1
{******************************************************************************}
3
{ Authorization Framework API interface Unit for Object Pascal }
5
{ Portions created by Microsoft are Copyright (C) 1995-2001 Microsoft }
6
{ Corporation. All Rights Reserved. }
8
{ The original file is: authz.h, released August 2001. The original Pascal }
9
{ code is: Authz.pas, released October 2001. The initial developer of the }
10
{ Pascal code is Marcel van Brakel (brakelm att chello dott nl). }
12
{ Portions created by Marcel van Brakel are Copyright (C) 1999-2001 }
13
{ Marcel van Brakel. All Rights Reserved. }
15
{ Obtained through: Joint Endeavour of Delphi Innovators (Project JEDI) }
17
{ You may retrieve the latest version of this file at the Project JEDI }
18
{ APILIB home page, located at http://jedi-apilib.sourceforge.net }
20
{ The contents of this file are used with permission, subject to the Mozilla }
21
{ Public License Version 1.1 (the "License"); you may not use this file except }
22
{ in compliance with the License. You may obtain a copy of the License at }
23
{ http://www.mozilla.org/MPL/MPL-1.1.html }
25
{ Software distributed under the License is distributed on an "AS IS" basis, }
26
{ WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for }
27
{ the specific language governing rights and limitations under the License. }
29
{ Alternatively, the contents of this file may be used under the terms of the }
30
{ GNU Lesser General Public License (the "LGPL License"), in which case the }
31
{ provisions of the LGPL License are applicable instead of those above. }
32
{ If you wish to allow use of your version of this file only under the terms }
33
{ of the LGPL License and not to allow others to use your version of this file }
34
{ under the MPL, indicate your decision by deleting the provisions above and }
35
{ replace them with the notice and other provisions required by the LGPL }
36
{ License. If you do not delete the provisions above, a recipient may use }
37
{ your version of this file under either the MPL or the LGPL License. }
39
{ For more information about the LGPL: http://www.gnu.org/copyleft/lesser.html }
41
{******************************************************************************}
43
// $Id: jwaauthz.pas,v 1.1 2005/04/04 07:56:10 marco Exp $
50
{$HPPEMIT '#include "authz.h"'}
61
// Flags which may be used at the time of client context creation using a sid.
65
AUTHZ_SKIP_TOKEN_GROUPS = $2;
66
{$EXTERNALSYM AUTHZ_SKIP_TOKEN_GROUPS}
67
AUTHZ_REQUIRE_S4U_LOGON = $4;
68
{$EXTERNALSYM AUTHZ_REQUIRE_S4U_LOGON}
71
AUTHZ_ACCESS_CHECK_RESULTS_HANDLE = HANDLE;
72
{$EXTERNALSYM AUTHZ_ACCESS_CHECK_RESULTS_HANDLE}
73
AUTHZ_CLIENT_CONTEXT_HANDLE = HANDLE;
74
{$EXTERNALSYM AUTHZ_CLIENT_CONTEXT_HANDLE}
75
AUTHZ_RESOURCE_MANAGER_HANDLE = HANDLE;
76
{$EXTERNALSYM AUTHZ_RESOURCE_MANAGER_HANDLE}
77
AUTHZ_AUDIT_EVENT_HANDLE = HANDLE;
78
{$EXTERNALSYM AUTHZ_AUDIT_EVENT_HANDLE}
79
AUTHZ_AUDIT_EVENT_TYPE_HANDLE = HANDLE;
80
{$EXTERNALSYM AUTHZ_AUDIT_EVENT_TYPE_HANDLE}
81
AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE = HANDLE;
82
{$EXTERNALSYM AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE}
84
PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE = ^AUTHZ_ACCESS_CHECK_RESULTS_HANDLE;
85
{$EXTERNALSYM PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE}
86
PAUTHZ_CLIENT_CONTEXT_HANDLE = ^AUTHZ_CLIENT_CONTEXT_HANDLE;
87
{$EXTERNALSYM PAUTHZ_CLIENT_CONTEXT_HANDLE}
88
PAUTHZ_RESOURCE_MANAGER_HANDLE = ^AUTHZ_RESOURCE_MANAGER_HANDLE;
89
{$EXTERNALSYM PAUTHZ_RESOURCE_MANAGER_HANDLE}
90
PAUTHZ_AUDIT_EVENT_HANDLE = ^AUTHZ_AUDIT_EVENT_HANDLE;
91
{$EXTERNALSYM PAUTHZ_AUDIT_EVENT_HANDLE}
92
PAUTHZ_AUDIT_EVENT_TYPE_HANDLE = ^AUTHZ_AUDIT_EVENT_TYPE_HANDLE;
93
{$EXTERNALSYM PAUTHZ_AUDIT_EVENT_TYPE_HANDLE}
94
PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE = ^AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE;
95
{$EXTERNALSYM PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE}
98
// Structure defining the access check request.
101
PAUTHZ_ACCESS_REQUEST = ^AUTHZ_ACCESS_REQUEST;
102
{$EXTERNALSYM PAUTHZ_ACCESS_REQUEST}
103
_AUTHZ_ACCESS_REQUEST = record
104
DesiredAccess: ACCESS_MASK;
106
// To replace the principal self sid in the acl.
108
PrincipalSelfSid: PSID;
110
// Object type list represented by an array of (level, guid) pair and the
111
// number of elements in the array. This is a post-fix representation of the
113
// These fields should be set to NULL and 0 respectively except when per
114
// property access is desired.
116
ObjectTypeList: POBJECT_TYPE_LIST;
117
ObjectTypeListLength: DWORD;
119
// To support completely business rules based access. This will be passed as
120
// input to the callback access check function. Access check algorithm does
121
// not interpret these.
123
OptionalArguments: PVOID;
125
{$EXTERNALSYM _AUTHZ_ACCESS_REQUEST}
126
AUTHZ_ACCESS_REQUEST = _AUTHZ_ACCESS_REQUEST;
127
{$EXTERNALSYM AUTHZ_ACCESS_REQUEST}
128
TAuthzAccessRequest = AUTHZ_ACCESS_REQUEST;
129
PAuthzAccessRequest = PAUTHZ_ACCESS_REQUEST;
132
// Structure to return the results of the access check call.
136
AUTHZ_GENERATE_SUCCESS_AUDIT = $1;
137
{$EXTERNALSYM AUTHZ_GENERATE_SUCCESS_AUDIT}
138
AUTHZ_GENERATE_FAILURE_AUDIT = $2;
139
{$EXTERNALSYM AUTHZ_GENERATE_FAILURE_AUDIT}
142
PAUTHZ_ACCESS_REPLY = ^AUTHZ_ACCESS_REPLY;
143
{$EXTERNALSYM PAUTHZ_ACCESS_REPLY}
144
_AUTHZ_ACCESS_REPLY = record
146
// The length of the array representing the object type list structure. If
147
// no object type is used to represent the object, then the length must be
150
// Note: This parameter must be filled!
152
ResultListLength: DWORD;
154
// Array of granted access masks. This memory is allocated by the RM. Access
155
// check routines just fill in the values.
157
GrantedAccessMask: PACCESS_MASK;
159
// Array of SACL evaluation results. This memory is allocated by the RM, if SACL
160
// evaluation results are desired. Access check routines just fill in the values.
