ReactOS 0.4.16-dev-197-g92996da
eventlog.c File Reference
#include <advapi32.h>
#include <ndk/kefuncs.h>
#include <eventlogrpc_c.h>
Include dependency graph for eventlog.c:

Go to the source code of this file.

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (advapi)
 
handle_t __RPC_USER EVENTLOG_HANDLE_A_bind (EVENTLOG_HANDLE_A UNCServerName)
 
void __RPC_USER EVENTLOG_HANDLE_A_unbind (EVENTLOG_HANDLE_A UNCServerName, handle_t hBinding)
 
handle_t __RPC_USER EVENTLOG_HANDLE_W_bind (EVENTLOG_HANDLE_W UNCServerName)
 
void __RPC_USER EVENTLOG_HANDLE_W_unbind (EVENTLOG_HANDLE_W UNCServerName, handle_t hBinding)
 
NTSTATUS NTAPI ElfBackupEventLogFileA (IN HANDLE hEventLog, IN PANSI_STRING BackupFileNameA)
 
BOOL WINAPI BackupEventLogA (IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
 
NTSTATUS NTAPI ElfBackupEventLogFileW (IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
 
BOOL WINAPI BackupEventLogW (IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
 
NTSTATUS NTAPI ElfClearEventLogFileA (IN HANDLE hEventLog, IN PANSI_STRING BackupFileNameA)
 
BOOL WINAPI ClearEventLogA (IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
 
NTSTATUS NTAPI ElfClearEventLogFileW (IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
 
BOOL WINAPI ClearEventLogW (IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
 
NTSTATUS NTAPI ElfCloseEventLog (IN HANDLE hEventLog)
 
BOOL WINAPI CloseEventLog (IN HANDLE hEventLog)
 
NTSTATUS NTAPI ElfDeregisterEventSource (IN HANDLE hEventLog)
 
BOOL WINAPI DeregisterEventSource (IN HANDLE hEventLog)
 
BOOL WINAPI GetEventLogInformation (IN HANDLE hEventLog, IN DWORD dwInfoLevel, OUT LPVOID lpBuffer, IN DWORD cbBufSize, OUT LPDWORD pcbBytesNeeded)
 
NTSTATUS NTAPI ElfNumberOfRecords (IN HANDLE hEventLog, OUT PULONG NumberOfRecords)
 
BOOL WINAPI GetNumberOfEventLogRecords (IN HANDLE hEventLog, OUT PDWORD NumberOfRecords)
 
NTSTATUS NTAPI ElfOldestRecord (IN HANDLE hEventLog, OUT PULONG OldestRecordNumber)
 
BOOL WINAPI GetOldestEventLogRecord (IN HANDLE hEventLog, OUT PDWORD OldestRecord)
 
NTSTATUS NTAPI ElfChangeNotify (IN HANDLE hEventLog, IN HANDLE hEvent)
 
BOOL WINAPI NotifyChangeEventLog (IN HANDLE hEventLog, IN HANDLE hEvent)
 
NTSTATUS NTAPI ElfOpenBackupEventLogA (IN PANSI_STRING UNCServerNameA, IN PANSI_STRING BackupFileNameA, OUT PHANDLE phEventLog)
 
HANDLE WINAPI OpenBackupEventLogA (IN LPCSTR lpUNCServerName, IN LPCSTR lpFileName)
 
NTSTATUS NTAPI ElfOpenBackupEventLogW (IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING BackupFileNameU, OUT PHANDLE phEventLog)
 
HANDLE WINAPI OpenBackupEventLogW (IN LPCWSTR lpUNCServerName, IN LPCWSTR lpFileName)
 
NTSTATUS NTAPI ElfOpenEventLogA (IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
 
HANDLE WINAPI OpenEventLogA (IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
 
NTSTATUS NTAPI ElfOpenEventLogW (IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
 
HANDLE WINAPI OpenEventLogW (IN LPCWSTR lpUNCServerName, IN LPCWSTR lpSourceName)
 
NTSTATUS NTAPI ElfReadEventLogA (IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
 
BOOL WINAPI ReadEventLogA (IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
 
NTSTATUS NTAPI ElfReadEventLogW (IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
 
BOOL WINAPI ReadEventLogW (IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
 
NTSTATUS NTAPI ElfRegisterEventSourceA (IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
 
HANDLE WINAPI RegisterEventSourceA (IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
 
NTSTATUS NTAPI ElfRegisterEventSourceW (IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
 
HANDLE WINAPI RegisterEventSourceW (IN LPCWSTR lpUNCServerName, IN LPCWSTR lpSourceName)
 
NTSTATUS NTAPI ElfReportEventA (IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PANSI_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
 
BOOL WINAPI ReportEventA (IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCSTR *lpStrings, IN LPVOID lpRawData)
 
NTSTATUS NTAPI ElfReportEventW (IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PUNICODE_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
 
BOOL WINAPI ReportEventW (IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCWSTR *lpStrings, IN LPVOID lpRawData)
 
NTSTATUS NTAPI ElfReportEventAndSourceW (IN HANDLE hEventLog, IN ULONG Time, IN PUNICODE_STRING ComputerName, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN PUNICODE_STRING SourceName, IN USHORT NumStrings, IN ULONG DataSize, IN PUNICODE_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
 
NTSTATUS NTAPI ElfFlushEventLog (IN HANDLE hEventLog)
 

Variables

static RPC_UNICODE_STRING EmptyStringU = { 0, 0, L"" }
 
static RPC_STRING EmptyStringA = { 0, 0, "" }
 

Function Documentation

◆ BackupEventLogA()

BOOL WINAPI BackupEventLogA ( IN HANDLE  hEventLog,
IN LPCSTR  lpBackupFileName 
)

Definition at line 177 of file eventlog.c.

179{
182 ANSI_STRING BackupFileNameA;
183 UNICODE_STRING BackupFileNameW;
184
185 TRACE("%p, %s\n", hEventLog, lpBackupFileName);
186
187 if (lpBackupFileName == NULL)
188 {
190 return FALSE;
191 }
192
193 RtlInitAnsiString(&BackupFileNameA, lpBackupFileName);
194
195 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
196 &BackupFileNameA,
197 TRUE);
198 if (!NT_SUCCESS(Status))
199 {
201 return FALSE;
202 }
203
204 Success = BackupEventLogW(hEventLog,
205 BackupFileNameW.Buffer);
206
207 RtlFreeUnicodeString(&BackupFileNameW);
208
209 return Success;
210}
LONG NTSTATUS
Definition: precomp.h:26
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
BOOL WINAPI BackupEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:245
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
#define SetLastError(x)
Definition: compat.h:752
@ Success
Definition: eventcreate.c:712
unsigned int BOOL
Definition: ntddk_ex.h:94
Status
Definition: gdiplustypes.h:25
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
#define TRACE(s)
Definition: solgame.cpp:4

Referenced by create_backup(), and test_backup().

