summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/librpc/idl/eventlog.idl37
-rw-r--r--source4/torture/rpc/eventlog.c39
2 files changed, 58 insertions, 18 deletions
diff --git a/source4/librpc/idl/eventlog.idl b/source4/librpc/idl/eventlog.idl
index 2816d197c8..6393d38b15 100644
--- a/source4/librpc/idl/eventlog.idl
+++ b/source4/librpc/idl/eventlog.idl
@@ -5,23 +5,33 @@
*/
[ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"),
version(0.0),
- depends(security),
+ depends(lsa,security),
pointer_default(unique),
pointer_default_top(unique),
helpstring("Event Logger")
] interface eventlog
{
+ typedef enum {
+ EVENTLOG_SEQUENTIAL_READ = 0x0001,
+ EVENTLOG_SEEK_READ = 0x0002,
+ EVENTLOG_FORWARDS_READ = 0x0004,
+ EVENTLOG_BACKWARDS_READ = 0x0008
+ } eventlogReadFlags;
+
+ typedef enum {
+ EVENTLOG_SUCCESS = 0x0000,
+ EVENTLOG_ERROR_TYPE = 0x0001,
+ EVENTLOG_WARNING_TYPE = 0x0002,
+ EVENTLOG_INFORMATION_TYPE = 0x0004,
+ EVENTLOG_AUDIT_SUCCESS = 0x0008,
+ EVENTLOG_AUDIT_FAILURE = 0x0010
+ } eventlogEventTypes;
+
typedef struct {
uint16 unknown0;
uint16 unknown1;
} eventlog_OpenUnknown0;
-
- typedef struct {
- [value(2*strlen_m(name))] uint16 name_len;
- [value(2*strlen_m(name))] uint16 name_size;
- unistr_noterm *name;
- } eventlog_String;
-
+
typedef struct {
uint32 size;
uint32 reserved;
@@ -35,7 +45,7 @@
uint16 reserved_flag;
uint32 closingrecord;
uint32 stringoffset;
- [size_is(num_of_strings)] eventlog_String bla[*];
+ [size_is(num_of_strings)] lsa_String bla[*];
uint32 sid_length;
[size_is(sid_length)] dom_sid *sids;
uint32 data_length;
@@ -46,7 +56,10 @@
/******************/
/* Function: 0x00 */
- NTSTATUS eventlog_ClearEventLogW();
+ NTSTATUS eventlog_ClearEventLogW(
+ [in,ref] policy_handle *handle,
+ [in] lsa_String *unknown
+ );
/******************/
/* Function: 0x01 */
@@ -82,8 +95,8 @@
/* Function: 0x07 */
NTSTATUS eventlog_OpenEventLogW(
[in] eventlog_OpenUnknown0 *unknown0,
- [in] eventlog_String source,
- [in] eventlog_String unknown1,
+ [in] lsa_String logname,
+ [in] lsa_String servername,
[in] uint32 unknown2,
[in] uint32 unknown3,
[out,ref] policy_handle *handle
diff --git a/source4/torture/rpc/eventlog.c b/source4/torture/rpc/eventlog.c
index 7d3a3bfea9..1929c4a068 100644
--- a/source4/torture/rpc/eventlog.c
+++ b/source4/torture/rpc/eventlog.c
@@ -22,12 +22,13 @@
#include "includes.h"
#include "librpc/gen_ndr/ndr_eventlog.h"
+#include "librpc/gen_ndr/ndr_lsa.h"
-static void init_eventlog_String(struct eventlog_String *name, const char *s)
+static void init_lsa_String(struct lsa_String *name, const char *s)
{
- name->name = s;
- name->name_len = 2*strlen_m(s);
- name->name_size = name->name_len;
+ name->string = s;
+ name->length = 2*strlen_m(s);
+ name->size = name->length;
}
static BOOL test_GetNumRecords(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle)
@@ -63,6 +64,8 @@ static BOOL test_ReadEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct
r.in.handle = handle;
r.in.number_of_bytes = 0x0;
+ r.out.data = talloc(mem_ctx, uint8_t);
+
status = dcerpc_eventlog_ReadEventLogW(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -112,6 +115,26 @@ static BOOL test_CloseEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return True;
}
+static BOOL test_ClearEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
+{
+ NTSTATUS status;
+ struct eventlog_ClearEventLogW r;
+
+ r.in.handle = handle;
+ r.in.unknown = NULL;
+
+ printf("Testing ClearEventLog\n");
+
+ status = dcerpc_eventlog_ClearEventLogW(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ClearEventLog failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ return True;
+}
+
static BOOL test_OpenEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle)
{
NTSTATUS status;
@@ -124,8 +147,8 @@ static BOOL test_OpenEventLog(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct
unknown0.unknown1 = 0x0001;
r.in.unknown0 = &unknown0;
- init_eventlog_String(&r.in.source, "system");
- init_eventlog_String(&r.in.unknown1, NULL);
+ init_lsa_String(&r.in.logname, "system");
+ init_lsa_String(&r.in.servername, NULL);
r.in.unknown2 = 0x00000001;
r.in.unknown3 = 0x00000001;
r.out.handle = handle;
@@ -170,6 +193,10 @@ BOOL torture_rpc_eventlog(void)
return False;
}
+#if 0
+ test_ClearEventLog(p, mem_ctx, &handle); /* Destructive test */
+#endif
+
test_GetNumRecords(p, mem_ctx, &handle);
test_ReadEventLog(p, mem_ctx, &handle, 0);