#ifndef _INCLUDE_DDK_SEFUNCS_H
#define _INCLUDE_DDK_SEFUNCS_H
-/* $Id: sefuncs.h,v 1.15 2002/02/20 20:09:52 ekohl Exp $ */
+/* $Id: sefuncs.h,v 1.16 2002/02/22 13:34:36 ekohl Exp $ */
BOOLEAN STDCALL
SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN BOOLEAN SubjectContextLocked,
IN ACCESS_MASK DesiredAccess,
IN ACCESS_MASK PreviouslyGrantedAccess,
- OUT PPRIVILEGE_SET* Privileges,
+ OUT PPRIVILEGE_SET* Privileges OPTIONAL,
IN PGENERIC_MAPPING GenericMapping,
IN KPROCESSOR_MODE AccessMode,
OUT PACCESS_MODE GrantedAccess,
OUT PNTSTATUS AccessStatus);
NTSTATUS STDCALL
-SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor,
- PSECURITY_DESCRIPTOR ExplicitDescriptor,
- PSECURITY_DESCRIPTOR* NewDescriptor,
- BOOLEAN IsDirectoryObject,
- PSECURITY_SUBJECT_CONTEXT SubjectContext,
- PGENERIC_MAPPING GenericMapping,
- POOL_TYPE PoolType);
+SeAppendPrivileges(IN PACCESS_STATE AccessState,
+ IN PPRIVILEGE_SET Privileges);
+
+NTSTATUS STDCALL
+SeAssignSecurity(IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL,
+ IN PSECURITY_DESCRIPTOR ExplicitDescriptor,
+ OUT PSECURITY_DESCRIPTOR* NewDescriptor,
+ IN BOOLEAN IsDirectoryObject,
+ IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
+ IN PGENERIC_MAPPING GenericMapping,
+ IN POOL_TYPE PoolType);
+
+BOOLEAN STDCALL
+SeAuditingFileEvents(IN BOOLEAN AccessGranted,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor);
+
+BOOLEAN STDCALL
+SeAuditingFileOrGlobalEvents(IN BOOLEAN AccessGranted,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
VOID STDCALL
SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext);
+NTSTATUS STDCALL
+SeCreateAccessState(OUT PACCESS_STATE AccessState,
+ IN PVOID AuxData,
+ IN ACCESS_MASK AccessMask,
+ IN PGENERIC_MAPPING Mapping);
+
NTSTATUS STDCALL
SeCreateClientSecurity(IN struct _ETHREAD *Thread,
IN PSECURITY_QUALITY_OF_SERVICE Qos,
OUT PSECURITY_CLIENT_CONTEXT ClientContext);
NTSTATUS STDCALL
-SeDeassignSecurity(PSECURITY_DESCRIPTOR* SecurityDescriptor);
+SeDeassignSecurity(IN OUT PSECURITY_DESCRIPTOR* SecurityDescriptor);
+
+VOID STDCALL
+SeDeleteObjectAuditAlarm(IN PVOID Object,
+ IN HANDLE Handle);
+
+VOID STDCALL
+SeFreePrivileges(IN PPRIVILEGE_SET Privileges);
VOID STDCALL
SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext,
IN struct _ETHREAD *ServerThread OPTIONAL);
+VOID STDCALL
+SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
+
+NTSTATUS STDCALL
+SeMarkLogonSessionForTerminationNotification(IN PLUID LogonId);
+
+VOID STDCALL
+SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
+ IN PVOID Object OPTIONAL,
+ IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN PACCESS_STATE AccessState,
+ IN BOOLEAN ObjectCreated,
+ IN BOOLEAN AccessGranted,
+ IN KPROCESSOR_MODE AccessMode,
+ OUT PBOOLEAN GenerateOnClose);
+
+VOID STDCALL
+SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
+ IN PVOID Object OPTIONAL,
+ IN PUNICODE_STRING AbsoluteObjectName OPTIONAL,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN PACCESS_STATE AccessState,
+ IN BOOLEAN ObjectCreated,
+ IN BOOLEAN AccessGranted,
+ IN KPROCESSOR_MODE AccessMode,
+ OUT PBOOLEAN GenerateOnClose);
+
+BOOLEAN STDCALL
+SePrivilegeCheck(IN OUT PPRIVILEGE_SET RequiredPrivileges,
+ IN PSECURITY_SUBJECT_CONTEXT SubjectContext,
+ IN KPROCESSOR_MODE AccessMode);
+
+NTSTATUS STDCALL
+SeQueryAuthenticationIdToken(IN PACCESS_TOKEN Token,
+ OUT PLUID LogonId);
+
+NTSTATUS STDCALL
+SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
+ OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN OUT PULONG Length,
+ IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor);
+
+NTSTATUS STDCALL
+SeRegisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
+
VOID STDCALL
SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
+VOID STDCALL
+SeSetAccessStateGenericMapping(IN PACCESS_STATE AccessState,
+ IN PGENERIC_MAPPING GenericMapping);
+
+NTSTATUS STDCALL
+SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
+ IN PSECURITY_INFORMATION SecurityInformation,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+ IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
+ IN POOL_TYPE PoolType,
+ IN PGENERIC_MAPPING GenericMapping);
+
BOOLEAN STDCALL
-SeSinglePrivilegeCheck(LUID PrivilegeValue,
- KPROCESSOR_MODE PreviousMode);
+SeSinglePrivilegeCheck(IN LUID PrivilegeValue,
+ IN KPROCESSOR_MODE PreviousMode);
+
+SECURITY_IMPERSONATION_LEVEL STDCALL
+SeTokenImpersonationLevel(IN PACCESS_TOKEN Token);
TOKEN_TYPE STDCALL
SeTokenType(IN PACCESS_TOKEN Token);
+VOID STDCALL
+SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext);
+
+NTSTATUS STDCALL
+SeUnregisterLogonSessionTerminatedRoutine(IN PSE_LOGON_SESSION_TERMINATED_ROUTINE CallbackRoutine);
+
+BOOLEAN STDCALL
+SeValidSecurityDescriptor(IN ULONG Length,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor);
+
#endif /* ndef _INCLUDE_DDK_SEFUNCS_H */
/* FUNCTIONS ***************************************************************/
-NTSTATUS STDCALL NtQuerySecurityObject(IN HANDLE ObjectHandle,
- IN CINT SecurityObjectInformationClass,
- OUT PVOID SecurityObjectInformation,
- IN ULONG Length,
- OUT PULONG ReturnLength)
+NTSTATUS STDCALL
+NtQuerySecurityObject(IN HANDLE ObjectHandle,
+ IN CINT SecurityObjectInformationClass,
+ OUT PVOID SecurityObjectInformation,
+ IN ULONG Length,
+ OUT PULONG ReturnLength)
{
NTSTATUS Status;
PVOID Object;
if (Header->ObjectType != NULL &&
Header->ObjectType->Security != NULL)
{
- Status = Header->ObjectType->Security(Object,
+ Status = Header->ObjectType->Security(Object,
SecurityObjectInformationClass,
SecurityObjectInformation,
- &Length);
+ &Length);
*ReturnLength = Length;
}
else
}
-NTSTATUS
-STDCALL
-NtSetSecurityObject(
- IN HANDLE Handle,
- IN SECURITY_INFORMATION SecurityInformation,
- IN PSECURITY_DESCRIPTOR SecurityDescriptor
- )
+NTSTATUS STDCALL
+NtSetSecurityObject(IN HANDLE Handle,
+ IN SECURITY_INFORMATION SecurityInformation,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor)
{
- UNIMPLEMENTED;
+ UNIMPLEMENTED;
}