📄 snmpelpt.cpp
字号:
Notes:
--*/
{
if (DelStrs)
{
WriteTrace(0x00,"FreeArrays: Freeing storage for strings and string length arrays\n");
for (UINT j=0; j < nCount+5; j++)
{
if (lpStrLenArray[j] != 0)
{
WriteTrace(0x0a,"FreeArrays: Freeing string storage at address %08X\n",
lpStringArray[j]);
SNMP_free(lpStringArray[j]);
}
}
WriteTrace(0x0a,"FreeArrays: Freeing storage for string array %08X\n", lpStringArray);
SNMP_free(lpStringArray);
}
else
WriteTrace(0x00,"FreeArrays: Freeing storage for string length array only\n");
WriteTrace(0x0a,"FreeArrays: Freeing storage for string length array %08X\n", lpStrLenArray);
SNMP_free(lpStrLenArray);
return;
}
VOID
FreeVarBind(
IN UINT count,
IN RFC1157VarBindList *varBind
)
/*++
Routine Description:
FreeVarBind will free the storage allocated to the indicated varbind and associated
varbind list.
Arguments:
count - Number of entries to free.
varBind - Pointer to the varbind list structure.
Return Value:
None.
--*/
{
UINT j; // counter
WriteTrace(0x0a,"FreeVarBind: Entering FreeVarBind routine\n");
WriteTrace(0x00,"FreeVarBind: Varbind list is %08X\n", varBind);
WriteTrace(0x00,"FreeVarBind: varBind->list is %08X\n", varBind->list);
for (j=0; j < count; j++)
{
WriteTrace(0x00,"FreeVarBind: Freeing OID #%lu ids at %08X\n", j, &varBind->list[j].name.ids);
SNMP_free((&varBind->list[j].name)->ids);
WriteTrace(0x00,"FreeVarBind: Freeing varbind stream #%lu at %08X\n", j, &varBind->list[j].value.asnValue.string.stream);
SNMP_free((&varBind->list[j].value.asnValue.string)->stream);
//22 May 96****************************************************************************************************
//Varbind was allocated as an array in BuildTrapBuffer and so one SNMP_free should be called after this method
// WriteTrace(0x0a,"FreeVarBind: Freeing varbind %lu at %08X\n",
// j, &varBind->list[j]);
// SnmpUtilVarBindFree(&varBind->list[j]);
}
//22 May 96***************************************************************************************************
//Let the procedure that calls this procedure delete the varBind object
// WriteTrace(0x0a,"FreeVarBind: Freeing varbind list %08X\n", varBind);
// SnmpUtilVarBindListFree(varBind);
WriteTrace(0x0a,"FreeVarBind: Exiting FreeVarBind routine\n");
return; // exit
}
UINT
TrimTrap(
IN OUT RFC1157VarBindList *varBind,
IN OUT UINT size,
IN BOOL fTrimMessage
)
/*++
Routine Description:
TrimTrap will trim the trap in order to keep the trap size below 4096 bytes (SNMP
maximum packet size). The global trim flag will be used to determine if data should be
trimmed or omitted.
Arguments:
varBind - Pointer to the varbind list structure.
size - Current size, upon entry, of the entire trap structure.
Return Value:
None.
Notes:
This routine does not correctly trim the trap data. Microsoft indicated that this routine
currently was not required, thus no calls are being made to this routine.
--*/
{
UINT i; // counter
UINT nTrim; // temporary variable
UINT nVarBind; // temporary variable
WriteTrace(0x0a,"TrimTrap: Entering TrimTrap routine\n");
nTrim = size - nMaxTrapSize; // see how much we have to trim
WriteTrace(0x00,"TrimTrap: Trimming %lu bytes\n", nTrim);
WriteTrace(0x00,"TrimTrap: Trap size is %lu bytes\n", size);
if (fTrimMessage) // if we're trimming the message text first
{
WriteTrace(0x0a,"TrimTrap: Registry values indicate EventLog text to be trimmed first\n");
nVarBind = varBind->list[0].value.asnValue.string.length;
if (nVarBind > nTrim)
{
WriteTrace(0x0a,"TrimTrap: EventLog text size is greater than amount to trim. Trimming EventLog text only\n");
WriteTrace(0x00,"TrimTrap: EventLog text size is %lu, trim amount is %lu\n",
nVarBind, nTrim);
varBind->list[0].value.asnValue.string.length -= nTrim;
*(varBind->list[0].value.asnValue.string.stream + nVarBind + 1) = '\0'; // add null pointer for tracing
WriteTrace(0x00,"TrimTrap: New EventLog text is %s\n",
varBind->list[0].value.asnValue.string.stream);
WriteTrace(0x0a,"TrimTrap: Exiting TrimTrap routine\n");
size -= nTrim; // drop by length of string
return(size); // exit
}
WriteTrace(0x0a,"TrimTrap: EventLog text size is less than or equal to the amount to trim. Zeroing varbinds.\n");