◆ BackupEventLogW()

BOOL WINAPI BackupEventLogW ( IN HANDLE  hEventLog,
IN LPCWSTR  lpBackupFileName 
)

Definition at line 245 of file eventlog.c.

247{
249 UNICODE_STRING BackupFileName;
250
251 TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
252
253 if (lpBackupFileName == NULL)
254 {
256 return FALSE;
257 }
258
259 if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
260 NULL, NULL))
261 {
263 return FALSE;
264 }
265
266 Status = ElfBackupEventLogFileW(hEventLog, &BackupFileName);
267
268 RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
269
270 if (!NT_SUCCESS(Status))
271 {
273 return FALSE;
274 }
275
276 return TRUE;
277}
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
NTSTATUS NTAPI ElfBackupEventLogFileW(IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
Definition: eventlog.c:222
#define debugstr_w
Definition: kernel32.h:32
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)

Referenced by BackupEventLogA(), and SaveEventLog().

◆ ClearEventLogA()

BOOL WINAPI ClearEventLogA ( IN HANDLE  hEventLog,
IN LPCSTR  lpBackupFileName 
)

Definition at line 305 of file eventlog.c.

307{
310 ANSI_STRING BackupFileNameA;
311 UNICODE_STRING BackupFileNameW;
312
313 TRACE("%p, %s\n", hEventLog, lpBackupFileName);
314
315 if (lpBackupFileName == NULL)
316 {
317 RtlInitUnicodeString(&BackupFileNameW, NULL);
318 }
319 else
320 {
321 RtlInitAnsiString(&BackupFileNameA, lpBackupFileName);
322
323 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
324 &BackupFileNameA,
325 TRUE);
326 if (!NT_SUCCESS(Status))
327 {
329 return FALSE;
330 }
331 }
332
333 Success = ClearEventLogW(hEventLog,
334 BackupFileNameW.Buffer);
335
336 RtlFreeUnicodeString(&BackupFileNameW);
337
338 return Success;
339}
BOOL WINAPI ClearEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:367
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

Referenced by test_clear(), and test_readwrite().

◆ ClearEventLogW()

BOOL WINAPI ClearEventLogW ( IN HANDLE  hEventLog,
IN LPCWSTR  lpBackupFileName 
)

Definition at line 367 of file eventlog.c.

369{
371 UNICODE_STRING BackupFileName;
372
373 TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
374
375 if (lpBackupFileName == NULL)
376 {
377 RtlInitUnicodeString(&BackupFileName, NULL);
378 }
379 else
380 {
381 if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
382 NULL, NULL))
383 {
385 return FALSE;
386 }
387 }
388
389 Status = ElfClearEventLogFileW(hEventLog, &BackupFileName);
390
391 if (lpBackupFileName != NULL)
392 RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
393
394 if (!NT_SUCCESS(Status))
395 {
397 return FALSE;
398 }
399
400 return TRUE;
401}
NTSTATUS NTAPI ElfClearEventLogFileW(IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
Definition: eventlog.c:347

Referenced by ClearEventLogA(), and ClearEvents().

◆ CloseEventLog()

BOOL WINAPI CloseEventLog ( IN HANDLE  hEventLog)

Definition at line 427 of file eventlog.c.

428{
430
431 TRACE("%p\n", hEventLog);
432
433 Status = ElfCloseEventLog(hEventLog);
434 if (!NT_SUCCESS(Status))
435 {
437 return FALSE;
438 }
439
440 return TRUE;
441}
NTSTATUS NTAPI ElfCloseEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:409

Referenced by ClearEvents(), create_backup(), EnumEventsThread(), LogToEventLog(), SaveEventLog(), START_TEST(), test_backup(), test_clear(), test_count(), test_info(), test_oldest(), test_open_close(), test_openbackup(), test_read(), test_readwrite(), TestEventsGeneration(), and wmain().

◆ DeregisterEventSource()

BOOL WINAPI DeregisterEventSource ( IN HANDLE  hEventLog)

Definition at line 473 of file eventlog.c.

474{
476
477 TRACE("%p\n", hEventLog);
478
479 Status = ElfDeregisterEventSource(hEventLog);
480 if (!NT_SUCCESS(Status))
481 {
483 return FALSE;
484 }
485
486 return TRUE;
487}
NTSTATUS NTAPI ElfDeregisterEventSource(IN HANDLE hEventLog)
Definition: eventlog.c:455

Referenced by AddToMessageLog(), FreeLogs(), ScmLogEvent(), test_readwrite(), TestEventsGeneration(), TestMyEventProvider(), tirpc_report(), wmain(), and WriteEvent().

◆ ElfBackupEventLogFileA()

NTSTATUS NTAPI ElfBackupEventLogFileA ( IN HANDLE  hEventLog,
IN PANSI_STRING  BackupFileNameA 
)

Definition at line 154 of file eventlog.c.

156{
158
159 if (!BackupFileNameA || (BackupFileNameA->Length == 0))
161
163 {
164 Status = ElfrBackupELFA(hEventLog,
165 (PRPC_STRING)BackupFileNameA);
166 }
168 {
170 }
172
173 return Status;
174}
NTSTATUS WINAPI ElfrBackupELFA(IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
Definition: rpc.c:787
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
LONG WINAPI I_RpcMapWin32Status(RPC_STATUS status)
Definition: rpcrt4_main.c:740
#define RpcEndExcept
Definition: rpc.h:128
#define RpcTryExcept
Definition: rpc.h:126
#define RpcExcept(expr)
Definition: rpc.h:127
#define RpcExceptionCode()
Definition: rpc.h:132
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

◆ ElfBackupEventLogFileW()

NTSTATUS NTAPI ElfBackupEventLogFileW ( IN HANDLE  hEventLog,
IN PUNICODE_STRING  BackupFileNameU 
)

Definition at line 222 of file eventlog.c.

224{
226
227 if (!BackupFileNameU || (BackupFileNameU->Length == 0))
229
231 {
232 Status = ElfrBackupELFW(hEventLog,
233 (PRPC_UNICODE_STRING)BackupFileNameU);
234 }
236 {
238 }
240
241 return Status;
242}
NTSTATUS WINAPI ElfrBackupELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:313

Referenced by BackupEventLogW().

◆ ElfChangeNotify()

NTSTATUS NTAPI ElfChangeNotify ( IN HANDLE  hEventLog,
IN HANDLE  hEvent 
)

Definition at line 646 of file eventlog.c.