161
// Sacl evaluation will only be performed if auditing is requested.
163
SaclEvaluationResults: PDWORD;
165
// Array of results for each element of the array. This memory is allocated
166
// by the RM. Access check routines just fill in the values.
170
{$EXTERNALSYM _AUTHZ_ACCESS_REPLY}
171
AUTHZ_ACCESS_REPLY = _AUTHZ_ACCESS_REPLY;
172
{$EXTERNALSYM AUTHZ_ACCESS_REPLY}
173
TAuthzAccessReply = AUTHZ_ACCESS_REPLY;
174
PAuthzAccessReply = PAUTHZ_ACCESS_REPLY;
177
// Typedefs for callback functions to be provided by the resource manager.
181
// Callback access check function takes in
182
// AuthzClientContext - a client context
183
// pAce - pointer to a callback ace
184
// pArgs - Optional arguments that were passed to AuthzAccessCheck thru
185
// AuthzAccessRequest->OptionalArguments are passed back here.
186
// pbAceApplicable - The resource manager must supply whether the ace should
187
// be used in the computation of access evaluation
190
// TRUE if the API succeeded.
191
// FALSE on any intermediate errors (like failed memory allocation)
192
// In case of failure, the caller must use SetLastError(ErrorValue).
196
PFN_AUTHZ_DYNAMIC_ACCESS_CHECK = function(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE;
197
pAce: PACE_HEADER; pArgs: PVOID; var pbAceApplicable: BOOL): BOOL; stdcall;
198
{$EXTERNALSYM PFN_AUTHZ_DYNAMIC_ACCESS_CHECK}
199
PFnAuthzDynamicAccessCheck = PFN_AUTHZ_DYNAMIC_ACCESS_CHECK;
202
// Callback compute dynamic groups function takes in
203
// AuthzClientContext - a client context
204
// pArgs - Optional arguments that supplied to AuthzInitializeClientContext*
205
// thru DynamicGroupArgs are passed back here..
206
// pSidAttrArray - To allocate and return an array of (sids, attribute)
207
// pairs to be added to the normal part of the client context.
208
// pSidCount - Number of elements in pSidAttrArray
209
// pRestrictedSidAttrArray - To allocate and return an array of (sids, attribute)
210
// pairs to be added to the restricted part of the client context.
211
// pRestrictedSidCount - Number of elements in pRestrictedSidAttrArray
214
// Memory returned thru both these array will be freed by the callback
215
// free function defined by the resource manager.
218
// TRUE if the API succeeded.
219
// FALSE on any intermediate errors (like failed memory allocation)
220
// In case of failure, the caller must use SetLastError(ErrorValue).
224
PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS = function(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE;
225
Args: PVOID; var pSidAttrArray: PSID_AND_ATTRIBUTES; var pSidCount: DWORD;
226
var pRestrictedSidAttrArray: PSID_AND_ATTRIBUTES; var pRestrictedSidCount: DWORD): BOOL; stdcall;
227
{$EXTERNALSYM PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS}
228
PFnAuthzComputeDynamicGroups = PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS;
231
// Callback free function takes in
232
// pSidAttrArray - To be freed. This has been allocated by the compute
233
// dynamic groups function.
236
PFN_AUTHZ_FREE_DYNAMIC_GROUPS = procedure(pSidAttrArray: PSID_AND_ATTRIBUTES); stdcall;
237
{$EXTERNALSYM PFN_AUTHZ_FREE_DYNAMIC_GROUPS}
238
PFnAuthzFreeDynamicGroups = PFN_AUTHZ_FREE_DYNAMIC_GROUPS;
241
// Valid flags for AuthzAccessCheck
245
AUTHZ_ACCESS_CHECK_NO_DEEP_COPY_SD = $00000001;
246
{$EXTERNALSYM AUTHZ_ACCESS_CHECK_NO_DEEP_COPY_SD}
248
function AuthzAccessCheck(Flags: DWORD; hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; pRequest: PAUTHZ_ACCESS_REQUEST;
249
hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; pSecurityDescriptor: PSECURITY_DESCRIPTOR; OptionalSecurityDescriptorArray: PPSECURITY_DESCRIPTOR;
250
OptionalSecurityDescriptorCount: DWORD; pReply: PAUTHZ_ACCESS_REPLY; phAccessCheckResultsOPTIONAL: PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE): BOOL; stdcall;
251
{$EXTERNALSYM AuthzAccessCheck}
253
function AuthzCachedAccessCheck(Flags: DWORD; hAccessCheckResults: AUTHZ_ACCESS_CHECK_RESULTS_HANDLE; pRequest: PAUTHZ_ACCESS_REQUEST; hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; pReply: PAUTHZ_ACCESS_REPLY): BOOL; stdcall;
254
{$EXTERNALSYM AuthzCachedAccessCheck}
256
function AuthzOpenObjectAudit(Flags: DWORD; hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; pRequest: PAUTHZ_ACCESS_REQUEST; hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; pSecurityDescriptor: PSECURITY_DESCRIPTOR; OptionalSecurityDescriptorArray: PPSECURITY_DESCRIPTOR; OptionalSecurityDescriptorCount: DWORD; pReply: PAUTHZ_ACCESS_REPLY): BOOL; stdcall;
257
{$EXTERNALSYM AuthzOpenObjectAudit}
259
function AuthzFreeHandle(hAccessCheckResults: AUTHZ_ACCESS_CHECK_RESULTS_HANDLE): BOOL; stdcall;
260
{$EXTERNALSYM AuthzFreeHandle}
263
// Flags for AuthzInitializeResourceManager
267
AUTHZ_RM_FLAG_NO_AUDIT = $1;
268
{$EXTERNALSYM AUTHZ_RM_FLAG_NO_AUDIT}
270
AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION = $2;
271
{$EXTERNALSYM AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION}
273
AUTHZ_VALID_RM_INIT_FLAGS = AUTHZ_RM_FLAG_NO_AUDIT or AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION;
274
{$EXTERNALSYM AUTHZ_VALID_RM_INIT_FLAGS}
276
function AuthzInitializeResourceManager(Flags: DWORD; pfnDynamicAccessCheck: PFN_AUTHZ_DYNAMIC_ACCESS_CHECK; pfnComputeDynamicGroups: PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS; pfnFreeDynamicGroups: PFN_AUTHZ_FREE_DYNAMIC_GROUPS; szResourceManagerName: LPCWSTR; phAuthzResourceManager: PAUTHZ_RESOURCE_MANAGER_HANDLE): BOOL; stdcall;
277
{$EXTERNALSYM AuthzInitializeResourceManager}
279
function AuthzFreeResourceManager(hAuthzResourceManager: AUTHZ_RESOURCE_MANAGER_HANDLE): BOOL; stdcall;
280
{$EXTERNALSYM AuthzFreeResourceManager}
282
function AuthzInitializeContextFromToken(Flags: DWORD; TokenHandle: HANDLE; hAuthzResourceManager: AUTHZ_RESOURCE_MANAGER_HANDLE; pExpirationTime: PLARGE_INTEGER; Identifier: LUID; DynamicGroupArgs: PVOID; phAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
283
{$EXTERNALSYM AuthzInitializeContextFromToken}
285
function AuthzInitializeContextFromSid(Flags: DWORD; UserSid: PSID; hAuthzResourceManager: AUTHZ_RESOURCE_MANAGER_HANDLE; pExpirationTime: PLARGE_INTEGER; Identifier: LUID; DynamicGroupArgs: PVOID; phAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
286
{$EXTERNALSYM AuthzInitializeContextFromSid}
288
function AuthzInitializeContextFromAuthzContext(Flags: DWORD; hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; pExpirationTime: PLARGE_INTEGER; Identifier: LUID; DynamicGroupArgs: PVOID; phNewAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
289
{$EXTERNALSYM AuthzInitializeContextFromAuthzContext}
291
function AuthzAddSidsToContext(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; Sids: PSID_AND_ATTRIBUTES; SidCount: DWORD; RestrictedSids: PSID_AND_ATTRIBUTES; RestrictedSidCount: DWORD; phNewAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
292
{$EXTERNALSYM AuthzAddSidsToContext}
295
// Enumeration type to be used to specify the type of information to be
296
// retrieved from an existing AuthzClientContext.
