Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

210 lines
5.8 KiB

  1. /******************************************************************************
  2. *
  3. * Copyright (c) 2000 Microsoft Corporation
  4. *
  5. * Module Name:
  6. * chglog.cpp
  7. *
  8. * Abstract:
  9. * Tool for enumerating the change log - forward/reverse
  10. *
  11. * Revision History:
  12. * Brijesh Krishnaswami (brijeshk) 04/09/2000
  13. * created
  14. * SHeffner: Just grabbed the code, and put it into SRDiag.
  15. *
  16. *****************************************************************************/
  17. //+---------------------------------------------------------------------------
  18. //
  19. // Common Includes
  20. //
  21. //----------------------------------------------------------------------------
  22. #include <nt.h>
  23. #include <ntrtl.h>
  24. #include <nturtl.h>
  25. #include <windows.h>
  26. #include <stdio.h>
  27. #include "srapi.h"
  28. #include <shellapi.h>
  29. #include "enumlogs.h"
  30. #include "srrpcapi.h"
  31. //+---------------------------------------------------------------------------
  32. //
  33. // Function proto typing
  34. //
  35. //----------------------------------------------------------------------------
  36. LPWSTR GetEventString(DWORD EventId);
  37. void EnumLog(char *szFileName, WCHAR *szDrive);
  38. struct _EVENT_STR_MAP
  39. {
  40. DWORD EventId;
  41. LPWSTR pEventStr;
  42. } EventMap[ 13 ] =
  43. {
  44. {SrEventInvalid , L"INVALID" },
  45. {SrEventStreamChange, L"FILE-MODIFY" },
  46. {SrEventAclChange, L"ACL-CHANGE" },
  47. {SrEventAttribChange, L"ATTR-CHANGE" },
  48. {SrEventStreamOverwrite,L"FILE-MODIFY" },
  49. {SrEventFileDelete, L"FILE-DELETE" },
  50. {SrEventFileCreate, L"FILE-CREATE" },
  51. {SrEventFileRename, L"FILE-RENAME" },
  52. {SrEventDirectoryCreate,L"DIR-CREATE" },
  53. {SrEventDirectoryRename,L"DIR-RENAME" },
  54. {SrEventDirectoryDelete,L"DIR-DELETE" },
  55. {SrEventMountCreate, L"MNT-CREATE" },
  56. {SrEventMountDelete, L"MNT-DELETE" }
  57. };
  58. //+---------------------------------------------------------------------------
  59. //
  60. // Function: GetEventString
  61. //
  62. // Synopsis: Transulates the EventString from the event ID
  63. //
  64. // Arguments: [EventID] -- DWord for the event code
  65. //
  66. // Returns: Pointer to maped string to the event coded
  67. //
  68. // History: 9/21/00 SHeffner Copied from Brijesh
  69. //
  70. //
  71. //----------------------------------------------------------------------------
  72. LPWSTR GetEventString(DWORD EventId)
  73. {
  74. LPWSTR pStr = L"NOT-FOUND";
  75. for( int i=0; i<sizeof(EventMap)/sizeof(_EVENT_STR_MAP);i++)
  76. {
  77. if ( EventMap[i].EventId == EventId )
  78. {
  79. pStr = EventMap[i].pEventStr;
  80. }
  81. }
  82. return pStr;
  83. }
  84. //+---------------------------------------------------------------------------
  85. //
  86. // Function: GetChgLog
  87. //
  88. // Synopsis: Dumps the change log into the file specified
  89. //
  90. // Arguments: [szLogfile] -- ANSI string pointing to the name of the log file
  91. //
  92. // Returns: void
  93. //
  94. // History: 9/21/00 SHeffner created
  95. //
  96. //
  97. //----------------------------------------------------------------------------
  98. void GetChgLog(char *szLogfile)
  99. {
  100. WCHAR szString[_MAX_PATH];
  101. DWORD dLength;
  102. HANDLE hVolume;
  103. dLength = _MAX_PATH;
  104. //Walk through all of the volume's on the system, and then validate that
  105. // this is a fixed drive. Once we have a valid drive then pass this volume to
  106. // the enumeration routine for changelog.
