Author: hbelusca
Date: Mon May 23 02:03:49 2016
New Revision: 71384
URL: http://svn.reactos.org/svn/reactos?rev=71384&view=rev
Log:
[ADVAPI32]: Implement all the Elf*** event log APIs as wrappers around the
corresponding RPC calls, and the Win32 APIs just become calls to the Elf***
APIs.
Modified:
trunk/reactos/dll/win32/advapi32/advapi32.spec
trunk/reactos/dll/win32/advapi32/service/eventlog.c
Modified: trunk/reactos/dll/win32/advapi32/advapi32.spec
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/advapi32.spec?rev=71384&r1=71383&r2=71384&view=diff
==============================================================================
--- trunk/reactos/dll/win32/advapi32/advapi32.spec [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/advapi32.spec [iso-8859-1] Mon May 23
02:03:49 2016
@@ -180,27 +180,27 @@
180 stub DuplicateEncryptionInfoFile
181 stdcall DuplicateToken(long long ptr)
182 stdcall DuplicateTokenEx(long long ptr long long ptr)
-183 stub ElfBackupEventLogFileA
-184 stub ElfBackupEventLogFileW
-185 stub ElfChangeNotify
-186 stub ElfClearEventLogFileA
-187 stub ElfClearEventLogFileW
-188 stub ElfCloseEventLog
+183 stdcall ElfBackupEventLogFileA(long ptr)
+184 stdcall ElfBackupEventLogFileW(long ptr)
+185 stdcall ElfChangeNotify(long long)
+186 stdcall ElfClearEventLogFileA(long ptr)
+187 stdcall ElfClearEventLogFileW(long ptr)
+188 stdcall ElfCloseEventLog(long)
189 stdcall ElfDeregisterEventSource(long)
-190 stub ElfFlushEventLog
-191 stub ElfNumberOfRecords
-192 stub ElfOldestRecord
-193 stub ElfOpenBackupEventLogA
-194 stub ElfOpenBackupEventLogW
-195 stub ElfOpenEventLogA
-196 stub ElfOpenEventLogW
-197 stub ElfReadEventLogA
-198 stub ElfReadEventLogW
-199 stub ElfRegisterEventSourceA
+190 stdcall ElfFlushEventLog(long)
+191 stdcall ElfNumberOfRecords(long ptr)
+192 stdcall ElfOldestRecord(long ptr)
+193 stdcall ElfOpenBackupEventLogA(ptr ptr ptr)
+194 stdcall ElfOpenBackupEventLogW(ptr ptr ptr)
+195 stdcall ElfOpenEventLogA(ptr ptr ptr)
+196 stdcall ElfOpenEventLogW(ptr ptr ptr)
+197 stdcall ElfReadEventLogA(long long long ptr long ptr ptr)
+198 stdcall ElfReadEventLogW(long long long ptr long ptr ptr)
+199 stdcall ElfRegisterEventSourceA(ptr ptr ptr)
200 stdcall ElfRegisterEventSourceW(ptr ptr ptr)
-201 stub ElfReportEventA
-202 stub ElfReportEventAndSourceW
-203 stdcall ElfReportEventW(long long long long ptr long long ptr ptr ptr ptr
ptr)
+201 stdcall ElfReportEventA(long long long long ptr long long ptr ptr long ptr
ptr)
+202 stdcall ElfReportEventAndSourceW(long long ptr long long long ptr ptr long
long ptr ptr long ptr ptr)
+203 stdcall ElfReportEventW(long long long long ptr long long ptr ptr long ptr
ptr)
204 stdcall EnableTrace(long long long ptr double) ntdll.EtwEnableTrace
205 stdcall EncryptFileA(str)
206 stdcall EncryptFileW(wstr)
Modified: trunk/reactos/dll/win32/advapi32/service/eventlog.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/service/eventlog.c?rev=71384&r1=71383&r2=71384&view=diff
==============================================================================
--- trunk/reactos/dll/win32/advapi32/service/eventlog.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/service/eventlog.c [iso-8859-1] Mon May 23
02:03:49 2016
@@ -21,6 +21,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
USA
*/
+/* INCLUDES ******************************************************************/
+
#include <advapi32.h>
#include <ndk/kefuncs.h>
@@ -31,6 +33,8 @@
static RPC_UNICODE_STRING EmptyStringU = { 0, 0, L"" };
static RPC_STRING EmptyStringA = { 0, 0, "" };
+
+/* FUNCTIONS *****************************************************************/
handle_t __RPC_USER
EVENTLOG_HANDLE_A_bind(EVENTLOG_HANDLE_A UNCServerName)
@@ -56,13 +60,13 @@
/* Set the binding handle that will be used to bind to the server. */
status = RpcBindingFromStringBindingA(pszStringBinding,
&hBinding);
- if (status)
+ if (status != RPC_S_OK)
{
ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
}
status = RpcStringFreeA(&pszStringBinding);
- if (status)
+ if (status != RPC_S_OK)
{
ERR("RpcStringFree returned 0x%x\n", status);
}
@@ -80,7 +84,7 @@
TRACE("EVENTLOG_HANDLE_A_unbind() called\n");