WriteTrace(0x0a,"TrimTrap: Zeroing EventLog text.\n");
size -= nVarBind;
WriteTrace(0x00,"TrimTrap: Trimming off %lu bytes from EventLog text.\n", nVarBind);
WriteTrace(0x00,"TrimTrap: New size is now %lu bytes.\n", size);
varBind->list[0].value.asnValue.string.length = 0;
*(varBind->list[0].value.asnValue.string.stream) = '\0'; // make it null
i = varBind->len-1; // set index counter
while (size > nMaxTrapSize && i != 0)
{
nVarBind = varBind->list[i].value.asnValue.string.length;
WriteTrace(0x0a,"TrimTrap: Trap size is %lu, max size is %lu. Zeroing varbind entry %lu of size %lu.\n",
size, nMaxTrapSize, i, nVarBind);
size -= nVarBind;
varBind->list[i].value.asnValue.string.length = 0; // set length
*(varBind->list[i--].value.asnValue.string.stream) = '\0'; // make it null
}
WriteTrace(0x0a,"TrimTrap: Trap size is now %lu.\n", size);
if (size > nMaxTrapSize)
{
WriteTrace(0x14,"TrimTrap: All varbinds have been zeroed, but trap still too large.\n");
WriteLog(SNMPELEA_TRIM_FAILED);
return(0); // exit
}
return(size); // exit
}
else
{
WriteTrace(0x0a,"TrimTrap: Registry values indicate varbind insertion strings to be trimmed first\n");
i = varBind->len-1; // set index counter
while ( (size > nMaxTrapSize) && (i != 0) )
{
nVarBind = varBind->list[i].value.asnValue.string.length;
WriteTrace(0x0a,"TrimTrap: Trap size is %lu, max size is %lu. Zeroing varbind entry %lu of size %lu.\n",
size, nMaxTrapSize, i, nVarBind);
size -= nVarBind;
varBind->list[i].value.asnValue.string.length = 0; // set length
*(varBind->list[i--].value.asnValue.string.stream) = '\0'; // make it null
}
if (size <= nMaxTrapSize)
{
WriteTrace(0x0a,"TrimTrap: Trap size is now %lu.\n", size);
WriteTrace(0x0a,"TrimTrap: Exiting TrimTrap routine\n");
return(size);
}
nVarBind = varBind->list[0].value.asnValue.string.length; // get length of event log text
WriteTrace(0x0a,"TrimTrap: All insertion strings removed. Only EventLog text remains of size %lu.\n",
nVarBind);
nTrim = size - nMaxTrapSize; // compute how much to trim
WriteTrace(0x00,"TrimTrap: Need to trim %lu bytes from Event Log text.\n", nTrim);
if (nVarBind < nTrim)
{
WriteTrace(0x14,"TrimTrap: Data to be trimmed exceeds data in trap.\n");
WriteLog(SNMPELEA_TRIM_FAILED);
return(0);
}
varBind->list[0].value.asnValue.string.length -= nTrim;
WriteTrace(0x00,"TrimTrap: EventLog text string length is now %lu\n",
varBind->list[0].value.asnValue.string.length);
*(varBind->list[0].value.asnValue.string.stream + nVarBind + 1) = '\0'; // add null pointer for tracing
WriteTrace(0x00,"TrimTrap: New EventLog text is %s\n",
varBind->list[0].value.asnValue.string.stream);
size -= nTrim; // drop by length of string
WriteTrace(0x0a,"TrimTrap: Trap size is now %lu.\n", size);
WriteTrace(0x0a,"TrimTrap: Exiting TrimTrap routine\n");
return(size); // exit
}
WriteTrace(0x0a,"TrimTrap: Exiting TrimTrap routine. Default return.\n");
return(size); // exit
}
BOOL
BuildTrapBuffer(
IN PEVENTLOGRECORD EventBuffer, // Event Record from Event Log
IN REGSTRUCT rsRegStruct, // Registry information structure
IN LPTSTR lpszLogFile, // log file name for event
IN HMODULE hPrimModule // handle to secondary parameter module
)
/*++
Routine Description:
This routine will build the buffer that contains the variable bindings for the
trap data to be sent. Coordination between this routine and the trap sending thread
is done with a MUTEX object. This thread will block until the object can be acquired
or until it is notified that the agent DLL is terminating.
Arguments:
EventBuffer - This is a pointer to a buffer containing the event log text.
rsRegStruct - This is a structure containing registry information that relates
to the information contained on the event log buffer.
lpszLogFile - The name of the log file read for this event. Used to read the
registry to get the message file DLL and then to acquire the text
of the message for this event id.
hPrimModule - Handle to the module loaded for secondary parameter insertions for
secondary insertion strings. This is the PrimaryModule as specified
in the registry for each log file.
