ReactOS  0.4.14-dev-115-g4576127
audit.c File Reference
#include <advapi32.h>
Include dependency graph for audit.c:

Go to the source code of this file.

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (advapi)
 
BOOL WINAPI AccessCheckAndAuditAlarmA (LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName, LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess, PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess, LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
 
BOOL WINAPI AccessCheckAndAuditAlarmW (LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName, LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess, PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess, LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
 
BOOL WINAPI ObjectCloseAuditAlarmA (LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
 
BOOL WINAPI ObjectCloseAuditAlarmW (LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
 
BOOL WINAPI ObjectDeleteAuditAlarmA (LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
 
BOOL WINAPI ObjectDeleteAuditAlarmW (LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
 
BOOL WINAPI ObjectOpenAuditAlarmA (LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName, LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess, DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted, LPBOOL GenerateOnClose)
 
BOOL WINAPI ObjectOpenAuditAlarmW (LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName, LPWSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess, DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted, LPBOOL GenerateOnClose)
 
BOOL WINAPI ObjectPrivilegeAuditAlarmA (LPCSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken, DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
 
BOOL WINAPI ObjectPrivilegeAuditAlarmW (LPCWSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken, DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
 
BOOL WINAPI PrivilegedServiceAuditAlarmA (LPCSTR SubsystemName, LPCSTR ServiceName, HANDLE ClientToken, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
 
BOOL WINAPI PrivilegedServiceAuditAlarmW (LPCWSTR SubsystemName, LPCWSTR ServiceName, HANDLE ClientToken, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
 
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmByHandleW (IN LPCWSTR SubsystemName, IN LPVOID HandleId, IN HANDLE ClientToken, IN LPCWSTR ObjectTypeName, IN LPCWSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
 
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmByHandleA (IN LPCSTR SubsystemName, IN LPVOID HandleId, IN HANDLE ClientToken, IN LPCSTR ObjectTypeName, IN LPCSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
 
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmW (IN LPCWSTR SubsystemName, IN LPVOID HandleId, IN LPCWSTR ObjectTypeName, IN LPCWSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
 
BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmA (IN LPCSTR SubsystemName, IN LPVOID HandleId, IN LPCSTR ObjectTypeName, IN LPCSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPDWORD AccessStatusList, OUT LPBOOL pfGenerateOnClose)
 
BOOL WINAPI AccessCheckByTypeAndAuditAlarmW (IN LPCWSTR SubsystemName, IN LPVOID HandleId, IN LPCWSTR ObjectTypeName, IN LPCWSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus, OUT LPBOOL pfGenerateOnClose)
 
BOOL WINAPI AccessCheckByTypeAndAuditAlarmA (IN LPCSTR SubsystemName, IN LPVOID HandleId, IN LPCSTR ObjectTypeName, IN LPCSTR ObjectName, IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN PSID PrincipalSelfSid, IN DWORD DesiredAccess, IN AUDIT_EVENT_TYPE AuditType, IN DWORD Flags, IN POBJECT_TYPE_LIST ObjectTypeList, IN DWORD ObjectTypeListLength, IN PGENERIC_MAPPING GenericMapping, IN BOOL ObjectCreation, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus, OUT LPBOOL pfGenerateOnClose)
 

Function Documentation

◆ AccessCheckAndAuditAlarmA()

BOOL WINAPI AccessCheckAndAuditAlarmA ( LPCSTR  SubsystemName,
LPVOID  HandleId,
LPSTR  ObjectTypeName,
LPSTR  ObjectName,
PSECURITY_DESCRIPTOR  SecurityDescriptor,
DWORD  DesiredAccess,
PGENERIC_MAPPING  GenericMapping,
BOOL  ObjectCreation,
LPDWORD  GrantedAccess,
LPBOOL  AccessStatus,
LPBOOL  pfGenerateOnClose 
)

Definition at line 22 of file audit.c.

