2 * PROJECT: ReactOS EventLog Service
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: base/services/eventlog/rpc.c
5 * PURPOSE: RPC Port Interface support
6 * COPYRIGHT: Copyright 2005 Saveliy Tretiakov
7 * Copyright 2008 Michael Martin
8 * Copyright 2010-2011 Eric Kohl
11 /* INCLUDES *****************************************************************/
18 static LIST_ENTRY LogHandleListHead
;
20 /* FUNCTIONS ****************************************************************/
22 DWORD WINAPI
RpcThreadRoutine(LPVOID lpParameter
)
26 InitializeListHead(&LogHandleListHead
);
28 Status
= RpcServerUseProtseqEpW(L
"ncacn_np", 20, L
"\\pipe\\EventLog", NULL
);
29 if (Status
!= RPC_S_OK
)
31 DPRINT("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
35 Status
= RpcServerRegisterIf(eventlog_v0_0_s_ifspec
, NULL
, NULL
);
36 if (Status
!= RPC_S_OK
)
38 DPRINT("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
42 Status
= RpcServerListen(1, RPC_C_LISTEN_MAX_CALLS_DEFAULT
, FALSE
);
43 if (Status
!= RPC_S_OK
)
45 DPRINT("RpcServerListen() failed (Status %lx)\n", Status
);
53 ElfCreateEventLogHandle(PLOGHANDLE
* LogHandle
,
54 PUNICODE_STRING LogName
,
57 NTSTATUS Status
= STATUS_SUCCESS
;
58 PLOGHANDLE pLogHandle
;
59 PLOGFILE currentLogFile
= NULL
;
61 PEVENTSOURCE pEventSource
;
63 DPRINT("ElfCreateEventLogHandle(%wZ)\n", LogName
);
67 i
= (LogName
->Length
+ sizeof(UNICODE_NULL
)) / sizeof(WCHAR
);
68 pLogHandle
= HeapAlloc(GetProcessHeap(),
70 FIELD_OFFSET(LOGHANDLE
, szName
[i
]));
73 DPRINT1("Failed to allocate Heap!\n");
74 return STATUS_NO_MEMORY
;
77 StringCchCopyW(pLogHandle
->szName
, i
, LogName
->Buffer
);
79 /* Get the number of Log Files the EventLog service found */
80 // NOTE: We could just as well loop only once within the list of logs
81 // and retrieve what the code below that calls LogfListItemByIndex, does!!
82 LogsActive
= LogfListItemCount();
85 DPRINT1("EventLog service reports no log files!\n");
86 Status
= STATUS_UNSUCCESSFUL
;
90 /* If Creating, default to the Application Log in case we fail, as documented on MSDN */
93 pEventSource
= GetEventSourceByName(LogName
->Buffer
);
94 DPRINT("EventSource: %p\n", pEventSource
);
97 DPRINT("EventSource LogFile: %p\n", pEventSource
->LogFile
);
98 pLogHandle
->LogFile
= pEventSource
->LogFile
;
102 DPRINT("EventSource LogFile: Application log file\n");
103 pLogHandle
->LogFile
= LogfListItemByName(L
"Application");
106 DPRINT("LogHandle LogFile: %p\n", pLogHandle
->LogFile
);
110 pLogHandle
->LogFile
= NULL
;
112 for (i
= 1; i
<= LogsActive
; i
++)
114 currentLogFile
= LogfListItemByIndex(i
);
116 if (_wcsicmp(LogName
->Buffer
, currentLogFile
->LogName
) == 0)
118 pLogHandle
->LogFile
= currentLogFile
;
123 /* Use the application log if the desired log does not exist */
