Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-08-07 19:58:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implemented missing audit functions.

Browse source 
svn path=/trunk/; revision=5193
This commit is contained in:
Eric Kohl 2003-07-20 22:11:58 +00:00
parent 54fd76554e
commit 537b19a1a3
2 changed files with 380 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
reactos/lib/advapi32/advapi32.edf
View file

@ -1,4 +1,4 @@
; $Id: advapi32.edf,v 1.22 2003/07/20 15:16:51 ekohl Exp $
; $Id: advapi32.edf,v 1.23 2003/07/20 22:11:41 ekohl Exp $
;
; advapi32.edf
;
@ -11,8 +11,8 @@ EXPORTS
AbortSystemShutdownA=AbortSystemShutdownA@4
AbortSystemShutdownW=AbortSystemShutdownW@4
AccessCheck=AccessCheck@32
;AccessCheckAndAuditAlarmA=AccessCheckAndAuditAlarmA@44
;AccessCheckAndAuditAlarmW=AccessCheckAndAuditAlarmW@44
AccessCheckAndAuditAlarmA=AccessCheckAndAuditAlarmA@44
AccessCheckAndAuditAlarmW=AccessCheckAndAuditAlarmW@44
AddAccessAllowedAce=AddAccessAllowedAce@16
AddAccessDeniedAce=AddAccessDeniedAce@16
AddAce=AddAce@20
@ -274,10 +274,10 @@ ObjectCloseAuditAlarmA=ObjectCloseAuditAlarmA@12
ObjectCloseAuditAlarmW=ObjectCloseAuditAlarmW@12
ObjectDeleteAuditAlarmA=ObjectDeleteAuditAlarmA@12
ObjectDeleteAuditAlarmW=ObjectDeleteAuditAlarmW@12
;ObjectOpenAuditAlarmA=ObjectOpenAuditAlarmA@48
;ObjectOpenAuditAlarmW=ObjectOpenAuditAlarmW@48
;ObjectPrivilegeAuditAlarmA=ObjectPrivilegeAuditAlarmA@24
;ObjectPrivilegeAuditAlarmW=ObjectPrivilegeAuditAlarmW@24
ObjectOpenAuditAlarmA=ObjectOpenAuditAlarmA@48
ObjectOpenAuditAlarmW=ObjectOpenAuditAlarmW@48
ObjectPrivilegeAuditAlarmA=ObjectPrivilegeAuditAlarmA@24
ObjectPrivilegeAuditAlarmW=ObjectPrivilegeAuditAlarmW@24
;OpenBackupEventLogA=OpenBackupEventLogA@8
;OpenBackupEventLogW=OpenBackupEventLogW@8
;OpenEventLogA=OpenEventLogA@8
@ -289,8 +289,8 @@ OpenServiceA=OpenServiceA@12
OpenServiceW=OpenServiceW@12
OpenThreadToken=OpenThreadToken@16
PrivilegeCheck=PrivilegeCheck@12
;PrivilegedServiceAuditAlarmA=PrivilegedServiceAuditAlarmA@20
;PrivilegedServiceAuditAlarmW=PrivilegedServiceAuditAlarmW@20
PrivilegedServiceAuditAlarmA=PrivilegedServiceAuditAlarmA@20
PrivilegedServiceAuditAlarmW=PrivilegedServiceAuditAlarmW@20
;ProvAccessRightsToNTAccessMask=ProvAccessRightsToNTAccessMask@8
QueryServiceConfigA=QueryServiceConfigA@16
QueryServiceConfigW=QueryServiceConfigW@16

372
reactos/lib/advapi32/sec/audit.c
View file

@ -1,4 +1,4 @@
/* $Id: audit.c,v 1.1 2003/07/20 00:03:40 ekohl Exp $
/* $Id: audit.c,v 1.2 2003/07/20 22:11:58 ekohl Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS system libraries
@ -18,6 +18,135 @@
/* FUNCTIONS ****************************************************************/
/*
* @implemented
*/
BOOL STDCALL
AccessCheckAndAuditAlarmA (LPCSTR SubsystemName,
LPVOID HandleId,
LPSTR ObjectTypeName,
LPSTR ObjectName,
PSECURITY_DESCRIPTOR SecurityDescriptor,
DWORD DesiredAccess,
PGENERIC_MAPPING GenericMapping,
BOOL ObjectCreation,
LPDWORD GrantedAccess,
LPBOOL AccessStatus,
LPBOOL pfGenerateOnClose)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ObjectTypeNameU;
UNICODE_STRING ObjectNameU;
NTSTATUS LocalAccessStatus;
BOOLEAN GenerateOnClose;
NTSTATUS Status;
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
(PCHAR)SubsystemName);
RtlCreateUnicodeStringFromAsciiz (&ObjectTypeNameU,
(PCHAR)ObjectTypeName);
RtlCreateUnicodeStringFromAsciiz (&ObjectNameU,
(PCHAR)ObjectName);
Status = NtAccessCheckAndAuditAlarm (&SubsystemNameU,
HandleId,
&ObjectTypeNameU,
&ObjectNameU,
SecurityDescriptor,
DesiredAccess,
GenericMapping,
ObjectCreation,
GrantedAccess,
&LocalAccessStatus,
&GenerateOnClose);
RtlFreeUnicodeString (&SubsystemNameU);
RtlFreeUnicodeString (&ObjectTypeNameU);
RtlFreeUnicodeString (&ObjectNameU);
*pfGenerateOnClose = (BOOL)GenerateOnClose;
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
if (!NT_SUCCESS (LocalAccessStatus))
{
*AccessStatus = FALSE;
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
*AccessStatus = TRUE;
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
AccessCheckAndAuditAlarmW (LPCWSTR SubsystemName,
LPVOID HandleId,
LPWSTR ObjectTypeName,
LPWSTR ObjectName,
PSECURITY_DESCRIPTOR SecurityDescriptor,
DWORD DesiredAccess,
PGENERIC_MAPPING GenericMapping,
BOOL ObjectCreation,
LPDWORD GrantedAccess,
LPBOOL AccessStatus,
LPBOOL pfGenerateOnClose)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ObjectTypeNameU;
UNICODE_STRING ObjectNameU;
NTSTATUS LocalAccessStatus;
BOOLEAN GenerateOnClose;
NTSTATUS Status;
RtlInitUnicodeString (&SubsystemNameU,
(PWSTR)SubsystemName);
RtlInitUnicodeString (&ObjectTypeNameU,
(PWSTR)ObjectTypeName);
RtlInitUnicodeString (&ObjectNameU,
(PWSTR)ObjectName);
Status = NtAccessCheckAndAuditAlarm (&SubsystemNameU,
HandleId,
&ObjectTypeNameU,
&ObjectNameU,
SecurityDescriptor,
DesiredAccess,
GenericMapping,
ObjectCreation,
GrantedAccess,
&LocalAccessStatus,
&GenerateOnClose);
*pfGenerateOnClose = (BOOL)GenerateOnClose;
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
if (!NT_SUCCESS (LocalAccessStatus))
{
*AccessStatus = FALSE;
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
*AccessStatus = TRUE;
return TRUE;
}
/*
* @implemented
*/
@ -137,4 +266,245 @@ ObjectDeleteAuditAlarmW (LPCWSTR SubsystemName,
}
/*
* @implemented
*/
BOOL STDCALL
ObjectOpenAuditAlarmA (LPCSTR SubsystemName,
LPVOID HandleId,
LPSTR ObjectTypeName,
LPSTR ObjectName,
PSECURITY_DESCRIPTOR pSecurityDescriptor,
HANDLE ClientToken,
DWORD DesiredAccess,
DWORD GrantedAccess,
PPRIVILEGE_SET Privileges,
BOOL ObjectCreation,
BOOL AccessGranted,
LPBOOL GenerateOnClose)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ObjectTypeNameU;
UNICODE_STRING ObjectNameU;
NTSTATUS Status;
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
(PCHAR)SubsystemName);
RtlCreateUnicodeStringFromAsciiz (&ObjectTypeNameU,
(PCHAR)ObjectTypeName);
RtlCreateUnicodeStringFromAsciiz (&ObjectNameU,
(PCHAR)ObjectName);
Status = NtOpenObjectAuditAlarm (&SubsystemNameU,
HandleId,
&ObjectTypeNameU,
&ObjectNameU,
pSecurityDescriptor,
ClientToken,
DesiredAccess,
GrantedAccess,
Privileges,
ObjectCreation,
AccessGranted,
(PBOOLEAN)GenerateOnClose);
RtlFreeUnicodeString (&SubsystemNameU);
