2005-01-06 13:58:04 +00:00
|
|
|
/* $Id$
|
2003-07-20 00:04:06 +00:00
|
|
|
*
|
|
|
|
* COPYRIGHT: See COPYING in the top level directory
|
|
|
|
* PROJECT: ReactOS system libraries
|
|
|
|
* FILE: lib/advapi32/sec/audit.c
|
|
|
|
* PURPOSE: Audit functions
|
2010-01-09 22:43:16 +00:00
|
|
|
* PROGRAMMER: Eric Kohl
|
2003-07-20 00:04:06 +00:00
|
|
|
* UPDATE HISTORY:
|
|
|
|
* Created 07/19/2003
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* INCLUDES *****************************************************************/
|
|
|
|
|
2005-08-05 10:31:28 +00:00
|
|
|
#include <advapi32.h>
|
2008-02-08 17:04:39 +00:00
|
|
|
#include <wine/debug.h>
|
2003-07-20 00:04:06 +00:00
|
|
|
|
2008-02-08 17:04:39 +00:00
|
|
|
WINE_DEFAULT_DEBUG_CHANNEL(advapi);
|
2003-07-20 00:04:06 +00:00
|
|
|
|
|
|
|
/* FUNCTIONS ****************************************************************/
|
|
|
|
|
2003-07-20 22:11:58 +00:00
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
AccessCheckAndAuditAlarmA(LPCSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
LPSTR ObjectTypeName,
|
|
|
|
LPSTR ObjectName,
|
|
|
|
PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
|
|
DWORD DesiredAccess,
|
|
|
|
PGENERIC_MAPPING GenericMapping,
|
|
|
|
BOOL ObjectCreation,
|
|
|
|
LPDWORD GrantedAccess,
|
|
|
|
LPBOOL AccessStatus,
|
|
|
|
LPBOOL pfGenerateOnClose)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
UNICODE_STRING ObjectTypeNameU;
|
|
|
|
UNICODE_STRING ObjectNameU;
|
|
|
|
NTSTATUS LocalAccessStatus;
|
|
|
|
BOOLEAN GenerateOnClose;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
|
|
|
|
(PCHAR)SubsystemName);
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&ObjectTypeNameU,
|
|
|
|
(PCHAR)ObjectTypeName);
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&ObjectNameU,
|
|
|
|
(PCHAR)ObjectName);
|
|
|
|
|
|
|
|
Status = NtAccessCheckAndAuditAlarm(&SubsystemNameU,
|
|
|
|
HandleId,
|
|
|
|
&ObjectTypeNameU,
|
|
|
|
&ObjectNameU,
|
|
|
|
SecurityDescriptor,
|
|
|
|
DesiredAccess,
|
|
|
|
GenericMapping,
|
|
|
|
ObjectCreation,
|
|
|
|
GrantedAccess,
|
|
|
|
&LocalAccessStatus,
|
|
|
|
&GenerateOnClose);
|
|
|
|
RtlFreeUnicodeString(&SubsystemNameU);
|
|
|
|
RtlFreeUnicodeString(&ObjectTypeNameU);
|
|
|
|
RtlFreeUnicodeString(&ObjectNameU);
|
|
|
|
|
|
|
|
*pfGenerateOnClose = (BOOL)GenerateOnClose;
|
|
|
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
if (!NT_SUCCESS (LocalAccessStatus))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
*AccessStatus = FALSE;
|
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
*AccessStatus = TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
AccessCheckAndAuditAlarmW(LPCWSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
LPWSTR ObjectTypeName,
|
|
|
|
LPWSTR ObjectName,
|
|
|
|
PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
|
|
DWORD DesiredAccess,
|
|
|
|
PGENERIC_MAPPING GenericMapping,
|
|
|
|
BOOL ObjectCreation,
|
|
|
|
LPDWORD GrantedAccess,
|
|
|
|
LPBOOL AccessStatus,
|
|
|
|
LPBOOL pfGenerateOnClose)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
UNICODE_STRING ObjectTypeNameU;
|
|
|
|
UNICODE_STRING ObjectNameU;
|
|
|
|
NTSTATUS LocalAccessStatus;
|
|
|
|
BOOLEAN GenerateOnClose;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlInitUnicodeString(&SubsystemNameU,
|
|
|
|
(PWSTR)SubsystemName);
|
|
|
|
RtlInitUnicodeString(&ObjectTypeNameU,
|
|
|
|
(PWSTR)ObjectTypeName);
|
|
|
|
RtlInitUnicodeString(&ObjectNameU,
|
|
|
|
(PWSTR)ObjectName);
|
|
|
|
|
|
|
|
Status = NtAccessCheckAndAuditAlarm(&SubsystemNameU,
|
|
|
|
HandleId,
|
|
|
|
&ObjectTypeNameU,
|
|
|
|
&ObjectNameU,
|