648{
650 CLIENT_ID ClientId = NtCurrentTeb()->ClientId;
651 RPC_CLIENT_ID RpcClientId;
652
655
657 {
658 Status = ElfrChangeNotify(hEventLog, RpcClientId, HandleToUlong(hEvent));
659 }
661 {
663 }
665
666 return Status;
667}
NTSTATUS WINAPI ElfrChangeNotify(IELF_HANDLE LogHandle, RPC_CLIENT_ID ClientId, ULONG Event)
Definition: rpc.c:433
#define HandleToUlong(h)
Definition: basetsd.h:79
#define NtCurrentTeb
static HANDLE hEvent
Definition: comm.c:54
HANDLE UniqueThread
Definition: compat.h:826
HANDLE UniqueProcess
Definition: compat.h:825
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1151

Referenced by NotifyChangeEventLog().

◆ ElfClearEventLogFileA()

NTSTATUS NTAPI ElfClearEventLogFileA ( IN HANDLE  hEventLog,
IN PANSI_STRING  BackupFileNameA 
)

Definition at line 285 of file eventlog.c.

287{
289
291 {
292 Status = ElfrClearELFA(hEventLog,
293 (PRPC_STRING)BackupFileNameA);
294 }
296 {
298 }
300
301 return Status;
302}
NTSTATUS WINAPI ElfrClearELFA(IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
Definition: rpc.c:762

◆ ElfClearEventLogFileW()

NTSTATUS NTAPI ElfClearEventLogFileW ( IN HANDLE  hEventLog,
IN PUNICODE_STRING  BackupFileNameU 
)

Definition at line 347 of file eventlog.c.

349{
351
353 {
354 Status = ElfrClearELFW(hEventLog,
355 (PRPC_UNICODE_STRING)BackupFileNameU);
356 }
358 {
360 }
362
363 return Status;
364}
NTSTATUS WINAPI ElfrClearELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:289

Referenced by ClearEventLogW().

◆ ElfCloseEventLog()

NTSTATUS NTAPI ElfCloseEventLog ( IN HANDLE  hEventLog)

Definition at line 409 of file eventlog.c.

410{
412
414 {
415 Status = ElfrCloseEL(&hEventLog);
416 }
418 {
420 }
422
423 return Status;
424}
NTSTATUS WINAPI ElfrCloseEL(PIELF_HANDLE LogHandle)
Definition: rpc.c:333

Referenced by CloseEventLog().

◆ ElfDeregisterEventSource()

NTSTATUS NTAPI ElfDeregisterEventSource ( IN HANDLE  hEventLog)

Definition at line 455 of file eventlog.c.

456{
458
460 {
461 Status = ElfrDeregisterEventSource(&hEventLog);
462 }
464 {
466 }
468
469 return Status;
470}
NTSTATUS WINAPI ElfrDeregisterEventSource(PIELF_HANDLE LogHandle)
Definition: rpc.c:343

Referenced by DeregisterEventSource(), and UserpLogHardError().

◆ ElfFlushEventLog()

NTSTATUS NTAPI ElfFlushEventLog ( IN HANDLE  hEventLog)

Definition at line 1633 of file eventlog.c.

1634{
1636
1638 {
1639 Status = ElfrFlushEL(hEventLog);
1640 }
1642 {
1644 }
1646
1647 return Status;
1648}
NTSTATUS WINAPI ElfrFlushEL(IELF_HANDLE LogHandle)
Definition: rpc.c:1196

◆ ElfNumberOfRecords()

NTSTATUS NTAPI ElfNumberOfRecords ( IN HANDLE  hEventLog,
OUT PULONG  NumberOfRecords 
)

Definition at line 548 of file eventlog.c.

550{
552
553 if (!NumberOfRecords)
555
557 {
558 Status = ElfrNumberOfRecords(hEventLog, NumberOfRecords);
559 }
561 {
563 }
565
566 return Status;
567}
NTSTATUS WINAPI ElfrNumberOfRecords(IELF_HANDLE LogHandle, PULONG NumberOfRecords)
Definition: rpc.c:353

Referenced by GetNumberOfEventLogRecords().

◆ ElfOldestRecord()

NTSTATUS NTAPI ElfOldestRecord ( IN HANDLE  hEventLog,
OUT PULONG  OldestRecordNumber 
)

Definition at line 597 of file eventlog.c.

599{
601
602 if (!OldestRecordNumber)
604
606 {
607 Status = ElfrOldestRecord(hEventLog, OldestRecordNumber);
608 }
610 {
612 }
614
615 return Status;
616}
NTSTATUS WINAPI ElfrOldestRecord(IELF_HANDLE LogHandle, PULONG OldestRecordNumber)
Definition: rpc.c:402

Referenced by GetOldestEventLogRecord().

◆ ElfOpenBackupEventLogA()

NTSTATUS NTAPI ElfOpenBackupEventLogA ( IN PANSI_STRING  UNCServerNameA,
IN PANSI_STRING  BackupFileNameA,
OUT PHANDLE  phEventLog 
)

Definition at line 693 of file eventlog.c.

696{
698 PSTR pUNCServerName = NULL;
699
700 if (!phEventLog || !BackupFileNameA || (BackupFileNameA->Length == 0))
702
703 if (UNCServerNameA && (UNCServerNameA->Length != 0))
704 pUNCServerName = UNCServerNameA->Buffer;
705
706 *phEventLog = NULL;
707
709 {
710 Status = ElfrOpenBELA(pUNCServerName,
711 (PRPC_STRING)BackupFileNameA,
712 1, 1,
713 (IELF_HANDLE*)phEventLog);
714 }
716 {
718 }
720
721 return Status;
722}
NTSTATUS WINAPI ElfrOpenBELA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:897
char * PSTR
Definition: typedefs.h:51

◆ ElfOpenBackupEventLogW()

NTSTATUS NTAPI ElfOpenBackupEventLogW ( IN PUNICODE_STRING  UNCServerNameU,
IN PUNICODE_STRING  BackupFileNameU,
OUT PHANDLE  phEventLog 
)

Definition at line 797 of file eventlog.c.

800{
802 PWSTR pUNCServerName = NULL;
803
804 if (!phEventLog || !BackupFileNameU || (BackupFileNameU->Length == 0))
806
807 if (UNCServerNameU && (UNCServerNameU->Length != 0))
808 pUNCServerName = UNCServerNameU->Buffer;
809
810 *phEventLog = NULL;
811
813 {
814 Status = ElfrOpenBELW(pUNCServerName,
815 (PRPC_UNICODE_STRING)BackupFileNameU,
816 1,
817 1,
818 (IELF_HANDLE*)phEventLog);
819 }
821 {
823 }
825
826 return Status;
827}
NTSTATUS WINAPI ElfrOpenBELW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:506
uint16_t * PWSTR
Definition: typedefs.h:56

Referenced by OpenBackupEventLogW().

◆ ElfOpenEventLogA()

NTSTATUS NTAPI ElfOpenEventLogA ( IN PANSI_STRING  UNCServerNameA,
IN PANSI_STRING  SourceNameA,
OUT PHANDLE  phEventLog 
)

Definition at line 885 of file eventlog.c.

