2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Marcin Krzysztof Porwit 2005,
5 * Copyright (C) Brian Moran 2005,
6 * Copyright (C) Gerald (Jerry) Carter 2005.
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
25 #define DBGC_CLASS DBGC_RPC_SRV
30 uint32 current_record;
34 uint32 access_granted;
37 /********************************************************************
38 ********************************************************************/
40 static int eventlog_info_destructor(EVENTLOG_INFO *elog)
43 elog_close_tdb(elog->etdb, false);
48 /********************************************************************
49 ********************************************************************/
51 static EVENTLOG_INFO *find_eventlog_info_by_hnd( pipes_struct * p,
56 if ( !find_policy_by_hnd( p, handle, (void **)(void *)&info ) ) {
58 ( "find_eventlog_info_by_hnd: eventlog not found.\n" ) );
65 /********************************************************************
66 ********************************************************************/
68 static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
70 char *tdbname = elog_tdbname(talloc_tos(), info->logname );
77 /* get the security descriptor for the file */
79 sec_desc = get_nt_acl_no_snum( info, tdbname );
80 TALLOC_FREE( tdbname );
83 DEBUG(5,("elog_check_access: Unable to get NT ACL for %s\n",
90 if ( geteuid() == sec_initial_uid() ) {
91 DEBUG(5,("elog_check_access: using root's token\n"));
92 token = get_root_nt_token();
95 /* run the check, try for the max allowed */
97 status = se_access_check( sec_desc, token, MAXIMUM_ALLOWED_ACCESS,
98 &info->access_granted);
101 TALLOC_FREE( sec_desc );
103 if (!NT_STATUS_IS_OK(status)) {
104 DEBUG(8,("elog_check_access: se_access_check() return %s\n",
109 /* we have to have READ permission for a successful open */
111 return ( info->access_granted & SA_RIGHT_FILE_READ_DATA );
114 /********************************************************************
115 ********************************************************************/
117 static bool elog_validate_logname( const char *name )
120 const char **elogs = lp_eventlog_list();
126 for ( i=0; elogs[i]; i++ ) {
127 if ( strequal( name, elogs[i] ) )
134 /********************************************************************
135 ********************************************************************/
137 static bool get_num_records_hook( EVENTLOG_INFO * info )
143 DEBUG( 10, ( "No open tdb for %s\n", info->logname ) );
147 /* lock the tdb since we have to get 2 records */
149 tdb_lock_bystring_with_timeout( ELOG_TDB_CTX(info->etdb), EVT_NEXT_RECORD, 1 );
150 next_record = tdb_fetch_int32( ELOG_TDB_CTX(info->etdb), EVT_NEXT_RECORD);
151 oldest_record = tdb_fetch_int32( ELOG_TDB_CTX(info->etdb), EVT_OLDEST_ENTRY);
152 tdb_unlock_bystring( ELOG_TDB_CTX(info->etdb), EVT_NEXT_RECORD);
155 ( "Oldest Record %d; Next Record %d\n", oldest_record,
158 info->num_records = ( next_record - oldest_record );
159 info->oldest_entry = oldest_record;
164 /********************************************************************
165 ********************************************************************/
167 static bool get_oldest_entry_hook( EVENTLOG_INFO * info )
169 /* it's the same thing */
170 return get_num_records_hook( info );
173 /********************************************************************
174 ********************************************************************/
176 static NTSTATUS elog_open( pipes_struct * p, const char *logname, POLICY_HND *hnd )
180 /* first thing is to validate the eventlog name */
182 if ( !elog_validate_logname( logname ) )
183 return NT_STATUS_OBJECT_PATH_INVALID;
185 if ( !(elog = TALLOC_ZERO_P( NULL, EVENTLOG_INFO )) )
186 return NT_STATUS_NO_MEMORY;
187 talloc_set_destructor(elog, eventlog_info_destructor);
189 elog->logname = talloc_strdup( elog, logname );
191 /* Open the tdb first (so that we can create any new tdbs if necessary).