124 if (pLogHandle
->LogFile
== NULL
)
126 pLogHandle
->LogFile
= LogfListItemByName(L
"Application");
127 if (pLogHandle
->LogFile
== NULL
)
129 DPRINT1("Application log is missing!\n");
130 Status
= STATUS_UNSUCCESSFUL
;
135 /* Reset the current record */
136 pLogHandle
->CurrentRecord
= 0;
139 if (!pLogHandle
->LogFile
)
140 Status
= STATUS_UNSUCCESSFUL
;
143 if (NT_SUCCESS(Status
))
145 /* Append log handle */
146 InsertTailList(&LogHandleListHead
, &pLogHandle
->LogHandleListEntry
);
147 *LogHandle
= pLogHandle
;
151 HeapFree(GetProcessHeap(), 0, pLogHandle
);
159 ElfCreateBackupLogHandle(PLOGHANDLE
* LogHandle
,
160 PUNICODE_STRING FileName
)
162 NTSTATUS Status
= STATUS_SUCCESS
;
163 PLOGHANDLE pLogHandle
;
165 DPRINT("ElfCreateBackupLogHandle(%wZ)\n", FileName
);
169 pLogHandle
= HeapAlloc(GetProcessHeap(),
172 if (pLogHandle
== NULL
)
174 DPRINT1("Failed to allocate Heap!\n");
175 return STATUS_NO_MEMORY
;
178 /* Create the log file */
179 Status
= LogfCreate(&pLogHandle
->LogFile
,
186 if (!NT_SUCCESS(Status
))
188 DPRINT1("Failed to create the log file! (Status 0x%08lx)\n", Status
);
192 /* Set the backup flag */
193 pLogHandle
->Flags
|= LOG_HANDLE_BACKUP_FILE
;
195 /* Reset the current record */
196 pLogHandle
->CurrentRecord
= 0;
199 if (NT_SUCCESS(Status
))
201 /* Append log handle */
202 InsertTailList(&LogHandleListHead
, &pLogHandle
->LogHandleListEntry
);
203 *LogHandle
= pLogHandle
;
207 HeapFree(GetProcessHeap(), 0, pLogHandle
);
215 ElfGetLogHandleEntryByHandle(IELF_HANDLE EventLogHandle
)
217 PLIST_ENTRY CurrentEntry
;
218 PLOGHANDLE pLogHandle
;
220 CurrentEntry
= LogHandleListHead
.Flink
;
221 while (CurrentEntry
!= &LogHandleListHead
)
223 pLogHandle
= CONTAINING_RECORD(CurrentEntry
,
226 CurrentEntry
= CurrentEntry
->Flink
;
228 if (pLogHandle
== EventLogHandle
)
237 ElfDeleteEventLogHandle(PIELF_HANDLE LogHandle
)
239 PLOGHANDLE pLogHandle
;
241 pLogHandle
= ElfGetLogHandleEntryByHandle(*LogHandle
);
243 return STATUS_INVALID_HANDLE
;
245 RemoveEntryList(&pLogHandle
->LogHandleListEntry
);
246 LogfClose(pLogHandle
->LogFile
, FALSE
);
248 HeapFree(GetProcessHeap(), 0, pLogHandle
);
252 return STATUS_SUCCESS
;
259 IELF_HANDLE LogHandle
,
260 PRPC_UNICODE_STRING BackupFileName
)
262 PLOGHANDLE pLogHandle
;
264 DPRINT("ElfrClearELFW()\n");
266 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
268 return STATUS_INVALID_HANDLE
;
270 /* Fail, if the log file is a backup file */
271 if (pLogHandle
->Flags
& LOG_HANDLE_BACKUP_FILE
)
272 return STATUS_INVALID_HANDLE
;
274 return LogfClearFile(pLogHandle
->LogFile
,
275 (PUNICODE_STRING
)BackupFileName
);
282 IELF_HANDLE LogHandle
,
283 PRPC_UNICODE_STRING BackupFileName
)
285 PLOGHANDLE pLogHandle
;
287 DPRINT("ElfrBackupELFW()\n");
