diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/librpc/idl/eventlog.idl | 37 | ||||
-rw-r--r-- | source4/torture/rpc/eventlog.c | 39 |
2 files changed, 58 insertions, 18 deletions
diff --git a/source4/librpc/idl/eventlog.idl b/source4/librpc/idl/eventlog.idl index 2816d197c8..6393d38b15 100644 --- a/source4/librpc/idl/eventlog.idl +++ b/source4/librpc/idl/eventlog.idl @@ -5,23 +5,33 @@ */ [ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"), version(0.0), - depends(security), + depends(lsa,security), pointer_default(unique), pointer_default_top(unique), helpstring("Event Logger") ] interface eventlog { + typedef enum { + EVENTLOG_SEQUENTIAL_READ = 0x0001, + EVENTLOG_SEEK_READ = 0x0002, + EVENTLOG_FORWARDS_READ = 0x0004, + EVENTLOG_BACKWARDS_READ = 0x0008 + } eventlogReadFlags; + + typedef enum { + EVENTLOG_SUCCESS = 0x0000, + EVENTLOG_ERROR_TYPE = 0x0001, + EVENTLOG_WARNING_TYPE = 0x0002, + EVENTLOG_INFORMATION_TYPE = 0x0004, + EVENTLOG_AUDIT_SUCCESS = 0x0008, + EVENTLOG_AUDIT_FAILURE = 0x0010 + } eventlogEventTypes; + typedef struct { uint16 unknown0; uint16 unknown1; } eventlog_OpenUnknown0; - - typedef struct { - [value(2*strlen_m(name))] uint16 name_len; - [value(2*strlen_m(name))] uint16 name_size; - unistr_noterm *name; - } eventlog_String; - + typedef struct { uint32 size; uint32 reserved; @@ -35,7 +45,7 @@ uint16 reserved_flag; uint32 closingrecord; uint32 stringoffset; - [size_is(num_of_strings)] eventlog_String bla[*]; + [size_is(num_of_strings)] lsa_String bla[*]; uint32 sid_length; [size_is(sid_length)] dom_sid *sids; uint32 data_length; @@ -46,7 +56,10 @@ /******************/ /* Function: 0x00 */ - NTSTATUS eventlog_ClearEventLogW(); + NTSTATUS eventlog_ClearEventLogW( + [in,ref] policy_handle *handle, + [in] lsa_String *unknown + ); /******************/ /* Function: 0x01 */ @@ -82,8 +95,8 @@ /* Function: 0x07 */ NTSTATUS eventlog_OpenEventLogW( [in] eventlog_OpenUnknown0 *unknown0, - [in] eventlog_String source, - [in] eventlog_String unknown1, + [in] lsa_String logname, + [in] lsa_String servername, [in] uint32 unknown2, [in] uint32 unknown3, [out,ref] policy_handle *handle diff --git a/source4/torture/rpc/eventlog.c b/source4/torture/rpc/eventlog.c index 7d3a3bfea9..1929c4a068 100644 --- a/source4/torture/rpc/eventlog.c +++ b/source4/torture/rpc/eventlog.c @@ -22,12 +22,13 @@ #include "includes.h" #include "librpc/gen_ndr/ndr_eventlog.h" +#include "librpc/gen_ndr/ndr_lsa.h" -static void init_eventlog_String(struct eventlog_String *name, const char *s) +static void init_lsa_String(struct lsa_String *name, const char *s) { - name->name = s; - name->name_len = 2*strlen_m(s); - name->name_size = name->name_len; + name->string = s; + name->length = 2*strlen_m(s); + name->size = name->length; } static BOOL test_GetNumRecords(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) @@ -63,6 +64,8 @@ static BOOL test_ReadEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct r.in.handle = handle; r.in.number_of_bytes = 0x0; + r.out.data = talloc(mem_ctx, uint8_t); + status = dcerpc_eventlog_ReadEventLogW(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -112,6 +115,26 @@ static BOOL test_CloseEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return True; } +static BOOL test_ClearEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct eventlog_ClearEventLogW r; + + r.in.handle = handle; + r.in.unknown = NULL; + + printf("Testing ClearEventLog\n"); + + status = dcerpc_eventlog_ClearEventLogW(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("ClearEventLog failed - %s\n", nt_errstr(status)); + return False; + } + + return True; +} + static BOOL test_OpenEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) { NTSTATUS status; @@ -124,8 +147,8 @@ static BOOL test_OpenEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct unknown0.unknown1 = 0x0001; r.in.unknown0 = &unknown0; - init_eventlog_String(&r.in.source, "system"); - init_eventlog_String(&r.in.unknown1, NULL); + init_lsa_String(&r.in.logname, "system"); + init_lsa_String(&r.in.servername, NULL); r.in.unknown2 = 0x00000001; r.in.unknown3 = 0x00000001; r.out.handle = handle; @@ -170,6 +193,10 @@ BOOL torture_rpc_eventlog(void) return False; } +#if 0 + test_ClearEventLog(p, mem_ctx, &handle); /* Destructive test */ +#endif + test_GetNumRecords(p, mem_ctx, &handle); test_ReadEventLog(p, mem_ctx, &handle, 0); |