status = RpcBindingFree(&hBinding);
- if (status)
+ if (status != RPC_S_OK)
{
ERR("RpcBindingFree returned 0x%x\n", status);
}
@@ -98,11 +102,11 @@
status = RpcStringBindingComposeW(NULL,
L"ncacn_np",
- (LPWSTR)UNCServerName,
+ UNCServerName,
L"\\pipe\\EventLog",
NULL,
&pszStringBinding);
- if (status)
+ if (status != RPC_S_OK)
{
ERR("RpcStringBindingCompose returned 0x%x\n", status);
return NULL;
@@ -111,13 +115,13 @@
/* Set the binding handle that will be used to bind to the server. */
status = RpcBindingFromStringBindingW(pszStringBinding,
&hBinding);
- if (status)
+ if (status != RPC_S_OK)
{
ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
}
status = RpcStringFreeW(&pszStringBinding);
- if (status)
+ if (status != RPC_S_OK)
{
ERR("RpcStringFree returned 0x%x\n", status);
}
@@ -135,7 +139,7 @@
TRACE("EVENTLOG_HANDLE_W_unbind() called\n");
status = RpcBindingFree(&hBinding);
- if (status)
+ if (status != RPC_S_OK)
{
ERR("RpcBindingFree returned 0x%x\n", status);
}
@@ -145,14 +149,38 @@
/******************************************************************************
* BackupEventLogA [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfBackupEventLogFileA(IN HANDLE hEventLog,
+ IN PANSI_STRING BackupFileNameA)
+{
+ NTSTATUS Status;
+
+ if (!BackupFileNameA || (BackupFileNameA->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ RpcTryExcept
+ {
+ Status = ElfrBackupELFA(hEventLog,
+ (PRPC_STRING)BackupFileNameA);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
BackupEventLogA(IN HANDLE hEventLog,
IN LPCSTR lpBackupFileName)
{
+ BOOL Success;
+ NTSTATUS Status;
ANSI_STRING BackupFileNameA;
UNICODE_STRING BackupFileNameW;
- NTSTATUS Status;
- BOOL Result;
TRACE("%p, %s\n", hEventLog, lpBackupFileName);
@@ -173,12 +201,12 @@
return FALSE;
}
- Result = BackupEventLogW(hEventLog,
- BackupFileNameW.Buffer);
+ Success = BackupEventLogW(hEventLog,
+ BackupFileNameW.Buffer);
RtlFreeUnicodeString(&BackupFileNameW);
- return(Result);
+ return Success;
}
@@ -189,12 +217,36 @@
* hEventLog []
* lpBackupFileName []
*/
+NTSTATUS
+NTAPI
+ElfBackupEventLogFileW(IN HANDLE hEventLog,
+ IN PUNICODE_STRING BackupFileNameU)
+{
+ NTSTATUS Status;
+
+ if (!BackupFileNameU || (BackupFileNameU->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ RpcTryExcept
+ {
+ Status = ElfrBackupELFW(hEventLog,
+ (PRPC_UNICODE_STRING)BackupFileNameU);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
BackupEventLogW(IN HANDLE hEventLog,
IN LPCWSTR lpBackupFileName)
{
- UNICODE_STRING BackupFileNameW;
- NTSTATUS Status;
+ NTSTATUS Status;
+ UNICODE_STRING BackupFileName;
TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
@@ -204,25 +256,16 @@
return FALSE;
}
- if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileNameW,
+ if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
NULL, NULL))
{
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
- RpcTryExcept
- {
- Status = ElfrBackupELFW(hEventLog,
- (PRPC_UNICODE_STRING)&BackupFileNameW);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileNameW.Buffer);
+ Status = ElfBackupEventLogFileW(hEventLog, &BackupFileName);
+
+ RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
if (!NT_SUCCESS(Status))
{
@@ -237,14 +280,35 @@
/******************************************************************************
* ClearEventLogA [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfClearEventLogFileA(IN HANDLE hEventLog,
+ IN PANSI_STRING BackupFileNameA)
+{
+ NTSTATUS Status;
+
+ RpcTryExcept
+ {
+ Status = ElfrClearELFA(hEventLog,
+ (PRPC_STRING)BackupFileNameA);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
ClearEventLogA(IN HANDLE hEventLog,
IN LPCSTR lpBackupFileName)
{
+ BOOL Success;
+ NTSTATUS Status;
ANSI_STRING BackupFileNameA;
UNICODE_STRING BackupFileNameW;
- NTSTATUS Status;
- BOOL Result;
TRACE("%p, %s\n", hEventLog, lpBackupFileName);
@@ -266,34 +330,55 @@
}
}
- Result = ClearEventLogW(hEventLog,
- BackupFileNameW.Buffer);
+ Success = ClearEventLogW(hEventLog,
+ BackupFileNameW.Buffer);
RtlFreeUnicodeString(&BackupFileNameW);
- return Result;
+ return Success;
}
/******************************************************************************
* ClearEventLogW [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfClearEventLogFileW(IN HANDLE hEventLog,
+ IN PUNICODE_STRING BackupFileNameU)
+{
+ NTSTATUS Status;
+
+ RpcTryExcept
+ {
+ Status = ElfrClearELFW(hEventLog,
+ (PRPC_UNICODE_STRING)BackupFileNameU);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
ClearEventLogW(IN HANDLE hEventLog,
IN LPCWSTR lpBackupFileName)
{
- UNICODE_STRING BackupFileNameW;
- NTSTATUS Status;
+ NTSTATUS Status;
+ UNICODE_STRING BackupFileName;
TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
if (lpBackupFileName == NULL)
{
- RtlInitUnicodeString(&BackupFileNameW, NULL);
+ RtlInitUnicodeString(&BackupFileName, NULL);
}
else
{
- if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileNameW,
+ if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
NULL, NULL))
{
SetLastError(ERROR_INVALID_PARAMETER);
@@ -301,19 +386,10 @@
}
}
- RpcTryExcept
- {
- Status = ElfrClearELFW(hEventLog,
- (PRPC_UNICODE_STRING)&BackupFileNameW);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
+ Status = ElfClearEventLogFileW(hEventLog, &BackupFileName);
if (lpBackupFileName != NULL)
- RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileNameW.Buffer);
+ RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
if (!NT_SUCCESS(Status))
{
@@ -328,6 +404,25 @@
/******************************************************************************
* CloseEventLog [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfCloseEventLog(IN HANDLE hEventLog)
+{
+ NTSTATUS Status;
+
+ RpcTryExcept
+ {
+ Status = ElfrCloseEL(&hEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
CloseEventLog(IN HANDLE hEventLog)
{
@@ -335,16 +430,7 @@
TRACE("%p\n", hEventLog);
- RpcTryExcept
- {
- Status = ElfrCloseEL(&hEventLog);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
+ Status = ElfCloseEventLog(hEventLog);
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
@@ -364,6 +450,25 @@
*
* RETURNS STD
*/
+NTSTATUS
+NTAPI
+ElfDeregisterEventSource(IN HANDLE hEventLog)
+{
+ NTSTATUS Status;
+
+ RpcTryExcept
+ {
+ Status = ElfrDeregisterEventSource(&hEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
DeregisterEventSource(IN HANDLE hEventLog)
{
@@ -371,16 +476,7 @@
TRACE("%p\n", hEventLog);
- RpcTryExcept
- {
- Status = ElfrDeregisterEventSource(&hEventLog);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
+ Status = ElfDeregisterEventSource(hEventLog);
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
@@ -447,39 +543,43 @@
* hEventLog []
* NumberOfRecords []
*/
+NTSTATUS
+NTAPI
+ElfNumberOfRecords(IN HANDLE hEventLog,
+ OUT PULONG NumberOfRecords)
+{
+ NTSTATUS Status;
+
+ if (!NumberOfRecords)
+ return STATUS_INVALID_PARAMETER;
+
+ RpcTryExcept
+ {
+ Status = ElfrNumberOfRecords(hEventLog, NumberOfRecords);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
GetNumberOfEventLogRecords(IN HANDLE hEventLog,
OUT PDWORD NumberOfRecords)
{
NTSTATUS Status;
- DWORD Records;
TRACE("%p, %p\n", hEventLog, NumberOfRecords);
- if (NumberOfRecords == NULL)
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- RpcTryExcept
- {
- Status = ElfrNumberOfRecords(hEventLog,
- &Records);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- if (!NT_SUCCESS(Status))
- {
- SetLastError(RtlNtStatusToDosError(Status));
- return FALSE;
- }
-
- *NumberOfRecords = Records;
+ Status = ElfNumberOfRecords(hEventLog, NumberOfRecords);
+ if (!NT_SUCCESS(Status))
+ {
+ SetLastError(RtlNtStatusToDosError(Status));
+ return FALSE;
+ }
return TRUE;
}
@@ -492,39 +592,43 @@
* hEventLog []
* OldestRecord []
*/
+NTSTATUS
+NTAPI
+ElfOldestRecord(IN HANDLE hEventLog,
+ OUT PULONG OldestRecordNumber)
+{
+ NTSTATUS Status;
+
+ if (!OldestRecordNumber)
+ return STATUS_INVALID_PARAMETER;
+
+ RpcTryExcept
+ {
+ Status = ElfrOldestRecord(hEventLog, OldestRecordNumber);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
GetOldestEventLogRecord(IN HANDLE hEventLog,
OUT PDWORD OldestRecord)
{
NTSTATUS Status;
- DWORD Oldest;
TRACE("%p, %p\n", hEventLog, OldestRecord);
- if (OldestRecord == NULL)
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- RpcTryExcept
- {
- Status = ElfrOldestRecord(hEventLog,
