1 /** 2 * This file is part of the mingw-w64 runtime package. 3 * No warranty is given; refer to the file DISCLAIMER within this package. 4 */ 5 6 #include <winapifamily.h> 7 8 #ifndef _ADTGEN_H 9 #define _ADTGEN_H 10 11 #if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP) 12 13 #define AUDIT_TYPE_LEGACY 1 14 #define AUDIT_TYPE_WMI 2 15 16 typedef enum _AUDIT_PARAM_TYPE { 17 APT_None = 1, 18 APT_String, 19 APT_Ulong, 20 APT_Pointer, 21 APT_Sid, 22 APT_LogonId, 23 APT_ObjectTypeList, 24 APT_Luid, 25 APT_Guid, 26 APT_Time, 27 APT_Int64, 28 APT_IpAddress, 29 APT_LogonIdWithSid 30 } AUDIT_PARAM_TYPE; 31 32 #define AP_ParamTypeBits 8 33 #define AP_ParamTypeMask __MSABI_LONG(0xff) 34 35 #define AP_FormatHex (__MSABI_LONG(0x1) << AP_ParamTypeBits) 36 #define AP_AccessMask (__MSABI_LONG(0x2) << AP_ParamTypeBits) 37 #define AP_Filespec (__MSABI_LONG(0x1) << AP_ParamTypeBits) 38 #define AP_SidAsLogonId (__MSABI_LONG(0x1) << AP_ParamTypeBits) 39 #define AP_PrimaryLogonId (__MSABI_LONG(0x1) << AP_ParamTypeBits) 40 #define AP_ClientLogonId (__MSABI_LONG(0x2) << AP_ParamTypeBits) 41 #define ApExtractType(TypeFlags) ((AUDIT_PARAM_TYPE) (TypeFlags & AP_ParamTypeMask)) 42 #define ApExtractFlags(TypeFlags) ((TypeFlags & ~AP_ParamTypeMask)) 43 44 #define _AUTHZ_SS_MAXSIZE 128 45 46 #define APF_AuditFailure 0x0 47 #define APF_AuditSuccess 0x1 48 49 #define APF_ValidFlags (APF_AuditSuccess) 50 51 #define AUTHZ_ALLOW_MULTIPLE_SOURCE_INSTANCES 0x1 52 #define AUTHZ_MIGRATED_LEGACY_PUBLISHER 0x2 53 54 #define AUTHZ_AUDIT_INSTANCE_INFORMATION 0x2 55 56 typedef struct _AUDIT_OBJECT_TYPE { 57 GUID ObjectType; 58 USHORT Flags; 59 USHORT Level; 60 ACCESS_MASK AccessMask; 61 } AUDIT_OBJECT_TYPE,*PAUDIT_OBJECT_TYPE; 62 63 typedef struct _AUDIT_OBJECT_TYPES { 64 USHORT Count; 65 USHORT Flags; 66 #ifdef __WIDL__ 67 [size_is (Count)] 68 #endif 69 AUDIT_OBJECT_TYPE *pObjectTypes; 70 } AUDIT_OBJECT_TYPES,*PAUDIT_OBJECT_TYPES; 71 72 typedef struct _AUDIT_IP_ADDRESS { 73 BYTE pIpAddress[_AUTHZ_SS_MAXSIZE]; 74 } AUDIT_IP_ADDRESS,*PAUDIT_IP_ADDRESS; 75 76 typedef struct _AUDIT_PARAM { 77 AUDIT_PARAM_TYPE Type; 78 ULONG Length; 79 DWORD Flags; 80 #ifdef __WIDL__ 81 [switch_type (AUDIT_PARAM_TYPE), switch_is (Type)] 82 #else 83 __C89_NAMELESS 84 #endif 85 union { 86 #ifdef __WIDL__ 87 [default] 88 #endif 89 ULONG_PTR Data0; 90 #ifdef __WIDL__ 91 [case (APT_String)] 92 [string] 93 #endif 94 PWSTR String; 95 #ifdef __WIDL__ 96 [case (APT_Ulong, APT_Pointer)] 97 #endif 98 ULONG_PTR u; 99 #ifdef __WIDL__ 100 [case (APT_Sid)] 101 #endif 102 SID *psid; 103 #ifdef __WIDL__ 104 [case (APT_Guid)] 105 #endif 106 GUID *pguid; 107 #ifdef __WIDL__ 108 [case (APT_LogonId)] 109 #endif 110 ULONG LogonId_LowPart; 111 #ifdef __WIDL__ 112 [case (APT_ObjectTypeList)] 113 #endif 114 AUDIT_OBJECT_TYPES *pObjectTypes; 115 #ifdef __WIDL__ 116 [case (APT_IpAddress)] 117 #endif 118 AUDIT_IP_ADDRESS *pIpAddress; 119 }; 120 #ifdef __WIDL__ 121 [switch_type (AUDIT_PARAM_TYPE), switch_is (Type)] 122 #else 123 __C89_NAMELESS 124 #endif 125 union { 126 #ifdef __WIDL__ 127 [default] 128 #endif 129 ULONG_PTR Data1; 130 #ifdef __WIDL__ 131 [case (APT_LogonId)] 132 #endif 133 LONG LogonId_HighPart; 134 }; 135 } AUDIT_PARAM,*PAUDIT_PARAM; 136 137 typedef struct _AUDIT_PARAMS { 138 ULONG Length; 139 DWORD Flags; 140 USHORT Count; 141 #ifdef __WIDL__ 142 [size_is (Count)] 143 #endif 144 AUDIT_PARAM *Parameters; 145 } AUDIT_PARAMS,*PAUDIT_PARAMS; 146 typedef struct _AUTHZ_AUDIT_EVENT_TYPE_LEGACY { 147 USHORT CategoryId; 148 USHORT AuditId; 149 USHORT ParameterCount; 150 } AUTHZ_AUDIT_EVENT_TYPE_LEGACY,*PAUTHZ_AUDIT_EVENT_TYPE_LEGACY; 151 152 typedef 153 #ifdef __WIDL__ 154 [switch_type (BYTE)] 155 #endif 156 union _AUTHZ_AUDIT_EVENT_TYPE_UNION { 157 #ifdef __WIDL__ 158 [case (AUDIT_TYPE_LEGACY)] 159 #endif 160 AUTHZ_AUDIT_EVENT_TYPE_LEGACY Legacy; 161 } AUTHZ_AUDIT_EVENT_TYPE_UNION,*PAUTHZ_AUDIT_EVENT_TYPE_UNION; 162 163 typedef 164 struct _AUTHZ_AUDIT_EVENT_TYPE_OLD { 165 ULONG Version; 166 DWORD dwFlags; 167 LONG RefCount; 168 ULONG_PTR hAudit; 169 LUID LinkId; 170 #ifdef __WIDL__ 171 [switch_is (Version)] 172 #endif 173 AUTHZ_AUDIT_EVENT_TYPE_UNION u; 174 } AUTHZ_AUDIT_EVENT_TYPE_OLD; 175 176 typedef 177 #ifdef __WIDL__ 178 [handle] 179 #endif 180 AUTHZ_AUDIT_EVENT_TYPE_OLD *PAUTHZ_AUDIT_EVENT_TYPE_OLD; 181 #define AUTHZP_WPD_EVENT 0x10 182 183 typedef 184 #ifdef __WIDL__ 185 [context_handle] 186 #endif 187 PVOID AUDIT_HANDLE,*PAUDIT_HANDLE; 188 189 #endif 190 #endif 191