888{
890 PSTR pUNCServerName = NULL;
891
892 if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
894
895 if (UNCServerNameA && (UNCServerNameA->Length != 0))
896 pUNCServerName = UNCServerNameA->Buffer;
897
898 *phEventLog = NULL;
899
901 {
902 Status = ElfrOpenELA(pUNCServerName,
903 (PRPC_STRING)SourceNameA,
905 1,
906 1,
907 (IELF_HANDLE*)phEventLog);
908 }
910 {
912 }
914
915 return Status;
916}
NTSTATUS WINAPI ElfrOpenELA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:812
static RPC_STRING EmptyStringA
Definition: eventlog.c:34

Referenced by OpenEventLogA().

◆ ElfOpenEventLogW()

NTSTATUS NTAPI ElfOpenEventLogW ( IN PUNICODE_STRING  UNCServerNameU,
IN PUNICODE_STRING  SourceNameU,
OUT PHANDLE  phEventLog 
)

Definition at line 951 of file eventlog.c.

954{
956 PWSTR pUNCServerName = NULL;
957
958 if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
960
961 if (UNCServerNameU && (UNCServerNameU->Length != 0))
962 pUNCServerName = UNCServerNameU->Buffer;
963
964 *phEventLog = NULL;
965
967 {
968 Status = ElfrOpenELW(pUNCServerName,
969 (PRPC_UNICODE_STRING)SourceNameU,
971 1,
972 1,
973 (IELF_HANDLE*)phEventLog);
974 }
976 {
978 }
980
981 return Status;
982}
NTSTATUS WINAPI ElfrOpenELW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:446
static RPC_UNICODE_STRING EmptyStringU
Definition: eventlog.c:33

Referenced by OpenEventLogW().

◆ ElfReadEventLogA()

NTSTATUS NTAPI ElfReadEventLogA ( IN HANDLE  hEventLog,
IN ULONG  ReadFlags,
IN ULONG  RecordOffset,
OUT LPVOID  Buffer,
IN ULONG  NumberOfBytesToRead,
OUT PULONG  NumberOfBytesRead,
OUT PULONG  MinNumberOfBytesNeeded 
)

Definition at line 1013 of file eventlog.c.

1020{
1022 ULONG Flags;
1023
1024 if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
1025 {
1027 }
1028
1031 {
1033 }
1034
1037 {
1039 }
1040
1042 {
1043 Status = ElfrReadELA(hEventLog,
1044 ReadFlags,
1045 RecordOffset,
1046 NumberOfBytesToRead,
1047 Buffer,
1048 NumberOfBytesRead,
1049 MinNumberOfBytesNeeded);
1050 }
1052 {
1054 }
1056
1057 return Status;
1058}
NTSTATUS WINAPI ElfrReadELA(IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
Definition: rpc.c:940
Definition: bufpool.h:45
uint32_t ULONG
Definition: typedefs.h:59
#define EVENTLOG_SEQUENTIAL_READ
Definition: winnt_old.h:2828
#define EVENTLOG_BACKWARDS_READ
Definition: winnt_old.h:2831
#define EVENTLOG_FORWARDS_READ
Definition: winnt_old.h:2830
#define EVENTLOG_SEEK_READ
Definition: winnt_old.h:2829
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170

Referenced by ReadEventLogA().

◆ ElfReadEventLogW()

NTSTATUS NTAPI ElfReadEventLogW ( IN HANDLE  hEventLog,
IN ULONG  ReadFlags,
IN ULONG  RecordOffset,
OUT LPVOID  Buffer,
IN ULONG  NumberOfBytesToRead,
OUT PULONG  NumberOfBytesRead,
OUT PULONG  MinNumberOfBytesNeeded 
)

Definition at line 1106 of file eventlog.c.

1113{
1115 ULONG Flags;
1116
1117 if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
1118 {
1120 }
1121
1124 {
1126 }
1127
1130 {
1132 }
1133
1135 {
1136 Status = ElfrReadELW(hEventLog,
1137 ReadFlags,
1138 RecordOffset,
1139 NumberOfBytesToRead,
1140 Buffer,
1141 NumberOfBytesRead,
1142 MinNumberOfBytesNeeded);
1143 }
1145 {
1147 }
1149
1150 return Status;
1151}
NTSTATUS WINAPI ElfrReadELW(IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
Definition: rpc.c:530

Referenced by ReadEventLogW().

◆ ElfRegisterEventSourceA()

NTSTATUS NTAPI ElfRegisterEventSourceA ( IN PANSI_STRING  UNCServerNameA,
IN PANSI_STRING  SourceNameA,
OUT PHANDLE  phEventLog 
)

Definition at line 1190 of file eventlog.c.

1193{
1195 PSTR pUNCServerName = NULL;
1196
1197 if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
1199
1200 if (UNCServerNameA && (UNCServerNameA->Length != 0))
1201 pUNCServerName = UNCServerNameA->Buffer;
1202
1203 *phEventLog = NULL;
1204
1206 {
1207 Status = ElfrRegisterEventSourceA(pUNCServerName,
1208 (PRPC_STRING)SourceNameA,
1209 &EmptyStringA,
1210 1,
1211 1,
1212 (IELF_HANDLE*)phEventLog);
1213 }
1215 {
1217 }
1219
1220 return Status;
1221}
NTSTATUS WINAPI ElfrRegisterEventSourceA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:849

Referenced by RegisterEventSourceA().

◆ ElfRegisterEventSourceW()

NTSTATUS NTAPI ElfRegisterEventSourceW ( IN PUNICODE_STRING  UNCServerNameU,
IN PUNICODE_STRING  SourceNameU,
OUT PHANDLE  phEventLog 
)

Definition at line 1261 of file eventlog.c.

1264{
1266 PWSTR pUNCServerName = NULL;
1267
1268 if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
1270
1271 if (UNCServerNameU && (UNCServerNameU->Length != 0))
1272 pUNCServerName = UNCServerNameU->Buffer;
1273
1274 *phEventLog = NULL;
1275
1277 {
1278 Status = ElfrRegisterEventSourceW(pUNCServerName,
1279 (PRPC_UNICODE_STRING)SourceNameU,
1280 &EmptyStringU,
1281 1,
1282 1,
1283 (IELF_HANDLE*)phEventLog);
1284 }
1286 {
1288 }
1290
1291 return Status;
1292}
NTSTATUS WINAPI ElfrRegisterEventSourceW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:474

Referenced by RegisterEventSourceW(), and UserpLogHardError().