289 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
291 return STATUS_INVALID_HANDLE
;
293 return LogfBackupFile(pLogHandle
->LogFile
,
294 (PUNICODE_STRING
)BackupFileName
);
301 PIELF_HANDLE LogHandle
)
303 return ElfDeleteEventLogHandle(LogHandle
);
309 ElfrDeregisterEventSource(
310 PIELF_HANDLE LogHandle
)
312 return ElfDeleteEventLogHandle(LogHandle
);
319 IELF_HANDLE LogHandle
,
320 PULONG NumberOfRecords
)
322 PLOGHANDLE pLogHandle
;
325 DPRINT("ElfrNumberOfRecords()\n");
327 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
329 return STATUS_INVALID_HANDLE
;
331 if (!NumberOfRecords
)
332 return STATUS_INVALID_PARAMETER
;
334 pLogFile
= pLogHandle
->LogFile
;
336 DPRINT("Oldest: %lu Current: %lu\n",
337 pLogFile
->Header
.OldestRecordNumber
,
338 pLogFile
->Header
.CurrentRecordNumber
);
340 if (pLogFile
->Header
.OldestRecordNumber
== 0)
342 /* OldestRecordNumber == 0 when the log is empty */
343 *NumberOfRecords
= 0;
347 /* The log contains events */
348 *NumberOfRecords
= pLogFile
->Header
.CurrentRecordNumber
-
349 pLogFile
->Header
.OldestRecordNumber
;
352 return STATUS_SUCCESS
;
359 IELF_HANDLE LogHandle
,
360 PULONG OldestRecordNumber
)
362 PLOGHANDLE pLogHandle
;
364 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
366 return STATUS_INVALID_HANDLE
;
368 if (!OldestRecordNumber
)
369 return STATUS_INVALID_PARAMETER
;
371 *OldestRecordNumber
= pLogHandle
->LogFile
->Header
.OldestRecordNumber
;
373 return STATUS_SUCCESS
;
380 IELF_HANDLE LogHandle
,
381 RPC_CLIENT_ID ClientId
,
385 return STATUS_NOT_IMPLEMENTED
;
392 EVENTLOG_HANDLE_W UNCServerName
,
393 PRPC_UNICODE_STRING ModuleName
,
394 PRPC_UNICODE_STRING RegModuleName
,
397 PIELF_HANDLE LogHandle
)
399 if ((MajorVersion
!= 1) || (MinorVersion
!= 1))
400 return STATUS_INVALID_PARAMETER
;
402 /* RegModuleName must be an empty string */
403 if (RegModuleName
->Length
> 0)
404 return STATUS_INVALID_PARAMETER
;
406 /* FIXME: UNCServerName must specify the server */
408 /* FIXME: Must verify that caller has read access */
410 return ElfCreateEventLogHandle((PLOGHANDLE
*)LogHandle
,
411 (PUNICODE_STRING
)ModuleName
,
418 ElfrRegisterEventSourceW(
419 EVENTLOG_HANDLE_W UNCServerName
,
420 PRPC_UNICODE_STRING ModuleName
,
421 PRPC_UNICODE_STRING RegModuleName
,
424 PIELF_HANDLE LogHandle
)
426 DPRINT("ElfrRegisterEventSourceW()\n");
428 if ((MajorVersion
!= 1) || (MinorVersion
!= 1))
429 return STATUS_INVALID_PARAMETER
;
431 /* RegModuleName must be an empty string */
432 if (RegModuleName
->Length
> 0)
433 return STATUS_INVALID_PARAMETER
;
435 DPRINT("ModuleName: %wZ\n", ModuleName
);
437 /* FIXME: UNCServerName must specify the server or empty for local */
439 /* FIXME: Must verify that caller has write access */
