archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/base/lsa/server/util.cxx

848 lines
20 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (c) Microsoft Corporation 1991 - 1992
  6. //
  7. // File: util.c
  8. //
  9. // Contents: General Purpose functions for the security interface
  10. //
  11. // Functions: SPException -- Handler for exceptions in packages
  12. // WLsaControlFunction -- Worker for SecurityPackageControl()
  13. // LsaControlFunction -- User mode stub
  14. // LsaQueryPackage -- User mode stub
  15. //
  16. //
  17. // History: 14 Aug 92 RichardW Created
  18. //
  19. //------------------------------------------------------------------------
  21. #include <lsapch.hxx>
  22. extern "C"
  23. {
  24. #include "sesmgr.h"
  25. #include "spdebug.h"
  26. #include "perf.hxx"
  27. }
  31. NTSTATUS GetMemStats(PUCHAR, DWORD *);
  33. #if DBG
  34. SpmExceptDbg ExceptDebug;
  35. DWORD FaultingTid;
  36. extern SpmDbg_MemoryFailure MemFail;
  37. #endif // DBG
  40. typedef SecurityUserData SECURITY_USER_DATA, *PSECURITY_USER_DATA;
  42. //+---------------------------------------------------------------------------
  43. //
  44. // Function: SpExceptionFilter
  45. //
  46. // Synopsis: General Exception filter, invoked by the SP_EXCEPTION macro.
  47. //
  48. // Arguments: [pSession] --
  49. // [pException] --
  50. //
  51. //
  52. // History: 8-09-95 RichardW Created
  53. //
  54. // Notes:
  55. //
  56. //----------------------------------------------------------------------------
  57. LONG
  58. SpExceptionFilter( PVOID pSession,
  59. EXCEPTION_POINTERS * pException)
  60. {
  61. DWORD_PTR CurrentPackage;
  62. PLSAP_SECURITY_PACKAGE pPackage = NULL;
  63. UNICODE_STRING LsaString = { 3 * sizeof( WCHAR ), 4 * sizeof( WCHAR ), L"LSA" };
  65. #if DBG
  67. DsysException(pException);
  69. PSpmExceptDbg pExcept;
  71. pExcept = (PSpmExceptDbg) TlsGetValue(dwExceptionInfo);
  72. if (!pExcept)
  73. {
  74. pExcept = &ExceptDebug;
  75. TlsSetValue(dwExceptionInfo, pExcept);
  76. }
  78. FaultingTid = GetCurrentThreadId();
  79. pExcept->ThreadId = GetCurrentThreadId();
  80. pExcept->pInstruction = pException->ExceptionRecord->ExceptionAddress;
  81. pExcept->Access = pException->ExceptionRecord->ExceptionInformation[0];
  82. pExcept->pMemory = (void *) pException->ExceptionRecord->ExceptionInformation[1];
  84. #endif
  86. CurrentPackage = GetCurrentPackageId();
  88. if (CurrentPackage != SPMGR_ID)
  89. {
  90. pPackage = SpmpLocatePackage( CurrentPackage );
  91. }
  93. SpmpReportEventU(
  94. EVENTLOG_ERROR_TYPE,
  95. SPMEVENT_PACKAGE_FAULT,
  96. CATEGORY_SPM,
  97. sizeof(EXCEPTION_RECORD),
  98. pException->ExceptionRecord,
  99. 1,
  100. ((CurrentPackage == SPMGR_ID || pPackage == NULL) ?
  101. &LsaString :
  102. &pPackage->Name )
  103. );
  105. return(EXCEPTION_EXECUTE_HANDLER);
  106. }
  110. //+-------------------------------------------------------------------------
  111. //
  112. // Function: SPException
  113. //
  114. // Synopsis: Handles an exception in a security package
  115. //
  116. // Effects: Varies, but may force an unload of a package.
