ReactOS Development > Doxygen
eventlog.c
Go to the documentation of this file.
00001 /* 00002 * Win32 advapi functions 00003 * 00004 * Copyright 1995 Sven Verdoolaege 00005 * Copyright 1998 Juergen Schmied 00006 * Copyright 2003 Mike Hearn 00007 * Copyright 2007 Hervé Poussineau 00008 * 00009 * This library is free software; you can redistribute it and/or 00010 * modify it under the terms of the GNU Lesser General Public 00011 * License as published by the Free Software Foundation; either 00012 * version 2.1 of the License, or (at your option) any later version. 00013 * 00014 * This library is distributed in the hope that it will be useful, 00015 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00016 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00017 * Lesser General Public License for more details. 00018 * 00019 * You should have received a copy of the GNU Lesser General Public 00020 * License along with this library; if not, write to the Free Software 00021 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 00022 */ 00023 00024 #include <advapi32.h> 00025 WINE_DEFAULT_DEBUG_CHANNEL(advapi); 00026 00027 static RPC_UNICODE_STRING EmptyStringU = { 0, 0, L"" }; 00028 static RPC_STRING EmptyStringA = { 0, 0, "" }; 00029 00030 00031 handle_t __RPC_USER 00032 EVENTLOG_HANDLE_A_bind(EVENTLOG_HANDLE_A UNCServerName) 00033 { 00034 handle_t hBinding = NULL; 00035 UCHAR *pszStringBinding; 00036 RPC_STATUS status; 00037 00038 TRACE("EVENTLOG_HANDLE_A_bind() called\n"); 00039 00040 status = RpcStringBindingComposeA(NULL, 00041 (UCHAR *)"ncacn_np", 00042 (UCHAR *)UNCServerName, 00043 (UCHAR *)"\\pipe\\EventLog", 00044 NULL, 00045 (UCHAR **)&pszStringBinding); 00046 if (status) 00047 { 00048 ERR("RpcStringBindingCompose returned 0x%x\n", status); 00049 return NULL; 00050 } 00051 00052 /* Set the binding handle that will be used to bind to the server. */ 00053 status = RpcBindingFromStringBindingA(pszStringBinding, 00054 &hBinding); 00055 if (status) 00056 { 00057 ERR("RpcBindingFromStringBinding returned 0x%x\n", status); 00058 } 00059 00060 status = RpcStringFreeA(&pszStringBinding); 00061 if (status) 00062 { 00063 ERR("RpcStringFree returned 0x%x\n", status); 00064 } 00065 00066 return hBinding; 00067 } 00068 00069 00070 void __RPC_USER 00071 EVENTLOG_HANDLE_A_unbind(EVENTLOG_HANDLE_A UNCServerName, 00072 handle_t hBinding) 00073 { 00074 RPC_STATUS status; 00075 00076 TRACE("EVENTLOG_HANDLE_A_unbind() called\n"); 00077 00078 status = RpcBindingFree(&hBinding); 00079 if (status) 00080 { 00081 ERR("RpcBindingFree returned 0x%x\n", status); 00082 } 00083 } 00084 00085 00086 handle_t __RPC_USER 00087 EVENTLOG_HANDLE_W_bind(EVENTLOG_HANDLE_W UNCServerName) 00088 { 00089 handle_t hBinding = NULL; 00090 LPWSTR pszStringBinding; 00091 RPC_STATUS status; 00092 00093 TRACE("EVENTLOG_HANDLE_W_bind() called\n"); 00094 00095 status = RpcStringBindingComposeW(NULL, 00096 L"ncacn_np", 00097 (LPWSTR)UNCServerName, 00098 L"\\pipe\\EventLog", 00099 NULL, 00100 &pszStringBinding); 00101 if (status) 00102 { 00103 ERR("RpcStringBindingCompose returned 0x%x\n", status); 00104 return NULL; 00105 } 00106 00107 /* Set the binding handle that will be used to bind to the server. */ 00108 status = RpcBindingFromStringBindingW(pszStringBinding, 00109 &hBinding); 00110 if (status) 00111 { 00112 ERR("RpcBindingFromStringBinding returned 0x%x\n", status); 00113 } 00114 00115 status = RpcStringFreeW(&pszStringBinding); 00116 if (status) 00117 { 00118 ERR("RpcStringFree returned 0x%x\n", status); 00119 } 00120 00121 return hBinding; 00122 } 00123 00124 00125 void __RPC_USER 00126 EVENTLOG_HANDLE_W_unbind(EVENTLOG_HANDLE_W UNCServerName, 00127 handle_t hBinding) 00128 { 00129 RPC_STATUS status; 00130 00131 TRACE("EVENTLOG_HANDLE_W_unbind() called\n"); 00132 00133 status = RpcBindingFree(&hBinding); 00134 if (status) 00135 { 00136 ERR("RpcBindingFree returned 0x%x\n", status); 00137 } 00138 } 00139 00140 00141 /****************************************************************************** 00142 * BackupEventLogA [ADVAPI32.@] 00143 */ 00144 BOOL WINAPI 00145 BackupEventLogA(IN HANDLE hEventLog, 00146 IN LPCSTR lpBackupFileName) 00147 { 00148 ANSI_STRING BackupFileNameA; 00149 UNICODE_STRING BackupFileNameW; 00150 NTSTATUS Status; 00151 BOOL Result; 00152 00153 TRACE("%p, %s\n", hEventLog, lpBackupFileName); 00154 00155 if (lpBackupFileName == NULL) 00156 { 00157 SetLastError(ERROR_INVALID_PARAMETER); 00158 return FALSE; 00159 } 00160 00161 RtlInitAnsiString(&BackupFileNameA, lpBackupFileName); 00162 00163 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW, 00164 &BackupFileNameA, 00165 TRUE); 00166 if (!NT_SUCCESS(Status)) 00167 { 00168 SetLastError(RtlNtStatusToDosError(Status)); 00169 return FALSE; 00170 } 00171 00172 Result = BackupEventLogW(hEventLog, 00173 BackupFileNameW.Buffer); 00174 00175 RtlFreeUnicodeString(&BackupFileNameW); 00176 00177 return(Result); 00178 } 00179 00180 00181 /****************************************************************************** 00182 * BackupEventLogW [ADVAPI32.@] 00183 * 00184 * PARAMS 00185 * hEventLog [] 00186 * lpBackupFileName [] 00187 */ 00188 BOOL WINAPI 00189 BackupEventLogW(IN HANDLE hEventLog, 00190 IN LPCWSTR lpBackupFileName) 00191 { 00192 UNICODE_STRING BackupFileNameW; 00193 NTSTATUS Status; 00194 00195 TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName)); 00196 00197 if (lpBackupFileName == NULL) 00198 { 00199 SetLastError(ERROR_INVALID_PARAMETER); 00200 return FALSE; 00201 } 00202 00203 if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileNameW, 00204 NULL, NULL)) 00205 { 00206 SetLastError(ERROR_INVALID_PARAMETER); 00207 return FALSE; 00208 } 00209 00210 RpcTryExcept 00211 { 00212 Status = ElfrBackupELFW(hEventLog, 00213 (PRPC_UNICODE_STRING)&BackupFileNameW); 00214 } 00215 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00216 { 00217 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00218 } 00219 RpcEndExcept; 00220 00221 RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileNameW.Buffer); 00222 00223 if (!NT_SUCCESS(Status)) 00224 { 00225 SetLastError(RtlNtStatusToDosError(Status)); 00226 return FALSE; 00227 } 00228 00229 return TRUE; 00230 } 00231 00232 00233 /****************************************************************************** 00234 * ClearEventLogA [ADVAPI32.@] 00235 */ 00236 BOOL WINAPI 00237 ClearEventLogA(IN HANDLE hEventLog, 00238 IN LPCSTR lpBackupFileName) 00239 { 00240 ANSI_STRING BackupFileNameA; 00241 UNICODE_STRING BackupFileNameW; 00242 NTSTATUS Status; 00243 BOOL Result; 00244 00245 TRACE("%p, %s\n", hEventLog, lpBackupFileName); 00246 00247 if (lpBackupFileName == NULL) 00248 { 00249 RtlInitUnicodeString(&BackupFileNameW, NULL); 00250 } 00251 else 00252 { 00253 RtlInitAnsiString(&BackupFileNameA, lpBackupFileName); 00254 00255 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW, 00256 &BackupFileNameA, 00257 TRUE); 00258 if (!NT_SUCCESS(Status)) 00259 { 00260 SetLastError(RtlNtStatusToDosError(Status)); 00261 return FALSE; 00262 } 00263 } 00264 00265 Result = ClearEventLogW(hEventLog, 00266 BackupFileNameW.Buffer); 00267 00268 RtlFreeUnicodeString(&BackupFileNameW); 00269 00270 return Result; 00271 } 00272 00273 00274 /****************************************************************************** 00275 * ClearEventLogW [ADVAPI32.@] 00276 */ 00277 BOOL WINAPI 00278 ClearEventLogW(IN HANDLE hEventLog, 00279 IN LPCWSTR lpBackupFileName) 00280 { 00281 UNICODE_STRING BackupFileNameW; 00282 NTSTATUS Status; 00283 00284 TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName)); 00285 00286 if (lpBackupFileName == NULL) 00287 { 00288 RtlInitUnicodeString(&BackupFileNameW, NULL); 00289 } 00290 else 00291 { 00292 if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileNameW, 00293 NULL, NULL)) 00294 { 00295 SetLastError(ERROR_INVALID_PARAMETER); 00296 return FALSE; 00297 } 00298 } 00299 00300 RpcTryExcept 00301 { 00302 Status = ElfrClearELFW(hEventLog, 00303 (PRPC_UNICODE_STRING)&BackupFileNameW); 00304 } 00305 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00306 { 00307 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00308 } 00309 RpcEndExcept; 00310 00311 if (lpBackupFileName != NULL) 00312 RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileNameW.Buffer); 00313 00314 if (!NT_SUCCESS(Status)) 00315 { 00316 SetLastError(RtlNtStatusToDosError(Status)); 00317 return FALSE; 00318 } 00319 00320 return TRUE; 00321 } 00322 00323 00324 /****************************************************************************** 00325 * CloseEventLog [ADVAPI32.@] 00326 */ 00327 BOOL WINAPI 00328 CloseEventLog(IN HANDLE hEventLog) 00329 { 00330 NTSTATUS Status; 00331 00332 TRACE("%p\n", hEventLog); 00333 00334 RpcTryExcept 00335 { 00336 Status = ElfrCloseEL(&hEventLog); 00337 } 00338 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00339 { 00340 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00341 } 00342 RpcEndExcept; 00343 00344 if (!NT_SUCCESS(Status)) 00345 { 00346 SetLastError(RtlNtStatusToDosError(Status)); 00347 return FALSE; 00348 } 00349 00350 return TRUE; 00351 } 00352 00353 00354 /****************************************************************************** 00355 * DeregisterEventSource [ADVAPI32.@] 00356 * Closes a handle to the specified event log 00357 * 00358 * PARAMS 00359 * hEventLog [I] Handle to event log 00360 * 00361 * RETURNS STD 00362 */ 00363 BOOL WINAPI 00364 DeregisterEventSource(IN HANDLE hEventLog) 00365 { 00366 NTSTATUS Status; 00367 00368 TRACE("%p\n", hEventLog); 00369 00370 RpcTryExcept 00371 { 00372 Status = ElfrDeregisterEventSource(&hEventLog); 00373 } 00374 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00375 { 00376 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00377 } 00378 RpcEndExcept; 00379 00380 if (!NT_SUCCESS(Status)) 00381 { 00382 SetLastError(RtlNtStatusToDosError(Status)); 00383 return FALSE; 00384 } 00385 00386 return TRUE; 00387 } 00388 00389 00390 /****************************************************************************** 00391 * GetEventLogInformation [ADVAPI32.@] 00392 * 00393 * PARAMS 00394 * hEventLog [I] Handle to event log 00395 * dwInfoLevel [I] Level of event log information to return 00396 * lpBuffer [O] Buffer that receives the event log information 00397 * cbBufSize [I] Size of the lpBuffer buffer 00398 * pcbBytesNeeded [O] Required buffer size 00399 */ 00400 BOOL WINAPI 00401 GetEventLogInformation(IN HANDLE hEventLog, 00402 IN DWORD dwInfoLevel, 00403 OUT LPVOID lpBuffer, 00404 IN DWORD cbBufSize, 00405 OUT LPDWORD pcbBytesNeeded) 00406 { 00407 NTSTATUS Status; 00408 00409 if (dwInfoLevel != EVENTLOG_FULL_INFO) 00410 { 00411 SetLastError(ERROR_INVALID_LEVEL); 00412 return FALSE; 00413 } 00414 00415 RpcTryExcept 00416 { 00417 Status = ElfrGetLogInformation(hEventLog, 00418 dwInfoLevel, 00419 (LPBYTE)lpBuffer, 00420 cbBufSize, 00421 pcbBytesNeeded); 00422 } 00423 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00424 { 00425 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00426 } 00427 RpcEndExcept; 00428 00429 if (!NT_SUCCESS(Status)) 00430 { 00431 SetLastError(RtlNtStatusToDosError(Status)); 00432 return FALSE; 00433 } 00434 00435 return TRUE; 00436 } 00437 00438 00439 /****************************************************************************** 00440 * GetNumberOfEventLogRecords [ADVAPI32.@] 00441 * 00442 * PARAMS 00443 * hEventLog [] 00444 * NumberOfRecords [] 00445 */ 00446 BOOL WINAPI 00447 GetNumberOfEventLogRecords(IN HANDLE hEventLog, 00448 OUT PDWORD NumberOfRecords) 00449 { 00450 NTSTATUS Status; 00451 DWORD Records; 00452 00453 TRACE("%p, %p\n", hEventLog, NumberOfRecords); 00454 00455 if (NumberOfRecords == NULL) 00456 { 00457 SetLastError(ERROR_INVALID_PARAMETER); 00458 return FALSE; 00459 } 00460 00461 RpcTryExcept 00462 { 00463 Status = ElfrNumberOfRecords(hEventLog, 00464 &Records); 00465 } 00466 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00467 { 00468 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00469 } 00470 RpcEndExcept; 00471 00472 if (!NT_SUCCESS(Status)) 00473 { 00474 SetLastError(RtlNtStatusToDosError(Status)); 00475 return FALSE; 00476 } 00477 00478 *NumberOfRecords = Records; 00479 00480 return TRUE; 00481 } 00482 00483 00484 /****************************************************************************** 00485 * GetOldestEventLogRecord [ADVAPI32.@] 00486 * 00487 * PARAMS 00488 * hEventLog [] 00489 * OldestRecord [] 00490 */ 00491 BOOL WINAPI 00492 GetOldestEventLogRecord(IN HANDLE hEventLog, 00493 OUT PDWORD OldestRecord) 00494 { 00495 NTSTATUS Status; 00496 DWORD Oldest; 00497 00498 TRACE("%p, %p\n", hEventLog, OldestRecord); 00499 00500 if (OldestRecord == NULL) 00501 { 00502 SetLastError(ERROR_INVALID_PARAMETER); 00503 return FALSE; 00504 } 00505 00506 RpcTryExcept 00507 { 00508 Status = ElfrOldestRecord(hEventLog, 00509 &Oldest); 00510 } 00511 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00512 { 00513 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00514 } 00515 RpcEndExcept; 00516 00517 if (!NT_SUCCESS(Status)) 00518 { 00519 SetLastError(RtlNtStatusToDosError(Status)); 00520 return FALSE; 00521 } 00522 00523 *OldestRecord = Oldest; 00524 00525 return TRUE; 00526 } 00527 00528 00529 /****************************************************************************** 00530 * NotifyChangeEventLog [ADVAPI32.@] 00531 * 00532 * PARAMS 00533 * hEventLog [] 00534 * hEvent [] 00535 */ 00536 BOOL WINAPI 00537 NotifyChangeEventLog(IN HANDLE hEventLog, 00538 IN HANDLE hEvent) 00539 { 00540 /* Use ElfrChangeNotify */ 00541 UNIMPLEMENTED; 00542 SetLastError(ERROR_CALL_NOT_IMPLEMENTED); 00543 return FALSE; 00544 } 00545 00546 00547 /****************************************************************************** 00548 * OpenBackupEventLogA [ADVAPI32.@] 00549 */ 00550 HANDLE WINAPI 00551 OpenBackupEventLogA(IN LPCSTR lpUNCServerName, 00552 IN LPCSTR lpFileName) 00553 { 00554 ANSI_STRING UNCServerNameA; 00555 UNICODE_STRING UNCServerNameW; 00556 ANSI_STRING FileNameA; 00557 UNICODE_STRING FileNameW; 00558 HANDLE LogHandle; 00559 NTSTATUS Status; 00560 00561 TRACE("%s, %s\n", lpUNCServerName, lpFileName); 00562 00563 /* Convert the server name to unicode */ 00564 if (lpUNCServerName == NULL) 00565 { 00566 RtlInitUnicodeString(&UNCServerNameW, NULL); 00567 } 00568 else 00569 { 00570 RtlInitAnsiString(&UNCServerNameA, lpUNCServerName); 00571 00572 Status = RtlAnsiStringToUnicodeString(&UNCServerNameW, 00573 &UNCServerNameA, 00574 TRUE); 00575 if (!NT_SUCCESS(Status)) 00576 { 00577 SetLastError(RtlNtStatusToDosError(Status)); 00578 return NULL; 00579 } 00580 } 00581 00582 /* Convert the file name to unicode */ 00583 if (lpFileName == NULL) 00584 { 00585 RtlInitUnicodeString(&FileNameW, NULL); 00586 } 00587 else 00588 { 00589 RtlInitAnsiString(&FileNameA, lpFileName); 00590 00591 Status = RtlAnsiStringToUnicodeString(&FileNameW, 00592 &FileNameA, 00593 TRUE); 00594 if (!NT_SUCCESS(Status)) 00595 { 00596 RtlFreeUnicodeString(&UNCServerNameW); 00597 SetLastError(RtlNtStatusToDosError(Status)); 00598 return NULL; 00599 } 00600 } 00601 00602 /* Call the unicode function */ 00603 LogHandle = OpenBackupEventLogW(UNCServerNameW.Buffer, 00604 FileNameW.Buffer); 00605 00606 /* Free the unicode strings */ 00607 RtlFreeUnicodeString(&UNCServerNameW); 00608 RtlFreeUnicodeString(&FileNameW); 00609 00610 return LogHandle; 00611 } 00612 00613 00614 /****************************************************************************** 00615 * OpenBackupEventLogW [ADVAPI32.@] 00616 * 00617 * PARAMS 00618 * lpUNCServerName [] 00619 * lpFileName [] 00620 */ 00621 HANDLE WINAPI 00622 OpenBackupEventLogW(IN LPCWSTR lpUNCServerName, 00623 IN LPCWSTR lpFileName) 00624 { 00625 UNICODE_STRING FileNameW; 00626 IELF_HANDLE LogHandle; 00627 NTSTATUS Status; 00628 00629 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpFileName)); 00630 00631 if (lpFileName == NULL) 00632 { 00633 SetLastError(ERROR_INVALID_PARAMETER); 00634 return NULL; 00635 } 00636 00637 if (!RtlDosPathNameToNtPathName_U(lpFileName, &FileNameW, 00638 NULL, NULL)) 00639 { 00640 SetLastError(ERROR_INVALID_PARAMETER); 00641 return NULL; 00642 } 00643 00644 RpcTryExcept 00645 { 00646 Status = ElfrOpenBELW((LPWSTR)lpUNCServerName, 00647 (PRPC_UNICODE_STRING)&FileNameW, 00648 1, 00649 1, 00650 &LogHandle); 00651 } 00652 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00653 { 00654 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00655 } 00656 RpcEndExcept; 00657 00658 if (FileNameW.Buffer != NULL) 00659 RtlFreeHeap(RtlGetProcessHeap(), 0, FileNameW.Buffer); 00660 00661 if (!NT_SUCCESS(Status)) 00662 { 00663 SetLastError(RtlNtStatusToDosError(Status)); 00664 return NULL; 00665 } 00666 00667 return (HANDLE)LogHandle; 00668 } 00669 00670 00671 /****************************************************************************** 00672 * OpenEventLogA [ADVAPI32.@] 00673 * 00674 * Opens a handle to the specified event log. 00675 * 00676 * PARAMS 00677 * lpUNCServerName [I] UNC name of the server on which the event log is 00678 * opened. 00679 * lpSourceName [I] Name of the log. 00680 * 00681 * RETURNS 00682 * Success: Handle to an event log. 00683 * Failure: NULL 00684 */ 00685 HANDLE WINAPI 00686 OpenEventLogA(IN LPCSTR lpUNCServerName, 00687 IN LPCSTR lpSourceName) 00688 { 00689 LPSTR UNCServerName; 00690 ANSI_STRING SourceName; 00691 IELF_HANDLE LogHandle = NULL; 00692 NTSTATUS Status; 00693 00694 TRACE("%s, %s\n", lpUNCServerName, lpSourceName); 00695 00696 if (lpSourceName == NULL) 00697 { 00698 SetLastError(ERROR_INVALID_PARAMETER); 00699 return NULL; 00700 } 00701 00702 if (lpUNCServerName == NULL || *lpUNCServerName == 0) 00703 UNCServerName = NULL; 00704 else 00705 UNCServerName = (LPSTR)lpUNCServerName; 00706 00707 RtlInitAnsiString(&SourceName, lpSourceName); 00708 00709 RpcTryExcept 00710 { 00711 Status = ElfrOpenELA(UNCServerName, 00712 (PRPC_STRING)&SourceName, 00713 &EmptyStringA, 00714 1, 00715 1, 00716 &LogHandle); 00717 } 00718 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00719 { 00720 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00721 } 00722 RpcEndExcept; 00723 00724 if (!NT_SUCCESS(Status)) 00725 { 00726 SetLastError(RtlNtStatusToDosError(Status)); 00727 return NULL; 00728 } 00729 00730 return (HANDLE)LogHandle; 00731 } 00732 00733 00734 /****************************************************************************** 00735 * OpenEventLogW [ADVAPI32.@] 00736 * 00737 * PARAMS 00738 * lpUNCServerName [] 00739 * lpSourceName [] 00740 */ 00741 HANDLE WINAPI 00742 OpenEventLogW(IN LPCWSTR lpUNCServerName, 00743 IN LPCWSTR lpSourceName) 00744 { 00745 LPWSTR UNCServerName; 00746 UNICODE_STRING SourceName; 00747 IELF_HANDLE LogHandle; 00748 NTSTATUS Status; 00749 00750 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName)); 00751 00752 if (lpSourceName == NULL) 00753 { 00754 SetLastError(ERROR_INVALID_PARAMETER); 00755 return NULL; 00756 } 00757 00758 if (lpUNCServerName == NULL || *lpUNCServerName == 0) 00759 UNCServerName = NULL; 00760 else 00761 UNCServerName = (LPWSTR)lpUNCServerName; 00762 00763 RtlInitUnicodeString(&SourceName, lpSourceName); 00764 00765 RpcTryExcept 00766 { 00767 Status = ElfrOpenELW(UNCServerName, 00768 (PRPC_UNICODE_STRING)&SourceName, 00769 &EmptyStringU, 00770 1, 00771 1, 00772 &LogHandle); 00773 } 00774 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00775 { 00776 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00777 } 00778 RpcEndExcept; 00779 00780 if (!NT_SUCCESS(Status)) 00781 { 00782 SetLastError(RtlNtStatusToDosError(Status)); 00783 return NULL; 00784 } 00785 00786 return (HANDLE)LogHandle; 00787 } 00788 00789 00790 /****************************************************************************** 00791 * ReadEventLogA [ADVAPI32.@] 00792 */ 00793 BOOL WINAPI 00794 ReadEventLogA(IN HANDLE hEventLog, 00795 IN DWORD dwReadFlags, 00796 IN DWORD dwRecordOffset, 00797 OUT LPVOID lpBuffer, 00798 IN DWORD nNumberOfBytesToRead, 00799 OUT DWORD *pnBytesRead, 00800 OUT DWORD *pnMinNumberOfBytesNeeded) 00801 { 00802 NTSTATUS Status; 00803 DWORD bytesRead, minNumberOfBytesNeeded; 00804 DWORD dwFlags; 00805 00806 TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n", 00807 hEventLog, dwReadFlags, dwRecordOffset, lpBuffer, 00808 nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded); 00809 00810 if (lpBuffer == NULL || 00811 pnBytesRead == NULL || 00812 pnMinNumberOfBytesNeeded == NULL) 00813 { 00814 SetLastError(ERROR_INVALID_PARAMETER); 00815 return FALSE; 00816 } 00817 00818 dwFlags = dwReadFlags & (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ); 00819 if (dwFlags == (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ)) 00820 { 00821 SetLastError(ERROR_INVALID_PARAMETER); 00822 return FALSE; 00823 } 00824 00825 dwFlags = dwReadFlags & (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ); 00826 if (dwFlags == (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ)) 00827 { 00828 SetLastError(ERROR_INVALID_PARAMETER); 00829 return FALSE; 00830 } 00831 00832 RpcTryExcept 00833 { 00834 Status = ElfrReadELA(hEventLog, 00835 dwReadFlags, 00836 dwRecordOffset, 00837 nNumberOfBytesToRead, 00838 lpBuffer, 00839 &bytesRead, 00840 &minNumberOfBytesNeeded); 00841 } 00842 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00843 { 00844 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00845 } 00846 RpcEndExcept; 00847 00848 *pnBytesRead = (DWORD)bytesRead; 00849 *pnMinNumberOfBytesNeeded = (DWORD)minNumberOfBytesNeeded; 00850 00851 if (!NT_SUCCESS(Status)) 00852 { 00853 SetLastError(RtlNtStatusToDosError(Status)); 00854 return FALSE; 00855 } 00856 00857 return TRUE; 00858 } 00859 00860 00861 /****************************************************************************** 00862 * ReadEventLogW [ADVAPI32.@] 00863 * 00864 * PARAMS 00865 * hEventLog [] 00866 * dwReadFlags [] 00867 * dwRecordOffset [] 00868 * lpBuffer [] 00869 * nNumberOfBytesToRead [] 00870 * pnBytesRead [] 00871 * pnMinNumberOfBytesNeeded [] 00872 */ 00873 BOOL WINAPI 00874 ReadEventLogW(IN HANDLE hEventLog, 00875 IN DWORD dwReadFlags, 00876 IN DWORD dwRecordOffset, 00877 OUT LPVOID lpBuffer, 00878 IN DWORD nNumberOfBytesToRead, 00879 OUT DWORD *pnBytesRead, 00880 OUT DWORD *pnMinNumberOfBytesNeeded) 00881 { 00882 NTSTATUS Status; 00883 DWORD bytesRead, minNumberOfBytesNeeded; 00884 DWORD dwFlags; 00885 00886 TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n", 00887 hEventLog, dwReadFlags, dwRecordOffset, lpBuffer, 00888 nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded); 00889 00890 if (lpBuffer == NULL || 00891 pnBytesRead == NULL || 00892 pnMinNumberOfBytesNeeded == NULL) 00893 { 00894 SetLastError(ERROR_INVALID_PARAMETER); 00895 return FALSE; 00896 } 00897 00898 dwFlags = dwReadFlags & (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ); 00899 if (dwFlags == (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ)) 00900 { 00901 SetLastError(ERROR_INVALID_PARAMETER); 00902 return FALSE; 00903 } 00904 00905 dwFlags = dwReadFlags & (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ); 00906 if (dwFlags == (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ)) 00907 { 00908 SetLastError(ERROR_INVALID_PARAMETER); 00909 return FALSE; 00910 } 00911 00912 RpcTryExcept 00913 { 00914 Status = ElfrReadELW(hEventLog, 00915 dwReadFlags, 00916 