Win32 API 日本語リファレンス
ホームSecurity.Authorization › AuthzOpenObjectAudit

AuthzOpenObjectAudit

関数
アクセスチェックに伴うオブジェクト監査を実行する。
DLLAUTHZ.dll呼出規約winapiSetLastErrorあり対応OSWindows XP 以降

シグネチャ

// AUTHZ.dll
#include <windows.h>

BOOL AuthzOpenObjectAudit(
    DWORD Flags,
    AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
    AUTHZ_ACCESS_REQUEST* pRequest,
    AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent,
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSECURITY_DESCRIPTOR* OptionalSecurityDescriptorArray,   // optional
    DWORD OptionalSecurityDescriptorCount,
    AUTHZ_ACCESS_REPLY* pReply
);

パラメーター

名前方向説明
FlagsDWORDin将来の使用のために予約されています。
hAuthzClientContextAUTHZ_CLIENT_CONTEXT_HANDLEin開くオブジェクトのクライアントコンテキストへのハンドル。
pRequestAUTHZ_ACCESS_REQUEST*inAUTHZ_ACCESS_REQUEST 構造体へのポインター。
hAuditEventAUTHZ_AUDIT_EVENT_HANDLEin使用する監査イベントへのハンドル。
pSecurityDescriptorPSECURITY_DESCRIPTORinオブジェクトの SECURITY_DESCRIPTOR 構造体へのポインター。
OptionalSecurityDescriptorArrayPSECURITY_DESCRIPTOR*inoptionalSECURITY_DESCRIPTOR 構造体の配列へのポインター。
OptionalSecurityDescriptorCountDWORDinSecurityDescriptorArray 内の要素の数。
pReplyAUTHZ_ACCESS_REPLY*inAUTHZ_ACCESS_REPLY 構造体へのポインター。

戻り値の型: BOOL

公式ドキュメント

指定されたセキュリティ記述子のシステムアクセス制御リスト(SACL)を読み取り、その SACL で指定された適切な監査を生成します。

戻り値

関数が成功した場合は、0 以外の値を返します。

関数が失敗した場合は、0 を返します。拡張エラー情報を取得するには、GetLastError を呼び出します。

出典・ライセンス: 上記「公式ドキュメント」の内容は Microsoft の Win32 API ドキュメント(MicrosoftDocs/sdk-api)を日本語に翻訳・改変したものです。© Microsoft Corporation. CC BY 4.0 で提供。
Microsoft 公式リファレンス: 英語 (en-us) · 日本語 (ja-jp) · 原文ソース (GitHub)