  117. //
  118. // Arguments:
  119. //
  120. // Requires:
  121. //
  122. // Returns:
  123. //
  124. // Notes:
  125. //
  126. //--------------------------------------------------------------------------
  127. NTSTATUS
  128. SPException(NTSTATUS scRet,
  129. ULONG_PTR dwPackageID)
  130. {
  131. PSession pSession;
  132. PLSAP_SECURITY_PACKAGE pPackage;
  133. #if DBG
  134. PSpmExceptDbg pException = (PSpmExceptDbg) TlsGetValue(dwExceptionInfo);
  135. #endif
  137. pSession = GetCurrentSession();
  139. DebugLog((DEB_ERROR, "[%x] Exception in a package, code %x\n", pSession->dwProcessID, scRet));
  141. DebugLog((DEB_ERROR, "[%x] Address was @%x, %s address %x\n",
  142. pSession->dwProcessID,
  143. pException->pInstruction,
  144. (pException->Access ? "write" : "read"),
  145. pException->pMemory));
  149. if (dwPackageID == SPMGR_ID)
  150. {
  151. DebugLog((DEB_ERROR, " LSA itself hit a fault, thread %d\n", GetCurrentThreadId()));
  152. DebugLog((DEB_ERROR, " (ExceptionInfo @%x)\n", TlsGetValue(dwExceptionInfo)));
  153. #if DBG
  154. DsysAssertMsg( 0, "exception in LSA" );
  155. #endif
  156. return(scRet);
  157. }
  159. pPackage = SpmpLocatePackage( dwPackageID );
  161. if (!pPackage)
  162. {
  163. DebugLog((DEB_ERROR, " Invalid package ID passed\n"));
  164. return(scRet);
  165. }
  167. if ((scRet == STATUS_ACCESS_VIOLATION) ||
  168. (scRet == E_POINTER))
  169. {
  170. DebugLog((DEB_ERROR, " Package %ws created an access violation\n",
  171. pPackage->Name.Buffer));
  174. // Flag package as invalid
  176. pPackage->fPackage |= SP_INVALID;
  177. }
  179. if ((scRet == STATUS_NO_MEMORY) ||
  180. (scRet == STATUS_INSUFFICIENT_RESOURCES))
  181. {
  182. DebugLog((DEB_ERROR, " Out of memory situation exists\n"));
  183. DebugLog((DEB_ERROR, " Further requests may fail unless memory is freed\n"));
  184. }
  186. //
  187. // if the code is a success code, it is probably a WIN32 error so we
  188. // map it as such
  191. return(scRet);
  192. }
  198. //+-------------------------------------------------------------------------
  199. //
  200. // Function: WLsaQueryPackage
  201. //
  202. // Synopsis: Get info on a package (short enum), copy to client's address
  203. // space
  204. //
  205. // Effects: none
  206. //
  207. // Arguments:
  208. //
  209. // Requires:
  210. //
  211. // Returns:
  212. //
  213. // Notes:
  214. //
  215. //--------------------------------------------------------------------------
  217. NTSTATUS
  218. WLsaQueryPackageInfo(
  219. PSECURITY_STRING pPackageName,
  220. PSecPkgInfo * ppInfo
  221. )
  222. {
  223. NTSTATUS scRet;
  224. PLSAP_SECURITY_PACKAGE pPackage;
  225. WCHAR * pszString;
  226. PSession pSession = GetCurrentSession();
  227. ULONG cbData;
  228. PSecPkgInfo pClientInfo = NULL;
  229. PBYTE Where;
  230. UNICODE_STRING CommentString;
  231. UNICODE_STRING NameString;
  232. PSecPkgInfo pLocalInfo = NULL;
  233. SecPkgInfo PackageInfo = { 0 };
  234. LONG_PTR ClientOffset;
  235. ULONG ulStructureSize = sizeof(SecPkgInfo);
  237. DebugLog((DEB_TRACE, "QueryPackage\n"));
  238. *ppInfo = NULL;
  240. pPackage = SpmpLookupPackage(pPackageName);
  242. if (!pPackage)
  243. {
  244. return(STATUS_NO_SUCH_PACKAGE);
  245. }
  247. SetCurrentPackageId(pPackage->dwPackageID);
  249. StartCallToPackage( pPackage );
  251. __try
  252. {
  253. scRet = pPackage->FunctionTable.GetInfo(&PackageInfo);
  254. }
  255. __except (SP_EXCEPTION)
  256. {
  257. scRet = GetExceptionCode();
  258. scRet = SPException(scRet, pPackage->dwPackageID);
  259. }
  261. EndCallToPackage( pPackage );
  263. if (FAILED(scRet))
  264. {
  265. return(scRet);
  266. }
  268. //
  269. // Marshall the data to copy to the client
  270. //
  272. RtlInitUnicodeString(
  273. &NameString,
  274. PackageInfo.Name
  275. );
  277. RtlInitUnicodeString(
