/[openpgpmdrv]/trunk/OpenPGPminidriver/Tracing.c
ViewVC logotype

Annotation of /trunk/OpenPGPminidriver/Tracing.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 12 - (hide annotations)
Wed Mar 31 08:58:46 2010 UTC (15 years, 1 month ago) by vletoux
File MIME type: text/plain
File size: 17649 byte(s) 
first msi Release
1 vletoux 1 /* OpenPGP Smart Card Mini Driver
2     Copyright (C) 2009 Vincent Le Toux
3    
4     This library is Free software; you can redistribute it and/or
5     modify it under the terms of the GNU Lesser General Public
6     License version 2.1 as published by the Free Software Foundation.
7    
8     This library is distributed in the hope that it will be useful,
9     but WITHOUT ANY WARRANTY; without even the implied warranty of
10     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11     Lesser General Public License for more details.
12    
13     You should have received a copy of the GNU Lesser General Public
14     License along with this library; if not, write to the Free Software
15     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16     */
17    
18     #include <windows.h>
19     #include <tchar.h>
20     #include <Evntprov.h>
21     #include <initguid.h>
22     #include <Wmistr.h>
23     #include <Evntrace.h>
24     #include <cardmod.h>
25 vletoux 12 #include <DelayImp.h>
26     #pragma comment(lib, "Delayimp.lib")
27 vletoux 1 #include "Tracing.h"
28    
29 vletoux 12 /** We are doing a lot of complicated stuff (like hooking a delay load import)
30     because the Vista tracing function is much better than XP ones.
31     The choice was :
32     - do not allow the driver to run on xp (set WINVER to 0x600)
33     - don't use the great vista tracing functions (set WINVER to 0x500 and comment the function)
34     - run on xp AND use this function (set WINVER to 0x600 and allow to run on xp)
35    
36     => tried to have the best
37     */
38    
39 vletoux 1 #define MessageBoxWin32(status) MessageBoxWin32Ex (status, __FILE__,__LINE__);
40    
41     // to enable tracing in kernel debugger, issue the following command in windbg : ed nt!Kd_DEFAULT_MASK 0xFFFFFFFF
42     // OR
43     // Open up the registry and go to this path,
44     // HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter
45     // and add the following value "DEFAULT" : REG_DWORD : 0xFFFFFFFF and then reboot
46    
47     // {081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}
48     DEFINE_GUID(TracingGuid,
49     0x81cce5f, 0x5f9c, 0x4b43, 0x9a, 0x15, 0x1d, 0xcf, 0x5d, 0x2d, 0x45, 0xf5);
50    
51     REGHANDLE hPub = 0;
52 vletoux 12 BOOL g_bTracingEnabled = FALSE;
53     TRACEHANDLE g_SessionHandle = 0; // The handle to the session that enabled the provider.
54     UCHAR g_EnableLevel = 0; // Determines the severity of events to log.
55     extern BOOL fRunOnVistaAndLater;
56     BOOL fDebugOutputIsEnabled = FALSE;
57 vletoux 1
58 vletoux 12 typedef struct _event
59     {
60     EVENT_TRACE_HEADER Header;
61     MOF_FIELD Data[MAX_MOF_FIELDS]; // Event-specific data
62     } MY_EVENT, *PMY_EVENT;
63    
64     #define MY_EVENT_TYPE 1
65     #define EVENT_DATA_FIELDS_CNT 1
66    
67     INT_PTR FAR WINAPI DoNothing()
68     {
69     return 0;
70     }
71    
72     // delayHookFunc - Delay load hooking function
73     // don't fail to load our dll is the computer is xp
74     FARPROC WINAPI delayHookFailureFunc (unsigned dliNotify, PDelayLoadInfo pdli)
75     {
76     UNREFERENCED_PARAMETER(pdli);
77     if (_stricmp(pdli->szDll,"advapi32.dll") == 0 && dliNotify == dliFailGetProc)
78     {
79     return &DoNothing;
80     }
81    
82     return NULL;
83     }
84    
85    
86     // __delayLoadHelper gets the hook function in here:
87     PfnDliHook __pfnDliFailureHook2 = delayHookFailureFunc;
88    
89    
90    
91     // The callback function that receives enable/disable notifications
92     // from one or more ETW sessions. Because more than one session
93     // can enable the provider, this example ignores requests from other
94     // sessions if it is already enabled.