各言語での呼び出し定義

// AUTHZ.dll
#include <windows.h>

BOOL AuthzOpenObjectAudit(
    DWORD Flags,
    AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
    AUTHZ_ACCESS_REQUEST* pRequest,
    AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent,
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSECURITY_DESCRIPTOR* OptionalSecurityDescriptorArray,   // optional
    DWORD OptionalSecurityDescriptorCount,
    AUTHZ_ACCESS_REPLY* pReply
);
[return: MarshalAs(UnmanagedType.Bool)]
[DllImport("AUTHZ.dll", SetLastError = true, ExactSpelling = true)]
static extern bool AuthzOpenObjectAudit(
    uint Flags,   // DWORD
    IntPtr hAuthzClientContext,   // AUTHZ_CLIENT_CONTEXT_HANDLE
    IntPtr pRequest,   // AUTHZ_ACCESS_REQUEST*
    IntPtr hAuditEvent,   // AUTHZ_AUDIT_EVENT_HANDLE
    IntPtr pSecurityDescriptor,   // PSECURITY_DESCRIPTOR
    IntPtr OptionalSecurityDescriptorArray,   // PSECURITY_DESCRIPTOR* optional
    uint OptionalSecurityDescriptorCount,   // DWORD
    IntPtr pReply   // AUTHZ_ACCESS_REPLY*
);
<DllImport("AUTHZ.dll", SetLastError:=True, ExactSpelling:=True)>
Public Shared Function AuthzOpenObjectAudit(
    Flags As UInteger,   ' DWORD
    hAuthzClientContext As IntPtr,   ' AUTHZ_CLIENT_CONTEXT_HANDLE
    pRequest As IntPtr,   ' AUTHZ_ACCESS_REQUEST*
    hAuditEvent As IntPtr,   ' AUTHZ_AUDIT_EVENT_HANDLE
    pSecurityDescriptor As IntPtr,   ' PSECURITY_DESCRIPTOR
    OptionalSecurityDescriptorArray As IntPtr,   ' PSECURITY_DESCRIPTOR* optional
    OptionalSecurityDescriptorCount As UInteger,   ' DWORD
    pReply As IntPtr   ' AUTHZ_ACCESS_REPLY*
) As <MarshalAs(UnmanagedType.Bool)> Boolean
End Function
' Flags : DWORD
' hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE
' pRequest : AUTHZ_ACCESS_REQUEST*
' hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE
' pSecurityDescriptor : PSECURITY_DESCRIPTOR
' OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional
' OptionalSecurityDescriptorCount : DWORD
' pReply : AUTHZ_ACCESS_REPLY*
Declare PtrSafe Function AuthzOpenObjectAudit Lib "authz" ( _
    ByVal Flags As Long, _
    ByVal hAuthzClientContext As LongPtr, _
    ByVal pRequest As LongPtr, _
    ByVal hAuditEvent As LongPtr, _
    ByVal pSecurityDescriptor As LongPtr, _
    ByVal OptionalSecurityDescriptorArray As LongPtr, _
    ByVal OptionalSecurityDescriptorCount As Long, _
    ByVal pReply As LongPtr) As Long
' VBA7前提(PtrSafe)。32bit Office では LongPtr→Long。Integer=16bit / Long=32bit / LongLong=64bit。
import ctypes
from ctypes import wintypes

AuthzOpenObjectAudit = ctypes.windll.authz.AuthzOpenObjectAudit
AuthzOpenObjectAudit.restype = wintypes.BOOL
AuthzOpenObjectAudit.argtypes = [
    wintypes.DWORD,  # Flags : DWORD
    wintypes.HANDLE,  # hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE
    ctypes.c_void_p,  # pRequest : AUTHZ_ACCESS_REQUEST*
    wintypes.HANDLE,  # hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE
    wintypes.HANDLE,  # pSecurityDescriptor : PSECURITY_DESCRIPTOR
    ctypes.c_void_p,  # OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional
    wintypes.DWORD,  # OptionalSecurityDescriptorCount : DWORD
    ctypes.c_void_p,  # pReply : AUTHZ_ACCESS_REPLY*
]
# GetLastError: use ctypes.GetLastError() (or ctypes.WinDLL(use_last_error=True))
require 'fiddle'
require 'fiddle/import'

