ReactOS  0.4.15-dev-976-g0f66c66
authz.h
Go to the documentation of this file.
1 /*
2  * authz.h
3  *
4  * Authorization Framework
5  *
6  * THIS SOFTWARE IS NOT COPYRIGHTED
7  *
8  * This source code is offered for use in the public domain. You may
9  * use, modify or distribute it freely.
10  *
11  * This code is distributed in the hope that it will be useful but
12  * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
13  * DISCLAIMED. This includes but is not limited to warranties of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
15  *
16  */
17 #ifndef __AUTHZ_H
18 #define __AUTHZ_H
19 
20 #if !defined(_AUTHZ_)
21 #define AUTHZAPI DECLSPEC_IMPORT
22 #else
23 #define AUTHZAPI
24 #endif
25 
26 #ifdef __cplusplus
27 extern "C" {
28 #endif
29 
30 #define AUTHZ_ACCESS_CHECK_NO_DEEP_COPY_SD 0x1
31 
32 #define AUTHZ_GENERATE_SUCCESS_AUDIT 0x1
33 #define AUTHZ_GENERATE_FAILURE_AUDIT 0x2
34 
35 #define AUTHZ_SKIP_TOKEN_GROUPS 0x2
36 #define AUTHZ_REQUIRE_S4U_LOGON 0x4
37 
38 #define AUTHZ_NO_SUCCESS_AUDIT 0x1
39 #define AUTHZ_NO_FAILURE_AUDIT 0x2
40 #define AUTHZ_NO_ALLOC_STRINGS 0x4
41 
42 #define AUTHZ_RM_FLAG_NO_AUDIT 0x1
43 #define AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION 0x2
44 
52 
53 #if !defined(_ADTGEN_H)
54 /* FIXME - AUDIT_PARAMS is defined in adtgen.h!!!!! */
56 #endif
57 
59 {
71 
72 typedef struct _AUTHZ_ACCESS_REQUEST
73 {
80 
81 typedef struct _AUTHZ_ACCESS_REPLY
82 {
88 
90 {
94 
96 {
107 
109  IN PACE_HEADER pAce,
110  IN PVOID pArgs OPTIONAL,
111  IN OUT PBOOL pbAceApplicable);
112 
114  IN PVOID Args,
115  OUT PSID_AND_ATTRIBUTES* pSidAttrArray,
116  OUT PDWORD pSidCount,
117  OUT PSID_AND_ATTRIBUTES* pRestrictedSidAttrArray,
118  OUT PDWORD pRestrictedSidCount);
119 
121 
122 AUTHZAPI
123 BOOL
124 WINAPI
126  IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext,
127  IN PAUTHZ_ACCESS_REQUEST pRequest,
128  IN AUTHZ_AUDIT_INFO_HANDLE AuditInfo,
129  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
130  IN PSECURITY_DESCRIPTOR* OptionalSecurityDescriptorArray,
131  IN DWORD OptionalSecurityDescriptorCount OPTIONAL,
132  IN OUT PAUTHZ_ACCESS_REPLY pReply,
134 
135 AUTHZAPI
136 BOOL
137 WINAPI
139  IN PSID_AND_ATTRIBUTES Sids,
140  IN DWORD SidCount,
141  IN PSID_AND_ATTRIBUTES RestrictedSids,
142  IN DWORD RestrictedSidCount,
143  OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pNewClientContext);
144 
145 AUTHZAPI
146 BOOL
147 WINAPI
150  IN PAUTHZ_ACCESS_REQUEST pRequest,
151  IN AUTHZ_AUDIT_EVENT_HANDLE AuditInfo,
152  OUT PAUTHZ_ACCESS_REPLY pReply);
153 
154 AUTHZAPI
155 BOOL
156 WINAPI
159  OUT PDWORD pdwCount,
160  IN OUT PDWORD pdwLength);
161 
162 AUTHZAPI
163 BOOL
164 WINAPI
166 
167 AUTHZAPI
168 BOOL
169 WINAPI
171 
172 AUTHZAPI
173 BOOL
174 WINAPI
176 
177 AUTHZAPI
178 BOOL
179 WINAPI
181 
182 AUTHZAPI
183 BOOL
184 WINAPI
188  OUT PDWORD pSizeRequired,
189  OUT PVOID Buffer);
190 
191 AUTHZAPI
192 BOOL
193 WINAPI
195  IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzHandle,
196  IN PLARGE_INTEGER ExpirationTime,
197  IN LUID Identifier,
198  IN PVOID DynamicGroupArgs,
199  OUT PAUTHZ_CLIENT_CONTEXT_HANDLE phNewAuthzHandle);
200 
201 AUTHZAPI
202 BOOL
203 WINAPI
205  IN PSID UserSid,
206  IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager,
207  IN PLARGE_INTEGER pExpirationTime,
208  IN LUID Identifier,
209  IN PVOID DynamicGroupArgs,
210  OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext);
211 
212 AUTHZAPI
213 BOOL
214 WINAPI
217  IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager,
218  IN PLARGE_INTEGER pExpirationTime,
219  IN LUID Identifier,
220  IN PVOID DynamicGroupArgs,
221  OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext);
222 
223 AUTHZAPI
224 BOOL
225 WINAPIV
227  IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType,
228  IN PWSTR szOperationType,
229  IN PWSTR szObjectType,
230  IN PWSTR szObjectName,
231  IN PWSTR szAdditionalInfo,
232  OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent,
233  IN DWORD dwAdditionalParameterCount,
234  ...);
235 
236 AUTHZAPI
237 BOOL