300
_AUTHZ_CONTEXT_INFORMATION_CLASS = (
302
AuthzContextInfoUserSid,
303
AuthzContextInfoGroupsSids,
304
AuthzContextInfoRestrictedSids,
305
AuthzContextInfoPrivileges,
306
AuthzContextInfoExpirationTime,
307
AuthzContextInfoServerContext,
308
AuthzContextInfoIdentifier,
309
AuthzContextInfoSource,
311
AuthzContextInfoAuthenticationId);
312
{$EXTERNALSYM _AUTHZ_CONTEXT_INFORMATION_CLASS}
313
AUTHZ_CONTEXT_INFORMATION_CLASS = _AUTHZ_CONTEXT_INFORMATION_CLASS;
314
{$EXTERNALSYM AUTHZ_CONTEXT_INFORMATION_CLASS}
315
TAuthzContextInformationClass = AUTHZ_CONTEXT_INFORMATION_CLASS;
317
function AuthzGetInformationFromContext(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE;
318
InfoClass: AUTHZ_CONTEXT_INFORMATION_CLASS; BufferSize: DWORD; pSizeRequired: PDWORD;
319
Buffer: PVOID): BOOL; stdcall;
320
{$EXTERNALSYM AuthzGetInformationFromContext}
322
function AuthzFreeContext(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
323
{$EXTERNALSYM AuthzFreeContext}
326
// Valid flags that may be used in AuthzInitializeObjectAccessAuditEvent().
330
AUTHZ_NO_SUCCESS_AUDIT = $00000001;
331
{$EXTERNALSYM AUTHZ_NO_SUCCESS_AUDIT}
332
AUTHZ_NO_FAILURE_AUDIT = $00000002;
333
{$EXTERNALSYM AUTHZ_NO_FAILURE_AUDIT}
334
AUTHZ_NO_ALLOC_STRINGS = $00000004;
335
{$EXTERNALSYM AUTHZ_NO_ALLOC_STRINGS}
337
AUTHZ_VALID_OBJECT_ACCESS_AUDIT_FLAGS = AUTHZ_NO_SUCCESS_AUDIT or AUTHZ_NO_FAILURE_AUDIT or AUTHZ_NO_ALLOC_STRINGS;
338
{$EXTERNALSYM AUTHZ_VALID_OBJECT_ACCESS_AUDIT_FLAGS}
340
function AuthzInitializeObjectAccessAuditEvent(Flags: DWORD; hAuditEventType: AUTHZ_AUDIT_EVENT_TYPE_HANDLE;
341
szOperationType: PWSTR; szObjectType: PWSTR; szObjectName: PWSTR; szAdditionalInfo: PWSTR;
342
phAuditEvent: PAUTHZ_AUDIT_EVENT_HANDLE; dwAdditionalParameterCount: DWORD {, ...}): BOOL; stdcall;
343
{$EXTERNALSYM AuthzInitializeObjectAccessAuditEvent}
345
function AuthzInitializeObjectAccessAuditEvent2(Flags: DWORD; hAuditEventType: AUTHZ_AUDIT_EVENT_TYPE_HANDLE;
346
szOperationType: PWSTR; szObjectType: PWSTR; szObjectName: PWSTR; szAdditionalInfo, szAdditionalInfo2: PWSTR;
347
phAuditEvent: PAUTHZ_AUDIT_EVENT_HANDLE; dwAdditionalParameterCount: DWORD {, ...}): BOOL; stdcall;
348
{$EXTERNALSYM AuthzInitializeObjectAccessAuditEvent2}
351
// Enumeration type to be used to specify the type of information to be
352
// retrieved from an existing AUTHZ_AUDIT_EVENT_HANDLE.
356
_AUTHZ_AUDIT_EVENT_INFORMATION_CLASS = (
358
AuthzAuditEventInfoFlags,
359
AuthzAuditEventInfoOperationType,
360
AuthzAuditEventInfoObjectType,
361
AuthzAuditEventInfoObjectName,
362
AuthzAuditEventInfoAdditionalInfo);
363
{$EXTERNALSYM _AUTHZ_AUDIT_EVENT_INFORMATION_CLASS}
364
AUTHZ_AUDIT_EVENT_INFORMATION_CLASS = _AUTHZ_AUDIT_EVENT_INFORMATION_CLASS;
365
{$EXTERNALSYM AUTHZ_AUDIT_EVENT_INFORMATION_CLASS}
366
AuthzAuditEventInformationClass = AUTHZ_AUDIT_EVENT_INFORMATION_CLASS;
368
// todo this one seems not to be exported from authz.dll
370
function AuthzGetInformationFromAuditEvent(hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; InfoClass: AUTHZ_AUDIT_EVENT_INFORMATION_CLASS; BufferSize: DWORD; pSizeRequired: PDWORD; Buffer: PVOID): BOOL; stdcall;
371
{$EXTERNALSYM AuthzGetInformationFromAuditEvent}
373
function AuthzFreeAuditEvent(hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE): BOOL; stdcall;
374
{$EXTERNALSYM AuthzFreeAuditEvent}
378
// Support for generic auditing.
381
typedef struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
383
PWSTR szObjectTypeName;
385
} AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET, *PAUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET;
387
typedef struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION
390
PWSTR szEventSourceName;
391
PWSTR szEventMessageFile;
392
PWSTR szEventSourceXmlSchemaFile;
393
PWSTR szEventAccessStringsFile;
394
PWSTR szExecutableImagePath;
396
DWORD dwObjectTypeNameCount;
397
AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET ObjectTypeNames[ANYSIZE_ARRAY];
398
} AUTHZ_SOURCE_SCHEMA_REGISTRATION, *PAUTHZ_SOURCE_SCHEMA_REGISTRATION;
400
#define AUTHZ_FLAG_ALLOW_MULTIPLE_SOURCE_INSTANCES 0x1
405
AuthzInstallSecurityEventSource(
407
IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION pRegistration
413
AuthzUninstallSecurityEventSource(
415
IN PCWSTR szEventSourceName
421
AuthzEnumerateSecurityEventSources(
423
OUT PAUTHZ_SOURCE_SCHEMA_REGISTRATION Buffer,
425
IN OUT PDWORD pdwLength
431
AuthzRegisterSecurityEventSource(
433
IN PCWSTR szEventSourceName,
434
OUT PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider
440
AuthzUnregisterSecurityEventSource(
442
IN OUT PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider
448
AuthzReportSecurityEvent(
450
IN OUT AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider,
452
IN PSID pUserSid OPTIONAL,
460
AuthzReportSecurityEventFromParams(
462
IN OUT AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider,
464
IN PSID pUserSid OPTIONAL,
465
IN PAUDIT_PARAMS pParams
472
authzlib = 'authz.dll';
474
{$IFDEF DYNAMIC_LINK}
477
_AuthzAccessCheck: Pointer;
479
function AuthzAccessCheck;
481
GetProcedureAddress(_AuthzAccessCheck, authzlib, 'AuthzAccessCheck');
485
JMP [_AuthzAccessCheck]
490
_AuthzCachedAccessCheck: Pointer;
492
function AuthzCachedAccessCheck;
494
GetProcedureAddress(_AuthzCachedAccessCheck, authzlib, 'AuthzCachedAccessCheck');
498
JMP [_AuthzCachedAccessCheck]
503
_AuthzOpenObjectAudit: Pointer;
505
function AuthzOpenObjectAudit;
507
GetProcedureAddress(_AuthzOpenObjectAudit, authzlib, 'AuthzOpenObjectAudit');
511
JMP [_AuthzOpenObjectAudit]
516
_AuthzFreeHandle: Pointer;
518
function AuthzFreeHandle;
520
GetProcedureAddress(_AuthzFreeHandle, authzlib, 'AuthzFreeHandle');
524
JMP [_AuthzFreeHandle]
529
_AuthzInitializeResourceManager: Pointer;
531
function AuthzInitializeResourceManager;
533
GetProcedureAddress(_AuthzInitializeResourceManager, authzlib, 'AuthzInitializeResourceManager');
537
JMP [_AuthzInitializeResourceManager]
542
_AuthzFreeResourceManager: Pointer;
544
function AuthzFreeResourceManager;
546
GetProcedureAddress(_AuthzFreeResourceManager, authzlib, 'AuthzFreeResourceManager');
550
JMP [_AuthzFreeResourceManager]
555
_AuthzInitializeContextFromToken: Pointer;
557
function AuthzInitializeContextFromToken;
559
GetProcedureAddress(_AuthzInitializeContextFromToken, authzlib, 'AuthzInitializeContextFromToken');
563
JMP [_AuthzInitializeContextFromToken]
568
_AuthzInitializeContextFromSid: Pointer;
570
function AuthzInitializeContextFromSid;
572
GetProcedureAddress(_AuthzInitializeContextFromSid, authzlib, 'AuthzInitializeContextFromSid');
576
JMP [_AuthzInitializeContextFromSid]
581
_AuthzInitCxtFromAuthzCxt: Pointer;
583
function AuthzInitializeContextFromAuthzContext;
585
GetProcedureAddress(_AuthzInitCxtFromAuthzCxt, authzlib, 'AuthzInitializeContextFromAuthzContext');
589
JMP [_AuthzInitCxtFromAuthzCxt]
594
_AuthzAddSidsToContext: Pointer;
596
function AuthzAddSidsToContext;
598
GetProcedureAddress(_AuthzAddSidsToContext, authzlib, 'AuthzAddSidsToContext');
602
JMP [_AuthzAddSidsToContext]
607
_AuthzGetInformationFromContext: Pointer;
609
function AuthzGetInformationFromContext;
611
GetProcedureAddress(_AuthzGetInformationFromContext, authzlib, 'AuthzGetInformationFromContext');
615
JMP [_AuthzGetInformationFromContext]
620
_AuthzFreeContext: Pointer;
622
function AuthzFreeContext;
624
GetProcedureAddress(_AuthzFreeContext, authzlib, 'AuthzFreeContext');
628
JMP [_AuthzFreeContext]
633
_AuthzInitObjAccAuditEvent: Pointer;
635
function AuthzInitializeObjectAccessAuditEvent;
637
GetProcedureAddress(_AuthzInitObjAccAuditEvent, authzlib, 'AuthzInitializeObjectAccessAuditEvent');
641
JMP [_AuthzInitObjAccAuditEvent]
646
_AuthzInitObjAccAuditEvent2: Pointer;
648
function AuthzInitializeObjectAccessAuditEvent2;
650
GetProcedureAddress(_AuthzInitObjAccAuditEvent2, authzlib, 'AuthzInitializeObjectAccessAuditEvent2');
654
JMP [_AuthzInitObjAccAuditEvent2]
659
_AuthzGetInfoFromAuditEvent: Pointer;
661
function AuthzGetInformationFromAuditEvent;
663
GetProcedureAddress(_AuthzGetInfoFromAuditEvent, authzlib, 'AuthzGetInformationFromAuditEvent');
667
JMP [_AuthzGetInfoFromAuditEvent]
672
_AuthzFreeAuditEvent: Pointer;
674
function AuthzFreeAuditEvent;
676
GetProcedureAddress(_AuthzFreeAuditEvent, authzlib, 'AuthzFreeAuditEvent');
680
JMP [_AuthzFreeAuditEvent]
686
function AuthzAccessCheck; external authzlib name 'AuthzAccessCheck';
687
function AuthzCachedAccessCheck; external authzlib name 'AuthzCachedAccessCheck';
688
function AuthzOpenObjectAudit; external authzlib name 'AuthzOpenObjectAudit';
689
function AuthzFreeHandle; external authzlib name 'AuthzFreeHandle';
690
function AuthzInitializeResourceManager; external authzlib name 'AuthzInitializeResourceManager';
691
function AuthzFreeResourceManager; external authzlib name 'AuthzFreeResourceManager';
692
function AuthzInitializeContextFromToken; external authzlib name 'AuthzInitializeContextFromToken';
693
function AuthzInitializeContextFromSid; external authzlib name 'AuthzInitializeContextFromSid';
694
function AuthzInitializeContextFromAuthzContext; external authzlib name 'AuthzInitializeContextFromAuthzContext';
695
function AuthzAddSidsToContext; external authzlib name 'AuthzAddSidsToContext';
696
function AuthzGetInformationFromContext; external authzlib name 'AuthzGetInformationFromContext';
697
function AuthzFreeContext; external authzlib name 'AuthzFreeContext';
698
function AuthzInitializeObjectAccessAuditEvent; external authzlib name 'AuthzInitializeObjectAccessAuditEvent';
699
function AuthzInitializeObjectAccessAuditEvent2; external authzlib name 'AuthzInitializeObjectAccessAuditEvent2';
700
function AuthzGetInformationFromAuditEvent; external authzlib name 'AuthzGetInformationFromAuditEvent';
701
function AuthzFreeAuditEvent; external authzlib name 'AuthzFreeAuditEvent';
703
{$ENDIF DYNAMIC_LINK}
1
{******************************************************************************}
3
{ Authorization Framework API interface Unit for Object Pascal }
5
{ Portions created by Microsoft are Copyright (C) 1995-2001 Microsoft }
6
{ Corporation. All Rights Reserved. }
8
{ The original file is: authz.h, released August 2001. The original Pascal }
9
{ code is: Authz.pas, released October 2001. The initial developer of the }
10
{ Pascal code is Marcel van Brakel (brakelm att chello dott nl). }
12
{ Portions created by Marcel van Brakel are Copyright (C) 1999-2001 }
13
{ Marcel van Brakel. All Rights Reserved. }
15
{ Obtained through: Joint Endeavour of Delphi Innovators (Project JEDI) }
17
{ You may retrieve the latest version of this file at the Project JEDI }
18
{ APILIB home page, located at http://jedi-apilib.sourceforge.net }
20
{ The contents of this file are used with permission, subject to the Mozilla }
21
{ Public License Version 1.1 (the "License"); you may not use this file except }
22
{ in compliance with the License. You may obtain a copy of the License at }
23
{ http://www.mozilla.org/MPL/MPL-1.1.html }
25
{ Software distributed under the License is distributed on an "AS IS" basis, }
26
{ WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for }
27
{ the specific language governing rights and limitations under the License. }
29
{ Alternatively, the contents of this file may be used under the terms of the }
30
{ GNU Lesser General Public License (the "LGPL License"), in which case the }
31
{ provisions of the LGPL License are applicable instead of those above. }
32
{ If you wish to allow use of your version of this file only under the terms }
33
{ of the LGPL License and not to allow others to use your version of this file }
34
{ under the MPL, indicate your decision by deleting the provisions above and }
35
{ replace them with the notice and other provisions required by the LGPL }
36
{ License. If you do not delete the provisions above, a recipient may use }
37
{ your version of this file under either the MPL or the LGPL License. }
39
{ For more information about the LGPL: http://www.gnu.org/copyleft/lesser.html }
41
{******************************************************************************}
49
{$HPPEMIT '#include "authz.h"'}
60
// Flags which may be used at the time of client context creation using a sid.