lib = Fiddle.dlopen('AUTHZ.dll')
AuthzOpenObjectAudit = Fiddle::Function.new(
  lib['AuthzOpenObjectAudit'],
  [
    -Fiddle::TYPE_INT,  # Flags : DWORD
    Fiddle::TYPE_VOIDP,  # hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE
    Fiddle::TYPE_VOIDP,  # pRequest : AUTHZ_ACCESS_REQUEST*
    Fiddle::TYPE_VOIDP,  # hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE
    Fiddle::TYPE_VOIDP,  # pSecurityDescriptor : PSECURITY_DESCRIPTOR
    Fiddle::TYPE_VOIDP,  # OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional
    -Fiddle::TYPE_INT,  # OptionalSecurityDescriptorCount : DWORD
    Fiddle::TYPE_VOIDP,  # pReply : AUTHZ_ACCESS_REPLY*
  ],
  Fiddle::TYPE_INT)
#[link(name = "authz")]
extern "system" {
    fn AuthzOpenObjectAudit(
        Flags: u32,  // DWORD
        hAuthzClientContext: *mut core::ffi::c_void,  // AUTHZ_CLIENT_CONTEXT_HANDLE
        pRequest: *mut AUTHZ_ACCESS_REQUEST,  // AUTHZ_ACCESS_REQUEST*
        hAuditEvent: *mut core::ffi::c_void,  // AUTHZ_AUDIT_EVENT_HANDLE
        pSecurityDescriptor: *mut core::ffi::c_void,  // PSECURITY_DESCRIPTOR
        OptionalSecurityDescriptorArray: *mut *mut core::ffi::c_void,  // PSECURITY_DESCRIPTOR* optional
        OptionalSecurityDescriptorCount: u32,  // DWORD
        pReply: *mut AUTHZ_ACCESS_REPLY  // AUTHZ_ACCESS_REPLY*
    ) -> i32;
}
// crates: windows-sys provides ready-made bindings for this API.
$sig = @"
[return: MarshalAs(UnmanagedType.Bool)]
[DllImport("AUTHZ.dll", SetLastError = true)]
public static extern bool AuthzOpenObjectAudit(uint Flags, IntPtr hAuthzClientContext, IntPtr pRequest, IntPtr hAuditEvent, IntPtr pSecurityDescriptor, IntPtr OptionalSecurityDescriptorArray, uint OptionalSecurityDescriptorCount, IntPtr pReply);
"@
$api = Add-Type -MemberDefinition $sig -Name 'AUTHZ_AuthzOpenObjectAudit' -Namespace Win32 -PassThru
# $api::AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
#uselib "AUTHZ.dll"
#func global AuthzOpenObjectAudit "AuthzOpenObjectAudit" sptr, sptr, sptr, sptr, sptr, sptr, sptr, sptr
; AuthzOpenObjectAudit Flags, hAuthzClientContext, varptr(pRequest), hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, varptr(pReply)   ; 戻り値は stat
; Flags : DWORD -> "sptr"
; hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> "sptr"
; pRequest : AUTHZ_ACCESS_REQUEST* -> "sptr"
; hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> "sptr"
; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "sptr"
; OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> "sptr"
; OptionalSecurityDescriptorCount : DWORD -> "sptr"
; pReply : AUTHZ_ACCESS_REPLY* -> "sptr"
; ※HSP3.7は #func のため戻り値はシステム変数 stat に格納されます。
出力引数:
#uselib "AUTHZ.dll"
#cfunc global AuthzOpenObjectAudit "AuthzOpenObjectAudit" int, sptr, var, sptr, sptr, sptr, int, var
; res = AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
; Flags : DWORD -> "int"
; hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> "sptr"
; pRequest : AUTHZ_ACCESS_REQUEST* -> "var"
; hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> "sptr"
; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "sptr"
; OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> "sptr"
; OptionalSecurityDescriptorCount : DWORD -> "int"
; pReply : AUTHZ_ACCESS_REPLY* -> "var"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。
出力引数:
; BOOL AuthzOpenObjectAudit(DWORD Flags, AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, AUTHZ_ACCESS_REQUEST* pRequest, AUTHZ_AUDIT_EVENT_HANDLE hAuditEvent, PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR* OptionalSecurityDescriptorArray, DWORD OptionalSecurityDescriptorCount, AUTHZ_ACCESS_REPLY* pReply)
#uselib "AUTHZ.dll"
#cfunc global AuthzOpenObjectAudit "AuthzOpenObjectAudit" int, intptr, var, intptr, intptr, intptr, int, var
; res = AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
; Flags : DWORD -> "int"
; hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> "intptr"
; pRequest : AUTHZ_ACCESS_REQUEST* -> "var"
; hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> "intptr"
; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "intptr"
; OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> "intptr"
; OptionalSecurityDescriptorCount : DWORD -> "int"
; pReply : AUTHZ_ACCESS_REPLY* -> "var"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。
import (
	"golang.org/x/sys/windows"
	"unsafe"
)

var (
	authz = windows.NewLazySystemDLL("AUTHZ.dll")
	procAuthzOpenObjectAudit = authz.NewProc("AuthzOpenObjectAudit")
)

