home *** CD-ROM | disk | FTP | other *** search

---

/ OS/2 Shareware BBS: 10 Tools / 10-Tools.zip / header45.zip / audit.h

< prev

next >

Wrap

C/C++ Source or Header  |  1999-04-29  |  22KB  |  518 lines

---

1. /**************************************************************************/
2. /*                                                                        */
3. /*              IBM OS/2(tm) Local Area Network (LAN) Server              */
4. /*                            Version 5.03                                */
5. /*                   (C) Copyright IBM Corp. 1988, 1998                   */
6. /*                  Licensed Materials - Property of IBM                  */
7. /*                                                                        */
8. /**************************************************************************/
9. /********************************************************************/
10.  
11.  
12.  
13. /********************************************************************
14.  *                                                                  *
15.  *  About this file ...  AUDIT.H                                    *
16.  *                                                                  *
17.  *  This file contains information about the NetAudit APIs.         *
18.  *                                                                  *
19.  *      Function prototypes.                                        *
20.  *                                                                  *
21.  *      Data structure templates.                                   *
22.  *                                                                  *
23.  *      Definition of special values.                               *
24.  *                                                                  *
25.  *                                                                  *
26.  *  NOTE:  You must include NETCONS.H before this file, since this  *
27.  *         file depends on values defined in NETCONS.H.             *
28.  *                                                                  *
29.  ********************************************************************/
30.  
31.  
32.  
33. #ifndef NETAUDIT_INCLUDED
34.  
35. #define NETAUDIT_INCLUDED
36.  
37. #ifdef ANY_32_BIT
38. #pragma pack(1)
39. #endif
40.  
41. /****************************************************************
42.  *                                                              *
43.  *              Data Structures for LogRead                     *
44.  *                                                              *
45.  ****************************************************************/
46.  
47. #ifndef LOGFLAGS_FORWARD
48.  
49. typedef struct loghandle
50.     {
51.         unsigned long   time;           /* Timestamp of first record */
52.         unsigned long   last_flags;     /* Last call's flags */
53.         unsigned long   offset;         /* Current offset in log */
54.         unsigned long   rec_offset;     /* Current record offset in log */
55.     }   HLOG;
56.  
57.  
58. #define LOGFLAGS_FORWARD        0
59. #define LOGFLAGS_BACKWARD       0x1
60. #define LOGFLAGS_SEEK           0x2
61.  
62. #endif
63.  
64.  
65. /****************************************************************
66.  *                                                              *
67.  *              Function prototypes                             *
68.  *                                                              *
69.  ****************************************************************/
70.  
71.  
72.  
73. extern API_FUNCTION
74.   NetAuditClear ( const unsigned char LSFAR * pszServer,
75.                   const unsigned char LSFAR * pszBackupFile,
76.                   unsigned char LSFAR *       pszReserved );
77.  
78. extern API_FUNCTION
79.   NetAuditOpen ( const unsigned char LSFAR * pszServer,
80.                  unsigned LSINT      LSFAR * phAuditLog,
81.                  unsigned char       LSFAR * pszReserved );
82.  
83. extern API_FUNCTION
84.   NetAuditRead ( const unsigned char LSFAR * pszServer,
85.                  const unsigned char LSFAR * pszReserved1,
86.                  HLOG LSFAR *                phAuditLog,
87.                  unsigned long               ulOffset,
88.                  unsigned short LSFAR      * pusReserved2,
89.                  unsigned long               ulReserved3,
90.                  unsigned long               flOffset,
91.                  unsigned char LSFAR *       pbBuffer,
92.                  unsigned short              cbBuffer,
93.                  unsigned short LSFAR      * pcbReturned,
94.                  unsigned short LSFAR      * pcbTotalAvail );
95.  
96.  
97. extern API_FUNCTION
98.   NetAuditWrite ( unsigned short              usType,
99.                   const unsigned char LSFAR * pbBuffer,
100.                   unsigned short              cbBuffer,
101.                   unsigned char LSFAR *       pszReserved1,
102.                   unsigned char LSFAR *       pszReserved2 );
103.  
104.  
105. /****************************************************************
106.  *                                                              *
107.  *              Data structure templates                        *
108.  *                                                              *
109.  ****************************************************************/
110.  
111. /*
112.  *   General audit_entry information.  For each type of entry,
113.  *   there may be additional information.  This is found at an
114.  *   offset of "ae_data_offset" from the start of the audit_entry
115.  *   structure.
116.  *
117.  *   Note that at the very end of each record is a word (unsigned
118.  *   short) that is the length of the record, the same value as
119.  *   found in ae_len.  This length includes the whole record, including
120.  *   the trailing length word.  This allows scanning backward.
