Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

125 lines
3.6 KiB

  1. DWORD TestAzAudit(
  2. )
  3. {
  4. DWORD dwError = NO_ERROR;
  5. PCWSTR szMsg = L"<unknown>";
  6. AUTHZ_RM_AUDIT_INFO RmAuditInfo;
  7. AUTHZ_CLIENT_AUDIT_INFO ClAuditInfo;
  8. AUTHZ_AUDIT_INFO AuditInfo;
  9. AUTHZI_CLIENT_CONTEXT ClContext;
  10. // -----------------------------------------------------------------
  11. // test AzpInitRmAuditInfo
  12. // -----------------------------------------------------------------
  13. ZeroMemory((PVOID) &RmAuditInfo, sizeof(RmAuditInfo));
  14. RmAuditInfo.szResourceManagerName = L"TestRm";
  15. HANDLE hToken;
  16. BYTE TokenUserInfoBuf[256];
  17. TOKEN_USER* pTokenUserInfo = (TOKEN_USER*) TokenUserInfoBuf;
  18. DWORD dwSize;
  19. if ( OpenProcessToken( GetCurrentProcess(),
  20. TOKEN_READ,
  21. &hToken ))
  22. {
  23. if ( GetTokenInformation( hToken, TokenUser,
  24. pTokenUserInfo, 250,
  25. &dwSize ))
  26. {
  27. dwSize = RtlLengthSid( pTokenUserInfo->User.Sid );
  28. RmAuditInfo.psidRmProcess = AuthzpAlloc( dwSize );
  29. if ( RmAuditInfo.psidRmProcess )
  30. {
  31. CopyMemory( RmAuditInfo.psidRmProcess,
  32. pTokenUserInfo->User.Sid,
  33. dwSize );
  34. RmAuditInfo.dwRmProcessSidSize = dwSize;
  35. }
  36. else
  37. {
  38. szMsg = L"AuthzpAlloc";
  39. goto Error;
  40. }
  41. }
  42. else
  43. {
  44. szMsg = L"GetTokenInformation";
  45. goto GetError;
  46. }
  47. }
  48. else
  49. {
  50. szMsg = L"OpenProcessToken";
  51. goto GetError;
  52. }
  53. RmAuditInfo.hEventSource = INVALID_HANDLE_VALUE;
  54. RmAuditInfo.hAuditEvent = INVALID_HANDLE_VALUE;
  55. RmAuditInfo.hAuditEventPropSubset = INVALID_HANDLE_VALUE;
  56. dwError = AzpInitRmAuditInfo( &RmAuditInfo );
  57. if ( dwError != NO_ERROR )
  58. {
  59. szMsg = L"AzpInitRmAuditInfo";
  60. goto Error;
  61. }
  62. // -----------------------------------------------------------------
  63. // test AzpInitClientAuditInfo
  64. // -----------------------------------------------------------------
  65. ZeroMemory((PVOID) &ClAuditInfo, sizeof(ClAuditInfo));
  66. ClAuditInfo.psidClient = RmAuditInfo.psidRmProcess;
  67. ClAuditInfo.dwClientSidSize = RmAuditInfo.dwRmProcessSidSize;
  68. ClAuditInfo.hAuditEvent = INVALID_HANDLE_VALUE;
  69. ClAuditInfo.hAuditEventPropSubset = INVALID_HANDLE_VALUE;
  70. dwError = AzpInitClientAuditInfo( &RmAuditInfo, &ClAuditInfo );
  71. if ( dwError != NO_ERROR )
  72. {
  73. szMsg = L"AzpInitClientAuditInfo";
  74. goto Error;
  75. }
  76. // -----------------------------------------------------------------
  77. // test AzpGenerateAuditEvent
  78. // -----------------------------------------------------------------
  79. ZeroMemory((PVOID) &AuditInfo, sizeof(AuditInfo));
  80. AuditInfo.hAuditEvent = INVALID_HANDLE_VALUE;
  81. AuditInfo.hAuditEventPropSubset = INVALID_HANDLE_VALUE;
  82. AuditInfo.szOperationType = L"kkOperation";
  83. AuditInfo.szObjectType = L"kkObjectType";
  84. AuditInfo.szObjectName = L"kkObjectName";
  85. ZeroMemory((PVOID) &ClContext, sizeof(ClContext));
  86. dwError = AzpGenerateAuditEvent( &RmAuditInfo, &ClAuditInfo, &ClContext,
  87. &AuditInfo, 0x1122 );
  88. if ( dwError != NO_ERROR )
  89. {
  90. szMsg = L"AzpGenerateAuditEvent";
  91. goto Error;
  92. }
  93. Finish:
  94. return dwError;
  95. GetError:
  96. dwError = GetLastError();
  97. Error:
  98. (void) wprintf( L"%s: 0x%x\n", szMsg, dwError );
  99. goto Finish;
  100. }