// Flags (DWORD), hAuthzClientContext (AUTHZ_CLIENT_CONTEXT_HANDLE), pRequest (AUTHZ_ACCESS_REQUEST*), hAuditEvent (AUTHZ_AUDIT_EVENT_HANDLE), pSecurityDescriptor (PSECURITY_DESCRIPTOR), OptionalSecurityDescriptorArray (PSECURITY_DESCRIPTOR* optional), OptionalSecurityDescriptorCount (DWORD), pReply (AUTHZ_ACCESS_REPLY*)
r1, _, err := procAuthzOpenObjectAudit.Call(
	uintptr(Flags),
	uintptr(hAuthzClientContext),
	uintptr(pRequest),
	uintptr(hAuditEvent),
	uintptr(pSecurityDescriptor),
	uintptr(OptionalSecurityDescriptorArray),
	uintptr(OptionalSecurityDescriptorCount),
	uintptr(pReply),
)
_ = err  // syscall.Errno (valid when the call sets last-error)
_ = r1   // BOOL
function AuthzOpenObjectAudit(
  Flags: DWORD;   // DWORD
  hAuthzClientContext: THandle;   // AUTHZ_CLIENT_CONTEXT_HANDLE
  pRequest: Pointer;   // AUTHZ_ACCESS_REQUEST*
  hAuditEvent: THandle;   // AUTHZ_AUDIT_EVENT_HANDLE
  pSecurityDescriptor: THandle;   // PSECURITY_DESCRIPTOR
  OptionalSecurityDescriptorArray: Pointer;   // PSECURITY_DESCRIPTOR* optional
  OptionalSecurityDescriptorCount: DWORD;   // DWORD
  pReply: Pointer   // AUTHZ_ACCESS_REPLY*
): BOOL; stdcall;
  external 'AUTHZ.dll' name 'AuthzOpenObjectAudit';
result := DllCall("AUTHZ\AuthzOpenObjectAudit"
    , "UInt", Flags   ; DWORD
    , "Ptr", hAuthzClientContext   ; AUTHZ_CLIENT_CONTEXT_HANDLE
    , "Ptr", pRequest   ; AUTHZ_ACCESS_REQUEST*
    , "Ptr", hAuditEvent   ; AUTHZ_AUDIT_EVENT_HANDLE
    , "Ptr", pSecurityDescriptor   ; PSECURITY_DESCRIPTOR
    , "Ptr", OptionalSecurityDescriptorArray   ; PSECURITY_DESCRIPTOR* optional
    , "UInt", OptionalSecurityDescriptorCount   ; DWORD
    , "Ptr", pReply   ; AUTHZ_ACCESS_REPLY*
    , "Int")   ; return: BOOL
●AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply) = DLL("AUTHZ.dll", "bool AuthzOpenObjectAudit(dword, void*, void*, void*, void*, void*, dword, void*)")
# 呼び出し: AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
# Flags : DWORD -> "dword"
# hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> "void*"
# pRequest : AUTHZ_ACCESS_REQUEST* -> "void*"
# hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> "void*"
# pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "void*"
# OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> "void*"
# OptionalSecurityDescriptorCount : DWORD -> "dword"
# pReply : AUTHZ_ACCESS_REPLY* -> "void*"
# なでしこ1は32bit・ANSI(Shift_JIS)。文字列=char*(ANSI)、ポインタ/ハンドル=void*(4byte)。
const std = @import("std");