◆ ElfReportEventA()

NTSTATUS NTAPI ElfReportEventA ( IN HANDLE  hEventLog,
IN USHORT  EventType,
IN USHORT  EventCategory,
IN ULONG  EventID,
IN PSID  UserSID,
IN USHORT  NumStrings,
IN ULONG  DataSize,
IN PANSI_STRING Strings,
IN PVOID  Data,
IN USHORT  Flags,
IN OUT PULONG  RecordNumber,
IN OUT PULONG  TimeWritten 
)

Definition at line 1323 of file eventlog.c.

1335{
1337 LARGE_INTEGER SystemTime;
1338 ULONG Time;
1339 ULONG dwSize;
1340 ANSI_STRING ComputerName;
1341 CHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1342
1343 dwSize = ARRAYSIZE(szComputerName);
1344 GetComputerNameA(szComputerName, &dwSize);
1345 RtlInitAnsiString(&ComputerName, szComputerName);
1346
1347 NtQuerySystemTime(&SystemTime);
1348 RtlTimeToSecondsSince1970(&SystemTime, &Time);
1349
1351 {
1352 Status = ElfrReportEventA(hEventLog,
1353 Time,
1354 EventType,
1355 EventCategory,
1356 EventID,
1357 NumStrings,
1358 DataSize,
1359 (PRPC_STRING)&ComputerName,
1360 (PRPC_SID)UserSID,
1362 Data,
1363 Flags,
1364 RecordNumber,
1365 TimeWritten);
1366 }
1368 {
1370 }
1372
1373 return Status;
1374}
NTSTATUS WINAPI ElfrReportEventA(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_STRING ComputerName, PRPC_SID UserSID, PRPC_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:992
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
static const WCHAR Strings[]
Definition: reg.c:35
BOOLEAN NTAPI RtlTimeToSecondsSince1970(PLARGE_INTEGER Time, PULONG ElapsedSeconds)
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
static PLARGE_INTEGER Time
Definition: time.c:105
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT _In_opt_ PVOID _In_ ULONG DataSize
Definition: ndis.h:4755
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT NumStrings
Definition: ndis.h:4753
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ EVENT_TYPE EventType
Definition: exfuncs.h:167
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:569
BOOL WINAPI SHIM_OBJ_NAME() GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
Definition: shimtest.c:21
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:268
char CHAR
Definition: xmlstorage.h:175

Referenced by ReportEventA().

◆ ElfReportEventAndSourceW()

NTSTATUS NTAPI ElfReportEventAndSourceW ( IN HANDLE  hEventLog,
IN ULONG  Time,
IN PUNICODE_STRING  ComputerName,
IN USHORT  EventType,
IN USHORT  EventCategory,
IN ULONG  EventID,
IN PSID  UserSID,
IN PUNICODE_STRING  SourceName,
IN USHORT  NumStrings,
IN ULONG  DataSize,
IN PUNICODE_STRING Strings,
IN PVOID  Data,
IN USHORT  Flags,
IN OUT PULONG  RecordNumber,
IN OUT PULONG  TimeWritten 
)

Definition at line 1586 of file eventlog.c.

1601{
1603
1605 {
1607 Time,
1608 EventType,
1609 EventCategory,
1610 EventID,
1612 NumStrings,
1613 DataSize,
1614 (PRPC_UNICODE_STRING)ComputerName,
1615 (PRPC_SID)UserSID,
1617 (PBYTE)Data,
1618 Flags,
1619 RecordNumber,
1620 TimeWritten);
1621 }
1623 {
1625 }
1627
1628 return Status;
1629}
WCHAR SourceName[256]
Definition: arping.c:28
NTSTATUS WINAPI ElfrReportEventAndSourceW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, PRPC_UNICODE_STRING SourceName, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:1224
BYTE * PBYTE
Definition: pedump.c:66

◆ ElfReportEventW()

NTSTATUS NTAPI ElfReportEventW ( IN HANDLE  hEventLog,
IN USHORT  EventType,
IN USHORT  EventCategory,
IN ULONG  EventID,
IN PSID  UserSID,
IN USHORT  NumStrings,
IN ULONG  DataSize,
IN PUNICODE_STRING Strings,
IN PVOID  Data,
IN USHORT  Flags,
IN OUT PULONG  RecordNumber,
IN OUT PULONG  TimeWritten 
)

Definition at line 1462 of file eventlog.c.

1474{
1476 LARGE_INTEGER SystemTime;
1477 ULONG Time;
1478 ULONG dwSize;
1479 UNICODE_STRING ComputerName;
1480 WCHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1481
1482 dwSize = ARRAYSIZE(szComputerName);
1483 GetComputerNameW(szComputerName, &dwSize);
1484 RtlInitUnicodeString(&ComputerName, szComputerName);
1485
1486 NtQuerySystemTime(&SystemTime);
1487 RtlTimeToSecondsSince1970(&SystemTime, &Time);
1488
1490 {
1491 Status = ElfrReportEventW(hEventLog,
1492 Time,
1493 EventType,
1494 EventCategory,
1495 EventID,
1496 NumStrings,
1497 DataSize,
1498 (PRPC_UNICODE_STRING)&ComputerName,
1499 (PRPC_SID)UserSID,
1501 Data,
1502 Flags,
1503 RecordNumber,
1504 TimeWritten);
1505 }
1507 {
1509 }
1511
1512 return Status;
1513}
NTSTATUS WINAPI ElfrReportEventW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:724
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by ReportEventW(), and UserpLogHardError().

◆ EVENTLOG_HANDLE_A_bind()

handle_t __RPC_USER EVENTLOG_HANDLE_A_bind ( EVENTLOG_HANDLE_A  UNCServerName)

Definition at line 40 of file eventlog.c.

41{
43 RPC_CSTR pszStringBinding;
45
46 TRACE("EVENTLOG_HANDLE_A_bind() called\n");
47
49 (RPC_CSTR)"ncacn_np",
50 (RPC_CSTR)UNCServerName,
51 (RPC_CSTR)"\\pipe\\EventLog",
52 NULL,
53 &pszStringBinding);
54 if (status)
55 {
56 ERR("RpcStringBindingCompose returned 0x%x\n", status);
57 return NULL;
58 }
59
60 /* Set the binding handle that will be used to bind to the server. */
61 status = RpcBindingFromStringBindingA(pszStringBinding,
62 &hBinding);
63 if (status != RPC_S_OK)
64 {
65 ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
66 }
67
68 status = RpcStringFreeA(&pszStringBinding);
69 if (status != RPC_S_OK)
70 {
71 ERR("RpcStringFree returned 0x%x\n", status);
72 }
73
74 return hBinding;
75}
#define ERR(fmt,...)
Definition: precomp.h:57
handle_t hBinding
Definition: ctx_c.c:54
RPC_STATUS WINAPI RpcStringBindingComposeA(RPC_CSTR ObjUuid, RPC_CSTR Protseq, RPC_CSTR NetworkAddr, RPC_CSTR Endpoint, RPC_CSTR Options, RPC_CSTR *StringBinding)
Definition: rpc_binding.c:457
RPC_STATUS WINAPI RpcBindingFromStringBindingA(RPC_CSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:840
unsigned char * RPC_CSTR
Definition: rpcdce.h:45
#define RPC_S_OK
Definition: rpcnterr.h:22
RPC_STATUS WINAPI RpcStringFreeA(RPC_CSTR *String)
Definition: rpcrt4_main.c:158
long RPC_STATUS
Definition: rpc.h:52
Definition: ps.c:97

◆ EVENTLOG_HANDLE_A_unbind()

void __RPC_USER EVENTLOG_HANDLE_A_unbind ( EVENTLOG_HANDLE_A  UNCServerName,
handle_t  hBinding 
)

Definition at line 79 of file eventlog.c.