95    
96     ULONG WINAPI ControlCallback(
97     WMIDPREQUESTCODE RequestCode,
98     PVOID Context,
99     ULONG* Reserved,
100     PVOID Header
101     )
102     {
103     ULONG status = ERROR_SUCCESS;
104     TRACEHANDLE TempSessionHandle = 0;
105    
106     switch (RequestCode)
107     {
108     case WMI_ENABLE_EVENTS: // Enable the provider.
109     {
110     SetLastError(0);
111    
112     // If the provider is already enabled to a provider, ignore
113     // the request. Get the session handle of the enabling session.
114     // You need the session handle to call the TraceEvent function.
115     // The session could be enabling the provider or it could be
116     // updating the level and enable flags.
117    
118     TempSessionHandle = GetTraceLoggerHandle(Header);
119     if (INVALID_HANDLE_VALUE == (HANDLE)TempSessionHandle)
120     {
121     wprintf(L"GetTraceLoggerHandle failed. Error code is %lu.\n", status = GetLastError());
122     break;
123     }
124    
125     if (0 == g_SessionHandle)
126     {
127     g_SessionHandle = TempSessionHandle;
128     }
129     else if (g_SessionHandle != TempSessionHandle)
130     {
131     break;
132     }
133    
134     // Get the severity level of the events that the
135     // session wants you to log.
136    
137     g_EnableLevel = GetTraceEnableLevel(g_SessionHandle);
138     g_bTracingEnabled = TRUE;
139     break;
140     }
141    
142     case WMI_DISABLE_EVENTS: // Disable the provider.
143     {
144     // Disable the provider only if the request is coming from the
145     // session that enabled the provider.
146    
147     TempSessionHandle = GetTraceLoggerHandle(Header);
148     if (INVALID_HANDLE_VALUE == (HANDLE)TempSessionHandle)
149     {
150     wprintf(L"GetTraceLoggerHandle failed. Error code is %lu.\n", status = GetLastError());
151     break;
152     }
153    
154     if (g_SessionHandle == TempSessionHandle)
155     {
156     g_bTracingEnabled = FALSE;
157     g_SessionHandle = 0;
158     }
159     break;
160     }
161    
162     default:
163     {
164     status = ERROR_INVALID_PARAMETER;
165     break;
166     }
167     }
168    
169     return status;
170     }
171    
172     // callback to know if the tracing is activated
173     VOID NTAPI ControlCallbackVista (
174     __in LPCGUID SourceId,
175     __in ULONG IsEnabled,
176     __in UCHAR Level,
177     __in ULONGLONG MatchAnyKeyword,
178     __in ULONGLONG MatchAllKeyword,
179     __in_opt PEVENT_FILTER_DESCRIPTOR FilterData,
180     __in_opt PVOID CallbackContext
181     )
182     {
183     g_bTracingEnabled = (IsEnabled?TRUE:FALSE);
184     }
185    
186     // called to setup the tracing context
187 vletoux 7 void TracingRegister()
188     {
189 vletoux 12 if (fRunOnVistaAndLater)
190     {
191     EventRegister(&TracingGuid,ControlCallbackVista,NULL,&hPub);
192     }
193     else
194     {
195     RegisterTraceGuids(
196     ControlCallback,
197     NULL,
198     &TracingGuid,
199     0, NULL, NULL,
200     NULL,
201     &hPub);
202     }
203     #ifdef _DEBUG
204     fDebugOutputIsEnabled = TRUE;
205     #endif
206 vletoux 1 }
207 vletoux 12 // called to clean up the tracing context
208 vletoux 7 void TracingUnRegister()
209     {
210 vletoux 12 if (fRunOnVistaAndLater)
211     {
212     EventUnregister(hPub);
213     }
214     else
215     {
216     UnregisterTraceGuids(hPub );
217     }
218 vletoux 1 }
219 vletoux 12 // write a single line in the trace
220     void WriteTrace(UCHAR dwLevel, PWSTR szTrace)
221     {
222     if (fRunOnVistaAndLater)
223     {
224     EventWriteString(hPub,dwLevel,0,szTrace);
225     }
226     else
227     {
228     MY_EVENT MyEvent;
229     NTSTATUS status;
230    
231     if (g_bTracingEnabled && (0 == g_EnableLevel || dwLevel <= g_EnableLevel))
232     {
233     // Initialize the event data structure.