64
AUTHZ_SKIP_TOKEN_GROUPS = $2;
65
{$EXTERNALSYM AUTHZ_SKIP_TOKEN_GROUPS}
66
AUTHZ_REQUIRE_S4U_LOGON = $4;
67
{$EXTERNALSYM AUTHZ_REQUIRE_S4U_LOGON}
70
AUTHZ_ACCESS_CHECK_RESULTS_HANDLE = HANDLE;
71
{$EXTERNALSYM AUTHZ_ACCESS_CHECK_RESULTS_HANDLE}
72
AUTHZ_CLIENT_CONTEXT_HANDLE = HANDLE;
73
{$EXTERNALSYM AUTHZ_CLIENT_CONTEXT_HANDLE}
74
AUTHZ_RESOURCE_MANAGER_HANDLE = HANDLE;
75
{$EXTERNALSYM AUTHZ_RESOURCE_MANAGER_HANDLE}
76
AUTHZ_AUDIT_EVENT_HANDLE = HANDLE;
77
{$EXTERNALSYM AUTHZ_AUDIT_EVENT_HANDLE}
78
AUTHZ_AUDIT_EVENT_TYPE_HANDLE = HANDLE;
79
{$EXTERNALSYM AUTHZ_AUDIT_EVENT_TYPE_HANDLE}
80
AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE = HANDLE;
81
{$EXTERNALSYM AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE}
83
PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE = ^AUTHZ_ACCESS_CHECK_RESULTS_HANDLE;
84
{$EXTERNALSYM PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE}
85
PAUTHZ_CLIENT_CONTEXT_HANDLE = ^AUTHZ_CLIENT_CONTEXT_HANDLE;
86
{$EXTERNALSYM PAUTHZ_CLIENT_CONTEXT_HANDLE}
87
PAUTHZ_RESOURCE_MANAGER_HANDLE = ^AUTHZ_RESOURCE_MANAGER_HANDLE;
88
{$EXTERNALSYM PAUTHZ_RESOURCE_MANAGER_HANDLE}
89
PAUTHZ_AUDIT_EVENT_HANDLE = ^AUTHZ_AUDIT_EVENT_HANDLE;
90
{$EXTERNALSYM PAUTHZ_AUDIT_EVENT_HANDLE}
91
PAUTHZ_AUDIT_EVENT_TYPE_HANDLE = ^AUTHZ_AUDIT_EVENT_TYPE_HANDLE;
92
{$EXTERNALSYM PAUTHZ_AUDIT_EVENT_TYPE_HANDLE}
93
PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE = ^AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE;
94
{$EXTERNALSYM PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE}
97
// Structure defining the access check request.
100
PAUTHZ_ACCESS_REQUEST = ^AUTHZ_ACCESS_REQUEST;
101
{$EXTERNALSYM PAUTHZ_ACCESS_REQUEST}
102
_AUTHZ_ACCESS_REQUEST = record
103
DesiredAccess: ACCESS_MASK;
105
// To replace the principal self sid in the acl.
107
PrincipalSelfSid: PSID;
109
// Object type list represented by an array of (level, guid) pair and the
110
// number of elements in the array. This is a post-fix representation of the
112
// These fields should be set to NULL and 0 respectively except when per
113
// property access is desired.
115
ObjectTypeList: POBJECT_TYPE_LIST;
116
ObjectTypeListLength: DWORD;
118
// To support completely business rules based access. This will be passed as
119
// input to the callback access check function. Access check algorithm does
120
// not interpret these.
122
OptionalArguments: PVOID;
124
{$EXTERNALSYM _AUTHZ_ACCESS_REQUEST}
125
AUTHZ_ACCESS_REQUEST = _AUTHZ_ACCESS_REQUEST;
126
{$EXTERNALSYM AUTHZ_ACCESS_REQUEST}
127
TAuthzAccessRequest = AUTHZ_ACCESS_REQUEST;
128
PAuthzAccessRequest = PAUTHZ_ACCESS_REQUEST;
131
// Structure to return the results of the access check call.
135
AUTHZ_GENERATE_SUCCESS_AUDIT = $1;
136
{$EXTERNALSYM AUTHZ_GENERATE_SUCCESS_AUDIT}
137
AUTHZ_GENERATE_FAILURE_AUDIT = $2;
138
{$EXTERNALSYM AUTHZ_GENERATE_FAILURE_AUDIT}
141
PAUTHZ_ACCESS_REPLY = ^AUTHZ_ACCESS_REPLY;
142
{$EXTERNALSYM PAUTHZ_ACCESS_REPLY}
143
_AUTHZ_ACCESS_REPLY = record
145
// The length of the array representing the object type list structure. If
146
// no object type is used to represent the object, then the length must be
149
// Note: This parameter must be filled!
151
ResultListLength: DWORD;
153
// Array of granted access masks. This memory is allocated by the RM. Access
154
// check routines just fill in the values.
156
GrantedAccessMask: PACCESS_MASK;
158
// Array of SACL evaluation results. This memory is allocated by the RM, if SACL
159
// evaluation results are desired. Access check routines just fill in the values.
160
// Sacl evaluation will only be performed if auditing is requested.