81{
83
84 TRACE("EVENTLOG_HANDLE_A_unbind() called\n");
85
87 if (status != RPC_S_OK)
88 {
89 ERR("RpcBindingFree returned 0x%x\n", status);
90 }
91}
RPC_STATUS WINAPI RpcBindingFree(RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:787

◆ EVENTLOG_HANDLE_W_bind()

handle_t __RPC_USER EVENTLOG_HANDLE_W_bind ( EVENTLOG_HANDLE_W  UNCServerName)

Definition at line 95 of file eventlog.c.

96{
98 RPC_WSTR pszStringBinding;
100
101 TRACE("EVENTLOG_HANDLE_W_bind() called\n");
102
104 L"ncacn_np",
105 UNCServerName,
106 L"\\pipe\\EventLog",
107 NULL,
108 &pszStringBinding);
109 if (status != RPC_S_OK)
110 {
111 ERR("RpcStringBindingCompose returned 0x%x\n", status);
112 return NULL;
113 }
114
115 /* Set the binding handle that will be used to bind to the server. */
116 status = RpcBindingFromStringBindingW(pszStringBinding,
117 &hBinding);
118 if (status != RPC_S_OK)
119 {
120 ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
121 }
122
123 status = RpcStringFreeW(&pszStringBinding);
124 if (status != RPC_S_OK)
125 {
126 ERR("RpcStringFree returned 0x%x\n", status);
127 }
128
129 return hBinding;
130}
#define L(x)
Definition: ntvdm.h:50
RPC_STATUS WINAPI RpcBindingFromStringBindingW(RPC_WSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:880
RPC_STATUS WINAPI RpcStringBindingComposeW(RPC_WSTR ObjUuid, RPC_WSTR Protseq, RPC_WSTR NetworkAddr, RPC_WSTR Endpoint, RPC_WSTR Options, RPC_WSTR *StringBinding)
Definition: rpc_binding.c:510
unsigned short * RPC_WSTR
Definition: rpcdce.h:46
RPC_STATUS WINAPI RpcStringFreeW(RPC_WSTR *String)
Definition: rpcrt4_main.c:175

◆ EVENTLOG_HANDLE_W_unbind()

void __RPC_USER EVENTLOG_HANDLE_W_unbind ( EVENTLOG_HANDLE_W  UNCServerName,
handle_t  hBinding 
)

Definition at line 134 of file eventlog.c.

136{
138
139 TRACE("EVENTLOG_HANDLE_W_unbind() called\n");
140
142 if (status != RPC_S_OK)
143 {
144 ERR("RpcBindingFree returned 0x%x\n", status);
145 }
146}

◆ GetEventLogInformation()

BOOL WINAPI GetEventLogInformation ( IN HANDLE  hEventLog,
IN DWORD  dwInfoLevel,
OUT LPVOID  lpBuffer,
IN DWORD  cbBufSize,
OUT LPDWORD  pcbBytesNeeded 
)

Definition at line 501 of file eventlog.c.

506{
508
510 {
512 return FALSE;
513 }
514
516 {
517 Status = ElfrGetLogInformation(hEventLog,
520 cbBufSize,
522 }
524 {
526 }
528
529 if (!NT_SUCCESS(Status))
530 {
532 return FALSE;
533 }
534
535 return TRUE;
536}
NTSTATUS WINAPI ElfrGetLogInformation(IELF_HANDLE LogHandle, ULONG InfoLevel, PBYTE Buffer, ULONG cbBufSize, PULONG pcbBytesNeeded)
Definition: rpc.c:1144
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:175
unsigned char * LPBYTE
Definition: typedefs.h:53
#define EVENTLOG_FULL_INFO
Definition: winbase.h:1178
#define ERROR_INVALID_LEVEL
Definition: winerror.h:196
_In_ DWORD _In_ DWORD _Out_ LPDWORD pcbBytesNeeded
Definition: winsvc.h:425
_In_ DWORD _In_ DWORD cbBufSize
Definition: winsvc.h:424
_In_ DWORD dwInfoLevel
Definition: winsvc.h:422

◆ GetNumberOfEventLogRecords()

BOOL WINAPI GetNumberOfEventLogRecords ( IN HANDLE  hEventLog,
OUT PDWORD  NumberOfRecords 
)

Definition at line 570 of file eventlog.c.

572{
574
575 TRACE("%p, %p\n", hEventLog, NumberOfRecords);
576
577 Status = ElfNumberOfRecords(hEventLog, NumberOfRecords);
578 if (!NT_SUCCESS(Status))
579 {
581 return FALSE;
582 }
583
584 return TRUE;
585}
NTSTATUS NTAPI ElfNumberOfRecords(IN HANDLE hEventLog, OUT PULONG NumberOfRecords)
Definition: eventlog.c:548

Referenced by EnumEventsThread(), test_count(), test_read(), and test_readwrite().

◆ GetOldestEventLogRecord()

BOOL WINAPI GetOldestEventLogRecord ( IN HANDLE  hEventLog,
OUT PDWORD  OldestRecord 
)

Definition at line 619 of file eventlog.c.

621{
623
624 TRACE("%p, %p\n", hEventLog, OldestRecord);
625
626 Status = ElfOldestRecord(hEventLog, OldestRecord);
627 if (!NT_SUCCESS(Status))
628 {
630 return FALSE;
631 }
632
633 return TRUE;
634}
NTSTATUS NTAPI ElfOldestRecord(IN HANDLE hEventLog, OUT PULONG OldestRecordNumber)
Definition: eventlog.c:597

Referenced by test_oldest(), and test_readwrite().

◆ NotifyChangeEventLog()

BOOL WINAPI NotifyChangeEventLog ( IN HANDLE  hEventLog,
IN HANDLE  hEvent 
)

Definition at line 670 of file eventlog.c.

