Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

356 lines
9.4 KiB

/*++
Copyright (c) 1990 Microsoft Corporation
Module Name:
ELF.IDL
Abstract:
Contains the Elfr APIs which are used to remote the Elf APIs to
the local or remote server via RPC.
Also contains the RPC specific data structures for these API.
Author:
Rajen Shah (rajens) 02-Apr-1991
Revision History:
02-Apr-1991 RajenS
created
--*/
//
// Interface Attributes
//
[
uuid(82273FDC-E32A-18C3-3F78-827929DC23EA),
version(0.0),
#ifdef __midl
ms_union,
#endif // __midl
pointer_default(unique)
]
//
// Interface Keyword
//
interface eventlog
//
// Interface Body
//
{
import "imports.idl"; // import all the include files
#include "event.h"
//
// ELF Generic Handle used to bind from client to server.
//
typedef [handle,unique] LPWSTR EVENTLOG_HANDLE_W;
typedef [handle,unique] LPSTR EVENTLOG_HANDLE_A;
//
// ELF RPC Context Handle (Internal definition of ELF_HANDLE)
//
typedef [context_handle] struct _IELF_HANDLE {
LIST_ENTRY Next;
ULONG Signature; // BUGBUG - For debug only
ULONG Flags; // e.g. "invalid"
ULONG GrantedAccess;
ATOM Atom;
ULONG SeekRecordPos;
ULONG SeekBytePos;
ULONG MajorVersion; // To identify caller
ULONG MinorVersion;
DWORD dwNotifyRequests;
ULONG NameLength;
[size_is(NameLength)] WCHAR Name[]; // Keep this as last field
} *IELF_HANDLE;
typedef IELF_HANDLE *PIELF_HANDLE;
//
// UNICODE Function Prototypes
//
//
// Only OpenEL and CloseEL need to take PIELF_HANDLE
// parameters since they are the only ones to modify the handle.
// The others will take IELF_HANDLE parameters instead.
//
// NOTE:
// The names of the functions are short so that when RPC
// prepends the interface name to the names, they are still
// unique.
//
NTSTATUS
ElfrClearELFW (
[in] IELF_HANDLE LogHandle,
[in,unique] PRPC_UNICODE_STRING BackupFileName
);
NTSTATUS
ElfrBackupELFW (
[in] IELF_HANDLE LogHandle,
[in] PRPC_UNICODE_STRING BackupFileName
);
NTSTATUS
ElfrCloseEL (
[in,out] PIELF_HANDLE LogHandle
);
NTSTATUS
ElfrDeregisterEventSource (
[in,out] PIELF_HANDLE LogHandle
);
NTSTATUS
ElfrNumberOfRecords(
[in] IELF_HANDLE LogHandle,
[out] PULONG NumberOfRecords
);
NTSTATUS
ElfrOldestRecord(
[in] IELF_HANDLE LogHandle,
[out] PULONG OldestRecordNumber
);
NTSTATUS
ElfrChangeNotify(
[in] IELF_HANDLE LogHandle,
[in] RPC_CLIENT_ID ClientId,
[in] ULONG Event
);
//
// The ModuleName is the one passed in by the caller of the API. This is
// the one that is written to the log file.
//
// RegModuleName is generated by the client stub, and is the name that is
// used to determine the default log file name from the registry. For
// NT Product1, this will be "Application". NOTE: It is necessary to do this
// now so that we can support viewing logs from a Product 2 system in the
// future if we change our logging mechanism.
//
NTSTATUS
ElfrOpenELW (
[in] EVENTLOG_HANDLE_W UNCServerName,
[in] PRPC_UNICODE_STRING ModuleName, // Passed in API call
[in] PRPC_UNICODE_STRING RegModuleName, // Used for registry
[in] ULONG MajorVersion,
[in] ULONG MinorVersion,
[out] PIELF_HANDLE LogHandle
);
NTSTATUS
ElfrRegisterEventSourceW (
[in] EVENTLOG_HANDLE_W UNCServerName,
[in] PRPC_UNICODE_STRING ModuleName, // Passed in API call
[in] PRPC_UNICODE_STRING RegModuleName, // Used for registry info
[in] ULONG MajorVersion,
[in] ULONG MinorVersion,
[out] PIELF_HANDLE LogHandle
);
NTSTATUS
ElfrOpenBELW (
[in] EVENTLOG_HANDLE_W UNCServerName,
[in] PRPC_UNICODE_STRING BackupFileName, // Passed in API call
[in] ULONG MajorVersion,
[in] ULONG MinorVersion,
[out] PIELF_HANDLE LogHandle
);
//
// BUGBUG - Fix this interface once RPC supports the ability to return
// zero bytes. Then, Buffer will have a length_is(*NumberOfBytesRead)
// added to it. For now, always transfer NumberOfBytesToRead bytes!
//
// The LogHandle is an [in,out] since the server side stores information
// in it that pertains to the current seek position.
