From d4a0223be9839bf01e060ac53f5a0f58d94e67d1 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Wed, 8 May 2019 10:11:00 +0200
Subject: ringlogger: add a basic CLI log dumping command

---
 main.go                    | 15 +++++++++++
 ringlogger/dump_windows.go | 62 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 77 insertions(+)
 create mode 100644 ringlogger/dump_windows.go

diff --git a/main.go b/main.go
index f7c10f32..1e06d626 100644
--- a/main.go
+++ b/main.go
@@ -28,6 +28,7 @@ var flags = [...]string{
 	"/managerservice",
 	"/tunnelservice CONFIG_PATH",
 	"/ui CMD_READ_HANDLE CMD_WRITE_HANDLE CMD_EVENT_HANDLE LOG_MAPPING_HANDLE",
+	"/dumplog OUTPUT_PATH",
 }
 
 //sys messageBoxEx(hwnd windows.Handle, text *uint16, title *uint16, typ uint, languageId uint16) = user32.MessageBoxExW
@@ -205,6 +206,20 @@ func main() {
 		service.InitializeIPCClient(readPipe, writePipe, eventPipe)
 		ui.RunUI()
 		return
+	case "/dumplog":
+		if len(os.Args) != 3 {
+			usage()
+		}
+		file, err := os.Create(os.Args[2])
+		if err != nil {
+			fatal(err)
+		}
+		defer file.Close()
+		err = ringlogger.DumpTo(file, true)
+		if err != nil {
+			fatal(err)
+		}
+		return
 	}
 	usage()
 }
diff --git a/ringlogger/dump_windows.go b/ringlogger/dump_windows.go
new file mode 100644
index 00000000..1ee1f016
--- /dev/null
+++ b/ringlogger/dump_windows.go
@@ -0,0 +1,62 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2019 WireGuard LLC. All Rights Reserved.
+ */
+
+package ringlogger
+
+import (
+	"golang.org/x/sys/windows"
+	"golang.org/x/sys/windows/registry"
+	"golang.zx2c4.com/wireguard/windows/conf"
+	"io"
+	"os"
+	"path"
+)
+
+func DumpTo(out io.Writer, localSystem bool) error {
+	var filepath string
+	if !localSystem {
+		root, err := conf.RootDirectory()
+		if err != nil {
+			return err
+		}
+		filepath = path.Join(root, "log.bin")
+	} else {
+		k, err := registry.OpenKey(registry.LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\S-1-5-18", registry.QUERY_VALUE)
+		if err != nil {
+			return err
+		}
+		defer k.Close()
+
+		systemprofile, _, err := k.GetStringValue("ProfileImagePath")
+		if err != nil {
+			return err
+		}
+		systemprofile, err = registry.ExpandString(systemprofile)
+		if err != nil {
+			return err
+		}
+		filepath = path.Join(systemprofile, "AppData", "Local", "WireGuard", "log.bin")
+	}
+	file, err := os.Open(filepath)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+	mapping, err := windows.CreateFileMapping(windows.Handle(file.Fd()), nil, windows.PAGE_READONLY, 0, 0, nil)
+	if err != nil {
+		return err
+	}
+	rl, err := newRingloggerFromMappingHandle(mapping, "DMP", windows.FILE_MAP_READ)
+	if err != nil {
+		windows.CloseHandle(mapping)
+		return err
+	}
+	defer rl.Close()
+	_, err = rl.WriteTo(out)
+	if err != nil {
+		return err
+	}
+	return nil
+}
-- 
cgit v1.2.3-59-g8ed1b