1 /* 2 * authz.h 3 * 4 * Authorization Framework 5 * 6 * THIS SOFTWARE IS NOT COPYRIGHTED 7 * 8 * This source code is offered for use in the public domain. You may 9 * use, modify or distribute it freely. 10 * 11 * This code is distributed in the hope that it will be useful but 12 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY 13 * DISCLAIMED. This includes but is not limited to warranties of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 15 * 16 */ 17 #ifndef __AUTHZ_H 18 #define __AUTHZ_H 19 20 #if !defined(_AUTHZ_) 21 #define AUTHZAPI DECLSPEC_IMPORT 22 #else 23 #define AUTHZAPI 24 #endif 25 26 #ifdef __cplusplus 27 extern "C" { 28 #endif 29 30 #define AUTHZ_ACCESS_CHECK_NO_DEEP_COPY_SD 0x1 31 32 #define AUTHZ_GENERATE_SUCCESS_AUDIT 0x1 33 #define AUTHZ_GENERATE_FAILURE_AUDIT 0x2 34 35 #define AUTHZ_SKIP_TOKEN_GROUPS 0x2 36 #define AUTHZ_REQUIRE_S4U_LOGON 0x4 37 38 #define AUTHZ_NO_SUCCESS_AUDIT 0x1 39 #define AUTHZ_NO_FAILURE_AUDIT 0x2 40 #define AUTHZ_NO_ALLOC_STRINGS 0x4 41 42 #define AUTHZ_RM_FLAG_NO_AUDIT 0x1 43 #define AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION 0x2 44 45 typedef HANDLE AUTHZ_CLIENT_CONTEXT_HANDLE, *PAUTHZ_CLIENT_CONTEXT_HANDLE; 46 typedef HANDLE AUTHZ_AUDIT_INFO_HANDLE, *PAUTHZ_AUDIT_INFO_HANDLE; 47 typedef HANDLE AUTHZ_AUDIT_EVENT_HANDLE, *PAUTHZ_AUDIT_EVENT_HANDLE; 48 typedef HANDLE AUTHZ_AUDIT_EVENT_TYPE_HANDLE, *PAUTHZ_AUDIT_EVENT_TYPE_HANDLE; 49 typedef HANDLE AUTHZ_ACCESS_CHECK_RESULTS_HANDLE, *PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE; 50 typedef HANDLE AUTHZ_RESOURCE_MANAGER_HANDLE, *PAUTHZ_RESOURCE_MANAGER_HANDLE; 51 typedef HANDLE AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE, *PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE; 52 53 #if !defined(_ADTGEN_H) 54 /* FIXME - AUDIT_PARAMS is defined in adtgen.h!!!!! */ 55 typedef PVOID PAUDIT_PARAMS; 56 #endif 57 58 typedef enum _AUTHZ_CONTEXT_INFORMATION_CLASS 59 { 60 AuthzContextInfoUserSid = 1, 61 AuthzContextInfoGroupsSids, 62 AuthzContextInfoRestrictedSids, 63 AuthzContextInfoPrivileges, 64 AuthzContextInfoExpirationTime, 65 AuthzContextInfoServerContext, 66 AuthzContextInfoIdentifier, 67 AuthzContextInfoSource, 68 AuthzContextInfoAll, 69 AuthzContextInfoAuthenticationId 70 } AUTHZ_CONTEXT_INFORMATION_CLASS, *PAUTHZ_CONTEXT_INFORMATION_CLASS; 71 72 typedef struct _AUTHZ_ACCESS_REQUEST 73 { 74 ACCESS_MASK DesiredAccess; 75 PSID PrincipalSelfSid; 76 POBJECT_TYPE_LIST ObjectTypeList; 77 DWORD ObjectTypeListLength; 78 PVOID OptionalArguments; 79 } AUTHZ_ACCESS_REQUEST, *PAUTHZ_ACCESS_REQUEST; 80 81 typedef struct _AUTHZ_ACCESS_REPLY 82 { 83 DWORD ResultListLength; 84 PACCESS_MASK GrantedAccessMask; 85 PDWORD SaclEvaluationResults; 86 PDWORD Error; 87 } AUTHZ_ACCESS_REPLY, *PAUTHZ_ACCESS_REPLY; 88 89 typedef struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET 90 { 91 PWSTR szObjectTypeName; 92 DWORD dwOffset; 93 } AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET, *PAUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET; 94 95 typedef struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION 96 { 97 DWORD dwFlags; 98 PWSTR szEventSourceName; 99 PWSTR szEventMessageFile; 100 PWSTR szEventSourceXmlSchemaFile; 101 PWSTR szEventAccessStringsFile; 102 PWSTR szExecutableImagePath; 