234 vletoux 1
235 vletoux 12 ZeroMemory(&MyEvent, sizeof(MY_EVENT));
236     MyEvent.Header.Size = sizeof(EVENT_TRACE_HEADER) + (sizeof(MOF_FIELD) * EVENT_DATA_FIELDS_CNT);
237     MyEvent.Header.Flags = WNODE_FLAG_TRACED_GUID | WNODE_FLAG_USE_MOF_PTR;
238     MyEvent.Header.Guid = TracingGuid;
239     MyEvent.Header.Class.Type = MY_EVENT_TYPE;
240     MyEvent.Header.Class.Version = 1;
241     MyEvent.Header.Class.Level = dwLevel;
242 vletoux 1
243 vletoux 12 // Load the event data. You can also use the DEFINE_TRACE_MOF_FIELD
244     // macro defined in evntrace.h to set the MOF_FIELD members. For example,
245     // DEFINE_TRACE_MOF_FIELD(&EventData.Data[0], &EventData.Cost, sizeof(EventData.Cost), 0);
246    
247     MyEvent.Data[0].DataPtr = (ULONG64) szTrace;
248     MyEvent.Data[0].Length = (ULONG) (sizeof(WCHAR) * (1 + wcslen(szTrace)));
249     MyEvent.Data[0].DataType = ETW_STRING_TYPE_VALUE;
250    
251     // Write the event.
252    
253     status = TraceEvent(g_SessionHandle, &(MyEvent.Header));
254     if (ERROR_SUCCESS != status)
255     {
256     g_bTracingEnabled = FALSE;
257     }
258     }
259     }
260     }
261    
262 vletoux 7 void TraceEx(LPCSTR szFile, DWORD dwLine, LPCSTR szFunction, UCHAR dwLevel, PCWSTR szFormat,...)
263     {
264     WCHAR Buffer[256];
265     WCHAR Buffer2[356];
266     int ret;
267     va_list ap;
268 vletoux 1 #ifndef _DEBUG
269     UNREFERENCED_PARAMETER(dwLine);
270     UNREFERENCED_PARAMETER(szFile);
271     #endif
272     if (!hPub) TracingRegister();
273 vletoux 12 if ( g_bTracingEnabled || fDebugOutputIsEnabled) {
274 vletoux 1
275 vletoux 12 va_start (ap, szFormat);
276     ret = _vsnwprintf_s (Buffer, 256, _TRUNCATE, szFormat, ap);
277     va_end (ap);
278     if (ret <= 0) return;
279     if (ret > 256) ret = 255;
280     Buffer[255] = L'\0';
281     if (fDebugOutputIsEnabled)
282     {
283     swprintf_s(Buffer2,356,L"%S(%d) : %S - %s\r\n",szFile,dwLine,szFunction,Buffer);
284     OutputDebugString(Buffer2);
285     }
286     if (g_bTracingEnabled)
287     {
288     swprintf_s(Buffer2,356,L"%S(%d) : %s",szFunction,dwLine,Buffer);
289     WriteTrace(dwLevel, Buffer2);
290     }
291     }
292 vletoux 1 }
293    
294 vletoux 12
295    
296 vletoux 1 void TraceDumpEx(LPCSTR szFile, DWORD dwLine, LPCSTR szFunction, UCHAR dwLevel,
297     __in PBYTE pbCmd, __in DWORD dwCmdSize)
298     {
299     WCHAR szData[10 * 3 + 1];
300     DWORD dwI;
301     PWSTR szPointer = szData;
302     for(dwI = 0; dwI < dwCmdSize; dwI++)
303     {
304     if (dwI%10 == 0 && dwI != 0)
305     {
306     TraceEx(szFile,dwLine,szFunction,dwLevel,L"DUMP : %s",szData);
307     szPointer = szData;
308     }
309     swprintf_s(szPointer + 3 * (dwI%10),4,L"%02X ",pbCmd[dwI]);
310    
311     }
312     TraceEx(szFile,dwLine,szFunction,dwLevel,L"DUMP : %s",szData);
313     }
314    
315     /**
316     * Display a messagebox giving an error code
317     */
318     void MessageBoxWin32Ex(DWORD status, LPCSTR szFile, DWORD dwLine) {
319     LPVOID Error;
320     TCHAR szTitle[1024];
321     #ifdef UNICODE
322     _stprintf_s(szTitle,ARRAYSIZE(szTitle),TEXT("%S(%d)"),szFile, dwLine);
323     #else
324     _stprintf_s(szTitle,ARRAYSIZE(szTitle),TEXT("%s(%d)"),szFile, dwLine);
325     #endif
326     FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER|FORMAT_MESSAGE_FROM_SYSTEM,
327     NULL,status,0,(LPTSTR)&Error,0,NULL);
328     MessageBox(NULL,(LPCTSTR)Error,szTitle ,MB_ICONASTERISK);
329     LocalFree(Error);
330     }
331    
332     BOOL StartLogging()
333     {
334     BOOL fReturn = FALSE;
335     TRACEHANDLE SessionHandle;
336     struct _Prop
337     {
338     EVENT_TRACE_PROPERTIES TraceProperties;
339     TCHAR LogFileName[1024];
340     TCHAR LoggerName[1024];
341     } Properties;
342     ULONG err;
343     __try
344     {
345     memset(&Properties, 0, sizeof(Properties));
346     Properties.TraceProperties.Wnode.BufferSize = sizeof(Properties);
347     Properties.TraceProperties.Wnode.Guid = TracingGuid;
348     Properties.TraceProperties.Wnode.Flags = WNODE_FLAG_TRACED_GUID;