extern "authz" fn AuthzOpenObjectAudit(
    Flags: u32, // DWORD
    hAuthzClientContext: ?*anyopaque, // AUTHZ_CLIENT_CONTEXT_HANDLE
    pRequest: [*c]AUTHZ_ACCESS_REQUEST, // AUTHZ_ACCESS_REQUEST*
    hAuditEvent: ?*anyopaque, // AUTHZ_AUDIT_EVENT_HANDLE
    pSecurityDescriptor: ?*anyopaque, // PSECURITY_DESCRIPTOR
    OptionalSecurityDescriptorArray: ?*anyopaque, // PSECURITY_DESCRIPTOR* optional
    OptionalSecurityDescriptorCount: u32, // DWORD
    pReply: [*c]AUTHZ_ACCESS_REPLY // AUTHZ_ACCESS_REPLY*
) callconv(std.os.windows.WINAPI) i32;
proc AuthzOpenObjectAudit(
    Flags: uint32,  # DWORD
    hAuthzClientContext: pointer,  # AUTHZ_CLIENT_CONTEXT_HANDLE
    pRequest: ptr AUTHZ_ACCESS_REQUEST,  # AUTHZ_ACCESS_REQUEST*
    hAuditEvent: pointer,  # AUTHZ_AUDIT_EVENT_HANDLE
    pSecurityDescriptor: pointer,  # PSECURITY_DESCRIPTOR
    OptionalSecurityDescriptorArray: pointer,  # PSECURITY_DESCRIPTOR* optional
    OptionalSecurityDescriptorCount: uint32,  # DWORD
    pReply: ptr AUTHZ_ACCESS_REPLY  # AUTHZ_ACCESS_REPLY*
): int32 {.importc: "AuthzOpenObjectAudit", stdcall, dynlib: "AUTHZ.dll".}
pragma(lib, "authz");
extern(Windows)
int AuthzOpenObjectAudit(
    uint Flags,   // DWORD
    void* hAuthzClientContext,   // AUTHZ_CLIENT_CONTEXT_HANDLE
    AUTHZ_ACCESS_REQUEST* pRequest,   // AUTHZ_ACCESS_REQUEST*
    void* hAuditEvent,   // AUTHZ_AUDIT_EVENT_HANDLE
    void* pSecurityDescriptor,   // PSECURITY_DESCRIPTOR
    void* OptionalSecurityDescriptorArray,   // PSECURITY_DESCRIPTOR* optional
    uint OptionalSecurityDescriptorCount,   // DWORD
    AUTHZ_ACCESS_REPLY* pReply   // AUTHZ_ACCESS_REPLY*
);
ccall((:AuthzOpenObjectAudit, "AUTHZ.dll"), stdcall, Int32,
      (UInt32, Ptr{Cvoid}, Ptr{AUTHZ_ACCESS_REQUEST}, Ptr{Cvoid}, Ptr{Cvoid}, Ptr{Cvoid}, UInt32, Ptr{AUTHZ_ACCESS_REPLY}),
      Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
# Flags : DWORD -> UInt32
# hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> Ptr{Cvoid}
# pRequest : AUTHZ_ACCESS_REQUEST* -> Ptr{AUTHZ_ACCESS_REQUEST}
# hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> Ptr{Cvoid}
# pSecurityDescriptor : PSECURITY_DESCRIPTOR -> Ptr{Cvoid}
# OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> Ptr{Cvoid}
# OptionalSecurityDescriptorCount : DWORD -> UInt32
# pReply : AUTHZ_ACCESS_REPLY* -> Ptr{AUTHZ_ACCESS_REPLY}
# stdcall は 32bit のみ意味を持つ(x64 では無視)。
local ffi = require("ffi")
ffi.cdef[[
int32_t AuthzOpenObjectAudit(
    uint32_t Flags,
    void* hAuthzClientContext,
    void* pRequest,
    void* hAuditEvent,
    void* pSecurityDescriptor,
    void* OptionalSecurityDescriptorArray,
    uint32_t OptionalSecurityDescriptorCount,
    void* pReply);
]]
local authz = ffi.load("authz")
-- authz.AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
-- Flags : DWORD
-- hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE
-- pRequest : AUTHZ_ACCESS_REQUEST*
-- hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE
-- pSecurityDescriptor : PSECURITY_DESCRIPTOR
-- OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional
-- OptionalSecurityDescriptorCount : DWORD
-- pReply : AUTHZ_ACCESS_REPLY*
-- 構造体/GUIDへのポインタは cdef が通るよう void* で表記(実型は各引数コメント参照)。値渡し構造体・enum は対応する typedef を cdef に追加すること。
const koffi = require('koffi');
const lib = koffi.load('AUTHZ.dll');
const AuthzOpenObjectAudit = lib.func('__stdcall', 'AuthzOpenObjectAudit', 'int32_t', ['uint32_t', 'void *', 'void *', 'void *', 'void *', 'void *', 'uint32_t', 'void *']);
// AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
// Flags : DWORD -> 'uint32_t'
// hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> 'void *'
// pRequest : AUTHZ_ACCESS_REQUEST* -> 'void *'
// hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> 'void *'
// pSecurityDescriptor : PSECURITY_DESCRIPTOR -> 'void *'
// OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> 'void *'
// OptionalSecurityDescriptorCount : DWORD -> 'uint32_t'
// pReply : AUTHZ_ACCESS_REPLY* -> 'void *'
// 出力ポインタは koffi.out(...) で包む。構造体は koffi.struct で定義。
const lib = Deno.dlopen("AUTHZ.dll", {
  AuthzOpenObjectAudit: { parameters: ["u32", "pointer", "pointer", "pointer", "pointer", "pointer", "u32", "pointer"], result: "i32" },
});
// lib.symbols.AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply)
// Flags : DWORD -> "u32"
// hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> "pointer"
// pRequest : AUTHZ_ACCESS_REQUEST* -> "pointer"
// hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> "pointer"
// pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "pointer"
// OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> "pointer"
// OptionalSecurityDescriptorCount : DWORD -> "u32"
// pReply : AUTHZ_ACCESS_REPLY* -> "pointer"
// 文字列引数は "buffer"(NUL 終端のバイト列を Uint8Array で渡す)。
// 値渡し構造体は { struct: [ ...field types... ] } を使用。
<?php
$ffi = FFI::cdef(<<<C
int32_t AuthzOpenObjectAudit(
    uint32_t Flags,
    void* hAuthzClientContext,
    void* pRequest,
    void* hAuditEvent,
    void* pSecurityDescriptor,
    void* OptionalSecurityDescriptorArray,
    uint32_t OptionalSecurityDescriptorCount,
    void* pReply);
C, "AUTHZ.dll");
// $ffi->AuthzOpenObjectAudit(Flags, hAuthzClientContext, pRequest, hAuditEvent, pSecurityDescriptor, OptionalSecurityDescriptorArray, OptionalSecurityDescriptorCount, pReply);
// Flags : DWORD
// hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE
// pRequest : AUTHZ_ACCESS_REQUEST*
// hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE
// pSecurityDescriptor : PSECURITY_DESCRIPTOR
// OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional
// OptionalSecurityDescriptorCount : DWORD
// pReply : AUTHZ_ACCESS_REPLY*
// 構造体/GUIDへのポインタは cdef が通るよう void* で表記(実型は各引数コメント参照)。値渡し構造体・enum は対応する typedef を cdef に追加すること。
// WINAPI(stdcall): x64 では呼出規約が統一されるため問題なし。x86 では __stdcall 対応のラッパが必要な場合あり。
import com.sun.jna.*;
import com.sun.jna.ptr.*;
import com.sun.jna.win32.StdCallLibrary;
import com.sun.jna.win32.W32APIOptions;