Return Value:
TRUE - A trap buffer was successfully built and added to the queue.
FALSE - A trap buffer could not be constructed or the DLL is terminating.
Notes:
--*/
{
LONG lastError; // return code from GetLastError
TCHAR szXMsgModuleName[MAX_PATH+1]; // space for DLL message module
TCHAR szMsgModuleName[MAX_PATH+1]; // space for expanded DLL message module
DWORD nFile = MAX_PATH+1; // max size for DLL message module name
DWORD dwType; // type of message module name
DWORD status; // status from registry calls
DWORD cbExpand; // byte count for REG_EXPAND_SZ parameters
HKEY hkResult; // handle to registry information
HINSTANCE hMsgModule; // handle to message module DLL
LPTSTR *lpStringArray; // pointer to array of strings
PUINT lpStrLenArray; // pointer to array of string lengths
LPTSTR lpszSource; // pointer to source name
PSID psidUserSid; // pointer to user sid
LPTSTR lpszString; // pointer to inserted strings
UINT size; // size of trap buffer
UINT nStringSize; // temporary field
UINT nBytes; // temporary field
UINT i, j; // temporary counters
TCHAR lpszLog[MAX_PATH+1]; // temporary registry name
LPTSTR lpBuffer; // pointer to event log text
DWORD cchReferencedDomain = MAX_PATH*2+1; // size of referenced domain
TCHAR lpszReferencedDomain[MAX_PATH+1]; // referenced domain
TCHAR szTempBuffer[MAX_PATH*2+1]; // temporary buffer
DWORD nBuffer; // temporary size field
SID_NAME_USE snu; // SID name use field
PVarBindQueue varBindEntry; // pointer to varbind queue entry
PSourceHandleList lpsource; //pointer to source/handle list
TCHAR szTempBuffer2[MAX_PATH*2+1];
WriteTrace(0x0a,"BuildTrapBuffer: Entering BuildTrapBuffer\n");
if (fThresholdEnabled && fThreshold)
{
WriteTrace(0x0a,"BuildTrapBuffer: Performance threshold flag is on. No data will be processed.\n");
WriteTrace(0x0a,"BuildTrapBuffer: Exiting BuildTrapBuffer function with FALSE\n");
return(FALSE);
}
WriteTrace(0x00,"BuildTrapBuffer: Notify event handle is %08X\n", hEventNotify);
nBuffer = MAX_PATH*2+1; // reset length field to default
lpszSource = (LPTSTR) EventBuffer + EVENTRECSIZE; // point to source name
psidUserSid = (PSID) ( (LPTSTR) EventBuffer + EventBuffer->UserSidOffset); // point to user sid
lpszString = (LPTSTR) EventBuffer + EventBuffer->StringOffset; // point to first string
WriteTrace(0x00,"BuildTrapBuffer: Source name is %s, length is %u\n", lpszSource, strlen(lpszSource));
WriteTrace(0x00,"BuildTrapBuffer: Computer name is %s, length is %u\n",
lpszSource+strlen(lpszSource)+1, strlen(lpszSource+strlen(lpszSource)+1) );
WriteTrace(0x00,"BuildTrapBuffer: Pointer to User SID is %08X\n", psidUserSid);
WriteTrace(0x00,"BuildTrapBuffer: First inserted string is %s\n", lpszString);
strcpy(lpszLog, EVENTLOG_BASE); // copy base registry name
strcat(lpszLog, lpszLogFile); // add on the log file name read
strcat(lpszLog, TEXT("\\")); // tack on backslash
strcat(lpszLog, lpszSource); // add on the source name
WriteTrace(0x0a,"BuildTrapBuffer: Opening registry for message module for %s\n", lpszLog);
if ( (status = RegOpenKeyEx( // open the registry to read the name
HKEY_LOCAL_MACHINE, // of the message module DLL
lpszLog, // registry key to open
0,
KEY_READ,
&hkResult) ) != ERROR_SUCCESS)
{
WriteTrace(0x14,"BuildTrapBuffer: Unable to open EventLog service registry key %s; RegOpenKeyEx returned %lu\n",
lpszLog, status); // write trace event record
WriteLog(SNMPELEA_CANT_OPEN_REGISTRY_MSG_DLL, lpszLog, status);
WriteTrace(0x0a,"BuildTrapBuffer: Exiting BuildTrapBuffer with FALSE\n");
return(FALSE); // return
}
if ( (status = RegQueryValueEx( // look up module name
hkResult, // handle to registry key
EXTENSION_MSG_MODULE, // key to look up
0, // ignored
&dwType, // address to return type value
(LPBYTE) szXMsgModuleName, // where to return message module name
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -