ReactOS 0.4.15-dev-7931-gfd331f1
rpc.c File Reference
#include "eventlog.h"
#include <debug.h>
Include dependency graph for rpc.c:

Go to the source code of this file.

Macros

#define NDEBUG
 

Functions

static NTSTATUS ElfDeleteEventLogHandle (PIELF_HANDLE LogHandle)
 
DWORD WINAPI RpcThreadRoutine (LPVOID lpParameter)
 
static NTSTATUS ElfCreateEventLogHandle (PLOGHANDLE *LogHandle, PUNICODE_STRING LogName, BOOLEAN Create)
 
static NTSTATUS ElfCreateBackupLogHandle (PLOGHANDLE *LogHandle, PUNICODE_STRING FileName)
 
static PLOGHANDLE ElfGetLogHandleEntryByHandle (IELF_HANDLE EventLogHandle)
 
NTSTATUS WINAPI ElfrClearELFW (IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
 
NTSTATUS WINAPI ElfrBackupELFW (IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
 
NTSTATUS WINAPI ElfrCloseEL (PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrDeregisterEventSource (PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrNumberOfRecords (IELF_HANDLE LogHandle, PULONG NumberOfRecords)
 
NTSTATUS WINAPI ElfrOldestRecord (IELF_HANDLE LogHandle, PULONG OldestRecordNumber)
 
NTSTATUS WINAPI ElfrChangeNotify (IELF_HANDLE LogHandle, RPC_CLIENT_ID ClientId, ULONG Event)
 
NTSTATUS WINAPI ElfrOpenELW (EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrRegisterEventSourceW (EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrOpenBELW (EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrReadELW (IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
 
NTSTATUS ElfrIntReportEventW (IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, PRPC_UNICODE_STRING SourceName OPTIONAL, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
 
NTSTATUS WINAPI ElfrReportEventW (IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
 
NTSTATUS WINAPI ElfrClearELFA (IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
 
NTSTATUS WINAPI ElfrBackupELFA (IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
 
NTSTATUS WINAPI ElfrOpenELA (EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrRegisterEventSourceA (EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrOpenBELA (EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrReadELA (IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
 
NTSTATUS WINAPI ElfrReportEventA (IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_STRING ComputerName, PRPC_SID UserSID, PRPC_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
 
NTSTATUS WINAPI ElfrRegisterClusterSvc (handle_t BindingHandle)
 
NTSTATUS WINAPI ElfrDeregisterClusterSvc (handle_t BindingHandle)
 
NTSTATUS WINAPI ElfrWriteClusterEvents (handle_t BindingHandle)
 
NTSTATUS WINAPI ElfrGetLogInformation (IELF_HANDLE LogHandle, ULONG InfoLevel, PBYTE Buffer, ULONG cbBufSize, PULONG pcbBytesNeeded)
 
NTSTATUS WINAPI ElfrFlushEL (IELF_HANDLE LogHandle)
 
NTSTATUS WINAPI ElfrReportEventAndSourceW (IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, PRPC_UNICODE_STRING SourceName, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
 
void __RPC_FAR *__RPC_USER midl_user_allocate (SIZE_T len)
 
void __RPC_USER midl_user_free (void __RPC_FAR *ptr)
 
void __RPC_USER IELF_HANDLE_rundown (IELF_HANDLE LogHandle)
 

Variables

static LIST_ENTRY LogHandleListHead
 
static CRITICAL_SECTION LogHandleListCs
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 15 of file rpc.c.

Function Documentation

◆ ElfCreateBackupLogHandle()

static NTSTATUS ElfCreateBackupLogHandle ( PLOGHANDLE LogHandle,
PUNICODE_STRING  FileName 
)
static

Definition at line 177 of file rpc.c.

179{
181 PLOGHANDLE pLogHandle;
182
183 DPRINT("ElfCreateBackupLogHandle(%wZ)\n", FileName);
184
185 *LogHandle = NULL;
186
187 pLogHandle = HeapAlloc(GetProcessHeap(),
189 sizeof(LOGHANDLE));
190 if (pLogHandle == NULL)
191 {
192 DPRINT1("Failed to allocate Heap!\n");
193 return STATUS_NO_MEMORY;
194 }
195
196 /* Create the log file */
197 Status = LogfCreate(&pLogHandle->LogFile,
198 NULL,
199 FileName,
200 0,
201 0,
202 FALSE,
203 TRUE);
204 if (!NT_SUCCESS(Status))
205 {
206 DPRINT1("Failed to create the log file! (Status 0x%08lx)\n", Status);
207 goto Done;
208 }
209
210 /* Set the backup flag */
211 pLogHandle->Flags |= LOG_HANDLE_BACKUP_FILE;
212
213 /* Reset the current record */
214 pLogHandle->CurrentRecord = 0;
215
216Done:
217 if (NT_SUCCESS(Status))
218 {
219 /* Append log handle */
223 *LogHandle = pLogHandle;
224 }
225 else
226 {
227 HeapFree(GetProcessHeap(), 0, pLogHandle);
228 }
229
230 return Status;
231}
LONG NTSTATUS
Definition: precomp.h:26
#define DPRINT1
Definition: precomp.h:8
static LIST_ENTRY LogHandleListHead
Definition: rpc.c:18
static CRITICAL_SECTION LogHandleListCs
Definition: rpc.c:19
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define GetProcessHeap()
Definition: compat.h:736
#define HeapAlloc
Definition: compat.h:733
#define HeapFree(x, y, z)
Definition: compat.h:735
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
#define InsertTailList(ListHead, Entry)
NTSTATUS LogfCreate(PLOGFILE *LogFile, PCWSTR LogName, PUNICODE_STRING FileName, ULONG MaxSize, ULONG Retention, BOOLEAN Permanent, BOOLEAN Backup)
Definition: file.c:294
#define LOG_HANDLE_BACKUP_FILE
Definition: eventlog.h:53
Status
Definition: gdiplustypes.h:25
_In_ UINT _Out_ PNDIS_HANDLE LogHandle
Definition: ndis.h:5382
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define STATUS_SUCCESS
Definition: shellext.h:65
#define DPRINT
Definition: sndvol32.h:71
ULONG CurrentRecord
Definition: eventlog.h:60
PLOGFILE LogFile
Definition: eventlog.h:59
LIST_ENTRY LogHandleListEntry
Definition: eventlog.h:57
ULONG Flags
Definition: eventlog.h:61
void WINAPI LeaveCriticalSection(LPCRITICAL_SECTION)
void WINAPI EnterCriticalSection(LPCRITICAL_SECTION)

Referenced by ElfrOpenBELA(), and ElfrOpenBELW().

◆ ElfCreateEventLogHandle()

static NTSTATUS ElfCreateEventLogHandle ( PLOGHANDLE LogHandle,
PUNICODE_STRING  LogName,
BOOLEAN  Create 
)
static

Definition at line 69 of file rpc.c.

72{
74 PLOGHANDLE pLogHandle;
75 PLOGFILE currentLogFile = NULL;
76 DWORD i, LogsActive;
77 PEVENTSOURCE pEventSource;
78
79 DPRINT("ElfCreateEventLogHandle(%wZ)\n", LogName);
80
81 *LogHandle = NULL;
82
83 i = (LogName->Length + sizeof(UNICODE_NULL)) / sizeof(WCHAR);
84 pLogHandle = HeapAlloc(GetProcessHeap(),
87 if (!pLogHandle)
88 {
89 DPRINT1("Failed to allocate Heap!\n");
90 return STATUS_NO_MEMORY;
91 }
92
93 StringCchCopyW(pLogHandle->szName, i, LogName->Buffer);
94
95 /* Get the number of Log Files the EventLog service found */
96 // NOTE: We could just as well loop only once within the list of logs
97 // and retrieve what the code below that calls LogfListItemByIndex, does!!
98 LogsActive = LogfListItemCount();
99 if (LogsActive == 0)
100 {
101 DPRINT1("EventLog service reports no log files!\n");
103 goto Done;
104 }
105
106 /* If Creating, default to the Application Log in case we fail, as documented on MSDN */
107 if (Create)
108 {
109 pEventSource = GetEventSourceByName(LogName->Buffer);
110 DPRINT("EventSource: %p\n", pEventSource);
111 if (pEventSource)
112 {
113 DPRINT("EventSource LogFile: %p\n", pEventSource->LogFile);
114 pLogHandle->LogFile = pEventSource->LogFile;
115 }
116 else
117 {
118 DPRINT("EventSource LogFile: Application log file\n");
119 pLogHandle->LogFile = LogfListItemByName(L"Application");
120 }
121
122 DPRINT("LogHandle LogFile: %p\n", pLogHandle->LogFile);
123 }
124 else
125 {
126 pLogHandle->LogFile = NULL;
127
128 for (i = 1; i <= LogsActive; i++)
129 {
130 currentLogFile = LogfListItemByIndex(i);
131
132 if (_wcsicmp(LogName->Buffer, currentLogFile->LogName) == 0)
133 {
134 pLogHandle->LogFile = currentLogFile;
135 break;
136 }
137 }
138
139 /* Use the application log if the desired log does not exist */
140 if (pLogHandle->LogFile == NULL)
141 {
142 pLogHandle->LogFile = LogfListItemByName(L"Application");
143 if (pLogHandle->LogFile == NULL)
144 {
145 DPRINT1("Application log is missing!\n");
147 goto Done;
148 }
149 }
150
151 /* Reset the current record */
152 pLogHandle->CurrentRecord = 0;
153 }
154
155 if (!pLogHandle->LogFile)
157
158Done:
159 if (NT_SUCCESS(Status))
160 {
161 /* Append log handle */
165 *LogHandle = pLogHandle;
166 }
167 else
168 {
169 HeapFree(GetProcessHeap(), 0, pLogHandle);
170 }
171
172 return Status;
173}
@ Create
Definition: registry.c:563
PLOGFILE LogfListItemByName(LPCWSTR Name)
Definition: file.c:33
PLOGFILE LogfListItemByIndex(DWORD Index)
Definition: file.c:93
PEVENTSOURCE GetEventSourceByName(LPCWSTR Name)
Definition: eventsource.c:202
DWORD LogfListItemCount(VOID)
Definition: file.c:118
unsigned long DWORD
Definition: ntddk_ex.h:95
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define UNICODE_NULL
#define L(x)
Definition: ntvdm.h:50
static const WCHAR szName[]
Definition: powrprof.c:45
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
STRSAFEAPI StringCchCopyW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszSrc)
Definition: strsafe.h:149
PLOGFILE LogFile
Definition: eventlog.h:47
WCHAR * LogName
Definition: eventlog.h:38
WCHAR szName[1]
Definition: eventlog.h:62
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by ElfrOpenELA(), ElfrOpenELW(), ElfrRegisterEventSourceA(), and ElfrRegisterEventSourceW().

◆ ElfDeleteEventLogHandle()

static NTSTATUS ElfDeleteEventLogHandle ( PIELF_HANDLE  LogHandle)
static

Definition at line 264 of file rpc.c.

265{
266 PLOGHANDLE pLogHandle;
267
269 if (!pLogHandle)
271
275
276 LogfClose(pLogHandle->LogFile, FALSE);
277
278 HeapFree(GetProcessHeap(), 0, pLogHandle);
279
280 *LogHandle = NULL;
281
282 return STATUS_SUCCESS;
283}
static PLOGHANDLE ElfGetLogHandleEntryByHandle(IELF_HANDLE EventLogHandle)
Definition: rpc.c:235
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
VOID LogfClose(PLOGFILE LogFile, BOOLEAN ForceClose)
Definition: file.c:428
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245

Referenced by ElfrCloseEL(), ElfrDeregisterEventSource(), IELF_HANDLE_rundown(), and RpcThreadRoutine().

◆ ElfGetLogHandleEntryByHandle()

static PLOGHANDLE ElfGetLogHandleEntryByHandle ( IELF_HANDLE  EventLogHandle)
static

Definition at line 235 of file rpc.c.

236{
237 PLIST_ENTRY CurrentEntry;
238 PLOGHANDLE Handle, pLogHandle = NULL;
239
241
242 CurrentEntry = LogHandleListHead.Flink;
243 while (CurrentEntry != &LogHandleListHead)
244 {
245 Handle = CONTAINING_RECORD(CurrentEntry,
246 LOGHANDLE,
247 LogHandleListEntry);
248 CurrentEntry = CurrentEntry->Flink;
249
250 if (Handle == EventLogHandle)
251 {
252 pLogHandle = Handle;
253 break;
254 }
255 }
256
258
259 return pLogHandle;
260}
ULONG Handle
Definition: gdb_input.c:15
Definition: typedefs.h:120
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260

Referenced by ElfDeleteEventLogHandle(), ElfrBackupELFW(), ElfrClearELFW(), ElfrFlushEL(), ElfrGetLogInformation(), ElfrIntReportEventW(), ElfrNumberOfRecords(), ElfrOldestRecord(), ElfrReadELA(), and ElfrReadELW().

◆ ElfrBackupELFA()

NTSTATUS WINAPI ElfrBackupELFA ( IELF_HANDLE  LogHandle,
PRPC_STRING  BackupFileName 
)

Definition at line 787 of file rpc.c.

790{
792 UNICODE_STRING BackupFileNameW;
793
794 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
795 (PANSI_STRING)BackupFileName,
796 TRUE);
797 if (!NT_SUCCESS(Status))
798 return Status;
799
801 (PRPC_UNICODE_STRING)&BackupFileNameW);
802
803 RtlFreeUnicodeString(&BackupFileNameW);
804
805 return Status;
806}
NTSTATUS WINAPI ElfrBackupELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:313
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)

Referenced by ElfBackupEventLogFileA().

◆ ElfrBackupELFW()

NTSTATUS WINAPI ElfrBackupELFW ( IELF_HANDLE  LogHandle,
PRPC_UNICODE_STRING  BackupFileName 
)

Definition at line 313 of file rpc.c.

316{
317 PLOGHANDLE pLogHandle;
318
319 DPRINT("ElfrBackupELFW()\n");
320
322 if (!pLogHandle)
324
325 return LogfBackupFile(pLogHandle->LogFile,
326 (PUNICODE_STRING)BackupFileName);
327}
NTSTATUS LogfBackupFile(PLOGFILE LogFile, PUNICODE_STRING BackupFileName)
Definition: file.c:499

Referenced by ElfBackupEventLogFileW(), and ElfrBackupELFA().

◆ ElfrChangeNotify()

NTSTATUS WINAPI ElfrChangeNotify ( IELF_HANDLE  LogHandle,
RPC_CLIENT_ID  ClientId,
ULONG  Event 
)

Definition at line 433 of file rpc.c.

437{
440}
#define UNIMPLEMENTED
Definition: debug.h:115
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:239

Referenced by ElfChangeNotify().

◆ ElfrClearELFA()

NTSTATUS WINAPI ElfrClearELFA ( IELF_HANDLE  LogHandle,
PRPC_STRING  BackupFileName 
)

Definition at line 762 of file rpc.c.

765{
767 UNICODE_STRING BackupFileNameW;
768
769 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
770 (PANSI_STRING)BackupFileName,
771 TRUE);
772 if (!NT_SUCCESS(Status))
773 return Status;
774
776 (PRPC_UNICODE_STRING)&BackupFileNameW);
777
778 RtlFreeUnicodeString(&BackupFileNameW);
779
780 return Status;
781}
NTSTATUS WINAPI ElfrClearELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:289

Referenced by ElfClearEventLogFileA().

◆ ElfrClearELFW()

NTSTATUS WINAPI ElfrClearELFW ( IELF_HANDLE  LogHandle,
PRPC_UNICODE_STRING  BackupFileName 
)

Definition at line 289 of file rpc.c.

292{
293 PLOGHANDLE pLogHandle;
294
295 DPRINT("ElfrClearELFW()\n");
296
298 if (!pLogHandle)
300
301 /* Fail, if the log file is a backup file */
302 if (pLogHandle->Flags & LOG_HANDLE_BACKUP_FILE)
304
305 return LogfClearFile(pLogHandle->LogFile,
306 (PUNICODE_STRING)BackupFileName);
307}
NTSTATUS LogfClearFile(PLOGFILE LogFile, PUNICODE_STRING BackupFileName)
Definition: file.c:467

Referenced by ElfClearEventLogFileW(), and ElfrClearELFA().

◆ ElfrCloseEL()

NTSTATUS WINAPI ElfrCloseEL ( PIELF_HANDLE  LogHandle)

Definition at line 333 of file rpc.c.

335{
337}
static NTSTATUS ElfDeleteEventLogHandle(PIELF_HANDLE LogHandle)
Definition: rpc.c:264

Referenced by ElfCloseEventLog().

◆ ElfrDeregisterClusterSvc()

NTSTATUS WINAPI ElfrDeregisterClusterSvc ( handle_t  BindingHandle)

Definition at line 1122 of file rpc.c.

1124{
1127}

◆ ElfrDeregisterEventSource()

NTSTATUS WINAPI ElfrDeregisterEventSource ( PIELF_HANDLE  LogHandle)

Definition at line 343 of file rpc.c.

345{
347}

Referenced by ElfDeregisterEventSource().

◆ ElfrFlushEL()

NTSTATUS WINAPI ElfrFlushEL ( IELF_HANDLE  LogHandle)

Definition at line 1196 of file rpc.c.

1198{
1200 PLOGHANDLE pLogHandle;
1201 PLOGFILE pLogFile;
1202
1204 if (!pLogHandle)
1205 return STATUS_INVALID_HANDLE;
1206
1207 pLogFile = pLogHandle->LogFile;
1208
1209 /* Lock the log file exclusive */
1211
1212 Status = ElfFlushFile(&pLogFile->LogFile);
1213
1214 /* Unlock the log file */
1215 RtlReleaseResource(&pLogFile->Lock);
1216
1217 return Status;
1218}
NTSTATUS NTAPI ElfFlushFile(IN PEVTLOGFILE LogFile)
Definition: evtlib.c:1134
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceExclusive(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
NTSYSAPI VOID NTAPI RtlReleaseResource(_In_ PRTL_RESOURCE Resource)
RTL_RESOURCE Lock
Definition: eventlog.h:39
EVTLOGFILE LogFile
Definition: eventlog.h:36

Referenced by ElfFlushEventLog().

◆ ElfrGetLogInformation()

NTSTATUS WINAPI ElfrGetLogInformation ( IELF_HANDLE  LogHandle,
ULONG  InfoLevel,
PBYTE  Buffer,
ULONG  cbBufSize,
PULONG  pcbBytesNeeded 
)

Definition at line 1144 of file rpc.c.

1150{
1152 PLOGHANDLE pLogHandle;
1153 PLOGFILE pLogFile;
1154
1156 if (!pLogHandle)
1157 return STATUS_INVALID_HANDLE;
1158
1159 pLogFile = pLogHandle->LogFile;
1160
1161 /* Lock the log file shared */
1162 RtlAcquireResourceShared(&pLogFile->Lock, TRUE);
1163
1164 switch (InfoLevel)
1165 {
1166 case EVENTLOG_FULL_INFO:
1167 {
1169
1172 {
1174 break;
1175 }
1176
1177 efi->dwFull = !!(ElfGetFlags(&pLogFile->LogFile) & ELF_LOGFILE_LOGFULL_WRITTEN);
1178 break;
1179 }
1180
1181 default:
1183 break;
1184 }
1185
1186 /* Unlock the log file */
1187 RtlReleaseResource(&pLogFile->Lock);
1188
1189 return Status;
1190}
Definition: bufpool.h:45
ULONG NTAPI ElfGetFlags(IN PEVTLOGFILE LogFile)
Definition: evtlib.c:1607
#define ELF_LOGFILE_LOGFULL_WRITTEN
Definition: evtlib.h:50
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceShared(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
#define STATUS_INVALID_LEVEL
Definition: ntstatus.h:564
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
#define EVENTLOG_FULL_INFO
Definition: winbase.h:1154
struct _EVENTLOG_FULL_INFORMATION * LPEVENTLOG_FULL_INFORMATION
struct _EVENTLOG_FULL_INFORMATION EVENTLOG_FULL_INFORMATION
_In_ DWORD _In_ DWORD _Out_ LPDWORD pcbBytesNeeded
Definition: winsvc.h:425
_In_ DWORD _In_ DWORD cbBufSize
Definition: winsvc.h:424

Referenced by GetEventLogInformation().

◆ ElfrIntReportEventW()

NTSTATUS ElfrIntReportEventW ( IELF_HANDLE  LogHandle,
ULONG  Time,
USHORT  EventType,
USHORT  EventCategory,
ULONG  EventID,
PRPC_UNICODE_STRING SourceName  OPTIONAL,
USHORT  NumStrings,
ULONG  DataSize,
PRPC_UNICODE_STRING  ComputerName,
PRPC_SID  UserSID,
PRPC_UNICODE_STRING  Strings[],
PBYTE  Data,
USHORT  Flags,
PULONG  RecordNumber,
PULONG  TimeWritten 
)

Definition at line 581 of file rpc.c.

597{
599 PLOGHANDLE pLogHandle;
600 UNICODE_STRING LocalSourceName, LocalComputerName;
601 PEVENTLOGRECORD LogBuffer;
602 USHORT i;
603 SIZE_T RecSize;
604 ULONG dwStringsSize = 0;
605 ULONG dwUserSidLength = 0;
606 PWSTR lpStrings, str;
607
609 if (!pLogHandle)
611
612 /* Flags must be 0 */
613 if (Flags)
615
616 for (i = 0; i < NumStrings; i++)
617 {
618 switch (EventType)
619 {
620 case EVENTLOG_SUCCESS:
621 DPRINT("Success: %wZ\n", Strings[i]);
622 break;
623
625 DPRINT("Error: %wZ\n", Strings[i]);
626 break;
627
629 DPRINT("Warning: %wZ\n", Strings[i]);
630 break;
631
633 DPRINT("Info: %wZ\n", Strings[i]);
634 break;
635
637 DPRINT("Audit Success: %wZ\n", Strings[i]);
638 break;
639
641 DPRINT("Audit Failure: %wZ\n", Strings[i]);
642 break;
643
644 default:
645 DPRINT1("Type %hu: %wZ\n", EventType, Strings[i]);
646 break;
647 }
648 dwStringsSize += Strings[i]->Length + sizeof(UNICODE_NULL);
649 }
650
651 lpStrings = HeapAlloc(GetProcessHeap(), 0, dwStringsSize);
652 if (!lpStrings)
653 {
654 DPRINT1("Failed to allocate heap\n");
655 return STATUS_NO_MEMORY;
656 }
657
658 str = lpStrings;
659 for (i = 0; i < NumStrings; i++)
660 {
662 str += Strings[i]->Length / sizeof(WCHAR);
663 *str = UNICODE_NULL;
664 str++;
665 }
666
667 if (UserSID)
668 dwUserSidLength = FIELD_OFFSET(SID, SubAuthority[UserSID->SubAuthorityCount]);
669
670 if (SourceName && SourceName->Buffer)
671 LocalSourceName = *(PUNICODE_STRING)SourceName;
672 else
673 RtlInitUnicodeString(&LocalSourceName, pLogHandle->szName);
674
675 LocalComputerName = *(PUNICODE_STRING)ComputerName;
676
677 LogBuffer = LogfAllocAndBuildNewRecord(&RecSize,
678 Time,
679 EventType,
680 EventCategory,
681 EventID,
682 &LocalSourceName,
683 &LocalComputerName,
684 dwUserSidLength,
685 UserSID,
687 lpStrings,
688 DataSize,
689 Data);
690 if (LogBuffer == NULL)
691 {
692 DPRINT1("LogfAllocAndBuildNewRecord failed!\n");
693 HeapFree(GetProcessHeap(), 0, lpStrings);
694 return STATUS_NO_MEMORY;
695 }
696
697 Status = LogfWriteRecord(pLogHandle->LogFile, LogBuffer, RecSize);
698 if (!NT_SUCCESS(Status))
699 {
700 DPRINT1("ERROR writing to event log `%S' (Status 0x%08lx)\n",
701 pLogHandle->LogFile->LogName, Status);
702 }
703
704 if (NT_SUCCESS(Status))
705 {
706 /* Retrieve the two fields that were set by LogfWriteRecord into the record */
707 if (RecordNumber)
708 *RecordNumber = LogBuffer->RecordNumber;
709 if (TimeWritten)
710 *TimeWritten = LogBuffer->TimeWritten;
711 }
712
713 LogfFreeRecord(LogBuffer);
714
715 HeapFree(GetProcessHeap(), 0, lpStrings);
716
717 return Status;
718}
WCHAR SourceName[256]
Definition: arping.c:28
static const WCHAR Strings[]
Definition: reg.c:35
UNICODE_STRING * PUNICODE_STRING
Definition: env_spec_w32.h:373
NTSTATUS LogfWriteRecord(PLOGFILE LogFile, PEVENTLOGRECORD Record, SIZE_T BufSize)
Definition: file.c:858
PEVENTLOGRECORD LogfAllocAndBuildNewRecord(PSIZE_T pRecSize, ULONG Time, USHORT wType, USHORT wCategory, ULONG dwEventId, PUNICODE_STRING SourceName, PUNICODE_STRING ComputerName, ULONG dwSidLength, PSID pUserSid, USHORT wNumStrings, PWSTR pStrings, ULONG dwDataSize, PVOID pRawData)
Definition: file.c:896
static __inline void LogfFreeRecord(PEVENTLOGRECORD Record)
Definition: eventlog.h:143
static PLARGE_INTEGER Time
Definition: time.c:105
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT _In_opt_ PVOID _In_ ULONG DataSize
Definition: ndis.h:4755
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT NumStrings
Definition: ndis.h:4753
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ EVENT_TYPE EventType
Definition: exfuncs.h:167
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
unsigned short USHORT
Definition: pedump.c:61
const WCHAR * str
DWORD RecordNumber
Definition: winnt_old.h:2843
UCHAR SubAuthorityCount
Definition: msv1_0.h:15
uint16_t * PWSTR
Definition: typedefs.h:56
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define EVENTLOG_ERROR_TYPE
Definition: winnt_old.h:2834
#define EVENTLOG_AUDIT_FAILURE
Definition: winnt_old.h:2838
#define EVENTLOG_INFORMATION_TYPE
Definition: winnt_old.h:2836
#define EVENTLOG_AUDIT_SUCCESS
Definition: winnt_old.h:2837
#define EVENTLOG_SUCCESS
Definition: winnt_old.h:2833
#define EVENTLOG_WARNING_TYPE
Definition: winnt_old.h:2835
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170

Referenced by ElfrReportEventAndSourceW(), and ElfrReportEventW().

◆ ElfrNumberOfRecords()

NTSTATUS WINAPI ElfrNumberOfRecords ( IELF_HANDLE  LogHandle,
PULONG  NumberOfRecords 
)

Definition at line 353 of file rpc.c.

356{
357 PLOGHANDLE pLogHandle;
358 PLOGFILE pLogFile;
359 ULONG OldestRecordNumber, CurrentRecordNumber;
360
361 DPRINT("ElfrNumberOfRecords()\n");
362
364 if (!pLogHandle)
366
367 if (!NumberOfRecords)
369
370 pLogFile = pLogHandle->LogFile;
371
372 /* Lock the log file shared */
374
375 OldestRecordNumber = ElfGetOldestRecord(&pLogFile->LogFile);
376 CurrentRecordNumber = ElfGetCurrentRecord(&pLogFile->LogFile);
377
378 /* Unlock the log file */
379 RtlReleaseResource(&pLogFile->Lock);
380
381 DPRINT("Oldest: %lu Current: %lu\n",
382 OldestRecordNumber, CurrentRecordNumber);
383
384 if (OldestRecordNumber == 0)
385 {
386 /* OldestRecordNumber == 0 when the log is empty */
387 *NumberOfRecords = 0;
388 }
389 else
390 {
391 /* The log contains events */
392 *NumberOfRecords = CurrentRecordNumber - OldestRecordNumber;
393 }
394
395 return STATUS_SUCCESS;
396}
ULONG NTAPI ElfGetOldestRecord(IN PEVTLOGFILE LogFile)
Definition: evtlib.c:1589
ULONG NTAPI ElfGetCurrentRecord(IN PEVTLOGFILE LogFile)
Definition: evtlib.c:1598

Referenced by ElfNumberOfRecords().

◆ ElfrOldestRecord()

NTSTATUS WINAPI ElfrOldestRecord ( IELF_HANDLE  LogHandle,
PULONG  OldestRecordNumber 
)

Definition at line 402 of file rpc.c.

405{
406 PLOGHANDLE pLogHandle;
407 PLOGFILE pLogFile;
408
410 if (!pLogHandle)
412
413 if (!OldestRecordNumber)
415
416 pLogFile = pLogHandle->LogFile;
417
418 /* Lock the log file shared */
420
421 *OldestRecordNumber = ElfGetOldestRecord(&pLogFile->LogFile);
422
423 /* Unlock the log file */
424 RtlReleaseResource(&pLogFile->Lock);
425
426 return STATUS_SUCCESS;
427}

Referenced by ElfOldestRecord().

◆ ElfrOpenBELA()

NTSTATUS WINAPI ElfrOpenBELA ( EVENTLOG_HANDLE_A  UNCServerName,
PRPC_STRING  BackupFileName,
ULONG  MajorVersion,
ULONG  MinorVersion,
PIELF_HANDLE  LogHandle 
)

Definition at line 897 of file rpc.c.

903{
905 UNICODE_STRING BackupFileNameW;
906
907 DPRINT("ElfrOpenBELA(%Z)\n", BackupFileName);
908
909 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
910 (PANSI_STRING)BackupFileName,
911 TRUE);
912 if (!NT_SUCCESS(Status))
913 {
914 DPRINT1("RtlAnsiStringToUnicodeString failed (Status 0x%08lx)\n", Status);
915 return Status;
916 }
917
918 if ((MajorVersion != 1) || (MinorVersion != 1))
919 {
920 RtlFreeUnicodeString(&BackupFileNameW);
922 }
923
924 /* FIXME: UNCServerName must specify the server */
925
926 /* FIXME: Must verify that caller has read access */
927
929 &BackupFileNameW);
930
931 RtlFreeUnicodeString(&BackupFileNameW);
932
933 return Status;
934}
static NTSTATUS ElfCreateBackupLogHandle(PLOGHANDLE *LogHandle, PUNICODE_STRING FileName)
Definition: rpc.c:177
ULONG MajorVersion
Definition: ros_glue.cpp:4
ULONG MinorVersion
Definition: ros_glue.cpp:5

Referenced by ElfOpenBackupEventLogA().

◆ ElfrOpenBELW()

NTSTATUS WINAPI ElfrOpenBELW ( EVENTLOG_HANDLE_W  UNCServerName,
PRPC_UNICODE_STRING  BackupFileName,
ULONG  MajorVersion,
ULONG  MinorVersion,
PIELF_HANDLE  LogHandle 
)

Definition at line 506 of file rpc.c.

512{
513 DPRINT("ElfrOpenBELW(%wZ)\n", BackupFileName);
514
515 if ((MajorVersion != 1) || (MinorVersion != 1))
517
518 /* FIXME: UNCServerName must specify the server */
519
520 /* FIXME: Must verify that caller has read access */
521
523 (PUNICODE_STRING)BackupFileName);
524}

Referenced by ElfOpenBackupEventLogW().

◆ ElfrOpenELA()

NTSTATUS WINAPI ElfrOpenELA ( EVENTLOG_HANDLE_A  UNCServerName,
PRPC_STRING  ModuleName,
PRPC_STRING  RegModuleName,
ULONG  MajorVersion,
ULONG  MinorVersion,
PIELF_HANDLE  LogHandle 
)

Definition at line 812 of file rpc.c.

819{
821 UNICODE_STRING ModuleNameW;
822
823 if ((MajorVersion != 1) || (MinorVersion != 1))
825
826 /* RegModuleName must be an empty string */
827 if (RegModuleName->Length > 0)
829
831 if (!NT_SUCCESS(Status))
832 return Status;
833
834 /* FIXME: Must verify that caller has read access */
835
837 &ModuleNameW,
838 FALSE);
839
840 RtlFreeUnicodeString(&ModuleNameW);
841
842 return Status;
843}
ACPI_BUFFER *RetBuffer ACPI_BUFFER *RetBuffer char ACPI_WALK_RESOURCE_CALLBACK void *Context ACPI_BUFFER *RetBuffer UINT16 ACPI_RESOURCE **ResourcePtr ACPI_GENERIC_ADDRESS *Reg UINT32 *ReturnValue UINT8 UINT8 *Slp_TypB ACPI_PHYSICAL_ADDRESS PhysicalAddress64 UINT32 UINT32 *TimeElapsed UINT32 ACPI_STATUS const char UINT32 ACPI_STATUS const char UINT32 const char const char * ModuleName
Definition: acpixf.h:1280
static NTSTATUS ElfCreateEventLogHandle(PLOGHANDLE *LogHandle, PUNICODE_STRING LogName, BOOLEAN Create)
Definition: rpc.c:69
USHORT Length
Definition: eventlogrpc.idl:17

Referenced by ElfOpenEventLogA().

◆ ElfrOpenELW()

NTSTATUS WINAPI ElfrOpenELW ( EVENTLOG_HANDLE_W  UNCServerName,
PRPC_UNICODE_STRING  ModuleName,
PRPC_UNICODE_STRING  RegModuleName,
ULONG  MajorVersion,
ULONG  MinorVersion,
PIELF_HANDLE  LogHandle 
)

Definition at line 446 of file rpc.c.

453{
454 if ((MajorVersion != 1) || (MinorVersion != 1))
456
457 /* RegModuleName must be an empty string */
458 if (RegModuleName->Length > 0)
460
461 /* FIXME: UNCServerName must specify the server */
462
463 /* FIXME: Must verify that caller has read access */
464
467 FALSE);
468}
unsigned short Length
Definition: msv1_0.h:22

Referenced by ElfOpenEventLogW().

◆ ElfrReadELA()

NTSTATUS WINAPI ElfrReadELA ( IELF_HANDLE  LogHandle,
ULONG  ReadFlags,
ULONG  RecordOffset,
RULONG  NumberOfBytesToRead,
PBYTE  Buffer,
PULONG  NumberOfBytesRead,
PULONG  MinNumberOfBytesNeeded 
)

Definition at line 940 of file rpc.c.

948{
950 PLOGHANDLE pLogHandle;
951 ULONG RecordNumber;
952
954 if (!pLogHandle)
956
957 if (!Buffer)
959
960 /* If sequential read, retrieve the CurrentRecord from this log handle */
961 if (ReadFlags & EVENTLOG_SEQUENTIAL_READ)
962 {
963 RecordNumber = pLogHandle->CurrentRecord;
964 }
965 else // (ReadFlags & EVENTLOG_SEEK_READ)
966 {
967 RecordNumber = RecordOffset;
968 }
969
970 Status = LogfReadEvents(pLogHandle->LogFile,
971 ReadFlags,
972 &RecordNumber,
973 NumberOfBytesToRead,
974 Buffer,
975 NumberOfBytesRead,
976 MinNumberOfBytesNeeded,
977 TRUE);
978
979 /* Update the handle's CurrentRecord if success */
980 if (NT_SUCCESS(Status))
981 {
982 pLogHandle->CurrentRecord = RecordNumber;
983 }
984
985 return Status;
986}
NTSTATUS LogfReadEvents(PLOGFILE LogFile, ULONG Flags, PULONG RecordNumber, ULONG BufSize, PBYTE Buffer, PULONG BytesRead, PULONG BytesNeeded, BOOLEAN Ansi)
Definition: file.c:721
#define EVENTLOG_SEQUENTIAL_READ
Definition: winnt_old.h:2828

Referenced by ElfReadEventLogA().

◆ ElfrReadELW()

NTSTATUS WINAPI ElfrReadELW ( IELF_HANDLE  LogHandle,
ULONG  ReadFlags,
ULONG  RecordOffset,
RULONG  NumberOfBytesToRead,
PBYTE  Buffer,
PULONG  NumberOfBytesRead,
PULONG  MinNumberOfBytesNeeded 
)

Definition at line 530 of file rpc.c.