- &Oldest);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- if (!NT_SUCCESS(Status))
- {
- SetLastError(RtlNtStatusToDosError(Status));
- return FALSE;
- }
-
- *OldestRecord = Oldest;
+ Status = ElfOldestRecord(hEventLog, OldestRecord);
+ if (!NT_SUCCESS(Status))
+ {
+ SetLastError(RtlNtStatusToDosError(Status));
+ return FALSE;
+ }
return TRUE;
}
@@ -537,30 +641,96 @@
* hEventLog []
* hEvent []
*/
+NTSTATUS
+NTAPI
+ElfChangeNotify(IN HANDLE hEventLog,
+ IN HANDLE hEvent)
+{
+ NTSTATUS Status;
+ CLIENT_ID ClientId = NtCurrentTeb()->ClientId;
+ RPC_CLIENT_ID RpcClientId;
+
+ RpcClientId.UniqueProcess = HandleToUlong(ClientId.UniqueProcess);
+ RpcClientId.UniqueThread = HandleToUlong(ClientId.UniqueThread);
+
+ RpcTryExcept
+ {
+ Status = ElfrChangeNotify(hEventLog, RpcClientId, (DWORD)hEvent);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
NotifyChangeEventLog(IN HANDLE hEventLog,
IN HANDLE hEvent)
{
- /* Use ElfrChangeNotify */
- UNIMPLEMENTED;
- SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
- return FALSE;
+ NTSTATUS Status;
+
+ TRACE("%p, %p\n", hEventLog, hEvent);
+
+ Status = ElfChangeNotify(hEventLog, hEvent);
+ if (!NT_SUCCESS(Status))
+ {
+ SetLastError(RtlNtStatusToDosError(Status));
+ return FALSE;
+ }
+
+ return TRUE;
}
/******************************************************************************
* OpenBackupEventLogA [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfOpenBackupEventLogA(IN PANSI_STRING UNCServerNameA,
+ IN PANSI_STRING BackupFileNameA,
+ OUT PHANDLE phEventLog)
+{
+ NTSTATUS Status;
+ PSTR pUNCServerName = NULL;
+
+ if (!phEventLog || !BackupFileNameA || (BackupFileNameA->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ if (UNCServerNameA && (UNCServerNameA->Length != 0))
+ pUNCServerName = UNCServerNameA->Buffer;
+
+ *phEventLog = NULL;
+
+ RpcTryExcept
+ {
+ Status = ElfrOpenBELA(pUNCServerName,
+ (PRPC_STRING)BackupFileNameA,
+ 1, 1,
+ (IELF_HANDLE*)phEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
HANDLE WINAPI
OpenBackupEventLogA(IN LPCSTR lpUNCServerName,
IN LPCSTR lpFileName)
{
+ NTSTATUS Status;
+ HANDLE LogHandle;
ANSI_STRING UNCServerNameA;
UNICODE_STRING UNCServerNameW;
ANSI_STRING FileNameA;
UNICODE_STRING FileNameW;
- HANDLE LogHandle;
- NTSTATUS Status;
TRACE("%s, %s\n", lpUNCServerName, lpFileName);
@@ -622,13 +792,46 @@
* lpUNCServerName []
* lpFileName []
*/
+NTSTATUS
+NTAPI
+ElfOpenBackupEventLogW(IN PUNICODE_STRING UNCServerNameU,
+ IN PUNICODE_STRING BackupFileNameU,
+ OUT PHANDLE phEventLog)
+{
+ NTSTATUS Status;
+ PWSTR pUNCServerName = NULL;
+
+ if (!phEventLog || !BackupFileNameU || (BackupFileNameU->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ if (UNCServerNameU && (UNCServerNameU->Length != 0))
+ pUNCServerName = UNCServerNameU->Buffer;
+
+ *phEventLog = NULL;
+
+ RpcTryExcept
+ {
+ Status = ElfrOpenBELW(pUNCServerName,
+ (PRPC_UNICODE_STRING)BackupFileNameU,
+ 1, 1,
+ (IELF_HANDLE*)phEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
HANDLE WINAPI
OpenBackupEventLogW(IN LPCWSTR lpUNCServerName,
IN LPCWSTR lpFileName)
{
- UNICODE_STRING FileNameW;
- IELF_HANDLE LogHandle;
- NTSTATUS Status;
+ NTSTATUS Status;
+ HANDLE hEventLog;
+ UNICODE_STRING UNCServerName, FileName;
TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpFileName));
@@ -638,29 +841,19 @@
return NULL;
}
- if (!RtlDosPathNameToNtPathName_U(lpFileName, &FileNameW,
+ if (!RtlDosPathNameToNtPathName_U(lpFileName, &FileName,
NULL, NULL))
{
SetLastError(ERROR_INVALID_PARAMETER);
return NULL;
}
- RpcTryExcept
- {
- Status = ElfrOpenBELW((LPWSTR)lpUNCServerName,
- (PRPC_UNICODE_STRING)&FileNameW,
- 1,
- 1,
- &LogHandle);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- if (FileNameW.Buffer != NULL)
- RtlFreeHeap(RtlGetProcessHeap(), 0, FileNameW.Buffer);
+ RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
+
+ Status = ElfOpenBackupEventLogW(&UNCServerName, &FileName, &hEventLog);
+
+ if (FileName.Buffer != NULL)
+ RtlFreeHeap(RtlGetProcessHeap(), 0, FileName.Buffer);
if (!NT_SUCCESS(Status))
{
@@ -668,7 +861,7 @@
return NULL;
}
- return (HANDLE)LogHandle;
+ return hEventLog;
}
@@ -686,52 +879,61 @@
* Success: Handle to an event log.