  107. if( INVALID_HANDLE_VALUE != (hVolume = FindFirstVolume( szString, dLength)) )
  108. {
  109. do
  110. {
  111. dLength = _MAX_PATH;
  112. //Check to make sure that this is a fixed volume, and then get the change log, else skip.
  113. if ( DRIVE_FIXED == GetDriveType(szString) )
  114. EnumLog(szLogfile, szString);
  115. } while (TRUE == FindNextVolume(hVolume, szString, dLength) );
  116. }
  117. //Cleanup code
  118. FindVolumeClose(hVolume);
  119. }
  120. //+---------------------------------------------------------------------------
  121. //
  122. // Function: EnumLog
  123. //
  124. // Synopsis: Enumerate the change log for the Volume
  125. //
  126. // Arguments: [szLogfile] -- ANSI string pointing to the name of the log file
  127. // [szDrive] -- WCHAR string, that specifies the volume to gather the log from
  128. //
  129. // Returns: void
  130. //
  131. // History: 9/21/00 SHeffner grabbed from Brijesh, but tweaked to get the rest of the fields
  132. //
  133. //
  134. //----------------------------------------------------------------------------
  135. void EnumLog(char *szFileName, WCHAR *szDrive)
  136. {
  137. DWORD dwTargetRPNum = 0;
  138. HGLOBAL hMem = NULL;
  139. DWORD dwRc, dLength;
  140. FILE *fStream;
  141. WCHAR szMount[_MAX_PATH];
  142. //Open up our logging file
  143. fStream = fopen(szFileName, "a");
  144. //Write header for our Section so that we can see what Volume that we are enumerating
  145. GetVolumePathNamesForVolumeName(szDrive, szMount, _MAX_PATH, &dLength);
  146. fprintf(fStream, "\nChangeLog Enumeration for Drive [%S] Volume %S\n\n", szMount, szDrive);
  147. //Calling the ChangeLogenumeration functions, specifying the drive, Forward through log,
  148. // RP Number start 0, and switch??
  149. CChangeLogEntryEnum ChangeLog(szDrive, TRUE, dwTargetRPNum, TRUE);
  150. CChangeLogEntry cle;
  151. if (ERROR_SUCCESS == ChangeLog.FindFirstChangeLogEntry(cle))
  152. {
  153. do
  154. {
  155. fprintf(fStream,
  156. "RPDir=%S, Drive=%S, SeqNum=%I64ld, EventString=%S, Flags=%lu, Attr=%lu, Acl=%S, AclSize=%lu, AclInline=%lu, Process=%S, ProcName=%S, Path1=%S, Path2=%S, Temp=%S\n",
  157. cle.GetRPDir(),
  158. szMount,
  159. cle.GetSequenceNum(),
  160. GetEventString(cle.GetType()),
  161. cle.GetFlags(),
  162. cle.GetAttributes(),
  163. cle.GetAcl() ? L"Yes" : L"No",
  164. cle.GetAclSize(),
  165. cle.GetAclInline(),
  166. cle.GetProcess() ? cle.GetProcess() : L"NULL",
  167. cle.GetProcName() ? cle.GetProcName() : L"NULL",
  168. cle.GetPath1() ? cle.GetPath1() : L"NULL",
  169. cle.GetPath2() ? cle.GetPath2() : L"NULL",
  170. cle.GetTemp() ? cle.GetTemp() : L"NULL");
  171. dwRc = ChangeLog.FindNextChangeLogEntry(cle);
  172. } while (dwRc == ERROR_SUCCESS);
  173. ChangeLog.FindClose();
  174. }
  175. else
  176. {
  177. fprintf(fStream, "No change log entries\n");
  178. }
  179. //code cleanup
  180. fclose(fStream);
  181. if (hMem) GlobalFree(hMem);
  182. }