dwRecordOffset, 00917 nNumberOfBytesToRead, 00918 lpBuffer, 00919 &bytesRead, 00920 &minNumberOfBytesNeeded); 00921 } 00922 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00923 { 00924 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00925 } 00926 RpcEndExcept; 00927 00928 *pnBytesRead = (DWORD)bytesRead; 00929 *pnMinNumberOfBytesNeeded = (DWORD)minNumberOfBytesNeeded; 00930 00931 if (!NT_SUCCESS(Status)) 00932 { 00933 SetLastError(RtlNtStatusToDosError(Status)); 00934 return FALSE; 00935 } 00936 00937 return TRUE; 00938 } 00939 00940 00941 /****************************************************************************** 00942 * RegisterEventSourceA [ADVAPI32.@] 00943 */ 00944 HANDLE WINAPI 00945 RegisterEventSourceA(IN LPCSTR lpUNCServerName, 00946 IN LPCSTR lpSourceName) 00947 { 00948 ANSI_STRING SourceName; 00949 IELF_HANDLE LogHandle; 00950 NTSTATUS Status; 00951 00952 TRACE("%s, %s\n", lpUNCServerName, lpSourceName); 00953 00954 RtlInitAnsiString(&SourceName, lpSourceName); 00955 00956 RpcTryExcept 00957 { 00958 Status = ElfrRegisterEventSourceA((LPSTR)lpUNCServerName, 00959 (PRPC_STRING)&SourceName, 00960 &EmptyStringA, 00961 1, 00962 1, 00963 &LogHandle); 00964 } 00965 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 00966 { 00967 Status = I_RpcMapWin32Status(RpcExceptionCode()); 00968 } 00969 RpcEndExcept; 00970 00971 if (!NT_SUCCESS(Status)) 00972 { 00973 SetLastError(RtlNtStatusToDosError(Status)); 00974 return NULL; 00975 } 00976 00977 return (HANDLE)LogHandle; 00978 } 00979 00980 00981 /****************************************************************************** 00982 * RegisterEventSourceW [ADVAPI32.@] 00983 * Returns a registered handle to an event log 00984 * 00985 * PARAMS 00986 * lpUNCServerName [I] Server name for source 00987 * lpSourceName [I] Source name for registered handle 00988 * 00989 * RETURNS 00990 * Success: Handle 00991 * Failure: NULL 00992 */ 00993 HANDLE WINAPI 00994 RegisterEventSourceW(IN LPCWSTR lpUNCServerName, 00995 IN LPCWSTR lpSourceName) 00996 { 00997 UNICODE_STRING SourceName; 00998 IELF_HANDLE LogHandle; 00999 NTSTATUS Status; 01000 01001 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName)); 01002 01003 RtlInitUnicodeString(&SourceName, lpSourceName); 01004 01005 RpcTryExcept 01006 { 01007 Status = ElfrRegisterEventSourceW((LPWSTR)lpUNCServerName, 01008 (PRPC_UNICODE_STRING)&SourceName, 01009 &EmptyStringU, 01010 1, 01011 1, 01012 &LogHandle); 01013 } 01014 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 01015 { 01016 Status = I_RpcMapWin32Status(RpcExceptionCode()); 01017 } 01018 RpcEndExcept; 01019 01020 if (!NT_SUCCESS(Status)) 01021 { 01022 SetLastError(RtlNtStatusToDosError(Status)); 01023 return NULL; 01024 } 01025 01026 return (HANDLE)LogHandle; 01027 } 01028 01029 01030 /****************************************************************************** 01031 * ReportEventA [ADVAPI32.@] 01032 */ 01033 BOOL WINAPI 01034 ReportEventA(IN HANDLE hEventLog, 01035 IN WORD wType, 01036 IN WORD wCategory, 01037 IN DWORD dwEventID, 01038 IN PSID lpUserSid, 01039 IN WORD wNumStrings, 01040 IN DWORD dwDataSize, 01041 IN LPCSTR *lpStrings, 01042 IN LPVOID lpRawData) 01043 { 01044 NTSTATUS Status; 01045 PANSI_STRING *Strings; 01046 ANSI_STRING ComputerName; 01047 WORD i; 01048 CHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1]; 01049 DWORD dwSize; 01050 LARGE_INTEGER SystemTime; 01051 ULONG Seconds; 01052 01053 TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n", 01054 hEventLog, wType, wCategory, dwEventID, lpUserSid, 01055 wNumStrings, dwDataSize, lpStrings, lpRawData); 01056 01057 Strings = HeapAlloc(GetProcessHeap(), 01058 HEAP_ZERO_MEMORY, 01059 wNumStrings * sizeof(PANSI_STRING)); 01060 if (!Strings) 01061 { 01062 SetLastError(ERROR_NOT_ENOUGH_MEMORY); 01063 return FALSE; 01064 } 01065 01066 for (i = 0; i < wNumStrings; i++) 01067 { 01068 