* Failure: NULL
*/
+NTSTATUS
+NTAPI
+ElfOpenEventLogA(IN PANSI_STRING UNCServerNameA,
+ IN PANSI_STRING SourceNameA,
+ OUT PHANDLE phEventLog)
+{
+ NTSTATUS Status;
+ PSTR pUNCServerName = NULL;
+
+ if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ if (UNCServerNameA && (UNCServerNameA->Length != 0))
+ pUNCServerName = UNCServerNameA->Buffer;
+
+ *phEventLog = NULL;
+
+ RpcTryExcept
+ {
+ Status = ElfrOpenELA(pUNCServerName,
+ (PRPC_STRING)SourceNameA,
+ &EmptyStringA,
+ 1, 1,
+ (IELF_HANDLE*)phEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
HANDLE WINAPI
OpenEventLogA(IN LPCSTR lpUNCServerName,
IN LPCSTR lpSourceName)
{
- LPSTR UNCServerName;
- ANSI_STRING SourceName;
- IELF_HANDLE LogHandle = NULL;
- NTSTATUS Status;
+ NTSTATUS Status;
+ HANDLE hEventLog;
+ ANSI_STRING UNCServerName, SourceName;
TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
- if (lpSourceName == NULL)
- {
- SetLastError(ERROR_INVALID_PARAMETER);
+ RtlInitAnsiString(&UNCServerName, lpUNCServerName);
+ RtlInitAnsiString(&SourceName, lpSourceName);
+
+ Status = ElfOpenEventLogA(&UNCServerName, &SourceName, &hEventLog);
+ if (!NT_SUCCESS(Status))
+ {
+ SetLastError(RtlNtStatusToDosError(Status));
return NULL;
}
- if (lpUNCServerName == NULL || *lpUNCServerName == 0)
- UNCServerName = NULL;
- else
- UNCServerName = (LPSTR)lpUNCServerName;
-
- RtlInitAnsiString(&SourceName, lpSourceName);
-
- RpcTryExcept
- {
- Status = ElfrOpenELA(UNCServerName,
- (PRPC_STRING)&SourceName,
- &EmptyStringA,
- 1,
- 1,
- &LogHandle);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- if (!NT_SUCCESS(Status))
- {
- SetLastError(RtlNtStatusToDosError(Status));
- return NULL;
- }
-
- return (HANDLE)LogHandle;
+ return hEventLog;
}
@@ -742,58 +944,116 @@
* lpUNCServerName []
* lpSourceName []
*/
+NTSTATUS
+NTAPI
+ElfOpenEventLogW(IN PUNICODE_STRING UNCServerNameU,
+ IN PUNICODE_STRING SourceNameU,
+ OUT PHANDLE phEventLog)
+{
+ NTSTATUS Status;
+ PWSTR pUNCServerName = NULL;
+
+ if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ if (UNCServerNameU && (UNCServerNameU->Length != 0))
+ pUNCServerName = UNCServerNameU->Buffer;
+
+ *phEventLog = NULL;
+
+ RpcTryExcept
+ {
+ Status = ElfrOpenELW(pUNCServerName,
+ (PRPC_UNICODE_STRING)SourceNameU,
+ &EmptyStringU,
+ 1, 1,
+ (IELF_HANDLE*)phEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
HANDLE WINAPI
OpenEventLogW(IN LPCWSTR lpUNCServerName,
IN LPCWSTR lpSourceName)
{
- LPWSTR UNCServerName;
- UNICODE_STRING SourceName;
- IELF_HANDLE LogHandle;
- NTSTATUS Status;
+ NTSTATUS Status;
+ HANDLE hEventLog;
+ UNICODE_STRING UNCServerName, SourceName;
TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
- if (lpSourceName == NULL)
- {
- SetLastError(ERROR_INVALID_PARAMETER);
+ RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
+ RtlInitUnicodeString(&SourceName, lpSourceName);
+
+ Status = ElfOpenEventLogW(&UNCServerName, &SourceName, &hEventLog);
+ if (!NT_SUCCESS(Status))
+ {
+ SetLastError(RtlNtStatusToDosError(Status));
return NULL;
}
- if (lpUNCServerName == NULL || *lpUNCServerName == 0)
- UNCServerName = NULL;
- else
- UNCServerName = (LPWSTR)lpUNCServerName;
-
- RtlInitUnicodeString(&SourceName, lpSourceName);
-
- RpcTryExcept
- {
- Status = ElfrOpenELW(UNCServerName,
- (PRPC_UNICODE_STRING)&SourceName,
- &EmptyStringU,
- 1,
- 1,
- &LogHandle);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- if (!NT_SUCCESS(Status))
- {
- SetLastError(RtlNtStatusToDosError(Status));
- return NULL;
- }
-
- return (HANDLE)LogHandle;
+ return hEventLog;
}
/******************************************************************************
* ReadEventLogA [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfReadEventLogA(IN HANDLE hEventLog,
+ IN ULONG ReadFlags,
+ IN ULONG RecordOffset,
+ OUT LPVOID Buffer,
+ IN ULONG NumberOfBytesToRead,
+ OUT PULONG NumberOfBytesRead,
+ OUT PULONG MinNumberOfBytesNeeded)
+{
+ NTSTATUS Status;
+ ULONG Flags;
+
+ if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
+ {
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ Flags = ReadFlags & (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ);
+ if (Flags == (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ))
+ {
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ Flags = ReadFlags & (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ);
+ if (Flags == (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ))
+ {
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ RpcTryExcept