441 return ElfCreateEventLogHandle((PLOGHANDLE
*)LogHandle
,
442 (PUNICODE_STRING
)ModuleName
,
450 EVENTLOG_HANDLE_W UNCServerName
,
451 PRPC_UNICODE_STRING BackupFileName
,
454 PIELF_HANDLE LogHandle
)
456 DPRINT("ElfrOpenBELW(%wZ)\n", BackupFileName
);
458 if ((MajorVersion
!= 1) || (MinorVersion
!= 1))
459 return STATUS_INVALID_PARAMETER
;
461 /* FIXME: UNCServerName must specify the server */
463 /* FIXME: Must verify that caller has read access */
465 return ElfCreateBackupLogHandle((PLOGHANDLE
*)LogHandle
,
466 (PUNICODE_STRING
)BackupFileName
);
473 IELF_HANDLE LogHandle
,
476 RULONG NumberOfBytesToRead
,
478 PULONG NumberOfBytesRead
,
479 PULONG MinNumberOfBytesNeeded
)
482 PLOGHANDLE pLogHandle
;
485 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
487 return STATUS_INVALID_HANDLE
;
490 return STATUS_INVALID_PARAMETER
;
492 /* If sequential read, retrieve the CurrentRecord from this log handle */
493 if (ReadFlags
& EVENTLOG_SEQUENTIAL_READ
)
495 RecordNumber
= pLogHandle
->CurrentRecord
;
497 else // (ReadFlags & EVENTLOG_SEEK_READ)
499 RecordNumber
= RecordOffset
;
502 Status
= LogfReadEvents(pLogHandle
->LogFile
,
508 MinNumberOfBytesNeeded
,
511 /* Update the handle's CurrentRecord if success */
512 if (NT_SUCCESS(Status
))
514 pLogHandle
->CurrentRecord
= RecordNumber
;
521 /* Helper function for ElfrReportEventW/A and ElfrReportEventAndSourceW */
524 IELF_HANDLE LogHandle
,
527 USHORT EventCategory
,
529 PRPC_UNICODE_STRING SourceName OPTIONAL
,
532 PRPC_UNICODE_STRING ComputerName
,
534 PRPC_UNICODE_STRING Strings
[],
541 PLOGHANDLE pLogHandle
;
542 PEVENTLOGRECORD LogBuffer
;
545 ULONG dwStringsSize
= 0;
546 ULONG dwUserSidLength
= 0;
547 PWSTR lpStrings
, str
;
549 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
551 return STATUS_INVALID_HANDLE
;
553 /* Flags must be 0 */
555 return STATUS_INVALID_PARAMETER
;
557 for (i
= 0; i
< NumStrings
; i
++)
561 case EVENTLOG_SUCCESS
:
562 DPRINT("Success: %wZ\n", Strings
[i
]);
565 case EVENTLOG_ERROR_TYPE
:
566 DPRINT("Error: %wZ\n", Strings
[i
]);
569 case EVENTLOG_WARNING_TYPE
:
570 DPRINT("Warning: %wZ\n", Strings
[i
]);
573 case EVENTLOG_INFORMATION_TYPE
:
574 DPRINT("Info: %wZ\n", Strings
[i
]);
577 case EVENTLOG_AUDIT_SUCCESS
:
578 DPRINT("Audit Success: %wZ\n", Strings
[i
]);
581 case EVENTLOG_AUDIT_FAILURE
:
582 DPRINT("Audit Failure: %wZ\n", Strings
[i
]);
586 DPRINT1("Type %hu: %wZ\n", EventType
, Strings
[i
]);
589 dwStringsSize
+= Strings
[i
]->Length
+ sizeof(UNICODE_NULL
);
592 lpStrings
= HeapAlloc(GetProcessHeap(), 0, dwStringsSize
);
595 DPRINT1("Failed to allocate heap\n");
596 return STATUS_NO_MEMORY
;
600 for (i
= 0; i
< NumStrings
; i
++)
602 RtlCopyMemory(str
, Strings
[i
]->Buffer
, Strings
[i
]->Length
);
603 str
+= Strings
[i
]->Length