|
|
|
SecurityDescriptor,
|
|
|
|
DesiredAccess,
|
|
|
|
GenericMapping,
|
|
|
|
ObjectCreation,
|
|
|
|
GrantedAccess,
|
|
|
|
&LocalAccessStatus,
|
|
|
|
&GenerateOnClose);
|
|
|
|
|
|
|
|
*pfGenerateOnClose = (BOOL)GenerateOnClose;
|
|
|
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
if (!NT_SUCCESS(LocalAccessStatus))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
*AccessStatus = FALSE;
|
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
*AccessStatus = TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2003-07-20 00:04:06 +00:00
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectCloseAuditAlarmA(LPCSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
BOOL GenerateOnClose)
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING Name;
|
|
|
|
NTSTATUS Status;
|
2003-07-20 00:04:06 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
Status = RtlCreateUnicodeStringFromAsciiz(&Name,
|
|
|
|
(PCHAR)SubsystemName);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
Status = NtCloseObjectAuditAlarm(&Name,
|
|
|
|
HandleId,
|
|
|
|
GenerateOnClose);
|
|
|
|
RtlFreeUnicodeString(&Name);
|
|
|
|
if (!NT_SUCCESS (Status))
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
|
2003-07-20 00:04:06 +00:00
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectCloseAuditAlarmW(LPCWSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
BOOL GenerateOnClose)
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING Name;
|
|
|
|
NTSTATUS Status;
|
2003-07-20 00:04:06 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
RtlInitUnicodeString(&Name,
|
|
|
|
(PWSTR)SubsystemName);
|
2003-07-20 00:04:06 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
Status = NtCloseObjectAuditAlarm(&Name,
|
|
|
|
HandleId,
|
|
|
|
GenerateOnClose);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectDeleteAuditAlarmA(LPCSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
BOOL GenerateOnClose)
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING Name;
|
|
|
|
NTSTATUS Status;
|
2003-07-20 00:04:06 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
Status = RtlCreateUnicodeStringFromAsciiz(&Name,
|
|
|
|
(PCHAR)SubsystemName);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
Status = NtDeleteObjectAuditAlarm(&Name,
|
|
|
|
HandleId,
|
|
|
|
GenerateOnClose);
|
|
|
|
RtlFreeUnicodeString(&Name);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectDeleteAuditAlarmW(LPCWSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
BOOL GenerateOnClose)
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING Name;
|
|
|
|
NTSTATUS Status;
|
2003-07-20 00:04:06 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
RtlInitUnicodeString(&Name,
|
|
|
|
(PWSTR)SubsystemName);
|
2003-07-20 00:04:06 +00:00
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
Status = NtDeleteObjectAuditAlarm(&Name,
|
|
|
|
HandleId,
|
|
|
|
GenerateOnClose);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 00:04:06 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 00:04:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2003-07-20 22:11:58 +00:00
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectOpenAuditAlarmA(LPCSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
LPSTR ObjectTypeName,
|
|
|
|
LPSTR ObjectName,
|
|
|
|
PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
HANDLE ClientToken,
|
|
|
|
DWORD DesiredAccess,
|
|
|
|
DWORD GrantedAccess,
|
|
|
|
PPRIVILEGE_SET Privileges,
|
|
|
|
BOOL ObjectCreation,
|
|
|
|
BOOL AccessGranted,
|
|
|
|
LPBOOL GenerateOnClose)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
UNICODE_STRING ObjectTypeNameU;