+ {
+ Status = ElfrReadELA(hEventLog,
+ ReadFlags,
+ RecordOffset,
+ NumberOfBytesToRead,
+ Buffer,
+ NumberOfBytesRead,
+ MinNumberOfBytesNeeded);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
ReadEventLogA(IN HANDLE hEventLog,
IN DWORD dwReadFlags,
@@ -804,54 +1064,18 @@
OUT DWORD *pnMinNumberOfBytesNeeded)
{
NTSTATUS Status;
- DWORD bytesRead, minNumberOfBytesNeeded;
- DWORD dwFlags;
TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
- if (lpBuffer == NULL ||
- pnBytesRead == NULL ||
- pnMinNumberOfBytesNeeded == NULL)
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- dwFlags = dwReadFlags & (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ);
- if (dwFlags == (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ))
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- dwFlags = dwReadFlags & (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ);
- if (dwFlags == (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ))
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- RpcTryExcept
- {
- Status = ElfrReadELA(hEventLog,
- dwReadFlags,
- dwRecordOffset,
- nNumberOfBytesToRead,
- lpBuffer,
- &bytesRead,
- &minNumberOfBytesNeeded);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- *pnBytesRead = (DWORD)bytesRead;
- *pnMinNumberOfBytesNeeded = (DWORD)minNumberOfBytesNeeded;
-
+ Status = ElfReadEventLogA(hEventLog,
+ dwReadFlags,
+ dwRecordOffset,
+ lpBuffer,
+ nNumberOfBytesToRead,
+ pnBytesRead,
+ pnMinNumberOfBytesNeeded);
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
@@ -874,6 +1098,55 @@
* pnBytesRead []
* pnMinNumberOfBytesNeeded []
*/
+NTSTATUS
+NTAPI
+ElfReadEventLogW(IN HANDLE hEventLog,
+ IN ULONG ReadFlags,
+ IN ULONG RecordOffset,
+ OUT LPVOID Buffer,
+ IN ULONG NumberOfBytesToRead,
+ OUT PULONG NumberOfBytesRead,
+ OUT PULONG MinNumberOfBytesNeeded)
+{
+ NTSTATUS Status;
+ ULONG Flags;
+
+ if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
+ {
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ Flags = ReadFlags & (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ);
+ if (Flags == (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ))
+ {
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ Flags = ReadFlags & (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ);
+ if (Flags == (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ))
+ {
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ RpcTryExcept
+ {
+ Status = ElfrReadELW(hEventLog,
+ ReadFlags,
+ RecordOffset,
+ NumberOfBytesToRead,
+ Buffer,
+ NumberOfBytesRead,
+ MinNumberOfBytesNeeded);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
ReadEventLogW(IN HANDLE hEventLog,
IN DWORD dwReadFlags,
@@ -884,54 +1157,18 @@
OUT DWORD *pnMinNumberOfBytesNeeded)
{
NTSTATUS Status;
- DWORD bytesRead, minNumberOfBytesNeeded;
- DWORD dwFlags;
TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
- if (lpBuffer == NULL ||
- pnBytesRead == NULL ||
- pnMinNumberOfBytesNeeded == NULL)
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- dwFlags = dwReadFlags & (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ);
- if (dwFlags == (EVENTLOG_SEQUENTIAL_READ | EVENTLOG_SEEK_READ))
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- dwFlags = dwReadFlags & (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ);
- if (dwFlags == (EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ))
- {
- SetLastError(ERROR_INVALID_PARAMETER);
- return FALSE;
- }
-
- RpcTryExcept
- {
- Status = ElfrReadELW(hEventLog,
- dwReadFlags,
- dwRecordOffset,
- nNumberOfBytesToRead,
- lpBuffer,
- &bytesRead,
- &minNumberOfBytesNeeded);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
- *pnBytesRead = (DWORD)bytesRead;
- *pnMinNumberOfBytesNeeded = (DWORD)minNumberOfBytesNeeded;
-
+ Status = ElfReadEventLogW(hEventLog,
+ dwReadFlags,
+ dwRecordOffset,
+ lpBuffer,
+ nNumberOfBytesToRead,
+ pnBytesRead,
+ pnMinNumberOfBytesNeeded);
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
@@ -945,40 +1182,61 @@
/******************************************************************************
* RegisterEventSourceA [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfRegisterEventSourceA(IN PANSI_STRING UNCServerNameA,
+ IN PANSI_STRING SourceNameA,
+ OUT PHANDLE phEventLog)
+{
+ NTSTATUS Status;
+ PSTR pUNCServerName = NULL;
+
+ if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ if (UNCServerNameA && (UNCServerNameA->Length != 0))
+ pUNCServerName = UNCServerNameA->Buffer;