121.  */
122.  
123. struct audit_entry {
124.         unsigned short      ae_len;         /* length of record */
125.         unsigned short      ae_reserved;
126.         unsigned long       ae_time;        /* time of entry    */
127.         unsigned short      ae_type;        /* type of entry    */
128.         unsigned short      ae_data_offset; /* offset to ae_data */
129. };      /* audit_entry */
130.  
131. /*
132.  *      The following structures represent the layout of the data area
133.  *      of specific audit entry types.  This is the information found
134.  *      at an offset of "ae_data_offset" from the start of the record.
135.  *      This will usually immediately follow the audit_entry structure,
136.  *      but DO NOT ASSUME THIS. Use the ae_data_offset value.
137.  *
138.  *      Some of these fields are offsets of the start of a text string.
139.  *      The offset is from the start of the data area (i.e. the position
140.  *      identified by ae_data_offset), NOT from the start of the whole
141.  *      entry.  This data will appear as ASCIIZ strings, usually in the
142.  *      area following the defined structure.
143.  */
144.  
145.                                         /* Server status record */
146. struct ae_srvstatus {
147.  
148.     unsigned short    ae_sv_status;
149.                                         /* AE_SRVSTART, AE_SRVPAUSED, */
150.                                         /*  AE_SRVCONT, AE_SRVSTOP    */
151. };      /* ae_srvstatus */
152.  
153. struct ae_sesslogon {
154.     unsigned short    ae_so_compname;   /* ptr to computername of client    */
155.     unsigned short    ae_so_username;   /* ptr to username of client (NULL  */
156.                                         /*  if same as computername)        */
157.     unsigned short    ae_so_privilege;  /* AE_GUEST, AE_USER, AE_ADMIN      */
158. };      /* ae_sesslogon */
159.  
160. struct ae_sesslogoff {
161.     unsigned short    ae_sf_compname;   /* ptr to computername of client    */
162.     unsigned short    ae_sf_username;   /* ptr to username of client (NULL  */
163.                                         /*  if same as computername)        */
164.     unsigned short    ae_sf_reason;     /* AE_NORMAL, AE_ERROR, AE_AUTODIS, */
165.                                         /*  AE_ADMINDIS                     */
166. };      /* ae_sesslogoff */
167.  
168. struct ae_sesspwerr {
169.     unsigned short    ae_sp_compname;   /* ptr to computername of client  */
170.     unsigned short    ae_sp_username;   /* ptr to username submitted by   */
171.                                         /*  client (NULL if same as       */
172.                                         /*  computername)                 */
173. };      /* ae_sesspwerr */
174.  
175. struct ae_connstart {
176.     unsigned short    ae_ct_compname;   /* ptr to computername of client    */
177.     unsigned short    ae_ct_username;   /* ptr to username of client (NULL  */
178.                                         /*  if same as computername)        */
179.     unsigned short    ae_ct_netname;    /* ptr to netname of share          */
180.     unsigned short    ae_ct_connid;     /* Unique connection ID             */
181. };      /* ae_connstart */
182.  
183. struct ae_connstop {
184.     unsigned short    ae_cp_compname;   /* ptr to computername of client    */
185.     unsigned short    ae_cp_username;   /* ptr to username of client (NULL  */
186.                                         /*  if same as computername)        */
187.     unsigned short    ae_cp_netname;    /* ptr to netname of share          */
188.     unsigned short    ae_cp_connid;     /* Unique connection ID             */
189.     unsigned short    ae_cp_reason;     /* AE_NORMAL/AE_SESSDIS/AE_UNSHARE  */
190. };      /* ae_connstop */
191.  
192. struct ae_connrej {
193.     unsigned short    ae_cr_compname;   /* ptr to computername of client    */
194.     unsigned short    ae_cr_username;   /* ptr to username of client (NULL  */
195.                                         /*  if same as computername)        */
196.     unsigned short    ae_cr_netname;    /* ptr to netname of share          */
197.     unsigned short    ae_cr_reason;     /* AE_USERLIMIT, AE_BADPW           */
198. };      /* ae_connrej */
199.  
200. struct ae_resaccess {
201.     unsigned short    ae_ra_compname;   /* ptr to computername of client    */
202.     unsigned short    ae_ra_username;   /* ptr to username of client (NULL  */
203.                                         /*  if same as computername)        */
204.     unsigned short    ae_ra_resname;    /* ptr to resource name             */
205.     unsigned short    ae_ra_operation;  /* Bitmask uses bits defined in     */
206.                                         /*  access.h                        */
207.     unsigned short    ae_ra_returncode; /* return code from operation       */
208.     unsigned short    ae_ra_restype;    /* type of resource record          */
209.     unsigned short    ae_ra_fileid;     /* unique server ID of file         */
210. };      /* ae_resaccess */
211.  