|
|
|
|
UNICODE_STRING ObjectNameU;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
|
|
|
|
(PCHAR)SubsystemName);
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&ObjectTypeNameU,
|
|
|
|
(PCHAR)ObjectTypeName);
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&ObjectNameU,
|
|
|
|
(PCHAR)ObjectName);
|
|
|
|
|
|
|
|
Status = NtOpenObjectAuditAlarm(&SubsystemNameU,
|
|
|
|
HandleId,
|
|
|
|
&ObjectTypeNameU,
|
|
|
|
&ObjectNameU,
|
|
|
|
pSecurityDescriptor,
|
|
|
|
ClientToken,
|
|
|
|
DesiredAccess,
|
|
|
|
GrantedAccess,
|
|
|
|
Privileges,
|
|
|
|
ObjectCreation,
|
|
|
|
AccessGranted,
|
|
|
|
(PBOOLEAN)GenerateOnClose);
|
|
|
|
RtlFreeUnicodeString(&SubsystemNameU);
|
|
|
|
RtlFreeUnicodeString(&ObjectTypeNameU);
|
|
|
|
RtlFreeUnicodeString(&ObjectNameU);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectOpenAuditAlarmW(LPCWSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
LPWSTR ObjectTypeName,
|
|
|
|
LPWSTR ObjectName,
|
|
|
|
PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
HANDLE ClientToken,
|
|
|
|
DWORD DesiredAccess,
|
|
|
|
DWORD GrantedAccess,
|
|
|
|
PPRIVILEGE_SET Privileges,
|
|
|
|
BOOL ObjectCreation,
|
|
|
|
BOOL AccessGranted,
|
|
|
|
LPBOOL GenerateOnClose)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
UNICODE_STRING ObjectTypeNameU;
|
|
|
|
UNICODE_STRING ObjectNameU;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlInitUnicodeString(&SubsystemNameU,
|
|
|
|
(PWSTR)SubsystemName);
|
|
|
|
RtlInitUnicodeString(&ObjectTypeNameU,
|
|
|
|
(PWSTR)ObjectTypeName);
|
|
|
|
RtlInitUnicodeString(&ObjectNameU,
|
|
|
|
(PWSTR)ObjectName);
|
|
|
|
|
|
|
|
Status = NtOpenObjectAuditAlarm(&SubsystemNameU,
|
|
|
|
HandleId,
|
|
|
|
&ObjectTypeNameU,
|
|
|
|
&ObjectNameU,
|
|
|
|
pSecurityDescriptor,
|
|
|
|
ClientToken,
|
|
|
|
DesiredAccess,
|
|
|
|
GrantedAccess,
|
|
|
|
Privileges,
|
|
|
|
ObjectCreation,
|
|
|
|
AccessGranted,
|
|
|
|
(PBOOLEAN)GenerateOnClose);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectPrivilegeAuditAlarmA(LPCSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
HANDLE ClientToken,
|
|
|
|
DWORD DesiredAccess,
|
|
|
|
PPRIVILEGE_SET Privileges,
|
|
|
|
BOOL AccessGranted)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
|
|
|
|
(PCHAR)SubsystemName);
|
|
|
|
|
|
|
|
Status = NtPrivilegeObjectAuditAlarm(&SubsystemNameU,
|
|
|
|
HandleId,
|
|
|
|
ClientToken,
|
|
|
|
DesiredAccess,
|
|
|
|
Privileges,
|
|
|
|
AccessGranted);
|
|
|
|
RtlFreeUnicodeString (&SubsystemNameU);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
ObjectPrivilegeAuditAlarmW(LPCWSTR SubsystemName,
|
|
|
|
LPVOID HandleId,
|
|
|
|
HANDLE ClientToken,
|
|
|
|
DWORD DesiredAccess,
|
|
|
|
PPRIVILEGE_SET Privileges,
|
|
|
|
BOOL AccessGranted)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlInitUnicodeString(&SubsystemNameU,
|
|
|
|
(PWSTR)SubsystemName);
|
|
|
|
|
|
|
|
Status = NtPrivilegeObjectAuditAlarm(&SubsystemNameU,
|
|
|
|
HandleId,
|
|
|
|
ClientToken,
|
|
|
|
DesiredAccess,
|
|
|
|
Privileges,
|
|
|
|
AccessGranted);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
PrivilegedServiceAuditAlarmA(LPCSTR SubsystemName,
|
|
|
|
LPCSTR ServiceName,
|
|
|
|
HANDLE ClientToken,
|
|
|
|
PPRIVILEGE_SET Privileges,
|
|
|
|
BOOL AccessGranted)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
UNICODE_STRING ServiceNameU;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&SubsystemNameU,
|
|
|
|
(PCHAR)SubsystemName);
|
|
|
|
RtlCreateUnicodeStringFromAsciiz(&ServiceNameU,
|
|
|
|
(PCHAR)ServiceName);
|
|
|
|
|
|
|
|
Status = NtPrivilegedServiceAuditAlarm(&SubsystemNameU,
|