+
+ *phEventLog = NULL;
+
+ RpcTryExcept
+ {
+ Status = ElfrRegisterEventSourceA(pUNCServerName,
+ (PRPC_STRING)SourceNameA,
+ &EmptyStringA,
+ 1, 1,
+ (IELF_HANDLE*)phEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
HANDLE WINAPI
RegisterEventSourceA(IN LPCSTR lpUNCServerName,
IN LPCSTR lpSourceName)
{
- ANSI_STRING SourceName;
- IELF_HANDLE LogHandle;
- NTSTATUS Status;
+ NTSTATUS Status;
+ HANDLE hEventLog;
+ ANSI_STRING UNCServerName, SourceName;
TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
+ RtlInitAnsiString(&UNCServerName, lpUNCServerName);
RtlInitAnsiString(&SourceName, lpSourceName);
- RpcTryExcept
- {
- Status = ElfrRegisterEventSourceA((LPSTR)lpUNCServerName,
- (PRPC_STRING)&SourceName,
- &EmptyStringA,
- 1,
- 1,
- &LogHandle);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
+ Status = ElfRegisterEventSourceA(&UNCServerName, &SourceName, &hEventLog);
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
return NULL;
}
- return (HANDLE)LogHandle;
+ return hEventLog;
}
@@ -994,46 +1252,122 @@
* Success: Handle
* Failure: NULL
*/
+NTSTATUS
+NTAPI
+ElfRegisterEventSourceW(IN PUNICODE_STRING UNCServerNameU,
+ IN PUNICODE_STRING SourceNameU,
+ OUT PHANDLE phEventLog)
+{
+ NTSTATUS Status;
+ PWSTR pUNCServerName = NULL;
+
+ if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
+ return STATUS_INVALID_PARAMETER;
+
+ if (UNCServerNameU && (UNCServerNameU->Length != 0))
+ pUNCServerName = UNCServerNameU->Buffer;
+
+ *phEventLog = NULL;
+
+ RpcTryExcept
+ {
+ Status = ElfrRegisterEventSourceW(pUNCServerName,
+ (PRPC_UNICODE_STRING)SourceNameU,
+ &EmptyStringU,
+ 1, 1,
+ (IELF_HANDLE*)phEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
HANDLE WINAPI
RegisterEventSourceW(IN LPCWSTR lpUNCServerName,
IN LPCWSTR lpSourceName)
{
- UNICODE_STRING SourceName;
- IELF_HANDLE LogHandle;
- NTSTATUS Status;
+ NTSTATUS Status;
+ HANDLE hEventLog;
+ UNICODE_STRING UNCServerName, SourceName;
TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
+ RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
RtlInitUnicodeString(&SourceName, lpSourceName);
- RpcTryExcept
- {
- Status = ElfrRegisterEventSourceW((LPWSTR)lpUNCServerName,
- (PRPC_UNICODE_STRING)&SourceName,
- &EmptyStringU,
- 1,
- 1,
- &LogHandle);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
-
+ Status = ElfRegisterEventSourceW(&UNCServerName, &SourceName, &hEventLog);
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
return NULL;
}
- return (HANDLE)LogHandle;
+ return hEventLog;
}
/******************************************************************************
* ReportEventA [ADVAPI32.@]
*/
+NTSTATUS
+NTAPI
+ElfReportEventA(IN HANDLE hEventLog,
+ IN USHORT EventType,
+ IN USHORT EventCategory,
+ IN ULONG EventID,
+ IN PSID UserSID,
+ IN USHORT NumStrings,
+ IN ULONG DataSize,
+ IN PANSI_STRING* Strings,
+ IN PVOID Data,
+ IN USHORT Flags,
+ IN OUT PULONG RecordNumber,
+ IN OUT PULONG TimeWritten)
+{
+ NTSTATUS Status;
+ LARGE_INTEGER SystemTime;
+ ULONG Time;
+ ULONG dwSize;
+ ANSI_STRING ComputerName;
+ CHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
+
+ dwSize = ARRAYSIZE(szComputerName);
+ GetComputerNameA(szComputerName, &dwSize);
+ RtlInitAnsiString(&ComputerName, szComputerName);
+
+ NtQuerySystemTime(&SystemTime);
+ RtlTimeToSecondsSince1970(&SystemTime, &Time);
+
+ RpcTryExcept
+ {
+ Status = ElfrReportEventA(hEventLog,
+ Time,
+ EventType,
+ EventCategory,
+ EventID,
+ NumStrings,
+ DataSize,
+ (PRPC_STRING)&ComputerName,
+ UserSID,
+ (PRPC_STRING*)Strings,
+ Data,
+ Flags,
+ RecordNumber,
+ TimeWritten);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
ReportEventA(IN HANDLE hEventLog,
IN WORD wType,
@@ -1047,12 +1381,7 @@
{
NTSTATUS Status;
PANSI_STRING *Strings;
- ANSI_STRING ComputerName;
WORD i;
- CHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
- DWORD dwSize;
- LARGE_INTEGER SystemTime;
- ULONG Seconds;
TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
hEventLog, wType, wCategory, dwEventID, lpUserSid,
@@ -1078,35 +1407,18 @@
}
}
- dwSize = MAX_COMPUTERNAME_LENGTH + 1;
- GetComputerNameA(szComputerName, &dwSize);
- RtlInitAnsiString(&ComputerName, szComputerName);
-
- NtQuerySystemTime(&SystemTime);
- RtlTimeToSecondsSince1970(&SystemTime, &Seconds);
-
- RpcTryExcept
- {
- Status = ElfrReportEventA(hEventLog,
- Seconds,
- wType,
- wCategory,
- dwEventID,
- wNumStrings,
- dwDataSize,
- (PRPC_STRING)&ComputerName,
- lpUserSid,