103 PVOID pReserved; 104 DWORD dwObjectTypeNameCount; 105 AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET ObjectTypeNames[ANYSIZE_ARRAY]; 106 } AUTHZ_SOURCE_SCHEMA_REGISTRATION, *PAUTHZ_SOURCE_SCHEMA_REGISTRATION; 107 108 typedef BOOL (CALLBACK *PFN_AUTHZ_DYNAMIC_ACCESS_CHECK)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, 109 IN PACE_HEADER pAce, 110 IN PVOID pArgs OPTIONAL, 111 IN OUT PBOOL pbAceApplicable); 112 113 typedef BOOL (CALLBACK *PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, 114 IN PVOID Args, 115 OUT PSID_AND_ATTRIBUTES* pSidAttrArray, 116 OUT PDWORD pSidCount, 117 OUT PSID_AND_ATTRIBUTES* pRestrictedSidAttrArray, 118 OUT PDWORD pRestrictedSidCount); 119 120 typedef VOID (CALLBACK *PFN_AUTHZ_FREE_DYNAMIC_GROUPS)(IN PSID_AND_ATTRIBUTES pSidAttrArray); 121 122 AUTHZAPI 123 BOOL 124 WINAPI 125 AuthzAccessCheck(IN DWORD flags, 126 IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext, 127 IN PAUTHZ_ACCESS_REQUEST pRequest, 128 IN AUTHZ_AUDIT_INFO_HANDLE AuditInfo, 129 IN PSECURITY_DESCRIPTOR pSecurityDescriptor, 130 IN PSECURITY_DESCRIPTOR* OptionalSecurityDescriptorArray, 131 IN DWORD OptionalSecurityDescriptorCount OPTIONAL, 132 IN OUT PAUTHZ_ACCESS_REPLY pReply, 133 OUT PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE pAuthzHandle); 134 135 AUTHZAPI 136 BOOL 137 WINAPI 138 AuthzAddSidsToContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE OrigClientContext, 139 IN PSID_AND_ATTRIBUTES Sids, 140 IN DWORD SidCount, 141 IN PSID_AND_ATTRIBUTES RestrictedSids, 142 IN DWORD RestrictedSidCount, 143 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pNewClientContext); 144 145 AUTHZAPI 146 BOOL 147 WINAPI 148 AuthzCachedAccessCheck(IN DWORD Flags, 149 IN AUTHZ_ACCESS_CHECK_RESULTS_HANDLE AuthzHandle, 150 IN PAUTHZ_ACCESS_REQUEST pRequest, 151 IN AUTHZ_AUDIT_EVENT_HANDLE AuditInfo, 152 OUT PAUTHZ_ACCESS_REPLY pReply); 153 154 AUTHZAPI 155 BOOL 156 WINAPI 157 AuthzEnumerateSecurityEventSources(IN DWORD dwFlags, 158 OUT PAUTHZ_SOURCE_SCHEMA_REGISTRATION Buffer, 159 OUT PDWORD pdwCount, 160 IN OUT PDWORD pdwLength); 161 162 AUTHZAPI 163 BOOL 164 WINAPI 165 AuthzFreeAuditEvent(IN AUTHZ_AUDIT_EVENT_HANDLE pAuditEventInfo); 166 167 AUTHZAPI 168 BOOL 169 WINAPI 170 AuthzFreeContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext); 171 172 AUTHZAPI 173 BOOL 174 WINAPI 175 AuthzFreeHandle(IN AUTHZ_ACCESS_CHECK_RESULTS_HANDLE AuthzHandle); 176 177 AUTHZAPI 178 BOOL 179 WINAPI 180 AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager); 181 182 AUTHZAPI 183 BOOL 184 WINAPI 185 AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, 186 IN AUTHZ_CONTEXT_INFORMATION_CLASS InfoClass, 187 IN DWORD BufferSize, 188 OUT PDWORD pSizeRequired, 189 OUT PVOID Buffer); 190 191 AUTHZAPI 192 BOOL 193 WINAPI 194 AuthzInitializeContextFromAuthzContext(IN DWORD flags, 195 IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzHandle, 196 IN PLARGE_INTEGER ExpirationTime, 197 IN LUID Identifier, 198 IN PVOID DynamicGroupArgs, 199 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE phNewAuthzHandle); 200 201 AUTHZAPI 202 BOOL 203 WINAPI 204 AuthzInitializeContextFromSid(IN DWORD Flags, 205 IN PSID UserSid, 206 IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager, 207 IN PLARGE_INTEGER