349     Properties.TraceProperties.Wnode.ClientContext = 1;
350     Properties.TraceProperties.LogFileMode = 4864;
351     Properties.TraceProperties.LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
352     Properties.TraceProperties.LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES) + 1024;
353     Properties.TraceProperties.MaximumFileSize = 8;
354     _tcscpy_s(Properties.LogFileName,1024,TEXT("c:\\Windows\\system32\\LogFiles\\WMI\\OpenPGPmdrv.etl"));
355     DeleteFile(Properties.LogFileName);
356     err = StartTrace(&SessionHandle, TEXT("OpenPGPmdrv"), &(Properties.TraceProperties));
357     if (err != ERROR_SUCCESS)
358     {
359     MessageBoxWin32(err);
360     __leave;
361     }
362     err = EnableTraceEx(&TracingGuid,NULL,SessionHandle,TRUE,WINEVENT_LEVEL_VERBOSE,0,0,0,NULL);
363     if (err != ERROR_SUCCESS)
364     {
365     MessageBoxWin32(err);
366     __leave;
367     }
368     fReturn = TRUE;
369     }
370     __finally
371     {
372     }
373     return fReturn;
374     }
375    
376     void StopLogging()
377     {
378     LONG err;
379     struct _Prop
380     {
381     EVENT_TRACE_PROPERTIES TraceProperties;
382     TCHAR LogFileName[1024];
383     TCHAR LoggerName[1024];
384     } Properties;
385     memset(&Properties, 0, sizeof(Properties));
386     Properties.TraceProperties.Wnode.BufferSize = sizeof(Properties);
387     Properties.TraceProperties.Wnode.Guid = TracingGuid;
388     Properties.TraceProperties.Wnode.Flags = WNODE_FLAG_TRACED_GUID;
389     Properties.TraceProperties.LogFileMode = 4864;
390     Properties.TraceProperties.LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
391     Properties.TraceProperties.LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES) + 1024 * sizeof(TCHAR);
392     Properties.TraceProperties.MaximumFileSize = 8;
393     err = ControlTrace((TRACEHANDLE)NULL, TEXT("OpenPGPmdrv"), &(Properties.TraceProperties),EVENT_TRACE_CONTROL_STOP);
394     if (err != ERROR_SUCCESS && err != 0x00001069)
395     {
396     MessageBoxWin32(err);
397     }
398     }
399    
400     void EnableLogging()
401     {
402     DWORD64 qdwValue;
403     DWORD dwValue;
404     LONG err;
405    
406     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
407     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
408     TEXT("Guid"), REG_SZ, TEXT("{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}"),sizeof(TEXT("{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}")));
409     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
410     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
411     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
412     TEXT("FileName"), REG_SZ, TEXT("c:\\windows\\system32\\LogFiles\\WMI\\OpenPGPmdrv.etl"),sizeof(TEXT("c:\\windows\\system32\\LogFiles\\WMI\\OpenPGPmdrv.etl")));
413     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
414     dwValue = 8;
415     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
416     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
417     TEXT("FileMax"), REG_DWORD,&dwValue,sizeof(DWORD));
418     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
419     dwValue = 1;
420     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
421     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
422     TEXT("Start"), REG_DWORD,&dwValue,sizeof(DWORD));
423     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
424     dwValue = 8;
425     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
426     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
427     TEXT("BufferSize"), REG_DWORD,&dwValue,sizeof(DWORD));
428     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
429     dwValue = 0;
430     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
431     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
432     TEXT("FlushTimer"), REG_DWORD,&dwValue,sizeof(DWORD));
433     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
434     dwValue = 0;
435     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
436     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