192 We have to do this as root and then use an internal access check
193 on the file permissions since you can only have a tdb open once
194 in a single process */
197 elog->etdb = elog_open_tdb( elog->logname, False );
201 /* according to MSDN, if the logfile cannot be found, we should
202 default to the "Application" log */
204 if ( !strequal( logname, ELOG_APPL ) ) {
206 TALLOC_FREE( elog->logname );
208 elog->logname = talloc_strdup( elog, ELOG_APPL );
210 /* do the access check */
211 if ( !elog_check_access( elog, p->server_info->ptok ) ) {
213 return NT_STATUS_ACCESS_DENIED;
217 elog->etdb = elog_open_tdb( elog->logname, False );
223 return NT_STATUS_ACCESS_DENIED; /* ??? */
227 /* now do the access check. Close the tdb if we fail here */
229 if ( !elog_check_access( elog, p->server_info->ptok ) ) {
231 return NT_STATUS_ACCESS_DENIED;
234 /* create the policy handle */
236 if ( !create_policy_hnd( p, hnd, elog ) ) {
238 return NT_STATUS_NO_MEMORY;
241 /* set the initial current_record pointer */
243 if ( !get_oldest_entry_hook( elog ) ) {
244 DEBUG(3,("elog_open: Successfully opened eventlog but can't "
245 "get any information on internal records!\n"));
248 elog->current_record = elog->oldest_entry;
253 /********************************************************************
254 ********************************************************************/
256 static NTSTATUS elog_close( pipes_struct *p, POLICY_HND *hnd )
258 if ( !( close_policy_hnd( p, hnd ) ) ) {
259 return NT_STATUS_INVALID_HANDLE;
265 /*******************************************************************
266 *******************************************************************/
268 static int elog_size( EVENTLOG_INFO *info )
270 if ( !info || !info->etdb ) {
271 DEBUG(0,("elog_size: Invalid info* structure!\n"));
275 return elog_tdb_size( ELOG_TDB_CTX(info->etdb), NULL, NULL );
278 /********************************************************************
279 For the given tdb, get the next eventlog record into the passed
280 Eventlog_entry. returns NULL if it can't get the record for some reason.
281 ********************************************************************/
283 static Eventlog_entry *get_eventlog_record(TALLOC_CTX *mem_ctx,
287 Eventlog_entry *ee = NULL;
294 char *wpsource = NULL;
295 char *wpcomputer = NULL;
298 char *puserdata = NULL;
300 key.dsize = sizeof(int32_t);
303 key.dptr = (unsigned char *)&srecno;
305 ret = tdb_fetch( tdb, key );
307 if ( ret.dsize == 0 ) {
309 ( "Can't find a record for the key, record %d\n",
314 len = tdb_unpack( ret.dptr, ret.dsize, "d", &reclen );
316 DEBUG( 10, ( "Unpacking record %d, size is %d\n", srecno, len ) );
321 ee = TALLOC_ARRAY(mem_ctx, Eventlog_entry, 1);
327 len = tdb_unpack( ret.dptr, ret.dsize, "ddddddwwwwddddddBBdBBBd",
328 &ee->record.length, &ee->record.reserved1,
329 &ee->record.record_number,
330 &ee->record.time_generated,
331 &ee->record.time_written, &ee->record.event_id,
332 &ee->record.event_type, &ee->record.num_strings,
333 &ee->record.event_category, &ee->record.reserved2,
334 &ee->record.closing_record_number,
335 &ee->record.string_offset,
336 &ee->record.user_sid_length,
337 &ee->record.user_sid_offset,
338 &ee->record.data_length, &ee->record.data_offset,
339 &ee->data_record.source_name_len, &wpsource,
340 &ee->data_record.computer_name_len, &wpcomputer,
341 &ee->data_record.sid_padding,
342 &ee->record.user_sid_length, &wpsid,
343 &ee->data_record.strings_len, &wpstrs,
344 &ee->data_record.user_data_len, &puserdata,
345 &ee->data_record.data_padding );
347 ( "Read record %d, len in tdb was %d\n",
348 ee->record.record_number, len ) );
350 /* have to do the following because the tdb_unpack allocs a buff, stuffs a pointer to the buff
351 into it's 2nd argment for 'B' */
354 ee->data_record.computer_name = (smb_ucs2_t *)TALLOC_MEMDUP(
355 ee, wpcomputer, ee->data_record.computer_name_len);
356 if (!ee->data_record.computer_name) {
362 ee->data_record.source_name = (smb_ucs2_t *)TALLOC_MEMDUP(
363 ee, wpsource, ee->data_record.source_name_len);
364 if (!ee->data_record.source_name) {
371 ee->data_record.sid = (smb_ucs2_t *)TALLOC_MEMDUP(
372 ee, wpsid, ee->record.user_sid_length);
373 if (!ee->data_record.sid) {
379 ee->data_record.strings = (smb_ucs2_t *)TALLOC_MEMDUP(
380 ee, wpstrs, ee->data_record.strings_len);
381 if (!ee->data_record.strings) {
388 ee->data_record.user_data = (char *)TALLOC_MEMDUP(
389 ee, puserdata, ee->data_record.user_data_len);
390 if (!ee->data_record.user_data) {
398 SAFE_FREE(wpcomputer);
402 SAFE_FREE(puserdata);
404 DEBUG( 10, ( "get_eventlog_record: read back %d\n", len ) );
406 ( "get_eventlog_record: computer_name %d is ",
407 ee->data_record.computer_name_len ) );
412 /********************************************************************
413 note that this can only be called AFTER the table is constructed,
414 since it uses the table to find the tdb handle
415 ********************************************************************/
417 static bool sync_eventlog_params( EVENTLOG_INFO *info )
422 struct registry_key *key;
423 struct registry_value *value;
425 char *elogname = info->logname;
426 TALLOC_CTX *ctx = talloc_stackframe();
429 DEBUG( 4, ( "sync_eventlog_params with %s\n", elogname ) );
432 DEBUG( 4, ( "No open tdb! (%s)\n", info->logname ) );
435 /* set resonable defaults. 512Kb on size and 1 week on time */
438 uiRetention = 604800;
440 /* the general idea is to internally open the registry
441 key and retrieve the values. That way we can continue
442 to use the same fetch/store api that we use in
445 path = talloc_asprintf(ctx, "%s/%s", KEY_EVENTLOG, elogname );
450 wresult = reg_open_path(ctx, path, REG_KEY_READ, get_root_nt_token(),
453 if ( !W_ERROR_IS_OK( wresult ) ) {
455 ( "sync_eventlog_params: Failed to open key [%s] (%s)\n",
456 path, win_errstr( wresult ) ) );
460 wresult = reg_queryvalue(key, key, "Retention", &value);
461 if (!W_ERROR_IS_OK(wresult)) {
462 DEBUG(4, ("Failed to query value \"Retention\": %s\n",
463 win_errstr(wresult)));
466 uiRetention = value->v.dword;
468 wresult = reg_queryvalue(key, key, "MaxSize", &value);
469 if (!W_ERROR_IS_OK(wresult)) {
470 DEBUG(4, ("Failed to query value \"MaxSize\": %s\n",
471 win_errstr(wresult)));
474 uiMaxSize = value->v.dword;
476 tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_MAXSIZE, uiMaxSize );
477 tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_RETENTION, uiRetention );
486 /********************************************************************
487 ********************************************************************/
489 static Eventlog_entry *read_package_entry( TALLOC_CTX *mem_ctx,
490 Eventlog_entry * entry )
493 Eventlog_entry *ee_new = NULL;
