47 pCreateWellKnownSid = (
void*)
GetProcAddress(hadvapi32,
"CreateWellKnownSid");
48 pGetEventLogInformation = (
void*)
GetProcAddress(hadvapi32,
"GetEventLogInformation");
65 skip(
"insufficient privileges to backup the eventlog\n");
85 ok(!
ret,
"Expected failure\n");
88 "Expected ERROR_INVALID_HANDLE, got %d\n",
GetLastError());
105 "Expected RPC_S_SERVER_UNAVAILABLE, got %d\n",
GetLastError());
111 ok(
ret,
"Expected success\n");
117 ok(!
ret,
"Expected failure\n");
139 if (!pGetEventLogInformation)
142 win_skip(
"GetEventLogInformation is not available\n");
147 ok(!
ret,
"Expected failure\n");
152 ok(!
ret,
"Expected failure\n");
159 ok(!
ret,
"Expected failure\n");
164 ok(!
ret,
"Expected failure\n");
169 ok(!
ret,
"Expected failure\n");
174 efi->dwFull = 0xdeadbeef;
176 ok(!
ret,
"Expected failure\n");
179 ok(efi->dwFull == 0xdeadbeef,
"Expected no change to the dwFull member\n");
182 efi->dwFull = 0xdeadbeef;
185 ok(
ret,
"Expected success\n");
187 ok(efi->dwFull == 0 || efi->dwFull == 1,
"Expected 0 (not full) or 1 (full), got %d\n", efi->dwFull);
197 const char backup[] =
"backup.evt";
201 ok(!
ret,
"Expected failure\n");
207 ok(!
ret,
"Expected failure\n");
209 ok(
count == 0xdeadbeef,
"Expected count to stay unchanged\n");
215 ok(!
ret,
"Expected failure\n");
220 ok(
ret,
"Expected success\n");
221 ok(
count != 0xdeadbeef,
"Expected the number of records\n");
237 ok(
ret,
"Expected success\n");
238 ok(
count != 0xdeadbeef,
"Expected the number of records\n");
251 const char backup[] =
"backup.evt";
255 ok(!
ret,
"Expected failure\n");
261 ok(!
ret,
"Expected failure\n");
263 ok(oldest == 0xdeadbeef,
"Expected oldest to stay unchanged\n");
269 ok(!
ret,
"Expected failure\n");
274 ok(
ret,
"Expected success\n");
275 ok(oldest != 0xdeadbeef,
"Expected the number of the oldest record\n");
291 ok(
ret,
"Expected success\n");
292 ok(oldest != 0xdeadbeef,
"Expected the number of the oldest record\n");
304 const char backup[] =
"backup.evt";
305 const char backup2[] =
"backup2.evt";
309 ok(!
ret,
"Expected failure\n");
314 ok(!
ret,
"Expected failure\n");
321 ok(!
ret,
"Expected failure\n");
327 skip(
"insufficient privileges for backup tests\n");
331 ok(
ret,
"Expected success\n");
340 ok(!
ret,
"Expected failure\n");
354 ok(
ret,
"Expected success\n");
372 ok(!
ret,
"Expected failure\n");
379 ok(!
ret,
"Expected failure\n");
380 ok(
read == 0xdeadbeef,
"Expected 'read' parameter to remain unchanged\n");
387 ok(!
ret,
"Expected failure\n");
388 ok(needed == 0xdeadbeef,
"Expected 'needed' parameter to remain unchanged\n");
395 ok(!
ret,
"Expected failure\n");
401 ok(!
ret,
"Expected failure\n");
407 ok(!
ret,
"Expected failure\n");
415 ok(!
ret,
"Expected failure\n");
423 ok(!
ret,
"Expected failure\n");
435 ok(!
ret,
"Expected failure\n");
441 ok(!
ret,
"Expected failure\n");
447 ok(!
ret,
"Expected failure\n");
454 ok(!
ret,
"Expected failure\n");
461 ok(!
ret,
"Expected failure\n");
468 ok(!
ret,
"Expected failure\n");
479 skip(
"No records in the 'Application' log\n");
486 read = needed = 0xdeadbeef;
490 ok(!