437     TEXT("MaximumBuffers"), REG_DWORD,&dwValue,sizeof(DWORD));
438     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
439     dwValue = 0;
440     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
441     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
442     TEXT("MinimumBuffers"), REG_DWORD,&dwValue,sizeof(DWORD));
443     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
444     dwValue = 1;
445     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
446     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
447     TEXT("ClockType"), REG_DWORD,&dwValue,sizeof(DWORD));
448     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
449     dwValue = 64;
450     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
451     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
452     TEXT("MaxFileSize"), REG_DWORD,&dwValue,sizeof(DWORD));
453     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
454     dwValue = 4864;
455     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
456     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
457     TEXT("LogFileMode"), REG_DWORD,&dwValue,sizeof(DWORD));
458     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
459     dwValue = 5;
460     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
461     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
462     TEXT("FileCounter"), REG_DWORD,&dwValue,sizeof(DWORD));
463     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
464     dwValue = 0;
465     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
466     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"),
467     TEXT("Status"), REG_DWORD,&dwValue,sizeof(DWORD));
468     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
469    
470     dwValue = 1;
471     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
472     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv\\{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}"),
473     TEXT("Enabled"), REG_DWORD,&dwValue,sizeof(DWORD));
474     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
475     dwValue = 5;
476     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
477     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv\\{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}"),
478     TEXT("EnableLevel"), REG_DWORD,&dwValue,sizeof(DWORD));
479     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
480     dwValue = 0;
481     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
482     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv\\{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}"),
483     TEXT("EnableProperty"), REG_DWORD,&dwValue,sizeof(DWORD));
484     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
485     dwValue = 0;
486     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
487     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv\\{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}"),
488     TEXT("Status"), REG_DWORD,&dwValue,sizeof(DWORD));
489     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
490     qdwValue = 0;
491     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
492     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv\\{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}"),
493     TEXT("MatchAllKeyword"), REG_QWORD,&qdwValue,sizeof(DWORD64));
494     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
495     qdwValue = 0;
496     err = RegSetKeyValue( HKEY_LOCAL_MACHINE,
497     TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv\\{081CCE5F-5F9C-4b43-9A15-1DCF5D2D45F5}"),
498     TEXT("MatchAnyKeyword"), REG_QWORD,&qdwValue,sizeof(DWORD64));
499     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
500     StartLogging();
501     }
502    
503     void DisableLogging()
504     {
505    
506     LONG err = RegDeleteTree(HKEY_LOCAL_MACHINE, TEXT("SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\OpenPGPmdrv"));
507     if (err != ERROR_SUCCESS) {MessageBoxWin32(err); return;}
508     StopLogging();
509     }
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26