33 {
34  UNICODE_STRING SubsystemNameU;
35  UNICODE_STRING ObjectTypeNameU;
36  UNICODE_STRING ObjectNameU;
37  NTSTATUS LocalAccessStatus;
40 
41  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
42  (PCHAR)SubsystemName);
43  RtlCreateUnicodeStringFromAsciiz(&ObjectTypeNameU,
46  (PCHAR)ObjectName);
47 
48  Status = NtAccessCheckAndAuditAlarm(&SubsystemNameU,
49  HandleId,
50  &ObjectTypeNameU,
51  &ObjectNameU,
55  ObjectCreation,
57  &LocalAccessStatus,
59  RtlFreeUnicodeString(&SubsystemNameU);
60  RtlFreeUnicodeString(&ObjectTypeNameU);
61  RtlFreeUnicodeString(&ObjectNameU);
62 
63  *pfGenerateOnClose = (BOOL)GenerateOnClose;
64 
65  if (!NT_SUCCESS(Status))
66  {
68  return FALSE;
69  }
70 
71  if (!NT_SUCCESS (LocalAccessStatus))
72  {
75  return FALSE;
76  }
77 
78  *AccessStatus = TRUE;
79 
80  return TRUE;
81 }
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
signed char * PCHAR
Definition: retypes.h:7
#define TRUE
Definition: types.h:120
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
LONG NTSTATUS
Definition: precomp.h:26
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
#define BOOL
Definition: nt_native.h:43
unsigned char BOOLEAN
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAccessCheckAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Definition: audit.c:1406
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ AccessCheckAndAuditAlarmW()

BOOL WINAPI AccessCheckAndAuditAlarmW ( LPCWSTR  SubsystemName,
LPVOID  HandleId,
LPWSTR  ObjectTypeName,
LPWSTR  ObjectName,
PSECURITY_DESCRIPTOR  SecurityDescriptor,
DWORD  DesiredAccess,
PGENERIC_MAPPING  GenericMapping,
BOOL  ObjectCreation,
LPDWORD  GrantedAccess,
LPBOOL  AccessStatus,
LPBOOL  pfGenerateOnClose 
)

Definition at line 88 of file audit.c.

99 {
100  UNICODE_STRING SubsystemNameU;
101  UNICODE_STRING ObjectTypeNameU;
102  UNICODE_STRING ObjectNameU;
103  NTSTATUS LocalAccessStatus;
106 
107  RtlInitUnicodeString(&SubsystemNameU,
108  (PWSTR)SubsystemName);
109  RtlInitUnicodeString(&ObjectTypeNameU,
111  RtlInitUnicodeString(&ObjectNameU,
112  (PWSTR)ObjectName);
113 
114  Status = NtAccessCheckAndAuditAlarm(&SubsystemNameU,
115  HandleId,
116  &ObjectTypeNameU,
117  &ObjectNameU,
121  ObjectCreation,
123  &LocalAccessStatus,
124  &GenerateOnClose);
125 
126  *pfGenerateOnClose = (BOOL)GenerateOnClose;
127 
128  if (!NT_SUCCESS(Status))
129  {
131  return FALSE;
132  }
133 
134  if (!NT_SUCCESS(LocalAccessStatus))
135  {
136  *AccessStatus = FALSE;
138  return FALSE;
139  }
140 
141  *AccessStatus = TRUE;
142 
143  return TRUE;
144 }
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
#define TRUE
Definition: types.h:120
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
uint16_t * PWSTR
Definition: typedefs.h:54
LONG NTSTATUS
Definition: precomp.h:26
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
#define BOOL
Definition: nt_native.h:43
unsigned char BOOLEAN
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAccessCheckAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Definition: audit.c:1406
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
#define SetLastError(x)
Definition: compat.h:409
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ AccessCheckByTypeAndAuditAlarmA()