public interface Authz extends StdCallLibrary {
    Authz INSTANCE = Native.load("authz", Authz.class);
    boolean AuthzOpenObjectAudit(
        int Flags,   // DWORD
        Pointer hAuthzClientContext,   // AUTHZ_CLIENT_CONTEXT_HANDLE
        Pointer pRequest,   // AUTHZ_ACCESS_REQUEST*
        Pointer hAuditEvent,   // AUTHZ_AUDIT_EVENT_HANDLE
        Pointer pSecurityDescriptor,   // PSECURITY_DESCRIPTOR
        Pointer OptionalSecurityDescriptorArray,   // PSECURITY_DESCRIPTOR* optional
        int OptionalSecurityDescriptorCount,   // DWORD
        Pointer pReply   // AUTHZ_ACCESS_REPLY*
    );
}
@[Link("authz")]
lib LibAUTHZ
  fun AuthzOpenObjectAudit = AuthzOpenObjectAudit(
    Flags : UInt32,   # DWORD
    hAuthzClientContext : Void*,   # AUTHZ_CLIENT_CONTEXT_HANDLE
    pRequest : AUTHZ_ACCESS_REQUEST*,   # AUTHZ_ACCESS_REQUEST*
    hAuditEvent : Void*,   # AUTHZ_AUDIT_EVENT_HANDLE
    pSecurityDescriptor : Void*,   # PSECURITY_DESCRIPTOR
    OptionalSecurityDescriptorArray : Void*,   # PSECURITY_DESCRIPTOR* optional
    OptionalSecurityDescriptorCount : UInt32,   # DWORD
    pReply : AUTHZ_ACCESS_REPLY*   # AUTHZ_ACCESS_REPLY*
  ) : Int32
end
# 構造体/GUID/enum は lib 内に対応する型定義が必要。
# 呼出規約: x64 は規約統一のため OK。x86(32bit)は WINAPI=stdcall だが Crystal の fun に stdcall 付与構文がなく非対応。
import 'dart:ffi';
import 'package:ffi/ffi.dart';

