ReactOS 0.4.16-dev-334-g4d9f67c
authz.h
Go to the documentation of this file.
1/*
2 * authz.h
3 *
4 * Authorization Framework
5 *
6 * THIS SOFTWARE IS NOT COPYRIGHTED
7 *
8 * This source code is offered for use in the public domain. You may
9 * use, modify or distribute it freely.
10 *
11 * This code is distributed in the hope that it will be useful but
12 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
13 * DISCLAIMED. This includes but is not limited to warranties of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
15 *
16 */
17#ifndef __AUTHZ_H
18#define __AUTHZ_H
19
20#if !defined(_AUTHZ_)
21#define AUTHZAPI DECLSPEC_IMPORT
22#else
23#define AUTHZAPI
24#endif
25
26#ifdef __cplusplus
27extern "C" {
28#endif
29
30#define AUTHZ_ACCESS_CHECK_NO_DEEP_COPY_SD 0x1
31
32#define AUTHZ_GENERATE_SUCCESS_AUDIT 0x1
33#define AUTHZ_GENERATE_FAILURE_AUDIT 0x2
34
35#define AUTHZ_SKIP_TOKEN_GROUPS 0x2
36#define AUTHZ_REQUIRE_S4U_LOGON 0x4
37
38#define AUTHZ_NO_SUCCESS_AUDIT 0x1
39#define AUTHZ_NO_FAILURE_AUDIT 0x2
40#define AUTHZ_NO_ALLOC_STRINGS 0x4
41
42#define AUTHZ_RM_FLAG_NO_AUDIT 0x1
43#define AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION 0x2
44
52
53#if !defined(_ADTGEN_H)
54/* FIXME - AUDIT_PARAMS is defined in adtgen.h!!!!! */
56#endif
57
59{
71
73{
80
81typedef struct _AUTHZ_ACCESS_REPLY
82{
88
90{
94
96{
107
109 IN PACE_HEADER pAce,
110 IN PVOID pArgs OPTIONAL,
111 IN OUT PBOOL pbAceApplicable);
112
114 IN PVOID Args,
115 OUT PSID_AND_ATTRIBUTES* pSidAttrArray,
116 OUT PDWORD pSidCount,
117 OUT PSID_AND_ATTRIBUTES* pRestrictedSidAttrArray,
118 OUT PDWORD pRestrictedSidCount);
119
121
123BOOL
124WINAPI
126 IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext,
128 IN AUTHZ_AUDIT_INFO_HANDLE AuditInfo,
129 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
130 IN PSECURITY_DESCRIPTOR* OptionalSecurityDescriptorArray,
131 IN DWORD OptionalSecurityDescriptorCount OPTIONAL,
134
136BOOL
137WINAPI
140 IN DWORD SidCount,
141 IN PSID_AND_ATTRIBUTES RestrictedSids,
142 IN DWORD RestrictedSidCount,
143 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pNewClientContext);
144
146BOOL
147WINAPI
152 OUT PAUTHZ_ACCESS_REPLY pReply);
153
155BOOL
156WINAPI
159 OUT PDWORD pdwCount,
160 IN OUT PDWORD pdwLength);
161
163BOOL
164WINAPI
166
168BOOL
169WINAPI
171
173BOOL
174WINAPI
176
178BOOL
179WINAPI
181
183BOOL
184WINAPI
188 OUT PDWORD pSizeRequired,
190
192BOOL
193WINAPI
196 IN PLARGE_INTEGER ExpirationTime,
198 IN PVOID DynamicGroupArgs,
199 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE phNewAuthzHandle);
200
202BOOL
203WINAPI
205 IN PSID UserSid,
206 IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager,
207 IN PLARGE_INTEGER pExpirationTime,
209 IN PVOID DynamicGroupArgs,
210 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext);
211
213BOOL
214WINAPI
217 IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager,
218 IN PLARGE_INTEGER pExpirationTime,
220 IN PVOID DynamicGroupArgs,
221 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext);
222
224BOOL
227 IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType,
228 IN PWSTR szOperationType,
229 IN PWSTR szObjectType,
230 IN PWSTR szObjectName,