ret,
"Expected failure\n");
491 ok(
read == 0,
"Expected no bytes read\n");
492 ok(needed >
sizeof(
EVENTLOGRECORD),
"Expected the needed buffersize to be bigger than sizeof(EVENTLOGRECORD)\n");
498 read = needed = 0xdeadbeef;
501 ok(
ret,
"Expected success\n");
504 "Expected the requested size to be read\n");
505 ok(needed == 0,
"Expected no extra bytes to be read\n");
515 const char backup[] =
"backup.evt";
516 const char text[] =
"Just some text";
538 "Expected RPC_S_SERVER_UNAVAILABLE, got %d\n",
GetLastError());
546 skip(
"We don't have a backup eventlog to work with\n");
555 "Expected RPC_S_SERVER_UNAVAILABLE, got %d\n",
GetLastError());
567 ok(handle2 !=
NULL,
"Expected a handle\n");
568 ok(handle2 !=
handle,
"Didn't expect the same handle\n");
583 "Expected ERROR_NOT_ENOUGH_MEMORY, got %d\n",
GetLastError());
602 const char backup[] =
"backup.evt";
603 const char backup2[] =
"backup2.evt";
607 ok(!
ret,
"Expected failure\n");
616 ok(!
ret,
"Expected failure\n");
626 ok(!
ret,
"Expected failure\n");
632 "Expected ERROR_INVALID_HANDLE, got %d\n",
GetLastError());
637 ok(!
ret,
"Expected failure\n");
643 ok(!
ret,
"Expected failure\n");
651 static const char eventlogsvc[] =
"SYSTEM\\CurrentControlSet\\Services\\Eventlog";
653 static const char eventsources[][11] = {
"WineSrc",
"WineSrc1",
"WineSrc20",
"WineSrc300" };
666 skip(
"Could not open the EventLog service registry key\n");
706 static const char *
two_strings[] = {
"First string",
"Second string" };
738 char *localcomputer =
NULL;
741 if (pCreateWellKnownSid)
746 pCreateWellKnownSid(WinInteractiveSid,
NULL,
user, &sidsize);
751 win_skip(
"Skipping some SID related tests\n");
752 sidavailable =
FALSE;
763 win_skip(
"Could not get a handle to the eventlog\n");
772 win_skip(
"We most likely opened the Application eventlog\n");
781 win_skip(
"We didn't open our new eventlog\n");
791 win_skip(
"Win7 fails when using incorrect event types\n");
811 0,
buf, needed, &
read, &needed);
859 ok(
count == (
i + 1),
"Expected %d records, got %d\n",
i + 1,
count);
866 (oldest > 1 && oldest != 0xdeadbeef),
867 "Expected oldest to be 1 or higher, got %d\n", oldest);
868 if (oldest > 1 && oldest != 0xdeadbeef)
882 ok(
ret,
"Expected success\n");
889 skip(
"No events were written to the eventlog\n");
895 skip(
"There is no DWORD alignment enforced for UserSid on Vista, W2K8 or Win7\n");
897 if (on_vista && pGetComputerNameExA)
902 pGetComputerNameExA(ComputerNameDnsFullyQualified,
NULL, &
size);
904 pGetComputerNameExA(ComputerNameDnsFullyQualified, localcomputer, &
size);
922 char *sourcename, *computername;
931 ok(!
ret,
"Expected failure\n");
941 0,
buf, needed, &
read, &needed);
947 "Expected %d, got %d\n",
read,
record->Length);
949 "Expected 0x654c664c, got %d\n",
record->Reserved);
951 (on_vista && (
record->RecordNumber >
i + 1)),
952 "Expected %d or higher, got %d\n",
i + 1,
record->RecordNumber);
967 ok(!
lstrcmpiA(computername, localcomputer),
"Expected '%s', got '%s'\n",
968 localcomputer, computername);
982 ok(*(
DWORD *)((
BYTE *)
buf + calculated_sidoffset) == 0,
"Expected 0\n");
989 ok(
record->UserSidLength == sidsize,
"Expected %d, got %d\n", sidsize,
record->UserSidLength);
993 ok(
record->StringOffset ==
record->UserSidOffset,
"Expected offsets to be the same\n");
994 ok(
record->UserSidLength == 0,
"Expected 0, got %d\n",
record->UserSidLength);
997 ok(
record->DataLength == 0,
"Expected 0, got %d\n",
record->DataLength);
1000 for (
k = 0;
k <
record->NumStrings;
k++)
1007 "Expected the closing DWORD to contain the length of the record\n");
1020 ok(
ret,
"Expected success\n");
1024 ok(
ret,
"Expected success\n");
1025 ok(
count == 0,
"Expected an empty eventlog, got %d records\n",
count);
1075 memset(sources_verify, 0,
sizeof(sources_verify));
1085 "Expected a correct 'Sources' value (size : %d)\n",
size);
1092 if (pWow64DisableWow64FsRedirection)
1093 pWow64DisableWow64FsRedirection(&redir);
1115 "Expected an eventlog file\n");
1117 if (pWow64RevertWow64FsRedirection)
1118 pWow64RevertWow64FsRedirection(redir);
1140 ok(lret ==
ERROR_SUCCESS,
"Could not delete the registry tree : %d\n", lret);
1146 ok(bret,
"Expected MoveFileEx to succeed: %d\n",
GetLastError());
1151 const char sessionname[] =
"wine";
1152 const char filepath[] =
"wine.etl";
1153 const char filepath2[] =
"eniw.etl";
1173 "Expected ERROR_BAD_LENGTH, got %d\n",
ret);
1208 properties->
Wnode.
