path: root/x86_64-w64-mingw32/include/adtgen.h

/**
 * This file is part of the mingw-w64 runtime package.
 * No warranty is given; refer to the file DISCLAIMER within this package.
 */

#include <winapifamily.h>

#ifndef _ADTGEN_H
#define _ADTGEN_H

#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)

#define AUDIT_TYPE_LEGACY 1
#define AUDIT_TYPE_WMI 2

typedef enum _AUDIT_PARAM_TYPE {
  APT_None = 1,
  APT_String,
  APT_Ulong,
  APT_Pointer,
  APT_Sid,
  APT_LogonId,
  APT_ObjectTypeList,
  APT_Luid,
  APT_Guid,
  APT_Time,
  APT_Int64,
  APT_IpAddress,
  APT_LogonIdWithSid
} AUDIT_PARAM_TYPE;

#define AP_ParamTypeBits 8
#define AP_ParamTypeMask __MSABI_LONG(0xff)

#define AP_FormatHex (__MSABI_LONG(0x1) << AP_ParamTypeBits)
#define AP_AccessMask (__MSABI_LONG(0x2) << AP_ParamTypeBits)
#define AP_Filespec (__MSABI_LONG(0x1) << AP_ParamTypeBits)
#define AP_SidAsLogonId (__MSABI_LONG(0x1) << AP_ParamTypeBits)
#define AP_PrimaryLogonId (__MSABI_LONG(0x1) << AP_ParamTypeBits)
#define AP_ClientLogonId (__MSABI_LONG(0x2) << AP_ParamTypeBits)
#define ApExtractType(TypeFlags) ((AUDIT_PARAM_TYPE) (TypeFlags & AP_ParamTypeMask))
#define ApExtractFlags(TypeFlags) ((TypeFlags & ~AP_ParamTypeMask))

#define _AUTHZ_SS_MAXSIZE 128

#define APF_AuditFailure 0x0
#define APF_AuditSuccess 0x1

#define APF_ValidFlags (APF_AuditSuccess)

#define AUTHZ_ALLOW_MULTIPLE_SOURCE_INSTANCES 0x1
#define AUTHZ_MIGRATED_LEGACY_PUBLISHER 0x2

#define AUTHZ_AUDIT_INSTANCE_INFORMATION 0x2

typedef struct _AUDIT_OBJECT_TYPE {
  GUID ObjectType;
  USHORT Flags;
  USHORT Level;
  ACCESS_MASK AccessMask;
} AUDIT_OBJECT_TYPE,*PAUDIT_OBJECT_TYPE;

typedef struct _AUDIT_OBJECT_TYPES {
  USHORT Count;
  USHORT Flags;
#ifdef __WIDL__
  [size_is (Count)]
#endif
  AUDIT_OBJECT_TYPE *pObjectTypes;
} AUDIT_OBJECT_TYPES,*PAUDIT_OBJECT_TYPES;

typedef struct _AUDIT_IP_ADDRESS {
  BYTE pIpAddress[_AUTHZ_SS_MAXSIZE];
} AUDIT_IP_ADDRESS,*PAUDIT_IP_ADDRESS;

typedef struct _AUDIT_PARAM {
  AUDIT_PARAM_TYPE Type;
  ULONG Length;
  DWORD Flags;
#ifdef __WIDL__
  [switch_type (AUDIT_PARAM_TYPE), switch_is (Type)]
#else
  __C89_NAMELESS
#endif
  union {
#ifdef __WIDL__
    [default]
#endif
    ULONG_PTR Data0;
#ifdef __WIDL__
    [case (APT_String)]
    [string]
#endif
    PWSTR String;
#ifdef __WIDL__
    [case (APT_Ulong, APT_Pointer)]
#endif
    ULONG_PTR u;
#ifdef __WIDL__
    [case (APT_Sid)]
#endif
    SID *psid;
#ifdef __WIDL__
    [case (APT_Guid)]
#endif
    GUID *pguid;
#ifdef __WIDL__
    [case (APT_LogonId)]
#endif
    ULONG LogonId_LowPart;
#ifdef __WIDL__
    [case (APT_ObjectTypeList)]
#endif
    AUDIT_OBJECT_TYPES *pObjectTypes;
#ifdef __WIDL__
    [case (APT_IpAddress)]
#endif
    AUDIT_IP_ADDRESS *pIpAddress;
  };
#ifdef __WIDL__
  [switch_type (AUDIT_PARAM_TYPE), switch_is (Type)]
#else
  __C89_NAMELESS
#endif
  union {
#ifdef __WIDL__
    [default]
#endif
    ULONG_PTR Data1;
#ifdef __WIDL__
    [case (APT_LogonId)]
#endif
    LONG LogonId_HighPart;
  };
} AUDIT_PARAM,*PAUDIT_PARAM;

typedef struct _AUDIT_PARAMS {
  ULONG Length;
  DWORD Flags;
  USHORT Count;
#ifdef __WIDL__
  [size_is (Count)]
#endif
  AUDIT_PARAM *Parameters;
} AUDIT_PARAMS,*PAUDIT_PARAMS;
typedef struct _AUTHZ_AUDIT_EVENT_TYPE_LEGACY {
  USHORT CategoryId;
  USHORT AuditId;
  USHORT ParameterCount;
} AUTHZ_AUDIT_EVENT_TYPE_LEGACY,*PAUTHZ_AUDIT_EVENT_TYPE_LEGACY;

typedef
#ifdef __WIDL__
[switch_type (BYTE)]
#endif
union _AUTHZ_AUDIT_EVENT_TYPE_UNION {
#ifdef __WIDL__
  [case (AUDIT_TYPE_LEGACY)]
#endif
  AUTHZ_AUDIT_EVENT_TYPE_LEGACY Legacy;
} AUTHZ_AUDIT_EVENT_TYPE_UNION,*PAUTHZ_AUDIT_EVENT_TYPE_UNION;

typedef
struct _AUTHZ_AUDIT_EVENT_TYPE_OLD {
  ULONG Version;
  DWORD dwFlags;
  LONG RefCount;
  ULONG_PTR hAudit;
  LUID LinkId;
#ifdef __WIDL__
  [switch_is (Version)]
#endif
  AUTHZ_AUDIT_EVENT_TYPE_UNION u;
} AUTHZ_AUDIT_EVENT_TYPE_OLD;

typedef
#ifdef __WIDL__
[handle]
#endif
AUTHZ_AUDIT_EVENT_TYPE_OLD *PAUTHZ_AUDIT_EVENT_TYPE_OLD;
#define AUTHZP_WPD_EVENT 0x10

typedef
#ifdef __WIDL__
[context_handle]
#endif
PVOID AUDIT_HANDLE,*PAUDIT_HANDLE;

#endif
#endif