/ sizeof(WCHAR
);
609 dwUserSidLength
= FIELD_OFFSET(SID
, SubAuthority
[UserSID
->SubAuthorityCount
]);
611 LogBuffer
= LogfAllocAndBuildNewRecord(&RecSize
,
616 (SourceName
&& SourceName
->Buffer
)
618 : pLogHandle
->szName
,
619 ComputerName
->Buffer
,
627 Status
= LogfWriteRecord(pLogHandle
->LogFile
, RecSize
, LogBuffer
);
628 if (!NT_SUCCESS(Status
))
630 DPRINT1("ERROR writing to event log `%S' (Status 0x%08lx)\n",
631 pLogHandle
->LogFile
->LogName
, Status
);
634 if (NT_SUCCESS(Status
))
636 /* Retrieve the two fields that were set by LogfWriteRecord into the record */
638 *RecordNumber
= LogBuffer
->RecordNumber
;
640 *TimeWritten
= LogBuffer
->TimeWritten
;
643 LogfFreeRecord(LogBuffer
);
645 HeapFree(GetProcessHeap(), 0, lpStrings
);
654 IELF_HANDLE LogHandle
,
657 USHORT EventCategory
,
661 PRPC_UNICODE_STRING ComputerName
,
663 PRPC_UNICODE_STRING Strings
[],
669 /* Call the helper function. The event source is provided via the log handle. */
670 return ElfrIntReportEventW(LogHandle
,
691 IELF_HANDLE LogHandle
,
692 PRPC_STRING BackupFileName
)
695 UNICODE_STRING BackupFileNameW
;
697 Status
= RtlAnsiStringToUnicodeString(&BackupFileNameW
,
698 (PANSI_STRING
)BackupFileName
,
700 if (!NT_SUCCESS(Status
))
703 Status
= ElfrClearELFW(LogHandle
,
704 (PRPC_UNICODE_STRING
)&BackupFileNameW
);
706 RtlFreeUnicodeString(&BackupFileNameW
);
715 IELF_HANDLE LogHandle
,
716 PRPC_STRING BackupFileName
)
719 UNICODE_STRING BackupFileNameW
;
721 Status
= RtlAnsiStringToUnicodeString(&BackupFileNameW
,
722 (PANSI_STRING
)BackupFileName
,
724 if (!NT_SUCCESS(Status
))
727 Status
= ElfrBackupELFW(LogHandle
,
728 (PRPC_UNICODE_STRING
)&BackupFileNameW
);
730 RtlFreeUnicodeString(&BackupFileNameW
);
739 EVENTLOG_HANDLE_A UNCServerName
,
740 PRPC_STRING ModuleName
,
741 PRPC_STRING RegModuleName
,
744 PIELF_HANDLE LogHandle
)
747 UNICODE_STRING ModuleNameW
;
749 if ((MajorVersion
!= 1) || (MinorVersion
!= 1))
750 return STATUS_INVALID_PARAMETER
;
752 /* RegModuleName must be an empty string */
753 if (RegModuleName
->Length
> 0)
754 return STATUS_INVALID_PARAMETER
;
756 Status
= RtlAnsiStringToUnicodeString(&ModuleNameW
, (PANSI_STRING
)ModuleName
, TRUE
);
757 if (!NT_SUCCESS(Status
))
760 /* FIXME: Must verify that caller has read access */
762 Status
= ElfCreateEventLogHandle((PLOGHANDLE
*)LogHandle
,
766 RtlFreeUnicodeString(&ModuleNameW
);
774 ElfrRegisterEventSourceA(
775 EVENTLOG_HANDLE_A UNCServerName
,
776 PRPC_STRING ModuleName
,
777 PRPC_STRING RegModuleName
,
780 PIELF_HANDLE LogHandle
)
783 UNICODE_STRING ModuleNameW
;
785 Status
= RtlAnsiStringToUnicodeString(&ModuleNameW
,
786 (PANSI_STRING
)ModuleName
,
788 if (!NT_SUCCESS(Status
))
790 DPRINT1("RtlAnsiStringToUnicodeString failed (Status 0x%08lx)\n", Status