|
|
|
&ServiceNameU,
|
|
|
|
ClientToken,
|
|
|
|
Privileges,
|
|
|
|
AccessGranted);
|
|
|
|
RtlFreeUnicodeString(&SubsystemNameU);
|
|
|
|
RtlFreeUnicodeString(&ServiceNameU);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2008-09-21 13:55:53 +00:00
|
|
|
PrivilegedServiceAuditAlarmW(LPCWSTR SubsystemName,
|
|
|
|
LPCWSTR ServiceName,
|
|
|
|
HANDLE ClientToken,
|
|
|
|
PPRIVILEGE_SET Privileges,
|
|
|
|
BOOL AccessGranted)
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
UNICODE_STRING SubsystemNameU;
|
|
|
|
UNICODE_STRING ServiceNameU;
|
|
|
|
NTSTATUS Status;
|
|
|
|
|
|
|
|
RtlInitUnicodeString(&SubsystemNameU,
|
|
|
|
(PWSTR)SubsystemName);
|
|
|
|
RtlInitUnicodeString(&ServiceNameU,
|
|
|
|
(PWSTR)ServiceName);
|
|
|
|
|
|
|
|
Status = NtPrivilegedServiceAuditAlarm(&SubsystemNameU,
|
|
|
|
&ServiceNameU,
|
|
|
|
ClientToken,
|
|
|
|
Privileges,
|
|
|
|
AccessGranted);
|
|
|
|
if (!NT_SUCCESS(Status))
|
2003-07-20 22:11:58 +00:00
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
SetLastError(RtlNtStatusToDosError(Status));
|
|
|
|
return FALSE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2008-09-21 13:55:53 +00:00
|
|
|
return TRUE;
|
2003-07-20 22:11:58 +00:00
|
|
|
}
|
|
|
|
|
2005-10-21 13:45:48 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* @unimplemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2005-10-21 13:45:48 +00:00
|
|
|
AccessCheckByTypeResultListAndAuditAlarmByHandleW(IN LPCWSTR SubsystemName,
|
|
|
|
IN LPVOID HandleId,
|
|
|
|
IN HANDLE ClientToken,
|
|
|
|
IN LPCWSTR ObjectTypeName,
|
|
|
|
IN LPCWSTR ObjectName,
|
|
|
|
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
IN PSID PrincipalSelfSid,
|
|
|
|
IN DWORD DesiredAccess,
|
|
|
|
IN AUDIT_EVENT_TYPE AuditType,
|
|
|
|
IN DWORD Flags,
|
|
|
|
IN POBJECT_TYPE_LIST ObjectTypeList,
|
|
|
|
IN DWORD ObjectTypeListLength,
|
|
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
|
|
IN BOOL ObjectCreation,
|
|
|
|
OUT LPDWORD GrantedAccess,
|
|
|
|
OUT LPDWORD AccessStatusList,
|
|
|
|
OUT LPBOOL pfGenerateOnClose)
|
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
FIXME("%s() not implemented!\n", __FUNCTION__);
|
|
|
|
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
|
|
|
|
return FALSE;
|
2005-10-21 13:45:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @unimplemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2005-10-21 13:45:48 +00:00
|
|
|
AccessCheckByTypeResultListAndAuditAlarmByHandleA(IN LPCSTR SubsystemName,
|
|
|
|
IN LPVOID HandleId,
|
|
|
|
IN HANDLE ClientToken,
|
|
|
|
IN LPCSTR ObjectTypeName,
|
|
|
|
IN LPCSTR ObjectName,
|
|
|
|
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
IN PSID PrincipalSelfSid,
|
|
|
|
IN DWORD DesiredAccess,
|
|
|
|
IN AUDIT_EVENT_TYPE AuditType,
|
|
|
|
IN DWORD Flags,
|
|
|
|
IN POBJECT_TYPE_LIST ObjectTypeList,
|
|
|
|
IN DWORD ObjectTypeListLength,
|
|
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
|
|
IN BOOL ObjectCreation,
|
|
|
|
OUT LPDWORD GrantedAccess,
|
|
|
|
OUT LPDWORD AccessStatusList,
|
|
|
|
OUT LPBOOL pfGenerateOnClose)
|
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
FIXME("%s() not implemented!\n", __FUNCTION__);
|
|
|
|
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
|
|
|
|
return FALSE;
|
2005-10-21 13:45:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @unimplemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2005-10-21 13:45:48 +00:00
|
|
|
AccessCheckByTypeResultListAndAuditAlarmW(IN LPCWSTR SubsystemName,
|
|
|
|
IN LPVOID HandleId,
|
|
|
|
IN LPCWSTR ObjectTypeName,
|
|
|
|
IN LPCWSTR ObjectName,
|
|
|
|