BOOL WINAPI AccessCheckByTypeAndAuditAlarmA ( IN LPCSTR  SubsystemName,
IN LPVOID  HandleId,
IN LPCSTR  ObjectTypeName,
IN LPCSTR  ObjectName,
IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN PSID  PrincipalSelfSid,
IN DWORD  DesiredAccess,
IN AUDIT_EVENT_TYPE  AuditType,
IN DWORD  Flags,
IN POBJECT_TYPE_LIST  ObjectTypeList,
IN DWORD  ObjectTypeListLength,
IN PGENERIC_MAPPING  GenericMapping,
IN BOOL  ObjectCreation,
OUT LPDWORD  GrantedAccess,
OUT LPBOOL  AccessStatus,
OUT LPBOOL  pfGenerateOnClose 
)

Definition at line 646 of file audit.c.

662 {
663  FIXME("%s() not implemented!\n", __FUNCTION__);
665  return FALSE;
666 }
#define FIXME(fmt,...)
Definition: debug.h:110
#define SetLastError(x)
Definition: compat.h:409
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:92
#define __FUNCTION__
Definition: types.h:112

◆ AccessCheckByTypeAndAuditAlarmW()

BOOL WINAPI AccessCheckByTypeAndAuditAlarmW ( IN LPCWSTR  SubsystemName,
IN LPVOID  HandleId,
IN LPCWSTR  ObjectTypeName,
IN LPCWSTR  ObjectName,
IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN PSID  PrincipalSelfSid,
IN DWORD  DesiredAccess,
IN AUDIT_EVENT_TYPE  AuditType,
IN DWORD  Flags,
IN POBJECT_TYPE_LIST  ObjectTypeList,
IN DWORD  ObjectTypeListLength,
IN PGENERIC_MAPPING  GenericMapping,
IN BOOL  ObjectCreation,
OUT LPDWORD  GrantedAccess,
OUT LPBOOL  AccessStatus,
OUT LPBOOL  pfGenerateOnClose 
)

Definition at line 619 of file audit.c.

635 {
636  FIXME("%s() not implemented!\n", __FUNCTION__);
638  return FALSE;
639 }
#define FIXME(fmt,...)
Definition: debug.h:110
#define SetLastError(x)
Definition: compat.h:409
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:92
#define __FUNCTION__
Definition: types.h:112

◆ AccessCheckByTypeResultListAndAuditAlarmA()

BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmA ( IN LPCSTR  SubsystemName,
IN LPVOID  HandleId,
IN LPCSTR  ObjectTypeName,
IN LPCSTR  ObjectName,
IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN PSID  PrincipalSelfSid,
IN DWORD  DesiredAccess,
IN AUDIT_EVENT_TYPE  AuditType,
IN DWORD  Flags,
IN POBJECT_TYPE_LIST  ObjectTypeList,
IN DWORD  ObjectTypeListLength,
IN PGENERIC_MAPPING  GenericMapping,
IN BOOL  ObjectCreation,
OUT LPDWORD  GrantedAccess,
OUT LPDWORD  AccessStatusList,
OUT LPBOOL  pfGenerateOnClose 
)

Definition at line 592 of file audit.c.

608 {
609  FIXME("%s() not implemented!\n", __FUNCTION__);
611  return FALSE;
612 }
#define FIXME(fmt,...)
Definition: debug.h:110
#define SetLastError(x)
Definition: compat.h:409
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:92
#define __FUNCTION__
Definition: types.h:112

◆ AccessCheckByTypeResultListAndAuditAlarmByHandleA()

BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmByHandleA ( IN LPCSTR  SubsystemName,
IN LPVOID  HandleId,
IN HANDLE  ClientToken,
IN LPCSTR  ObjectTypeName,
IN LPCSTR  ObjectName,
IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN PSID  PrincipalSelfSid,
IN DWORD  DesiredAccess,
IN AUDIT_EVENT_TYPE  AuditType,
IN DWORD  Flags,
IN POBJECT_TYPE_LIST  ObjectTypeList,
IN DWORD  ObjectTypeListLength,
IN PGENERIC_MAPPING  GenericMapping,
IN BOOL  ObjectCreation,
OUT LPDWORD  GrantedAccess,
OUT LPDWORD  AccessStatusList,
OUT LPBOOL  pfGenerateOnClose 
)

Definition at line 537 of file audit.c.

