📄 audit.c
字号:
/* $Id: audit.c 21608 2006-04-16 12:49:19Z fireball $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS system libraries
* FILE: lib/advapi32/sec/audit.c
* PURPOSE: Audit functions
* PROGRAMMER: Eric Kohl (ekohl@rz-online.de)
* UPDATE HISTORY:
* Created 07/19/2003
*/
/* INCLUDES *****************************************************************/
#include <advapi32.h>
#define NDEBUG
#include <debug.h>
/* FUNCTIONS ****************************************************************/
/*
* @implemented
*/
BOOL STDCALL
AccessCheckAndAuditAlarmA (LPCSTR SubsystemName,
LPVOID HandleId,
LPSTR ObjectTypeName,
LPSTR ObjectName,
PSECURITY_DESCRIPTOR SecurityDescriptor,
DWORD DesiredAccess,
PGENERIC_MAPPING GenericMapping,
BOOL ObjectCreation,
LPDWORD GrantedAccess,
LPBOOL AccessStatus,
LPBOOL pfGenerateOnClose)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ObjectTypeNameU;
UNICODE_STRING ObjectNameU;
NTSTATUS LocalAccessStatus;
BOOLEAN GenerateOnClose;
NTSTATUS Status;
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
(PCHAR)SubsystemName);
RtlCreateUnicodeStringFromAsciiz (&ObjectTypeNameU,
(PCHAR)ObjectTypeName);
RtlCreateUnicodeStringFromAsciiz (&ObjectNameU,
(PCHAR)ObjectName);
Status = NtAccessCheckAndAuditAlarm (&SubsystemNameU,
HandleId,
&ObjectTypeNameU,
&ObjectNameU,
SecurityDescriptor,
DesiredAccess,
GenericMapping,
ObjectCreation,
GrantedAccess,
&LocalAccessStatus,
&GenerateOnClose);
RtlFreeUnicodeString (&SubsystemNameU);
RtlFreeUnicodeString (&ObjectTypeNameU);
RtlFreeUnicodeString (&ObjectNameU);
*pfGenerateOnClose = (BOOL)GenerateOnClose;
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
if (!NT_SUCCESS (LocalAccessStatus))
{
*AccessStatus = FALSE;
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
*AccessStatus = TRUE;
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
AccessCheckAndAuditAlarmW (LPCWSTR SubsystemName,
LPVOID HandleId,
LPWSTR ObjectTypeName,
LPWSTR ObjectName,
PSECURITY_DESCRIPTOR SecurityDescriptor,
DWORD DesiredAccess,
PGENERIC_MAPPING GenericMapping,
BOOL ObjectCreation,
LPDWORD GrantedAccess,
LPBOOL AccessStatus,
LPBOOL pfGenerateOnClose)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ObjectTypeNameU;
UNICODE_STRING ObjectNameU;
NTSTATUS LocalAccessStatus;
BOOLEAN GenerateOnClose;
NTSTATUS Status;
RtlInitUnicodeString (&SubsystemNameU,
(PWSTR)SubsystemName);
RtlInitUnicodeString (&ObjectTypeNameU,
(PWSTR)ObjectTypeName);
RtlInitUnicodeString (&ObjectNameU,
(PWSTR)ObjectName);
Status = NtAccessCheckAndAuditAlarm (&SubsystemNameU,
HandleId,
&ObjectTypeNameU,
&ObjectNameU,
SecurityDescriptor,
DesiredAccess,
GenericMapping,
ObjectCreation,
GrantedAccess,
&LocalAccessStatus,
&GenerateOnClose);
*pfGenerateOnClose = (BOOL)GenerateOnClose;
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
if (!NT_SUCCESS (LocalAccessStatus))
{
*AccessStatus = FALSE;
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
*AccessStatus = TRUE;
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectCloseAuditAlarmA (LPCSTR SubsystemName,
LPVOID HandleId,
BOOL GenerateOnClose)
{
UNICODE_STRING Name;
NTSTATUS Status;
Status = RtlCreateUnicodeStringFromAsciiz (&Name,
(PCHAR)SubsystemName);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
Status = NtCloseObjectAuditAlarm (&Name,
HandleId,
GenerateOnClose);
RtlFreeUnicodeString(&Name);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectCloseAuditAlarmW (LPCWSTR SubsystemName,
LPVOID HandleId,
BOOL GenerateOnClose)
{
UNICODE_STRING Name;
NTSTATUS Status;
RtlInitUnicodeString (&Name,
(PWSTR)SubsystemName);
Status = NtCloseObjectAuditAlarm (&Name,
HandleId,
GenerateOnClose);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectDeleteAuditAlarmA (LPCSTR SubsystemName,
LPVOID HandleId,
BOOL GenerateOnClose)
{
UNICODE_STRING Name;
NTSTATUS Status;
Status = RtlCreateUnicodeStringFromAsciiz (&Name,
(PCHAR)SubsystemName);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
Status = NtDeleteObjectAuditAlarm (&Name,
HandleId,
GenerateOnClose);
RtlFreeUnicodeString(&Name);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectDeleteAuditAlarmW (LPCWSTR SubsystemName,
LPVOID HandleId,
BOOL GenerateOnClose)
{
UNICODE_STRING Name;
NTSTATUS Status;
RtlInitUnicodeString (&Name,
(PWSTR)SubsystemName);
Status = NtDeleteObjectAuditAlarm (&Name,
HandleId,
GenerateOnClose);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectOpenAuditAlarmA (LPCSTR SubsystemName,
LPVOID HandleId,
LPSTR ObjectTypeName,
LPSTR ObjectName,
PSECURITY_DESCRIPTOR pSecurityDescriptor,
HANDLE ClientToken,
DWORD DesiredAccess,
DWORD GrantedAccess,
PPRIVILEGE_SET Privileges,
BOOL ObjectCreation,
BOOL AccessGranted,
LPBOOL GenerateOnClose)
{
UNICODE_STRING SubsystemNameU;
UNICODE_STRING ObjectTypeNameU;
UNICODE_STRING ObjectNameU;
NTSTATUS Status;
RtlCreateUnicodeStringFromAsciiz (&SubsystemNameU,
(PCHAR)SubsystemName);
RtlCreateUnicodeStringFromAsciiz (&ObjectTypeNameU,
(PCHAR)ObjectTypeName);
RtlCreateUnicodeStringFromAsciiz (&ObjectNameU,
(PCHAR)ObjectName);
Status = NtOpenObjectAuditAlarm (&SubsystemNameU,
HandleId,
&ObjectTypeNameU,
&ObjectNameU,
pSecurityDescriptor,
ClientToken,
DesiredAccess,
GrantedAccess,
Privileges,
ObjectCreation,
AccessGranted,
(PBOOLEAN)GenerateOnClose);
RtlFreeUnicodeString (&SubsystemNameU);
RtlFreeUnicodeString (&ObjectTypeNameU);
RtlFreeUnicodeString (&ObjectNameU);
if (!NT_SUCCESS (Status))
{
SetLastError (RtlNtStatusToDosError (Status));
return FALSE;
}
return TRUE;
}
/*
* @implemented
*/
BOOL STDCALL
ObjectOpenAuditAlarmW (LPCWSTR SubsystemName,
LPVOID HandleId,
LPWSTR ObjectTypeName,
LPWSTR ObjectName,
PSECURITY_DESCRIPTOR pSecurityDescriptor,
HANDLE ClientToken,
DWORD DesiredAccess,
DWORD GrantedAccess,
PPRIVILEGE_SET Privileges,
BOOL ObjectCreation,
BOOL AccessGranted,
LPBOOL GenerateOnClose)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -