diff options
Diffstat (limited to 'private/eventlog/server/elfproto.h')
-rw-r--r-- | private/eventlog/server/elfproto.h | 384 |
1 files changed, 384 insertions, 0 deletions
diff --git a/private/eventlog/server/elfproto.h b/private/eventlog/server/elfproto.h new file mode 100644 index 000000000..a6a28fa42 --- /dev/null +++ b/private/eventlog/server/elfproto.h @@ -0,0 +1,384 @@ +/*++ + +Copyright (c) 1991 Microsoft Corporation + +Module Name: + + elfproto.h + +Abstract: + + This file contains the prototypes for the Eventlog service. + +Author: + + Rajen Shah (rajens) 12-Aug-1991 + +Revision History: + +--*/ + +#ifndef _ELFPROTO_ +#define _ELFPROTO + +// +// Other prototypes +// +PVOID +ElfpAllocateBuffer (ULONG size); + +VOID +ElfpFreeBuffer (PVOID BufPtr); + +VOID +ElfPerformRequest( PELF_REQUEST_RECORD Request); + + +PLOGMODULE +GetModuleStruc( PUNICODE_STRING ModuleName ); + +PLOGMODULE +FindModuleStrucFromAtom ( ATOM Atom ); + + +VOID +ElfControlResponse( + DWORD); + +VOID +ElfAnnounceServiceStatus(); + +VOID +Elfmain ( + DWORD argc, + LPWSTR argv[] + ); + +VOID +ElfPrepareForPause(); + +VOID +ElfPrepareForContinue(); + +VOID +IELF_HANDLE_rundown( + IELF_HANDLE ElfHandle + ); + +VOID +LinkContextHandle( + IELF_HANDLE LogHandle + ); + +VOID +UnlinkContextHandle ( + IELF_HANDLE LogHandle + ); + +VOID +LinkLogModule ( + PLOGMODULE pLogModule, + ANSI_STRING * pModuleNameA + ); + +VOID +UnlinkLogModule ( + PLOGMODULE pLogModule + ); + +VOID +LinkLogFile ( + PLOGFILE pLogFile + ); + +VOID +UnlinkLogFile ( + PLOGFILE pLogFile + ); + +VOID +GetGlobalResource (DWORD Type + ); + +VOID +ReleaseGlobalResource(); + +NTSTATUS +SetUpDataStruct ( + PUNICODE_STRING LogFileName, + ULONG MaxFileSize, + ULONG Retention, + ULONG GuestAccessRestriction, + PUNICODE_STRING ModuleName, + HANDLE hLogFile, + ELF_LOG_TYPE LogType + ); + +NTSTATUS +SetUpModules ( + HANDLE hLogFile, + PLOGFILE pLogFile, + BOOLEAN bAllowDupes + ); + +BOOL +StartLPCThread (); + +VOID +StopLPCThread (); + +BOOL +ElfStartRegistryMonitor (); + +VOID +StopRegistryMonitor (); + +NTSTATUS +ElfImpersonateClient( + VOID + ); + +NTSTATUS +ElfRevertToSelf( + VOID + ); + +NTSTATUS +ReadRegistryInfo ( + HANDLE hLogFiles, + PUNICODE_STRING SubKeyName, + PLOG_FILE_INFO LogFileInfo + ); + +NTSTATUS +ElfOpenLogFile ( + PLOGFILE pLogFile, + ELF_LOG_TYPE LogType + ); + +NTSTATUS +ElfpCloseLogFile ( + PLOGFILE pLogFile, + DWORD Flags + ); + +BOOL +ValidFilePos ( + PVOID Position, + PVOID BeginningRecord, + PVOID EndingRecord, + PVOID PhysicalEOF, + PVOID BaseAddress + ); + +VOID +ElfpCleanUp ( + ULONG EventFlags + ); + +NTSTATUS +ElfpCopyFile ( + IN HANDLE SourceHandle, + IN PUNICODE_STRING TargetFileName + ); + +VOID +FreeModuleAndLogFileStructs (VOID); + +NTSTATUS +ElfpFlushFiles (VOID); + + +VOID +InvalidateContextHandlesForLogFile ( + PLOGFILE pLogFile + ); + +VOID +FixContextHandlesForRecord ( + DWORD RecordOffset, + DWORD NewRecordOffset + ); + +PLOGFILE +FindLogFileFromName ( + PUNICODE_STRING LogFileName + ); + +BOOL +SendAdminAlert ( + ULONG MessageID, + ULONG NumStrings, + UNICODE_STRING *pStrings + ); + +PVOID +NextRecordPosition ( + ULONG ReadFlags, + PVOID CurrPosition, + ULONG CurrRecordLength, + PVOID BeginRecord, + PVOID EndRecord, + PVOID PhysicalEOF, + PVOID PhysStart + ); + +VOID +NotifyChange ( + PLOGFILE pLogFile + ); + + +VOID +WriteQueuedEvents ( + ); + +VOID +FlushQueuedEvents ( + ); + +VOID +PerformWriteRequest ( PELF_REQUEST_RECORD Request + ); + +NTSTATUS +ElfpCreateLogFileObject( + PLOGFILE LogFile, + DWORD Type, + ULONG GuestAccessRestriction + ); + +VOID +ElfpDeleteLogFileObject( + PLOGFILE LogFile + ); + +VOID +ElfpCloseAudit( + IN LPWSTR SubsystemName, + IN IELF_HANDLE ContextHandle + ); + +NTSTATUS +ElfpAccessCheckAndAudit( + IN LPWSTR SubsystemName, + IN LPWSTR ObjectTypeName, + IN LPWSTR ObjectName, + IN OUT IELF_HANDLE ContextHandle, + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN ACCESS_MASK DesiredAccess, + IN PGENERIC_MAPPING GenericMapping, + IN BOOL ForSecurityLog + ); + +NTSTATUS +ElfCreateWellKnownSids( + VOID + ); + +VOID +ElfFreeWellKnownSids( + VOID + ); + +NTSTATUS +ElfCreateAndSetSD( + IN PRTL_ACE_DATA AceData, + IN ULONG AceCount, + IN PSID OwnerSid OPTIONAL, + IN PSID GroupSid OPTIONAL, + OUT PSECURITY_DESCRIPTOR *NewDescriptor + ); + +NTSTATUS +ElfCreateUserSecurityObject( + IN PRTL_ACE_DATA AceData, + IN ULONG AceCount, + IN PSID OwnerSid, + IN PSID GroupSid, + IN BOOLEAN IsDirectoryObject, + IN PGENERIC_MAPPING GenericMapping, + OUT PSECURITY_DESCRIPTOR *NewDescriptor + ); + +VOID +ElfpCreateElfEvent( + IN ULONG EventId, + IN USHORT EventType, + IN USHORT EventCategory, + IN USHORT NumStrings, + IN LPWSTR * Strings, + IN LPVOID Data, + IN ULONG DataSize, + IN USHORT Flags + ); + + +VOID +ElfpCreateQueuedAlert( + DWORD MessageId, + DWORD NumberOfStrings, + LPWSTR Strings[] + ); + +VOID +ElfpCreateQueuedMessage( + DWORD MessageId, + DWORD NumberOfStrings, + LPWSTR Strings[] + ); + +DWORD +ElfStatusUpdate( + IN DWORD NewState + ); + +DWORD +GetElState ( + VOID + ); + +VOID +ElfpGenerateLogClearedEvent( + IELF_HANDLE LogHandle + ); + +VOID +ElInitStatus( + VOID + ); + +VOID +ElCleanupStatus( + VOID + ); + +DWORD +ElfBeginForcedShutdown( + IN BOOL PendingCode, + IN DWORD ExitCode, + IN DWORD ServiceSpecificCode + ); + +#ifdef _CAIRO_ + +BOOL +GetSourceAlertFilterFromRegistry( + HANDLE hKeyLogFile, + UNICODE_STRING * pswszSourceName, + SHORT * psCategoryFilter, + SHORT * psSeverityFilter); + +BOOL +TestFilter( + WORD NTEventType, + SHORT sAlertSeverity); + +HRESULT +RaiseCairoAlert( + PLOGMODULE pLogModule, + EVENTLOGRECORD * pEventLogRecord); + +#endif // _CAIRO_ + +#endif // ifndef _ELFPROTO_ |