538{
540 PLOGHANDLE pLogHandle;
541 ULONG RecordNumber;
542
544 if (!pLogHandle)
546
547 if (!Buffer)
549
550 /* If sequential read, retrieve the CurrentRecord from this log handle */
551 if (ReadFlags & EVENTLOG_SEQUENTIAL_READ)
552 {
553 RecordNumber = pLogHandle->CurrentRecord;
554 }
555 else // (ReadFlags & EVENTLOG_SEEK_READ)
556 {
557 RecordNumber = RecordOffset;
558 }
559
560 Status = LogfReadEvents(pLogHandle->LogFile,
561 ReadFlags,
562 &RecordNumber,
563 NumberOfBytesToRead,
564 Buffer,
565 NumberOfBytesRead,
566 MinNumberOfBytesNeeded,
567 FALSE);
568
569 /* Update the handle's CurrentRecord if success */
570 if (NT_SUCCESS(Status))
571 {
572 pLogHandle->CurrentRecord = RecordNumber;
573 }
574
575 return Status;
576}

Referenced by ElfReadEventLogW().

◆ ElfrRegisterClusterSvc()

NTSTATUS WINAPI ElfrRegisterClusterSvc ( handle_t  BindingHandle)

Definition at line 1111 of file rpc.c.

1113{
1116}

◆ ElfrRegisterEventSourceA()

NTSTATUS WINAPI ElfrRegisterEventSourceA ( EVENTLOG_HANDLE_A  UNCServerName,
PRPC_STRING  ModuleName,
PRPC_STRING  RegModuleName,
ULONG  MajorVersion,
ULONG  MinorVersion,
PIELF_HANDLE  LogHandle 
)

Definition at line 849 of file rpc.c.

856{
858 UNICODE_STRING ModuleNameW;
859
862 TRUE);
863 if (!NT_SUCCESS(Status))
864 {
865 DPRINT1("RtlAnsiStringToUnicodeString failed (Status 0x%08lx)\n", Status);
866 return Status;
867 }
868
869 /* RegModuleName must be an empty string */
870 if (RegModuleName->Length > 0)
871 {
872 RtlFreeUnicodeString(&ModuleNameW);
874 }
875
876 if ((MajorVersion != 1) || (MinorVersion != 1))
877 {
878 RtlFreeUnicodeString(&ModuleNameW);
880 }
881
882 /* FIXME: Must verify that caller has write access */
883
885 &ModuleNameW,
886 TRUE);
887
888 RtlFreeUnicodeString(&ModuleNameW);
889
890 return Status;
891}

Referenced by ElfRegisterEventSourceA().

◆ ElfrRegisterEventSourceW()

NTSTATUS WINAPI ElfrRegisterEventSourceW ( EVENTLOG_HANDLE_W  UNCServerName,
PRPC_UNICODE_STRING  ModuleName,
PRPC_UNICODE_STRING  RegModuleName,
ULONG  MajorVersion,
ULONG  MinorVersion,
PIELF_HANDLE  LogHandle 
)

Definition at line 474 of file rpc.c.

481{
482 DPRINT("ElfrRegisterEventSourceW()\n");
483
484 if ((MajorVersion != 1) || (MinorVersion != 1))
486
487 /* RegModuleName must be an empty string */
488 if (RegModuleName->Length > 0)
490
491 DPRINT("ModuleName: %wZ\n", ModuleName);
492
493 /* FIXME: UNCServerName must specify the server or empty for local */
494
495 /* FIXME: Must verify that caller has write access */
496
499 TRUE);
500}

Referenced by ElfRegisterEventSourceW().

◆ ElfrReportEventA()

NTSTATUS WINAPI ElfrReportEventA ( IELF_HANDLE  LogHandle,
ULONG  Time,
USHORT  EventType,
USHORT  EventCategory,
ULONG  EventID,
USHORT  NumStrings,
ULONG  DataSize,
PRPC_STRING  ComputerName,
PRPC_SID  UserSID,
PRPC_STRING  Strings[],
PBYTE  Data,
USHORT  Flags,
PULONG  RecordNumber,
PULONG  TimeWritten 
)

Definition at line 992 of file rpc.c.

1007{
1009 UNICODE_STRING ComputerNameW;
1010 PUNICODE_STRING *StringsArrayW = NULL;
1011 USHORT i;
1012
1013 DPRINT("ElfrReportEventA(%hu)\n", NumStrings);
1014
1015#if 0
1016 for (i = 0; i < NumStrings; i++)
1017 {
1018 if (Strings[i] == NULL)
1019 {
1020 DPRINT1("String %hu is null\n", i);
1021 }
1022 else
1023 {
1024 DPRINT1("String %hu: %Z\n", i, Strings[i]);
1025 }
1026 }
1027#endif
1028
1030 (PANSI_STRING)ComputerName,
1031 TRUE);
1032 if (!NT_SUCCESS(Status))
1033 return Status;
1034
1035 if (NumStrings != 0)
1036 {
1037 StringsArrayW = HeapAlloc(GetProcessHeap(),
1039 NumStrings * sizeof(PUNICODE_STRING));
1040 if (StringsArrayW == NULL)
1041 {
1043 goto Done;
1044 }
1045
1046 for (i = 0; i < NumStrings; i++)
1047 {
1048 if (Strings[i] != NULL)
1049 {
1050 StringsArrayW[i] = HeapAlloc(GetProcessHeap(),
1052 sizeof(UNICODE_STRING));
1053 if (StringsArrayW[i] == NULL)
1054 {
1056 break;
1057 }
1058
1059 Status = RtlAnsiStringToUnicodeString(StringsArrayW[i],
1061 TRUE);
1062 }
1063
1064 if (!NT_SUCCESS(Status))
1065 break;
1066 }
1067 }
1068
1069 if (NT_SUCCESS(Status))
1070 {
1072 Time,
1073 EventType,
1074 EventCategory,
1075 EventID,
1076 NumStrings,
1077 DataSize,
1078 (PRPC_UNICODE_STRING)&ComputerNameW,
1079 UserSID,
1080 (PRPC_UNICODE_STRING*)StringsArrayW,
1081 Data,
1082 Flags,
1083 RecordNumber,
1084 TimeWritten);
1085 }
1086
1087Done:
1088 if (StringsArrayW != NULL)
1089 {
1090 for (i = 0; i < NumStrings; i++)
1091 {
1092 if ((StringsArrayW[i] != NULL) && (StringsArrayW[i]->Buffer))
1093 {
1094 RtlFreeUnicodeString(StringsArrayW[i]);
1095 HeapFree(GetProcessHeap(), 0, StringsArrayW[i]);
1096 }
1097 }
1098
1099 HeapFree(GetProcessHeap(), 0, StringsArrayW);
1100 }
1101
1102 RtlFreeUnicodeString(&ComputerNameW);
1103
1104 return Status;
1105}
NTSTATUS WINAPI ElfrReportEventW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:724

Referenced by ElfReportEventA().