672{
674
675 TRACE("%p, %p\n", hEventLog, hEvent);
676
677 Status = ElfChangeNotify(hEventLog, hEvent);
678 if (!NT_SUCCESS(Status))
679 {
681 return FALSE;
682 }
683
684 return TRUE;
685}
NTSTATUS NTAPI ElfChangeNotify(IN HANDLE hEventLog, IN HANDLE hEvent)
Definition: eventlog.c:646

◆ OpenBackupEventLogA()

HANDLE WINAPI OpenBackupEventLogA ( IN LPCSTR  lpUNCServerName,
IN LPCSTR  lpFileName 
)

Definition at line 725 of file eventlog.c.

727{
730 ANSI_STRING UNCServerNameA;
731 UNICODE_STRING UNCServerNameW;
733 UNICODE_STRING FileNameW;
734
735 TRACE("%s, %s\n", lpUNCServerName, lpFileName);
736
737 /* Convert the server name to unicode */
738 if (lpUNCServerName == NULL)
739 {
740 RtlInitUnicodeString(&UNCServerNameW, NULL);
741 }
742 else
743 {
744 RtlInitAnsiString(&UNCServerNameA, lpUNCServerName);
745
746 Status = RtlAnsiStringToUnicodeString(&UNCServerNameW,
747 &UNCServerNameA,
748 TRUE);
749 if (!NT_SUCCESS(Status))
750 {
752 return NULL;
753 }
754 }
755
756 /* Convert the file name to unicode */
757 if (lpFileName == NULL)
758 {
759 RtlInitUnicodeString(&FileNameW, NULL);
760 }
761 else
762 {
764
766 &FileNameA,
767 TRUE);
768 if (!NT_SUCCESS(Status))
769 {
770 RtlFreeUnicodeString(&UNCServerNameW);
772 return NULL;
773 }
774 }
775
776 /* Call the unicode function */
777 LogHandle = OpenBackupEventLogW(UNCServerNameW.Buffer,
778 FileNameW.Buffer);
779
780 /* Free the unicode strings */
781 RtlFreeUnicodeString(&UNCServerNameW);
782 RtlFreeUnicodeString(&FileNameW);
783
784 return LogHandle;
785}
static const CHAR FileNameA[]
HANDLE WINAPI OpenBackupEventLogW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpFileName)
Definition: eventlog.c:830
_In_ UINT _Out_ PNDIS_HANDLE LogHandle
Definition: ndis.h:5382
_In_ LPCSTR lpFileName
Definition: winbase.h:3095

Referenced by test_backup(), test_clear(), test_count(), test_oldest(), and test_openbackup().

◆ OpenBackupEventLogW()

HANDLE WINAPI OpenBackupEventLogW ( IN LPCWSTR  lpUNCServerName,
IN LPCWSTR  lpFileName 
)

Definition at line 830 of file eventlog.c.

832{
834 HANDLE hEventLog;
835 UNICODE_STRING UNCServerName, FileName;
836
837 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpFileName));
838
839 if (lpFileName == NULL)
840 {
842 return NULL;
843 }
844
846 NULL, NULL))
847 {
849 return NULL;
850 }
851
852 RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
853
854 Status = ElfOpenBackupEventLogW(&UNCServerName, &FileName, &hEventLog);
855
856 if (FileName.Buffer != NULL)
857 RtlFreeHeap(RtlGetProcessHeap(), 0, FileName.Buffer);
858
859 if (!NT_SUCCESS(Status))
860 {
862 return NULL;
863 }
864
865 return hEventLog;
866}
NTSTATUS NTAPI ElfOpenBackupEventLogW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING BackupFileNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:797
struct _FileName FileName
Definition: fatprocs.h:897

Referenced by EnumEventsThread(), and OpenBackupEventLogA().

◆ OpenEventLogA()

HANDLE WINAPI OpenEventLogA ( IN LPCSTR  lpUNCServerName,
IN LPCSTR  lpSourceName 
)

Definition at line 919 of file eventlog.c.

921{
923 HANDLE hEventLog;
924 ANSI_STRING UNCServerName, SourceName;
925
926 TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
927
928 RtlInitAnsiString(&UNCServerName, lpUNCServerName);
929 RtlInitAnsiString(&SourceName, lpSourceName);
930
931 Status = ElfOpenEventLogA(&UNCServerName, &SourceName, &hEventLog);
932 if (!NT_SUCCESS(Status))
933 {
935 return NULL;
936 }
937
938 return hEventLog;
939}
NTSTATUS NTAPI ElfOpenEventLogA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:885

Referenced by create_backup(), test_backup(), test_count(), test_info(), test_oldest(), test_open_close(), test_read(), and test_readwrite().

◆ OpenEventLogW()

HANDLE WINAPI OpenEventLogW ( IN LPCWSTR  lpUNCServerName,
IN LPCWSTR  lpSourceName 
)

Definition at line 985 of file eventlog.c.

987{
989 HANDLE hEventLog;
990 UNICODE_STRING UNCServerName, SourceName;
991
992 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
993
994 RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
995 RtlInitUnicodeString(&SourceName, lpSourceName);
996
997 Status = ElfOpenEventLogW(&UNCServerName, &SourceName, &hEventLog);
998 if (!NT_SUCCESS(Status))
999 {
1001 return NULL;
1002 }
1003
1004 return hEventLog;
1005}
NTSTATUS NTAPI ElfOpenEventLogW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:951

Referenced by ClearEvents(), EnumEventsThread(), SaveEventLog(), START_TEST(), TestEventsGeneration(), and wmain().

◆ ReadEventLogA()

BOOL WINAPI ReadEventLogA ( IN HANDLE  hEventLog,
IN DWORD  dwReadFlags,
IN DWORD  dwRecordOffset,
OUT LPVOID  lpBuffer,
IN DWORD  nNumberOfBytesToRead,
OUT DWORD pnBytesRead,
OUT DWORD pnMinNumberOfBytesNeeded 
)

Definition at line 1061 of file eventlog.c.

1068{
1070
1071 TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
1072 hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
1073 nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
1074
1075 Status = ElfReadEventLogA(hEventLog,
1076 dwReadFlags,
1077 dwRecordOffset,
1078 lpBuffer,
1079 nNumberOfBytesToRead,
1080 pnBytesRead,
1081 pnMinNumberOfBytesNeeded);
1082 if (!NT_SUCCESS(Status))
1083 {
1085 return FALSE;
1086 }
1087
1088 return TRUE;
1089}
NTSTATUS NTAPI ElfReadEventLogA(IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
Definition: eventlog.c:1013

Referenced by test_read(), and test_readwrite().

◆ ReadEventLogW()

BOOL WINAPI ReadEventLogW ( IN HANDLE  hEventLog,
IN DWORD  dwReadFlags,
IN DWORD  dwRecordOffset,
OUT LPVOID  lpBuffer,
IN DWORD  nNumberOfBytesToRead,
OUT DWORD pnBytesRead,
OUT DWORD pnMinNumberOfBytesNeeded 
)

Definition at line 1154 of file eventlog.c.