162
SaclEvaluationResults: PDWORD;
164
// Array of results for each element of the array. This memory is allocated
165
// by the RM. Access check routines just fill in the values.
169
{$EXTERNALSYM _AUTHZ_ACCESS_REPLY}
170
AUTHZ_ACCESS_REPLY = _AUTHZ_ACCESS_REPLY;
171
{$EXTERNALSYM AUTHZ_ACCESS_REPLY}
172
TAuthzAccessReply = AUTHZ_ACCESS_REPLY;
173
PAuthzAccessReply = PAUTHZ_ACCESS_REPLY;
176
// Typedefs for callback functions to be provided by the resource manager.
180
// Callback access check function takes in
181
// AuthzClientContext - a client context
182
// pAce - pointer to a callback ace
183
// pArgs - Optional arguments that were passed to AuthzAccessCheck thru
184
// AuthzAccessRequest->OptionalArguments are passed back here.
185
// pbAceApplicable - The resource manager must supply whether the ace should
186
// be used in the computation of access evaluation
189
// TRUE if the API succeeded.
190
// FALSE on any intermediate errors (like failed memory allocation)
191
// In case of failure, the caller must use SetLastError(ErrorValue).
195
PFN_AUTHZ_DYNAMIC_ACCESS_CHECK = function(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE;
196
pAce: PACE_HEADER; pArgs: PVOID; var pbAceApplicable: BOOL): BOOL; stdcall;
197
{$EXTERNALSYM PFN_AUTHZ_DYNAMIC_ACCESS_CHECK}
198
PFnAuthzDynamicAccessCheck = PFN_AUTHZ_DYNAMIC_ACCESS_CHECK;
201
// Callback compute dynamic groups function takes in
202
// AuthzClientContext - a client context
203
// pArgs - Optional arguments that supplied to AuthzInitializeClientContext*
204
// thru DynamicGroupArgs are passed back here..
205
// pSidAttrArray - To allocate and return an array of (sids, attribute)
206
// pairs to be added to the normal part of the client context.
207
// pSidCount - Number of elements in pSidAttrArray
208
// pRestrictedSidAttrArray - To allocate and return an array of (sids, attribute)
209
// pairs to be added to the restricted part of the client context.
210
// pRestrictedSidCount - Number of elements in pRestrictedSidAttrArray
213
// Memory returned thru both these array will be freed by the callback
214
// free function defined by the resource manager.
217
// TRUE if the API succeeded.
218
// FALSE on any intermediate errors (like failed memory allocation)
219
// In case of failure, the caller must use SetLastError(ErrorValue).
223
PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS = function(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE;
224
Args: PVOID; var pSidAttrArray: PSID_AND_ATTRIBUTES; var pSidCount: DWORD;
225
var pRestrictedSidAttrArray: PSID_AND_ATTRIBUTES; var pRestrictedSidCount: DWORD): BOOL; stdcall;
226
{$EXTERNALSYM PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS}
227
PFnAuthzComputeDynamicGroups = PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS;
230
// Callback free function takes in
231
// pSidAttrArray - To be freed. This has been allocated by the compute
232
// dynamic groups function.
235
PFN_AUTHZ_FREE_DYNAMIC_GROUPS = procedure(pSidAttrArray: PSID_AND_ATTRIBUTES); stdcall;
236
{$EXTERNALSYM PFN_AUTHZ_FREE_DYNAMIC_GROUPS}
237
PFnAuthzFreeDynamicGroups = PFN_AUTHZ_FREE_DYNAMIC_GROUPS;
240
// Valid flags for AuthzAccessCheck
244
AUTHZ_ACCESS_CHECK_NO_DEEP_COPY_SD = $00000001;
245
{$EXTERNALSYM AUTHZ_ACCESS_CHECK_NO_DEEP_COPY_SD}
247
function AuthzAccessCheck(Flags: DWORD; hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; pRequest: PAUTHZ_ACCESS_REQUEST;
248
hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; pSecurityDescriptor: PSECURITY_DESCRIPTOR; OptionalSecurityDescriptorArray: PPSECURITY_DESCRIPTOR;
249
OptionalSecurityDescriptorCount: DWORD; pReply: PAUTHZ_ACCESS_REPLY; phAccessCheckResultsOPTIONAL: PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE): BOOL; stdcall;
250
{$EXTERNALSYM AuthzAccessCheck}
252
function AuthzCachedAccessCheck(Flags: DWORD; hAccessCheckResults: AUTHZ_ACCESS_CHECK_RESULTS_HANDLE; pRequest: PAUTHZ_ACCESS_REQUEST; hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; pReply: PAUTHZ_ACCESS_REPLY): BOOL; stdcall;
253
{$EXTERNALSYM AuthzCachedAccessCheck}
255
function AuthzOpenObjectAudit(Flags: DWORD; hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; pRequest: PAUTHZ_ACCESS_REQUEST; hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; pSecurityDescriptor: PSECURITY_DESCRIPTOR; OptionalSecurityDescriptorArray: PPSECURITY_DESCRIPTOR; OptionalSecurityDescriptorCount: DWORD; pReply: PAUTHZ_ACCESS_REPLY): BOOL; stdcall;
256
{$EXTERNALSYM AuthzOpenObjectAudit}
258
function AuthzFreeHandle(hAccessCheckResults: AUTHZ_ACCESS_CHECK_RESULTS_HANDLE): BOOL; stdcall;
259
{$EXTERNALSYM AuthzFreeHandle}
262
// Flags for AuthzInitializeResourceManager
266
AUTHZ_RM_FLAG_NO_AUDIT = $1;
267
{$EXTERNALSYM AUTHZ_RM_FLAG_NO_AUDIT}
269
AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION = $2;
270
{$EXTERNALSYM AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION}
272
AUTHZ_VALID_RM_INIT_FLAGS = AUTHZ_RM_FLAG_NO_AUDIT or AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION;
273
{$EXTERNALSYM AUTHZ_VALID_RM_INIT_FLAGS}
275
function AuthzInitializeResourceManager(Flags: DWORD; pfnDynamicAccessCheck: PFN_AUTHZ_DYNAMIC_ACCESS_CHECK; pfnComputeDynamicGroups: PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS; pfnFreeDynamicGroups: PFN_AUTHZ_FREE_DYNAMIC_GROUPS; szResourceManagerName: LPCWSTR; phAuthzResourceManager: PAUTHZ_RESOURCE_MANAGER_HANDLE): BOOL; stdcall;
276
{$EXTERNALSYM AuthzInitializeResourceManager}
278
function AuthzFreeResourceManager(hAuthzResourceManager: AUTHZ_RESOURCE_MANAGER_HANDLE): BOOL; stdcall;
279
{$EXTERNALSYM AuthzFreeResourceManager}
281
function AuthzInitializeContextFromToken(Flags: DWORD; TokenHandle: HANDLE; hAuthzResourceManager: AUTHZ_RESOURCE_MANAGER_HANDLE; pExpirationTime: PLARGE_INTEGER; Identifier: LUID; DynamicGroupArgs: PVOID; phAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
282
{$EXTERNALSYM AuthzInitializeContextFromToken}
284
function AuthzInitializeContextFromSid(Flags: DWORD; UserSid: PSID; hAuthzResourceManager: AUTHZ_RESOURCE_MANAGER_HANDLE; pExpirationTime: PLARGE_INTEGER; Identifier: LUID; DynamicGroupArgs: PVOID; phAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
285
{$EXTERNALSYM AuthzInitializeContextFromSid}
287
function AuthzInitializeContextFromAuthzContext(Flags: DWORD; hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; pExpirationTime: PLARGE_INTEGER; Identifier: LUID; DynamicGroupArgs: PVOID; phNewAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
288
{$EXTERNALSYM AuthzInitializeContextFromAuthzContext}
290
function AuthzAddSidsToContext(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE; Sids: PSID_AND_ATTRIBUTES; SidCount: DWORD; RestrictedSids: PSID_AND_ATTRIBUTES; RestrictedSidCount: DWORD; phNewAuthzClientContext: PAUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
291
{$EXTERNALSYM AuthzAddSidsToContext}
294
// Enumeration type to be used to specify the type of information to be
295
// retrieved from an existing AuthzClientContext.