238 WINAPIV
240  IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType,
241  IN PWSTR szOperationType,
242  IN PWSTR szObjectType,
243  IN PWSTR szObjectName,
244  IN PWSTR szAdditionalInfo,
245  IN PWSTR szAdditionalInfo2,
246  OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent,
247  IN DWORD dwAdditionalParameterCount,
248  ...);
249 
250 AUTHZAPI
251 BOOL
252 WINAPI
254  IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck,
255  IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups,
256  IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups,
257  IN PCWSTR ResourceManagerName,
258  IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager);
259 
260 AUTHZAPI
261 BOOL
262 WINAPI
264  IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION pRegistration);
265 
266 AUTHZAPI
267 BOOL
268 WINAPI
270  IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
271  IN PAUTHZ_ACCESS_REQUEST pRequest,
272  IN AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent,
273  IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
274  IN PSECURITY_DESCRIPTOR* SecurityDescriptorArray,
275  IN DWORD SecurityDescriptorCount,
276  OUT PAUTHZ_ACCESS_REPLY pReply);
277 
278 AUTHZAPI
279 BOOL
280 WINAPI
282  IN PCWSTR szEventSourceName,
283  IN PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider);
284 
285 AUTHZAPI
286 BOOL
287 WINAPIV
290  IN DWORD dwAuditId,
291  IN PSID pUserSid OPTIONAL,
292  IN DWORD dwCount,
293  ...);
294 
295 AUTHZAPI
296 BOOL
297 WINAPI
300  IN DWORD dwAuditId,
301  IN PSID pUserSid OPTIONAL,
302  IN PAUDIT_PARAMS pParams);
303 
304 AUTHZAPI
305 BOOL
306 WINAPI
308  IN PWSTR szEventSourceName);
309 
310 AUTHZAPI
311 BOOL
312 WINAPI
315 
316 #ifdef __cplusplus
317 }
318 #endif
319 #endif /* __AUTHZ_H */
HANDLE * PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE
Definition: authz.h:49
HANDLE * PAUTHZ_RESOURCE_MANAGER_HANDLE
Definition: authz.h:50
const uint16_t * PCWSTR
Definition: typedefs.h:57
#define IN
Definition: typedefs.h:39
ACCESS_MASK DesiredAccess
Definition: authz.h:74
AUTHZAPI BOOL WINAPI AuthzEnumerateSecurityEventSources(IN DWORD dwFlags, OUT PAUTHZ_SOURCE_SCHEMA_REGISTRATION Buffer, OUT PDWORD pdwCount, IN OUT PDWORD pdwLength)
Definition: authz.c:98
AUTHZAPI BOOL WINAPI AuthzInitializeContextFromSid(IN DWORD Flags, IN PSID UserSid, IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager, IN PLARGE_INTEGER pExpirationTime, IN LUID Identifier, IN PVOID DynamicGroupArgs, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext)
Definition: clictx.c:40
enum _AUTHZ_CONTEXT_INFORMATION_CLASS AUTHZ_CONTEXT_INFORMATION_CLASS
HANDLE AUTHZ_AUDIT_EVENT_HANDLE
Definition: authz.h:47
struct _AUTHZ_ACCESS_REQUEST * PAUTHZ_ACCESS_REQUEST
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION * PAUTHZ_SOURCE_SCHEMA_REGISTRATION
uint16_t * PWSTR
Definition: typedefs.h:56
AUTHZAPI BOOL WINAPI AuthzCachedAccessCheck(IN DWORD Flags, IN AUTHZ_ACCESS_CHECK_RESULTS_HANDLE AuthzHandle, IN PAUTHZ_ACCESS_REQUEST pRequest, IN AUTHZ_AUDIT_EVENT_HANDLE AuditInfo, OUT PAUTHZ_ACCESS_REPLY pReply)
Definition: authz.c:81
#define CALLBACK
Definition: compat.h:35
POBJECT_TYPE_LIST ObjectTypeList
Definition: authz.h:76
HANDLE * PAUTHZ_AUDIT_EVENT_HANDLE
Definition: authz.h:47
AUTHZAPI BOOL WINAPI AuthzInitializeContextFromToken(IN DWORD Flags, IN HANDLE TokenHandle, IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager, IN PLARGE_INTEGER pExpirationTime, IN LUID Identifier, IN PVOID DynamicGroupArgs, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext)
Definition: authz.c:158
PSID PrincipalSelfSid
Definition: authz.h:75
AUTHZAPI BOOL WINAPI AuthzFreeHandle(IN AUTHZ_ACCESS_CHECK_RESULTS_HANDLE AuthzHandle)
Definition: authz.c:127
AUTHZAPI BOOL WINAPI AuthzFreeContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext)
Definition: clictx.c:213
#define BOOL
Definition: nt_native.h:43
AUTHZAPI BOOL WINAPIV AuthzReportSecurityEvent(IN DWORD dwFlags, IN AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, IN DWORD dwAuditId, IN PSID pUserSid OPTIONAL, IN DWORD dwCount,...)