231 IN PWSTR szAdditionalInfo,
232 OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent,
233 IN DWORD dwAdditionalParameterCount,
234 ...);
235
237BOOL
240 IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType,
241 IN PWSTR szOperationType,
242 IN PWSTR szObjectType,
243 IN PWSTR szObjectName,
244 IN PWSTR szAdditionalInfo,
245 IN PWSTR szAdditionalInfo2,
246 OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent,
247 IN DWORD dwAdditionalParameterCount,
248 ...);
249
251BOOL
252WINAPI
254 IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck,
255 IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups,
256 IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups,
257 IN PCWSTR ResourceManagerName,
258 IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager);
259
261BOOL
262WINAPI
265
267BOOL
268WINAPI
270 IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
272 IN AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent,
273 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
274 IN PSECURITY_DESCRIPTOR* SecurityDescriptorArray,
275 IN DWORD SecurityDescriptorCount,
276 OUT PAUTHZ_ACCESS_REPLY pReply);
277
279BOOL
280WINAPI
282 IN PCWSTR szEventSourceName,
284
286BOOL
290 IN DWORD dwAuditId,
291 IN PSID pUserSid OPTIONAL,
292 IN DWORD dwCount,
293 ...);
294
296BOOL
297WINAPI
300 IN DWORD dwAuditId,
301 IN PSID pUserSid OPTIONAL,
302 IN PAUDIT_PARAMS pParams);
303
305BOOL
306WINAPI
308 IN PWSTR szEventSourceName);
309
311BOOL
312WINAPI
315
316#ifdef __cplusplus
317}
318#endif
319#endif /* __AUTHZ_H */
char ** Args
Definition: acdebug.h:353
#define VOID
Definition: acefi.h:82
@ Identifier
Definition: asmpp.cpp:95
VOID(CALLBACK * PFN_AUTHZ_FREE_DYNAMIC_GROUPS)(IN PSID_AND_ATTRIBUTES pSidAttrArray)
Definition: authz.h:120
AUTHZAPI BOOL WINAPI AuthzRegisterSecurityEventSource(IN DWORD dwFlags, IN PCWSTR szEventSourceName, IN PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider)
Definition: authz.c:254
AUTHZAPI BOOL WINAPI AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
Definition: resman.c:229
AUTHZAPI BOOL WINAPI AuthzAddSidsToContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE OrigClientContext, IN PSID_AND_ATTRIBUTES Sids, IN DWORD SidCount, IN PSID_AND_ATTRIBUTES RestrictedSids, IN DWORD RestrictedSidCount, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pNewClientContext)
Definition: authz.c:63
struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION * PAUTHZ_SOURCE_SCHEMA_REGISTRATION
AUTHZAPI BOOL WINAPI AuthzInitializeContextFromSid(IN DWORD Flags, IN PSID UserSid, IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager, IN PLARGE_INTEGER pExpirationTime, IN LUID Identifier, IN PVOID DynamicGroupArgs, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext)
Definition: clictx.c:40
HANDLE * PAUTHZ_CLIENT_CONTEXT_HANDLE
Definition: authz.h:45
HANDLE * PAUTHZ_AUDIT_INFO_HANDLE
Definition: authz.h:46
HANDLE * PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE
Definition: authz.h:51
_AUTHZ_CONTEXT_INFORMATION_CLASS
Definition: authz.h:59
@ AuthzContextInfoGroupsSids
Definition: authz.h:61
@ AuthzContextInfoPrivileges
Definition: authz.h:63
@ AuthzContextInfoRestrictedSids
Definition: authz.h:62
