winpipe: enforce ownership of client connection

author: Jason A. Donenfeld <Jason@zx2c4.com> 2019-08-30 13:21:47 -0600
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2019-08-30 13:21:47 -0600
commit: e4b957183c4a330f020f5188f3b30b59355efb80 (patch)
tree: d6006fcdd00f381eefdcddac8b21235668f55d65 /ipc/winpipe/zsyscall_windows.go
parent: 950ca2ba8c026be809ced2438f89ec9146734cf7 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/ipc/winpipe/zsyscall_windows.go b/ipc/winpipe/zsyscall_windows.go
index b8eedb4..ecf3e84 100644
--- a/ipc/winpipe/zsyscall_windows.go
+++ b/ipc/winpipe/zsyscall_windows.go
@@ -55,6 +55,8 @@ var (
 	procConvertStringSecurityDescriptorToSecurityDescriptorW = modadvapi32.NewProc("ConvertStringSecurityDescriptorToSecurityDescriptorW")
 	procLocalFree                                            = modkernel32.NewProc("LocalFree")
 	procGetSecurityDescriptorLength                          = modadvapi32.NewProc("GetSecurityDescriptorLength")
+	procGetSecurityInfo                                      = modadvapi32.NewProc("GetSecurityInfo")
+	procEqualSid                                             = modadvapi32.NewProc("EqualSid")
 	procCancelIoEx                                           = modkernel32.NewProc("CancelIoEx")
 	procCreateIoCompletionPort                               = modkernel32.NewProc("CreateIoCompletionPort")
 	procGetQueuedCompletionStatus                            = modkernel32.NewProc("GetQueuedCompletionStatus")
@@ -206,6 +208,20 @@ func getSecurityDescriptorLength(sd uintptr) (len uint32) {
 	return
 }
 
+func getSecurityInfo(handle syscall.Handle, objectType uint32, securityInformation uint32, owner **syscall.SID, group **syscall.SID, dacl *uintptr, sacl *uintptr, sd *uintptr) (ret error) {
+	r0, _, _ := syscall.Syscall9(procGetSecurityInfo.Addr(), 8, uintptr(handle), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), uintptr(unsafe.Pointer(sd)), 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func equalSid(sid1 *syscall.SID, sid2 *syscall.SID) (isEqual bool) {
+	r0, _, _ := syscall.Syscall(procEqualSid.Addr(), 2, uintptr(unsafe.Pointer(sid1)), uintptr(unsafe.Pointer(sid2)), 0)
+	isEqual = r0 != 0
+	return
+}
+
 func cancelIoEx(file syscall.Handle, o *syscall.Overlapped) (err error) {
 	r1, _, e1 := syscall.Syscall(procCancelIoEx.Addr(), 2, uintptr(file), uintptr(unsafe.Pointer(o)), 0)
 	if r1 == 0 {
author	Jason A. Donenfeld <Jason@zx2c4.com>	2019-08-30 13:21:47 -0600
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2019-08-30 13:21:47 -0600
commit	e4b957183c4a330f020f5188f3b30b59355efb80 (patch)
tree	d6006fcdd00f381eefdcddac8b21235668f55d65 /ipc/winpipe/zsyscall_windows.go
parent	950ca2ba8c026be809ced2438f89ec9146734cf7 (diff)