[v2 PATCH 1/2] include: add authz.h

[Alistair Leslie-Hughes]

v2
Correct Prototypes

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair at hotmail.com>
---
 include/authz.h | 119 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 119 insertions(+)
 create mode 100644 include/authz.h

diff --git a/include/authz.h b/include/authz.h
new file mode 100644
index 0000000..5969051
--- /dev/null
+++ b/include/authz.h
@@ -0,0 +1,119 @@
+/*
+ * Copyright (C) 2016 Alistair Leslie-Hughes
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef __AUTHZ_H__
+#define __AUTHZ_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+DECLARE_HANDLE(AUTHZ_ACCESS_CHECK_RESULTS_HANDLE);
+DECLARE_HANDLE(AUTHZ_CLIENT_CONTEXT_HANDLE);
+DECLARE_HANDLE(AUTHZ_RESOURCE_MANAGER_HANDLE);
+DECLARE_HANDLE(AUTHZ_AUDIT_EVENT_HANDLE);
+
+typedef AUTHZ_ACCESS_CHECK_RESULTS_HANDLE *PAUTHZ_ACCESS_CHECK_RESULTS_HANDLE;
+typedef AUTHZ_CLIENT_CONTEXT_HANDLE *PAUTHZ_CLIENT_CONTEXT_HANDLE;
+
+typedef BOOL (CALLBACK *PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS) (
+        AUTHZ_CLIENT_CONTEXT_HANDLE handle, void *args,
+        PSID_AND_ATTRIBUTES *sid_attr_array, DWORD *sid_cnt,
+        PSID_AND_ATTRIBUTES *restricted_sid_attr_array,
+        DWORD *restricted_sid_cnt);
+
+typedef BOOL (CALLBACK *PFN_AUTHZ_DYNAMIC_ACCESS_CHECK) (
+        AUTHZ_CLIENT_CONTEXT_HANDLE handle, PACE_HEADER ace,
+        void *args, BOOL *ace_applicable);
+
+typedef VOID (CALLBACK *PFN_AUTHZ_FREE_DYNAMIC_GROUPS) (
+        PSID_AND_ATTRIBUTES sid_attr_array);
+
+typedef struct _AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
+{
+    WCHAR *szObjectTypeName;
+    DWORD dwOffset;
+} AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET, *PAUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET;
+
+typedef struct _AUTHZ_ACCESS_REQUEST
+{
+    ACCESS_MASK       DesiredAccess;
+    PSID              PrincipalSelfSid;
+    POBJECT_TYPE_LIST ObjectTypeList;
+    DWORD             ObjectTypeListLength;
+    void              *OptionalArguments;
+} AUTHZ_ACCESS_REQUEST, *PAUTHZ_ACCESS_REQUEST;
+
+
+#define AUTHZ_GENERATE_SUCCESS_AUDIT 0x1
+#define AUTHZ_GENERATE_FAILURE_AUDIT 0x2
+
+typedef struct _AUTHZ_ACCESS_REPLY
+{
+    DWORD       ResultListLength;
+    ACCESS_MASK *GrantedAccessMask;
+    DWORD       *SaclEvaluationResults;
+    DWORD       *Error;
+} AUTHZ_ACCESS_REPLY, *PAUTHZ_ACCESS_REPLY;
+
+typedef struct _AUTHZ_SOURCE_SCHEMA_REGISTRATION
+{
+    DWORD dwFlags;
+    WCHAR *szEventSourceName;
+    WCHAR *szEventMessageFile;
+    WCHAR *szEventSourceXmlSchemaFile;
+    WCHAR *szEventAccessStringsFile;
+    WCHAR *szExecutableImagePath;
+
+    union
+    {
+        void *pReserved;
+        GUID *pProviderGuid;
+    };
+
+    DWORD dwObjectTypeNameCount;
+    AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET ObjectTypeNames[ANYSIZE_ARRAY];
+} AUTHZ_SOURCE_SCHEMA_REGISTRATION, *PAUTHZ_SOURCE_SCHEMA_REGISTRATION;
+
+BOOL WINAPI AuthzInitializeResourceManager(DWORD flags, PFN_AUTHZ_DYNAMIC_ACCESS_CHECK access_checker,
+        PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS compute_dyn_groups, PFN_AUTHZ_FREE_DYNAMIC_GROUPS free_dyn_groups,
+        const WCHAR *managername, AUTHZ_RESOURCE_MANAGER_HANDLE   *handle );
+
+BOOL WINAPI AuthzInstallSecurityEventSource(DWORD flags, AUTHZ_SOURCE_SCHEMA_REGISTRATION *registration);
+
+BOOL WINAPI AuthzAccessCheck(DWORD flags, AUTHZ_CLIENT_CONTEXT_HANDLE client_context,
+        AUTHZ_ACCESS_REQUEST *request, AUTHZ_AUDIT_EVENT_HANDLE audit_event,
+        PSECURITY_DESCRIPTOR security, PSECURITY_DESCRIPTOR *optional_security,
+        DWORD optional_security_count, AUTHZ_ACCESS_REPLY *reply,
+        AUTHZ_ACCESS_CHECK_RESULTS_HANDLE *access_check_result);
+
+BOOL WINAPI AuthzFreeContext(AUTHZ_CLIENT_CONTEXT_HANDLE client_context);
+
+BOOL WINAPI AuthzInitializeContextFromSid(DWORD flags, PSID sid,
+        AUTHZ_RESOURCE_MANAGER_HANDLE resource_manager, LARGE_INTEGER *expire_time,
+        LUID id, void *dynamic_group, AUTHZ_CLIENT_CONTEXT_HANDLE *client_context);
+
+BOOL WINAPI AuthzInitializeContextFromToken(DWORD flags, HANDLE token_handle,
+        AUTHZ_RESOURCE_MANAGER_HANDLE resource_manager, LARGE_INTEGER *expire_time,
+        LUID id, void *dynamic_group, AUTHZ_CLIENT_CONTEXT_HANDLE *client_context);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
-- 
1.9.1