@ AuthzContextInfoAll
Definition: authz.h:68
@ AuthzContextInfoSource
Definition: authz.h:67
@ AuthzContextInfoUserSid
Definition: authz.h:60
@ AuthzContextInfoExpirationTime
Definition: authz.h:64
@ AuthzContextInfoServerContext
Definition: authz.h:65
@ AuthzContextInfoIdentifier
Definition: authz.h:66
@ AuthzContextInfoAuthenticationId
Definition: authz.h:69
AUTHZAPI BOOL WINAPI AuthzReportSecurityEventFromParams(IN DWORD dwFlags, IN AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, IN DWORD dwAuditId, IN PSID pUserSid OPTIONAL, IN PAUDIT_PARAMS pParams)
Definition: authz.c:287
AUTHZAPI BOOL WINAPI AuthzOpenObjectAudit(IN DWORD Flags, IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PAUTHZ_ACCESS_REQUEST pRequest, IN AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSECURITY_DESCRIPTOR *SecurityDescriptorArray, IN DWORD SecurityDescriptorCount, OUT PAUTHZ_ACCESS_REPLY pReply)
Definition: authz.c:234
HANDLE AUTHZ_RESOURCE_MANAGER_HANDLE
Definition: authz.h:50
HANDLE AUTHZ_ACCESS_CHECK_RESULTS_HANDLE
Definition: authz.h:49
AUTHZAPI BOOL WINAPI AuthzInstallSecurityEventSource(IN DWORD dwFlags, IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION pRegistration)
Definition: authz.c:220
AUTHZAPI BOOL WINAPI AuthzInitializeContextFromToken(IN DWORD Flags, IN HANDLE TokenHandle, IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager, IN PLARGE_INTEGER pExpirationTime, IN LUID Identifier, IN PVOID DynamicGroupArgs, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext)
Definition: authz.c:158
AUTHZAPI BOOL WINAPI AuthzFreeAuditEvent(IN AUTHZ_AUDIT_EVENT_HANDLE pAuditEventInfo)
Definition: authz.c:114
AUTHZAPI BOOL WINAPI AuthzFreeContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext)
Definition: clictx.c:213
AUTHZAPI BOOL WINAPI AuthzUninstallSecurityEventSource(IN DWORD dwFlags, IN PWSTR szEventSourceName)
Definition: authz.c:304
HANDLE AUTHZ_AUDIT_INFO_HANDLE
Definition: authz.h:46
HANDLE AUTHZ_CLIENT_CONTEXT_HANDLE
Definition: authz.h:45
struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
AUTHZAPI BOOL WINAPI AuthzFreeHandle(IN AUTHZ_ACCESS_CHECK_RESULTS_HANDLE AuthzHandle)
Definition: authz.c:127
struct _AUTHZ_ACCESS_REQUEST * PAUTHZ_ACCESS_REQUEST
HANDLE AUTHZ_AUDIT_EVENT_HANDLE
Definition: authz.h:47
HANDLE * PAUTHZ_RESOURCE_MANAGER_HANDLE
Definition: authz.h:50
HANDLE AUTHZ_AUDIT_EVENT_TYPE_HANDLE
Definition: authz.h:48
HANDLE * PAUTHZ_AUDIT_EVENT_TYPE_HANDLE
Definition: authz.h:48
struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION AUTHZ_SOURCE_SCHEMA_REGISTRATION
PVOID PAUDIT_PARAMS
Definition: authz.h:55
struct _AUTHZ_ACCESS_REPLY AUTHZ_ACCESS_REPLY
AUTHZAPI BOOL WINAPI AuthzEnumerateSecurityEventSources(IN DWORD dwFlags, OUT PAUTHZ_SOURCE_SCHEMA_REGISTRATION Buffer, OUT PDWORD pdwCount, IN OUT PDWORD pdwLength)
Definition: authz.c:98
AUTHZAPI BOOL WINAPIV AuthzInitializeObjectAccessAuditEvent2(IN DWORD Flags, IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType, IN PWSTR szOperationType, IN PWSTR szObjectType, IN PWSTR szObjectName, IN PWSTR szAdditionalInfo, IN PWSTR szAdditionalInfo2, OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent, IN DWORD dwAdditionalParameterCount,...)
