[PATCH 1/2] include: add authz.h

Thu Feb 25 01:50:44 CST 2016

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair at hotmail.com>
---
 include/authz.h | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)
 create mode 100644 include/authz.h

diff --git a/include/authz.h b/include/authz.h
new file mode 100644
index 0000000..500f479
--- /dev/null
+++ b/include/authz.h
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2016 Alistair Leslie-Hughes
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef __AUTHZ_H__
+#define __AUTHZ_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+DECLARE_HANDLE(AUTHZ_ACCESS_CHECK_RESULTS_HANDLE);
+DECLARE_HANDLE(AUTHZ_CLIENT_CONTEXT_HANDLE);
+DECLARE_HANDLE(AUTHZ_RESOURCE_MANAGER_HANDLE);
+DECLARE_HANDLE(AUTHZ_AUDIT_EVENT_HANDLE);
+
+typedef AUTHZ_ACCESS_CHECK_RESULTS_HANDLE *PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE;
+typedef AUTHZ_CLIENT_CONTEXT_HANDLE *PAUTHZ_CLIENT_CONTEXT_HANDLE;
+
+typedef struct _AUTHZ_ACCESS_REQUEST
+{
+    ACCESS_MASK       DesiredAccess;
+    PSID              PrincipalSelfSid;
+    POBJECT_TYPE_LIST ObjectTypeList;
+    DWORD             ObjectTypeListLength;
+    void              *OptionalArguments;
+} AUTHZ_ACCESS_REQUEST, *PAUTHZ_ACCESS_REQUEST;
+
+
+#define AUTHZ_GENERATE_SUCCESS_AUDIT 0x1
+#define AUTHZ_GENERATE_FAILURE_AUDIT 0x2
+
+typedef struct _AUTHZ_ACCESS_REPLY
+{
+    DWORD ResultListLength;
+    DWORD *SaclEvaluationResults;
+    DWORD *Error;
+} AUTHZ_ACCESS_REPLY, *PAUTHZ_ACCESS_REPLY;
+
+BOOL WINAPI AuthzInitializeResourceManager(DWORD flags, void *access_checker,
+    void *compute_dyn_groups, void *free_dyn_groups,
+    const WCHAR *managername, void *handle );
+
+BOOL WINAPI AuthzInstallSecurityEventSource(DWORD dwFlags, void *registration);
+
+BOOL WINAPI AuthzAccessCheck(DWORD flags, AUTHZ_CLIENT_CONTEXT_HANDLE client_context,
+        AUTHZ_ACCESS_REQUEST *request, AUTHZ_AUDIT_EVENT_HANDLE audit_event,
+        PSECURITY_DESCRIPTOR security, PSECURITY_DESCRIPTOR *optional_security,
+        DWORD optional_security_count, AUTHZ_ACCESS_REPLY *reply,
+        AUTHZ_ACCESS_CHECK_RESULTS_HANDLE *access_check_result);
+
+BOOL WINAPI AuthzFreeContext(AUTHZ_CLIENT_CONTEXT_HANDLE client_context);
+
+BOOL WINAPI AuthzInitializeContextFromSid(DWORD flags, PSID sid,
+        AUTHZ_RESOURCE_MANAGER_HANDLE resource_manager, LARGE_INTEGER *expire_time,
+        LUID id, void *dynamic_group, AUTHZ_CLIENT_CONTEXT_HANDLE *client_context);
+
+BOOL WINAPI AuthzInitializeContextFromToken(DWORD flags, HANDLE token_handle,
+        AUTHZ_RESOURCE_MANAGER_HANDLE resource_manager, LARGE_INTEGER *expire_time,
+        LUID id, void *dynamic_group, AUTHZ_CLIENT_CONTEXT_HANDLE *client_context);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
-- 
1.9.1