212. struct ae_resaccessrej {
213.     unsigned short    ae_rr_compname;   /* ptr to computername of client    */
214.     unsigned short    ae_rr_username;   /* ptr to username of client (NULL  */
215.                                         /*  if same as computername)        */
216.     unsigned short    ae_rr_resname;    /* ptr to resource name             */
217.     unsigned short    ae_rr_operation;  /* Bitmask uses bits defined in     */
218.                                         /*  access.h                        */
219. };      /* ae_resaccessrej */
220.  
221. struct ae_closefile {
222.     unsigned short    ae_cf_compname;   /* ptr to computername of client    */
223.     unsigned short    ae_cf_username;   /* ptr to username of client (NULL  */
224.                                         /*  if same as computername)        */
225.     unsigned short    ae_cf_resname;    /* ptr to resource name             */
226.     unsigned short    ae_cf_fileid;     /* unique ID of file                */
227.     unsigned long     ae_cf_duration;   /* length of use of file            */
228.     unsigned short    ae_cf_reason;     /* How the file was closed          */
229.                                         /* 0 = Normal Client Close          */
230.                                         /* 1 = Session Disconnected         */
231.                                         /* 2 = Administrative Close         */
232. };      /* ae_closefile */
233.  
234. struct ae_servicestat {
235.     unsigned short      ae_ss_compname; /* ptr to computername of client    */
236.     unsigned short      ae_ss_username; /* ptr to username of client (NULL  */
237.                                         /*  if same as computername)        */
238.     unsigned short      ae_ss_svcname;  /* ptr to service name              */
239.     unsigned short      ae_ss_status;   /* status of service                */
240.     unsigned long       ae_ss_code;     /* code of service                  */
241.     unsigned short      ae_ss_text;     /* text of service                  */
242.     unsigned short      ae_ss_returnval;
243. };      /* ae_servicestat */
244.  
245.  
246. struct ae_aclmod {
247.     unsigned short    ae_am_compname;   /* ptr to computername of client    */
248.     unsigned short    ae_am_username;   /* ptr to username of client (NULL  */
249.                                         /*  if same as computername)        */
250.     unsigned short    ae_am_resname;    /* ptr to resource name             */
251.     unsigned short    ae_am_action;     /* action performed on ACL record   */
252.                                         /* 0 = mod, 1 = del, 2 = add        */
253.     unsigned short    ae_am_datalen;    /* length of data following struct  */
254. };      /* ae_aclmod */
255.  
256.  
257. struct ae_uasmod {
258.     unsigned short    ae_um_compname;   /* ptr to computername of client    */
259.     unsigned short    ae_um_username;   /* ptr to username of client (NULL  */
260.                                         /*  if same as computername)        */
261.     unsigned short    ae_um_resname;    /* ptr to resource name             */
262.     unsigned short    ae_um_rectype;    /* type of UAS record               */
263.                                         /* 0 = user, 1 = group, 2 = modals  */
264.     unsigned short    ae_um_action;     /* action performed on record       */
265.                                         /* 0 = mod, 1 = del, 2 = add        */
266.     unsigned short    ae_um_datalen;    /* length of appended structure     */
267. };      /* ae_uasmod */
268.  
269. struct ae_netlogon {
270.     unsigned short    ae_no_compname;   /* ptr to computername of client    */
271.     unsigned short    ae_no_username;   /* ptr to username of client (NULL  */
272.                                         /*  if same as computername)        */
273.     unsigned short    ae_no_privilege;  /* AE_GUEST, AE_USER, AE_ADMIN      */
274.     unsigned long     ae_no_authflags;  /* operator privileges              */
275. };      /* ae_netlogon */
276.  
277. struct ae_netlogoff {
278.     unsigned short    ae_nf_compname;   /* ptr to computername of client    */
279.     unsigned short    ae_nf_username;   /* ptr to username of client (NULL  */
280.                                         /* if same as computername)         */
281.     unsigned short    ae_reserved1;     /* AE_NORMAL (reason for logoff)    */
282.     unsigned short    ae_reserved2;     /* AE_NORMAL (details of reason)    */
283. };      /* ae_netlogoff */
284.  