  278. &CommentString,
  279. PackageInfo.Comment
  280. );
  283. cbData = ulStructureSize +
  284. NameString.MaximumLength +
  285. CommentString.MaximumLength;
  287. pLocalInfo = (PSecPkgInfo) LsapAllocatePrivateHeap(cbData);
  288. if (pLocalInfo == NULL)
  289. {
  290. return(STATUS_INSUFFICIENT_RESOURCES);
  291. }
  293. pClientInfo = (PSecPkgInfo) LsapClientAllocate(cbData);
  294. if (pClientInfo == NULL)
  295. {
  296. LsapFreePrivateHeap(pLocalInfo);
  297. return(STATUS_INSUFFICIENT_RESOURCES);
  298. }
  300. ClientOffset = (LONG_PTR) ((PBYTE) pClientInfo - (PBYTE) pLocalInfo);
  302. Where = (PBYTE) (pLocalInfo + 1);
  304. *pLocalInfo = PackageInfo;
  305. pLocalInfo->Name = (LPWSTR) (Where + ClientOffset);
  306. RtlCopyMemory(
  307. Where,
  308. NameString.Buffer,
  309. NameString.MaximumLength
  310. );
  311. Where += NameString.MaximumLength;
  313. pLocalInfo->Comment = (LPWSTR) (Where + ClientOffset);
  314. RtlCopyMemory(
  315. Where,
  316. CommentString.Buffer,
  317. CommentString.MaximumLength
  318. );
  319. Where += CommentString.MaximumLength;
  321. DsysAssert(Where - (PBYTE) pLocalInfo == (LONG) cbData);
  323. scRet = LsapCopyToClient(
  324. pLocalInfo,
  325. pClientInfo,
  326. cbData);
  327. LsapFreePrivateHeap(pLocalInfo);
  329. if (FAILED(scRet))
  330. {
  331. LsapClientFree(pClientInfo);
  332. }
  334. *ppInfo = pClientInfo;
  336. return(scRet);
  337. }
  340. //+-------------------------------------------------------------------------
  341. //
  342. // Function: WLsaGetSecurityUserInfo
  343. //
  344. // Synopsis: worker function to get info about a logon session
  345. //
  346. // Effects:
  347. //
  348. // Arguments:
  349. //
  350. // Requires:
  351. //
  352. // Returns:
  353. //
  354. // Notes:
  355. //
  356. //
  357. //--------------------------------------------------------------------------
  359. NTSTATUS
  360. WLsaGetSecurityUserInfo(
  361. IN PLUID pLogonId,
  362. IN ULONG fFlags,
  363. OUT PSECURITY_USER_DATA * pUserInfo
  364. )
  365. {
  366. PLSAP_LOGON_SESSION pSession;
  367. NTSTATUS Status;
  368. PSECURITY_USER_DATA LocalUserData = NULL;
  369. PSECURITY_USER_DATA ClientBuffer = NULL;
  370. SECPKG_CLIENT_INFO ClientInfo;
  371. ULONG BufferSize;
  372. PUCHAR Where;
  373. LONG_PTR Offset;
  374. ULONG ulStructureSize = sizeof(SECURITY_USER_DATA);
  376. DebugLog((DEB_TRACE_WAPI,"WLsaGetSecurityUserInfo called\n"));
  378. //
  379. // if the logon ID is null, it is for the caller
  380. // so we know to go to the primary package.
  381. //
  383. if (pLogonId == NULL)
  384. {
  385. Status = LsapGetClientInfo(&ClientInfo);
  387. if (!NT_SUCCESS(Status))
  388. {
  389. return(Status);
  390. }
  392. pLogonId = &ClientInfo.LogonId;
  393. }
  395. pSession = LsapLocateLogonSession( pLogonId );
  397. if (!pSession)
  398. {
  399. DebugLog((DEB_WARN,"WLsaGetSecurityUserInfo called for non-existent LUID 0x%x:0x%x\n",
  400. pLogonId->LowPart,pLogonId->HighPart));
  402. Status = STATUS_NO_SUCH_LOGON_SESSION;
  404. goto Cleanup;
  405. }
  407. BufferSize = ulStructureSize +
  408. pSession->AccountName.Length +
  409. pSession->AuthorityName.Length +
  410. pSession->LogonServer.Length +
  411. RtlLengthSid(pSession->UserSid);
  413. LocalUserData = (PSECURITY_USER_DATA) LsapAllocatePrivateHeap(BufferSize);
  415. if (LocalUserData == NULL)
  416. {
  417. Status = STATUS_INSUFFICIENT_RESOURCES;
  418. goto Cleanup;
  419. }
  421. ClientBuffer = (PSECURITY_USER_DATA) LsapClientAllocate(BufferSize);
  423. if (ClientBuffer == NULL)
  424. {
  425. Status = STATUS_INSUFFICIENT_RESOURCES;
  426. goto Cleanup;
  427. }
  429. Offset = (LONG_PTR) ((PUCHAR) ClientBuffer - (PUCHAR) LocalUserData);
  431. Where = (PUCHAR) (LocalUserData + 1);
  433. //
  434. // Copy in all the fields from the logon session.
  435. //
  437. LocalUserData->pSid = (PSID) (Where + Offset);
  439. RtlCopyMemory(
  440. Where,
  441. pSession->UserSid,
  442. RtlLengthSid(pSession->UserSid)
  443. );
  444. Where += RtlLengthSid(pSession->UserSid);
  446. //
  447. // Copy in the user name
  448. //
  450. LocalUserData->UserName.Length =
  451. LocalUserData->UserName.MaximumLength = pSession->AccountName.Length;
  452. LocalUserData->UserName.Buffer = (LPWSTR) (Where + Offset);
  454. RtlCopyMemory(
  455. Where,
  456. pSession->AccountName.Buffer,
  457. pSession->AccountName.Length
  458. );
  459. Where += pSession->AccountName.Length;
  461. //
  462. // Copy in the domain name
  463. //
  465. LocalUserData->LogonDomainName.Length =
  466. LocalUserData->LogonDomainName.MaximumLength = pSession->AuthorityName.Length;
  468. LocalUserData->LogonDomainName.Buffer = (LPWSTR) (Where + Offset);
  470. RtlCopyMemory(
  471. Where,
  472. pSession->AuthorityName.Buffer,
  473. pSession->AuthorityName.Length
  474. );
  475. Where += pSession->AuthorityName.Length;
  477. //
  478. // Copy in the logon server
  479. //
  481. LocalUserData->LogonServer.Length =
  482. LocalUserData->LogonServer.MaximumLength = pSession->LogonServer.Length;
  484. LocalUserData->LogonServer.Buffer = (LPWSTR) (Where + Offset);
  486. RtlCopyMemory(
  487. Where,
  488. pSession->LogonServer.Buffer,
  489. pSession->LogonServer.Length
  490. );
  491. Where += pSession->LogonServer.Length;
  494. //
  495. // Copy this to the client
  496. //
  498. LsapReleaseLogonSession( pSession );
  500. Status = LsapCopyToClient(
  501. LocalUserData,
  502. ClientBuffer,
  503. BufferSize
  504. );
  506. if (!NT_SUCCESS(Status))
  507. {
  508. goto Cleanup;
  509. }
  511. *pUserInfo = ClientBuffer;
  512. ClientBuffer = NULL;
  514. Cleanup:
  516. if (LocalUserData != NULL)
  517. {
  518. LsapFreePrivateHeap(LocalUserData);
  519. }
  521. if (ClientBuffer != NULL)
  522. {
  523. LsapClientFree(ClientBuffer);
  524. }
  526. DebugLog((DEB_TRACE_WAPI,"GetUserInfo returned %x\n",Status));
  527. return(Status);
  528. }
  531. HANDLE hEventLog = INVALID_HANDLE_VALUE;
  532. DWORD LoggingLevel = (1 << EVENTLOG_ERROR_TYPE) | (1 << EVENTLOG_WARNING_TYPE) |
  533. (1 << EVENTLOG_INFORMATION_TYPE) ;
  534. WCHAR EventSourceName[] = TEXT("LsaSrv");
  536. #define MAX_EVENT_STRINGS 8
  538. //+---------------------------------------------------------------------------
  539. //
  540. // Function: SpmpInitializeEvents
  541. //
  542. // Synopsis: Connects to event log service
  543. //
  544. // Arguments: (none)