495 ee_new = TALLOC_ZERO_ARRAY(mem_ctx, Eventlog_entry, 1 );
496 if ( ee_new == NULL ) {
500 entry->data_record.sid_padding =
502 ( ( entry->data_record.source_name_len +
503 entry->data_record.computer_name_len ) % 4 ) ) % 4 );
504 entry->data_record.data_padding =
506 ( ( entry->data_record.strings_len +
507 entry->data_record.user_data_len ) % 4 ) ) % 4;
508 entry->record.length = sizeof( Eventlog_record );
509 entry->record.length += entry->data_record.source_name_len;
510 entry->record.length += entry->data_record.computer_name_len;
511 if ( entry->record.user_sid_length == 0 ) {
512 /* Should not pad to a DWORD boundary for writing out the sid if there is
513 no SID, so just propagate the padding to pad the data */
514 entry->data_record.data_padding +=
515 entry->data_record.sid_padding;
516 entry->data_record.sid_padding = 0;
519 ( "sid_padding is [%d].\n", entry->data_record.sid_padding ) );
521 ( "data_padding is [%d].\n",
522 entry->data_record.data_padding ) );
524 entry->record.length += entry->data_record.sid_padding;
525 entry->record.length += entry->record.user_sid_length;
526 entry->record.length += entry->data_record.strings_len;
527 entry->record.length += entry->data_record.user_data_len;
528 entry->record.length += entry->data_record.data_padding;
529 /* need another copy of length at the end of the data */
530 entry->record.length += sizeof( entry->record.length );
532 ( "entry->record.length is [%d].\n", entry->record.length ) );
534 TALLOC_ZERO_ARRAY(mem_ctx, uint8_t,
535 entry->record.length -
536 sizeof( Eventlog_record ) -
537 sizeof( entry->record.length ));
538 if ( entry->data == NULL ) {
541 offset = entry->data;
542 memcpy( offset, entry->data_record.source_name,
543 entry->data_record.source_name_len );
544 offset += entry->data_record.source_name_len;
545 memcpy( offset, entry->data_record.computer_name,
546 entry->data_record.computer_name_len );
547 offset += entry->data_record.computer_name_len;
548 /* SID needs to be DWORD-aligned */
549 offset += entry->data_record.sid_padding;
550 entry->record.user_sid_offset =
551 sizeof( Eventlog_record ) + ( offset - entry->data );
552 memcpy( offset, entry->data_record.sid,
553 entry->record.user_sid_length );
554 offset += entry->record.user_sid_length;
555 /* Now do the strings */
556 entry->record.string_offset =
557 sizeof( Eventlog_record ) + ( offset - entry->data );
558 memcpy( offset, entry->data_record.strings,
559 entry->data_record.strings_len );
560 offset += entry->data_record.strings_len;
561 /* Now do the data */
562 entry->record.data_length = entry->data_record.user_data_len;
563 entry->record.data_offset =
564 sizeof( Eventlog_record ) + ( offset - entry->data );
565 memcpy( offset, entry->data_record.user_data,
566 entry->data_record.user_data_len );
567 offset += entry->data_record.user_data_len;
569 memcpy( &( ee_new->record ), &entry->record,
570 sizeof( Eventlog_record ) );
571 memcpy( &( ee_new->data_record ), &entry->data_record,
572 sizeof( Eventlog_data_record ) );
573 ee_new->data = entry->data;
578 /********************************************************************
579 ********************************************************************/
581 static bool add_record_to_resp( EVENTLOG_R_READ_EVENTLOG * r_u,
582 Eventlog_entry * ee_new )
584 Eventlog_entry *insert_point;
586 insert_point = r_u->entry;