typedef AuthzOpenObjectAuditNative = Int32 Function(Uint32, Pointer<Void>, Pointer<Void>, Pointer<Void>, Pointer<Void>, Pointer<Void>, Uint32, Pointer<Void>);
typedef AuthzOpenObjectAuditDart = int Function(int, Pointer<Void>, Pointer<Void>, Pointer<Void>, Pointer<Void>, Pointer<Void>, int, Pointer<Void>);
final AuthzOpenObjectAudit = DynamicLibrary.open('AUTHZ.dll')
    .lookupFunction<AuthzOpenObjectAuditNative, AuthzOpenObjectAuditDart>('AuthzOpenObjectAudit');
// Flags : DWORD -> Uint32
// hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> Pointer<Void>
// pRequest : AUTHZ_ACCESS_REQUEST* -> Pointer<Void>
// hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> Pointer<Void>
// pSecurityDescriptor : PSECURITY_DESCRIPTOR -> Pointer<Void>
// OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> Pointer<Void>
// OptionalSecurityDescriptorCount : DWORD -> Uint32
// pReply : AUTHZ_ACCESS_REPLY* -> Pointer<Void>
// 文字列は package:ffi の "...".toNativeUtf16()/toNativeUtf8() で変換。
{$mode objfpc}{$H+}
function AuthzOpenObjectAudit(
  Flags: DWORD;   // DWORD
  hAuthzClientContext: THandle;   // AUTHZ_CLIENT_CONTEXT_HANDLE
  pRequest: Pointer;   // AUTHZ_ACCESS_REQUEST*
  hAuditEvent: THandle;   // AUTHZ_AUDIT_EVENT_HANDLE
  pSecurityDescriptor: THandle;   // PSECURITY_DESCRIPTOR
  OptionalSecurityDescriptorArray: Pointer;   // PSECURITY_DESCRIPTOR* optional
  OptionalSecurityDescriptorCount: DWORD;   // DWORD
  pReply: Pointer   // AUTHZ_ACCESS_REPLY*
): BOOL; stdcall;
  external 'AUTHZ.dll' name 'AuthzOpenObjectAudit';
import Foreign
import Foreign.C.Types
import Foreign.C.String