  545. //
  546. // History: 1-03-95 RichardW Created
  547. //
  548. // Notes:
  549. //
  550. //----------------------------------------------------------------------------
  551. BOOL
  552. SpmpInitializeEvents(void)
  553. {
  555. HKEY hKey;
  556. int err;
  557. DWORD disp;
  559. err = RegCreateKeyEx( HKEY_LOCAL_MACHINE,
  560. TEXT("System\\CurrentControlSet\\Services\\EventLog\\System\\LsaSrv"),
  561. 0,
  562. TEXT(""),
  563. REG_OPTION_NON_VOLATILE,
  564. KEY_WRITE,
  565. NULL,
  566. &hKey,
  567. &disp);
  568. if (err)
  569. {
  570. return(FALSE);
  571. }
  573. if (disp == REG_CREATED_NEW_KEY)
  574. {
  575. RegSetValueEx( hKey,
  576. TEXT("EventMessageFile"),
  577. 0,
  578. REG_EXPAND_SZ,
  579. (PBYTE) TEXT("%SystemRoot%\\system32\\lsasrv.dll"),
  580. sizeof(TEXT("%SystemRoot%\\system32\\lsasrv.dll")) );
  582. RegSetValueEx( hKey,
  583. TEXT("CategoryMessageFile"),
  584. 0,
  585. REG_EXPAND_SZ,
  586. (PBYTE) TEXT("%SystemRoot%\\system32\\lsasrv.dll"),
  587. sizeof(TEXT("%SystemRoot%\\system32\\lsasrv.dll")) );
  589. disp = 7;
  590. RegSetValueEx( hKey,
  591. TEXT("TypesSupported"),
  592. 0,
  593. REG_DWORD,
  594. (PBYTE) &disp,
  595. sizeof(DWORD) );
  596. disp = CATEGORY_MAX_CATEGORY - 1;
  597. RegSetValueEx( hKey,
  598. TEXT("CategoryCount"),
  599. 0,
  600. REG_DWORD,
  601. (PBYTE) &disp,
  602. sizeof(DWORD) );
  605. }
  607. RegCloseKey(hKey);
  610. hEventLog = RegisterEventSource(NULL, EventSourceName);
  611. if (hEventLog)
  612. {
  613. return(TRUE);
  614. }
  616. hEventLog = INVALID_HANDLE_VALUE;
  618. DebugLog((DEB_ERROR, "Could not open event log, error %d\n", GetLastError()));
  619. return(FALSE);
  620. }
  622. //+---------------------------------------------------------------------------
  623. //
  624. // Function: ReportServiceEvent
  625. //
  626. // Synopsis: Reports an event to the event log
  627. //
  628. // Arguments: [EventType] -- EventType (ERROR, WARNING, etc.)
  629. // [EventId] -- Event ID
  630. // [SizeOfRawData] -- Size of raw data
  631. // [RawData] -- Raw data
  632. // [NumberOfStrings] -- number of strings
  633. // ... -- PWSTRs to string data
  634. //
  635. // History: 1-03-95 RichardW Created
  636. //
  637. // Notes:
  638. //
  639. //----------------------------------------------------------------------------
  640. DWORD
  641. SpmpReportEvent(
  642. IN BOOL Unicode,
  643. IN WORD EventType,
  644. IN DWORD EventId,
  645. IN DWORD Category,
  646. IN DWORD SizeOfRawData,
  647. IN PVOID RawData,
  648. IN DWORD NumberOfStrings,
  649. ...