554 {
555  FIXME("%s() not implemented!\n", __FUNCTION__);
557  return FALSE;
558 }
#define FIXME(fmt,...)
Definition: debug.h:110
#define SetLastError(x)
Definition: compat.h:409
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:92
#define __FUNCTION__
Definition: types.h:112

◆ AccessCheckByTypeResultListAndAuditAlarmByHandleW()

BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmByHandleW ( IN LPCWSTR  SubsystemName,
IN LPVOID  HandleId,
IN HANDLE  ClientToken,
IN LPCWSTR  ObjectTypeName,
IN LPCWSTR  ObjectName,
IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN PSID  PrincipalSelfSid,
IN DWORD  DesiredAccess,
IN AUDIT_EVENT_TYPE  AuditType,
IN DWORD  Flags,
IN POBJECT_TYPE_LIST  ObjectTypeList,
IN DWORD  ObjectTypeListLength,
IN PGENERIC_MAPPING  GenericMapping,
IN BOOL  ObjectCreation,
OUT LPDWORD  GrantedAccess,
OUT LPDWORD  AccessStatusList,
OUT LPBOOL  pfGenerateOnClose 
)

Definition at line 509 of file audit.c.

526 {
527  FIXME("%s() not implemented!\n", __FUNCTION__);
529  return FALSE;
530 }
#define FIXME(fmt,...)
Definition: debug.h:110
#define SetLastError(x)
Definition: compat.h:409
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:92
#define __FUNCTION__
Definition: types.h:112

◆ AccessCheckByTypeResultListAndAuditAlarmW()

BOOL WINAPI AccessCheckByTypeResultListAndAuditAlarmW ( IN LPCWSTR  SubsystemName,
IN LPVOID  HandleId,
IN LPCWSTR  ObjectTypeName,
IN LPCWSTR  ObjectName,
IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN PSID  PrincipalSelfSid,
IN DWORD  DesiredAccess,
IN AUDIT_EVENT_TYPE  AuditType,
IN DWORD  Flags,
IN POBJECT_TYPE_LIST  ObjectTypeList,
IN DWORD  ObjectTypeListLength,
IN PGENERIC_MAPPING  GenericMapping,
IN BOOL  ObjectCreation,
OUT LPDWORD  GrantedAccess,
OUT LPDWORD  AccessStatusList,
OUT LPBOOL  pfGenerateOnClose 
)

Definition at line 565 of file audit.c.

581 {
582  FIXME("%s() not implemented!\n", __FUNCTION__);
584  return FALSE;
585 }
#define FIXME(fmt,...)
Definition: debug.h:110
#define SetLastError(x)
Definition: compat.h:409
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:92
#define __FUNCTION__
Definition: types.h:112

◆ ObjectCloseAuditAlarmA()

BOOL WINAPI ObjectCloseAuditAlarmA ( LPCSTR  SubsystemName,
LPVOID  HandleId,
BOOL  GenerateOnClose 
)

Definition at line 151 of file audit.c.

154 {
157 
158  if (!RtlCreateUnicodeStringFromAsciiz(&Name, SubsystemName))
159  {
161  return FALSE;
162  }
163 
165  HandleId,
168  if (!NT_SUCCESS (Status))
169  {
171  return FALSE;
172  }
173 
174  return TRUE;
175 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
struct NameRec_ * Name
Definition: cdprocs.h:464
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
NTSTATUS NTAPI NtCloseObjectAuditAlarm(PUNICODE_STRING SubsystemName, PVOID HandleId, BOOLEAN GenerateOnClose)
Definition: audit.c:859

◆ ObjectCloseAuditAlarmW()

BOOL WINAPI ObjectCloseAuditAlarmW ( LPCWSTR  SubsystemName,
LPVOID  HandleId,
BOOL  GenerateOnClose 
)

Definition at line 182 of file audit.c.