◆ ElfrReportEventAndSourceW()

NTSTATUS WINAPI ElfrReportEventAndSourceW ( IELF_HANDLE  LogHandle,
ULONG  Time,
USHORT  EventType,
USHORT  EventCategory,
ULONG  EventID,
PRPC_UNICODE_STRING  SourceName,
USHORT  NumStrings,
ULONG  DataSize,
PRPC_UNICODE_STRING  ComputerName,
PRPC_SID  UserSID,
PRPC_UNICODE_STRING  Strings[],
PBYTE  Data,
USHORT  Flags,
PULONG  RecordNumber,
PULONG  TimeWritten 
)

Definition at line 1224 of file rpc.c.

1240{
1241 /* Call the helper function. The event source is specified by the caller. */
1243 Time,
1244 EventType,
1245 EventCategory,
1246 EventID,
1247 SourceName,
1248 NumStrings,
1249 DataSize,
1250 ComputerName,
1251 UserSID,
1252 Strings,
1253 Data,
1254 Flags,
1255 RecordNumber,
1256 TimeWritten);
1257}
NTSTATUS ElfrIntReportEventW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, PRPC_UNICODE_STRING SourceName OPTIONAL, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:581

Referenced by ElfReportEventAndSourceW().

◆ ElfrReportEventW()

NTSTATUS WINAPI ElfrReportEventW ( IELF_HANDLE  LogHandle,
ULONG  Time,
USHORT  EventType,
USHORT  EventCategory,
ULONG  EventID,
USHORT  NumStrings,
ULONG  DataSize,
PRPC_UNICODE_STRING  ComputerName,
PRPC_SID  UserSID,
PRPC_UNICODE_STRING  Strings[],
PBYTE  Data,
USHORT  Flags,
PULONG  RecordNumber,
PULONG  TimeWritten 
)

Definition at line 724 of file rpc.c.

739{
740 /* Call the helper function. The event source is provided via the log handle. */
742 Time,
743 EventType,
744 EventCategory,
745 EventID,
746 NULL,
748 DataSize,
749 ComputerName,
750 UserSID,
751 Strings,
752 Data,
753 Flags,
754 RecordNumber,
755 TimeWritten);
756}

Referenced by ElfReportEventW(), and ElfrReportEventA().

◆ ElfrWriteClusterEvents()

NTSTATUS WINAPI ElfrWriteClusterEvents ( handle_t  BindingHandle)

Definition at line 1133 of file rpc.c.

1135{
1138}

◆ IELF_HANDLE_rundown()

void __RPC_USER IELF_HANDLE_rundown ( IELF_HANDLE  LogHandle)

Definition at line 1272 of file rpc.c.

1273{
1274 /* Close the handle */
1275 ElfDeleteEventLogHandle(&LogHandle); // ElfrCloseEL(&LogHandle);
1276}

◆ midl_user_allocate()

void __RPC_FAR *__RPC_USER midl_user_allocate ( SIZE_T  len)

Definition at line 1260 of file rpc.c.

1261{
1263}
GLenum GLsizei len
Definition: glext.h:6722

◆ midl_user_free()

void __RPC_USER midl_user_free ( void __RPC_FAR ptr)

Definition at line 1266 of file rpc.c.

1267{
1269}
static PVOID ptr
Definition: dispmode.c:27

◆ RpcThreadRoutine()

DWORD WINAPI RpcThreadRoutine ( LPVOID  lpParameter)

Definition at line 26 of file rpc.c.

27{
29
32
33 Status = RpcServerUseProtseqEpW(L"ncacn_np", 20, L"\\pipe\\EventLog", NULL);
34 if (Status != RPC_S_OK)
35 {
36 DPRINT("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
37 goto Quit;
38 }
39
40 Status = RpcServerRegisterIf(eventlog_v0_0_s_ifspec, NULL, NULL);
41 if (Status != RPC_S_OK)
42 {
43 DPRINT("RpcServerRegisterIf() failed (Status %lx)\n", Status);
44 goto Quit;
45 }
46
48 if (Status != RPC_S_OK)
49 {
50 DPRINT("RpcServerListen() failed (Status %lx)\n", Status);
51 }
52
55 {
58 }
60
61Quit:
63
64 return 0;
65}
#define IsListEmpty(ListHead)
Definition: env_spec_w32.h:954
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
PVOID IELF_HANDLE
Definition: eventlogrpc.idl:22
RPC_STATUS WINAPI RpcServerListen(UINT MinimumCallThreads, UINT MaxCalls, UINT DontWait)
Definition: rpc_server.c:1520
RPC_STATUS WINAPI RpcServerRegisterIf(RPC_IF_HANDLE IfSpec, UUID *MgrTypeUuid, RPC_MGR_EPV *MgrEpv)
Definition: rpc_server.c:1116
RPC_STATUS WINAPI RpcServerUseProtseqEpW(RPC_WSTR Protseq, UINT MaxCalls, RPC_WSTR Endpoint, LPVOID SecurityDescriptor)
Definition: rpc_server.c:927
#define RPC_C_LISTEN_MAX_CALLS_DEFAULT
Definition: rpcdce.h:122
#define RPC_S_OK
Definition: rpcnterr.h:22
long RPC_STATUS
Definition: rpc.h:52
VOID WINAPI InitializeCriticalSection(OUT LPCRITICAL_SECTION lpCriticalSection)
Definition: synch.c:751
void WINAPI DeleteCriticalSection(PCRITICAL_SECTION)

Variable Documentation

◆ LogHandleListCs

◆ LogHandleListHead

LIST_ENTRY LogHandleListHead
static