pExpirationTime, 208 IN LUID Identifier, 209 IN PVOID DynamicGroupArgs, 210 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext); 211 212 AUTHZAPI 213 BOOL 214 WINAPI 215 AuthzInitializeContextFromToken(IN DWORD Flags, 216 IN HANDLE TokenHandle, 217 IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager, 218 IN PLARGE_INTEGER pExpirationTime, 219 IN LUID Identifier, 220 IN PVOID DynamicGroupArgs, 221 OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext); 222 223 AUTHZAPI 224 BOOL 225 WINAPIV 226 AuthzInitializeObjectAccessAuditEvent(IN DWORD Flags, 227 IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType, 228 IN PWSTR szOperationType, 229 IN PWSTR szObjectType, 230 IN PWSTR szObjectName, 231 IN PWSTR szAdditionalInfo, 232 OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent, 233 IN DWORD dwAdditionalParameterCount, 234 ...); 235 236 AUTHZAPI 237 BOOL 238 WINAPIV 239 AuthzInitializeObjectAccessAuditEvent2(IN DWORD Flags, 240 IN AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAuditEventType, 241 IN PWSTR szOperationType, 242 IN PWSTR szObjectType, 243 IN PWSTR szObjectName, 244 IN PWSTR szAdditionalInfo, 245 IN PWSTR szAdditionalInfo2, 246 OUT PAUTHZ_AUDIT_EVENT_HANDLE phAuditEvent, 247 IN DWORD dwAdditionalParameterCount, 248 ...); 249 250 AUTHZAPI 251 BOOL 252 WINAPI 253 AuthzInitializeResourceManager(IN DWORD flags, 254 IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck, 255 IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups, 256 IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups, 257 IN PCWSTR ResourceManagerName, 258 IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager); 259 260 AUTHZAPI 261 BOOL 262 WINAPI 263 AuthzInstallSecurityEventSource(IN DWORD dwFlags, 264 IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION pRegistration); 265 266 AUTHZAPI 267 BOOL 268 WINAPI 269 AuthzOpenObjectAudit(IN DWORD Flags, 270 IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, 271 IN PAUTHZ_ACCESS_REQUEST pRequest, 272 IN AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent, 273 IN PSECURITY_DESCRIPTOR pSecurityDescriptor, 274 IN PSECURITY_DESCRIPTOR* SecurityDescriptorArray, 275 IN DWORD SecurityDescriptorCount, 276 OUT PAUTHZ_ACCESS_REPLY pReply); 277 278 AUTHZAPI 279 BOOL 280 WINAPI 281 AuthzRegisterSecurityEventSource(IN DWORD dwFlags, 282 IN PCWSTR szEventSourceName, 283 IN PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider); 284 285 AUTHZAPI 286 BOOL 287 WINAPIV 288 AuthzReportSecurityEvent(IN DWORD dwFlags, 289 IN AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, 290 IN DWORD dwAuditId, 291 IN PSID pUserSid OPTIONAL, 292 IN DWORD dwCount, 293 ...); 294 295 AUTHZAPI 296 BOOL 297 WINAPI 298 AuthzReportSecurityEventFromParams(IN DWORD dwFlags, 299 IN AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, 300 IN DWORD dwAuditId, 301 IN PSID pUserSid OPTIONAL, 302 IN PAUDIT_PARAMS pParams); 303 304 AUTHZAPI 305 BOOL 306 WINAPI 307 AuthzUninstallSecurityEventSource(IN DWORD dwFlags, 308 IN PWSTR szEventSourceName); 309 310 AUTHZAPI 311 BOOL 312 WINAPI 313 AuthzUnregisterSecurityEventSource(IN DWORD dwFlags, 314 IN OUT PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider); 315 316 #ifdef __cplusplus 317 } 318 #endif 319 #endif /* __AUTHZ_H */ 320