  650. )
  651. {
  652. va_list arglist;
  653. ULONG i;
  654. PWSTR Strings[ MAX_EVENT_STRINGS ];
  655. PSTR StringsA[ MAX_EVENT_STRINGS ];
  656. DWORD rv;
  658. if (hEventLog == INVALID_HANDLE_VALUE)
  659. {
  660. if (!SpmpInitializeEvents())
  661. {
  662. return((DWORD) -1);
  663. }
  664. }
  666. //
  667. // We're not supposed to be logging this, so nuke it
  668. //
  669. if ((LoggingLevel & (1 << EventType)) == 0)
  670. {
  671. return(0);
  672. }
  674. //
  675. // Look at the strings, if they were provided
  676. //
  677. va_start( arglist, NumberOfStrings );
  679. if (NumberOfStrings > MAX_EVENT_STRINGS) {
  680. NumberOfStrings = MAX_EVENT_STRINGS;
  681. }
  683. for (i=0; i<NumberOfStrings; i++) {
  684. if (Unicode)
  685. {
  686. Strings[ i ] = va_arg( arglist, PWSTR );
  687. }
  688. else
  689. {
  690. StringsA[ i ] = va_arg( arglist, PSTR );
  691. }
  692. }
  695. //
  696. // Report the event to the eventlog service
  697. //
  699. if (Unicode)
  700. {
  701. if (!ReportEventW( hEventLog,
  702. EventType,
  703. (WORD) Category,
  704. EventId,
  705. NULL,
  706. (WORD)NumberOfStrings,
  707. SizeOfRawData,
  708. (const WCHAR * *) Strings,
  709. RawData) )
  710. {
  711. rv = GetLastError();
  712. DebugLog((DEB_ERROR, "ReportEvent( %u ) failed - %u\n", EventId, GetLastError() ));
  714. }
  715. else
  716. {
  717. rv = ERROR_SUCCESS;
  718. }
  719. }
  720. else
  721. {
  722. if (!ReportEventA( hEventLog,
  723. EventType,
  724. (WORD) Category,
  725. EventId,
  726. NULL,
  727. (WORD)NumberOfStrings,
  728. SizeOfRawData,
  729. (const char * *) StringsA,
  730. RawData) )
  731. {
  732. rv = GetLastError();
  733. DebugLog((DEB_ERROR, "ReportEvent( %u ) failed - %u\n", EventId, GetLastError() ));
  735. }
  736. else
  737. {
  738. rv = ERROR_SUCCESS;
  739. }
  741. }
  743. return rv;
  744. }
  746. //+---------------------------------------------------------------------------
  747. //
  748. // Function: SpmpReportEventU
  749. //
  750. // Synopsis: Reports an event to the event log
  751. //
  752. // Arguments: [EventType] -- EventType (ERROR, WARNING, etc.)
  753. // [EventId] -- Event ID
  754. // [SizeOfRawData] -- Size of raw data
  755. // [RawData] -- Raw data
  756. // [NumberOfStrings] -- number of strings
  757. // ... -- PUNICODE_STRINGs to string data
  758. //
  759. // Notes:
  760. //
  761. //----------------------------------------------------------------------------
  763. DWORD
  764. SpmpReportEventU(
  765. IN WORD EventType,
  766. IN DWORD EventId,
  767. IN DWORD Category,
  768. IN DWORD SizeOfRawData,
  769. IN PVOID RawData,
  770. IN DWORD NumberOfStrings,
  771. ...
  772. )
  773. {
  774. va_list arglist;
  775. ULONG i;
  776. PUNICODE_STRING Strings[ MAX_EVENT_STRINGS ];
  777. DWORD rv;
  779. if (hEventLog == INVALID_HANDLE_VALUE) {
  781. if ( !SpmpInitializeEvents()) {
  783. return( -1 );
  784. }
  785. }
  787. //
  788. // We're not supposed to be logging this, so nuke it
  789. //
  791. if (( LoggingLevel & ( 1 << EventType )) == 0 ) {
  793. return( 0 );
  794. }
  796. //
  797. // Look at the strings, if they were provided
  798. //
  800. va_start( arglist, NumberOfStrings );
  802. if ( NumberOfStrings > MAX_EVENT_STRINGS ) {
  804. NumberOfStrings = MAX_EVENT_STRINGS;
  805. }
  807. for ( i = 0 ; i < NumberOfStrings ; i++ ) {
  809. Strings[ i ] = va_arg( arglist, PUNICODE_STRING );
  810. }
  812. //
  813. // Report the event to the eventlog service
  814. //
  816. rv = ElfReportEventW(
  817. hEventLog,
  818. EventType,
  819. ( USHORT )Category,
  820. EventId,
  821. NULL,
  822. ( USHORT )NumberOfStrings,
  823. SizeOfRawData,
  824. Strings,
  825. RawData,
  826. 0,
  827. NULL,
  828. NULL
  829. );
  831. if ( !NT_SUCCESS( rv )) {
  833. DebugLog((DEB_ERROR, "ReportEvent( %u ) failed - %u\n", EventId, rv ));
  834. goto Cleanup;
  835. }
  837. rv = ERROR_SUCCESS;
  839. Cleanup:
  841. return rv;
  842. }
  844. BOOL
  845. SpmpShutdownEvents(void)
  846. {
  847. return(DeregisterEventSource(hEventLog));
  848. }