Definition: authz.c:269
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
HANDLE AUTHZ_CLIENT_CONTEXT_HANDLE
Definition: authz.h:45
AUTHZAPI BOOL WINAPI AuthzInitializeContextFromAuthzContext(IN DWORD flags, IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzHandle, IN PLARGE_INTEGER ExpirationTime, IN LUID Identifier, IN PVOID DynamicGroupArgs, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE phNewAuthzHandle)
Definition: authz.c:140
unsigned int BOOL
Definition: ntddk_ex.h:94
HANDLE AUTHZ_RESOURCE_MANAGER_HANDLE
Definition: authz.h:50
AUTHZAPI BOOL WINAPIV AuthzInitializeObjectAccessAuditEvent(IN DWORD Flags, IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType, IN PWSTR szOperationType, IN PWSTR szObjectType, IN PWSTR szObjectName, IN PWSTR szAdditionalInfo, OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent, IN DWORD dwAdditionalParameterCount,...)
Definition: authz.c:177
enum _AUTHZ_CONTEXT_INFORMATION_CLASS * PAUTHZ_CONTEXT_INFORMATION_CLASS
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
char ** Args
Definition: acdebug.h:347
Definition: bufpool.h:45
HANDLE AUTHZ_ACCESS_CHECK_RESULTS_HANDLE
Definition: authz.h:49
BOOL(CALLBACK * PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PVOID Args, OUT PSID_AND_ATTRIBUTES *pSidAttrArray, OUT PDWORD pSidCount, OUT PSID_AND_ATTRIBUTES *pRestrictedSidAttrArray, OUT PDWORD pRestrictedSidCount)
Definition: authz.h:113
BOOL * PBOOL
Definition: windef.h:161
HANDLE * PAUTHZ_CLIENT_CONTEXT_HANDLE
Definition: authz.h:45
struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
AUTHZAPI BOOL WINAPI AuthzFreeAuditEvent(IN AUTHZ_AUDIT_EVENT_HANDLE pAuditEventInfo)
Definition: authz.c:114
AUTHZAPI BOOL WINAPIV AuthzInitializeObjectAccessAuditEvent2(IN DWORD Flags, IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType, IN PWSTR szOperationType, IN PWSTR szObjectType, IN PWSTR szObjectName, IN PWSTR szAdditionalInfo, IN PWSTR szAdditionalInfo2, OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent, IN DWORD dwAdditionalParameterCount,...)
