; } CloseServiceHandle(schService); + } else { + verbose("%s: INFO: Service does not exist (%s) nothing to remove.", ARGV0, g_lpszServiceName); + rc = 1; } CloseServiceHandle(schSCManager); } - fprintf(stderr, " [%s] Error removing from " - "the Services database.\n", ARGV0); - - return(0); -} - + if (!rc) { + verbose("%s: ERROR: Failure removing (%s) from the service database.", ARGV0, g_lpszServiceName); + } + return (rc); +} -/** VOID WINAPI OssecServiceCtrlHandler (DWORD dwOpcode) - * "Signal" handler - */ +/* "Signal" handler */ VOID WINAPI OssecServiceCtrlHandler(DWORD dwOpcode) { - switch(dwOpcode) - { + switch (dwOpcode) { case SERVICE_CONTROL_STOP: ossecServiceStatus.dwCurrentState = SERVICE_STOPPED; ossecServiceStatus.dwWin32ExitCode = 0; ossecServiceStatus.dwCheckPoint = 0; ossecServiceStatus.dwWaitHint = 0; - verbose("%s: Received exit signal.", ARGV0); + verbose("%s: INFO: Received exit signal.", ARGV0); SetServiceStatus (ossecServiceStatusHandle, &ossecServiceStatus); - verbose("%s: Exiting...", ARGV0); + verbose("%s: INFO: Exiting...", ARGV0); return; default: break; } return; } - -/** void WinSetError() - * Sets the error code in the services - */ +/* Set the error code in the service */ void WinSetError() { OssecServiceCtrlHandler(SERVICE_CONTROL_STOP); } - -/** int os_WinMain(int argc, char **argv) - * Initializes OSSEC dispatcher - */ -int os_WinMain(int argc, char **argv) +/* Initialize OSSEC-HIDS dispatcher */ +int os_WinMain(__attribute__((unused)) int argc, __attribute__((unused)) char **argv) { - SERVICE_TABLE_ENTRY steDispatchTable[] = - { + SERVICE_TABLE_ENTRY steDispatchTable[] = { { g_lpszServiceName, OssecServiceStart }, { NULL, NULL } }; - if(!StartServiceCtrlDispatcher(steDispatchTable)) - { - merror("%s: Unable to set service information.", ARGV0); - return(1); + if (!StartServiceCtrlDispatcher(steDispatchTable)) { + verbose("%s: INFO: Unable to set service information.", ARGV0); + return (1); } - return(1); + return (1); } - -/** void WINAPI OssecServiceStart (DWORD argc, LPTSTR *argv) - * Starts OSSEC service - */ -void WINAPI OssecServiceStart (DWORD argc, LPTSTR *argv) +/* Start OSSEC service */ +void WINAPI OssecServiceStart (__attribute__((unused)) DWORD argc, __attribute__((unused)) LPTSTR *argv) { ossecServiceStatus.dwServiceType = SERVICE_WIN32; ossecServiceStatus.dwCurrentState = SERVICE_START_PENDING; ossecServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP; ossecServiceStatus.dwWin32ExitCode = 0; - ossecServiceStatus.dwServiceSpecificExitCode= 0; + ossecServiceStatus.dwServiceSpecificExitCode = 0; ossecServiceStatus.dwCheckPoint = 0; ossecServiceStatus.dwWaitHint = 0; - ossecServiceStatusHandle = - RegisterServiceCtrlHandler(g_lpszServiceName, + ossecServiceStatusHandle = + RegisterServiceCtrlHandler(g_lpszServiceName, OssecServiceCtrlHandler); - if (ossecServiceStatusHandle == (SERVICE_STATUS_HANDLE)0) - { - merror("%s: RegisterServiceCtrlHandler failed.", ARGV0); + if (ossecServiceStatusHandle == (SERVICE_STATUS_HANDLE)0) { + verbose("%s: INFO: RegisterServiceCtrlHandler failed.", ARGV0); return; } @@ -343,19 +301,15 @@ void WINAPI OssecServiceStart (DWORD argc, LPTSTR *argv) ossecServiceStatus.dwCheckPoint = 0; ossecServiceStatus.dwWaitHint = 0; - if (!SetServiceStatus(ossecServiceStatusHandle, &ossecServiceStatus)) - { - merror("%s: SetServiceStatus error.", ARGV0); + if (!SetServiceStatus(ossecServiceStatusHandle, &ossecServiceStatus)) { + verbose("%s: INFO: SetServiceStatus error.", ARGV0); return; } - - #ifdef OSSECHIDS - /* Starting process */ +#ifdef OSSECHIDS + /* Start process */ local_start(); - #endif +#endif } - -#endif -/* EOF */ +#endif /* WIN32 */