mirror of
https://github.com/reactos/reactos.git
synced 2024-08-07 19:58:21 +00:00
Implemented missing audit functions.
svn path=/trunk/; revision=5193
This commit is contained in:
parent
54fd76554e
commit
537b19a1a3
|
@ -1,4 +1,4 @@
|
|||
; $Id: advapi32.edf,v 1.22 2003/07/20 15:16:51 ekohl Exp $
|
||||
; $Id: advapi32.edf,v 1.23 2003/07/20 22:11:41 ekohl Exp $
|
||||
;
|
||||
; advapi32.edf
|
||||
;
|
||||
|
@ -11,8 +11,8 @@ EXPORTS
|
|||
AbortSystemShutdownA=AbortSystemShutdownA@4
|
||||
AbortSystemShutdownW=AbortSystemShutdownW@4
|
||||
AccessCheck=AccessCheck@32
|
||||
;AccessCheckAndAuditAlarmA=AccessCheckAndAuditAlarmA@44
|
||||
;AccessCheckAndAuditAlarmW=AccessCheckAndAuditAlarmW@44
|
||||
AccessCheckAndAuditAlarmA=AccessCheckAndAuditAlarmA@44
|
||||
AccessCheckAndAuditAlarmW=AccessCheckAndAuditAlarmW@44
|
||||
AddAccessAllowedAce=AddAccessAllowedAce@16
|
||||
AddAccessDeniedAce=AddAccessDeniedAce@16
|
||||
AddAce=AddAce@20
|
||||
|
@ -274,10 +274,10 @@ ObjectCloseAuditAlarmA=ObjectCloseAuditAlarmA@12
|
|||
ObjectCloseAuditAlarmW=ObjectCloseAuditAlarmW@12
|
||||
ObjectDeleteAuditAlarmA=ObjectDeleteAuditAlarmA@12
|
||||
ObjectDeleteAuditAlarmW=ObjectDeleteAuditAlarmW@12
|
||||
;ObjectOpenAuditAlarmA=ObjectOpenAuditAlarmA@48
|
||||
;ObjectOpenAuditAlarmW=ObjectOpenAuditAlarmW@48
|
||||
;ObjectPrivilegeAuditAlarmA=ObjectPrivilegeAuditAlarmA@24
|
||||
;ObjectPrivilegeAuditAlarmW=ObjectPrivilegeAuditAlarmW@24
|
||||
ObjectOpenAuditAlarmA=ObjectOpenAuditAlarmA@48
|
||||
ObjectOpenAuditAlarmW=ObjectOpenAuditAlarmW@48
|
||||
ObjectPrivilegeAuditAlarmA=ObjectPrivilegeAuditAlarmA@24
|
||||
ObjectPrivilegeAuditAlarmW=ObjectPrivilegeAuditAlarmW@24
|
||||
;OpenBackupEventLogA=OpenBackupEventLogA@8
|
||||
;OpenBackupEventLogW=OpenBackupEventLogW@8
|
||||
;OpenEventLogA=OpenEventLogA@8
|
||||
|
@ -289,8 +289,8 @@ OpenServiceA=OpenServiceA@12
|
|||
OpenServiceW=OpenServiceW@12
|
||||
OpenThreadToken=OpenThreadToken@16
|
||||
PrivilegeCheck=PrivilegeCheck@12
|
||||
;PrivilegedServiceAuditAlarmA=PrivilegedServiceAuditAlarmA@20
|
||||
;PrivilegedServiceAuditAlarmW=PrivilegedServiceAuditAlarmW@20
|
||||
PrivilegedServiceAuditAlarmA=PrivilegedServiceAuditAlarmA@20
|
||||
PrivilegedServiceAuditAlarmW=PrivilegedServiceAuditAlarmW@20
|
||||
;ProvAccessRightsToNTAccessMask=ProvAccessRightsToNTAccessMask@8
|
||||
QueryServiceConfigA=QueryServiceConfigA@16
|
||||
QueryServiceConfigW=QueryServiceConfigW@16
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: audit.c,v 1.1 2003/07/20 00:03:40 ekohl Exp $
|
||||
/* $Id: audit.c,v 1.2 2003/07/20 22:11:58 ekohl Exp $
|
||||
*
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS system libraries
|
||||
|
@ -18,6 +18,135 @@
|
|||
|
||||
/* FUNCTIONS ****************************************************************/
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
AccessCheckAndAuditAlarmA (LPCSTR SubsystemName,
|
||||
LPVOID HandleId,
|
||||
LPSTR ObjectTypeName,
|
||||
LPSTR ObjectName,
|
||||
PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
DWORD DesiredAccess,
|
||||
PGENERIC_MAPPING GenericMapping,
|
||||
BOOL ObjectCreation,
|
||||
LPDWORD GrantedAccess,
|
||||
LPBOOL AccessStatus,
|
||||
LPBOOL pfGenerateOnClose)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
UNICODE_STRING ObjectTypeNameU;
|
||||
UNICODE_STRING ObjectNameU;
|
||||
NTSTATUS LocalAccessStatus;
|
||||
BOOLEAN GenerateOnClose;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
|
||||
(PCHAR)SubsystemName);
|
||||
RtlCreateUnicodeStringFromAsciiz (&ObjectTypeNameU,
|
||||
(PCHAR)ObjectTypeName);
|
||||
RtlCreateUnicodeStringFromAsciiz (&ObjectNameU,
|
||||
(PCHAR)ObjectName);
|
||||
|
||||
Status = NtAccessCheckAndAuditAlarm (&SubsystemNameU,
|
||||
HandleId,
|
||||
&ObjectTypeNameU,
|
||||
&ObjectNameU,
|
||||
SecurityDescriptor,
|
||||
DesiredAccess,
|
||||
GenericMapping,
|
||||
ObjectCreation,
|
||||
GrantedAccess,
|
||||
&LocalAccessStatus,
|
||||
&GenerateOnClose);
|
||||
RtlFreeUnicodeString (&SubsystemNameU);
|
||||
RtlFreeUnicodeString (&ObjectTypeNameU);
|
||||
RtlFreeUnicodeString (&ObjectNameU);
|
||||
|
||||
*pfGenerateOnClose = (BOOL)GenerateOnClose;
|
||||
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (!NT_SUCCESS (LocalAccessStatus))
|
||||
{
|
||||
*AccessStatus = FALSE;
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
*AccessStatus = TRUE;
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
AccessCheckAndAuditAlarmW (LPCWSTR SubsystemName,
|
||||
LPVOID HandleId,
|
||||
LPWSTR ObjectTypeName,
|
||||
LPWSTR ObjectName,
|
||||
PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
DWORD DesiredAccess,
|
||||
PGENERIC_MAPPING GenericMapping,
|
||||
BOOL ObjectCreation,
|
||||
LPDWORD GrantedAccess,
|
||||
LPBOOL AccessStatus,
|
||||
LPBOOL pfGenerateOnClose)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
UNICODE_STRING ObjectTypeNameU;
|
||||
UNICODE_STRING ObjectNameU;
|
||||
NTSTATUS LocalAccessStatus;
|
||||
BOOLEAN GenerateOnClose;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlInitUnicodeString (&SubsystemNameU,
|
||||
(PWSTR)SubsystemName);
|
||||
RtlInitUnicodeString (&ObjectTypeNameU,
|
||||
(PWSTR)ObjectTypeName);
|
||||
RtlInitUnicodeString (&ObjectNameU,
|
||||
(PWSTR)ObjectName);
|
||||
|
||||
Status = NtAccessCheckAndAuditAlarm (&SubsystemNameU,
|
||||
HandleId,
|
||||
&ObjectTypeNameU,
|
||||
&ObjectNameU,
|
||||
SecurityDescriptor,
|
||||
DesiredAccess,
|
||||
GenericMapping,
|
||||
ObjectCreation,
|
||||
GrantedAccess,
|
||||
&LocalAccessStatus,
|
||||
&GenerateOnClose);
|
||||
|
||||
*pfGenerateOnClose = (BOOL)GenerateOnClose;
|
||||
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (!NT_SUCCESS (LocalAccessStatus))
|
||||
{
|
||||
*AccessStatus = FALSE;
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
*AccessStatus = TRUE;
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
|
@ -137,4 +266,245 @@ ObjectDeleteAuditAlarmW (LPCWSTR SubsystemName,
|
|||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
ObjectOpenAuditAlarmA (LPCSTR SubsystemName,
|
||||
LPVOID HandleId,
|
||||
LPSTR ObjectTypeName,
|
||||
LPSTR ObjectName,
|
||||
PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
||||
HANDLE ClientToken,
|
||||
DWORD DesiredAccess,
|
||||
DWORD GrantedAccess,
|
||||
PPRIVILEGE_SET Privileges,
|
||||
BOOL ObjectCreation,
|
||||
BOOL AccessGranted,
|
||||
LPBOOL GenerateOnClose)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
UNICODE_STRING ObjectTypeNameU;
|
||||
UNICODE_STRING ObjectNameU;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
|
||||
(PCHAR)SubsystemName);
|
||||
RtlCreateUnicodeStringFromAsciiz (&ObjectTypeNameU,
|
||||
(PCHAR)ObjectTypeName);
|
||||
RtlCreateUnicodeStringFromAsciiz (&ObjectNameU,
|
||||
(PCHAR)ObjectName);
|
||||
|
||||
Status = NtOpenObjectAuditAlarm (&SubsystemNameU,
|
||||
HandleId,
|
||||
&ObjectTypeNameU,
|
||||
&ObjectNameU,
|
||||
pSecurityDescriptor,
|
||||
ClientToken,
|
||||
DesiredAccess,
|
||||
GrantedAccess,
|
||||
Privileges,
|
||||
ObjectCreation,
|
||||
AccessGranted,
|
||||
(PBOOLEAN)GenerateOnClose);
|
||||
RtlFreeUnicodeString (&SubsystemNameU);
|
||||
RtlFreeUnicodeString (&ObjectTypeNameU);
|
||||
RtlFreeUnicodeString (&ObjectNameU);
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
ObjectOpenAuditAlarmW (LPCWSTR SubsystemName,
|
||||
LPVOID HandleId,