- (PRPC_STRING*)Strings,
- lpRawData,
- 0,
- NULL,
- NULL);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
+ Status = ElfReportEventA(hEventLog,
+ wType,
+ wCategory,
+ dwEventID,
+ lpUserSid,
+ wNumStrings,
+ dwDataSize,
+ Strings,
+ lpRawData,
+ 0,
+ NULL,
+ NULL);
for (i = 0; i < wNumStrings; i++)
{
@@ -1140,6 +1452,61 @@
* lpStrings []
* lpRawData []
*/
+NTSTATUS
+NTAPI
+ElfReportEventW(IN HANDLE hEventLog,
+ IN USHORT EventType,
+ IN USHORT EventCategory,
+ IN ULONG EventID,
+ IN PSID UserSID,
+ IN USHORT NumStrings,
+ IN ULONG DataSize,
+ IN PUNICODE_STRING* Strings,
+ IN PVOID Data,
+ IN USHORT Flags,
+ IN OUT PULONG RecordNumber,
+ IN OUT PULONG TimeWritten)
+{
+ NTSTATUS Status;
+ LARGE_INTEGER SystemTime;
+ ULONG Time;
+ ULONG dwSize;
+ UNICODE_STRING ComputerName;
+ WCHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
+
+ dwSize = ARRAYSIZE(szComputerName);
+ GetComputerNameW(szComputerName, &dwSize);
+ RtlInitUnicodeString(&ComputerName, szComputerName);
+
+ NtQuerySystemTime(&SystemTime);
+ RtlTimeToSecondsSince1970(&SystemTime, &Time);
+
+ RpcTryExcept
+ {
+ Status = ElfrReportEventW(hEventLog,
+ Time,
+ EventType,
+ EventCategory,
+ EventID,
+ NumStrings,
+ DataSize,
+ (PRPC_UNICODE_STRING)&ComputerName,
+ UserSID,
+ (PRPC_UNICODE_STRING*)Strings,
+ Data,
+ Flags,
+ RecordNumber,
+ TimeWritten);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
BOOL WINAPI
ReportEventW(IN HANDLE hEventLog,
IN WORD wType,
@@ -1153,19 +1520,14 @@
{
NTSTATUS Status;
PUNICODE_STRING *Strings;
- UNICODE_STRING ComputerName;
WORD i;
- WCHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
- DWORD dwSize;
- LARGE_INTEGER SystemTime;
- ULONG Seconds;
TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
hEventLog, wType, wCategory, dwEventID, lpUserSid,
wNumStrings, dwDataSize, lpStrings, lpRawData);
Strings = HeapAlloc(GetProcessHeap(),
- 0,
+ HEAP_ZERO_MEMORY,
wNumStrings * sizeof(PUNICODE_STRING));
if (!Strings)
{
@@ -1177,42 +1539,25 @@
{
Strings[i] = HeapAlloc(GetProcessHeap(),
HEAP_ZERO_MEMORY,
- sizeof(ANSI_STRING));
+ sizeof(UNICODE_STRING));
if (Strings[i])
{
RtlInitUnicodeString(Strings[i], lpStrings[i]);
}
}
- dwSize = MAX_COMPUTERNAME_LENGTH + 1;
- GetComputerNameW(szComputerName, &dwSize);
- RtlInitUnicodeString(&ComputerName, szComputerName);
-
- NtQuerySystemTime(&SystemTime);
- RtlTimeToSecondsSince1970(&SystemTime, &Seconds);
-
- RpcTryExcept
- {
- Status = ElfrReportEventW(hEventLog,
- Seconds,
- wType,
- wCategory,
- dwEventID,
- wNumStrings,
- dwDataSize,
- (PRPC_UNICODE_STRING)&ComputerName,
- lpUserSid,
- (PRPC_UNICODE_STRING*)Strings,
- lpRawData,
- 0,
- NULL,
- NULL);
- }
- RpcExcept(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = I_RpcMapWin32Status(RpcExceptionCode());
- }
- RpcEndExcept;
+ Status = ElfReportEventW(hEventLog,
+ wType,
+ wCategory,
+ dwEventID,
+ lpUserSid,
+ wNumStrings,
+ dwDataSize,
+ Strings,
+ lpRawData,
+ 0,
+ NULL,
+ NULL);
for (i = 0; i < wNumStrings; i++)
{
@@ -1231,33 +1576,68 @@
return TRUE;
}
-BOOL WINAPI
-ElfReportEventW(DWORD param1,
- DWORD param2,
- DWORD param3,
- DWORD param4,
- DWORD param5,
- DWORD param6,
- DWORD param7,
- DWORD param8,
- DWORD param9,
- DWORD param10,
- DWORD param11,
- DWORD param12)
-{
- return TRUE;
-}
-
-HANDLE WINAPI
-ElfRegisterEventSourceW(DWORD param1,
- DWORD param2,
- DWORD param3)
-{
- return (HANDLE)1;
-}
-
-BOOL WINAPI
-ElfDeregisterEventSource(IN HANDLE hEventLog)
-{
- return TRUE;
-}
+NTSTATUS
+NTAPI
+ElfReportEventAndSourceW(IN HANDLE hEventLog,
+ IN ULONG Time,
+ IN PUNICODE_STRING ComputerName,
+ IN USHORT EventType,
+ IN USHORT EventCategory,
+ IN ULONG EventID,
+ IN PSID UserSID,
+ IN PUNICODE_STRING SourceName,
+ IN USHORT NumStrings,
+ IN ULONG DataSize,
+ IN PUNICODE_STRING* Strings,
+ IN PVOID Data,
+ IN USHORT Flags,
+ IN OUT PULONG RecordNumber,
+ IN OUT PULONG TimeWritten)
+{
+ NTSTATUS Status;
+
+ RpcTryExcept
+ {
+ Status = ElfrReportEventAndSourceW(hEventLog,
+ Time,
+ EventType,
+ EventCategory,
+ EventID,
+ (PRPC_UNICODE_STRING)SourceName,
+ NumStrings,
+ DataSize,
+ (PRPC_UNICODE_STRING)ComputerName,
+ (PRPC_SID)UserSID,
+ (PRPC_UNICODE_STRING*)Strings,
+ (PBYTE)Data,
+ Flags,
+ RecordNumber,
+ TimeWritten);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
+NTSTATUS
+NTAPI
+ElfFlushEventLog(IN HANDLE hEventLog)
+{
+ NTSTATUS Status;
+
+ RpcTryExcept
+ {
+ Status = ElfrFlushEL(hEventLog);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