299
_AUTHZ_CONTEXT_INFORMATION_CLASS = (
301
AuthzContextInfoUserSid,
302
AuthzContextInfoGroupsSids,
303
AuthzContextInfoRestrictedSids,
304
AuthzContextInfoPrivileges,
305
AuthzContextInfoExpirationTime,
306
AuthzContextInfoServerContext,
307
AuthzContextInfoIdentifier,
308
AuthzContextInfoSource,
310
AuthzContextInfoAuthenticationId);
311
{$EXTERNALSYM _AUTHZ_CONTEXT_INFORMATION_CLASS}
312
AUTHZ_CONTEXT_INFORMATION_CLASS = _AUTHZ_CONTEXT_INFORMATION_CLASS;
313
{$EXTERNALSYM AUTHZ_CONTEXT_INFORMATION_CLASS}
314
TAuthzContextInformationClass = AUTHZ_CONTEXT_INFORMATION_CLASS;
316
function AuthzGetInformationFromContext(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE;
317
InfoClass: AUTHZ_CONTEXT_INFORMATION_CLASS; BufferSize: DWORD; pSizeRequired: PDWORD;
318
Buffer: PVOID): BOOL; stdcall;
319
{$EXTERNALSYM AuthzGetInformationFromContext}
321
function AuthzFreeContext(hAuthzClientContext: AUTHZ_CLIENT_CONTEXT_HANDLE): BOOL; stdcall;
322
{$EXTERNALSYM AuthzFreeContext}
325
// Valid flags that may be used in AuthzInitializeObjectAccessAuditEvent().
329
AUTHZ_NO_SUCCESS_AUDIT = $00000001;
330
{$EXTERNALSYM AUTHZ_NO_SUCCESS_AUDIT}
331
AUTHZ_NO_FAILURE_AUDIT = $00000002;
332
{$EXTERNALSYM AUTHZ_NO_FAILURE_AUDIT}
333
AUTHZ_NO_ALLOC_STRINGS = $00000004;
334
{$EXTERNALSYM AUTHZ_NO_ALLOC_STRINGS}
336
AUTHZ_VALID_OBJECT_ACCESS_AUDIT_FLAGS = AUTHZ_NO_SUCCESS_AUDIT or AUTHZ_NO_FAILURE_AUDIT or AUTHZ_NO_ALLOC_STRINGS;
337
{$EXTERNALSYM AUTHZ_VALID_OBJECT_ACCESS_AUDIT_FLAGS}
339
function AuthzInitializeObjectAccessAuditEvent(Flags: DWORD; hAuditEventType: AUTHZ_AUDIT_EVENT_TYPE_HANDLE;
340
szOperationType: PWSTR; szObjectType: PWSTR; szObjectName: PWSTR; szAdditionalInfo: PWSTR;
341
phAuditEvent: PAUTHZ_AUDIT_EVENT_HANDLE; dwAdditionalParameterCount: DWORD {, ...}): BOOL; stdcall;
342
{$EXTERNALSYM AuthzInitializeObjectAccessAuditEvent}
344
function AuthzInitializeObjectAccessAuditEvent2(Flags: DWORD; hAuditEventType: AUTHZ_AUDIT_EVENT_TYPE_HANDLE;
345
szOperationType: PWSTR; szObjectType: PWSTR; szObjectName: PWSTR; szAdditionalInfo, szAdditionalInfo2: PWSTR;
346
phAuditEvent: PAUTHZ_AUDIT_EVENT_HANDLE; dwAdditionalParameterCount: DWORD {, ...}): BOOL; stdcall;
347
{$EXTERNALSYM AuthzInitializeObjectAccessAuditEvent2}
350
// Enumeration type to be used to specify the type of information to be
351
// retrieved from an existing AUTHZ_AUDIT_EVENT_HANDLE.
355
_AUTHZ_AUDIT_EVENT_INFORMATION_CLASS = (
357
AuthzAuditEventInfoFlags,
358
AuthzAuditEventInfoOperationType,
359
AuthzAuditEventInfoObjectType,
360
AuthzAuditEventInfoObjectName,
361
AuthzAuditEventInfoAdditionalInfo);
362
{$EXTERNALSYM _AUTHZ_AUDIT_EVENT_INFORMATION_CLASS}
363
AUTHZ_AUDIT_EVENT_INFORMATION_CLASS = _AUTHZ_AUDIT_EVENT_INFORMATION_CLASS;
364
{$EXTERNALSYM AUTHZ_AUDIT_EVENT_INFORMATION_CLASS}
365
AuthzAuditEventInformationClass = AUTHZ_AUDIT_EVENT_INFORMATION_CLASS;
367
// todo this one seems not to be exported from authz.dll
369
function AuthzGetInformationFromAuditEvent(hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE; InfoClass: AUTHZ_AUDIT_EVENT_INFORMATION_CLASS; BufferSize: DWORD; pSizeRequired: PDWORD; Buffer: PVOID): BOOL; stdcall;
370
{$EXTERNALSYM AuthzGetInformationFromAuditEvent}
372
function AuthzFreeAuditEvent(hAuditEvent: AUTHZ_AUDIT_EVENT_HANDLE): BOOL; stdcall;
373
{$EXTERNALSYM AuthzFreeAuditEvent}
377
// Support for generic auditing.