foreign import stdcall safe "AuthzOpenObjectAudit"
  c_AuthzOpenObjectAudit :: Word32 -> Ptr () -> Ptr () -> Ptr () -> Ptr () -> Ptr () -> Word32 -> Ptr () -> IO CInt
-- Flags : DWORD -> Word32
-- hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> Ptr ()
-- pRequest : AUTHZ_ACCESS_REQUEST* -> Ptr ()
-- hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> Ptr ()
-- pSecurityDescriptor : PSECURITY_DESCRIPTOR -> Ptr ()
-- OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> Ptr ()
-- OptionalSecurityDescriptorCount : DWORD -> Word32
-- pReply : AUTHZ_ACCESS_REPLY* -> Ptr ()
-- 要 GHC(Windows)。stdcall は x64 では ccall として扱われる。ブロックする API は safe 呼び出し推奨。
open Ctypes
open Foreign

let authzopenobjectaudit =
  foreign "AuthzOpenObjectAudit"
    (uint32_t @-> (ptr void) @-> (ptr void) @-> (ptr void) @-> (ptr void) @-> (ptr void) @-> uint32_t @-> (ptr void) @-> returning int32_t)
(* Flags : DWORD -> uint32_t *)
(* hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> (ptr void) *)
(* pRequest : AUTHZ_ACCESS_REQUEST* -> (ptr void) *)
(* hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> (ptr void) *)
(* pSecurityDescriptor : PSECURITY_DESCRIPTOR -> (ptr void) *)
(* OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> (ptr void) *)
(* OptionalSecurityDescriptorCount : DWORD -> uint32_t *)
(* pReply : AUTHZ_ACCESS_REPLY* -> (ptr void) *)
(* foreign は cdecl 前提。x64 Windows では WINAPI と一致。構造体は ctypes structure を定義のこと。 *)
(cffi:define-foreign-library authz (t "AUTHZ.dll"))
(cffi:use-foreign-library authz)

(cffi:defcfun ("AuthzOpenObjectAudit" authz-open-object-audit :convention :stdcall) :int32
  (flags :uint32)   ; DWORD
  (h-authz-client-context :pointer)   ; AUTHZ_CLIENT_CONTEXT_HANDLE
  (p-request :pointer)   ; AUTHZ_ACCESS_REQUEST*
  (h-audit-event :pointer)   ; AUTHZ_AUDIT_EVENT_HANDLE
  (p-security-descriptor :pointer)   ; PSECURITY_DESCRIPTOR
  (optional-security-descriptor-array :pointer)   ; PSECURITY_DESCRIPTOR* optional
  (optional-security-descriptor-count :uint32)   ; DWORD
  (p-reply :pointer))   ; AUTHZ_ACCESS_REPLY*
; isize/usize(INT_PTR/SIZE_T)は x64 前提で :int64/:uint64。x86 では :int32/:uint32。
use Win32::API;
my $AuthzOpenObjectAudit = Win32::API::More->new('AUTHZ',
    'BOOL AuthzOpenObjectAudit(DWORD Flags, HANDLE hAuthzClientContext, LPVOID pRequest, HANDLE hAuditEvent, HANDLE pSecurityDescriptor, HANDLE OptionalSecurityDescriptorArray, DWORD OptionalSecurityDescriptorCount, LPVOID pReply)');
# my $ret = $AuthzOpenObjectAudit->Call($Flags, $hAuthzClientContext, $pRequest, $hAuditEvent, $pSecurityDescriptor, $OptionalSecurityDescriptorArray, $OptionalSecurityDescriptorCount, $pReply);
# Flags : DWORD -> DWORD
# hAuthzClientContext : AUTHZ_CLIENT_CONTEXT_HANDLE -> HANDLE
# pRequest : AUTHZ_ACCESS_REQUEST* -> LPVOID
# hAuditEvent : AUTHZ_AUDIT_EVENT_HANDLE -> HANDLE
# pSecurityDescriptor : PSECURITY_DESCRIPTOR -> HANDLE
# OptionalSecurityDescriptorArray : PSECURITY_DESCRIPTOR* optional -> HANDLE
# OptionalSecurityDescriptorCount : DWORD -> DWORD
# pReply : AUTHZ_ACCESS_REPLY* -> LPVOID
# 値渡し構造体は pack() した文字列、または Win32::API::Struct を使用。

関連項目

使用する型