Definition: authz.c:198
AUTHZAPI BOOL WINAPI AuthzInitializeContextFromAuthzContext(IN DWORD flags, IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzHandle, IN PLARGE_INTEGER ExpirationTime, IN LUID Identifier, IN PVOID DynamicGroupArgs, OUT PAUTHZ_CLIENT_CONTEXT_HANDLE phNewAuthzHandle)
Definition: authz.c:140
#define AUTHZAPI
Definition: authz.h:21
AUTHZAPI BOOL WINAPI AuthzAccessCheck(IN DWORD flags, IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext, IN PAUTHZ_ACCESS_REQUEST pRequest, IN AUTHZ_AUDIT_INFO_HANDLE AuditInfo, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSECURITY_DESCRIPTOR *OptionalSecurityDescriptorArray, IN DWORD OptionalSecurityDescriptorCount OPTIONAL, IN OUT PAUTHZ_ACCESS_REPLY pReply, OUT PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE pAuthzHandle)
Definition: authz.c:42
HANDLE * PAUTHZ_AUDIT_EVENT_HANDLE
Definition: authz.h:47
enum _AUTHZ_CONTEXT_INFORMATION_CLASS * PAUTHZ_CONTEXT_INFORMATION_CLASS
BOOL(CALLBACK * PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PVOID Args, OUT PSID_AND_ATTRIBUTES *pSidAttrArray, OUT PDWORD pSidCount, OUT PSID_AND_ATTRIBUTES *pRestrictedSidAttrArray, OUT PDWORD pRestrictedSidCount)
Definition: authz.h:113
AUTHZAPI BOOL WINAPI AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN AUTHZ_CONTEXT_INFORMATION_CLASS InfoClass, IN DWORD BufferSize, OUT PDWORD pSizeRequired, OUT PVOID Buffer)
Definition: clictx.c:111
AUTHZAPI BOOL WINAPI AuthzCachedAccessCheck(IN DWORD Flags, IN AUTHZ_ACCESS_CHECK_RESULTS_HANDLE AuthzHandle, IN PAUTHZ_ACCESS_REQUEST pRequest, IN AUTHZ_AUDIT_EVENT_HANDLE AuditInfo, OUT PAUTHZ_ACCESS_REPLY pReply)
Definition: authz.c:81
HANDLE * PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE
Definition: authz.h:49
struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET * PAUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
HANDLE AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE
Definition: authz.h:51
AUTHZAPI BOOL WINAPI AuthzInitializeResourceManager(IN DWORD flags, IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck, IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups, IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups, IN PCWSTR ResourceManagerName, IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
Definition: resman.c:145
AUTHZAPI BOOL WINAPIV AuthzInitializeObjectAccessAuditEvent(IN DWORD Flags, IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType, IN PWSTR szOperationType, IN PWSTR szObjectType, IN PWSTR szObjectName, IN PWSTR szAdditionalInfo, OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent, IN DWORD dwAdditionalParameterCount,...)
Definition: authz.c:177
struct _AUTHZ_ACCESS_REQUEST AUTHZ_ACCESS_REQUEST
AUTHZAPI BOOL WINAPI AuthzUnregisterSecurityEventSource(IN DWORD dwFlags, IN OUT PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider)
Definition: authz.c:318
enum _AUTHZ_CONTEXT_INFORMATION_CLASS AUTHZ_CONTEXT_INFORMATION_CLASS
struct _AUTHZ_ACCESS_REPLY * PAUTHZ_ACCESS_REPLY
AUTHZAPI BOOL WINAPIV AuthzReportSecurityEvent(IN DWORD dwFlags, IN AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, IN DWORD dwAuditId, IN PSID pUserSid OPTIONAL, IN DWORD dwCount,...)
Definition: authz.c:269
BOOL(CALLBACK * PFN_AUTHZ_DYNAMIC_ACCESS_CHECK)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PACE_HEADER pAce, IN PVOID pArgs OPTIONAL, IN OUT PBOOL pbAceApplicable)
Definition: authz.h:108
Definition: bufpool.h:45
#define CALLBACK
Definition: compat.h:35
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
FxRequest * pRequest
GLbitfield flags
Definition: glext.h:7161
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
#define BOOL
Definition: nt_native.h:43
ULONG ACCESS_MASK
Definition: nt_native.h:40
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
DWORD * PDWORD
Definition: pedump.c:68
#define WINAPIV
Definition: sdbpapi.h:64
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
DWORD ResultListLength
Definition: authz.h:83
PDWORD Error
Definition: authz.h:86
PACCESS_MASK GrantedAccessMask
Definition: authz.h:84
PDWORD SaclEvaluationResults
Definition: authz.h:85
POBJECT_TYPE_LIST ObjectTypeList
Definition: authz.h:76
PVOID OptionalArguments
Definition: authz.h:78
ACCESS_MASK DesiredAccess
Definition: authz.h:74
PSID PrincipalSelfSid
Definition: authz.h:75
DWORD ObjectTypeListLength
Definition: authz.h:77
AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET ObjectTypeNames[ANYSIZE_ARRAY]
Definition: authz.h:105
uint16_t * PWSTR
Definition: typedefs.h:56
#define OPTIONAL
Definition: typedefs.h:41
const uint16_t * PCWSTR
Definition: typedefs.h:57
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
#define IN
Definition: typedefs.h:39
#define OUT
Definition: typedefs.h:40
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
Definition: wdfmemory.h:254
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1176
BOOL * PBOOL
Definition: windef.h:161
#define WINAPI
Definition: msvc.h:6
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170