|
||||
LPWSTR ObjectTypeName,
|
||||
LPWSTR ObjectName,
|
||||
PSECURITY_DESCRIPTOR pSecurityDescriptor,
|
||||
HANDLE ClientToken,
|
||||
DWORD DesiredAccess,
|
||||
DWORD GrantedAccess,
|
||||
PPRIVILEGE_SET Privileges,
|
||||
BOOL ObjectCreation,
|
||||
BOOL AccessGranted,
|
||||
LPBOOL GenerateOnClose)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
UNICODE_STRING ObjectTypeNameU;
|
||||
UNICODE_STRING ObjectNameU;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlInitUnicodeString (&SubsystemNameU,
|
||||
(PWSTR)SubsystemName);
|
||||
RtlInitUnicodeString (&ObjectTypeNameU,
|
||||
(PWSTR)ObjectTypeName);
|
||||
RtlInitUnicodeString (&ObjectNameU,
|
||||
(PWSTR)ObjectName);
|
||||
|
||||
Status = NtOpenObjectAuditAlarm (&SubsystemNameU,
|
||||
HandleId,
|
||||
&ObjectTypeNameU,
|
||||
&ObjectNameU,
|
||||
pSecurityDescriptor,
|
||||
ClientToken,
|
||||
DesiredAccess,
|
||||
GrantedAccess,
|
||||
Privileges,
|
||||
ObjectCreation,
|
||||
AccessGranted,
|
||||
(PBOOLEAN)GenerateOnClose);
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
ObjectPrivilegeAuditAlarmA (LPCSTR SubsystemName,
|
||||
LPVOID HandleId,
|
||||
HANDLE ClientToken,
|
||||
DWORD DesiredAccess,
|
||||
PPRIVILEGE_SET Privileges,
|
||||
BOOL AccessGranted)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
|
||||
(PCHAR)SubsystemName);
|
||||
|
||||
Status = NtPrivilegeObjectAuditAlarm (&SubsystemNameU,
|
||||
HandleId,
|
||||
ClientToken,
|
||||
DesiredAccess,
|
||||
Privileges,
|
||||
AccessGranted);
|
||||
RtlFreeUnicodeString (&SubsystemNameU);
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
ObjectPrivilegeAuditAlarmW (LPCWSTR SubsystemName,
|
||||
LPVOID HandleId,
|
||||
HANDLE ClientToken,
|
||||
DWORD DesiredAccess,
|
||||
PPRIVILEGE_SET Privileges,
|
||||
BOOL AccessGranted)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlInitUnicodeString (&SubsystemNameU,
|
||||
(PWSTR)SubsystemName);
|
||||
|
||||
Status = NtPrivilegeObjectAuditAlarm (&SubsystemNameU,
|
||||
HandleId,
|
||||
ClientToken,
|
||||
DesiredAccess,
|
||||
Privileges,
|
||||
AccessGranted);
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
PrivilegedServiceAuditAlarmA (LPCSTR SubsystemName,
|
||||
LPCSTR ServiceName,
|
||||
HANDLE ClientToken,
|
||||
PPRIVILEGE_SET Privileges,
|
||||
BOOL AccessGranted)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
UNICODE_STRING ServiceNameU;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
|
||||
(PCHAR)SubsystemName);
|
||||
RtlCreateUnicodeStringFromAsciiz (&ServiceNameU,
|
||||
(PCHAR)ServiceName);
|
||||
|
||||
Status = NtPrivilegedServiceAuditAlarm (&SubsystemNameU,
|
||||
&ServiceNameU,
|
||||
ClientToken,
|
||||
Privileges,
|
||||
AccessGranted);
|
||||
RtlFreeUnicodeString (&SubsystemNameU);
|
||||
RtlFreeUnicodeString (&ServiceNameU);
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOL STDCALL
|
||||
PrivilegedServiceAuditAlarmW (LPCWSTR SubsystemName,
|
||||
LPCWSTR ServiceName,
|
||||
HANDLE ClientToken,
|
||||
PPRIVILEGE_SET Privileges,
|
||||
BOOL AccessGranted)
|
||||
{
|
||||
UNICODE_STRING SubsystemNameU;
|
||||
UNICODE_STRING ServiceNameU;
|
||||
NTSTATUS Status;
|
||||
|
||||
RtlInitUnicodeString (&SubsystemNameU,
|
||||
(PWSTR)SubsystemName);
|
||||
RtlInitUnicodeString (&ServiceNameU,
|
||||
(PWSTR)ServiceName);
|
||||
|
||||
Status = NtPrivilegedServiceAuditAlarm (&SubsystemNameU,
|
||||
&ServiceNameU,
|
||||
ClientToken,
|
||||
Privileges,
|
||||
AccessGranted);
|
||||
if (!NT_SUCCESS (Status))
|
||||
{
|
||||
SetLastError (RtlNtStatusToDosError (Status));
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/* EOF */
|
||||
|
|
Loading…
Reference in a new issue