185 {
188 
190  (PWSTR)SubsystemName);
191 
193  HandleId,
195  if (!NT_SUCCESS(Status))
196  {
198  return FALSE;
199  }
200 
201  return TRUE;
202 }
#define TRUE
Definition: types.h:120
uint16_t * PWSTR
Definition: typedefs.h:54
LONG NTSTATUS
Definition: precomp.h:26
struct NameRec_ * Name
Definition: cdprocs.h:464
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
#define SetLastError(x)
Definition: compat.h:409
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
NTSTATUS NTAPI NtCloseObjectAuditAlarm(PUNICODE_STRING SubsystemName, PVOID HandleId, BOOLEAN GenerateOnClose)
Definition: audit.c:859
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

◆ ObjectDeleteAuditAlarmA()

BOOL WINAPI ObjectDeleteAuditAlarmA ( LPCSTR  SubsystemName,
LPVOID  HandleId,
BOOL  GenerateOnClose 
)

Definition at line 209 of file audit.c.

212 {
215 
216  if (!RtlCreateUnicodeStringFromAsciiz(&Name, SubsystemName))
217  {
219  return FALSE;
220  }
221 
223  HandleId,
226  if (!NT_SUCCESS(Status))
227  {
229  return FALSE;
230  }
231 
232  return TRUE;
233 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
NTSTATUS NTAPI NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN BOOLEAN GenerateOnClose)
Definition: audit.c:957
struct NameRec_ * Name
Definition: cdprocs.h:464
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)

◆ ObjectDeleteAuditAlarmW()

BOOL WINAPI ObjectDeleteAuditAlarmW ( LPCWSTR  SubsystemName,
LPVOID  HandleId,
BOOL  GenerateOnClose 
)

Definition at line 240 of file audit.c.

243 {
246 
248  (PWSTR)SubsystemName);
249 
251  HandleId,
253  if (!NT_SUCCESS(Status))
254  {
256  return FALSE;
257  }
258 
259  return TRUE;
260 }
#define TRUE
Definition: types.h:120
uint16_t * PWSTR
Definition: typedefs.h:54
LONG NTSTATUS
Definition: precomp.h:26
NTSTATUS NTAPI NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN BOOLEAN GenerateOnClose)
Definition: audit.c:957
struct NameRec_ * Name
Definition: cdprocs.h:464
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
#define SetLastError(x)
Definition: compat.h:409
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

◆ ObjectOpenAuditAlarmA()

BOOL WINAPI ObjectOpenAuditAlarmA ( LPCSTR  SubsystemName,
LPVOID  HandleId,
LPSTR  ObjectTypeName,
LPSTR  ObjectName,
PSECURITY_DESCRIPTOR  pSecurityDescriptor,
HANDLE  ClientToken,
DWORD  DesiredAccess,
DWORD  GrantedAccess,
PPRIVILEGE_SET  Privileges,
BOOL  ObjectCreation,
BOOL  AccessGranted,
LPBOOL  GenerateOnClose 
)

Definition at line 267 of file audit.c.

279 {
280  UNICODE_STRING SubsystemNameU;
281  UNICODE_STRING ObjectTypeNameU;
282  UNICODE_STRING ObjectNameU;
284 
285  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
286  (PCHAR)SubsystemName);
287  RtlCreateUnicodeStringFromAsciiz(&ObjectTypeNameU,
290  (PCHAR)ObjectName);
291 
292  Status = NtOpenObjectAuditAlarm(&SubsystemNameU,
293  HandleId,
294  &ObjectTypeNameU,
295  &ObjectNameU,
296  pSecurityDescriptor,
297  ClientToken,
300  Privileges,
301  ObjectCreation,
304  RtlFreeUnicodeString(&SubsystemNameU);
305  RtlFreeUnicodeString(&ObjectTypeNameU);
306  RtlFreeUnicodeString(&ObjectNameU);
307  if (!NT_SUCCESS(Status))
308  {
310  return FALSE;
311  }
312 
313  return TRUE;
314 }
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
signed char * PCHAR
Definition: retypes.h:7
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
char * PBOOLEAN
Definition: retypes.h:11
Status
Definition: gdiplustypes.h:24
__kernel_entry NTSTATUS NTAPI NtOpenObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK GrantedAccess, _In_opt_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose)
Definition: audit.c:1001
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ ObjectOpenAuditAlarmW()