1161{
1163
1164 TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
1165 hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
1166 nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
1167
1168 Status = ElfReadEventLogW(hEventLog,
1169 dwReadFlags,
1170 dwRecordOffset,
1171 lpBuffer,
1172 nNumberOfBytesToRead,
1173 pnBytesRead,
1174 pnMinNumberOfBytesNeeded);
1175 if (!NT_SUCCESS(Status))
1176 {
1178 return FALSE;
1179 }
1180
1181 return TRUE;
1182}
NTSTATUS NTAPI ElfReadEventLogW(IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
Definition: eventlog.c:1106

Referenced by EnumEventsThread().

◆ RegisterEventSourceA()

HANDLE WINAPI RegisterEventSourceA ( IN LPCSTR  lpUNCServerName,
IN LPCSTR  lpSourceName 
)

Definition at line 1224 of file eventlog.c.

1226{
1228 HANDLE hEventLog;
1229 ANSI_STRING UNCServerName, SourceName;
1230
1231 TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
1232
1233 RtlInitAnsiString(&UNCServerName, lpUNCServerName);
1234 RtlInitAnsiString(&SourceName, lpSourceName);
1235
1236 Status = ElfRegisterEventSourceA(&UNCServerName, &SourceName, &hEventLog);
1237 if (!NT_SUCCESS(Status))
1238 {
1240 return NULL;
1241 }
1242
1243 return hEventLog;
1244}
NTSTATUS NTAPI ElfRegisterEventSourceA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:1190

Referenced by test_readwrite().

◆ RegisterEventSourceW()

HANDLE WINAPI RegisterEventSourceW ( IN LPCWSTR  lpUNCServerName,
IN LPCWSTR  lpSourceName 
)

Definition at line 1295 of file eventlog.c.

1297{
1299 HANDLE hEventLog;
1300 UNICODE_STRING UNCServerName, SourceName;
1301
1302 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
1303
1304 RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
1305 RtlInitUnicodeString(&SourceName, lpSourceName);
1306
1307 Status = ElfRegisterEventSourceW(&UNCServerName, &SourceName, &hEventLog);
1308 if (!NT_SUCCESS(Status))
1309 {
1311 return NULL;
1312 }
1313
1314 return hEventLog;
1315}
NTSTATUS NTAPI ElfRegisterEventSourceW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:1261

Referenced by InitLogs(), LogToEventLog(), ScmLogEvent(), TestEventsGeneration(), TestMyEventProvider(), and wmain().

◆ ReportEventA()

BOOL WINAPI ReportEventA ( IN HANDLE  hEventLog,
IN WORD  wType,
IN WORD  wCategory,
IN DWORD  dwEventID,
IN PSID  lpUserSid,
IN WORD  wNumStrings,
IN DWORD  dwDataSize,
IN LPCSTR lpStrings,
IN LPVOID  lpRawData 
)

Definition at line 1377 of file eventlog.c.

1386{
1389 WORD i;
1390
1391 TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
1392 hEventLog, wType, wCategory, dwEventID, lpUserSid,
1393 wNumStrings, dwDataSize, lpStrings, lpRawData);
1394
1397 wNumStrings * sizeof(PANSI_STRING));
1398 if (!Strings)
1399 {
1401 return FALSE;
1402 }
1403
1404 for (i = 0; i < wNumStrings; i++)
1405 {
1408 sizeof(ANSI_STRING));
1409 if (Strings[i])
1410 {
1411 RtlInitAnsiString(Strings[i], lpStrings[i]);
1412 }
1413 }
1414
1415 Status = ElfReportEventA(hEventLog,
1416 wType,
1417 wCategory,
1418 dwEventID,
1419 lpUserSid,
1420 wNumStrings,
1421 dwDataSize,
1422 Strings,
1423 lpRawData,
1424 0,
1425 NULL,
1426 NULL);
1427
1428 for (i = 0; i < wNumStrings; i++)
1429 {
1430 if (Strings[i] != NULL)
1432 }
1433
1435
1436 if (!NT_SUCCESS(Status))
1437 {
1439 return FALSE;
1440 }
1441
1442 return TRUE;
1443}
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
NTSTATUS NTAPI ElfReportEventA(IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PANSI_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1323
#define GetProcessHeap()
Definition: compat.h:736
#define HeapAlloc
Definition: compat.h:733
#define HeapFree(x, y, z)
Definition: compat.h:735
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
unsigned short WORD
Definition: ntddk_ex.h:93
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

Referenced by test_readwrite().

◆ ReportEventW()

BOOL WINAPI ReportEventW ( IN HANDLE  hEventLog,
IN WORD  wType,
IN WORD  wCategory,
IN DWORD  dwEventID,
IN PSID  lpUserSid,
IN WORD  wNumStrings,
IN DWORD  dwDataSize,
IN LPCWSTR lpStrings,
IN LPVOID  lpRawData 
)

Definition at line 1516 of file eventlog.c.

1525{
1528 WORD i;
1529
1530 TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
1531 hEventLog, wType, wCategory, dwEventID, lpUserSid,
1532 wNumStrings, dwDataSize, lpStrings, lpRawData);
1533
1536 wNumStrings * sizeof(PUNICODE_STRING));
1537 if (!Strings)
1538 {
1540 return FALSE;
1541 }
1542
1543 for (i = 0; i < wNumStrings; i++)
1544 {
1547 sizeof(UNICODE_STRING));
1548 if (Strings[i])
1549 {
1550 RtlInitUnicodeString(Strings[i], lpStrings[i]);
1551 }
1552 }
1553
1554 Status = ElfReportEventW(hEventLog,
1555 wType,
1556 wCategory,
1557 dwEventID,
1558 lpUserSid,
1559 wNumStrings,
1560 dwDataSize,
1561 Strings,
1562 lpRawData,
1563 0,
1564 NULL,
1565 NULL);
1566
1567 for (i = 0; i < wNumStrings; i++)
1568 {
1569 if (Strings[i] != NULL)
1571 }
1572
1574
1575 if (!NT_SUCCESS(Status))
1576 {
1578 return FALSE;
1579 }
1580
1581 return TRUE;
1582}
NTSTATUS NTAPI ElfReportEventW(IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PUNICODE_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1462

Referenced by LogToEventLog(), ScmLogEvent(), START_TEST(), TestEventsGeneration(), TestMyEventProvider(), wmain(), and WriteLogMessage().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( advapi  )

Variable Documentation

◆ EmptyStringA

RPC_STRING EmptyStringA = { 0, 0, "" }
static

Definition at line 34 of file eventlog.c.

Referenced by ElfOpenEventLogA(), and ElfRegisterEventSourceA().

◆ EmptyStringU

RPC_UNICODE_STRING EmptyStringU = { 0, 0, L"" }
static

Definition at line 33 of file eventlog.c.

Referenced by ElfOpenEventLogW(), and ElfRegisterEventSourceW().