380
typedef struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
382
PWSTR szObjectTypeName;
384
} AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET, *PAUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET;
386
typedef struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION
389
PWSTR szEventSourceName;
390
PWSTR szEventMessageFile;
391
PWSTR szEventSourceXmlSchemaFile;
392
PWSTR szEventAccessStringsFile;
393
PWSTR szExecutableImagePath;
395
DWORD dwObjectTypeNameCount;
396
AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET ObjectTypeNames[ANYSIZE_ARRAY];
397
} AUTHZ_SOURCE_SCHEMA_REGISTRATION, *PAUTHZ_SOURCE_SCHEMA_REGISTRATION;
399
#define AUTHZ_FLAG_ALLOW_MULTIPLE_SOURCE_INSTANCES 0x1
404
AuthzInstallSecurityEventSource(
406
IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION pRegistration
412
AuthzUninstallSecurityEventSource(
414
IN PCWSTR szEventSourceName
420
AuthzEnumerateSecurityEventSources(
422
OUT PAUTHZ_SOURCE_SCHEMA_REGISTRATION Buffer,
424
IN OUT PDWORD pdwLength
430
AuthzRegisterSecurityEventSource(
432
IN PCWSTR szEventSourceName,
433
OUT PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider
439
AuthzUnregisterSecurityEventSource(
441
IN OUT PAUTHZ_SECURITY_EVENT_PROVIDER_HANDLE phEventProvider
447
AuthzReportSecurityEvent(
449
IN OUT AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider,
451
IN PSID pUserSid OPTIONAL,
459
AuthzReportSecurityEventFromParams(
461
IN OUT AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider,
463
IN PSID pUserSid OPTIONAL,
464
IN PAUDIT_PARAMS pParams
471
authzlib = 'authz.dll';
473
{$IFDEF DYNAMIC_LINK}
476
_AuthzAccessCheck: Pointer;
478
function AuthzAccessCheck;
480
GetProcedureAddress(_AuthzAccessCheck, authzlib, 'AuthzAccessCheck');
484
JMP [_AuthzAccessCheck]
489
_AuthzCachedAccessCheck: Pointer;
491
function AuthzCachedAccessCheck;
493
GetProcedureAddress(_AuthzCachedAccessCheck, authzlib, 'AuthzCachedAccessCheck');
497
JMP [_AuthzCachedAccessCheck]
502
_AuthzOpenObjectAudit: Pointer;
504
function AuthzOpenObjectAudit;
506
GetProcedureAddress(_AuthzOpenObjectAudit, authzlib, 'AuthzOpenObjectAudit');
510
JMP [_AuthzOpenObjectAudit]
515
_AuthzFreeHandle: Pointer;
517
function AuthzFreeHandle;
519
GetProcedureAddress(_AuthzFreeHandle, authzlib, 'AuthzFreeHandle');
523
JMP [_AuthzFreeHandle]
528
_AuthzInitializeResourceManager: Pointer;
530
function AuthzInitializeResourceManager;
532
GetProcedureAddress(_AuthzInitializeResourceManager, authzlib, 'AuthzInitializeResourceManager');
536
JMP [_AuthzInitializeResourceManager]
541
_AuthzFreeResourceManager: Pointer;
543
function AuthzFreeResourceManager;
545
GetProcedureAddress(_AuthzFreeResourceManager, authzlib, 'AuthzFreeResourceManager');
549
JMP [_AuthzFreeResourceManager]
554
_AuthzInitializeContextFromToken: Pointer;
556
function AuthzInitializeContextFromToken;
558
GetProcedureAddress(_AuthzInitializeContextFromToken, authzlib, 'AuthzInitializeContextFromToken');
562
JMP [_AuthzInitializeContextFromToken]
567
_AuthzInitializeContextFromSid: Pointer;
569
function AuthzInitializeContextFromSid;
571
GetProcedureAddress(_AuthzInitializeContextFromSid, authzlib, 'AuthzInitializeContextFromSid');
575
JMP [_AuthzInitializeContextFromSid]
580
_AuthzInitCxtFromAuthzCxt: Pointer;
582
function AuthzInitializeContextFromAuthzContext;
584
GetProcedureAddress(_AuthzInitCxtFromAuthzCxt, authzlib, 'AuthzInitializeContextFromAuthzContext');
588
JMP [_AuthzInitCxtFromAuthzCxt]
593
_AuthzAddSidsToContext: Pointer;
595
function AuthzAddSidsToContext;
597
GetProcedureAddress(_AuthzAddSidsToContext, authzlib, 'AuthzAddSidsToContext');
601
JMP [_AuthzAddSidsToContext]
606
_AuthzGetInformationFromContext: Pointer;
608
function AuthzGetInformationFromContext;
610
GetProcedureAddress(_AuthzGetInformationFromContext, authzlib, 'AuthzGetInformationFromContext');
614
JMP [_AuthzGetInformationFromContext]
619
_AuthzFreeContext: Pointer;
621
function AuthzFreeContext;
623
GetProcedureAddress(_AuthzFreeContext, authzlib, 'AuthzFreeContext');
627
JMP [_AuthzFreeContext]
632
_AuthzInitObjAccAuditEvent: Pointer;
634
function AuthzInitializeObjectAccessAuditEvent;
636
GetProcedureAddress(_AuthzInitObjAccAuditEvent, authzlib, 'AuthzInitializeObjectAccessAuditEvent');
640
JMP [_AuthzInitObjAccAuditEvent]
645
_AuthzInitObjAccAuditEvent2: Pointer;
647
function AuthzInitializeObjectAccessAuditEvent2;
649
GetProcedureAddress(_AuthzInitObjAccAuditEvent2, authzlib, 'AuthzInitializeObjectAccessAuditEvent2');
653
JMP [_AuthzInitObjAccAuditEvent2]
658
_AuthzGetInfoFromAuditEvent: Pointer;
660
function AuthzGetInformationFromAuditEvent;
662
GetProcedureAddress(_AuthzGetInfoFromAuditEvent, authzlib, 'AuthzGetInformationFromAuditEvent');
666
JMP [_AuthzGetInfoFromAuditEvent]
671
_AuthzFreeAuditEvent: Pointer;
673
function AuthzFreeAuditEvent;
675
GetProcedureAddress(_AuthzFreeAuditEvent, authzlib, 'AuthzFreeAuditEvent');
679
JMP [_AuthzFreeAuditEvent]
685
function AuthzAccessCheck; external authzlib name 'AuthzAccessCheck';
686
function AuthzCachedAccessCheck; external authzlib name 'AuthzCachedAccessCheck';
687
function AuthzOpenObjectAudit; external authzlib name 'AuthzOpenObjectAudit';
688
function AuthzFreeHandle; external authzlib name 'AuthzFreeHandle';
689
function AuthzInitializeResourceManager; external authzlib name 'AuthzInitializeResourceManager';
690
function AuthzFreeResourceManager; external authzlib name 'AuthzFreeResourceManager';
691
function AuthzInitializeContextFromToken; external authzlib name 'AuthzInitializeContextFromToken';
692
function AuthzInitializeContextFromSid; external authzlib name 'AuthzInitializeContextFromSid';
693
function AuthzInitializeContextFromAuthzContext; external authzlib name 'AuthzInitializeContextFromAuthzContext';
694
function AuthzAddSidsToContext; external authzlib name 'AuthzAddSidsToContext';
695
function AuthzGetInformationFromContext; external authzlib name 'AuthzGetInformationFromContext';
696
function AuthzFreeContext; external authzlib name 'AuthzFreeContext';
697
function AuthzInitializeObjectAccessAuditEvent; external authzlib name 'AuthzInitializeObjectAccessAuditEvent';
698
function AuthzInitializeObjectAccessAuditEvent2; external authzlib name 'AuthzInitializeObjectAccessAuditEvent2';
699
function AuthzGetInformationFromAuditEvent; external authzlib name 'AuthzGetInformationFromAuditEvent';
700
function AuthzFreeAuditEvent; external authzlib name 'AuthzFreeAuditEvent';
702
{$ENDIF DYNAMIC_LINK}