//
NTSTATUS
ElfrReadELW (
[in] IELF_HANDLE LogHandle,
[in] ULONG ReadFlags,
[in] ULONG RecordOffset,
[in] ULONG NumberOfBytesToRead,
[out,size_is(NumberOfBytesToRead)] PBYTE Buffer,
[out] PULONG NumberOfBytesRead,
[out] PULONG MinNumberOfBytesNeeded
);
NTSTATUS
ElfrReportEventW (
[in] IELF_HANDLE LogHandle,
[in] ULONG Time,
[in] USHORT EventType,
[in] USHORT EventCategory,
[in] ULONG EventID,
[in] USHORT NumStrings,
[in] ULONG DataSize,
[in] PRPC_UNICODE_STRING ComputerName,
[in, unique] PRPC_SID UserSID,
[in, size_is(NumStrings), unique] PRPC_UNICODE_STRING Strings[*],
[in, size_is(DataSize), unique] PBYTE Data,
[in] USHORT Flags,
[in,out,unique] PULONG RecordNumber,
[in,out,unique] PULONG TimeWritten
);
//
// ANSI Function Prototypes
//
//
// Only OpenEL needs to take PIELF_HANDLE
// parameters since they are the only ones to modify the handle.
// The others will take IELF_HANDLE parameters instead.
//
// NOTE that there is only one api for CloseEL since there are no
// strings involved.
//
NTSTATUS
ElfrClearELFA (
[in] IELF_HANDLE LogHandle,
[in,unique] PRPC_STRING BackupFileName
);
NTSTATUS
ElfrBackupELFA (
[in] IELF_HANDLE LogHandle,
[in] PRPC_STRING BackupFileName
);
//
// The ModuleName is the one passed in by the caller of the API. This is
// the one that is written to the log file.
//
// RegModuleName is generated by the client stub, and is the name that is
// used to determine the default log file name from the registry. For
// NT Product1, this will be "Application". NOTE: It is necessary to do this
// now so that we can support viewing logs from a Product 2 system in the
// future if we change our logging mechanism.
//
NTSTATUS
ElfrOpenELA (
[in] EVENTLOG_HANDLE_A UNCServerName,
[in] PRPC_STRING ModuleName, // Passed in API call
[in] PRPC_STRING RegModuleName, // Used for registry info
[in] ULONG MajorVersion,
[in] ULONG MinorVersion,
[out] PIELF_HANDLE LogHandle
);
NTSTATUS
ElfrRegisterEventSourceA (
[in] EVENTLOG_HANDLE_A UNCServerName,
[in] PRPC_STRING ModuleName, // Passed in API call
[in] PRPC_STRING RegModuleName, // Used for registry info
[in] ULONG MajorVersion,
[in] ULONG MinorVersion,
[out] PIELF_HANDLE LogHandle
);
NTSTATUS
ElfrOpenBELA (
[in] EVENTLOG_HANDLE_A UNCServerName,
[in] PRPC_STRING FileName, // Passed in API call
[in] ULONG MajorVersion,
[in] ULONG MinorVersion,
[out] PIELF_HANDLE LogHandle
);
//
// BUGBUG - Fix this interface once RPC supports the ability to return
// zero bytes. Then, Buffer will have a length_is(*NumberOfBytesRead)
// added to it. For now, always transfer NumberOfBytesToRead bytes!
//
// The LogHandle is an [in,out] since the server side stores information
// in it that pertains to the current seek position.
//
NTSTATUS
ElfrReadELA (
[in] IELF_HANDLE LogHandle,
[in] ULONG ReadFlags,
[in] ULONG RecordOffset,
[in] ULONG NumberOfBytesToRead,
[out,size_is(NumberOfBytesToRead)] PBYTE Buffer,
[out] PULONG NumberOfBytesRead,
[out] PULONG MinNumberOfBytesNeeded
);
NTSTATUS
ElfrReportEventA (
[in] IELF_HANDLE LogHandle,
[in] ULONG Time,
[in] USHORT EventType,
[in] USHORT EventCategory,
[in] ULONG EventID,
[in] USHORT NumStrings,
[in] ULONG DataSize,
[in] PRPC_STRING ComputerName,
[in, unique] PRPC_SID UserSID,
[in, size_is(NumStrings), unique] PRPC_STRING Strings[*],
[in, size_is(DataSize), unique] PBYTE Data,
[in] USHORT Flags,
[in,out,unique] PULONG RecordNumber,
[in,out,unique] PULONG TimeWritten
);
NTSTATUS
ElfrRegisterClusterSvc(
[in] EVENTLOG_HANDLE_W UNCServerName,
[out] PULONG pulSize,
[out, size_is(,*pulSize)] BYTE **ppPackedEventInfo );
NTSTATUS
ElfrDeregisterClusterSvc(
[in] EVENTLOG_HANDLE_W UNCServerName
);
NTSTATUS
ElfrWriteClusterEvents(
[in] EVENTLOG_HANDLE_W UNCServerName,
[in] ULONG ulSize,
[in,size_is(ulSize)] BYTE *pBuffer
);
/////////////////////////////////////////////////////////////////////////////
// Functions below this point are not in Windows NT version 4.0 or earlier
//
// (Note that new functions must always be added at the end, otherwise
// function calls are mismatched when client and server talk different
// versions of the interface)
/////////////////////////////////////////////////////////////////////////////
NTSTATUS
ElfrGetLogInformation(
[in] IELF_HANDLE LogHandle,
[in] ULONG InfoLevel,
[out, size_is(cbBufSize)] PBYTE lpBuffer,
[in] ULONG cbBufSize,
[out] PULONG pcbBytesNeeded
);
}