588 if ( NULL == insert_point ) {
592 while ( ( NULL != insert_point->next ) ) {
593 insert_point = insert_point->next;
596 insert_point->next = ee_new;
599 r_u->num_bytes_in_resp += ee_new->record.length;
604 /********************************************************************
605 _eventlog_OpenEventLogW
606 ********************************************************************/
608 NTSTATUS _eventlog_OpenEventLogW(pipes_struct *p,
609 struct eventlog_OpenEventLogW *r)
614 DEBUG( 10,("_eventlog_OpenEventLogW: Server [%s], Log [%s]\n",
615 r->in.servername->string, r->in.logname->string ));
617 /* according to MSDN, if the logfile cannot be found, we should
618 default to the "Application" log */
620 if ( !NT_STATUS_IS_OK( result = elog_open( p, r->in.logname->string, r->out.handle )) )
623 if ( !(info = find_eventlog_info_by_hnd( p, r->out.handle )) ) {
624 DEBUG(0,("_eventlog_OpenEventLogW: eventlog (%s) opened but unable to find handle!\n",
625 r->in.logname->string ));
626 elog_close( p, r->out.handle );
627 return NT_STATUS_INVALID_HANDLE;
630 DEBUG(10,("_eventlog_OpenEventLogW: Size [%d]\n", elog_size( info )));
632 sync_eventlog_params( info );
633 prune_eventlog( ELOG_TDB_CTX(info->etdb) );
638 /********************************************************************
639 _eventlog_ClearEventLogW
640 This call still needs some work
641 ********************************************************************/
642 /** The windows client seems to be doing something funny with the file name
644 ClearEventLog(handle, "backup_file")
645 on the client side will result in the backup file name looking like this on the
647 \??\${CWD of client}\backup_file
648 If an absolute path gets specified, such as
649 ClearEventLog(handle, "C:\\temp\\backup_file")
650 then it is still mangled by the client into this:
651 \??\C:\temp\backup_file
652 when it is on the wire.
653 I'm not sure where the \?? is coming from, or why the ${CWD} of the client process
654 would be added in given that the backup file gets written on the server side. */
656 NTSTATUS _eventlog_ClearEventLogW(pipes_struct *p,
657 struct eventlog_ClearEventLogW *r)
659 EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, r->in.handle );
662 return NT_STATUS_INVALID_HANDLE;
664 if (r->in.backupfile && r->in.backupfile->string) {
666 DEBUG(8,( "_eventlog_ClearEventLogW: Using [%s] as the backup "
667 "file name for log [%s].",
668 r->in.backupfile->string, info->logname ) );
671 /* check for WRITE access to the file */
673 if ( !(info->access_granted&SA_RIGHT_FILE_WRITE_DATA) )
674 return NT_STATUS_ACCESS_DENIED;
676 /* Force a close and reopen */
678 elog_close_tdb( info->etdb, True );
680 info->etdb = elog_open_tdb( info->logname, True );
684 return NT_STATUS_ACCESS_DENIED;
689 /********************************************************************
690 _eventlog_CloseEventLog
691 ********************************************************************/
693 NTSTATUS _eventlog_CloseEventLog(pipes_struct * p,
694 struct eventlog_CloseEventLog *r)
698 status = elog_close( p, r->in.handle );
699 if (!NT_STATUS_IS_OK(status)) {
703 ZERO_STRUCTP(r->out.handle);
708 /********************************************************************
709 ********************************************************************/
711 NTSTATUS _eventlog_read_eventlog( pipes_struct * p,
712 EVENTLOG_Q_READ_EVENTLOG * q_u,