);
794 /* RegModuleName must be an empty string */
795 if (RegModuleName
->Length
> 0)
797 RtlFreeUnicodeString(&ModuleNameW
);
798 return STATUS_INVALID_PARAMETER
;
801 if ((MajorVersion
!= 1) || (MinorVersion
!= 1))
803 RtlFreeUnicodeString(&ModuleNameW
);
804 return STATUS_INVALID_PARAMETER
;
807 /* FIXME: Must verify that caller has write access */
809 Status
= ElfCreateEventLogHandle((PLOGHANDLE
*)LogHandle
,
813 RtlFreeUnicodeString(&ModuleNameW
);
822 EVENTLOG_HANDLE_A UNCServerName
,
823 PRPC_STRING BackupFileName
,
826 PIELF_HANDLE LogHandle
)
829 UNICODE_STRING BackupFileNameW
;
831 DPRINT("ElfrOpenBELA(%Z)\n", BackupFileName
);
833 Status
= RtlAnsiStringToUnicodeString(&BackupFileNameW
,
834 (PANSI_STRING
)BackupFileName
,
836 if (!NT_SUCCESS(Status
))
838 DPRINT1("RtlAnsiStringToUnicodeString failed (Status 0x%08lx)\n", Status
);
842 if ((MajorVersion
!= 1) || (MinorVersion
!= 1))
844 RtlFreeUnicodeString(&BackupFileNameW
);
845 return STATUS_INVALID_PARAMETER
;
848 /* FIXME: UNCServerName must specify the server */
850 /* FIXME: Must verify that caller has read access */
852 Status
= ElfCreateBackupLogHandle((PLOGHANDLE
*)LogHandle
,
855 RtlFreeUnicodeString(&BackupFileNameW
);
864 IELF_HANDLE LogHandle
,
867 RULONG NumberOfBytesToRead
,
869 PULONG NumberOfBytesRead
,
870 PULONG MinNumberOfBytesNeeded
)
873 PLOGHANDLE pLogHandle
;
876 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
878 return STATUS_INVALID_HANDLE
;
881 return STATUS_INVALID_PARAMETER
;
883 /* If sequential read, retrieve the CurrentRecord from this log handle */
884 if (ReadFlags
& EVENTLOG_SEQUENTIAL_READ
)
886 RecordNumber
= pLogHandle
->CurrentRecord
;
888 else // (ReadFlags & EVENTLOG_SEEK_READ)
890 RecordNumber
= RecordOffset
;
893 Status
= LogfReadEvents(pLogHandle
->LogFile
,
899 MinNumberOfBytesNeeded
,
902 /* Update the handle's CurrentRecord if success */
903 if (NT_SUCCESS(Status
))
905 pLogHandle
->CurrentRecord
= RecordNumber
;
915 IELF_HANDLE LogHandle
,
918 USHORT EventCategory
,
922 PRPC_STRING ComputerName
,
924 PRPC_STRING Strings
[],
930 NTSTATUS Status
= STATUS_SUCCESS
;
931 UNICODE_STRING ComputerNameW
;
932 PUNICODE_STRING
*StringsArrayW
= NULL
;
935 DPRINT("ElfrReportEventA(%hu)\n", NumStrings
);
938 for (i
= 0; i
< NumStrings
; i
++)
940 if (Strings
[i
] == NULL
)
942 DPRINT1("String %hu is null\n", i
);
946 DPRINT1("String %hu: %Z\n", i
, Strings
[i
]);
951 Status
= RtlAnsiStringToUnicodeString((PUNICODE_STRING
)&ComputerNameW
,
952 (PANSI_STRING
)ComputerName
,
954 if (!NT_SUCCESS(Status
))
959 StringsArrayW
= HeapAlloc(GetProcessHeap(),
961 NumStrings
* sizeof(PUNICODE_STRING
));
962 if (StringsArrayW
== NULL
)
964 Status
= STATUS_NO_MEMORY
;
968 for (i
= 0; i
< NumStrings
; i
++)
970 if (Strings
[i