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
IN PSID PrincipalSelfSid,
|
|
|
|
IN DWORD DesiredAccess,
|
|
|
|
IN AUDIT_EVENT_TYPE AuditType,
|
|
|
|
IN DWORD Flags,
|
|
|
|
IN POBJECT_TYPE_LIST ObjectTypeList,
|
|
|
|
IN DWORD ObjectTypeListLength,
|
|
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
|
|
IN BOOL ObjectCreation,
|
|
|
|
OUT LPDWORD GrantedAccess,
|
|
|
|
OUT LPDWORD AccessStatusList,
|
|
|
|
OUT LPBOOL pfGenerateOnClose)
|
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
FIXME("%s() not implemented!\n", __FUNCTION__);
|
|
|
|
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
|
|
|
|
return FALSE;
|
2005-10-21 13:45:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @unimplemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2005-10-21 13:45:48 +00:00
|
|
|
AccessCheckByTypeResultListAndAuditAlarmA(IN LPCSTR SubsystemName,
|
|
|
|
IN LPVOID HandleId,
|
|
|
|
IN LPCSTR ObjectTypeName,
|
|
|
|
IN LPCSTR ObjectName,
|
|
|
|
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
IN PSID PrincipalSelfSid,
|
|
|
|
IN DWORD DesiredAccess,
|
|
|
|
IN AUDIT_EVENT_TYPE AuditType,
|
|
|
|
IN DWORD Flags,
|
|
|
|
IN POBJECT_TYPE_LIST ObjectTypeList,
|
|
|
|
IN DWORD ObjectTypeListLength,
|
|
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
|
|
IN BOOL ObjectCreation,
|
|
|
|
OUT LPDWORD GrantedAccess,
|
|
|
|
OUT LPDWORD AccessStatusList,
|
|
|
|
OUT LPBOOL pfGenerateOnClose)
|
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
FIXME("%s() not implemented!\n", __FUNCTION__);
|
|
|
|
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
|
|
|
|
return FALSE;
|
2005-10-21 13:45:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @unimplemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2005-10-21 13:45:48 +00:00
|
|
|
AccessCheckByTypeAndAuditAlarmW(IN LPCWSTR SubsystemName,
|
|
|
|
IN LPVOID HandleId,
|
|
|
|
IN LPCWSTR ObjectTypeName,
|
|
|
|
IN LPCWSTR ObjectName,
|
|
|
|
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
IN PSID PrincipalSelfSid,
|
|
|
|
IN DWORD DesiredAccess,
|
|
|
|
IN AUDIT_EVENT_TYPE AuditType,
|
|
|
|
IN DWORD Flags,
|
|
|
|
IN POBJECT_TYPE_LIST ObjectTypeList,
|
|
|
|
IN DWORD ObjectTypeListLength,
|
|
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
|
|
IN BOOL ObjectCreation,
|
|
|
|
OUT LPDWORD GrantedAccess,
|
|
|
|
OUT LPBOOL AccessStatus,
|
|
|
|
OUT LPBOOL pfGenerateOnClose)
|
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
FIXME("%s() not implemented!\n", __FUNCTION__);
|
|
|
|
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
|
|
|
|
return FALSE;
|
2005-10-21 13:45:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @unimplemented
|
|
|
|
*/
|
2008-11-30 11:42:05 +00:00
|
|
|
BOOL WINAPI
|
2005-10-21 13:45:48 +00:00
|
|
|
AccessCheckByTypeAndAuditAlarmA(IN LPCSTR SubsystemName,
|
|
|
|
IN LPVOID HandleId,
|
|
|
|
IN LPCSTR ObjectTypeName,
|
|
|
|
IN LPCSTR ObjectName,
|
|
|
|
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
|
|
|
IN PSID PrincipalSelfSid,
|
|
|
|
IN DWORD DesiredAccess,
|
|
|
|
IN AUDIT_EVENT_TYPE AuditType,
|
|
|
|
IN DWORD Flags,
|
|
|
|
IN POBJECT_TYPE_LIST ObjectTypeList,
|
|
|
|
IN DWORD ObjectTypeListLength,
|
|
|
|
IN PGENERIC_MAPPING GenericMapping,
|
|
|
|
IN BOOL ObjectCreation,
|
|
|
|
OUT LPDWORD GrantedAccess,
|
|
|
|
OUT LPBOOL AccessStatus,
|
|
|
|
OUT LPBOOL pfGenerateOnClose)
|
|
|
|
{
|
2008-09-21 13:55:53 +00:00
|
|
|
FIXME("%s() not implemented!\n", __FUNCTION__);
|
|
|
|
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
|
|
|
|
return FALSE;
|
2005-10-21 13:45:48 +00:00
|
|
|
}
|
|
|
|
|
2003-07-20 00:04:06 +00:00
|
|
|
/* EOF */
|