Skip to content

Commit a6c1fdf

Browse files
yjhmelodyyjhmelody
committed
sys/windows: add GetExplicitEntriesFromAcl
1 parent 50db343 commit a6c1fdf

File tree

2 files changed

+34
-0
lines changed

2 files changed

+34
-0
lines changed

windows/security_windows.go

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1122,6 +1122,7 @@ type OBJECTS_AND_NAME struct {
11221122
//sys SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) = advapi32.SetSecurityInfo
11231123
//sys getNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetNamedSecurityInfoW
11241124
//sys SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetNamedSecurityInfoW
1125+
//sys getExplicitEntriesFromAclW(acl *ACL, countAccessEntries uint32, accessEntries *EXPLICIT_ACCESS) (ret error) = advapi32.GetExplicitEntriesFromAclW
11251126

11261127
//sys buildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, countAccessEntries uint32, accessEntries *EXPLICIT_ACCESS, countAuditEntries uint32, auditEntries *EXPLICIT_ACCESS, oldSecurityDescriptor *SECURITY_DESCRIPTOR, sizeNewSecurityDescriptor *uint32, newSecurityDescriptor **SECURITY_DESCRIPTOR) (ret error) = advapi32.BuildSecurityDescriptorW
11271128
//sys initializeSecurityDescriptor(absoluteSD *SECURITY_DESCRIPTOR, revision uint32) (err error) = advapi32.InitializeSecurityDescriptor
@@ -1374,6 +1375,30 @@ func GetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, security
13741375
return winHeapSD.copySelfRelativeSecurityDescriptor(), nil
13751376
}
13761377

1378+
// GetExplicitEntriesFromAcl queries the explicit entries from a given ACL
1379+
func GetExplicitEntriesFromAcl(acl *ACL) ([]EXPLICIT_ACCESS, error) {
1380+
var entries *EXPLICIT_ACCESS
1381+
var size uint32
1382+
err := getExplicitEntriesFromAclW(
1383+
acl,
1384+
size,
1385+
entries,
1386+
)
1387+
if err != nil {
1388+
return nil, err
1389+
}
1390+
1391+
defer LocalFree((Handle)(unsafe.Pointer(entries)))
1392+
1393+
var accesses []EXPLICIT_ACCESS
1394+
for i := 0; i < int(size); i++ {
1395+
accesses = append(accesses, *entries)
1396+
entries = (*EXPLICIT_ACCESS)(unsafe.Pointer((uintptr(unsafe.Pointer(entries)) + unsafe.Sizeof(*entries))))
1397+
}
1398+
1399+
return accesses, nil
1400+
}
1401+
13771402
// BuildSecurityDescriptor makes a new security descriptor using the input trustees, explicit access lists, and
13781403
// prior security descriptor to be merged, any of which can be nil, returning the self-relative security descriptor
13791404
// result on the Go heap.

windows/zsyscall_windows.go

Lines changed: 9 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)