Guid = SystemTraceControlGuid;
1223 skip(
"need admin rights\n");
1232 "Expected ERROR_ALREADY_EXISTS, got %d\n",
ret);
1247 win_skip(
"Event log functions are not implemented\n");
BOOL WINAPI SHIM_OBJ_NAME() GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
static void test_open_close(void)
#define ERROR_INVALID_PARAMETER
LONG WINAPI RegOpenKeyA(HKEY hKey, LPCSTR lpSubKey, PHKEY phkResult)
BOOL WINAPI WriteFile(IN HANDLE hFile, IN LPCVOID lpBuffer, IN DWORD nNumberOfBytesToWrite OPTIONAL, OUT LPDWORD lpNumberOfBytesWritten, IN LPOVERLAPPED lpOverlapped OPTIONAL)
LONG WINAPI RegQueryValueExA(_In_ HKEY hkeyorg, _In_ LPCSTR name, _In_ LPDWORD reserved, _Out_opt_ LPDWORD type, _Out_opt_ LPBYTE data, _Inout_opt_ LPDWORD count)
BOOL WINAPI MoveFileExA(IN LPCSTR lpExistingFileName, IN LPCSTR lpNewFileName OPTIONAL, IN DWORD dwFlags)
static BOOL create_new_eventlog(void)
VOID WINAPI DECLSPEC_HOTPATCH Sleep(IN DWORD dwMilliseconds)
static DWORD *static DWORD
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
#define SECURITY_MAX_SID_SIZE
#define RPC_X_NULL_REF_POINTER
int WINAPI lstrcmpiA(LPCSTR lpString1, LPCSTR lpString2)
#define ERROR_PRIVILEGE_NOT_HELD
#define RPC_S_INVALID_NET_ADDR
static BOOL(WINAPI *pCreateWellKnownSid)(WELL_KNOWN_SID_TYPE
static void test_openbackup(void)
GLuint GLuint GLsizei count
#define ERROR_INVALID_HANDLE
static void test_autocreation(void)
struct _EVENTLOG_FULL_INFORMATION EVENTLOG_FULL_INFORMATION
static HINSTANCE hkernel32
UINT WINAPI GetSystemDirectoryA(OUT LPSTR lpBuffer, IN UINT uSize)
#define ERROR_NOT_ENOUGH_MEMORY
int WINAPI lstrcmpA(LPCSTR lpString1, LPCSTR lpString2)
#define RPC_S_SERVER_UNAVAILABLE
DWORD WINAPI GetLastError(VOID)
BOOL WINAPI ReportEventA(IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCSTR *lpStrings, IN LPVOID lpRawData)
LONG WINAPI RegFlushKey(HKEY hKey)
#define EVENTLOG_BACKWARDS_READ
GLenum GLuint GLenum GLsizei const GLchar * buf
static const struct @1599 read_write[]
struct _EVENTLOGRECORD EVENTLOGRECORD
BOOL WINAPI ClearEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
namespace GUID const ADDRINFOEXW ADDRINFOEXW struct timeval OVERLAPPED LPLOOKUPSERVICE_COMPLETION_ROUTINE HANDLE * handle
#define EVENTLOG_ERROR_TYPE
BOOL WINAPI GetOldestEventLogRecord(IN HANDLE hEventLog, OUT PDWORD OldestRecord)
#define ERROR_ACCESS_DENIED
DWORD WINAPI GetFileAttributesA(LPCSTR lpFileName)
static const char eventlogsvc[]
#define EVENT_TRACE_FILE_MODE_CIRCULAR
static void test_read(void)
#define EVENT_TRACE_CONTROL_STOP
#define EVENTLOG_AUDIT_FAILURE
static DWORD *static LPDWORD
static const char eventsources[][11]
BOOL WINAPI BackupEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
#define MOVEFILE_DELAY_UNTIL_REBOOT
BOOL WINAPI DeleteFileA(IN LPCSTR lpFileName)
static void cleanup_eventlog(void)
static void test_oldest(void)
#define ERROR_FILE_NOT_FOUND