Strings[i] = HeapAlloc(GetProcessHeap(), 01069 HEAP_ZERO_MEMORY, 01070 sizeof(ANSI_STRING)); 01071 if (Strings[i]) 01072 { 01073 RtlInitAnsiString(Strings[i], lpStrings[i]); 01074 } 01075 } 01076 01077 dwSize = MAX_COMPUTERNAME_LENGTH + 1; 01078 GetComputerNameA(szComputerName, &dwSize); 01079 RtlInitAnsiString(&ComputerName, szComputerName); 01080 01081 NtQuerySystemTime(&SystemTime); 01082 RtlTimeToSecondsSince1970(&SystemTime, &Seconds); 01083 01084 RpcTryExcept 01085 { 01086 Status = ElfrReportEventA(hEventLog, 01087 Seconds, 01088 wType, 01089 wCategory, 01090 dwEventID, 01091 wNumStrings, 01092 dwDataSize, 01093 (PRPC_STRING)&ComputerName, 01094 lpUserSid, 01095 (PRPC_STRING*)Strings, 01096 lpRawData, 01097 0, 01098 NULL, 01099 NULL); 01100 } 01101 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 01102 { 01103 Status = I_RpcMapWin32Status(RpcExceptionCode()); 01104 } 01105 RpcEndExcept; 01106 01107 for (i = 0; i < wNumStrings; i++) 01108 { 01109 if (Strings[i] != NULL) 01110 HeapFree(GetProcessHeap(), 0, Strings[i]); 01111 } 01112 01113 HeapFree(GetProcessHeap(), 0, Strings); 01114 01115 if (!NT_SUCCESS(Status)) 01116 { 01117 SetLastError(RtlNtStatusToDosError(Status)); 01118 return FALSE; 01119 } 01120 01121 return TRUE; 01122 } 01123 01124 01125 /****************************************************************************** 01126 * ReportEventW [ADVAPI32.@] 01127 * 01128 * PARAMS 01129 * hEventLog [] 01130 * wType [] 01131 * wCategory [] 01132 * dwEventID [] 01133 * lpUserSid [] 01134 * wNumStrings [] 01135 * dwDataSize [] 01136 * lpStrings [] 01137 * lpRawData [] 01138 */ 01139 BOOL WINAPI 01140 ReportEventW(IN HANDLE hEventLog, 01141 IN WORD wType, 01142 IN WORD wCategory, 01143 IN DWORD dwEventID, 01144 IN PSID lpUserSid, 01145 IN WORD wNumStrings, 01146 IN DWORD dwDataSize, 01147 IN LPCWSTR *lpStrings, 01148 IN LPVOID lpRawData) 01149 { 01150 NTSTATUS Status; 01151 PUNICODE_STRING *Strings; 01152 UNICODE_STRING ComputerName; 01153 WORD i; 01154 WCHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1]; 01155 DWORD dwSize; 01156 LARGE_INTEGER SystemTime; 01157 ULONG Seconds; 01158 01159 TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n", 01160 hEventLog, wType, wCategory, dwEventID, lpUserSid, 01161 wNumStrings, dwDataSize, lpStrings, lpRawData); 01162 01163 Strings = HeapAlloc(GetProcessHeap(), 01164 0, 01165 wNumStrings * sizeof(PUNICODE_STRING)); 01166 if (!Strings) 01167 { 01168 SetLastError(ERROR_NOT_ENOUGH_MEMORY); 01169 return FALSE; 01170 } 01171 01172 for (i = 0; i < wNumStrings; i++) 01173 { 01174 Strings[i] = HeapAlloc(GetProcessHeap(), 01175 HEAP_ZERO_MEMORY, 01176 sizeof(ANSI_STRING)); 01177 if (Strings[i]) 01178 { 01179 RtlInitUnicodeString(Strings[i], lpStrings[i]); 01180 } 01181 } 01182 01183 dwSize = MAX_COMPUTERNAME_LENGTH + 1; 01184 GetComputerNameW(szComputerName, &dwSize); 01185 RtlInitUnicodeString(&ComputerName, szComputerName); 01186 01187 NtQuerySystemTime(&SystemTime); 01188 RtlTimeToSecondsSince1970(&SystemTime, &Seconds); 01189 01190 RpcTryExcept 01191 { 01192 Status = ElfrReportEventW(hEventLog, 01193 Seconds, 01194 wType, 01195 wCategory, 01196 dwEventID, 01197 wNumStrings, 01198 dwDataSize, 01199 (PRPC_UNICODE_STRING)&ComputerName, 01200 lpUserSid, 01201 (PRPC_UNICODE_STRING*)Strings, 01202 lpRawData, 01203 0, 01204 NULL, 01205 NULL); 01206 } 01207 RpcExcept(EXCEPTION_EXECUTE_HANDLER) 01208 { 01209 Status = I_RpcMapWin32Status(RpcExceptionCode()); 01210 } 01211 RpcEndExcept; 01212 01213 for (i = 0; i < wNumStrings; i++) 01214 { 01215 if (Strings[i] != NULL) 01216 HeapFree(GetProcessHeap(), 0, Strings[i]); 01217 } 01218 01219 HeapFree(GetProcessHeap(), 0, Strings); 01220 01221 if (!NT_SUCCESS(Status)) 01222 { 01223 SetLastError(RtlNtStatusToDosError(Status)); 01224 return FALSE; 01225 } 01226 01227 return TRUE; 01228 } 01229
Generated on Sat May 26 2012 04:16:34 for ReactOS by
1.7.6.1