BOOL WINAPI ObjectOpenAuditAlarmW ( LPCWSTR  SubsystemName,
LPVOID  HandleId,
LPWSTR  ObjectTypeName,
LPWSTR  ObjectName,
PSECURITY_DESCRIPTOR  pSecurityDescriptor,
HANDLE  ClientToken,
DWORD  DesiredAccess,
DWORD  GrantedAccess,
PPRIVILEGE_SET  Privileges,
BOOL  ObjectCreation,
BOOL  AccessGranted,
LPBOOL  GenerateOnClose 
)

Definition at line 321 of file audit.c.

333 {
334  UNICODE_STRING SubsystemNameU;
335  UNICODE_STRING ObjectTypeNameU;
336  UNICODE_STRING ObjectNameU;
338 
339  RtlInitUnicodeString(&SubsystemNameU,
340  (PWSTR)SubsystemName);
341  RtlInitUnicodeString(&ObjectTypeNameU,
343  RtlInitUnicodeString(&ObjectNameU,
344  (PWSTR)ObjectName);
345 
346  Status = NtOpenObjectAuditAlarm(&SubsystemNameU,
347  HandleId,
348  &ObjectTypeNameU,
349  &ObjectNameU,
350  pSecurityDescriptor,
351  ClientToken,
354  Privileges,
355  ObjectCreation,
358  if (!NT_SUCCESS(Status))
359  {
361  return FALSE;
362  }
363 
364  return TRUE;
365 }
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
#define TRUE
Definition: types.h:120
uint16_t * PWSTR
Definition: typedefs.h:54
LONG NTSTATUS
Definition: precomp.h:26
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:414
#define SetLastError(x)
Definition: compat.h:409
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
char * PBOOLEAN
Definition: retypes.h:11
Status
Definition: gdiplustypes.h:24
__kernel_entry NTSTATUS NTAPI NtOpenObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK GrantedAccess, _In_opt_ PPRIVILEGE_SET PrivilegeSet, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose)
Definition: audit.c:1001
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ ObjectPrivilegeAuditAlarmA()

BOOL WINAPI ObjectPrivilegeAuditAlarmA ( LPCSTR  SubsystemName,
LPVOID  HandleId,
HANDLE  ClientToken,
DWORD  DesiredAccess,
PPRIVILEGE_SET  Privileges,
BOOL  AccessGranted 
)

Definition at line 372 of file audit.c.

378 {
379  UNICODE_STRING SubsystemNameU;
381 
382  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
383  (PCHAR)SubsystemName);
384 
385  Status = NtPrivilegeObjectAuditAlarm(&SubsystemNameU,
386  HandleId,
387  ClientToken,
389  Privileges,
390  AccessGranted);
391  RtlFreeUnicodeString (&SubsystemNameU);
392  if (!NT_SUCCESS(Status))
393  {
395  return FALSE;
396  }
397 
398  return TRUE;
399 }
signed char * PCHAR
Definition: retypes.h:7
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
NTSTATUS NTAPI NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN HANDLE ClientToken, IN ULONG DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted)
Definition: audit.c:1390

◆ ObjectPrivilegeAuditAlarmW()

BOOL WINAPI ObjectPrivilegeAuditAlarmW ( LPCWSTR  SubsystemName,
LPVOID  HandleId,
HANDLE  ClientToken,
DWORD  DesiredAccess,
PPRIVILEGE_SET  Privileges,
BOOL  AccessGranted 
)

Definition at line 406 of file audit.c.