713 EVENTLOG_R_READ_EVENTLOG * r_u )
715 EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, &q_u->handle );
716 Eventlog_entry *entry = NULL, *ee_new = NULL;
717 uint32 num_records_read = 0;
718 int bytes_left, record_number;
719 uint32 elog_read_type, elog_read_dir;
722 return NT_STATUS_INVALID_HANDLE;
725 info->flags = q_u->flags;
727 bytes_left = q_u->max_read_size;
730 return NT_STATUS_ACCESS_DENIED;
732 /* check for valid flags. Can't use the sequential and seek flags together */
734 elog_read_type = q_u->flags & (EVENTLOG_SEQUENTIAL_READ|EVENTLOG_SEEK_READ);
735 elog_read_dir = q_u->flags & (EVENTLOG_FORWARDS_READ|EVENTLOG_BACKWARDS_READ);
737 if ( elog_read_type == (EVENTLOG_SEQUENTIAL_READ|EVENTLOG_SEEK_READ)
738 || elog_read_dir == (EVENTLOG_FORWARDS_READ|EVENTLOG_BACKWARDS_READ) )
740 DEBUG(3,("_eventlog_read_eventlog: Invalid flags [0x%x] for ReadEventLog\n", q_u->flags));
741 return NT_STATUS_INVALID_PARAMETER;
744 /* a sequential read should ignore the offset */
746 if ( elog_read_type & EVENTLOG_SEQUENTIAL_READ )
747 record_number = info->current_record;
749 record_number = q_u->offset;
751 while ( bytes_left > 0 ) {
753 /* assume that when the record fetch fails, that we are done */
755 entry = get_eventlog_record (p->mem_ctx, ELOG_TDB_CTX(info->etdb), record_number);
760 DEBUG( 8, ( "Retrieved record %d\n", record_number ) );
762 /* Now see if there is enough room to add */
764 if ( !(ee_new = read_package_entry( p->mem_ctx, entry )) )
765 return NT_STATUS_NO_MEMORY;
767 if ( r_u->num_bytes_in_resp + ee_new->record.length > q_u->max_read_size ) {
768 r_u->bytes_in_next_record = ee_new->record.length;
770 /* response would be too big to fit in client-size buffer */
776 add_record_to_resp( r_u, ee_new );
777 bytes_left -= ee_new->record.length;
779 num_records_read = r_u->num_records - num_records_read;
781 DEBUG( 10, ( "_eventlog_read_eventlog: read [%d] records for a total "
782 "of [%d] records using [%d] bytes out of a max of [%d].\n",
783 num_records_read, r_u->num_records,
784 r_u->num_bytes_in_resp,
785 q_u->max_read_size ) );
787 if ( info->flags & EVENTLOG_FORWARDS_READ )
792 /* update the eventlog record pointer */
794 info->current_record = record_number;
797 /* crazy by WinXP uses NT_STATUS_BUFFER_TOO_SMALL to
798 say when there are no more records */
800 return (num_records_read ? NT_STATUS_OK : NT_STATUS_BUFFER_TOO_SMALL);
803 /********************************************************************
804 _eventlog_GetOldestRecord
805 ********************************************************************/
807 NTSTATUS _eventlog_GetOldestRecord(pipes_struct *p,
808 struct eventlog_GetOldestRecord *r)
810 EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, r->in.handle );
813 return NT_STATUS_INVALID_HANDLE;
816 if ( !( get_oldest_entry_hook( info ) ) )
817 return NT_STATUS_ACCESS_DENIED;
819 *r->out.oldest_entry = info->oldest_entry;
824 /********************************************************************
825 _eventlog_GetNumRecords
826 ********************************************************************/
828 NTSTATUS _eventlog_GetNumRecords(pipes_struct *p,
829 struct eventlog_GetNumRecords *r)
831 EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, r->in.handle );
834 return NT_STATUS_INVALID_HANDLE;
837 if ( !( get_num_records_hook( info ) ) )
838 return NT_STATUS_ACCESS_DENIED;