] != NULL
)
972 StringsArrayW
[i
] = HeapAlloc(GetProcessHeap(),
974 sizeof(UNICODE_STRING
));
975 if (StringsArrayW
[i
] == NULL
)
977 Status
= STATUS_NO_MEMORY
;
981 Status
= RtlAnsiStringToUnicodeString(StringsArrayW
[i
],
982 (PANSI_STRING
)Strings
[i
],
986 if (!NT_SUCCESS(Status
))
991 if (NT_SUCCESS(Status
))
993 Status
= ElfrReportEventW(LogHandle
,
1000 (PRPC_UNICODE_STRING
)&ComputerNameW
,
1002 (PRPC_UNICODE_STRING
*)StringsArrayW
,
1010 if (StringsArrayW
!= NULL
)
1012 for (i
= 0; i
< NumStrings
; i
++)
1014 if ((StringsArrayW
[i
] != NULL
) && (StringsArrayW
[i
]->Buffer
))
1016 RtlFreeUnicodeString(StringsArrayW
[i
]);
1017 HeapFree(GetProcessHeap(), 0, StringsArrayW
[i
]);
1021 HeapFree(GetProcessHeap(), 0, StringsArrayW
);
1024 RtlFreeUnicodeString(&ComputerNameW
);
1032 ElfrRegisterClusterSvc(
1033 handle_t BindingHandle
)
1036 return STATUS_NOT_IMPLEMENTED
;
1042 ElfrDeregisterClusterSvc(
1043 handle_t BindingHandle
)
1046 return STATUS_NOT_IMPLEMENTED
;
1052 ElfrWriteClusterEvents(
1053 handle_t BindingHandle
)
1056 return STATUS_NOT_IMPLEMENTED
;
1062 ElfrGetLogInformation(
1063 IELF_HANDLE LogHandle
,
1067 PULONG pcbBytesNeeded
)
1069 NTSTATUS Status
= STATUS_SUCCESS
;
1070 PLOGHANDLE pLogHandle
;
1072 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
1074 return STATUS_INVALID_HANDLE
;
1078 case EVENTLOG_FULL_INFO
:
1080 LPEVENTLOG_FULL_INFORMATION efi
= (LPEVENTLOG_FULL_INFORMATION
)Buffer
;
1082 *pcbBytesNeeded
= sizeof(EVENTLOG_FULL_INFORMATION
);
1083 if (cbBufSize
< sizeof(EVENTLOG_FULL_INFORMATION
))
1085 Status
= STATUS_BUFFER_TOO_SMALL
;
1090 * FIXME. To check whether an event log is "full" one needs
1091 * to compare its current size with respect to the maximum
1092 * size threshold "MaxSize" contained in its header.
1099 Status
= STATUS_INVALID_LEVEL
;
1110 IELF_HANDLE LogHandle
)
1112 PLOGHANDLE pLogHandle
;
1114 pLogHandle
= ElfGetLogHandleEntryByHandle(LogHandle
);
1116 return STATUS_INVALID_HANDLE
;
1119 return STATUS_NOT_IMPLEMENTED
;
1125 ElfrReportEventAndSourceW(
1126 IELF_HANDLE LogHandle
,
1129 USHORT EventCategory
,
1131 PRPC_UNICODE_STRING SourceName
,
1134 PRPC_UNICODE_STRING ComputerName
,
1136 PRPC_UNICODE_STRING Strings
[],
1139 PULONG RecordNumber
,
1142 /* Call the helper function. The event source is specified by the caller. */
1143 return ElfrIntReportEventW(LogHandle
,
1161 void __RPC_FAR
*__RPC_USER
midl_user_allocate(SIZE_T len
)
1163 return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, len
);
1167 void __RPC_USER
midl_user_free(void __RPC_FAR
* ptr
)
1169 HeapFree(GetProcessHeap(), 0, ptr
);
1173 void __RPC_USER
IELF_HANDLE_rundown(IELF_HANDLE LogHandle
)
1175 /* Close the handle */
1176 ElfDeleteEventLogHandle(&LogHandle
); // ElfrCloseEL(&LogHandle);