412 {
413  UNICODE_STRING SubsystemNameU;
415 
416  RtlInitUnicodeString(&SubsystemNameU,
417  (PWSTR)SubsystemName);
418 
419  Status = NtPrivilegeObjectAuditAlarm(&SubsystemNameU,
420  HandleId,
421  ClientToken,
423  Privileges,
424  AccessGranted);
425  if (!NT_SUCCESS(Status))
426  {
428  return FALSE;
429  }
430 
431  return TRUE;
432 }
#define TRUE
Definition: types.h:120
uint16_t * PWSTR
Definition: typedefs.h:54
LONG NTSTATUS
Definition: precomp.h:26
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:409
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN HANDLE ClientToken, IN ULONG DesiredAccess, IN PPRIVILEGE_SET Privileges, IN BOOLEAN AccessGranted)
Definition: audit.c:1390

◆ PrivilegedServiceAuditAlarmA()

BOOL WINAPI PrivilegedServiceAuditAlarmA ( LPCSTR  SubsystemName,
LPCSTR  ServiceName,
HANDLE  ClientToken,
PPRIVILEGE_SET  Privileges,
BOOL  AccessGranted 
)

Definition at line 439 of file audit.c.

444 {
445  UNICODE_STRING SubsystemNameU;
446  UNICODE_STRING ServiceNameU;
448 
449  RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
450  (PCHAR)SubsystemName);
451  RtlCreateUnicodeStringFromAsciiz(&ServiceNameU,
452  (PCHAR)ServiceName);
453 
454  Status = NtPrivilegedServiceAuditAlarm(&SubsystemNameU,
455  &ServiceNameU,
456  ClientToken,
457  Privileges,
458  AccessGranted);
459  RtlFreeUnicodeString(&SubsystemNameU);
460  RtlFreeUnicodeString(&ServiceNameU);
461  if (!NT_SUCCESS(Status))
462  {
464  return FALSE;
465  }
466 
467  return TRUE;
468 }
signed char * PCHAR
Definition: retypes.h:7
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
__kernel_entry NTSTATUS NTAPI NtPrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING SubsystemName, _In_opt_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientTokenHandle, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
Definition: audit.c:1232
LPTSTR ServiceName
Definition: ServiceMain.c:15
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414

◆ PrivilegedServiceAuditAlarmW()

BOOL WINAPI PrivilegedServiceAuditAlarmW ( LPCWSTR  SubsystemName,
LPCWSTR  ServiceName,
HANDLE  ClientToken,
PPRIVILEGE_SET  Privileges,
BOOL  AccessGranted 
)

Definition at line 475 of file audit.c.

480 {
481  UNICODE_STRING SubsystemNameU;
482  UNICODE_STRING ServiceNameU;
484 
485  RtlInitUnicodeString(&SubsystemNameU,
486  (PWSTR)SubsystemName);
487  RtlInitUnicodeString(&ServiceNameU,
488  (PWSTR)ServiceName);
489 
490  Status = NtPrivilegedServiceAuditAlarm(&SubsystemNameU,
491  &ServiceNameU,
492  ClientToken,
493  Privileges,
494  AccessGranted);
495  if (!NT_SUCCESS(Status))
496  {
498  return FALSE;
499  }
500 
501  return TRUE;
502 }
#define TRUE
Definition: types.h:120
uint16_t * PWSTR
Definition: typedefs.h:54
LONG NTSTATUS
Definition: precomp.h:26
__kernel_entry NTSTATUS NTAPI NtPrivilegedServiceAuditAlarm(_In_opt_ PUNICODE_STRING SubsystemName, _In_opt_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientTokenHandle, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
Definition: audit.c:1232
LPTSTR ServiceName
Definition: ServiceMain.c:15
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:409
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:414
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( advapi  )