840 *r->out.number = info->num_records;
845 NTSTATUS _eventlog_BackupEventLogW(pipes_struct *p, struct eventlog_BackupEventLogW *r)
847 p->rng_fault_state = True;
848 return NT_STATUS_NOT_IMPLEMENTED;
851 NTSTATUS _eventlog_DeregisterEventSource(pipes_struct *p, struct eventlog_DeregisterEventSource *r)
853 p->rng_fault_state = True;
854 return NT_STATUS_NOT_IMPLEMENTED;
857 NTSTATUS _eventlog_ChangeNotify(pipes_struct *p, struct eventlog_ChangeNotify *r)
859 p->rng_fault_state = True;
860 return NT_STATUS_NOT_IMPLEMENTED;
863 NTSTATUS _eventlog_RegisterEventSourceW(pipes_struct *p, struct eventlog_RegisterEventSourceW *r)
865 p->rng_fault_state = True;
866 return NT_STATUS_NOT_IMPLEMENTED;
869 NTSTATUS _eventlog_OpenBackupEventLogW(pipes_struct *p, struct eventlog_OpenBackupEventLogW *r)
871 p->rng_fault_state = True;
872 return NT_STATUS_NOT_IMPLEMENTED;
875 NTSTATUS _eventlog_ReadEventLogW(pipes_struct *p, struct eventlog_ReadEventLogW *r)
877 p->rng_fault_state = True;
878 return NT_STATUS_NOT_IMPLEMENTED;
881 NTSTATUS _eventlog_ReportEventW(pipes_struct *p, struct eventlog_ReportEventW *r)
883 p->rng_fault_state = True;
884 return NT_STATUS_NOT_IMPLEMENTED;
887 NTSTATUS _eventlog_ClearEventLogA(pipes_struct *p, struct eventlog_ClearEventLogA *r)
889 p->rng_fault_state = True;
890 return NT_STATUS_NOT_IMPLEMENTED;
893 NTSTATUS _eventlog_BackupEventLogA(pipes_struct *p, struct eventlog_BackupEventLogA *r)
895 p->rng_fault_state = True;
896 return NT_STATUS_NOT_IMPLEMENTED;
899 NTSTATUS _eventlog_OpenEventLogA(pipes_struct *p, struct eventlog_OpenEventLogA *r)
901 p->rng_fault_state = True;
902 return NT_STATUS_NOT_IMPLEMENTED;
905 NTSTATUS _eventlog_RegisterEventSourceA(pipes_struct *p, struct eventlog_RegisterEventSourceA *r)
907 p->rng_fault_state = True;
908 return NT_STATUS_NOT_IMPLEMENTED;
911 NTSTATUS _eventlog_OpenBackupEventLogA(pipes_struct *p, struct eventlog_OpenBackupEventLogA *r)
913 p->rng_fault_state = True;
914 return NT_STATUS_NOT_IMPLEMENTED;
917 NTSTATUS _eventlog_ReadEventLogA(pipes_struct *p, struct eventlog_ReadEventLogA *r)
919 p->rng_fault_state = True;
920 return NT_STATUS_NOT_IMPLEMENTED;
923 NTSTATUS _eventlog_ReportEventA(pipes_struct *p, struct eventlog_ReportEventA *r)
925 p->rng_fault_state = True;
926 return NT_STATUS_NOT_IMPLEMENTED;
929 NTSTATUS _eventlog_RegisterClusterSvc(pipes_struct *p, struct eventlog_RegisterClusterSvc *r)
931 p->rng_fault_state = True;
932 return NT_STATUS_NOT_IMPLEMENTED;
935 NTSTATUS _eventlog_DeregisterClusterSvc(pipes_struct *p, struct eventlog_DeregisterClusterSvc *r)
937 p->rng_fault_state = True;
938 return NT_STATUS_NOT_IMPLEMENTED;
941 NTSTATUS _eventlog_WriteClusterEvents(pipes_struct *p, struct eventlog_WriteClusterEvents *r)
943 p->rng_fault_state = True;
944 return NT_STATUS_NOT_IMPLEMENTED;
947 NTSTATUS _eventlog_GetLogIntormation(pipes_struct *p, struct eventlog_GetLogIntormation *r)
949 p->rng_fault_state = True;
950 return NT_STATUS_NOT_IMPLEMENTED;
953 NTSTATUS _eventlog_FlushEventLog(pipes_struct *p, struct eventlog_FlushEventLog *r)
955 p->rng_fault_state = True;
956 return NT_STATUS_NOT_IMPLEMENTED;
959 NTSTATUS _eventlog_ReportEventAndSourceW(pipes_struct *p, struct eventlog_ReportEventAndSourceW *r)
961 p->rng_fault_state = True;
962 return NT_STATUS_NOT_IMPLEMENTED;
git.samba.org / metze / samba / wip.git / blob