285. struct ae_netlogdenied {
286.     unsigned short    ae_nd_compname;   /* ptr to computername of client    */
287.     unsigned short    ae_nd_username;   /* ptr to username of client (NULL  */
288.                                         /*  if same as computername)        */
289.     unsigned short    ae_nd_reason;     /* reason for denial of netlogon    */
290.     unsigned short    ae_nd_subreason;  /* details of reason for denial     */
291. };      /* ae_netlogdenied */
292.  
293. struct ae_acclim {
294.     unsigned short    ae_al_compname;   /* ptr to computername of client    */
295.     unsigned short    ae_al_username;   /* ptr to username of client (NULL  */
296.                                         /*  if same as computername)        */
297.     unsigned short    ae_al_resname;    /* ptr to resource name             */
298.     unsigned short    ae_al_limit;      /* limit that was exceeded          */
299. };      /* ae_acclim */
300.  
301.  
302. struct ae_resaccess2 {
303.     unsigned short    ae_ra2_compname;  /* ptr to computername of client    */
304.     unsigned short    ae_ra2_username;  /* ptr to username of client (NULL  */
305.                                         /*  if same as computername)        */
306.     unsigned short    ae_ra2_resname;   /* ptr to resource name             */
307.     unsigned short    ae_ra2_operation; /* Bitmask uses bits defined in     */
308.                                         /*  access.h                        */
309.     unsigned short    ae_ra2_returncode; /* return code from operation      */
310.     unsigned short    ae_ra2_restype;   /* type of resource record          */
311.     unsigned long     ae_ra2_fileid;    /* unique server ID of file         */
312. };      /* ae_resaccess2 */
313.  
314.  
315.  
316. #ifdef PURE_32
317. /****************************************************************
318.  *                                                              *
319.  *       Function prototypes for "pure" 32-bit code             *
320.  *                                                              *
321.  ****************************************************************/
322.  
323. extern API32_FUNCTION
324.   Net32AuditClear ( const unsigned char * pszServer,
325.                     const unsigned char * pszBackupFile,
326.                     unsigned char       * pszReserved );
327.  
328. extern API32_FUNCTION
329.   Net32AuditRead ( const unsigned char * pszServer,
330.                    const unsigned char * pszReserved1,
331.                    HLOG                * phAuditLogHandle,
332.                    unsigned long         ulOffset,
333.                    unsigned short      * pusReserved2,
334.                    unsigned long         ulReserved3,
335.                    unsigned long         ulOpenFlags,
336.                    unsigned char       * pbBuffer,
337.                    unsigned long         ulBuffer,
338.                    unsigned long       * pulReturned,
339.                    unsigned long       * pulTotalAvail );
340.  
341.  
342. extern API32_FUNCTION
343.   Net32AuditWrite ( unsigned short        usType,
344.                     const unsigned char * pbBuffer,
345.                     unsigned long         ulBuffer,
346.                     unsigned char       * pszReserved1,
347.                     unsigned char       * pszReserved2);
348.  
349.  
350. #endif /* PURE_32 */
351.  
352.  
353. /****************************************************************
354.  *                                                              *
355.  *              Special values and constants                    *
356.  *                                                              *
357.  ****************************************************************/
358.  
359.  
360. /*
361.  *      Audit entry types (field ae_type in audit_entry).
362.  */
363.  
364. #define AE_SRVSTATUS     0
365. #define AE_SESSLOGON     1
366. #define AE_SESSLOGOFF    2
367. #define AE_SESSPWERR     3
368. #define AE_CONNSTART     4
369. #define AE_CONNSTOP      5
370. #define AE_CONNREJ       6
371. #define AE_RESACCESS     7
372. #define AE_RESACCESSREJ  8
373. #define AE_CLOSEFILE     9
374. #define AE_SERVICESTAT  11
375. #define AE_ACLMOD       12
376. #define AE_UASMOD       13
377. #define AE_NETLOGON     14
378. #define AE_NETLOGOFF    15
379. #define AE_NETLOGDENIED 16
380. #define AE_ACCLIMITEXCD 17
381. #define AE_RESACCESS2   18
382. #define AE_ACLMODFAIL   19
383.  
384.  
385. /*
386.  *      Values for ae_ss_status field of ae_srvstatus.
387.  */
388.  
389. #define AE_SRVSTART     0
390. #define AE_SRVPAUSED    1
391. #define AE_SRVCONT      2
392. #define AE_SRVSTOP      3
393.  
394. /*
395.  *      Values for ae_so_privilege field of ae_sesslogon.
396.  */
397.  
398. #define AE_GUEST        0
399. #define AE_USER         1
400. #define AE_ADMIN        2
401.  
402. /*
403.  *      Values for various ae_XX_reason fields.
404.  */
405.  
406. #define AE_NORMAL       0
407. #define AE_USERLIMIT    0
408. #define AE_GENERAL      0
409. #define AE_ERROR        1
410. #define AE_SESSDIS      1
411. #define AE_BADPW        1
412. #define AE_AUTODIS      2
413. #define AE_UNSHARE      2
414. #define AE_ADMINPRIVREQD 2
415. #define AE_ADMINDIS     3
416. #define AE_NOACCESSPERM 3
417. #define AE_ACCRESTRICT  4
418. #define AE_UNDEFINEDUSER   9
419.  
420. #define AE_NORMAL_CLOSE 0
421. #define AE_SES_CLOSE    1
422. #define AE_ADMIN_CLOSE  2
423.  
424.  
425. /*
426.  * Values for xx_subreason fields.
427.  */
428.  
429. #define AE_LIM_UNKNOWN      0
430. #define AE_LIM_LOGONHOURS   1
431. #define AE_LIM_EXPIRED      2
432. #define AE_LIM_INVAL_WKSTA  3
433. #define AE_LIM_DISABLED     4
434. #define AE_LIM_DELETED      5
435.  
436.  
437.  
438. /*
439.  * Values for xx_action fields
440.  */
441.  
442. #define AE_MOD          0
443. #define AE_DELETE       1
444. #define AE_ADD          2
445. #define AE_PWSET        9
446.  
447.  
448. /*
449.  * Types of UAS record for um_rectype field
450.  */
451.  
452. #define AE_UAS_USER         0
453. #define AE_UAS_GROUP        1
454. #define AE_UAS_MODALS       2
455.  
456.  
457. /*
458.  * Bitmasks for auditing events
459.  *
460.  *  The parentheses around the hex constants broke h_to_inc
461.  *  and have been purged from the face of the earth.
462.  */
463.  
464. #define SVAUD_SERVICE           0x1
465. #define SVAUD_GOODSESSLOGON     0x6
466. #define SVAUD_BADSESSLOGON      0x18
467. #define SVAUD_SESSLOGON         (SVAUD_GOODSESSLOGON | SVAUD_BADSESSLOGON)
468. #define SVAUD_GOODNETLOGON      0x60
469. #define SVAUD_BADNETLOGON       0x180
470. #define SVAUD_NETLOGON          (SVAUD_GOODNETLOGON | SVAUD_BADNETLOGON)
471. #define SVAUD_LOGON             (SVAUD_NETLOGON | SVAUD_SESSLOGON)
472. #define SVAUD_GOODUSE           0x600
473. #define SVAUD_BADUSE            0x1800
474. #define SVAUD_USE               (SVAUD_GOODUSE | SVAUD_BADUSE)
475. #define SVAUD_USERLIST          0x2000
476. #define SVAUD_PERMISSIONS       0x4000
477. #define SVAUD_RESOURCE          0x8000
478. #define SVAUD_LOGONLIM          0x00010000
479.  
480.  
481. /*
482.  * Resource access audit bitmasks.
483.  */
484.  
485. #define AA_AUDIT_ALL        0x0001
486. #define AA_A_OWNER          0x0004
487. #define AA_CLOSE            0x0008
488. #define AA_S_OPEN           0x0010
489. #define AA_S_WRITE          0x0020
490. #define AA_S_CREATE         0x0020
491. #define AA_S_DELETE         0x0040
492. #define AA_S_ACL            0x0080
493. #define AA_S_ALL            ( AA_S_OPEN | AA_S_WRITE | AA_S_DELETE | AA_S_ACL)
494. #define AA_F_OPEN           0x0100
495. #define AA_F_WRITE          0x0200
496. #define AA_F_CREATE         0x0200
497. #define AA_F_DELETE         0x0400
498. #define AA_F_ACL            0x0800
499. #define AA_F_ALL            ( AA_F_OPEN | AA_F_WRITE | AA_F_DELETE | AA_F_ACL)
500.  
501. /* Pinball-specific */
502. #define AA_A_OPEN           0x1000
503. #define AA_A_WRITE          0x2000
504. #define AA_A_CREATE         0x2000
505. #define AA_A_DELETE         0x4000
506. #define AA_A_ACL            0x8000
507. #define AA_A_ALL            ( AA_F_OPEN | AA_F_WRITE | AA_F_DELETE | AA_F_ACL)
508.  
509.  
510.  
511.  
512.  
513. #ifdef ANY_32_BIT
514. #pragma pack()
515. #endif
516.  
517. #endif /* NETAUDIT_INCLUDED */
518.