RtlFreeUnicodeString (&ObjectTypeNameU);
RtlFreeUnicodeString (&ObjectNameU);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectOpenAuditAlarmW (LPCWSTR SubsystemName,
LPVOID HandleId,
LPWSTR ObjectTypeName,
LPWSTR ObjectName,
PSECURITY_DESCRIPTOR pSecurityDescriptor,
HANDLE ClientToken,
DWORD DesiredAccess,
DWORD GrantedAccess,
PPRIVILEGE_SET Privileges,
BOOL ObjectCreation,
BOOL AccessGranted,
LPBOOL GenerateOnClose)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ObjectTypeNameU;
UNICODE_STRING ObjectNameU;
NTSTATUS Status;
RtlInitUnicodeString (&SubsystemNameU,
(PWSTR)SubsystemName);
RtlInitUnicodeString (&ObjectTypeNameU,
(PWSTR)ObjectTypeName);
RtlInitUnicodeString (&ObjectNameU,
(PWSTR)ObjectName);
Status = NtOpenObjectAuditAlarm (&SubsystemNameU,
HandleId,
&ObjectTypeNameU,
&ObjectNameU,
pSecurityDescriptor,
ClientToken,
DesiredAccess,
GrantedAccess,
Privileges,
ObjectCreation,
AccessGranted,
(PBOOLEAN)GenerateOnClose);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectPrivilegeAuditAlarmA (LPCSTR SubsystemName,
LPVOID HandleId,
HANDLE ClientToken,
DWORD DesiredAccess,
PPRIVILEGE_SET Privileges,
BOOL AccessGranted)
{
UNICODE_STRING SubsystemNameU;
NTSTATUS Status;
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
(PCHAR)SubsystemName);
Status = NtPrivilegeObjectAuditAlarm (&SubsystemNameU,
HandleId,
ClientToken,
DesiredAccess,
Privileges,
AccessGranted);
RtlFreeUnicodeString (&SubsystemNameU);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectPrivilegeAuditAlarmW (LPCWSTR SubsystemName,
LPVOID HandleId,
HANDLE ClientToken,
DWORD DesiredAccess,
PPRIVILEGE_SET Privileges,
BOOL AccessGranted)
{
UNICODE_STRING SubsystemNameU;
NTSTATUS Status;
RtlInitUnicodeString (&SubsystemNameU,
(PWSTR)SubsystemName);
Status = NtPrivilegeObjectAuditAlarm (&SubsystemNameU,
HandleId,
ClientToken,
DesiredAccess,
Privileges,
AccessGranted);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
PrivilegedServiceAuditAlarmA (LPCSTR SubsystemName,
LPCSTR ServiceName,
HANDLE ClientToken,
PPRIVILEGE_SET Privileges,
BOOL AccessGranted)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ServiceNameU;
NTSTATUS Status;
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
(PCHAR)SubsystemName);
RtlCreateUnicodeStringFromAsciiz (&ServiceNameU,
(PCHAR)ServiceName);
Status = NtPrivilegedServiceAuditAlarm (&SubsystemNameU,
&ServiceNameU,
ClientToken,
Privileges,
AccessGranted);
RtlFreeUnicodeString (&SubsystemNameU);
RtlFreeUnicodeString (&ServiceNameU);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
PrivilegedServiceAuditAlarmW (LPCWSTR SubsystemName,
LPCWSTR ServiceName,
HANDLE ClientToken,
PPRIVILEGE_SET Privileges,
BOOL AccessGranted)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ServiceNameU;
NTSTATUS Status;
RtlInitUnicodeString (&SubsystemNameU,
(PWSTR)SubsystemName);
RtlInitUnicodeString (&ServiceNameU,
(PWSTR)ServiceName);
Status = NtPrivilegedServiceAuditAlarm (&SubsystemNameU,
&ServiceNameU,
ClientToken,
Privileges,
AccessGranted);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/* EOF */