From 1f29896e9edbd0fe7105e98006f4b4ca2436cf3b Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Wed, 8 May 2019 10:11:00 +0200 Subject: ringlogger: add a basic CLI log dumping command Signed-off-by: Jason A. Donenfeld --- ringlogger/dump_windows.go | 62 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 ringlogger/dump_windows.go (limited to 'ringlogger/dump_windows.go') diff --git a/ringlogger/dump_windows.go b/ringlogger/dump_windows.go new file mode 100644 index 00000000..1ee1f016 --- /dev/null +++ b/ringlogger/dump_windows.go @@ -0,0 +1,62 @@ +/* SPDX-License-Identifier: MIT + * + * Copyright (C) 2019 WireGuard LLC. All Rights Reserved. + */ + +package ringlogger + +import ( + "golang.org/x/sys/windows" + "golang.org/x/sys/windows/registry" + "golang.zx2c4.com/wireguard/windows/conf" + "io" + "os" + "path" +) + +func DumpTo(out io.Writer, localSystem bool) error { + var filepath string + if !localSystem { + root, err := conf.RootDirectory() + if err != nil { + return err + } + filepath = path.Join(root, "log.bin") + } else { + k, err := registry.OpenKey(registry.LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\S-1-5-18", registry.QUERY_VALUE) + if err != nil { + return err + } + defer k.Close() + + systemprofile, _, err := k.GetStringValue("ProfileImagePath") + if err != nil { + return err + } + systemprofile, err = registry.ExpandString(systemprofile) + if err != nil { + return err + } + filepath = path.Join(systemprofile, "AppData", "Local", "WireGuard", "log.bin") + } + file, err := os.Open(filepath) + if err != nil { + return err + } + defer file.Close() + mapping, err := windows.CreateFileMapping(windows.Handle(file.Fd()), nil, windows.PAGE_READONLY, 0, 0, nil) + if err != nil { + return err + } + rl, err := newRingloggerFromMappingHandle(mapping, "DMP", windows.FILE_MAP_READ) + if err != nil { + windows.CloseHandle(mapping) + return err + } + defer rl.Close() + _, err = rl.WriteTo(out) + if err != nil { + return err + } + return nil +} -- cgit v1.2.3-59-g8ed1b