LONG WINAPI RegCreateKeyA(HKEY hKey, LPCSTR lpSubKey, PHKEY phkResult)
static void test_readwrite(void)
LPSTR WINAPI lstrcatA(LPSTR lpString1, LPCSTR lpString2)
struct _EVENT_TRACE_PROPERTIES EVENT_TRACE_PROPERTIES
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
#define EVENTLOG_INFORMATION_TYPE
#define EVENTLOG_WARNING_TYPE
static void test_clear(void)
#define EVENTLOG_SEQUENTIAL_READ
const char ** evt_strings
static const char * two_strings[]
#define ERROR_EVENTLOG_FILE_CORRUPT
unsigned __int3264 UINT_PTR
#define INVALID_FILE_ATTRIBUTES
LPSTR WINAPI lstrcpyA(LPSTR lpString1, LPCSTR lpString2)
#define EVENT_TRACE_FILE_MODE_NONE
static const char eventlogname[]
BOOL WINAPI GetNumberOfEventLogRecords(IN HANDLE hEventLog, OUT PDWORD NumberOfRecords)
#define EVENTLOG_FULL_INFO
BOOL WINAPI CloseEventLog(IN HANDLE hEventLog)
BOOL WINAPI ReadEventLogA(IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
HMODULE WINAPI DECLSPEC_HOTPATCH GetModuleHandleA(LPCSTR lpModuleName)
#define ERROR_SHARING_VIOLATION
#define EVENTLOG_SEEK_READ
LONG WINAPI RegDeleteKeyA(_In_ HKEY hKey, _In_ LPCSTR lpSubKey)
#define WNODE_FLAG_TRACED_GUID
#define MAX_COMPUTERNAME_LENGTH
int WINAPI lstrlenA(LPCSTR lpString)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
static void init_function_pointers(void)
LONG WINAPI RegDeleteValueA(HKEY hKey, LPCSTR lpValueName)
BOOL WINAPI DeregisterEventSource(IN HANDLE hEventLog)
#define EVENTLOG_FORWARDS_READ
HANDLE WINAPI OpenEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
static void test_count(void)
static void test_info(void)
char * strcpy(char *DstString, const char *SrcString)
static DWORD *static LPVOID
#define ERROR_CALL_NOT_IMPLEMENTED
char * cleanup(char *str)
#define GetProcAddress(x, y)
HANDLE WINAPI OpenBackupEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpFileName)
#define EVENTLOG_AUDIT_SUCCESS
#define ERROR_ALREADY_EXISTS
GLuint GLuint GLsizei GLenum type
static char eventlogfile[MAX_PATH]
#define CreateFileA(a, b, c, d, e, f, g)
#define ERROR_INVALID_LEVEL
EXTERN_C ULONG WMIAPI ControlTraceA(IN TRACEHANDLE TraceHandle, IN LPCSTR InstanceName OPTIONAL, IN OUT PEVENT_TRACE_PROPERTIES Properties, IN ULONG ControlCode)
#define EVENT_TRACE_FILE_MODE_SEQUENTIAL
static void test_start_trace(void)
#define ERROR_BAD_PATHNAME
HANDLE WINAPI RegisterEventSourceA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
static const char * one_string[]
void user(int argc, const char *argv[])
static void test_backup(void)
#define HeapFree(x, y, z)
#define RegCloseKey(hKey)
static BOOL create_backup(const char *filename)
_CRTIMP int __cdecl read(_In_ int _FileHandle, _Out_writes_bytes_(_MaxCharCount) void *_DstBuf, _In_ unsigned int _MaxCharCount)
EXTERN_C ULONG WMIAPI StartTraceA(OUT PTRACEHANDLE TraceHandle, IN LPCSTR InstanceName, IN OUT PEVENT_TRACE_PROPERTIES Properties)
#define HKEY_LOCAL_MACHINE
#define ERROR_INSUFFICIENT_BUFFER