Definition: authz.c:198
AUTHZAPI BOOL WINAPI AuthzRegisterSecurityEventSource(IN DWORD dwFlags, IN PCWSTR szEventSourceName, IN PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider)
Definition: authz.c:254
AUTHZAPI BOOL WINAPI AuthzOpenObjectAudit(IN DWORD Flags, IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PAUTHZ_ACCESS_REQUEST pRequest, IN AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSECURITY_DESCRIPTOR *SecurityDescriptorArray, IN DWORD SecurityDescriptorCount, OUT PAUTHZ_ACCESS_REPLY pReply)
Definition: authz.c:234
AUTHZAPI BOOL WINAPI AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN AUTHZ_CONTEXT_INFORMATION_CLASS InfoClass, IN DWORD BufferSize, OUT PDWORD pSizeRequired, OUT PVOID Buffer)
Definition: clictx.c:111
DWORD ResultListLength
Definition: authz.h:83
BOOL(CALLBACK * PFN_AUTHZ_DYNAMIC_ACCESS_CHECK)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PACE_HEADER pAce, IN PVOID pArgs OPTIONAL, IN OUT PBOOL pbAceApplicable)
Definition: authz.h:108
HANDLE AUTHZ_AUDIT_INFO_HANDLE
Definition: authz.h:46
struct _AUTHZ_ACCESS_REPLY * PAUTHZ_ACCESS_REPLY
PDWORD SaclEvaluationResults
Definition: authz.h:85
#define WINAPI
Definition: msvc.h:6
#define BufferSize
Definition: classpnp.h:436
HANDLE * PAUTHZ_AUDIT_EVENT_TYPE_HANDLE
Definition: authz.h:48
unsigned long DWORD
Definition: ntddk_ex.h:95
GLbitfield flags
Definition: glext.h:7161
PACCESS_MASK GrantedAccessMask
Definition: authz.h:84
PVOID PAUDIT_PARAMS
Definition: authz.h:55
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1175
#define VOID
Definition: acefi.h:82
AUTHZAPI BOOL WINAPI AuthzInitializeResourceManager(IN DWORD flags, IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck, IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups, IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups, IN PCWSTR ResourceManagerName, IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
Definition: resman.c:145
HANDLE * PAUTHZ_AUDIT_INFO_HANDLE
Definition: authz.h:46
HANDLE * PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE
Definition: authz.h:51
#define WINAPIV
Definition: sdbpapi.h:64
AUTHZAPI BOOL WINAPI AuthzReportSecurityEventFromParams(IN DWORD dwFlags, IN AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, IN DWORD dwAuditId, IN PSID pUserSid OPTIONAL, IN PAUDIT_PARAMS pParams)
Definition: authz.c:287
struct _AUTHZ_ACCESS_REQUEST AUTHZ_ACCESS_REQUEST
#define OPTIONAL
Definition: typedefs.h:41
AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET ObjectTypeNames[ANYSIZE_ARRAY]
Definition: authz.h:105
DWORD * PDWORD
Definition: pedump.c:68
AUTHZAPI BOOL WINAPI AuthzUninstallSecurityEventSource(IN DWORD dwFlags, IN PWSTR szEventSourceName)
Definition: authz.c:304
_AUTHZ_CONTEXT_INFORMATION_CLASS
Definition: authz.h:58
PVOID OptionalArguments
Definition: authz.h:78
#define OUT
Definition: typedefs.h:40
AUTHZAPI BOOL WINAPI AuthzAccessCheck(IN DWORD flags, IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext, IN PAUTHZ_ACCESS_REQUEST pRequest, IN AUTHZ_AUDIT_INFO_HANDLE AuditInfo, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSECURITY_DESCRIPTOR *OptionalSecurityDescriptorArray, IN DWORD OptionalSecurityDescriptorCount OPTIONAL, IN OUT PAUTHZ_ACCESS_REPLY pReply, OUT PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE pAuthzHandle)
Definition: authz.c:42
AUTHZAPI BOOL WINAPI AuthzAddSidsToContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE OrigClientContext, IN PSID_AND_ATTRIBUTES Sids, IN DWORD SidCount, IN PSID_AND_ATTRIBUTES RestrictedSids, IN DWORD RestrictedSidCount, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pNewClientContext)
Definition: authz.c:63
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
PDWORD Error
Definition: authz.h:86
struct _AUTHZ_ACCESS_REPLY AUTHZ_ACCESS_REPLY
#define AUTHZAPI
Definition: authz.h:21
AUTHZAPI BOOL WINAPI AuthzUnregisterSecurityEventSource(IN DWORD dwFlags, IN OUT PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider)
Definition: authz.c:318
struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION AUTHZ_SOURCE_SCHEMA_REGISTRATION
DWORD ObjectTypeListLength
Definition: authz.h:77
HANDLE AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE
Definition: authz.h:51
ULONG ACCESS_MASK
Definition: nt_native.h:40
struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET * PAUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
AUTHZAPI BOOL WINAPI AuthzInstallSecurityEventSource(IN DWORD dwFlags, IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION pRegistration)
Definition: authz.c:220
VOID(CALLBACK * PFN_AUTHZ_FREE_DYNAMIC_GROUPS)(IN PSID_AND_ATTRIBUTES pSidAttrArray)
Definition: authz.h:120
AUTHZAPI BOOL WINAPI AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
Definition: resman.c:229
HANDLE AUTHZ_AUDIT_EVENT_TYPE_HANDLE
Definition: authz.h:48
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68